From 7e7a8e28a6006d66ff29ab68955d4590980370d8 Mon Sep 17 00:00:00 2001 From: SebClem Date: Fri, 17 Feb 2023 14:28:38 +0100 Subject: [PATCH] Add base --- defaults/main.yml | 10 ++++++++ tasks/configure.yml | 62 +++++++++++++++++++++++++++++++++++++++++++++ tasks/main.yml | 3 +++ tasks/preflight.yml | 13 ++++++++++ vars/main.yml | 8 ++++++ 5 files changed, 96 insertions(+) create mode 100644 tasks/configure.yml create mode 100644 tasks/preflight.yml diff --git a/defaults/main.yml b/defaults/main.yml index b9f11b7..53a01ce 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,2 +1,12 @@ --- # defaults file for ${REPO_NAME_TITLE} + +borg_version: false +user: backup +group: backup +home: /home/backup +pool: "{{ home }}/repos" +auth_users: + [] + # - host: johndoe.clnt.local + # key: "{{ lookup('file', '/path/to/keys/johndoe.clnt.local.pub') }}" diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..158245f --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,62 @@ +--- +- name: Create Group + ansible.builtin.group: + name: "{{ group }}" + state: present + +- name: Create user + ansible.builtin.user: + name: "{{ user }}" + shell: /bin/bash + home: "{{ home }}" + createhome: true + group: "{{ group }}" + state: present + +- name: Ensure home dir is present + ansible.builtin.file: + path: "{{ home }}" + owner: "{{ user }}" + group: "{{ group }}" + mode: 0700 + state: directory + +- name: Ensure ssh dir is present + ansible.builtin.file: + path: "{{ home }}/.ssh" + owner: "{{ user }}" + group: "{{ group }}" + mode: 0700 + state: directory + +- name: Ensure pool dir is present + ansible.builtin.file: + path: "{{ pool }}" + owner: "{{ user }}" + group: "{{ group }}" + mode: 0700 + state: directory + +- name: Create autorized key entry + ansible.posix.authorized_key: + user: "{{ user }}" + key: "{{ item.key }}" + key_options: 'command="cd {{ pool }}/{{ item.host }};borg serve --restrict-to-path {{ pool }}/{{ item.host }}",restrict' + with_items: "{{ auth_users }}" + +- name: Ensure permission on authorized_keys file + ansible.builtin.file: + path: "{{ home }}/.ssh/authorized_keys" + owner: "{{ user }}" + group: "{{ group }}" + mode: 0600 + state: file + +- name: Ensure host pool dir is present + ansible.builtin.file: + path: "{{ pool }}/{{ item.host }}" + owner: "{{ user }}" + group: "{{ group }}" + mode: 0700 + state: directory + with_items: "{{ auth_users }}" diff --git a/tasks/main.yml b/tasks/main.yml index 9b1357d..f4597a8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,2 +1,5 @@ --- # tasks file for Ansible-Borg-Server-Role +- name: Install Borg + ansible.builtin.include_tasks: + file: preflight.yml diff --git a/tasks/preflight.yml b/tasks/preflight.yml new file mode 100644 index 0000000..e698986 --- /dev/null +++ b/tasks/preflight.yml @@ -0,0 +1,13 @@ +--- +- name: Install dependent Python Packages + ansible.builtin.pip: + name: "{{ borg_dependent_python_packages }}" + virtualenv: /opt/borgmatic + when: borg_dependent_python_packages is defined + +- name: Install main Python Packages + ansible.builtin.pip: + name: "{{ item.name }}" + version: "{{ item.version | default(omit, true) }}" + when: borg_python_packages is defined + loop: "{{ borg_python_packages }}" diff --git a/vars/main.yml b/vars/main.yml index 6c46462..f7bfdbd 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,2 +1,10 @@ --- # vars file for Ansible-Borg-Server-Role + +borg_dependent_python_packages: + - cython + - pkgconfig + +borg_python_packages: + - name: borgbackup + version: "{{ borg_version }}"