No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

defaults.yml 4.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137
  1. ---
  2. ###############################################################################
  3. # DO NOT EDIT. Set your variables in `vars/user.yml` instead.
  4. # This is a reference of all the variables.
  5. ###############################################################################
  6. # # common
  7. common_timezone: 'Etc/UTC'
  8. # domain: (required)
  9. # main_user_name: (required)
  10. admin_email: "{{ main_user_name }}@{{ domain }}"
  11. main_user_shell: "/bin/bash"
  12. # encfs_password: (required)
  13. friendly_networks:
  14. - ""
  15. letsencrypt_server: "https://acme-v01.api.letsencrypt.org/directory"
  16. # ssh
  17. kex_algorithms: "diffie-hellman-group-exchange-sha256"
  18. ciphers: "aes256-ctr,aes192-ctr,aes128-ctr"
  19. macs: "hmac-sha2-512,hmac-sha2-256,hmac-ripemd160"
  20. # ntp
  21. ntp_servers:
  22. # use nearby ntp servers by default
  23. - 0.pool.ntp.org
  24. - 1.pool.ntp.org
  25. - 2.pool.ntp.org
  26. - 3.pool.ntp.org
  27. # use servers tailored to the server location
  28. # See http://www.pool.ntp.org/en/use.html
  29. # - 0.north-america.pool.ntp.org
  30. # - 1.north-america.pool.ntp.org
  31. # - 2.north-america.pool.ntp.org
  32. # - 3.north-america.pool.ntp.org
  33. # collectd
  34. collectd_version: 5.4.1
  35. collectd_librato_version: 0.0.10
  36. collectd_librato_email: "" # (optional)
  37. collectd_librato_api_token: "" # (optional)
  38. # database
  39. db_admin_username: 'postgres'
  40. # db_admin_password: (required)
  41. # ircbouncer
  42. # irc_nick: (required)
  43. # irc_ident: (required)
  44. # irc_realname: (required)
  45. # irc_quitmsg: (required)
  46. # irc_password_hash: (required)
  47. # irc_password_salt: (required)
  48. # mailserver
  49. mail_server_hostname: "mail.{{ domain }}"
  50. mail_server_autoconfig_hostname: "autoconfig.{{ domain }}"
  51. mail_db_username: mailuser
  52. # mail_db_password: (required)
  53. mail_db_database: mailserver
  54. # mail_virtual_domains: (required)
  55. # mail_virtual_users: (required)
  56. # mail_virtual_aliases: (required)
  57. mail_db_opendmarc_username: opendmarc
  58. # mail_db_opendmarc_password: (required)
  59. mail_db_opendmarc_database: opendmarc
  60. # z-push
  61. zpush_version: 2.1.1-1788
  62. # owncloud
  63. owncloud_domain: "cloud.{{ domain }}"
  64. owncloud_db_username: owncloud
  65. # owncloud_db_password: (required)
  66. owncloud_db_database: owncloud
  67. # tarsnap
  68. tarsnap_version: 1.0.36.1
  69. # vpn
  70. # Notes about security: https://blog.g3rt.nl/openvpn-security-tips.html
  71. # Check privacy: http://witch.valdikss.org.ru/
  72. # openvpn_key_country: (required)
  73. # openvpn_key_province: (required)
  74. # openvpn_key_city: (required)
  75. # openvpn_key_org: (required)
  76. # openvpn_key_ou: (required)
  77. openvpn_days_valid: "1825"
  78. openssl_request_subject: "/C={{ openvpn_key_country }}/ST={{ openvpn_key_province }}/L={{ openvpn_key_city }}/O={{ openvpn_key_org }}/OU={{ openvpn_key_ou }}"
  79. openvpn_key_size: "2048"
  80. openvpn_cipher: "AES-256-CBC"
  81. openvpn_auth_digest: "SHA512"
  82. openvpn_path: "/etc/openvpn"
  83. openvpn_ca: "{{ openvpn_path }}/ca"
  84. openvpn_dhparam: "{{ openvpn_path }}/dh{{ openvpn_key_size }}.pem"
  85. openvpn_hmac_firewall: "{{ openvpn_path }}/ta.key"
  86. openvpn_server: "{{ domain }}"
  87. openvpn_port: "1194"
  88. openvpn_protocol: "udp"
  89. openvpn_mtu: "1300"
  90. openvpn_verb: "3" # "0" for anonymity
  91. # uncomment for openvpn 2.3.3 and >2.3.4
  92. openvpn_tls_version_min: "" # "tls-version-min 1.2"
  93. openvpn_tls_cipher: "" # "tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
  94. # openvpn_clients: (required)
  95. # webmail
  96. webmail_domain: "{{ mail_server_hostname }}"
  97. webmail_db_username: "roundcube"
  98. # webmail_db_password: (required)
  99. webmail_db_database: "roundcube"
  100. carddav_version: "1.0.0"
  101. # xmpp
  102. prosody_admin: "{{ admin_email }}"
  103. prosody_virtual_domain: "{{ domain }}"
  104. # prosody_accounts: (required)
  105. # news
  106. selfoss_domain: "news.{{ domain }}"
  107. selfoss_db_username: selfoss
  108. # selfoss_db_password: (required)
  109. selfoss_db_database: selfoss
  110. selfoss_version: 2.14
  111. # git
  112. cgit_version: 0.12
  113. cgit_domain: "git.{{ domain }}"
  114. gitolite_version: 3.6.4
  115. # wallabag
  116. wallabag_version: 1.9.1
  117. wallabag_domain: "read.{{ domain }}"
  118. # wallabag_salt: (required)
  119. wallabag_db_username: wallabag
  120. # wallabag_db_password: (required)
  121. wallabag_db_database: wallabag