# Host spezifische Variablen
motd_lines:
- "Webserver"
- "Öffentliche IPs: {{ansible_ens18.ipv4.address}} / {{ansible_ens18.ipv6[0].address}}"
debian_sources:
- "deb http://ftp2.de.debian.org/debian/ bookworm main contrib non-free"
- "deb http://ftp.debian.org/debian bookworm-updates main contrib non-free"
- "deb http://security.debian.org/ bookworm-security main contrib non-free"
- "deb https://download.docker.com/linux/debian bookworm stable"
debian_keys_id:
debian_keys_url:
- "https://download.docker.com/linux/debian/gpg"
# Primäre IP Adressen des Hosts
ext_ip4: 159.69.57.51
ext_ip6: 2a01:4f8:231:8a1:159:69:57:51
int_ip4: 10.42.1.1
# Art des Hosts: physical, vm, docker
host_type: "vm"
# SSL aktivieren
webserver_ssl: true
# Liste der gehosteten Domänen
webserver_domains:
- "warpzone.ms"
- "api.warpzone.ms"
# - "auth.warpzone.ms"
- "gitlab.warpzone.ms"
- "matrix.warpzone.ms"
- "mailserver.warpzone.ms"
- "ldap.warpzone.ms"
- "keycloak.warpzone.ms"
- "md.warpzone.ms"
# - "turn.warpzone.ms"
- "wiki.warpzone.ms"
- "www.warpzone.ms"
# - "workadventure.warpzone.ms"
- "play.workadventure.warpzone.ms"
# - "pusher.workadventure.warpzone.ms"
# - "api.workadventure.warpzone.ms"
# - "icon.workadventure.warpzone.ms"
#OpenVPN Konfigurationen
openvpn_server:
- "server-zone"
- "server-verwaltung"
administratorenteam:
- "void"
- "sandhome"
- "jabertwo"
# Docker konfigurationen
docker:
# Interne Docker-Netzwerke
internal_networks:
- web
# Monitoring aktivieren
alert:
load:
warn: 5
crit: 10
containers:
- { name: "coturn_coturn_1" }
- { name: "dockerstats_app_1" }
- { name: "dokuwiki_app_1" }
- { name: "gitlab_app_1" }
- { name: "gitlab_dind_1" }
- { name: "gitlab_runner_1" }
- { name: "hackmd_app_1" }
- { name: "hackmd_db_1" }
- { name: "icinga_app_1" }
- { name: "icinga_db_1" }
- { name: "icinga_graphite_1" }
- { name: "keycloak_app_1" }
- { name: "keycloak_db_1" }
- { name: "keycloak_sync-group-active_1" }
- { name: "ldap_openldap_1" }
- { name: "ldap_phpldapadmin_1" }
- { name: "mail_admin_1" }
- { name: "mail_antispam_1" }
- { name: "mail_certdumper_1" }
- { name: "mail_db_1" }
- { name: "mail_front_1" }
- { name: "mail_imap_1" }
- { name: "mail_oletools_1" }
- { name: "mail_redis_1" }
- { name: "mail_resolver_1" }
- { name: "mail_smtp_1" }
- { name: "mail_webmail_1" }
- { name: "mail_mailman-core_1" }
- { name: "mail_mailman-web_1" }
- { name: "mail_mailman-nginx_1" }
- { name: "matrix_ma1sd_1" }
- { name: "matrix_db_1" }
- { name: "matrix_purgemediacache_1" }
- { name: "matrix_synapse_1" }
- { name: "matterbridge_cw_1" }
- { name: "matterbridge_wz_1" }
- { name: "matterbridge_web_1" }
- { name: "matterbridge_restarter_1" }
- { name: "traefik_app_1" }
- { name: "vpnserver_app_1" }
- { name: "warpapi_app_1" }
- { name: "wordpress_app_1" }
- { name: "wordpress_db_1" }
- { name: "workadventure_back_1" }
- { name: "workadventure_front_1" }
- { name: "workadventure_icon_1" }
- { name: "workadventure_pusher_1" }
- { name: "workadventure_redis_1" }
disks:
- { mountpoint: "/", warn: "5 GB", crit: "1 GB" }
- { mountpoint: "/srv", warn: "5 GB", crit: "1 GB" }
# Definition von Borgbackup Repositories
borgbackup_repos:
# warpsrvint:
# # URL des Repos
# repo: "ssh://warpzone@192.168.0.201:22/data/warpzone/webserver"
# # Repo-spezifische Optionen zum Aufruf von Borgbackup
# # z.B. bei Sicherungen zu rsync.net ist --remote-path=borg1 erforderlich
# options: ""
# # Compression Options, z,b. "zlib,5, "zstd,5"
# compression: "zlib,5"
# # Prune Optionen
# prune: "--keep-within=2d --keep-daily=7 --keep-weekly=4 --keep-monthly=6"
# # Backup Schedule
# weekday: "*"
# hour: "6"
# minute: "0"
# # Zusätzliche Verzeichnisse, die nur in diesem Backup gesichtert werden sollen
# # directories:
# # Monitoring
# alert: true
# warning_age: 26
# critical_age: 50
# warning_count: 10
# critical_count: 5
borgbase:
# URL des Repos
repo: "ani9ve0q@ani9ve0q.repo.borgbase.com:repo"
# Repo-spezifische Optionen zum Aufruf von Borgbackup
# z.B. bei Sicherungen zu rsync.net ist --remote-path=borg1 erforderlich
options: ""
# Compression Options, z,b. "zlib,5, "zstd,5"
compression: "zlib,5"
# Prune Optionen
prune: "--keep-within=2d --keep-daily=7 --keep-weekly=4 --keep-monthly=6"
# Backup Schedule
weekday: "*"
hour: "4"
minute: "10"
# Zusätzliche Verzeichnisse, die nur in diesem Backup gesichtert werden sollen
# directories:
# Monitoring
alert: true
warning_age: 26
critical_age: 50
warning_count: 10
critical_count: 5
# Definition der Verzeichnisse, die in allen Borgbackup Repos gesichert werden sollen
borgbackup_directories:
- "/etc/"
- "/srv/"