blob: 310a9784d73f0ffa7f82edd540bc89ce2bee23a2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
---
# Build-related directories
global_artifacts_dir: "{{ inventory_dir }}/../artifacts"
global_cache_dir: "{{ inventory_dir }}/../.cache"
# Directory for static assets
global_files_dir: "{{ inventory_dir }}/../files"
__installer_variant_map__:
debian: debian
ubuntu: ubuntu
openbsd: openbsd
kali: debian
installer_variant: "{{ __installer_variant_map__[install_distro] }}"
ssh_users_root:
- equinox
ssh_keys_root: "{{ ssh_users_root | default([]) | map('extract', users) | map(attribute='ssh') | flatten | list }}"
ssh_keys_root_extra: []
## to be overriden in host_vars
normal_users_host: []
admin_users_host: []
sshd_allowusers_host: "{{ normal_users_host | union(admin_users_host) }}"
normal_groups_host: {}
system_groups_host: {}
## to be overriden in group_vars
normal_users_group: []
admin_users_group: []
sshd_allowusers_group: "{{ normal_users_group | union(admin_users_group) }}"
normal_groups_group: {}
system_groups_group: {}
apt_repo_provider: default
apt_repo_providers:
default:
debian:
host: deb.debian.org
path: /debian
debian_security:
host: deb.debian.org
path: /debian-security
debian_archive:
host: archive.debian.org
path: /debian
ubuntu:
host: archive.ubuntu.com
path: /ubuntu
raspbian:
host: raspbian.raspberrypi.org
path: /raspbian
kali:
host: http.kali.org
path: /kali
hetzner:
debian:
host: mirror.hetzner.de
path: /debian/packages
debian_security:
host: mirror.hetzner.de
path: /debian/security
debian_archive:
host: archive.debian.org
path: /debian
ubuntu:
host: mirror.hetzner.de
path: /ubuntu/packages
raspbian:
host: raspbian.raspberrypi.org
path: /raspbian
kali:
host: http.kali.org
path: /kali
ffgraz:
debian:
host: debian.ffgraz.net
path: /debian
debian_security:
host: debian.ffgraz.net
path: /debian-security
debian_archive:
host: debian.ffgraz.net
path: /archive
ubuntu:
host: debian.ffgraz.net
path: /ubuntu
raspbian:
host: debian.ffgraz.net
path: /raspbian
kali:
host: http.kali.org
path: /kali
inode:
debian:
host: debian.inode.at
path: /debian
debian_security:
host: security.debian.org
path: /debian-security
debian_archive:
host: archive.debian.org
path: /debian
ubuntu:
host: ubuntu.inode.at
path: /ubuntu
raspbian:
host: raspbian.raspberrypi.org
path: /raspbian
kali:
host: http.kali.org
path: /kali
anexia:
debian:
host: debian.anexia.at
path: /debian
debian_security:
host: debian.anexia.at
path: /debian-security
debian_archive:
host: archive.debian.org
path: /debian
ubuntu:
host: ubuntu.anexia.at
path: /ubuntu
raspbian:
host: debian.anexia.at
path: /raspbian/raspbian
kali:
host: http.kali.org
path: /kali
acme_directory_server_le_live_v1: "https://acme-v01.api.letsencrypt.org/directory"
acme_directory_server_le_staging_v1: "https://acme-staging.api.letsencrypt.org/directory"
acme_directory_server_le_live_v2: "https://acme-v02.api.letsencrypt.org/directory"
acme_directory_server_le_staging_v2: "https://acme-staging-v02.api.letsencrypt.org/directory"
acme_directory_server: "{{ acme_directory_server_le_staging_v2 }}"
## at least acmetool can't be used to change this after the account has been created (aka after the first run)
## and it's not recommended to keep this empty so we don't define it here to force the user to define it
# acme_account_email:
|
