Ajouter synology_dsm_upgrade_api.yml
This commit is contained in:
parent
41a8fd28d6
commit
95d4f735d2
|
|
@ -0,0 +1,146 @@
|
||||||
|
---
|
||||||
|
- name: Synology DSM - déclencher une mise à jour via l'API DSM
|
||||||
|
hosts: synology
|
||||||
|
gather_facts: false
|
||||||
|
|
||||||
|
vars:
|
||||||
|
# --- Connexion DSM ---
|
||||||
|
syno_scheme: "https"
|
||||||
|
syno_port: 5001
|
||||||
|
syno_verify_ssl: false # mets true si tu as un certificat OK
|
||||||
|
syno_user: "{{ vault_syno_user | default(omit) }}"
|
||||||
|
syno_pass: "{{ vault_syno_pass | default(omit) }}"
|
||||||
|
syno_session: "DSM" # session DSM (souvent OK)
|
||||||
|
|
||||||
|
# --- Upgrade API ---
|
||||||
|
# Les méthodes peuvent varier: ajuste si besoin (après tests)
|
||||||
|
upgrade_check_method: "check" # parfois: "status" / "get"
|
||||||
|
upgrade_start_method: "start"
|
||||||
|
|
||||||
|
# --- Sécurité ---
|
||||||
|
refuse_if_no_upgrade_api: true # si true: on échoue si SYNO.Core.Upgrade absent
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: Construire base_url
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
base_url: "{{ syno_scheme }}://{{ inventory_hostname }}:{{ syno_port }}"
|
||||||
|
|
||||||
|
# 1) Découverte des APIs (paths & versions) via SYNO.API.Info
|
||||||
|
- name: Discover SYNO.API.Auth & SYNO.Core.Upgrade via SYNO.API.Info
|
||||||
|
ansible.builtin.uri:
|
||||||
|
url: >-
|
||||||
|
{{ base_url }}/webapi/entry.cgi
|
||||||
|
?api=SYNO.API.Info&version=1&method=query
|
||||||
|
&query=SYNO.API.Auth,SYNO.Core.Upgrade
|
||||||
|
method: GET
|
||||||
|
return_content: true
|
||||||
|
validate_certs: "{{ syno_verify_ssl }}"
|
||||||
|
register: api_info
|
||||||
|
failed_when: api_info.json.success is not defined or api_info.json.success != true
|
||||||
|
|
||||||
|
- name: Extraire info Auth/Upgrade
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
auth_info: "{{ api_info.json.data['SYNO.API.Auth'] | default({}) }}"
|
||||||
|
upgrade_info: "{{ api_info.json.data['SYNO.Core.Upgrade'] | default({}) }}"
|
||||||
|
|
||||||
|
- name: Fail si SYNO.Core.Upgrade absent (optionnel)
|
||||||
|
ansible.builtin.fail:
|
||||||
|
msg: >-
|
||||||
|
L'API SYNO.Core.Upgrade n'est pas exposée sur ce NAS via /webapi.
|
||||||
|
Solution de repli: déclenchement via SSH (synoupgrade) ou mise à jour manuelle DSM.
|
||||||
|
when:
|
||||||
|
- refuse_if_no_upgrade_api | bool
|
||||||
|
- (upgrade_info | length) == 0
|
||||||
|
|
||||||
|
- name: Définir chemins et versions max
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
auth_path: "{{ auth_info.path | default('auth.cgi') }}"
|
||||||
|
auth_ver: "{{ auth_info.maxVersion | default(7) }}"
|
||||||
|
upgrade_path: "{{ upgrade_info.path | default('entry.cgi') }}"
|
||||||
|
upgrade_ver: "{{ upgrade_info.maxVersion | default(1) }}"
|
||||||
|
|
||||||
|
# 2) Login -> SID
|
||||||
|
- name: Login DSM API (SYNO.API.Auth)
|
||||||
|
ansible.builtin.uri:
|
||||||
|
url: "{{ base_url }}/webapi/{{ auth_path }}"
|
||||||
|
method: GET
|
||||||
|
validate_certs: "{{ syno_verify_ssl }}"
|
||||||
|
return_content: true
|
||||||
|
status_code: 200
|
||||||
|
url_parameters:
|
||||||
|
api: "SYNO.API.Auth"
|
||||||
|
version: "{{ auth_ver }}"
|
||||||
|
method: "login"
|
||||||
|
account: "{{ syno_user }}"
|
||||||
|
passwd: "{{ syno_pass }}"
|
||||||
|
session: "{{ syno_session }}"
|
||||||
|
format: "sid"
|
||||||
|
register: login
|
||||||
|
failed_when: login.json.success != true
|
||||||
|
|
||||||
|
- name: Enregistrer SID
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
sid: "{{ login.json.data.sid }}"
|
||||||
|
|
||||||
|
# 3) (Optionnel) Check update (si la méthode existe)
|
||||||
|
- name: Check DSM update readiness (best effort)
|
||||||
|
ansible.builtin.uri:
|
||||||
|
url: "{{ base_url }}/webapi/{{ upgrade_path }}"
|
||||||
|
method: GET
|
||||||
|
validate_certs: "{{ syno_verify_ssl }}"
|
||||||
|
return_content: true
|
||||||
|
status_code: 200
|
||||||
|
url_parameters:
|
||||||
|
api: "SYNO.Core.Upgrade"
|
||||||
|
version: "{{ upgrade_ver }}"
|
||||||
|
method: "{{ upgrade_check_method }}"
|
||||||
|
_sid: "{{ sid }}"
|
||||||
|
register: upgrade_check
|
||||||
|
failed_when: false
|
||||||
|
|
||||||
|
- name: Debug check result (utile pour ajuster upgrade_check_method)
|
||||||
|
ansible.builtin.debug:
|
||||||
|
var: upgrade_check.json
|
||||||
|
|
||||||
|
# 4) Start upgrade (l'update est supposée déjà téléchargée / prête)
|
||||||
|
- name: Start DSM upgrade (SYNO.Core.Upgrade)
|
||||||
|
ansible.builtin.uri:
|
||||||
|
url: "{{ base_url }}/webapi/{{ upgrade_path }}"
|
||||||
|
method: GET
|
||||||
|
validate_certs: "{{ syno_verify_ssl }}"
|
||||||
|
return_content: true
|
||||||
|
status_code: 200
|
||||||
|
url_parameters:
|
||||||
|
api: "SYNO.Core.Upgrade"
|
||||||
|
version: "{{ upgrade_ver }}"
|
||||||
|
method: "{{ upgrade_start_method }}"
|
||||||
|
_sid: "{{ sid }}"
|
||||||
|
register: upgrade_start
|
||||||
|
|
||||||
|
- name: Fail si start a échoué
|
||||||
|
ansible.builtin.fail:
|
||||||
|
msg: >-
|
||||||
|
Echec du démarrage upgrade DSM via API.
|
||||||
|
Réponse: {{ upgrade_start.json | to_nice_json }}
|
||||||
|
when: upgrade_start.json.success != true
|
||||||
|
|
||||||
|
- name: Afficher résultat start
|
||||||
|
ansible.builtin.debug:
|
||||||
|
var: upgrade_start.json
|
||||||
|
|
||||||
|
# 5) Logout
|
||||||
|
- name: Logout DSM API
|
||||||
|
ansible.builtin.uri:
|
||||||
|
url: "{{ base_url }}/webapi/{{ auth_path }}"
|
||||||
|
method: GET
|
||||||
|
validate_certs: "{{ syno_verify_ssl }}"
|
||||||
|
return_content: true
|
||||||
|
status_code: 200
|
||||||
|
url_parameters:
|
||||||
|
api: "SYNO.API.Auth"
|
||||||
|
version: "{{ auth_ver }}"
|
||||||
|
method: "logout"
|
||||||
|
session: "{{ syno_session }}"
|
||||||
|
_sid: "{{ sid }}"
|
||||||
|
register: logout
|
||||||
|
failed_when: false
|
||||||
Loading…
Reference in New Issue