From 77bea60a53f4051eddc754400a0c91fd2b24bf37 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sun, 28 Feb 2021 21:31:03 +0100
Subject: [PATCH] add bitwardenrs role

---
 group_vars/VMServer           |  2 +-
 group_vars/all/all_vault      | 98 ++++++++++++++++++-----------------
 group_vars/server/bitwardenrs |  6 +++
 group_vars/server/web         | 29 +++++++++++
 server.yml                    |  6 ++-
 test-role/bitwardenrs.yml     |  4 ++
 6 files changed, 94 insertions(+), 51 deletions(-)
 create mode 100644 group_vars/server/bitwardenrs
 create mode 100644 test-role/bitwardenrs.yml

diff --git a/group_vars/VMServer b/group_vars/VMServer
index b385f4c..41c7d0b 100644
--- a/group_vars/VMServer
+++ b/group_vars/VMServer
@@ -23,7 +23,7 @@ nextcloud_config_options: # additional options to set in config.php
 nginx_error_log: "/var/log/nginx/error.log debug"
 nginx_vhosts:
     - listen: "80 default_server"
-      server_name: "_
+      server_name: "_"
       filename: "default.conf"
       state: "present"
       template: "{{ nginx_vhost_template }}"
diff --git a/group_vars/all/all_vault b/group_vars/all/all_vault
index a1110d6..eba21f4 100644
--- a/group_vars/all/all_vault
+++ b/group_vars/all/all_vault
@@ -1,49 +1,51 @@
 $ANSIBLE_VAULT;1.1;AES256
-63613335366465666531646664313932613764323830656164336333303633373861646265323539
-3539643931336531336335326235376537346338343133320a656431376565396331653833376664
-64356433643836623737626364303063333136333339303165323032663836313063623335346636
-6363653336306163330a333433393663633863666664383035663833303063376535306361633264
-30326635356130363765633234633033393430643166366463356130343061373334363365333564
-39343932396164326462323939313539316564616562613137373564613734393530346562343832
-64376539646231643333363165346637336165666563666538316363653563356465383861393438
-33316264373934613366623066383364383637656433316663663732373062313862383036366137
-65366165326433613061303534376435363565346164373337383331323033346164663732353730
-32383862373234636465356630323730366364326134343564313239343565326664613738366331
-33306533653734356462313033643735643363336463336162393861633365636535376130303164
-65343737383837333163373131333334656263303231653032366266353139663235373638333661
-38663431366463326630333934623234393630666130323363663932623633626139376366616261
-36303434316237303761663234616632663966343163343864313233636139323461383037303064
-36373330376339396630666431356336653632653134373136393434666364343437666166663964
-66616333303564666662393139373532636139326164663236636166376430626132663536656566
-61613132303739323336346538353232366663383233636263336131396332656639353531393562
-30623766626437616264663334386335333138613134623032313765346331316662663863313138
-35323730393865346530646663333631363831656336386365316363626130323030326266333331
-63323337363162663863383335633263633664393264643032616436326364623832656164353630
-30313533643537666536306432356530313236343730353837303132343566613735663166643738
-37333365373662626464613061373030313935656431656663396138333662306239356338653030
-37656333353335663862323138313031313336393963393464313232316630626531623731646239
-31303635303537653339343737316331626439343464396637613230633038656439643836373866
-62313834313138386430643136356332303762363639393034623563363232333930346562363633
-66613932393536323335336636643637363433366139336235616538653063323239613562633731
-65333037626435363938353663643530626439313039343633313333623838386533303932356265
-31626230383134623838313936313431396235346530616639353063643265386430313463633837
-36633032366662396535316463623338663937633666333461386665393533653138363566373264
-61323739333836616362656230666135373732653732326265656265616561323434653331366638
-35656537633939313164656462353334326663386665303538633833306464613535656530626439
-30666333363133353930303866346630343531393434326364366663626532376333386364626462
-64313066626566373832636664333837353939653634393465316337386231653264316333373238
-31316331386563313165316537323966396536613630616430396364393365666334616534306331
-62623866333935346564323534326638313564396532313438356135363136353634396635316630
-62656632343335366238383162633962363836613166303736346539373439623136393366616364
-38346239386131616566663563616461366164303433626134366439343134303265363834623733
-30353631623135616534643966666662393666636361376137653263336536633162366332623361
-32363363353331383133356663663435383435356433353461643733376330633262646639623663
-32366434323265323266356365643732333635306237336262326133623139336466613664333164
-31353762626236343662396633396235356237386362653161313130313936323438656164373663
-64393564333438333038376330626335303961336262653632316261316436393764343937383736
-65613536666466313631613762666162303966396266653632656336633566653565353563383731
-61636338363433373762303732373031356666373434363937386138353663303537383131323232
-62326438376266376635623930373839653933386430303238363238313437313835323038363134
-63323837353134643934356138616531646337316163633539373733376264623465666463316637
-65316666373231653832316137663364633861336663613161343939646563356137343032336434
-38396432643666623831
+35363063613133363961623666366465623763626333656336356133356365383335376238383231
+6165633431386337373633306563313932316637353835620a303164356433316663353766373462
+39306466656631393830323066333633393434333737323664306635343765646164363865646435
+3538626630303565660a363932313536613333366236613765353765343064373833356365636331
+36623139616432363434363839616664326338633065326265363064323163363066356638373334
+63383639373964656237313461613961633466666532356437383536393262383232383239653739
+30666430363937323063353734313965323064623134633135326535663765303439353933396531
+65386363333330663937373130373562333234653537666137323561333530633132366564303432
+37393234393936363662303633303237363061363432383337626661373539616539376263356664
+30393865333739343939306635376238313265353435303838663634326261346436313938393461
+62373164383662376566323334356166323932663938666165376465626331306637366631646639
+34623762396630656161646165323863633935333166343335656666386539303532663232633333
+62646236656266373532366432336266346364303939326466656233633138373235306265333834
+64646363643633656130663963393130663036663036653231303861643731396162336261633464
+38323832353739633633336334626265326439626632383334376163323637323836643738336237
+35643763616634336364653163303737613131363766643066393135306535613634303532613435
+38363332333437303538636339613036363634636530346231646631613236353932343062616565
+37353065303862326331343537656131306435386161303861636537623639393438666539346338
+36346637366134326365316363333739306537316462616138666365633034613839393130373266
+65616637396434346235373137383832643733373531323264613664653330363536653966366532
+66306664613338386565313838383063343837383235326337313339343830333164356131393066
+65316531333161373362343233643733636536313536313336393134663865646166333464626334
+35373839343663653330643536313235353139656337316465643337633532373966353663616465
+38363438646134376234373939343132373235653130663635303761653939386166346263326464
+35646438323864386132613135343831386133373763306161396262336431396565373138313730
+36636630633865636436646630323664346337643061346136323837643936393062306439343032
+36336136653564623763323165323930643966303736633961353539613631303562656434326234
+36356432313435356334323032633737323361323263646637346639663537663063313263386634
+31663565393965326336353531343336656236346666623539366134643532303232336537356662
+64356138633033643261653139623730393233636433326639313865366261316565623566656437
+39333966313061363134366531633263336363323637306163323561313764313137393832393162
+39613639656533646133303231376662646364613930663132613966313735656238333465613762
+32333432353938653064633463353666663035623734313033373065633166663334633061346332
+36633738353937346663653739356562366262396163316536643336396166613662653739393430
+66383939373439393764643831653461326633316132303064326635393466396463303231623462
+31303730383538353364626535623561646539336266356665303762663130646633363936653339
+64363133653465316161356431613633653366666537383135333532316366386433663736356636
+63653032613831323135316130366130636130323961306331363966643965333663333361333766
+39323635393163636538393039623332373766306462323735623864353462326631383033616265
+66326637313038663635343262653864346136363364343235303036373765396637303332383938
+30633033366437633064353434633431323563333566333835386661656636346563646366363363
+38376663396431616330646166613439396262306432303737376233343761636433343839666466
+65366236616137633332613339353234356632303763666561653633343939613662313932376136
+33613132613936616465323637656134313938653836613036653131663537326633663836343261
+30313164333533633439663430393265313363303664343636656566323338336335663365376263
+31333939343134633932656135613034333838626535653633616636616262393066393636663933
+35626630613236633037643737653763663833363563663339363038356434366230653265663130
+63616465636134626566306439366437333437663364373938336632366662633733656136393436
+61306335653134383538303864353237646431333830323030313434653238326432383037326434
+3663393436343362656462363662373964393563316133323866
diff --git a/group_vars/server/bitwardenrs b/group_vars/server/bitwardenrs
new file mode 100644
index 0000000..2cc6cbc
--- /dev/null
+++ b/group_vars/server/bitwardenrs
@@ -0,0 +1,6 @@
+bitwarden_baseURL: https://vault.ducamps.win
+bitwardenrs_db_type: postgresql
+bitwardenrs_port: 8081
+bitwardenrs_websocket_port: 3012
+bitwardenrs_db_password: "{{ vault_db_bitwardenrs }}"
+bitwardenrs_SQl_target_file: /mnt/diskstation/git/backup/postgres/last/bitwardenrs.sql
diff --git a/group_vars/server/web b/group_vars/server/web
index 315bf9d..7cbc498 100644
--- a/group_vars/server/web
+++ b/group_vars/server/web
@@ -13,6 +13,7 @@ certbot_certs:
     - file.{{domain.name}}
     - hass.{{domain.name}}
     - ww.{{domain.name}}
+    - vault.{{domain.name}}
 
 nginx_server_tokens: "off"
 nginx_server_resolver: "192.168.1.40 192.168.1.10"
@@ -298,6 +299,34 @@ nginx_vhosts:
           add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
           proxy_pass http://localhost:9090;
         }
+    - listen: "443 ssl"
+      server_name: "vault.{{domain.name}}"
+      filename: "vault.conf"
+      state: present
+      template: "{{ nginx_vhost_template }}"
+      access_log: /var/log/nginx/vault.access.log
+      error_log: /var/log/nginx/vault.error.log
+      extra_parameters: |
+        client_max_body_size 128M;
+  
+        location / {
+          proxy_pass http://localhost:8081;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+             proxy_set_header X-Forwarded-Proto $scheme;
+           }
+           
+           location /notifications/hub {
+             proxy_pass http://localhost:3012;
+             proxy_set_header Upgrade $http_upgrade;
+             proxy_set_header Connection "upgrade";
+           }
+           
+           location /notifications/hub/negotiate {
+             proxy_pass http://localhost:8081;
+           }
+
     - listen: 80
       server_name: "arch.{{domain.name}}"
       filename: "archMirror.conf"
diff --git a/server.yml b/server.yml
index 7ac29f9..10d104c 100644
--- a/server.yml
+++ b/server.yml
@@ -7,7 +7,8 @@
       name: 
         - termite-terminfo # not required. Name or list of names of the packages to install, upgrade, or remove.
     become: yes
-
+  vars:
+      #    certbot_force: true
   roles:
   - syncthing
   - msmtp
@@ -27,6 +28,7 @@
   - gitea
   - supysonic
   - hass
+  - {role: ansible-bitwardenrs ,become:yes }
   - {role: ansible-role-samba , become: yes }
   - chainetv
   - user_config
@@ -40,4 +42,4 @@
       hour: "4" 
       minute: "0"
       state: present 
-    become: true
\ No newline at end of file
+    become: true
diff --git a/test-role/bitwardenrs.yml b/test-role/bitwardenrs.yml
new file mode 100644
index 0000000..7d4900b
--- /dev/null
+++ b/test-role/bitwardenrs.yml
@@ -0,0 +1,4 @@
+- hosts: server
+  become: yes 
+  roles:
+    - ../roles/ansible-bitwardenrs