Fixed Duplicity Roles

2024-02-11 16:29:29 +01:00 · 2024-02-11 16:29:29 +01:00 · 954420e9de
commit 954420e9de
parent 5ae3a0631c
14 changed files with 1707 additions and 155 deletions
--- a/roles/duplicity_client/tasks/main.yml
+++ b/roles/duplicity_client/tasks/main.yml
@ -1,2 +1,44 @@
 ---
-# tasks file for duplicity-client
+- name: "Install required software on clients"
+  become: true
+  ansible.builtin.package:
+    name: "{{ item }}"
+    state: "present"
+  with_items:
+    - "acl"
+
+- name: "Create backup user on clients"
+  become: true
+  ansible.builtin.user:
+    name: "{{ duplicity_client_user }}"
+
+- name: "Deploy server ssh keys to clients"
+  become: true
+  ansible.posix.authorized_key:
+    user: "{{ duplicity_client_user }}"
+    state: "present"
+    key: "{{ item.duplicity_server_user_key }}"
+  with_items: "{{ groups['duplicityclient'] | flatten(levels=1) }}"
+
+- name: "Set default ACLs on backup data"
+  become: true
+  ansible.posix.acl:
+    path: "{{ item }}"
+    entity: "{{ duplicity_client_user }}"
+    etype: "user"
+    permissions: r-X
+    default: true
+    state: present
+    recursive: true
+  with_items: "{{ duplicity_client_backup_paths }}"
+
+- name: "Set read ACLs on existing backup data"
+  become: true
+  ansible.posix.acl:
+    path: "{{ item }}"
+    entity: "{{ duplicity_client_user }}"
+    etype: "user"
+    permissions: r-X
+    state: present
+    recursive: true
+  with_items: "{{ duplicity_client_backup_paths }}"