e2f732c0f5
- Remove unimplemented placeholder roles (airflow, spark) - Delete cache files (__pycache__, .DS_Store) and generated inventory - Remove outdated INFRA_GAP_ANALYSIS.md (functionality now in README) - Standardize DISABLED comments for monitoring stack (Prometheus, Loki, Grafana) - Add ROLLBACK.md with comprehensive recovery procedures - Expand vault.example.yml with all backup and alerting variables - Update README with complete vault variables documentation
68 lines
2.1 KiB
YAML
68 lines
2.1 KiB
YAML
---
|
|
GRAFANA_ADMIN_PASSWORD:
|
|
POSTGRES_PASSWORD:
|
|
S3_ACCESS_KEY_ID:
|
|
S3_SECRET_ACCESS_KEY:
|
|
TF_VAR_linode_token:
|
|
TF_VAR_root_pass:
|
|
TF_VAR_user_password:
|
|
TF_VAR_ssh_public_key:
|
|
CF_DNS_API_TOKEN:
|
|
CF_ZONE_API_TOKEN:
|
|
LLDAP_ADMIN_PASSWORD:
|
|
LLDAP_JWT_SECRET:
|
|
LLDAP_KEY_SEED:
|
|
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
|
|
AUTHELIA_SESSION_SECRET:
|
|
AUTHELIA_STORAGE_ENCRYPTION_KEY:
|
|
AUTHELIA_OIDC_HMAC_SECRET:
|
|
AUTHELIA_OIDC_PRIVATE_KEY_PEM:
|
|
AUTHELIA_OIDC_GRAFANA_CLIENT_SECRET:
|
|
AUTHELIA_OIDC_FORGEJO_CLIENT_SECRET:
|
|
AUTHELIA_SMTP_ADDRESS:
|
|
AUTHELIA_SMTP_USERNAME:
|
|
AUTHELIA_SMTP_PASSWORD:
|
|
AUTHELIA_SMTP_SENDER:
|
|
AUTHELIA_SMTP_IDENTIFIER:
|
|
AUTHELIA_SMTP_STARTUP_CHECK_ADDRESS:
|
|
POSTFIX_RELAYHOST: "smtp.postmarkapp.com"
|
|
POSTFIX_RELAYHOST_PORT: "2525"
|
|
POSTFIX_RELAYHOST_USERNAME: "your-postmark-server-token"
|
|
POSTFIX_RELAYHOST_PASSWORD: "your-postmark-server-token"
|
|
FORGEJO_RUNNER_REGISTRATION_TOKEN:
|
|
FORGEJO_API_TOKEN:
|
|
FORGEJO_BASE_URL:
|
|
|
|
SERVICE_SSH_REGISTER_PUBLIC_KEY:
|
|
SERVICE_SSH_DEREGISTER_PUBLIC_KEY:
|
|
|
|
RESTIC_PASSWORD:
|
|
RESTIC_AWS_ACCESS_KEY_ID:
|
|
RESTIC_AWS_SECRET_ACCESS_KEY:
|
|
RESTIC_AWS_DEFAULT_REGION: "us-east-1"
|
|
# RESTIC_REPOSITORY: "s3:https://us-east-1.linodeobjects.com/bucket-name/infra"
|
|
RESTIC_KEEP_DAILY: 7
|
|
RESTIC_KEEP_WEEKLY: 4
|
|
RESTIC_KEEP_MONTHLY: 6
|
|
INFRA_BACKUP_ONCALENDAR: "daily"
|
|
|
|
ALERTMANAGER_SLACK_WEBHOOK_URL:
|
|
ALERTMANAGER_SLACK_CHANNEL: "#alerts"
|
|
ALERTMANAGER_SLACK_USERNAME: "alertmanager"
|
|
ALERTMANAGER_DISCORD_WEBHOOK_URL:
|
|
|
|
# Alertmanager Email Settings (uses Postfix on localhost:25 by default)
|
|
# ALERTMANAGER_SMTP_HOST: "localhost:25"
|
|
# ALERTMANAGER_SMTP_FROM: "no-reply@yourdomain.com"
|
|
# ALERTMANAGER_EMAIL_TO: "admin@yourdomain.com"
|
|
|
|
# Authelia SMTP Settings (uses Postfix container on proxy network)
|
|
# AUTHELIA_SMTP_ADDRESS: "postfix:25"
|
|
# AUTHELIA_SMTP_SENDER: "no-reply@yourdomain.com"
|
|
# AUTHELIA_SMTP_IDENTIFIER: "yourdomain.com"
|
|
# AUTHELIA_SMTP_STARTUP_CHECK_ADDRESS: "test@yourdomain.com"
|
|
# AUTHELIA_SMTP_USERNAME: "" # Leave empty for no auth (Postfix on local network)
|
|
# AUTHELIA_SMTP_PASSWORD: "" # Leave empty for no auth
|
|
|
|
# Deployment token for webhook authentication (must match DEPLOY_TOKEN secret in app repos)
|
|
VAULT_DEPLOY_TOKEN:
|