[ANSIBLE] Automated PR for ansible-vault-lookup-macro_2025-06-13T20-30-24 - #74 #74
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -9,7 +10,7 @@ http:
|
||||
session_ttl: 720h
|
||||
users:
|
||||
- name: admin
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ADGUARD_BCRYPT'] }}
|
||||
password: {{ vault.vault_secret('env', 'ADGUARD_BCRYPT') }}
|
||||
auth_attempts: 5
|
||||
block_auth_min: 15
|
||||
http_proxy: ""
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
urls:
|
||||
- gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['APPRISE_GOTIFY_TOKEN'] }}
|
||||
- mailto://{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}:{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}@trez.wtf25?smtp=postal-smtp&from=noreply@trez.wtf
|
||||
- gotify://gotify/{{ vault.vault_secret('env', 'APPRISE_GOTIFY_TOKEN') }}
|
||||
- mailto://{{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_USER') }}:{{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_PASSWORD') }}@trez.wtf25?smtp=postal-smtp&from=noreply@trez.wtf
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -64,11 +65,11 @@ authentication_backend:
|
||||
mail: mail
|
||||
display_name: displayName
|
||||
user: uid=authelia,ou=people,dc=trez,dc=wtf
|
||||
password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_AUTH_BIND_LDAP_PASSWORD'] }}'
|
||||
password: '{{ vault.vault_secret('env', 'AUTHELIA_AUTH_BIND_LDAP_PASSWORD') }}'
|
||||
refresh_interval: 5m
|
||||
identity_validation:
|
||||
reset_password:
|
||||
jwt_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_JWT_SECRET'] }}'
|
||||
jwt_secret: '{{ vault.vault_secret('env', 'AUTHELIA_JWT_SECRET') }}'
|
||||
password_policy:
|
||||
standard:
|
||||
enabled: true
|
||||
@@ -104,7 +105,7 @@ access_control:
|
||||
- ['user:the.trezured.one']
|
||||
session:
|
||||
name: authelia_session
|
||||
secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_SESSION_SECRET'] }}'
|
||||
secret: '{{ vault.vault_secret('env', 'AUTHELIA_SESSION_SECRET') }}'
|
||||
expiration: 1h
|
||||
inactivity: 5m
|
||||
remember_me: 1M
|
||||
@@ -115,12 +116,12 @@ session:
|
||||
host: redis
|
||||
port: 6379
|
||||
storage:
|
||||
encryption_key: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_STORAGE_ENCRYPTION_KEY'] }}'
|
||||
encryption_key: '{{ vault.vault_secret('env', 'AUTHELIA_STORAGE_ENCRYPTION_KEY') }}'
|
||||
postgres:
|
||||
address: 'tcp://authelia-pg:5432'
|
||||
database: authelia
|
||||
username: authelia
|
||||
password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_STORAGE_POSTGRES_PASSWORD'] }}'
|
||||
password: '{{ vault.vault_secret('env', 'AUTHELIA_STORAGE_POSTGRES_PASSWORD') }}'
|
||||
timeout: '5s'
|
||||
regulation:
|
||||
max_retries: 3
|
||||
@@ -131,8 +132,8 @@ notifier:
|
||||
smtp:
|
||||
address: 'smtp://postal-smtp:25'
|
||||
timeout: '5s'
|
||||
username: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}'
|
||||
password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}'
|
||||
username: '{{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_USER') }}'
|
||||
password: '{{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_PASSWORD') }}'
|
||||
sender: "Authelia <noreply@trez.wtf>"
|
||||
identifier: 'localhost'
|
||||
subject: "[Authelia] {title}"
|
||||
@@ -142,7 +143,7 @@ notifier:
|
||||
disable_html_emails: false
|
||||
identity_providers:
|
||||
oidc:
|
||||
hmac_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_OIDC_HMAC_SECRET'] }}'
|
||||
hmac_secret: '{{ vault.vault_secret('env', 'AUTHELIA_OIDC_HMAC_SECRET') }}'
|
||||
jwks:
|
||||
- key: |
|
||||
{{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_KEY"] | replace("\\n", "\n") | indent(10) }}
|
||||
@@ -157,7 +158,7 @@ identity_providers:
|
||||
clients:
|
||||
- client_id: 'netbird'
|
||||
client_name: 'NetBird'
|
||||
client_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_NETBIRD_CLIENT_SECRET'] }}'
|
||||
client_secret: '{{ vault.vault_secret('env', 'AUTHELIA_NETBIRD_CLIENT_SECRET') }}'
|
||||
public: false
|
||||
authorization_policy: 'two_factor'
|
||||
redirect_uris:
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
source: journalctl
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
common:
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
url: http://0.0.0.0:8080
|
||||
login: localhost
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['CROWDSEC_LOCAL_API_KEY'] }}
|
||||
password: {{ vault.vault_secret('env', 'CROWDSEC_LOCAL_API_KEY') }}
|
||||
@@ -1,6 +1,7 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
url: https://api.crowdsec.net/
|
||||
login: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['CROWDSEC_ONLINE_PASSWORD'] }}
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['CROWDSEC_ONLINE_PASSWORD'] }}
|
||||
login: {{ vault.vault_secret('env', 'CROWDSEC_ONLINE_PASSWORD') }}
|
||||
password: {{ vault.vault_secret('env', 'CROWDSEC_ONLINE_PASSWORD') }}
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -9,7 +10,7 @@
|
||||
"host" : "mariadb",
|
||||
"port" : 3306,
|
||||
"user" : "ghost",
|
||||
"password" : "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GHOST_DB_PASSWORD'] }}",
|
||||
"password" : "{{ vault.vault_secret('env', 'GHOST_DB_PASSWORD') }}",
|
||||
"database" : "ghost_db"
|
||||
}
|
||||
},
|
||||
@@ -21,8 +22,8 @@
|
||||
"port": 25,
|
||||
"secure": false,
|
||||
"auth": {
|
||||
"user": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}",
|
||||
"pass": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}"
|
||||
"user": "{{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_USER') }}",
|
||||
"pass": "{{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_PASSWORD') }}"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
# Example configuration file, it's safe to copy this as the default config file without any modification.
|
||||
|
||||
# You don't have to copy this file to your instance,
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -27,7 +28,7 @@ DISABLE_SSH = false
|
||||
SSH_PORT = 22
|
||||
SSH_LISTEN_PORT = 22
|
||||
LFS_START_SERVER = true
|
||||
LFS_JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_LFS_JWT_SECRET'] }}
|
||||
LFS_JWT_SECRET = {{ vault.vault_secret('env', 'GITEA_LFS_JWT_SECRET') }}
|
||||
OFFLINE_MODE = true
|
||||
|
||||
[database]
|
||||
@@ -36,7 +37,7 @@ DB_TYPE = postgres
|
||||
HOST = gitea-db:5432
|
||||
NAME = gitea
|
||||
USER = gitea
|
||||
PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_PG_DB_PASSWORD'] }}
|
||||
PASSWD = {{ vault.vault_secret('env', 'GITEA_PG_DB_PASSWORD') }}
|
||||
LOG_SQL = false
|
||||
SCHEMA =
|
||||
SSL_MODE = disable
|
||||
@@ -70,7 +71,7 @@ INSTALL_LOCK = true
|
||||
SECRET_KEY =
|
||||
REVERSE_PROXY_LIMIT = 1
|
||||
REVERSE_PROXY_TRUSTED_PROXIES = *
|
||||
INTERNAL_TOKEN = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_INTERNAL_TOKEN'] }}
|
||||
INTERNAL_TOKEN = {{ vault.vault_secret('env', 'GITEA_INTERNAL_TOKEN') }}
|
||||
PASSWORD_HASH_ALGO = pbkdf2
|
||||
|
||||
[service]
|
||||
@@ -89,7 +90,7 @@ NO_REPLY_ADDRESS = noreply@trez.wtf
|
||||
PATH = /data/git/lfs
|
||||
|
||||
[mailer]
|
||||
PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}
|
||||
PASSWD = {{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_PASSWORD') }}
|
||||
PROTOCOL = smtp
|
||||
ENABLED = true
|
||||
FROM = '"Gitea" <noreply@trez.wtf>'
|
||||
@@ -112,7 +113,7 @@ DEFAULT_MERGE_STYLE = merge
|
||||
DEFAULT_TRUST_MODEL = committer
|
||||
|
||||
[oauth2]
|
||||
JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_OAUTH2_JWT_SECRET'] }}
|
||||
JWT_SECRET = {{ vault.vault_secret('env', 'GITEA_OAUTH2_JWT_SECRET') }}
|
||||
|
||||
[ui]
|
||||
THEMES =
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -9,7 +10,7 @@ gitea:
|
||||
# Created access token for the user that shall be used as bot account.
|
||||
# User needs "Read project" permissions with access to "Pull Requests"
|
||||
token:
|
||||
value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_TOKEN'] }}"
|
||||
value: "{{ vault.vault_secret('env', 'GITEA_SONARQUBE_BOT_GITEA_TOKEN') }}"
|
||||
# # or path to file containing the plain text secret
|
||||
# file: /path/to/gitea/token
|
||||
|
||||
@@ -18,7 +19,7 @@ gitea:
|
||||
# The bot looks for `X-Gitea-Signature` header containing the sha256 hmac hash of the plain text secret. If the header
|
||||
# exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be validated.
|
||||
webhook:
|
||||
secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_WEBHOOK_SECRET'] }}"
|
||||
secret: "{{ vault.vault_secret('env', 'GITEA_SONARQUBE_BOT_GITEA_WEBHOOK_SECRET') }}"
|
||||
# # or path to file containing the plain text secret
|
||||
# secretFile: /path/to/gitea/webhook/secret
|
||||
|
||||
@@ -35,7 +36,7 @@ sonarqube:
|
||||
# Created access token for the user that shall be used as bot account.
|
||||
# User needs "Browse on project" permissions
|
||||
token:
|
||||
value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_SQUBE_TOKEN'] }}"
|
||||
value: "{{ vault.vault_secret('env', 'GITEA_SONARQUBE_BOT_SQUBE_TOKEN') }}"
|
||||
# # or path to file containing the plain text secret
|
||||
# file: /path/to/sonarqube/token
|
||||
|
||||
@@ -45,7 +46,7 @@ sonarqube:
|
||||
# If the header exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be
|
||||
# validated.
|
||||
webhook:
|
||||
secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_SQUBE_WEBHOOK_SECRET'] }}"
|
||||
secret: "{{ vault.vault_secret('env', 'GITEA_SONARQUBE_BOT_SQUBE_WEBHOOK_SECRET') }}"
|
||||
# # or path to file containing the plain text secret
|
||||
# secretFile: /path/to/sonarqube/webhook/secret
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
storage:
|
||||
backend: s3
|
||||
s3:
|
||||
bucket_name: pyroscope
|
||||
endpoint: minio:9000
|
||||
region: us-east-fh-pln
|
||||
access_key_id: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_PYROSCOPE_STORAGE_ACCESS_KEY'] }}
|
||||
secret_access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_PYROSCOPE_STORAGE_SECRET_KEY'] }}
|
||||
access_key_id: {{ vault.vault_secret('env', 'MINIO_PYROSCOPE_STORAGE_ACCESS_KEY') }}
|
||||
secret_access_key: {{ vault.vault_secret('env', 'MINIO_PYROSCOPE_STORAGE_SECRET_KEY') }}
|
||||
insecure: true
|
||||
|
||||
analytics:
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -46,8 +47,8 @@ storage:
|
||||
s3:
|
||||
bucket: tempo # how to store data in s3
|
||||
endpoint: minio:9000
|
||||
access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_TEMPO_STORAGE_ACCESS_KEY'] }}
|
||||
secret_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_TEMPO_STORAGE_SECRET_KEY'] }}
|
||||
access_key: {{ vault.vault_secret('env', 'MINIO_TEMPO_STORAGE_ACCESS_KEY') }}
|
||||
secret_key: {{ vault.vault_secret('env', 'MINIO_TEMPO_STORAGE_SECRET_KEY') }}
|
||||
insecure: true
|
||||
|
||||
usage_report:
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -29,5 +30,5 @@
|
||||
widget:
|
||||
type: homeassistant
|
||||
url: http://192.168.1.252:8123
|
||||
key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['HOMEPAGE_HOME_ASSISTANT_API_KEY'] }}
|
||||
key: {{ vault.vault_secret('env', 'HOMEPAGE_HOME_ASSISTANT_API_KEY') }}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -6,7 +7,7 @@
|
||||
# https://gethomepage.dev/en/configs/settings
|
||||
|
||||
providers:
|
||||
openweathermap: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['HOMEPAGE_OPENWEATHERMAP_API_KEY'] }}
|
||||
openweathermap: {{ vault.vault_secret('env', 'HOMEPAGE_OPENWEATHERMAP_API_KEY') }}
|
||||
# weatherapi: weatherapiapikey
|
||||
title: Rinoa Dashboard (trez.WTF)
|
||||
headerStyle: underlined
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -16,7 +17,7 @@ db:
|
||||
host: invidious-db
|
||||
port: 5432
|
||||
dbname: invidious
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_PG_DB_PASSWORD'] }}
|
||||
password: {{ vault.vault_secret('env', 'INVID_PG_DB_PASSWORD') }}
|
||||
|
||||
##
|
||||
## Database configuration using a single URI. This is an
|
||||
@@ -210,8 +211,8 @@ https_only: false
|
||||
## Accepted values: String
|
||||
## Default: <none>
|
||||
##
|
||||
po_token: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_PO_TOKEN'] }}
|
||||
visitor_data: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_VISITOR_DATA'] }}
|
||||
po_token: {{ vault.vault_secret('env', 'INVID_PO_TOKEN') }}
|
||||
visitor_data: {{ vault.vault_secret('env', 'INVID_VISITOR_DATA') }}
|
||||
|
||||
# -----------------------------
|
||||
# Logging
|
||||
@@ -471,7 +472,7 @@ jobs:
|
||||
## Accepted values: a string
|
||||
## Default: <none>
|
||||
##
|
||||
hmac_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_HMAC_KEY'] }}
|
||||
hmac_key: {{ vault.vault_secret('env', 'INVID_HMAC_KEY') }}
|
||||
|
||||
##
|
||||
## List of video IDs where the "download" widget must be
|
||||
|
||||
@@ -1,9 +1,10 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
# IN application vars
|
||||
IN_APP_URL=https://biz.trez.wtf
|
||||
IN_APP_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_APP_KEY'] }}
|
||||
IN_APP_KEY={{ vault.vault_secret('env', 'IN_APP_KEY') }}
|
||||
IN_APP_DEBUG=true
|
||||
IN_REQUIRE_HTTPS=false
|
||||
IN_PHANTOMJS_PDF_GENERATION=false
|
||||
@@ -18,7 +19,7 @@ IN_DB_HOST=mariadb
|
||||
IN_DB_PORT=3306
|
||||
IN_DB_DATABASE=invoice_ninja
|
||||
IN_DB_USERNAME=ininja
|
||||
IN_DB_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_MYSQL_PASSWORD'] }}
|
||||
IN_DB_PASSWORD={{ vault.vault_secret('env', 'IN_MYSQL_PASSWORD') }}
|
||||
|
||||
# Create initial user
|
||||
# Default to these values if empty
|
||||
@@ -31,8 +32,8 @@ IN_PASSWORD=
|
||||
IN_MAIL_MAILER=log
|
||||
IN_MAIL_HOST=postal-smtp
|
||||
IN_MAIL_PORT=25
|
||||
IN_MAIL_USERNAME={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}
|
||||
IN_MAIL_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}
|
||||
IN_MAIL_USERNAME={{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_USER') }}
|
||||
IN_MAIL_PASSWORD={{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_PASSWORD') }}
|
||||
IN_MAIL_ENCRYPTION=null
|
||||
IN_MAIL_FROM_ADDRESS='noreply@trez.wtf'
|
||||
IN_MAIL_FROM_NAME='Treasured IT'
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -17,7 +18,7 @@
|
||||
HOST=localhost
|
||||
PORT=3080
|
||||
|
||||
MONGO_URI=mongodb://librechat:{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_MONGODB_PASSWORD'] }}@mongodb:27017/librechat?replicaSet=rinoa
|
||||
MONGO_URI=mongodb://librechat:{{ vault.vault_secret('env', 'LIBRECHAT_MONGODB_PASSWORD') }}@mongodb:27017/librechat?replicaSet=rinoa
|
||||
|
||||
DOMAIN_CLIENT=https://ai.trez.wtf
|
||||
DOMAIN_SERVER=https://ai.trez.wtf
|
||||
@@ -73,12 +74,12 @@ PROXY=
|
||||
# ANYSCALE_API_KEY=
|
||||
# APIPIE_API_KEY=
|
||||
# COHERE_API_KEY=
|
||||
DEEPSEEK_API_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_DEEPSEEK_API_KEY'] }}
|
||||
DEEPSEEK_API_KEY={{ vault.vault_secret('env', 'LIBRECHAT_DEEPSEEK_API_KEY') }}
|
||||
# DATABRICKS_API_KEY=
|
||||
# FIREWORKS_API_KEY=
|
||||
# GROQ_API_KEY=
|
||||
# HUGGINGFACE_TOKEN=
|
||||
MISTRAL_API_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_MISTRAL_API_KEY'] }}
|
||||
MISTRAL_API_KEY={{ vault.vault_secret('env', 'LIBRECHAT_MISTRAL_API_KEY') }}
|
||||
# OPENROUTER_KEY=
|
||||
# PERPLEXITY_API_KEY=
|
||||
# SHUTTLEAI_API_KEY=
|
||||
@@ -90,7 +91,7 @@ MISTRAL_API_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_m
|
||||
# Anthropic #
|
||||
#============#
|
||||
|
||||
ANTHROPIC_API_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_ANTHROPIC_API_KEY'] }}
|
||||
ANTHROPIC_API_KEY={{ vault.vault_secret('env', 'LIBRECHAT_ANTHROPIC_API_KEY') }}
|
||||
ANTHROPIC_MODELS=claude-3-7-sonnet-latest,claude-3-7-sonnet-20250219,claude-3-5-haiku-20241022,claude-3-5-sonnet-20241022,claude-3-5-sonnet-latest,claude-3-5-sonnet-20240620,claude-3-opus-20240229,claude-3-sonnet-20240229,claude-3-haiku-20240307,claude-2.1,claude-2,claude-1.2,claude-1,claude-1-100k,claude-instant-1,claude-instant-1-100k
|
||||
# ANTHROPIC_REVERSE_PROXY=
|
||||
|
||||
@@ -177,7 +178,7 @@ ANTHROPIC_MODELS=claude-3-7-sonnet-latest,claude-3-7-sonnet-20250219,claude-3-5-
|
||||
# OpenAI #
|
||||
#============#
|
||||
|
||||
OPENAI_API_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_OPENAI_API_KEY'] }}
|
||||
OPENAI_API_KEY={{ vault.vault_secret('env', 'LIBRECHAT_OPENAI_API_KEY') }}
|
||||
OPENAI_MODELS=o1,o1-mini,o1-preview,gpt-4o,chatgpt-4o-latest,gpt-4o-mini,gpt-3.5-turbo-0125,gpt-3.5-turbo-0301,gpt-3.5-turbo,gpt-4,gpt-4-0613,gpt-4-vision-preview,gpt-3.5-turbo-0613,gpt-3.5-turbo-16k-0613,gpt-4-0125-preview,gpt-4-turbo-preview,gpt-4-1106-preview,gpt-3.5-turbo-1106,gpt-3.5-turbo-instruct,gpt-3.5-turbo-instruct-0914,gpt-3.5-turbo-16k
|
||||
|
||||
DEBUG_OPENAI=false
|
||||
@@ -226,8 +227,8 @@ DEBUG_OPENAI=false
|
||||
|
||||
# DEBUG_PLUGINS=
|
||||
|
||||
CREDS_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_CREDS_KEY'] }}
|
||||
CREDS_IV={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_CREDS_IV'] }}
|
||||
CREDS_KEY={{ vault.vault_secret('env', 'LIBRECHAT_CREDS_KEY') }}
|
||||
CREDS_IV={{ vault.vault_secret('env', 'LIBRECHAT_CREDS_IV') }}
|
||||
|
||||
# Azure AI Search
|
||||
#-----------------
|
||||
@@ -298,7 +299,7 @@ ZAPIER_NLA_API_KEY=
|
||||
SEARCH=true
|
||||
MEILI_NO_ANALYTICS=true
|
||||
MEILI_HOST=http://meilisearch:7700
|
||||
MEILI_MASTER_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MEILISEARCH_MASTER_KEY'] }}
|
||||
MEILI_MASTER_KEY={{ vault.vault_secret('env', 'MEILISEARCH_MASTER_KEY') }}
|
||||
|
||||
# Optional: Disable indexing, useful in a multi-node setup
|
||||
# where only one instance should perform an index sync.
|
||||
@@ -384,8 +385,8 @@ ALLOW_UNVERIFIED_EMAIL_LOGIN=true
|
||||
SESSION_EXPIRY=1000 * 60 * 15
|
||||
REFRESH_TOKEN_EXPIRY=(1000 * 60 * 60 * 24) * 7
|
||||
|
||||
JWT_SECRET={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_JWT_SECRET'] }}
|
||||
JWT_REFRESH_SECRET={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIBRECHAT_JWT_REFRESH_SECRET'] }}
|
||||
JWT_SECRET={{ vault.vault_secret('env', 'LIBRECHAT_JWT_SECRET') }}
|
||||
JWT_REFRESH_SECRET={{ vault.vault_secret('env', 'LIBRECHAT_JWT_REFRESH_SECRET') }}
|
||||
|
||||
|
||||
# Discord
|
||||
@@ -547,4 +548,4 @@ USE_REDIS=true
|
||||
#=====================================================#
|
||||
# OpenWeather #
|
||||
#=====================================================#
|
||||
OPENWEATHER_API_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['HOMEPAGE_OPENWEATHERMAP_API_KEY'] }}
|
||||
OPENWEATHER_API_KEY={{ vault.vault_secret('env', 'HOMEPAGE_OPENWEATHERMAP_API_KEY') }}
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
version: 1.0.0
|
||||
endpoints:
|
||||
custom:
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -7,7 +8,7 @@
|
||||
<SslPort>6868</SslPort>
|
||||
<EnableSsl>False</EnableSsl>
|
||||
<LaunchBrowser>True</LaunchBrowser>
|
||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }}</ApiKey>
|
||||
<ApiKey>{{ vault.vault_secret('env', 'LIDARR_API_KEY') }}</ApiKey>
|
||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
||||
<Branch>master</Branch>
|
||||
<LogLevel>trace</LogLevel>
|
||||
|
||||
@@ -1,13 +1,14 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
{
|
||||
"lidarr_address": "http://lidarr:8686",
|
||||
"lidarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }}",
|
||||
"spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}",
|
||||
"lidarr_api_key": "{{ vault.vault_secret('env', 'LIDARR_API_KEY') }}",
|
||||
"spotify_client_secret": "{{ vault.vault_secret('env', 'YOUR_SPOTIFY_SECRET') }}",
|
||||
"root_folder_path": "/data/media/music",
|
||||
"spotify_client_id": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_ID'] }}",
|
||||
"spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}",
|
||||
"spotify_client_id": "{{ vault.vault_secret('env', 'YOUR_SPOTIFY_ID') }}",
|
||||
"spotify_client_secret": "{{ vault.vault_secret('env', 'YOUR_SPOTIFY_SECRET') }}",
|
||||
"fallback_to_top_result": false,
|
||||
"lidarr_api_timeout": 120.0,
|
||||
"quality_profile_id": 1,
|
||||
@@ -17,8 +18,8 @@
|
||||
"app_name": "lidify",
|
||||
"app_rev": "0.09",
|
||||
"app_url": "lidify.trez.wtf",
|
||||
"last_fm_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
|
||||
"last_fm_api_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
|
||||
"last_fm_api_key": "{{ vault.vault_secret('env', 'LASTFM_API_KEY') }}",
|
||||
"last_fm_api_secret": "{{ vault.vault_secret('env', 'LASTFM_API_SECRET') }}",
|
||||
"mode": "LastFM",
|
||||
"auto_start": false,
|
||||
"auto_start_delay": 60
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -20,7 +21,7 @@ global_keywords:
|
||||
- fatal
|
||||
notifications:
|
||||
apprise:
|
||||
url: gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['APPRISE_GOTIFY_TOKEN'] }} # Any Apprise-compatible URL (https://github.com/caronc/apprise/wiki)
|
||||
url: gotify://gotify/{{ vault.vault_secret('env', 'APPRISE_GOTIFY_TOKEN') }} # Any Apprise-compatible URL (https://github.com/caronc/apprise/wiki)
|
||||
# settings are optional because they all have default values
|
||||
settings:
|
||||
log_level: INFO # DEBUG, INFO, WARNING, ERROR
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
'use strict';
|
||||
|
||||
const packageJson = require('../../package.json');
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -27,8 +28,8 @@
|
||||
"clients": [],
|
||||
"name": "spotify",
|
||||
"data": {
|
||||
"clientId": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_ID'] }}",
|
||||
"clientSecret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}",
|
||||
"clientId": "{{ vault.vault_secret('env', 'YOUR_SPOTIFY_ID') }}",
|
||||
"clientSecret": "{{ vault.vault_secret('env', 'YOUR_SPOTIFY_SECRET') }}",
|
||||
"redirectUri": "http://localhost:9078/callback"
|
||||
}
|
||||
},
|
||||
@@ -38,8 +39,8 @@
|
||||
"clients": [],
|
||||
"name": "lastfm",
|
||||
"data": {
|
||||
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
|
||||
"secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
|
||||
"apiKey": "{{ vault.vault_secret('env', 'LASTFM_API_KEY') }}",
|
||||
"secret": "{{ vault.vault_secret('env', 'LASTFM_API_SECRET') }}",
|
||||
"redirectUri": "http://localhost:9078/lastfm/callback"
|
||||
}
|
||||
},
|
||||
@@ -49,7 +50,7 @@
|
||||
"clients": [],
|
||||
"name": "listenBrainz",
|
||||
"data": {
|
||||
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
|
||||
"token": "{{ vault.vault_secret('env', 'MALOJA_LISTENBRAINZ_TOKEN') }}",
|
||||
"username": "Trez.One"
|
||||
}
|
||||
},
|
||||
@@ -61,7 +62,7 @@
|
||||
"data": {
|
||||
"url": "http://navidrome:4533",
|
||||
"user": "admin",
|
||||
"password": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NAVIDROME_PASSWORD'] }}"
|
||||
"password": "{{ vault.vault_secret('env', 'NAVIDROME_PASSWORD') }}"
|
||||
}
|
||||
}
|
||||
],
|
||||
@@ -71,8 +72,8 @@
|
||||
"enable": true,
|
||||
"name": "lastFmClient",
|
||||
"data": {
|
||||
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}",
|
||||
"secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}",
|
||||
"apiKey": "{{ vault.vault_secret('env', 'LASTFM_API_KEY') }}",
|
||||
"secret": "{{ vault.vault_secret('env', 'LASTFM_API_SECRET') }}",
|
||||
"redirectUri": "http://localhost:9078/lastfm/callback"
|
||||
}
|
||||
},
|
||||
@@ -81,7 +82,7 @@
|
||||
"enable": true,
|
||||
"name": "ListenBrainzClient",
|
||||
"data": {
|
||||
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}",
|
||||
"token": "{{ vault.vault_secret('env', 'MALOJA_LISTENBRAINZ_TOKEN') }}",
|
||||
"username": "Trez.One"
|
||||
}
|
||||
},
|
||||
@@ -91,7 +92,7 @@
|
||||
"name": "maloja",
|
||||
"data": {
|
||||
"url": "http://maloja:42010",
|
||||
"apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_API_KEY'] }}"
|
||||
"apiKey": "{{ vault.vault_secret('env', 'MALOJA_API_KEY') }}"
|
||||
}
|
||||
}
|
||||
],
|
||||
@@ -100,7 +101,7 @@
|
||||
"name": "Gotify",
|
||||
"type": "gotify",
|
||||
"url": "http://gotify",
|
||||
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MULTI_SCROBBLER_GOTIFY_TOKEN'] }}",
|
||||
"token": "{{ vault.vault_secret('env', 'MULTI_SCROBBLER_GOTIFY_TOKEN') }}",
|
||||
"priorities": {
|
||||
"info": 5,
|
||||
"warn": 7,
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{
|
||||
"Stuns": [
|
||||
{
|
||||
"Proto": "udp",
|
||||
"URI": "stun:netbird.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}:3478",
|
||||
"URI": "stun:netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:3478",
|
||||
"Username": "",
|
||||
"Password": null
|
||||
}
|
||||
@@ -11,9 +12,9 @@
|
||||
"Turns": [
|
||||
{
|
||||
"Proto": "udp",
|
||||
"URI": "turn:netbird.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}:3478",
|
||||
"URI": "turn:netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:3478",
|
||||
"Username": "self",
|
||||
"Password": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NETBIRD_TURN_PASSWORD'] }}"
|
||||
"Password": "{{ vault.vault_secret('env', 'NETBIRD_TURN_PASSWORD') }}"
|
||||
}
|
||||
],
|
||||
"CredentialsTTL": "12h",
|
||||
@@ -22,14 +23,14 @@
|
||||
},
|
||||
"Relay": {
|
||||
"Addresses": [
|
||||
"rel://netbird.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}:33080"
|
||||
"rel://netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:33080"
|
||||
],
|
||||
"CredentialsTTL": "24h",
|
||||
"Secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NETBIRD_RELAY_AUTH_SECRET'] }}"
|
||||
"Secret": "{{ vault.vault_secret('env', 'NETBIRD_RELAY_AUTH_SECRET') }}"
|
||||
},
|
||||
"Signal": {
|
||||
"Proto": "https",
|
||||
"URI": "netbird.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}:10001",
|
||||
"URI": "netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:10001",
|
||||
"Username": "",
|
||||
"Password": null
|
||||
},
|
||||
@@ -47,14 +48,14 @@
|
||||
},
|
||||
"HttpConfig": {
|
||||
"Address": "0.0.0.0:33073",
|
||||
"AuthIssuer": "https://auth.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}",
|
||||
"AuthIssuer": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}",
|
||||
"AuthAudience": "netbird",
|
||||
"AuthKeysLocation": "https://auth.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}/jwks.json",
|
||||
"AuthKeysLocation": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/jwks.json",
|
||||
"AuthUserIDClaim": "",
|
||||
"CertFile": "",
|
||||
"CertKey": "",
|
||||
"IdpSignKeyRefreshEnabled": true,
|
||||
"OIDCConfigEndpoint": "https://auth.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}/.well-known/openid-configuration"
|
||||
"OIDCConfigEndpoint": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/.well-known/openid-configuration"
|
||||
},
|
||||
"IdpManagerConfig": {},
|
||||
"DeviceAuthorizationFlow": {},
|
||||
@@ -62,10 +63,10 @@
|
||||
"ProviderConfig": {
|
||||
"Audience": "netbird",
|
||||
"ClientID": "netbird",
|
||||
"ClientSecret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_NETBIRD_CLIENT_SECRET'] }}",
|
||||
"ClientSecret": "{{ vault.vault_secret('env', 'AUTHELIA_NETBIRD_CLIENT_SECRET') }}",
|
||||
"Domain": "",
|
||||
"AuthorizationEndpoint": "https://auth.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}/api/oidc/authorization",
|
||||
"TokenEndpoint": "https://auth.{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MY_TLD'] }}/api/oidc/token",
|
||||
"AuthorizationEndpoint": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/api/oidc/authorization",
|
||||
"TokenEndpoint": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/api/oidc/token",
|
||||
"Scope": "openid profile email offline_access api",
|
||||
"RedirectURLs": [
|
||||
"http://localhost:53000"
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{
|
||||
"issuer": "https://id.trez.wtf",
|
||||
"authorization_endpoint": "https://id.trez.wtf/oauth/v2/authorize",
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
# Coturn TURN SERVER configuration file
|
||||
#
|
||||
# Boolean values note: where a boolean value is supposed to be used,
|
||||
@@ -250,7 +251,7 @@ lt-cred-mech
|
||||
#user=username1:key1
|
||||
#user=username2:key2
|
||||
# OR:
|
||||
user=self:{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NETBIRD_TURN_PASSWORD'] }}
|
||||
user=self:{{ vault.vault_secret('env', 'NETBIRD_TURN_PASSWORD') }}
|
||||
#user=username2:password2
|
||||
#
|
||||
# Keys must be generated by turnadmin utility. The key value depends
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -18,13 +19,13 @@ web_server:
|
||||
main_db:
|
||||
host: mariadb
|
||||
username: postal
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_MYSQL_PASSWORD'] }}
|
||||
password: {{ vault.vault_secret('env', 'POSTAL_MYSQL_PASSWORD') }}
|
||||
database: postal
|
||||
|
||||
message_db:
|
||||
host: mariadb
|
||||
username: postal
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_MYSQL_PASSWORD'] }}
|
||||
password: {{ vault.vault_secret('env', 'POSTAL_MYSQL_PASSWORD') }}
|
||||
prefix: postal
|
||||
|
||||
smtp_server:
|
||||
@@ -52,11 +53,11 @@ smtp:
|
||||
host: postal-smtp
|
||||
port: 25
|
||||
username: rinoa/postal-smtp
|
||||
password: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}"
|
||||
password: "{{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_PASSWORD') }}"
|
||||
from_name: Postal @ Rinoa
|
||||
from_address: noreply@trez.wtf
|
||||
|
||||
rails:
|
||||
# This is generated automatically by the config initialization. It should be a random
|
||||
# string unique to your installation.
|
||||
secret_key: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_RAILS_SECRET_KEY'] }}"
|
||||
secret_key: "{{ vault.vault_secret('env', 'POSTAL_RAILS_SECRET_KEY') }}"
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -7,7 +8,7 @@
|
||||
<SslPort>6969</SslPort>
|
||||
<EnableSsl>False</EnableSsl>
|
||||
<LaunchBrowser>True</LaunchBrowser>
|
||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['PROWLARR_API_KEY'] }}</ApiKey>
|
||||
<ApiKey>{{ vault.vault_secret('env', 'PROWLARR_API_KEY') }}</ApiKey>
|
||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
||||
<AuthenticationRequired>Enabled</AuthenticationRequired>
|
||||
<Branch>master</Branch>
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
{
|
||||
"radarr_address": "http://radarr:7878",
|
||||
"radarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['RADARR_API_KEY'] }}",
|
||||
"radarr_api_key": "{{ vault.vault_secret('env', 'RADARR_API_KEY') }}",
|
||||
"root_folder_path": "/data/media/movies",
|
||||
"tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['TMDB_API_KEY'] }}",
|
||||
"tmdb_api_key": "{{ vault.vault_secret('env', 'TMDB_API_KEY') }}",
|
||||
"fallback_to_top_result": false,
|
||||
"radarr_api_timeout": 120.0,
|
||||
"quality_profile_id": 1,
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -8,7 +9,7 @@
|
||||
<SslCertPath></SslCertPath>
|
||||
<Port>7878</Port>
|
||||
<UrlBase></UrlBase>
|
||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['RADARR_API_KEY'] }}</ApiKey>
|
||||
<ApiKey>{{ vault.vault_secret('env', 'RADARR_API_KEY') }}</ApiKey>
|
||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
||||
<UpdateMechanism>Docker</UpdateMechanism>
|
||||
<SslPort>9898</SslPort>
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -7,7 +8,7 @@
|
||||
<SslPort>6868</SslPort>
|
||||
<EnableSsl>False</EnableSsl>
|
||||
<LaunchBrowser>True</LaunchBrowser>
|
||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['READARR_API_KEY'] }}</ApiKey>
|
||||
<ApiKey>{{ vault.vault_secret('env', 'READARR_API_KEY') }}</ApiKey>
|
||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
||||
<Branch>develop</Branch>
|
||||
<LogLevel>info</LogLevel>
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
# This is a generic example of a configuration file
|
||||
# Rename this file to `config.yml`, copy it to a `config` folder, and mount that folder as per the docker-compose.example.yml
|
||||
# Only uncomment the lines you want to use/modify, or add new ones where needed
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -22,7 +23,7 @@ host = 0.0.0.0
|
||||
port = 8080
|
||||
https_port = 8090
|
||||
username = thetrezuredone
|
||||
password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_PASSWORD'] }}
|
||||
password = {{ vault.vault_secret('env', 'SABNZBDVPN_PASSWORD') }}
|
||||
bandwidth_max = 1000M
|
||||
cache_limit = 1G
|
||||
web_dir = Glitter
|
||||
@@ -33,7 +34,7 @@ https_chain = ""
|
||||
enable_https = 1
|
||||
inet_exposure = 0
|
||||
local_ranges = ,
|
||||
api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_API_KEY'] }}
|
||||
api_key = {{ vault.vault_secret('env', 'SABNZBDVPN_API_KEY') }}
|
||||
nzb_key = 3c0fa874bb2748b58c1bd7512e649946
|
||||
permissions = 775
|
||||
download_dir = /storage/downloads/incomplete
|
||||
@@ -342,7 +343,7 @@ host = news.newshosting.com
|
||||
port = 563
|
||||
timeout = 60
|
||||
username = thetrezuredone
|
||||
password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSK_USER_PASSWORD'] }}
|
||||
password = {{ vault.vault_secret('env', 'SLSK_USER_PASSWORD') }}
|
||||
connections = 8
|
||||
ssl = 1
|
||||
ssl_verify = 3
|
||||
@@ -363,7 +364,7 @@ host = news.easynews.com
|
||||
port = 443
|
||||
timeout = 60
|
||||
username = TrezOne
|
||||
password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_EASYNEWS_PASSWORD'] }}
|
||||
password = {{ vault.vault_secret('env', 'SABNZBDVPN_EASYNEWS_PASSWORD') }}
|
||||
connections = 60
|
||||
ssl = 0
|
||||
ssl_verify = 3
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -82,7 +83,7 @@ server:
|
||||
# If your instance owns a /etc/searxng/settings.yml file, then set the following
|
||||
# values there.
|
||||
|
||||
secret_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SEARXNG_SECRET_KEY'] }} # Is overwritten by ${SEARXNG_SECRET}
|
||||
secret_key: {{ vault.vault_secret('env', 'SEARXNG_SECRET_KEY') }} # Is overwritten by ${SEARXNG_SECRET}
|
||||
# Proxying image results through searx
|
||||
image_proxy: true
|
||||
# 1.0 and 1.1 are supported
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
<?xml version="1.0"?>
|
||||
<clickhouse>
|
||||
<!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
<?xml version="1.0"?>
|
||||
<clickhouse>
|
||||
<!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
<?xml version="1.0"?>
|
||||
<!--
|
||||
NOTE: User and query level settings are set up in "users.xml" file.
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
<functions>
|
||||
<function>
|
||||
<type>executable</type>
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
<?xml version="1.0"?>
|
||||
<clickhouse>
|
||||
<storage_configuration>
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
<?xml version="1.0"?>
|
||||
<clickhouse>
|
||||
<!-- See also the files in users.d directory where the settings can be overridden. -->
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
receivers:
|
||||
otlp:
|
||||
protocols:
|
||||
|
||||
@@ -1 +1,2 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
server_endpoint: ws://signoz:4320/v1/opamp
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
# my global config
|
||||
global:
|
||||
scrape_interval: 5s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -8,7 +9,7 @@
|
||||
<SslPort>9898</SslPort>
|
||||
<UrlBase></UrlBase>
|
||||
<BindAddress>*</BindAddress>
|
||||
<ApiKey>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SONARR_API_KEY'] }}</ApiKey>
|
||||
<ApiKey>{{ vault.vault_secret('env', 'SONARR_API_KEY') }}</ApiKey>
|
||||
<AuthenticationMethod>Forms</AuthenticationMethod>
|
||||
<UpdateMechanism>Docker</UpdateMechanism>
|
||||
<LaunchBrowser>True</LaunchBrowser>
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
{
|
||||
"sonarr_address": "http://192.168.1.2:8989",
|
||||
"sonarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SONARR_API_KEY'] }}",
|
||||
"sonarr_api_key": "{{ vault.vault_secret('env', 'SONARR_API_KEY') }}",
|
||||
"root_folder_path": "/data/media/shows",
|
||||
"tvdb_api_key": "",
|
||||
"tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['TMDB_API_KEY'] }}",
|
||||
"tmdb_api_key": "{{ vault.vault_secret('env', 'TMDB_API_KEY') }}",
|
||||
"fallback_to_top_result": false,
|
||||
"sonarr_api_timeout": 120.0,
|
||||
"quality_profile_id": 1,
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
[Lidarr]
|
||||
api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }}
|
||||
api_key = {{ vault.vault_secret('env', 'LIDARR_API_KEY') }}
|
||||
host_url = http://lidarr:8686
|
||||
#This should be the path mounted in lidarr that points to your slskd download directory.
|
||||
#If Lidarr is not running in Docker then this may just be the same dir as Slskd is using below.
|
||||
@@ -10,7 +11,7 @@ download_dir = /storage
|
||||
|
||||
[Slskd]
|
||||
#Api key from Slskd. Need to set this up manually. See link to Slskd docs above.
|
||||
api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSKD_API_KEY'] }}
|
||||
api_key = {{ vault.vault_secret('env', 'SLSKD_API_KEY') }}
|
||||
host_url = http://gluetun:5030
|
||||
#Slskd download directory. Should have set it up when installing Slskd.
|
||||
download_dir = /app/downloads
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -198,15 +199,15 @@ rooms:
|
||||
web:
|
||||
authentication:
|
||||
username: slskd
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSKD_WEB_PASSSWORD'] }}
|
||||
password: {{ vault.vault_secret('env', 'SLSKD_WEB_PASSSWORD') }}
|
||||
api_keys:
|
||||
my_api_key:
|
||||
key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSKD_API_KEY'] }}
|
||||
key: {{ vault.vault_secret('env', 'SLSKD_API_KEY') }}
|
||||
role: readwrite
|
||||
cidr: 0.0.0.0/0,::/0
|
||||
soulseek:
|
||||
address: vps.slsknet.org
|
||||
port: 2271
|
||||
username: Trez.One
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSK_USER_PASSWORD'] }}
|
||||
password: {{ vault.vault_secret('env', 'SLSK_USER_PASSWORD') }}
|
||||
diagnostic_level: Info
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -6,7 +7,7 @@
|
||||
"repos": [
|
||||
{
|
||||
"type": "gitea",
|
||||
"token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_TOKEN'] }}",
|
||||
"token": "{{ vault.vault_secret('env', 'GITEA_SONARQUBE_BOT_GITEA_TOKEN') }}",
|
||||
"url": "https://git.trez.wtf",
|
||||
"revisions": {
|
||||
"branches": [
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -24,6 +25,6 @@
|
||||
<entry key='database.driver'>org.postgresql.Driver</entry>
|
||||
<entry key='database.url'>jdbc:postgresql://traccar-pg:5432/traccar-db</entry>
|
||||
<entry key='database.user'>traccar</entry>
|
||||
<entry key='database.password'>{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['WAZUH_API_PASSWORD'] }}</entry>
|
||||
<entry key='database.password'>{{ vault.vault_secret('env', 'WAZUH_API_PASSWORD') }}</entry>
|
||||
|
||||
</properties>
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
sources:
|
||||
rinoa_docker_logs:
|
||||
type: docker_logs
|
||||
@@ -21,7 +22,7 @@
|
||||
auth:
|
||||
strategy: basic
|
||||
user: admin
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['PARSEABLE_PASSWORD'] }}
|
||||
password: {{ vault.vault_secret('env', 'PARSEABLE_PASSWORD') }}
|
||||
request:
|
||||
headers:
|
||||
X-P-Stream: rinoa-docker-logs
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -6,5 +7,5 @@ hosts:
|
||||
url: "https://wazuh.manager"
|
||||
port: 55000
|
||||
username: wazuh-wui
|
||||
password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['WAZUH_API_PASSWORD'] }}
|
||||
password: {{ vault.vault_secret('env', 'WAZUH_API_PASSWORD') }}
|
||||
run_as: false
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -37,7 +38,7 @@ SMTPConfiguration:
|
||||
SMTP:
|
||||
# must include the port, like smtp.mailtrap.io:2525. IPv6 is also supported, like [2001:db8::1]:2525
|
||||
Host: 'postal-smtp:25'
|
||||
User: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}
|
||||
Password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}
|
||||
User: {{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_USER') }}
|
||||
Password: {{ vault.vault_secret('env', 'POSTAL_SMTP_AUTH_PASSWORD') }}
|
||||
From: 'noreply@trez.wtf'
|
||||
FromName: 'Zitadel @ Rinoa'
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{% import '../macros/rinoa-macros.j2' as vault %}
|
||||
{% set vault_addr = 'https://vault.trez.wtf' %}
|
||||
{% set secrets_path = 'rinoa-docker/env' %}
|
||||
|
||||
@@ -7,7 +8,7 @@ Database:
|
||||
User:
|
||||
# If the user doesn't exist already, it is created
|
||||
Username: 'zitadel'
|
||||
Password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ZITADEL_DB_PASSWORD'] }}
|
||||
Password: {{ vault.vault_secret('env', 'ZITADEL_DB_PASSWORD') }}
|
||||
Admin:
|
||||
Username: 'root'
|
||||
Password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ZITADEL_DB_ADMIN_PASSWORD'] }}
|
||||
Password: {{ vault.vault_secret('env', 'ZITADEL_DB_ADMIN_PASSWORD') }}
|
||||
@@ -0,0 +1,3 @@
|
||||
{% macro vault_secret(secret_path, key) %}
|
||||
{{ lookup('community.hashi_vault.vault_kv2_get', secret_path, engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret'][key] }}
|
||||
{% endmacro %}
|
||||
Reference in New Issue
Block a user