xoxys.pve/defaults/main.yml
Robert Kaussow 91b31d065d
All checks were successful
continuous-integration/drone/push Build is passing
refactor tls tasks
2019-02-04 20:32:36 +01:00

68 lines
2.1 KiB
YAML

---
pve_nodes:
- node1
pve_tls_enabled: False
pve_tls_cert_source: mycert.pem
pve_tls_key_source: mykey.pem
pve_nginx_vhost_enabled: False
pve_server_name: pve.example.com
pve_server_ip: 127.0.0.1
pve_server_port: 8006
pve_nginx_server: myinventoryname
pve_nginx_vhost_dir: /etc/nginx/sites-available
pve_nginx_vhost_symlink: /etc/nginx/sites-enabled
pve_nginx_iptables_enabled: False
pve_nginx_tls_enabled: True
pve_nginx_tls_cert_file: mycert.pem
pve_nginx_tls_key_file: mykey.pem
# Configure pam auth
pve_auth_pam_is_default: True
pve_auth_pam_description: Linux PAM standard authentication
pve_auth_pam_tfa_oath_enabled: False
# pve_auth_pam_tfa_oath_timestep: 30
# pve_auth_pam_tfa_oath_pwlength: 6
pve_auth_pam_tfa_yubico_enabled: False
# pve_auth_pam_tfa_yubico_api_id: 1a2b3c4d5e6f
# pve_auth_pam_tfa_yubico_api_key: 123456
# pve_auth_pam_tfa_yubico_url: http://127.0.0.1:8080
pve_auth_pve_is_default: False
pve_auth_pve_description: Linux pve standard authentication
pve_auth_pve_tfa_oath_enabled: False
# pve_auth_pve_tfa_oath_timestep: 30
# pve_auth_pve_tfa_oath_pwlength: 6
pve_auth_pve_tfa_yubico_enabled: False
# pve_auth_pve_tfa_yubico_api_id: 1a2b3c4d5e6f
# pve_auth_pve_tfa_yubico_api_key: 123456
# pve_auth_pve_tfa_yubico_url: http://127.0.0.1:8080
# Enable ldap auth against an external server
pve_auth_ldap_enabled: False
# pve_auth_ldap_is_default: False
# pve_auth_ldap_realm: ldap
# pve_auth_ldap_description: MyLDAP authentication server
# pve_auth_ldap_base_dn: dc=example,dc=com
# pve_auth_ldap_user_attr: uid
# pve_auth_ldap_primary_server: server1.example.com
# pve_auth_ldap_secondary_server: server2.example.com (defaults to not set)
# pve_auth_ldap_bind_dn: uid=proxy-user,cn=users,dc=example,dc=com (defaults to not set)
# pve_auth_ldap_bind_password: my_secret (defaults to not set)
# pve_auth_ldap_port: 389
# pve_auth_ldap_tls_enabled: False
pve_auth_ldap_tfa_oath_enabled: False
# pve_auth_ldap_tfa_oath_timestep: 30
# pve_auth_ldap_tfa_oath_pwlength: 6
pve_auth_ldap_tfa_yubico_enabled: False
# pve_auth_ldap_tfa_yubico_api_id: 1a2b3c4d5e6f
# pve_auth_ldap_tfa_yubico_api_key: 123456
# pve_auth_ldap_tfa_yubico_url: http://127.0.0.1:8080