ansible/group_vars/virtu.yml

---
glob_debian_images:
  cron_timer: '39 06 * * *'
  rsync_host: 'eclat.adm.crans.org'
  rsync_module: 'mirror'
  include_extra_images: false

glob_service_proxmox_user:
  git:
    remote: https://gitlab.adm.crans.org/nounous/proxmox-user.git
    version: main
  name: proxmox-user
  install_dir: /var/local/services/proxmox-user
  generated: false
  cron:
    frequency: "*/2 * * * *"
    options: ""
  config:
    ldap:
      admin:
        uri: "ldaps://{{ lookup('ldap', 'ip4', 'wall-e', 'adm') }}/"
        userBase: "ou=passwd,dc=crans,dc=org"
        realm: "pam"
  dependencies:
    - python3-jinja2
    - python3-ldap

loc_certbot:
  - mail: root@crans.org
    certname: adm.crans.org
    domains: "*.adm.crans.org"

loc_service_certbot:
  config:
    "adm.crans.org":
      zone: _acme-challenge.adm.crans.org
      server: "{{ lookup('ldap', 'ip4', 'silice', 'adm') }}"
      port: 53
      key:
        name: certbot_adm_challenge.
        secret: "{{ vault.bind.rfc2136_keys['certbot_adm_challenge.'].secret }}"
        algorithm: HMAC-SHA512