vps/secrets.yml.example

# To generate random secret: openssl rand -base64 <length>

ansible_become_password:

borg_passphrase:
  
cifs_credentials:
  username:
  password:


authelia_secrets:
  # Encryption key for the database, must be saved
  encryption_key:

  # Generate random client id : docker run --rm authelia/authelia:4 authelia crypto rand --length 72 --charset rfc3986
  # Generate random secret + hash : docker run --rm authelia/authelia:4 authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986
  hedgedoc_client_id:
  hedgedoc_client_secret:
  hedgedoc_client_secret_hash:
  synapse_client_id:
  synapse_client_secret:
  synapse_client_secret_hash:

  hmac_secret:
  jwks_key: | # openssl genrsa 4096
  jwt_secret:

  # LDAP bind dn
  ldap_user:
  ldap_password:

  postgres_user:
  postgres_password:

  smtp_user:
  smtp_password:


coturn_secrets:
  static_auth_secret:

hedgedoc_secrets:
  postgres_user:
  postgres_password:
  session_secret:

lldap_secrets:
  jwt_secret:
  key_seed:
  postgres_user:
  postgres_password:

mailserver_secrets:
  admin_user:
  # Hash obtained with openssl passwd -6
  admin_secret:
  ldap_user:
  ldap_password:
  postgres_user:
  postgres_password:

searxng_secrets:
  searxng_secret:

synapse_secrets:
  smtp_user:
  smtp_pass:
  postgres_user:
  postgres_password:
  turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
  macaroon_secret_key:
  form_secret:

vaultwarden_secrets:
  # Generate with: docker exec --rm -ti docker.io/vaultwarden/server:alpine /vaultwarden hash
  admin_token_hash:
  smtp_username:
  smtp_password:
Add Authelia. 2024-03-31 18:26:05 +02:00			`# To generate random secret: openssl rand -base64 <length>`

The Great Ansible Update. 2024-02-17 19:01:04 +01:00			`ansible_become_password:`
Add borg backup playbook/roles/tasks + Implement for Vaultwarden. 2024-02-22 19:09:43 +01:00
			`borg_passphrase:`
The Great Ansible Update. 2024-02-17 19:01:04 +01:00
			`cifs_credentials:`
			`username:`
			`password:`

Add Authelia. 2024-03-31 18:26:05 +02:00
			`authelia_secrets:`
			`# Encryption key for the database, must be saved`
			`encryption_key:`
Add Authelia OAuth2 login to HedgeDoc. 2024-05-11 10:53:19 +02:00
			`# Generate random client id : docker run --rm authelia/authelia:4 authelia crypto rand --length 72 --charset rfc3986`
			`# Generate random secret + hash : docker run --rm authelia/authelia:4 authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986`
			`hedgedoc_client_id:`
			`hedgedoc_client_secret:`
			`hedgedoc_client_secret_hash:`
Move Synapse OIDC client id/secret from synapse_secrets to authelia_secrets. 2024-05-11 10:58:34 +02:00			`synapse_client_id:`
			`synapse_client_secret:`
			`synapse_client_secret_hash:`
Add Authelia OAuth2 login to HedgeDoc. 2024-05-11 10:53:19 +02:00
Add Authelia OIDC for Synapse. 2024-05-09 11:22:22 +02:00			`hmac_secret:`
			`jwks_key: \| # openssl genrsa 4096`
Add Authelia. 2024-03-31 18:26:05 +02:00			`jwt_secret:`
Add Authelia OAuth2 login to HedgeDoc. 2024-05-11 10:53:19 +02:00
Add Authelia. 2024-03-31 18:26:05 +02:00			`# LDAP bind dn`
			`ldap_user:`
			`ldap_password:`
Add Authelia OAuth2 login to HedgeDoc. 2024-05-11 10:53:19 +02:00
Add Authelia. 2024-03-31 18:26:05 +02:00			`postgres_user:`
			`postgres_password:`
Add Authelia OAuth2 login to HedgeDoc. 2024-05-11 10:53:19 +02:00
Add Authelia. 2024-03-31 18:26:05 +02:00			`smtp_user:`
			`smtp_password:`

Add Authelia OIDC for Synapse. 2024-05-09 11:22:22 +02:00
The Great Ansible Update. 2024-02-17 19:01:04 +01:00			`coturn_secrets:`
			`static_auth_secret:`

			`hedgedoc_secrets:`
Migrate Hedgedoc from MySQL to PostgreSQL. 2024-04-04 20:26:59 +02:00			`postgres_user:`
			`postgres_password:`
			`session_secret:`
The Great Ansible Update. 2024-02-17 19:01:04 +01:00
Add LLDAP. 2024-03-30 17:28:32 +01:00			`lldap_secrets:`
			`jwt_secret:`
			`key_seed:`
			`postgres_user:`
			`postgres_password:`

Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`mailserver_secrets:`
Update Stalwart mailserver to 0.7.3 from 0.6.0. 2024-05-02 22:49:00 +02:00			`admin_user:`
			`# Hash obtained with openssl passwd -6`
			`admin_secret:`
Stalwart mail: Migrate to PostgreSQL & LLDAP. 2024-04-06 21:43:34 +02:00			`ldap_user:`
			`ldap_password:`
			`postgres_user:`
			`postgres_password:`

The Great Ansible Update. 2024-02-17 19:01:04 +01:00			`searxng_secrets:`
			`searxng_secret:`

			`synapse_secrets:`
Add email support for Matrix/Synapse. 2024-03-16 20:34:38 +01:00			`smtp_user:`
			`smtp_pass:`
Migrate Synapse database to postgres container. 2024-04-01 11:02:09 +02:00			`postgres_user:`
The Great Ansible Update. 2024-02-17 19:01:04 +01:00			`postgres_password:`
			`turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"`
			`macaroon_secret_key:`
			`form_secret:`
Vaultwarden: Enable admin page & remove SIGNUPS_ALLOWED=false. 2024-03-15 10:52:59 +01:00
			`vaultwarden_secrets:`
			`# Generate with: docker exec --rm -ti docker.io/vaultwarden/server:alpine /vaultwarden hash`
			`admin_token_hash:`
Add Stalwart mailserver. 2024-03-16 13:49:47 +01:00			`smtp_username:`
			`smtp_password:`