From 202d6c3ef9d6dc826205b6a81b184054d8e93e51 Mon Sep 17 00:00:00 2001 From: phil Date: Sun, 9 Apr 2023 10:05:37 +0200 Subject: [PATCH] Enable configuration of borg user --- README.md | 6 +++--- defaults/main.yml | 9 +++++---- tasks/borg.yml | 1 + tasks/ssh.yml | 16 ++++++++++++++-- 4 files changed, 23 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 3c296a8..6a21b21 100644 --- a/README.md +++ b/README.md @@ -70,6 +70,9 @@ Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Ho - `borg_ssh_key_file_path`: SSH-key to be used. Default `~/.ssh/{{ borg_ssh_key_name }}` - `borg_ssh_key_type`: The algorithm used to generate the SSH private key. Choose: `rsa`, `dsa`, `rsa1`, `ecdsa`, `ed25519`. Default: `ed25519` - `borg_ssh_command`: Command to use instead of just "ssh". This can be used to specify SSH options. +- `borg_user`: Name of the User to create Backups. Defeaults to `root`. +- `borg_group`: Name of the Group to create Backups. Defaults to `root`. +- `borg_user_ssh_config_path`: Path of you SSH config file. Defaults to `/root/.ssh/config`. #### Borgbase Variables - `borgbase_api_key`: API key to interact with borgbase.com` @@ -87,9 +90,6 @@ Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Ho - `borgmatic_store_ctime`: Store ctime into archive. Defaults to `true` - `borgmatic_version`: Force a specific borgmatic version to be installed -#### Misc Variables -- `ssh_config_path`: Path of you SSH config file. Defaults to `/root/.ssh/config`. - ## Credits This role is based on [Ansible Role: BorgBackup Client](https://github.com/borgbase/ansible-role-borgbackup). diff --git a/defaults/main.yml b/defaults/main.yml index 02d6492..a45057d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -4,9 +4,9 @@ borg_exclude_patterns: [] borg_one_file_system: true borg_exclude_from: [] borg_encryption_passcommand: false -borg_key_export_path: "/root/borg_keys" +borg_key_export_path: "{{ borg_user }}/borg_keys" borg_lock_wait_time: 5 -borg_ssh_key_file_path: "/root/.ssh/{{ borg_ssh_key_name }}" +borg_ssh_key_file_path: "{{ borg_user }}/.ssh/{{ borg_ssh_key_name }}" borg_ssh_key_name: borgbackup borg_ssh_key_type: "ed25519" borg_ssh_command: false @@ -18,6 +18,9 @@ borg_retention_policy: keep_daily: 7 keep_weekly: 4 keep_monthly: 6 +borg_user: root +borg_group: root +borg_user_ssh_config_path: "{{ borg_user }}/.ssh/config" borgmatic_timer_cron_name: "borgmatic" borgmatic_timer_hour: "{{ range(0, 5) | random(seed=inventory_hostname) }}" @@ -42,5 +45,3 @@ borgmatic_check_last: 3 borgmatic_store_atime: true borgmatic_store_ctime: true borgmatic_relocated_repo_access_is_ok: false - -ssh_config_path: /root/.ssh/config diff --git a/tasks/borg.yml b/tasks/borg.yml index 0f3c8a5..affb65b 100644 --- a/tasks/borg.yml +++ b/tasks/borg.yml @@ -15,6 +15,7 @@ name: "{{ borgmatic_timer_cron_name }}" hour: "{{ borgmatic_timer_hour }}" minute: "{{ borgmatic_timer_minute }}" + user: "{{ borg_user }}" cron_file: "{{ borgmatic_timer_cron_name }}" job: "borgmatic -c /etc/borgmatic/{{ borgmatic_config_name }} >/dev/null" diff --git a/tasks/ssh.yml b/tasks/ssh.yml index f8c9051..202f042 100644 --- a/tasks/ssh.yml +++ b/tasks/ssh.yml @@ -1,18 +1,30 @@ --- +- name: "SSH | Ensure directory exist" + ansible.builtin.file: + path: "{{ borg_user }}/.ssh/" + state: directory + mode: "0700" + owner: "{{ borg_user }}" + group: "{{ borg_group }}" + - name: "SSH | Generate an OpenSSH keypair" community.crypto.openssh_keypair: path: "{{ borg_ssh_key_file_path }}" type: "{{ borg_ssh_key_type }}" + owner: "{{ borg_user }}" + group: "{{ borg_group }}" - name: "SSH | Ensure configuration file is present" ansible.builtin.file: - path: "{{ ssh_config_path }}" + path: "{{ borg_user_ssh_config_path }}" state: touch mode: "644" + owner: "{{ borg_user }}" + group: "{{ borg_group }}" - name: "SSH | Insert borgbase configuration" ansible.builtin.blockinfile: - path: "{{ ssh_config_path }}" + path: "{{ borg_user_ssh_config_path }}" marker: "### {mark} ANSIBLE MANAGED BLOCK" block: | Host *.repo.borgbase.com