hetzner-ansible/group_vars/all/plain.yml

---

debug: false

send_status_messages: false

domain: smardigo.digital

use_ssl: true
http_s: "http{{ use_ssl | ternary('s', '', omit) }}"

service_name: "{{ inventory_hostname }}"
stage_server_name: "{{ inventory_hostname }}"
stage_server_hostname: "{{ inventory_hostname }}"
stage_server_url_host: "{{ stage_server_name }}.{{ domain }}"
stage_server_url: "{{ http_s }}://{{ stage_server_name }}.{{ domain }}"

ansible_ssh_host: "{{ inventory_hostname }}.{{ domain }}"

hetzner_server_labels: "stage={{ stage }}"

admin_user: "root"

sudo_groups: [
  {
    id:   "CentOS",
    sudo_group:   "wheel",
  },
  {
    id:   "RedHat",
    sudo_group:   "wheel",
  },
  {
    id:   "Ubuntu",
    sudo_group:   "sudo",
  },
]
sudo_group: "{{ sudo_groups
  | selectattr('id', 'match', '' + ansible_distribution + '' )
  | map(attribute='sudo_group') 
  | list
  | first
  | replace('.','-') }}"

default_plattform_users:
  - 'nobody'
  - 'vagrant'
  - 'administrator'
  - '{{ admin_user }}'

smardigo_plattform_users:
  - 'ansible'
  - 'peter.heise'
  - 'sven.ketelsen'
  - 'claus.paetow'

docker_owner: "{{ admin_user }}"
docker_group: "{{ admin_user }}"
service_base_path: '/etc/smardigo'

# TODO we need a company email address
lets_encrypt_email: "sven.ketelsen@netgo.de"

# TODO place caddy configfile system relativ instead of docker folder relative
caddy_base_path: '{{ service_base_path }}/caddy'
caddy_config_file_path: 'config/caddy/Caddyfile'
caddy_config_file_path_full: '{{ caddy_base_path }}/{{ caddy_config_file_path }}'
caddy_landing_page_file_path: 'config/static_files/index.html'
caddy_landing_page_file_path_full: '{{ caddy_base_path }}/{{ caddy_landing_page_file_path }}'
caddy_landing_page_service_table_file_path: 'config/static_files/service_table.json'
caddy_landing_page_service_table_file_path_full: '{{ caddy_base_path }}/{{ caddy_landing_page_service_table_file_path }}'
caddy_landing_page_service_table_folder_path_full: '{{ caddy_base_path }}/config/static_files/'

http_port: "80"
https_port: "443"

service_port: "8080"
management_port: "8081"

service_port_cadvisor: "8080"
service_port_elasticsearch: "9200"
service_port_iam: "8082"
service_port_keycloak: "8080"
service_port_kibana: "5601"
service_port_logstash: "5044"
service_port_mssql: "1433"
service_port_mysql: "3306"
service_port_node_exporter: "9100"
service_port_postgres: "5432"
service_port_portainer: "9000"
service_port_pgadmin: "9001"
service_port_phpmyadmin: "9002"
service_port_sonarqube: "9000"

monitor_port_service: "9081"
monitor_port_system: "9082"
monitor_port_docker: "9083"
monitor_port_elastic: "9084"
monitor_port_harbor: "9085"

admin_port_traefik: "9080"

hetzner_server_type: cx11
hetzner_server_image: ubuntu-20.04

hetzner_ssh_keys:
  - ansible@smardigo.digital
  - peter.heise@netgo.de
  - sven.ketelsen@netgo.de
  - claus.paetow@netgo.de

#reverse_proxy_admin_username: "< see vault >"
#reverse_proxy_admin_password: "< see vault >"

#mattermost_hook_smardigo: "< see vault >"
#teams_hook_smardigo: "< see vault >"
#netgo_msteams_hook_smardigo: "< see vault >"

#hetzner_authentication_token: "< see vault >"
#digitalocean_authentication_token: "< see vault >"

#elastic_admin_username: "< see vault >"
#elastic_admin_password: "< see vault >"

#grafana_admin_username: "< see vault >"
#grafana_admin_password: "< see vault >"
#grafana_signing_secret: "< see vault >"
#grafana_user_smardigo_login: "< see vault >"
#grafana_user_smardigo_password: "< see vault >"
#grafana_user_guest_login: "< see vault >"
#grafana_user_guest_password: "< see vault >"

#harbor_admin_password: "< see vault >"
#harbor_postgresql_password: "< see vault >"

#vault_replicator_user_password: "< see vault >"