---
- name: Ensure host distribution is supported
  ansible.builtin.import_role:
    name: compatcheck
  vars:
    compatcheck_supported_distributions:
      - name: debian
        version_min: 11
      - name: ubuntu
        version_min: 22

- name: Install borgmatic
  ansible.builtin.apt:
    name: borgmatic
  register: _borgmatic_install

- name: Disable borgmatic global timer
  ansible.builtin.systemd_service:
    name: borgmatic.timer
    state: stopped
    enabled: false
  when: "not (ansible_check_mode and _borgmatic_install.changed)"

- name: Add systemd drop-in service for borgmatic
  ansible.builtin.template:
    src: borgmatic@.service.j2
    dest: /etc/systemd/system/borgmatic@.service
    mode: "0644"

- name: Create borgmatic configurations directory
  ansible.builtin.file:
    path: /etc/borgmatic.d
    state: directory
    mode: "0755"

- name: Generate ssh key for borg
  community.crypto.openssh_keypair:
    type: ed25519
    path: "{{ ansible_user_dir }}/.ssh/id_ed25519_borg"
    comment: "{{ ansible_user_id }}@{{ ansible_fqdn }} borg"
  register: _borgmatic_key

- name: Setup backup targets
  ansible.builtin.include_tasks:
    file: target.yaml
    apply:
      delegate_to: "{{ target.host }}"
      become: false
  loop: "{{ borgmatic_targets }}"
  loop_control:
    loop_var: target

- name: Add borg target ssh host keys to known hosts
  ansible.builtin.known_hosts:
    name: "{{ item }}"
    key: "{{ item }} ssh-ed25519 {{ hostvars[item].ansible_ssh_host_key_ed25519_public }}"
  loop: "{{ borgmatic_targets | map(attribute='host') }}"