--- debug: false docker_enabled: true traefik_enabled: true filebeat_enabled: true node_exporter_enabled: true use_ssl: true http_s: "http{{ use_ssl | ternary('s', '', omit) }}" domain: "smardigo.digital" stage_server_domain: "{{ inventory_hostname }}.{{ domain }}" stage_server_url: "{{ http_s }}://{{ stage_server_domain }}" alertmanager_channel_smardigo: "#monitoring-{{ stage }}" hetzner_server_type: cx11 hetzner_server_image: ubuntu-20.04 # Used for root-access hetzner_ssh_keys: - ansible@smardigo.digital - sven.ketelsen@netgo.de - peter.heise@netgo.de - claus.paetow@netgo.de - friedrich.goerz@netgo.de hetzner_server_labels: "stage={{ stage }}" admin_user: "root" sudo_groups: [ { id: "CentOS", sudo_group: "wheel", }, { id: "RedHat", sudo_group: "wheel", }, { id: "Ubuntu", sudo_group: "sudo", }, ] sudo_group: "{{ sudo_groups | selectattr('id', 'match', '' + ansible_distribution + '' ) | map(attribute='sudo_group') | list | first | replace('.','-') }}" default_plattform_users: - 'nobody' - 'vagrant' - 'ansible' - 'elastic' - 'postgres' - 'administrator' - '{{ admin_user }}' smardigo_plattform_users: - 'sven.ketelsen' - 'peter.heise' - 'claus.paetow' - 'friedrich.goerz' ip_whitelist: - "212.121.131.106" # tolina - "149.233.6.129" # sShelter - "87.141.83.195" # sven - "212.86.56.112" # peter - "{{ shared_service_network }}" docker_owner: "{{ admin_user }}" docker_group: "{{ admin_user }}" docker_users: "{{ smardigo_plattform_users }}" docker_compose_version: "1.29.2" docker_compose_path: "/usr/bin/docker-compose" service_base_path: '/etc/smardigo' # TODO we need a company email addresses lets_encrypt_email: "sven.ketelsen@netgo.de" docker_admin_email: "sven.ketelsen@netgo.de" connect_admin_email: "sven.ketelsen@netgo.de" keycloak_admin_email: "sven.ketelsen@netgo.de" http_port: "80" https_port: "443" service_port: "8080" management_port: "8081" service_port_mssql: "1433" service_port_git: "2222" service_port_mysql: "3306" service_port_logstash: "5044" service_port_postgres: "5432" service_port_kibana: "5601" service_port_cadvisor: "8080" service_port_webdav: "8080" service_port_keycloak: "8080" service_port_iam: "8082" service_port_sonarqube: "9000" service_port_pgadmin: "9001" service_port_phpmyadmin: "9002" service_port_node_exporter: "9100" service_port_elasticsearch: "9200" monitor_port_system: "9082" monitor_port_docker: "9083" monitor_port_elastic: "9084" monitor_port_harbor: "9085" monitor_port_maria: "9086" monitor_port_postgres: "9087" monitor_port_awx: "80" admin_port_service: "9081" admin_port_traefik: "9080" connect_id: "{{ inventory_hostname }}-connect" connect_base_url: "{{ connect_id }}.{{ domain }}" wordpress_id: "{{ inventory_hostname }}-wordpress" wordpress_base_url: "{{ wordpress_id }}.{{ domain }}" filebeat_certificate: "{{ stage }}-elastic-stack-filebeat" logstash_certificate: "{{ stage }}-elastic-stack-logstash-01" backup_directory: "/backups" #ansible_vault_password vault >" #reverse_proxy_admin_username: "< see vault >" #reverse_proxy_admin_password: "< see vault >" #hetzner_authentication_token: "< see vault >" #digitalocean_authentication_token: "< see vault >" #grafana_admin_username: "< see vault >" #grafana_admin_password: "< see vault >" #grafana_signing_secret: "< see vault >" #grafana_user_smardigo_login: "< see vault >" #grafana_user_smardigo_password: "< see vault >"