alex/homework27
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8936aa243f70d8bcf4e332939676df70ec4cbbd4
homework27/ansible.yml
alex 8936aa243f Добавить ansible.yml
2026-02-22 20:06:19 +03:00

142 lines
2.8 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
- hosts: all
become: true
tasks:
- name: create user backup
user:
name: backup-user
state: present
create_home: yes
shell: /bin/bash
append: yes
- name: update
apt:
update_cache: yes
- name: install borgbackup
apt:
name: borgbackup
state: present
- hosts: client
become: true
tasks:
- name: сreate ssh dir
file:
path: "/home/backup-user/.ssh"
state: directory
owner: backup-user
group: backup-user
mode: '0700'
- name: generate ssh key
user:
name: backup-user
generate_ssh_key: yes
ssh_key_bits: 4096
ssh_key_type: ed25519
ssh_key_file: ~/.ssh/id_rsa
force: no
- name: save public key
fetch:
src: ~/.ssh/id_rsa.pub
dest: "{{ lookup('env', 'PWD') }}/"
flat: yes
- name: save ssh fingerprint
shell: ssh-keyscan -t rsa 192.168.80.30 >> ~/.ssh/known_hosts 2>/dev/null
- hosts: backup-server
become: true
tasks:
- name: сreate dir mount for backup
file:
path: /var/hdd-backup
state: directory
- name: format hdd
filesystem:
fstype: ext4
dev: /dev/sdc
force: no
- name: mount hdd backup-server
mount:
path: /var/hdd-backup
src: /dev/sdc
fstype: ext4
state: mounted
opts: defaults
- name: сreate dir backup
file:
path: /var/hdd-backup/backup
state: directory
- name: chown backup dir
file:
path: /var/hdd-backup/backup
owner: backup-user
group: backup-user
mode: '0755'
state: directory
recurse: yes
- name: сreate ssh dir
file:
path: "/home/backup-user/.ssh"
state: directory
owner: backup-user
mode: '0700'
- name: add public key to backup-server
authorized_key:
user: backup-user
state: present
key: "{{ lookup('file', 'id_rsa.pub') }}"
- hosts: client
become: true
tasks:
- name: generate pass
set_fact:
user_password: "{{ lookup('ansible.builtin.password', '/dev/null length=12') }}"
- name: save pass
copy:
content: "{{ user_password }}"
dest: "./pass"
become: no
delegate_to: localhost
- name: show pass
debug:
msg: "ВНИМАНИЕ!!! Сохраните сгенерированный пароль: {{ user_password }}"
- name: borg initialization
shell: borg init --encryption=repokey backup-user@192.168.80.30:/var/hdd-backup/backup
environment:
BORG_PASSPHRASE: "{{ user_password }}"
- name: create backup script
vars:
borg_pass: "{{ user_password }}"
template:
src: template_backup.sh
dest: /opt/backup.sh
mode: '0755'
- name: create cron
cron:
name: "Create backup /etc"
minute: "*/5"
job: "/opt/backup.sh"
Reference in New Issue View Git Blame Copy Permalink