From 021a5ef1e8347a3b536f6d166151492fcc1ca7ec Mon Sep 17 00:00:00 2001 From: Solal Nathan Date: Sun, 14 Mar 2021 16:11:18 +0100 Subject: [PATCH] [borgbackup_client] various fixes for ssh keys --- roles/borgbackup_client/tasks/main.yml | 28 +++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/roles/borgbackup_client/tasks/main.yml b/roles/borgbackup_client/tasks/main.yml index 871234f..e22177e 100644 --- a/roles/borgbackup_client/tasks/main.yml +++ b/roles/borgbackup_client/tasks/main.yml @@ -44,11 +44,33 @@ - name: Create SSH key openssh_keypair: path: "/etc/borgbackup/id_remote" - type: rsa + type: ed25519 + regenerate: full_idempotence owner: root group: root mode: u=r,g=r,o= register: ssh_key + +- name: Gather server facts + delegate_to: "{{ borg_server_host }}" + setup: + gather_subset: + - all + register: server_facts + +- name: debug + debug: + var: "server_facts['ansible_facts'].ansible_ssh_host_key_ecdsa_public_keytype" + +- name: Add server key to known hosts + known_hosts: + hash_host: true + host: "{{ borg_server_host }}" + key: "{{ borg_server_host }} {{ server_facts['ansible_facts']['ansible_ssh_host_key_' + item + '_public_keytype'] }} {{ server_facts['ansible_facts']['ansible_ssh_host_key_' + item + '_public'] }}" + loop: + - ecdsa + - ed25519 + - rsa - name: Add public key to remote delegate_to: "{{ borg_server_host }}" @@ -65,12 +87,12 @@ no-user-rc, no-X11-forwarding vars: - borg_host_dir: "{{ borg_server_base_dir }}/{{ ansible_fqdn }}" + borg_host_dir: "/borg/{{ ansible_fqdn }}" - name: Add borgmatic configuration file become: true template: - src: borgmatic.conf.j2 + src: config.yaml.j2 dest: /etc/borgmatic/config.yaml owner: root group: root