From e42fbe73f41eb76babffab97f797b8016f992516 Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Thu, 20 Jun 2019 22:17:09 +0800 Subject: [PATCH] feat(database): encryption of secrets stored in the database --- defaults/main.yml | 5 +++++ templates/drone-server.env.j2 | 3 +++ 2 files changed, 8 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 02cef3d..557a0d1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,3 +1,4 @@ +# server setting drone_server_enable: "false" drone_agent_enable: "false" drone_version: "latest" @@ -9,23 +10,27 @@ drone_rpc_server: "http://drone-server" drone_runner_capacity: "3" drone_host_port: "8080" +# github setting drone_github_server: "https://github.com" drone_github_client_id: "" drone_github_client_secret: "" drone_github_debug: "false" +# gitlab setting drone_gitlab_server: "https://gitlab.com" drone_gitlab_client_id: "" drone_gitlab_client_secret: "" drone_gitlab_skip_verify: "false" drone_gitlab_debug: "false" +# gitea setting drone_gitea_server: "" drone_gitea_client_id: "" drone_gitea_client_secret: "" drone_gitea_skip_verify: "false" drone_gitea_debug: "false" +# database setting drone_database_driver: "sqlite" drone_sqlite_dir: "/var/lib/drone" drone_postgres_data_dir: "/var/lib/postgresql/data" diff --git a/templates/drone-server.env.j2 b/templates/drone-server.env.j2 index 1daf399..dd0086a 100644 --- a/templates/drone-server.env.j2 +++ b/templates/drone-server.env.j2 @@ -8,6 +8,9 @@ DRONE_TLS_AUTOCERT=false {% if drone_rpc_secret is defined %} DRONE_RPC_SECRET={{ drone_rpc_secret }} {% endif %} +{% if drone_database_secret is defined and drone_database_secret != "" %} +DRONE_DATABASE_SECRET={{ drone_database_secret }} +{% endif %} DRONE_AGENTS_ENABLED=true {% if drone_logs_pretty is defined %} DRONE_LOGS_PRETTY={{ drone_logs_pretty }}