lewis/ansible/playbooks/lewis.yml

- name: Setup homeserver
  hosts: dataserver

  handlers:
    - name: restart sshd
      systemd:
        name: sshd
        state: restarted

  tasks:
    - name: Copy backup user principals file
      copy:
        dest: /etc/ssh/backup_principals
        content: hypervisor

    - name: Copy hyp user SSH CA public key
      copy:
        dest: /etc/ssh/hyp_user.pub
        content: "{{ hyp_user_ca_public_key }}"

    - name: Copy user certificate sshd config
      copy:
        src: "sshd_user_certificates.conf"
        dest: /etc/ssh/sshd_config.d/user_certificates.conf
      notify: restart sshd

    - name: Ensure backup directory exists
      file:
        path: "{{ backup_mount_point }}/hosts"
        state: directory

    - name: Create backup respositories
      command:
        cmd: "borg init -e none {{ backup_mount_point }}/hosts/{{ item }}"
        creates: "{{ backup_mount_point }}/hosts/{{ item }}"
      with_items: "{{ backup_hosts }}"

    - name: Create extra disk moint point
      file:
        path: "{{ backup_mount_point }}"
        state: directory

    - name: Mount extra disk
      mount:
        path: "{{ backup_mount_point }}"
        src: "UUID={{ backup_uuid }}"
        fstype: ext4
        passno: 1
        state: present

  roles:
    - {role: apt, tags: apt}
    - {role: deploy_ssh_certificates, tags: deploy_ssh_certificates}
move from homeservers repo 2023-02-25 14:35:35 +00:00			`- name: Setup homeserver`
			`hosts: dataserver`
revert back to push backups 2023-04-25 19:59:11 +00:00
			`handlers:`
			`- name: restart sshd`
			`systemd:`
			`name: sshd`
			`state: restarted`

			`tasks:`
			`- name: Copy backup user principals file`
			`copy:`
			`dest: /etc/ssh/backup_principals`
			`content: hypervisor`

			`- name: Copy hyp user SSH CA public key`
			`copy:`
			`dest: /etc/ssh/hyp_user.pub`
			`content: "{{ hyp_user_ca_public_key }}"`

			`- name: Copy user certificate sshd config`
			`copy:`
			`src: "sshd_user_certificates.conf"`
			`dest: /etc/ssh/sshd_config.d/user_certificates.conf`
			`notify: restart sshd`

			`- name: Ensure backup directory exists`
			`file:`
change backup location 2023-05-15 20:19:34 +00:00			`path: "{{ backup_mount_point }}/hosts"`
revert back to push backups 2023-04-25 19:59:11 +00:00			`state: directory`

			`- name: Create backup respositories`
			`command:`
change backup location 2023-05-15 20:19:34 +00:00			`cmd: "borg init -e none {{ backup_mount_point }}/hosts/{{ item }}"`
			`creates: "{{ backup_mount_point }}/hosts/{{ item }}"`
revert back to push backups 2023-04-25 19:59:11 +00:00			`with_items: "{{ backup_hosts }}"`

			`- name: Create extra disk moint point`
			`file:`
change backup location 2023-05-15 20:19:34 +00:00			`path: "{{ backup_mount_point }}"`
revert back to push backups 2023-04-25 19:59:11 +00:00			`state: directory`

			`- name: Mount extra disk`
change backup location 2023-05-15 20:19:34 +00:00			`mount:`
			`path: "{{ backup_mount_point }}"`
			`src: "UUID={{ backup_uuid }}"`
revert back to push backups 2023-04-25 19:59:11 +00:00			`fstype: ext4`
			`passno: 1`
			`state: present`

move from homeservers repo 2023-02-25 14:35:35 +00:00			`roles:`
extract role 2023-04-26 17:39:36 +00:00			`- {role: apt, tags: apt}`
			`- {role: deploy_ssh_certificates, tags: deploy_ssh_certificates}`