Browse Source

Add common default vars to role

Allen Riddell 8 years ago
parent
commit
9f34027d8b
3 changed files with 36 additions and 1 deletions
  1. 1
    0
      .gitignore
  2. 4
    0
      group_vars/sovereign
  3. 31
    1
      roles/common/defaults/main.yml

+ 1
- 0
.gitignore View File

@@ -1,3 +1,4 @@
1 1
 .vagrant
2 2
 vagrant_ansible_inventory_default
3 3
 tests.pyc
4
+secret

+ 4
- 0
group_vars/sovereign View File

@@ -0,0 +1,4 @@
1
+# required variables
2
+# ------------------
3
+# domain: (required)
4
+# main_user_name: (required)

+ 31
- 1
roles/common/defaults/main.yml View File

@@ -1,4 +1,34 @@
1 1
 common_timezone: 'Etc/UTC'
2
+admin_email: "{{ main_user_name }}@{{ domain }}"
3
+main_user_shell: "/bin/bash"
4
+friendly_networks:
5
+  - ""
2 6
 
3 7
 # encfs
4
-encfs_password: "{{ lookup('password', 'credentials/' + role + '/encfs_password' length=32') }}"
8
+secret_root: '{{ inventory_dir | realpath }}'
9
+secret_name: 'secret'
10
+secret: '{{ secret_root + "/" + secret_name }}'
11
+encfs_password: "{{ lookup('password', secret + '/' + 'encfs_password', length=32) }}"
12
+
13
+
14
+# let's encrypt
15
+letsencrypt_server: "https://acme-v01.api.letsencrypt.org/directory"
16
+
17
+# ssh
18
+kex_algorithms: "diffie-hellman-group-exchange-sha256"
19
+ciphers: "aes256-ctr,aes192-ctr,aes128-ctr"
20
+macs: "hmac-sha2-512,hmac-sha2-256,hmac-ripemd160"
21
+
22
+# ntp
23
+ntp_servers:
24
+  # use nearby ntp servers by default
25
+  - 0.pool.ntp.org
26
+  - 1.pool.ntp.org
27
+  - 2.pool.ntp.org
28
+  - 3.pool.ntp.org
29
+  # use servers tailored to the server location
30
+  # See http://www.pool.ntp.org/en/use.html
31
+  # - 0.north-america.pool.ntp.org
32
+  # - 1.north-america.pool.ntp.org
33
+  # - 2.north-america.pool.ntp.org
34
+  # - 3.north-america.pool.ntp.org

Loading…
Cancel
Save