feature/opnform #4
1 changed files with 15 additions and 7 deletions
|
|
@ -25,18 +25,26 @@ opnform_redis_image: "redis:7"
|
|||
opnform_db_image: "postgres:16"
|
||||
opnform_ingress_image: "nginx:1"
|
||||
|
||||
# REQUIRED SECRETS — generate with: openssl rand -base64 32
|
||||
# Always prefix opnform_app_key with "base64:"
|
||||
# REQUIRED SECRETS — must be overridden per-inventory.
|
||||
# Provide via OpenBao lookup, Ansible Vault or extra-vars.
|
||||
# Never commit real keys to version control.
|
||||
opnform_app_key: "base64:vsQw8EoC64nmhurLUUohXUlAeryaV6Y2Is64Tdvjlko="
|
||||
opnform_jwt_secret: "0b2e8ed326334a08ce3846bfcd6588f5a11be33999e96963cd4eaff1a3ae828b"
|
||||
opnform_front_api_secret: "8f52397785a110b657f2a6beab13362877bfac936ae9002bc236c54ed1011b2d"
|
||||
#
|
||||
# Generate with:
|
||||
# opnform_app_key: echo "base64:$(openssl rand -base64 32)"
|
||||
# opnform_jwt_secret: openssl rand -hex 32
|
||||
# opnform_front_api_secret: openssl rand -hex 32
|
||||
#
|
||||
# opnform_app_key MUST start with the prefix "base64:" — the validate
|
||||
# task at the top of tasks/main.yml enforces this.
|
||||
opnform_app_key: ""
|
||||
opnform_jwt_secret: ""
|
||||
opnform_front_api_secret: ""
|
||||
|
||||
# Database credentials
|
||||
# Database credentials. opnform_db_password must be overridden; the
|
||||
# validate task fails fast on an empty value.
|
||||
opnform_db_name: "opnform"
|
||||
opnform_db_user: "opnform"
|
||||
opnform_db_password: "xtNLUVc2ajcWictqWXWkLR"
|
||||
opnform_db_password: ""
|
||||
|
||||
# Admin bootstrap — when email+password are set, the role creates the
|
||||
# first user via OpnForm's /api/register endpoint, skipping the
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue