ansible-borgbackup/tasks/management.yml
2018-08-30 23:37:26 +02:00

56 lines
1.8 KiB
YAML

---
- name: management | put management station prune script
template:
src: prune.sh.j2
dest: "~{{ borgbackup_management_user }}/prune.sh"
owner: "{{ borgbackup_management_user }}"
group: "{{ borgbackup_management_user }}"
mode: 0700
- name: management | put management sshpubkey on the normal backupserver
authorized_key:
user: "{{ item.user }}"
key: "{{ borgbackup_management_ssh_pubkey }}"
delegate_to: "{{ item.fqdn }}"
when: item.type == 'normal'
with_items: "{{ borgbackup_servers }}"
# rsync.net has no python, so we can only use raw to manage ssh keys - workaround with local tmp file
- name: management | get rsync.net authorized_keys file
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/rsync.net-{{ item.fqdn }}-authkeys
delegate_to: localhost
become: false
when: item.type == 'rsync.net'
with_items: "{{ borgbackup_servers }}"
changed_when: false
- name: management | modify local rsync.net authorized_keys
authorized_key:
user: "{{ ansible_user_id }}"
key: "{{ borgbackup_management_ssh_pubkey }}"
path: "/tmp/rsync.net-{{ item.fqdn }}-authkeys"
manage_dir: false
delegate_to: localhost
become: false
when: item.type == 'rsync.net'
with_items: "{{ borgbackup_servers }}"
register: authkeys
- name: management | upload local authorized_keys to rsync.net
raw: scp /tmp/rsync.net-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
delegate_to: localhost
become: false
when: item.type == 'rsync.net' and authkeys.changed
with_items: "{{ borgbackup_servers }}"
- name: management | remove tmp authorized_keys files
file:
path: /tmp/rsync.net-{{ item.fqdn }}-authkeys
state: absent
delegate_to: localhost
become: false
with_items: "{{ borgbackup_servers }}"
when: authkeys.changed
changed_when: false