Ansible Collection to allow Passbolt managment from Ansible.
Python3.6+ https://www.python.org/downloads/
GnuPG https://gnupg.org/download/index.html
My Python library for passbolt API pip install git+https://github.com/daniel-lynch/py-passbolt
ansible-galaxy collection install daniel_lynch.passbolt
Get Password. Docs
---
- hosts: localhost
vars:
passbolt_uri: https://passbolt.djlynch.us
gpgkey: "{{ lookup('file', 'key.asc') }}"
passphrase: Password
tasks:
- debug:
msg: "{{ lookup('daniel_lynch.passbolt.get_password', 'Testing', gpgkey=gpgkey, passphrase=passphrase, passbolt_uri=passbolt_uri) }}"
#import your private key
gpg --import private.key
# Show fingerprint and use it in the playbook
gpg --fingerprint
---
- hosts: localhost
connection: local #with connection local the gpg agent will ask you your private key
vars:
passbolt_uri: https://passbolt.djlynch.us
fingerprint: "BD12345678F2B05FE32FA07570848FF92005EABC"
tasks:
- debug:
msg: "{{ lookup('daniel_lynch.passbolt.get_password', 'Testing', fingerprint=fingerprint, passbolt_uri=passbolt_uri) }}"
Create User. Docs
---
- hosts: localhost
tasks:
- name: Create User
daniel_lynch.passbolt.create_user:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
username: "[email protected]"
firstname: "Test"
lastname: "Ing"
admin: True
Update User. Docs
---
- hosts: localhost
tasks:
- name: Update User
daniel_lynch.passbolt.update_user:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
username: "[email protected]"
firstname: "Test"
lastname: "Ing"
admin: True
Delete User. Docs
---
- hosts: localhost
tasks:
- name: Delete User
daniel_lynch.passbolt.delete_user:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
username: "[email protected]"
Create Group. Docs
---
- hosts: localhost
tasks:
- name: Create Group
daniel_lynch.passbolt.create_group:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
name: "Test"
admins:
- "{{ admin }}"
users:
- "{{ user }}"
Update Group. Docs
---
- hosts: localhost
tasks:
- name: Update Group
daniel_lynch.passbolt.update_group:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
name: "Test"
admins:
- "{{ admin2 }}"
users:
- "{{ user2 }}"
Delete Group. Docs
---
- hosts: localhost
tasks:
- name: Delete Group
daniel_lynch.passbolt.delete_group:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
name: "Test"
Create Password. Docs
---
- hosts: localhost
tasks:
- name: Create Password
daniel_lynch.passbolt.create_password:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
name: "Testing"
password: "password"
username: "Test"
uri: "test.com"
description: "This is a description"
Update Password. Docs
---
- hosts: localhost
tasks:
- name: Update Password
daniel_lynch.passbolt.update_password:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
name: "Testing"
password: "password"
username: "Test"
newname: "Testing2"
newusername: "Test2"
uri: "test2.com"
description: "This is a description2"
Share Password. Docs
---
- hosts: localhost
tasks:
- name: Share Password
daniel_lynch.passbolt.share_password:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
name: "Testing"
users:
- "{{ admin2 }}"
groups:
- Users
permission: Read
username: "Test"
Delete Password. Docs
---
- hosts: localhost
tasks:
- name: Delete Password
daniel_lynch.passbolt.delete_password:
passbolt_uri: "{{ passbolt_uri }}"
gpgkey: "{{ gpgkey }}"
passphrase: "{{ passphrase }}"
name: "Testing"
username: "Test"
Use ansible-vault to encrypt passphrase and GPG key https://docs.ansible.com/ansible/2.8/user_guide/playbooks_vault.html#single-encrypted-variable