inventory/host_vars/ch-mimas.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

---
install:
  cloud:
    credentials:
      token: "{{ vault_hcloud_api_token }}"
    server_name: "{{ host_name }}"


apt_repo_provider: hetzner

spreadspace_apt_repo_components:
  - prometheus


sshd_allowusers_host: "{{ admin_users_host + (['git'] | product(gitolite_instances | list) | map('join', '-')) }}"


ntp_variant: systemd-timesyncd


nginx_server_names_hash_bucket_size: 64
acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}"


bind_option_empty_zones_enable: no
bind_option_allow_transfer: []
bind_option_allow_recursion:
  - localhost
bind_option_notify: 'no'

bind_stats_channels:
  - addr: 127.0.0.1
    port: 8053
    allow:
    - 127.0.0.1

bind_empty_onion_zone: yes
bind_slave_zones:
  pan:
    masters:
    - 89.106.215.19
    - 2a02:3e0:407::19
    zones:
    ## formerly known as self
    - chaos-at-home.org
    - chaox.org
    - spreadspace.org
    - spreadspace.com
    - spreadspace.net
    - spreadspace.systems
    - elev8.at
    - java-sucks.com
    - xn--gh-via.org
    - schaaas.at
    ## formerly known as others
    - gimpf.org
    - movetogether.at

  realraum:
    masters:
    - 89.106.211.33
    - 2a02:3e0:4000:1::1
    zones:
    - realraum.at
    - r3.at
    - hack-challenge.at

  funkfeuer:
    masters:
    - 193.33.150.114
    zones:
    - ffgraz.net
    - graz.funkfeuer.at
    - 10.in-addr.arpa
    - 150.33.193.in-addr.arpa
    - 151.33.193.in-addr.arpa


prometheus_scrape_endpoint: "116.203.212.131:9999"

prometheus_exporters_extra:
  - bind

prometheus_job_multitarget_blackbox__probe:
  ch-mon:
  - instance: "ssh-{{ inventory_hostname }}"
    target: "116.203.212.131:{{ ansible_port | default(22) }}"
    module: ssh_banner
  - instance: "https-mimas.chaos-at-home.org"
    target: "https://mimas.chaos-at-home.org"
    module: http_tls_2xx


gitolite_storage:
  type: lvm
  vg: "{{ host_name }}"
  lv: git
  size: 1G
  fs: ext4

gitolite_instances:
  spreadspace:
    primary_admin_key: "{{ users.equinox.ssh | first }}"
    http:
      hostnames:
      - git.spreadspace.org
      - git.spreadspace.com
      - git.spreadspace.net
      - git.spreadspace.systems
      enable_git_backend: yes
      title: spreadspace
      description: spreadspace GIT Repoistories