33 lines
965 B
YAML
33 lines
965 B
YAML
---
|
|
# LDAP binding
|
|
# You can hash LDAP passwords with `slappasswd` tool
|
|
ldap_base: 'dc=auro,dc=re'
|
|
ldap_master_ipv4: '10.128.0.11'
|
|
ldap_master_uri: "ldap://{{ ldap_master_ipv4 }}"
|
|
ldap_nslcd_bind_dn: "cn=nslcd,ou=service-users,{{ ldap_base }}"
|
|
ldap_nslcd_passwd: "{{ vault_ldap_nslcd_passwd }}"
|
|
ldap_replica_password: "{{ vault_ldap_replica_password }}"
|
|
ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"
|
|
|
|
# Scripts will tell users to go there to manage their account
|
|
intranet_url: 'https://re2o.auro.re/'
|
|
|
|
# Users in that group will be able to `sudo`
|
|
sudo_group: 'sudoldap'
|
|
|
|
# SSH keys for root account to use when LDAP is broken
|
|
ssh_pub_keys: "{{ vault_ssh_pub_keys }}"
|
|
|
|
# Monitoring
|
|
monitoring_mail: 'monitoring.aurore@lists.crans.org'
|
|
|
|
# Nginx Proxy
|
|
reversed_proxy_subdomains:
|
|
- re2o: 10.128.0.10
|
|
- intranet: 10.128.0.10
|
|
- pad: 10.128.0.52
|
|
- phabricator: 10.128.0.50
|
|
- wiki: 10.128.0.51
|
|
- www: 10.128.0.52
|
|
- re2o-test: 10.128.0.100
|
|
|