diff options
| author | Elizabeth Alexander Hunt <me@liz.coffee> | 2025-05-07 18:10:57 -0700 |
|---|---|---|
| committer | Elizabeth Alexander Hunt <me@liz.coffee> | 2025-05-07 18:10:57 -0700 |
| commit | b8ffbfe27eae919750ef4d3facf02393d1004287 (patch) | |
| tree | 78a22cffd1a387a1f482aac78a93fb951dcc81bb /group_vars | |
| parent | 59417f290463d3aabbf3ec2ab8e75703928db217 (diff) | |
| download | infra-b8ffbfe27eae919750ef4d3facf02393d1004287.tar.gz infra-b8ffbfe27eae919750ef4d3facf02393d1004287.zip | |
.git was corrupted on the machine i worked on these many commits. so here it is all at once :P
Diffstat (limited to 'group_vars')
| -rw-r--r-- | group_vars/all.yml | 2 | ||||
| -rw-r--r-- | group_vars/labdns.yml | 1 | ||||
| -rw-r--r-- | group_vars/mail.yml | 13 | ||||
| -rw-r--r-- | group_vars/oci.yml | 3 | ||||
| -rw-r--r-- | group_vars/swarm_cluster.yml | 3 |
5 files changed, 16 insertions, 6 deletions
diff --git a/group_vars/all.yml b/group_vars/all.yml index f6747d0..717a983 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -22,6 +22,8 @@ domain: "liz.coffee" idm_domain: "idm.{{ domain }}" headscale_host: "vpn.{{ domain }}" mail_domain: "mail.{{ domain }}" +oci_domain: "oci.{{ domain }}" +passwd_domain: "passwd.{{ domain }}" info_mail_user: "info" info_mail: "{{ info_mail_user }}@{{ domain }}" diff --git a/group_vars/labdns.yml b/group_vars/labdns.yml index c1985c9..d0b0c6a 100644 --- a/group_vars/labdns.yml +++ b/group_vars/labdns.yml @@ -3,6 +3,7 @@ labdns_base: "{{ swarm_base }}/labdns" internal_services: + - oci.{{ domain }} - ci.{{ domain }} - test.{{ domain }} - bin.{{ domain }} diff --git a/group_vars/mail.yml b/group_vars/mail.yml index 1114ca8..0a964e2 100644 --- a/group_vars/mail.yml +++ b/group_vars/mail.yml @@ -16,15 +16,16 @@ ldap_server_host: "ldaps://{{ ldap_server }}:3636" ldap_search_base: "{{ 'dc=' ~ idm_domain | regex_replace('\\.', ',dc=') }}" ldap_bind_dn: "dn=token" -ldap_query_filter_user: "(&(class=account)(emailprimary=%s))" -ldap_query_filter_group: "(&(class=group)(mail=%s))" -ldap_query_filter_alias: "(&(class=account)(emailalternative=%s))" +ldap_memberof_query: "(memberof=mail)" +ldap_query_filter_user: "(&(class=account)(emailprimary=%s){{ ldap_memberof_query }})" +ldap_query_filter_group: "(&(class=group)(mail=%s){{ ldap_memberof_query }})" +ldap_query_filter_alias: "(&(class=account)(emailalternative=%s)(memberof=mail){{ ldap_memberof_query }})" ldap_query_filter_domain: "(mail=*@%s)" -ldap_query_filter_senders: "(&(class=account)(|(emailprimary=%s)(emailalternative=%s)))" +ldap_query_filter_senders: "(&(class=account)(|(emailprimary=%s)(emailalternative=%s)){{ ldap_memberof_query }})" dovecot_user_filter: > - (&(class=account)(name=%u) - (memberOf=cn=mail,{{ ldap_search_base }})) + (&(class=account)(name=%u){{ ldap_memberof_query }}) + dovecot_auth_bind_userdn: "name=%u,{{ ldap_search_base }}" roundcube_default_host: "ssl://{{ mail_domain }}" diff --git a/group_vars/oci.yml b/group_vars/oci.yml new file mode 100644 index 0000000..7bc2db0 --- /dev/null +++ b/group_vars/oci.yml @@ -0,0 +1,3 @@ +--- + +oci_base: "{{ swarm_base }}/oci" diff --git a/group_vars/swarm_cluster.yml b/group_vars/swarm_cluster.yml index bf0744d..25324ae 100644 --- a/group_vars/swarm_cluster.yml +++ b/group_vars/swarm_cluster.yml @@ -1,3 +1,6 @@ --- swarm_base: "{{ ceph_base }}/docker" + +oci_username: "readonly" +oci_password: "readonly" |