From 7a104bc938003fa1e2bd9ee4d409cc5388695a6f Mon Sep 17 00:00:00 2001 From: staffadmin Date: Tue, 11 Nov 2025 20:21:57 +0100 Subject: [PATCH] [test last] --- backup.yml | 80 ++++++++++++++++-------------------------------------- 1 file changed, 23 insertions(+), 57 deletions(-) diff --git a/backup.yml b/backup.yml index ee3ab0f..c0504db 100644 --- a/backup.yml +++ b/backup.yml @@ -9,6 +9,7 @@ bw_client_secret: "{{ lookup('env', 'bw_client_secret') }}" bw_client_password: "{{ lookup('env', 'bw_client_password') }}" bw_client_id: "{{ lookup('env', 'bw_client_id') }}" + bw_requested_password_id: cc0c7222-858d-44be-86ab-e0534b6f34a9 dockerapps_path: /opt/dockerapps gitea_conf: /appdata/gitea/gitea/ gitea_db: /appdata/gitea/gitea-db/gitea-db-pg.sql @@ -35,23 +36,6 @@ # export BWS_ACCESS_TOKEN= # database_password: "{{ lookup('bitwarden.secrets.lookup', '') }}" -# #! ants - gouv -# - debug: -# msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}" -# delegate_to: localhost -# environment: -# BW_CLIENTID: "{{ bw_client_id }}" -# BWS_ACCESS_TOKEN: "{{ bw_client_secret }}" -# BW_PASSWORD: "{{ bw_client_password }}" -# #! fin test - # - name: Check if bw is installed - # command: which bw - # register: bw_check - # ignore_errors: yes - # delegate_to: localhost - # changed_when: false - - #! script # - name: Install Bitwarden CLI # ansible.builtin.command: @@ -79,18 +63,13 @@ delegate_to: localhost register: bw_session_result - - name: Return all secrets from a path - ansible.builtin.debug: - msg: "{{ bw_session_result }}" - delegate_to: localhost - - name: Get secret from Bitwarden command: argv: - bw - get - password - - "cc0c7222-858d-44be-86ab-e0534b6f34a9" + - "{{ bw_requested_password_id }}" - --session - "{{ bw_session_result.results[-1].stdout | trim }}" delegate_to: localhost @@ -98,44 +77,26 @@ no_log: true changed_when: false + # - name: Return all secrets from a path + # ansible.builtin.debug: + # msg: "{{ gitea_token_result.stdout }}" + # delegate_to: localhost + + - name: Set BW_SESSION as environment variable globally + ansible.builtin.set_fact: + gitea_token : "{{ gitea_token_result.stdout | trim }}" + no_log: true + delegate_to: localhost + + - name: Return all secrets from a path ansible.builtin.debug: - msg: "{{ gitea_token_result }}" - delegate_to: localhost + msg: hostvars['localhost'] - - name: logout - ansible.builtin.command: - cmd: bw logout - delegate_to: localhost + - name: Return all secrets from a path + ansible.builtin.debug: + msg: "{{ gitea_token }}" - # - name: Set BW_SESSION as environment variable globally - # ansible.builtin.set_fact: - # bw_session: "{{ bw_session_result.results[-1].stdout | trim }}" - # no_log: true - - # - name: bitwarden token session - # ansible.builtin.command: - # shell: bw unlock --passwordenv BW_PASSWORD --raw - # environment: - # BW_CLIENTID: "{{ bw_client_id }}" - # BW_CLIENTSECRET: "{{ bw_client_secret }}" - # BW_PASSWORD: "{{ bw_client_password }}" - # delegate_to: localhost - - # - name: Utiliser le lookup - # ansible.builtin.debug: - # msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password', bw_session='{{ bw_session }}') }}" - # environment: - # BW_SESSION: "{{ bw_session }}" - # delegate_to: localhost - - # # - name: Return all secrets from a path - # # ansible.builtin.debug: "{{ bw_session }}" - - # - name: Return all secrets from a path - # delegate_to: localhost - # ansible.builtin.debug: - # msg: "{{ lookup('community.hashi_vault.hashi_vault', 'secret=apps/data/postgres token=prout url=https://hash.jingoh.fr') }}" # - ansible.builtin.git: # repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/{{ user }}/backup.git @@ -291,3 +252,8 @@ # become: true + + - name: logout bw + ansible.builtin.command: + cmd: bw logout + delegate_to: localhost \ No newline at end of file