Skip to content

daniel-lynch/daniel_lynch.passbolt

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

60 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CI

Readme

Ansible Collection to allow Passbolt managment from Ansible.

Requirements

Python3.6+ https://www.python.org/downloads/

GnuPG https://gnupg.org/download/index.html

My Python library for passbolt API pip install git+https://github.com/daniel-lynch/py-passbolt

Install:

ansible-galaxy collection install daniel_lynch.passbolt

Examples

Get Password. Docs

---
- hosts: localhost
  vars:
    passbolt_uri: https://passbolt.djlynch.us
    gpgkey: "{{ lookup('file', 'key.asc') }}"
    passphrase: Password
  tasks:
    - debug:
        msg: "{{ lookup('daniel_lynch.passbolt.get_password', 'Testing', gpgkey=gpgkey, passphrase=passphrase, passbolt_uri=passbolt_uri) }}"

Get Password using fingerprint.

#import your private key
gpg --import private.key
# Show fingerprint and use it in the playbook
gpg --fingerprint
---
- hosts: localhost
  connection: local #with connection local the gpg agent will ask you your private key 
  vars:
    passbolt_uri: https://passbolt.djlynch.us
    fingerprint: "BD12345678F2B05FE32FA07570848FF92005EABC"
  tasks:
    - debug:
        msg: "{{ lookup('daniel_lynch.passbolt.get_password', 'Testing', fingerprint=fingerprint, passbolt_uri=passbolt_uri) }}"

Create User. Docs

---
- hosts: localhost
  tasks:
    - name: Create User
      daniel_lynch.passbolt.create_user:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        username: "[email protected]"
        firstname: "Test"
        lastname: "Ing"
        admin: True

Update User. Docs

---
- hosts: localhost
  tasks:
    - name: Update User
      daniel_lynch.passbolt.update_user:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        username: "[email protected]"
        firstname: "Test"
        lastname: "Ing"
        admin: True

Delete User. Docs

---
- hosts: localhost
  tasks:
    - name: Delete User
      daniel_lynch.passbolt.delete_user:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        username: "[email protected]"

Create Group. Docs

---
- hosts: localhost
  tasks:
    - name: Create Group
      daniel_lynch.passbolt.create_group:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        name: "Test"
        admins:
        - "{{ admin }}"
        users:
        - "{{ user }}"

Update Group. Docs

---
- hosts: localhost
  tasks:
    - name: Update Group
      daniel_lynch.passbolt.update_group:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        name: "Test"
        admins:
        - "{{ admin2 }}"
        users:
        - "{{ user2 }}"

Delete Group. Docs

---
- hosts: localhost
  tasks:
    - name: Delete Group
      daniel_lynch.passbolt.delete_group:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        name: "Test"

Create Password. Docs

---
- hosts: localhost
  tasks:
    - name: Create Password
      daniel_lynch.passbolt.create_password:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        name: "Testing"
        password: "password"
        username: "Test"
        uri: "test.com"
        description: "This is a description"

Update Password. Docs

---
- hosts: localhost
  tasks:
    - name: Update Password
      daniel_lynch.passbolt.update_password:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        name: "Testing"
        password: "password"
        username: "Test"
        newname: "Testing2"
        newusername: "Test2"
        uri: "test2.com"
        description: "This is a description2"

Share Password. Docs

---
- hosts: localhost
  tasks:
    - name: Share Password
      daniel_lynch.passbolt.share_password:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        name: "Testing"
        users:
        - "{{ admin2 }}"
        groups:
        - Users
        permission: Read
        username: "Test"

Delete Password. Docs

---
- hosts: localhost
  tasks:
    - name: Delete Password
      daniel_lynch.passbolt.delete_password:
        passbolt_uri: "{{ passbolt_uri }}"
        gpgkey: "{{ gpgkey }}"
        passphrase: "{{ passphrase }}"
        name: "Testing"
        username: "Test"

Considerations

Use ansible-vault to encrypt passphrase and GPG key https://docs.ansible.com/ansible/2.8/user_guide/playbooks_vault.html#single-encrypted-variable