Adding Jinja macro for Vault lookup.
Gitea Branch PR & Ansible Deployment / Check and Create PR (push) Successful in 6m4s
Gitea Branch PR & Ansible Deployment / Ansible Lint (push) Failing after 15m39s
Gitea Branch PR & Ansible Deployment / PR Merge (push) Successful in 7m16s
Gitea Branch PR & Ansible Deployment / Ansible Config Deployment (push) Successful in 14m40s

This commit is contained in:
2025-06-13 21:52:09 -04:00
parent 7cf7c4a2aa
commit add421bb81
73 changed files with 191 additions and 114 deletions
@@ -1,3 +1,4 @@
{% import '../macros/rinoa-macros.j2' as vault %}
{% set vault_addr = 'https://vault.trez.wtf' %}
{% set secrets_path = 'rinoa-docker/env' %}
@@ -27,8 +28,8 @@
"clients": [],
"name": "spotify",
"data": {
"clientId": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_ID'] }}",
"clientSecret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}",
"clientId": "{{ vault.vault_secret('env', 'YOUR_SPOTIFY_ID') }}",
"clientSecret": "{{ vault.vault_secret('env', 'YOUR_SPOTIFY_SECRET') }}",
"redirectUri": "http://localhost:9078/callback"
}
},
@@ -38,8 +39,8 @@
"clients": [],
"name": "lastfm",
"data": {
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
"secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
"apiKey": "{{ vault.vault_secret('env', 'LASTFM_API_KEY') }}",
"secret": "{{ vault.vault_secret('env', 'LASTFM_API_SECRET') }}",
"redirectUri": "http://localhost:9078/lastfm/callback"
}
},
@@ -49,7 +50,7 @@
"clients": [],
"name": "listenBrainz",
"data": {
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
"token": "{{ vault.vault_secret('env', 'MALOJA_LISTENBRAINZ_TOKEN') }}",
"username": "Trez.One"
}
},
@@ -61,7 +62,7 @@
"data": {
"url": "http://navidrome:4533",
"user": "admin",
"password": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NAVIDROME_PASSWORD'] }}"
"password": "{{ vault.vault_secret('env', 'NAVIDROME_PASSWORD') }}"
}
}
],
@@ -71,8 +72,8 @@
"enable": true,
"name": "lastFmClient",
"data": {
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
"secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
"apiKey": "{{ vault.vault_secret('env', 'LASTFM_API_KEY') }}",
"secret": "{{ vault.vault_secret('env', 'LASTFM_API_SECRET') }}",
"redirectUri": "http://localhost:9078/lastfm/callback"
}
},
@@ -81,7 +82,7 @@
"enable": true,
"name": "ListenBrainzClient",
"data": {
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
"token": "{{ vault.vault_secret('env', 'MALOJA_LISTENBRAINZ_TOKEN') }}",
"username": "Trez.One"
}
},
@@ -91,7 +92,7 @@
"name": "maloja",
"data": {
"url": "http://maloja:42010",
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_API_KEY'] }}"
"apiKey": "{{ vault.vault_secret('env', 'MALOJA_API_KEY') }}"
}
}
],
@@ -100,7 +101,7 @@
"name": "Gotify",
"type": "gotify",
"url": "http://gotify",
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MULTI_SCROBBLER_GOTIFY_TOKEN'] }}",
"token": "{{ vault.vault_secret('env', 'MULTI_SCROBBLER_GOTIFY_TOKEN') }}",
"priorities": {
"info": 5,
"warn": 7,