---

# password for wifi, if applicable
conn_pass: ""

# password for ddclient
ddclient_pass: ""

# syncthing gui password
syncthing_gui_pass: ""

# Matrix Synapse secrets
# You can generate these with:
#
#   docker run -it --rm \
#    --mount type=volume,src=synapse-data,dst=/data \
#    -e SYNAPSE_SERVER_NAME=my.matrix.host \
#    -e SYNAPSE_REPORT_STATS=yes \
#    matrixdotorg/synapse:latest generate
#
# Just yoink the secrets out of the configuration file it makes
# Otherwise cat /dev/urandom | base64 | head -c 32 probably works too
registration_shared_secret: ""
macaroon_secret_key: ""
form_secret: ""

# paperless secret key
paperless_secret: ""

wireguard_secret:
  # server secrets
  # generate with `wg genkey`, available in the 'wireguard-tools' package
  servers:
    your_bastion_host:
      # see inventory.yml to set the vpn address
      priv: ""
      # pipe the secret key (see secret_template in group_vars/) into `wg pubkey` to get this
      pub: ""
    your_fleet_host:
      priv: ""
      pub: ""

  # list of clients to generate configs for on the bastion host
  clients:
    # name of the client
    - name: test_client
      addr: "10.66.77.2"
      priv_key: ""
      pub_key: ""