diff options
| author | Romain Gonçalves <me@rgoncalves.se> | 2024-02-08 13:27:52 +0100 |
|---|---|---|
| committer | Romain Gonçalves <me@rgoncalves.se> | 2024-02-08 13:33:36 +0100 |
| commit | 76af5e5e55fce3912608722cd5f774c215f34c1d (patch) | |
| tree | f374d762e1f3c45b03a52d23617382a979f00238 /group_vars/all.yml | |
| parent | bd3aa9905be222f5198d7f56e4f1ee0f59b477e8 (diff) | |
| download | rules-76af5e5e55fce3912608722cd5f774c215f34c1d.tar.gz | |
refactor(vars): flatten group_vars and host_vars files
Diffstat (limited to 'group_vars/all.yml')
| -rw-r--r-- | group_vars/all.yml | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/group_vars/all.yml b/group_vars/all.yml new file mode 100644 index 0000000..ca98ea6 --- /dev/null +++ b/group_vars/all.yml @@ -0,0 +1,84 @@ +--- + +# ansible overrides + +ansible_hostname: "{{ ansible_host }}" +ansible_become_method: su +ansible_port: 22 + +# custom variables +# secrets and globals + +__ip: + external: + internal: + +__services: {} +__users: "{{ __secrets__users }}" +__domain_name: rgoncalves.se + +__global_domain_controller: dc0 +__global_domain_name_hosts: owo +__global_domain_name_servers: + - 8.8.8.8 + - 1.1.1.1 + +__global_services: + - name: ssh + protocol: tcp + port: 22 + + - name: healthcheck + protocol: tcp + port: 8000 + is_public: true + +# roles overrides + +httpd__log_format: forwarded + +wireguard_domain_controller: "{{ __global_domain_controller }}" +relayd__domain_name: "{{ __domain_name }}" +acme__rules: "[ + {% for rule in __services if 'domain' in rule %} + {{ {'domain': rule.domain} }}, + {% endfor %} + ]" +pf__rules: "[ + {% for rule in __services if + 'port' in rule and 'protocol' in rule and 'name' in rule %} + {{ {'name': rule.name, 'port': rule.port, 'protocol': rule.protocol} }}, + {% endfor %} + ]" +relayd__rules: "[ + {% for rule in __services if + 'domain' in rule and 'port' in rule %} + {{ {'name': rule.name, 'domain': rule.domain, 'port': rule.port} }}, + {% endfor %} + ]" +httpd__rules: "[ + {% for rule in __services if + 'domain' in rule and 'port' in rule %} + {{ { + 'name': rule.name, + 'domain': rule.domain, + 'port': rule.port, + 'extra': rule.extra if rule.extra is defined else {} + } }}, + {% endfor %} + ]" + +unix_users__users: "[ + {% for user in __users %} + {{ { + 'username': user.username, + 'comment': user.firstname + ' ' + user.lastname + } }}, + {% endfor %} + ]" + +sshd_keys__users: "[ + {% for user in __users %} + {{ user.username }}, + {% endfor %} + ]" |