From 38e4bb50be2c92defc114b090754fdb75b6a05d5 Mon Sep 17 00:00:00 2001 From: Alex Kotov Date: Thu, 22 Oct 2020 14:33:23 +0500 Subject: [PATCH] Add credentials --- bin/extra_opts.sh | 2 +- host_vars/website.fedihub.com.yml | 22 ++++++++++++++++++++++ roles/website/vars/main.yml | 3 +++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/bin/extra_opts.sh b/bin/extra_opts.sh index eed509b..9102e2b 100644 --- a/bin/extra_opts.sh +++ b/bin/extra_opts.sh @@ -16,7 +16,7 @@ fi extra_opts="--extra-vars admin=$admin" -for vault_id in kotovalexarian xuhcc postgres matrix +for vault_id in kotovalexarian xuhcc postgres website matrix do if [ -f "$ROOT/secrets/$vault_id" ]; then extra_opts="$extra_opts --vault-id $vault_id@$ROOT/secrets/$vault_id" diff --git a/host_vars/website.fedihub.com.yml b/host_vars/website.fedihub.com.yml index 27ff5af..52ebcc3 100644 --- a/host_vars/website.fedihub.com.yml +++ b/host_vars/website.fedihub.com.yml @@ -40,3 +40,25 @@ fedihub__website__port: 8000 fedihub__website__public_dir: '/opt/fedihub/website/public' fedihub__website__nginx__ssl_cert: '/etc/letsencrypt/live/website.fedihub.com/fullchain.pem' fedihub__website__nginx__ssl_key: '/etc/letsencrypt/live/website.fedihub.com/privkey.pem' + +fedihub__website__database_url: !vault | + $ANSIBLE_VAULT;1.2;AES256;website + 34313536366233303638383531663233626435626633353336326363666235383361653062363138 + 6231343665623163393632353963343965323239643163350a306334333565633336396438633362 + 64633537666335353539303836323136636365333937643462636530376266333763376234323533 + 3138386238346635310a386439616563663766326133373065366239623336663339336432636339 + 63383734623634343661613466383030393336366563313663623630643064373566626532303638 + 61343931323532363635373831646533353135323566623963396239623834653038306139323734 + 31323465623038633233613733656530613231633266366130313532636535663764613664376635 + 62623536653530333338363463363336306136376535323362383634663932323630353163373530 + 65396363616564613365303864363532626638396563313835623739633733636265626332393330 + 3137656231616432663134383766356231363537343632653566 + +fedihub__website__secret_key: !vault | + $ANSIBLE_VAULT;1.2;AES256;website + 38663838386266363362653033666632626331646236363736343433373430353933383739386264 + 6132633537653738666134356439663366626334333432350a653534303039646563363133646161 + 61643237383966313432346564363063383035653566333337303534613734353032653939366462 + 3264393031646462350a373833646364363837356233643137386466653830356631346130346363 + 33333863613363646134363630613339343738613465313164333966383131383836323333653531 + 3534613837643261613436653263393864643762656138363533 diff --git a/roles/website/vars/main.yml b/roles/website/vars/main.yml index 4f26c72..db2c8e6 100644 --- a/roles/website/vars/main.yml +++ b/roles/website/vars/main.yml @@ -8,3 +8,6 @@ fedihub__website__src_dir: '/opt/fedihub/website' fedihub__website__bin_path: '/opt/fedihub/website/target/release/fedihub-website' fedihub__website__service_file: '/etc/systemd/system/{{ fedihub__website__service }}.service' + +fedihub__website__database_url: '' +fedihub__website__secret_key: 'AQBtboLMg6SkvabJodunoFwsv8F3VgzRKaL8PdEHSkQ='