diff --git a/app-configs/benedikta/mycroft/skills/skill_homeassistant.oscillatelabsllc/settings.json.j2 b/app-configs/benedikta/mycroft/skills/skill_homeassistant.oscillatelabsllc/settings.json.j2 index f2d9877..47e0762 100644 --- a/app-configs/benedikta/mycroft/skills/skill_homeassistant.oscillatelabsllc/settings.json.j2 +++ b/app-configs/benedikta/mycroft/skills/skill_homeassistant.oscillatelabsllc/settings.json.j2 @@ -2,7 +2,7 @@ {% set secrets_path = 'benedikta-config/env' %} { - "api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='benedikta-config', url=vault_addr, token=vault_token_cleaned)['secret']['HOME_ASSISTANT_LONG_LIVED_TOKEN'] }}", + "api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='benedikta-config', url=vault_addr, token=vault_token)['secret']['HOME_ASSISTANT_LONG_LIVED_TOKEN'] }}", "host": "192.168.1.250:8123", "__mycroft_skill_firstrun": false } \ No newline at end of file diff --git a/app-configs/rikku/adguard/conf/AdGuardHome.yaml.j2 b/app-configs/rikku/adguard/conf/AdGuardHome.yaml.j2 index 4df2ce7..74a3324 100644 --- a/app-configs/rikku/adguard/conf/AdGuardHome.yaml.j2 +++ b/app-configs/rikku/adguard/conf/AdGuardHome.yaml.j2 @@ -9,7 +9,7 @@ http: session_ttl: 720h users: - name: admin - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rikku-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ADGUARD_BCRYPT'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rikku-docker', url=vault_addr, token=vault_token)['secret']['ADGUARD_BCRYPT'] }} auth_attempts: 5 block_auth_min: 15 http_proxy: "" diff --git a/app-configs/rinoa/adguardhome/conf/AdGuardHome.yaml.j2 b/app-configs/rinoa/adguardhome/conf/AdGuardHome.yaml.j2 index 8265074..50035dc 100644 --- a/app-configs/rinoa/adguardhome/conf/AdGuardHome.yaml.j2 +++ b/app-configs/rinoa/adguardhome/conf/AdGuardHome.yaml.j2 @@ -9,7 +9,7 @@ http: session_ttl: 720h users: - name: admin - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ADGUARD_BCRYPT'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['ADGUARD_BCRYPT'] }} auth_attempts: 5 block_auth_min: 15 http_proxy: "" diff --git a/app-configs/rinoa/apprise/conf/apprise.yml.j2 b/app-configs/rinoa/apprise/conf/apprise.yml.j2 index ea45d7e..f1a9de2 100644 --- a/app-configs/rinoa/apprise/conf/apprise.yml.j2 +++ b/app-configs/rinoa/apprise/conf/apprise.yml.j2 @@ -2,6 +2,6 @@ {% set secrets_path = 'rinoa-docker/env' %} urls: - - gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['APPRISE_GOTIFY_TOKEN'] }} - - hassio://192.168.1.252/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} - - mailto://postal-smtp:{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}@postal-smtp:25?from=noreply@trez.wtf \ No newline at end of file + - gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['APPRISE_GOTIFY_TOKEN'] }} + - hassio://192.168.1.252/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} + - mailto://postal-smtp:{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}@postal-smtp:25?from=noreply@trez.wtf \ No newline at end of file diff --git a/app-configs/rinoa/argus/config.yml.j2 b/app-configs/rinoa/argus/config.yml.j2 index 96ec4d9..5fd260c 100644 --- a/app-configs/rinoa/argus/config.yml.j2 +++ b/app-configs/rinoa/argus/config.yml.j2 @@ -10,7 +10,7 @@ settings: route_prefix: / basic_auth: username: 'admin' - password: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ARGUS_WEB_PASSWORD'] }}" + password: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['ARGUS_WEB_PASSWORD'] }}" disabled_routes: [] favicon: png: '' @@ -20,7 +20,7 @@ notify: type: gotify url_fields: Host: gotify - Token: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ARGUS_WEB_PASSWORD'] }} + Token: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['ARGUS_WEB_PASSWORD'] }} params: Title: Argus @ Rinoa service: @@ -35,7 +35,7 @@ service: url: "https://adguard.trez.wtf/control/status" basic_auth: username: admin - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ADGUARD_PASSWORD'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['ADGUARD_PASSWORD'] }} json: version regex: v([0-9.]+) dashboard: @@ -154,7 +154,7 @@ service: regex: ^v([0-9.]+)$ headers: - key: x-api-key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IMMICH_POWER_TOOLS_KEY'] }} + value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['IMMICH_POWER_TOOLS_KEY'] }} dashboard: icon: "https://raw.githubusercontent.com/immich-app/immich/main/web/static/immich-logo.svg" web_url: "https://github.com/immich-app/immich/releases/tag/v{% raw %}{{ version }}{% endraw %}" @@ -198,7 +198,7 @@ service: url: "https://lidarr.trez.wtf/api/v1/system/status" headers: - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }} + value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LIDARR_API_KEY'] }} json: version dashboard: icon: "https://raw.githubusercontent.com/Lidarr/Lidarr/develop/Logo/1024.png" @@ -224,7 +224,7 @@ service: url: "https://bazarr.trez.wtf/api/system/status" headers: - key: X-API-KEY - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['BAZARR_API_KEY'] }} + value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['BAZARR_API_KEY'] }} json: data.bazarr_version dashboard: web_url: "https://github.com/morpheus65535/bazarr/releases/v{% raw %}{{ version }}{% endraw %}" @@ -266,7 +266,7 @@ service: url: "https://prowlarr.trez.wtf/api/v1/system/status" headers: - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['PROWLARR_API_KEY'] }} + value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['PROWLARR_API_KEY'] }} json: version dashboard: web_url: "https://github.com/Prowlarr/Prowlarr/releases/v{% raw %}{{ version }}{% endraw %}" @@ -284,7 +284,7 @@ service: url: "https://radarr.trez.wtf/api/v3/system/status" headers: - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['RADARR_API_KEY'] }} + value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['RADARR_API_KEY'] }} json: version dashboard: web_url: "https://github.com/Radarr/Radarr/releases/v{% raw %}{{ version }}{% endraw %}" @@ -304,7 +304,7 @@ service: url: "https://readarr.trez.wtf/api/v1/system/status" headers: - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['READARR_API_KEY'] }} + value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['READARR_API_KEY'] }} json: version dashboard: icon: "https://raw.githubusercontent.com/Readarr/Readarr/develop/Logo/1024.png" @@ -322,7 +322,7 @@ service: url: "https://sonarr.trez.wtf/api/v3/system/status" headers: - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SONARR_API_KEY'] }} + value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SONARR_API_KEY'] }} json: version dashboard: web_url: "https://sonarr.trez.wtf/system/updates" diff --git a/app-configs/rinoa/authelia/configuration.yml.j2 b/app-configs/rinoa/authelia/configuration.yml.j2 index 9068106..cdf7508 100644 --- a/app-configs/rinoa/authelia/configuration.yml.j2 +++ b/app-configs/rinoa/authelia/configuration.yml.j2 @@ -64,11 +64,11 @@ authentication_backend: mail: mail display_name: displayName user: uid=authelia,ou=people,dc=trez,dc=wtf - password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_AUTH_BIND_LDAP_PASSWORD'] }}' + password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['AUTHELIA_AUTH_BIND_LDAP_PASSWORD'] }}' refresh_interval: 5m identity_validation: reset_password: - jwt_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_JWT_SECRET'] }}' + jwt_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['AUTHELIA_JWT_SECRET'] }}' password_policy: standard: enabled: true @@ -112,7 +112,7 @@ access_control: policy: bypass session: name: authelia_session - secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_SESSION_SECRET'] }}' + secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['AUTHELIA_SESSION_SECRET'] }}' expiration: 1h inactivity: 5m remember_me: 1M @@ -124,12 +124,12 @@ session: port: 6379 database_index: 0 storage: - encryption_key: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_STORAGE_ENCRYPTION_KEY'] }}' + encryption_key: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['AUTHELIA_STORAGE_ENCRYPTION_KEY'] }}' postgres: address: 'tcp://authelia-pg:5432' database: authelia username: authelia - password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_STORAGE_POSTGRES_PASSWORD'] }}' + password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['AUTHELIA_STORAGE_POSTGRES_PASSWORD'] }}' timeout: '5s' regulation: max_retries: 3 @@ -140,8 +140,8 @@ notifier: smtp: address: 'smtp://postal-smtp:25' timeout: '5s' - username: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}' - password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}' + username: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_USER'] }}' + password: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}' sender: "Authelia " identifier: 'localhost' subject: "[Authelia] {title}" @@ -151,10 +151,10 @@ notifier: disable_html_emails: false identity_providers: oidc: - hmac_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_OIDC_HMAC_SECRET'] }}' + hmac_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['AUTHELIA_OIDC_HMAC_SECRET'] }}' jwks: - key: | - {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_KEY"] | replace("\\n", "\n") | indent(10) }} + {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token)["secret"]["AUTHELIA_OIDC_JWKS_KEY"] | replace("\\n", "\n") | indent(10) }} cors: allowed_origins_from_client_redirect_uris: true endpoints: @@ -166,7 +166,7 @@ identity_providers: clients: - client_id: 'netbird' client_name: 'NetBird' - client_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_NETBIRD_CLIENT_SECRET'] }}' + client_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['AUTHELIA_NETBIRD_CLIENT_SECRET'] }}' public: false authorization_policy: 'two_factor' redirect_uris: diff --git a/app-configs/rinoa/crowdsec/local-api-credentials.yaml.j2 b/app-configs/rinoa/crowdsec/local-api-credentials.yaml.j2 index 5335296..726d372 100644 --- a/app-configs/rinoa/crowdsec/local-api-credentials.yaml.j2 +++ b/app-configs/rinoa/crowdsec/local-api-credentials.yaml.j2 @@ -3,4 +3,4 @@ url: http://0.0.0.0:8080 login: localhost -password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['CROWDSEC_LOCAL_API_KEY'] }} \ No newline at end of file +password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['CROWDSEC_LOCAL_API_KEY'] }} \ No newline at end of file diff --git a/app-configs/rinoa/crowdsec/online-api-credentials.yaml.j2 b/app-configs/rinoa/crowdsec/online-api-credentials.yaml.j2 index 3f7aeaf..36574e9 100644 --- a/app-configs/rinoa/crowdsec/online-api-credentials.yaml.j2 +++ b/app-configs/rinoa/crowdsec/online-api-credentials.yaml.j2 @@ -2,5 +2,5 @@ {% set secrets_path = 'rinoa-docker/env' %} url: https://api.crowdsec.net/ -login: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['CROWDSEC_ONLINE_PASSWORD'] }} -password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['CROWDSEC_ONLINE_PASSWORD'] }} \ No newline at end of file +login: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['CROWDSEC_ONLINE_PASSWORD'] }} +password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['CROWDSEC_ONLINE_PASSWORD'] }} \ No newline at end of file diff --git a/app-configs/rinoa/explo/local.env.j2 b/app-configs/rinoa/explo/local.env.j2 index a232385..5363fd0 100644 --- a/app-configs/rinoa/explo/local.env.j2 +++ b/app-configs/rinoa/explo/local.env.j2 @@ -2,12 +2,12 @@ {% set secrets_path = 'rinoa-docker/env' %} EXPLO_SYSTEM: subsonic SYSTEM_URL: http://navidrome:4533 -SYSTEM_USERNAME: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NAVIDROME_USERNAME'] }} -SYSTEM_PASSWORD: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NAVIDROME_PASSWORD'] }} +SYSTEM_USERNAME: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['NAVIDROME_USERNAME'] }} +SYSTEM_PASSWORD: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['NAVIDROME_PASSWORD'] }} DOWNLOAD_DIR: /downloads PLAYLIST_DIR: /playlists LISTENBRAINZ_USER: Trez.One -YOUTUBE_API_KEY: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUTUBE_DATA_API_V3_KEY'] }} +YOUTUBE_API_KEY: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['YOUTUBE_DATA_API_V3_KEY'] }} # Assign a custom path to yt-dlp # YTDLP_PATH= # Keywords to ignore on videos downloaded by youtube (separated by only commas) diff --git a/app-configs/rinoa/garage/garage.toml.j2 b/app-configs/rinoa/garage/garage.toml.j2 index 4c0165a..e4b0371 100644 --- a/app-configs/rinoa/garage/garage.toml.j2 +++ b/app-configs/rinoa/garage/garage.toml.j2 @@ -9,7 +9,7 @@ compression_level = 10 rpc_bind_addr = "[::]:3901" rpc_public_addr = "localhost:3901" -rpc_secret = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GARAGE_RPC_SECRET'] }}" +rpc_secret = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GARAGE_RPC_SECRET'] }}" [s3_api] s3_region = "us-east-fh-pln" @@ -22,5 +22,5 @@ root_domain = ".garage.trez.wtf" [admin] api_bind_addr = "[::]:3903" -admin_token = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GARAGE_ADMIN_TOKEN'] }}" -metrics_token = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GARAGE_METRICS_TOKEN'] }}" \ No newline at end of file +admin_token = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GARAGE_ADMIN_TOKEN'] }}" +metrics_token = "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GARAGE_METRICS_TOKEN'] }}" \ No newline at end of file diff --git a/app-configs/rinoa/ghost/ghost_config.production.json.j2 b/app-configs/rinoa/ghost/ghost_config.production.json.j2 index 40e0dd1..371e392 100644 --- a/app-configs/rinoa/ghost/ghost_config.production.json.j2 +++ b/app-configs/rinoa/ghost/ghost_config.production.json.j2 @@ -9,7 +9,7 @@ "host" : "mariadb", "port" : 3306, "user" : "ghost", - "password" : "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GHOST_DB_PASSWORD'] }}", + "password" : "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GHOST_DB_PASSWORD'] }}", "database" : "ghost_db" } }, @@ -21,8 +21,8 @@ "port": 25, "secure": false, "auth": { - "user": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}", - "pass": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}" + "user": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_USER'] }}", + "pass": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}" } } }, diff --git a/app-configs/rinoa/gitea/app.ini.j2 b/app-configs/rinoa/gitea/app.ini.j2 index bc4e810..4c70e33 100644 --- a/app-configs/rinoa/gitea/app.ini.j2 +++ b/app-configs/rinoa/gitea/app.ini.j2 @@ -27,7 +27,7 @@ DISABLE_SSH = false SSH_PORT = 22 SSH_LISTEN_PORT = 22 LFS_START_SERVER = true -LFS_JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_LFS_JWT_SECRET'] }} +LFS_JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_LFS_JWT_SECRET'] }} OFFLINE_MODE = true [database] @@ -36,7 +36,7 @@ DB_TYPE = postgres HOST = gitea-db:5432 NAME = gitea USER = gitea -PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_PG_DB_PASSWORD'] }} +PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_PG_DB_PASSWORD'] }} LOG_SQL = false SCHEMA = SSL_MODE = disable @@ -70,7 +70,7 @@ INSTALL_LOCK = true SECRET_KEY = REVERSE_PROXY_LIMIT = 1 REVERSE_PROXY_TRUSTED_PROXIES = * -INTERNAL_TOKEN = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_INTERNAL_TOKEN'] }} +INTERNAL_TOKEN = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_INTERNAL_TOKEN'] }} PASSWORD_HASH_ALGO = pbkdf2 [service] @@ -89,7 +89,7 @@ NO_REPLY_ADDRESS = noreply@trez.wtf PATH = /data/git/lfs [mailer] -PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} +PASSWD = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} PROTOCOL = smtp ENABLED = true FROM = '"Gitea" ' @@ -112,7 +112,7 @@ DEFAULT_MERGE_STYLE = merge DEFAULT_TRUST_MODEL = committer [oauth2] -JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_OAUTH2_JWT_SECRET'] }} +JWT_SECRET = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_OAUTH2_JWT_SECRET'] }} [ui] THEMES = diff --git a/app-configs/rinoa/gitea/gitea-sonarqube-bot/config.yaml.j2 b/app-configs/rinoa/gitea/gitea-sonarqube-bot/config.yaml.j2 index 90b9fb6..00b5c88 100644 --- a/app-configs/rinoa/gitea/gitea-sonarqube-bot/config.yaml.j2 +++ b/app-configs/rinoa/gitea/gitea-sonarqube-bot/config.yaml.j2 @@ -9,7 +9,7 @@ gitea: # Created access token for the user that shall be used as bot account. # User needs "Read project" permissions with access to "Pull Requests" token: - value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_TOKEN'] }}" + value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_SONARQUBE_BOT_GITEA_TOKEN'] }}" # # or path to file containing the plain text secret # file: /path/to/gitea/token @@ -18,7 +18,7 @@ gitea: # The bot looks for `X-Gitea-Signature` header containing the sha256 hmac hash of the plain text secret. If the header # exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be validated. webhook: - secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_GITEA_WEBHOOK_SECRET'] }}" + secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_SONARQUBE_BOT_GITEA_WEBHOOK_SECRET'] }}" # # or path to file containing the plain text secret # secretFile: /path/to/gitea/webhook/secret @@ -35,7 +35,7 @@ sonarqube: # Created access token for the user that shall be used as bot account. # User needs "Browse on project" permissions token: - value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_SQUBE_TOKEN'] }}" + value: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_SONARQUBE_BOT_SQUBE_TOKEN'] }}" # # or path to file containing the plain text secret # file: /path/to/sonarqube/token @@ -45,7 +45,7 @@ sonarqube: # If the header exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be # validated. webhook: - secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['GITEA_SONARQUBE_BOT_SQUBE_WEBHOOK_SECRET'] }}" + secret: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['GITEA_SONARQUBE_BOT_SQUBE_WEBHOOK_SECRET'] }}" # # or path to file containing the plain text secret # secretFile: /path/to/sonarqube/webhook/secret diff --git a/app-configs/rinoa/grafana/pyroscope/config.yaml.j2 b/app-configs/rinoa/grafana/pyroscope/config.yaml.j2 index fe8066b..9b67c11 100644 --- a/app-configs/rinoa/grafana/pyroscope/config.yaml.j2 +++ b/app-configs/rinoa/grafana/pyroscope/config.yaml.j2 @@ -4,8 +4,8 @@ storage: bucket_name: pyroscope endpoint: minio:9000 region: us-east-fh-pln - access_key_id: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_PYROSCOPE_STORAGE_ACCESS_KEY'] }} - secret_access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_PYROSCOPE_STORAGE_SECRET_KEY'] }} + access_key_id: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MINIO_PYROSCOPE_STORAGE_ACCESS_KEY'] }} + secret_access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MINIO_PYROSCOPE_STORAGE_SECRET_KEY'] }} insecure: true analytics: diff --git a/app-configs/rinoa/grafana/tempo/tempo.yaml.j2 b/app-configs/rinoa/grafana/tempo/tempo.yaml.j2 index fbfd005..dc61795 100644 --- a/app-configs/rinoa/grafana/tempo/tempo.yaml.j2 +++ b/app-configs/rinoa/grafana/tempo/tempo.yaml.j2 @@ -46,8 +46,8 @@ storage: s3: bucket: tempo # how to store data in s3 endpoint: minio:9000 - access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_TEMPO_STORAGE_ACCESS_KEY'] }} - secret_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MINIO_TEMPO_STORAGE_SECRET_KEY'] }} + access_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MINIO_TEMPO_STORAGE_ACCESS_KEY'] }} + secret_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MINIO_TEMPO_STORAGE_SECRET_KEY'] }} insecure: true usage_report: diff --git a/app-configs/rinoa/homepage/services.yaml.j2 b/app-configs/rinoa/homepage/services.yaml.j2 index 7a610bb..40b61e0 100644 --- a/app-configs/rinoa/homepage/services.yaml.j2 +++ b/app-configs/rinoa/homepage/services.yaml.j2 @@ -29,5 +29,5 @@ widget: type: homeassistant url: http://192.168.1.252:8123 - key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['HOMEPAGE_HOME_ASSISTANT_API_KEY'] }} + key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['HOMEPAGE_HOME_ASSISTANT_API_KEY'] }} diff --git a/app-configs/rinoa/homepage/settings.yaml.j2 b/app-configs/rinoa/homepage/settings.yaml.j2 index 060cfb0..4e35107 100644 --- a/app-configs/rinoa/homepage/settings.yaml.j2 +++ b/app-configs/rinoa/homepage/settings.yaml.j2 @@ -6,7 +6,7 @@ # https://gethomepage.dev/en/configs/settings providers: - openweathermap: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['HOMEPAGE_OPENWEATHERMAP_API_KEY'] }} + openweathermap: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['HOMEPAGE_OPENWEATHERMAP_API_KEY'] }} # weatherapi: weatherapiapikey title: Rinoa Dashboard (trez.WTF) headerStyle: underlined diff --git a/app-configs/rinoa/invidious/config.yml.j2 b/app-configs/rinoa/invidious/config.yml.j2 index 7aff109..ae86764 100644 --- a/app-configs/rinoa/invidious/config.yml.j2 +++ b/app-configs/rinoa/invidious/config.yml.j2 @@ -16,7 +16,7 @@ db: host: invidious-db port: 5432 dbname: invidious - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_PG_DB_PASSWORD'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['INVID_PG_DB_PASSWORD'] }} ## ## Database configuration using a single URI. This is an @@ -210,8 +210,8 @@ https_only: false ## Accepted values: String ## Default: ## -po_token: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_PO_TOKEN'] }} -visitor_data: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_VISITOR_DATA'] }} +po_token: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['INVID_PO_TOKEN'] }} +visitor_data: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['INVID_VISITOR_DATA'] }} # ----------------------------- # Logging @@ -471,7 +471,7 @@ jobs: ## Accepted values: a string ## Default: ## -hmac_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['INVID_HMAC_KEY'] }} +hmac_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['INVID_HMAC_KEY'] }} ## ## List of video IDs where the "download" widget must be diff --git a/app-configs/rinoa/invoice-ninja/invoice-ninja.env.j2 b/app-configs/rinoa/invoice-ninja/invoice-ninja.env.j2 index 2c8dc97..0ec469e 100644 --- a/app-configs/rinoa/invoice-ninja/invoice-ninja.env.j2 +++ b/app-configs/rinoa/invoice-ninja/invoice-ninja.env.j2 @@ -3,7 +3,7 @@ # IN application vars IN_APP_URL=https://biz.trez.wtf -IN_APP_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_APP_KEY'] }} +IN_APP_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['IN_APP_KEY'] }} IN_APP_DEBUG=true IN_REQUIRE_HTTPS=false IN_PHANTOMJS_PDF_GENERATION=false @@ -18,7 +18,7 @@ IN_DB_HOST=mariadb IN_DB_PORT=3306 IN_DB_DATABASE=invoice_ninja IN_DB_USERNAME=ininja -IN_DB_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_MYSQL_PASSWORD'] }} +IN_DB_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['IN_MYSQL_PASSWORD'] }} # Create initial user # Default to these values if empty @@ -31,8 +31,8 @@ IN_PASSWORD= IN_MAIL_MAILER=log IN_MAIL_HOST=postal-smtp IN_MAIL_PORT=25 -IN_MAIL_USERNAME={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }} -IN_MAIL_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} +IN_MAIL_USERNAME={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_USER'] }} +IN_MAIL_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} IN_MAIL_ENCRYPTION=null IN_MAIL_FROM_ADDRESS='noreply@trez.wtf' IN_MAIL_FROM_NAME='Treasured IT' diff --git a/app-configs/rinoa/lidarr/config.xml.j2 b/app-configs/rinoa/lidarr/config.xml.j2 index 7ff4318..fcdc1af 100644 --- a/app-configs/rinoa/lidarr/config.xml.j2 +++ b/app-configs/rinoa/lidarr/config.xml.j2 @@ -7,7 +7,7 @@ 6868 False True - {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }} + {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LIDARR_API_KEY'] }} Forms master trace diff --git a/app-configs/rinoa/lidify/config.json.j2 b/app-configs/rinoa/lidify/config.json.j2 index cc87a3b..6974589 100644 --- a/app-configs/rinoa/lidify/config.json.j2 +++ b/app-configs/rinoa/lidify/config.json.j2 @@ -3,11 +3,11 @@ { "lidarr_address": "http://lidarr:8686", - "lidarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }}", - "spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}", + "lidarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LIDARR_API_KEY'] }}", + "spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['YOUR_SPOTIFY_SECRET'] }}", "root_folder_path": "/data/media/music", - "spotify_client_id": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_ID'] }}", - "spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}", + "spotify_client_id": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['YOUR_SPOTIFY_ID'] }}", + "spotify_client_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['YOUR_SPOTIFY_SECRET'] }}", "fallback_to_top_result": false, "lidarr_api_timeout": 120.0, "quality_profile_id": 1, @@ -17,8 +17,8 @@ "app_name": "lidify", "app_rev": "0.09", "app_url": "lidify.trez.wtf", - "last_fm_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}", - "last_fm_api_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}", + "last_fm_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LASTFM_API_KEY'] }}", + "last_fm_api_secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LASTFM_API_SECRET'] }}", "mode": "LastFM", "auto_start": false, "auto_start_delay": 60 diff --git a/app-configs/rinoa/loggifly/config.yaml.j2 b/app-configs/rinoa/loggifly/config.yaml.j2 index de2cc13..b2d4579 100644 --- a/app-configs/rinoa/loggifly/config.yaml.j2 +++ b/app-configs/rinoa/loggifly/config.yaml.j2 @@ -36,7 +36,7 @@ global_keywords: - fatal notifications: apprise: - url: gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['APPRISE_GOTIFY_TOKEN'] }} # Any Apprise-compatible URL (https://github.com/caronc/apprise/wiki) + url: gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['APPRISE_GOTIFY_TOKEN'] }} # Any Apprise-compatible URL (https://github.com/caronc/apprise/wiki) # settings are optional because they all have default values settings: log_level: INFO # DEBUG, INFO, WARNING, ERROR diff --git a/app-configs/rinoa/multi-scrobbler/config.json.j2 b/app-configs/rinoa/multi-scrobbler/config.json.j2 index 6e958cb..c21da9e 100644 --- a/app-configs/rinoa/multi-scrobbler/config.json.j2 +++ b/app-configs/rinoa/multi-scrobbler/config.json.j2 @@ -27,8 +27,8 @@ "clients": ["lastfmClient", "ListenBrainzClient", "maloja"], "name": "spotifySource", "data": { - "clientId": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_ID'] }}", - "clientSecret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['YOUR_SPOTIFY_SECRET'] }}", + "clientId": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['YOUR_SPOTIFY_ID'] }}", + "clientSecret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['YOUR_SPOTIFY_SECRET'] }}", "redirectUri": "https://scrobble.trez.wtf/callback" } }, @@ -39,8 +39,8 @@ "configureAs": "source", "name": "lastfmSource", "data": { - "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}", - "secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}", + "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LASTFM_API_KEY'] }}", + "secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LASTFM_API_SECRET'] }}", "redirectUri": "https://scrobble.trez.wtf/lastfm/callback" } }, @@ -50,7 +50,7 @@ "clients": ["lastfmClient", "maloja"], "name": "listenBrainzSource", "data": { - "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}", + "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}", "username": "Trez.One" } }, @@ -62,7 +62,7 @@ "data": { "url": "http://navidrome:4533", "user": "admin", - "password": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['NAVIDROME_PASSWORD'] }}" + "password": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['NAVIDROME_PASSWORD'] }}" } } ], @@ -73,8 +73,8 @@ "name": "lastFmClient", "configureAs": "client", "data": { - "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_KEY'] }}", - "secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LASTFM_API_SECRET'] }}", + "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LASTFM_API_KEY'] }}", + "secret": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LASTFM_API_SECRET'] }}", "redirectUri": "https://scrobble.trez.wtf/lastfm/callback" } }, @@ -83,7 +83,7 @@ "enable": true, "name": "ListenBrainzClient", "data": { - "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}", + "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MALOJA_LISTENBRAINZ_TOKEN'] }}", "username": "Trez.One" } }, @@ -93,7 +93,7 @@ "name": "malojaClient", "data": { "url": "http://maloja:42010", - "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MALOJA_API_KEY'] }}" + "apiKey": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MALOJA_API_KEY'] }}" } } ], @@ -102,7 +102,7 @@ "name": "Gotify", "type": "gotify", "url": "http://gotify", - "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['MULTI_SCROBBLER_GOTIFY_TOKEN'] }}", + "token": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MULTI_SCROBBLER_GOTIFY_TOKEN'] }}", "priorities": { "info": 5, "warn": 7, diff --git a/app-configs/rinoa/postal/postal.yml.j2 b/app-configs/rinoa/postal/postal.yml.j2 index b365f10..6ed36d6 100644 --- a/app-configs/rinoa/postal/postal.yml.j2 +++ b/app-configs/rinoa/postal/postal.yml.j2 @@ -18,13 +18,13 @@ web_server: main_db: host: mariadb username: postal - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_MYSQL_PASSWORD'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_MYSQL_PASSWORD'] }} database: postal message_db: host: mariadb username: postal - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_MYSQL_PASSWORD'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_MYSQL_PASSWORD'] }} prefix: postal smtp_server: @@ -52,11 +52,11 @@ smtp: host: postal-smtp port: 25 username: rinoa/postal-smtp - password: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}" + password: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}" from_name: Postal @ Rinoa from_address: noreply@trez.wtf rails: # This is generated automatically by the config initialization. It should be a random # string unique to your installation. - secret_key: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_RAILS_SECRET_KEY'] }}" + secret_key: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['POSTAL_RAILS_SECRET_KEY'] }}" diff --git a/app-configs/rinoa/prowlarr/config.xml.j2 b/app-configs/rinoa/prowlarr/config.xml.j2 index f45b8ee..5b32ba3 100644 --- a/app-configs/rinoa/prowlarr/config.xml.j2 +++ b/app-configs/rinoa/prowlarr/config.xml.j2 @@ -7,7 +7,7 @@ 6969 False True - {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['PROWLARR_API_KEY'] }} + {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['PROWLARR_API_KEY'] }} Forms Enabled master diff --git a/app-configs/rinoa/qbittorrent/qbit_manage/config.yml.j2 b/app-configs/rinoa/qbittorrent/qbit_manage/config.yml.j2 index f643341..ae7d3a3 100644 --- a/app-configs/rinoa/qbittorrent/qbit_manage/config.yml.j2 +++ b/app-configs/rinoa/qbittorrent/qbit_manage/config.yml.j2 @@ -25,7 +25,7 @@ qbt: # Pass environment variables to the config via !ENV tag host: qbittorrentvpn:8080 user: admin - pass: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['DELUGEVPN_PASSWORD'] }} + pass: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['DELUGEVPN_PASSWORD'] }} settings: force_auto_tmm: False # Will force qBittorrent to enable Automatic Torrent Management for each torrent. @@ -222,4 +222,4 @@ apprise: # Mandatory to fill out the url of your apprise API endpoint api_url: http://apprise-api:8000 # Mandatory to fill out the notification url/urls based on the notification services provided by apprise. https://github.com/caronc/apprise/wiki - notify_url: gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['APPRISE_GOTIFY_TOKEN'] }} \ No newline at end of file + notify_url: gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['APPRISE_GOTIFY_TOKEN'] }} \ No newline at end of file diff --git a/app-configs/rinoa/radarec/config.json.j2 b/app-configs/rinoa/radarec/config.json.j2 index a35180c..185860f 100644 --- a/app-configs/rinoa/radarec/config.json.j2 +++ b/app-configs/rinoa/radarec/config.json.j2 @@ -3,9 +3,9 @@ { "radarr_address": "http://radarr:7878", - "radarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['RADARR_API_KEY'] }}", + "radarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['RADARR_API_KEY'] }}", "root_folder_path": "/data/media/movies", - "tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['TMDB_API_KEY'] }}", + "tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['TMDB_API_KEY'] }}", "fallback_to_top_result": false, "radarr_api_timeout": 120.0, "quality_profile_id": 1, diff --git a/app-configs/rinoa/radarr/config.xml.j2 b/app-configs/rinoa/radarr/config.xml.j2 index e9a9baa..42674bf 100644 --- a/app-configs/rinoa/radarr/config.xml.j2 +++ b/app-configs/rinoa/radarr/config.xml.j2 @@ -8,7 +8,7 @@ 7878 - {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['RADARR_API_KEY'] }} + {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['RADARR_API_KEY'] }} Forms Docker 9898 diff --git a/app-configs/rinoa/readarr/config.xml.j2 b/app-configs/rinoa/readarr/config.xml.j2 index 5eec003..9affe18 100644 --- a/app-configs/rinoa/readarr/config.xml.j2 +++ b/app-configs/rinoa/readarr/config.xml.j2 @@ -7,7 +7,7 @@ 6868 False True - {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['READARR_API_KEY'] }} + {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['READARR_API_KEY'] }} Forms develop info diff --git a/app-configs/rinoa/sabnzbdvpn/sabnzbd.ini.j2 b/app-configs/rinoa/sabnzbdvpn/sabnzbd.ini.j2 index f9e2f6e..9e8e6ca 100644 --- a/app-configs/rinoa/sabnzbdvpn/sabnzbd.ini.j2 +++ b/app-configs/rinoa/sabnzbdvpn/sabnzbd.ini.j2 @@ -22,7 +22,7 @@ host = 0.0.0.0 port = 8080 https_port = 8090 username = thetrezuredone -password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_PASSWORD'] }} +password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SABNZBDVPN_PASSWORD'] }} bandwidth_max = 1000M cache_limit = 1G web_dir = Glitter @@ -33,7 +33,7 @@ https_chain = "" enable_https = 1 inet_exposure = 0 local_ranges = , -api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_API_KEY'] }} +api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SABNZBDVPN_API_KEY'] }} nzb_key = 3c0fa874bb2748b58c1bd7512e649946 permissions = 775 download_dir = /storage/downloads/incomplete @@ -342,7 +342,7 @@ host = news.newshosting.com port = 563 timeout = 60 username = thetrezuredone -password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSK_USER_PASSWORD'] }} +password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SLSK_USER_PASSWORD'] }} connections = 8 ssl = 1 ssl_verify = 3 @@ -363,7 +363,7 @@ host = news.easynews.com port = 443 timeout = 60 username = TrezOne -password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SABNZBDVPN_EASYNEWS_PASSWORD'] }} +password = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SABNZBDVPN_EASYNEWS_PASSWORD'] }} connections = 60 ssl = 0 ssl_verify = 3 diff --git a/app-configs/rinoa/searxng/settings.yml.j2 b/app-configs/rinoa/searxng/settings.yml.j2 index 5369f8d..2cec16d 100644 --- a/app-configs/rinoa/searxng/settings.yml.j2 +++ b/app-configs/rinoa/searxng/settings.yml.j2 @@ -82,7 +82,7 @@ server: # If your instance owns a /etc/searxng/settings.yml file, then set the following # values there. - secret_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SEARXNG_SECRET_KEY'] }} # Is overwritten by ${SEARXNG_SECRET} + secret_key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SEARXNG_SECRET_KEY'] }} # Is overwritten by ${SEARXNG_SECRET} # Proxying image results through searx image_proxy: true # 1.0 and 1.1 are supported diff --git a/app-configs/rinoa/sonarr/config.xml.j2 b/app-configs/rinoa/sonarr/config.xml.j2 index cb4f0f3..c875e5a 100644 --- a/app-configs/rinoa/sonarr/config.xml.j2 +++ b/app-configs/rinoa/sonarr/config.xml.j2 @@ -8,7 +8,7 @@ 9898 * - {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SONARR_API_KEY'] }} + {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SONARR_API_KEY'] }} Forms Docker True diff --git a/app-configs/rinoa/sonashow/config.json.j2 b/app-configs/rinoa/sonashow/config.json.j2 index 5441e15..238245b 100644 --- a/app-configs/rinoa/sonashow/config.json.j2 +++ b/app-configs/rinoa/sonashow/config.json.j2 @@ -3,10 +3,10 @@ { "sonarr_address": "http://192.168.1.2:8989", - "sonarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SONARR_API_KEY'] }}", + "sonarr_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SONARR_API_KEY'] }}", "root_folder_path": "/data/media/shows", "tvdb_api_key": "", - "tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['TMDB_API_KEY'] }}", + "tmdb_api_key": "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['TMDB_API_KEY'] }}", "fallback_to_top_result": false, "sonarr_api_timeout": 120.0, "quality_profile_id": 1, diff --git a/app-configs/rinoa/soularr/config.ini.j2 b/app-configs/rinoa/soularr/config.ini.j2 index 2de58ec..f918f91 100644 --- a/app-configs/rinoa/soularr/config.ini.j2 +++ b/app-configs/rinoa/soularr/config.ini.j2 @@ -2,7 +2,7 @@ {% set secrets_path = 'rinoa-docker/env' %} [Lidarr] -api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['LIDARR_API_KEY'] }} +api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LIDARR_API_KEY'] }} host_url = http://lidarr:8686 #This should be the path mounted in lidarr that points to your slskd download directory. #If Lidarr is not running in Docker then this may just be the same dir as Slskd is using below. @@ -10,7 +10,7 @@ download_dir = /storage [Slskd] #Api key from Slskd. Need to set this up manually. See link to Slskd docs above. -api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSKD_API_KEY'] }} +api_key = {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SLSKD_API_KEY'] }} host_url = http://gluetun:5030 #Slskd download directory. Should have set it up when installing Slskd. download_dir = /app/downloads diff --git a/app-configs/rinoa/soulseek/slskd.yml.j2 b/app-configs/rinoa/soulseek/slskd.yml.j2 index 2890f68..e61edc3 100644 --- a/app-configs/rinoa/soulseek/slskd.yml.j2 +++ b/app-configs/rinoa/soulseek/slskd.yml.j2 @@ -198,15 +198,15 @@ rooms: web: authentication: username: slskd - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSKD_WEB_PASSSWORD'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SLSKD_WEB_PASSSWORD'] }} api_keys: my_api_key: - key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSKD_API_KEY'] }} + key: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SLSKD_API_KEY'] }} role: readwrite cidr: 0.0.0.0/0,::/0 soulseek: address: vps.slsknet.org port: 2271 username: Trez.One - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['SLSK_USER_PASSWORD'] }} + password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SLSK_USER_PASSWORD'] }} diagnostic_level: Info