domain: viyurz.fr timezone: "Europe/Paris" host_uid: 1000 socket: "/run/user/${env['host_uid']}/podman/podman.sock" # UID shift for mapping between host & containers uid_shift: 99999 # cifs_credentials is undefined when we run the backup playbook # as a cronjob, so set empty default value to prevent errors, # which is fine because we don't use it. cifs_host: "{{ cifs_credentials['username'] | default('') }}.your-storagebox.de" cifs_mounts: backups: src: "//{{ cifs_host }}/backup/backups" path: /mnt/storagebox/backups uid: 0 gid: "{{ host_uid }}" file_mode: 640 dir_mode: 750 fireshare: src: "//{{ cifs_host }}/backup/fireshare" path: /mnt/storagebox/fireshare uid: "{{ users['fireshare'] + uid_shift }}" gid: "{{ users['fireshare'] + uid_shift }}" file_mode: 644 dir_mode: 755 storagebox: src: "//{{ cifs_host }}/backup" path: /mnt/storagebox uid: 0 gid: 0 file_mode: 640 dir_mode: 751 syncthing: src: "//{{ cifs_host }}/backup/syncthing" path: /mnt/storagebox/syncthing uid: "{{ users['syncthing'] + uid_shift }}" gid: "{{ users['syncthing'] + uid_shift }}" file_mode: 640 dir_mode: 750 borg_repodir: "${env['cifs_mounts']['backups']['path']}/borg" borg_passphrase_file: /etc/borg-passphrase.txt certs: coturn: cert: "/etc/letsencrypt/live/turn.${env['domain']}/fullchain.pem" pkey: "/etc/letsencrypt/live/turn.${env['domain']}/privkey.pem" mailserver: cert: "/etc/letsencrypt/live/mail.${env['domain']}/fullchain.pem" pkey: "/etc/letsencrypt/live/mail.${env['domain']}/privkey.pem" # Ports exposed to host ports: coturn_listening: 3478 coturn_tls_listening: 5349 coturn_relay_min: 49152 coturn_relay_max: 49172 element: 8084 etebase: 3735 fireshare: 8085 hedgedoc: 8086 homepage: 8686 keycloak: 8444 mailserver_smtp: 1025 mailserver_smtps: 1465 mailserver_imaps: 1993 mailserver_https: 1443 postgres: 5432 searxng: 8083 stump: 10801 synapse: 8008 syncthing_discosrv: 8443 # Public port, forwarded to 22067 by nftables syncthing_relaysrv: 143 syncthing_webui: 8384 syncthing_tcp: 18880 syncthing_udp: 22000 uptime_kuma: 3001 vaultwarden: 8081 # UID in containers users: coturn: 666 etebase: 373 fireshare: 1007 hedgedoc: 1004 homepage: 8686 keycloak: 1000 mailserver: 8 postgres: 70 searxng: 977 searxng_valkey: 999 stump: 1005 synapse: 991 syncthing: 1001 syncthing_discosrv: 1002 syncthing_relaysrv: 1003 uptime_kuma: 1006 vaultwarden: 1010 volumes: etebase_datadir: /mnt/etebasedata fireshare_datadir: /mnt/firesharedata fireshare_processeddir: /mnt/storagebox/fireshare/processed fireshare_videosdir: /mnt/storagebox/fireshare/videos hedgedoc_uploadsdir: /mnt/hedgedocuploads mailserver_datadir: /mnt/mailserver postgres_datadir: /mnt/postgresdata stump_configdir: /mnt/stump/config stump_datadir: /mnt/stump/data synapse_datadir: /mnt/synapsedata syncthing_datadir: "${env['cifs_mounts']['syncthing']['path']}" uptime_kuma_datadir: /mnt/uptimekumadata vaultwarden_datadir: /mnt/vwdata