home/max
Archived
2
1
Fork 0
Code Issues 9 Pull requests Projects Releases Packages Wiki Activity

ansible vault for syncthing keys

Browse source
This commit is contained in:
Pim Kunis 2022-12-01 23:05:11 +01:00
parent 8e8564216e
commit 6931466017
5 changed files with 80 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile
View file

@ -1,4 +1,4 @@
run: run:
ansible-playbook playbooks/nucs.yml -i inventory/hosts.yml ansible-playbook playbooks/nucs.yml -i inventory/hosts.yml --ask-vault-pass
.PHONY: run .PHONY: run

45
roles/syncthing/files/cert.pem Normal file
View file

@ -0,0 +1,45 @@
$ANSIBLE_VAULT;1.1;AES256
37326262373466303939623263623234616338316165316466656131326339306233303834396263
3139663539356264323038306635363934363364653437350a666438396563643339353765306131
39653434373966346166323938666364323562313334323262643666373463623536363635643163
3430353230326634320a643532663765663632623031313463653765643134313538633131613663
64393533636138323833343630363639656539376163353239313231646662316532666631623734
31343364393363623164336339303631366162376131613736636131396165663835653433303134
62323265633039633865326366613366653435653261633662613737353463633663383635303562
39303933343139363132393035336332363438656333646136333330326533623763393263663563
36343038393264383639346436316134386531383338386461363538613135663863363434623339
31373236353337653838396333643638343232653066313662393165343062396137326630646430
31646566356565386532626433383163643635643930326164353766323263616665636435323339
38373837393035343737356134373831303831316464666637333231343434316632316464356564
31613464633761306330303637386230333430396665383262333530336137336236623838326333
30393861666439623536336231616563303764646563393065353432313965343330633463313564
66373539373265353765636438393633613839393830366135323139666533393165653736666335
35303736623534653635343636383662316134376332393239633262363939396263363264616637
35396261346264373930396462393638316335363833333132393061633337626331323439363131
39306264386133316137633039366638356130616438373433333635666231366136613363626133
31316230336534616430633232623430666234643836636338613730356335623434373433643935
62623266313834353163623439616533623135396134346164373363643364373939396163363837
36313432393965653664633231393564323936323933313565323337346333313233396666626361
65383031326630313263343862653063613839373131643265656237623232663761383665333939
33376531623665653037333563333034363363333435343439663761633734616461353961323434
66643833353539623265616262383265396237636631346433386638643436383230333438653462
37383235316634353262316436653163316164356261353663663565396630613434396231353538
38633330326266303838346365663839646163623264633934363938666234393131356138656439
31333161643136633836343262326136393964393635623634316532393837376162383835303435
30643339356434386264643163316165396534373064346334636132316230346437363665636563
38333835306666626637386562306433373031366136616635623765393630383939353335393930
61663832383239643363626137343661366436653864643339316537383738323335333866633537
39316339383239323131653232633833363536313431643364313937633037336564386339383433
38303939303835386263633430383061336436383062663462353762376666613530313663623261
66616266373136326433363338303365653230663763636630353034383832633239383932616365
37373236396631623866656330623632313538326330626363316262653566383633666531383738
34353830373137343236343765393665356534356238353861326165303939363236626130626363
64623164383866393630656232373164343163363433643835396236363132346235356134613564
66383364623962316564373564363631356234386535653465633864313365396438356235313163
35633366663836666337653537336334353935323364306635383238373664613530353365323366
31373831383336336237633064313938393637636231356165656631386132313734333439643733
62666435363535303530323866623139653138643831623838316432366539316236306133393764
63386133333832356365396137623332643539633236343762353138386434303632373932336139
39396364653864316435356434383761306238633164643939363864356362633135623438363861
64626339663931383133383862313031383638653266306539643061316238616266656136656530
63666239303034396133

20
roles/syncthing/files/key.pem Normal file
View file

@ -0,0 +1,20 @@
$ANSIBLE_VAULT;1.1;AES256
31373963666334633437386361353532396162653439373964333935643065383836383537336238
3065306235363835343330393366326630383163633664300a653635653932663566376165623030
33666262643032383764343134326439363536353439363134353432373263316164373139633838
6336363735333862360a386235366434656336333762343330633030613437626262353934636163
38376431343934373637343631373962653262613766393561383631303563383935616630663833
62363533616235303834376233663033373531666632313237303661653265613061373131646266
31643839386134383934623632336538386462626261613039306432366564616162366435363331
34663464386630373134346264386334376334336363623137363831326338323234373662653932
33373331663065336230313731303139653036646261643535393662633165356632306536393530
30363066373064353936313461663235386465323734636263323063333365633066633736336436
38623966353634356636343833653131646131633536383339663433306130386461303735323632
64646465373533306266353932653561623363396137383532373734653462346239646562353136
64313539383566663939663734333565643637376239383337363066373639613934303633343762
37646565666635363231396139326536356533343065333731656363613731333136636561376430
35356432373537363034653231636465303135363534323766333530353433663462653837643162
39616664636464343435643039646362336634333561356438386262653231323033343662383138
66633534336232663438666632373966613335396639383836666333656235376339343538313838
39356165323361386535306664643537363764393365363639366637343332306537653962396339
323030323036393662646636303330666561

8
roles/syncthing/tasks/main.yml
View file

@ -12,6 +12,14 @@
template: template:
src: "{{ role_path }}/templates/config.xml.j2" src: "{{ role_path }}/templates/config.xml.j2"
dest: /home/syncthing/.config/syncthing/config.xml dest: /home/syncthing/.config/syncthing/config.xml
- name: Copy Syncthing private key
copy:
src: "{{ role_path }}/files/key.pem"
dest: /home/syncthing/.config/syncthing/key.pem
- name: Copy Syncthing certificate
copy:
src: "{{ role_path }}/files/cert.pem"
dest: /home/syncthing/.config/syncthing/cert.pem
- name: Enable Syncthing service - name: Enable Syncthing service
systemd: systemd:
name: syncthing@syncthing name: syncthing@syncthing

10
roles/syncthing/templates/config.xml.j2
View file

@ -1,7 +1,7 @@
<configuration version="35"> <configuration version="35">
<folder id="default" label="Default Folder" path="/home/syncthing/Sync" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true"> <folder id="wdadm-ywcr4" label="sync" path="/home/syncthing/sync" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
<filesystemType>basic</filesystemType> <filesystemType>basic</filesystemType>
<device id="QW4NXKY-Y56F7ON-SIABMBI-EHMQANC-AVWEREO-B6WNTCN-NP2O7VI-6SGYMQS" introducedBy=""> <device id="IGS4TYV-TQ6X2CG-OE3M2RE-DKZWKQZ-HEKIGHT-C6EIGHL-CBP2ULE-M3WZ7QC" introducedBy="">
<encryptionPassword></encryptionPassword> <encryptionPassword></encryptionPassword>
</device> </device>
<device id="SLEOLPB-5CSPOE5-BMH4KCH-F4DMZWR-VFDQ5OP-5YAULXB-TA72A72-KQZJDQK" introducedBy=""> <device id="SLEOLPB-5CSPOE5-BMH4KCH-F4DMZWR-VFDQ5OP-5YAULXB-TA72A72-KQZJDQK" introducedBy="">
@ -35,7 +35,7 @@
<caseSensitiveFS>false</caseSensitiveFS> <caseSensitiveFS>false</caseSensitiveFS>
<junctionsAsDirs>false</junctionsAsDirs> <junctionsAsDirs>false</junctionsAsDirs>
</folder> </folder>
<device id="QW4NXKY-Y56F7ON-SIABMBI-EHMQANC-AVWEREO-B6WNTCN-NP2O7VI-6SGYMQS" name="pim-x260" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy=""> <device id="IGS4TYV-TQ6X2CG-OE3M2RE-DKZWKQZ-HEKIGHT-C6EIGHL-CBP2ULE-M3WZ7QC" name="max" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
<address>dynamic</address> <address>dynamic</address>
<paused>false</paused> <paused>false</paused>
<autoAcceptFolders>false</autoAcceptFolders> <autoAcceptFolders>false</autoAcceptFolders>
@ -57,7 +57,6 @@
</device> </device>
<gui enabled="true" tls="false" debugging="false"> <gui enabled="true" tls="false" debugging="false">
<address>0.0.0.0:8384</address> <address>0.0.0.0:8384</address>
<password></password>
<apikey></apikey> <apikey></apikey>
<theme>light</theme> <theme>light</theme>
</gui> </gui>
@ -115,6 +114,9 @@
<defaults> <defaults>
<folder id="" label="" path="~" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true"> <folder id="" label="" path="~" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
<filesystemType>basic</filesystemType> <filesystemType>basic</filesystemType>
<device id="IGS4TYV-TQ6X2CG-OE3M2RE-DKZWKQZ-HEKIGHT-C6EIGHL-CBP2ULE-M3WZ7QC" introducedBy="">
<encryptionPassword></encryptionPassword>
</device>
<device id="SLEOLPB-5CSPOE5-BMH4KCH-F4DMZWR-VFDQ5OP-5YAULXB-TA72A72-KQZJDQK" introducedBy=""> <device id="SLEOLPB-5CSPOE5-BMH4KCH-F4DMZWR-VFDQ5OP-5YAULXB-TA72A72-KQZJDQK" introducedBy="">
<encryptionPassword></encryptionPassword> <encryptionPassword></encryptionPassword>
</device> </device>