diff --git a/inventories/group_vars/all.yml b/inventories/group_vars/all.yml index c3a7d52..f98b825 100644 --- a/inventories/group_vars/all.yml +++ b/inventories/group_vars/all.yml @@ -21,4 +21,4 @@ awx_pub_key: > ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKzAwWm+IsqZCgMzjdZ7Do3xWtVtoUCpWJpH7KSi2a/H awx@verdnatura.es -pb_folder: e0d517be-6783-4b97-9742-acaa9b09742f +passbolt_folder: e0d517be-6783-4b97-9742-acaa9b09742f diff --git a/inventories/lab b/inventories/lab index df9bc90..1bcf480 100644 --- a/inventories/lab +++ b/inventories/lab @@ -1,6 +1,5 @@ [all:vars] host_domain=lab.verdnatura.es -pb_servers_folder=7007ba58-99a5-44f9-8808-8160137ce232 [cephlab] cephlab[01:03] diff --git a/inventories/servers b/inventories/servers index 83642c0..c8fe2ad 100644 --- a/inventories/servers +++ b/inventories/servers @@ -1,6 +1,5 @@ [all:vars] host_domain=servers.dc.verdnatura.es -pb_servers_folder=fe08b909-ee3c-4257-b0b4-e088b16ca379 [kube_master] kube-master[1:5] diff --git a/playbooks/passbolt.yml b/playbooks/passbolt.yml index 0c5e72b..146a2b5 100644 --- a/playbooks/passbolt.yml +++ b/playbooks/passbolt.yml @@ -3,16 +3,9 @@ gather_facts: no tasks: - debug: - msg: > - {{ - lookup(passbolt, 'test', - username='root', - password=pb_password, - folder_parent_id=pb_folder - ) - }} + msg: "{{ lookup(passbolt, 'test', password=passbolt_password) }}" vars: - pb_password: 'S3cR3tP4$$w0rd' + passbolt_password: 'S3cR3tP4$$w0rd' environment: PASSBOLT_CREATE_NEW_RESOURCE: true PASSBOLT_NEW_RESOURCE_PASSWORD_LENGTH: 18 diff --git a/roles/debian-guest/templates/nslcd.conf b/roles/debian-guest/templates/nslcd.conf index 3f635fe..aeb7aa4 100644 --- a/roles/debian-guest/templates/nslcd.conf +++ b/roles/debian-guest/templates/nslcd.conf @@ -8,7 +8,7 @@ idle_timelimit 60 base {{ ldap_base }} binddn cn=nss,ou=admins,{{ ldap_base }} -bindpw {{ lookup(passbolt, 'nslcd', folder_parent_id=pb_folder).password }} +bindpw {{ lookup(passbolt, 'nslcd', folder_parent_id=passbolt_folder).password }} pagesize 500 filter group (&(objectClass=posixGroup)(cn={{ sysadmin_group }})) diff --git a/roles/debian-once/tasks/root.yml b/roles/debian-once/tasks/root.yml index 469d112..0d93b92 100644 --- a/roles/debian-once/tasks/root.yml +++ b/roles/debian-once/tasks/root.yml @@ -9,13 +9,11 @@ lookup(passbolt, inventory_hostname_short, username='root', password=root_password, - uri='ssh://'+hostname_fqdn, - folder_parent_id=pb_servers_folder + uri='ssh://'+hostname_fqdn ) }} environment: PASSBOLT_CREATE_NEW_RESOURCE: true - when: pb_folder is defined - name: Save the root password to file copy: content: "{{ root_password }}\n" @@ -23,7 +21,6 @@ owner: root group: root mode: '0600' - when: pb_folder is not defined - name: Change root password user: name: root