---
unifi_version: 5.10.25
unifi_openjdk_version: 1.8.0
unifi_restore_after_upgrade: False

unifi_group: ubnt
unifi_user: ubnt

unifi_lvm_enabled: False
unifi_lvm_pvs:
  - /dev/sdxx
unifi_lvm_vg: vg_unifi
unifi_lvm_lv: lv_unifi
unifi_lvm_size: 10G
unifi_lvm_fstype: xfs
unifi_base_dir: /opt/unifi
unifi_tmp_dir: "{{ unifi_base_dir }}/tmp"

unifi_iptables_enabled: False
unifi_open_ports:
  - name: allow_unifi_web
    rules: |
      -A INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT
    state: present
  - name: allow_unifi_comm
    rules: |
      -A INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT
      -A OUTPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT
    state: present
  - name: allow_unifi_stun
    rules: |
      -A INPUT -m state --state NEW -p udp --dport 3478 -j ACCEPT
      -A OUTPUT -m state --state NEW -p udp --dport 3478 -j ACCEPT
    state: present
  - name: allow_unifi_discover
    rules: |
      -A INPUT -m state --state NEW -p udp --dport 10001 -j ACCEPT
      -A OUTPUT -m state --state NEW -p udp --dport 10001 -j ACCEPT
    state: present
  - name: allow_unifi_sped
    rules: |
      -A INPUT -m state --state NEW -p tcp --dport 6789 -j ACCEPT
    state: present
  - name: allow_unifi_adopt
    rules: |
      -A OUTPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT
    state: present

unifi_tls_enabled: False
unifi_tls_pkcs12_passphrase: temppass
unifi_tls_certs_dir: "{{ unifi_base_dir }}/tls/certs"
unifi_tls_key_dir: "{{ unifi_base_dir }}/tls/private"
unifi_tls_cert_file: "{{ unifi_tls_certs_dir }}/mycert.pem"
unifi_tls_key_file: "{{ unifi_tls_key_dir }}/mykey.pem"
unifi_tls_cert_source: mycert.pem
unifi_tls_key_source: mykey.pem