restic: fix missing backup server fingerprint

Signed-off-by: bic <bicno@autistici.org>

roles/stable/restic/defaults/main.yml

@@ -33,5 +33,6 @@ restic_password: "{{lookup('community.general.passwordstore', '{{passwordstore_p
 restic_repository_name: "{{ansible_hostname | default('restic') }}"
 restic_ssh_private_key: "{{lookup('community.general.passwordstore', '{{passwordstore_path}}/restic/ssh_private returnall=true')}}"
 restic_ssh_hostname: "{{lookup('community.general.passwordstore', '{{passwordstore_path}}/restic/ssh_hostname')}}"
+restic_ssh_host_fingerprint: "{{lookup('community.general.passwordstore', '{{passwordstore_path}}/restic/ssh_host_fingerprint')}}"
 restic_ssh_user: "{{lookup('community.general.passwordstore', '{{passwordstore_path}}/restic/ssh_user')}}"
 restic_ssh_port: "{{lookup('community.general.passwordstore', '{{passwordstore_path}}/restic/ssh_port') | default(22)}}"

roles/stable/restic/tasks/main.yml

@@ -26,6 +26,14 @@
     mode: '0600'
   when: restic_ssh_private_key is defined and restic_ssh_enabled
 
+- name: Add backup server host fingerprint
+  become: yes
+  known_hosts:
+    name: '[{{ restic_ssh_hostname }}]:{{ restic_ssh_port }}'
+    key: '{{ restic_ssh_host_fingerprint }}'
+    path: '{{ restic_user_home }}/.ssh/known_hosts'
+    state: present
+
 - name: Add restic_env in home folder
   become: yes
   template: