From 682da1f461967419075b217a777aadcae6b68990 Mon Sep 17 00:00:00 2001
From: staffadmin <stephane.gratiasquiquandon@gmail.com>
Date: Tue, 11 Nov 2025 20:04:49 +0100
Subject: [PATCH] [test last]

---
 backup.yml | 107 +++++++++++++++++++++++++++++++----------------------
 1 file changed, 62 insertions(+), 45 deletions(-)

diff --git a/backup.yml b/backup.yml
index d7f7a2d..f2c94e8 100644
--- a/backup.yml
+++ b/backup.yml
@@ -28,20 +28,21 @@
 ###! DOCKER COMPOSE FILE
 ############
 
+# curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
 # apk add --no-cache rust
-# pip install bitwarden-sdk
+# pip install bitwarden-sdk / cargo 
 
 # export BWS_ACCESS_TOKEN=<ACCESS_TOKEN_VALUE>
 # database_password: "{{ lookup('bitwarden.secrets.lookup', '<SECRET_ID>') }}" 
 
-#! ants - gouv
-    - debug:
-        msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}" 
-      delegate_to: localhost
-      environment:
-        BW_CLIENTID: "{{ bw_client_id }}"
-        BWS_ACCESS_TOKEN: "{{ bw_client_secret }}"
-        BW_PASSWORD: "{{ bw_client_password }}"
+# #! ants - gouv
+#     - debug:
+#         msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}" 
+#       delegate_to: localhost
+#       environment:
+#         BW_CLIENTID: "{{ bw_client_id }}"
+#         BWS_ACCESS_TOKEN: "{{ bw_client_secret }}"
+#         BW_PASSWORD: "{{ bw_client_password }}"
 # #! fin test
     # - name: Check if bw is installed
     #   command: which bw
@@ -50,22 +51,23 @@
     #   delegate_to: localhost
     #   changed_when: false
 
-    - name: Install Bitwarden CLI
-      ansible.builtin.command:
-        cmd: "{{ item }}"
-      delegate_to: localhost
-      loop: 
-        - apk add --no-cache nodejs npm
-        - npm install -g @bitwarden/cli 
 
-    - ansible.builtin.command:
-        cmd: bw logout
-      delegate_to: localhost
-      ignore_errors: true
+#! script
+    # - name: Install Bitwarden CLI
+    #   ansible.builtin.command:
+    #     cmd: "{{ item }}"
+    #   delegate_to: localhost
+    #   loop: 
+    #     - apk add --no-cache nodejs npm
+    #     - npm install -g @bitwarden/cli 
+
+    # - ansible.builtin.command:
+    #     cmd: bw logout
+    #   delegate_to: localhost
+    #   ignore_errors: true
 
     - name: bitwarden token session 
-      ansible.builtin.command:
-        shell: "{{ item }}"
+      ansible.builtin.shell: "{{ item }}"
       environment:
         BW_CLIENTID: "{{ bw_client_id }}"
         BW_CLIENTSECRET: "{{ bw_client_secret }}"
@@ -77,38 +79,53 @@
       delegate_to: localhost
       register: bw_session_result
 
-    - name: Return all secrets from a path
-      ansible.builtin.debug: "{{ bw_session_result }}"
-
-    - name: Set BW_SESSION as environment variable globally
-      ansible.builtin.set_fact:
-        bw_session: "{{ bw_session_result.results[-1].stdout | trim }}"
+    - name: Get secret from Bitwarden
+      command:
+        argv:
+          - bw
+          - get
+          - password
+          - "Token full access gitea"
+          - --session
+          - "{{ bw_session }}"
+      delegate_to: localhost
+      register: gitea_token_result
       no_log: true
+      changed_when: false
 
-    - name: bitwarden token session 
-      ansible.builtin.command:
-        shell: bw unlock --passwordenv BW_PASSWORD --raw
-      environment:
-        BW_CLIENTID: "{{ bw_client_id }}"
-        BW_CLIENTSECRET: "{{ bw_client_secret }}"
-        BW_PASSWORD: "{{ bw_client_password }}"
+    - name: Return all secrets from a path
+      ansible.builtin.debug: "{{ gitea_token_result }}"
       delegate_to: localhost
 
-    - name: Utiliser le lookup
-      ansible.builtin.debug:
-        msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password',  bw_session='{{ bw_session }}') }}"
-      environment:
-        BW_SESSION: "{{ bw_session }}"
-      delegate_to: localhost
-
-    # - name: Return all secrets from a path
-    #   ansible.builtin.debug: "{{ bw_session }}"
-
     - name: logout 
       ansible.builtin.command:
         cmd: bw logout
       delegate_to: localhost
 
+    # - name: Set BW_SESSION as environment variable globally
+    #   ansible.builtin.set_fact:
+    #     bw_session: "{{ bw_session_result.results[-1].stdout | trim }}"
+    #   no_log: true
+
+    # - name: bitwarden token session 
+    #   ansible.builtin.command:
+    #     shell: bw unlock --passwordenv BW_PASSWORD --raw
+    #   environment:
+    #     BW_CLIENTID: "{{ bw_client_id }}"
+    #     BW_CLIENTSECRET: "{{ bw_client_secret }}"
+    #     BW_PASSWORD: "{{ bw_client_password }}"
+    #   delegate_to: localhost
+
+    # - name: Utiliser le lookup
+    #   ansible.builtin.debug:
+    #     msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password',  bw_session='{{ bw_session }}') }}"
+    #   environment:
+    #     BW_SESSION: "{{ bw_session }}"
+    #   delegate_to: localhost
+
+    # # - name: Return all secrets from a path
+    # #   ansible.builtin.debug: "{{ bw_session }}"
+
     # - name: Return all secrets from a path
     #   delegate_to: localhost
     #   ansible.builtin.debug: