2021-12-17 20:17:22 +00:00
|
|
|
#hostname = "2a00:f820:528::4"
|
|
|
|
hostname = "31.47.232.108"
|
2021-12-17 10:51:33 +00:00
|
|
|
bundles = [
|
2022-01-09 21:04:11 +00:00
|
|
|
"elasticsearch",
|
2021-12-21 09:48:22 +00:00
|
|
|
"ldap-frontend",
|
2021-12-19 13:18:30 +00:00
|
|
|
"letsencrypt",
|
2022-01-04 10:17:27 +00:00
|
|
|
"monit",
|
2021-12-17 20:17:22 +00:00
|
|
|
"nginx",
|
|
|
|
"nextcloud",
|
2021-12-17 10:51:33 +00:00
|
|
|
"openldap",
|
2021-12-29 22:27:02 +00:00
|
|
|
"postfix",
|
2021-12-17 20:17:22 +00:00
|
|
|
"php",
|
|
|
|
"postgresql",
|
|
|
|
"redis",
|
2021-12-17 10:51:33 +00:00
|
|
|
]
|
2021-11-26 18:45:23 +00:00
|
|
|
groups = [
|
|
|
|
"debian-bullseye",
|
|
|
|
]
|
|
|
|
|
2021-12-18 17:53:32 +00:00
|
|
|
[metadata.hosts.entries]
|
|
|
|
"127.0.0.1" = [
|
|
|
|
"ldap.qzwi.de",
|
|
|
|
]
|
|
|
|
|
2021-11-26 18:45:23 +00:00
|
|
|
[metadata.interfaces.enp1s0]
|
|
|
|
ips = [
|
2021-12-17 10:51:33 +00:00
|
|
|
"31.47.232.108/29",
|
2021-11-26 18:45:23 +00:00
|
|
|
"2a00:f820:528::4",
|
|
|
|
]
|
2021-12-17 10:51:33 +00:00
|
|
|
gateway4 = "31.47.232.105"
|
2021-11-26 18:45:23 +00:00
|
|
|
gateway6 = "2a00:f820:528::1"
|
2021-12-17 10:51:33 +00:00
|
|
|
|
2021-12-22 09:02:25 +00:00
|
|
|
[metadata.ldap-frontend.external_links]
|
|
|
|
"NextCloud" = "https://cloud.qzwi.de/"
|
|
|
|
|
2021-12-17 20:17:22 +00:00
|
|
|
[metadata.nextcloud]
|
2022-01-09 21:15:42 +00:00
|
|
|
# for elasticsearch to work, please install 'ingest-attachment' plugin:
|
|
|
|
# /usr/share/elasticsearch/bin/elasticsearch-plugin install ingest-attachment
|
2021-12-17 20:17:22 +00:00
|
|
|
domain = "cloud.qzwi.de"
|
|
|
|
sha1 = "0d496eb0808c292502479e93cd37fe2daf95786a"
|
|
|
|
version = "23.0.0"
|
|
|
|
|
|
|
|
[metadata.nginx.vhosts.nextcloud]
|
2021-12-19 13:18:30 +00:00
|
|
|
ssl = "letsencrypt"
|
2021-12-17 20:17:22 +00:00
|
|
|
|
2021-12-19 13:37:20 +00:00
|
|
|
[metadata.nginx.vhosts.openldap]
|
|
|
|
domain = "ldap.qzwi.de"
|
|
|
|
ssl = "letsencrypt"
|
2021-12-21 09:48:22 +00:00
|
|
|
[metadata.nginx.vhosts.openldap.locations."/"]
|
|
|
|
target = "http://127.0.0.1:23000"
|
2021-12-19 13:37:20 +00:00
|
|
|
|
2021-12-17 10:51:33 +00:00
|
|
|
[metadata.openldap]
|
|
|
|
my_hostname = "ldap.qzwi.de"
|
|
|
|
ssl = "_.qzwi.de"
|
|
|
|
backup = [
|
|
|
|
"dc=qzwi,dc=de",
|
|
|
|
]
|
|
|
|
schemas = [
|
|
|
|
"openssh-lpk_openldap",
|
|
|
|
]
|
2021-12-17 20:17:22 +00:00
|
|
|
|
2022-01-03 10:30:36 +00:00
|
|
|
[metadata.ldap-frontend.template]
|
2022-02-25 14:36:51 +00:00
|
|
|
"group_admin" = "(&(objectclass=inetOrgPerson)(uid={})(memberOf=ou=qzwi-admins,ou=Groups,dc=qzwi,dc=de))"
|
|
|
|
"group_members" = "(&(objectclass=inetOrgPerson)(memberOf=ou={},ou=Groups,dc=qzwi,dc=de))"
|
|
|
|
"group_nonmembers" = "(&(objectclass=inetOrgPerson)(!(memberOf=ou={},ou=Groups,dc=qzwi,dc=de)))"
|
|
|
|
"user_search" = "(&(objectclass=inetOrgPerson)(uid={}))"
|
2022-01-03 10:30:36 +00:00
|
|
|
|
2021-12-18 09:31:25 +00:00
|
|
|
[metadata.openldap.access."ou=Users,dc=qzwi,dc=de"]
|
2021-12-21 09:48:22 +00:00
|
|
|
manage = [
|
|
|
|
"uid=ldap-frontend,ou=Applications,dc=qzwi,dc=de",
|
|
|
|
]
|
|
|
|
|
|
|
|
[metadata.openldap.access."ou=Groups,dc=qzwi,dc=de"]
|
|
|
|
manage = [
|
|
|
|
"uid=ldap-frontend,ou=Applications,dc=qzwi,dc=de",
|
|
|
|
]
|
2021-12-18 09:31:25 +00:00
|
|
|
|
2021-12-17 20:17:22 +00:00
|
|
|
[metadata.vm]
|
|
|
|
cpu = 4
|
|
|
|
ram = 4
|
2022-01-04 10:17:27 +00:00
|
|
|
|
|
|
|
[metadata.monit]
|
|
|
|
from_address = "monit@qzwi.de"
|
|
|
|
alert_addresses = [
|
|
|
|
"rico@qzwi.de",
|
2022-01-09 21:04:11 +00:00
|
|
|
]
|