Improve group vars vault usage for patchwork

Signed-off-by: Florian Pritz <bluewind@xinu.at>

Improve group vars vault usage for patchwork
Signed-off-by: Florian Pritz <bluewind@xinu.at>
b1503b03 · Florian Pritz · 9812145d · b1503b03 · b1503b03 · b1503b03
Commit b1503b03 authored Jun 07, 2018 by Florian Pritz
--- a/group_vars/all/vault_patchwork.yml
+++ b/group_vars/all/vault_patchwork.yml
 $ANSIBLE_VAULT;1.1;AES256
-66626363643366663663386366336438363763316164343133313465313938653636356238333537
-6462643961343532386664326563663136386535363330300a396537393131303234323233363261
-30333764393037356339373361366161356561623338656136333265663134366337336462393130
-3263313639346633370a376234376339636430343233353163346464643963616531383264653231
-31666237306230313630656366383037623336353932646461346364336630323965376530323831
-31393332336433633234313639616561623466323366643563326361646361653761666132653131
-33333965393361353830373763393034393731393932373435366639323065373564373236323161
-63623764306135356538633438306231373661653362336536373163306338386530353362323131
-30316237366362653065393734383235346335353362656430323165346466656265363132646231
-61383931353437633561653032663035623934326535336630366136303965663564353732393964
-35353634353839376337643739376263623564373037353361326235613436613130313566396138
-63393139396663646562306664303637616535343436623039643538623765346432393261346136
-6363
+64653630653033366336376639373134306130333366636164306562613364656663616530373935
+3639616465666362356533613833303833366362363764390a663562383132343331363238663030
+64323566613261336335623063666564323336393832643335323337303239396437633266333362
+3461666638303666330a373437363662613665356431363465613762633430643532376439393163
+38646163383361306137376234323938383235373932306630613062306630353765363036613764
+37353965303663333737663437323630366431633934663734346333613136313666333966313661
+63376562643261643035376261316662383461313733313933323638613738336232646632313462
+38343630326439303764393164326565343261656536363934356664656637373433376664316236
+32663038306630373866333436323237616632336132323233393662393862623538356331663837
+61363566623764386264386239323965376263393136313361383838633239393633653632653863
+30343266346334393430396463303236306233363136373462373565336236316335623939343236
+33303631323831303636323935313034343334646162613633633731333363363837626239396236
+63666466616634333833633330346332343431626535343435343738353233623434
--- a/roles/patchwork/tasks/main.yml
+++ b/roles/patchwork/tasks/main.yml
@@ -46,8 +46,8 @@
  postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" encrypted=yes
  no_log: true
  with_items:
-    - { user: "{{ patchwork_db_user }}", password: "{{ patchwork_db_password }}" }
-    - { user: "{{ patchwork_db_backup_user }}", password: "{{ patchwork_db_backup_password }}" }
+    - { user: "{{ patchwork_db_user }}", password: "{{ vault_patchwork_db_password }}" }
+    - { user: "{{ patchwork_db_backup_user }}", password: "{{ vault_patchwork_db_backup_password }}" }

 - name: create patchwork db
  postgresql_db: name="{{ patchwork_db }}" login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" owner="{{ patchwork_db_user }}"
@@ -60,19 +60,19 @@
  when: (db_created.changed or release.changed or config.changed or virtualenv.changed or patchwork_forced_deploy)

 - name: db privileges for patchwork users
-  postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ patchwork_db_password }}"
+  postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
                    privs=CONNECT roles="{{ item }}" type=database
  with_items:
    - "{{ patchwork_db_backup_user }}"

 - name: table privileges for patchwork users
-  postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ patchwork_db_password }}"
+  postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
                    privs=SELECT roles="{{ item.user }}" type=table objs="{{ item.objs }}"
  with_items:
    - { user: "{{ patchwork_db_backup_user }}", objs: "{{ patchwork_db_backup_table_objs }}" }

 - name: sequence privileges for patchwork users
-  postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ patchwork_db_password }}"
+  postgresql_privs: database="{{ patchwork_db }}" host="{{ patchwork_db_host }}" login="{{ patchwork_db_user }}" password="{{ vault_patchwork_db_password }}"
                    privs=SELECT roles="{{ item.user }}" type=sequence objs="{{ item.objs }}"
  with_items:
    - { user: "{{ patchwork_db_backup_user }}", objs: "{{ patchwork_db_backup_sequence_objs }}" }

--- a/roles/patchwork/templates/production.py.j2
+++ b/roles/patchwork/templates/production.py.j2
@@ -27,7 +27,7 @@ from .base import *  # noqa
 #      chars = string.letters + string.digits + string.punctuation
 #      print repr("".join([random.choice(chars) for i in range(0,50)]))

-SECRET_KEY = '{{ patchwork_secret_key }}'
+SECRET_KEY = '{{ vault_patchwork_secret_key }}'

 # Email
 #
@@ -64,7 +64,7 @@ DATABASES = {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': '{{ patchwork_db }}',
        'USER': '{{ patchwork_db_user }}',
-        'PASSWORD': '{{ patchwork_db_password }}',
+        'PASSWORD': '{{ vault_patchwork_db_password }}',
        'HOST': '{{ patchwork_db_host }}',
        'PORT': 5432,
    },