πŸ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
ansible-playbooks/group_vars/infra.yml

126 lines
2.6 KiB

timezone: Europe/Kirov
org: Organization Name
org_localized: НазваниС ΠΎΡ€Π³Π°Π½ΠΈΠ·Π°Ρ†ΠΈΠΈ
tld: org.local
int_net: 10.0.0.0/8
int_tld: "corp.{{ tld }}"
maintainer_email: "admin@{{ tld }}"
timezone_win: Russian Standard Time
container_default_nameserver: 10.40.0.1
networks:
srv:
gw: 10.41.0.1/16
tag: 11
priv:
gw: 10.42.0.1/16
tag: 12
dmz:
gw: 10.43.0.1/16
tag: 13
services:
db:
hostname: postgres
vault:
hostname: vault
backup:
hostname: rest-server
port: 443
internal_ns:
hostname: ns
recursive_ns:
hostname: ns-rec
filtering_ns:
- hostname: blocky1
- hostname: blocky2
acme_dns:
hostname: acme-dns
rest_server:
hostname: rest-server
mariadb:
hostname: mariadb
smb:
hostname: smb
use_alternative_apk_repo: yes
mail_server:
tld: "{{ tld }}"
max_mail_size_bytes: 75000000
admin_email: "admin@{{ tld }}"
db_server_hostname: postgres
db_name: mail
db_user: mail
db_pass: pass
mta_hostname: postfix
mua_hostname: dovecot
rspamd_hostname: rspamd
webmail_hostname: mail
clamav_hostname: clamav
mua_lmtp_port: 11001
mua_quota_port: 11002
mua_auth_port: 11003
mua_managesieve_port: 4190
rspamd_port: 11332
mta_sts_port: 11000
clamav_port: 7357
mta_actual_hostname: smtp
mua_actual_hostname: imap
allowed_spf:
- 1.1.1.1
domains:
- "{{ tld }}"
aliases:
- { source: 'postmaster', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
- { source: 'hostmaster', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
- { source: 'webmaster', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
- { source: 'abuse', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
- { source: 'caa-report', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
- { source: 'dkim-report', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
- { source: 'dmarc-report', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
- { source: 'smtp-tls-report', source_domain: "{{ tld }}", target: 'admin', target_domain: "{{ tld }}" }
acme_preferred_chain: ISRG Root X1
winrm_remote_user: remote-admin
winrm_bootstrap_password: bootstrap123
backup_filters:
none:
- "*"
- "!*/"
office:
- "!*.doc"
- "!*.docx"
- "!*.xls"
- "!*.xlsx"
- "!*.ppt"
- "!*.pptx"
- "!*.txt"
- "!*.ods"
- "!*.odt"
- "!*.odp"
- "!*.pdf"
images:
- "!*.jpg"
- "!*.jpeg"
- "!*.png"
- "!*.tiff"