From 15db597232debc5f68c76f50fd765ecd0ed17d03 Mon Sep 17 00:00:00 2001
From: Kacper Donat <kadet1090@gmail.com>
Date: Fri, 28 Oct 2022 18:24:50 +0200
Subject: [PATCH] Add dockerregistryauth global secret

---
 templates/dockerregistryauth.json.j2 |  8 ++++++++
 vars/environment.yml                 | 13 +++++++++++++
 vars/services.yml                    | 10 +---------
 3 files changed, 22 insertions(+), 9 deletions(-)
 create mode 100644 templates/dockerregistryauth.json.j2

diff --git a/templates/dockerregistryauth.json.j2 b/templates/dockerregistryauth.json.j2
new file mode 100644
index 0000000..f86068c
--- /dev/null
+++ b/templates/dockerregistryauth.json.j2
@@ -0,0 +1,8 @@
+{
+  "auths": {
+    "registry.kadet.net": {
+      "username": "{{ swarm_registry_user.name }}",
+      "password": "{{ swarm_registry_user.password }}"
+    }
+  }
+}
diff --git a/vars/environment.yml b/vars/environment.yml
index ad2207b..bebd328 100644
--- a/vars/environment.yml
+++ b/vars/environment.yml
@@ -13,3 +13,16 @@ pip_executable: pip3
 swarm_global_networks:
  - name: traefik
 swarm_host_address: "{{ ansible_docker0.ipv4.address }}"
+swarm_registry_user:
+  name: docker-swarm
+  password: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    62333030343330666634643234323865303633343330333030303066363264323434656637356233
+    6165386664316536366235366336393561306139346235610a393566633363383734353933366331
+    36343364643366626230303463633164393336363736633662643536646539616235393232643930
+    3266326630393535660a393764376130343264643064613131393663333836356337613566343130
+    65353438613864373962636463613836313034633963613834393233376136313861303538346265
+    6139666332373137303962646530353364333732353339313262
+swarm_global_secrets:
+ - name: dockerregistryauth
+   data: "{{ lookup('ansible.builtin.template', 'templates/dockerregistryauth.json.j2', convert_data=False)|string }}"
diff --git a/vars/services.yml b/vars/services.yml
index 2594aff..0128268 100644
--- a/vars/services.yml
+++ b/vars/services.yml
@@ -118,6 +118,7 @@ service_config:
 
   registry:
     registry_users:
+      - "{{ swarm_registry_user }}"
       - name: kadet
         password: !vault |
           $ANSIBLE_VAULT;1.1;AES256
@@ -136,15 +137,6 @@ service_config:
           3861393364356136350a393433613066663535333934636664613164653139323166343030633566
           36343734666637336665316231636631313633336331306633386665616337363166646132366133
           6166376237646566656166386631303732633831323961363038
-      - name: docker-swarm
-        password: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          62333030343330666634643234323865303633343330333030303066363264323434656637356233
-          6165386664316536366235366336393561306139346235610a393566633363383734353933366331
-          36343364643366626230303463633164393336363736633662643536646539616235393232643930
-          3266326630393535660a393764376130343264643064613131393663333836356337613566343130
-          65353438613864373962636463613836313034633963613834393233376136313861303538346265
-          6139666332373137303962646530353364333732353339313262
       - name: andrzej
         password: !vault |
           $ANSIBLE_VAULT;1.1;AES256