jack/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/inventory/group_vars/all/main.yml
jack 9bfb702322
Some checks failed
CI/CD / syntax-check (push) Successful in 2m24s
Details
CI/CD / deploy (push) Failing after 2m4s
Details
ci: fix syntax-check vault password, update CI deploy key 
- Add vault password step to syntax-check job (ansible needs it even for --syntax-check)
- Regenerate CI deploy SSH key (old private key was lost, new pair generated)
- Add VAULT_PASSWORD and SSH_PRIVATE_KEY secrets to Forgejo via API

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-21 23:22:17 +07:00

29 lines
1.1 KiB
YAML
Raw Blame History

---
# Non-secret variables
domain_base: "csrx.ru"
# Derived domains
domain_vault: "vault.{{ domain_base }}"
domain_git: "git.{{ domain_base }}"
domain_plane: "plane.{{ domain_base }}"
domain_sync: "sync.{{ domain_base }}"
domain_traefik: "traefik.{{ domain_base }}"
# Service paths
services_root: /opt/services
deploy_user: deploy
deploy_group: deploy
# Secrets (from vault)
acme_email: "{{ vault_acme_email }}"
vaultwarden_admin_token: "{{ vault_vaultwarden_admin_token }}"
forgejo_db_password: "{{ vault_forgejo_db_password }}"
plane_db_password: "{{ vault_plane_db_password }}"
plane_secret_key: "{{ vault_plane_secret_key }}"
plane_minio_password: "{{ vault_plane_minio_password }}"
traefik_dashboard_htpasswd: "{{ vault_traefik_dashboard_htpasswd }}"
syncthing_basic_auth_htpasswd: "{{ vault_syncthing_basic_auth_htpasswd }}"
forgejo_runner_token: "{{ vault_forgejo_runner_token }}"
# CI/CD deploy key (public key — not a secret)
ci_deploy_pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHdr9mRSSUqt7Ym4wA5RpVyz76wEXSOtVfh2/yCSMIbg ci-deploy@forgejo-runner"
Reference in a new issue View git blame Copy permalink