--- postgres_users_no_log: false local_users: webwaffel: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d webwaffelpodcast: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d files: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d preview: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d see: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d winkekatze: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d m2: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d klima: - l3d@pinkie.l3d.yt - l3d@mobile.l3d.yt - l3d@backup.l3d.yt - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@bsns.l3d sshd__allowed_users: - "root" - "ansible" - "l3d" - "webwaffel" - "webwaffelpodcast" - "gitea" - "files" - "preview" - 'see' - 'winkekatze' - 'm2' - 'klima' sshd__allowed_groups: - "root" - "ansible" - "l3d" - "webwaffel" - "webwaffelpodcast" - "gitea" - "files" - "preview" - 'see' - 'winkekatze' - 'm2' - 'klima' local_accounts: - 'l3d' - 'webwaffel' - 'webwaffelpodcast' - 'files' - 'preview' - 'see' - 'winkekatze' - 'm2' - 'klima' acme_domain_unwant_list: [] # - name: 'example.com' nginx_sites: - name: 'c3woc.de' webroot: user: 'webwaffel' - name: 'www.c3woc.de' - name: 'waffel.tv' - name: 'www.waffel.tv' - name: 'c3woc.org' - name: 'waffel.li' - name: 'www.waffel.li' - name: 'www.c3woc.org' - name: 'c3woc.eu' - name: 'www.c3woc.eu' - name: 'c3woc.com' - name: 'www.c3woc.com' - name: 'c3woc.cn' - name: 'www.c3woc.cn' - name: 'waffeln.eskalieren.jetzt' - name: 'waffeln.fehlerfrei.org' - name: 'www.waffeln.fehlerfrei.org' - name: 'waffel.shop' - name: 'www.waffel.shop' - name: 'l3d.space' - name: 'www.l3d.space' - name: 'ansible.l3d.space' - name: 'www.ansible.l3d.space' - name: 'l3d.yt' - name: 'www.l3d.yt' - name: 'l3d.ch' - name: 'www.l3d.ch' - name: 'l3d.me' - name: 'www.l3d.me' - name: 'podcast.c3woc.de' webroot: user: 'webwaffelpodcast' - name: 'www.podcast.c3woc.de' - name: 'podcast.c3woc.org' - name: 'www.podcast.c3woc.org' - name: 'podcast.c3woc.eu' - name: 'www.podcast.c3woc.eu' - name: 'angel.systems' - name: 'www.angel.systems' - name: 'einhornsystem.de' - name: 'www.einhornsystem.de' - name: 'backwesen.de' - name: 'www.backwesen.de' - name: 'c3nom.de' - name: 'www.c3nom.de' - name: 'files.l3d.ch' webroot: user: 'files' - name: 'www.files.l3d.ch' - name: 'preview.c3woc.de' webroot: user: 'preview' - name: 'waffelpate.de' - name: 'www.waffelpate.de' - name: 'xn--see-br-0xa.se' webroot: user: 'see' - name: 'www.xn--see-br-0xa.se' - name: 'thelaend.xn--see-br-0xa.se' - name: 'www.thelaend.xn--see-br-0xa.se' - name: 'winkekatze.tv' webroot: user: 'winkekatze' - name: 'www.winkekatze.tv' - name: 'm2.xn--see-br-0xa.se' webroot: user: 'm2' - name: 'klima-streik.de' webroot: user: 'klima' - name: 'www.klima-streik.de' acme_notification_email: "{{ _acme_notification_email }}" # firewall fail2ban_destemail: "{{ _fail2ban_destemail }}" firewall_allowed_tcp_ports: - "22" - "80" - "443" # gitea settings gitea_app_name: 'backwesen.de' gitea_http_domain: 'backwesen.de' gitea_root_url: 'https://backwesen.de' gitea_protocol: 'http' gitea_shell: '/bin/bash' gitea_lfs_server_enabled: true gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" gitea_repository_root: "{{ gitea_home }}/repos" gitea_ssh_domain: "{{ gitea_http_domain }}" gitea_start_ssh: "{{ _gitea_start_ssh }}" gitea_ssh_port: 22 gitea_require_signin: false gitea_password_check_pwn: true # gitea db gitea_db_type: mysql gitea_db_host: "{{ _gitea_db_host }}" gitea_db_name: "{{ _gitea_db_name }}" gitea_db_user: "{{ _gitea_db_user }}" gitea_db_password: "{{ _gitea_db_password }}" gitea_db_ssl: "{{ _gitea_db_ssl }}" gitea_db_path: false # gitea mail gitea_mailer_enabled: true gitea_mailer_host: 'mail01.l3d.space:465' gitea_mailer_from: 'git@backwesen.de' gitea_mailer_user: 'git@backwesen.de' gitea_mailer_password: "{{ _gitea_mail_password }}" # gitea other gitea_fail2ban_enabled: true gitea_metrics_enabled: true gitea_metrics_token: "{{ _gitea_metrics_token }}" gitea_repo_indexer_enabled: true gitea_enable_notify_mail: true gitea_extra_config: | [other] SHOW_FOOTER_VERSION = false SHOW_FOOTER_TEMPLATE_LOAD_TIME = false gitea_customize_logo: true gitea_customize_footer: true # gitea secrets gitea_disable_git_hooks: "{{ _gitea_disable_git_hooks }}" gitea_disable_registration: "{{ _gitea_disable_registration }}" gitea_show_registration_button: "{{ _gitea_show_registration_button }}"