Skip to content
Snippets Groups Projects
Commit 07cd00b5 authored by void's avatar void
Browse files

mattermost api keys entfernt

parent f8b17ac3
No related branches found
No related tags found
No related merge requests found
......@@ -11,16 +11,12 @@
with_items:
- /srv/shared/noreply_email_pass
- /srv/ldap/secret/ldap_readonly_pass
- /srv/gitlab/secret/mattermost_api_id
- /srv/gitlab/secret/mattermost_api_secret
register: gitlab_secrets
- name: get secrets from server 2
set_fact:
noreply_email_pass: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
ldap_readonly_pass: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mattermost_api_id: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/gitlab/secret/mattermost_api_id') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mattermost_api_secret: "{{ gitlab_secrets.results | selectattr('item', 'equalto', '/srv/gitlab/secret/mattermost_api_secret') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
# Benötigte Verzeichnisstrukturen erstellen
......
......@@ -8,13 +8,11 @@
- name: get secrets from server 1
slurp: src={{ item }}
with_items:
- /srv/matterbridge/secret/mattermost_hook
- /srv/matterbridge/secret/telegram_token
register: matterbridge_secrets
- name: get secrets from server 2
set_fact:
mattermost_hook: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/mattermost_hook') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
telegram_token: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/telegram_token') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
......
......@@ -63,81 +63,6 @@ ShowJoinPart=false
###################################################################
#mattermost section
###################################################################
[mattermost]
#You can configure multiple servers "[mattermost.name]" or "[mattermost.name2]"
#In this example we use [mattermost.work]
#REQUIRED
[mattermost.warpzone]
#### Settings for webhook matterbridge.
#### These settings will not be used when useAPI is enabled
## In der Warpzone-Umgebung kann useAPI nicht verwendet werden,
## da matterbridge kein Login über LDAP kennt.
## Die Anbindung erfolgt daher über WebHooks, die entsprechend im Mattermost
## eingerichtet werden müssen.
#Url is your incoming webhook url as specified in mattermost.
#See account settings - integrations - incoming webhooks on mattermost.
## Die URL wird im Mattermost von einem Admin erzeugt und
## hier hinterlegt.
## Die URL muss von dem matterbridge Prozess erreichbar sein.
#REQUIRED (unless useAPI=true)
URL="{{ mattermost_hook }}"
#Address to listen on for outgoing webhook requests from mattermost.
#See account settings - integrations - outgoing webhooks on mattermost.
## Da dieser Prozess in einem Docker Container läuft wird als Bind-Adresse 0.0.0.0
## verwendet, der Port wird später über Docker nach außen geleitet.
## Dieser Port muss von dem Mattermost Server aus erreichbar sein.
## Dort muss ein ausgehender Webhook mit dem Content-Type "application/x-www-form-urlencoded"
## eingerichtet werden, der die URL http://172.17.0.1:9999 anspricht.
## Die IP 172.17.0.1 ist die Server-IP des Docker Netzwerkes.
## Dadurch ist der Port nur von den Docker-Prozessen auf diesem Host erreichbar.
#REQUIRED (unless useAPI=true)
BindAddress="0.0.0.0:9999"
#Icon that will be showed in mattermost.
#OPTIONAL
#IconURL="http://youricon.png"
#Enable to not verify the certificate on your mattermost server.
#e.g. when using selfsigned certificates
#OPTIONAL (default false)
SkipTLSVerify=true
#how to format the list of IRC nicks when displayed in mattermost.
#Possible options are "table" and "plain"
#OPTIONAL (default plain)
NickFormatter="plain"
#How many nicks to list per row for formatters that support this.
#OPTIONAL (default 4)
NicksPerRow=4
#Whether to prefix messages from other bridges to mattermost with the sender's nick.
#Useful if username overrides for incoming webhooks isn't enabled on the
#mattermost server. If you set PrefixMessagesWithNick to true, each message
#from bridge to Mattermost will by default be prefixed by "bridge-" + nick. You can,
#however, modify how the messages appear, by setting (and modifying) RemoteNickFormat
#OPTIONAL (default false)
PrefixMessagesWithNick=false
#Nicks you want to ignore.
#Messages from those users will not be sent to other bridges.
#OPTIONAL
#IgnoreNicks="ircspammer1 ircspammer2"
#Enable to show users joins/parts from other bridges (only from irc-bridge at the moment)
#OPTIONAL (default false)
ShowJoinPart=false
###################################################################
#telegram section
......@@ -232,10 +157,10 @@ enable=true
account="irc.freenode"
channel="#warpzone"
[[gateway.inout]]
#[[gateway.inout]]
## Raum Town-Squre auf dem Warpzone Mattermost Server
account="mattermost.warpzone"
channel="town-square"
#account="mattermost.warpzone"
#channel="town-square"
#[[gateway.inout]]
## Telegramm Gruppe @warpzone
......
......@@ -11,7 +11,6 @@
- /srv/shared/noreply_email_pass
- /srv/ldap/secret/ldap_admin_pass
- /srv/ldap/secret/ldap_readonly_pass
- /srv/warpinfra/secret/mattermost_api_key
- /srv/warpinfra/secret/web_secret_key
- /srv/warpinfra/secret/mysql_root_pw
- /srv/warpinfra/secret/mysql_user_pw
......@@ -22,7 +21,6 @@
noreply_email_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
ldap_admin_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
ldap_readonly_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mattermost_api_key: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mattermost_api_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
web_secret_key: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mysql_root_pw: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mysql_user_pw: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
......@@ -73,7 +71,7 @@
src: "docker-compose.yml"
dest: "/srv/warpinfra/docker-compose.yml"
- name: start warpinfratest docker
- name: start warpinfra docker
docker_service:
project_src: /srv/warpinfra/
state: present
......
......@@ -16,7 +16,7 @@ PW_RESET_TOKEN_LIFETIME = 5
ALLOWED_HOSTS = infra.warpzone.ms
[mattermost]
API_KEY = {{mattermost_api_key}}
API_KEY = none
[mysql]
MYSQL_HOST = db
......
......@@ -11,7 +11,6 @@
- /srv/shared/noreply_email_pass
- /srv/ldap/secret/ldap_admin_pass
- /srv/ldap/secret/ldap_readonly_pass
- /srv/warpinfratest/secret/mattermost_api_key
- /srv/warpinfratest/secret/web_secret_key
- /srv/warpinfratest/secret/mysql_root_pw
- /srv/warpinfratest/secret/mysql_user_pw
......@@ -22,7 +21,6 @@
noreply_email_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
ldap_admin_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
ldap_readonly_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mattermost_api_key: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mattermost_api_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
web_secret_key: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mysql_root_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mysql_user_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
......
......@@ -16,7 +16,7 @@ PW_RESET_TOKEN_LIFETIME = 5
ALLOWED_HOSTS = infra.warpzone.ms
[mattermost]
API_KEY = {{mattermost_api_key}}
API_KEY = none
[mysql]
MYSQL_HOST = db
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment