diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index 61c57fd..22cdaa7 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -1,3 +1,6 @@ ansible_python_interpreter: /usr/bin/python3 + basics_autoupdate_mail: backend@hamburg.freifunk.net basics_autoupdate_reboot_time: "04:00" + +nginx_error_log: "/dev/null error" diff --git a/inventory/host_vars/srv01.yml b/inventory/host_vars/srv01.yml index cc3511e..f16624c 100644 --- a/inventory/host_vars/srv01.yml +++ b/inventory/host_vars/srv01.yml @@ -6,6 +6,8 @@ basics_ssh_match_blocks: - AuthorizedKeysFile /home/certsync/authorized_keys - ChrootDirectory /home/certsync/root - ForceCommand internal-sftp -nginx_resolver: 192.76.134.90 212.12.50.158 + +nginx_resolver: "192.76.134.90 212.12.50.158" + updates_tls_crt: /etc/letsencrypt/live/updates.hamburg.freifunk.net/fullchain.pem updates_tls_key: /etc/letsencrypt/live/updates.hamburg.freifunk.net/privkey.pem diff --git a/inventory/host_vars/srv02.yml b/inventory/host_vars/srv02.yml index 193ae24..0e09f60 100644 --- a/inventory/host_vars/srv02.yml +++ b/inventory/host_vars/srv02.yml @@ -2,10 +2,14 @@ basics_autoupdate_origins: - o=Node Source,n=${distro_codename} - o=Prosody,n=${distro_codename} - o=TorProject,n=${distro_codename} + hopglass_frontend_tls_crt: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/fullchain.pem hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem + media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem + meta_tls_crt: /etc/letsencrypt/live/hamburg.freifunk.net/fullchain.pem meta_tls_key: /etc/letsencrypt/live/hamburg.freifunk.net/privkey.pem -nginx_resolver: 127.0.0.1 + +nginx_resolver: "127.0.0.1" diff --git a/inventory/host_vars/srv03.yml b/inventory/host_vars/srv03.yml index 075ccf1..ac0bb50 100644 --- a/inventory/host_vars/srv03.yml +++ b/inventory/host_vars/srv03.yml @@ -1,5 +1,7 @@ certsync_host: srv01.hamburg.freifunk.net -nginx_resolver: 80.252.105.162 80.252.105.194 + +nginx_resolver: "80.252.105.162 80.252.105.194" + updates_group: www-data updates_letsencrypt: srv01 updates_owner: ffupdates