Installation and configuration of backup clients and servers

In the ansible 'prod' file, list the host in either the backupclients or the backupservers group.

Make sure that the host is listed under in one of the site groups, f.ex. sto0 or sto4. This is how the backup client knows which backup server to use.

Run ansible manually once. This will install borgbackup and configure most things needed.

ansible-dfri-wrapper

Backup clients still need some manual fiddling to be done once:

pass bup-sshkey | ssh $target "cat > /root/.ssh/bup; chmod 600 /root/.ssh/bup

BORG_RSH="ssh -i /root/.ssh/bup -p 4722"; export BORG_RSH
BORG_REPO="_bup@{{ backup_server }}:/var/db/dfri_bup/{{ inventory_hostname_short }}"; export BORG_REPO

borg init --encryption keyfile

(Yes, "keyfile" in the borg init command is verbatim "keyfile".)

Using an empty passphrase results in the backup key being stored unencrypted under /root/.config/borg/keys/.

Copy the file containing the backup key to your laptop and add it to passdb. The backup key file is found under /root/.config/borg/keys/ and is named after the backup server and the repository name.