From ec6e180c0aa0c899bf2dacb6c1b106fa8a742030 Mon Sep 17 00:00:00 2001
From: Sheppy <sheppy@atlantishq.de>
Date: Sun, 22 Dec 2024 19:33:55 +0000
Subject: [PATCH] fix: reactive resume secrets

---
 group_vars/all.yaml                                  |  5 +++++
 .../templates/reactive-resume.yaml                   | 12 ++++++------
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/group_vars/all.yaml b/group_vars/all.yaml
index 6ad7b85..2e51ff0 100644
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -10,6 +10,11 @@ code_server_password: HISTORY_PURGED_SECRET
 
 tube_archivist_elasticsearch_password: HISTORY_PURGED_SECRET
 
+reactive_resume_postgres_password: HISTORY_PURGED_SECRET
+reactive_resume_minio_password: HISTORY_PURGED_SECRET
+reactive_resume_refresh_token: HISTORY_PURGED_SECRET
+reactive_resume_access_token: HISTORY_PURGED_SECRET
+
 icinga_api_user: "mobile"
 icinga_api_pass: "HISTORY_PURGED_SECRET"
 icinga_api_url: "https://192.168.122.107:5665"
diff --git a/roles/docker-deployments/templates/reactive-resume.yaml b/roles/docker-deployments/templates/reactive-resume.yaml
index 7babc60..2a9642f 100644
--- a/roles/docker-deployments/templates/reactive-resume.yaml
+++ b/roles/docker-deployments/templates/reactive-resume.yaml
@@ -12,13 +12,13 @@ services:
       - resume
     environment:
       MINIO_ROOT_USER: minioadmin
-      MINIO_ROOT_PASSWORD: HISTORY_PURGED_SECRET
+      MINIO_ROOT_PASSWORD: {{ reactive_resume_minio_password }}
 
   db:
     image: postgres:13
     environment:
       - POSTGRES_USER=reactiveresume
-      - POSTGRES_PASSWORD=HISTORY_PURGED_SECRET
+      - POSTGRES_PASSWORD={{ reactive_resume_postgres_password }}
       - POSTGRES_DB=reactiveresume
     restart: always
     volumes:
@@ -65,11 +65,11 @@ services:
       CHROME_URL: ws://chrome:3000
 
       # -- Database (Postgres) --
-      DATABASE_URL: postgresql://reactiveresume:HISTORY_PURGED_SECRET@db:5432/postgres
+      DATABASE_URL: postgresql://reactiveresume:{{ reactive_resume_postgres_password }}@db:5432/postgres
 
       # -- Auth --
-      ACCESS_TOKEN_SECRET: HISTORY_PURGED_SECRET
-      REFRESH_TOKEN_SECRET: HISTORY_PURGED_SECRET
+      ACCESS_TOKEN_SECRET: {{ reactive_resume_access_token }}
+      REFRESH_TOKEN_SECRET: {{ reactive_resume_refresh_token }}
 
       # -- Emails --
       MAIL_FROM: noreply@atlantishq.de
@@ -80,7 +80,7 @@ services:
       STORAGE_PORT: 9000
       STORAGE_BUCKET: default
       STORAGE_ACCESS_KEY: minioadmin
-      STORAGE_SECRET_KEY: HISTORY_PURGED_SECRET
+      STORAGE_SECRET_KEY: {{ reactive_resume_minio_password }}
 
       # -- Cache (Redis) --
       REDIS_URL: redis://default:password@redis:6379