verdnatura/vn-ansible
verdnatura
/
vn-ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

main #31

Merged
juan merged 154 commits from main into lab 2024-10-16 15:22:43 +00:00
Conversation 0 Commits 154 Files Changed 289 +5 -17
6 changed files with 5 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit fed934b5db - Show all commits

2
inventories/group_vars/all.yml
View File

@ -21,4 +21,4 @@ awx_pub_key: >
ssh-ed25519 ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIKzAwWm+IsqZCgMzjdZ7Do3xWtVtoUCpWJpH7KSi2a/H AAAAC3NzaC1lZDI1NTE5AAAAIKzAwWm+IsqZCgMzjdZ7Do3xWtVtoUCpWJpH7KSi2a/H
awx@verdnatura.es awx@verdnatura.es
pb_folder: e0d517be-6783-4b97-9742-acaa9b09742f passbolt_folder: e0d517be-6783-4b97-9742-acaa9b09742f

1
inventories/lab
View File

@ -1,6 +1,5 @@
[all:vars] [all:vars]
host_domain=lab.verdnatura.es host_domain=lab.verdnatura.es
pb_servers_folder=7007ba58-99a5-44f9-8808-8160137ce232
[cephlab] [cephlab]
cephlab[01:03] cephlab[01:03]

1
inventories/servers
View File

@ -1,6 +1,5 @@
[all:vars] [all:vars]
host_domain=servers.dc.verdnatura.es host_domain=servers.dc.verdnatura.es
pb_servers_folder=fe08b909-ee3c-4257-b0b4-e088b16ca379
[kube_master] [kube_master]
kube-master[1:5] kube-master[1:5]

11
playbooks/passbolt.yml
View File

@ -3,16 +3,9 @@
gather_facts: no gather_facts: no
tasks: tasks:
- debug: - debug:
msg: > msg: "{{ lookup(passbolt, 'test', password=passbolt_password) }}"
{{
lookup(passbolt, 'test',
username='root',
password=pb_password,
folder_parent_id=pb_folder
)
}}
vars: vars:
pb_password: 'S3cR3tP4$$w0rd' passbolt_password: 'S3cR3tP4$$w0rd'
environment: environment:
PASSBOLT_CREATE_NEW_RESOURCE: true PASSBOLT_CREATE_NEW_RESOURCE: true
PASSBOLT_NEW_RESOURCE_PASSWORD_LENGTH: 18 PASSBOLT_NEW_RESOURCE_PASSWORD_LENGTH: 18

2
roles/debian-guest/templates/nslcd.conf
View File

@ -8,7 +8,7 @@ idle_timelimit 60
base {{ ldap_base }} base {{ ldap_base }}
binddn cn=nss,ou=admins,{{ ldap_base }} binddn cn=nss,ou=admins,{{ ldap_base }}
bindpw {{ lookup(passbolt, 'nslcd', folder_parent_id=pb_folder).password }} bindpw {{ lookup(passbolt, 'nslcd', folder_parent_id=passbolt_folder).password }}
pagesize 500 pagesize 500
filter group (&(objectClass=posixGroup)(cn={{ sysadmin_group }})) filter group (&(objectClass=posixGroup)(cn={{ sysadmin_group }}))

5
roles/debian-once/tasks/root.yml
View File

@ -9,13 +9,11 @@
lookup(passbolt, inventory_hostname_short, lookup(passbolt, inventory_hostname_short,
username='root', username='root',
password=root_password, password=root_password,
uri='ssh://'+hostname_fqdn, uri='ssh://'+hostname_fqdn
folder_parent_id=pb_servers_folder
) )
}} }}
environment: environment:
PASSBOLT_CREATE_NEW_RESOURCE: true PASSBOLT_CREATE_NEW_RESOURCE: true
when: pb_folder is defined
- name: Save the root password to file - name: Save the root password to file
copy: copy:
content: "{{ root_password }}\n" content: "{{ root_password }}\n"
@ -23,7 +21,6 @@
owner: root owner: root
group: root group: root
mode: '0600' mode: '0600'
when: pb_folder is not defined
- name: Change root password - name: Change root password
user: user:
name: root name: root