Robert Helewka
c1391e3dbc
- Updated vault.yml.example to include Athena secrets: secret key, DB password, OAuth client ID, and client secret. - Modified puck.incus.yml to add Athena service and configuration details, including user, group, directory, port, and domain. - Updated titania.incus.yml to change OAuth client ID and secret variable names for consistency with Athena. - Added Athena configuration to mcpo config template, including URL and authorization headers.
101 lines
2.8 KiB
Plaintext
101 lines
2.8 KiB
Plaintext
# Ansible Vault Secrets File
|
|
# Copy to vault.yml and encrypt with: ansible-vault encrypt vault.yml
|
|
#
|
|
# All secrets should be prefixed with vault_ and encrypted.
|
|
# Service variables in vars.yml or host_vars reference these with:
|
|
# service_password: "{{ vault_service_password }}"
|
|
|
|
# PostgreSQL
|
|
vault_postgres_password: changeme
|
|
|
|
# Service Database Passwords
|
|
vault_arke_db_password: changeme
|
|
vault_casdoor_db_password: changeme
|
|
vault_periplus_db_password: changeme
|
|
vault_mcp_switchboard_db_password: changeme
|
|
vault_openwebui_db_password: changeme
|
|
vault_spelunker_db_password: changeme
|
|
|
|
# Neo4j
|
|
vault_neo4j_auth_password: changeme
|
|
|
|
# RabbitMQ
|
|
vault_rabbitmq_password: changeme
|
|
vault_kairos_rabbitmq_password: changeme
|
|
vault_spelunker_rabbitmq_password: changeme
|
|
vault_mcp_switchboard_rabbitmq_password: changeme
|
|
|
|
# Caliban
|
|
# Note: VNC passwords are limited to 8 characters maximum
|
|
vault_caliban_x11vnc_password: caliban
|
|
|
|
# Casdoor
|
|
vault_casdoor_auth_state: changeme
|
|
vault_casdoor_radius_secret: changeme
|
|
vault_casdoor_s3_endpoint: changeme
|
|
vault_casdoor_s3_access_key: changeme
|
|
vault_casdoor_s3_secret_key: changeme
|
|
vault_casdoor_s3_bucket: changeme
|
|
vault_casdoor_app_client_secret: changeme
|
|
vault_casdoor_admin_password: changeme
|
|
vault_casdoor_hostmaster_password: changeme
|
|
|
|
# Gitea
|
|
vault_gitea_db_password: changeme
|
|
vault_gitea_secret_key: changeme
|
|
vault_gitea_lfs_jwt_secret: changeme
|
|
vault_gitea_metrics_token: changeme
|
|
vault_gitea_oauth_client_id: changeme
|
|
vault_gitea_oauth_client_secret: changeme
|
|
|
|
# OpenWebUI
|
|
vault_openwebui_secret_key: changeme
|
|
vault_openwebui_openai_api_key: changeme
|
|
vault_openwebui_anthropic_api_key: changeme
|
|
vault_openwebui_groq_api_key: changeme
|
|
vault_openwebui_mistral_api_key: changeme
|
|
vault_openwebui_oauth_client_id: changeme
|
|
vault_openwebui_oauth_client_secret: changeme
|
|
|
|
# MCP Switchboard
|
|
vault_mcp_switchboard_secret_key: changeme
|
|
|
|
# SearXNG
|
|
vault_searxng_secret_key: changeme
|
|
|
|
# PgAdmin
|
|
vault_pgadmin_email: admin@example.com
|
|
vault_pgadmin_password: changeme
|
|
|
|
# Grafana
|
|
vault_grafana_admin_name: Admin
|
|
vault_grafana_admin_login: admin
|
|
vault_grafana_admin_password: changeme
|
|
vault_grafana_viewer_name: Viewer
|
|
vault_grafana_viewer_login: viewer
|
|
vault_grafana_viewer_password: changeme
|
|
|
|
# Pushover (Alertmanager notifications)
|
|
vault_pushover_user_key: changeme
|
|
vault_pushover_api_token: changeme
|
|
|
|
# GitHub MCP
|
|
vault_github_personal_access_token: changeme
|
|
|
|
# MCP Authentication Tokens
|
|
vault_angelia_mcp_auth: changeme
|
|
vault_athena_mcp_auth: changeme
|
|
vault_kairos_mcp_auth: changeme
|
|
|
|
# Athena
|
|
vault_athena_secret_key: changeme
|
|
vault_athena_db_password: changeme
|
|
vault_athena_oauth_client_id: changeme
|
|
vault_athena_oauth_client_secret: changeme
|
|
|
|
# Arke NTTh API Tokens
|
|
vault_ntth_token_1_app_secret: changeme
|
|
vault_ntth_token_2_app_secret: changeme
|
|
vault_ntth_token_3_app_secret: changeme
|
|
vault_ntth_token_4_app_secret: changeme
|