71 lines
2.3 KiB
YAML
71 lines
2.3 KiB
YAML
---
|
|
|
|
- name: Check BitWarden item
|
|
ansible.builtin.assert:
|
|
that: "lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='password') | first | length > 0"
|
|
quiet: true
|
|
|
|
- name: Login on DCI Manager API
|
|
delegate_to: "{{ dci_manager_access_host }}"
|
|
become: no
|
|
ansible.builtin.uri:
|
|
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/api/auth/v4/public/token"
|
|
method: POST
|
|
body_format: json
|
|
return_content: true
|
|
headers:
|
|
Accept: application/json
|
|
body:
|
|
email: "{{ lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='username') | first }}"
|
|
password: "{{ lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='password') | first }}"
|
|
status_code: 201
|
|
register: _dci_manager_login
|
|
until: _dci_manager_login.status != 503 and _dci_manager_login.status != -1
|
|
retries: 10
|
|
|
|
- name: Set token fact
|
|
ansible.builtin.set_fact:
|
|
dci_token: "{{ (_dci_manager_login.content | from_json).token }}"
|
|
|
|
|
|
- name: Get TOTP code from BitWarden
|
|
delegate_to: "localhost"
|
|
ansible.builtin.command:
|
|
cmd: "bw get totp '{{ dci_manager_bitwarden_item_name }}'"
|
|
register: _totp
|
|
changed_when: false
|
|
|
|
- name: Two factor authenticate DCI Manager API
|
|
delegate_to: "{{ dci_manager_access_host }}"
|
|
become: no
|
|
ansible.builtin.uri:
|
|
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/api/auth/v4/public/token/confirm"
|
|
method: POST
|
|
body_format: json
|
|
return_content: true
|
|
headers:
|
|
Accept: application/json
|
|
body: "{
|
|
\"token\": \"{{ dci_token }}\",
|
|
\"code\": {{ _totp.stdout | int }}
|
|
}"
|
|
register: _dci_2fa_auth
|
|
until: _dci_2fa_auth.status != 503
|
|
|
|
- name: Get all servers from DCI Manager
|
|
delegate_to: "{{ dci_manager_access_host }}"
|
|
become: no
|
|
ansible.builtin.uri:
|
|
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server"
|
|
method: GET
|
|
return_content: true
|
|
headers:
|
|
Accept: application/json
|
|
X-Xsrf-Token: "{{ dci_token }}"
|
|
register: _dci_server
|
|
until: _dci_server.status != 503
|
|
|
|
- name: Set fact with server info from DCI Manager
|
|
ansible.builtin.set_fact:
|
|
dci_server_info: "{{ _dci_server.content | from_json | community.general.json_query('list[?@.ip[?@.name==`' ~ ansible_remote ~ '`]]') | first }}"
|