serguzim/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor the vault/secrets

Browse source
This commit is contained in:
Tobias Reisinger 2026-02-06 21:41:42 +01:00
parent 11c339ce92
commit 28f2e9a33a
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
32 changed files with 144 additions and 83 deletions
Download patch file Download diff file Expand all files Collapse all files

12
playbooks/roles/woodpecker/defaults/main.yml
View file

@ -1,4 +1,8 @@
---
woodpecker_agent_secret: "{{ undef() }}"
woodpecker_gitea_client: "{{ undef() }}"
woodpecker_gitea_secret: "{{ undef() }}"
woodpecker_svc:
domain: "{{ all_services | service_get_domain(role_name) }}"
port: 8000
@ -17,16 +21,16 @@ woodpecker_env:
WOODPECKER_OPEN: true
WOODPECKER_HOST: https://{{ svc.domain }}
WOODPECKER_ADMIN: serguzim
WOODPECKER_AGENT_SECRET: "{{ vault_woodpecker.agent_secret }}"
WOODPECKER_PROMETHEUS_AUTH_TOKEN: "{{ vault_metrics_token }}"
WOODPECKER_AGENT_SECRET: "{{ woodpecker_agent_secret | mandatory }}"
WOODPECKER_PROMETHEUS_AUTH_TOKEN: "{{ metrics_token | mandatory }}"
WOODPECKER_SERVER: "{{ svc.extra_svcs[0].domain }}:443"
WOODPECKER_GRPC_SECURE: true
WOODPECKER_GITEA: true
WOODPECKER_GITEA_URL: https://git.serguzim.me
WOODPECKER_GITEA_CLIENT: "{{ vault_woodpecker.gitea.client }}"
WOODPECKER_GITEA_SECRET: "{{ vault_woodpecker.gitea.secret }}"
WOODPECKER_GITEA_CLIENT: "{{ woodpecker_gitea_client | mandatory }}"
WOODPECKER_GITEA_SECRET: "{{ woodpecker_gitea_secret | mandatory }}"
WOODPECKER_DATABASE_DRIVER: postgres
WOODPECKER_DATABASE_DATASOURCE: postgres://{{ svc.db.user }}:{{ svc.db.pass }}@{{ svc.db.host }}:{{ svc.db.port }}/{{ svc.db.database }}?sslmode=verify-full