---
- name: Install borgbackup
  apt:
    name: borgbackup
    state: present

- name: Add borgbackup group
  group: 
    name: "{{ borg.group }}" 
    state: present

- name: Add borgbackup user 
  user: 
    name: "{{ borg.user }}" 
    shell: /bin/bash 
    home: "{{ borg.home }}" 
    password: "{{ borg.password }}"
    createhome: yes 
    group: "{{ borg.group }}" 
    state: present

- name: Fix permission on borgbackup home
  file: 
    path: "{{ borg.home }}"
    owner: "{{ borg.user }}"
    group: "{{ borg.group }}"
    mode: 0700
    state: directory

- name: Fix .ssh permision
  file:
    path: "{{ borg.home }}/.ssh"
    owner: "{{ borg.user }}"
    group: "{{ borg.group }}"
    mode: 0700
    state: directory

- name: Fix pool permission
  file:
    path: "{{ borg.pool }}"
    owner: "{{ borg.user }}"
    group: "{{ borg.group }}"
    mode: 0700
    state: directory

- name: Add autorized backup user through $HOME/.ssh/authorized_keys 
  authorized_key: 
    user: "{{ borg.user }}"
    key: "{{ item.key }}"
    key_options: 'command="cd {{ borg.pool }}/{{ item.host }};borg serve --restrict-to-path {{ borg.pool }}/{{ item.host }}",restrict'
  with_items: "{{ borg.auth_users }}"

- name: Fix permission on authorized_keys
  file: 
    path: "{{ borg.home }}/.ssh/authorized_keys"
    owner: "{{ borg.user }}"
    group: "{{ borg.group }}"
    mode: 0600
    state: file

- name: Fix permission on each repo
  file:
    path: "{{ borg.pool }}/{{ item.host }}"
    owner: "{{ borg.user }}"
    group: "{{ borg.group }}"
    mode: 0700
    state: directory
  with_items: "{{ borg.auth_users }}"