ansible-role-basic-system-s.../defaults/main.yml

99 lines
3.5 KiB
YAML

---
# timezone
timezone: 'Europe/Rome'
default_locale_lang: "en_US.UTF-8"
default_deb_locale_messages: "C.UTF-8"
default_el_locale_messages: "en_US.UTF-8"
locales_list:
- { name: '{{ default_locale_lang }}' }
- { name: 'en_US.UTF-8' }
- { name: 'en_US' }
- { name: 'it_IT.UTF-8' }
- { name: 'it_IT' }
domain_name: '{{ ansible_domain }}'
#
# Define the following variables to manage additional disks and mount points, even static nfs ones
additional_disks: False
disks_and_mountpoints_list: []
# - { mountpoint: '/data', device: 'xvda3', fstype: 'xfs', opts: 'noatime', state: 'mounted', create_filesystem: True }
idmap_verbosity: 0
idmap_conf_options:
- { section: 'General', option: 'Domain', value: '{{ domain_name }}', state: 'present' }
- { section: 'General', option: 'Verbosity', value: '{{ idmap_verbosity }}', state: 'present' }
# autofs mount points
autofs_client_mountpoint: False
autofs_conf_options:
- { section: 'autofs', option: 'master_map_name', value: '/etc/auto.master', state: 'present' }
- { section: 'autofs', option: 'timeout', value: '300', state: 'present' }
- { section: 'autofs', option: 'negative_timeout', value: '60', state: 'present' }
- { section: 'autofs', option: 'mount_nfs_default_protocol', value: '4', state: 'present' }
- { section: 'autofs', option: 'logging', value: 'none', state: 'present' }
- { section: 'amd', option: 'dismount_interval', value: '300', state: 'present' }
autofs_packages_deb:
- autofs
autofs_packages_el:
- autofs
# path: without the initial /
autofs_maps: []
# - { map_name: 'data', mountpoint_prefix: '/', path: 'data', nfs_server: 'nfs.example.com', remote_export: '/export' }
# tmpreaper
tmpreaper_install: False
tmpreaper_protect_extra: ''
tmpreaper_dirs: '/tmp/.'
tmpreaper_extra_dirs: ''
tmpreaper_delay: '256'
tmpreaper_additional_options: ''
tmpreaper_time: '7d'
#
enable_env_proxy: False
env_proxy_http_host: 'localhost'
env_proxy_http_port: '3128'
env_proxy_http_protocol: 'http'
env_proxy_https_protocol: '{{ env_proxy_http_protocol }}'
env_proxy_http_url: '{{ env_proxy_http_protocol }}://{{ env_proxy_http_host }}:{{ env_proxy_http_port }}'
env_proxy_https_url: '{{ env_proxy_http_url }}'
env_proxy_protocols:
- 'http_proxy'
- 'https_proxy'
- 'ftp_proxy'
- 'HTTP_PROXY'
- 'HTTPS_PROXY'
- 'FTP_PROXY'
env_proxy_use_authentication: False
env_proxy_username: ''
env_proxy_password: ''
no_proxy_targets:
- '::1'
- '127.0.0.1'
- 'localhost'
trusted_ca_el_anchors_path: '/etc/pki/ca-trust/source/anchors'
trusted_ca_deb_path: '/usr/local/share/ca-certificates'
# it shoudn't be needed
trusted_ca_letsencrypt_install: False
trusted_ca_letsencrypt_ca_certificates_url: https://letsencrypt.org/certs
trusted_ca_letsencrypt_ca_files:
- { ca_src: 'isrgrootx1.pem', ca: 'isrgrootx1.crt', name: 'isrg-root-x1' }
- { ca_src: 'isrg-root-x2.pem', ca: 'isrg-root-x2.crt', name: 'isrg-root-x2-not-cross' }
- { ca_src: 'lets-encrypt-e1.pem', ca: 'lets-encrypt-e1.crt', name: 'lets-encrypt-e1' }
- { ca_src: 'lets-encrypt-e2.pem', ca: 'lets-encrypt-e2.crt', name: 'lets-encrypt-e2' }
- { ca_src: 'lets-encrypt-r3.pem', ca: 'lets-encrypt-r3.crt', name: 'lets-encrypt-r3-not-cross' }
- { ca_src: 'lets-encrypt-r4.pem', ca: 'lets-encrypt-r4.crt', name: 'lets-encrypt-r4-not-cross' }
expired_ca_letsencrypt_ca_files:
- isrg-root-x2-cross-signed.pem
- lets-encrypt-r3-cross-signed.pem
- lets-encrypt-x3-cross-signed.pem
- letsencryptauthorityx3.pem
trusted_ca_additional_ca_files: []
# - { can_url: 'https://example.com/foo-ca.pem', ca: 'foo-ca.pem', name: 'foo-ca' }