-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsecrets.yaml.example
More file actions
31 lines (27 loc) · 1.5 KB
/
secrets.yaml.example
File metadata and controls
31 lines (27 loc) · 1.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# secrets.yaml — Sensitive values for your homestak deployment
#
# This file is auto-initialized from secrets.yaml.example during bootstrap.
# Most values are populated automatically — see comments below.
#
# Optional: encrypt with SOPS/age after real secrets exist.
# make encrypt # secrets.yaml -> secrets.yaml.enc
# make decrypt # secrets.yaml.enc -> secrets.yaml
# ── API Tokens ─────────────────────────────────────────
# Auto-generated by 'homestak pve-setup' — no manual setup needed.
# One entry per PVE host, keyed by hostname.
api_tokens: {}
# ── Passwords ──────────────────────────────────────────
# EDIT: VM root password hash (used by cloud-init)
# Generate with: openssl passwd -6
# Leave empty to disable root password login on VMs.
passwords:
vm_root: ""
# ── SSH Keys ───────────────────────────────────────────
# Auto-populated by 'homestak site-init' from the host's SSH key.
# Additional keys can be added manually (key: "ssh-ed25519 AAAA...").
ssh_keys: {}
# ── Auth ───────────────────────────────────────────────
# Signing key for VM provisioning tokens.
# Auto-generated on first use if empty.
auth:
signing_key: ""