--- # Root password bootstrap__root_pass: '{{lookup("vault", "hosts", field="root-pass", stage="all", env="all")}}' # Consul bootstrap__consul_encryption_key: '{{lookup("vault", "consul/config", field="encryption-key", stage="all", env="all")}}' bootstarp__consul_agent_acl_token: '{{lookup("vault", "consul/acl-tokens", field="agent-default", stage="all", env="all")}}' bootstrap__consul_certs_ca_crt: '{{lookup("vault", "consul/certs", field="ca.pem", stage="all", env="all")}}' bootstrap__consul_certs_client_crt: '{{lookup("vault", "consul/certs", field="client.pem", stage="all", env="all")}}' bootstrap__consul_certs_client_key: '{{lookup("vault", "consul/certs", field="client-key.pem", stage="all", env="all")}}' # SSHGuard bootstrap__sshguard_whitelist_extra: ['{{lookup("vault", "sshguard/whitelist", field="jakubgs-home", stage="all", env="all")}}'] # Wireguard wireguard_consul_acl_token: '{{lookup("vault", "consul/acl-tokens", field="wireguard", stage="all", env="all")}}' # Volume of Trace level logs is too high and fills up ES cluster. bootstrap__rsyslog_filter_rules: ['TRC'] # Docker registry bootstrap__docker_registries: - url: 'https://harbor.status.im' username: 'robot$wakuorg+infra-waku' password: '{{ lookup("vault", "robot", field="robot$wakuorg+infra-waku", env="ci", stage="harbor")}}' # Custom SSH accounts for Nimbus fleet, should start from UID 8000. bootstrap__active_extra_users: - { name: hanno, uid: 8003, admin: true, key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDDlvmNGKxoddAmOuXvjm0II0M82aLjczb8F1ZTSV7zyvKaw6DNuaN6c6ZCdUvdjfF4hdEwMXNB37Cr5oysPo41rIuii+RVPd+c2WLZnC/MCg8d6b0/mREIfpuEMlz+u4lyr8/DST7zO4Ke95w5kVGtlh2kR88F9mlJlkyq2NCiqBU/blKObOjqS8OMRuMJ0GpwzF9+/dfXVahzdgHgKS0Q1ATvLHL0DvZSAGwHfHcIV5nF0ddRCofX4L2shIImZk5dAsATQTkT2gNWObhF6KuWbVyuhsLfRletzdnf8jUYm9Uatf7Woa9CxbPjdGxVxniZblmOumcaCNgaioKs0qeZzwNQmgJ/PXXw9uVWhDUYvNh7Cz+SNTVm4WG1tEk3WO9EU5dcCTgfEa94LUl5G+yXYX8H00spubpiWXv/0RjEQX4CZeu0pff209GLDWdpIaV8p9QVFBr8X8t8jw5zw5j/PxkprcT5P2A1t+WOUn9LrBzOJ1iAU3oJV3ZMYQhUS78= hanno@status.im' } - { name: ivan, uid: 8004, admin: true, key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJBdm8y1PfWjT1pioaWJSZ2ETrUySb+dS/ifDg+VIpLY ivansete@status.im' } - { name: zoltan, uid: 8005, admin: true, key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFNYe8dLIGTTrTYgKfaXhai6uQmJfewJPi3MXwIeM2Zk zoltan@status.im' } - { name: gabriel,uid: 8006, admin: true, key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2/Z8eRjB+uYwC8OTYwMI5HYaZvpD68fKLvo2f6/2abzs5MTskXVlDFB7XDsFw+s1oloKKKNl+VYA7WR4qO8c0usMHll2Io1XuRdMJQsUaERpxKOeddIpsOaAmHea7Dh/JVdC07aQm0QDYnfSXD66k//LD2EfjSp/9L6ObPbtWSYnMtlIxmNq8hdP33R59HAcpZtXnubElQhxAMtY4pnBNI/jJS44uan2asNT4vftUMUAmSGjwTVgbRHiE1nyvwcisvy8kDQILXxchetRcWZw/aztmvWUYOTebgdvlMirZRLw6gLjjKMoGgRIpI/vDHZyYezEdzjOLf//4qcD4ez5H gabriel@status.im' } # Wazuh Agent wazuh_agent_enrollment_key: '{{ lookup("vault", "manager/config", field="enrollment-password", env="hq", stage="wazuh")}}' wazuh_root_ca: '{{ lookup("vault", "root-ca", field="certificate", env="hq", stage="wazuh")}}'