| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- common_timezone: 'Etc/UTC'
- admin_email: "{{ main_user_name }}@{{ domain }}"
- main_user_shell: "/bin/bash"
- friendly_networks:
- - ""
-
- db_admin_username: 'postgres'
- db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password length=32') }}"
-
- # let's encrypt
- letsencrypt_server: "https://acme-v02.api.letsencrypt.org/directory"
-
- # ssh
- # Following https://infosec.mozilla.org/guidelines/openssh
- kex_algorithms: "curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256"
- ciphers: "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr"
- macs: "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com"
-
- subdomains:
- - "{{ server_name }}"
- - "www"
- - "mail"
- - "autoconfig"
- - "stats"
- - "news"
- - "cloud"
- - "git"
- - "matrix"
- - "status"
- - "social"
- - "comments"
- - "iot"
- - "wiki"
- - "jitsi"
- - "kanboard"
- - "chat"
- - "users"
- - "survey"
-
- # ntp
- ntp_servers:
- - 0.pool.ntp.org
- - 1.pool.ntp.org
- - 2.pool.ntp.org
- - 3.pool.ntp.org
|
