maethor/backups.yml

## backups.yml
---
- hosts: backup-servers
  tasks:
    - name: Install rdiff-backup
      apt: pkg=rdiff-backup state=installed
    - name: Install borgbackup
      apt: pkg=borgbackup state=installed

- hosts: all
  vars:
    backup_user: "backupninja-{{ client }}"
    backup_dir: "{{ hostvars[backup_server]['backup_home'] }}/{{ client }}"
  tasks:
    - name: Create backup user on remote server
      delegate_to: "{{ backup_server }}"
      user: name={{ backup_user }} groups=ssh system=yes home={{ backup_dir }}

    - name: Create borg repository on remote server
      delegate_to: "{{ backup_server }}"
      file: >
        path={{ backup_dir }}/borg
        state=directory
        owner={{ backup_user }}
        group={{ backup_user }}

    - name: Config root .ssh/config
      ssh_config: >
        user=root
        host=backups
        hostname={{ backup_server }}
        remote_user={{ backup_user }}
        state=present

    - name: Install backupninja
      apt: name={{ item }} state=present"
      with_items:
        - backupninja
        - rdiff-backup
        - pigz

    - name: Download borgbackup
      get_url: >
        url=https://github.com/borgbackup/borg/releases/download/{{ borg_version }}/borg-linux64
        dest=/usr/local/bin/borg-{{ borg_version }}
        owner=root
        group=root
        mode=0755

    - name: Link borgbackup executable
      file: >
        src=/usr/local/bin/borg-{{ borg_version }}
        dest=/usr/local/bin/borg
        owner=root
        group=root
        state=link

    # Home patch for borg
    - name: Copy backupninja borg
      copy: >
        src={{ item }}
        dest=/usr/share/backupninja/{{ item }}
      with_items:
        - borg
        #- borg.helper

    - name: Copy backupninja config
      template: >
        src=backupninja.conf.j2
        dest=/etc/backupninja.conf
        owner=root
        group=root
        mode=0644

    - name: Copy backupninja borg config
      template: >
        src=backupninja_borg.j2
        dest=/etc/backup.d/borg
        owner=root
        group=root
        mode=0600

    - name: Add backup host to known_host
      known_host: host={{ backup_server }} user=root state=present
    - name: Add backup host to known_host
      known_host: host={{ hostvars[backup_server]['ansible_default_ipv4']['address'] }} user=root state=present
    - name: Add backup host to known_host
      known_host: host={{ hostvars[backup_server]['ansible_default_ipv6']['address'] }} user=root state=present

- hosts: all
  serial: 1
  vars:
    backup_user: "backupninja-{{ client }}"
    backup_dir: "{{ hostvars[backup_server]['backup_home'] }}/{{ client }}"
  tasks:
    - name: Fetch public ssh key
      command: cat /root/.ssh/id_rsa.pub
      register: root_pub_key

    - name: Add public ssh key to backup account
      delegate_to: "{{ backup_server }}"
      authorized_key: >
        user={{ backup_user }}
        key="{{root_pub_key.stdout}}"
        key_options="command=\"cd {{ backup_dir }}/borg;borg serve --restrict-to-path {{ backup_dir }}/borg\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc"
	---
	- hosts: backup-servers
	tasks:
	- name: Install rdiff-backup
	apt: pkg=rdiff-backup state=installed
	- name: Install borgbackup
	apt: pkg=borgbackup state=installed

	- hosts: all
	vars:
	backup_user: "backupninja-{{ client }}"
	backup_dir: "{{ hostvars[backup_server]['backup_home'] }}/{{ client }}"
	tasks:
	- name: Create backup user on remote server
	delegate_to: "{{ backup_server }}"
	user: name={{ backup_user }} groups=ssh system=yes home={{ backup_dir }}

	- name: Create borg repository on remote server
	delegate_to: "{{ backup_server }}"
	file: >
	path={{ backup_dir }}/borg
	state=directory
	owner={{ backup_user }}
	group={{ backup_user }}

	- name: Config root .ssh/config
	ssh_config: >
	user=root
	host=backups
	hostname={{ backup_server }}
	remote_user={{ backup_user }}
	state=present

	- name: Install backupninja
	apt: name={{ item }} state=present"
	with_items:
	- backupninja
	- rdiff-backup
	- pigz

	- name: Download borgbackup
	get_url: >
	url=https://github.com/borgbackup/borg/releases/download/{{ borg_version }}/borg-linux64
	dest=/usr/local/bin/borg-{{ borg_version }}
	owner=root
	group=root
	mode=0755

	- name: Link borgbackup executable
	file: >
	src=/usr/local/bin/borg-{{ borg_version }}
	dest=/usr/local/bin/borg
	owner=root
	group=root
	state=link

	# Home patch for borg
	- name: Copy backupninja borg
	copy: >
	src={{ item }}
	dest=/usr/share/backupninja/{{ item }}
	with_items:
	- borg
	#- borg.helper

	- name: Copy backupninja config
	template: >
	src=backupninja.conf.j2
	dest=/etc/backupninja.conf
	owner=root
	group=root
	mode=0644

	- name: Copy backupninja borg config
	template: >
	src=backupninja_borg.j2
	dest=/etc/backup.d/borg
	owner=root
	group=root
	mode=0600

	- name: Add backup host to known_host
	known_host: host={{ backup_server }} user=root state=present
	- name: Add backup host to known_host
	known_host: host={{ hostvars[backup_server]['ansible_default_ipv4']['address'] }} user=root state=present
	- name: Add backup host to known_host
	known_host: host={{ hostvars[backup_server]['ansible_default_ipv6']['address'] }} user=root state=present

	- hosts: all
	serial: 1
	vars:
	backup_user: "backupninja-{{ client }}"
	backup_dir: "{{ hostvars[backup_server]['backup_home'] }}/{{ client }}"
	tasks:
	- name: Fetch public ssh key
	command: cat /root/.ssh/id_rsa.pub
	register: root_pub_key

	- name: Add public ssh key to backup account
	delegate_to: "{{ backup_server }}"
	authorized_key: >
	user={{ backup_user }}
	key="{{root_pub_key.stdout}}"
	key_options="command=\"cd {{ backup_dir }}/borg;borg serve --restrict-to-path {{ backup_dir }}/borg\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc"