87 lines
4.6 KiB
YAML
87 lines
4.6 KiB
YAML
---
|
|
# Search 'template' or 'TEMPLATE' to substitute specific variables
|
|
|
|
time_zone: 'Europe/Rome'
|
|
domain_name: 'isti.cnr.it'
|
|
iptables_default_policy: REJECT
|
|
nagios_enabled: False
|
|
postfix_relay_host: smtp-srv.isti.cnr.it
|
|
postfix_relay_client: False
|
|
postfix_use_letsencrypt: True
|
|
# SMTP server (require specific smtp user to be created)
|
|
# postfix_smtp_relay_user: smtp-template
|
|
#
|
|
letsencrypt_acme_install: True
|
|
letsencrypt_email: s2i2s@isti.cnr.it
|
|
letsencrypt_acme_email: s2i2s@isti.cnr.it
|
|
letsencrypt_acme_cron_day_of_month: '1-15'
|
|
letsencrypt_acme_sh_explicitly_install_certs: True
|
|
letsencrypt_ocsp_must_staple: True
|
|
letsencrypt_acme_sh_use_ecc: False
|
|
http_port: 80
|
|
https_port: 443
|
|
|
|
# Bug with the PHP repository. The php8.3-cli package is always installed and breaks the mysql setup
|
|
additional_packages:
|
|
- php8.3-mysql
|
|
|
|
# Some name aliases are too long for the default
|
|
nginx_server_names_hash_bucket_size: 128
|
|
|
|
resolv_conf_ip:
|
|
- '146.48.80.4'
|
|
- '146.48.80.3'
|
|
|
|
wordpress_servername: 'www.template.it'
|
|
wordpress_aliases: 'template.{{ domain_name }}'
|
|
wordpress_admin_email: 'template@isti.cnr.it'
|
|
wordpress_title: 'Template site'
|
|
wordpress_upload_max_filesize: 200M
|
|
|
|
phpmyadmin_install: True
|
|
phpmyadmin_shared_installation: True
|
|
phpmyadmin_behind_nginx: True
|
|
phpmyadmin_behind_apache: False
|
|
phpmyadmin_phpfpm_app_context: '/'
|
|
phpmyadmin_phpfpm_virthost: '{{ ansible_fqdn }}'
|
|
phpmyadmin_default_lang: 'it'
|
|
phpmyadmin_target_servers:
|
|
- { id: '1', description: 'TEMPLATE WP', host: 'localhost', port: 3306, socket: '', ssl: 'false', auth_type: 'cookie', user: '', password: '', only_db: "'wp_db'", allowroot: 'false' }
|
|
|
|
phpfpm_listen_on_socket: True
|
|
# Remove the phpmyadmin_phpfpm_pool from the list if phpMyAdmin is not required
|
|
phpfpm_pools:
|
|
- '{{ wordpress_phpfpm_pool }}'
|
|
- '{{ phpmyadmin_phpfpm_pool }}'
|
|
|
|
letsencrypt_acme_sh_domains:
|
|
- { domain: '{{ ansible_fqdn }}', standalone: True }
|
|
- { domain: '{{ wordpress_servername }}', standalone: True }
|
|
- { domain: 'template.isti.cnr.it', standalone: True }
|
|
|
|
users_system_users:
|
|
- { login: 'andrea.dellamico', name: "Andrea Dell'Amico", home: '{{ users_home_dir }}', createhome: 'yes', ssh_key: '{{ andrea_dellamico }}', shell: '/bin/bash', admin: True, limited_sudoers_user: False }
|
|
- { login: 'tommaso.piccioli', name: "Tommaso Piccioli", home: '{{ users_home_dir }}', createhome: 'yes', ssh_key: '{{ tommaso_piccioli }}', shell: '/bin/bash', admin: True, limited_sudoers_user: False }
|
|
- { login: 'franca.debole', name: "Franca Debole", home: '{{ users_home_dir }}', createhome: 'yes', ssh_key: '{{ franca_debole }}', shell: '/bin/bash', admin: True, limited_sudoers_user: False }
|
|
|
|
sshd_enable_sftp_subsystem: True
|
|
sshd_enable_sftp_jail: True
|
|
sshd_sftp_chroot_match_group: '{{ wordpress_system_user }}'
|
|
sshd_sftp_chroot_directory: '/var/www/html'
|
|
|
|
users_additional_groups:
|
|
- { group: '{{ sshd_sftp_chroot_match_group }}' }
|
|
users_system_users_adjunct:
|
|
- { login: 'template.user', group: '{{ sshd_sftp_chroot_match_group }}', name: "Template User", home: '{{ users_home_dir }}', createhome: 'yes', ssh_key: '{{ template_user_ssh_key }}', shell: '/usr/sbin/nologin', admin: False, log_as_root: False }
|
|
|
|
additional_data_directories:
|
|
- { name: '{{ wordpress_doc_root }}', file: False, create: False, perms: '0755', owner: '{{ wordpress_system_user }}', group: '{{ common_users_group }}', aclperms: 'rwX' }
|
|
|
|
|
|
andrea_dellamico: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ9n6B+J5S7NPnwjejPC2WrvcRzC07WPnAoQ7ZHZ0Mv9JakyWItswzI3Drz/zI0mCamyuye+9dWz9v/ZRwUfBobVyXuptRaZIwxlMC/KsTZofpp3RHOBTteZ4/VM0VhEeiOHu+GuzNE0fRB2gsusWeMMae2cq4TjVAOMcQmJX496L703Smc14gFrP8y/P9jbC5HquuVnPR29PsW4mHidPmjdKkO7QmDfFAj44pEUGeInYOJe708C03NCpsjHw8AVdAJ6Pf16EOdDH+z8D6CByVO3s8UT0HJ85BRoIy6254/hmYLzyd/eRnCXHS/dke+ivrlA3XxG4+DmqjuJR/Jpfx adellam@semovente
|
|
tommaso_piccioli: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzcHuDU7PgJwz34AsVG0E2+ZRx17ZKW1uDEGABNk3Z60/c9LTwWKPj6kcIRy6RzFJI5X+IgPJnYouXVmJsIWjVL8IRk8fP1ffJC6Fyf6H7+fCxu/Wwed5OoOCvKeZ0bEmJ1tlXFM6+EnxKqLCvz3fsNy8e4WKMnpS1hT8K6YB7PMjt60S3wOaxds1Lv4NmmgnfGM5uZFYrZCx1/GJCzNSh7AEEEUIVQ1B8xmXbet7whNiwDmiOnXSlt38dkIYT8kNMuRCj/r9wPr7FmoUCOFzUVXTcnuYagKyURrZ8QDyHbK6XQLYXgvCz/lWoErGFbDqpmBHHyvKSeLPxYfJpWJ70w== tom@tom
|
|
franca_debole: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5al6w7Lsm2hVP5Ak3y1YVuqB02vrCvlNQSjF3+y4U/KwSsLDk0EtK6cZQuplehVK+XkdiIxECTokyvwulfHSMa25p8l4bjUA44TTdeWlHjcFgt2SFXbSeAY/XeoukKlafccKqVF0ySrKIIQj94oWIB15qIZMSg8HVIU6XtpHjlF2w8K+YrzmDnU3hs+f1bHp9gi5Q2JKVqm3ZIiUIvb1bYGNq7rdMf0xjAn1ZGuvmEIRSwqR8YMtyIHnrPsMh+sdnV3PosyUQRt/b74Df/ufvJ2t9QBlOprrCQxWibcjYktDOBP4AT5he3giXjz51FJqx7hEj2ISVSiwln5G/cPor franca@Mac.local
|
|
# add here user ssh_key
|
|
# template_user_ssh_key: ssh-rsa ...
|
|
|