service-borg-backup: preload backup server facts
As described inline, ensure that minimal facts for the backup servers' are loaded before running the backup roles on hosts, so they can read the ansible_ssh_host_key_ed25519_public fact for each backup server and ensure it is accepted. Update the other comments slightly as well. Change-Id: I1f207ca0770d58f61a89f9ade0bd26cebc982c62
This commit is contained in:
parent
1e18cd0163
commit
08dba9d026
@ -1,10 +1,22 @@
|
|||||||
# This needs to happen in order. Backup hosts export their username/key
|
# This ensures fact population so the borg-backup role, run on the
|
||||||
# combos which are installed onto the backup server
|
# backup-clients, can add the public key for each backup server in
|
||||||
|
# "borg-backup-server" to it's known_hosts.
|
||||||
|
- hosts: "borg-backup-server:!disabled"
|
||||||
|
name: "Populate backup server host keys"
|
||||||
|
tasks:
|
||||||
|
- name: 'Gather minimal host facts'
|
||||||
|
setup:
|
||||||
|
gather_subset: '!all'
|
||||||
|
|
||||||
|
# These two steps needs to happen in order. Backup hosts export their
|
||||||
|
# username/key combos in this step, then the following role uses that
|
||||||
|
# info to authorizes these users on the backup servers.
|
||||||
- hosts: "borg-backup:!disabled"
|
- hosts: "borg-backup:!disabled"
|
||||||
name: "Base: Generate borg backup users and keys"
|
name: "Generate borg backup users and keys"
|
||||||
roles:
|
roles:
|
||||||
- iptables
|
- iptables
|
||||||
- borg-backup
|
- borg-backup
|
||||||
|
|
||||||
- hosts: "borg-backup-server:!disabled"
|
- hosts: "borg-backup-server:!disabled"
|
||||||
name: "Generate borg configuration"
|
name: "Generate borg configuration"
|
||||||
roles:
|
roles:
|
||||||
|
Loading…
Reference in New Issue
Block a user