ansible/host_vars/jump0.kill0.net/all.yaml

---
certbot_certificates:
  - domains:
      - monitor.kill0.net
    email: rcavicchioni@gmail.com
  - domains:
      - git.kill0.net
    email: rcavicchioni@gmail.com
  - domains:
      - stats.kill0.net
    email: rcavicchioni@gmail.com
  - domains:
      - jump0.kill0.net
    email: rcavicchioni@gmail.com
  - domains:
      - dl.kill0.net
    email: rcavicchioni@gmail.com
  - domains:
      - cavi.cc
    email: rcavicchioni@gmail.com

autossh_config: []

wireguard_interfaces:
  wg0:
    address: 10.255.0.1/32
    private_key: "{{ vault_wireguard_private_keys.wg0 }}"
    listen_port: 51820
  wg1:
    address:
      - 192.168.255.1/24
      - 2600:3c00:e000:343::1/128
    private_key: "{{ vault_wireguard_private_keys.wg1 }}"
    listen_port: 51821

restic_tidy_enabled: true

nginx_vhosts:
  cavicc:
    - server_name: cavi.cc
      root: /var/www/cavicc
      listen:
        - 80
        - "[::]:80"
      raw: |
        location / {
            return 301 https://$server_name$request_uri;
        }
    - server_name: cavi.cc
      root: /var/www/cavicc
      listen:
        - 443 ssl http2
        - "[::]:443 ssl http2"
      ssl_certificate: /etc/letsencrypt/live/cavi.cc/fullchain.pem
      ssl_certificate_key: /etc/letsencrypt/live/cavi.cc/privkey.pem
Add host_vars and group_vars 2022-08-30 12:41:17 +00:00			`---`
			`certbot_certificates:`
			`- domains:`
			`- monitor.kill0.net`
			`email: rcavicchioni@gmail.com`
			`- domains:`
			`- git.kill0.net`
			`email: rcavicchioni@gmail.com`
			`- domains:`
			`- stats.kill0.net`
			`email: rcavicchioni@gmail.com`
			`- domains:`
			`- jump0.kill0.net`
			`email: rcavicchioni@gmail.com`
			`- domains:`
			`- dl.kill0.net`
			`email: rcavicchioni@gmail.com`
			`- domains:`
			`- cavi.cc`
			`email: rcavicchioni@gmail.com`

			`autossh_config: []`

			`wireguard_interfaces:`
			`wg0:`
			`address: 10.255.0.1/32`
			`private_key: "{{ vault_wireguard_private_keys.wg0 }}"`
			`listen_port: 51820`
			`wg1:`
			`address:`
			`- 192.168.255.1/24`
			`- 2600:3c00:e000:343::1/128`
			`private_key: "{{ vault_wireguard_private_keys.wg1 }}"`
			`listen_port: 51821`

			`restic_tidy_enabled: true`

			`nginx_vhosts:`
			`cavicc:`
			`- server_name: cavi.cc`
			`root: /var/www/cavicc`
			`listen:`
			`- 80`
			`- "[::]:80"`
			`raw: \|`
			`location / {`
			`return 301 https://$server_name$request_uri;`
			`}`
			`- server_name: cavi.cc`
			`root: /var/www/cavicc`
			`listen:`
			`- 443 ssl http2`
			`- "[::]:443 ssl http2"`
			`ssl_certificate: /etc/letsencrypt/live/cavi.cc/fullchain.pem`
			`ssl_certificate_key: /etc/letsencrypt/live/cavi.cc/privkey.pem`