extra-vars.yml 4.7 KB
Newer Older
1
2
3
4
5

#-------------------------------------------------------------------------------
# General Settings
#-------------------------------------------------------------------------------

6
# The FQDN or IP address of KYPO CRP.
7
kypo_crp_host:
8

9
# The prefix of the sandbox in the OpenStack cloud.
10
kypo_crp_instance_name: default0
11

12
13
14
# The maximum transmission unit for KYPO services.
kypo_crp_docker_network_mtu: 1442

15
16
17
18
19
20
21
22
23
24
# The URL of OpenStack Identity service API.
kypo_crp_os_auth_url:

# The ID of application credentials to authenticate at the OpenStack cloud platform.
kypo_crp_os_application_credential_id:

# The secret string of `kypo_crp_os_application_credential_id`.
kypo_crp_os_application_credential_secret:

# The KYPO Jump host IP address or hostname.
25
kypo_crp_proxy_host:
26
27

# The name of the user on the KYPO Jump host.
28
kypo_crp_proxy_user:
29

30
# The list of IP addresses to custom DNS servers.
31
kypo_crp_dns: []
32

Tomáš Sapák's avatar
Tomáš Sapák committed
33
34
# The OpenStack console type. One of: novnc, spice-html5
kypo_crp_os_console_type: spice-html5
35

36
37
38
39
40
41
42
43
44
45
46
47
#-------------------------------------------------------------------------------
# OIDC Providers
#-------------------------------------------------------------------------------

# The list of OIDC providers and their specification.
#kypo_crp_oidc_providers:
#      # The label that is displayed as an option for authentication.
#    - label: Login with Example issuer
#
#      # The URL of resource server configuration.
#      url: https://example.com:443/issuer
#
48
49
50
51
52
#      # The ID of OIDC client.
#      client_id: alpha-num-string
#
#      # The ID of resource client.
#      resource_client_id: alpha-num-string
53
#
54
55
#      # The secret for resource client `resource_client_id`.
#      resource_client_secret: alpha-num-string
56

57
58
59
60
# EXAMPLE for local issuer
#
#kypo_crp_oidc_local_provider_url: '{{ kypo_crp_url }}:8443/csirtmu-dummy-issuer-server/'
#kypo_crp_oidc_local_provider_ldap_root_password:
61
#kypo_crp_oidc_local_provider_postgres_password:
62
#kypo_crp_oidc_providers: '{{ [kypo_crp_oidc_local_provider] }}'
63
64
65
66
67

#-------------------------------------------------------------------------------
# Initial Users
#-------------------------------------------------------------------------------

68
69
# The list of KYPO CRP users that will be added to the KYPO CRP users and groups
#   service and the local OIDC provider (if present).
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#kypo_crp_users:
#      # The unique identifier of the user within the OIDC provider.
#    - sub: admin@example.com
#
#      # The URL of the OIDC provider.
#      iss: https://example.com:443/issuer
#
#      # A password of the user.
#      password: password
#
#      # An email address of the user.
#      email: admin@example.com
#
#      # The user full name.
#      fullName: "Demo Admin"
#
#      # The user given name.
#      givenName: "Demo"
#
#      # The user family name.
#      familyName: "Admin"
#
#      # The boolean value that represents whether the user is admin or not.
#      admin: True

95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# EXAMPLE for local issuer
#
#kypo_crp_users:
#    - sub: kypo-admin
#      iss: '{{ kypo_crp_oidc_local_provider_url }}'
#      password:
#      email: kypo-admin@example.com
#      fullName: "Demo Admin"
#      givenName: "Demo"
#      familyName: "Admin"
#      admin: True
#    - sub: kypo-user
#      iss: '{{ kypo_crp_oidc_local_provider_url }}'
#      password:
#      email: kypo-user@example.com
#      fullName: "Demo User"
#      givenName: "Demo"
#      familyName: "User"
#      admin: False
114

115
#-------------------------------------------------------------------------------
116
# Git Settings
117
118
#-------------------------------------------------------------------------------

119
## The Git repository settings.
120
kypo_crp_git: '{{ kypo_crp_git_internal }}'
121
#kypo_crp_git:
122
123
124
125
#    # The type of Git repository. For external, keep the value set to GITLAB.
#    type: GITLAB
#
#    # The Git server hostname or IP address.
126
#    server: example.com
127
#
128
129
130
#    # Git server ssh port
#    ssh_port: 22
#
131
#    # The URL of Git REST server.
132
#    rest_server_url: https://example.com/
133
134
135
136
#
#    # The name of user used for communication with Git repository.
#    user: git
#
137
138
139
140
#    # The base64 encoded content of private SSL key that KYPO CRP uses to communicate with Git repository.
#    private_key: |-
#        <encoded-ssh-key
#        spanning-multiple-lines>
141
#
142
143
144
145
#    # The base64 encoded content of public part of `kypo_crp_git.private_key` SSL key.
#    public_key: |-
#        <encoded-ssh-key
#        spanning-multiple-lines>
146
147
#
#    # The access token for Git REST server.
148
#    access_token: alpha-num-string
149
150
#
#    # The URL of Ansible networking Git repository.
151
#    ansible_networking_url: git@example.com:kypo-ansible-stage-one.git
152
153
154
#
#    # The revision of Ansible networking Git repository. Either branch name, tag, or SHA commit hash.
#    ansible_networking_rev: master