mirror of
https://github.com/borgbase/ansible-role-borgbackup.git
synced 2025-06-02 01:17:19 +02:00
41 lines
1.3 KiB
YAML
41 lines
1.3 KiB
YAML
---
|
|
# In this Play an ssh key pair is created for login to the backup server and secure data transfer.
|
|
# We do not want the possibly existing key to be used/distributed,
|
|
# so a backup-specific (backup/backup.pub) one is created.
|
|
- name: Create ssh-key (if neeeded) for {{ borgbackup_user }}
|
|
tags:
|
|
- install_backup
|
|
block:
|
|
- name: Ensire directory exist
|
|
ansible.builtin.file:
|
|
path: "{{ backup_user_info.home }}/.ssh/"
|
|
state: directory
|
|
mode: "0700"
|
|
owner: "{{ borgbackup_user }}"
|
|
group: "{{ borgbackup_group }}"
|
|
|
|
- name: Generate an OpenSSH keypair
|
|
community.crypto.openssh_keypair:
|
|
path: "{{ backup_user_info.home }}/.ssh/backup"
|
|
mode: "0600"
|
|
type: "{{ borg_ssh_key_type }}"
|
|
owner: "{{ borgbackup_user }}"
|
|
group: "{{ borgbackup_group }}"
|
|
|
|
- name: Set key permission
|
|
ansible.builtin.file:
|
|
path: "{{ backup_user_info.home }}/.ssh/backup.pub"
|
|
mode: "0644"
|
|
owner: "{{ borgbackup_user }}"
|
|
group: "{{ borgbackup_group }}"
|
|
|
|
- name: Read ssh key
|
|
ansible.builtin.slurp:
|
|
src: "{{ backup_user_info.home }}/.ssh/backup.pub"
|
|
register: backup_local_ssh_key
|
|
|
|
- name: Print key
|
|
ansible.builtin.debug:
|
|
msg: "The generated key is: {{ backup_local_ssh_key['content'] | b64decode }}"
|
|
...
|