bk-dss: use vault for secret, use tagged version, use correct certificate for ldap

This commit is contained in:
Markus 2019-02-23 23:34:23 +01:00
parent 845a9f3c76
commit 407409010e
5 changed files with 29 additions and 25 deletions

View File

@ -7,6 +7,7 @@ dns_axfr_ips:
- 2001:470:600::2 - 2001:470:600::2
dss_domain: dss.binary-kitchen.de dss_domain: dss.binary-kitchen.de
dss_secret: "{{ vault_dss_secret }}"
gogs_domain: git.binary-kitchen.de gogs_domain: git.binary-kitchen.de
gogs_dbname: gogs gogs_dbname: gogs

View File

@ -1,23 +1,25 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
64353739333035313065616635646335313732653764326464323735613839326264633132316663 37623461646334336463353434343836326161626164393862386461646664383165646661626266
3961633033373735373939326362386266376464353433390a323639313536363838303831303465 3732623932366265396465376633613563386535663732630a393336623331306434326438383636
61633562353666393136303830346536303436643334366432303539393065323537333836613461 61313032623264376131366162303831663066616236653439323737663938366462323039613162
6563343335643164660a316262336262623239373863613562303531393734323430323730653066 3535356231333131610a613466633666323762646630663461353135303934303231363938653338
61383161616532623435643966626461656662323039326332346139623439626663353433386566 33653466333738373461396432303765313935396439366566303338313938616632363266343738
61366264613036316638653263616238663635376366643164373366343961373761376161366530 33346538333531326636653236663062326435343164333839656663383466646364333637313565
61643931623532363666326261646462356662306664633564616630303531643536316235386234 30393561383236353833316563336435363835363661616561353734623464333365393639633935
33643538323338303230373564393863306366656331363564333263393435666265623665333935 31356339313133393634383938306536643932616131363834653461616635323330366534356530
37373631633463376431636161336162376439386238643461663164666232326434333666326538 66373636373662616239376566396164323863383134613135623263326431353463616337363561
32343464636465626664363934643461313066653261636234663939333032343966366533383966 39376431623330373036653534356339663665373766306433366164613430313032336636653331
64663866333232656339303230356266633861393636616330663531363565653363653739356662 31353165353131616634303138363064333066393566663039393165363866363262386136646661
31343764386661613230643630333961353063333531376566623335643733333239336462353434 64653332623436303666613063346534323037646462373663613436666362366266303463373931
30346665623036353764376431336337303762373465393765396133646636336163646163373332 38306664643338623566626339666433636638383032353161383431623963336263363431363333
64626637386164326264646438393137613336333832336636663634393637386539303830336637 35353166353630323534336162333432326639623961323364396666393431393435643937303434
30353037363037383665643364303462663034363663323165393061626637616364393161323766 36343534626230396130303735343061343661666161663434383862613637636138346630386238
31366632613931663565613534346139353338313130343435663133393461616362656330353637 34656666383363333139333539363535633637333764343866643061346434313265343466656238
30386232396265323362356633303736656230656539616666386330363361613665666563373331 32626665343065376635633266333835386661343333616535376162623734623863323633623939
33626132303536336562366537336566343836303338303638626161643235363032343262383639 31383830306163373565326531623838656266316663393863633738383961646466396631343933
39393033666162313466323839353233343963653565376337383532303463386461393932613933 36316437316463326633326338366365663564646663306431303530313939336630653539363833
65633030303939366630323931646337333831323863323865306135323163313235623834636139 37373232306338636634383062616231306261383939316132366533663334353038333539663330
33376233346537626165373337303338323666393834303363633237646163663461356434323432 30303764383138616633313662393661316332646135666566633939623233373737303964363636
3963373937616632356532396666333436356363616234306238 36306230656362383763666562396666313933643339656665656266653861386435313231623331
61373433313237303764643362363336623635316364653139383261616366376430643330656131
66616661613866613064

View File

@ -1,3 +1,4 @@
--- ---
dss_uwsgi_port: 5001 dss_uwsgi_port: 5001
dss_version: 0.8.0

View File

@ -14,7 +14,7 @@
- uwsgi-plugin-python3 - uwsgi-plugin-python3
- name: Install bk-dss - name: Install bk-dss
git: repo=https://git.binary-kitchen.de/moepman/bk-dss.git dest=/opt/bk-dss depth=1 version=9e0275eef219d514a30e9725778c94821a4c4fbf git: repo=https://git.binary-kitchen.de/moepman/bk-dss.git dest=/opt/bk-dss depth=1 version={{ dss_version }}
- name: Configure bk-dss - name: Configure bk-dss
template: src=config.cfg.j2 dest=/opt/bk-dss/config.cfg template: src=config.cfg.j2 dest=/opt/bk-dss/config.cfg

View File

@ -1,8 +1,8 @@
DEBUG = True DEBUG = True
SECRET_KEY = "CHANGE!ME" SECRET_KEY = "{{ dss_secret }}"
SESSION_TIMEOUT = 3600 SESSION_TIMEOUT = 3600
LDAP_CA = "/etc/ldap/ssl/BKCA.crt" LDAP_CA = "/usr/local/share/ca-certificates/BKCA.crt"
LDAP_URI = "ldaps://{{ ldap_host }}" LDAP_URI = "ldaps://{{ ldap_host }}"
LDAP_BASE = "{{ ldap_base }}" LDAP_BASE = "{{ ldap_base }}"