Automate setting up SSH credentials between application & backup server

CHANGELOG.md

@@ -41,6 +41,19 @@
 - Added french translation of informant for print certificate flow, issue certificate flow & correction flow
 - In the certificate, the 'Place of Certification' now accurately reflects the correct location.
 
+**Infrastructure**
+
+- Treat backup host identically to other hosts. To migrate:
+
+  1. Move all inventory files (qa.yml, production.yml...) from `infrastructure/server-setup` to `infrastructure/server-setup/inventory`
+  2. Run environment creator for your backup server `yarn environment:init --environment=backup`
+
+- Allow using staging to both period restore of production backup and also for backing up its own data to a different location using `backup_server_remote_target_directory` and `backup_server_remote_source_directory` ansible variables. This use case is mostly meant for OpenCRVS team internal use.
+
+- Automate SSH key exchange between application and backup server. For staging servers, automatically fetch production backup encryption key if periodic restore is enabled
+
+- Improved support for non-22 SSH port
+
 ## [1.4.1](https://github.com/opencrvs/opencrvs-countryconfig/compare/v1.4.0...v1.4.1)
 
 - Improved logging for emails being sent

infrastructure/server-setup/backups.yml

@@ -97,19 +97,6 @@
       tags:
         - backups
 
-    - name: Ensure backup application servers can login to backup server
-      blockinfile:
-        path: '{{ backup_server_user_home }}/.ssh/authorized_keys'
-        block: |
-          {{ lookup('file', '/tmp/docker-manager-first_id_rsa.pub') }}
-        marker: '# {mark} ANSIBLE MANAGED BLOCK docker-manager-first {{ manager_hostname }}'
-        create: yes
-        mode: 0600
-        owner: '{{ external_backup_server_user }}'
-
-      tags:
-        - backups
-
     - name: 'Create backup directory'
       file:
         path: '{{ backup_server_remote_target_directory }}'