ansible/group_vars/all/vars.yml
Yohaï-Eliel BERREBY a77b2c4f0f unbound: fix MTU settings
That was the root cause of all our DNSSEC issues.
Now that this was fixed, we're not having these anymore,
so the relaxed checks can be restored back to their original state.
2020-05-02 18:59:22 +02:00

53 lines
1.6 KiB
YAML

---
# Use Python 3
ansible_python_interpreter: /usr/bin/python3
# LDAP binding
# You can hash LDAP passwords with `slappasswd` tool
ldap_base: 'dc=auro,dc=re'
ldap_master_ipv4: '10.128.0.11'
ldap_master_uri: "ldap://re2o-ldap.adm.auro.re"
ldap_user_tree: "cn=Utilisateurs,{{ ldap_base }}"
ldap_nslcd_bind_dn: "cn=nslcd,ou=service-users,{{ ldap_base }}"
ldap_nslcd_passwd: "{{ vault_ldap_nslcd_passwd }}"
ldap_matrix_bind_dn: "cn=matrix,ou=service-users,{{ ldap_base }}"
ldap_matrix_password: "{{ vault_ldap_matrix_password }}"
ldap_replica_password: "{{ vault_ldap_replica_password }}"
ldap_admin_hashed_passwd: "{{ vault_ldap_admin_hashed_passwd }}"
# Databases
postgresql_services_url: 'services-bdd.adm.auro.re'
postgresql_synapse_passwd: "{{ vault_postgresql_synapse_passwd }}"
postgresql_codimd_passwd: "{{ vault_postgresql_codimd_passwd }}"
# Scripts will tell users to go there to manage their account
intranet_url: 'https://re2o.auro.re/'
# Users in that group will be able to `sudo`
sudo_group: 'sudoldap'
# SSH keys for root account to use when LDAP is broken
ssh_pub_keys: "{{ vault_ssh_pub_keys }}"
# Monitoring
monitoring_mail: 'monitoring.aurore@lists.crans.org'
# Matrix
matrix_webhooks_secret: "{{ vault_matrix_webhooks_secret }}"
matrix_discord_client_id: "559305991494303747"
matrix_discord_bot_token: "{{ vault_matrix_discord_bot_token }}"
###
# DNS
###
# Dernier octet (en décimal) de l'addresse des serveurs DNS récursifs de chaque
# résidence.
dns_host_suffix_main: 253
dns_host_suffix_backup: 153
backup_dns_servers:
- "80.67.169.12" # French Data Network (FDN) (ns0.fdn.fr)
mtu: 1400