From bd34ba1250ef99c0c3a33d02aab9eb8fd97c05fe Mon Sep 17 00:00:00 2001 From: BuckarooBanzay Date: Sat, 20 Aug 2022 12:28:05 +0200 Subject: [PATCH] add secrets to vault --- .github/workflows/deployment.yml | 3 ++- deploy.yml | 8 ++++---- group_vars/all.yml | 16 ++++++++++++++++ minetest.conf | 3 +++ 4 files changed, 25 insertions(+), 5 deletions(-) create mode 100644 group_vars/all.yml diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index 8e1248f..9561cee 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -20,6 +20,7 @@ jobs: ssh-keyscan akheron.rudin.io >> ~/.ssh/known_hosts chmod -R 700 ~/.ssh ansible-galaxy collection install community.general + echo "${{ secrets.VAULT_PASS }}" > ~/.vault_pass.txt - name: Run ansible run: | - ansible-playbook -i hosts --private-key ~/.ssh/id_rsa deploy.yml + ansible-playbook -i hosts --vault-password-file ~/.vault_pass.txt --private-key ~/.ssh/id_rsa deploy.yml diff --git a/deploy.yml b/deploy.yml index ef004d3..1a084b4 100644 --- a/deploy.yml +++ b/deploy.yml @@ -11,10 +11,10 @@ single_branch: yes version: master - - name: Generate minetest config - shell: - cmd: "cat minetest.conf minetest.conf.keys > data/minetest/minetest.conf" - chdir: "{{ compose_directory }}" + - name: Template minetest config + template: + src: "minetest.conf" + dest: "{{compose_directory}}/data/minetest/minetest.conf" - name: Create and start services community.general.docker_compose: diff --git a/group_vars/all.yml b/group_vars/all.yml new file mode 100644 index 0000000..d05b92b --- /dev/null +++ b/group_vars/all.yml @@ -0,0 +1,16 @@ +$ANSIBLE_VAULT;1.1;AES256 +38323531633439666362336432666539383938666639643732303434663730376233663035313265 +6163333835393633326363623866643639633963303666630a323165303964633737366162646461 +64646165386361653930383437653230376531666233616164656334306533653836326361613263 +6563353233643636310a313435326538643063326263616562366531633632666166336131353364 +64313833623438373634636534656436623136353762353965313464373535336166633238323036 +61376561613938666561363636613832333837356231313437353663613661393436313833613262 +31653933316365366337653965343266623061623735643533333936393662396133353736396136 +35396430636238346562616638333630326464633433303437306432353138313638373236313037 +36653636316135386137326166626233666163353438366139316133393730356562663333363164 +65383635633931376439323966383837653464643362636334346364643464313235313932336566 +37333838383935323061333731386662393261343831363532363461313363353962623034616262 +37613566643734393731656533306265373838636166323465323238306561353431313037613661 +39363533363263393630643036613332343864303161646233303732633733636332393237363638 +35373332613363316431353662393637643265633337313661653762653066653238323265396331 +376335303439393461353133306337356361 diff --git a/minetest.conf b/minetest.conf index 4a49ac7..f24c66b 100644 --- a/minetest.conf +++ b/minetest.conf @@ -92,6 +92,7 @@ prefab.electric_fence_damage = 2 # xp xp.enable_death_malus = false xp_redo.discord.texture_baseurl = https://pandorabox.io/highscore/api/texture/ +xp_redo.discord.webhook_url = {{xp_redo_discord_webhook_url}} xp.limit_dig_rate = 25 # beerchat @@ -109,10 +110,12 @@ digtron_cycle_time = 1.0 # mapserver mapserver.url = http://mapserver:8080 +mapserver.key = {{mapserver_key}} mapserver.enable_crafting = true # ui url mtui.url = http://ui:8080 +mtui.key = {{mtui_key}} # auth-proxy (wiki) auth_proxy.url = http://auth-proxy:8080