ansible/group_vars/all/vars.yml

---
# LDAP binding
# You can hash LDAP passwords with `slappasswd` tool
ldap_base: 'dc=auro,dc=re'
ldap_master_ipv4: '10.128.0.11'
ldap_master_uri: "ldap://{{ ldap_master_ipv4 }}"
ldap_nslcd_bind_dn: "cn=nslcd,ou=service-users,{{ ldap_base }}"
ldap_nslcd_passwd: "{{ vault_ldap_nslcd_passwd }}"
ldap_replica_password: "{{ vault_ldap_replica_password }}"
ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"

# Scripts will tell users to go there to manage their account
intranet_url: 'https://re2o.auro.re/'

# Users in that group will be able to `sudo`
sudo_group: 'sudoldap'

# SSH keys for root account to use when LDAP is broken
ssh_pub_keys: "{{ vault_ssh_pub_keys }}"

# Monitoring
monitoring_mail: 'monitoring.aurore@lists.crans.org'

# Nginx Proxy
reversed_proxy_subdomains:
  - name: re2o
    from: re2o.auro.re
    to: 10.128.0.10
  - name: intranet
    from: intranet.auro.re
    to: 10.128.0.10
  - name: pad
    from: pad.auro.re
    to: 10.128.0.52
  - name: phabricator
    from: phabricator.auro.re
    to: 10.128.0.50
  - name: wiki
    from: wiki.auro.re
    to: 10.128.0.51
  - name: www
    from: www.auro.re
    to: 10.128.0.52
  - name: main
    from: auro.re
    to: 10.128.0.52
  - name: re2o-test
    from: re2o-test.auro.re
    to: 10.128.0.100
Initial commit 2018-12-23 12:20:19 +01:00			`---`
			`# LDAP binding`
Rename some variables 2019-01-03 14:51:11 +01:00			# You can hash LDAP passwords with `slappasswd` tool
Initial commit 2018-12-23 12:20:19 +01:00			`ldap_base: 'dc=auro,dc=re'`
Rename some variables 2019-01-03 14:51:11 +01:00			`ldap_master_ipv4: '10.128.0.11'`
LDAP replica working 2019-01-03 16:43:50 +01:00			`ldap_master_uri: "ldap://{{ ldap_master_ipv4 }}"`
Rename some variables 2019-01-03 14:51:11 +01:00			`ldap_nslcd_bind_dn: "cn=nslcd,ou=service-users,{{ ldap_base }}"`
			`ldap_nslcd_passwd: "{{ vault_ldap_nslcd_passwd }}"`
LDAP replica working 2019-01-03 16:43:50 +01:00			`ldap_replica_password: "{{ vault_ldap_replica_password }}"`
Rename some variables 2019-01-03 14:51:11 +01:00			`ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"`
Initial commit 2018-12-23 12:20:19 +01:00
			`# Scripts will tell users to go there to manage their account`
			`intranet_url: 'https://re2o.auro.re/'`

			# Users in that group will be able to `sudo`
			`sudo_group: 'sudoldap'`

			`# SSH keys for root account to use when LDAP is broken`
			`ssh_pub_keys: "{{ vault_ssh_pub_keys }}"`

Send mail to monitor apt changelog 2019-01-02 18:23:11 +01:00			`# Monitoring`
Fix email 2019-01-02 18:35:36 +01:00			`monitoring_mail: 'monitoring.aurore@lists.crans.org'`
Send mail to monitor apt changelog 2019-01-02 18:23:11 +01:00
Add NGINX reverse proxy role 2019-01-06 11:36:41 +01:00			`# Nginx Proxy`
			`reversed_proxy_subdomains:`
Add reverse conf for auro.re 2019-01-07 07:40:14 +01:00			`- name: re2o`
			`from: re2o.auro.re`
			`to: 10.128.0.10`
			`- name: intranet`
			`from: intranet.auro.re`
			`to: 10.128.0.10`
			`- name: pad`
			`from: pad.auro.re`
			`to: 10.128.0.52`
			`- name: phabricator`
			`from: phabricator.auro.re`
			`to: 10.128.0.50`
			`- name: wiki`
			`from: wiki.auro.re`
			`to: 10.128.0.51`
			`- name: www`
			`from: www.auro.re`
			`to: 10.128.0.52`
			`- name: main`
			`from: auro.re`
			`to: 10.128.0.52`
			`- name: re2o-test`
			`from: re2o-test.auro.re`
			`to: 10.128.0.100`
Add NGINX reverse proxy role 2019-01-06 11:36:41 +01:00