2020-12-23 01:17:14 +01:00
|
|
|
---
|
2021-01-04 21:52:10 +01:00
|
|
|
postgres_users_no_log: false
|
2020-12-23 01:17:14 +01:00
|
|
|
users:
|
|
|
|
l3d:
|
|
|
|
- l3d@pinkie.l3d.yt
|
|
|
|
- l3d@mobile.l3d.yt
|
|
|
|
- l3d@backup.l3d.yt
|
|
|
|
- l3d@derpy.l3d.yt
|
|
|
|
- l3d@backup-rsa.l3d.yt
|
|
|
|
- l3d@business.wingcon.com
|
|
|
|
webwaffel:
|
|
|
|
- l3d@pinkie.l3d.yt
|
|
|
|
- l3d@mobile.l3d.yt
|
|
|
|
- l3d@backup.l3d.yt
|
|
|
|
- l3d@derpy.l3d.yt
|
|
|
|
- l3d@backup-rsa.l3d.yt
|
|
|
|
- l3d@business.wingcon.com
|
2021-01-01 04:50:47 +01:00
|
|
|
webwaffelpodcast:
|
|
|
|
- l3d@pinkie.l3d.yt
|
|
|
|
- l3d@mobile.l3d.yt
|
|
|
|
- l3d@backup.l3d.yt
|
|
|
|
- l3d@derpy.l3d.yt
|
|
|
|
- l3d@backup-rsa.l3d.yt
|
|
|
|
- l3d@business.wingcon.com
|
2021-02-18 23:59:46 +01:00
|
|
|
wtfpreview:
|
|
|
|
- l3d@pinkie.l3d.yt
|
|
|
|
- l3d@mobile.l3d.yt
|
|
|
|
- l3d@backup.l3d.yt
|
|
|
|
- l3d@derpy.l3d.yt
|
|
|
|
- l3d@backup-rsa.l3d.yt
|
|
|
|
- l3d@business.wingcon.com
|
2021-03-15 20:28:21 +01:00
|
|
|
files:
|
|
|
|
- l3d@pinkie.l3d.yt
|
|
|
|
- l3d@mobile.l3d.yt
|
|
|
|
- l3d@backup.l3d.yt
|
|
|
|
- l3d@derpy.l3d.yt
|
|
|
|
- l3d@backup-rsa.l3d.yt
|
|
|
|
- l3d@business.wingcon.com
|
2021-01-01 04:50:47 +01:00
|
|
|
|
2021-01-28 19:09:43 +01:00
|
|
|
sshd__allowed_users:
|
|
|
|
- "root"
|
|
|
|
- "ansible"
|
|
|
|
- "l3d"
|
|
|
|
- "webwaffel"
|
|
|
|
- "webwaffelpodcast"
|
|
|
|
- "gitea"
|
2021-02-18 23:59:46 +01:00
|
|
|
- "wtfpreview"
|
2021-03-15 20:44:45 +01:00
|
|
|
- "files"
|
2021-01-28 19:09:43 +01:00
|
|
|
|
|
|
|
sshd__allowed_groups:
|
|
|
|
- "root"
|
|
|
|
- "ansible"
|
|
|
|
- "l3d"
|
|
|
|
- "webwaffel"
|
|
|
|
- "webwaffelpodcast"
|
|
|
|
- "gitea"
|
2021-02-18 23:59:46 +01:00
|
|
|
- "wtfpreview"
|
2021-03-15 20:44:45 +01:00
|
|
|
- "files"
|
2020-12-23 01:17:14 +01:00
|
|
|
|
|
|
|
accounts:
|
2021-02-18 23:59:46 +01:00
|
|
|
- 'l3d'
|
|
|
|
- 'webwaffel'
|
|
|
|
- 'webwaffelpodcast'
|
|
|
|
- 'wtfpreview'
|
2021-03-15 20:44:45 +01:00
|
|
|
- "files"
|
2020-12-23 01:17:14 +01:00
|
|
|
|
|
|
|
nginx_sites:
|
2020-12-24 17:56:40 +01:00
|
|
|
- name: 'c3woc.de'
|
2020-12-23 01:17:14 +01:00
|
|
|
webroot:
|
|
|
|
user: 'webwaffel'
|
2020-12-24 17:56:40 +01:00
|
|
|
- name: 'www.c3woc.de'
|
2021-01-01 20:54:49 +01:00
|
|
|
- name: 'waffel.tv'
|
|
|
|
- name: 'www.waffel.tv'
|
2020-12-24 17:56:40 +01:00
|
|
|
- name: 'c3woc.org'
|
2021-02-25 00:44:25 +01:00
|
|
|
- name: 'waffel.li'
|
|
|
|
- name: 'www.waffel.li'
|
2020-12-24 01:29:10 +01:00
|
|
|
- name: 'www.c3woc.org'
|
2020-12-24 01:36:49 +01:00
|
|
|
- name: 'c3woc.eu'
|
|
|
|
- name: 'www.c3woc.eu'
|
2020-12-24 01:41:58 +01:00
|
|
|
- name: 'c3woc.cn'
|
|
|
|
- name: 'www.c3woc.cn'
|
2021-01-01 06:02:28 +01:00
|
|
|
- name: 'waffeln.eskalieren.jetzt'
|
|
|
|
- name: 'waffeln.fehlerfrei.org'
|
|
|
|
- name: 'www.waffeln.fehlerfrei.org'
|
2021-02-07 05:41:48 +01:00
|
|
|
- name: 'waffel.shop'
|
|
|
|
- name: 'www.waffel.shop'
|
2021-01-01 02:52:42 +01:00
|
|
|
- name: 'l3d.space'
|
|
|
|
- name: 'www.l3d.space'
|
|
|
|
- name: 'ansible.l3d.space'
|
|
|
|
- name: 'www.ansible.l3d.space'
|
2021-02-06 17:48:53 +01:00
|
|
|
- name: 'l3d.yt'
|
|
|
|
- name: 'www.l3d.yt'
|
2021-02-07 05:26:03 +01:00
|
|
|
- name: 'l3d.ch'
|
|
|
|
- name: 'www.l3d.ch'
|
2021-02-07 05:41:48 +01:00
|
|
|
- name: 'l3d.me'
|
|
|
|
- name: 'www.l3d.me'
|
2021-01-01 04:50:47 +01:00
|
|
|
- name: 'podcast.c3woc.de'
|
|
|
|
webroot:
|
|
|
|
user: 'webwaffelpodcast'
|
2021-01-01 05:07:12 +01:00
|
|
|
- name: 'www.podcast.c3woc.de'
|
|
|
|
- name: 'podcast.c3woc.org'
|
|
|
|
- name: 'www.podcast.c3woc.org'
|
|
|
|
- name: 'podcast.c3vvoc.de'
|
|
|
|
- name: 'www.podcast.c3vvoc.de'
|
2021-01-01 05:31:58 +01:00
|
|
|
- name: 'podcast.c3woc.eu'
|
|
|
|
- name: 'www.podcast.c3woc.eu'
|
2021-01-04 04:21:18 +01:00
|
|
|
- name: 'angel.systems'
|
2021-01-04 04:34:58 +01:00
|
|
|
- name: 'www.angel.systems'
|
2021-01-04 04:21:18 +01:00
|
|
|
- name: 'einhornsystem.de'
|
2021-01-04 04:34:58 +01:00
|
|
|
- name: 'www.einhornsystem.de'
|
2021-01-04 18:01:23 +01:00
|
|
|
- name: 'backwesen.de'
|
|
|
|
- name: 'www.backwesen.de'
|
2021-01-16 23:26:24 +01:00
|
|
|
- name: 'c3nom.de'
|
|
|
|
- name: 'www.c3nom.de'
|
|
|
|
- name: 'c3doc.de'
|
|
|
|
- name: 'www.c3doc.de'
|
2021-01-26 00:58:57 +01:00
|
|
|
- name: 'wtf-kooperative.de'
|
|
|
|
- name: 'www.wtf-kooperative.de'
|
2021-01-31 03:41:57 +01:00
|
|
|
- name: 'cyber.yt'
|
2021-02-18 23:59:46 +01:00
|
|
|
- name: 'preview.wtf-kooperative.de'
|
|
|
|
webroot:
|
|
|
|
user: 'wtfpreview'
|
|
|
|
- name: 'www.preview.wtf-kooperative.de'
|
2021-03-15 20:28:21 +01:00
|
|
|
- name: 'files.l3d.ch'
|
|
|
|
webroot:
|
|
|
|
user: 'files'
|
|
|
|
- name: 'www.files.l3d.ch'
|
2020-12-24 01:29:10 +01:00
|
|
|
|
2021-01-02 22:48:07 +01:00
|
|
|
acme_notification_email: "{{ _acme_notification_email }}"
|
2020-12-31 20:29:38 +01:00
|
|
|
|
|
|
|
# firewall
|
2021-01-02 22:48:07 +01:00
|
|
|
fail2ban_destemail: "{{ _fail2ban_destemail }}"
|
2020-12-31 20:29:38 +01:00
|
|
|
firewall_allowed_tcp_ports:
|
|
|
|
- "22"
|
|
|
|
- "80"
|
|
|
|
- "443"
|
2021-01-04 18:01:23 +01:00
|
|
|
|
|
|
|
# gitea settings
|
2021-01-28 19:09:43 +01:00
|
|
|
gitea_app_name: 'backwesen.de'
|
2021-01-04 18:01:23 +01:00
|
|
|
gitea_http_domain: 'backwesen.de'
|
|
|
|
gitea_root_url: 'https://backwesen.de'
|
2021-01-04 21:52:10 +01:00
|
|
|
gitea_protocol: 'http'
|
2021-01-04 18:01:23 +01:00
|
|
|
gitea_shell: '/bin/bash'
|
|
|
|
gitea_lfs_server_enabled: true
|
2021-01-04 21:52:10 +01:00
|
|
|
gitea_lfs_content_path: "{{ gitea_home }}/data/lfs"
|
2021-01-25 01:23:07 +01:00
|
|
|
gitea_lfs_jwt_secret: "{{ _gitea_lfs_jwt_secret }}"
|
2021-01-26 02:09:00 +01:00
|
|
|
gitea_oauth2_jwt_secret: "{{ _gitea_oauth2_jwt_secret }}"
|
2021-01-04 18:01:23 +01:00
|
|
|
gitea_repository_root: "{{ gitea_home }}/repos"
|
2021-01-28 19:09:43 +01:00
|
|
|
gitea_ssh_domain: "{{ gitea_http_domain }}"
|
2021-01-04 18:01:23 +01:00
|
|
|
gitea_start_ssh: "{{ _gitea_start_ssh }}"
|
2021-01-28 19:09:43 +01:00
|
|
|
gitea_ssh_port: 22
|
2021-01-29 00:26:12 +01:00
|
|
|
gitea_require_signin: false
|
2021-01-04 18:01:23 +01:00
|
|
|
|
|
|
|
# gitea db
|
2021-01-04 21:52:10 +01:00
|
|
|
gitea_db_type: mysql
|
2021-01-04 18:01:23 +01:00
|
|
|
gitea_db_host: "{{ _gitea_db_host }}"
|
|
|
|
gitea_db_name: "{{ _gitea_db_name }}"
|
|
|
|
gitea_db_user: "{{ _gitea_db_user }}"
|
|
|
|
gitea_db_password: "{{ _gitea_db_password }}"
|
|
|
|
gitea_db_ssl: "{{ _gitea_db_ssl }}"
|
|
|
|
gitea_db_path: false
|
|
|
|
|
2021-02-10 23:26:58 +01:00
|
|
|
# gitea mail
|
|
|
|
gitea_mailer_enabled: true
|
|
|
|
gitea_mailer_host: 'mail01.l3d.space:465'
|
|
|
|
gitea_mailer_from: 'git@backwesen.de'
|
|
|
|
gitea_mailer_user: 'git@backwesen.de'
|
|
|
|
gitea_mailer_password: "{{ _gitea_mail_password }}"
|
|
|
|
|
2021-01-04 18:01:23 +01:00
|
|
|
# gitea other
|
|
|
|
gitea_fail2ban_enabled: true
|
|
|
|
gitea_metrics_enabled: true
|
|
|
|
gitea_metrics_token: "{{ _gitea_metrics_token }}"
|
|
|
|
gitea_repo_indexer_enabled: true
|
2021-01-17 15:54:09 +01:00
|
|
|
gitea_enable_notify_mail: true
|
2021-01-04 18:01:23 +01:00
|
|
|
|
|
|
|
# gitea secrets
|
|
|
|
gitea_secret_key: "{{ _gitea_secret_key }}"
|
|
|
|
gitea_internal_token: "{{ _gitea_internal_token }}"
|
|
|
|
gitea_disable_git_hooks: "{{ _gitea_disable_git_hooks }}"
|
|
|
|
gitea_disable_registration: "{{ _gitea_disable_registration }}"
|
|
|
|
gitea_show_registration_button: "{{ _gitea_show_registration_button }}"
|