56 lines
1.8 KiB
YAML
56 lines
1.8 KiB
YAML
---
|
|
- name: management | put management station prune script
|
|
template:
|
|
src: prune.sh.j2
|
|
dest: "~{{ borgbackup_management_user }}/prune.sh"
|
|
owner: "{{ borgbackup_management_user }}"
|
|
group: "{{ borgbackup_management_user }}"
|
|
mode: 0700
|
|
|
|
- name: management | put management sshpubkey on the normal backupserver
|
|
authorized_key:
|
|
user: "{{ item.user }}"
|
|
key: "{{ borgbackup_management_ssh_pubkey }}"
|
|
delegate_to: "{{ item.fqdn }}"
|
|
when: item.type == 'normal'
|
|
with_items: "{{ borgbackup_servers }}"
|
|
|
|
|
|
# rsync.net has no python, so we can only use raw to manage ssh keys - workaround with local tmp file
|
|
- name: management | get rsync.net authorized_keys file
|
|
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
|
delegate_to: localhost
|
|
become: false
|
|
when: item.type == 'rsync.net'
|
|
with_items: "{{ borgbackup_servers }}"
|
|
changed_when: false
|
|
|
|
- name: management | modify local rsync.net authorized_keys
|
|
authorized_key:
|
|
user: "{{ ansible_user_id }}"
|
|
key: "{{ borgbackup_management_ssh_pubkey }}"
|
|
path: "/tmp/rsync.net-{{ item.fqdn }}-authkeys"
|
|
manage_dir: false
|
|
delegate_to: localhost
|
|
become: false
|
|
when: item.type == 'rsync.net'
|
|
with_items: "{{ borgbackup_servers }}"
|
|
register: authkeys
|
|
|
|
- name: management | upload local authorized_keys to rsync.net
|
|
raw: scp /tmp/rsync.net-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
|
|
delegate_to: localhost
|
|
become: false
|
|
when: item.type == 'rsync.net' and authkeys.changed
|
|
with_items: "{{ borgbackup_servers }}"
|
|
|
|
- name: management | remove tmp authorized_keys files
|
|
file:
|
|
path: /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
|
state: absent
|
|
delegate_to: localhost
|
|
become: false
|
|
with_items: "{{ borgbackup_servers }}"
|
|
when: authkeys.changed
|
|
changed_when: false
|