DigDeo Syspass Ansible Lookup
Project description
digdeo-ansible-syspass
Module page: https://pypi.org/project/digdeo-syspass-ansible-lookup/ Documentation: https://www.readthedoc.io/digdeo-syspass-ansible-lookup Bug Tracker: https://gitdev.digdeo.fr/digdeo-projets-floss1/digdeo-syspass-ansible-lookup/issues
##Introduction digdeo-ansible-syspass is a ansible lookup plugin write in python.
That program is a ansible plugin interface it use digdeo-syspass-client to dialog with the syspass API.
It plugin is dedicated to lookup password's from a syspass server.
INSTALLATION:
Normal installation
python3 -m venv venv
. venv/bin/activate
pip install digdeo-syspass-ansible-lookup
Force a Ansible version
python3 -m venv venv
. venv/bin/activate
pip install wheel "ansible == 2.7.13"
pip install digdeo-syspass-ansible-lookup
Force libxml
On Linux (and most other well-behaved operating systems), pip will manage to build the source distribution as long as libxml2 and libxslt are properly installed, including development packages, i.e. header files, etc. See the requirements section above and use your system package management tool to look for packages like libxml2-dev or libxslt-devel. If the build fails, make sure they are installed.
Alternatively, setting STATIC_DEPS=true will download and build both libraries automatically in their latest version, e.g.
STATIC_DEPS=true pip install lxml.
Note that module use digdeo-syspass-client module https://pypi.org/project/digdeo-syspass-client/ Please pay attention about config.yml file.
DISCLAIMER:
This module has been heavily inspired by https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/lookup/password.py for password generation and term handling and thus is under GPL.
lookup: syspass
author: Gousseaud Gaëtan <gousseaud.gaetan.pro@gmail.com>, Pierre-Henry Muller <pierre-henry.muller@digdeo.fr>
short_description: get syspass user password and syspass API client
description:
- This lookup returns the contents from Syspass database, a user's password more specificly. Other functions are also implemented for further use.
ansible_version: ansible 2.6.2 with mitogen
python_version: 2.7.9
syspass_version: 3.0 Beta (300.18082701)
Parameters:
-
chars: (Optional)
Type of chars used during a password generation,
Allowed value:
ascii_letters
,digits
,allowed_punctuation
Default value: ['ascii_letters','digits','allowed_punctuation']
-
psswd_length: (Optional)
password length, during a password generation, that value is automatically clamped from
password_length_min
andpassword_length_max
Default value: 42
-
password: (Optional)
Directly impose a password, it shortcut the password generation
-
hostname: (Optional is set by Ansible)
Require by Ansible, it correspond to Ansible host, you can impose a specific host from here
-
account:
Match with Syspass API Account https://syspass-doc.readthedocs.io/en/3.1/application/api.html#accounts
-
login:
login given to created account
-
category:
Match with Syspass API Categories https://syspass-doc.readthedocs.io/en/3.1/application/api.html#categories
-
customer:
Match with Syspass API Clients https://syspass-doc.readthedocs.io/en/3.1/application/api.html#clients
-
customer_desc: (Optional)
Match with Syspass API Clients creation/description https://syspass-doc.readthedocs.io/en/3.1/application/api.html#clients
-
tags:
Match with Syspass API Tags https://syspass-doc.readthedocs.io/en/3.1/application/api.html#tags
-
url:
url given to created account (Optional)
-
notes:
notes given to created account (Optional)
-
state:
Default Value:
present
Allowed Value:present
orabsent
-
private: self.private,
is this password private for users who have access or public for all users in acl (default false)
-
privategroup: self.privategroup,
is private only for users in same group (default false)
-
expireDate: self.expireDate
expiration date given to created account (Optional)
Allowed Value: Expire date in UNIX timestamp format
notes:
-
Account is only created if exact name has no match.
-
A different field passed to an already existing account wont modify it.
-
Utility of tokenPass: https://github.com/nuxsmin/sysPass/issues/994#issuecomment-409050974
-
Rudimentary list of API accesses (Deprecated): https://github.com/nuxsmin/sysPass/blob/d0056d74a8a2845fb3841b02f4af5eac3e4975ed/lib/SP/Services/Api/ApiService.php#L175
-
Usage of ansible vars: https://github.com/ansible/ansible/issues/33738#issuecomment-350819222
syspass function list: SyspassClient: Account: -AccountSearch -AccountViewpass -AccountCreate -AccountDelete -AccountView Category: -CategorySearch -CategoryCreate -CategoryDelete Client: -ClientSearch -ClientCreate -ClientDelete Tag: -TagCreate -TagSearch -TagDelete UserGroup: - UserGroupCreate - UserGroupSearch - UserGroupDelete Others: -Backup
IN PLAYBOOK
NOTE: Default values are handled
USAGE 1
- name: SysPass | Minimal test | get and if not exist insert
debug:
msg: "{{ lookup('syspass', 'Account Name minimal', login='mylogin', category='MySQL', customer='PREP') }}"
register: pass1
changed_when: false
- name: SysPass | Minimal test | get and compare
debug:
msg: "{{ lookup('syspass', 'Account Name minimal', login='mylogin', category='MySQL', customer='PREP') }}"
register: pass2
changed_when: pass1.msg == pass2.msg
failed_when: pass1.msg != pass2.msg
Authors: Gousseaud Gaëtan gousseaud.gaetan.pro@gmail.com Pierre-Henry Muller pierre-henry.muller@digdeo.fr Jérôme Ornech i.dont.share.my.mail@nothing.fr
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for digdeo-syspass-ansible-lookup-0.2.6.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 62ba74a4758bb1fbf3a6d01d8126b2a141ff55e39a6197eaa84ebc5767dd79df |
|
MD5 | 8db49c838a6ec9e2fac266ec4224aa7e |
|
BLAKE2b-256 | f8d3ffb84b8dbdac698c5a6c78d936abe0f7698d8116f63ebde54dbe62ea69c8 |