Merge pull request 'dev' (#257 ) from dev into main

Reviewed-on: fenix-gitea-admin/iac-opentofu-private#257
Merge pull request 'dev' (#251 ) from dev into main
2025-10-27 15:53:06 +00:00 · 2025-09-11 18:54:13 +00:00 · 2025-09-11 18:41:23 +00:00
6 changed files with 13 additions and 50 deletions
--- a/.gitea/workflows/ci-test.yaml
+++ b/.gitea/workflows/ci-test.yaml
@ -35,11 +35,6 @@ jobs:
        run: |
          apt-get update -y

-      - name: Install setup
-        run: |
-          apt install -y curl jq
-          curl -fsSL https://deb.nodesource.com/setup_18.x
-
      - name: Cloning iac repository
        uses: actions/checkout@v4
        with:
@ -65,7 +60,7 @@ jobs:

      - name: Install dante-server
        run: |
-          apt-get install -y dante-server openssl libssl1.1
+          apt-get install -y dante-server


      - name: Configure dante-server
@ -90,15 +85,12 @@ jobs:


      - name: vaultwarden urls as secrets
+        working-directory: 
        run: |
-          echo "config"
          bw config server $VAULTWARDEN_LINK
-          echo "login"
          bw login --apikey
-          echo "session"
          BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw)
-          echo "$BW_SESSION"
-          echo "getting item"
+          
          bw get item "iac.proxmox.ssh.link"  --session "$BW_SESSION"  | jq -r '.notes' > "proxmox-ssh-link.txt"

      - name: Start cloudflared Access TCP -> SOCKS5 (background)
@ -147,7 +139,6 @@ jobs:
        working-directory: infra/iac
        run: |
          BW_SESSION=$(bw unlock "$BW_PASSWORD" --raw)
-          echo "$BW_SESSION"
          
          # Ler o arquivo de referência
          for secret in $(jq -c '.secrets[]' secrets/vault-secrets-map.json); do
@ -165,7 +156,6 @@ jobs:
            elif [ "$type" == "note" ]; then
              echo "note get"
              bw get item "$name"  --session "$BW_SESSION"  | jq -r '.notes' > "$output"
-              cat $output
            fi
          done

--- a/main.tf
+++ b/main.tf
@ -6,7 +6,7 @@ terraform {
    }   
    bitwarden = {
      source  = "maxlaverse/bitwarden"
-      version = ">= 0.16.0"
+      version = ">= 0.15.0"
    } 
    proxmox = {
      source = "bpg/proxmox"
--- a/vaultwarden.tf
+++ b/vaultwarden.tf
@ -25,37 +25,10 @@ resource "vaultwarden_organization_collection" "vaultwarden-collection-iac" {
  name            = "iac-collection"
 }

+
 resource "bitwarden_item_login" "administrative-user" {
  name     = "teste"
  username = "teste"
  password = "teste"
  collection_ids  = [vaultwarden_organization_collection.vaultwarden-collection-iac.id]
 }
-
-
-resource "bitwarden_item_secure_note" "hosts-ini" {
-  name            = "iac.ansible.hosts.ini"
-  notes           = <<EOT
-  ${local.hosts_ini}
-EOT
-  organization_id = vaultwarden_organization.vaultwarden-organization-fenix-iac.id
-  collection_ids  = [vaultwarden_organization_collection.vaultwarden-collection-iac.id]
-  reprompt = true 
-}
-
-locals{
-
-  hosts_ini = <<EOT
-
-[master]
-master ansible_host=${var.proxmox_k8s_vms[0].ip} ansible_user=${var.proxmox_k8s_vms[0].extra_users[0].name} ansible_ssh_pass=${var.proxmox_k8s_vms[0].extra_users[0].password}
-
-[workers]
-%{ for i, vm in var.proxmox_k8s_vms ~}
-%{ if i != 0 }
-worker-${replace(vm.ip, ".", "-")} ansible_host=${vm.ip} ansible_user=${vm.extra_users[0].name} ansible_ssh_pass=${vm.extra_users[0].password}
-%{ endif }  
-%{ endfor }
-
-EOT
-  }
Author	SHA1	Message	Date
fenix-gitea-admin	870a07b97e	Merge pull request 'dev' (#257 ) from dev into main Reviewed-on: fenix-gitea-admin/iac-opentofu-private#257	2025-09-11 18:54:13 +00:00
fenix-gitea-admin	2a61b166b4	Merge pull request 'dev' (#251 ) from dev into main Reviewed-on: fenix-gitea-admin/iac-opentofu-private#251	2025-09-11 18:41:23 +00:00