---
- name: Install packages
  ansible.builtin.package:
    name: rclone
    state: installed

- name: Create config directory
  ansible.builtin.file:
    path: /etc/rclone
    state: directory
    mode: "0770"
    owner: root
    group: backup

- name: Create host config
  ansible.builtin.template:
    dest: /etc/rclone/rclone.conf
    src: rclone.conf.j2
    mode: "0640"
    owner: root
    group: backup

- name: Create ssh keys
  ansible.builtin.command:
    argv:
      - ssh-keygen
      - -t
      - ed25519
      - -C
      - "backup@{{ inventory_hostname }}"
      - -N
      - ""
      - -f
      - /etc/rclone/id_ed25519
    creates: /etc/rclone/id_ed25519

- name: Fix ssh key permissions
  ansible.builtin.file:
    path: "{{ item }}"
    owner: root
    group: backup
    mode: "0640"
  with_items:
    - /etc/rclone/id_ed25519
    - /etc/rclone/id_ed25519.pub

- name: Fetch ssh public key
  ansible.builtin.fetch:
    src: /etc/rclone/id_ed25519.pub
    dest: ../files/ssh/backup.pub
    flat: true

- name: Create log directory
  ansible.builtin.file:
    path: /var/log/rclone
    state: directory
    mode: "0750"
    owner: backup
    group: backup

- name: Create backup directories
  ansible.builtin.file:
    path: "/srv/backup/{{ item }}"
    state: directory
    mode: "0770"
    owner: root
    group: backup
  with_items: "{{ groups['sftpbackup'] }}"

- name: Copy rclone sync script
  ansible.builtin.copy:
    dest: /usr/local/bin/rclone-sync
    src: rclone-sync.sh
    mode: "0755"
    owner: root
    group: "{{ ansible_wheel }}"

- name: Redirect cron job mail
  ansible.builtin.cron:
    name: MAILTO
    env: true
    user: backup
    value: root

- name: Add rclone sync cron job
  ansible.builtin.cron:
    name: rclone-sync
    user: backup
    hour: "3"
    minute: "00"
    job: /usr/local/bin/rclone-sync