hypervisors/ansible/roles/backup/tasks/main.yml

- name: Add backup share user
  user:
    name: "{{ backup_share_user }}"
    create_home: false
    password: '!'
    shell: /sbin/nologin
    system: true
- name: Add backup control user
  user:
    name: "{{ backup_control_user }}"
    password: '!'
    shell: /usr/bin/sh
    system: true
    groups: "libvirt"
- name: Copy control script
  copy:
    src: "backup_control.sh"
    dest: "/home/{{ backup_control_user }}/control.sh"
    owner: "{{ backup_control_user }}"
    group: "{{ backup_control_user }}"
    mode: u=rx,g=rx,o=rx
- name: Add backup user principals file
  copy:
    dest: "/etc/ssh/backup_principals"
    content: "backup"
- name: Install user CA
  copy:
    dest: "/etc/ssh/user_ca_key.pub"
    content: "{{ user_ca }}"
- name: Copy ssh config for backup user
  template:
    src: "sshd.conf.j2"
    dest: "/etc/ssh/sshd_config.d/custom.conf"
  notify: restart sshd
change directory structure 2023-04-24 17:28:53 +00:00			`- name: Add backup share user`
			`user:`
			`name: "{{ backup_share_user }}"`
			`create_home: false`
			`password: '!'`
			`shell: /sbin/nologin`
			`system: true`
			`- name: Add backup control user`
			`user:`
			`name: "{{ backup_control_user }}"`
			`password: '!'`
			`shell: /usr/bin/sh`
			`system: true`
			`groups: "libvirt"`
			`- name: Copy control script`
			`copy:`
			`src: "backup_control.sh"`
			`dest: "/home/{{ backup_control_user }}/control.sh"`
			`owner: "{{ backup_control_user }}"`
			`group: "{{ backup_control_user }}"`
			`mode: u=rx,g=rx,o=rx`
			`- name: Add backup user principals file`
			`copy:`
			`dest: "/etc/ssh/backup_principals"`
			`content: "backup"`
			`- name: Install user CA`
			`copy:`
			`dest: "/etc/ssh/user_ca_key.pub"`
			`content: "{{ user_ca }}"`
			`- name: Copy ssh config for backup user`
			`template:`
			`src: "sshd.conf.j2"`
			`dest: "/etc/ssh/sshd_config.d/custom.conf"`
			`notify: restart sshd`