# vim:ft=ansible: # For homebrew roles and such, mostly Ansible-related setup common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible" # And my home address, for whitelisting common_home_address: "{{ lookup('community.general.dig', 'home.ddns.mgmt.desu.ltd') }}" # Along with a mask. This allows for some variability in my exact IP common_home_address_mask: "24" # This is a token generated post-setup # It is to be used for querying netbox netbox_token: !vault | $ANSIBLE_VAULT;1.1;AES256 31656630386363323836663537383930346336393061363461653532323561386632343063353161 6630636535373331633762363738613232636366663430330a356333623466623230616433373036 35386162633961616438383332346165323930333662376665616531613837316333653361313332 3065343761343338340a336266316339616134336332376336326332663435323937343531636238 37323530333463383062396363616263386430356438306133393130626365333932323734383165 3064663435626339393836353837643730333266366436373033 # Admin user configuration adminuser_name: salt adminuser_ssh_authorized_keys: - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINeK8DJbbjUn/lKBhsRz3X7DVACP8KxotB5pIgHCnSe7 ansible-generated on bastion1.desu.ltd - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPCoRSbzKkb8gd9rjeeRZeE71vp0vF3leBUeyTWGzFJf ansible-generated on lap-s76-lemp9-0.desu.ltd - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILVemSkfbf0mrs31vqmej1VraTK+D9NSPgVoG6kNk8dd ansible-generated on vm-bastion-1.home.mgmt.desu.ltd - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFS78eNBEZ1fWnGt0qyagCRG7P+8i3kYBqTYgou3O4U8 putty-generated on dsk-ryzen-0.desu.ltd - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINq8NPEqSM0w7CkhdhsSgDsrcpgAvVg18oz9OybkqhHg salt@dsk-ryzen-0 - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwFJmaV4JuxOOgF6Bqwo6FaCN5Mpcvd4/Vee7PsMBxu salt@lap-fw-diy-1.ws.mgmt.desu.ltd # For backups backup_s3_bucket: !vault | $ANSIBLE_VAULT;1.1;AES256 66316231643933316261303631656432376339663264666661663634616465326537303331626634 6235616564316638386434366534663639656236393861630a303530333835353432326131653735 30313734383265376238306333323330366338646636336137653661373365633365393732386466 3263373233653261330a663435643835643430326464623834303864646363373265336134643136 6162 backup_s3_aws_access_key_id: !vault | $ANSIBLE_VAULT;1.1;AES256 62343334333230643465623639633334363331353266366533366464643162333238333363633763 3431663162666566393738396165396639353230633537610a393863663234626134373962393132 33356236626337313435383362336233366637646336663465366638343461663533373362316161 3639313537393734350a636365366137353763333032366338323334333936633330333439376161 62613232363231346562643064383066393761353566366438363766353536386461 backup_s3_aws_secret_access_key: !vault | $ANSIBLE_VAULT;1.1;AES256 32616664316437316638636263653237386665396632313639363962376361393763373535356130 6136353736616263326166633261356233383530613462370a353039303261306231366465326662 39326233306565306639366165393930656461383334383931323263363031623333313462316433 3635616437373236650a353661343131303332376161316664333833393833373830623130666633 66356130646434653039363863346630363931383832353637636131626530616434 backup_s3_aws_endpoint_url: "https://s3.us-east-005.backblazeb2.com" # For zerotier zerotier_personal_network_id: !vault | $ANSIBLE_VAULT;1.1;AES256 35646131343239623265663562343333383362366633386462646465643163353866643633636135 6238643231313536323337343663313865323430323437630a353462393830376431376363373232 30656433343263653035333637336165323931363966376264353164326135336131646362623734 3339633961393864330a616437613534643231366634643362383438316233376334636264303361 65313231393433396538663463383731303661633663343066333264303330313133 zerotier_management_network_id: !vault | $ANSIBLE_VAULT;1.1;AES256 39323634336366386363323264386434373230353133626234623863376161363732666137363238 3936613661306263303239313134643962333037653162660a653730636362303364396664343663 32353638376235646361373730326533636332333939386237313731393032663565393033363635 3430303130303766610a633131656431396332626336653562616363666433366664373635613934 30316335396166633361666466346232323630396534386332613937366232613965 # For ara secret_ara_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 63353066316533303030366138323937313163366363303836633330616464623166343739373436 3562613639613966613365666462666633643336383034390a383239383335623735613135386532 34383135313436383963383133336237343566303665633337626361613164303264393736616461 6133663463333033610a636463393833306539666538626361313062396666363130393334316137 34363064613232336238336630616530313661346264323537393434303264653930 secret_ara_secret_key: !vault | $ANSIBLE_VAULT;1.1;AES256 38653361623431376163613762646262363734623239383330326331663434333031313137353561 3936316562623537363164626561333139633664643264340a336334333265663530663765376534 30356564353461343232343634383739373262643834313035396131303066666639383639376536 3638623035363939640a363332653234666630346166356537623735656639356137643833333939 65316437326137666461646366633731333639326139666333366133633836383931356564393131 31346465336361316433383865613233373836643366346538633330616232386132636662643963 303938396531623561653335646231616239 # For GVM secret_gvm_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 36386339623936656635346132333761356566313430616536346363363335393365613731396539 3664323233396565666334306263303338346637613361390a666634656636373136313634323262 37666165336437323031326262646333393439646664393066383765346631383835663762323263 3363326461316636660a323465373630323435313161663362356234376563633266336534303861 39393835666661323637353830336530393361643664656536313035386338323937 secret_gvm_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 36393639656131363065343830323830323365383933646261353661326235383366343864386135 3335326666623162396234313462653264326362323261360a633736353363666538393064616439 35323734623233313937623861306337633539623761396266363939363565653638613661333366 6637306661373339350a633038336339306639386539336163386530376662663663653966336633 65383335323339366637633934323632666638366265353839306432373365376530 # For gitea secret_gitea_9iron_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 62353264353465316661353738666161313036373761666163663733656461316536636334386335 6161386630663739363439383237343065333239613134610a383036373735326536386464343164 31346337636665356630336234306534646362386663633734353166373761316139313734306630 3364306566323666310a323034303434613237643665643637633430353437316339356463646331 33353062343164396465326365653561626363343961326363633231303736316436643935646161 3933353234613430373930663832643934613233383635613433 secret_gitea_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 35343032343364306363646232613831386530313430663664396432353431393039626230626137 6339653038633534313562333431613362313263623130300a383930626437636466623763663334 64646239633830656338336135313261396536303739373731633830633366313262313035626233 6463663332623635320a356565666638306661356365643930303664346232303165373333613235 62396535653338396232616531323738656636613065336337333336306437363539303766623866 3932386635393061643737326163643164643365303866643766 gitea_secret_key: !vault | $ANSIBLE_VAULT;1.1;AES256 34373339636233393231363531323338306330653139376661356336343133373836323065333665 3537613462316361646161653966643862633033646134370a643133393162313434383663643538 31343164666235316235393163376134636433386361353266613263363839366432356132383533 3434643430306234350a353037373530653865363931333237663133626537643730643634356162 33353632613637306336653734343332393661343539393034313437373636383732393062333530 3337633338323131373130376137393766363737393536386636 gitea_internal_token: !vault | $ANSIBLE_VAULT;1.1;AES256 34323237383664663266653034656437643363316538663338383262663931356665383363656466 3861653830626538303761303638663835316239343033370a323164303164613265363535643432 31393732393361666331396533333339623665623562643962323632653537666339346266393632 6639663137613232640a383633343038626638626434636230346634373533616564316262333833 64376163636230303361326532316665366633373035336164393033653366653564633339386338 35326462333364353032343238363230343235303037306532333765376464326234633739396534 31333332613964313031346534306236383434346430396233646132393962383636383631643461 37366163373863653164626365383761623431613164653932363730633134633032336266616335 61626133316161616335323630333461663163613430353438633235336331343934386464373866 62633234313261363537663061373931303832653531356566633739636264666635653936313965 623964653936646334313864643030653763 # For GitLab secret_gitlab_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 63663138666430313664333565623335313337656138613330663530653633376336343536623866 3231303336656431353163633736323361313633636230640a623762323131353539326430313862 32663662376137383232666534356530343864396535356264633934386430316237346634656336 3365636636316534660a373562346462363935393565366636353061343932663763663532383565 36666438366337303362373838626234363266646132363235323436653131363735 # For Nagios secret_nagios_admin_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 64333231393831303031616363363030613464653161313531316465346263313063626638363437 3965303861646232393663633066363039636637343161340a643162633133336335313632383861 34616338636630633539353335336631313361656633333539323130626132356263653436343363 3930323538613137370a373861376566376631356564623665313662636562626234643862343863 61326232633266633262613931303631396163326266386363366639366639613938 secret_nagios_matrix_token: !vault | $ANSIBLE_VAULT;1.1;AES256 66366665666437643765366533646666386162393038653262333461376566333366363332643135 6233376362633566303939623832636366333330393238370a323766366164393733383736633435 37633137626634643530653665613166633439376333633663633561313864396465623036653063 6433376138386531380a383762393137613738643538343438633730313135613730613139393536 35666133666262383862663637623738643836383633653864626231623034613662646563623936 3763356331333561383833386162616664376335333139376363 nagios_contacts: - name: matrix host_notification_commands: notify-host-by-matrix service_notification_commands: notify-service-by-matrix host_notification_period: ansible-not-late-at-night service_notification_period: ansible-not-late-at-night extra: - key: contactgroups value: ansible - name: salt host_notification_commands: notify-host-by-email service_notification_commands: notify-service-by-email extra: - key: email value: alerts@babor.tech nagios_commands: # This command is included in the container image - name: check_nrpe command: "$USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$" - name: check_by_ssh command: "$USER1$/check_by_ssh -H $HOSTADDRESS$ -F /opt/nagios/etc/ssh_config -t 30 -q -i /opt/nagios/etc/id_ed25519 -l nagios-checker -C \"$ARG1$\"" - name: notify-host-by-matrix command: "/usr/bin/printf \"%b\" \"$NOTIFICATIONTYPE$\\n$HOSTNAME$ is $HOSTSTATE$\\nAddress: $HOSTADDRESS$\\nInfo: $HOSTOUTPUT$\\nDate/Time: $LONGDATETIME$\" | /opt/Custom-Nagios-Plugins/notify-by-matrix" - name: notify-service-by-matrix command: "/usr/bin/printf \"%b\" \"$NOTIFICATIONTYPE$\\nService $HOSTALIAS$ - $SERVICEDESC$ is $SERVICESTATE$\\nInfo: $SERVICEOUTPUT$\\nDate/Time: $LONGDATETIME$\" | /opt/Custom-Nagios-Plugins/notify-by-matrix" nagios_services: # Agentless checks - name: HTTP command: check_http hostgroup: tag-nagios-checkhttp - name: HTTPS command: check_http!--ssl hostgroup: tag-nagios-checkhttp - name: SSH command: check_ssh # check_by_ssh checks - name: CPU Utilization command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_cpu_stats -w 75 -c 90 - name: DNS Resolution command: check_by_ssh!/usr/lib/nagios/plugins/check_etc_resolv - name: Executables in tmp command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_executables_in_tmp - name: Last Ansible Play command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_file_age /var/lib/ansible-last-run -w 432000 -c 604800 - name: Memory Usage command: check_by_ssh!/usr/lib/nagios/plugins/check_memory -w 10% -c 5% hostgroup: "ansible,!tag-prov-zfs" - name: Ping Self over DNS command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_ping_by_hostname - name: Reboot Required command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_reboot_required - name: Unit atd.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit atd.service - name: Unit backup.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit backup.service hostgroup: "ansible,!role-hypervisor" - name: Unit backup.timer command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit backup.timer hostgroup: "ansible,!role-hypervisor" - name: Unit cron.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit cron.service - name: Unit dbus.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit dbus.service - name: Unit ssh.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit ssh.service - name: Unit systemd-resolved.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit systemd-resolved.service hostgroup: "ansible,!role-hypervisor" - name: Users command: check_by_ssh!/usr/lib/nagios/plugins/check_users -w 3 -c 5 # Privileged checks # Required because check_disk may attempt to get the free space of # restricted mountpoints - name: Disk Usage command: check_by_ssh!/usr/bin/sudo /usr/lib/nagios/plugins/check_disk -M -u GB -X nfs -X tracefs -X cgroup -X tmpfs -X overlay -X shm -w 15% -c 10% -W 15% -K 10% -A -I '^/run/' -I '^udev$' -I '^/var/lib/kubelet/' -I '^/tmp/.mount_' -I '^/dev/loop' # Device type checks # R720 - name: CPU0 Temperature command: check_by_ssh!/usr/bin/sudo /usr/local/bin/monitoring-scripts/check_temp -n -w 65 -c 75 --sensor coretemp-isa-0000 hostgroup: device-type-r720 - name: CPU1 Temperature command: check_by_ssh!/usr/bin/sudo /usr/local/bin/monitoring-scripts/check_temp -n -w 65 -c 75 --sensor coretemp-isa-0001 hostgroup: device-type-r720 # Pi 4 4G - name: CPU Temperature command: check_by_ssh!/usr/bin/sudo /usr/local/bin/monitoring-scripts/check_temp -n -w 65 -c 75 --sensor cpu_thermal-virtual-0 hostgroup: device-type-pi4b-2g,device-type-pi4b-4g,device-type-pi4b-4g-storage # Device role checks # hypervisor (which is assumed to be Proxmox) - name: PVE Unit pve-firewall.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pve-firewall.service hostgroup: role-hypervisor - name: PVE Unit spiceproxy.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit spiceproxy.service hostgroup: role-hypervisor - name: PVE Unit pve-ha-crm.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pve-ha-crm.service hostgroup: role-hypervisor - name: PVE Unit pvedaemon.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pvedaemon.service hostgroup: role-hypervisor - name: PVE Unit pvefw-logger.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pvefw-logger.service hostgroup: role-hypervisor - name: PVE Unit pveproxy.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pveproxy.service hostgroup: role-hypervisor - name: PVE Unit pve-cluster.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pve-cluster.service hostgroup: role-hypervisor - name: PVE Unit pvestatd.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pvestatd.service hostgroup: role-hypervisor # Tag-specific checks # docker - name: Unit docker.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit docker.service hostgroup: "ansible,!tag-no-docker" - name: Docker Status command: check_by_ssh!/usr/bin/sudo /usr/local/bin/monitoring-scripts/check_docker --no-ok --status running hostgroup: tag-nagios-checkdocker # nagios-checkpgsql - name: PSQL command: "check_by_ssh!/usr/lib/nagios/plugins/check_pgsql -H localhost -l nagios -p {{ secret_postgresql_monitoring_password }} -w 2 -c 5" hostgroup: tag-nagios-checkpgsql - name: PSQL Connections command: "check_by_ssh!/usr/lib/nagios/plugins/check_pgsql -H localhost -l nagios -p {{ secret_postgresql_monitoring_password }} -w 2 -c 5 -q 'select (select count(*)::float used from pg_stat_activity) / (select setting::int max_conn from pg_settings where name=\\$\\$max_connections\\$\\$)' -W 0.7-0.8 -C 0.8-1.0" hostgroup: tag-nagios-checkpgsql # https://rhaas.blogspot.com/2020/02/useless-vacuuming.html - name: PSQL Old Xacts command: "check_by_ssh!/usr/lib/nagios/plugins/check_pgsql -H localhost -l nagios -p {{ secret_postgresql_monitoring_password }} -w 2 -c 5 -q 'select count(*)::float from pg_prepared_xacts where age(transaction) > 5000000' -W 500-1000 -C 1000-1000000" hostgroup: tag-nagios-checkpgsql - name: Unit postgresql.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit postgresql.service hostgroup: tag-nagios-checkpgsql # nagios-checkswap - name: Swap Usage command: check_by_ssh!/usr/lib/nagios/plugins/check_swap -w 20% -c 10% hostgroup: tag-nagios-checkswap # zerotier - name: Unit zerotier-one.service command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit zerotier-one.service hostgroup: tag-zt-personal # For Netbox secret_netbox_user_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 33313861366430643638383666653432393466663032613962356266316238376239623438393830 6431643833363963626238306563643431383630613565660a363464313837663231396566636535 66313164663537313661653763623931623562626635616165636330303231363033656234323765 3535386162393564370a623061383831376666656633666537653565393138653134313263646332 39356261623833396166623364346639323863633832333735646366373734613163 secret_netbox_api_token: !vault | $ANSIBLE_VAULT;1.1;AES256 63313937383737376131326534303963396162396366313635643639303264613763613039656636 3661383139366639303864323662613465663562656134390a356663613732643037363631376135 31643765333238386566313766313466353931616161343933643366343131616433363538336237 3837323762623761630a636231376364333563306366623136633238326436653764353632366562 63626364306239373436396464666532396538373664646333656361363662326366 secret_netbox_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 33333232623431393930626435313138643963663731336530663066633563666439383936316538 6337376232613937303635386235346561326134616265300a326266373834303137623439366438 33616365353663633434653463643964613231343335326234343331396137363439666138376332 3564356231336230630a336639656337353538633931623536303430363836386137646563613338 66326661313064306162363265303636333765383736336231346136383763613131 secret_netbox_secret_key: !vault | $ANSIBLE_VAULT;1.1;AES256 35313764653130613764383638323462643036363035366239633239393738363262323137393433 3761386334383762633732306666633133306363396637350a323437666533653433303533343663 39386237333335333463656363373535323432333937356564653433353163316635393733303936 3061313335366664370a393331623633336539303065353161386132346430313931353965313538 66653265336462313337353264666661323563333964633331633365623431386133 # For Nextcloud secret_nextcloud_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 31626162623164373133356634323436373634616363663966313039313431643837326630346632 3066303432303064663838643533373933343166356437610a613134383566653035663462393538 37616538366337313265333333373432363031323336306436643839333337313735633463326133 6538383936643664370a663737333861303132313031373234396562653464653838343836663530 38396663633237383764613139346333636432613464356465663661653265323135363032633963 3335626335353431616365313232346431313439653132303833 secret_nextcloud_admin_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 66303362626535386438633666376264313563323034343938363034353435306463613364366636 3633343332643062633265643838346465623362323866610a666237636461376166373938626538 62326334356339326330623336363038323431363266306265386635343432383764623437386462 3534643731333331320a393462323264666135666134336536633639613065363339333131653433 37653732313664356330356139646336353735613336326563366361383737653538 # For Peertube secret_peertube_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 32376536666566663033373033663331366437363331666662623831636135363633333532346531 6465346433663238343234366430633631306534626439310a636163356636613536366461663266 66663637303064303036366263663361616231336461346534363131343634646133323538356633 3639643838656137310a613333363865393536343731666234623065616365373834383536616161 64653939393038393361313961366131633461653139646536653163383336336338 # For Pleroma secret_pleroma_9iron_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 34343838386134656236313462653531663839363030333630383332386535356431326436633137 3261323632653635383930333131333235373437653733300a363562666264616138623832666137 61333039646332343838346633363035343434303036643465353062353062303961383138643564 3338393765393733340a626436653666363236643938613466643530326665653764333933393437 37613033653864643965323162373366306233626235663461326266376662663634353066386139 37636162313364623933396232366239633338363539626637373163333130373665373038363566 65646633636638653335356536323334646632366164633532636634376632356166306139393766 38633934623639366263 secret_pleroma_key_base: !vault | $ANSIBLE_VAULT;1.1;AES256 36333934336635613533333137636532363937613764353933636566663031316262333837323064 6534653062626461633462636335346132353564653038330a326330326235623530393337333063 37666666386637633839633737376465366439356461653363396665636137353264363762346461 3765616634653234630a623061393834373964653939626564363263383435666366356339663136 64613330656434653538363734393831353133316666326338366335383064356165333537383837 31633939353565303661626233623064653838636435376239376361663362636164653962383561 33366335623038653232613731333730363836653532363834663663343963303763323534343038 61666238346239636634 secret_pleroma_signing_salt: !vault | $ANSIBLE_VAULT;1.1;AES256 31306137646362333433313630363538333234643339353530333038393061663132633161356231 3662386234633933633762363334333031306564353132380a633339323364633137396636616363 64393536353362386336323662316262333763326138616364333237353262323232636335353436 3563396435643363620a646337346561393863366361643536356363626334343264343861663131 3466 # For PostgreSQL secret_postgresql_monitoring_password: !vault | $ANSIBLE_VAULT;1.1;AES256 30346136383035313162316264356632396564353732346638363133396630363664363433653762 3031373836393536393662393833303935306339666666620a396162643861663639643064346433 33303865353332353565383635353466626430363933316330373338313833626633626637323161 3135313737356434610a373664303334393733313666336263383864383139373265366135626262 62626239303335666135333439316239383230653234343261313838333234396465 # For SNMP secret_snmp_internal_username: !vault | $ANSIBLE_VAULT;1.1;AES256 65663937306665636134326138643230383632363465363764306131633565323963393532626131 3338356435396531626530653665383630366538303036310a326338623135613834636364353936 38643836373138633537666436656666623830363166303666366337333935313530373730353431 6166636634373062380a346636363234636131333539333232353364656563346438663663303734 39636263376635313631383262323538316434623065366332363762636562643064 secret_snmp_internal_password: !vault | $ANSIBLE_VAULT;1.1;AES256 32393365616165636263376636643035316431663334656135623832366265616230343665663362 3564313266373931363265393465373138373230323030660a633436303339616134643532346533 31643730353866366231623134356435613231353739383035623162653962323931656465656162 6135326562313065330a353763396564646238616337313033616639383431633834383831653536 32353130333634653831316464373465343233336266636561363334333832333036 secret_snmp_rouser_username: !vault | $ANSIBLE_VAULT;1.1;AES256 62393936313166323437663639376433303131316664613965323031373439633335313331626238 6265303766663931396438396535623035376531343637630a336138373561396437353331303938 35623462306638363765363032366365363938633564386162633761623261346661313531373764 3534613836343738310a613163656139326662373535393935323465393833363861306534386234 64396130366463323133303566383233356239316362383866336230333037643133 secret_snmp_rouser_password: !vault | $ANSIBLE_VAULT;1.1;AES256 36343461313133376563383563616562613338613463376535656339636335636336663839323033 3665656533623938326132646133653431616438373138630a393033373330316236366365633162 39346663356364356330386562623532343330343133386331356366376366636665366366323833 3664316436363262390a663530633430303039366465306533363531356231396130316462373365 33396330393231383833653134396137383436623535636165366664366137626464 secret_snmp_rouser_privacy_passphrase: !vault | $ANSIBLE_VAULT;1.1;AES256 31616564303237653131393133633232326535333566303538306232613031373536616463306439 3431633838663261636461393833373961376265343163330a383336333432623136623731386461 39373436313635353932353963313931646465366538393738623735383635356238313066386533 3764363538636232630a383730323433343239663461373030383132626532306130363965316661 64353932376139613765303764313463353366663535653135393637633835353566 # For Synapse secret_synapse_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 38343663383430353236366263666664376162666635633764646539383239613864363838663262 3165313832643330346336613465323439316461643432660a623337373562626431613561323566 64323162623530303965316634666532333034313864663133663933623438313230386261623064 3663623537333161630a616263656362633461366462613366323262363734353233373330393932 36653333643632313139396631633962386533323330346639363736353863313763 # For Vaultwarden secret_vaultwarden_db_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 61396131623266353764386535373334653337353337326464353636343863643733663333333531 6664376235396139616466646462623666663164323461610a336566396135343431356332626337 32373535343266613565313531653061316438313332333261353435366661353437663361346434 3536306466306362340a313563333065383733373834393131306661383932643565373161356162 33643434396436343037656339343336653637356233313034356632626538616366 # For home media stuff secret_transmission_user_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 63386231316662313039646435323861343762386135616437613530653932363333353130333232 3161383737386631336362313139316433656337396538330a656663336338613533393032663433 33346663613731656236666561303530613961363733336261363130646639326361356134386332 6335336139346331300a643962653936323135666463343865393162346637616263373636383534 39663833613135383761643661373163383138316534333264633835613965616135 secret_pia_user: !vault | $ANSIBLE_VAULT;1.1;AES256 38343633366234633430356364633634653433633963393332303439613966353438663066633465 3333333237306430346633336565613932396564353032660a373462333736343062626135316239 65306462643563323565386331373930326231353866626336643533663136353238626663373566 3763303637633838660a353362303966633931356538616636363438623165303536663535383764 6337 secret_pia_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 31333661636562386633396130383630383332303662613739393339373134326330373137656531 3934636662663265303137346163326461306461356138340a323662313130653539633338303035 62313265633338356436393033353438666634363536613266346139666364613238396338363731 6633666366353538300a613965633766653332613465326137396562313230343161346162343762 37643164663466343166346534303932613763643965623066353336363238643266 samba_user_salt_password: !vault | $ANSIBLE_VAULT;1.1;AES256 37653638663161373330616137323239633039653739623833663035303533333265336531313731 3936356261323432653132323537333664353361353939360a313161626436373837653930316463 39343937636261653033393734643739343936323465356531623836646334653362653935623338 3966343739353864630a306564656362386534666663346238666664326531303364343937623134 39333564313166356239386233646431313464346563323239366432363931303338 # For Steam games steam_username: !vault | $ANSIBLE_VAULT;1.1;AES256 37633565343839646163383265646361366438643265363030353465653836653736633239316663 6363343863356538376238643133353036316364656266650a323962313564646365373461383033 61653035323932333838616138643731643738396564366566356232336138363665623436383433 6564326139333337340a343861613865393265353637393537393439323363656365373639623934 3037 steam_password: !vault | $ANSIBLE_VAULT;1.1;AES256 33346235653262313630316135303131663437643234366662663037386135393865653433613336 3832313731326631383761633534656237653931346431630a666239313061653664363530373334 31373330346535366633313364626132326461363331653431346666366135613639646132316434 3838363033643039320a663539633437643161343961633631613435333930393230393232306665 39343162636338393261616130656365313765393033653839383365323163633261 steam_apikey: !vault | $ANSIBLE_VAULT;1.1;AES256 66366433663963653231653231643538353738373864393437343033613230653032636638363331 3232623938396634383161633564643231383165613938330a613865373637613034616237303538 31316563343134313532323937643833646535653330326564376566383338656463363032373766 6464653861386436300a626366666238643935656531386561346436333266313665373464613539 37656136623937383039376664326333323932643330383632656534313663623266336438393466 3936373235623438373064363438343861653437643138373733