Enable borgmatic timer and generate root SSH key for borg server
The role now ensures the systemd timer is running (so backups actually fire on the schedule borgmatic ships by default) and generates an ed25519 key for root that can be authorized on the remote borg server. Also adds a testipaclient entry to backup_hosts. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -28,3 +28,22 @@
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0640'
|
||||
|
||||
- name: Ensure root has an SSH key for the borg server
|
||||
ansible.builtin.user:
|
||||
name: root
|
||||
generate_ssh_key: true
|
||||
ssh_key_type: ed25519
|
||||
ssh_key_file: .ssh/id_ed25519
|
||||
ssh_key_comment: "borgmatic@{{ inventory_hostname }}"
|
||||
register: root_ssh
|
||||
|
||||
- name: Show root's SSH public key (add this to the borg server's authorized_keys)
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ root_ssh.ssh_public_key }}"
|
||||
|
||||
- name: Enable and start borgmatic timer
|
||||
ansible.builtin.systemd:
|
||||
name: borgmatic.timer
|
||||
enabled: true
|
||||
state: started
|
||||
|
||||
Reference in New Issue
Block a user