Add sojus borgbackup server
This commit is contained in:
Daniel A. Maierhofer
8
roles/sojus/defaults/main.yml
Normal file
8
roles/sojus/defaults/main.yml
Normal file
@@ -0,0 +1,8 @@
|
||||
---
|
||||
user: backup
|
||||
group: backup
|
||||
home: /home/backup
|
||||
pool: "{{ home }}/repos"
|
||||
auth_users:
|
||||
- host: maria-storage
|
||||
key: "{{ lookup('file', 'maria-storage.pub') }}"
|
||||
3
roles/sojus/tasks/main.yml
Normal file
3
roles/sojus/tasks/main.yml
Normal file
@@ -0,0 +1,3 @@
|
||||
---
|
||||
- import_tasks: sojus.yml
|
||||
tags: [ sojus ]
|
||||
52
roles/sojus/tasks/sojus.yml
Normal file
52
roles/sojus/tasks/sojus.yml
Normal file
@@ -0,0 +1,52 @@
|
||||
---
|
||||
- name: borg - install packages
|
||||
package: "name={{ item }} state=latest update_cache=yes"
|
||||
with_items:
|
||||
- python3
|
||||
- python3-devel
|
||||
- python3-pip
|
||||
- python3-virtualenv
|
||||
- libressl-devel
|
||||
- acl-devel
|
||||
- fuse3-devel
|
||||
- pkg-config
|
||||
|
||||
- name: borg - pip3 install
|
||||
pip: name=pip executable=pip3 state=latest
|
||||
|
||||
- name: borg - install
|
||||
pip: name=borg executable=pip3 state=latest
|
||||
|
||||
- name: borg - create group
|
||||
group: "name={{ group }} state=present"
|
||||
|
||||
- name: borg - create user
|
||||
user: "name={{ user }} shell=/bin/bash home={{ home }} createhome=yes group={{ group }} groups= state=present"
|
||||
|
||||
- name: borg - create user home
|
||||
file: "path={{ home }} owner={{ user }} group={{ group }} mode=0700 state=directory"
|
||||
|
||||
- name: borg - create user .ssh
|
||||
file: "path={{ home }}/.ssh owner={{ user }} group={{ group }} mode=0700 state=directory"
|
||||
|
||||
- name: borg - deploy authorized keys
|
||||
authorized_key:
|
||||
user: "{{ user }}"
|
||||
key: "{{ item.key }}"
|
||||
key_options: 'command="cd {{ pool }}/{{ item.host }};borg serve --append-only --restrict-to-path {{ pool }}/{{ item.host }}",restrict'
|
||||
with_items: "{{ auth_users }}"
|
||||
|
||||
- name: borg - deploy authorized keys permissions
|
||||
file: "path={{ home }}/.ssh/authorized_keys owner={{ user }} group={{ group }} mode=0600 state=file"
|
||||
|
||||
- name: borg - create repos dir
|
||||
file: "path={{ pool }} owner={{ user }} group={{ group }} mode=0700 state=directory"
|
||||
|
||||
- name: borg - create repo dir
|
||||
file: "path={{ pool }}/{{ item.host }} owner={{ user }} group={{ group }} mode=0700 state=directory"
|
||||
with_items: "{{ auth_users }}"
|
||||
|
||||
- name: borg - create repo
|
||||
command: borg init -e none "{{ pool }}/{{ item.host }}"
|
||||
creates: "{{ pool }}/{{ item.host }}/config"
|
||||
with_items: "{{ auth_users }}"
|
||||
Reference in New Issue
Block a user