michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e26eb2aa12c58ac203a24c720c3998aa8a055e2d
michaelschiemer/.deployment-archive-20251030-111806/ansible/secrets/production-vault.yml

42 lines
1.3 KiB
YAML
Raw Blame History

---
# Production Secrets Vault
# IMPORTANT: This file must be encrypted with ansible-vault
#
# Encrypt this file:
# ansible-vault encrypt deployment/ansible/secrets/production-vault.yml
#
# Edit encrypted file:
# ansible-vault edit deployment/ansible/secrets/production-vault.yml
#
# Decrypt file (for debugging only, never commit decrypted):
# ansible-vault decrypt deployment/ansible/secrets/production-vault.yml
#
# Use in playbook:
# ansible-playbook playbooks/setup-production-secrets.yml --ask-vault-pass
# Database Credentials
vault_db_name: framework_production
vault_db_user: framework_app
vault_db_password: CHANGE_ME_STRONG_DB_PASSWORD_HERE
# Redis Credentials
vault_redis_password: CHANGE_ME_STRONG_REDIS_PASSWORD_HERE
# Application Secrets
vault_app_key: CHANGE_ME_BASE64_ENCODED_32_BYTE_KEY
vault_jwt_secret: CHANGE_ME_STRONG_JWT_SECRET_HERE
# Docker Registry Credentials
vault_registry_url: git.michaelschiemer.de:5000
vault_registry_user: deploy
vault_registry_password: CHANGE_ME_REGISTRY_PASSWORD_HERE
# Security Configuration
vault_admin_allowed_ips: "127.0.0.1,::1,94.16.110.151"
# SMTP Configuration (optional)
vault_smtp_host: smtp.example.com
vault_smtp_port: 587
vault_smtp_user: noreply@michaelschiemer.de
vault_smtp_password: CHANGE_ME_SMTP_PASSWORD_HERE
Reference in New Issue View Git Blame Copy Permalink