From 6d42ecdced5c2ac02c5094b4dfbd9ea5c4dd069e Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sat, 20 Jan 2024 01:59:58 +0100
Subject: apps/whawty/auth: almost done

---
 inventory/host_vars/ch-testvm-prometheus.yml | 46 ++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

(limited to 'inventory')

diff --git a/inventory/host_vars/ch-testvm-prometheus.yml b/inventory/host_vars/ch-testvm-prometheus.yml
index 6dfbf366..84cfbf92 100644
--- a/inventory/host_vars/ch-testvm-prometheus.yml
+++ b/inventory/host_vars/ch-testvm-prometheus.yml
@@ -169,3 +169,49 @@ apps_publish_zone__ch_testvm_prometheus:
   certificate_ca_config:
     cert_content: "{{ ch_testvm_prometheus_apps_publish_ca_cert }}"
     key_content: "{{ ch_testvm_prometheus_apps_publish_ca_key }}"
+
+
+
+
+whawty_auth_instances:
+  test:
+    version: 0.2-rc9
+    port: 3080
+    store:
+      default: 1
+      params:
+      - id: 1
+        argon2id:
+          time: 1
+          memory: 65536
+          threads: 4
+          length: 32
+    sync:
+      port: 3022
+      authorized_keys: "{{ users.equinox.ssh }}"
+    storage:
+      type: lvm
+      parent: *_lvm_thinpool_system_storage_
+      lv: whawty-auth-test
+      size: 128M
+      fs: ext4
+      dest: /srv/whawty/auth/test
+    publish:
+      zone: "{{ apps_publish_zone__ch_testvm_prometheus }}"
+      hostnames:
+      - passwd.example.com
+      tls:
+        certificate_provider: selfsigned
+        cert:
+          organization_name: "chaos-at-home"
+          organizational_unit_name: "ansible"
+          key_usage:
+          - digitalSignature
+          - keyAgreement
+          key_usage_critical: yes
+          extended_key_usage:
+          - serverAuth
+          extended_key_usage_critical: yes
+          create_subject_key_identifier: yes
+          not_after: +52w
+          renew_margin: +42d
-- 
cgit v1.2.3