diff options
| author | Lars Wirzenius <liw@liw.fi> | 2018-06-13 16:17:46 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2018-06-13 16:17:46 +0300 |
| commit | b99525d19db9840a641542380ad22ba63c7a381d (patch) | |
| tree | e92de66c6808dae411bfbae0c735781354a23602 /group_vars | |
| parent | 83b3574f3abf2c367a7a687867273e6259975ce6 (diff) | |
| download | ick2-ansible-b99525d19db9840a641542380ad22ba63c7a381d.tar.gz | |
Change: extract all vars user is expected
Put my vars into liw.yml. All variables in group_vars/* and
roles/*/defaults/main.yml are now expected to be generic and usable by
anyone.
Diffstat (limited to 'group_vars')
| -rw-r--r-- | group_vars/apt.yml | 9 | ||||
| -rw-r--r-- | group_vars/ickhost.yml | 20 | ||||
| -rw-r--r-- | group_vars/notify.yml | 8 | ||||
| -rw-r--r-- | group_vars/qvisqve.yml | 29 |
4 files changed, 30 insertions, 36 deletions
diff --git a/group_vars/apt.yml b/group_vars/apt.yml index 70fa580..39c33c0 100644 --- a/group_vars/apt.yml +++ b/group_vars/apt.yml @@ -1,10 +1,9 @@ apt_uploader_ssh_public_keys: - "{{ wm_ssh_key_pub }}" -apt_signing_key: "{{ lookup('pipe', 'pass show ick2/apt_key') }}" -apt_signing_key_pub: "{{ lookup('pipe', 'pass show ick2/apt_key.pub') }}" -apt_signing_key_fingerprint: | - {{ lookup('pipe', 'pass show ick2/apt_key.pub | gpg --with-colons | grep "^fpr:" | cut -d: -f10') }} -apt_admin_email: liw@liw.fi +apt_signing_key: FIXME +apt_signing_key_pub: FIXME +apt_signing_key_fingerprint: FIXME +apt_admin_email: FIXME apt_distributions: - codename: stretch description: Release packages for stretch diff --git a/group_vars/ickhost.yml b/group_vars/ickhost.yml index ec545e4..aa922f4 100644 --- a/group_vars/ickhost.yml +++ b/group_vars/ickhost.yml @@ -1,3 +1,6 @@ +qvisqve_token_public_key: FIXME +tls_certificate: FIXME + debian_codename: stretch debian_mirror: deb.debian.org debian_mirror_src: deb.debian.org @@ -9,10 +12,6 @@ sources_lists: keyring_package: code.liw.fi-keyring signing_key: "{{ code_liw_fi_signing_key }}" -token_private_key: "{{ lookup('pipe', 'pass show ick2/token_key') }}" -token_public_key: "{{ lookup('pipe', 'pass show ick2/token_key.pub') }}" -tls_certificate: "{{ lookup('pipe', 'pass show ick2/ick.pem') }}" - controller_port: 12765 artifact_store_port: 12766 qvisqve_port: 10000 @@ -25,11 +24,10 @@ notify_url: "https://{{ notify_domain }}/notify" apt_uploader_ssh_public_keys: - "{{ wm_ssh_key_pub }}" -apt_signing_key: "{{ lookup('pipe', 'pass show ick2/apt_key') }}" -apt_signing_key_pub: "{{ lookup('pipe', 'pass show ick2/apt_key.pub') }}" -apt_signing_key_fingerprint: | - {{ lookup('pipe', 'pass show ick2/apt_key.pub | gpg --with-colons | grep "^fpr:" | cut -d: -f10') }} -apt_admin_email: liw@liw.fi +apt_signing_key: FIXME +apt_signing_key_pub: FIXME +apt_signing_key_fingerprint: FIXME +apt_admin_email: FIXME -wm_ssh_key: "{{ lookup('pipe', 'pass show ick2/wm_ssh_key') }}" -wm_ssh_key_pub: "{{ lookup('pipe', 'pass show ick2/wm_ssh_key_pub') }}" +wm_ssh_key: FIXME +wm_ssh_key_pub: FIXME diff --git a/group_vars/notify.yml b/group_vars/notify.yml index c620183..4e706b1 100644 --- a/group_vars/notify.yml +++ b/group_vars/notify.yml @@ -1,5 +1,5 @@ -smtp_server: pieni.net -smtp_port: 587 -smtp_user: pienirelay -smtp_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}" +smtp_server: FIXME +smtp_port: FIXME +smtp_user: FIXME +smtp_password: FIXME diff --git a/group_vars/qvisqve.yml b/group_vars/qvisqve.yml index 92dcd90..caf571e 100644 --- a/group_vars/qvisqve.yml +++ b/group_vars/qvisqve.yml @@ -1,8 +1,5 @@ qvisqve_port: 10000 -qvisqve_token_public_key: "{{ lookup('pipe', 'pass show ick2/token_key.pub') }}" -qvisqve_token_private_key: "{{ lookup('pipe', 'pass show ick2/token_key') }}" -qvisqve_client_hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}" -qvisqve_client_salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}" +qvisqve_token_private_key: FIXME qvisqve_clients: admin: allowed_scopes: @@ -27,8 +24,8 @@ qvisqve_clients: - uapi_workers_id_get - uapi_notify_post client_secret: - hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}" - salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}" + hash: "{{ qvisqve_admin_hash }}" + salt: "{{ qvisqve_admin_salt }}" N: 16384 key_len: 128 p: 1 @@ -46,8 +43,8 @@ qvisqve_clients: - uapi_builds_id_get - uapi_logs_id_get client_secret: - hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" - salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + hash: "{{ qvisqve_worker1_hash }}" + salt: "{{ qvisqve_worker1_salt }}" N: 16384 key_len: 128 p: 1 @@ -65,8 +62,8 @@ qvisqve_clients: - uapi_builds_id_get - uapi_logs_id_get client_secret: - hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" - salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + hash: "{{ qvisqve_worker1_hash }}" + salt: "{{ qvisqve_worker1_salt }}" N: 16384 key_len: 128 p: 1 @@ -84,8 +81,8 @@ qvisqve_clients: - uapi_builds_id_get - uapi_logs_id_get client_secret: - hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" - salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + hash: "{{ qvisqve_worker2_hash }}" + salt: "{{ qvisqve_worker2_salt }}" N: 16384 key_len: 128 p: 1 @@ -103,8 +100,8 @@ qvisqve_clients: - uapi_builds_id_get - uapi_logs_id_get client_secret: - hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" - salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + hash: "{{ qvisqve_worker3_hash }}" + salt: "{{ qvisqve_worker3_salt }}" N: 16384 key_len: 128 p: 1 @@ -122,8 +119,8 @@ qvisqve_clients: - uapi_builds_id_get - uapi_logs_id_get client_secret: - hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" - salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + hash: "{{ qvisqve_worker4_hash }}" + salt: "{{ qvisqve_worker4_salt }}" N: 16384 key_len: 128 p: 1 |