summaryrefslogtreecommitdiff
path: root/inventory/host_vars
diff options
context:
space:
mode:
Diffstat (limited to 'inventory/host_vars')
-rw-r--r--inventory/host_vars/ch-testvm-phoebe.yml38
-rw-r--r--inventory/host_vars/ch-testvm-prometheus.yml75
2 files changed, 0 insertions, 113 deletions
diff --git a/inventory/host_vars/ch-testvm-phoebe.yml b/inventory/host_vars/ch-testvm-phoebe.yml
index 7eae49e7..d15e4142 100644
--- a/inventory/host_vars/ch-testvm-phoebe.yml
+++ b/inventory/host_vars/ch-testvm-phoebe.yml
@@ -39,41 +39,3 @@ network:
address: "{{ network_zones.iot.prefix | ansible.utils.ipaddr(network_zones.iot.offsets[inventory_hostname]) }}"
ntp_variant: systemd-timesyncd
-
-
-###
-mosquitto_client_tls:
- foo-consumer:
- certificate_provider: managed-ca
- certificate_config:
- ca:
- host: ch-testvm-prometheus
- name: foo
- cert:
- common_name: consumer
- organization_name: "spreadspace"
- organizational_unit_name: "ansible"
- san_extra:
- - "IP:192.168.32.43"
- extended_key_usage:
- - clientAuth
- extended_key_usage_critical: yes
- create_subject_key_identifier: yes
- not_after: +100w
- foo-producer:
- certificate_provider: managed-ca
- certificate_config:
- ca:
- host: ch-testvm-prometheus
- name: foo
- cert:
- common_name: producer
- organization_name: "spreadspace"
- organizational_unit_name: "ansible"
- san_extra:
- - "IP:192.168.32.43"
- extended_key_usage:
- - clientAuth
- extended_key_usage_critical: yes
- create_subject_key_identifier: yes
- not_after: +100w
diff --git a/inventory/host_vars/ch-testvm-prometheus.yml b/inventory/host_vars/ch-testvm-prometheus.yml
index ff36f733..415e6774 100644
--- a/inventory/host_vars/ch-testvm-prometheus.yml
+++ b/inventory/host_vars/ch-testvm-prometheus.yml
@@ -35,78 +35,3 @@ network:
- *_network_primary_
ntp_variant: systemd-timesyncd
-
-
-###
-managed_ca_authorities:
- foo:
- key:
- type: RSA
- size: 4096
- cert:
- common_name: foo CA
- country_name: "AT"
- locality_name: "Graz"
- organization_name: "spreadspace"
- organizational_unit_name: "ansible"
- state_or_province_name: "Styria"
- digest: sha256
- not_before: +0h
- not_after: +520w
-
-
-mosquitto_broker_global_config_options:
- per_listener_settings: "true"
-
-mosquitto_broker_listeners:
- example:
- bind: 1883
- options:
- allow_anonymous: "false"
- acl_file: /etc/mosquitto/example.acl
- password_file: /etc/mosquitto/example.passwd
- foo:
- bind: 1884 192.168.32.42
- hostnames:
- - mqtt.example.com
- tls:
- certificate_provider: managed-ca
- certificate_config:
- ca:
- host: ch-testvm-prometheus
- name: foo
- cert:
- organization_name: "spreadspace"
- organizational_unit_name: "ansible"
- san_extra:
- - "IP:192.168.32.42"
- extended_key_usage:
- - serverAuth
- extended_key_usage_critical: yes
- create_subject_key_identifier: yes
- not_after: +100w
- options:
- allow_anonymous: "false"
- require_certificate: "true"
- cafile: /etc/mosquitto/ca_certificates/foo-ca-crt.pem
- use_identity_as_username: "true"
- acl_file: /etc/mosquitto/foo.acl
-
-mosquitto_broker_prometheus_listener: true
-
-mosquitto_broker_acl_files:
- example: |
- user admin
- topic read test/+
- user equinox
- topic write test/+
- foo: |
- user consumer
- topic read foo/+
- user producer
- topic write foo/+
-
-mosquitto_broker_password_files:
- example: |
- admin:{{ 'admin' | mosquitto_passwd_hash('admin@mqtt.example.com') }}
- equinox:{{ 'secret' | mosquitto_passwd_hash('equinox@mqtt.example.com') }}