From 2886a64741c9cdcde0e44358ad8386afbd43cef5 Mon Sep 17 00:00:00 2001 From: Haitao Pan Date: Mon, 16 Mar 2026 19:10:37 +0800 Subject: [PATCH] feat(release): split accounts public and secret vars --- ansible.cfg | 2 +- ansible/vars/accounts.host.example.yml | 15 +++------------ ansible/vars/accounts.release.public.yml | 11 +++++++++++ 3 files changed, 15 insertions(+), 13 deletions(-) create mode 100644 ansible/vars/accounts.release.public.yml diff --git a/ansible.cfg b/ansible.cfg index fc9b194..0a793f8 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,6 +1,6 @@ [defaults] inventory = ansible/inventory.ini -roles_path = ansible/roles:../github-org-cloud-neutral-toolkit/ansible/roles +roles_path = ansible/roles:../../ansible/roles:../github-org-cloud-neutral-toolkit/ansible/roles host_key_checking = False retry_files_enabled = False interpreter_python = auto_silent diff --git a/ansible/vars/accounts.host.example.yml b/ansible/vars/accounts.host.example.yml index b3681c8..75d79bd 100644 --- a/ansible/vars/accounts.host.example.yml +++ b/ansible/vars/accounts.host.example.yml @@ -1,5 +1,6 @@ -# Copy to ansible/vars/accounts.host.yml (gitignored), or store the real values -# in an external Ansible Vault file and pass it with: +# Public release defaults now live in ansible/vars/accounts.release.public.yml. +# Copy only the secret values below to ansible/vars/accounts.host.yml (gitignored), +# or store the real values in an external Ansible Vault file and pass it with: # ansible-playbook -D -C ansible/playbooks/deploy_accounts_compose.yml -e @/secure/path/accounts.vault.yml service_compose_image: ghcr.io/YOUR_GITHUB_ORG/accounts:latest @@ -7,19 +8,9 @@ service_compose_registry_server: ghcr.io service_compose_registry_username: CHANGE_ME service_compose_registry_password: CHANGE_ME service_compose_env_common: - CONFIG_TEMPLATE: /app/config/account.cloudrun.yaml INTERNAL_SERVICE_TOKEN: CHANGE_ME - DB_TLS_HOST: postgresql-aws.svc.plus - DB_TLS_PORT: "5443" - POSTGRES_USER: postgres POSTGRES_PASSWORD: CHANGE_ME - DB_USER: postgres - DB_NAME: account DB_PASSWORD: CHANGE_ME - SMTP_HOST: smtp.qq.com - SMTP_PORT: "587" - SMTP_FROM: XControl Account - SMTP_USERNAME: CHANGE_ME SMTP_PASSWORD: CHANGE_ME service_compose_deploy_targets: - name: prod diff --git a/ansible/vars/accounts.release.public.yml b/ansible/vars/accounts.release.public.yml new file mode 100644 index 0000000..4cf6c20 --- /dev/null +++ b/ansible/vars/accounts.release.public.yml @@ -0,0 +1,11 @@ +service_compose_env_common: + CONFIG_TEMPLATE: /app/config/account.cloudrun.yaml + DB_TLS_HOST: postgresql-aws.svc.plus + DB_TLS_PORT: "5443" + POSTGRES_USER: postgres + DB_USER: postgres + DB_NAME: account + SMTP_HOST: smtp.qq.com + SMTP_PORT: "587" + SMTP_FROM: "XControl Account " + SMTP_USERNAME: manbuzhe2009@qq.com