diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2024-01-21 16:34:35 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2024-01-21 16:34:35 +0100 |
| commit | 62c7f0f3660e24c6a07013f9f34e84c7335a1c04 (patch) | |
| tree | df6e749a0a1900e7a59be636591a1e972c318222 /inventory/host_vars/ch-apps/whawty.yml | |
| parent | finalize apps/node-red (diff) | |
ch-apps: add node-red.chaos-at-home.org and passwd.chaos-at-home.org
Diffstat (limited to 'inventory/host_vars/ch-apps/whawty.yml')
| -rw-r--r-- | inventory/host_vars/ch-apps/whawty.yml | 50 |
1 files changed, 31 insertions, 19 deletions
diff --git a/inventory/host_vars/ch-apps/whawty.yml b/inventory/host_vars/ch-apps/whawty.yml index a909f780..6d6d8aab 100644 --- a/inventory/host_vars/ch-apps/whawty.yml +++ b/inventory/host_vars/ch-apps/whawty.yml @@ -1,34 +1,46 @@ --- +_whawty_auth_zfs_base_: + pool: storage + name: whawty/auth + whawty_auth_instances: - test: + passwd.chaos-at-home.org: version: 0.2-rc9 port: 3080 store: - default: 1 + default: 2 params: - id: 1 + scryptauth: + hmackey: "{{ vault_whawty_auth_scryptauth_hmackeys['passwd.chaos-at-home.org']['1'] }}" + cost: 12 + - id: 2 + scryptauth: + hmackey: "{{ vault_whawty_auth_scryptauth_hmackeys['passwd.chaos-at-home.org']['2'] }}" + cost: 12 + - id: 3 argon2id: time: 1 memory: 65536 threads: 4 length: 32 - hostnames: - - passwd.example.com - tls: - certificate_provider: selfsigned - cert: - organization_name: "chaos-at-home" - organizational_unit_name: "ansible" - key_usage: - - digitalSignature - - keyAgreement - key_usage_critical: yes - extended_key_usage: - - serverAuth - extended_key_usage_critical: yes - create_subject_key_identifier: yes - not_after: +52w - renew_margin: +42d sync: port: 3022 authorized_keys: "{{ users.equinox.ssh }}" + storage: + type: zfs + parent: "{{ _whawty_auth_zfs_base_ }}" + name: passwd.chaos-at-home.org + properties: + quota: 128M + publish: + zone: "{{ apps_publish_zone__chaos_at_home }}" + hostnames: + #- passwd.chaos-at-home.org + - passwd-ng.chaos-at-home.org + tls: + certificate_provider: acmetool + certificate_config: + request: + challenge: + http-self-test: false |