Skip to content
Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
149 lines (122 sloc) 6.75 KB
####################################################################################
# ██████╗ ███████╗ █████╗ ██████╗ ███╗ ███╗███████╗██╗
# ██╔══██╗██╔════╝██╔══██╗██╔══██╗████╗ ████║██╔════╝██║
# ██████╔╝█████╗ ███████║██║ ██║██╔████╔██║█████╗ ██║ (or be destroyed)
# ██╔══██╗██╔══╝ ██╔══██║██║ ██║██║╚██╔╝██║██╔══╝ ╚═╝
# ██║ ██║███████╗██║ ██║██████╔╝██║ ╚═╝ ██║███████╗██╗
# ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚═════╝ ╚═╝ ╚═╝╚══════╝╚═╝
#####################################################################################
# This is part of the core apnscp configuration - it is updated with each new release
# To make changes, copy this file to /root prior to running this playbook:
#
# cp /usr/local/apnscp/resources/playbooks/apnscp-vars.yml /root
# cd /usr/local/apnscp/resources/playbooks && ansible-playbook bootstrap.yml
#
# Alternatively use cpcmd config_set apnscp.bootstrapper to change values here
# or override any Playbook default. See README.md
#
#####################################################################################
# Default PHP interpreter
# Automatically upgrade when new versions are available
# Provide a patch level, e.g. 7.2.4, to prevent automatic updates
system_php_version: 7.2
# Development build of apnscp, includes symbols in php and other risky behavior
apnscp_debug: false
# Email address of the owner of the server
# Used for Let's Encrypt registration, login notifications,
# and other events
# Note, it can be changed at a later date using
# apnscp/bin/cmd common_set_email new@address.com
apnscp_admin_email:
# Server hostname. Set this value to automatically
# configure hostname on install. A resolvable
# domain is necessary for post-install notice email.
# Hostname should be one level deeper than your domain e.g.
# domain is apnscp.com, system_hostname is paixhans.apnscp.com
system_hostname:
# Server/admin is miserly. Reduce service memory usage
# when possible. Not recommended. Not fully tested.
has_low_memory: false
# Filesystem template population can take several minutes to complete
# - auto detects if apnscp_filesystem_template exists and populates if not
# - yes populates all packages from apnscp/initialize-filesystem-template/vars/main.yml
# - no bypasses fst creation
populate_filesystem_template: auto
# apnscp update policy. Possible values:
# - edge: nightly updates off Gitlab - DEFAULT
# - minor: update patch levels (3.0.x)
# - major: update minor levels (3.x.x)
# - all: update all releases (x.x.x)
# - false: disable updates
apnscp_update_policy: major
# Automatic update policy with yum. Possible values:
# - default: yum upgrade (always update) - DEFAULT
# - security: yum --security upgrade
# - security-severity: yum --sec-severity=critical upgrade
# - minimal: yum --bugfix upgrade-minimal
# - minimal-security: yum --security upgrade-minimal
# - minimal-security-severity: yum --sec-severity=critical upgrade-minimal
# - false: disable
yum_update_policy: default
# Perform nightly panel updates? Panel may be updated manually with
# "upcp" or running build/upcp.sh. Panel follows apnscp_update_policy
# Setting apnscp_update_policy to false disables updates.
apnscp_nightly_update: true
# Default IPv4 address for apnscp to listen to. If undefined will
# use the first address that has external routing
#apnscp_ip4_address:
# Default hostnames to request SSL for.
# Additional SSL hostnames may be requested by running apnscp/register-ssl
ssl_hostnames: ["{{ ansible_nodename | regex_search('\\.') | ternary(ansible_nodename,None)}}"]
# Use the following password. Note, can be changed at a later date using
# apnscp/bin/cmd auth_change_password NEWPASSWORD
apnscp_admin_password: "{{ lookup('password', '/dev/null chars=ascii_letters,digits length=16') }}"
# Optional admin to user otherwise "admin"
# rspamd increases memory utilization by 75-100 MB
apnscp_admin_user: admin
# Spam filter engine, spamassassin or rspamd
spamfilter: spamassassin
# Disable direct control panel access
# Use the CLI (AddDomain, EditDomain, cpcmd) to access services
panel_headless: false
# Allow users to run daemons on their account
# Opens up 40000-49999/tcp + udp
user_daemons: true
# Reboot and resume playbook as needed
apnscp_bootstrapper_reboot: true
# Disable clamav if server memory is limited
# Frees 85 - 100 MB
clamav_enabled: "{{ not (has_low_memory | bool) | default(true) | ternary(true, false) }}"
# Enable sending mail by this server from authenticated third-party
# sources. Does not affect relaying mail that originates FROM this server
# but rather who can connect.
mail_enabled: true
# Use a global spamassassin database for bayesian storage.
spamassassin_global: true
# Enable Passenger - allows a dead simple system to run
# Node, Python, and Ruby applications with automatic restarts
passenger_enabled: "{{ not (has_low_memory | bool) }}"
# Place each account's InnoDB data files in a separate directory
# Loses performance benefits, increases overhead, but allows for storage tracking
# May potential cause cyclic segfault in MariaDB if
# a user goes over quota with InnoDB data
mysqld_per_account_innodb: "{{ data_center_mode }}"
# Horde is a different beast of dependencies and
# requires more care than other webmail options
enable_horde: "{{ mail_enabled | bool }}"
# Run the entire playbook once a month to verify platform integrity
# Results will be emailed to admin email on server
monthly_platform_check: true
# apnscp provides a watchdog service to reboot your server when all hope is lost
# Set this to a value CPU x process depth. On a 2 CPU system the system is deemed
# out to lunch if more than 50 processes are waiting for CPU acknowledgement.
# Reboots are often faster than recovering on virtualized platforms
# Set to None/False to disable this feature
watchdog_load_threshold: "{{ ansible_processor_count * 25 }}"
# Uncomment + set to forward all nightly cron messages from anacron to this address
# Leave as "{{ apnscp_admin_email }}" to use the appliance admin email
# anacron_address: "{{ apnscp_admin_email }}"
# Set the panel secret used to encrypt cookies
# In multi-server setups this should be overridden and consistent among all servers
# See also https://github.com/apisnetworks/cp-proxy
cookie_secret: "{{ lookup('password', '/dev/null chars=ascii_letters,digits length=48') }}"
You can’t perform that action at this time.