playbooks/ansible_playbook_servers
1
0
Fork 0
mirror of https://github.com/DO1JLR/ansible_playbook_servers.git synced 2024-09-14 19:53:56 +02:00
Code Releases Activity
ansible_playbook_servers/host_vars/mail01.l3d.space/vars.yml
L3D e1e141de73
update config and services
2024-02-18 15:12:44 +01:00

106 lines
2.8 KiB
YAML
Raw Blame History

---
l3d_users__local_users:
- name: 'weechat'
state: 'present'
admin: false
pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
- name: 'mailwebuser'
state: 'present'
admin: false
pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
# mail domains
additional_dns_maildomains: 'mail.l3d.space imap.l3d.space smtp.l3d.space'
# mailserver
mailserver_domain: "{{ _mailserver_domain }}"
postfix__inet_interfaces: "127.0.0.1, ::1, {{ hostvars[ inventory_hostname ].ansible_default_ipv4.address }}, {{ hostvars[ inventory_hostname ].ansible_default_ipv6.address }}"
# mail mysql access
mailserver__mysql_password: "{{ _mailserver__mysql_password }}"
mailserver__mysql_user: "{{ _mailserver__mysql_user }}"
mailserver__mysql_database: "{{ _mailserver__mysql_database }}"
mailserver__ssl_cert: "{{ _mailserver__ssl_cert }}"
mailserver__ssl_key: "{{ _mailserver__ssl_key }}"
postfix__db_user: "{{ _mailserver__mysql_user }}"
postfix__db_password: "{{ _mailserver__mysql_password }}"
postfix__db_name: "{{ _mailserver__mysql_database }}"
acme_domain_unwant_list: []
# - name: 'example.com'
nginx_sites:
- name: 'mail.l3d.space'
webroot:
user: 'mailwebuser'
- name: "{{ mailserver_domain }}"
- name: 'node-exporter.mail01.l3d.space'
- name: 'nginx-exporter.mail01.l3d.space'
# letsencrypt
acme_notification_email: "{{ _acme_notification_email }}"
# acmetool config
acme_reload_services:
- 'nginx'
acme_restart_services:
- 'rspamd'
- 'dovecot'
- 'unbound'
- 'redis-server'
# firewall
fail2ban_destemail: "{{ _fail2ban_destemail }}"
firewall_allowed_tcp_ports:
- "22"
- "25"
- "80"
- "143"
- "443"
- "465"
- "587"
- "993"
- "4190"
- "42023"
# mysql
mysql_bind_address: "{{ _mysql_bind_address }}"
mysql_root_password: "{{ _mysql_root_password }}"
# weechat
weechat__install: true
weechat__autostart: true
weechat__user: 'weechat'
weechat__home_directory: '/home/weechat'
weechat__install_plugins: true
weechat__use_custom_config: true
weechat__custom_private_repo: 'gitea@git.l3d.ch:l3d/weechat-config.git'
weechat__custom_gen_ssh_key_pair: true
weechat__custom_version: 'main'
# postfix
postfix__myhostname: "{{ mailserver_domain }}"
postfix__tls_cert: "{{ mailserver__ssl_cert }}"
postfix__tls_key: "{{ mailserver__ssl_key }}"
# fail2ban
fail2ban_jail_configuration:
- option: 'enabled'
value: 'true'
section: 'postfix'
- option: 'mode'
value: 'extra'
section: 'postfix'
- option: 'enabled'
value: 'true'
section: 'dovecot'
nginx__infrastructure_domain__enabled: false
# l3d.time.ntp
ntp_statistics: true
# l3d.nginx_exporter
nginx_exporter_listen_address: '127.0.0.1:9113'
nginx_exporter_scrape_uri: 'https://node-exporter.mail01.l3d.space/nginx_status'
View git blame Copy permalink