255 lines
5.5 KiB
YAML
255 lines
5.5 KiB
YAML
---
|
|
- name: Create bitwarden users
|
|
ansible.builtin.user:
|
|
name: "{{ item.name }}"
|
|
home: "{{ item.home }}"
|
|
shell: "/bin/false"
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
|
|
- name: Get rustup installer
|
|
get_url:
|
|
url: https://sh.rustup.rs
|
|
dest: "{{ item.home}}/rustup.sh"
|
|
owner: "{{ item.name }}"
|
|
group: "{{ item.name }}"
|
|
mode: '0700'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Install rust nightly
|
|
shell: "{{ item.home }}/rustup.sh --no-modify-path --default-toolchain nightly -y"
|
|
args:
|
|
executable: /bin/bash
|
|
register: _bitwardenrs_install_rust_nightly
|
|
changed_when: "'nightly installed' in _bitwardenrs_install_rust_nightly.stdout"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Remove bitwarden
|
|
file:
|
|
path: "{{ item.home }}/bitwarden_rs"
|
|
state: absent
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- upgrade
|
|
|
|
- name: Remove web-vault
|
|
file:
|
|
path: "{{ item.home }}/web-vault"
|
|
state: absent
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- upgrade
|
|
|
|
- name: Remove patches
|
|
file:
|
|
path: "{{ item.home }}/bw_web_builds"
|
|
state: absent
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- upgrade
|
|
|
|
- name: Stop bitwarden
|
|
ansible.builtin.systemd:
|
|
state: stopped
|
|
name: "{{ item.name }}_bitwarden.service"
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- upgrade
|
|
|
|
- name: "Clone bitwarden_rs"
|
|
git:
|
|
repo: https://github.com/dani-garcia/bitwarden_rs.git
|
|
dest: "{{ item.home }}/bitwarden_rs"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: "Clone bitwarden patch"
|
|
git:
|
|
repo: https://github.com/dani-garcia/bw_web_builds.git
|
|
dest: "{{ item.home }}/bw_web_builds"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: "Get last patch"
|
|
shell: ls | sort --version-sort | tail -n 1 | sed "s/.patch//"
|
|
args:
|
|
chdir: "{{ item.home }}/bw_web_builds/patches"
|
|
register: webvault_version
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: "Clone bitwarden web"
|
|
git:
|
|
repo: https://github.com/bitwarden/web.git
|
|
dest: "{{ item.item.home }}/web-vault"
|
|
version: "{{ item.stdout }}"
|
|
become: yes
|
|
become_user : "{{ item.item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ webvault_version.results }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Compile bitwarden_rs
|
|
shell: "{{ item.home }}/.cargo/bin/cargo build --release --features postgresql"
|
|
args:
|
|
chdir: "{{ item.home }}/bitwarden_rs"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Patch web-vault
|
|
shell: "git apply {{ item.item.home }}/bw_web_builds/patches/{{ item.stdout }}.patch"
|
|
args:
|
|
chdir: "{{ item.item.home }}/web-vault"
|
|
become: yes
|
|
become_user : "{{ item.item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ webvault_version.results }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Build web-vault
|
|
shell: "npm run sub:init"
|
|
args:
|
|
chdir: "{{ item.home }}/web-vault"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Build web-vault
|
|
shell: "npm install"
|
|
args:
|
|
chdir: "{{ item.home }}/web-vault"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Build web-vault
|
|
shell: "npm run dist"
|
|
args:
|
|
chdir: "{{ item.home }}/web-vault"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Copy web-vault
|
|
shell: "cp -a {{ item.home }}/web-vault/build/ {{ item.home }}/bitwarden_rs/target/release/web-vault/"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Create bitwarden app folder
|
|
ansible.builtin.file:
|
|
path: "{{ item.app_folder }}"
|
|
state: directory
|
|
owner: "{{ item.name }}"
|
|
group: "{{ item.name }}"
|
|
mode: '0750'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Install bitwarden
|
|
shell: "rsync -a --info=progress2 {{ item.home }}/bitwarden_rs/target/release/ {{ item.app_folder }}"
|
|
become: yes
|
|
become_user : "{{ item.name }}"
|
|
become_method: su
|
|
become_flags: '-s /bin/bash'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
- upgrade
|
|
|
|
- name: Add service
|
|
ansible.builtin.template:
|
|
src: bitwarden.service.j2
|
|
dest: "/etc/{{ item.name }}_bitwarden.service"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
|
|
- name: Reload systemd
|
|
ansible.builtin.systemd:
|
|
daemon_reload: yes
|
|
name: "{{ item.name }}_bitwarden.service"
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
|
|
- name: Enable bitwarden
|
|
ansible.builtin.systemd:
|
|
enabled: yes
|
|
name: "{{ item.name }}_bitwarden.service"
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- install
|
|
|
|
- name: Restarted bitwarden
|
|
ansible.builtin.systemd:
|
|
state: started
|
|
name: "{{ item.name }}_bitwarden.service"
|
|
loop: "{{ bitwarden }}"
|
|
tags:
|
|
- upgrade
|
|
|