From 8e789c9d60eff74bd5185f199562155f57797c68 Mon Sep 17 00:00:00 2001 From: Sam & Claude Date: Sat, 20 Jun 2026 08:12:57 +0200 Subject: [PATCH] fix(freebsd): add provider.env template + setup docs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - provider.env.example: template with BW_CLIENTID, BW_CLIENTSECRET, BW_PASSWORD fields and install instructions - colibri_daemon.in: add provider.env to one-time setup steps so it's never lost on a fresh deploy The live file at /usr/local/etc/colibri/provider.env (0600) is never committed — only the template. --- packaging/freebsd/colibri_daemon.in | 3 +++ packaging/freebsd/provider.env.example | 13 +++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 packaging/freebsd/provider.env.example diff --git a/packaging/freebsd/colibri_daemon.in b/packaging/freebsd/colibri_daemon.in index 637d2ea..0dae534 100644 --- a/packaging/freebsd/colibri_daemon.in +++ b/packaging/freebsd/colibri_daemon.in @@ -14,6 +14,9 @@ # cp packaging/freebsd/colibri_daemon.in /usr/local/etc/rc.d/colibri_daemon # chmod 555 /usr/local/etc/rc.d/colibri_daemon # sysrc colibri_daemon_enable=YES # or NO during dual-run +# cp packaging/freebsd/provider.env.example /usr/local/etc/colibri/provider.env +# chmod 600 /usr/local/etc/colibri/provider.env +# $EDITOR /usr/local/etc/colibri/provider.env # fill in vault credentials # # Runtime: # service colibri_daemon start diff --git a/packaging/freebsd/provider.env.example b/packaging/freebsd/provider.env.example new file mode 100644 index 0000000..8639641 --- /dev/null +++ b/packaging/freebsd/provider.env.example @@ -0,0 +1,13 @@ +# Vaultwarden credentials — sourced by colibri_daemon pre-start. +# Install to: /usr/local/etc/colibri/provider.env +# Permissions: chmod 600, chown clawdie:clawdie +# +# Fill in the three values below. The daemon pre-start sources this +# file; colibri-vault uses BW_CLIENTID + BW_CLIENTSECRET to log in +# and BW_PASSWORD to unlock the vault before fetching secrets. + +BW_CLIENTID= +BW_CLIENTSECRET=*** +BW_PASSWORD=*** + +# BW_SERVER= # optional: vault server URL if not default -- 2.45.3