Update to 2021-12-01 19:13

roles/backuppc/defaults/main.yml

@@ -0,0 +1,19 @@
+---
+
+# You can choose either 3 or 4
+bpc_major_version: 3
+
+# Auth to access BackupPC. Can be basic, lemonldap, lemonldap2 or none
+bpc_auth: basic
+
+# List of IP address allowed
+bpc_src_ip: []
+
+# Should backuppc be started on boot ?
+# You might want to turn this off if for example you must unlock
+# the device on which you have your backup, and manually start backuppc after that
+bpc_enabled: True
+
+# Should /BackupPC aliases be added on the main vhost ?
+# You might want to, but you can also disable this and grant access only through a dedicated vhost
+bpc_alias_on_main_vhost: True

roles/backuppc/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+
+- include: ../httpd_common/handlers/main.yml
+
+...

roles/backuppc/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - { role: httpd_front }

roles/backuppc/tasks/main.yml

@@ -0,0 +1,53 @@
+---
+
+- name: Install BackupPC 4
+  yum:
+    name:
+      - BackupPC4
+      - fuse-backuppcfs4
+  when: bpc_major_version == 4
+  tags: bpc
+
+- name: Install BackupPC 3
+  yum:
+    name:
+      - BackupPC
+      - fuse-backuppcfs
+  when: bpc_major_version != 4
+  tags: bpc
+
+- name: Install tools
+  yum:
+    name:
+      - rsync
+      - tar
+      - samba-client
+      - openssh-clients
+      - BackupPC-server-scripts
+      - fuse-chunkfs
+  tags: bpc
+
+- name: Deploy httpd conf
+  template: src=httpd.conf.j2 dest=/etc/httpd/ansible_conf.d/40-BackupPC.conf
+  notify: reload httpd
+  tags: bpc
+
+- name: Deploy sudo config
+  template: src=sudoers.j2 dest=/etc/sudoers.d/backuppc mode=0400
+  tags: bpc
+
+- name: Create SSH Key
+  user:
+    name: backuppc
+    generate_ssh_key: yes
+    ssh_key_bits: 4096
+  tags: bpc
+
+- name: Start the service
+  service: name=backuppc state=started
+  when: bpc_enabled
+  tags: bpc
+
+- name: Handle backuppc service status
+  service: name=backuppc enabled={{ bpc_enabled }}
+  tags: bpc

roles/backuppc/templates/httpd.conf.j2

@@ -0,0 +1,25 @@
+<Directory /usr/share/BackupPC/>
+  SSLRequireSSL on
+{% if bpc_auth == "lemonldap" %}
+  PerlHeaderParserHandler Lemonldap::NG::Handler
+{% elif bpc_auth == "lemonldap2" %}
+  PerlHeaderParserHandler Lemonldap::NG::Handler::ApacheMP2
+{% elif bpc_auth == "basic" %}
+  AuthType Basic
+  AuthUserFile /etc/BackupPC/apache.users
+  AuthName "BackupPC"
+  Require valid-user
+{% endif %}
+
+{% if bpc_src_ip | length < 1 %}
+  Require all denied
+{% else %}
+  Require ip {{ bpc_src_ip | join(' ') }}
+{% endif %}
+</Directory>
+
+{% if bpc_auth != False and bpc_auth != 'none' and bpc_alias_on_main_vhost == True %}
+Alias           /BackupPC/images        /usr/share/BackupPC/html/
+ScriptAlias     /BackupPC               /usr/share/BackupPC/sbin/BackupPC_Admin
+ScriptAlias     /backuppc               /usr/share/BackupPC/sbin/BackupPC_Admin
+{% endif %}

roles/backuppc/templates/sudoers.j2

@@ -0,0 +1,3 @@
+Defaults:backuppc !requiretty
+Cmnd_Alias BACKUPPC = /usr/bin/rsync, /bin/tar, /bin/gtar, /usr/local/bin/pre-backup, /usr/local/bin/post-backup, /usr/bin/virt-backup
+backuppc ALL=(root) NOPASSWD: BACKUPPC