84 lines
4.0 KiB
YAML
84 lines
4.0 KiB
YAML
# --------------------------------------------------------------------------------------------------
|
|
# system:base
|
|
# --------------------------------------------------------------------------------------------------
|
|
system_base_additional_tcp_ports: "{{
|
|
services_host_services | dict2items | map(attribute='value.tcp', default=[]) | flatten }}"
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
# vpn:wireguard
|
|
# --------------------------------------------------------------------------------------------------
|
|
vpn_wireguard_port: 51820
|
|
vpn_wireguard_address: "10.66.0.{{ vpn_subnet_id }}"
|
|
vpn_wireguard_netmask: "255.255.255.252"
|
|
vpn_wireguard_subnet: "10.66.0.0/30"
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
# vpn:bridge
|
|
# --------------------------------------------------------------------------------------------------
|
|
vpn_bridge_prefix: "10.66.{{ vpn_subnet_id }}"
|
|
vpn_bridge_address: "{{ vpn_bridge_prefix }}.1"
|
|
vpn_bridge_broadcast: "{{ vpn_bridge_prefix }}.255"
|
|
vpn_bridge_netmask: "255.255.255.0"
|
|
vpn_bridge_dnat: "{{ services_host_services | dict2items |
|
|
community.general.json_query('[?@.value.tcp].
|
|
{address: value.address, ports: value.tcp}') }}"
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
# services
|
|
# --------------------------------------------------------------------------------------------------
|
|
services_root_directory: "/var/lib/{{ ansible_hostname }}"
|
|
services_home_directory: "{{ services_root_directory }}/home"
|
|
services_data_directory: "{{ services_root_directory }}/data"
|
|
services_containers_directory: "{{ services_root_directory }}/containers"
|
|
|
|
services_all_hosts: "{{ groups['asgard'] }}"
|
|
services_all_services: "{{
|
|
services_all_hosts | map('extract', hostvars, 'services_host_services') | map('dict2items') |
|
|
flatten | items2dict }}"
|
|
|
|
services:
|
|
rproxy: {}
|
|
www:
|
|
repo_user: "{{ vault_services.www.repo_user }}"
|
|
repo_token: "{{ vault_services.www.repo_token }}"
|
|
lrproxy: {}
|
|
database:
|
|
password: "{{ vault_services.database.password }}"
|
|
cloud:
|
|
domain: "{{ vault_services.cloud.domain }}"
|
|
database_name: "{{ vault_services.cloud.database_name }}"
|
|
database_user: "{{ vault_services.cloud.database_user }}"
|
|
database_password: "{{ vault_services.cloud.database_password }}"
|
|
admin_user: "{{ vault_services.cloud.admin_user }}"
|
|
admin_password: "{{ vault_services.cloud.admin_password }}"
|
|
smtp_host: "{{ vault_services.cloud.smtp_host }}"
|
|
smtp_name: "{{ vault_services.cloud.smtp_name }}"
|
|
smtp_password: "{{ vault_services.cloud.smtp_password }}"
|
|
git:
|
|
domain: "{{ vault_services.git.domain }}"
|
|
database_name: "{{ vault_services.git.database_name }}"
|
|
database_user: "{{ vault_services.git.database_user }}"
|
|
database_passwd: "{{ vault_services.git.database_passwd }}"
|
|
smtp_host: "{{ vault_services.git.smtp_host }}"
|
|
smtp_user: "{{ vault_services.git.smtp_user }}"
|
|
smtp_passwd: "{{ vault_services.git.smtp_passwd }}"
|
|
ssh_port: 2770
|
|
notes:
|
|
domain: "{{ vault_services.notes.domain }}"
|
|
database_name: "{{ vault_services.notes.database_name }}"
|
|
database_user: "{{ vault_services.notes.database_user }}"
|
|
database_password: "{{ vault_services.notes.database_password }}"
|
|
smtp_host: "{{ vault_services.notes.smtp_host }}"
|
|
smtp_name: "{{ vault_services.notes.smtp_name }}"
|
|
smtp_password: "{{ vault_services.notes.smtp_password }}"
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
# services:user_setup
|
|
# --------------------------------------------------------------------------------------------------
|
|
services_bridge_gateway: "{{ vpn_bridge_address }}"
|
|
|
|
scw_bucket_endpoint: "{{ vault_scw_bucket_endpoint }}"
|
|
scw_access_key: "{{ vault_scw_access_key }}"
|
|
scw_secret_key: "{{ vault_scw_secret_key }}"
|
|
restic_password: "{{ vault_restic_password }}"
|