61 lines
1.5 KiB
YAML
61 lines
1.5 KiB
YAML
---
|
|
interfaces:
|
|
cachan-adm: ens18
|
|
srv: ens19
|
|
|
|
loc_home_nounou:
|
|
ip: 172.17.10.9
|
|
mountpoint: /rpool/home
|
|
|
|
loc_ldap:
|
|
servers:
|
|
- 172.17.10.9
|
|
base: 'dc=crans,dc=org'
|
|
|
|
glob_ntp_client:
|
|
servers:
|
|
- terenez.cachan-adm.crans.org
|
|
|
|
debian_mirror: http://mirror.cachan-adm.crans.org/debian
|
|
|
|
loc_certbot:
|
|
- dns_rfc2136_server: '185.230.79.9'
|
|
dns_rfc2136_name: certbot_challenge.
|
|
dns_rfc2136_secret: "{{ vault.certbot_dns_secret }}"
|
|
mail: root@crans.org
|
|
certname: crans.org
|
|
domains: "crans.org, *.crans.org, crans.fr, *.crans.fr, crans.eu, *.crans.eu"
|
|
|
|
loc_nginx:
|
|
servers: []
|
|
ssl:
|
|
- name: crans.org
|
|
cert: /etc/letsencrypt/live/crans.org/fullchain.pem
|
|
cert_key: /etc/letsencrypt/live/crans.org/privkey.pem
|
|
trusted_cert: /etc/letsencrypt/live/crans.org/chain.pem
|
|
real_ip_from:
|
|
- "172.17.0.0/16"
|
|
- "fd00:0:0:3000::/56"
|
|
|
|
loc_reverseproxy:
|
|
reverseproxy_sites:
|
|
- {from: ftps.crans.org, to: 172.17.10.30}
|
|
- {from: re2o-cachan.crans.org, to: 172.17.10.203}
|
|
- {from: intranet-cachan.crans.org, to: 172.17.10.203}
|
|
|
|
redirect_sites: []
|
|
|
|
loc_borg:
|
|
remote:
|
|
- borg@zephir.cachan-adm.crans.org:/backup/borg/{{ ansible_hostname }}
|
|
ssh_options: ""
|
|
|
|
glob_prometheus_node_exporter:
|
|
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'cachan-adm') | ipv4 | first }}"
|
|
|
|
glob_prometheus_nginx_exporter:
|
|
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'cachan-adm') | ipv4 | first }}"
|
|
|
|
loc_rsyslog_client:
|
|
server: "{{ query('ldap', 'ip', 'gulp', 'cachan-adm') | ipv4 | first }}"
|