Commit ac0478d3 authored by Sven-Hendrik Haase's avatar Sven-Hendrik Haase
Browse files

Use borg user to receive backups on vostok instead of root

parent e746a6b0
......@@ -8,4 +8,4 @@
- tools
- sshd
- ssh_keys
- { role: borg-client, backup_host: "root@vostok.archlinux.org", backup_dir: "/backup/orion" }
- { role: borg-client, backup_host: "borg@vostok.archlinux.org", backup_dir: "/backup/orion" }
......@@ -3,8 +3,14 @@
- name: install borg
pacman: name=borg state=present
- name: create borg user
user: home="{{ backup_dir }}" name=borg
- name: create borg user home
file: path="{{ backup_dir }}" state=directory owner=borg group=borg mode=700
- name: create the root backup directory at {{ backup_dir }}
file: path="{{ backup_dir }}/{{ item }}" state=directory owner=root group=root mode=700
file: path="{{ backup_dir }}/{{ item }}" state=directory owner=borg group=borg mode=700
with_items: "{{ backup_clients }}"
- name: fetch ssh keys
......@@ -15,7 +21,7 @@
- name: allow certain clients to connect
authorized_key:
user=root
user=borg
key="{{ item.stdout }}"
manage_dir=yes
key_options="command=\"borg serve --restrict-to-path {{ backup_dir }}/{{ item['item'] }}\",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment