ansible-role-epasmed/defaults/main.yml

57 lines
1.9 KiB
YAML

---
epas_docker_stack_name: 'epas_prod'
epas_docker_service_server_name: 'epas'
epas_docker_registry: 'docker-registry.services.iit.cnr.it'
epas_docker_server_image: '{{ epas_docker_registry }}/epas/epas:stable'
epas_docker_registry_user: 'epas.user'
epas_docker_registry_pwd: 'use a vault file'
epas_docker_network: 'epas_net'
epas_docker_attachments_node: 'localhost'
epas_attachments_volume: 'epas_attachments_data'
epas_node_constraints: 'node.labels.epas_storage == attachments'
epas_behind_haproxy: True
epas_haproxy_public_net: 'haproxy-public'
# DB
# Set to true if postgresql must be a container too
epas_dockerized_db: False
epas_pg_version: '12'
epas_db_image: 'postgres:{{ epas_pg_version }}-alpine'
# The default hostname is the name of the container service
epas_db_host: 'postgres'
epas_db_name: 'epas_prod_db'
epas_db_allowed_hosts:
- '127.0.0.1'
#epas_db_pwd: 'set it in a vault file'
epas_db_user: 'epas_prod_user'
epas_docker_db_node: 'localhost'
epas_db_volume: 'epas_prod_pg_data'
epas_db_constraints: '[node.labels.epas_pg_data==epas_db]'
epas_pg_data_volume: 'epas_db_data'
epas_pg_backups_volume: 'epas_db_data'
psql_db_data: '{{ epas_psql_pg_data }}'
# Environment
epas_server_hostname: 'epas.example.com'
## SMTP
epas_smtp_server: 'localhost'
epas_smtp_port: 587
epas_smtp_channel: 'starttls'
epas_smtp_from: 'epas@cnr.it'
epas_smtp_protocol: 'smtp'
epas_smtp_authentication: True
epas_smtp_user: ''
epas_smtp_password: 'use a vault file'
## LDAP
epas_ldap_login: 'false'
epas_ldap_url: 'ldap://ldap.example.org:389'
epas_ldap_timeout: 1000
epas_ldap_base_dn: 'ou=People,dc=example,dc=org'
epas_ldap_login_return_uri: '/.'
epas_ldap_eppn_attribute_name: 'eduPersonPrincipalName'
epas_ldap_starttls_enabled: 'false'
epas_ldap_authenticated_bind: False
epas_ldap_bind_dn: 'cn=readuser,ou=People,o=example,c=org'
#epas_ldap_bind_credentials: 'use a vault file'
epas_ldap_authenticate_user_search_dn: 'o=example,c=org'
epas_log_level: 'INFO'
epas_log_appenders: 'stderr'