Add secrets to vault files
This commit is contained in:
parent
4da17ee4f5
commit
ab5d357c4d
|
@ -6,3 +6,15 @@ apps_base_domain: "{{ base_domain }}"
|
||||||
apps_local_domain: "{{ local_domain }}"
|
apps_local_domain: "{{ local_domain }}"
|
||||||
|
|
||||||
docker_data_root: "{{ encrypted_fs }}/docker"
|
docker_data_root: "{{ encrypted_fs }}/docker"
|
||||||
|
|
||||||
|
redis_passwords:
|
||||||
|
nextcloud: "{{ vault_redis_passwords.nextcloud }}"
|
||||||
|
|
||||||
|
restic:
|
||||||
|
b2:
|
||||||
|
bucket: "{{ vault_restic.b2.bucket }}"
|
||||||
|
id: "{{ vault_restic.b2.id }}"
|
||||||
|
key: "{{ vault_restic.b2.key }}"
|
||||||
|
repo:
|
||||||
|
path: /restic
|
||||||
|
password: "{{ vault_restic.repo.password }}"
|
||||||
|
|
|
@ -4,5 +4,5 @@
|
||||||
base_domain: sapti.me
|
base_domain: sapti.me
|
||||||
local_domain: local.{{ base_domain }}
|
local_domain: local.{{ base_domain }}
|
||||||
|
|
||||||
db_passwords: "{{ vault_db_passwords }}"
|
db_passwords:
|
||||||
redis_passwords: "{{ vault_redis_passwords }}"
|
nextcloud: "{{ vault_db_passwords.nextcloud }}"
|
||||||
|
|
27
group_vars/production/vault.yml
Normal file
27
group_vars/production/vault.yml
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
33343239393262363334393363663539336235373661646163306638653262633930333531356166
|
||||||
|
3263663133323230633231333035393035633665316437640a363839633338616630376463666633
|
||||||
|
36303231383139346336336664373966643564316238626365303234373862333332653364323838
|
||||||
|
3761326330363730610a386236386464323636313339346366356264303038316138616661623239
|
||||||
|
37666266326662653764353038343661376235303732303633333565663865326335303661383064
|
||||||
|
34616136613064346238623632366136333237346462633762326334393637393437636237313665
|
||||||
|
38303336313232323230336461363537653831356161393130306161333264353662396636616362
|
||||||
|
65636631333738633630393432356333333339306535616534666334356236376137333335383066
|
||||||
|
36323963346436326638386337653164313763653734323532656637613737383638646430663462
|
||||||
|
64663664313639393931613135396662363337366162653631326563613964666430393163316532
|
||||||
|
61323137383462633865356534336163306530303235386637663535393032623062303661633664
|
||||||
|
65336461336531363131666638303030623565616439356133396631363631306664323432363132
|
||||||
|
63663866346566373963386434333738336466656564323865316265363937616136626536313733
|
||||||
|
38653736336132353663633963653064613432393461376561656338636133316330663662383662
|
||||||
|
31643965373062353061623934376138643838346339346661396134643839643434613561326562
|
||||||
|
35656632373234326136353763386337343633356632613265653138653736373766333861396562
|
||||||
|
61353264643332356134346163313334333632353638633334356265623963376636323639323265
|
||||||
|
39353864653732616366306263363937313263373032343636303734396362633236373033626265
|
||||||
|
30366661373638363963643866306634373339353161303166636265666533356239643863393961
|
||||||
|
37663565643832336264366363316432663761326435313963643933656230363831303761346534
|
||||||
|
63303037626139633431643438366431316166383332303333353062356661343036303466663031
|
||||||
|
32366238653863636461353165666630646537356463623637643063383635376235373139366466
|
||||||
|
35613663303633303237363662323930636431626462623831376534626434626531363031333462
|
||||||
|
65656662316233616432336161363630663561653132306365333166643734303838353030323630
|
||||||
|
66323133613638366632326162643532343362393833346630326434323034313634633535393038
|
||||||
|
6534623536626636303766356130303563636531343563616163
|
|
@ -4,5 +4,5 @@
|
||||||
base_domain: staging.sapti.me
|
base_domain: staging.sapti.me
|
||||||
local_domain: local.{{ base_domain }}
|
local_domain: local.{{ base_domain }}
|
||||||
|
|
||||||
db_passwords: "{{ vault_db_passwords }}"
|
db_passwords:
|
||||||
redis_passwords: "{{ vault_redis_passwords }}"
|
nextcloud: "{{ vault_db_passwords.nextcloud }}"
|
||||||
|
|
26
group_vars/staging/vault.yml
Normal file
26
group_vars/staging/vault.yml
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
66323863666335363963383237356566343539656432393166336436313763376634336463303666
|
||||||
|
3861343530313939646466633165353564343062383864390a623464646530636165353838333562
|
||||||
|
37393634643935373839366632383432353335633430613564663664323333643134616566336337
|
||||||
|
6664353035626362380a306462643865326234336563306431626266393339396137336264393733
|
||||||
|
65353139353031333161636333626661376466363433616561323338643065393064313934633236
|
||||||
|
31396437643531313433343732306336633332396434313831396564666162636264343261336466
|
||||||
|
30306134656161356338313838633834663566646530326463366266616434373037333737613063
|
||||||
|
61623338663964316265386433666237326466623936306138663966623033376131333365636230
|
||||||
|
35303163363538613435613262346233393462343763633135396261653335336337326237313739
|
||||||
|
66613461643366663131353731636138666464636566336636646130633166323933306631613236
|
||||||
|
65636633363331356664333934623638313161336632663263323031303836333661623262316562
|
||||||
|
35663930303033356435373235356436356130326165636131346166346566343063633131303537
|
||||||
|
38323033613132393639353666653563386663306364363363303961363563323536343930353463
|
||||||
|
30333362393137313763656636323563363661343539343334386439636638333562326264393063
|
||||||
|
61316363353231656230633464376164623462656333326139396563306334363634326634343034
|
||||||
|
35323436633631396663646262376432663831333430636337333336623061373133313465323366
|
||||||
|
35363434393930613633636139353461393631643032663438343564356565663739376436306564
|
||||||
|
37646438626562393631333238613035643665333730636162616134363464303230393436626662
|
||||||
|
30363038636163366334613464373761633130623338336265336632393437356133613362313235
|
||||||
|
38366138313761386132383666363232643161636330396161323536643365663730386164316437
|
||||||
|
30333463326530356438356364663638663833363366363739643934663665306238393166623839
|
||||||
|
36626230363437646238386431373934396263633033303262626632323930313232636364646234
|
||||||
|
33323264656237393235613230333534613030316361366638636663346533313539386138653331
|
||||||
|
64396362613962323361633366366132666439626264643534663036343934646533656236616538
|
||||||
|
62343161623865643332613039396234623238343532646336346563343131306335
|
|
@ -46,7 +46,6 @@ apps_vars:
|
||||||
version: latest
|
version: latest
|
||||||
|
|
||||||
restic:
|
restic:
|
||||||
repo: /restic
|
|
||||||
extra_tasks: false
|
extra_tasks: false
|
||||||
version: '1.7.0'
|
version: '1.7.0'
|
||||||
|
|
||||||
|
|
|
@ -8,8 +8,8 @@ services:
|
||||||
environment:
|
environment:
|
||||||
RUN_ON_STARTUP: false
|
RUN_ON_STARTUP: false
|
||||||
BACKUP_CRON: 0 0 3 * * *
|
BACKUP_CRON: 0 0 3 * * *
|
||||||
RESTIC_REPOSITORY: b2:{{ restic.b2.bucket }}:{{ restic.repo }}
|
RESTIC_REPOSITORY: b2:{{ restic.b2.bucket }}:{{ restic.repo.path }}
|
||||||
RESTIC_PASSWORD: {{ restic.repo_password }}
|
RESTIC_PASSWORD: {{ restic.repo.password }}
|
||||||
RESTIC_BACKUP_SOURCES: /mnt/volumes
|
RESTIC_BACKUP_SOURCES: /mnt/volumes
|
||||||
RESTIC_BACKUP_ARGS: >-
|
RESTIC_BACKUP_ARGS: >-
|
||||||
--tag docker-volumes
|
--tag docker-volumes
|
||||||
|
@ -36,8 +36,8 @@ services:
|
||||||
environment:
|
environment:
|
||||||
RUN_ON_STARTUP: false
|
RUN_ON_STARTUP: false
|
||||||
PRUNE_CRON: 0 0 4 * * *
|
PRUNE_CRON: 0 0 4 * * *
|
||||||
RESTIC_REPOSITORY: b2:{{ restic.b2.bucket }}:{{ restic.repo }}
|
RESTIC_REPOSITORY: b2:{{ restic.b2.bucket }}:{{ restic.repo.path }}
|
||||||
RESTIC_PASSWORD: {{ restic.repo_password }}
|
RESTIC_PASSWORD: {{ restic.repo.password }}
|
||||||
RESTIC_PRUNE_ARGS: >-
|
RESTIC_PRUNE_ARGS: >-
|
||||||
--verbose
|
--verbose
|
||||||
B2_ACCOUNT_ID: {{ restic.b2.id }}
|
B2_ACCOUNT_ID: {{ restic.b2.id }}
|
||||||
|
@ -50,8 +50,8 @@ services:
|
||||||
environment:
|
environment:
|
||||||
RUN_ON_STARTUP: false
|
RUN_ON_STARTUP: false
|
||||||
CHECK_CRON: 0 0 5 * * *
|
CHECK_CRON: 0 0 5 * * *
|
||||||
RESTIC_REPOSITORY: b2:{{ restic.b2.bucket }}:{{ restic.repo }}
|
RESTIC_REPOSITORY: b2:{{ restic.b2.bucket }}:{{ restic.repo.path }}
|
||||||
RESTIC_PASSWORD: {{ restic.repo_password }}
|
RESTIC_PASSWORD: {{ restic.repo.password }}
|
||||||
RESTIC_CHECK_ARGS: >-
|
RESTIC_CHECK_ARGS: >-
|
||||||
--verbose
|
--verbose
|
||||||
B2_ACCOUNT_ID: {{ restic.b2.id }}
|
B2_ACCOUNT_ID: {{ restic.b2.id }}
|
||||||
|
|
Loading…
Reference in a new issue