roles/borg(repo,server): change default user

Default user for backup has been changed from `backup` to `borg`.

User `backup` is now a system user on Debian testing. After each upgrade
involving related pacakges (pam?) our `backup` user is overwritten by
the Debian system one.

Also the default repositories folder has been changed from
`/home/backup/repos` to `/home/borg/repos`.

To adapt our existing infrastructure, after moving all the repos for all
the servers, some metadata (cache probably) need to be updated.

This update is done automatically when creating a new archvie if we set
the environment variable `BORG_RELOCATED_REPO_ACCESS_IS_OK` to `yes`.

Our backup script has been adapted to set this env variable to `yes`,
then we run a first run of backup on each host, afterwards we changed
the env variable in all backup scripts again to `no`.

roles/borgrepo/tasks/main.yaml

@@ -22,9 +22,9 @@
 
 - name: 'create host repos namespace'
   file:
-    path: '/home/backup/repos/{{ host_fqdn }}'
-    owner: 'backup'
-    group: 'backup'
+    path: '/home/borg/repos/{{ host_fqdn }}'
+    owner: 'borg'
+    group: 'borg'
     mode: '0700'
     state: 'directory'
   delegate_to: '{{ item.ansible_host }}'
@@ -32,9 +32,9 @@
 
 - name: 'authorize host key'
   lineinfile:
-    path: '/home/backup/.ssh/authorized_keys'
-    owner: 'backup'
-    group: 'backup'
+    path: '/home/borg/.ssh/authorized_keys'
+    owner: 'borg'
+    group: 'borg'
     mode: '0600'
     create: yes
     line: >-
@@ -43,7 +43,7 @@
     regexp: '{{ ssh_keypair.comment }}$'
     state: 'present'
   vars:
-    repodir: '/home/backup/repos/{{ host_fqdn }}'
+    repodir: '/home/borg/repos/{{ host_fqdn }}'
   delegate_to: '{{ item.ansible_host }}'
   loop: '{{ borgrepo_servers }}'
 
@@ -61,11 +61,11 @@
 - name: 'initialize repo'
   shell:
     cmd: >
-      borg init -e {{ item[1].encryption }} backup@{{ item[1].ansible_host }}.dmz.{{ domain }}:{{ item[0].key }}
+      borg init -e {{ item[1].encryption }} borg@{{ item[1].ansible_host }}.dmz.{{ domain }}:{{ item[0].key }}
   register: borgrepo_init_cmd
   failed_when:
     - borgrepo_init_cmd.rc != 0
-    - borgrepo_init_cmd.stderr !='A repository already exists at backup@'+item[1].ansible_host+'.dmz.'+domain+':'+item[0].key+'.'
+    - borgrepo_init_cmd.stderr !='A repository already exists at borg@'+item[1].ansible_host+'.dmz.'+domain+':'+item[0].key+'.'
   changed_when: borgrepo_init_cmd.rc == 0
   environment:
     BORG_RSH: 'ssh -i /root/.ssh/id_ed25519_BORG'

roles/borgrepo/templates/backupscript.sh.j2

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-REPO="backup@{{ item[1].ansible_host }}.dmz.{{ domain }}:{{ item[0].key }}"
+REPO="borg@{{ item[1].ansible_host }}.dmz.{{ domain }}:{{ item[0].key }}"
 
 export BORG_RSH="ssh -i /root/.ssh/id_ed25519_BORG"
 export BORG_PASSPHRASE="{{ item[1].encryption_passphrase | d('') }}"
@@ -10,7 +10,7 @@ export BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK="no"
 
 borg --version
 
-borg break-lock backup@{{ item[1].ansible_host }}.dmz.{{ domain }}:{{ item[0].key }}
+borg break-lock borg@{{ item[1].ansible_host }}.dmz.{{ domain }}:{{ item[0].key }}
 
 
 {% for folder in item[0].value.folders|d({})|dict2items %}

roles/borgserver/tasks/main.yaml

@@ -8,39 +8,39 @@
 
 - name: 'create backup group'
   group:
-    name: 'backup'
+    name: 'borg'
     state: 'present'
 
 - name: 'create backup user'
   user:
-    name: 'backup'
+    name: 'borg'
     shell: '/bin/bash'
-    home: '/home/backup'
+    home: '/home/borg'
     createhome: true
-    group: 'backup'
+    group: 'borg'
     state: 'present'
 
 - name: 'create home folder'
   file:
-    path: '/home/backup/repos'
-    owner: 'backup'
-    group: 'backup'
+    path: '/home/borg/repos'
+    owner: 'borg'
+    group: 'borg'
     mode: '0700'
     state: 'directory'
 
 - name: 'create .ssh folder'
   file:
-    path: '/home/backup/repos'
-    owner: 'backup'
-    group: 'backup'
+    path: '/home/borg/repos'
+    owner: 'borg'
+    group: 'borg'
     mode: '0700'
     state: 'directory'
 
 - name: 'create repos folder'
   file:
-    path: '/home/backup/repos'
-    owner: 'backup'
-    group: 'backup'
+    path: '/home/borg/repos'
+    owner: 'borg'
+    group: 'borg'
     mode: '0700'
     state: 'directory'
 ...