Add ara and its related secrets

This commit is contained in:
Salt 2022-04-23 10:54:26 -05:00
parent e91c0e7710
commit d483eaa07b
5 changed files with 46 additions and 0 deletions

View File

@ -66,6 +66,24 @@ zerotier_management_network_id: !vault |
3430303130303766610a633131656431396332626336653562616363666433366664373635613934
30316335396166633361666466346232323630396534386332613937366232613965
# For ara
secret_ara_db_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256
63353066316533303030366138323937313163366363303836633330616464623166343739373436
3562613639613966613365666462666633643336383034390a383239383335623735613135386532
34383135313436383963383133336237343566303665633337626361613164303264393736616461
6133663463333033610a636463393833306539666538626361313062396666363130393334316137
34363064613232336238336630616530313661346264323537393434303264653930
secret_ara_secret_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
38653361623431376163613762646262363734623239383330326331663434333031313137353561
3936316562623537363164626561333139633664643264340a336334333265663530663765376534
30356564353461343232343634383739373262643834313035396131303066666639383639376536
3638623035363939640a363332653234666630346166356537623735656639356137643833333939
65316437326137666461646366633731333639326139666333366133633836383931356564393131
31346465336361316433383865613233373836643366346538633330616232386132636662643963
303938396531623561653335646231616239
# For GVM
secret_gvm_db_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256

View File

@ -113,6 +113,8 @@
value: web1.dallas.mgmt.desu.ltd
- record: netbox.desu.ltd
value: web3.dallas.mgmt.desu.ltd
- record: ara.desu.ltd
value: web3.dallas.mgmt.desu.ltd
# Local
- record: homeauto.local.desu.ltd
value: pi-homeauto-1.home.mgmt.desu.ltd

View File

@ -23,6 +23,8 @@
# Used for internal access from other nodes
- { type: host, database: all, user: all, address: '192.168.0.0/16', auth_method: md5 }
postgresql_users:
- name: ara-desultd
password: "{{ secret_ara_db_pass }}"
- name: gitea-desultd
password: "{{ secret_gitea_db_pass }}"
- name: gulagbot-test
@ -40,6 +42,8 @@
- name: synapse-desultd
password: "{{ secret_synapse_db_pass }}"
postgresql_databases:
- name: ara-desultd
owner: ara-desultd
- name: gitea-desultd
owner: gitea-desultd
- name: gulagbot-test

View File

@ -145,6 +145,7 @@
- app/redis.yml
- web/movienight.yml
- web/netbox.yml
- web/ara.yml
tags: [ always ]
roles:
- role: backup
@ -318,6 +319,8 @@
- role: ingress
vars:
ingress_servers:
- name: ara.desu.ltd
proxy_pass: http://ara:8000
- name: netbox.desu.ltd
proxy_pass: http://netbox:8080
- name: nagios.desu.ltd

View File

@ -0,0 +1,19 @@
# vim:ft=ansible:
- name: docker deploy ara
docker_container:
name: ara
image: recordsansible/ara-api:centos8-stream-pypi-latest
env:
ARA_DATABASE_ENGINE: django.db.backends.postgresql
ARA_DATABASE_NAME: ara-desultd
ARA_DATABASE_USER: ara-desultd
ARA_DATABASE_PASSWORD: "{{ secret_ara_db_pass }}"
ARA_DATABASE_HOST: 192.168.164.156
networks:
- name: web
aliases: [ "ara" ]
volumes:
- /data/ara/server:/opt/ara:z
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
tags: [ docker, ara ]