ansible-infra/roles/common/defaults/main.yml

98 lines
2.1 KiB
YAML
Raw Normal View History

2020-04-13 14:46:45 +02:00
---
# defaults file for common
node_exporter_path: /
node_exporter_port: 9100
node_exporter_public_port: "9180"
2020-11-28 20:47:30 +01:00
node_exporter_password: password
2020-04-13 14:46:45 +02:00
nginx_config_dir: /etc/nginx/conf.d
nginx_ssl_dir: /etc/nginx/ssl
2020-11-28 20:47:30 +01:00
nginx_dhparam_size: 2048
2020-04-13 14:46:45 +02:00
2020-11-28 20:47:30 +01:00
users:
- name: ppbe
- name: coco
groups: []
user_default_groups:
- sudo
openssh_port: "22"
backup_owner: backup
backup_group: "{{ backup_owner }}"
storage_box_enabled: no
storage_box_host: storage.example.com
storage_box_port: 23
storage_box_path: /home/backup
storage_box_mount:
path: "/mnt/backup"
owner: "{{ backup_owner }}"
group: "{{ backup_group }}"
options: [rw,default_permissions]
storage_box_username: u123456-sub1
storage_box_password: somesecret
borg_encryption_mode: keyfile
borg_passphrase: "{{ vault_borg_passphrase }}"
borg_repository: |-
{%- if storage_box_enabled -%}
{{ storage_box_host }}:{{ storage_box_path }}/borg
{%- else -%}
{{ storage_box_mount.path }}/borg
{%- endif -%}
borgmatic_config:
location:
source_directories:
- /
repositories:
- "{{ borg_repository }}"
exclude_patterns:
- /dev
- /home/*/.cache
- /home/*/.gvfs
- /lib*
- /media
- /mnt
- /proc
- /tmp
- /run
- /swap*
- /sys
- /usr/src/linux-headers*
- /var/backups
- /var/cache/apt/archives
- /var/lib
- /var/log
- /var/run
- /var/snap
exclude_caches: true
storage:
encryption_passphrase: "{{ borg_passphrase }}"
compression: zlib,7
retention:
keep_hourly: 24
keep_daily: 7
keep_weekly: 4
keep_monthly: 6
borgmatic_cron_hour: "3"
borgmatic_cron_minute: "0"
borgmatic_check_cron_weekday: "0"
borgmatic_check_cron_hour: "2"
borgmatic_check_cron_minute: "0"
smtp_accounts:
example:
host: mail.example.com
port: 587
from: no-reply@example.com
username: ahoy@example.com
password: secret
smtp_default_account: example
smtp_default_recipient: contact@example.com
smtp_aliases_path: /etc/aliases
postfix_sasl_secrets_path: /etc/postfix/sasl/passwd
postfix_senders_map_path: /etc/postfix/senders