--- - name: Borg und borgmatic installieren apt: name: - borgbackup - borgmatic state: present update_cache: yes - name: SSH Private Key deployen copy: src: id_rsa dest: "{{ borg_ssh_key }}" mode: '0600' - name: SSH Public Key deployen copy: src: id_rsa.pub dest: "{{ borg_ssh_key }}.pub" mode: '0644' - name: SSH Config für Storage Box blockinfile: path: /root/.ssh/config create: yes mode: '0600' marker: "# {mark} BORG STORAGEBOX" block: | Host storagebox Hostname {{ hetzner_storage_host }} User {{ hetzner_storage_user }} Port {{ hetzner_storage_port }} IdentityFile {{ borg_ssh_key }} IdentitiesOnly yes StrictHostKeyChecking accept-new - name: Backup-Verzeichnis auf Storage Box anlegen command: ssh storagebox mkdir -p home/{{ inventory_hostname }} changed_when: false - name: Borg Repo initialisieren environment: BORG_PASSPHRASE: "{{ borg_passphrase }}" command: borg init --encryption=repokey {{ borg_repo }} register: borg_init failed_when: borg_init.rc != 0 and 'already exists' not in borg_init.stderr changed_when: borg_init.rc == 0 - name: borgmatic Config-Verzeichnis file: path: /etc/borgmatic state: directory mode: '0700' - name: borgmatic Config deployen template: src: borgmatic.yml.j2 dest: /etc/borgmatic/config.yaml mode: '0600' - name: Altes Backup-Script entfernen file: path: /usr/local/bin/borg-backup.sh state: absent - name: Systemd Timer Unit copy: dest: /etc/systemd/system/borg-backup.timer content: | [Unit] Description=Borgmatic Backup Timer [Timer] OnCalendar=*-*-* 03:00:00 RandomizedDelaySec=1800 Persistent=true [Install] WantedBy=timers.target - name: Systemd Service Unit copy: dest: /etc/systemd/system/borg-backup.service content: | [Unit] Description=Borgmatic Backup After=network-online.target Wants=network-online.target [Service] Type=oneshot ExecStart=/usr/bin/borgmatic --verbosity 1 Nice=19 IOSchedulingClass=idle - name: Timer aktivieren und starten systemd: name: borg-backup.timer enabled: true state: started daemon_reload: true