=====Keepass Datei mit Python auslesen um Ansible Konfiguration zu erzeugen =====
Aufgabe: Eine komplette Server Umgebung ist in einer Keypass Datei hinterlegt, aus dieser Datei soll eine Ansible Konfiguration erzeugt werden.
=== Lib installieren ===
(unter MS Windows!)
C:\python38\python.exe -m pip install -U pip --upgrade
C:\python38\python.exe -m pip install pykeepass
# alternativ mit Angabe eines Proxy
./python.exe -m pip install --upgrade pip --trusted-host pypi.org --trusted-host files.pythonhosted.org --proxy http://:@:
./python.exe -m pip install pykeepass --trusted-host pypi.org --trusted-host files.pythonhosted.org --proxy http://:@:
=== Erste Verwendung ===
Test Key Passdatei anlegen, mit Gruppe/Server/root Passwort
In diesem Beispiel wird davon ausgegangen das in der KeyPass Datei die Server unter Ihrer Gruppe und mit dem Name des Servers als Titel des Eintrags angelegt wurden.
Auslesen mit:
__author__ = 'gpipperr'
import datetime, time
import glob, filecmp, ntpath, shutil
import os, errno, sys, getopt
from pykeepass import PyKeePass
# Main Script part
def main(argv):
# Parameter 1 - KeyPass File Directory
# Parameter 2 - Ansible base Directory
# Parameter 3 - KeePass Password
keepassFile = '-'
dest_name = '-'
password = '-'
os_seb=os.path.sep;
try:
opts, args = getopt.getopt(argv, "hs:d:p:", ["src=", "dest=","passwd="])
except getopt.GetoptError:
print("usage: keePassExport.py.py -s -d -p ")
sys.exit(2)
for opt, arg in opts:
if opt == '-h':
print("usage: usage: keePassExport.py.py -s -d -p ")
sys.exit()
elif opt in ("-s", "--src"):
keepassFile = arg
elif opt in ("-d", "--dest"):
dest_name = arg
elif opt in ("-p", "--passwd"):
password = arg
# check if keepassFile exists
# Source
if os.path.isfile(keepassFile):
print("-- Info :: KeePass File {0} selected".format(keepassFile))
else:
print("-- Error :: KeePass File {0} not found".format(keepassFile))
sys.exit(2)
# Destination
# check and strip last / if necessary
if not os.path.isdir(dest_name):
print("-- Error :: 04 Destination Directory (-d) {0} not found".format(dest_name))
print("usage: usage: keePassExport.py -s -d ")
sys.exit(2)
else:
if dest_name.endswith(os.path.sep):
dest_name = dest_name[:-1]
# Remember the start time of the program
start_time = time.time()
print("--" + 40 * "=")
print("-- Info :: Read from {0}".format(keepassFile))
print("-- Info :: Copy files to {0}".format(dest_name))
print("--" + 40 * "=")
host_var_path=dest_name + os_seb + "host_vars"
try:
os.makedirs(host_var_path)
print("-- Info :: Create Directory :: {0}".format(host_var_path))
except OSError as exception:
if exception.errno != errno.EEXIST:
print(
"-- Error :: 03 Directory {0} creation error :: see error {1}".format(host_var_path,
sys.exc_info()[0]))
else:
print("-- Info :: Directory still exits :: {0}".format(host_var_path))
pass
# start reading
# load database
keeDB = PyKeePass(keepassFile, password=password)
# create host files
# all with root password
print("-- Info :: create host vars in directy ::" + host_var_path)
entry = keeDB.find_entries(username='root')
print("--" + 40 * "=")
for e in entry:
server_name=e.title;
file_name=host_var_path + os_seb+ server_name
# create file with the name
print(' - Host add ::'+e.title)
f = open(file_name,"w")
f.write("hostname: "+server_name + '\n')
f.write("roles:" + '\n')
f.write(" - common" + '\n')
f.write(" - dbserver" + '\n')
f.write( "ansible_connection: ssh" + '\n')
f.write("ansible_ssh_user: root" + '\n')
f.write("ansible_ssh_pass: "+e.password + '\n')
f.close();
#print(e)
#print(e.password)
#print(e.group)
#print(e.title)
print("--" + 40 * "=")
# create inventory file
# all with root password
print("-- Info :: create inventory in directory ::" + dest_name)
f = open(dest_name + os_seb + "inventory", "w")
for grp in keeDB.groups:
if grp.is_root_group == False and grp.name != "Recycle Bin":
print(" - Add Group: "+ grp.name)
f.write("[" + grp.name + "]" +'\n')
groupEntry= keeDB.find_entries(group=grp,username='root')
for e in groupEntry:
f.write(e.title+"\n")
f.close();
if __name__ == "__main__":
main(sys.argv[1:]);
Da aber natürlich in einer gewachsenen KeePass Datei das auch ganz anders sortiert sein kann muss dann das SKript je nach Bedarf angepasst werden.
In dieser Variante ist der Servername eine Gruppe unter dem wieder eine Struktur aufgebaut ist.
Auszug aus dem Suchen nach dem Root Password:
# create host files
# all with root password
print("-- Info :: create host vars in directy ::" + host_var_path)
entry = keeDB.find_entries(username='root',first=False)
for e in entry:
group_string=str(e.group.__str__)
print(" -- found Entry in Group :"+ group_string)
# create file with the name
for eg in group_string.split("/"):
if eg.find("gpi") == 0:
server_name=eg.replace('"','').replace(">","")
print(' + Host add ::'+server_name)
file_name=host_var_path + os_seb+ server_name
f = open(file_name,"w")
f.write("hostname: "+eg + '\n')
f.write("roles:" + '\n')
f.write(" - common" + '\n')
f.write(" - dbserver" + '\n')
f.write( "ansible_connection: ssh" + '\n')
f.write("ansible_ssh_user: root" + '\n')
f.write("ansible_ssh_pass: "+e.password + '\n')
f.close();
----
==== Excel Listen auslesen für das Inventory ====
* https://everythingshouldbevirtual.com/automation/ansible-parsing-csv-list-hosts-ip-hostnames-mac/
* https://www.geeksforgeeks.org/reading-excel-file-using-python/
----
==== Quellen ====
* https://pypi.org/project/pykeepass/