ldap, internal CA, internal webserver, dns, etc.

4 files changed, 19 insertions, 0 deletions

diff --git a/group_vars/all.yml b/group_vars/all.yml
index ff86d8b..6a4a738 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -1,6 +1,14 @@
 ---
+johan_ip: '100.64.0.5'
+
 dns_servers:
   - 1.1.1.1
   - 1.0.0.1
 dns_dnssec: true
 dns_domains: ["simponic.xyz"]
+dns_stub_listener: false
+
+step_bootstrap_fingerprint: '2de0c420e3b6f9f8e47f325de908b2b2d395d3bc7e49ed9b672ce9be89bea1bf'
+step_bootstrap_ca_url: 'ca.internal.simponic.xyz'
+step_acme_cert_contact: 'elizabeth.hunt@simponic.xyz'
+step_ca_port: 5239
diff --git a/group_vars/ca.yml b/group_vars/ca.yml
new file mode 100644
index 0000000..9ef5c52
--- /dev/null
+++ b/group_vars/ca.yml
@@ -0,0 +1,6 @@
+---
+step_ca_root_password: "{{ lookup('env', 'STEP_CA_ROOT_PASSWORD') }}"
+step_ca_intermediate_password: "{{ lookup('env', 'STEP_CA_INTERMEDIATE_PASSWORD') }}"
+step_ca_dns: "{{ step_bootstrap_ca_url }}, {{ johan_ip }}"
+step_ca_name: Simponic Internal CA
+step_ca_address: ":{{ step_ca_port }}"
diff --git a/group_vars/lldap.yml b/group_vars/lldap.yml
new file mode 100644
index 0000000..2322e7f
--- /dev/null
+++ b/group_vars/lldap.yml
@@ -0,0 +1,3 @@
+---
+lldap_jwt_secret: "{{ lookup('env', 'LLDAP_JWT_SECRET') }}"
+lldap_user_pass: "{{ lookup('env', 'LLDAP_USER_PASS') }}"
diff --git a/group_vars/pihole.yml b/group_vars/pihole.yml
new file mode 100644
index 0000000..354d74c
--- /dev/null
+++ b/group_vars/pihole.yml
@@ -0,0 +1,2 @@
+---
+pihole_webpwd: "{{ lookup('env', 'PIHOLE_WEBPWD') }}"