This repository has been archived by the owner on Aug 19, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
Site Secrets
mawinkler edited this page Jan 28, 2020
·
13 revisions
We're now configuring some site wide credentials.
File: vars/site_secrets.yml.sample
Next, we create our secrets file for the site and encrypt it with our password file.
$ cp vars/site_secrets.yml.sample vars/site_secrets.yml
$ ansible-vault encrypt --vault-password-file \
../.vault-pass.txt vars/site_secrets.ymlFile: vars/site_secrets.yml
Open the secrets in edit mode with
$ ansible-vault edit --vault-password-file \
../.vault-pass.txt vars/site_secrets.ymlSpecify licenses and credentials for the software components
---
# Deep Security
# Only required if you are going to deploy Deep Security
deepsecurity_license: <DEEP SECURITY LICENSE KEY>
deepsecurity_administrator_username: <DEEP SECURITY ADMINISTRATOR USERNAME>
deepsecurity_administrator_password: <DEEP SECURITY ADMINISTRATOR PASSWORD>
deepsecurity_database_password: <DEEP SECURITY DATABASE PASSWORD>
# Deep Security Smart Check
# Only required if you are going to deploy Deep Security Smart Check
smartcheck_username: <SMART CHECK ADMINISTRATOR USERNAME>
smartcheck_password: <SMART CHECK ADMINISTRATOR PASSWORD>
smartcheck_registry_username: <SMART CHECK REGISTRY USERNAME>
smartcheck_registry_password: <SMART CHECK REGISTRY PASSWORD>
smartcheck_license: <SMART CHECK LICENSE KEY>
# Only required if you are going to deploy Deep Security Smart Check with an external database
smartcheck_database_username: <SMARTCHECK EXTERNAL DATABASE USERNAME>
smartcheck_database_password: <SMARTCHECK EXTERNAL DATABASE PASSWORD>
# Jenkins
# Only required if you are going to deploy Jenkins
jenkins_username: <JENKINS USERNAME>
jenkins_password: <JENKINS PASSWORD>
jenkins_token: <JENKINS TOKEN - YOU NEED TO CREATE IT WITHIN JENKINS>
# GitLab Registry
# Only required if you are going to deploy GitLab
gitlab_registry_name: <GITLAB REGISTRY NAME>
gitlab_registry_description: <GITLAB REGISTRY DESCRIPTION>
gitlab_registry_host: <GITLAB REGISTRY HOSTNAME>
gitlab_registry_username: <GITLAB REGISTRY USERNAME>
gitlab_registry_password: <GITLAB REGISTRY PASSWORD>
# Cluster Registry
# Mandatory
cluster_registry_username: <CLUSTER REGISTRY USERNAME>
cluster_registry_password: <CLUSTER REGISTRY PASSWORD>
# Ansible
# Mandatory
# Important - Do a copy and paste with eiher vi or cat. The public key
# must be a single line
ansible_ssh_key: <ANSIBLE PUBLIC KEY AS IN ~/.ssh/id_rsa.pub>
# Your valid e-Mail address, required for Letsencrypt
# Mandatory
admin_email: <YOUR VALID EMAIL ADDRESS>
# Docker Hub
# Only required, if you are willing to push images to the Docker Hub
dockerhub_username: <DOCKERHUB USERNAME>
dockerhub_password: <DOCKERHUB PASSWORD>
# GitHub
# Only required, if you are willing to work with private repositories on GitHub
github_username: <GITHUB USERNAME>
github_password: <GITHUB PASSWORD>
Wiki
About MOADSD-NG
Getting Started
MOADSD-NG Containerized
MOADSD-NG Manual Setup
- Configure your Server
- Preparing to work with Google GCP
- Preparing to work with Amazon AWS
- Preparing to work with VMware ESXi
Adapt MOADSD-NG to Your Needs
The MOADSD-NG Life-Cycle
- Setup the Environment
- Deploy the Software Stack
- Deploy the Endpoints
- Pause the Environment
- Resume the Environment
- Terminate the Environment
- Update the Environment
Software Components
- [Deep Security]
- [Deep Security Smart Check]
- Container Orchestration
- Container Registry
- Cluster Storage
- Jenkins
- GitLab
- Linkerd
- [Prometheus]
- [Grafana]
Tipps
Final Words
Deprecated Chapters