SOFTWARE_NAME: "Infinito.Nexus" # Name of the software ENVIRONMENT: "production" # Possible values: production, development # If true, sensitive credentials will be masked or hidden from all Ansible task logs # Recommendet to set to true # @todo needs to be implemented everywhere MASK_CREDENTIALS_IN_LOGS: true HOST_CURRENCY: "EUR" HOST_TIMEZONE: "UTC" # https://en.wikipedia.org/wiki/ISO_639 HOST_LL: "en" # Some applications are case sensitive HOST_LL_CC: "{{HOST_LL}}_GB" HOST_DATE_FORMAT: "YYYY-MM-DD" HOST_TIME_FORMAT: "HH:mm" HOST_THOUSAND_SEPARATOR: "." HOST_DECIMAL_MARK: "," # Deployment mode DEPLOYMENT_MODE: "single" # Use single, if you deploy on one server. Use cluster if you setup in cluster mode. # Web WEB_PROTOCOL: "https" # Web protocol type. Use https or http. If you run local you need to change it to http WEB_PORT: "{{ 443 if WEB_PROTOCOL == 'https' else 80 }}" # Default port web applications will listen to # Domain PRIMARY_DOMAIN: "localhost" # Primary Domain of the server PRIMARY_DOMAIN_tld: "{{ (PRIMARY_DOMAIN == 'localhost') | ternary('localhost', PRIMARY_DOMAIN.split('.')[-1]) }}" # Top Level Domain of the server PRIMARY_DOMAIN_SLD: "{{ (PRIMARY_DOMAIN == 'localhost') | ternary('localhost', PRIMARY_DOMAIN.split('.')[-2]) }}" # Second Level Domain of the server # Server Tact Variables ## Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance HOURS_SERVER_AWAKE: "0..23" ## Random delay for systemd timers to avoid peak loads. RANDOMIZED_DELAY_SEC: "5min" # Runtime Variables for Process Control ACTIVATE_ALL_TIMERS: false # Activates all timers, independend if the handlers had been triggered DNS_PROVIDER: cloudflare # The DNS Provider\Registrar for the domain # Which ACME method to use: webroot, cloudflare, or hetzner CERTBOT_ACME_CHALLENGE_METHOD: "cloudflare" CERTBOT_CREDENTIALS_DIR: /etc/certbot CERTBOT_CREDENTIALS_FILE: "{{ CERTBOT_CREDENTIALS_DIR }}/{{ CERTBOT_ACME_CHALLENGE_METHOD }}.ini" CERTBOT_DNS_API_TOKEN: "" # Define in inventory file: More information here: group_vars/all/docs/CLOUDFLARE_API_TOKEN.md CERTBOT_DNS_PROPAGATION_WAIT_SECONDS: 300 # How long should the script wait for DNS propagation before continuing CERTBOT_FLAVOR: san # Possible options: san (recommended, with a dns flavor like cloudflare, or hetzner), wildcard(doesn't function with www redirect), dedicated # Path where Certbot stores challenge webroot files LETSENCRYPT_WEBROOT_PATH: "/var/lib/letsencrypt/" # Base directory containing Certbot configuration, account data, and archives LETSENCRYPT_BASE_PATH: "/etc/letsencrypt/" # Symlink directory for the current active certificate and private key LETSENCRYPT_LIVE_PATH: "{{ LETSENCRYPT_BASE_PATH }}live/" ## Docker Role Specific Parameters DOCKER_RESTART_POLICY: "unless-stopped" DOCKER_VARS_FILE: "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml" # Asyn Confitguration ASYNC_ENABLED: "{{ not MODE_DEBUG | bool }}" # Activate async, deactivated for debugging ASYNC_TIME: "{{ 300 if ASYNC_ENABLED | bool else omit }}" # Run for mnax 5min ASYNC_POLL: "{{ 0 if ASYNC_ENABLED | bool else 10 }}" # Don't wait for task # default value if not set via CLI (-e) or in playbook vars allowed_applications: [] # helper _applications_nextcloud_oidc_flavor: >- {{ applications | get_app_conf( 'web-app-nextcloud', 'oidc.flavor', False, 'oidc_login' if applications | get_app_conf('web-app-nextcloud','features.ldap',False, True) else 'sociallogin' ) }}