ansible-playbooks/group_vars/all.yml

ansible_user: root
ansible_dir: /etc/ansible
ansible_key_dir: keys

mac_prefix: 02:FF

known_external_ca:
  - url: letsencrypt.org
    wildcard: no
    validation_methods:
      - dns-01
  - url: ';'
    wildcard: yes

bogons:
  - 0.0.0.0/8
  - 127.0.0.0/8
  - 169.254.0.0/16
  - 192.0.0.0/24
  - 192.0.2.0/24
  - 198.18.0.0/15
  - 198.51.100.0/24
  - 203.0.113.0/24
  - 240.0.0.0/4

services: {}
mail_server: {}

role_dependency_common:
  - {stage: 2, role: 'common'}
  - {stage: 4, role: 'ns'}
  - {stage: 5, role: 'mail-user'}
  - {stage: 8, role: 'rproxy'}
  - {stage: 8, role: 'iptables'}
  - {stage: 9, role: 'backup'}

reverse_proxy_type: caddy

acme_default_config:
  endpoint_prod: https://acme-v02.api.letsencrypt.org/directory
  endpoint_staging: https://acme-staging-v02.api.letsencrypt.org/directory
  staging: no
  resolver: 1.1.1.1
  renew_at_days: 45
  preferred_chain: 'ISRG Root X1'
  type: ec384