add logic to create timers and borgmatic configs

defaults/main.yml

@@ -0,0 +1,6 @@
+borgmatic_retention_daily: 7
+borgmatic_retention_weekly: 4
+borgmatic_retention_monthly: 6
+borgmatic_retention_yearly: 1
+borgmatic_nightly_time: "04:20:00"
+borgmatic_encryption_passphrase: "tilde.fun"

files/borgmatic@.service

@@ -21,4 +21,4 @@ LogRateLimitIntervalSec=0
 
 # Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and
 # dbus-user-session to be installed.
-ExecStart=systemd-inhibit --who="borgmatic-%i" --why="Prevent interrupting backup of %I" /usr/bin/borgmatic /etc/borgmatic/%i.yaml --syslog-verbosity 1
+ExecStart=systemd-inhibit --who="borgmatic-%i" --why="Prevent interrupting backup of %I" /usr/bin/borgmatic -c /etc/borgmatic.d/%i.yaml

tasks/install-debian.yml

@@ -0,0 +1,19 @@
+- name: Install Borg Backup via dnf package manager
+  ansible.builtin.apt:
+    name:
+      - "borgbackup"
+      - "borgmatic"
+    state: present
+
+- name: Create borgmatic conf folder
+  ansible.builtin.file:
+    path: "/etc/borgmatic.d/"
+    state: directory
+
+- name: Copy systemd unit files
+  ansible.builtin.copy:
+    src: "../files/borgmatic@.service"
+    dest: "/etc/systemd/system/borgmatic@.service"
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r

tasks/install-fedora.yml

@@ -0,0 +1,18 @@
+- name: Install Borg Backup via dnf package manager
+  ansible.builtin.dnf:
+    name: "borgbackup"
+    state: present
+
+- name: Install Borgmatic via Pip package manager
+  ansible.builtin.pip:
+    name: "borgmatic"
+    state: present
+
+- name: Copy systemd unit files
+  ansible.builtin.copy:
+    src: "../files/borgmatic@.service"
+    dest: "/etc/systemd/system/borgmatic@.service"
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+    

tasks/install.yml

@@ -1,18 +1,9 @@
-- name: Install Borg Backup via dnf package manager
-  ansible.builtin.dnf:
-    name: "borgbackup"
-    state: present
+- name: install borg and borgmatic on Debian
+  when: ansible_os_family == "Debian"
+  include_tasks:
+    file: "install-debian.yml"
 
-- name: Install Borgmatic via Pip package manager
-  ansible.builtin.pip:
-    name: "borgmatic"
-    state: present
-
-- name: Copy systemd unit files
-  ansible.builtin.copy:
-    src: "../files/borgmatic@.service"
-    dest: "/etc/systemd/system/borgmatic@.service"
-    owner: root
-    group: root
-    mode: u=rw,g=r,o=r
-    
+- name: install borg and borgmatic on Fedora
+  when: ansible_os_family == "Fedora"
+  include_tasks:
+    file: "install-fedora.yml"

tasks/main.yml

@@ -6,3 +6,25 @@
 - name: "Install borg and borgmatic"
   include: install.yml
   when: not borgmatic_installed.stat.exists
+
+- name: "Template directory backup configuration files"
+  template:
+    src: directories.yaml
+    dest: /etc/borgmatic.d/directories.yaml
+
+- name: "Template systemd nightly timer"
+  ansible.builtin.template:
+    src: "../templates/borgmatic-nightly@.timer"
+    dest: "/etc/systemd/system/borgmatic-nightly@.timer"
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+
+- name: "Enable nightly backup timer"
+  systemd:
+    name: borgmatic-nightly@directories.timer
+    enabled: yes
+    state: started
+  
+  # TODO: generate SSH keys and ssh_config on host, authorized_keys on target
+  # TODO: initialise repository

templates/borgmatic-nightly@.timer

@@ -0,0 +1,10 @@
+[Unit]
+Description=%j backups for %i
+    
+[Timer]
+Unit=borgmatic@%i.service
+OnCalendar=*-*-* {{ borgmatic_nightly_time }}
+RandomizedDelaySec=15min
+    
+[Install]
+WantedBy=timers.target

templates/directories.yaml

@@ -0,0 +1,16 @@
+location:
+  source_directories:
+{% for directory in borgmatic_source_directories %}
+    - {{ directory }}
+{% endfor %}
+  repositories:
+{% for repository in borgmatic_repositories %}
+    - {{ repository }}
+{% endfor %}
+retention:
+  keep_daily: {{ borgmatic_retention_daily }}
+  keep_weekly: {{ borgmatic_retention_weekly }}
+  keep_monthly: {{ borgmatic_retention_monthly }}
+  keep_yearly: {{ borgmatic_retention_yearly }}
+storage:
+  encryption_passphrase: {{ borgmatic_encryption_passphrase }}