310 lines
14 KiB
Plaintext
Raw Normal View History

2023-12-22 15:49:55 +01:00
# General
2025-01-21 16:50:43 +01:00
pause_duration: "120" # Database delay to wait for the central database before continue tasks
ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server
backups_folder_path: "/Backups/" # Path to the backups folder
2025-01-21 14:09:06 +01:00
## Domain
2025-01-21 16:50:43 +01:00
primary_domain_tld: "localhost" # Top Level Domain of the server
primary_domain_sld: "cymais" # Second Level Domain of the server
primary_domain: "{{primary_domain_sld}}.{{primary_domain_tld}}" # Primary Domain of the server
2025-01-21 14:09:06 +01:00
# Administrator
2025-01-21 16:50:43 +01:00
administrator_username: "administrator" # Username of the administrator
administrator_email: "{{administrator_username}}@{{primary_domain}}" # Email of the administrator
2025-01-21 14:09:06 +01:00
#user_administrator_initial_password: EXAMPLE_PASSWORD_123456 # Example initialisation password needs to be set in inventory file
2023-12-22 15:49:55 +01:00
# Email Configuration
system_email_local: no-reply
2025-01-21 14:09:06 +01:00
system_email_domain: "{{primary_domain}}"
system_email_username: "{{system_email_local}}@{{system_email_domain}}"
2025-01-21 14:09:06 +01:00
system_email_host: "mail.{{primary_domain}}"
system_email_smtp_port: 465
system_email_tls: true
system_email_start_tls: false
system_email_from: "{{system_email_username}}"
system_email_smtp: true
# Test Email
2025-01-21 14:09:06 +01:00
test_email: "test@{{primary_domain}}"
2024-01-08 19:38:36 +01:00
# Mode
# The following modes can be combined with each other
mode_reset: false # Cleans up all CyMaIS files. It's necessary to run to whole playbook and not particial roles when using this function.
mode_debug: false # Prints well formated debug information
2024-01-08 19:38:36 +01:00
mode_test: false # Executes test routines instead of productive routines
2024-01-09 12:47:44 +01:00
mode_update: true # Executes updates
mode_backup: true # Activates the backup before the update procedure
2024-01-09 12:52:49 +01:00
mode_setup: false # Execute the setup and initializing procedures
2024-01-08 19:38:36 +01:00
2023-12-14 12:34:30 +01:00
# Server Tact Variables
## Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance
2025-01-21 14:09:06 +01:00
hours_server_awake: "0..23"
2023-12-14 19:06:57 +01:00
2023-12-14 12:34:30 +01:00
## Random delay for systemd timers to avoid peak loads.
2023-12-14 19:06:57 +01:00
randomized_delay_sec: "5min"
2023-04-15 17:06:10 +02:00
2023-12-14 12:34:30 +01:00
## Schedule for Health Checks
on_calendar_health_btrfs: "*-*-* 00:00:00" # Check once per day the btrfs for errors
on_calendar_health_journalctl: "*-*-* 00:00:00" # Check once per day the journalctl for errors
on_calendar_health_disc_space: "*-*-* 06,12,18,00:00:00" # Check four times per day if there is sufficient disc space
on_calendar_health_docker_container: "*-*-* {{ hours_server_awake }}:00:00" # Check once per hour if the docker containers are healthy
on_calendar_health_docker_volumes: "*-*-* {{ hours_server_awake }}:15:00" # Check once per hour if the docker volumes are healthy
2023-12-17 17:34:34 +01:00
on_calendar_health_nginx: "*-*-* {{ hours_server_awake }}:45:00" # Check once per hour if all webservices are available
2023-12-14 12:34:30 +01:00
## Schedule for Cleanup Tasks
on_calendar_cleanup_backups: "*-*-* 00,06,12,18:30:00" # Cleanup backups every 6 hours, MUST be called before disc space cleanup
on_calendar_cleanup_disc_space: "*-*-* 07,13,19,01:30:00" # Cleanup disc space every 6 hours
2023-12-14 12:34:30 +01:00
## Schedule for Backup Tasks
2023-11-17 12:35:39 +01:00
on_calendar_backup_docker_to_local: "*-*-* 03:30:00"
on_calendar_backup_remote_to_local: "*-*-* 21:30:00"
2023-12-14 12:34:30 +01:00
## Schedule for Maintenance Tasks
on_calendar_heal_docker: "*-*-* {{ hours_server_awake }}:30:00" # Heal unhealthy docker instances once per hour
on_calendar_renew_lets_encrypt_certificates: "*-*-* 12,00:30:00" # Renew Mailu certificates twice per day
on_calendar_deploy_certificates: "*-*-* 13,01:30:00" # Deploy letsencrypt certificates twice per day to docker containers
on_calendar_msi_keyboard_color: "*-*-* *:*:00" # Change the keyboard color every minute
on_calendar_cleanup_failed_docker: "*-*-* 12:00:00" # Clean up failed docker backups every noon
on_calendar_btrfs_auto_balancer: "Sat *-*-01..07 00:00:00" # Execute btrfs auto balancer every first Saturday of a month
2024-12-01 15:02:09 +01:00
on_calendar_restart_docker: "Sun *-*-* 08:00:00" # Restart docker instances every Sunday at 8:00 AM
2023-04-26 11:52:11 +02:00
2023-12-14 12:34:30 +01:00
# Storage Space-Related Configurations
size_percent_maximum_backup: 75 # Maximum storage space in percent for backups
2024-04-04 19:02:37 +02:00
size_percent_cleanup_disc_space: 85 # Threshold for triggering cleanup actions
size_percent_disc_space_warning: 90 # Warning threshold in percent for free disk space
2023-12-14 12:34:30 +01:00
# Path Variables for Key Directories and Scripts
2025-01-21 14:09:06 +01:00
path_administrator_home: "/home/administrator/"
path_administrator_scripts: "{{path_administrator_home}}scripts/"
path_docker_volumes: "{{path_administrator_home}}volumes/docker/"
path_docker_compose_instances: "{{path_administrator_home}}docker-compose/"
path_system_lock_script: "{{path_administrator_scripts}}system-maintenance-lock.py"
2023-12-14 12:34:30 +01:00
# Runtime Variables for Process Control
2025-01-21 14:09:06 +01:00
activate_all_timers: false # Activates all timers, independend if the handlers had been triggered
nginx_matomo_tracking: false # Activates matomo tracking on all html pages
2023-12-12 01:44:37 +01:00
2023-12-14 16:29:11 +01:00
# System maintenance Services
2023-12-12 01:44:37 +01:00
2023-12-14 16:29:11 +01:00
## Timeouts to wait for other services to stop
2024-12-04 17:41:29 +01:00
system_maintenance_lock_timeout_cleanup_services: "15min"
system_maintenance_lock_timeout_storage_optimizer: "10min"
system_maintenance_lock_timeout_backup_services: "1h"
system_maintenance_lock_timeout_heal_docker: "30min"
system_maintenance_lock_timeout_update_docker: "2min"
system_maintenance_lock_timeout_restart_docker: "{{system_maintenance_lock_timeout_update_docker}}"
2023-12-14 16:29:11 +01:00
## Services
### Defined Services for Backup Tasks
system_maintenance_backup_services:
- "backup-docker-to-local"
- "backup-remote-to-local"
- "backup-data-to-usb"
- "backup-docker-to-local-everything"
2023-12-14 12:34:30 +01:00
2023-12-14 16:29:11 +01:00
### Defined Services for System Cleanup
system_maintenance_cleanup_services:
- "cleanup-backups"
- "cleanup-disc-space"
- "cleanup-failed-docker-backups"
2023-12-14 12:34:30 +01:00
2023-12-14 16:29:11 +01:00
### Services that Manipulate the System
system_maintenance_manipulation_services:
- "heal-docker"
- "update-docker"
- "system-storage-optimizer"
2024-12-01 15:02:09 +01:00
- "restart-docker"
2023-12-14 12:34:30 +01:00
## Total System Maintenance Services
2023-12-14 16:29:11 +01:00
system_maintenance_services: "{{ system_maintenance_backup_services + system_maintenance_cleanup_services + system_maintenance_manipulation_services }}"
### Define Variables for Docker Volume Health services
whitelisted_anonymous_docker_volumes: []
2023-12-14 12:34:30 +01:00
# Webserver Configuration
## Nginx-Specific Path Configurations
nginx_configuration_directory: "/etc/nginx/conf.d/" # General configuration dir
nginx_servers_directory: "{{nginx_configuration_directory}}servers/" # Contains server blogs
nginx_maps_directory: "{{nginx_configuration_directory}}maps/" # Contains mappins
nginx_streams_directory: "{{nginx_configuration_directory}}streams/" # Contains streams configuration e.g. for ldaps
nginx_well_known_root: "/usr/share/nginx/well-known/" # Path where well-known files are stored
nginx_homepage_root: "/usr/share/nginx/homepage/" # Path where the static homepage files are stored
2023-12-14 12:34:30 +01:00
2025-01-21 14:09:06 +01:00
## Nginx static repository
nginx_static_repository_address: NULL #This should contain the url to an git repository which has a static homepage included and an index.html file
## Domains
### Service Domains
2025-01-21 14:09:06 +01:00
domain_akaunting: "accounting.{{primary_domain}}"
domain_attendize: "tickets.{{primary_domain}}"
domain_baserow: "baserow.{{primary_domain}}"
domain_bigbluebutton: "meet.{{primary_domain}}"
domain_bluesky_api: "bluesky.{{primary_domain}}"
domain_bluesky_web: "bskyweb.{{primary_domain}}"
domain_discourse: "forum.{{primary_domain}}"
domain_elk: "elk.{{primary_domain}}"
domain_friendica: "friendica.{{primary_domain}}"
domain_funkwhale: "music.{{primary_domain}}"
domain_gitea: "git.{{primary_domain}}"
domain_gitlab: "gitlab.{{primary_domain}}"
domain_portfolio: "{{primary_domain}}"
domain_keycloak: "auth.{{primary_domain}}"
2025-01-21 16:50:43 +01:00
domain_ldap: "ldap.{{primary_domain}}"
2025-01-21 14:09:06 +01:00
domain_listmonk: "newsletter.{{primary_domain}}"
domain_mailu: "{{system_email_host}}"
2025-01-21 14:09:06 +01:00
domain_mastodon: "microblog.{{primary_domain}}"
domains_mastodon_alternates: ["mastodon.{{primary_domain}}"]
domain_matomo: "matomo.{{primary_domain}}"
domain_matrix_synapse: "matrix.{{primary_domain}}"
domain_matrix_element: "element.{{primary_domain}}"
domain_moodle: "academy.{{primary_domain}}"
domain_mediawiki: "wiki.{{primary_domain}}"
domain_nextcloud: "cloud.{{primary_domain}}"
domain_openproject: "project.{{primary_domain}}"
domain_pixelfed: "picture.{{primary_domain}}"
domain_peertube: "video.{{primary_domain}}"
2023-12-14 12:34:30 +01:00
domains_peertube: []
2025-01-21 14:09:06 +01:00
domain_roulette: "roulette.{{primary_domain}}"
domain_taiga: "kanban.{{primary_domain}}"
domain_yourls: "s.{{primary_domain}}"
domains_wordpress: ["wordpress.{{primary_domain}}","blog.{{primary_domain}}"]
2023-12-14 12:34:30 +01:00
### Domain Redirects
redirect_domain_mappings:
2025-01-21 14:09:06 +01:00
- { source: "akaunting.{{primary_domain}}", target: "{{domain_akaunting}}" }
- { source: "bbb.{{primary_domain}}", target: "{{domain_bigbluebutton}}" }
- { source: "discourse.{{primary_domain}}", target: "{{domain_discourse}}" }
- { source: "funkwhale.{{primary_domain}}", target: "{{domain_funkwhale}}" }
- { source: "gitea.{{primary_domain}}", target: "{{domain_gitea}}" }
- { source: "keycloak.{{primary_domain}}", target: "{{domain_keycloak}}" }
- { source: "listmonk.{{primary_domain}}", target: "{{domain_listmonk}}" }
- { source: "moodle.{{primary_domain}}", target: "{{domain_moodle}}" }
- { source: "nextcloud.{{primary_domain}}", target: "{{domain_nextcloud}}" }
- { source: "openproject.{{primary_domain}}", target: "{{domain_openproject}}" }
- { source: "peertube.{{primary_domain}}", target: "{{domain_peertube}}" }
- { source: "pictures.{{primary_domain}}", target: "{{domain_pixelfed}}" }
- { source: "pixelfed.{{primary_domain}}", target: "{{domain_pixelfed}}" }
- { source: "short.{{primary_domain}}", target: "{{domain_yourls}}" }
- { source: "taiga.{{primary_domain}}", target: "{{domain_taiga}}" }
- { source: "videos.{{primary_domain}}", target: "{{domain_peertube}}" }
2025-01-20 20:32:27 +01:00
## Docker Applications
### Enable Central MariaDB
enable_central_database: true
enable_central_database_mailu: "{{enable_central_database}}"
### Enable Storage Optimizer for Docker Volumes
enable_system_storage_optimizer: true
2023-12-22 15:49:55 +01:00
### Docker Role Specific Parameters
docker_restart_policy: "unless-stopped"
#### Akaunting
akaunting_version: "latest"
2025-01-21 14:09:06 +01:00
akaunting_company_name: "{{primary_domain}}"
akaunting_company_email: "{{administrator_email}}"
akaunting_setup_admin_email: "{{administrator_email}}"
2023-12-19 14:07:05 +01:00
2025-01-20 18:29:40 +01:00
#### Attendize
attendize_version: "latest"
#### Baserow
baserow_version: "latest"
#### Big Blue Button
bigbluebutton_enable_greenlight: "true"
2025-01-20 18:29:40 +01:00
#### Bluesky
bluesky_administrator_email: "{{administrator_email}}"
bluesky_pds_version: "latest"
#### Friendica
friendica_version: "latest"
#### Gitea
gitea_version: "latest"
#### Gitlab
gitlab_version: "latest"
#### Joomla
joomla_version: "latest"
#### Keycloak
2025-01-21 14:09:06 +01:00
keycloak_version: "latest"
keycloak_administrator_username: "{{administrator_username}}"
#### LDAP
2025-01-22 11:08:33 +01:00
ldap_version: "latest"
ldap_admin_version: "2.0.0-dev" # @todo Attention: Change this as fast as released to latest
ldap_administrator_username: "{{administrator_username}}"
ldap_administrator_password: "{{user_administrator_initial_password}}" #CHANGE for security reasons
ldap_administrator_database_password: "{{user_administrator_initial_password}}" #CHANGE for security reasons
#### Listmonk
2025-01-21 14:09:06 +01:00
listmonk_admin_username: "{{administrator_username}}"
listmonk_public_api_activated: False # Security hole. Can be used for spaming
2025-01-21 14:09:06 +01:00
listmonk_version: "latest"
2025-01-20 18:29:40 +01:00
#### MariaDB
mariadb_version: "latest"
#### Matomo
matomo_version: "latest"
2023-12-22 15:49:55 +01:00
#### Mastodon
mastodon_version: "latest"
mastodon_single_user_mode: false
2023-12-21 19:50:19 +01:00
#### Matrix
2025-01-20 19:50:17 +01:00
matrix_administrator_username: "{{administrator_username}}" # Accountname of the matrix admin
matrix_playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start
matrix_role: "compose" # Role to setup Matrix. Valid values: ansible, compose
2025-01-21 14:09:06 +01:00
matrix_server_name: "{{primary_domain}}" # Adress for the account names etc.
2025-01-20 19:50:17 +01:00
matrix_synapse_version: "latest"
matrix_element_version: "latest"
2023-12-22 15:49:55 +01:00
#### Mailu
2024-12-16 19:00:45 +01:00
mailu_version: "2024.06"
2025-01-21 14:09:06 +01:00
mailu_domain: "{{primary_domain}}"
mailu_subnet: "192.168.203.0/24"
#### Moodle
2025-01-21 14:09:06 +01:00
moodle_site_name: "Global Learning Academy on {{primary_domain}}"
moodle_administrator_name: "{{administrator_username}}"
moodle_administrator_email: "{{administrator_email}}"
moodle_version: "latest"
2025-01-20 18:29:40 +01:00
#### MyBB
mybb_version: "latest"
2023-12-22 15:49:55 +01:00
#### Nextcloud
2024-11-07 12:56:27 -03:00
nextcloud_version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
2023-12-22 15:49:55 +01:00
2024-07-10 19:24:52 +02:00
#### Peertube
peertube_version: "bookworm"
#### Pixelfed
2025-01-21 14:09:06 +01:00
pixelfed_app_name: "Pictures on {{primary_domain}}"
2025-01-20 18:29:40 +01:00
pixelfed_version: "latest"
#### Postgres
# Please set an version in your inventory file - Rolling release for postgres isn't recommended
2025-01-20 19:50:17 +01:00
postgres_database_version: "latest"
2025-01-20 18:29:40 +01:00
#### Taiga
2025-01-20 19:50:17 +01:00
taiga_version: "latest"
#### YOURLS
2025-01-20 19:50:17 +01:00
yourls_administrator_username: "{{administrator_username}}"
yourls_version: "latest"