self-hosting/roles/borgmatic/tasks/main.yml

36 lines
810 B
YAML

---
- name: Install borgmatic
become: true
ansible.builtin.apt:
name: borgmatic
- name: Make sur /root/.ssh dir exists
become: true
ansible.builtin.file:
path: ~/.ssh
state: directory
owner: root
group: root
mode: 0700
- name: Create SSH key for root
become: true
ansible.builtin.command:
cmd: ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -N ''
creates: /root/.ssh/id_ed25519
- name: Slurp SSH pubkey for root
become: true
ansible.builtin.slurp:
src: ~/.ssh/id_ed25519.pub
register: ssh_pubkey
- name: Authorize root pubkey on backup server
delegate_to: "{{ backup_server }}"
become: true
become_user: borg
ansible.builtin.lineinfile:
path: ~/.ssh/authorized_keys
line: "{{ ssh_pubkey.content | b64decode | trim }}"
create: true