ansible/group_vars/all/vars.yml

---
# Use Python 3
ansible_python_interpreter: /usr/bin/python3

# LDAP binding
# You can hash LDAP passwords with `slappasswd` tool
ldap_base: 'dc=auro,dc=re'
ldap_master_ipv4: '10.128.0.11'
ldap_master_uri: "ldap://re2o-ldap.adm.auro.re"
ldap_user_tree: "cn=Utilisateurs,{{ ldap_base }}"
ldap_nslcd_bind_dn: "cn=nslcd,ou=service-users,{{ ldap_base }}"
ldap_nslcd_passwd: "{{ vault_ldap_nslcd_passwd }}"
ldap_matrix_bind_dn: "cn=matrix,ou=service-users,{{ ldap_base }}"
ldap_matrix_password: "{{ vault_ldap_matrix_password }}"
ldap_replica_password: "{{ vault_ldap_replica_password }}"
ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"

# Databases
postgresql_services_url: 'services-bdd.adm.auro.re'
postgresql_synapse_passwd: "{{ vault_postgresql_synapse_passwd }}"
postgresql_codimd_passwd: "{{ vault_postgresql_codimd_passwd }}"

# Scripts will tell users to go there to manage their account
intranet_url: 'https://re2o.auro.re/'

# Users in that group will be able to `sudo`
sudo_group: 'sudoldap'

# SSH keys for root account to use when LDAP is broken
ssh_pub_keys: "{{ vault_ssh_pub_keys }}"

# Monitoring
monitoring_mail: 'monitoring.aurore@lists.crans.org'

# Matrix
matrix_webhooks_secret: "{{ vault_matrix_webhooks_secret }}"
matrix_discord_client_id: "559305991494303747"
matrix_discord_bot_token: "{{ vault_matrix_discord_bot_token }}"

###
# DNS
###

# Dernier octet (en décimal) de l'addresse des serveurs DNS récursifs de chaque
# résidence.
dns_host_suffix_main: 253
dns_host_suffix_backup: 153

backup_dns_servers:
  - "80.67.169.12" # French Data Network (FDN) (ns0.fdn.fr)


mtu: 1400