update secret handling, add comments, etc
This commit is contained in:
parent
98cc4b4ee3
commit
165cdfd533
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,3 +1,4 @@
|
|||||||
vault-pass.gpg-*
|
vault-pass.gpg-*
|
||||||
roles/*
|
roles/*
|
||||||
!roles/requirements.yml
|
!roles/requirements.yml
|
||||||
|
.vscode/
|
||||||
|
19
files/manifests/secret-digitalocean-dns.yaml
Normal file
19
files/manifests/secret-digitalocean-dns.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
37633666323130636331326338626330663531323239656265636464376534653664393535323234
|
||||||
|
3231316434616366656265373863663431333466323831350a616337336363346163363962643130
|
||||||
|
30663862656334303862643333366237376538633937366332333535303264366562336136336363
|
||||||
|
6632316663353138620a643230666534653231666534653837333536333930646465623533373639
|
||||||
|
65323839643535373666313866373764663832366231333832336135623930306564363930373539
|
||||||
|
62376134666332323837396634616465323132643933353738376166313236303063663463646561
|
||||||
|
35653738636264653739326132366530663962306133353061653764353261333737666638343039
|
||||||
|
34663762636439303530313865366236666131373561323337323539623266666136653232656466
|
||||||
|
36383833336235623939653765373331313333623031376539613536663134356632313762616364
|
||||||
|
66363036623538663635306438373962323538323234343234623364633165363865396563366339
|
||||||
|
37363232313764646237316630643463343561653362373436346663643738356334353431356261
|
||||||
|
39383131346237636435303338303462636531376639383765343733303133393731326538363862
|
||||||
|
36643831303030656239613938323862323539356339386435633663306430623838653763373337
|
||||||
|
38336431303539383831653739313063373539323937353333626235626130613266666230666365
|
||||||
|
32326238353439393538353939306235643762646339393362633632663638666564363431663366
|
||||||
|
66366435613262356165373538373138353031356365316262343733663763373031623435323366
|
||||||
|
63653165386561616562623230376461383936353738313333646335623937353566303462616232
|
||||||
|
6533356562323134643839313765393933656537633337363932
|
@ -1,20 +1,26 @@
|
|||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
63643362636263346139663662346435343861333538623731363763303034386334396261383233
|
61316662343265383362663936373531346563663065646434336239643031356336623230623766
|
||||||
6233306462326530343561333665656330663134653466330a353532613764633361623966396161
|
3135333666356363636536656439363239356232666435370a346232636365616566313331626362
|
||||||
33396332363966623862373036653862626237396631623637613134373266626534656334306465
|
34303965633863623237333861666564373665623938623164396162323166343337653631333130
|
||||||
3537653237303461620a386534333031366366323332646363613265323531356331633338356430
|
3034333135333535320a646561333736353838356565323737616232373461646531636233363732
|
||||||
61396561313334633133623066613762613966366633323435656464303765353231373461363664
|
34303463323132313430653733396636313930383364363462636463333139623265636362373438
|
||||||
61616433306361623631373530366331393132326663303532323461623962393739343364373735
|
65626331386536376666366261633835313334653739643364643639643431353730386662363839
|
||||||
32313365646231313334373038353536333438386337623962623364313732663030396364346435
|
37636639393530633834623631363765663730383031313138656431633835343263303462313261
|
||||||
35653663633366373036646435323865666139653133636439613034613733333830306339383936
|
33616366333262643033636563326534653133643232616636353037616261643162386465613134
|
||||||
32333139646135316630643338653564613530623465313862396634356363373064366366343364
|
39643730666435666165353331653765386539356333623830306239323366363563613639653232
|
||||||
39313638323631393966373263396361613331646162313736346233656137666563303939323933
|
61373933306531666334306463326161386431326132623238633235623839646236663761386530
|
||||||
38626434396566333362623638663634393934623030633633363563343037396433386531356635
|
38633963303839343238613164643464356562616334316332366461363963363339343762326535
|
||||||
31323731383161313330333337656536383630616331653637306238316365643930336233383433
|
66336336393537343762653731306637613030643338616164383435336632313862336464613533
|
||||||
34643864373936393932356630376265316234333737353531653431313237306335383866656232
|
32653265613262663633623039386337666333336364396435656331376339373938653634336162
|
||||||
37323064656134376237346436396565633732613364616366666638333836333331356534623166
|
65376433653665373838663261656635623663326433616534653963396163316662613664343561
|
||||||
37633039336533373536356562663739316138633431366136653639343239396432636162353061
|
39616532386330663337396332316332336537663466636339356463393239356430626266653133
|
||||||
35363133656131393366333734653634616430366531656230616637666136333161343633373839
|
35623362373030623830303762343830353962353532373638643631636239653338306462343965
|
||||||
39636261396638666361333534643065366636313530623563663839643338633038613133336239
|
61663031313465343632326664303963623037633639356563646265326233303261663533346632
|
||||||
35343636353135323033623037613637313464353733393366336435663835623030653636323734
|
65333637613864623237643432613262383632336532316335643938313335306262316561366137
|
||||||
396637393534353535623266386361303332
|
37303965353065336234303134323631363932613162343337353433373964623565643039636162
|
||||||
|
66376236393334613232343434376163613836373565313235323437356463313366646461363537
|
||||||
|
32643135636364626533666265393664396538336331663735306433303439356462393532316437
|
||||||
|
33613665633538663963633264346461663630623566393233656536323564623361323962303962
|
||||||
|
62333736643664343762323433666531333633383563643834346234353736653337326438646530
|
||||||
|
66373035336238363635623933663532323362396534653235633535316332393664336164303361
|
||||||
|
65643435623334383435666434303465623465653531356465653535633363633036
|
||||||
|
@ -1,13 +1,22 @@
|
|||||||
---
|
---
|
||||||
|
# default context is used for stack orchestrator deployments, for testing a custom context name can be usefull
|
||||||
|
#k8s_cluster_name: rnt-cad-cluster
|
||||||
k8s_cluster_name: default
|
k8s_cluster_name: default
|
||||||
k8s_cluster_url: rnt-cad-cluster-control.realitynetwork.store
|
k8s_cluster_url: rnt-cad-cluster-control.realitynetwork.store
|
||||||
k8s_taint_servers: true
|
k8s_taint_servers: true
|
||||||
|
|
||||||
k8s_acme_email: "{{ support_email }}"
|
k8s_acme_email: "{{ support_email }}"
|
||||||
|
|
||||||
|
# k3s bundles traefik as the default ingress controller, we will disable it and use nginx instead
|
||||||
k8s_disable:
|
k8s_disable:
|
||||||
- traefik
|
- traefik
|
||||||
|
|
||||||
|
# secrets can be stored in a file or as a template, the template secrets gets dynamically base64 encoded while file based secrets must be encoded by hand
|
||||||
|
k8s_secrets:
|
||||||
|
- name: digitalocean-dns
|
||||||
|
type: file
|
||||||
|
source: secret-digitalocean-dns.yaml
|
||||||
|
|
||||||
k8s_manifests:
|
k8s_manifests:
|
||||||
# ingress controller, replaces traefik which is explicitly disabled
|
# ingress controller, replaces traefik which is explicitly disabled
|
||||||
- name: ingress-nginx
|
- name: ingress-nginx
|
||||||
@ -17,7 +26,7 @@ k8s_manifests:
|
|||||||
# cert-manager, required for letsencrypt
|
# cert-manager, required for letsencrypt
|
||||||
- name: cert-manager
|
- name: cert-manager
|
||||||
type: url
|
type: url
|
||||||
source: https://github.com/cert-manager/cert-manager/releases/download/v1.15.0/cert-manager.yaml
|
source: https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.yaml
|
||||||
|
|
||||||
# issuer for basic http certs
|
# issuer for basic http certs
|
||||||
- name: letsencrypt-prod
|
- name: letsencrypt-prod
|
||||||
|
Loading…
Reference in New Issue
Block a user