2024-02-12 01:46:38 +01:00
|
|
|
---
|
2024-02-18 15:12:44 +01:00
|
|
|
l3d_users__local_users:
|
|
|
|
|
- name: 'mxusr'
|
|
|
|
|
state: 'present'
|
|
|
|
|
admin: false
|
|
|
|
|
pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
|
2024-02-12 01:46:38 +01:00
|
|
|
|
|
|
|
|
acme_domain_unwant_list: []
|
|
|
|
|
# - name: 'example.com'
|
|
|
|
|
|
|
|
|
|
nginx_sites:
|
2024-02-18 15:12:44 +01:00
|
|
|
- name: 'mx.l3d.ch'
|
2024-02-12 01:46:38 +01:00
|
|
|
webroot:
|
|
|
|
|
user: 'mxusr'
|
2024-02-18 15:12:44 +01:00
|
|
|
- name: 'node-exporter.mx.l3d.ch'
|
|
|
|
|
- name: 'nginx-exporter.mx.l3d.ch'
|
2024-02-12 01:46:38 +01:00
|
|
|
|
|
|
|
|
# letsencrypt
|
|
|
|
|
acme_notification_email: "{{ _acme_notification_email }}"
|
|
|
|
|
|
|
|
|
|
# acmetool config
|
|
|
|
|
acme_reload_services:
|
|
|
|
|
- 'nginx'
|
|
|
|
|
|
|
|
|
|
# firewall
|
|
|
|
|
fail2ban_destemail: "{{ _fail2ban_destemail }}"
|
|
|
|
|
firewall_allowed_tcp_ports:
|
|
|
|
|
- "22"
|
|
|
|
|
- "80"
|
|
|
|
|
- "443"
|
|
|
|
|
|
|
|
|
|
nginx__infrastructure_domain__enabled: false
|
|
|
|
|
|
|
|
|
|
# l3d.time.ntp
|
|
|
|
|
ntp_statistics: true
|
|
|
|
|
|
|
|
|
|
# l3d.nginx_exporter
|
|
|
|
|
nginx_exporter_listen_address: '127.0.0.1:9113'
|
|
|
|
|
nginx_exporter_scrape_uri: 'https://node-exporter.mx.l3d.ch/nginx_status'
|
