---
  - name: install restic-packages
    become: yes
    ansible.builtin.package:
      name:
        - restic
        - logrotate
        - cifs-utils
      state: present

  - name: create /etc/restic
    become: yes
    ansible.builtin.file:
      path: /etc/restic
      state: directory

  - name: create restic mount-directory
    become: yes
    ansible.builtin.file:
      path: "{{ restic_mount }}"
      state: directory
      owner: root
      group: root
      mode: 0777

  - name: copy smb_password.txt
    become: yes
    ansible.builtin.template:
      src: "smb_password.txt"
      dest: "/etc/restic/smb_password.txt"
      owner: root
      group: root
      mode: 0700

  - name: copy restic_backup.sh
    become: yes
    ansible.builtin.template:
      src: "restic_backup.sh"
      dest: "/usr/local/bin/restic_backup.sh"
      mode: a+x

  - name: create exclude.txt
    become: yes
    ansible.builtin.blockinfile:
      path: "/etc/restic/exclude.txt"
      create: yes
      block: "{{ restic_exclude }}"
      mode: 0644

  - name: copy password.txt
    become: yes
    ansible.builtin.template:
      src: "password.txt"
      dest: "/etc/restic/password.txt"
      owner: root
      group: root
      mode: 0700

  - name: create restic cronjob
    become: yes
    ansible.builtin.cron:
      name: restic
      state: present
      job: "/usr/local/bin/restic_backup.sh"
      minute: "{{ 59|random(seed=inventory_hostname) }}"
      hour: "{{ restic_cron_hours }}"
      # siehe: https://stackoverflow.com/questions/33379378/idempotence-and-random-variables-in-ansible

  - name: Create restic log
    become: true
    ansible.builtin.file:
      path: /var/log/restic.log
      state: touch
      owner: root
      group: root
      mode: 0644
      access_time: preserve
      modification_time: preserve

  - name: copy logrotate config
    become: yes
    ansible.builtin.template:
      src: logrotate_restic
      dest: /etc/logrotate.d/restic
      owner: root
      group: root
      mode: 0644