source: darkpeak-services/prod-playbook.yml @ 45f425ad

keycloakpleroma
Last change on this file since 45f425ad was 45f425ad, checked in by Mat Booth <mat.booth@…>, 2 years ago

Add pages role to production playbook

  • Property mode set to 100644
File size: 4.4 KB
Line 
1---
2- hosts: all
3
4  roles:
5    - git
6    - ipsilon
7    # - mastodon
8    - mediawiki
9    - pages
10    - sabredav
11    - trac
12    - ttrss
13    - znc
14
15  become: yes
16  become_user: root
17  become_method: sudo
18
19  pre_tasks:
20    - name: Verify Ansible version
21      assert:
22        that: "ansible_version.full is version_compare('2.4', '>=')"
23        msg: "You must update Ansible to at least 2.4 to use this playbook"
24
25  vars:
26    # Setting this will install self-signed TLS certificates for local testing
27    # with Vagrant
28    development_mode: false
29
30    # Setting this will initialise the TTRSS and SABREDAV databases, DESTROYING
31    # any existing data in the process!
32    first_run: false
33
34    domain_name: darkpeak.org
35    default_web_root: /var/www
36    php_fpm_config_path: /etc/php/7.0/fpm
37    php_session_path: /var/lib/php/sessions
38    postgresql_user: postgres
39    postgresql_group: postgres
40    postgresql_locales:
41      - en_GB.UTF-8
42      - en_US.UTF-8
43
44    ldap_auth_domain: "darkpeak.org"
45    # see: https://issues.darkpeak.org/ticket/2#comment:10
46    # ldap_server: "id.{{ ldap_auth_domain }}"
47    ldap_server: "213.138.110.5"
48    ldap_port: 389
49    ldap_port_ssl: 636
50    ldap_uri: "ldap://{{ ldap_server }}/"
51    ldap_uri_ssl: "ldaps://{{ ldap_server }}/"
52    ldap_basedn: "dc=darkpeak,dc=org"
53    ldap_user_basedn: "cn=users,cn=accounts,{{ ldap_basedn }}"
54    ldap_group_basedn: "cn=groups,cn=accounts,{{ ldap_basedn }}"
55
56    ttrss_postgresql_password: !vault |
57      $ANSIBLE_VAULT;1.1;AES256
58      30306238393464653733343463343865333339393930376461376237616339353336326666616537
59      3531343965353839346361393337636535383962386639370a616132323937373739366339333536
60      61613730313261386238396661346461303066323435653937643536663735623837343339386662
61      3534613136643766620a363834376633316565656436666162366365613364666139613732643262
62      64353637373161343738346166313133656333336165616138636335633264396564343332393734
63      3137623139356464653533353435333139373565303466346335
64
65    sabredav_mysql_password: !vault |
66      $ANSIBLE_VAULT;1.1;AES256
67      30323938306338323032363835616564666534653164313436383965663432653533396134643566
68      3563643338313765346236373262356535346635653563610a633331613336646666636166376561
69      38653438616163333135393263353963356338666362623834616133363332616639636535666533
70      3962616662643139300a663531666630363939363232303564613539386266636538333931613237
71      63306634326664613233323963343930623230393236346261333961326663613431656338316261
72      3761323261646538393536616261613862396162616330343465
73
74    trac_postgresql_password: !vault |
75      $ANSIBLE_VAULT;1.1;AES256
76      62393631373263303130373331356635646565663330656363666363653965363037613361316566
77      3866383232326236616331353332623039656562376539360a623637313832613936333639313437
78      64303332303335613431623630373063323261626533383232613164633165623266616564346331
79      3834663736653662660a623333633764353563353235666636623533613262313363373434396537
80      30373464393362636634323163663065316661316135343932376338346465336461336564613362
81      6563353332633166393435326233376230666336313062663363
82
83    mediawiki_admin_pass: !vault |
84      $ANSIBLE_VAULT;1.1;AES256
85      38653238656364653761656562386130636164303765373039313361646638373465343736366133
86      3136316666336361633164636637323636346662613032340a323536393032626134306237346536
87      38646636323135646437663534623163313463316535353036386638393033376435663261663637
88      3265623666386336310a313161313637346239623435353537336436633633396632636531346166
89      32623436613431386461646330656462636230623737393961363033356461653232303063336364
90      3531336563363265653530363033383762656133643734623461
91
92    # before deploying to production, make encrypted versions of these
93    mastodon_postgresql_password: "Tahgoh3vAmoo8EXooghoh2iy"
94    mastodon_paperclip_secret: "59c571efc27215e088195f9df1b0cbbd6a11fcc0268d08daa05b6a7b847da5d46425709b2c80c0a98701916c447b223ecea5e3cb13e54562cf2223a0bcc7ca3c"
95    mastodon_secret_key_base: "f07b4325dc3579002d123b413753e7d23c1089d4512f3416e21371e19816da68aecb7e2cf7803ca4e322e6c824c50ce9e881a26943cea15325cce8d3777971b0"
96    mastodon_otp_secret: "55529853e78ab27547601064e0f34bef510cffb699b516abc34085e929b9edf00eb8f6ee7ede87123c005508e4e788033e6b86312fafab97940b54f6a1449a70"
97    mastodon_vapid_private_key: "gAvUv0js5f3cFOxNqvc3V7pwlW8rJLCM91eC3KJqnNc="
98    mastodon_vapid_public_key: "BIAEFqq5cAKpVpt6D53dEF5cBy4RJ8cpZx7EU_n4n3izLG0fLDOVdJGHyzL1aevo9x7EcszjTaWFyhgPkeNuZ1Y="
Note: See TracBrowser for help on using the repository browser.