mirror of
https://github.com/fscotto/infra.git
synced 2026-05-30 15:39:58 +00:00
94 lines
2.0 KiB
YAML
94 lines
2.0 KiB
YAML
---
|
|
server_username: "{{ username }}"
|
|
server_user_group: "{{ server_username }}"
|
|
server_user_home: "/home/{{ server_username }}"
|
|
effective_username: "{{ server_username }}"
|
|
effective_user_group: "{{ server_user_group }}"
|
|
effective_user_home: "{{ server_user_home }}"
|
|
server_container_stack_dir: /opt/docker/server
|
|
|
|
profile_packages:
|
|
- avahi-daemon
|
|
- dmidecode
|
|
- dosfstools
|
|
- gh
|
|
- netcat-openbsd
|
|
- openssh-server
|
|
- parted
|
|
- pciutils
|
|
- ranger
|
|
- rsync
|
|
|
|
server_dotfiles:
|
|
- src: .gitignore_global
|
|
dest: .gitignore_global
|
|
mode: "0644"
|
|
- src: .themes.gitignore
|
|
dest: .themes.gitignore
|
|
mode: "0644"
|
|
- src: duckdns/
|
|
dest: duckdns/
|
|
mode: preserve
|
|
|
|
server_templates:
|
|
- src: server/.gitconfig.j2
|
|
dest: .gitconfig
|
|
mode: "0644"
|
|
- src: server/docker-compose.yml.j2
|
|
dest: "{{ server_container_stack_dir }}/docker-compose.yml"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
- src: server/navidrome_db_password.txt.j2
|
|
dest: "{{ server_container_stack_dir }}/navidrome_db_password.txt"
|
|
owner: root
|
|
group: root
|
|
mode: "0600"
|
|
no_log: true
|
|
- src: server/postgres_root_password.txt.j2
|
|
dest: "{{ server_container_stack_dir }}/postgres_root_password.txt"
|
|
owner: root
|
|
group: root
|
|
mode: "0600"
|
|
no_log: true
|
|
|
|
server_directories:
|
|
- path: "{{ server_container_stack_dir }}"
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
- path: /opt/navidrome/data
|
|
owner: "{{ server_username }}"
|
|
group: "{{ server_user_group }}"
|
|
mode: "0755"
|
|
- path: /opt/music
|
|
owner: "{{ server_username }}"
|
|
group: "{{ server_user_group }}"
|
|
mode: "0755"
|
|
- path: /opt/npm/data
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
- path: /opt/npm/letsencrypt
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
- path: /opt/postgres/data
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
- path: /opt/gitea/data
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
|
|
server_ufw_rules:
|
|
- rule: allow
|
|
name: OpenSSH
|
|
|
|
server_sshd_settings:
|
|
PermitRootLogin: "no"
|
|
|
|
server_sshd_allow_users:
|
|
- "{{ server_username }}"
|