Simplify variable paths and encrypt vaults.

2022-07-19 10:37:07 +02:00
parent c7913808c2
commit adcd9cc8e5
9 changed files with 99 additions and 99 deletions
--- a/hetzner.yaml
+++ b/hetzner.yaml
@@ -7,8 +7,8 @@
  tasks:
    - name: Backup hetzner
      block:
-        - include_vars: vars/common/mattermost.yaml
-        - include_vars: vars/hetzner/variable.yaml
+        - include_vars: vars/mattermost.yaml
+        - include_vars: vars/hetzner.yaml

        - name: Create backup directory
          file:
--- a/nas.yaml
+++ b/nas.yaml
@@ -7,7 +7,7 @@
  tasks:
    - name: Backup odroid
      block:
-        - include_vars: vars/common/mattermost.yaml
+        - include_vars: vars/mattermost.yaml

        - name: Wakeup the nas
          community.general.wakeonlan:
--- a/odroid.yaml
+++ b/odroid.yaml
@@ -7,8 +7,8 @@
  tasks:
    - name: Backup odroid
      block:
-        - include_vars: vars/common/mattermost.yaml
-        - include_vars: vars/odroid/variable.yaml
+        - include_vars: vars/mattermost.yaml
+        - include_vars: vars/odroid.yaml

        - name: Check if directories exist
          stat:
--- a/semaphore.yaml
+++ b/semaphore.yaml
@@ -7,8 +7,8 @@
  tasks:
    - name: Cleanup semaphore
      block:
-        - include_vars: vars/common/mattermost.yaml
-        - include_vars: vars/semaphore/variable.yaml
+        - include_vars: vars/mattermost.yaml
+        - include_vars: vars/semaphore.yaml

        - name: Search for volume's backup directories
          become: yes
--- a/vars/hetzner/variable.yaml
+++ b/vars/hetzner/variable.yaml
@@ -1,12 +1,12 @@
 ansible_python_interpreter: /usr/bin/python2
 mysql_user: root
-mysql_password: !vault |
+mysql-password: !vault |
  $ANSIBLE_VAULT;1.1;AES256
-  30653032393533663237383138653662303937653238323336626431623839323265383536336138
-  3236353431326238356266613230343333616564383230330a363838633264356263333966613265
-  65636531363865386134663439616562623430363439613863343831333930363762366432343361
-  6163373838653762650a346431633230666637306635386262333961646232386262633363643734
-  65616232363735386461376239303338366537313365316161396262336163653536
+  36616238373963663637653131316238303437333335313831646265636232383736306165373535
+  3765306364393366316536366136336532303436346139650a316336636161613762353266363866
+  30613765356432336264633161396536613739653332646561616661663465393161666539626435
+  3166633663326362610a333064663838666531656265633736333761623439656234303066323136
+  65396662353166396532633532313061336664653835656439306466336464393164
 backup_dir: /var/chris
 databases: ['c1_scheidle', 'c1_startup', 'c2_buehler', 'c4_svj', 'c5_maier', 'dbispconfig', 'roundcube']

--- a/vars/common/mattermost.yaml
+++ b/vars/common/mattermost.yaml
--- a/vars/odroid.yaml
+++ b/vars/odroid.yaml
@@ -0,0 +1,86 @@
+backup_dir: /media/backup/docker
+systems: ['bookstack', 'drone', 'duplicati', 'gitea', 'kimai', 'mattermost', 'nextcloud', 'pihole', 'portainer', 'semaphore', 'vaultwarden']
+databases: ['bookstack', 'drone', 'gitea', 'kimai', 'mattermost', 'nextcloud', 'semaphore']
+mysql_databases: ['bookstack', 'kimai', 'semaphore']
+postgres_databases: ['drone', 'gitea', 'mattermost', 'nextcloud']
+bookstack-password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  33396131646266346635316538663337376432366135636166636332653431663834613139663766
+  3633626536616462316434373632656330643563323835320a303163393034333439313236393531
+  66343539653835643733303333343466326532663837343636326339366333316335313538316331
+  3732306231396535630a633162653539643132643063373730316462646662636364353734363932
+  38303464363437666534306233393233323363383033323134363930396364303462
+drone-password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  33326532336464663338346165346636393633666434333135353230643235616339373436366365
+  3937303132366632623739653639323830393564643234370a376262373863636638366464613665
+  64336331613561326334613731303237643562343631616161636165383735653636386166316166
+  6236386333623731660a343363323566383634383430326261333031346533663737326530666363
+  37353332383862646262646361333238363261313632336438393230336662616462
+gitea-password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  35386139336366356138376663316634626663656234333932363865613339383338653864396237
+  6266356438393366623238656266373732613739333334300a636630626630323731326565303264
+  62316336383333333063626665323063613530616132363537343139633765626231393932656233
+  3931376265346362610a383438643662663834353663366231643261323964323434363463346436
+  64626135373938636265616532373531626565393438633537646361646663326365
+kimai-password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  65333334616333326464643264343430303937613362323432646136303932663164316134623063
+  6636646534396635303635313137386634636263376532630a306131376437383365326136373437
+  30326338373236363662623163646438306637626166353438613434353666616338653730343534
+  6537326238336161620a336564386633623335333562333966636462626461383131613137326464
+  63306230316662353865386333383536633938343937663162643664333765303761
+mattermost-password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  30633262316262313463383737353134306463613838383937366364343163376235333266326561
+  3036656433613465653534376530333137346461323732330a653362643338356265646536303635
+  39613063623037363938356461383638353639616661326237336661613631633563313135363838
+  6363373661653034350a386365643566373964343332623231396331666634303235313366356663
+  39653261373363323633336361303866386365373931653538353938643265613665
+nextcloud-password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  34636539383237653564393232316363303062626566303963313634636637623034366262633966
+  3561333039623330353435333130653664336431366165380a626634353832623366633135353962
+  30393265643365383461373236363962636564333639633266336133313431303937663736356632
+  3666633031366538380a656434643766313762366665666633633932623434303532336361646635
+  31623738623261373366393939613765363033313761666361313364326435303837
+semaphore-password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  65393034313732656364303764323665616165636365343232323766363535323639353936366265
+  6334346130303739626635383138393832653334626536390a313964326337613635383564343465
+  35363336396339323565306439613964343632373939333238656134303235636639656465353362
+  3261356535383164610a643666363635666231343634353539326137343461646365303237653733
+  63393438616332623234623137343333383533393434343437623065386461373564
+volumes:
+  bookstack:
+    container: bookstack
+    path: /config
+  dnsmasq:
+    container: pihole
+    path: /etc/dnsmasq.d
+  duplicati-conf:
+    container: duplicati
+    path: /data
+  gitea:
+    container: gitea
+    path: /data
+  kimai-var:
+    container: kimai
+    path: /opt/kimai/var
+  mattermost:
+    container: mattermost
+    path: /mattermost/data
+  nextcloud-config:
+    container: nextcloud
+    path: /var/www/html/config
+  pihole:
+    container: pihole
+    path: /etc/pihole
+  portainer:
+    container: portainer
+    path: /data
+  vault:
+    container: vaultwarden
+    path: /data
+servers: ['hetzner']
--- a/vars/odroid/variable.yaml
+++ b/vars/odroid/variable.yaml
@@ -1,86 +0,0 @@
-backup_dir: /media/backup/docker
-systems: ['bookstack', 'drone', 'duplicati', 'gitea', 'kimai', 'mattermost', 'nextcloud', 'pihole', 'portainer', 'semaphore', 'vaultwarden']
-databases: ['bookstack', 'drone', 'gitea', 'kimai', 'mattermost', 'nextcloud', 'semaphore']
-mysql_databases: ['bookstack', 'kimai', 'semaphore']
-postgres_databases: ['drone', 'gitea', 'mattermost', 'nextcloud']
-bookstack-password: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  39336636386431643433353665393339336436336161663865346132623966636363313933613731
-  6466663837626238323139306162636139383437366134300a373730666465393263383866646265
-  33363832306430373131353933396165663363363761306666623631323566333334326639656161
-  3761396539666262660a616338366563326161343666653261636632626162363463653736613735
-  63326530313939336534626137336536636637353161663739623333636233333237
-drone-password: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  65646363323732393035376232643861636464323364326664353265303164656239333136646163
-  3437353365306165323131383861616238613065343161360a626434626132616333326130623566
-  30303739333431323062336462643235373663666234353034653261366364336562666437353361
-  3532353262623266660a313064373065646638643639353837343065326637303933306433396364
-  61323930366438326465313736366164343337363763633862303738663361306664
-gitea-password: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  35663631393434323266376261323039373662616365356661323439313632356630376138353039
-  3338626365363335376432646339613866666639653439360a386339336361366564623730363131
-  35636431333233656436633263633966633136376537393039363235633836316366633362333637
-  6438633235643063340a666435316134663234383733363765643930383865333365326439316537
-  62386263373334613233396137663230636433353861343133383963306362373138
-kimai-password: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  33623762393131386131383731653262383134333435373463393465346336363831616230376235
-  3738316665383530613262396537393336666237643364330a313936353333313062383235303033
-  34633962356162363861393337373135373733623530623264643763633839633038353930313830
-  3836646164383864640a643761653366336131613034336162656630666532323334316361346563
-  39616364666130373663326137353636633064363130333738333230626366616363
-mattermost-password: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  63376430633239353764376361373933633739303564623463656262303037306561366437663638
-  3835343137623461366136303439653735353939383766310a343836656634333761626533393562
-  63626132396239616635323435363964363538303763323335313530663833626161386463333563
-  6566656264346539650a623434363138643838613936396436623965633937666537383039376134
-  34613039313436633032623466373037343662613166643338333439306635633366
-nextcloud-password: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  64646139616264626663656536666635346539356639336230633638633765393436663337666266
-  3135616564346235636330656165343739653631646238360a353437383833376130636632333163
-  65383439366165386232383664346130396336616530613162626262386335323331313336373632
-  6437333231383539390a363731626530336264366264313736323864333864323636613062316639
-  30396235326462356238343634653262666535616133383031626164353136656630
-semaphore-password: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  33383439323962613365623962653961396165636338306564356434376165373030323765313365
-  3566636463323835613634313530623832343764633563390a646632303563336434646430663837
-  36613837326634643934396566353438383239613463316564353835363464343330653433376661
-  3838633238363835620a636162313933303833346362323334303236656635313436643535316162
-  35363062303261316437373135333263363463393862663938643938666664323938
-volumes:
-  bookstack:
-    container: bookstack
-    path: /config
-  dnsmasq:
-    container: pihole
-    path: /etc/dnsmasq.d
-  duplicati-conf:
-    container: duplicati
-    path: /data
-  gitea:
-    container: gitea
-    path: /data
-  kimai-var:
-    container: kimai
-    path: /opt/kimai/var
-  mattermost:
-    container: mattermost
-    path: /mattermost/data
-  nextcloud-config:
-    container: nextcloud
-    path: /var/www/html/config
-  pihole:
-    container: pihole
-    path: /etc/pihole
-  portainer:
-    container: portainer
-    path: /data
-  vault:
-    container: vaultwarden
-    path: /data
-servers: ['hetzner']
--- a/vars/semaphore/variable.yaml
+++ b/vars/semaphore/variable.yaml