ilia
de49b34cdc
Some checks failed
CI / skip-ci-check (pull_request) Successful in 6s
CI / lint-and-test (pull_request) Failing after 9s
CI / ansible-validation (pull_request) Failing after 6s
CI / secret-scanning (pull_request) Successful in 5s
CI / dependency-scan (pull_request) Successful in 8s
CI / sast-scan (pull_request) Failing after 5s
CI / license-check (pull_request) Successful in 11s
CI / vault-check (pull_request) Failing after 6s
CI / playbook-test (pull_request) Failing after 6s
CI / container-scan (pull_request) Failing after 6s
CI / sonar-analysis (pull_request) Failing after 2s
CI / workflow-summary (pull_request) Successful in 4s
Document pve10 static IPs, monitoring stack, and site LXCs; add portfolio to inventory; Mailcow mailbox automation; vault import/export scripts; security audit guides and UniFi DHCP reference. Co-authored-by: Cursor <cursoragent@cursor.com>
19 lines
692 B
Bash
Executable File
19 lines
692 B
Bash
Executable File
#!/usr/bin/env bash
|
|
# Export BOOTSTRAP_SU_PASSWORD from vault_lxc_root_password
|
|
set -euo pipefail
|
|
REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
|
eval "$("${REPO_ROOT}/.venv/bin/python3" - "${REPO_ROOT}" <<'PY'
|
|
import os, subprocess, sys, yaml, shlex
|
|
repo = sys.argv[1]
|
|
text = subprocess.check_output(
|
|
[os.path.join(repo, ".venv/bin/ansible-vault"), "view",
|
|
os.path.join(repo, "inventories/production/group_vars/all/vault.yml"),
|
|
"--vault-password-file", os.path.expanduser("~/.ansible-vault-pass")],
|
|
text=True,
|
|
)
|
|
pw = (yaml.safe_load(text) or {}).get("vault_lxc_root_password", "")
|
|
if pw:
|
|
print("export BOOTSTRAP_SU_PASSWORD=" + shlex.quote(str(pw)))
|
|
PY
|
|
)"
|