Feat(Songe): Start songe borgbackup server

files/sshpubs/id_rsa_poivre_borg.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPuEcyD0F2z8hlPPFkVV0EcbCJR/SxO4ajpPnVhkJI++KCvZEIhII0S3j0nQcukzN3saiVzzzYACyoCUdDVQZV7eoQ2R4eWMDSd10ToHbQezlneWT+wLhsJ2H8lo+e5Ny1AzEAE4ho1wxeQN3lZX5g0S5HFx/bVpiQSoks8ItjnUjmbeMQmWWDM4F9kQeSpOu2WWWT5o7BCBmXCFNrmF5pXHsYiAV5LMnOSs7l1e0o4aVJJfv+529qrITVzSYCtKaTIFTNbmwZlrKOAjIjbM/rRUturBg/2ToaSzIKTwZOS4Wb9NuKYMOAFtOZ3rbFimjIOsGB13D1oG/qgOyZN3tX lafrite@Poivre

tasks/borg_server.yml

@@ -3,3 +3,65 @@
   apt:
     name: borgbackup
     state: present
+
+- name: Add borgbackup group
+  group: 
+    name: "{{ borg_group }}" 
+    state: present
+
+- name: Add borgbackup user 
+  user: 
+    name: "{{ borg_user }}" 
+    shell: /bin/bash 
+    home: "{{ borg_home }}" 
+    createhome: yes 
+    group: "{{ borg_group }}" 
+    state: present
+
+- name: Fix permission on borgbackup home
+  file: 
+    path: "{{ borg_home }}"
+    owner: "{{ borg_user }}"
+    group: "{{ borg_group }}"
+    mode: 0700
+    state: directory
+
+- name: Fix .ssh permision
+  file:
+    path: "{{ borg_home }}/.ssh"
+    owner: "{{ borg_user }}"
+    group: "{{ borg_group }}"
+    mode: 0700
+    state: directory
+
+- name: Fix pool permission
+  file:
+    path: "{{ borg_pool }}"
+    owner: "{{ borg_user }}"
+    group: "{{ borg_group }}"
+    mode: 0700
+    state: directory
+
+- name: Add autorized backup user through $HOME/.ssh/authorized_keys 
+  authorized_key: 
+    user: "{{ borg_user }}"
+    key: "{{ item.key }}"
+    key_options: 'command="cd {{ borg_pool }}/{{ item.host }};borg serve --restrict-to-path {{ borg_pool }}/{{ item.host }}",restrict'
+  with_items: "{{ borg_auth_users }}"
+
+- name: Fix permission on authorized_keys
+  file: 
+    path: "{{ borg_home }}/.ssh/authorized_keys"
+    owner: "{{ borg_user }}"
+    group: "{{ borg_group }}"
+    mode: 0600
+    state: file
+
+- name: Fix permission on each repo
+  file:
+    path: "{{ borg_pool }}/{{ item.host }}"
+    owner: "{{ borg_user }}"
+    group: "{{ borg_group }}"
+    mode: 0700
+    state: directory
+  with_items: "{{ borg_auth_users }}"

vars/Songe.yml

@@ -19,3 +19,21 @@ nfs_shares:
   - { src: '/media/documents', name: '/export/documents', options: 'rw,no_subtree_check,nohide' }
   - { src: '/media/backup', name: '/export/backup', options: 'rw,no_subtree_check,nohide' }
   - { src: '/media/documents/musique', name: '/export/musique', options: 'ro,no_subtree_check,nohide' }
+
+
+## J'en suis là!!
+borg:
+  user: backup
+  group: backup
+  home: /media/backup/borgbackup
+  pool: /media/backup/borgbackup/repos
+  auth_users:
+    - host: Poivre
+      key: "{{ lookup('file', 'sshpubs/id_rsa_poivre_borg.pub') }}"
+      # - host: Choux
+      #   key: "{{ lookup('file', '') }}"
+      # - host: localhost
+      #   key: "{{ lookup('file', '') }}"
+
+
+