Post-X-Society/Post-Tyranny-Tech-Infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

security: Remove exposed Kuma API key from defaults

Browse source 
The API key was not used by the automation (which uses username/password
from shared_secrets instead) and should not be in version control.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Pieter 2026-01-20 21:46:18 +01:00
parent 52d8e40348
commit 825ed29b25
1 changed files with 4 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
ansible/roles/kuma/defaults/main.yml
View file

@ -3,13 +3,10 @@
kuma_enabled: true kuma_enabled: true
kuma_url: "https://status.vrije.cloud" kuma_url: "https://status.vrije.cloud"
# Authentication options: # Authentication - credentials loaded from shared_secrets in tasks/main.yml
# Option 1: Username/Password (required for Socket.io API used by Python library) # Uses username/password (required for Socket.io API used by Python library)
kuma_username: "" # Set this for automated registration kuma_username: "" # Loaded from shared_secrets.kuma_username
kuma_password: "" # Set this for automated registration kuma_password: "" # Loaded from shared_secrets.kuma_password
# Option 2: API Key (only for REST endpoints like /metrics, not for monitor management)
kuma_api_key: "uk1_H2YjQsSG8em8GG9G9c0arQogSizXI1CRPNgTEUlU"
# Monitors to create for each client # Monitors to create for each client
kuma_monitors: kuma_monitors: