From ec0c78e6d9f05942b53f5982ad6620c307e98cb5 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Sun, 14 Feb 2021 12:29:14 +0000 Subject: [PATCH] Read emails from secrets --- ansible/roles/forrest/files/docker-compose.yml | 4 ++-- ansible/roles/forrest/vars/main.yml | 14 ++++++++++++++ ansible/roles/traefik/files/traefik.yml | 2 +- ansible/roles/traefik/vars/main.yml | 8 ++++++++ terraform/providers.tf | 2 +- terraform/variables.tf | 1 + 6 files changed, 27 insertions(+), 4 deletions(-) diff --git a/ansible/roles/forrest/files/docker-compose.yml b/ansible/roles/forrest/files/docker-compose.yml index 78340a8..b33e6d0 100644 --- a/ansible/roles/forrest/files/docker-compose.yml +++ b/ansible/roles/forrest/files/docker-compose.yml @@ -13,9 +13,9 @@ services: - GF_SMTP_ENABLED=true - GF_SMTP_HOST=smtp.fastmail.com:465 - - GF_SMTP_USER=jake@theorangeone.net + - GF_SMTP_USER={{ grafana_smtp_user }} - GF_SMTP_PASSWORD={{ grafana_smtp_password }} - - GF_SMTP_FROM_ADDRESS=grafana@jakehoward.tech + - GF_SMTP_FROM_ADDRESS={{ grafana_from_email }} - GF_SMTP_FROM_NAME=grafana volumes: diff --git a/ansible/roles/forrest/vars/main.yml b/ansible/roles/forrest/vars/main.yml index 75ada4e..7955bd9 100644 --- a/ansible/roles/forrest/vars/main.yml +++ b/ansible/roles/forrest/vars/main.yml @@ -5,3 +5,17 @@ grafana_smtp_password: !vault | 36383262386365386664613431373863333963326538633535336139383433316465356236666466 6530386564313761300a346239646234353631386530663931613861313664666633346237313863 31623136616236363235666634303434383866346462643731346532646561656236 +grafana_smtp_user: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 33613266323466316166643631393938653439383333343736313061393261366662663238303035 + 6132346334343863633232303863636230333962316633650a616661346634646666636439323032 + 63633936336361303635323064666637396335626136613431366161653062303534386637656666 + 6630623330613439640a613863326331656235313164663736643539373934636633383430346365 + 39356331376364373931393365646630316566353662356532383034616439393237 +grafana_from_email: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62613637623430356637343861326237366162626435306336376461643062643265363438666366 + 3932333666346338366334303564343064323862373930390a333162636231663961386532326264 + 65626435353036663938356330303564346137363961313236636263333238313166656231353931 + 6161633634636337320a396661373963623661363162643161393033653032623432323536306630 + 39346665653031316261346636336566343563373165653763643831313234356532 diff --git a/ansible/roles/traefik/files/traefik.yml b/ansible/roles/traefik/files/traefik.yml index 252515c..aacf536 100644 --- a/ansible/roles/traefik/files/traefik.yml +++ b/ansible/roles/traefik/files/traefik.yml @@ -45,7 +45,7 @@ api: certificatesResolvers: le: acme: - email: hosting@theorangeone.net + email: "{{ letsencrypt_email }}" storage: /etc/traefik/acme.json dnsChallenge: provider: cloudflare diff --git a/ansible/roles/traefik/vars/main.yml b/ansible/roles/traefik/vars/main.yml index 1b80c54..12f39e3 100644 --- a/ansible/roles/traefik/vars/main.yml +++ b/ansible/roles/traefik/vars/main.yml @@ -6,3 +6,11 @@ cloudflare_api_token: !vault | 3466383231363632310a346661383838633630643236623561373962356635346162653936393562 32646530656632393133356436653365356163313961343837633138383561376237306638313362 3636373939656462613032653530643536643466363135346139 + +letsencrypt_email: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 64373438363639363238333264313861316239383234633536326330333333386361646266396438 + 6330303063623032653066643838313931613030663931640a333839633630613936343530663666 + 62633331616264623932303031663130623135623566323964656162656265633863336333373538 + 3963303639373032620a363434643539393838303233653037383765363961373363333034343534 + 37663462663235613062633837373334366163636362386364356635313730363566 diff --git a/terraform/providers.tf b/terraform/providers.tf index 3181671..111ecf4 100644 --- a/terraform/providers.tf +++ b/terraform/providers.tf @@ -5,7 +5,7 @@ provider "vultr" { } provider "cloudflare" { - email = "hosting+cloudflare@theorangeone.net" + email = var.cloudflare_email api_key = var.cloudflare_api_key } diff --git a/terraform/variables.tf b/terraform/variables.tf index ac7bd92..adee3c2 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -1,3 +1,4 @@ variable "vultr_api_key" {} variable "cloudflare_api_key" {} +variable "cloudflare_email" {} variable "linode_api_token" {}