2024-02-17 19:01:04 +01:00
|
|
|
domain: viyurz.fr
|
2024-03-30 17:28:32 +01:00
|
|
|
ldap_base_dn: dc=viyurz,dc=fr
|
2024-02-17 19:01:04 +01:00
|
|
|
timezone: "Europe/Paris"
|
|
|
|
|
host_uid: 1000
|
2024-03-30 11:58:59 +01:00
|
|
|
project_dir: "{{ ansible_env['HOME'] }}/docker-projects/{{ role_name }}"
|
2024-03-30 11:32:39 +01:00
|
|
|
docker_host: "unix:///run/user/{{ host_uid }}/docker.sock"
|
2024-02-17 19:01:04 +01:00
|
|
|
|
|
|
|
|
# UID shift for mapping between host & containers
|
|
|
|
|
uid_shift: 99999
|
|
|
|
|
|
|
|
|
|
|
2024-02-22 19:09:43 +01:00
|
|
|
# cifs_credentials is undefined when we run the backup playbook
|
|
|
|
|
# as a cronjob, so set empty default value to prevent errors,
|
|
|
|
|
# which is fine because we don't use it.
|
|
|
|
|
cifs_host: "{{ cifs_credentials['username'] | default('') }}.your-storagebox.de"
|
2024-02-17 19:01:04 +01:00
|
|
|
|
|
|
|
|
cifs_mounts:
|
|
|
|
|
backups:
|
|
|
|
|
src: "//{{ cifs_host }}/backup/backups"
|
|
|
|
|
path: /mnt/storagebox/backups
|
|
|
|
|
uid: 0
|
|
|
|
|
gid: "{{ host_uid }}"
|
|
|
|
|
file_mode: 640
|
|
|
|
|
dir_mode: 750
|
|
|
|
|
storagebox:
|
|
|
|
|
src: "//{{ cifs_host }}/backup"
|
|
|
|
|
path: /mnt/storagebox
|
|
|
|
|
uid: 0
|
|
|
|
|
gid: 0
|
|
|
|
|
file_mode: 640
|
|
|
|
|
dir_mode: 751
|
|
|
|
|
syncthing:
|
|
|
|
|
src: "//{{ cifs_host }}/backup/syncthing"
|
|
|
|
|
path: /mnt/storagebox/syncthing
|
|
|
|
|
uid: "{{ users['syncthing'] + uid_shift }}"
|
|
|
|
|
gid: "{{ users['syncthing'] + uid_shift }}"
|
|
|
|
|
file_mode: 640
|
|
|
|
|
dir_mode: 750
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
projects:
|
2024-03-31 18:26:05 +02:00
|
|
|
- authelia
|
2024-02-17 19:01:04 +01:00
|
|
|
- coturn
|
|
|
|
|
- element
|
|
|
|
|
- etebase
|
|
|
|
|
- hedgedoc
|
|
|
|
|
- homepage
|
2024-03-30 17:28:32 +01:00
|
|
|
- lldap
|
2024-03-16 13:49:47 +01:00
|
|
|
- mailserver
|
2024-04-01 10:27:06 +02:00
|
|
|
- nginx
|
2024-03-29 20:56:28 +01:00
|
|
|
- postgres
|
2024-02-17 19:01:04 +01:00
|
|
|
- searxng
|
2024-04-20 12:48:37 +02:00
|
|
|
- stump
|
2024-02-17 19:01:04 +01:00
|
|
|
- synapse
|
|
|
|
|
- syncthing
|
2024-03-08 16:35:07 +01:00
|
|
|
- uptime-kuma
|
2024-02-17 19:01:04 +01:00
|
|
|
- vaultwarden
|
|
|
|
|
|
|
|
|
|
|
2024-02-22 19:09:43 +01:00
|
|
|
projects_to_backup:
|
2024-03-31 18:26:05 +02:00
|
|
|
- authelia
|
2024-02-23 12:51:17 +01:00
|
|
|
- etebase
|
2024-03-05 11:15:10 +01:00
|
|
|
- hedgedoc
|
2024-03-30 17:28:32 +01:00
|
|
|
- lldap
|
2024-03-16 13:49:47 +01:00
|
|
|
- mailserver
|
2024-03-29 20:56:28 +01:00
|
|
|
- postgres
|
2024-04-20 12:48:37 +02:00
|
|
|
- stump
|
2024-02-23 12:17:32 +01:00
|
|
|
- synapse
|
2024-03-08 16:35:07 +01:00
|
|
|
- uptime-kuma
|
2024-02-22 19:09:43 +01:00
|
|
|
- vaultwarden
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
borg_repodir: "{{ cifs_mounts['backups']['path'] }}/borg"
|
|
|
|
|
borg_passphrase_file: /etc/borg-passphrase.txt
|
|
|
|
|
borg_prune_options: |
|
|
|
|
|
--keep-within=1d
|
|
|
|
|
--keep-daily=7
|
|
|
|
|
--keep-weekly=4
|
|
|
|
|
--keep-monthly=12
|
|
|
|
|
--keep-yearly=10
|
|
|
|
|
|
|
|
|
|
|
2024-02-17 19:01:04 +01:00
|
|
|
# Ports exposed to host
|
|
|
|
|
ports:
|
2024-03-31 18:26:05 +02:00
|
|
|
authelia: 9091
|
2024-02-17 19:01:04 +01:00
|
|
|
coturn_listening: 3478
|
|
|
|
|
coturn_tls_listening: 5349
|
|
|
|
|
coturn_relay_min: 49152
|
|
|
|
|
coturn_relay_max: 49172
|
|
|
|
|
element: 8084
|
|
|
|
|
etebase: 3735
|
|
|
|
|
hedgedoc: 8086
|
|
|
|
|
homepage: 8082
|
2024-03-30 17:28:32 +01:00
|
|
|
lldap: 17170
|
2024-03-16 13:49:47 +01:00
|
|
|
mailserver_smtp: 1025
|
|
|
|
|
mailserver_smtps: 1465
|
|
|
|
|
mailserver_imaps: 1993
|
2024-05-02 22:49:00 +02:00
|
|
|
mailserver_https: 1443
|
2024-03-29 20:56:28 +01:00
|
|
|
postgres: 5432
|
2024-02-17 19:01:04 +01:00
|
|
|
searxng: 8083
|
2024-04-20 12:48:37 +02:00
|
|
|
stump: 10801
|
2024-02-17 19:01:04 +01:00
|
|
|
synapse: 8008
|
|
|
|
|
syncthing_discosrv: 8443
|
2024-02-19 11:03:16 +01:00
|
|
|
# Public port, forwarded to 22067 by nftables
|
|
|
|
|
syncthing_relaysrv: 143
|
2024-02-17 19:01:04 +01:00
|
|
|
syncthing_webui: 8384
|
2024-03-29 19:12:21 +01:00
|
|
|
syncthing_tcp: 18880
|
2024-02-17 19:01:04 +01:00
|
|
|
syncthing_udp: 22000
|
2024-03-08 16:35:07 +01:00
|
|
|
uptime_kuma: 3001
|
2024-02-17 19:01:04 +01:00
|
|
|
vaultwarden: 8081
|
2024-04-20 12:48:37 +02:00
|
|
|
wireguard: 51820
|
2024-02-17 19:01:04 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
# UID in containers
|
|
|
|
|
users:
|
2024-03-31 18:26:05 +02:00
|
|
|
authelia: 1008
|
2024-02-17 19:01:04 +01:00
|
|
|
coturn: 666
|
|
|
|
|
etebase: 373
|
|
|
|
|
hedgedoc: 1004
|
2024-02-25 19:15:58 +01:00
|
|
|
homepage: 8686
|
2024-03-30 17:28:32 +01:00
|
|
|
lldap: 1007
|
2024-04-06 21:43:34 +02:00
|
|
|
mailserver: 8 # Do not change
|
2024-03-29 20:56:28 +01:00
|
|
|
postgres: 70
|
2024-02-17 19:01:04 +01:00
|
|
|
searxng: 977
|
|
|
|
|
searxng_redis: 999
|
2024-04-20 12:48:37 +02:00
|
|
|
stump: 1005
|
2024-02-17 19:01:04 +01:00
|
|
|
synapse: 991
|
|
|
|
|
syncthing: 1001
|
|
|
|
|
syncthing_discosrv: 1002
|
2024-02-19 11:03:16 +01:00
|
|
|
syncthing_relaysrv: 1003
|
2024-03-08 16:35:07 +01:00
|
|
|
uptime_kuma: 1006
|
2024-02-17 19:01:04 +01:00
|
|
|
vaultwarden: 1000
|
2024-04-20 12:48:37 +02:00
|
|
|
wireguard: 1009
|
2024-02-17 19:01:04 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
coturn_tls_certificate_file: "/etc/letsencrypt/live/turn.{{ domain }}/fullchain.pem"
|
|
|
|
|
coturn_tls_certificate_key_file: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
|
|
|
|
|
etebase_datadir: /mnt/etebasedata
|
2024-04-04 20:26:59 +02:00
|
|
|
hedgedoc_uploadsdir: /mnt/hedgedocuploads
|
2024-03-30 17:28:32 +01:00
|
|
|
lldap_datadir: /mnt/lldapdata
|
2024-03-16 13:49:47 +01:00
|
|
|
mailserver_tls_certificate_file: "/etc/letsencrypt/live/mail.{{ domain }}/fullchain.pem"
|
|
|
|
|
mailserver_tls_certificate_key_file: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
|
2024-03-29 20:56:28 +01:00
|
|
|
postgres_datadir: /mnt/postgresdata
|
2024-04-20 12:48:37 +02:00
|
|
|
stump_configdir: /mnt/stump/config
|
|
|
|
|
stump_datadir: /mnt/stump/data
|
2024-02-17 19:01:04 +01:00
|
|
|
synapse_datadir: /mnt/synapsedata
|
|
|
|
|
syncthing_datadir: "{{ cifs_mounts['syncthing']['path'] }}"
|
2024-03-08 16:35:07 +01:00
|
|
|
uptime_kuma_datadir: /mnt/uptimekumadata
|
2024-02-17 19:01:04 +01:00
|
|
|
vaultwarden_datadir: /mnt/vwdata
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Service-specific variables
|
|
|
|
|
synapse:
|
|
|
|
|
max_upload_size: 50M
|
