fix: improve borgbackup ssh keys handling
docs: advise to use Ansible Vault fix: use gather_facts module in order to get facts for borg role
This commit is contained in:
parent
764d3ee68b
commit
c86c36880b
3 changed files with 10 additions and 4 deletions
|
@ -68,7 +68,7 @@ ynh_ssh_borg_command: "ssh_command: ssh -p 7410 -o StrictHostKeychecking=no -i {
|
||||||
- `borgmatic_config_name` : **Optionnel**, nom du fichier de configuration Borgmatic.
|
- `borgmatic_config_name` : **Optionnel**, nom du fichier de configuration Borgmatic.
|
||||||
- `borgmatic_cron_name` : **Optionnel**, nom du fichier de tâche cron.
|
- `borgmatic_cron_name` : **Optionnel**, nom du fichier de tâche cron.
|
||||||
- `borg_retention_policy.keep_[hourly|daily|weekly|monthly]` : Permet de régler finement le nombre d'archives récentes que le dépôt doit garder.
|
- `borg_retention_policy.keep_[hourly|daily|weekly|monthly]` : Permet de régler finement le nombre d'archives récentes que le dépôt doit garder.
|
||||||
- `borg_ssh_keys_src` : Chemin où se trouve le couple clé publique / privée SSH sur l'hôte Ansible.
|
- `borg_ssh_keys_src` : Chemin où se trouve le couple clé publique / privée SSH sur l'hôte Ansible. Pensez à utiliser [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) pour protéger vos clés SSH.
|
||||||
- `borg_ssh_keys_dest` : Chemin où va être copié la paire de clés SSH sur le serveur YunoHost.
|
- `borg_ssh_keys_dest` : Chemin où va être copié la paire de clés SSH sur le serveur YunoHost.
|
||||||
- `ynh_ssh_borg_command`: **Optionnel**, commande SSH personnalisée lors de l'utilisation de Borg sur un dépôt distant.
|
- `ynh_ssh_borg_command`: **Optionnel**, commande SSH personnalisée lors de l'utilisation de Borg sur un dépôt distant.
|
||||||
|
|
||||||
|
|
|
@ -61,13 +61,13 @@ borg_ssh_keys_dest: "/home/debian/.ssh/ynh_ed25519"
|
||||||
|
|
||||||
- `ynh_borg_backup_scheduled`: Enable / disable the backup feature with BorgBackup.
|
- `ynh_borg_backup_scheduled`: Enable / disable the backup feature with BorgBackup.
|
||||||
- `ynh_borg_backup_remote_repo`: Enable / disable the backup functionality on a BorgBackup remote repository (tasks related to SSH keys setup). If you enable this feature, then you will need to use `borg_ssh_keys_src` and `borg_ssh_keys_dest` variables.
|
- `ynh_borg_backup_remote_repo`: Enable / disable the backup functionality on a BorgBackup remote repository (tasks related to SSH keys setup). If you enable this feature, then you will need to use `borg_ssh_keys_src` and `borg_ssh_keys_dest` variables.
|
||||||
- `borg_source_directories`: List of source folders to backup. By default, this is the folder containing all YunoHost data (configuration, applications).
|
- `borg_source_directories`: List of source folders to back up. By default, this is the folder containing all YunoHost data (configuration, applications).
|
||||||
- `borg_repository`: Full path to the Borg repository. Possibility to give a list of repositories to save data in several places.
|
- `borg_repository`: Full path to the Borg repository. Possibility to give a list of repositories to save data in several places.
|
||||||
- `borg_encryption_passphrase` : **Mandatory**, password to use for the Borg repository encryption key.
|
- `borg_encryption_passphrase` : **Mandatory**, password to use for the Borg repository encryption key.
|
||||||
- `borgmatic_config_name`: **Optional**, name of the Borgmatic configuration file.
|
- `borgmatic_config_name`: **Optional**, name of the Borgmatic configuration file.
|
||||||
- `borgmatic_cron_name`: **Optional**, name of the cron task file.
|
- `borgmatic_cron_name`: **Optional**, name of the cron task file.
|
||||||
- `borg_retention_policy.keep_[hourly|daily|weekly|monthly]`: Allows you to fine-tune the number of recent archives the repository should keep.
|
- `borg_retention_policy.keep_[hourly|daily|weekly|monthly]`: Allows you to fine-tune the number of recent archives the repository should keep.
|
||||||
- `borg_ssh_keys_src`: Path to the SSH public/private key pair on the Ansible host.
|
- `borg_ssh_keys_src`: Path to the SSH public/private key pair on the Ansible host. Consider using [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) to protect your SSH keys.
|
||||||
- `borg_ssh_keys_dest`: Path where the SSH key pair will be copied to the YunoHost server.
|
- `borg_ssh_keys_dest`: Path where the SSH key pair will be copied to the YunoHost server.
|
||||||
- `ynh_ssh_borg_command`: **Optional**, custom SSH command run when using Borg on a remote repository.
|
- `ynh_ssh_borg_command`: **Optional**, custom SSH command run when using Borg on a remote repository.
|
||||||
|
|
||||||
|
|
|
@ -25,6 +25,12 @@
|
||||||
- backup
|
- backup
|
||||||
- borg
|
- borg
|
||||||
|
|
||||||
|
- name: Gather facts for BorgBackup role
|
||||||
|
ansible.builtin.setup:
|
||||||
|
tags:
|
||||||
|
- borg
|
||||||
|
- backup
|
||||||
|
|
||||||
- name: run BorgBackup role
|
- name: run BorgBackup role
|
||||||
ansible.builtin.import_role:
|
ansible.builtin.import_role:
|
||||||
name: m3nu.ansible_role_borgbackup
|
name: m3nu.ansible_role_borgbackup
|
||||||
|
@ -56,7 +62,7 @@
|
||||||
|
|
||||||
- name: deploy ssh private key for BorgBackup
|
- name: deploy ssh private key for BorgBackup
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: "{{ borg_ssh_keys_src }}"
|
src: "{{ borg_ssh_keys_src }}.vault"
|
||||||
dest: "{{ borg_ssh_keys_dest }}"
|
dest: "{{ borg_ssh_keys_dest }}"
|
||||||
owner: "root"
|
owner: "root"
|
||||||
group: "root"
|
group: "root"
|
||||||
|
|
Loading…
Reference in a new issue