Skip to content
Snippets Groups Projects
Select Git revision
  • master
  • renovate/configure
  • v3.x
  • separator-fix
  • v4.4.1
  • v4.4.0
  • v4.3.0
  • v4.2.0
  • v4.1.0
  • v4.0.1
  • v4.0.0
  • v3.1.4
  • v3.1.3
  • v3.1.2
  • v3.1.1
  • v3.1.0
  • v3.0.0
  • v2.0.1
  • v2.0.0
  • v1.6.0
  • v1.5.2
  • v1.5.1
  • v1.5
  • v1.5.0
24 results

main.yml

Blame
    • David Mehren's avatar
    Add Debian 12 workaround
    David Mehren authored
    e6aff771
    History
    David Mehren's avatar e6aff771
    History
    Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    main.yml 3.51 KiB 
    ---
- name: Generate SSH key
  ansible.builtin.user:
    name: root
    generate_ssh_key: true
    ssh_key_type: ed25519

- name: Get public key
  ansible.builtin.command: "cat /root/.ssh/id_ed25519.pub"
  register: hostkey
  changed_when: false

- name: Create Repo on backup target
  ansible.builtin.import_tasks: onserver.yml
  vars:
    borgbackup_source_key: "{{ hostkey.stdout }}"
    borgbackup_source_host: "{{ ansible_hostname }}"
  delegate_to: "{{ borgbackup_target_host }}"

- name: Check if Repo already exists
  ansible.builtin.stat:
    path: "{{ hostvars[borgbackup_target_host]['borgbackup_pool'] | default(borgbackup_pool) }}/{{ ansible_hostname }}/{{ borgbackup_repo_path }}/config"
  register: repo
  delegate_to: "{{ borgbackup_target_host }}"

- name: Gather facts for backup target
  ansible.builtin.setup:
  delegate_to: "{{ borgbackup_target_host }}"
  delegate_facts: true
  when: hostvars[borgbackup_target_host]['ansible_default_ipv4'] is not defined

- name: Set target IP
  ansible.builtin.set_fact:
    borgbackup_target_ip: "{{ borgbackup_target_ip | default(hostvars[borgbackup_target_host]['ansible_default_ipv4']['address'], true) }}"

- name: Add backup target key to known hosts
  ansible.builtin.known_hosts:
    name: "{{ borgbackup_target_ip }}"
    key: "{{ borgbackup_target_ip }} ssh-ed25519 {{ hostvars[borgbackup_target_host]['ansible_ssh_host_key_ed25519_public'] }}"

- name: Create Borg Repo
  ansible.builtin.command: "borg init -e repokey {{ borgbackup_target_user }}@{{ borgbackup_target_ip }}:{{ borgbackup_repo_path }}"
  environment:
    BORG_PASSPHRASE: "{{ borgbackup_enable_encryption | ternary(borgbackup_key, '') }}"
  when: not repo.stat.exists

- name: Install borgmatic  # noqa package-latest
  ansible.builtin.pip:
    name: borgmatic
    state: latest
    executable: pip3
    extra_args: "{{ (ansible_distribution_release == 'bookworm') | ternary('--break-system-packages', '') }}"

- name: Create borgmatic config folder
  ansible.builtin.file:
    path: /etc/borgmatic
    state: directory
    owner: root
    group: root
    mode: 0750

- name: Copy borgmatic config
  ansible.builtin.template:
    src: config.yaml.j2
    dest: /etc/borgmatic/config.yaml
    mode: 0600

- name: Add borgbackup service
  ansible.builtin.copy:
    src: "borgbackup.service"