-
Notifications
You must be signed in to change notification settings - Fork 0
/
vars.yml
134 lines (118 loc) · 7.65 KB
/
vars.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
documentroot: /home/www-data
opendata_ch_root: "{{ documentroot }}/opendata.ch"
transport_root: "{{ documentroot }}/transport.opendata.ch"
wiki_root: "{{ documentroot }}/opendata.ch/wiki"
opendata_ch_database_name: nmd_opendata_ch
opendata_ch_database_user: nmd_opendata_ch
opendata_ch_database_password: "{{ vault_opendata_ch_database_password }}"
databases:
- name: "{{ opendata_ch_database_name }}"
user: "{{ opendata_ch_database_user }}"
password: "{{ opendata_ch_database_password }}"
opendata_ch_wordpress_auth_key: "{{ vault_opendata_ch_wordpress_auth_key }}"
opendata_ch_wordpress_secure_auth_key: "{{ vault_opendata_ch_wordpress_secure_auth_key }}"
opendata_ch_wordpress_logged_in_key: "{{ vault_opendata_ch_wordpress_logged_in_key }}"
opendata_ch_wordpress_nonce_key: "{{ vault_opendata_ch_wordpress_nonce_key }}"
opendata_ch_wordpress_auth_salt: "{{ vault_opendata_ch_wordpress_auth_salt }}"
opendata_ch_wordpress_secure_auth_salt: "{{ vault_opendata_ch_wordpress_secure_auth_salt }}"
opendata_ch_wordpress_logged_in_salt: "{{ vault_opendata_ch_wordpress_logged_in_salt }}"
opendata_ch_wordpress_nonce_salt: "{{ vault_opendata_ch_wordpress_nonce_salt }}"
vhosts:
- servername: opendata.ch
documentroot: "{{ opendata_ch_root }}"
template: letsencrypt_noredirect
aliases:
- fr.opendata.ch
- en.opendata.ch
- make.opendata.ch
- glam.opendata.ch
- trans.opendata.ch
- finance.opendata.ch
- energy.opendata.ch
- food.opendata.ch
- tourism.opendata.ch
- www.offenedaten.ch
- offenedaten.ch
- prototypefund.opendata.ch
- beta.opendata.ch
- old.opendata.ch
- servername: transport.opendata.ch
documentroot: "{{ transport_root }}/web"
template: letsencrypt_noredirect
php_version: 8.2
cloudflare_email: hannes@opendata.ch
cloufflare_api_token: "{{ vault_cloufflare_api_token }}"
dns_opendata02_ip: 5.148.188.59
dns_domains:
- domain: opendata.ch
records:
- {name: "@", type: A, value: "{{ dns_opendata02_ip }}"}
# Wordpress sites
- {name: "en", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "energy", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "finance", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "fr", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "food", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "glam", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "make", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "tourism", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "transport", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "trans", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "www", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "www.transport", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "prototypefund", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "beta", type: A, value: "{{ dns_opendata02_ip }}"}
- {name: "old", type: A, value: "{{ dns_opendata02_ip }}"}
# mail servers
- {name: "@", type: MX, value: "aspmx.l.google.com", priority: 1}
- {name: "@", type: MX, value: "alt1.aspmx.l.google.com", priority: 5}
- {name: "@", type: MX, value: "alt2.aspmx.l.google.com", priority: 5}
- {name: "@", type: MX, value: "aspmx2.googlemail.com", priority: 10}
- {name: "@", type: MX, value: "aspmx3.googlemail.com", priority: 10}
- {name: "@", type: MX, value: "aspmx4.googlemail.com", priority: 10}
- {name: "@", type: MX, value: "aspmx5.googlemail.com", priority: 10}
# office tools
- {name: "calendar", type: CNAME, value: "ghs.google.com"}
- {name: "mail", type: CNAME, value: "ghs.google.com"}
- {name: "docs", type: CNAME, value: "ghs.google.com"}
- {name: "sites", type: CNAME, value: "ghs.google.com"}
- {name: "webmail", type: CNAME, value: "ghs.google.com"}
- {name: "groups", type: CNAME, value: "ghs.googlehosted.com"}
# community tools
- {name: "forum", type: CNAME, value: "soda2.datalets.ch"}
- {name: "tickets", type: CNAME, value: "www.pretix.eu"}
# dribdat instances
- {name: "hack.farming", type: CNAME, value: "cloud-opendata-02.nine.ch"}
- {name: "hack.energy", type: CNAME, value: "cloud-opendata-02.nine.ch"}
- {name: "hack.glam", type: CNAME, value: "cloud-opendata-02.nine.ch"}
- {name: "hack", type: CNAME, value: "cloud-opendata-01.nine.ch"}
# community apps (no longer maintained)
#- {name: "*.budget", type: CNAME, value: "open-budget.herokuapp.com"}
#- {name: "chat", type: A, value: "159.69.87.110"}
#- {name: "flows.transport", type: CNAME, value: "swiss-transport-flows.herokuapp.com"}
#- {name: "healthinsurance", type: CNAME, value: "ship.seantis.ch"}
#- {name: "helpwithcovid", type: CNAME, value: "sinuous-trout-2drs8fgmpuqpmoi3yknq6g54.herokudns.com"}
#- {name: "ipollution", type: CNAME, value: "gentle-brook-9727.herokuapp.com"}
#- {name: "request", type: CNAME, value: "request-data.herokuapp.com"}
#- {name: "survey", type: CNAME, value: "integrative-refuge-zu7p1l40f6rbtx0y2soqvwdo.herokudns.com"}
# community apps (active)
- {name: "heatsg.energy", type: CNAME, value: "cloud-opendata-02.nine.ch"}
- {name: "prototypefund-app", type: CNAME, value: "opendata-prototypefund-app.visiblesolutions.ch"}
- {name: "showcase", type: CNAME, value: "cloud-opendata-02.nine.ch"}
- {name: "vornamen", type: A, value: "185.17.69.73"}
- {name: "vornamen", type: AAAA, value: "2a04:503:0:1004::73"}
- {name: "10years", type: CNAME, value: "cname.vercel-dns.com"}
# domain protection
- {name: "k2._domainkey.opendata.ch", type: CNAME, value: "dkim2.mcsv.net"}
- {name: "k3._domainkey.opendata.ch", type: CNAME, value: "dkim3.mcsv.net"}
- {name: "jppnhhms2wpgqmnqk7p7mlcr2d2iymrt._domainkey", type: CNAME, value: "jppnhhms2wpgqmnqk7p7mlcr2d2iymrt.dkim.amazonses.com"}
- {name: "uk4ay6zoilmukitfmqayzlxhnp7un2y4._domainkey", type: CNAME, value: "uk4ay6zoilmukitfmqayzlxhnp7un2y4.dkim.amazonses.com"}
- {name: "h6gkoatbxlcmjs4vaszom5vy4tb52i4j._domainkey", type: CNAME, value: "h6gkoatbxlcmjs4vaszom5vy4tb52i4j.dkim.amazonses.com"}
- {name: "@", type: TXT, value: "v=spf1 include:spf.mandrillapp.com include:_spf.google.com ~all"}
- {name: "_dmarc", type: TXT, value: "v=DMARC1; p=quarantine"}
- {name: "mandrill._domainkey", type: TXT, value: "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrLHiExVd55zd/IQ/J/mRwSRMAocV/hMB3jXwaHH36d9NaVynQFYV8NaWi69c1veUtRzGt7yAioXqLj7Z4TeEUoOLgrKsn8YnckGs9i3B3tVFB+Ch/4mPhXWiNfNdynHWBcPcbJ8kjEQ2U8y78dHZj1YeRXXVvWob2OaKynO8/lQIDAQAB;"}
- {name: "google._domainkey", type: TXT, value: "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB1fDCGjk+KAuh/iu408i9w6dVgPWpQEA+ihvo+YG0ODLD7UKhzaavI/xpvq6Cb6y7LFs3m6IKvBM460o6efqjAvIKvVmUAehfL21cRNZ2etseiXTiWt1yCfI3hU8+odaPE4O6h6ChUgGLZ+oiFTuLFObI35l3MVghPz3W2EZky3aE40FFIdgreTk1OuP4TtROLw6kiO83IL+OBkiuTQNy/s10Btau4L1pl/gv6mArhkTrpdpwaIlraYwCVfVen+mFiq5aCGv+avJqpGgoppx/8sZPm6xZKaLbNjYkdgfnxaluGcPESSpSCr72fz/PngeRg5xSfB3eSIOXy0ssBixQIDAQAB"}
- {name: "_amazonses", type: TXT, value: "gRkvs3VoYXvmA/i6/k8P85AYZCyw9RKDBzIQYeSOlQw="}
- {name: "scph0323._domainkey.sparkpost", type: TXT, value: "v=DKIM1; k=rsa; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMCsR6XJBqdHIZJabDqu3KVsar+LYigmN2hKq5DitBGKgOQKADwyxkit5TQEbJCmSke8q78sTyJ60b4WhGPTSPC3MALhbuGJUZ9YsbGyuRlXbtbJn56ddTDvsSKPT/IWYWR57aau2XXNMPLfsoCe26V5UA5g06fu5nzn1roawGfQIDAQAB"}
- {name: "sparkpost.opendata.ch", type: CNAME, value: "eu.sparkpostmail.com"}