--- # LDAP binding # You can hash LDAP passwords with `slappasswd` tool ldap_base: 'dc=auro,dc=re' ldap_master_ipv4: '10.128.0.11' ldap_master_uri: "ldap://{{ ldap_master_ipv4 }}" ldap_nslcd_bind_dn: "cn=nslcd,ou=service-users,{{ ldap_base }}" ldap_nslcd_passwd: "{{ vault_ldap_nslcd_passwd }}" ldap_replica_password: "{{ vault_ldap_replica_password }}" ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}" # Scripts will tell users to go there to manage their account intranet_url: 'https://re2o.auro.re/' # Users in that group will be able to `sudo` sudo_group: 'sudoldap' # SSH keys for root account to use when LDAP is broken ssh_pub_keys: "{{ vault_ssh_pub_keys }}" # Monitoring monitoring_mail: 'monitoring.aurore@lists.crans.org' # Nginx Proxy reversed_proxy_subdomains: - name: re2o from: re2o.auro.re to: 10.128.0.10 - name: intranet from: intranet.auro.re to: 10.128.0.10 - name: pad from: pad.auro.re to: 10.128.0.54:9001 - name: phabricator from: phabricator.auro.re to: 10.128.0.50 - name: wiki from: wiki.auro.re to: 10.128.0.51 - name: www from: www.auro.re to: 10.128.0.52 - name: main from: auro.re to: 10.128.0.52 - name: re2o-test from: re2o-test.auro.re to: 10.128.0.100