phil/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement comprehensive variable management system

Browse Source 
- Create standardized group_vars directory structure
- Add domains.yml with centralized subdomain mappings
- Add infrastructure.yml with network, SMTP, and path config
- Reorganize vault.yml secrets by service with consistent naming
- Update 15+ Docker compose templates to use new variable structure
- Simplify playbook commands by removing --extra-vars requirement
- Replace hardcoded domains/IPs with template variables
- Standardize secret references across all services

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Phil
2025-06-06 15:14:47 -06:00
parent 8d686c2aa5
commit 12582b352c
20 changed files with 187 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/docker/templates/paperlessngx.env.j2
View File

@ -24,11 +24,11 @@
# This is required if you will be exposing Paperless-ngx on a public domain
# (if doing so please consider security measures such as reverse proxy)
PAPERLESS_URL=https://paper.thesatelliteoflove.com
PAPERLESS_URL=https://{{ subdomains.papers }}
# Adjust this key if you plan to make paperless available publicly. It should
# be a very long sequence of random characters. You don't need to remember it.
PAPERLESS_SECRET_KEY={{ paperlessngx_secret }}
PAPERLESS_SECRET_KEY={{ vault_paperlessngx.secret_key }}
# Use this variable to set a timezone for the Paperless Docker containers. If not specified, defaults to UTC.
PAPERLESS_TIME_ZONE=America/Denver
@ -43,4 +43,4 @@ PAPERLESS_TIME_ZONE=America/Denver
# authentik
PAPERLESS_APPS: "allauth.socialaccount.providers.openid_connect"
PAPERLESS_SOCIALACCOUNT_PROVIDERS: '{"openid_connect": {"APPS": [{"provider_id": "authentik","name": "Authentik SSO","client_id": "{{ paperless_oauth_client_id }}","secret": "{{ paperless_oauth_client_secret }}","settings": { "server_url": "https://auth.thesatelliteoflove.com/application/o/paperlessngx/.well-known/openid-configuration"}}]}}'
PAPERLESS_SOCIALACCOUNT_PROVIDERS: '{"openid_connect": {"APPS": [{"provider_id": "authentik","name": "Authentik SSO","client_id": "{{ vault_paperlessngx.oidc.client_id }}","secret": "{{ vault_paperlessngx.oidc.client_secret }}","settings": { "server_url": "https://{{ subdomains.auth }}/application/o/paperlessngx/.well-known/openid-configuration"}}]}}'