Merge pull request 'dev' (#257 ) from dev into main

Reviewed-on: fenix-gitea-admin/iac-opentofu-private#257
Merge pull request 'dev' (#251 ) from dev into main
2025-10-27 15:53:06 +00:00 · 2025-09-11 18:54:13 +00:00 · 2025-09-11 18:41:23 +00:00
3 changed files with 7 additions and 39 deletions
--- a/.gitea/workflows/ci-test.yaml
+++ b/.gitea/workflows/ci-test.yaml
@ -6,7 +6,7 @@ on:
  workflow_dispatch:
 jobs:
-  hello: 
+  hello:
    #precisa da imagem costum do opentofu
    runs-on: [ fenix-opentofu ]
    env:
@ -61,8 +61,6 @@ jobs:
      - name: Install dante-server
        run: |
          apt-get install -y dante-server
          apt install -y openssl libssl-dev curl jq
          npm install --force -g @bitwarden/cli 
      - name: Configure dante-server
@ -87,13 +85,12 @@ jobs:
      - name: vaultwarden urls as secrets
        working-directory: 
        run: |
          bw config server $VAULTWARDEN_LINK
          bw login --apikey
          BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw)
-          echo ""
+          
          echo "$BW_SESSION"
          echo "getting item"
          bw get item "iac.proxmox.ssh.link"  --session "$BW_SESSION"  | jq -r '.notes' > "proxmox-ssh-link.txt"
      - name: Start cloudflared Access TCP -> SOCKS5 (background)
@ -134,7 +131,7 @@ jobs:
        run: |
          pkill danted || true
          danted -f /etc/danted.conf -D > dante.log 2>&1 &
-          sleep 3 
+          sleep 3
          cat dante.log
@ -142,7 +139,6 @@ jobs:
        working-directory: infra/iac
        run: |
          BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw)
          echo "$BW_SESSION"
          # Ler o arquivo de referência
          for secret in $(jq -c '.secrets[]' secrets/vault-secrets-map.json); do
@ -160,7 +156,6 @@ jobs:
            elif [ "$type" == "note" ]; then
              echo "note get"
              bw get item "$name"  --session "$BW_SESSION"  | jq -r '.notes' > "$output"
              cat $output
            fi
          done
--- a/main.tf
+++ b/main.tf
@ -6,7 +6,7 @@ terraform {
    }   
    bitwarden = {
      source  = "maxlaverse/bitwarden"
-      version = ">= 0.16.0"
+      version = ">= 0.15.0"
    } 
    proxmox = {
      source = "bpg/proxmox"
--- a/vaultwarden.tf
+++ b/vaultwarden.tf
@ -25,37 +25,10 @@ resource "vaultwarden_organization_collection" "vaultwarden-collection-iac" {
  name            = "iac-collection"
 }
 resource "bitwarden_item_login" "administrative-user" {
  name     = "teste"
  username = "teste"
  password = "teste"
  collection_ids  = [vaultwarden_organization_collection.vaultwarden-collection-iac.id]
-}
+}
 resource "bitwarden_item_secure_note" "hosts-ini" {
  name            = "iac.ansible.hosts.ini"
  notes           = <<EOT
  ${local.hosts_ini}
 EOT
  organization_id = vaultwarden_organization.vaultwarden-organization-fenix-iac.id
  collection_ids  = [vaultwarden_organization_collection.vaultwarden-collection-iac.id]
  reprompt = true 
 }
 locals{
  hosts_ini = <<EOT
 [master]
 master ansible_host=${var.proxmox_k8s_vms[0].ip} ansible_user=${var.proxmox_k8s_vms[0].extra_users[0].name} ansible_ssh_pass=${var.proxmox_k8s_vms[0].extra_users[0].password}
 [workers]
 %{ for i, vm in var.proxmox_k8s_vms ~}
 %{ if i != 0 }
 worker-${replace(vm.ip, ".", "-")} ansible_host=${vm.ip} ansible_user=${vm.extra_users[0].name} ansible_ssh_pass=${vm.extra_users[0].password}
 %{ endif }  
 %{ endfor }
 EOT
  }
Author	SHA1	Message	Date
fenix-gitea-admin	870a07b97e	Merge pull request 'dev' (#257 ) from dev into main Reviewed-on: fenix-gitea-admin/iac-opentofu-private#257	2025-09-11 18:54:13 +00:00
fenix-gitea-admin	2a61b166b4	Merge pull request 'dev' (#251 ) from dev into main Reviewed-on: fenix-gitea-admin/iac-opentofu-private#251	2025-09-11 18:41:23 +00:00