computer-playbook/group_vars/all/00_general.yml

SOFTWARE_NAME:            "Infinito.Nexus"  # Name of the software

ENVIRONMENT:              "production"      # Possible values: production, development

# If true, sensitive credentials will be masked or hidden from all Ansible task logs
# Recommendet to set to true
# @todo needs to be implemented everywhere
MASK_CREDENTIALS_IN_LOGS: true

HOST_CURRENCY:            "EUR"
HOST_TIMEZONE:            "UTC"

# https://en.wikipedia.org/wiki/ISO_639
HOST_LL:                  "en"          # Some applications are case sensitive
HOST_LL_CC:               "{{HOST_LL}}_GB"

HOST_DATE_FORMAT:         "YYYY-MM-DD"
HOST_TIME_FORMAT:         "HH:mm"

HOST_THOUSAND_SEPARATOR:  "."
HOST_DECIMAL_MARK:        ","

# Deployment mode
DEPLOYMENT_MODE:        "single"      # Use single, if you deploy on one server. Use cluster if you setup in cluster mode.

# Web
WEB_PROTOCOL:           "https"       # Web protocol type. Use https or http. If you run local you need to change it to http
WEB_PORT:               "{{ 443 if WEB_PROTOCOL == 'https' else 80 }}"  # Default port web applications will listen to

# Domain
PRIMARY_DOMAIN:         "localhost" # Primary Domain of the server

# Server Tact Variables 

## Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance
HOURS_SERVER_AWAKE:                       "0..23"

## Random delay for systemd timers to avoid peak loads.
RANDOMIZED_DELAY_SEC:                     "5min"

# Runtime Variables for Process Control
ACTIVATE_ALL_TIMERS:                      false   # Activates all timers, independend if the handlers had been triggered

DNS_PROVIDER:                             cloudflare              # The DNS Provider\Registrar for the domain

HOSTING_PROVIDER:                         hetzner                 # Provider which hosts the server

# Which ACME method to use: webroot, cloudflare, or hetzner
CERTBOT_ACME_CHALLENGE_METHOD:            "cloudflare"
CERTBOT_CREDENTIALS_DIR:                  /etc/certbot
CERTBOT_CREDENTIALS_FILE:                 "{{ CERTBOT_CREDENTIALS_DIR }}/{{ CERTBOT_ACME_CHALLENGE_METHOD }}.ini"
CERTBOT_DNS_PROPAGATION_WAIT_SECONDS:     300                     # How long should the script wait for DNS propagation before continuing
CERTBOT_FLAVOR:                           san                     # Possible options: san (recommended, with a dns flavor like cloudflare, or hetzner), wildcard(doesn't function with www redirect), dedicated

# Path where Certbot stores challenge webroot files
LETSENCRYPT_WEBROOT_PATH:                 "/var/lib/letsencrypt/"

# Base directory containing Certbot configuration, account data, and archives
LETSENCRYPT_BASE_PATH:                    "/etc/letsencrypt/"

# Symlink directory for the current active certificate and private key
LETSENCRYPT_LIVE_PATH:                    "{{ LETSENCRYPT_BASE_PATH }}live/"

## Docker Role Specific Parameters
DOCKER_RESTART_POLICY:                    "unless-stopped"
DOCKER_VARS_FILE:                         "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml"

# Asyn Confitguration
ASYNC_ENABLED:  "{{ not MODE_DEBUG | bool }}"                  # Activate async, deactivated for debugging
ASYNC_TIME:     "{{ 300 if ASYNC_ENABLED | bool else omit }}"  # Run for mnax 5min
ASYNC_POLL:     "{{ 0 if ASYNC_ENABLED | bool else 10 }}"      # Don't wait for task

# default value if not set via CLI (-e) or in playbook vars
allowed_applications: []

# helper
_applications_nextcloud_oidc_flavor: >-
  {{
    applications
      | get_app_conf(
          'web-app-nextcloud',
          'oidc.flavor',
          False,
          'oidc_login'
          if applications
            | get_app_conf('web-app-nextcloud','features.ldap',False, True)
          else 'sociallogin'
        )
  }}

# Systemctl 
SYS_TIMER_SUFFIX:   ".{{ SOFTWARE_NAME | lower }}.timer"
SYS_SERVICE_SUFFIX: ".{{ SOFTWARE_NAME | lower }}.service"