boma/inventories/production/group_vars/all
sjat 3762be4622 feat(netbird): vault secrets — auth_secret + datastore_key
Self-generated random values for the NetBird coordinator: auth_secret (relay/JWT
shared secret) and datastore_key (SQLite store encryption, base64 32 bytes with
padding). Wired into roles/netbird_coordinator config.yaml via vault.netbird.*.
No CHANGEME — both are agent-generatable (not operator-supplied). The M5 peer
setup key is a runtime dashboard artifact, added to vault when M5 wires it.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-15 17:52:16 +02:00
..
firewall.yml feat(base): shared firewall catalog/zones + firewall defaults 2026-06-06 18:49:40 +02:00
public_dns.yml docs(review): 2026-06-14 repo audit — M4a doc drift + Traefik→Caddy lag 2026-06-14 18:37:54 +02:00
reverse_proxy.yml refactor(reverse_proxy): vanilla Caddy + HTTP-01 (drop DNS-01 custom image) 2026-06-14 18:11:20 +02:00
vars.yml docs: reconcile lower-severity review findings (O9-O24) 2026-06-14 19:31:40 +02:00
vault.yml feat(netbird): vault secrets — auth_secret + datastore_key 2026-06-15 17:52:16 +02:00