mirror of
https://github.com/FAUSheppy/no-secrets-athq-ansible
synced 2025-12-06 07:51:35 +01:00
424 lines
14 KiB
YAML
424 lines
14 KiB
YAML
---
|
|
checks:
|
|
extra_sheppy_pubkeys:
|
|
nsca_server: 192.168.122.107
|
|
ldap_server: 192.168.122.112
|
|
nsca_password: HISTORY_PURGED_SECRET
|
|
nsca_report_to_rudi_password: HISTORY_PURGED_SECRET
|
|
RSYSLOG_SERVER: internal.monitoring.atlantishq.de
|
|
influxdb_telegraf_password: HISTORY_PURGED_SECRET
|
|
code_server_password: HISTORY_PURGED_SECRET
|
|
|
|
atlantis_array_action_pw: jeanswochenendegeschichte
|
|
|
|
money_balancer_jwt_secret: HISTORY_PURGED_SECRET
|
|
|
|
hedgedoc_db_password: HISTORY_PURGED_SECRET
|
|
|
|
paperless_secret_key: HISTORY_PURGED_SECRET
|
|
|
|
kube_adm_token: HISTORY_PURGED_SECRET
|
|
|
|
storagebox_u244665_sub2_password: HISTORY_PURGED_SECRET
|
|
slapd_backup_submit_token: HISTORY_PURGED_SECRET
|
|
|
|
tube_archivist_elasticsearch_password: HISTORY_PURGED_SECRET
|
|
|
|
reactive_resume_postgres_password: HISTORY_PURGED_SECRET
|
|
reactive_resume_minio_password: HISTORY_PURGED_SECRET
|
|
reactive_resume_refresh_token: HISTORY_PURGED_SECRET
|
|
reactive_resume_access_token: HISTORY_PURGED_SECRET
|
|
|
|
icinga_api_user: "mobile"
|
|
icinga_api_pass: "HISTORY_PURGED_SECRET"
|
|
icinga_api_url: "https://192.168.122.107:5665"
|
|
icinga_web_url: "https://icinga.atlantishq.de/"
|
|
|
|
backup_vsyncdir_password: HISTORY_PURGED_SECRET
|
|
|
|
icinga_web_db_password: HISTORY_PURGED_SECRET
|
|
icinga_ido_password: HISTORY_PURGED_SECRET
|
|
|
|
event_dispatcher_host: dispatcher.atlantishq.de
|
|
event_dispatcher_proto: https
|
|
event_dispatcher_port: 443
|
|
event_dispatcher_address: "{{ event_dispatcher_proto }}://{{ event_dispatcher_host }}"
|
|
event_dispatcher_user: dispatch
|
|
event_dispatcher_pass: HISTORY_PURGED_SECRET
|
|
notification_settings_access_token: HISTORY_PURGED_SECRET
|
|
|
|
ntfy_api_target: https://p.athq.de
|
|
ntfy_push_target: https://push.atlantishq.de
|
|
ntfy_api_access_token: HISTORY_PURGED_SECRET
|
|
|
|
ldap_password: flanigan
|
|
ldap_dc: "atlantishq"
|
|
ldap_org: "atlantishq de"
|
|
ldap_suffix: "dc=atlantishq,dc=de"
|
|
ldap_bind_dn: "cn=Manager,dc=atlantishq,dc=de"
|
|
ldap_user_dn: "ou=People,dc=atlantishq,dc=de"
|
|
ldap_group_dn: "ou=groups,dc=atlantishq,dc=de"
|
|
ldap_connection_url: ldap://192.168.122.112
|
|
ldap_connection_url_ext: "ldaps://ldap.atlantishq.de"
|
|
|
|
nsca_server_password: HISTORY_PURGED_SECRET
|
|
|
|
immich_pg_password: HISTORY_PURGED_SECRET
|
|
|
|
event_dispatcher_token: "HISTORY_PURGED_SECRET"
|
|
|
|
opensearch_logstash_password: "HISTORY_PURGED_SECRET"
|
|
opensearch_admin_password: "HISTORY_PURGED_SECRET"
|
|
opensearch_seed_hosts:
|
|
- ipv4.atlantishq.de:9300
|
|
- ipv4.atlantishq.de:9301
|
|
opensearch_manager_nodes:
|
|
- opensearch-data-1
|
|
- opensearch-data-2
|
|
|
|
extra_root_keys:
|
|
- "# no extra keys"
|
|
|
|
smtp_internal_host: mail.atlantishq.de
|
|
smtp_internal_host_port: 8025
|
|
smtp_service_user: noreply
|
|
smtp_service_pass: HISTORY_PURGED_SECRET
|
|
|
|
pki_domain: pki.atlantishq.de
|
|
|
|
SOUNDLIB_AWS_ACCESS_KEY_ID: HISTORY_PURGED_SECRET
|
|
SOUNDLIB_AWS_SECRET_ACCESS_KEY: HISTORY_PURGED_SECRET
|
|
SOUNDLIB_S3_ENDPOINT: HISTORY_PURGED_SECRET
|
|
|
|
|
|
# gotify #
|
|
gotify_user: admin
|
|
gotify_password: HISTORY_PURGED_SECRET
|
|
|
|
# overwritten in monitoring master group var
|
|
monitoring_master: false
|
|
|
|
async_icinga_static_services:
|
|
- { "name" : "ths_auftragsdatenbank", "timeout" : "5h", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
- { "name" : "apt_atlantis_laptop", "timeout" : "30d", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
- { "name" : "apt_atlantis_pc", "timeout" : "30d", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
- { "name" : "backup_atlantis_laptop", "timeout" : "30d", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
- { "name" : "backup_ths_storrage_box", "timeout" : "30d", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
- { "name" : "mail_atlantishq", "timeout" : "1h", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
- { "name" : "ths_caldav_backup", "timeout" : "2d", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
- { "name" : "slapd_backup", "timeout" : "2d", "owner" : "sheppy", "token" : "HISTORY_PURGED_SECRET" }
|
|
|
|
keycloak_admin_password: HISTORY_PURGED_SECRET
|
|
keycloak_postgres_password: HISTORY_PURGED_SECRET
|
|
keycloak_address: keycloak.atlantishq.de
|
|
|
|
harbor_http_secret: HISTORY_PURGED_SECRET
|
|
harbor_core_secret: HISTORY_PURGED_SECRET
|
|
harbor_jobservice_secret: HISTORY_PURGED_SECRET
|
|
harbor_postgres_pass: HISTORY_PURGED_SECRET
|
|
harbor_registry_user: harbor
|
|
harbor_registry_password: HISTORY_PURGED_SECRET
|
|
harbor_admin_password: 20Dino00
|
|
|
|
ferchau_sftp_user: dkeipp
|
|
ferchau_sftp_password: HISTORY_PURGED_SECRET
|
|
|
|
gitea_postgres_pw: HISTORY_PURGED_SECRET
|
|
gitea_runner_registration_token: HISTORY_PURGED_SECRET
|
|
|
|
keycloak_clients:
|
|
python-flask-picture-factory:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_images
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://images.atlantishq.de/*"
|
|
- "https://images.athq.de/*"
|
|
- "https://images.potaris.de/*"
|
|
description: "Images Factory"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000001"
|
|
groups: "images"
|
|
master_address: "https://images.atlantishq.de"
|
|
skips:
|
|
- "/m/"
|
|
- "/media/"
|
|
- "/image/"
|
|
- "/images/"
|
|
- "/picture/"
|
|
- "/pictures/"
|
|
|
|
simple-log-server:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_sls
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://sls.atlantishq.de/*"
|
|
description: "Simple Log Server"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000002"
|
|
groups: "monitoring"
|
|
master_address: "https://sls.atlantishq.de"
|
|
skips:
|
|
- "/submit"
|
|
|
|
soundlib-interface:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_soundlib
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://sounds.atlantishq.de/*"
|
|
description: "Soundlib interface"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000003"
|
|
groups: "soundlib"
|
|
master_address: "https://sounds.atlantishq.de"
|
|
skips:
|
|
|
|
pki:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_hashicorp_vault
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://pki.atlantishq.de/*"
|
|
description: "PKI Vault"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000004"
|
|
groups: "pki"
|
|
master_address: "https://pki.atlantishq.de"
|
|
skips:
|
|
|
|
cert-manager:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_cert_manager
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://vpn.atlantishq.de/*"
|
|
description: "AtlantisHQ Certificate Manager"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000005"
|
|
groups: "pki"
|
|
master_address: "https://vpn.atlantishq.de"
|
|
skips:
|
|
|
|
tmnf-replay-server:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_trackmania
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://trackmania.atlantishq.de/*"
|
|
description: "AtlantisHQ Trackmania Replays"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000006"
|
|
groups: "trackmania"
|
|
master_address: "https://trackmania.atlantishq.de"
|
|
skips:
|
|
- "/open-info"
|
|
|
|
atlantis-hub:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_atlantishub
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://hub.atlantishq.de/*"
|
|
description: "AtlantisHQ Hub"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000007"
|
|
groups:
|
|
master_address: "https://hub.atlantishq.de"
|
|
skips:
|
|
|
|
paperless:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_paperless
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://paperless.atlantishq.de/*"
|
|
description: "AtlantisHQ Paperless Archiving"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000008"
|
|
groups: "paperless"
|
|
master_address: "https://paperless.atlantishq.de"
|
|
skips:
|
|
|
|
icinga:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_icinga
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://icinga.atlantishq.de/*"
|
|
description: "Icinga Web"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000009"
|
|
groups: "monitoring,icinga"
|
|
master_address: "https://icinga.atlantishq.de"
|
|
skips:
|
|
|
|
grafana:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_grafana
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://stats.atlantishq.de/*"
|
|
description: "Grafana"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000010"
|
|
groups: "monitoring"
|
|
master_address: "https://stats.atlantishq.de"
|
|
skips:
|
|
|
|
async-icinga:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_async_icinga
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://async-icinga.atlantishq.de/*"
|
|
description: "Icinga Web"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000011"
|
|
groups: "monitoring,icinga"
|
|
master_address: "https://async-icinga.atlantishq.de"
|
|
skips:
|
|
- "/report"
|
|
|
|
hedgedoc:
|
|
party_secret : "HISTORY_PURGED_SECRET"
|
|
client_id: z_hedgedoc
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://hedgedoc.atlantishq.de/*"
|
|
description: "Hedgedoc"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000012"
|
|
groups: "monitoring"
|
|
master_address: "https://hedgedoc.atlantishq.de"
|
|
|
|
harbor:
|
|
party_secret: "iHISTORY_PURGED_SECRET"
|
|
client_id: z_harbor
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://harbor-registry.atlantishq.de/*"
|
|
description: "Harbor Registry"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000013"
|
|
groups: "pki"
|
|
master_address: "https://harbor-registry.atlantishq.de"
|
|
|
|
atlantis-verify:
|
|
party_secret: "3HISTORY_PURGED_SECRET"
|
|
client_id: z_at_verify
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://verify.atlantishq.de/*"
|
|
description: "Atlantis Verification"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000014"
|
|
groups:
|
|
master_address: "https://verify.atlantishq.de"
|
|
|
|
reactive-resume:
|
|
party_secret: "RHISTORY_PURGED_SECRET"
|
|
client_id: z_reactive_resume
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://resume.atlantishq.de/*"
|
|
description: "Reactive Resume"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000015"
|
|
groups:
|
|
master_address: "https://resume.atlantishq.de"
|
|
skips:
|
|
- "/logo/light.svg"
|
|
|
|
money-balancer:
|
|
party_secret: "YHISTORY_PURGED_SECRET"
|
|
client_id: z_money_balancer
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://money-balancer.atlantishq.de/*"
|
|
description: "Money Balancer"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000016"
|
|
groups:
|
|
master_address: "https://money-balancer.atlantishq.de"
|
|
|
|
atlantis-web-check:
|
|
party_secret: "CHISTORY_PURGED_SECRET"
|
|
client_id: z_web_check
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://smartchecks.atlantishq.de/*"
|
|
description: "SMART Web-Checks"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000017"
|
|
groups:
|
|
master_address: "https://smartchecks.atlantishq.de"
|
|
|
|
|
|
ferchau-wscad:
|
|
party_secret: "aHISTORY_PURGED_SECRET"
|
|
client_id: z_guenter
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://wscad.atlantishq.de/*"
|
|
description: "WSCAD"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000018"
|
|
groups: "guenter"
|
|
master_address: "https://wscad.atlantishq.de"
|
|
|
|
immich:
|
|
party_secret: "0HISTORY_PURGED_SECRET"
|
|
client_id: immich
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://immich.atlantishq.de/*"
|
|
- "https://i.athq.de/*"
|
|
- "app.immich:/"
|
|
description: "Immich Pictures"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000019"
|
|
groups: ""
|
|
master_address: "https://i.athq.de"
|
|
|
|
gitea:
|
|
party_secret: "SHISTORY_PURGED_SECRET"
|
|
client_id: gitea
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://git.atlantishq.de/*"
|
|
- "https://git.athq.de/*"
|
|
description: "Gitea"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000020"
|
|
groups: ""
|
|
master_address: "https://git.atlantishq.de"
|
|
|
|
olive-tin:
|
|
party_secret: "QHISTORY_PURGED_SECRET"
|
|
client_id: olive-tin
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://olive.atlantishq.de/*"
|
|
description: "Olive-Tin"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000021"
|
|
groups: "pki"
|
|
master_address: "https://olive.atlantishq.de"
|
|
|
|
tube-archivist:
|
|
party_secret: "EHISTORY_PURGED_SECRET"
|
|
client_id: tube-archivist
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://youtube-proxy.atlantishq.de/*"
|
|
description: "Tube Archivist"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000022"
|
|
groups: ""
|
|
master_address: "https://youtube-proxy.atlantishq.de"
|
|
|
|
atlantis-status:
|
|
party_secret: "EHISTORY_PURGED_SECRET"
|
|
client_id: atlantis-status
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://actions.atlantishq.de/*"
|
|
description: "Atlantis Actions"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000023"
|
|
groups: ""
|
|
master_address: "https://actions.atlantishq.de"
|
|
skips:
|
|
- "/endpoints"
|
|
- "/hook-passive"
|
|
|
|
opensearch-dashboard:
|
|
party_secret: "tHISTORY_PURGED_SECRET"
|
|
client_id: opensearch-dashboard
|
|
client_secret: "HISTORY_PURGED_SECRET"
|
|
redirect_uris:
|
|
- "https://opensearch.atlantishq.de/*"
|
|
description: "Atlantis Actions"
|
|
keycloak_id: "00000000-0000-0000-0000-000000000024"
|
|
groups: ""
|
|
master_address: "https://opensearch.atlantishq.de"
|