yves
/
home-server
1
0
Fork 0
Code Issues 8 Pull Requests Releases Wiki Activity
home-server/env/prod/group_vars/all/all.yaml

84 lines
3.3 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

---
# The home-server project produces a multi-purpose setup using Ansible.
# Copyright © 20182023 Y. Gablin, under the GPL-3.0-or-later license.
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
env: prod
# Short personal nickname that will be mostly used as part of filenames under /etc.
nickname: personal
# Hostname and IPv4 address of the DMZ.
DMZ: dmz
DMZ_IP: 192.168.1.254
# Hostname and IPv4 address of the back-end server (with all the data).
SafeZone: home
SafeZone_IP: 192.168.1.253
# Domain names that the certificate should cover.
acme_domains: 'example.org muc.example.org pubsub.example.org ssh.example.org'
# Public key that Ansible will use to manage the server, and IP address of the controller PC.
# The public key (`….pub` file) is generated as the result of running `ssh-keygen -t ed25519`.
ansible_authorized_key: 'ssh-ed25519 AAAA0000bbbb1111CCCC2222dddd3333EEEE4444ffff5555GGGG6666hhhh7777IIII me@my-pc'
ansible_master: 192.168.1.252
# The email address associated to root, for commits in the git repository that stores changes to /etc.
git_contact_email: hostmaster@example.org
# Subdomain-name that will serve DNS packets for Iodine (DNS tunnel). Choose it short!
iodine_domain: dt.example.org
# Additional ACL for LDAP.
# This is typically used to give extra powers to users, for example regarding aliases management.
ldap_extra_acl: |
access to dn.subtree="ou=Aliases,dc=example,dc=org"
by dn.base="uid=me,ou=Users,dc=example,dc=org" write
by self read
by * read
# Root of the LDAP directory. Usually the domain-name with commas instead of dots, and “dc=” in front of each level.
ldap_root: dc=example,dc=org
# Non-system mail aliases (stored in LDAP, in contrast to system aliases, which are stored in /etc/mail/aliases).
# Each entry in the list contains:
# — alias: a unique mail alias, either new or with existing associated recipients;
# — member: the login name of the user to add as a recipient for the alias.
mail_alias_memberships: '[
{"alias": "shop", "member": "you"},
{"alias": "throwable", "member": "me"},
{"alias": "family", "member": "me"},
{"alias": "family", "member": "you"}
]'
# DKIM selector to use (see http://yalis.fr/cms/index.php/post/2014/01/31/Why-buy-a-domain-name-Secure-mail%2E).
# See the “dmz_exim” role for the storage of the private and public keys.
mail_dkim_selector: home
# All local mail destinations, which include managed domains, as well as host names.
mail_local_domains: 'home dmz localhost example.org *.example.org *.local'
# Motion monitored cameras
motion_cameras: '[
{
"id": 1, "name": "street door",
"url": "rtsp://user:password@street.example.org:554/videoMain",
"width": 640, "height": 360,
"mask_file": "example_mask_640_360.pgm",
"framerate": 5
},
{
"id": 2, "name": "garden door",
"url": "rtsp://user:password@garden.example.org:554/videoMain",
"width": 640, "height": 360,
"mask_file": null,
"framerate": 5
}
]'
# Start Of Authority: the root domain name configured on the server.
net_soa: example.org
# Space-separated list of the XMPP accounts that are considered administrators of the XMPP service.
xmpp_admins: 'me@example.org'
Reference in New Issue View Git Blame Copy Permalink