---
- name: Deploy Restic SSH key
  ansible.builtin.copy:
    src: "{{ restic_local_key_path }}"
    dest: "{{ restic_ssh_key }}"
    owner: root
    group: root
    mode: '0600'

- name: Ensure restic repo directory exists on Storage Box
  ansible.builtin.shell: |
    ssh -i {{ restic_ssh_key }} -o BatchMode=yes -o StrictHostKeyChecking=no -p {{ restic_ssh_port }} {{ restic_user }}@{{ restic_host }} \
    "mkdir -p {{ restic_remote_path }} && chmod 700 {{ restic_remote_path }}" < /dev/null
  changed_when: false

- name: Write the ssh config for the root user
  # TODO: this replaces roots config and should be much smarter, safe for me currently
  template:
    src: restic-ssh-config.j2
    dest: /root/.ssh/config
    mode: "0644"

- name: Initialize restic repo on Storage Box (if needed)
  ansible.builtin.shell: |
    source /etc/restic/restic.env
    restic snapshots > /dev/null 2>&1 || restic init
    touch /etc/restic/.initialized
  args:
    creates: /etc/restic/.initialized