49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
# vim: ft=yaml.ansible
|
|
---
|
|
- name: Create SSH directory
|
|
file:
|
|
path: "{{ services.restic.volume_folder }}/ssh"
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
state: directory
|
|
|
|
- name: Upload private SSH key
|
|
copy:
|
|
dest: "{{ services.restic.volume_folder }}/ssh/id_ed25519"
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
content: "{{ restic_secrets.ssh_privkey }}"
|
|
|
|
- name: Derive public SSH key
|
|
shell: >-
|
|
ssh-keygen -f {{ services.restic.volume_folder }}/ssh/id_ed25519 -y
|
|
> {{ services.restic.volume_folder }}/ssh/id_ed25519.pub
|
|
args:
|
|
creates: "{{ services.restic.volume_folder }}/ssh/id_ed25519.pub"
|
|
|
|
- name: Set file permissions on public SSH key
|
|
file:
|
|
path: "{{ services.restic.volume_folder }}/ssh/id_ed25519.pub"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
state: touch
|
|
|
|
- name: Upload SSH config
|
|
template:
|
|
src: restic/ssh.config.j2
|
|
dest: "{{ services.restic.volume_folder }}/ssh/config"
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
|
|
- name: Upload SSH known_hosts file
|
|
template:
|
|
src: restic/ssh.known_hosts.j2
|
|
dest: "{{ services.restic.volume_folder }}/ssh/known_hosts"
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|