From 564eb0d28228c2716fd5642e55322fddba04b473 Mon Sep 17 00:00:00 2001 From: L3D Date: Sat, 2 Jan 2021 22:48:07 +0100 Subject: [PATCH] start using vault --- .../vars.yml} | 5 +++-- host_vars/mail01.l3d.space/vault.yml | 14 ++++++++++++++ .../vars.yml} | 4 ++-- host_vars/web01.l3d.space/vault.yml | 14 ++++++++++++++ 4 files changed, 33 insertions(+), 4 deletions(-) rename host_vars/{mail01.l3d.space.yml => mail01.l3d.space/vars.yml} (87%) create mode 100644 host_vars/mail01.l3d.space/vault.yml rename host_vars/{web01.l3d.space.yml => web01.l3d.space/vars.yml} (91%) create mode 100644 host_vars/web01.l3d.space/vault.yml diff --git a/host_vars/mail01.l3d.space.yml b/host_vars/mail01.l3d.space/vars.yml similarity index 87% rename from host_vars/mail01.l3d.space.yml rename to host_vars/mail01.l3d.space/vars.yml index 3d0dfa1..e2d9697 100644 --- a/host_vars/mail01.l3d.space.yml +++ b/host_vars/mail01.l3d.space/vars.yml @@ -28,15 +28,16 @@ nginx_sites: webroot: user: 'mailwebuser' -acme_notification_email: "acme_{{ inventory_hostname }}@l3d.yt" +# letsencrypt +acme_notification_email: "{{ _acme_notification_email }}" # firewall +fail2ban_destemail: "{{ _fail2ban_destemail }}" firewall_allowed_tcp_ports: - "22" - "25" - "80" - "443" -fail2ban_destemail: "fail2ban_notify_{{ inventory_hostname }}@l3d.yt" # mysql mysql_bind_address: '127.0.0.1' diff --git a/host_vars/mail01.l3d.space/vault.yml b/host_vars/mail01.l3d.space/vault.yml new file mode 100644 index 0000000..cc4976c --- /dev/null +++ b/host_vars/mail01.l3d.space/vault.yml @@ -0,0 +1,14 @@ +$ANSIBLE_VAULT;1.1;AES256 +31346635363835396463623038303261326265323864646237383737353038633530626431346136 +6564313733373366396133336465663533336537393234300a326565656130653335336266653862 +38396364663864393065343361363035636336616338386663333534613364663261383132376666 +6566353231646535610a363066393663643564626264306563626137633931613535383265383263 +65616661376438313631616132346638343763356565356365613837633235666666383264366136 +38376433323435363638626237373762373939666232343135336133666665373538636535303330 +38613965303665633531613530346464333466336139373537336333623436373237353061363637 +63653336383737313139333863646639646163336466376436666364333331343338353333316136 +62633537626165643837353366643063636461363532666666363939623934663432616537636635 +31643761643531306137633136343034653230623265306639616434653133326639316539663938 +66343834656636326566643330643231643636633438633662366566616132303334316538386637 +66613138663766646166623664366437313938346130653164396463356238666365353766663234 +6332 diff --git a/host_vars/web01.l3d.space.yml b/host_vars/web01.l3d.space/vars.yml similarity index 91% rename from host_vars/web01.l3d.space.yml rename to host_vars/web01.l3d.space/vars.yml index 8c9800e..b1081c6 100644 --- a/host_vars/web01.l3d.space.yml +++ b/host_vars/web01.l3d.space/vars.yml @@ -61,11 +61,11 @@ nginx_sites: - name: 'www.podcast.c3woc.eu' -acme_notification_email: "acme_{{ inventory_hostname }}@l3d.yt" +acme_notification_email: "{{ _acme_notification_email }}" # firewall +fail2ban_destemail: "{{ _fail2ban_destemail }}" firewall_allowed_tcp_ports: - "22" - "80" - "443" -fail2ban_destemail: "fail2ban_notify_{{ inventory_hostname }}@l3d.yt" diff --git a/host_vars/web01.l3d.space/vault.yml b/host_vars/web01.l3d.space/vault.yml new file mode 100644 index 0000000..ed8a464 --- /dev/null +++ b/host_vars/web01.l3d.space/vault.yml @@ -0,0 +1,14 @@ +$ANSIBLE_VAULT;1.1;AES256 +34633062636364323330386332383265363237323562343363663666303532613338306231306337 +3766306337663139323730343461353430396165303037320a396462306165623833363231353864 +37616237373730313631616636633031356133366665353861356639386330393635626139623465 +3335383431373061330a613763373939623738356330366338323631626633653138643934333939 +36326262663236333866333030376538636662323034316130396661306263663636333066363733 +32386436363538366139616332666430386263613730623137303433306434353336623831366635 +33343339663538323037623136343863623565363835626438376331323038643864366364616661 +35613662393161306637393131353038636133323131313062386532373763316334623132353239 +31613332363031303636376465346534636435386664646237636161366465303831653232366565 +36376330323537653831653466383235396538656234376537316133323233303738353465343466 +39343338656331633566613261633230376264313638656535393161383639356433303734636330 +66656234336535353564646663393964653037613537613062316533346365316331306139323131 +3439