No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

defaults.yml 4.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141
  1. ---
  2. ###############################################################################
  3. # DO NOT EDIT. Set your variables in `vars/user.yml` instead.
  4. # This is a reference of all the variables.
  5. ###############################################################################
  6. # # common
  7. common_timezone: 'Etc/UTC'
  8. # domain: (required)
  9. # main_user_name: (required)
  10. admin_email: "{{ main_user_name }}@{{ domain }}"
  11. main_user_shell: "/bin/bash"
  12. # encfs_password: (required)
  13. friendly_networks:
  14. - ""
  15. letsencrypt_server: "https://acme-v01.api.letsencrypt.org/directory"
  16. # ssh
  17. kex_algorithms: "diffie-hellman-group-exchange-sha256"
  18. ciphers: "aes256-ctr,aes192-ctr,aes128-ctr"
  19. macs: "hmac-sha2-512,hmac-sha2-256,hmac-ripemd160"
  20. # ntp
  21. ntp_servers:
  22. # use nearby ntp servers by default
  23. - 0.pool.ntp.org
  24. - 1.pool.ntp.org
  25. - 2.pool.ntp.org
  26. - 3.pool.ntp.org
  27. # use servers tailored to the server location
  28. # See http://www.pool.ntp.org/en/use.html
  29. # - 0.north-america.pool.ntp.org
  30. # - 1.north-america.pool.ntp.org
  31. # - 2.north-america.pool.ntp.org
  32. # - 3.north-america.pool.ntp.org
  33. # collectd
  34. collectd_version: 5.4.1
  35. collectd_librato_version: 0.0.10
  36. collectd_librato_email: "" # (optional)
  37. collectd_librato_api_token: "" # (optional)
  38. # google authenticator
  39. google_auth_version: 1.0
  40. # database
  41. db_admin_username: 'postgres'
  42. # db_admin_password: (required)
  43. # ircbouncer
  44. znc_version: 1.4
  45. # irc_nick: (required)
  46. # irc_ident: (required)
  47. # irc_realname: (required)
  48. # irc_quitmsg: (required)
  49. # irc_password_hash: (required)
  50. # irc_password_salt: (required)
  51. # mailserver
  52. mail_server_hostname: "mail.{{ domain }}"
  53. mail_server_autoconfig_hostname: "autoconfig.{{ domain }}"
  54. mail_db_username: mailuser
  55. # mail_db_password: (required)
  56. mail_db_database: mailserver
  57. # mail_virtual_domains: (required)
  58. # mail_virtual_users: (required)
  59. # mail_virtual_aliases: (required)
  60. mail_db_opendmarc_username: opendmarc
  61. # mail_db_opendmarc_password: (required)
  62. mail_db_opendmarc_database: opendmarc
  63. # z-push
  64. zpush_version: 2.1.1-1788
  65. # owncloud
  66. owncloud_domain: "cloud.{{ domain }}"
  67. owncloud_db_username: owncloud
  68. # owncloud_db_password: (required)
  69. owncloud_db_database: owncloud
  70. # tarsnap
  71. tarsnap_version: 1.0.36.1
  72. # vpn
  73. # Notes about security: https://blog.g3rt.nl/openvpn-security-tips.html
  74. # Check privacy: http://witch.valdikss.org.ru/
  75. # openvpn_key_country: (required)
  76. # openvpn_key_province: (required)
  77. # openvpn_key_city: (required)
  78. # openvpn_key_org: (required)
  79. # openvpn_key_ou: (required)
  80. openvpn_days_valid: "1825"
  81. openssl_request_subject: "/C={{ openvpn_key_country }}/ST={{ openvpn_key_province }}/L={{ openvpn_key_city }}/O={{ openvpn_key_org }}/OU={{ openvpn_key_ou }}"
  82. openvpn_key_size: "2048"
  83. openvpn_cipher: "AES-256-CBC"
  84. openvpn_auth_digest: "SHA512"
  85. openvpn_path: "/etc/openvpn"
  86. openvpn_ca: "{{ openvpn_path }}/ca"
  87. openvpn_dhparam: "{{ openvpn_path }}/dh{{ openvpn_key_size }}.pem"
  88. openvpn_hmac_firewall: "{{ openvpn_path }}/ta.key"
  89. openvpn_server: "{{ domain }}"
  90. openvpn_port: "1194"
  91. openvpn_protocol: "udp"
  92. openvpn_mtu: "1300"
  93. openvpn_verb: "3" # "0" for anonymity
  94. # uncomment for openvpn 2.3.3 and >2.3.4
  95. openvpn_tls_version_min: "" # "tls-version-min 1.2"
  96. openvpn_tls_cipher: "" # "tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
  97. # openvpn_clients: (required)
  98. # webmail
  99. webmail_domain: "{{ mail_server_hostname }}"
  100. webmail_db_username: "roundcube"
  101. # webmail_db_password: (required)
  102. webmail_db_database: "roundcube"
  103. carddav_version: "1.0.0"
  104. # xmpp
  105. prosody_admin: "{{ admin_email }}"
  106. prosody_virtual_domain: "{{ domain }}"
  107. # prosody_accounts: (required)
  108. # news
  109. selfoss_domain: "news.{{ domain }}"
  110. selfoss_db_username: selfoss
  111. # selfoss_db_password: (required)
  112. selfoss_db_database: selfoss
  113. selfoss_version: 2.14
  114. # git
  115. cgit_version: 0.12
  116. cgit_domain: "git.{{ domain }}"
  117. gitolite_version: 3.6.4
  118. # wallabag
  119. wallabag_version: 1.9.1
  120. wallabag_domain: "read.{{ domain }}"
  121. # wallabag_salt: (required)
  122. wallabag_db_username: wallabag
  123. # wallabag_db_password: (required)
  124. wallabag_db_database: wallabag