68 lines
2.7 KiB
YAML
68 lines
2.7 KiB
YAML
---
|
||
# The home-server project produces a multi-purpose setup using Ansible.
|
||
# Copyright © 2018–2023 Y. Gablin, under the GPL-3.0-or-later license.
|
||
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
|
||
env: dev
|
||
|
||
# Short personal nickname that will be mostly used as part of filenames under /etc.
|
||
nickname: mydev
|
||
|
||
# Hostname and IPv4 address of the DMZ.
|
||
DMZ: front-dev
|
||
DMZ_IP: 10.0.2.4
|
||
|
||
# Hostname and IPv4 address of the back-end server (with all the data).
|
||
SafeZone: back-dev
|
||
SafeZone_IP: 10.0.2.3
|
||
|
||
# Domain names that the certificate should cover.
|
||
acme_domains: 'mydev.uk muc.mydev.uk pubsub.mydev.uk ssh.mydev.uk'
|
||
|
||
# Public key that Ansible will use to manage the server, and IP address of the controller PC.
|
||
# The public key (`….pub` file) is generated as the result of running `ssh-keygen -t ed25519`.
|
||
ansible_authorized_key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsidHzJhnXXRdWo4NUVmkMORcNN9k9RYaU4eSYgZ3hW me@my-pc'
|
||
ansible_master: 192.168.1.252
|
||
|
||
# The email address associated to root, for commits in the git repository that stores changes to /etc.
|
||
git_contact_email: hostmaster@mydev.uk
|
||
|
||
# Subdomain-name that will serve DNS packets for Iodine (DNS tunnel). Choose it short!
|
||
iodine_domain: dt.mydev.uk
|
||
|
||
# Additional ACL for LDAP.
|
||
# This is typically used to give extra powers to users, for example regarding aliases management.
|
||
ldap_extra_acl: |
|
||
access to dn.subtree="ou=Aliases,dc=mydev,dc=uk"
|
||
by dn.base="uid=me,ou=Users,dc=mydev,dc=uk" write
|
||
by self read
|
||
by * read
|
||
|
||
# Root of the LDAP directory. Usually the domain-name with commas instead of dots, and “dc=” in front of each level.
|
||
ldap_root: dc=mydev,dc=uk
|
||
|
||
# Non-system mail aliases (stored in LDAP, in contrast to system aliases, which are stored in /etc/mail/aliases).
|
||
# Each entry in the list contains:
|
||
# — alias: a unique mail alias, either new or with existing associated recipients;
|
||
# — member: the login name of the user to add as a recipient for the alias.
|
||
mail_alias_memberships: '[
|
||
{"alias": "us", "member": "me"},
|
||
{"alias": "us", "member": "you"}
|
||
]'
|
||
|
||
# DKIM selector to use (see http://yalis.uk/cms/index.php/post/2014/01/31/Why-buy-a-domain-name-Secure-mail%2E).
|
||
# See the “dmz_exim” role for the storage of the private and public keys.
|
||
mail_dkim_selector: back-dev
|
||
|
||
# All local mail destinations, which include managed domains, as well as host names.
|
||
mail_local_domains: 'back-dev front-dev localhost mydev.uk *.mydev.uk *.local'
|
||
|
||
# Motion monitored cameras
|
||
motion_cameras: '[
|
||
]'
|
||
|
||
# Start Of Authority: the root domain name configured on the server.
|
||
net_soa: mydev.uk
|
||
|
||
# Space-separated list of the XMPP accounts that are considered administrators of the XMPP service.
|
||
xmpp_admins: 'me@mydev.uk you@mydev.uk'
|