ansible/ansible_role_gopass
1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gopass.git synced 2024-09-14 20:06:42 +02:00
Code Releases Activity

Merge pull request #12 from roles-ansible/b

Browse source 
add requirements, improve lintin
This commit is contained in:
L3D 2023-10-28 17:24:56 +02:00 committed by GitHub
commit c9467b48be
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 114 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
README.md
View file

@ -17,5 +17,12 @@ This role will only install the gopass passwordmanager. You have to configure an
| ``gopass__install_zbar_tools`` | ``true`` | Install optional zbar tooling to read qrcodes |
| ``submodules_versioncheck`` | ``false`` | Run optional versionscheck to prevent old versions of tis ansible |
## Requirements
The ``community.general`` collection is required for some parts of this ansible role.
You can install it with this command:
```bash
ansible-galaxy collection install -r requirements.yml --upgrade
```
## Contributing
Please feel free to open a issue. Or suggest changes and improvements via Pull-Request. I will be happy to have a look at it.

4
requirements.yml Normal file
View file

@ -0,0 +1,4 @@
---
collections:
- name: 'community.general'
version: ">=7.5.0,<=8.0.0"

39
tasks/gopass-install/install-gopass-default.yml
View file

@ -3,54 +3,49 @@
become: true
ansible.builtin.package:
name: "{{ item }}"
state: present
with_items:
- git
- gnupg
- rng-tools
- xsel
- xclip
state: 'present'
loop: "{{ gopass__required_packages }}"
- name: Install Gopass
ansible.builtin.package:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass
loop:
- 'gopass'
- name: Install gopass-jsonapi for browser integration
ansible.builtin.package:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass-jsonapi
loop:
- 'gopass-jsonapi'
when: gopass__install_jsonapi | bool
- name: Install gopass-hibp for haveibeenpwnd.com integration
ansible.builtin.package:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass-hibp
loop:
- 'gopass-hibp'
when: gopass__install_haveibeenpwnd | bool
- name: Install git-credential-gopass as git-credentials helper
ansible.builtin.package:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- git-credential-gopass
loop:
- 'git-credential-gopass'
when: gopass__install_git_credential | bool
- name: Install zbar-tools for QR CodeReading using OTP Secrets
ansible.builtin.package:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- zbar-tools
loop:
- 'zbar-tools'
when: gopass__install_zbar_tools | bool

52
tasks/gopass-install/install-on-archlinux.yml
View file

@ -1,58 +1,52 @@
---
- name: Install requirements for gopass
- name: Install requirements for gopass # noqa: H1901
become: true
community.general.pacman:
name: "{{ item }}"
state: present
state: 'present'
update_cache: true
with_items:
- git
- gnupg
- rng-tools
- xsel
- xclip
- xorg-xclipboard
loop: "{{ gopass__required_archlinux_packages }}"
- name: Install Gopass
- name: Install Gopass # noqa: H1901
community.general.pacman:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass
loop:
- 'gopass'
- name: Install gopass-jsonapi for browser integration
- name: Install gopass-jsonapi for browser integration # noqa: H1901
community.general.pacman:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass-jsonapi
loop:
- 'gopass-jsonapi'
when: gopass__install_jsonapi | bool
- name: Install gopass-hibp for haveibeenpwnd.com integration
- name: Install gopass-hibp for haveibeenpwnd.com integration # noqa: H1901
community.general.pacman:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass-hibp
loop:
- 'gopass-hibp'
when: gopass__install_haveibeenpwnd | bool
- name: Install git-credential-gopass as git-credentials helper
- name: Install git-credential-gopass as git-credentials helper # noqa: H1901
community.general.pacman:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- git-credential-gopass
loop:
- 'git-credential-gopass'
when: gopass__install_git_credential | bool
- name: Install zbar-tools for QR CodeReading using OTP Secrets
- name: Install zbar-tools for QR CodeReading using OTP Secrets # noqa: H1901
community.general.pacman:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- zbar-tools
loop:
- 'zbar-tools'
when: gopass__install_zbar_tools | bool

51
tasks/gopass-install/install-on-debian.yml
View file

@ -9,12 +9,7 @@
ansible.builtin.apt:
name: "{{ item }}"
state: present
with_items:
- git
- gnupg2
- rng-tools
- xsel
- xclip
loop: "{{ gopass__required_debian_packages }}"
- name: Adding Gopass Package Repository
when: gopass__add_apt_repo | bool
@ -23,9 +18,9 @@
ansible.builtin.get_url:
url: https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg
dest: "{{ gopass__keyring }}"
owner: root
group: root
mode: 0644
owner: 'root'
group: 'root'
mode: '0644'
become: true
- name: Add Gopass repository source
@ -33,9 +28,9 @@
ansible.builtin.template:
src: "templates/apt.gopass.sources.j2"
dest: '/etc/apt/sources.list.d/gopass.sources'
mode: 0644
group: root
owner: root
mode: '0644'
group: 'root'
owner: 'root'
notify: Trigger apt update
- name: Trigger Handlers
@ -44,44 +39,44 @@
- name: Install Gopass and Gopass archive keyring
ansible.builtin.apt:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass-archive-keyring
- gopass
loop:
- 'gopass-archive-keyring'
- 'gopass'
- name: Install gopass-jsonapi for browser integration
ansible.builtin.apt:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass-jsonapi
loop:
- 'gopass-jsonapi'
when: gopass__install_jsonapi | bool
- name: Install gopass-hibp for haveibeenpwnd.com integration
ansible.builtin.apt:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- gopass-hibp
loop:
- 'gopass-hibp'
when: gopass__install_haveibeenpwnd | bool
- name: Install git-credential-gopass as git-credentials helper
ansible.builtin.apt:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- git-credential-gopass
loop:
- 'git-credential-gopass'
when: gopass__install_git_credential | bool
- name: Install zbar-tools for QR CodeReading using OTP Secrets
ansible.builtin.apt:
name: "{{ item }}"
state: present
state: 'present'
become: true
with_items:
- zbar-tools
loop:
- 'zbar-tools'
when: gopass__install_zbar_tools | bool

13
tasks/main.yml
View file

@ -1,14 +1,9 @@
---
- name: Run optional versionscheck
ansible.builtin.include_tasks: versioncheck.yml
ansible.builtin.include_tasks:
file: versioncheck.yml
when: submodules_versioncheck | bool
- name: Install GoPass Packages
ansible.builtin.include_tasks: "{{ lookup('ansible.builtin.first_found', gopass_install) }}"
vars:
gopass_install:
files:
- "install-on-{{ ansible_os_family | lower }}.yml"
- 'install-gopass-default.yml'
paths:
- 'tasks/gopass-install'
ansible.builtin.include_tasks:
file: "{{ lookup('ansible.builtin.first_found', gopass_install) }}"

8
tasks/versioncheck.yml
View file

@ -16,15 +16,14 @@
src: "/etc/.ansible-version/{{ playbook_version_path }}"
register: playbook_version
when: submodules_versioncheck | bool
ignore_errors: true
failed_when: false
- name: Print remote role version
- name: Print remote role version # noqa: H500
ansible.builtin.debug:
msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
when: submodules_versioncheck | bool
- name: Print locale role version
- name: Print locale role version # noqa: H500
ansible.builtin.debug:
msg: "Local role version: '{{ playbook_version_number | string }}'."
when: submodules_versioncheck | bool
@ -33,7 +32,7 @@
ansible.builtin.fail:
msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!"
when:
- playbook_version.content | default("Mgo=") | b64decode | int - 1 >= playbook_version_number | int and submodules_versioncheck | bool
- playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck | bool
- name: Write new version to remote disk
become: true
@ -42,3 +41,4 @@
dest: "/etc/.ansible-version/{{ playbook_version_path }}"
mode: '0644'
when: submodules_versioncheck | bool
tags: skip_ansible_lint_template-instead-of-copy

35
vars/main.yml
View file

@ -1,5 +1,34 @@
---
gopass__keyring: /usr/share/keyrings/gopass-archive-keyring.gpg
# versionscheck
playbook_version_number: 03 # should be a integer
gopass__keyring: '/usr/share/keyrings/gopass-archive-keyring.gpg'
gopass_install:
files:
- "install-on-{{ ansible_os_family | lower }}.yml"
- 'install-gopass-default.yml'
paths:
- 'tasks/gopass-install'
gopass__required_packages:
- git
- gnupg
- rng-tools
- xsel
- xclip
gopass__required_debian_packages:
- git
- gnupg2
- rng-tools
- xsel
- xclip
gopass__required_archlinux_packages:
- git
- gnupg
- rng-tools
- xsel
- xclip
- xorg-xclipboard
# simple versionscheck
playbook_version_number: 04
playbook_version_path: 'l3d.gopass.version'