From 812ba00884db9f0da8c99c12477499f78597f296 Mon Sep 17 00:00:00 2001
From: pizzaniels <niels@kunis.nl>
Date: Wed, 11 Jan 2023 20:04:31 +0100
Subject: [PATCH] add data server

---
 Makefile                           |  3 +++
 inventory/group_vars/all.yml       |  2 ++
 inventory/hosts.yml                |  7 ++++++-
 playbooks/all.yml                  |  8 ++++++--
 playbooks/borg.yml                 |  2 +-
 playbooks/dataserver.yml           |  4 ++++
 playbooks/firewall.yml             |  2 +-
 playbooks/forgejo.yml              |  2 +-
 playbooks/kms.yml                  |  2 +-
 playbooks/mastodon.yml             |  2 +-
 playbooks/nsd.yml                  |  2 +-
 playbooks/pizzeria.yml             |  2 +-
 playbooks/radicale.yml             |  2 +-
 playbooks/ssh.yml                  |  2 +-
 playbooks/syncthing.yml            |  2 +-
 playbooks/traefik.yml              |  2 +-
 roles/borg/files/id_ed25519.pub    |  1 -
 roles/borg/tasks/main.yml          |  5 -----
 roles/borg/templates/backup.yml.j2 |  2 +-
 roles/dataserver/tasks/main.yml    | 18 ++++++++++++++++++
 20 files changed, 51 insertions(+), 21 deletions(-)
 create mode 100644 inventory/group_vars/all.yml
 create mode 100644 playbooks/dataserver.yml
 delete mode 100644 roles/borg/files/id_ed25519.pub
 create mode 100644 roles/dataserver/tasks/main.yml

diff --git a/Makefile b/Makefile
index d322db2..858cd16 100644
--- a/Makefile
+++ b/Makefile
@@ -31,4 +31,7 @@ kms:
 borg:
 	ansible-playbook playbooks/borg.yml -i inventory/hosts.yml --ask-vault-pass
 
+dataserver:
+	ansible-playbook playbooks/dataserver.yml -i inventory/hosts.yml
+
 .PHONY: run
diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
new file mode 100644
index 0000000..9de5064
--- /dev/null
+++ b/inventory/group_vars/all.yml
@@ -0,0 +1,2 @@
+borg_public_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTag7YToG5W+H2kEUz40kOH+7cs0Lp3owFFKkmHBiWM root@max"
+backup_location: "/root/homeserver_backup"
\ No newline at end of file
diff --git a/inventory/hosts.yml b/inventory/hosts.yml
index 479750a..6391b99 100644
--- a/inventory/hosts.yml
+++ b/inventory/hosts.yml
@@ -1,7 +1,12 @@
 all:
   children:
-    homeservers:
+    homeserver:
       hosts:
         max:
           ansible_user: root
           ansible_host: max.lan
+    dataserver:
+      hosts:
+        lewis:
+          ansible_user: root
+          ansible_host: lewis.lan
diff --git a/playbooks/all.yml b/playbooks/all.yml
index c6ed8b0..417dab6 100644
--- a/playbooks/all.yml
+++ b/playbooks/all.yml
@@ -1,5 +1,5 @@
-- name: Setup everything
-  hosts: homeservers
+- name: Setup homeserver
+  hosts: homeserver
   roles:
     - ssh
     - borg
@@ -10,3 +10,7 @@
     - forgejo
     - radicale
     - mastodon
+- name: Setup dataserver
+  hosts: dataserver
+  roles:
+    - dataserver
\ No newline at end of file
diff --git a/playbooks/borg.yml b/playbooks/borg.yml
index 8cad627..a93ff21 100644
--- a/playbooks/borg.yml
+++ b/playbooks/borg.yml
@@ -1,4 +1,4 @@
 - name: Install borg
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - borg
diff --git a/playbooks/dataserver.yml b/playbooks/dataserver.yml
new file mode 100644
index 0000000..78a3041
--- /dev/null
+++ b/playbooks/dataserver.yml
@@ -0,0 +1,4 @@
+- name: Install dataserver
+  hosts: dataserver
+  roles:
+    - dataserver
diff --git a/playbooks/firewall.yml b/playbooks/firewall.yml
index 3261f45..262f052 100644
--- a/playbooks/firewall.yml
+++ b/playbooks/firewall.yml
@@ -1,4 +1,4 @@
 - name: Configure firewall
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - firewall
diff --git a/playbooks/forgejo.yml b/playbooks/forgejo.yml
index ee803ad..823a416 100644
--- a/playbooks/forgejo.yml
+++ b/playbooks/forgejo.yml
@@ -1,4 +1,4 @@
 - name: Install forgejo
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - forgejo
diff --git a/playbooks/kms.yml b/playbooks/kms.yml
index a09ff36..8695144 100644
--- a/playbooks/kms.yml
+++ b/playbooks/kms.yml
@@ -1,4 +1,4 @@
 - name: Install kms stateless server
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - kms
diff --git a/playbooks/mastodon.yml b/playbooks/mastodon.yml
index 86bca43..f02f8bf 100644
--- a/playbooks/mastodon.yml
+++ b/playbooks/mastodon.yml
@@ -1,4 +1,4 @@
 - name: Install Mastodon
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - mastodon
diff --git a/playbooks/nsd.yml b/playbooks/nsd.yml
index 9023c88..fa4bd7d 100644
--- a/playbooks/nsd.yml
+++ b/playbooks/nsd.yml
@@ -1,4 +1,4 @@
 - name: Install nsd
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - nsd
diff --git a/playbooks/pizzeria.yml b/playbooks/pizzeria.yml
index 41f11a4..9fd08c5 100644
--- a/playbooks/pizzeria.yml
+++ b/playbooks/pizzeria.yml
@@ -1,4 +1,4 @@
 - name: Install pizzeria static website
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - pizzeria
diff --git a/playbooks/radicale.yml b/playbooks/radicale.yml
index e5e724e..7c04bd0 100644
--- a/playbooks/radicale.yml
+++ b/playbooks/radicale.yml
@@ -1,4 +1,4 @@
 - name: Install Radicale
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - radicale
diff --git a/playbooks/ssh.yml b/playbooks/ssh.yml
index 44ad2b8..04993a9 100644
--- a/playbooks/ssh.yml
+++ b/playbooks/ssh.yml
@@ -1,4 +1,4 @@
 - name: Configure SSH
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - ssh
diff --git a/playbooks/syncthing.yml b/playbooks/syncthing.yml
index e01baa2..bd0e1a3 100644
--- a/playbooks/syncthing.yml
+++ b/playbooks/syncthing.yml
@@ -1,4 +1,4 @@
 - name: Install syncthing
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - syncthing
diff --git a/playbooks/traefik.yml b/playbooks/traefik.yml
index feaf9be..318c7dc 100644
--- a/playbooks/traefik.yml
+++ b/playbooks/traefik.yml
@@ -1,4 +1,4 @@
 - name: Install traefik
-  hosts: homeservers
+  hosts: homeserver
   roles:
     - traefik
diff --git a/roles/borg/files/id_ed25519.pub b/roles/borg/files/id_ed25519.pub
deleted file mode 100644
index 238b751..0000000
--- a/roles/borg/files/id_ed25519.pub
+++ /dev/null
@@ -1 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTag7YToG5W+H2kEUz40kOH+7cs0Lp3owFFKkmHBiWM root@max
diff --git a/roles/borg/tasks/main.yml b/roles/borg/tasks/main.yml
index 08fccf6..86f9818 100644
--- a/roles/borg/tasks/main.yml
+++ b/roles/borg/tasks/main.yml
@@ -11,11 +11,6 @@
   template:
     src: "{{ role_path }}/templates/backup.yml.j2"
     dest: "{{ service_dir }}/backup.yml"
-- name: Copy public key
-  copy:
-    src: "{{ role_path }}/files/id_ed25519.pub"
-    dest: "{{ service_dir }}/id_ed25519.pub"
-    mode: 0644
 - name: Copy private key
   copy:
     src: "{{ role_path }}/files/id_ed25519"
diff --git a/roles/borg/templates/backup.yml.j2 b/roles/borg/templates/backup.yml.j2
index 5120d81..1e7a9a1 100644
--- a/roles/borg/templates/backup.yml.j2
+++ b/roles/borg/templates/backup.yml.j2
@@ -2,7 +2,7 @@ location:
     source_directories:
         - {{ base_data_dir }}
     repositories:
-        - ssh://root@lewis.lan/root/homeserver_backup
+        - ssh://root@lewis.lan/{{ backup_location }}
 retention:
     keep_daily: 7
     keep_weekly: 4
diff --git a/roles/dataserver/tasks/main.yml b/roles/dataserver/tasks/main.yml
new file mode 100644
index 0000000..17d9755
--- /dev/null
+++ b/roles/dataserver/tasks/main.yml
@@ -0,0 +1,18 @@
+- name: APT upgrade
+  apt:
+    autoremove: true
+    upgrade: yes
+    state: latest
+    update_cache: yes
+    cache_valid_time: 86400 # One day
+- name: Install borg
+  apt:
+    name: borgbackup
+- name: Add Borg public key
+  authorized_key:
+    key: "{{ borg_public_key }}"
+    user: "{{ ansible_user_id }}"
+- name: Create Borg repository
+  command:
+    cmd: "borg init -e none {{ backup_location }}"
+    creates: "{{ backup_location }}"
\ No newline at end of file