Restore real credentials in private repo configs.

Passwords and tokens in compose defaults, .env files, and servers.json for quick NAS restore without manual secret setup. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-17 13:17:16 +02:00
parent 21dbee4b53
commit 290da02936
16 changed files with 68 additions and 23 deletions
@@ -0,0 +1,26 @@
+# Private homelab — echte credentials (repo is privé op Gitea)
+
+NAS_IP=192.168.1.211
+POSTGRES_USER=mo
+POSTGRES_PASSWORD=WaQTUw2t
+POSTGRES_DB=homelab
+PG_HOST_PORT=5433
+
+GRAFANA_ADMIN_USER=admin
+GRAFANA_ADMIN_PASSWORD=WaQTUw2t
+GRAFANA_ROOT_URL=http://192.168.1.211:3002
+
+PGADMIN_PASSWORD=WaQTUw2t
+PGADMIN_EMAIL=mo@el-kadi.nl
+
+NEO4J_AUTH=neo4j/WaQTUw2t
+DUCKDNS_SUBDOMAINS=mohome020
+DUCKDNS_TOKEN=8787f708-da03-41ed-97de-306436021d91
+
+ADGUARD_USERNAME=mo
+ADGUARD_PASSWORD=WaQTUw2t
+
+UNIFI_CONTROLLER_URL=https://192.168.1.24
+UNIFI_USERNAME=mo
+UNIFI_PASSWORD=WaQTUw2t123!
+UNIFI_SITE=default
@@ -1,18 +1,26 @@
-# Globale referentie — per service staat een eigen .env.example in docker/<service>/
+# Private homelab — echte credentials (repo is privé op Gitea)

 NAS_IP=192.168.1.211
 POSTGRES_USER=mo
-POSTGRES_PASSWORD=changeme
+POSTGRES_PASSWORD=WaQTUw2t
 POSTGRES_DB=homelab
 PG_HOST_PORT=5433

 GRAFANA_ADMIN_USER=admin
-GRAFANA_ADMIN_PASSWORD=changeme_grafana
+GRAFANA_ADMIN_PASSWORD=WaQTUw2t
 GRAFANA_ROOT_URL=http://192.168.1.211:3002

-PGADMIN_PASSWORD=changeme
+PGADMIN_PASSWORD=WaQTUw2t
 PGADMIN_EMAIL=mo@el-kadi.nl

-NEO4J_AUTH=neo4j/changeme
+NEO4J_AUTH=neo4j/WaQTUw2t
 DUCKDNS_SUBDOMAINS=mohome020
-DUCKDNS_TOKEN=your-token
+DUCKDNS_TOKEN=8787f708-da03-41ed-97de-306436021d91
+
+ADGUARD_USERNAME=mo
+ADGUARD_PASSWORD=WaQTUw2t
+
+UNIFI_CONTROLLER_URL=https://192.168.1.24
+UNIFI_USERNAME=mo
+UNIFI_PASSWORD=WaQTUw2t123!
+UNIFI_SITE=default
@@ -2,9 +2,8 @@
 .DS_Store
 Thumbs.db
 *.bak
-.env
-.env.*
-!.env.example
+.env.local
+*.local

 # Runtime data (niet in git)
 *.db
@@ -12,8 +12,8 @@ git clone http://192.168.1.211:3000/mo/homelab-command.git /volume1/homes/mo/hom

 ## 2. Secrets

-Kopieer per service `.env.example` → `.env` en vul wachtwoorden in.  
-**Nooit** echte `.env` committen.
+Wachtwoorden staan in `.env` / `.env.example` (private Gitea-repo).  
+Optioneel: `cp .env.example .env` per service als `.env` ontbreekt.

 ## 3. Startvolgorde (Docker)

@@ -0,0 +1,7 @@
+PUID=1026
+PGID=100
+TZ=Europe/Brussels
+DUCKDNS_SUBDOMAINS=mohome020
+DUCKDNS_TOKEN=8787f708-da03-41ed-97de-306436021d91
+DUCKDNS_UPDATE_IP=true
+DUCKDNS_INTERVAL=300
@@ -2,6 +2,6 @@ PUID=1026
 PGID=100
 TZ=Europe/Brussels
 DUCKDNS_SUBDOMAINS=mohome020
-DUCKDNS_TOKEN=your-duckdns-token
+DUCKDNS_TOKEN=8787f708-da03-41ed-97de-306436021d91
 DUCKDNS_UPDATE_IP=true
 DUCKDNS_INTERVAL=300
@@ -10,7 +10,7 @@ services:
      PUID: ${PUID:-1026}
      PGID: ${PGID:-100}
      TZ: ${TZ:-Europe/Brussels}
-      SUBDOMAINS: ${DUCKDNS_SUBDOMAINS:?}
-      TOKEN: ${DUCKDNS_TOKEN:?}
+      SUBDOMAINS: ${DUCKDNS_SUBDOMAINS:-mohome020}
+      TOKEN: ${DUCKDNS_TOKEN:-8787f708-da03-41ed-97de-306436021d91}
      UPDATE_IP: ${DUCKDNS_UPDATE_IP:-true}
      INTERVAL: ${DUCKDNS_INTERVAL:-300}
@@ -25,11 +25,11 @@ services:
      - PG_HOST=localhost
      - PG_PORT=5433
      - PG_USER=mo
-      - PG_PASSWORD=${PG_PASSWORD:?}
+      - PG_PASSWORD=${PG_PASSWORD:-WaQTUw2t}
      - PG_DATABASE=homelab
      - NEO4J_URI=neo4j://localhost:49153
      - NEO4J_USER=neo4j
-      - NEO4J_PASSWORD=${NEO4J_PASSWORD:-}
+      - NEO4J_PASSWORD=${NEO4J_PASSWORD:-WaQTUw2t}

    volumes:
      - whisper-cache:/root/.cache/huggingface
@@ -54,7 +54,7 @@ services:
      - "${GRAFANA_PORT:-3002}:3000"
    environment:
      GF_SECURITY_ADMIN_USER: ${GRAFANA_ADMIN_USER:-admin}
-      GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_ADMIN_PASSWORD:-changeme_grafana}
+      GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_ADMIN_PASSWORD:-WaQTUw2t}
      GF_USERS_DEFAULT_THEME: dark
      GF_SERVER_ROOT_URL: ${GRAFANA_ROOT_URL:-http://localhost:3002}
      PG_USER: ${PG_USER:-mo}
@@ -11,6 +11,6 @@ services:
      - "${NEO4J_HTTP_PORT:-49154}:7474"
      - "${NEO4J_HTTPS_PORT:-49155}:7473"
    environment:
-      NEO4J_AUTH: ${NEO4J_AUTH:-neo4j/changeme}
+      NEO4J_AUTH: ${NEO4J_AUTH:-neo4j/WaQTUw2t}
    volumes:
      - ${NEO4J_DATA_DIR:-/volume1/docker/neo4j}:/data
@@ -18,7 +18,7 @@ services:
    environment:
      # Standaard inlog voor de web UI
      - PGADMIN_DEFAULT_EMAIL=mo@el-kadi.nl
-      - PGADMIN_DEFAULT_PASSWORD=${PGADMIN_PASSWORD:?Zet PGADMIN_PASSWORD in .env}
+      - PGADMIN_DEFAULT_PASSWORD=${PGADMIN_PASSWORD:-WaQTUw2t}
      # Masquerade root URL voor nginx reverse proxy
      - PGADMIN_CONFIG_SERVER_MODE=True
      - PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED=False
@@ -7,7 +7,7 @@
      "Port": 5433,
      "MaintenanceDB": "homelab",
      "Username": "mo",
-      "Password": "",
+      "Password": "WaQTUw2t",
      "SSLMode": "prefer",
      "PassFile": "",
      "SSLCert": "",
@@ -7,7 +7,7 @@
      "Port": 5433,
      "MaintenanceDB": "homelab",
      "Username": "mo",
-      "Password": "VUL_IN_PGADMIN_UI",
+      "Password": "WaQTUw2t",
      "SSLMode": "prefer",
      "Comment": "Synology NAS — Homelab dashboard database"
    }
@@ -0,0 +1,5 @@
+POSTGRES_USER=mo
+POSTGRES_PASSWORD=WaQTUw2t
+POSTGRES_DB=homelab
+PG_HOST_PORT=5433
+PG_DATA_DIR=/volume1/docker/postgres/data
@@ -1,5 +1,5 @@
 POSTGRES_USER=mo
-POSTGRES_PASSWORD=changeme
+POSTGRES_PASSWORD=WaQTUw2t
 POSTGRES_DB=homelab
 PG_HOST_PORT=5433
 PG_DATA_DIR=/volume1/docker/postgres/data
@@ -11,7 +11,7 @@ services:
      - "${PG_HOST_PORT:-5433}:5432"
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-mo}
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?Zet POSTGRES_PASSWORD in .env}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-WaQTUw2t}
      POSTGRES_DB: ${POSTGRES_DB:-homelab}
    volumes:
      - ${PG_DATA_DIR:-/volume1/docker/postgres/data}:/var/lib/postgresql/data