From 1b7506d6479fdc924575deec1059e0e264cb1227 Mon Sep 17 00:00:00 2001 From: Juan Ferrer Toribio Date: Wed, 2 Oct 2024 20:14:27 +0200 Subject: [PATCH] refs #8025 Added Passbolt env config template --- .passbolt.tpl.yml | 8 ++++++++ README.md | 14 +++++++------- 2 files changed, 15 insertions(+), 7 deletions(-) create mode 100644 .passbolt.tpl.yml diff --git a/.passbolt.tpl.yml b/.passbolt.tpl.yml new file mode 100644 index 0000000..6ea56b3 --- /dev/null +++ b/.passbolt.tpl.yml @@ -0,0 +1,8 @@ +PASSBOLT_BASE_URL: https://passbolt.domain.local/ +PASSBOLT_PASSPHRASE: "S3cr3tP4$$w0rd" +PASSBOLT_PRIVATE_KEY: | + -----BEGIN PGP PRIVATE KEY BLOCK----- + AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA + AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA + AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA + -----END PGP PRIVATE KEY BLOCK----- diff --git a/README.md b/README.md index daf9d4d..a5c08be 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,13 @@ When running playbooks that use any of the keystores mentioned above, the *run-playbook.sh* script can be used, it is an ovelay over the original *ansible-playbook* command which injects the necessary parameters. +### Passbolt + +Add the necessary environment variables to the *.passbolt.yml* file, the +template file *.passbolt.tpl.yml* is included as a reference: + +* https://galaxy.ansible.com/ui/repo/published/anatomicjc/passbolt/docs/ + ### Ansible vault To manage Ansible vault place the encryption password into *.vault-pass* file. @@ -64,16 +71,9 @@ Manage the vault. ansible-vault {view,edit,create} --vault-pass-file .vault-pass .vault.yml ``` -> [!CAUTION] > The files used for the vault must only be used locally and > under **no** circumstances can they be uploaded to the repository. -### Passbolt - -Add the necessary environment variables to the *.passbolt.yml* file: - -* https://galaxy.ansible.com/ui/repo/published/anatomicjc/passbolt/docs/ - ## Build execution environment for AWX Create an image with *ansible-builder* and upload it to registry.