diff --git a/group_vars/all.yml b/group_vars/all.yml index 00bbc53..ffb9744 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -4,11 +4,8 @@ timezone: Asia/Yekaterinburg system_locale: ru_RU.UTF-8 proxmox_node: "Olimp" - -# Настройки пользователей admin_user: root -# Список пакетов для установки на всех хостах base_packages: - curl - wget @@ -24,68 +21,56 @@ base_packages: - dnsutils - iputils-ping - traceroute -# Дополнительные настройки + system_scripts: [] custom_directories: - /opt/scripts - /etc/apt/keyrings -# ------------192.168.1.201 gateway------------ - -# MNP +# ------------ gateway (192.168.1.201) ------------ npm_base_dir: "/opt/npm" npm_data_dir: "/opt/npm/data" npm_letsencrypt_dir: "/opt/npm/letsencrypt" -# Heimdall heimdall_base_dir: "/opt/heimdall" heimdall_config_dir: "/opt/heimdall/config" heimdall_port: "45131" -# ------------ Dashy ------------ dashy_base_dir: "/opt/dashy" dashy_config_dir: "{{ dashy_base_dir }}/config" dashy_port: "45132" dashy_domain: "start.zailon.ru" -# ------------192.168.1.202 data------------ - -# Bookstack +# ------------ data (192.168.1.202) ------------ bookstack_base_dir: "/mnt/bookstack" bookstack_config_dir: "/mnt/bookstack/config" bookstack_uploads_dir: "/mnt/bookstack/uploads" bookstack_db_dir: "/mnt/bookstack/db" bookstack_port: "45133" -# Mealie mealie_base_dir: "/mnt/mealie" mealie_data_dir: "/mnt/mealie/data" mealie_port: "45132" mealie_db_type: "sqlite" -mealie_db_password: "secure_password_123" +mealie_db_password: "{{ vault_mealie_db_password }}" -# Bitwarden bitwarden_base_dir: "/mnt/bitwarden" bitwarden_data_dir: "{{ bitwarden_base_dir }}/vw-data" bitwarden_port: "45131" - -bitwarden_admin_token: "QMhEngkv2a5s5S1AOp96A7rxiwz9BTCHGORY3EHcUYEP9wy07/+HxYGimL/FQAwl" +bitwarden_admin_token: "{{ vault_bitwarden_admin_token }}" bitwarden_websocket_enabled: true bitwarden_signups_allowed: false bitwarden_smtp_host: "smtp.mail.ru" bitwarden_smtp_port: "465" bitwarden_smtp_ssl: true bitwarden_smtp_username: "zailon@bk.ru" -bitwarden_smtp_password: "khhyw8Ri9WrabwqM2vbC" +bitwarden_smtp_password: "{{ vault_bitwarden_smtp_password }}" bitwarden_smtp_from: "zailon@bk.ru" bitwarden_domain: "https://bw.zailon.ru" -# ------------192.168.1.203 media------------ - -# Media базовые дериктории +# ------------ media (192.168.1.203) ------------ service_config_base: "/mnt/service" -# Jellyfin jellyfin_base_dir: "{{ service_config_base }}/jellyfin" jellyfin_config_dir: "{{ jellyfin_base_dir }}/config" jellyfin_cache_dir: "{{ jellyfin_base_dir }}/cache" @@ -94,20 +79,17 @@ jellyfin_media_path: "/mnt/video" jellyfin_port: "45131" jellyfin_hw_acceleration: true -# Audiobookshelf audiobookshelf_base_dir: "{{ service_config_base }}/audiobookshelf" audiobookshelf_config_dir: "{{ audiobookshelf_base_dir }}/config" audiobookshelf_db_dir: "{{ audiobookshelf_base_dir }}/db" audiobookshelf_port: "45132" -# Ampache ampache_base_dir: "{{ service_config_base }}/ampache" ampache_config_dir: "{{ ampache_base_dir }}/config" ampache_logs_dir: "{{ ampache_base_dir }}/logs" ampache_mysql_dir: "{{ ampache_base_dir }}/mysql" ampache_port: "45134" -# Calibre calibre_base_dir: "{{ service_config_base }}/calibre" calibre_library_dir: "/mnt/books" calibre_config_dir: "{{ calibre_base_dir }}/config" @@ -119,30 +101,23 @@ calibre_web_enable_registration: false calibre_web_enable_webdav: true calibre_web_enable_opds: true -# ------------192.168.1.204 photo------------ - - -# Immich variables +# ------------ photo (192.168.1.204) ------------ immich_base_dir: "/mnt/immich" immich_port: "45131" immich_db_username: "postgres" -immich_db_password: "postgres" +immich_db_password: "{{ vault_immich_db_password }}" immich_db_name: "immich" immich_version: "release" -# immich_public_url: "https://photos.yourdomain.com" # раскомментирую если нужно -# ------------192.168.1.206 talk------------ - -# Mumble +# ------------ talk (192.168.1.206) ------------ mumble_base_dir: "/mnt/mumble" mumble_data_dir: "{{ mumble_base_dir }}/data" mumble_port: "45131" mumble_ice_port: "6502" -mumble_server_password: "passw0rd" -mumble_superuser_password: "13qeadZC" +mumble_server_password: "{{ vault_mumble_server_password }}" +mumble_superuser_password: "{{ vault_mumble_superuser_password }}" mumble_max_users: "100" -# Matrix Synapse matrix_base_dir: "/mnt/matrix" matrix_data_dir: "{{ matrix_base_dir }}/data" matrix_config_dir: "{{ matrix_base_dir }}/config" @@ -154,21 +129,19 @@ matrix_server_name: "{{ matrix_domain }}" matrix_registration_enabled: false matrix_report_stats: "no" matrix_postgres_user: "synapse" -matrix_postgres_password: "13qeadZC" +matrix_postgres_password: "{{ vault_matrix_postgres_password }}" matrix_postgres_db: "synapse" matrix_synapse_secret: "{{ vault_matrix_synapse_secret }}" matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}" matrix_form_secret: "{{ vault_matrix_form_secret }}" -# ------------192.168.1.208 manage------------ -# MeshCentral +# ------------ manage (192.168.1.228) ------------ meshcentral_base_dir: "/opt/meshcentral" meshcentral_data_dir: "/mnt/mesh/meshcentral-data" meshcentral_files_dir: "/mnt/mesh/meshcentral-files" meshcentral_backup_dir: "/mnt/mesh/meshcentral-backup" meshcentral_port: "45131" -# Grafana (для будущего использования) grafana_base_dir: "/opt/grafana" grafana_data_dir: "{{ grafana_base_dir }}/data" grafana_port: "45132" \ No newline at end of file diff --git a/vault.yml b/vault.yml index 238f55e..0aeb631 100644 --- a/vault.yml +++ b/vault.yml @@ -1,24 +1,25 @@ -$ANSIBLE_VAULT;1.1;AES256 -38366636356431366631363566313532343532653438653662323338306133633631346230333333 -6333303938616238353236653366653537353861393565340a326566383965623733306563653263 -34323766616434643462313830623166373064323034353637393062623065373138356261383564 -3165643135636663310a633065383238623334343163343361633065303465383862643564646533 -63386637626362623534396535383364626337366162363238323130336361663466316234643766 -34336236346533646339313636303566666261353237393234326635303539363239623561346362 -30336464663361326633366661396462646564323038303533636631613638313066333439653263 -36336132633936313231666464393137393839346537303436653039646631643332656531363066 -64343037656136383731313231386232653138626432613834316232643638306162636564623264 -38333934636535306361303537326634346433626535333165343036613961353039313035353164 -38653564626634616433396634343166336231333966663330323532353431343830396464626665 -64326232366337383165396365303930363734666363376465343731653537303531353632653833 -63663839316434363536353962656232633963313231383838336134303035636436633731346535 -61613630323962303934643730356263343164616235646163383238626138626361363562343333 -62633030306433633663663031666363663934663639366462303433663036353734653765333630 -35306138626565346464373435316633376264633735323265313964373861326630393163303265 -31616338326664633130623333343936363934616365643537613130643430623766636635386638 -38363432616464313532643066323164613532623938323633666437316132396230353365613939 -32653636363337393339313639646638613632336166343065633863393036363235373863306433 -30366530376137376636306261633638396131356232343334613835643131646636323236386634 -30333130636536313236386335623232653138353835366536396237636435636162616165346163 -36633830383963636138313630373662333861653635303134656532306561643233393263666266 -323232326333646561653661313433346365 +# SSH ключи (публичные — можно хранить в открытом виде, но если хочешь — оставь здесь) +ssh_public_keys: + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbvnGZxQEGYuScClONbkbfVn2+Uo1kYYztXqMf9ku1lHkw+7IZa00LOMwv7QGBRvrtBcw+TWqaMst5FZ3R6oWcQc+nkBEYoRXe4f3AuuFAl9C9F6sEYM8fX6mAHIlWQhFyVslazZtVTQwnfRV0rnbtCduCu9liywM3fShFqBVwq7Y4nBjG648Zq+VfCHpbBE9XkZaMDyeOXdtppmLetywnBS33mbXMDgH09PMlRz097xfZLkpFdSi8WtDOtKSBiEHtZ+H0EZ42Cda2xMnqlgVtPxWGUirvv6CvDyTmuMzrjALZoSKhl3iD6Szd1YOJcAw6bv9gbJKxPkZchrB65ZXT ZailonOlimp" + - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvRBW+2Xpck2tznhWJyls5J/4wUoVYdyFM6JTU7uogK ansible@olimp" + +# Matrix +vault_matrix_postgres_password: "13qeadZC" +vault_matrix_synapse_secret: "f9e5c2071a178dd8260c7a07b8e133417ff0d7c5d5ca12efdb215d56e19f05f4" +vault_matrix_macaroon_secret: "11e917490abf2306026ee6e3f49137ca911bd166dc0b8f4bccd62602bf9e6966" +vault_matrix_form_secret: "f61c53b083b51e14d2875940971b9e2d5f9ea4c69944cecf458075bf055eca45" +vault_matrix_admin_password: "13qeadZC" + +# Bitwarden +vault_bitwarden_admin_token: "QMhEngkv2a5s5S1AOp96A7rxiwz9BTCHGORY3EHcUYEP9wy07/+HxYGimL/FQAwl" +vault_bitwarden_smtp_password: "khhyw8Ri9WrabwqM2vbC" + +# Mealie +vault_mealie_db_password: "secure_password_123" + +# Mumble +vault_mumble_server_password: "passw0rd" +vault_mumble_superuser_password: "13qeadZC" + +# Immich +vault_immich_db_password: "postgres" \ No newline at end of file