Ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

73 lines
2.3 KiB

---
- name: Set bitwarden facts
block:
- set_fact: bitwarden_root_dir={{ bitwarden_root_dir | default('/opt/bitwarden_rs') }}
- set_fact: bitwarden_db_name={{ bitwarden_db_name | default('bitwardenrs') }}
tags: vaultwarden
- name: Check if SQLite DB exists
stat: path={{ bitwarden_root_dir }}/data/db.sqlite3
register: vaultwarden_bitwarden_sqlite
tags: vaultwarden
- name: Stop the old service
service: name=bitwarden_rs state=stopped
tags: vaultwarden
- name: Migrate data dir
synchronize:
src: "{{ bitwarden_root_dir }}/data/"
dest: "{{ vaultwarden_root_dir }}/data/"
compress: False
recursive: True
delegate_to: "{{ inventory_hostname }}"
tags: vaultwarden
- name: Fix permissions on vaultwarden data dir
file: path={{ vaultwarden_root_dir }}/data/ recurse=True owner={{ vaultwarden_user }} group={{ vaultwarden_user }}
tags: vaultwarden
# We assume vaultwarden was configured the same way bitwarden was, same db engine, db server etc.
# So here we just dump the database and inject the dump in the new DB
- when: vaultwarden_db_engine == 'mysql'
block:
# Dump the database of Bitwarden_RS
- mysql_db:
state: dump
name: "{{ bitwarden_db_name }}"
target: "{{ vaultwarden_root_dir }}/tmp/bitwardenrs.sql.xz"
login_host: "{{ vaultwarden_db_server }}"
login_user: sqladmin
login_password: "{{ mysql_admin_pass }}"
quick: True
single_transaction: True
# Inject the dump in the new vaultwarden database
- mysql_db:
state: import
name: "{{ vaultwarden_db_name }}"
target: "{{ vaultwarden_root_dir }}/tmp/bitwardenrs.sql.xz"
login_host: "{{ vaultwarden_db_server }}"
login_user: sqladmin
login_password: "{{ mysql_admin_pass }}"
tags: vaultwarden
- name: Cleanup files
file: path={{ item }} state=absent
loop:
- /etc/systemd/system/bitwarden_rs.service
- /etc/nginx/ansible_conf.d/31-bitwarden.conf
- /etc/backup/pre.d/bitwarden_rs.sh
- /etc/backup/post.d/bitwarden_rs.sh
- "{{ vaultwarden_root_dir }}/tmp/bitwardenrs.sql.xz"
notify: reload nginx
tags: vaultwarden
- name: Remove old iptables rules
iptables_raw:
name: bitwarden_rs
state: absent
when: iptables_manage | default(True)
tags: vaultwarden