-
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
setup - added password-randomizer script, fixes
- Loading branch information
Showing
22 changed files
with
347 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
--- | ||
|
||
- name: Changing GrowAutomation Credentials | ||
hosts: all | ||
become: true | ||
vars_files: | ||
- './vars/main.yml' | ||
- './vars/hardcoded.yml' | ||
tasks: | ||
# pre tasks | ||
- name: GA | Setup | Installing script dependencies | ||
ansible.builtin.apt: | ||
name: "{{ ga_script_packages }}" | ||
state: present | ||
|
||
# password tasks | ||
- name: GA | Setup | Moving old password file | ||
ansible.builtin.command: "mv {{ ga_random_pwd_file }} {{ ga_random_pwd_file }}_{{ ansible_date_time.iso8601_basic_short }}" | ||
|
||
- name: GA | Setup | Generating passwords | ||
ansible.builtin.import_role: | ||
name: setup | ||
tasks_from: 'write_pwds.yml' | ||
|
||
- name: GA | Setup | Updating passwords | ||
ansible.builtin.import_role: | ||
name: setup | ||
tasks_from: 'update_pwds.yml' | ||
|
||
# cleanup | ||
- name: GA | Setup | Cleaning up temporary password files | ||
ansible.builtin.file: | ||
path: "{{ item }}" | ||
state: absent | ||
loop: | ||
- "{{ ga_tmp_pwd_file_sql_core }}" | ||
- "{{ ga_tmp_pwd_file_sql_web }}" | ||
- "{{ ga_tmp_pwd_file_django_user }}" | ||
- "{{ ga_tmp_pwd_file_django_guest }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
|
||
# GrowAutomation script to update credentials | ||
|
||
# just copy this script to the target system and execute it | ||
|
||
# written for debian/ubuntu | ||
# config changes: | ||
# ga-settings can be changed by modifying the file ./vars/main.yml (before you run the installation script) | ||
# if you want to install it on a remote system => | ||
# 1. add your target host as an ansible host under './inventories/hosts.yml' and './inventories/host_vars/$HOSTNAME.yml' (you can copy the 'tmpl' host) | ||
# 2. run this script with the same host as argument (must be exactly the same as in the inventory) | ||
|
||
|
||
# package installation | ||
echo 'deb http://ppa.launchpad.net/ansible/ansible/ubuntu focal main' > /etc/apt/sources.list.d/ansible.list | ||
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367 | ||
apt update | ||
apt install python3 python3-requests git --yes | ||
apt-get install ansible --yes | ||
|
||
# provided config | ||
if [ -z $1 ]; then | ||
TARGET_VERSION=`python3 <<EOF | ||
from requests import get | ||
print(get('https://api.github.com/repos/superstes/growautomation/tags').json()[0]['name']) | ||
EOF` | ||
else | ||
TARGET_VERSION=$1 | ||
fi | ||
if [ -z $2 ]; then | ||
TARGET_HOST='localhost' | ||
else | ||
TARGET_HOST=$2 | ||
fi | ||
if [ $TARGET_HOST != 'localhost' ]; then | ||
apt install sshpass --yes | ||
fi | ||
# downloading source code | ||
SETUP_DIR="/tmp/ga_$(date '+%Y-%m-%d')" | ||
if [ ! -d "$SETUP_DIR" ] | ||
then | ||
git clone https://github.com/superstes/growautomation.git --depth 1 ${SETUP_DIR} --branch ${TARGET_VERSION} | ||
fi | ||
cd $SETUP_DIR/setup | ||
# installing ansible dependencies | ||
rm -rf /usr/lib/python3/dist-packages/ansible_collections # removing unused ansible collections (~500MB..) | ||
ansible-galaxy collection install -r requirements.yml | ||
ansible-galaxy install -r requirements.yml --roles-path $SETUP_DIR/setup/roles | ||
# running ansible playbook | ||
ansible-playbook -K -i inventories/hosts.yml pb_creds.yml --limit ${TARGET_HOST} --extra-vars "ga_setup_clone_dir=${SETUP_DIR}" --extra-vars "ga_setup_release=${TARGET_VERSION}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
#!/usr/bin/python3 | ||
|
||
# script to update the sql secret in the core config-file | ||
|
||
from sys import argv as sys_argv | ||
|
||
secret = sys_argv[1] | ||
|
||
from core.config.object.data.file import GaDataFile | ||
|
||
ConfigFile = GaDataFile() | ||
config = ConfigFile.get() | ||
config.update({'sql_secret': secret}) | ||
ConfigFile.reset(data=config) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.