Added info about generating tunnel secrets #1
32
README.md
Normal file
32
README.md
Normal file
@ -0,0 +1,32 @@
|
||||
## Secrets
|
||||
|
||||
ansible vault secrets are stored in [group_vars/all/vault.yml](group_vars/all/vault.yml)
|
||||
|
||||
Note that the directory path and filename are important.
|
||||
|
||||
The format of the file is
|
||||
|
||||
```yaml
|
||||
---
|
||||
become_pass: <ansible_user_become_pass>
|
||||
```
|
||||
|
||||
Secrets required for Terraform can be stored in a file:
|
||||
|
||||
ex. terraform/.secrets which is already ignored by Git
|
||||
|
||||
Required variables:
|
||||
```shell
|
||||
export TF_VAR_cloudflare_token=<cloudflare_token>
|
||||
export TF_VAR_zone_id=<cloudflare_zone_id>
|
||||
export TF_VAR_account_id=<cloudflare_account_id>
|
||||
export TF_VAR_tunnel_secret=<tunnel_secret>
|
||||
```
|
||||
|
||||
Note the cloudflare token requires Zone/DNS:edit and Account/Cloudflare Tunnel:edit privs
|
||||
|
||||
I generate tunnel secrets with this command:
|
||||
|
||||
```shell
|
||||
hexdump -vn32 -e'4/4 "%08X"' /dev/urandom | base64 -w0 -
|
||||
```
|
@ -1,7 +1,7 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
32643233343538366363373035373736393162363762643866323561656462356539613639386537
|
||||
6264303136303132326235336265346533323930643762330a323661326230333763383737336362
|
||||
34626439306334313539333065643366633438356330386465626539306439666630643531383630
|
||||
3134643463313236370a333566393539613963646131383830643538386561393539646366356338
|
||||
32343438323936323265643732333964363032303564623864393461376339306264663162306434
|
||||
6266623662306137346366306264353165656162326131343235
|
||||
32333266666163316137626335643664386135323562666232306334386265333034373531613261
|
||||
3339633836333330623533333430386131376539626137350a313832663639363133353262383835
|
||||
65326662316535333237666565346534363863303635613961643763656563646339663062306466
|
||||
3934353235393236630a326562636630316333353035616432363738666132303039643961653631
|
||||
33303266623262323837643438633564353132393037366331653833393936323065653831343862
|
||||
6538393632346563636361363364366235336162373934643730
|
||||
|
Loading…
Reference in New Issue
Block a user