phil/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement comprehensive variable management system

Browse Source 
- Create standardized group_vars directory structure
- Add domains.yml with centralized subdomain mappings
- Add infrastructure.yml with network, SMTP, and path config
- Reorganize vault.yml secrets by service with consistent naming
- Update 15+ Docker compose templates to use new variable structure
- Simplify playbook commands by removing --extra-vars requirement
- Replace hardcoded domains/IPs with template variables
- Standardize secret references across all services

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Phil
2025-06-06 15:14:47 -06:00
parent 8d686c2aa5
commit 12582b352c
20 changed files with 187 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
roles/docker/templates/mmdl-env.j2
View File

@ -1,32 +1,32 @@
# Database Configuration
DB_HOST=mmdl_db
DB_USER=mmdl
DB_PASS={{ vault_mmdl_mysql_password }}
DB_PASS={{ vault_mmdl.mysql_password }}
DB_PORT=3306
DB_DIALECT=mysql
DB_CHARSET=utf8mb4
DB_NAME=mmdl
# Encryption
AES_PASSWORD={{ vault_mmdl_aes_password }}
AES_PASSWORD={{ vault_mmdl.aes_password }}
# SMTP Settings
SMTP_HOST=smtp.resend.com
SMTP_USERNAME=resend
SMTP_PASSWORD={{ resend_key }}
SMTP_FROM=tasks@updates.thesatelliteoflove.com
SMTP_HOST={{ smtp.host }}
SMTP_USERNAME={{ smtp.username }}
SMTP_PASSWORD={{ vault_smtp.password }}
SMTP_FROM=tasks@{{ email_domains.updates }}
SMTP_PORT=587
SMTP_SECURE=true
# Authentication
USE_NEXT_AUTH=true
NEXTAUTH_URL=https://tasks.thesatelliteoflove.com
NEXTAUTH_SECRET={{ vault_mmdl_nextauth_secret }}
NEXTAUTH_URL=https://{{ subdomains.tasks }}
NEXTAUTH_SECRET={{ vault_mmdl.nextauth_secret }}
# Authentik OIDC Configuration
AUTHENTIK_ISSUER=https://auth.thesatelliteoflove.com/application/o/mmdl
AUTHENTIK_CLIENT_ID={{ vault_mmdl_oidc_client_id }}
AUTHENTIK_CLIENT_SECRET={{ vault_mmdl_oidc_client_secret }}
AUTHENTIK_ISSUER=https://{{ subdomains.auth }}/application/o/mmdl
AUTHENTIK_CLIENT_ID={{ vault_mmdl.oidc.client_id }}
AUTHENTIK_CLIENT_SECRET={{ vault_mmdl.oidc.client_secret }}
# User and Session Management
ALLOW_USER_REGISTRATION=false
@ -35,7 +35,7 @@ OTP_VALIDITY_PERIOD=300
SESSION_VALIDITY_PERIOD=30
# Application Settings
API_URL=https://tasks.thesatelliteoflove.com
API_URL=https://{{ subdomains.tasks }}
DEBUG_MODE=false
TEST_MODE=false
SUBTASK_RECURSION_DEPTH=5