DigDeo Syspass Ansible Lookup
Project description
dd-ansible-syspass
INSTALLATION:
Module page: https://pypi.org/project/digdeo-syspass-ansible-lookup/
Normal installation
python3 -m venv venv
. venv/bin/activate
pip install digdeo-syspass-ansible-lookup
Force a Ansible version
python3 -m venv venv
. venv/bin/activate
pip install wheel "ansible == 2.7.13"
pip install digdeo-syspass-ansible-lookup
Force libxml
On Linux (and most other well-behaved operating systems), pip will manage to build the source distribution as long as libxml2 and libxslt are properly installed, including development packages, i.e. header files, etc. See the requirements section above and use your system package management tool to look for packages like libxml2-dev or libxslt-devel. If the build fails, make sure they are installed.
Alternatively, setting STATIC_DEPS=true will download and build both libraries automatically in their latest version, e.g.
STATIC_DEPS=true pip install lxml.
Note that module use digdeo-syspass-client module https://pypi.org/project/digdeo-syspass-client/ Please pay attention about config.yml file.
DISCLAIMER:
This module has been heavily inspired by https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/lookup/password.py for password generation and term handling and thus is under GPL.
lookup: syspass
author: Gousseaud Gaëtan <gousseaud.gaetan.pro@gmail.com>, Pierre-Henry Muller <pierre-henry.muller@digdeo.fr>
short_description: get syspass user password and syspass API client
description:
- This lookup returns the contents from Syspass database, a user's password more specificly. Other functions are also implemented for further use.
ansible_version: ansible 2.6.2 with mitogen
python_version: 2.7.9
syspass_version: 3.0 Beta (300.18082701)
params:
- term: the account name (required and must be unique)
- login: login given to created account
- category: category given to created account
- customer: client given to created account
- state: like in Ansible absent to remove the password, present in default to create (Optional)
- pass_length: generated password length (Optional)
- chars: type of chars used in generated (Optional)
- url: url given to created account (Optional)
- notes: notes given to created account (Optional)
- private: is this password private for users who have access or public for all users in acl (default false)
- privategroup: is private only for users in same group (default false)
- expirationDate: expiration date given to created account (Optional) and not tested (no entry in webui)
notes:
-
Account is only created if exact name has no match.
-
A different field passed to an already existing account wont modify it.
-
Utility of tokenPass: https://github.com/nuxsmin/sysPass/issues/994#issuecomment-409050974
-
Rudimentary list of API accesses (Deprecated): https://github.com/nuxsmin/sysPass/blob/d0056d74a8a2845fb3841b02f4af5eac3e4975ed/lib/SP/Services/Api/ApiService.php#L175
-
Usage of ansible vars: https://github.com/ansible/ansible/issues/33738#issuecomment-350819222
syspass function list: SyspassClient: Account: -AccountSearch -AccountViewpass -AccountCreate -AccountDelete -AccountView Category: -CategorySearch -CategoryCreate -CategoryDelete Client: -ClientSearch -ClientCreate -ClientDelete Tag: -TagCreate -TagSearch -TagDelete UserGroup: - UserGroupCreate - UserGroupSearch - UserGroupDelete Others: -Backup
IN HOST VARS
syspass_API_URL: http://syspass-server.net/api.php
syspass_API_KEY: 'API_KEY' #Found in Users & Accesses -> API AUTHORIZATION -> User token
syspass_API_ACC_TOKPWD: Password for API_KEY for Account create / view / delete password account permission in API
syspass_default_length: number of chars in password
IN PLAYBOOK
NOTE: Default values are handled
USAGE 1
- name: Minimum declaration to get / create password
local_action: debug msg="{{ lookup('syspass', 'Server 1 test account', login=test, category='MySQL', customer='Customer 1') }}"
- name: All details for password declaration
local_action: debug msg="{{ lookup('syspass', 'Server 1 test account', login=test, category='MySQL', customer='Customer 1',
url='https://exemp.le', notes='Additionnal infos', private=True, privategroupe=True) }}"
- name: Minimum declaration to delete password
local_action: debug msg="{{ lookup('syspass', 'Server 1 test account', state=absent) }}"
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for digdeo-syspass-ansible-lookup-0.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | b21379952f7e2e45b6a4294e6af1861e74ac5c74a171c010855cb71fec4a0a10 |
|
MD5 | c7e901e07a715e8abe94dc301d925b26 |
|
BLAKE2b-256 | 0dc05f642a1bc5daa21199c21c7f061ecbc117c2c984f6c49d488b3d3a018dc1 |