--- ############################################################################### # DO NOT EDIT. Set your variables in `vars/user.yml` instead. # This is a reference of all the variables. ############################################################################### # # common common_timezone: 'Etc/UTC' # domain: (required) # main_user_name: (required) admin_email: "{{ main_user_name }}@{{ domain }}" main_user_shell: "/bin/bash" # encfs_password: (required) friendly_networks: - "" # ssh kex_algorithms: "diffie-hellman-group-exchange-sha256" ciphers: "aes256-ctr,aes192-ctr,aes128-ctr" macs: "hmac-sha2-512,hmac-sha2-256,hmac-ripemd160" # ntp ntp_servers: # use nearby ntp servers by default - 0.pool.ntp.org - 1.pool.ntp.org - 2.pool.ntp.org - 3.pool.ntp.org # use servers tailored to the server location # See http://www.pool.ntp.org/en/use.html # - 0.north-america.pool.ntp.org # - 1.north-america.pool.ntp.org # - 2.north-america.pool.ntp.org # - 3.north-america.pool.ntp.org # collectd collectd_version: 5.4.1 collectd_librato_version: 0.0.10 collectd_librato_email: "" # (optional) collectd_librato_api_token: "" # (optional) # google authenticator google_auth_version: 1.0 # database db_admin_username: 'postgres' # db_admin_password: (required) # ircbouncer znc_version: 1.4 # irc_nick: (required) # irc_ident: (required) # irc_realname: (required) # irc_quitmsg: (required) # irc_password_hash: (required) # irc_password_salt: (required) # mailserver mail_server_hostname: "mail.{{ domain }}" mail_server_autoconfig_hostname: "autoconfig.{{ domain }}" mail_db_username: mailuser # mail_db_password: (required) mail_db_database: mailserver # mail_virtual_domains: (required) # mail_virtual_users: (required) # mail_virtual_aliases: (required) mail_db_opendmarc_username: opendmarc # mail_db_opendmarc_password: (required) mail_db_opendmarc_database: opendmarc # z-push zpush_version: 2.1.1-1788 # owncloud owncloud_domain: "cloud.{{ domain }}" owncloud_db_username: owncloud # owncloud_db_password: (required) owncloud_db_database: owncloud # tarsnap tarsnap_version: 1.0.36.1 # vpn # Notes about security: https://blog.g3rt.nl/openvpn-security-tips.html # Check privacy: http://witch.valdikss.org.ru/ # openvpn_key_country: (required) # openvpn_key_province: (required) # openvpn_key_city: (required) # openvpn_key_org: (required) # openvpn_key_ou: (required) openvpn_days_valid: "1825" openssl_request_subject: "/C={{ openvpn_key_country }}/ST={{ openvpn_key_province }}/L={{ openvpn_key_city }}/O={{ openvpn_key_org }}/OU={{ openvpn_key_ou }}" openvpn_key_size: "2048" openvpn_cipher: "AES-256-CBC" openvpn_auth_digest: "SHA512" openvpn_path: "/etc/openvpn" openvpn_ca: "{{ openvpn_path }}/ca" openvpn_dhparam: "{{ openvpn_path }}/dh{{ openvpn_key_size }}.pem" openvpn_hmac_firewall: "{{ openvpn_path }}/ta.key" openvpn_server: "{{ domain }}" openvpn_port: "1194" openvpn_protocol: "udp" openvpn_mtu: "1300" openvpn_verb: "3" # "0" for anonymity # uncomment for openvpn 2.3.3 and >2.3.4 openvpn_tls_version_min: "" # "tls-version-min 1.2" openvpn_tls_cipher: "" # "tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" # openvpn_clients: (required) # webmail webmail_domain: "{{ mail_server_hostname }}" webmail_db_username: "roundcube" # webmail_db_password: (required) webmail_db_database: "roundcube" carddav_version: "1.0.0" # xmpp prosody_admin: "{{ admin_email }}" prosody_virtual_domain: "{{ domain }}" # prosody_accounts: (required) # news selfoss_domain: "news.{{ domain }}" selfoss_db_username: selfoss # selfoss_db_password: (required) selfoss_db_database: selfoss selfoss_version: 2.14 # git cgit_version: 0.12 cgit_domain: "git.{{ domain }}" gitolite_version: 3.6.4 # wallabag wallabag_version: 1.9.1 wallabag_domain: "read.{{ domain }}" # wallabag_salt: (required) wallabag_db_username: wallabag # wallabag_db_password: (required) wallabag_db_database: wallabag