thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
681 Commits
1 Branch
Tree: 1746afcc3a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1746afcc3a'
${ noResults }
sovereign/vars/defaults.yml

defaults.yml 4.2KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. ---

  2. ###############################################################################

  3. # DO NOT EDIT. Set your variables in `vars/user.yml` instead.

  4. # This is a reference of all the variables.

  5. ###############################################################################

  6. 

  7. # # common

  8. common_timezone: 'Etc/UTC'

  9. # domain: (required)

  10. # main_user_name: (required)

  11. admin_email: "{{ main_user_name }}@{{ domain }}"

  12. main_user_shell: "/bin/bash"

  13. # encfs_password: (required)

  14. friendly_networks:

  15.   - ""

  16. letsencrypt_server: "https://acme-v01.api.letsencrypt.org/directory"

  17. subdomains: "www.{{ domain }},mail.{{ domain }},autoconfig.{{ domain }},read.{{ domain }},news.{{ domain }},cloud.{{ domain }},git.{{ domain }}"

  18. 

  19. # ssh

  20. kex_algorithms: "diffie-hellman-group-exchange-sha256"

  21. ciphers: "aes256-ctr,aes192-ctr,aes128-ctr"

  22. macs: "hmac-sha2-512,hmac-sha2-256,hmac-ripemd160"

  23. 

  24. # ntp

  25. ntp_servers:

  26.   # use nearby ntp servers by default

  27.   - 0.pool.ntp.org

  28.   - 1.pool.ntp.org

  29.   - 2.pool.ntp.org

  30.   - 3.pool.ntp.org

  31.   # use servers tailored to the server location

  32.   # See http://www.pool.ntp.org/en/use.html

  33.   # - 0.north-america.pool.ntp.org

  34.   # - 1.north-america.pool.ntp.org

  35.   # - 2.north-america.pool.ntp.org

  36.   # - 3.north-america.pool.ntp.org

  37. 

  38. # collectd

  39. collectd_version: 5.4.1

  40. collectd_librato_version: 0.0.10

  41. collectd_librato_email: "" # (optional)

  42. collectd_librato_api_token: "" # (optional)

  43. 

  44. # google authenticator

  45. google_auth_version: 1.0

  46. 

  47. # database

  48. db_admin_username: 'postgres'

  49. # db_admin_password: (required)

  50. 

  51. # ircbouncer

  52. znc_version: 1.4

  53. # irc_nick: (required)

  54. # irc_ident: (required)

  55. # irc_realname: (required)

  56. # irc_quitmsg: (required)

  57. # irc_password_hash: (required)

  58. # irc_password_salt: (required)

  59. 

  60. # mailserver

  61. mail_server_hostname: "mail.{{ domain }}"

  62. mail_server_autoconfig_hostname: "autoconfig.{{ domain }}"

  63. mail_db_username: mailuser

  64. # mail_db_password: (required)

  65. mail_db_database: mailserver

  66. # mail_virtual_domains: (required)

  67. # mail_virtual_users: (required)

  68. # mail_virtual_aliases: (required)

  69. mail_db_opendmarc_username: opendmarc

  70. # mail_db_opendmarc_password: (required)

  71. mail_db_opendmarc_database: opendmarc

  72. 

  73. # z-push

  74. zpush_version: 2.1.1-1788

  75. 

  76. # owncloud

  77. owncloud_domain: "cloud.{{ domain }}"

  78. owncloud_db_username: owncloud

  79. # owncloud_db_password: (required)

  80. owncloud_db_database: owncloud

  81. 

  82. # tarsnap

  83. tarsnap_version: 1.0.36.1

  84. 

  85. # vpn

  86. # Notes about security: https://blog.g3rt.nl/openvpn-security-tips.html

  87. # Check privacy: http://witch.valdikss.org.ru/

  88. # openvpn_key_country: (required)

  89. # openvpn_key_province: (required)

  90. # openvpn_key_city: (required)

  91. # openvpn_key_org: (required)

  92. # openvpn_key_ou: (required)

  93. openvpn_days_valid: "1825"

  94. openssl_request_subject: "/C={{ openvpn_key_country }}/ST={{ openvpn_key_province }}/L={{ openvpn_key_city }}/O={{ openvpn_key_org }}/OU={{ openvpn_key_ou }}"

  95. openvpn_key_size: "2048"

  96. openvpn_cipher: "AES-256-CBC"

  97. openvpn_auth_digest: "SHA512"

  98. openvpn_path: "/etc/openvpn"

  99. openvpn_ca: "{{ openvpn_path }}/ca"

  100. openvpn_dhparam: "{{ openvpn_path }}/dh{{ openvpn_key_size }}.pem"

  101. openvpn_hmac_firewall: "{{ openvpn_path }}/ta.key"

  102. openvpn_server: "{{ domain }}"

  103. openvpn_port: "1194"

  104. openvpn_protocol: "udp"

  105. openvpn_mtu: "1300"

  106. openvpn_verb: "3" # "0" for anonymity

  107. # uncomment for openvpn 2.3.3 and >2.3.4

  108. openvpn_tls_version_min: "" # "tls-version-min 1.2"

  109. openvpn_tls_cipher: "" # "tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"

  110. # openvpn_clients: (required)

  111. 

  112. # webmail

  113. webmail_domain: "{{ mail_server_hostname }}"

  114. webmail_db_username: "roundcube"

  115. # webmail_db_password: (required)

  116. webmail_db_database: "roundcube"

  117. carddav_version: "1.0.0"

  118. 

  119. # xmpp

  120. prosody_admin: "{{ admin_email }}"

  121. prosody_virtual_domain: "{{ domain }}"

  122. # prosody_accounts: (required)

  123. 

  124. # news

  125. selfoss_domain: "news.{{ domain }}"

  126. selfoss_db_username: selfoss

  127. # selfoss_db_password: (required)

  128. selfoss_db_database: selfoss

  129. selfoss_version: 2.14

  130. 

  131. # git

  132. cgit_version: 0.12

  133. cgit_domain: "git.{{ domain }}"

  134. gitolite_version: 3.6.4

  135. 

  136. # wallabag

  137. wallabag_version: 1.9.1

  138. wallabag_domain: "read.{{ domain }}"

  139. # wallabag_salt: (required)

  140. wallabag_db_username: wallabag

  141. # wallabag_db_password: (required)

  142. wallabag_db_database: wallabag