123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 |
- ---
- ###############################################################################
- # DO NOT EDIT. Set your variables in `vars/user.yml` instead.
- # This is a reference of all the variables.
- ###############################################################################
-
- # # common
- common_timezone: 'Etc/UTC'
- # domain: (required)
- # main_user_name: (required)
- admin_email: "{{ main_user_name }}@{{ domain }}"
- main_user_shell: "/bin/bash"
- # encfs_password: (required)
- friendly_networks:
- - ""
- letsencrypt_server: "https://acme-v01.api.letsencrypt.org/directory"
- subdomains: "www.{{ domain }},mail.{{ domain }},autoconfig.{{ domain }},read.{{ domain }},news.{{ domain }},cloud.{{ domain }},git.{{ domain }}"
-
- # ssh
- kex_algorithms: "diffie-hellman-group-exchange-sha256"
- ciphers: "aes256-ctr,aes192-ctr,aes128-ctr"
- macs: "hmac-sha2-512,hmac-sha2-256,hmac-ripemd160"
-
- # ntp
- ntp_servers:
- # use nearby ntp servers by default
- - 0.pool.ntp.org
- - 1.pool.ntp.org
- - 2.pool.ntp.org
- - 3.pool.ntp.org
- # use servers tailored to the server location
- # See http://www.pool.ntp.org/en/use.html
- # - 0.north-america.pool.ntp.org
- # - 1.north-america.pool.ntp.org
- # - 2.north-america.pool.ntp.org
- # - 3.north-america.pool.ntp.org
-
- # collectd
- collectd_version: 5.4.1
- collectd_librato_version: 0.0.10
- collectd_librato_email: "" # (optional)
- collectd_librato_api_token: "" # (optional)
-
- # google authenticator
- google_auth_version: 1.0
-
- # database
- db_admin_username: 'postgres'
- # db_admin_password: (required)
-
- # ircbouncer
- znc_version: 1.4
- # irc_nick: (required)
- # irc_ident: (required)
- # irc_realname: (required)
- # irc_quitmsg: (required)
- # irc_password_hash: (required)
- # irc_password_salt: (required)
-
- # mailserver
- mail_server_hostname: "mail.{{ domain }}"
- mail_server_autoconfig_hostname: "autoconfig.{{ domain }}"
- mail_db_username: mailuser
- # mail_db_password: (required)
- mail_db_database: mailserver
- # mail_virtual_domains: (required)
- # mail_virtual_users: (required)
- # mail_virtual_aliases: (required)
- mail_db_opendmarc_username: opendmarc
- # mail_db_opendmarc_password: (required)
- mail_db_opendmarc_database: opendmarc
-
- # z-push
- zpush_version: 2.1.1-1788
-
- # owncloud
- owncloud_domain: "cloud.{{ domain }}"
- owncloud_db_username: owncloud
- # owncloud_db_password: (required)
- owncloud_db_database: owncloud
-
- # tarsnap
- tarsnap_version: 1.0.36.1
-
- # vpn
- # Notes about security: https://blog.g3rt.nl/openvpn-security-tips.html
- # Check privacy: http://witch.valdikss.org.ru/
- # openvpn_key_country: (required)
- # openvpn_key_province: (required)
- # openvpn_key_city: (required)
- # openvpn_key_org: (required)
- # openvpn_key_ou: (required)
- openvpn_days_valid: "1825"
- openssl_request_subject: "/C={{ openvpn_key_country }}/ST={{ openvpn_key_province }}/L={{ openvpn_key_city }}/O={{ openvpn_key_org }}/OU={{ openvpn_key_ou }}"
- openvpn_key_size: "2048"
- openvpn_cipher: "AES-256-CBC"
- openvpn_auth_digest: "SHA512"
- openvpn_path: "/etc/openvpn"
- openvpn_ca: "{{ openvpn_path }}/ca"
- openvpn_dhparam: "{{ openvpn_path }}/dh{{ openvpn_key_size }}.pem"
- openvpn_hmac_firewall: "{{ openvpn_path }}/ta.key"
- openvpn_server: "{{ domain }}"
- openvpn_port: "1194"
- openvpn_protocol: "udp"
- openvpn_mtu: "1300"
- openvpn_verb: "3" # "0" for anonymity
- # uncomment for openvpn 2.3.3 and >2.3.4
- openvpn_tls_version_min: "" # "tls-version-min 1.2"
- openvpn_tls_cipher: "" # "tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
- # openvpn_clients: (required)
-
- # webmail
- webmail_domain: "{{ mail_server_hostname }}"
- webmail_db_username: "roundcube"
- # webmail_db_password: (required)
- webmail_db_database: "roundcube"
- carddav_version: "1.0.0"
-
- # xmpp
- prosody_admin: "{{ admin_email }}"
- prosody_virtual_domain: "{{ domain }}"
- # prosody_accounts: (required)
-
- # news
- selfoss_domain: "news.{{ domain }}"
- selfoss_db_username: selfoss
- # selfoss_db_password: (required)
- selfoss_db_database: selfoss
- selfoss_version: 2.14
-
- # git
- cgit_version: 0.12
- cgit_domain: "git.{{ domain }}"
- gitolite_version: 3.6.4
-
- # wallabag
- wallabag_version: 1.9.1
- wallabag_domain: "read.{{ domain }}"
- # wallabag_salt: (required)
- wallabag_db_username: wallabag
- # wallabag_db_password: (required)
- wallabag_db_database: wallabag
|