devs/bin/ansible/pritunl_users.yaml

---
# Devops Ansible Script
# Playbook:     pritunl_users.yaml
# Description:  Add, enable, disable or remove pritunl vpn users
# Author:       Mauro Rosero P.
# Email:        mauro@rosero.one (mauro.rosero@gmail.com)
# Organization: ROSERO ONE
# Created:      Ene 04, 2025 12:00:00
# Updated:      2025-01-05 00:00:00


- name: PLAYBOOK - {{ playbook_program | upper }} ({{ playbook_description | upper }})
  hosts: [localhost]
  become: no
  gather_facts: no

  vars:
    playbook_program:       'pritunl_users'
    playbook_description:   'Add, enable, disable or remove pritunl vpn users'
    managed_sufix:          'pritunl-vpn'
    main_action:            'MANAGE PRITUNL VPN USERS'
    language:               "{{ lang_modified | default(default_lang, true) }}"
    messages_file:          "{{ messages_path }}/{{ messages_prefix | upper}}-{{ language | upper }}.yaml"

  pre_tasks:

  - name: PRE -- LOAD FULL LANGUAGE MESSAGES FOR THIS PLAYBOOK
    include_tasks:
      file: includes/load_messages.yaml
    run_once: true

  - name: PRE -- SET PRITUNL VPN CREDENTIALS SOPS FILE
    set_fact:
      sops_file: '{{ sops_vpnadm_file }}'

  - name: PRE -- GET REQUIRED SOPS CREDENTIALS
    include_tasks:
      file: includes/sops_credentials.yaml
    run_once: true

  - name: Check for succesfull credential vars loaded
    ansible.builtin.assert:
      that:
        - sops_vars is defined
        - sops_vars.PRITUNL_SECRET is defined
        - sops_vars.PRITUNL_TOKEN is defined
      fail_msg: "{{ messages.console.error.credentials_fail }}"
      quiet: true
    run_once: true

  - name: Check if pritunl action is defined
    ansible.builtin.assert:
      that:
        - input_pritunl_action is not defined or ( input_pritunl_action is defined and input_pritunl_action in ["add", "remove", "enable", "disable"] )
      fail_msg: "{{ messages.console.error.no_pritunl_action }}"
      quiet: true
    run_once: true

  - name: Check if pritunl user is defined
    ansible.builtin.assert:
      that:
        - input_pritunl_user is defined
      fail_msg: "{{ messages.console.error.no_pritunl_user }}"
      quiet: true
    run_once: true

  - name: Check if pritunl email for user is defined
    ansible.builtin.assert:
      that:
        - input_pritunl_email is defined
      fail_msg: "{{ messages.console.error.no_pritunl_email }}"
      quiet: true
    when: input_pritunl_action is not defined or ( input_pritunl_action is defined and input_pritunl_action != "remove" )
    run_once: true

  tasks:

  - block:

    - name: --|| WAIT FOR SERVER(S) CONNECTION
      wait_for_connection:
        timeout: '{{ sysop_timeout_connection | int }}'
      when: ansible_connection is defined and ansible_connection != 'local'

    - block:

      - name: --|| ADD PRITUNL VPN USER ({{ input_pritunl_user | upper }})
        community.general.pritunl_user:
          pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"
          pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET | b64decode | replace('\r', '') }}"
          pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN | b64decode | replace('\r', '') }}"
          organization: "{{ input_pritunl_org | default(platform_pritunl_org_default, true) | upper }}"
          user_name: '{{ input_pritunl_user | lower }}'
          user_email: '{{ input_pritunl_email | lower }}'
          user_disabled: '{{ platform_pritunl_usr_default }}'
          user_gravatar: '{{ platform_pritunl_img_default }}'
        when: input_pritunl_action is not defined or ( input_pritunl_action is defined and input_pritunl_action == 'add' )

      - name: --|| REMOVE PRITUNL VPN USER ({{ input_pritunl_user | upper }})
        community.general.pritunl_user:
          pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"
          pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET | b64decode | replace('\r', '') }}"
          pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN | b64decode | replace('\r', '') }}"
          state: absent
          organization: "{{ input_pritunl_org | default(platform_pritunl_org_default, true) | upper }}"
          user_name: '{{ input_pritunl_user | lower }}'
        when: input_pritunl_action is defined and input_pritunl_action == 'remove'

      - name: --|| ENABLE PRITUNL VPN USER ({{ input_pritunl_user | upper }})
        community.general.pritunl_user:
          pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"
          pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET | b64decode | replace('\r', '') }}"
          pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN | b64decode | replace('\r', '') }}"
          organization: "{{ input_pritunl_org | default(platform_pritunl_org_default, true) | upper }}"
          user_name: '{{ input_pritunl_user | lower }}'
          user_email: '{{ input_pritunl_email | lower }}'
          user_disabled: false
        when: input_pritunl_action is defined and input_pritunl_action == 'enable'

      - name: --|| DISABLE PRITUNL VPN USER ({{ input_pritunl_user | upper }})
        community.general.pritunl_user:
          pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"
          pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET | b64decode | replace('\r', '') }}"
          pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN | b64decode | replace('\r', '') }}"
          organization: "{{ input_pritunl_org | default(platform_pritunl_org_default, true) | upper }}"
          user_name: '{{ input_pritunl_user | lower }}'
          user_email: '{{ input_pritunl_email | lower }}'
          user_disabled: true
        when: input_pritunl_action is defined and input_pritunl_action == 'disable'

      when: true

    when: true
[IMPROVED] Gestión de Usuarios PRITUNL VPN - Crea usuario - Elimina usuario - Habilita y deshabilita usuario (modulo ansible falla) 2025-01-06 03:12:29 +00:00			`---`
			`# Devops Ansible Script`
			`# Playbook: pritunl_users.yaml`
			`# Description: Add, enable, disable or remove pritunl vpn users`
			`# Author: Mauro Rosero P.`
			`# Email: mauro@rosero.one (mauro.rosero@gmail.com)`
			`# Organization: ROSERO ONE`
			`# Created: Ene 04, 2025 12:00:00`
			`# Updated: 2025-01-05 00:00:00`


			`- name: PLAYBOOK - {{ playbook_program \| upper }} ({{ playbook_description \| upper }})`
			`hosts: [localhost]`
			`become: no`
			`gather_facts: no`

			`vars:`
			`playbook_program: 'pritunl_users'`
			`playbook_description: 'Add, enable, disable or remove pritunl vpn users'`
			`managed_sufix: 'pritunl-vpn'`
			`main_action: 'MANAGE PRITUNL VPN USERS'`
			`language: "{{ lang_modified \| default(default_lang, true) }}"`
			`messages_file: "{{ messages_path }}/{{ messages_prefix \| upper}}-{{ language \| upper }}.yaml"`

			`pre_tasks:`

			`- name: PRE -- LOAD FULL LANGUAGE MESSAGES FOR THIS PLAYBOOK`
			`include_tasks:`
			`file: includes/load_messages.yaml`
			`run_once: true`

			`- name: PRE -- SET PRITUNL VPN CREDENTIALS SOPS FILE`
			`set_fact:`
			`sops_file: '{{ sops_vpnadm_file }}'`

			`- name: PRE -- GET REQUIRED SOPS CREDENTIALS`
			`include_tasks:`
			`file: includes/sops_credentials.yaml`
			`run_once: true`

			`- name: Check for succesfull credential vars loaded`
			`ansible.builtin.assert:`
			`that:`
			`- sops_vars is defined`
			`- sops_vars.PRITUNL_SECRET is defined`
			`- sops_vars.PRITUNL_TOKEN is defined`
			`fail_msg: "{{ messages.console.error.credentials_fail }}"`
			`quiet: true`
			`run_once: true`

			`- name: Check if pritunl action is defined`
			`ansible.builtin.assert:`
			`that:`
			`- input_pritunl_action is not defined or ( input_pritunl_action is defined and input_pritunl_action in ["add", "remove", "enable", "disable"] )`
			`fail_msg: "{{ messages.console.error.no_pritunl_action }}"`
			`quiet: true`
			`run_once: true`

			`- name: Check if pritunl user is defined`
			`ansible.builtin.assert:`
			`that:`
			`- input_pritunl_user is defined`
			`fail_msg: "{{ messages.console.error.no_pritunl_user }}"`
			`quiet: true`
			`run_once: true`

			`- name: Check if pritunl email for user is defined`
			`ansible.builtin.assert:`
			`that:`
			`- input_pritunl_email is defined`
			`fail_msg: "{{ messages.console.error.no_pritunl_email }}"`
			`quiet: true`
			`when: input_pritunl_action is not defined or ( input_pritunl_action is defined and input_pritunl_action != "remove" )`
			`run_once: true`

			`tasks:`

			`- block:`

			`- name: --\|\| WAIT FOR SERVER(S) CONNECTION`
			`wait_for_connection:`
			`timeout: '{{ sysop_timeout_connection \| int }}'`
			`when: ansible_connection is defined and ansible_connection != 'local'`

			`- block:`

			`- name: --\|\| ADD PRITUNL VPN USER ({{ input_pritunl_user \| upper }})`
			`community.general.pritunl_user:`
			`pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"`
			`pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET \| b64decode \| replace('\r', '') }}"`
			`pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN \| b64decode \| replace('\r', '') }}"`
			`organization: "{{ input_pritunl_org \| default(platform_pritunl_org_default, true) \| upper }}"`
			`user_name: '{{ input_pritunl_user \| lower }}'`
			`user_email: '{{ input_pritunl_email \| lower }}'`
			`user_disabled: '{{ platform_pritunl_usr_default }}'`
			`user_gravatar: '{{ platform_pritunl_img_default }}'`
			`when: input_pritunl_action is not defined or ( input_pritunl_action is defined and input_pritunl_action == 'add' )`

			`- name: --\|\| REMOVE PRITUNL VPN USER ({{ input_pritunl_user \| upper }})`
			`community.general.pritunl_user:`
			`pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"`
			`pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET \| b64decode \| replace('\r', '') }}"`
			`pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN \| b64decode \| replace('\r', '') }}"`
			`state: absent`
			`organization: "{{ input_pritunl_org \| default(platform_pritunl_org_default, true) \| upper }}"`
			`user_name: '{{ input_pritunl_user \| lower }}'`
			`when: input_pritunl_action is defined and input_pritunl_action == 'remove'`

			`- name: --\|\| ENABLE PRITUNL VPN USER ({{ input_pritunl_user \| upper }})`
			`community.general.pritunl_user:`
			`pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"`
			`pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET \| b64decode \| replace('\r', '') }}"`
			`pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN \| b64decode \| replace('\r', '') }}"`
			`organization: "{{ input_pritunl_org \| default(platform_pritunl_org_default, true) \| upper }}"`
			`user_name: '{{ input_pritunl_user \| lower }}'`
			`user_email: '{{ input_pritunl_email \| lower }}'`
			`user_disabled: false`
			`when: input_pritunl_action is defined and input_pritunl_action == 'enable'`

			`- name: --\|\| DISABLE PRITUNL VPN USER ({{ input_pritunl_user \| upper }})`
			`community.general.pritunl_user:`
			`pritunl_url: "{{ platform_web_protocol }}{{ platform_vpn_server_devs }}:{{ platform_vpn_api_port }}"`
			`pritunl_api_secret: "{{ sops_vars.PRITUNL_SECRET \| b64decode \| replace('\r', '') }}"`
			`pritunl_api_token: "{{ sops_vars.PRITUNL_TOKEN \| b64decode \| replace('\r', '') }}"`
			`organization: "{{ input_pritunl_org \| default(platform_pritunl_org_default, true) \| upper }}"`
			`user_name: '{{ input_pritunl_user \| lower }}'`
			`user_email: '{{ input_pritunl_email \| lower }}'`
			`user_disabled: true`
			`when: input_pritunl_action is defined and input_pritunl_action == 'disable'`

			`when: true`

			`when: true`