1
0
Fork 0
mirror of https://github.com/DO1JLR/ansible_playbook_servers.git synced 2024-09-14 19:53:56 +02:00
ansible_playbook_servers/host_vars/mail01.l3d.space/vars.yml

107 lines
2.8 KiB
YAML
Raw Normal View History

2021-01-02 02:03:34 +01:00
---
2024-02-18 15:12:44 +01:00
l3d_users__local_users:
- name: 'weechat'
state: 'present'
admin: false
pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
- name: 'mailwebuser'
state: 'present'
admin: false
pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
2021-01-02 02:03:34 +01:00
2021-01-02 21:24:29 +01:00
# mail domains
additional_dns_maildomains: 'mail.l3d.space imap.l3d.space smtp.l3d.space'
2021-01-10 04:43:05 +01:00
# mailserver
mailserver_domain: "{{ _mailserver_domain }}"
2021-01-29 19:30:12 +01:00
postfix__inet_interfaces: "127.0.0.1, ::1, {{ hostvars[ inventory_hostname ].ansible_default_ipv4.address }}, {{ hostvars[ inventory_hostname ].ansible_default_ipv6.address }}"
2021-01-10 04:43:05 +01:00
2021-01-10 03:15:31 +01:00
# mail mysql access
mailserver__mysql_password: "{{ _mailserver__mysql_password }}"
mailserver__mysql_user: "{{ _mailserver__mysql_user }}"
2021-01-11 02:12:20 +01:00
mailserver__mysql_database: "{{ _mailserver__mysql_database }}"
2021-01-10 03:15:31 +01:00
mailserver__ssl_cert: "{{ _mailserver__ssl_cert }}"
mailserver__ssl_key: "{{ _mailserver__ssl_key }}"
2021-01-11 02:12:20 +01:00
postfix__db_user: "{{ _mailserver__mysql_user }}"
postfix__db_password: "{{ _mailserver__mysql_password }}"
postfix__db_name: "{{ _mailserver__mysql_database }}"
2023-11-25 02:35:52 +01:00
acme_domain_unwant_list: []
2023-11-25 02:11:38 +01:00
# - name: 'example.com'
2021-01-02 22:19:16 +01:00
nginx_sites:
- name: 'mail.l3d.space'
webroot:
user: 'mailwebuser'
2021-07-01 21:49:02 +02:00
- name: "{{ mailserver_domain }}"
2023-11-25 02:11:38 +01:00
- name: 'node-exporter.mail01.l3d.space'
2023-11-25 02:35:52 +01:00
- name: 'nginx-exporter.mail01.l3d.space'
2021-01-02 22:19:16 +01:00
2021-01-02 22:48:07 +01:00
# letsencrypt
acme_notification_email: "{{ _acme_notification_email }}"
2021-01-02 22:19:16 +01:00
2023-10-30 02:05:53 +01:00
# acmetool config
acme_reload_services:
- 'nginx'
acme_restart_services:
- 'rspamd'
- 'dovecot'
- 'unbound'
- 'redis-server'
2021-01-02 02:03:34 +01:00
# firewall
2021-01-02 22:48:07 +01:00
fail2ban_destemail: "{{ _fail2ban_destemail }}"
2021-01-02 02:03:34 +01:00
firewall_allowed_tcp_ports:
- "22"
- "25"
- "80"
2021-01-25 23:36:27 +01:00
- "143"
2021-01-02 02:03:34 +01:00
- "443"
2021-01-25 23:36:27 +01:00
- "465"
- "587"
- "993"
- "4190"
2021-05-27 17:16:52 +02:00
- "42023"
2021-01-02 22:37:59 +01:00
# mysql
2021-01-02 22:55:59 +01:00
mysql_bind_address: "{{ _mysql_bind_address }}"
mysql_root_password: "{{ _mysql_root_password }}"
2021-01-03 01:01:18 +01:00
2021-05-27 16:19:52 +02:00
# weechat
weechat__install: true
weechat__autostart: true
weechat__user: 'weechat'
weechat__home_directory: '/home/weechat'
weechat__install_plugins: true
weechat__use_custom_config: true
2023-06-14 02:39:04 +02:00
weechat__custom_private_repo: 'gitea@git.l3d.ch:l3d/weechat-config.git'
2021-05-27 16:19:52 +02:00
weechat__custom_gen_ssh_key_pair: true
weechat__custom_version: 'main'
2021-01-10 04:43:05 +01:00
# postfix
postfix__myhostname: "{{ mailserver_domain }}"
postfix__tls_cert: "{{ mailserver__ssl_cert }}"
postfix__tls_key: "{{ mailserver__ssl_key }}"
2021-11-01 03:22:39 +01:00
# fail2ban
fail2ban_jail_configuration:
- option: 'enabled'
value: 'true'
section: 'postfix'
- option: 'mode'
value: 'extra'
section: 'postfix'
- option: 'enabled'
value: 'true'
section: 'dovecot'
nginx__infrastructure_domain__enabled: false
2023-11-25 02:11:38 +01:00
2023-12-13 01:01:13 +01:00
# l3d.time.ntp
ntp_statistics: true
2023-11-25 02:11:38 +01:00
# l3d.nginx_exporter
nginx_exporter_listen_address: '127.0.0.1:9113'
2023-11-25 04:32:26 +01:00
nginx_exporter_scrape_uri: 'https://node-exporter.mail01.l3d.space/nginx_status'