CCCHH/ansible-infra
CCCHH/ansible-infra
4
2
Fork 1
Code Issues 4 Pull requests 2 Wiki Activity Actions

ccchoir(host): move secrets to SOPS

Browse source
This commit is contained in:
June 2025-05-03 22:48:49 +02:00
commit 31ad4654c6
Signed by: june
SSH key fingerprint: SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
3 changed files with 255 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
View file

@ -6,8 +6,8 @@ services:
image: docker.io/library/mariadb:11
environment:
- "MARIADB_DATABASE=wordpress"
- "MARIADB_ROOT_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_ROOT_PASSWORD", create=false, missing="error") }}"
- "MARIADB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}"
- "MARIADB_ROOT_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_ROOT_PASSWORD']") }}"
- "MARIADB_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_PASSWORD']") }}"
- "MARIADB_USER=wordpress"
- "MARIADB_AUTO_UPGRADE=yes"
volumes:
@ -23,7 +23,7 @@ services:
- "WORDPRESS_DB_NAME=wordpress"
- "WORDPRESS_DB_USER=wordpress"
- "WORDPRESS_TABLE_PREFIX=wp_"
- "WORDPRESS_DB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}"
- "WORDPRESS_DB_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_PASSWORD']") }}"
volumes:
- wordpress:/var/www/html/wp-content
ports: