ansible-role-borgbackup/tasks/main.yml

---
- name: Include OS-specific variables
  include_vars: '{{ ansible_pkg_mgr }}.yml'

- name: Run OS-specific setup
  include: "{{ ansible_pkg_mgr }}.yml"

- name: Install required System Packages
  package:
    pkg: "{{ item }}"
    state: present
  with_items: "{{ borg_packages }}"

- name: Update setuptools if needed
  tags: skip_ansible_lint
  pip:
    name: setuptools
    state: latest
    executable: "{{ pip_bin }}"

- name: Install required Python Packages
  pip:
    name: "{{ borg_python_packages }}"
    executable: "{{ pip_bin }}"

- name: Ensure root has SSH key.
  user:
    name: "root"
    generate_ssh_key: yes
    ssh_key_file: "{{ ssh_key_file }}"
    ssh_key_type: ed25519
  register: root_user

- debug:
    var: root_user['ssh_public_key']

- name: Create new repository for server
  borgbase:
    repository_name: "{{ bb_repo_name }}"
    token: "{{ bb_token }}"
    new_ssh_key: "{{ bb_new_sshkey }}"
    ssh_key: "{{ bb_sshkey }}"
    append_only: "{{ bb_append }}"
    quota_enable: "{{ bb_quota }}"
    quota: "{{ bb_quota_size }}"
    region: "{{ bb_region }}"
    alertdays: "{{ bb_alertdays }}"
  delegate_to: localhost
  become: no
  register: repo_creation
  when: create_repo

- name: Set Repository Fact
  set_fact:
    borg_repository: "{{ repo_creation['data']['repoPath'] }}"
  when: create_repo

- name: Ensures /etc/borgmatic exists
  file:
    path: /etc/borgmatic
    state: directory
    mode: 0700
    owner: root

- name: Add Borgmatic Configuration
  template:
    src: config.yaml.j2
    dest: "/etc/borgmatic/{{ borgmatic_config_name }}"
    mode: 0600

- name: Add cron-job for borgmatic (large repo, create and check separate)
  tags: molecule-idempotence-notest
  block:
    - name: Add cron job for regular create and prune
      cron:
        name: "borgmatic"
        hour: "{{ 6 |random }}"
        minute: "{{ 59 |random }}"
        user: "root"
        cron_file: borgmatic
        job: "/usr/local/bin/borgmatic -c /etc/borgmatic/{{ borgmatic_config_name }} --create --prune"
    - name: Add cron job for infrequent checks
      cron:
        name: "borgmatic-check"
        day: "{{ 28 | random }}"
        hour: "{{ range(7, 24) | random }}"
        minute: "{{ 59 | random }}"
        user: "root"
        cron_file: borgmatic
        job: "/usr/local/bin/borgmatic -c /etc/borgmatic/{{ borgmatic_config_name }}"
  when: borgmatic_large_repo

- name: Add cron-job for borgmatic (normal-sized repo)
  tags: molecule-idempotence-notest
  block:
    - name: Add cron job for create, check and prune
      cron:
        name: "borgmatic"
        hour: "{{ 6 | random }}"
        minute: "{{ 59 | random }}"
        user: "root"
        cron_file: borgmatic
        job: "/usr/local/bin/borgmatic"
    - name: Ensure separate check cron job is absent
      cron:
        name: "borgmatic-check"
        state: absent
  when: not borgmatic_large_repo

- name: Set PATH for borgmatic cron job.
  cron:
    user: "root"
    cron_file: borgmatic
    name: PATH
    env: yes
    value: /usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin