From f324bbdef4a71d33d4dd0adbd9037f600a058ad5 Mon Sep 17 00:00:00 2001
From: Matthew Fennell <matthew@fennell.dev>
Date: Mon, 8 Jan 2024 22:53:42 +0000
Subject: Install borgmatic in the playbook

This commit adds borgmatic, to provide automated backups.
---
 playbook.yaml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'playbook.yaml')

diff --git a/playbook.yaml b/playbook.yaml
index 1a2a1e9..6c61e68 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -10,6 +10,7 @@
    - name: Ensure required packages are installed
      ansible.builtin.package:
       name:
+       - borgmatic
        - certbot
        - prosody
        - prosody-modules
@@ -74,6 +75,23 @@
       name: prosody
       enabled: true
      become: true
+   - name: Ensure borgmatic private key is installed
+     ansible.builtin.copy:
+      src: "{{ borg_private_key_path }}"
+      dest: /root/.ssh/borg_key
+      owner: root
+      group: root
+      mode: "0600"
+     become: true
+   - name: Ensure borgmatic is configured
+     ansible.builtin.template:
+      src: "{{ playbook_dir }}/files/borgmatic_config.yaml.j2"
+      dest: "/etc/borgmatic/config.yaml"
+      owner: root
+      group: root
+      mode: "0600"
+     become: true
+     notify: Validate borgmatic config
 
   handlers:
    - name: Reload prosody
@@ -81,3 +99,7 @@
       name: prosody
       state: reloaded
      become: true
+   - name: Validate borgmatic config
+     ansible.builtin.command: validate-borgmatic-config
+     become: true
+     changed_when: false
-- 
cgit v1.2.3