From e23b3db7fccb2a512e77bad258b85cf7abf68996 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sun, 10 Jun 2018 19:28:52 +0300 Subject: Add: group vars for Qvisqve so they don't need to be repeated in each playbook. --- group_vars/qvisqve.yml | 131 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 131 insertions(+) create mode 100644 group_vars/qvisqve.yml diff --git a/group_vars/qvisqve.yml b/group_vars/qvisqve.yml new file mode 100644 index 0000000..92dcd90 --- /dev/null +++ b/group_vars/qvisqve.yml @@ -0,0 +1,131 @@ +qvisqve_port: 10000 +qvisqve_token_public_key: "{{ lookup('pipe', 'pass show ick2/token_key.pub') }}" +qvisqve_token_private_key: "{{ lookup('pipe', 'pass show ick2/token_key') }}" +qvisqve_client_hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}" +qvisqve_client_salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}" +qvisqve_clients: + admin: + allowed_scopes: + - uapi_version_get + - uapi_projects_get + - uapi_status_get + - uapi_projects_post + - uapi_projects_id_get + - uapi_projects_id_put + - uapi_projects_id_delete + - uapi_pipelines_get + - uapi_pipelines_id_delete + - uapi_projects_id_status_get + - uapi_projects_id_status_put + - uapi_pipelines_post + - uapi_pipelines_id_put + - uapi_builds_get + - uapi_builds_id_get + - uapi_logs_get + - uapi_logs_id_get + - uapi_workers_get + - uapi_workers_id_get + - uapi_notify_post + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 + ick: + allowed_scopes: + - uapi_version_get + - uapi_workers_post + - uapi_work_get + - uapi_work_post + - uapi_blobs_id_put + - uapi_blobs_id_get + - uapi_notify_post + - uapi_builds_id_get + - uapi_logs_id_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 + worker1: + allowed_scopes: + - uapi_version_get + - uapi_workers_post + - uapi_work_get + - uapi_work_post + - uapi_blobs_id_put + - uapi_blobs_id_get + - uapi_notify_post + - uapi_builds_id_get + - uapi_logs_id_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 + worker2: + allowed_scopes: + - uapi_version_get + - uapi_workers_post + - uapi_work_get + - uapi_work_post + - uapi_blobs_id_put + - uapi_blobs_id_get + - uapi_notify_post + - uapi_builds_id_get + - uapi_logs_id_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 + worker3: + allowed_scopes: + - uapi_version_get + - uapi_workers_post + - uapi_work_get + - uapi_work_post + - uapi_blobs_id_put + - uapi_blobs_id_get + - uapi_notify_post + - uapi_builds_id_get + - uapi_logs_id_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 + worker4: + allowed_scopes: + - uapi_version_get + - uapi_workers_post + - uapi_work_get + - uapi_work_post + - uapi_blobs_id_put + - uapi_blobs_id_get + - uapi_notify_post + - uapi_builds_id_get + - uapi_logs_id_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 -- cgit v1.2.1