1
0
Fork 0

fix: improve borgbackup ssh keys handling

docs: advise to use Ansible Vault
fix: use gather_facts module in order to get facts for borg role
This commit is contained in:
Arthur BOUDREAULT 2022-07-19 15:02:17 +00:00 committed by Christophe Chaudier
parent 764d3ee68b
commit c86c36880b
3 changed files with 10 additions and 4 deletions

View file

@ -68,7 +68,7 @@ ynh_ssh_borg_command: "ssh_command: ssh -p 7410 -o StrictHostKeychecking=no -i {
- `borgmatic_config_name` : **Optionnel**, nom du fichier de configuration Borgmatic.
- `borgmatic_cron_name` : **Optionnel**, nom du fichier de tâche cron.
- `borg_retention_policy.keep_[hourly|daily|weekly|monthly]` : Permet de régler finement le nombre d'archives récentes que le dépôt doit garder.
- `borg_ssh_keys_src` : Chemin où se trouve le couple clé publique / privée SSH sur l'hôte Ansible.
- `borg_ssh_keys_src` : Chemin où se trouve le couple clé publique / privée SSH sur l'hôte Ansible. Pensez à utiliser [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) pour protéger vos clés SSH.
- `borg_ssh_keys_dest` : Chemin où va être copié la paire de clés SSH sur le serveur YunoHost.
- `ynh_ssh_borg_command`: **Optionnel**, commande SSH personnalisée lors de l'utilisation de Borg sur un dépôt distant.

View file

@ -61,13 +61,13 @@ borg_ssh_keys_dest: "/home/debian/.ssh/ynh_ed25519"
- `ynh_borg_backup_scheduled`: Enable / disable the backup feature with BorgBackup.
- `ynh_borg_backup_remote_repo`: Enable / disable the backup functionality on a BorgBackup remote repository (tasks related to SSH keys setup). If you enable this feature, then you will need to use `borg_ssh_keys_src` and `borg_ssh_keys_dest` variables.
- `borg_source_directories`: List of source folders to backup. By default, this is the folder containing all YunoHost data (configuration, applications).
- `borg_source_directories`: List of source folders to back up. By default, this is the folder containing all YunoHost data (configuration, applications).
- `borg_repository`: Full path to the Borg repository. Possibility to give a list of repositories to save data in several places.
- `borg_encryption_passphrase` : **Mandatory**, password to use for the Borg repository encryption key.
- `borgmatic_config_name`: **Optional**, name of the Borgmatic configuration file.
- `borgmatic_cron_name`: **Optional**, name of the cron task file.
- `borg_retention_policy.keep_[hourly|daily|weekly|monthly]`: Allows you to fine-tune the number of recent archives the repository should keep.
- `borg_ssh_keys_src`: Path to the SSH public/private key pair on the Ansible host.
- `borg_ssh_keys_src`: Path to the SSH public/private key pair on the Ansible host. Consider using [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) to protect your SSH keys.
- `borg_ssh_keys_dest`: Path where the SSH key pair will be copied to the YunoHost server.
- `ynh_ssh_borg_command`: **Optional**, custom SSH command run when using Borg on a remote repository.

View file

@ -25,6 +25,12 @@
- backup
- borg
- name: Gather facts for BorgBackup role
ansible.builtin.setup:
tags:
- borg
- backup
- name: run BorgBackup role
ansible.builtin.import_role:
name: m3nu.ansible_role_borgbackup
@ -56,7 +62,7 @@
- name: deploy ssh private key for BorgBackup
ansible.builtin.copy:
src: "{{ borg_ssh_keys_src }}"
src: "{{ borg_ssh_keys_src }}.vault"
dest: "{{ borg_ssh_keys_dest }}"
owner: "root"
group: "root"