uumas/ansible-podman
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

service: rename secrets return variable

Browse Source
This commit is contained in:
uumas
2025-04-04 22:13:07 +03:00
parent 9bb2b24948
commit 68b3dcb49c
4 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/service/meta/argument_specs.yaml
View File

@@ -93,7 +93,7 @@ argument_specs:
description: description:
- A list of secrets available to the service container in /run/secrets/<service name>-<secret name> - A list of secrets available to the service container in /run/secrets/<service name>-<secret name>
- > - >
A dict of secrets and their values (including autogenerated values) is available as `_service_podman_secrets` for use A dict of secrets and their values (including autogenerated values) is available as `service_podman_secrets` for use
in tepmlates or environment variables. This should only be used if the container doesn't support reading the secret from file in tepmlates or environment variables. This should only be used if the container doesn't support reading the secret from file
type: list type: list
required: false required: false

2
roles/service/tasks/secrets.yaml
View File

@@ -16,7 +16,7 @@
- name: Store secrets in a variable for later - name: Store secrets in a variable for later
ansible.builtin.set_fact: ansible.builtin.set_fact:
_service_podman_secrets: > service_podman_secrets: >
{{ _service_podman_secret_info.secrets {{ _service_podman_secret_info.secrets
| map(attribute='Spec.Name') | map(attribute='Spec.Name')
| zip(_service_podman_secret_info.secrets | map(attribute='SecretData')) | zip(_service_podman_secret_info.secrets | map(attribute='SecretData'))

4
roles/synapse/tasks/main.yaml
View File

@@ -68,8 +68,8 @@
matrix_authentication_service_domain: "{{ synapse_mas_domain }}" matrix_authentication_service_domain: "{{ synapse_mas_domain }}"
matrix_authentication_service_homeserver_name: "{{ synapse_server_name }}" matrix_authentication_service_homeserver_name: "{{ synapse_server_name }}"
matrix_authentication_service_homeserver_address: http://synapse:8009 matrix_authentication_service_homeserver_address: http://synapse:8009
matrix_authentication_service_client_secret: "{{ _service_podman_secrets['synapse-mas-client-secret'] }}" matrix_authentication_service_client_secret: "{{ service_podman_secrets['synapse-mas-client-secret'] }}"
matrix_authentication_service_homeserver_secret: "{{ _service_podman_secrets['synapse-mas-homeserver-secret'] }}" matrix_authentication_service_homeserver_secret: "{{ service_podman_secrets['synapse-mas-homeserver-secret'] }}"
matrix_authentication_service_email_smtp_server: "{{ synapse_email_smtp_server }}" matrix_authentication_service_email_smtp_server: "{{ synapse_email_smtp_server }}"
matrix_authentication_service_email_smtp_user: "{{ synapse_email_smtp_user }}" matrix_authentication_service_email_smtp_user: "{{ synapse_email_smtp_user }}"

6
roles/synapse/templates/homeserver.yaml.j2
View File

@@ -29,7 +29,7 @@ database:
args: args:
host: synapse-postgres host: synapse-postgres
user: synapse user: synapse
password: "{{ _service_database_password }}" password: "{{ service_podman_secrets['synapse-postgres'] }}"
dbname: synapse dbname: synapse
caches: caches:
@@ -112,6 +112,6 @@ experimental_features:
issuer: http://matrix-authentication-service:8080/ issuer: http://matrix-authentication-service:8080/
client_id: 0000000000000000000SYNAPSE client_id: 0000000000000000000SYNAPSE
client_auth_method: client_secret_basic client_auth_method: client_secret_basic
client_secret: "{{ _service_podman_secrets['synapse-mas-client-secret'] }}" client_secret: "{{ service_podman_secrets['synapse-mas-client-secret'] }}"
admin_token: "{{ _service_podman_secrets['synapse-mas-homeserver-secret'] }}" admin_token: "{{ service_podman_secrets['synapse-mas-homeserver-secret'] }}"
account_management_url: "https://{{ synapse_mas_domain }}/account" account_management_url: "https://{{ synapse_mas_domain }}/account"