 08dba9d026
			
		
	
	08dba9d026
	
	
	
		
			
			As described inline, ensure that minimal facts for the backup servers' are loaded before running the backup roles on hosts, so they can read the ansible_ssh_host_key_ed25519_public fact for each backup server and ensure it is accepted. Update the other comments slightly as well. Change-Id: I1f207ca0770d58f61a89f9ade0bd26cebc982c62
		
			
				
	
	
		
			25 lines
		
	
	
		
			800 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			25 lines
		
	
	
		
			800 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
| # This ensures fact population so the borg-backup role, run on the
 | |
| # backup-clients, can add the public key for each backup server in
 | |
| # "borg-backup-server" to it's known_hosts.
 | |
| - hosts: "borg-backup-server:!disabled"
 | |
|   name: "Populate backup server host keys"
 | |
|   tasks:
 | |
|     - name: 'Gather minimal host facts'
 | |
|       setup:
 | |
|         gather_subset: '!all'
 | |
| 
 | |
| # These two steps needs to happen in order.  Backup hosts export their
 | |
| # username/key combos in this step, then the following role uses that
 | |
| # info to authorizes these users on the backup servers.
 | |
| - hosts: "borg-backup:!disabled"
 | |
|   name: "Generate borg backup users and keys"
 | |
|   roles:
 | |
|     - iptables
 | |
|     - borg-backup
 | |
| 
 | |
| - hosts: "borg-backup-server:!disabled"
 | |
|   name: "Generate borg configuration"
 | |
|   roles:
 | |
|     - iptables
 | |
|     - borg-backup-server
 |