KellEngineering
/
open-cmmc-stack
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
open-cmmc-stack/deployment_config.yml

83 lines
2.2 KiB
Plaintext
Raw Blame History

---
# 🛠️ One-Click Deployment Configuration for OpenCMMC Stack
# 👤 Global Administrator Details
global_admin_username: cmmcadmin
global_admin_email: admin@example.com
admin_ssh_public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
# 🌐 Domain and Host Settings
domain_name: example.cmmc.local
hostname: open-cmmc-gateway
timezone: America/New_York
dns_resolver_ip: 1.1.1.1
# 🖥️ Infrastructure Provider
provider: digitalocean # Options: digitalocean, aws, gcp, azure, proxmox, baremetal
provisioner_api_token: changeme-provider-token
region: nyc3
vm_size: s-2vcpu-4gb
# 🔐 Security Parameters
motd_banner_text: "{{ lookup('template', 'roles/secure_ubuntu/templates/motd.txt.j2') }}"
banner_text: |
*** WARNING ***
This system is the property of {{ domain_name }}. It is for authorized use only.
- All information is subject to monitoring and disclosure.
- Unauthorized use may result in prosecution or administrative action.
- Use implies acceptance of all company security and use policies.
# 🔑 SSH Configuration
ssh_port: 22
disable_root_ssh: true
enforce_key_authentication: true
# 📬 Mailcow Configuration
mailcow_hostname: mail
mailcow_admin_user: admin
mailcow_admin_password: change_me_securely
mailcow_letsencrypt_email: it@example.com
mailcow_use_letsencrypt: "n"
# 🔐 Tailscale
tailscale_auth_key: tskey-abc123
# 📜 Keycloak Identity Settings
keycloak_realm: OpenCMMC
keycloak_admin_user: admin
keycloak_admin_password: change_me_securely
# 🛡️ Ports Used by Services
nextcloud_port: 8080
mailcow_port: 443
keycloak_port: 8081
stepca_port: 9000
wazuh_port: 55000
# 📦 Container Images
nextcloud_aio_image: nextcloud/all-in-one:latest
keycloak_image: quay.io/keycloak/keycloak:24.0.2
mailcow_image: mailcow/mailcow-dockerized:latest
# 📁 Directories
nextcloud_data_dir: /srv/nextcloud
mailcow_data_dir: /opt/mailcow
backup_base_dir: /srv/backups
logs_dir: /var/log/open-cmmc
# 📂 Backup Configuration
restic_password: changeme-securely
restic_repo: /srv/backups/restic-repo
# ⚙️ System Users
svc_keycloak: svc_keycloak
svc_mailcow: svc_mailcow
svc_wazuh: svc_wazuh
svc_stepca: svc_stepca
# 🔐 Step-CA Settings
stepca_password: changeme-securely
Reference in New Issue View Git Blame Copy Permalink