---
pve_nodes:
  - node1
pve_tls_enabled: False
pve_tls_cert_source: mycert.pem
pve_tls_key_source: mykey.pem

pve_pamd_motd_enabled: True
# pve_disk_mount: # defaults to not set
#   - path: /mnt/backup
#     src: /dev/sdX
#     fstype: ext4
#     opts:
#     state: present

pve_nginx_vhost_enabled: False
pve_server_name: pve.example.com
pve_server_ip: 127.0.0.1
pve_server_port: 8006
pve_nginx_server: myinventoryname
pve_nginx_vhost_dir: /etc/nginx/sites-available
pve_nginx_vhost_symlink: /etc/nginx/sites-enabled
pve_nginx_iptables_enabled: False

pve_nginx_tls_enabled: True
pve_nginx_tls_cert_file: mycert.pem
pve_nginx_tls_key_file: mykey.pem

# Configure pam auth
pve_auth_pam_is_default: True
pve_auth_pam_description: Linux PAM standard authentication

pve_auth_pam_tfa_oath_enabled: False
# pve_auth_pam_tfa_oath_timestep: 30
# pve_auth_pam_tfa_oath_pwlength: 6

pve_auth_pam_tfa_yubico_enabled: False
# pve_auth_pam_tfa_yubico_api_id: 1a2b3c4d5e6f
# pve_auth_pam_tfa_yubico_api_key: 123456
# pve_auth_pam_tfa_yubico_url: http://127.0.0.1:8080

pve_auth_pve_is_default: False
pve_auth_pve_description: Linux pve standard authentication

pve_auth_pve_tfa_oath_enabled: False
# pve_auth_pve_tfa_oath_timestep: 30
# pve_auth_pve_tfa_oath_pwlength: 6

pve_auth_pve_tfa_yubico_enabled: False
# pve_auth_pve_tfa_yubico_api_id: 1a2b3c4d5e6f
# pve_auth_pve_tfa_yubico_api_key: 123456
# pve_auth_pve_tfa_yubico_url: http://127.0.0.1:8080

# Enable ldap auth against an external server
pve_auth_ldap_enabled: False
# pve_auth_ldap_is_default: False
# pve_auth_ldap_realm: ldap
# pve_auth_ldap_description: MyLDAP authentication server
# pve_auth_ldap_base_dn: dc=example,dc=com
# pve_auth_ldap_user_attr: uid
# pve_auth_ldap_primary_server: server1.example.com
# pve_auth_ldap_secondary_server: server2.example.com (defaults to not set)
# pve_auth_ldap_bind_dn: uid=proxy-user,cn=users,dc=example,dc=com (defaults to not set)
# pve_auth_ldap_bind_password: my_secret (defaults to not set)
# pve_auth_ldap_port: 389
# pve_auth_ldap_tls_enabled: False

pve_auth_ldap_tfa_oath_enabled: False
pve_auth_ldap_tfa_oath_timestep: 30
pve_auth_ldap_tfa_oath_pwlength: 6

pve_auth_ldap_tfa_yubico_enabled: False
# pve_auth_ldap_tfa_yubico_api_id: 1a2b3c4d5e6f
# pve_auth_ldap_tfa_yubico_api_key: 123456
# pve_auth_ldap_tfa_yubico_url: http://127.0.0.1:8080