mirror of
https://github.com/Rudd-O/ansible-qubes.git
synced 2025-06-06 18:08:31 +02:00
50 lines
1.7 KiB
YAML
50 lines
1.7 KiB
YAML
---
|
|
unix_users:
|
|
- name: james
|
|
gecos: James Bond
|
|
password_unencrypted: password
|
|
password: $5$h/passwordpasswordpassword/password.
|
|
addresses:
|
|
# - james@domain.com is tacit
|
|
- aliastojames@domain.com
|
|
- james@bond.name
|
|
- name: john
|
|
gecos: John the Ripper role account
|
|
# addresses:
|
|
# - john@domain.com is tacit
|
|
password: $9$YWpasswordpasswordpassword/password/
|
|
forwardings:
|
|
- name: notalist@domain.com
|
|
addresses:
|
|
- james@domain.com
|
|
- john@hotmail.com
|
|
- name: shawna@goody.com
|
|
addresses:
|
|
- shawna@gmail.com
|
|
mail:
|
|
hostname: mailserver.domain.com
|
|
domain: domain.com
|
|
origin: domain.com
|
|
destination_domains:
|
|
- mailserver.domain.com
|
|
- domain.com
|
|
- bond.name
|
|
ssl:
|
|
# Deploy your key files locally in the Ansible master node
|
|
# within folder files/secrets/tls, relative to the
|
|
# ../role-mailserver.yml file. Edit these variables
|
|
# to fit the file names of your keys. Then look at the
|
|
# templates within files/mailserver/etc/postfix and
|
|
# files/mailserver/etc/dovecot to modify the appropriate
|
|
# SSL key file parameters so that these variables
|
|
# can be reused there (search for "mailserver.domain.com"
|
|
# in the files of this repository to get an idea where
|
|
# that hostname needs to be replaced with yours).
|
|
mailserver.domain.com:
|
|
key: /etc/pki/tls/private/mailserver.domain.com.key
|
|
intermediates:
|
|
# The order matters. At the bottom of the stack must be the one closest to the root of trust.
|
|
- /etc/pki/tls/certs/CABUNDLE.crt
|
|
certificate: /etc/pki/tls/certs/mailserver_domain_com.crt
|
|
assembled: /etc/pki/tls/certs/assembled_mailserver.domain.com.crt
|