Update to latest version (#11)

* Update to latest vaultwarden and web-vault * Add CentOS Stream 10 and Fedora 41 to supported platforms * Add automatic release workflow
bcook254 · Dec 22, 2024 · 245c816 · 245c816
1 parent 90711f5
commit 245c816
Show file tree

Hide file tree

Showing 8 changed files with 45 additions and 8 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -39,10 +39,12 @@ jobs:
             image: docker.io/geerlingguy/docker-ubuntu2204-ansible:latest
           - name: debian12
             image: docker.io/geerlingguy/docker-debian12-ansible:latest
+          - name: fedora41
+            image: docker.io/geerlingguy/docker-fedora41-ansible:latest
           - name: fedora40
             image: docker.io/geerlingguy/docker-fedora40-ansible:latest
-          - name: fedora39
-            image: docker.io/geerlingguy/docker-fedora39-ansible:latest
+          - name: centosstream10
+            image: ghcr.io/bcook254/docker-centosstream10-ansible:latest
           - name: centosstream9
             image: ghcr.io/bcook254/docker-centosstream9-ansible:latest
     steps:
@@ -57,7 +59,7 @@ jobs:
         env:
           PLATFORM_NAME: ${{ matrix.platform.name }}
           PLATFORM_IMAGE: ${{ matrix.platform.image }}
-          VAULTWARDEN_VERSION: '1.32.2'
+          VAULTWARDEN_VERSION: '1.32.7'
           VAULTWARDEN_URL: ${{ secrets.VAULTWARDEN_URL }}
           PY_COLORS: '1'
           ANSIBLE_FORCE_COLOR: '1'

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -4,12 +4,37 @@ name: Release
     tags:
       - '*'
 
+defaults:
+  run:
+    working-directory: 'bcook254.vaultwarden'
+
 jobs:
 
   release:
     name: Release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v3
+        with:
+          path: 'bcook254.vaultwarden'
+
+      - name: Get tags.
+        id: tags
+        shell: bash
+        run: |
+          git fetch --tags origin
+          previous="$(git tag -l | sort -V --reverse | sed -n 2p)"
+          echo "PREVIOUS=$previous" >> $GITHUB_OUTPUT
+      
+      - name: Create release.
+        uses: softprops/action-gh-release@v2
+        with:
+          body: |
+            **Full Changelog**: https://github.com/${{ github.repository }}/compare/${{ steps.tags.outputs.PREVIOUS }}...${{ github.ref_name }}
+
       - name: Trigger a new import on Galaxy.
         run: >-
           ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }}

diff --git a/README.md b/README.md
@@ -32,7 +32,7 @@ When using `vaultwarden_url`, an optional dictionary of headers may be given to
 
 When enabled, this role will also download the patched web-vault files.
 
-    vaultwarden_web_vault_version: 2024.3.1
+    vaultwarden_web_vault_version: 2024.6.2c
 
 The version of Vaultwarden Web Vault to be installed.
 

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -10,6 +10,6 @@ vaultwarden_web_vault_dir: "{{ vaultwarden_home_dir }}/web-vault"
 vaultwarden_config_dir: /etc/vaultwarden
 vaultwarden_config_file: "{{ vaultwarden_config_dir }}/vaultwarden.env"
 vaultwarden_database_name: vaultwarden
-vaultwarden_web_vault_version: 2024.6.2
+vaultwarden_web_vault_version: 2024.6.2c
 vaultwarden_enable_web_vault: true
 vaultwarden_manage_config: false
diff --git a/meta/main.yml b/meta/main.yml
@@ -15,11 +15,11 @@ galaxy_info:
     - name: EL
       versions:
         - 9
+        - 10
     - name: Fedora
       versions:
-        - 38
-        - 39
         - 40
+        - 41
     - name: Debian
       versions:
         - bookworm

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -23,6 +23,13 @@ provisioner:
         vaultwarden_url: "${VAULTWARDEN_URL}"
         vaultwarden_url_checksum: "sha256:{{ vaultwarden_url }}.sha256"
     host_vars:
+      centosstream10:
+        vaultwarden_packages:
+          - openssl
+          - ca-certificates
+          - curl-minimal
+          - mariadb-devel
+          - libpq
       centosstream9:
         vaultwarden_packages:
           - openssl

diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
@@ -14,7 +14,7 @@
       chdir: /usr/local/bin
     changed_when: false
     register: __vaultwarden_version
-    failed_when: __vaultwarden_version is not search(vaultwarden_version if vaultwarden_version | length > 0 else '1.32.2')
+    failed_when: __vaultwarden_version is not search(vaultwarden_version if vaultwarden_version | length > 0 else '1.32.7')
 
   - name: Check if Vaultwarden web-vault is installed.
     ansible.builtin.stat:

diff --git a/templates/env.j2 b/templates/env.j2
@@ -225,6 +225,9 @@ DOMAIN={{ vaultwarden_domain }}
 {% if vaultwarden_allowed_iframe_ancestors is defined %}
 ALLOWED_IFRAME_ANCESTORS={{ vaultwarden_allowed_iframe_ancestors }}
 {% endif %}
+{% if vaultwarden_allowed_connect_src is defined %}
+ALLOWED_CONNECT_SRC="{{ vaultwarden_allowed_connect_src }}"
+{% endif %}
 {% if vaultwarden_login_ratelimit_seconds is defined %}
 LOGIN_RATELIMIT_SECONDS={{ vaultwarden_login_ratelimit_seconds }}
 {% endif %}