diff options
Diffstat (limited to 'inventory')
-rw-r--r-- | inventory/group_vars/all/vars.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/ch-mimas.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/ele-coturn.yml | 8 | ||||
-rw-r--r-- | inventory/host_vars/ele-jitsi.yml | 3 | ||||
-rw-r--r-- | inventory/host_vars/ele-lt.yml | 1 | ||||
-rw-r--r-- | inventory/host_vars/ele-media.yml | 1 | ||||
-rw-r--r-- | inventory/host_vars/glt-coturn.yml | 9 | ||||
-rw-r--r-- | inventory/host_vars/glt-meet1.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/glt-meet2.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/sk-cloudio/coturn.yml | 4 | ||||
-rw-r--r-- | inventory/host_vars/sk-cloudio/vars.yml | 1 | ||||
-rw-r--r-- | inventory/host_vars/sk-tomnext-nc.yml | 1 |
12 files changed, 31 insertions, 5 deletions
diff --git a/inventory/group_vars/all/vars.yml b/inventory/group_vars/all/vars.yml index 09eba1cf..f72f71ef 100644 --- a/inventory/group_vars/all/vars.yml +++ b/inventory/group_vars/all/vars.yml @@ -129,5 +129,3 @@ acme_directory_server: "{{ acme_directory_server_le_staging_v2 }}" ## at least acmetool can't be used to change this after the account has been created (aka after the first run) ## and it's not recommended to keep this empty so we don't define it here to force the user to define it # acme_account_email: - -acme_client: acmetool diff --git a/inventory/host_vars/ch-mimas.yml b/inventory/host_vars/ch-mimas.yml index fc3e6aae..710e4961 100644 --- a/inventory/host_vars/ch-mimas.yml +++ b/inventory/host_vars/ch-mimas.yml @@ -159,6 +159,8 @@ gitolite_instances: - git.spreadspace.com - git.spreadspace.net - git.spreadspace.systems + tls: + certificate_provider: acmetool enable_git_backend: yes title: spreadspace description: spreadspace GIT Repoistories diff --git a/inventory/host_vars/ele-coturn.yml b/inventory/host_vars/ele-coturn.yml index ad865e1c..ebfbe2aa 100644 --- a/inventory/host_vars/ele-coturn.yml +++ b/inventory/host_vars/ele-coturn.yml @@ -24,6 +24,7 @@ spreadspace_apt_repo_components: - container acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" +acme_client: acmetool kubernetes_version: 1.27.3 @@ -34,7 +35,7 @@ kubernetes_standalone_pod_cidr: 192.168.255.0/24 kubernetes_standalone_cni_variant: with-portmap -coturn_version: 4.5.2-r2 +coturn_version: 4.6.2-r4 coturn_realm: elev8.at coturn_hostnames: - stun.elev8.at @@ -44,6 +45,8 @@ coturn_auth_secret: "{{ vault_coturn_auth_secret }}" coturn_listening_port: 3478 coturn_tls_listening_port: 443 coturn_install_nginx_vhost: no +coturn_tls: + certificate_provider: "{{ acme_client }}" mumble_version: v1.4.274-4 @@ -53,6 +56,9 @@ mumble_hostnames: mumble_superuser_password: "{{ vault_mumble_superuser_password }}" +mumble_tls: + certificate_provider: "{{ acme_client }}" + mumble_config_options: bonjour: false sslCiphers: "ECDHE+AESGCM:DHE+AESGCM:ECDHE+AES256:DHE+AES256:ECDHE+AES128:DHE+AES128:!RSA:!ADH:!AECDH:!MD5" diff --git a/inventory/host_vars/ele-jitsi.yml b/inventory/host_vars/ele-jitsi.yml index c7520247..e23dc2c9 100644 --- a/inventory/host_vars/ele-jitsi.yml +++ b/inventory/host_vars/ele-jitsi.yml @@ -29,6 +29,7 @@ ssh_users_root: - datacop acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" +acme_client: acmetool kubernetes_version: 1.27.3 @@ -81,6 +82,8 @@ mumble_version: v1.4.274-4 mumble_instance: elev8.at mumble_hostnames: - mumble.elev8.at +mumble_tls: + certificate_provider: "{{ acme_client }}" mumble_superuser_password: "{{ vault_mumble_superuser_password }}" diff --git a/inventory/host_vars/ele-lt.yml b/inventory/host_vars/ele-lt.yml index a53141e0..6389db1d 100644 --- a/inventory/host_vars/ele-lt.yml +++ b/inventory/host_vars/ele-lt.yml @@ -29,6 +29,7 @@ liquidtruth_mongodb_app_password: "{{ vault_liquidtruth_mongodb_app_password }}" acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" +acme_client: acmetool liquidtruth_hostnames: # - liquidtruth.at diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml index e17947ff..a82ca897 100644 --- a/inventory/host_vars/ele-media.yml +++ b/inventory/host_vars/ele-media.yml @@ -112,6 +112,7 @@ wireguard_gateway_tunnels: acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" +acme_client: acmetool elevate_media_share_storage: diff --git a/inventory/host_vars/glt-coturn.yml b/inventory/host_vars/glt-coturn.yml index c0bcbb0f..4a84c31f 100644 --- a/inventory/host_vars/glt-coturn.yml +++ b/inventory/host_vars/glt-coturn.yml @@ -17,6 +17,9 @@ kubelet_storage: spreadspace_apt_repo_components: - container +acme_client: acmetool + + kubernetes_version: 1.27.3 kubernetes_cri_tools_pkg_version: 1.26.0-00 kubernetes_container_runtime: docker @@ -25,7 +28,7 @@ kubernetes_standalone_pod_cidr: 192.168.255.0/24 kubernetes_standalone_cni_variant: with-portmap -coturn_version: 4.5.2-r2 +coturn_version: 4.6.2-r4 coturn_realm: linuxtage.at coturn_hostnames: - cdn13.linuxtage.at @@ -34,12 +37,16 @@ coturn_auth_secret: "{{ vault_coturn_auth_secret }}" coturn_listening_port: 3478 coturn_tls_listening_port: 443 coturn_install_nginx_vhost: no +coturn_tls: + certificate_provider: "{{ acme_client }}" mumble_version: v1.4.274-4 mumble_instance: linuxtage.at mumble_hostnames: - mumble.linuxtage.at +mumble_tls: + certificate_provider: "{{ acme_client }}" mumble_superuser_password: "{{ vault_mumble_superuser_password }}" diff --git a/inventory/host_vars/glt-meet1.yml b/inventory/host_vars/glt-meet1.yml index 6ce86abf..d5ec9b5f 100644 --- a/inventory/host_vars/glt-meet1.yml +++ b/inventory/host_vars/glt-meet1.yml @@ -17,6 +17,8 @@ kubelet_storage: spreadspace_apt_repo_components: - container +acme_client: acmetool + kubernetes_version: 1.27.3 kubernetes_cri_tools_pkg_version: 1.26.0-00 diff --git a/inventory/host_vars/glt-meet2.yml b/inventory/host_vars/glt-meet2.yml index c9093da3..0a757e2d 100644 --- a/inventory/host_vars/glt-meet2.yml +++ b/inventory/host_vars/glt-meet2.yml @@ -17,6 +17,8 @@ kubelet_storage: spreadspace_apt_repo_components: - container +acme_client: acmetool + kubernetes_version: 1.27.3 kubernetes_cri_tools_pkg_version: 1.26.0-00 diff --git a/inventory/host_vars/sk-cloudio/coturn.yml b/inventory/host_vars/sk-cloudio/coturn.yml index 8a9eccd7..1ab00b49 100644 --- a/inventory/host_vars/sk-cloudio/coturn.yml +++ b/inventory/host_vars/sk-cloudio/coturn.yml @@ -1,11 +1,13 @@ --- coturn_base_path: /srv/storage/coturn -coturn_version: 4.5.2-r8 +coturn_version: 4.6.2-r4 coturn_realm: elevate.at coturn_hostnames: - stun.elevate.at - turn.elevate.at +coturn_tls: + certificate_provider: "{{ acme_client }}" coturn_max_bps: 1048576 ## 8Mbit/s coturn_bps_capacity: 13107200 ## 100Mbit/s diff --git a/inventory/host_vars/sk-cloudio/vars.yml b/inventory/host_vars/sk-cloudio/vars.yml index 9165699e..80772c5c 100644 --- a/inventory/host_vars/sk-cloudio/vars.yml +++ b/inventory/host_vars/sk-cloudio/vars.yml @@ -90,3 +90,4 @@ postfix_base_inet_protocols: acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" +acme_client: acmetool diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index 47447048..f8af167f 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -105,6 +105,7 @@ postfix_base_mynetworks: acme_directory_server: "{{ acme_directory_server_le_live_v2 }}" +acme_client: acmetool nginx_server_names_hash_bucket_size: 64 |