--- - name: Pin borgmatic template: src: "apt/{{ item }}.j2" dest: "/etc/apt/{{ item }}" owner: root group: root mode: u=rw,g=r,o= loop: - sources.list.d/bullseye.list - preferences.d/borgmatic-bullseye when: - ansible_distribution == "Debian" - ansible_distribution_major_version | int <= 10 - ansible_distribution_release != "bullseye" - name: Don't pin borgmatic if we are on bullseye file: path: "/etc/apt/{{ item }}" state: absent loop: - sources.list.d/bullseye.list - preferences.d/borgmatic-bullseye when: - ansible_distribution == "Debian" - ansible_distribution_release == "bullseye" - name: Install borgmatic apt: name: borgmatic register: apt_result retries: 3 until: apt_result is succeeded - name: Create SSH key openssh_keypair: path: /etc/borgbackup/id_remote type: ed25519 owner: root group: root mode: u=r,g=r,o= register: ssh_key - name: Add public key to remote delegate_to: "{{ borg_server_host }}" become: "{{ borg_server_user }}" authorized_key: exclusive: false key: "{{ ssh_key.public_key }}" key_options: >- command="borg serve --restrict-to-path {{ borg_host_dir }}, no-agent-forwarding, no-port-forwarding, no-pty, no-user-rc, no-X11-forwarding vars: borg_host_dir: "{{ borg_server_base_dir }}/{{ ansible_fqdn }}" - name: Add borgmatic configuration file become: true template: src: borgmatic.conf.j2 dest: /etc/borgmatic/config.yaml owner: root group: root mode: u=rw,g=r,o= - name: Install timer and service for borgmatic template: src: "{{ item }}.j2" dest: "/etc/systemd/system/{{ item }}" owner: root group: root mode: u=rw,g=r,o= loop: - borgmatic.timer - borgmatic.service notify: - Run systemd daemon-reload - Start and enable borgmatic timer - Start and enable borgmatic service - include_role: update_motd vars: key: 10-borgmatic message: Borgmatic (client) est installé dans /etc/borgmatic/config.yaml. ...