inventory/host_vars/ch-apps/whawty.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

---
_whawty_auth_zfs_base_:
  pool: storage
  name: whawty/auth

whawty_auth_instances:
  passwd.chaos-at-home.org:
    version: 0.2-rc9
    port: 3080
    store:
      default: 2
      params:
      - id: 1
        scryptauth:
          hmackey: "{{ vault_whawty_auth_scryptauth_hmackeys['passwd.chaos-at-home.org']['1'] }}"
          cost: 12
      - id: 2
        scryptauth:
          hmackey: "{{ vault_whawty_auth_scryptauth_hmackeys['passwd.chaos-at-home.org']['2'] }}"
          cost: 12
      - id: 3
        argon2id:
          time: 1
          memory: 65536
          threads: 4
          length: 32
    sync:
      port: 3022
      authorized_keys: "{{ users.equinox.ssh }}"
    storage:
      type: zfs
      parent: "{{ _whawty_auth_zfs_base_ }}"
      name: passwd.chaos-at-home.org
      properties:
        quota: 128M
    publish:
      zone: "{{ apps_publish_zone__chaos_at_home }}"
      hostnames:
      #- passwd.chaos-at-home.org
      - passwd-ng.chaos-at-home.org
      tls:
        certificate_provider: acmetool
        certificate_config:
          request:
            challenge:
              http-self-test: false