---
|
|
host_fqdn: '{{ ansible_hostname }}.dmz.{{ domain }}'
|
|
|
|
ldap_domain: '{{ domain }}'
|
|
ldap_organization: '{{ organization }}'
|
|
ldap_check_tree: true
|
|
ldap_tls_enabled: true
|
|
|
|
ldap_tls_server_ca: '{{ tls_intermediate_server_ca }}'
|
|
ldap_tls_user_ca: '{{ tls_intermediate_user_ca }}'
|
|
|
|
ldap_server_accounts:
|
|
- 'projects.dmz.{{ domain }}'
|
|
- 'cloud.dmz.{{ domain }}'
|
|
- 'matrix.dmz.{{ domain }}'
|
|
- 'status.dmz.{{ domain }}'
|
|
|
|
ldap_groups_name:
|
|
- 'admin'
|
|
|
|
ldap_groups_posix:
|
|
stduser: 5000
|
|
user_sites: 900
|
|
|
|
ldap_users_admin:
|
|
test_admin:
|
|
password: 'pippopippo'
|
|
sn: 'Test Admin User'
|
|
mail: 'admin@zolfa.nl'
|
|
authorizedServices:
|
|
- 'icinga2'
|
|
|
|
ldap_users_common:
|
|
pippo:
|
|
password: 'pippopippo'
|
|
sn: 'Utente Pippo'
|
|
mail: 'pippo@zolfa.nl'
|
|
authorizedServices:
|
|
- 'nextcloud'
|
|
- 'matrix'
|
|
- 'gitlab'
|
|
pluto:
|
|
password: 'plutopluto'
|
|
sn: 'Utente Pluto'
|
|
mail: 'pluto@zolfa.nl'
|
|
|
|
ldap_basedn: 'dc={{ ldap_domain.replace(".", ",dc=") }}'
|
|
ldap_x509_suffix: >-
|
|
{% for k, v in x509_subj_prefix.items()|reverse %}{{k|lower}}={{v}}{{ ',' if not loop.last }}{% endfor %}
|
|
...
|