76 lines
2.3 KiB
YAML
76 lines
2.3 KiB
YAML
---
|
|
pve_nodes:
|
|
- node1
|
|
pve_tls_enabled: False
|
|
pve_tls_cert_source: mycert.pem
|
|
pve_tls_key_source: mykey.pem
|
|
|
|
pve_pamd_motd_enabled: True
|
|
# pve_disk_mount: # defaults to not set
|
|
# - path: /mnt/backup
|
|
# src: /dev/sdX
|
|
# fstype: ext4
|
|
# opts:
|
|
# state: present
|
|
|
|
pve_nginx_vhost_enabled: False
|
|
pve_server_name: pve.example.com
|
|
pve_server_ip: 127.0.0.1
|
|
pve_server_port: 8006
|
|
pve_nginx_server: myinventoryname
|
|
pve_nginx_vhost_dir: /etc/nginx/sites-available
|
|
pve_nginx_vhost_symlink: /etc/nginx/sites-enabled
|
|
pve_nginx_iptables_enabled: False
|
|
|
|
pve_nginx_tls_enabled: True
|
|
pve_nginx_tls_cert_file: mycert.pem
|
|
pve_nginx_tls_key_file: mykey.pem
|
|
|
|
# Configure pam auth
|
|
pve_auth_pam_is_default: True
|
|
pve_auth_pam_description: Linux PAM standard authentication
|
|
|
|
pve_auth_pam_tfa_oath_enabled: False
|
|
# pve_auth_pam_tfa_oath_timestep: 30
|
|
# pve_auth_pam_tfa_oath_pwlength: 6
|
|
|
|
pve_auth_pam_tfa_yubico_enabled: False
|
|
# pve_auth_pam_tfa_yubico_api_id: 1a2b3c4d5e6f
|
|
# pve_auth_pam_tfa_yubico_api_key: 123456
|
|
# pve_auth_pam_tfa_yubico_url: http://127.0.0.1:8080
|
|
|
|
pve_auth_pve_is_default: False
|
|
pve_auth_pve_description: Linux pve standard authentication
|
|
|
|
pve_auth_pve_tfa_oath_enabled: False
|
|
# pve_auth_pve_tfa_oath_timestep: 30
|
|
# pve_auth_pve_tfa_oath_pwlength: 6
|
|
|
|
pve_auth_pve_tfa_yubico_enabled: False
|
|
# pve_auth_pve_tfa_yubico_api_id: 1a2b3c4d5e6f
|
|
# pve_auth_pve_tfa_yubico_api_key: 123456
|
|
# pve_auth_pve_tfa_yubico_url: http://127.0.0.1:8080
|
|
|
|
# Enable ldap auth against an external server
|
|
pve_auth_ldap_enabled: False
|
|
# pve_auth_ldap_is_default: False
|
|
# pve_auth_ldap_realm: ldap
|
|
# pve_auth_ldap_description: MyLDAP authentication server
|
|
# pve_auth_ldap_base_dn: dc=example,dc=com
|
|
# pve_auth_ldap_user_attr: uid
|
|
# pve_auth_ldap_primary_server: server1.example.com
|
|
# pve_auth_ldap_secondary_server: server2.example.com (defaults to not set)
|
|
# pve_auth_ldap_bind_dn: uid=proxy-user,cn=users,dc=example,dc=com (defaults to not set)
|
|
# pve_auth_ldap_bind_password: my_secret (defaults to not set)
|
|
# pve_auth_ldap_port: 389
|
|
# pve_auth_ldap_tls_enabled: False
|
|
|
|
pve_auth_ldap_tfa_oath_enabled: False
|
|
pve_auth_ldap_tfa_oath_timestep: 30
|
|
pve_auth_ldap_tfa_oath_pwlength: 6
|
|
|
|
pve_auth_ldap_tfa_yubico_enabled: False
|
|
# pve_auth_ldap_tfa_yubico_api_id: 1a2b3c4d5e6f
|
|
# pve_auth_ldap_tfa_yubico_api_key: 123456
|
|
# pve_auth_ldap_tfa_yubico_url: http://127.0.0.1:8080
|