From fcda77e750ef226dccfeb20f7eef8c7003463fa9 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Tue, 21 Dec 2021 19:36:52 +0000 Subject: [PATCH] Extract vault items from host vars --- ansible/host_vars/decker.yml | 11 ---- ansible/host_vars/decker/main.yml | 4 ++ ansible/host_vars/decker/vault.yml | 9 +++ .../host_vars/{grimes.yml => grimes/main.yml} | 9 +-- ansible/host_vars/grimes/vault.yml | 9 +++ ansible/host_vars/pve.yml | 59 ------------------- ansible/host_vars/pve/main.yml | 46 +++++++++++++++ ansible/host_vars/pve/vault.yml | 13 ++++ ansible/host_vars/restic.yml | 22 ------- ansible/host_vars/restic/main.yml | 8 +++ ansible/host_vars/restic/vault.yml | 12 ++++ ansible/host_vars/walker.yml | 13 ---- ansible/host_vars/walker/main.yml | 6 ++ ansible/host_vars/walker/vault.yml | 9 +++ 14 files changed, 117 insertions(+), 113 deletions(-) delete mode 100644 ansible/host_vars/decker.yml create mode 100644 ansible/host_vars/decker/main.yml create mode 100644 ansible/host_vars/decker/vault.yml rename ansible/host_vars/{grimes.yml => grimes/main.yml} (58%) create mode 100644 ansible/host_vars/grimes/vault.yml delete mode 100644 ansible/host_vars/pve.yml create mode 100644 ansible/host_vars/pve/main.yml create mode 100644 ansible/host_vars/pve/vault.yml delete mode 100644 ansible/host_vars/restic.yml create mode 100644 ansible/host_vars/restic/main.yml create mode 100644 ansible/host_vars/restic/vault.yml delete mode 100644 ansible/host_vars/walker.yml create mode 100644 ansible/host_vars/walker/main.yml create mode 100644 ansible/host_vars/walker/vault.yml diff --git a/ansible/host_vars/decker.yml b/ansible/host_vars/decker.yml deleted file mode 100644 index 39de68a..0000000 --- a/ansible/host_vars/decker.yml +++ /dev/null @@ -1,11 +0,0 @@ -restic_backup_locations: - - /opt - - "{{ home }}/db-backups" -restic_healthchecks_id: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 38326130663036353465396538356534333432393033623531393433383263383665353736653762 - 3061633438386630643536366265633262663365363539320a343134396562626136346435373163 - 33313762336136373836376133656437396139653366363666353432616433663464356532303535 - 3833323130363961620a666630313566376134313139666361366439626666393962373965386238 - 37326164393231303331616630636231316664383461346136323738616364383635313261666537 - 3162363138386335656232336666646536666266383665346634 diff --git a/ansible/host_vars/decker/main.yml b/ansible/host_vars/decker/main.yml new file mode 100644 index 0000000..5e80d54 --- /dev/null +++ b/ansible/host_vars/decker/main.yml @@ -0,0 +1,4 @@ +restic_backup_locations: + - /opt + - "{{ home }}/db-backups" +restic_healthchecks_id: "{{ vault_restic_healthchecks_id }}" diff --git a/ansible/host_vars/decker/vault.yml b/ansible/host_vars/decker/vault.yml new file mode 100644 index 0000000..653f1bf --- /dev/null +++ b/ansible/host_vars/decker/vault.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +64386132336631373533383835363066313631666162666662376665643434333935666334393633 +6662663138396139626663313961303265633535653439330a393732323931653137626638313765 +34343931396166363338346431616632326263653663326537386561646466633835343663323534 +3833653734373962610a383238623138636164623732336165613930323364346333646338383566 +62633532343063653665363663356461383134333439636230333839646331626239346438306636 +62373262663730343963643061383262356437346535323031326539663637636432376463643666 +33616463326261326336316331373331613635613036636235643934646466306530653363303266 +33393864386538656234 diff --git a/ansible/host_vars/grimes.yml b/ansible/host_vars/grimes/main.yml similarity index 58% rename from ansible/host_vars/grimes.yml rename to ansible/host_vars/grimes/main.yml index 67d3305..982dbf8 100644 --- a/ansible/host_vars/grimes.yml +++ b/ansible/host_vars/grimes/main.yml @@ -28,11 +28,4 @@ restic_backup_locations: restic_backup_excludes: - /home/dokku/**/cache # Caches are big, don't need those -restic_healthchecks_id: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 66316632623066346265613438663263636530643862353664613939323835353736613635343662 - 3433313362346338623439343962333161343134623930610a386133653939366630646537656335 - 66666633323063353464326564653362356666376331656635663863353966363434333863396463 - 3264326637306366380a383739653061343561303939363932396232323065323164653563663161 - 66646363326639333530376134343465666138656134343765663130333739313631666266636363 - 3539613535636461316461386238373730643238313435303439 +restic_healthchecks_id: "{{ vault_restic_healthchecks_id }}" diff --git a/ansible/host_vars/grimes/vault.yml b/ansible/host_vars/grimes/vault.yml new file mode 100644 index 0000000..4866140 --- /dev/null +++ b/ansible/host_vars/grimes/vault.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +61636635633634366161363765363961396430313436353337616466653964373464633236663631 +3066653963336137343065343631623730653536343934660a666662306464313738636163316131 +66386565303630376663643330396630303832323839366164303061303331636362306236396131 +3136326432323939380a373764616161623333343834623566663139396139323561323463376330 +39386531373266353063316566366636363538663865373638643736366135373937313030373630 +36303166643533653038323466353230383464353130323233333838656432343931643035663535 +66383332363762353832316535663234373066386662656135343564353363303232613766313563 +32336561313639366461 diff --git a/ansible/host_vars/pve.yml b/ansible/host_vars/pve.yml deleted file mode 100644 index 5bce9c3..0000000 --- a/ansible/host_vars/pve.yml +++ /dev/null @@ -1,59 +0,0 @@ -private_ip: "{{ pve_hosts.pve.ip }}" - -zpools_to_scrub: - - tank - - rpool - -# 7GB, or so -zfs_arc_size: 7000000000 - -sanoid_datasets: - tank: - use_template: production - recursive: true - process_children_only: true - - rpool: - use_template: production - recursive: true - -# Snapraid -snapraid_install: false -snapraid_runner: false - -snapraid_data_disks: - - path: /mnt/bulk - content: true -snapraid_parity_disks: - - path: /mnt/parity - content: true - -snapraid_content_files: - - /mnt/tank/files/snapraid.content - - /var/snapraid.content - -snapraid_config_excludes: - - "*.unrecoverable" - - /lost+found/ - - "*.!sync" - - /tmp/ - -snapraid_scrub_schedule: - hour: 5 - weekday: 4 -snapraid_scrub_healthcheck_io_uuid: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 39306266626437303331656561323032666232616430383534306464396437363436643234353862 - 3061373137353131353139383862326166643230323564370a383636353035316538623661303331 - 37383836636330663335336633333464623938626365373935346538633638613931653338376638 - 6161313231343164370a363031353365336131333337336531346539383131363034376236303332 - 66313661636635633631376163656235373034343637313161393633353866643662353639623062 - 3465366462363062363438666237306538363234613862666238 -snapraid_sync_healthcheck_io_uuid: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63303862326336613366333136633633613864663364616235346632303033303339316635363863 - 3134646236636663396663363835323130666665643935630a376437613131373338623237393761 - 62303731373138366136323432316261396232386365636635316637643031386138653936636234 - 6639323030383330310a623234333235323536313534643736666237666265393533343736316466 - 30643363653761336364323331663037643030313962656339646661336534396337353761393738 - 6563613764353932633962343261643832656637613961373333 diff --git a/ansible/host_vars/pve/main.yml b/ansible/host_vars/pve/main.yml new file mode 100644 index 0000000..55e5343 --- /dev/null +++ b/ansible/host_vars/pve/main.yml @@ -0,0 +1,46 @@ +private_ip: "{{ pve_hosts.pve.ip }}" + +zpools_to_scrub: + - tank + - rpool + +# 7GB, or so +zfs_arc_size: 7000000000 + +sanoid_datasets: + tank: + use_template: production + recursive: true + process_children_only: true + + rpool: + use_template: production + recursive: true + +# Snapraid +snapraid_install: false +snapraid_runner: false + +snapraid_data_disks: + - path: /mnt/bulk + content: true +snapraid_parity_disks: + - path: /mnt/parity + content: true + +snapraid_content_files: + - /mnt/tank/files/snapraid.content + - /var/snapraid.content + +snapraid_config_excludes: + - "*.unrecoverable" + - /lost+found/ + - "*.!sync" + - /tmp/ + +snapraid_scrub_schedule: + hour: 5 + weekday: 4 + +snapraid_scrub_healthcheck_io_uuid: "{{ vault_snapraid_scrub_healthcheck_io_uuid }}" +snapraid_sync_healthcheck_io_uuid: "{{ vault_snapraid_sync_healthcheck_io_uuid }}" diff --git a/ansible/host_vars/pve/vault.yml b/ansible/host_vars/pve/vault.yml new file mode 100644 index 0000000..8434467 --- /dev/null +++ b/ansible/host_vars/pve/vault.yml @@ -0,0 +1,13 @@ +$ANSIBLE_VAULT;1.1;AES256 +35373139393931313861616335663835396132626632363635316430306539666631393230323539 +3830333131633532343962376562663463656235333137340a343536626237306465646661656566 +32346535633838386137383238336130663639633266366137353739633062313730333963626462 +3436633035396461630a313433343330303434396665313536656462306166623636633731353937 +33366265383932343231386438633432623263316363623032356662393538346234326238333130 +64326434393165653134386631636165303836323763636532303562326238366638333063636135 +33303866383934393961363933316433623637656264333531623034383337343231323361383363 +63623264626537363832623662313533326230326665363161643931306338363831343566353839 +39363562366430383461396232653531626131386234643731643463616563363334636365353934 +66643561326566613364653363313763356662623066326232653938373135313561386636313264 +31633938363863633866336435396239346266343662356231376161363763666332306330393337 +64373933396136386366 diff --git a/ansible/host_vars/restic.yml b/ansible/host_vars/restic.yml deleted file mode 100644 index 5d2a96e..0000000 --- a/ansible/host_vars/restic.yml +++ /dev/null @@ -1,22 +0,0 @@ -restic_backup_locations: - - /mnt/host/mnt/tank - - /mnt/host/etc/pve - - /mnt/home-assistant -restic_healthchecks_id: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 61343535336633643231356138356631663130313234343538366634393661666232303965643365 - 3735323363366366303366336163623334316638653164610a633735316466336637346666666536 - 64323361653034303033383333333037346637343865636634386533653337363936386130396265 - 3134623162393034370a383737386434653036373639636631363233623232383936313264656539 - 62376636326332386330663432306135313938623134383239373435666666356538363639323333 - 3264386632376261666566373032363261643961376635336131 - -restic_forget: true -restic_forget_healthchecks_id: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 35356435623338613263633563623834376461643133386432366666373336373637326637626538 - 3264323338323034613633346431363362656362303530650a303861343438643232396436383065 - 34366236343664616566646564616532643066353732616566343665306464353637613362373837 - 6135323461646234360a383039623663333761343439636332323139616365313865666261336162 - 65663363666165313065323939653530613234613139316436343839356262363666373262366539 - 6666333133626561636638326335353135313637393033313138 diff --git a/ansible/host_vars/restic/main.yml b/ansible/host_vars/restic/main.yml new file mode 100644 index 0000000..49e08ca --- /dev/null +++ b/ansible/host_vars/restic/main.yml @@ -0,0 +1,8 @@ +restic_backup_locations: + - /mnt/host/mnt/tank + - /mnt/host/etc/pve + - /mnt/home-assistant +restic_healthchecks_id: "{{ vault_restic_healthchecks_id }}" + +restic_forget: true +restic_forget_healthchecks_id: "{{ vault_restic_forget_healthchecks_id }}" diff --git a/ansible/host_vars/restic/vault.yml b/ansible/host_vars/restic/vault.yml new file mode 100644 index 0000000..cb262ed --- /dev/null +++ b/ansible/host_vars/restic/vault.yml @@ -0,0 +1,12 @@ +$ANSIBLE_VAULT;1.1;AES256 +31333338396531316366353161666432346634373335356464663837386231616632373833656130 +3361383732623965393533316366373864323064393530330a346565393462316561383733653437 +62363736356432363239373863303734323437333034343266313135383866303566396639646230 +3839333535393036390a383534346233633935393561353637353835663763343531613238653664 +39356365306630373036396132373562646130636439373964333363306431666565613434646365 +64353933656365653431386463623034643564303266396438353064373434336436366431366338 +31386637376165633731373633656336623531323965343534323031363163356239353031643165 +37663232636234663735613037666161393736663432656139646264313763303164386161626162 +65393363336435333738303061613738636666303961653361376131376161623264343666353061 +61663636656339363539666335643239653361383961333665646562613935396335623565306531 +643165653537326431373637303639343763 diff --git a/ansible/host_vars/walker.yml b/ansible/host_vars/walker.yml deleted file mode 100644 index 6a501e1..0000000 --- a/ansible/host_vars/walker.yml +++ /dev/null @@ -1,13 +0,0 @@ -with_traefik_pages: true - -restic_backup_locations: - - /opt - - "{{ home }}/db-backups" -restic_healthchecks_id: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 30663732643431326232366364373238653263613039373232663563303334326137376663373366 - 6136306335363665313133623531643736653934323034620a346461633634633932343936376361 - 36386539376630333361336664616238363532643764616137666435336366373962396336633835 - 6338343236636637620a643137396563333862376464333461376535663938313034323236653334 - 34393364666562303630396333663463363735353134313161303062373433393731373461383634 - 6266613466303865333834616630626337383735323566336639 diff --git a/ansible/host_vars/walker/main.yml b/ansible/host_vars/walker/main.yml new file mode 100644 index 0000000..051f12b --- /dev/null +++ b/ansible/host_vars/walker/main.yml @@ -0,0 +1,6 @@ +with_traefik_pages: true + +restic_backup_locations: + - /opt + - "{{ home }}/db-backups" +restic_healthchecks_id: "{{ vault_restic_healthchecks_id }}" diff --git a/ansible/host_vars/walker/vault.yml b/ansible/host_vars/walker/vault.yml new file mode 100644 index 0000000..0f34a25 --- /dev/null +++ b/ansible/host_vars/walker/vault.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +63343332346238306230643233623336383766656433366339346331653036633636666238613764 +3431336432616166386462346532633664616562636136630a613836643565633962656432653333 +65356132316139363261373961663930383131393535633861343734393666326665653931663036 +3632613637663132360a373266303662623739633831613764313061616239303135386630616638 +62323930366166326433363835316536646363616431653566306363323736343761643038346262 +39316564333435663539653563653737333730616131393766643964303536373235323430616261 +39306535356562313133653337383762373636373234363732636266613165333439356334383661 +39343333303337363766