From df1e1cbcad2b31fd27da719ffe9fc98191d798c9 Mon Sep 17 00:00:00 2001 From: Caleb Braaten Date: Mon, 6 Apr 2026 19:33:37 -0700 Subject: [PATCH] Rename 1Password Vault --- nomad_jobs/apps/penpot-standalone.nomad.hcl | 2 +- nomad_jobs/services/minio/minio-singleton.nomad.hcl | 4 ++-- nomad_jobs/services/minio/minio.nomad.hcl | 10 +++++----- nomad_jobs/services/minio/readme.md | 12 ++++++------ nomad_jobs/services/penpot/penpot.nomad.hcl | 10 +++++----- nomad_jobs/services/postgres/postgres.nomad.hcl | 4 ++-- nomad_jobs/services/postgres/readme.md | 6 +++--- nomad_jobs/services/umami/umami.nomad.hcl | 10 +++++----- 8 files changed, 29 insertions(+), 29 deletions(-) diff --git a/nomad_jobs/apps/penpot-standalone.nomad.hcl b/nomad_jobs/apps/penpot-standalone.nomad.hcl index 0339371..fc49e26 100644 --- a/nomad_jobs/apps/penpot-standalone.nomad.hcl +++ b/nomad_jobs/apps/penpot-standalone.nomad.hcl @@ -1,7 +1,7 @@ locals { TRAEFIK_DOMAIN = "penpot.example.local" PENPOT_PUBLIC_URI = "https://${local.TRAEFIK_DOMAIN}" - PENPOT_SECRET_KEY = "op://InfraSecrets/7hbsxng22unjqc4wkj62qniu2u/credential" # Try running `openssl rand -hex 32` to generate a random secret key + PENPOT_SECRET_KEY = "op://Homelab/7hbsxng22unjqc4wkj62qniu2u/credential" # Try running `openssl rand -hex 32` to generate a random secret key PENPOT_FLAGS = "enable-demo-users" } diff --git a/nomad_jobs/services/minio/minio-singleton.nomad.hcl b/nomad_jobs/services/minio/minio-singleton.nomad.hcl index 8e92cd3..f44570b 100644 --- a/nomad_jobs/services/minio/minio-singleton.nomad.hcl +++ b/nomad_jobs/services/minio/minio-singleton.nomad.hcl @@ -51,8 +51,8 @@ job "minio-singleton" { } env { - MINIO_ROOT_USER="op://InfraSecrets/Minio-Singleton/username" - MINIO_ROOT_PASSWORD="op://InfraSecrets/Minio-Singleton/password" + MINIO_ROOT_USER="op://Homelab/Minio-Singleton/username" + MINIO_ROOT_PASSWORD="op://Homelab/Minio-Singleton/password" } } } diff --git a/nomad_jobs/services/minio/minio.nomad.hcl b/nomad_jobs/services/minio/minio.nomad.hcl index 525dc1c..1999790 100644 --- a/nomad_jobs/services/minio/minio.nomad.hcl +++ b/nomad_jobs/services/minio/minio.nomad.hcl @@ -80,8 +80,8 @@ job "minio" { } env { - MINIO_ROOT_USER="op://InfraSecrets/Minio Tier 1/username" - MINIO_ROOT_PASSWORD="op://InfraSecrets/Minio Tier 1/password" + MINIO_ROOT_USER="op://Homelab/Minio Tier 1/username" + MINIO_ROOT_PASSWORD="op://Homelab/Minio Tier 1/password" } } } @@ -107,7 +107,7 @@ job "minio" { } } } - + volume "minio-warm-data" { type = "host" source = "minio-hdd" # Tier 2 Storage Host Volume @@ -135,8 +135,8 @@ job "minio" { } env { - MINIO_ROOT_USER="op://InfraSecrets/Minio Tier 2/username" - MINIO_ROOT_PASSWORD="op://InfraSecrets/Minio Tier 2/password" + MINIO_ROOT_USER="op://Homelab/Minio Tier 2/username" + MINIO_ROOT_PASSWORD="op://Homelab/Minio Tier 2/password" } } } diff --git a/nomad_jobs/services/minio/readme.md b/nomad_jobs/services/minio/readme.md index 9b18e91..271f781 100644 --- a/nomad_jobs/services/minio/readme.md +++ b/nomad_jobs/services/minio/readme.md @@ -22,8 +22,8 @@ If you want to deploy this, you will need to verify you have a valid host volume | --- | --- | --- | | 30 | `source = "minio"` | Change `minio` to a valid host volume name if applicable | | 37 | `volume = "minio-data"` | Change `minio-data` to the host volume defined on line 28 if applicable | -| 54 | `"MINIO_ROOT_USER"="op://InfraSecrets/Minio-Singleton/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | -| 55 | `"MINIO_ROOT_PASSWORD"="op://InfraSecrets/Minio-Singleton/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 54 | `"MINIO_ROOT_USER"="op://Homelab/Minio-Singleton/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 55 | `"MINIO_ROOT_PASSWORD"="op://Homelab/Minio-Singleton/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | ### Minio-Tiered (minio.nomad.hcl) This job is for an instance of Minio with tiering. If your host has SSDs and HDDs, you can configure Minio to use the SSDs for "HOT" storage and the HDDs for "WARM" storage. This is useful for managing data that is accessed frequently and data that is accessed infrequently. @@ -40,9 +40,9 @@ If you want to deploy this, you will need to verify you have a valid host volume | --- | --- | --- | | 59 | `source = "minio-ssd"` | Change `minio-ssd` to a valid host volume name if applicable | | 66 | `volume = "minio-data"` | Change `minio-data` to the host volume defined on line 57 if applicable | -| 83 | `"MINIO_ROOT_USER"="op://InfraSecrets/Minio Tier 1/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | -| 84 | `"MINIO_ROOT_PASSWORD"="op://InfraSecrets/Minio Tier 1/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 83 | `"MINIO_ROOT_USER"="op://Homelab/Minio Tier 1/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 84 | `"MINIO_ROOT_PASSWORD"="op://Homelab/Minio Tier 1/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | | 113 | `source = "minio-hdd"` | Change `minio-hdd` to a valid host volume name if applicable | | 121 | `volume = "minio-warm-data"` | Change `minio-warm-data` to the host volume defined on line 111 if applicable | -| 138 | `"MINIO_ROOT_USER"="op://InfraSecrets/Minio Tier 2/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | -| 139 | `"MINIO_ROOT_PASSWORD"="op://InfraSecrets/Minio Tier 2/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 138 | `"MINIO_ROOT_USER"="op://Homelab/Minio Tier 2/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 139 | `"MINIO_ROOT_PASSWORD"="op://Homelab/Minio Tier 2/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | diff --git a/nomad_jobs/services/penpot/penpot.nomad.hcl b/nomad_jobs/services/penpot/penpot.nomad.hcl index aac016f..4642001 100644 --- a/nomad_jobs/services/penpot/penpot.nomad.hcl +++ b/nomad_jobs/services/penpot/penpot.nomad.hcl @@ -11,10 +11,10 @@ locals { PENPOT_BACKEND_URI = "http://127.0.0.1:6060" PENPOT_EXPORTER_URI = "http://127.0.0.1:6061" PENPOT_FLAGS = "enable-smtp enable-registration enable-login-with-password enable-demo-users" - PENPOT_SECRET_KEY = "op://InfraSecrets/7hbsxng22unjqc4wkj62qniu2u/credential" # Try running `openssl rand -hex 32` to generate a random secret key + PENPOT_SECRET_KEY = "op://Homelab/7hbsxng22unjqc4wkj62qniu2u/credential" # Try running `openssl rand -hex 32` to generate a random secret key PENPOT_DATABASE_URI = "postgresql://127.0.0.1:5432/penpot" - PENPOT_DATABASE_USERNAME = "op://InfraSecrets/Postgres - Penpot User/username" - PENPOT_DATABASE_PASSWORD = "op://InfraSecrets/Postgres - Penpot User/password" + PENPOT_DATABASE_USERNAME = "op://Homelab/Postgres - Penpot User/username" + PENPOT_DATABASE_PASSWORD = "op://Homelab/Postgres - Penpot User/password" PENPOT_REDIS_URI = "redis://127.0.0.1:6379/0" PENPOT_TELEMERY_ENABLED = "false" } @@ -25,8 +25,8 @@ locals { PENPOT_STORAGE_ASSETS_FS_DIRECTORY = "/opt/data/assets" PENPOT_ASSETS_STORAGE_BACKEND = "assets-s3" - AWS_ACCESS_KEY_ID = "op://InfraSecrets/Penpot S3 Key/username" - AWS_SECRET_ACCESS_KEY = "op://InfraSecrets/Penpot S3 Key/credential" + AWS_ACCESS_KEY_ID = "op://Homelab/Penpot S3 Key/username" + AWS_SECRET_ACCESS_KEY = "op://Homelab/Penpot S3 Key/credential" PENPOT_STORAGE_ASSETS_S3_ENDPOINT = "http://127.0.0.1:9000" PENPOT_STORAGE_ASSETS_S3_BUCKET = "penpot" } diff --git a/nomad_jobs/services/postgres/postgres.nomad.hcl b/nomad_jobs/services/postgres/postgres.nomad.hcl index 23bbb35..57bc29b 100644 --- a/nomad_jobs/services/postgres/postgres.nomad.hcl +++ b/nomad_jobs/services/postgres/postgres.nomad.hcl @@ -45,8 +45,8 @@ job "postgres" { } env = { - POSTGRES_USER="op://InfraSecrets/Postgres Root/username", - POSTGRES_PASSWORD="op://InfraSecrets/Postgres Root/password" + POSTGRES_USER="op://Homelab/Postgres Root/username", + POSTGRES_PASSWORD="op://Homelab/Postgres Root/password" } } } diff --git a/nomad_jobs/services/postgres/readme.md b/nomad_jobs/services/postgres/readme.md index 68ffeaa..35636b1 100644 --- a/nomad_jobs/services/postgres/readme.md +++ b/nomad_jobs/services/postgres/readme.md @@ -16,8 +16,8 @@ If you want to deploy this, you will need to verify you have a valid host volume | --- | --- | --- | | 17 | `source = "postgres"` | Change `postgres` to a valid host volume name | | 38 | `volume = "postgres-data"` | Change `postgres-data` to the host volume defined on line 15 if applicable | -| 48 | `"POSTGRES_USER"="op://InfraSecrets/Postgres Root/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | -| 49 | `"POSTGRES_PASSWORD"="op://InfraSecrets/Postgres Root/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 48 | `"POSTGRES_USER"="op://Homelab/Postgres Root/username"` | Change the value to the root username you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | +| 49 | `"POSTGRES_PASSWORD"="op://Homelab/Postgres Root/password"` | Change the value to the root password you want. By default, this is a 1password path. See [Managing Secrets](../../README.md#managing-secrets) for more information | ## Make a New Database @@ -33,4 +33,4 @@ CREATE USER appname WITH PASSWORD 'not-a-secure-password'; CREATE DATABASE appname WITH OWNER appname; ``` -The user and database can be the same name because they are records in different tables but feel free to make them whatever you think is best. +The user and database can be the same name because they are records in different tables but feel free to make them whatever you think is best. diff --git a/nomad_jobs/services/umami/umami.nomad.hcl b/nomad_jobs/services/umami/umami.nomad.hcl index 6b89d9a..b855551 100644 --- a/nomad_jobs/services/umami/umami.nomad.hcl +++ b/nomad_jobs/services/umami/umami.nomad.hcl @@ -7,14 +7,14 @@ locals { // OP is 1Password for CLI locals { - OP_DB_USER = "op://InfraSecrets/Umami/ENV_SECRETS/PostgresUsername" - OP_DB_PASSWORD = "op://InfraSecrets/Umami/ENV_SECRETS/PostgresPassword" - OP_AppSecret = "op://InfraSecrets/Umami/ENV_SECRETS/AppSecret" + OP_DB_USER = "op://Homelab/Umami/ENV_SECRETS/PostgresUsername" + OP_DB_PASSWORD = "op://Homelab/Umami/ENV_SECRETS/PostgresPassword" + OP_AppSecret = "op://Homelab/Umami/ENV_SECRETS/AppSecret" } locals { USER_PASSWORD = "${local.OP_DB_USER}:${local.OP_DB_PASSWORD}" - + UMAMI_APPSECRET = "${local.OP_AppSecret}" UMAMI_DB_URL = "postgresql://${local.USER_PASSWORD}@127.0.0.1:5432/umami" UMAMI_DB_TYPE = "postgresql" @@ -46,7 +46,7 @@ job "umami" { local_bind_address = "127.0.0.1" local_bind_port = 5432 } - } + } tags = ["traefik.enable=false"] # Hide envoy from traefik } }