--- - name: check available SSH key types shell: ssh -Q key 2>/dev/null || echo "ssh-rsa" register: borgbackup_register_key_types changed_when: False check_mode: no - name: generate backup ssh-key user: name: root ssh_key_file: "{{ borgbackup_client_ssh_key_file }}" ssh_key_type: "{{ borgbackup_client_ssh_key_type }}" ssh_key_comment: "{{ borgbackup_client_ssh_key_comment }}" ssh_key_bits: 4096 generate_ssh_key: yes - name: fetch backup ssh-pubkey command: "cat {{ borgbackup_client_ssh_key_file }}.pub" check_mode: no register: borgbackup_client_ssh_pubkey_file changed_when: False - name: add ssh-pubkey to backup server delegate_to: "{{ borgbackup_client_backup_server }}" # Start the delegate from the ansible master to avoid distributing more keys connection: local authorized_key: user: "{{ borgbackup_server_user }}" key: "{{ borgbackup_client_ssh_pubkey_file.stdout }}" key_options: 'command="cd {{ borgbackup_server_pool }}/{{ inventory_hostname }};borg serve --restrict-to-path {{ borgbackup_server_pool }}/{{ inventory_hostname }}",restrict' - name: create repo path for host delegate_to: "{{ borgbackup_client_backup_server }}" # Start the delegate from the ansible master to avoid distributing more keys connection: local file: path: "{{ borgbackup_server_pool }}/{{ inventory_hostname }}" owner: "{{ borgbackup_server_user }}" group: "{{ borgbackup_server_group }}" mode: 0700 state: directory - name: backup scripts dir file: path: "{{ borgbackup_client_scripts_dir }}" owner: root group: root mode: 0750 state: directory - name: backup supervision lastlog dir file: path: "{{ borgbackup_client_lastlog_dir }}" owner: root group: root mode: 0755 state: directory - name: check if the repositories already exist command: "{{ borgbackup_binary }} list {{ borgbackup_server_user }}@{{ borgbackup_client_backup_server_lanfreebackup | default(borgbackup_client_backup_server) }}:{{ item.name }}" environment: - BORG_RSH: "ssh -o StrictHostKeyChecking=no -i {{ borgbackup_client_ssh_key_file }}" - BORG_PASSPHRASE: "{{ borgbackup_passphrase }}" with_items: "{{ borgbackup_create_jobs }}" register: list_repos failed_when: False changed_when: False check_mode: no - name: initialize empty list of initialized repositories set_fact: initialized_repos: [] - name: store only initialized repositories in the list set_fact: initialized_repos: "{{ initialized_repos }} + [ '{{ item.item.name }}' ]" with_items: "{{ list_repos.results }}" when: item.rc == 0 - name: initialize repositories command: "{{ borgbackup_binary }} init --encryption {{ borgbackup_encryption_mode }} {{ borgbackup_server_user }}@{{ borgbackup_client_backup_server_lanfreebackup | default(borgbackup_client_backup_server) }}:{{ item.name }}" environment: - BORG_RSH: "ssh -o StrictHostKeyChecking=no -i {{ borgbackup_client_ssh_key_file }}" - BORG_PASSPHRASE: "{{ borgbackup_passphrase }}" with_items: "{{ borgbackup_create_jobs }}" register: borgbackup_initialize_result failed_when: (borgbackup_initialize_result.rc != 0) and (borgbackup_initialize_result.stderr != "") and ('already exists' not in borgbackup_initialize_result.stderr) when: item.name not in initialized_repos - name: generate filename for create / prune / check scripts set_fact: create_suffix_script_filename: "create_{{ borgbackup_client_backup_server.split('.')[0] }}" prune_suffix_script_filename: "prune_{{ borgbackup_client_backup_server.split('.')[0] }}" check_suffix_script_filename: "check_{{ borgbackup_client_backup_server.split('.')[0] }}" # # borg create scripts # - name: deploy borg create scripts template: dest: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.sh" src: create_job.sh.j2 owner: root group: root mode: 0700 with_items: "{{ borgbackup_create_jobs }}" - name: schedule borg create scripts on cron cron: name: "borg backup {{ item.name }}" user: root job: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.sh 2>&1 | /usr/bin/logger -t borgbackup" day: "{{ (item.day | default(1)) + (item.random_day | random(seed=item.name + check_suffix_script_filename + ansible_host))%28 if item.random_day is defined else item.day | default('*') }}" hour: "{{ (item.hour | default(1)) + (item.random_hour | random(seed=item.name + create_suffix_script_filename + ansible_host))%24 if item.random_hour is defined else item.hour | default(1) }}" minute: "{{ (item.minute | default(0)) + (item.random_minute | random(seed=ansible_host + item.name + create_suffix_script_filename))%60 if item.random_minute is defined else item.minute | default(0) }}" state: present cron_file: "borgbackup_{{ item.name }}_{{ create_suffix_script_filename }}" with_items: "{{ borgbackup_create_jobs }}" - name: deploy borg create fake logs, when no log yet shell: echo -ne "FAKE LOG\nterminating with success status, rc 0\n" | tee "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.lastlog" args: chdir: "{{ borgbackup_client_lastlog_dir }}" creates: "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.lastlog" with_items: "{{ borgbackup_create_jobs }}" # # borg prune scripts # - name: deploy borg prune scripts template: dest: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.sh" src: prune_job.sh.j2 owner: root group: root mode: 0700 with_items: "{{ borgbackup_prune_jobs }}" when: borgbackup_prune_enabled - name: schedule borg prune scripts on cron cron: name: "borg prune {{ item.name }}" user: root job: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.sh 2>&1 | /usr/bin/logger -t borgbackup" day: "{{ (item.day | default(1)) + (item.random_day | random(seed=item.name + check_suffix_script_filename + ansible_host))%28 if item.random_day is defined else item.day | default('*') }}" hour: "{{ (item.hour | default(1)) + (item.random_hour | random(seed=item.name + prune_suffix_script_filename + ansible_host))%24 if item.random_hour is defined else item.hour | default(2) }}" minute: "{{ (item.minute | default(0)) + (item.random_minute | random(seed=ansible_host + item.name + prune_suffix_script_filename))%60 if item.random_minute is defined else item.minute | default(0) }}" state: present cron_file: "borgbackup_{{ item.name }}_{{ prune_suffix_script_filename }}" with_items: "{{ borgbackup_prune_jobs }}" when: borgbackup_prune_enabled - name: deploy borg prune fake logs, when no log yet shell: echo -ne "FAKE LOG\nterminating with success status, rc 0\n" | tee "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.lastlog" args: chdir: "{{ borgbackup_client_lastlog_dir }}" creates: "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.lastlog" with_items: "{{ borgbackup_prune_jobs }}" # # borg check scripts # - name: deploy borg check scripts template: dest: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.sh" src: check_job.sh.j2 owner: root group: root mode: 0700 with_items: "{{ borgbackup_check_jobs }}" when: borgbackup_check_enabled - name: schedule borg check scripts on cron cron: name: "borg check {{ item.name }}" user: root job: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.sh 2>&1 | /usr/bin/logger -t borgbackup" day: "{{ (item.day | default(1)) + (item.random_day | random(seed=item.name + check_suffix_script_filename + ansible_host))%28 if item.random_day is defined else item.day | default(1) }}" hour: "{{ (item.hour | default(1)) + (item.random_hour | random(seed=item.name + check_suffix_script_filename + ansible_host))%24 if item.random_hour is defined else item.hour | default(3) }}" minute: "{{ (item.minute | default(0)) + (item.random_minute | random(seed=ansible_host + item.name + check_suffix_script_filename))%60 if item.random_minute is defined else item.minute | default(0) }}" state: present cron_file: "borgbackup_{{ item.name }}_{{ check_suffix_script_filename }}" with_items: "{{ borgbackup_check_jobs }}" when: borgbackup_check_enabled - name: deploy borg check fake logs, when no log yet shell: echo -ne "FAKE LOG\nterminating with success status, rc 0\n" | tee "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.lastlog" args: chdir: "{{ borgbackup_client_lastlog_dir }}" creates: "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.lastlog" with_items: "{{ borgbackup_check_jobs }}"