--- # @var authorized_key_file: authorized_keys # The default authorized_keys file used for SSH. authorized_key_file: authorized_keys # @var certbot_admin_email: admin@example.com # The e-mail you would like associated with free Let's Encrypt SSL certificates. certbot_admin_email: '{{ admin_email }}' # @var certbot_certs: [] # An array of Let's Encrypt SSL request settings. certbot_certs: [] # @example # # # In this example, every host that has the `certbot_certs` settings below will request wildcard domain certificates # # for all of the domains listed under `domains`. Let's Encrypt has rate-limits so make sure you do not provision # # a large number of hosts that are all requesting the same certificate over and over again. We used to do this but # # have moved towards implementing the SSL certificates on the firewall and then using HAProxy to send requests to their # # final destination over a ZeroTier connection over the LAN. This way, we mimic end-to-end encryption and only have one # # machine handling SSL certificates. # certbot_certs: # - email: '{{ cloudflare_email }}' # domains: # - '*.megabyte.space' # - '*.home.megabyte.space' # - '*.lab.megabyte.space' # @end # @var dns_provider: 1.1.1.1#cloudflare-dns.com # Default DNS-over-TLS address. dns_provider: 10.0.0.1#pfsense.lab.megabyte.space # @var dns_fallback_provider: 1.0.0.1#cloudflare-dns.com # Fallback DNS-over-TLS address. dns_fallback_provider: 10.0.0.1#pfsense.lab.megabyte.space # @var docker_users: [] # Array of users that should be able to access Docker with elevated permissions (e.g. sudo). docker_users: - "{{ ansible_user | default(lookup('env', 'USER')) }}" _netdata_rooms: do: 0f7a2d28-77c0-4eb1-970b-22405a3886f7 general: fb8e46ae-4354-454a-b676-46cda89c2e9b james: 495e99ef-60b4-43a4-bb60-4e05accf58a2 # @var netdata_rooms: {} # A mapping of VLAN IDs that correlate to [netdata](https://www.netdata.cloud/) rooms. netdata_rooms: cloud: '{{ _netdata_rooms.do }}' guest: '{{ _netdata_rooms.james }}' iot: '{{ _netdata_rooms.james }}' kubernetes: '{{ _netdata_rooms.james }}' management: '{{ _netdata_rooms.james }}' offline: '{{ _netdata_rooms.james }}' unifi: '{{ _netdata_rooms.james }}' work: '{{ _netdata_rooms.james }}' # @var security_autoupdate_mail_to: {} # The e-mail to notify when there is an issue with autoupdates. security_autoupdate_mail_to: '{{ admin_email }}'