CCCHH/ansible-infra
CCCHH/ansible-infra
4
2
Fork 1
Code Issues 4 Pull requests 2 Wiki Activity Actions

grafana(host): move secrets to SOPS
Some checks failed
/ Ansible Lint (push) Failing after 1m49s
Details

Browse source
This commit is contained in:
June 2025-05-03 22:18:26 +02:00
commit 97b8386878
Signed by: june
SSH key fingerprint: SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
8 changed files with 269 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
View file

@ -36,7 +36,7 @@ services:
restart: unless-stopped
environment:
- GF_SECURITY_ADMIN_USER=admin
- "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/GF_SECURITY_ADMIN_PASSWORD", create=false, missing="error") }}"
- "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['GF_SECURITY_ADMIN_PASSWORD']") }}"
volumes:
- ./configs/grafana.ini:/etc/grafana/grafana.ini
- ./configs/grafana-datasource.yml:/etc/grafana/provisioning/datasources/datasource.yml
@ -50,7 +50,7 @@ services:
restart: unless-stopped
environment:
- PVE_USER=grafana@pve
- "PVE_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/prometheus-exporter", create=false, missing="error") }}"
- "PVE_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['prometheus-exporter']") }}"
- PVE_VERIFY_SSL=false
volumes:
- /dev/null:/etc/prometheus/pve.yml