Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
138 lines (137 sloc) 8.2 KB
# ~/.bashrc
# variable names are used from secrets.txt to auto generate the secrets.template file when running 'source ./update_vars.sh'.
# no private values will be propogated into the secrets.template file.
# be sure to give any new variables an example value in the secrets.example file to assist others.
# comments should remain in secrets.txt
# these values will be propogated into the secrets.template schema used to initialise any new secrets.txt file
#
TF_VAR_bridgenic=en0: Wi-Fi (AirPort)
# Your side fx credentials are used by the node-centos-houdini.yaml script to download and install houdini
TF_VAR_sesi_username='changethisemail@example.com'
TF_VAR_sesi_password='changethispassword'
TF_VAR_vagrant_password_prod='changethispasswordtoo99'
TF_VAR_vagrant_password_dev='changethispasswordtoo99'
TF_VAR_inventory_dev=secrets/dev/inventory
TF_VAR_inventory_prod=secrets/prod/inventory
TF_VAR_private_subnet1_prod=10.0.1.0/24
TF_VAR_private_subnet2_prod=10.0.2.0/24
TF_VAR_public_subnet1_prod=10.0.101.0/24
TF_VAR_public_subnet2_prod=10.0.102.0/24
TF_VAR_private_subnet1_dev=10.0.11.0/24
TF_VAR_private_subnet2_dev=10.0.12.0/24
TF_VAR_public_subnet1_dev=10.0.201.0/24
TF_VAR_public_subnet2_dev=10.0.202.0/24
TF_VAR_db_pass=changethispasswordtoo
# Don't change the openvpn admin user name or user name for now. This is planned.
TF_VAR_openvpn_user="openvpnas"
# Ensure the admin and user passwords are different to the example, but match each other.
TF_VAR_openvpn_user_pw=changethispasswordtoo99
TF_VAR_openvpn_admin_user="openvpnas"
TF_VAR_openvpn_admin_pw=changethispasswordtoo99
# The password used to login to softnas https://{the softnas ip}
TF_VAR_user_softnas_pw=changethispasswordtoo256
TF_VAR_softnas_mode_dev=high
TF_VAR_softnas_mode_prod=high
# A deadline user account is created to simplify handling of permissions.
TF_VAR_user_deadlineuser_name=deadlineuser
TF_VAR_user_deadlineuser_pw=changethispasswordtoo875
# This should be a randomly generated mac address that vagrant will use for the VM's bridged network adapter. your onsite router will assign an ip based on this mac.
# unicast mac addresses must not have an odd second digit, and this is required.
TF_VAR_vagrant_mac_dev=242e42a24ea2e4
TF_VAR_vagrant_mac_staging=121ea1ea31e
TF_VAR_vagrant_mac_prod=31e2a3e23eae24
TF_VAR_houdini_license_server_mac_dev=f6d2ae4831fc
TF_VAR_houdini_license_server_mac_prod=ea82df204a27
# This is your remote public ip. currently only a static IP is supported. Dynamic ip's are untested.
TF_VAR_remote_ip_cidr="101.42.99.12/32"
# This is the range of your subnet onsite that openfirehawkserver will reside in, and that other nodes that need access will reside in.
# eg 192.168.29.0/24 = the range 192.168.29.0 - 192.168.29.255
TF_VAR_remote_subnet_cidr="192.168.29.0/24"
# Dont change this for now. in the future it should be unique. Open vpn sets up dhcp in this range for every connection to provide a unique ip on each side of the vpn for every system.
# reference for potential ranges https://www.arin.net/reference/research/statistics/address_filters/
TF_VAR_vpn_cidr_prod="172.46.232.0/24"
TF_VAR_vpn_cidr_dev="172.47.232.0/24"
# The openfirehawk server vm uses the static ip assigned to the VM. You should take the auto generated mac address above, and use it to assign a static ip in your router's settings.
# It will cause issues if the ip changes within your network.
TF_VAR_openfirehawkserver_dev=192.168.29.10
TF_VAR_deadline_samba_server_address_dev=192.168.29.10
#even in a dev environment, you will probably need to reference the same houdini licence serve in production. ideally, the houdini license server should be a seperate vm for stability reasons.
# a licence server should rarely need to be touched, but updates to infrastructure could disrupt it if located on the openfirehawkserver.
TF_VAR_houdini_license_server_address_dev=192.168.29.10
TF_VAR_localnas1_private_ip=192.168.29.11
TF_VAR_localnas1_mount_path=/prod
TF_VAR_localnas1_remote_mount_path=/prod_remote
TF_VAR_localnas1_path_abs=/prod_cairns
TF_VAR_softnas1_path_abs=/prod_sydney_aws
TF_VAR_openfirehawkserver_prod=192.168.29.13
TF_VAR_deadline_samba_server_address_prod=192.168.29.13
TF_VAR_houdini_license_server_address_prod=192.168.29.13
# if network is set to private, the ip is internal to the host that runs vagrant. otherwise the mac will be used for dhcp on the network when set to public.
TF_VAR_network_dev=private
TF_VAR_network_prod=private
#Openfirehawkserver vm
TF_VAR_openfirehawkserver_ram_dev=4096
TF_VAR_openfirehawkserver_ram_prod=4096
TF_VAR_openfirehawkserver_vcpus_dev=2
TF_VAR_openfirehawkserver_vcpus_prod=2
#openfirehawkserver hostname
TF_VAR_openfirehawkserver_name_dev=openfirehawkserverdev.exampledev.com
TF_VAR_openfirehawkserver_name_prod=openfirehawkserver.dexample.com
TF_VAR_deadlineversion=10.0.24.4
# This is the address and port for clients to reach the deadline RCS on the openfirehawk server.
TF_VAR_deadline_proxy_root_dir_dev=192.168.29.10:4433
TF_VAR_deadline_proxy_root_dir_prod=192.168.29.13:4433
# during dealine installation, the certifcate at this location is generated for remote clients to identify them selves to have access via the Deadline Remote Connection Server.
TF_VAR_deadline_proxy_certificate=/opt/Thinkbox/certs/Deadline10RemoteClient.pfx
TF_VAR_deadline_proxy_certificate_password="changethispasswordtoo987"
# Your AWS default region, and access keys. These should be cycled regularly. Anyone with these keys can create infrastructure in AWS under your account.
TF_VAR_aws_region=ap-southeast-2
TF_VAR_aws_access_key_dev=123k4jh143kj1b4,2m3b4
TF_VAR_aws_secret_key_dev=234kj2g4k23b412m3nb41m
TF_VAR_aws_access_key_prod=jh3rkj2h3rtk2j3rthb2kjrb3
TF_VAR_aws_secret_key_prod=sdfg35d4fh3sd5f4hs3d5rh21
# Softnas will use this password to encrypt s3 buckets
TF_VAR_s3_disk_password=changethispasswordtoo987
#default s3 disk size in GB
TF_VAR_s3_disk_size_prod="100"
TF_VAR_s3_disk_size_dev="1000"
# Your aws account will need a public domain name in order to assign public routes. once this is established, insert the route zone id here to create adresses for systems that are publicly accessible.
TF_VAR_route_zone_id_dev="32K5J2G352KJH235"
TF_VAR_route_zone_id_prod="SDF3H5SD4FHSDFH5"
# you will have an SSL certificate for any public domain in aws, and this has an ARN associated with it.
TF_VAR_cert_arn_dev="arn:aws:acm:ap-southeast-2:2I3418Y24:certificate/1241241-547457-483-457457-4357457"
TF_VAR_cert_arn_prod="arn:aws:acm:ap-southeast-2:23531:certificate/238235-136111-483-483348-235252"
# infrastructure can switch between different domains depending on the staging environment for isolation.
# some resources, like licences servers, may exist in a single domain, since they often are not dynamic.
TF_VAR_public_domain_prod=example.com
TF_VAR_public_domain_dev=devexample.com
# you will create a key pair to access your aws instances, listed here.
TF_VAR_key_name_dev=my_key_pair_dev
TF_VAR_local_key_path_dev=/vagrant/keys/my_key_pair_dev.pem
TF_VAR_key_name_prod=my_key_pair_prod
TF_VAR_local_key_path_prod=/vagrant/keys/my_key_pair_prod.pem
# ebs volumes may be attached to softnas on launch. these are their id's.
#TF_VAR_softnas1_volumes_dev=["vol-0f4c6e1ef0d090d92", "vol-051869f6d24c2a57f", "vol-01f33494fa08ff802", "vol-033db088f1b4f35f3"]
#TF_VAR_softnas1_mounts_dev=["/dev/sdf","/dev/sdg","/dev/sdh","/dev/sdi"]
TF_VAR_softnas1_volumes_prod='[]'
TF_VAR_softnas1_mounts_prod='[]'
TF_VAR_softnas_use_custom_ami_dev=true
TF_VAR_softnas_custom_ami_dev=ami-234kjh234
TF_VAR_softnas_use_custom_ami_prod=false
TF_VAR_softnas_custom_ami_prod=none
# when using softnas with high availability and failover, a 2nd interface is used for replication to the 2nd softnas instance.
TF_VAR_softnas1_private_ip1_dev=10.0.11.11
TF_VAR_softnas1_private_ip2_dev=10.0.11.12
TF_VAR_softnas2_private_ip1_dev=10.0.11.21
TF_VAR_softnas2_private_ip2_dev=10.0.11.22
TF_VAR_softnas1_private_ip1_prod=10.0.1.11
TF_VAR_softnas1_private_ip2_prod=10.0.1.12
TF_VAR_softnas2_private_ip1_prod=10.0.1.21
TF_VAR_softnas2_private_ip2_prod=10.0.1.22
# mailserver details for softnas notifications
TF_VAR_softnas_mailserver="mailserver.example.com"
TF_VAR_softnas_smtp_port="26"
TF_VAR_softnas_smtp_username="admin@example.com"
TF_VAR_softnas_smtp_password="changethispassword654"
TF_VAR_softnas_smtp_from="admin@example.com"
TF_VAR_smtp_encryption="none"
You can’t perform that action at this time.