--- postgres_users_no_log: false l3d_users__local_users: - name: 'webwaffel' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'webwaffelpodcast' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'files' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'preview' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'see' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'winkekatze' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'm2' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'klima' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" - name: 'roles' state: 'present' admin: false pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" l3d_users__ssh_login: - name: 'gitea' state: 'present' # acmetool config acme_reload_services: - 'nginx' acme_restart_services: - 'gitea' acme_domain_unwant_list: [] # - name: 'example.com' nginx_sites: - name: 'c3woc.de' webroot: user: 'webwaffel' - name: 'www.c3woc.de' - name: 'waffel.tv' - name: 'www.waffel.tv' - name: 'c3woc.org' - name: 'waffel.li' - name: 'www.waffel.li' - name: 'www.camp.waffel.li' - name: '37c3.waffel.li' - name: 'www.37c3.waffel.li' - name: 'www.c3woc.org' - name: 'c3woc.eu' - name: 'www.c3woc.eu' - name: 'c3woc.cn' - name: 'www.c3woc.cn' - name: 'waffeln.eskalieren.jetzt' - name: 'waffeln.fehlerfrei.org' - name: 'www.waffeln.fehlerfrei.org' - name: 'l3d.space' - name: 'www.l3d.space' - name: 'ansible.l3d.space' webroot: user: 'roles' - name: 'www.ansible.l3d.space' - name: 'l3d.yt' - name: 'www.l3d.yt' - name: 'l3d.ch' webroot: user: 'l3d' - name: 'www.l3d.ch' - name: 'l3d.me' - name: 'www.l3d.me' - name: 'podcast.c3woc.de' webroot: user: 'webwaffelpodcast' - name: 'www.podcast.c3woc.de' - name: 'podcast.c3woc.org' - name: 'www.podcast.c3woc.org' - name: 'podcast.c3woc.eu' - name: 'www.podcast.c3woc.eu' - name: 'angel.systems' - name: 'www.angel.systems' - name: 'einhornsystem.de' - name: 'www.einhornsystem.de' - name: 'git.l3d.ch' - name: 'www.git.l3d.ch' - name: 'files.l3d.ch' webroot: user: 'files' - name: 'www.files.l3d.ch' - name: 'preview.c3woc.de' webroot: user: 'preview' - name: 'waffelpate.de' - name: 'www.waffelpate.de' - name: 'xn--see-br-0xa.se' webroot: user: 'see' - name: 'www.xn--see-br-0xa.se' - name: 'thelaend.xn--see-br-0xa.se' - name: 'www.thelaend.xn--see-br-0xa.se' - name: 'aalen-geekend-23.winkekatze.tv' webroot: user: 'winkekatze' - name: 'www.aalen-geekend-23.winkekatze.tv' - name: 'fsck-2024.winkekatze.tv' webroot: user: 'winkekatze' - name: 'www.fsck-2024.winkekatze.tv' - name: 'winkekatze.tv' webroot: user: 'winkekatze' - name: 'www.winkekatze.tv' - name: 'klima-streik.de' webroot: user: 'klima' - name: 'www.klima-streik.de' - name: 'node-exporter.web01.l3d.space' - name: 'nginx-exporter.web01.l3d.space' acme_notification_email: "{{ _acme_notification_email }}" # firewall fail2ban_destemail: "{{ _fail2ban_destemail }}" firewall_allowed_tcp_ports: - "22" - "80" - "443" # gitea settings gitea_fork: 'forgejo' gitea_app_name: 'git.l3d.ch' gitea_http_domain: 'git.l3d.ch' gitea_root_url: 'https://git.l3d.ch' gitea_protocol: 'http' gitea_shell: '/bin/bash' gitea_lfs_server_enabled: true gitea_lfs_content_path: "{{ gitea_home }}/data/lfs" gitea_repository_root: "{{ gitea_home }}/repos" gitea_ssh_domain: "{{ gitea_http_domain }}" gitea_start_ssh: "{{ _gitea_start_ssh }}" gitea_ssh_port: 22 gitea_require_signin: false gitea_password_check_pwn: true gitea_actions_enabled: true gitea_actions_default_actions_url: 'self' # gitea db gitea_db_type: mysql gitea_db_host: "{{ _gitea_db_host }}" gitea_db_name: "{{ _gitea_db_name }}" gitea_db_user: "{{ _gitea_db_user }}" gitea_db_password: "{{ _gitea_db_password }}" gitea_db_ssl: "{{ _gitea_db_ssl }}" gitea_db_path: false # gitea mail gitea_mailer_enabled: true gitea_mailer_protocol: 'smtps' gitea_mailer_smtp_addr: 'mail01.l3d.space' gitea_mailer_smtp_port: '465' gitea_mailer_user: 'git@l3d.ch' gitea_mailer_password: "{{ _gitea_mail_password }}" gitea_mailer_from: 'git@l3d.ch' gitea_subject_prefix: 'git' gitea_mailer_host: 'mail01.l3d.space:465' # federation gitea_federation_enabled: true gitea_federation_share_user_stats: true # gitea other gitea_fail2ban_enabled: true gitea_metrics_enabled: true gitea_metrics_token: "{{ _gitea_metrics_token }}" gitea_repo_indexer_enabled: true gitea_enable_notify_mail: true gitea_other_show_footer_version: false gitea_other_show_footer_template_load_time: false gitea_customize_logo: true gitea_customize_footer: true gitea_enable_cors: true gitea_default_repo_units: 'repo.code,repo.releases,repo.pulls' gitea_disabled_repo_units: 'repo.wiki,repo.ext_wiki,repo.projects' gitea_enable_push_create_user: true gitea_repository_upload_max_size: 30 gitea_attachment_types: '*/*' gitea_attachment_max_size: 35 # gitea secrets gitea_disable_git_hooks: "{{ _gitea_disable_git_hooks }}" gitea_disable_registration: "{{ _gitea_disable_registration }}" gitea_show_registration_button: "{{ _gitea_show_registration_button }}" # l3d.nginx_exporter nginx_exporter_listen_address: '127.0.0.1:9113' nginx_exporter_scrape_uri: 'https://node-exporter.web01.l3d.space/nginx_status'