136 lines
4.6 KiB
YAML
136 lines
4.6 KiB
YAML
|
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
|
||
|
|
||
|
---
|
||
|
|
||
|
# these can be overridden using --extra-vars on the playbook command line
|
||
|
|
||
|
BASE_ROOT_USER: "{{BOX_ROOT_USER|default('root')}}"
|
||
|
BASE_ROOT_GROUP: "{{BOX_ROOT_GROUP|default('root')}}"
|
||
|
|
||
|
BASE_PYTHON2_MINOR: "{{BOX_PYTHON2_MINOR}}"
|
||
|
BASE_PYTHON3_MINOR: "{{BOX_PYTHON3_MINOR}}"
|
||
|
BASE_PORTAGE_PYTHON_MINOR: "{{BOX_PORTAGE_PYTHON_MINOR}}"
|
||
|
BASE_IPV6_DISABLE: "{{BOX_IPV6_DISABLE}}"
|
||
|
|
||
|
# These should come from the wrapper script
|
||
|
BASE_USR_LOCAL: "{{ USR_LOCAL }}"
|
||
|
BASE_PYVENV_ARGS: "--system-site-packages"
|
||
|
BASE_PYVENV2_ARGS: "{{BASE_PYVENV_ARGS}}"
|
||
|
BASE_PYVENV3_ARGS: "{{BASE_PYVENV_ARGS}}"
|
||
|
|
||
|
# this is now ignored and built into pip2.sh/pip3.sh as pip:extra_args is post the install keyword
|
||
|
BASE_PIP_GLOBAL_ARGS: "--disable-pip-version-check --cache-dir {{ PLAY_PIP_CACHE|default('/mnt/o/Cache/Pip') }} --cert '{{ PLAY_CA_CERT|default('/usr/local/etc/ssl/cacert-testforge.pem') }}'"
|
||
|
# force pip packages to be explicitly installed or fail
|
||
|
BASE_PIP_INSTALL_ARGS: "{{ BASE_PIP_GLOBAL_ARGS +' --no-deps --prefix='+USR_LOCAL }}"
|
||
|
# and/or to prevent pip form downloading from the internet
|
||
|
#? BASE_PIP_INSTALL_ARGS: "{{ PIP_INSTALL_ARGS|default('--proxy=localhost:9999') }}"
|
||
|
BASE_USER_NAME: "{{ BOX_USER_NAME }}"
|
||
|
BASE_USER_HOME: "{{ BOX_USER_HOME }}"
|
||
|
BASE_ALSO_GROUP: "{{ BOX_ALSO_GROUP }}"
|
||
|
# These should come from the inventory hosts.yml
|
||
|
HOST_MOUNT_SYMLINKS: []
|
||
|
HOST_MOUNT_SYMLINK_CONTENTS: {}
|
||
|
HOST_CONTAINER_MOUNTS: []
|
||
|
BASE_HOST_CONTAINER_MOUNTS: "{{BOX_HOST_CONTAINER_MOUNTS}}"
|
||
|
HOSTNAME_HARDWARE: ''
|
||
|
BASE_ALSO_USERS: "{{BOX_ALSO_USERS}}"
|
||
|
LXD_TRUST_PASSWORD: ""
|
||
|
|
||
|
# per-user config dir but expanduser is broken so we leave off the ~/ prefix
|
||
|
BASE_USER_CONFIG_DIR: ".config/testforge"
|
||
|
|
||
|
# unused - seems to be built for zip only not tar
|
||
|
BASE_UNTAR_ARGS:
|
||
|
#? - "-C"
|
||
|
- "--owner=root"
|
||
|
- "--group=root"
|
||
|
- "--no-same-owner"
|
||
|
- "--keep-newer-files"
|
||
|
# - "--no-same-permissions"
|
||
|
|
||
|
BASE_PKG_IGNORE_ERRORS: true # "{{ ansible_virtualization_role|replace('NA', 'host') == 'guest' }}"
|
||
|
BASE_IGNORE_LOCAL_ERRORS: BASE_ARE_CONNECTED|default('') == ''
|
||
|
|
||
|
# Look for you timezone in /usr/share/zoneinfo.
|
||
|
# Example: Europe/Prague
|
||
|
BASE_timezone: "{{BOX_timezone}}"
|
||
|
|
||
|
# Is your hardware clock set local (true), or UTC (false)? - true is advised by created problems DB
|
||
|
hwclock_local: "{{BOX_hwclock_local}}"
|
||
|
|
||
|
# Do you want to set the hardware clock to the current system time (software
|
||
|
# clock) during shutdown?
|
||
|
hwclock_systohc: "{{BOX_hwclock_systohc}}"
|
||
|
|
||
|
# Do you want to set the system time to the current hardware clock
|
||
|
# during bootup?
|
||
|
hwclock_hctosys: "{{BOX_hwclock_hctosys}}"
|
||
|
|
||
|
# Should be copies of the /etc/skel files inside the /home/${USER} updated?
|
||
|
# Only files that were not modified by a user will be updated.
|
||
|
skel_update_homes: false
|
||
|
|
||
|
# List of locales to generate.
|
||
|
env_locales:
|
||
|
- "C.UTF-8 UTF-8"
|
||
|
- "en_US.UTF-8 UTF-8"
|
||
|
- "en_GB.UTF-8 UTF-8"
|
||
|
- "en_CA.UTF-8 UTF-8"
|
||
|
|
||
|
# The default system LANG.
|
||
|
env_locale_lang: en_US.UTF-8
|
||
|
|
||
|
# The default EDITOR.
|
||
|
env_editor: "/usr/bin/mg"
|
||
|
|
||
|
BASE_BOOT_DIR: "/boot"
|
||
|
#BASE_BOOT_DIR: "/mnt/l/syslinux"
|
||
|
BASE_ROOT_LOG_DIR: "/root/var/tmp/{{date_slash}}"
|
||
|
|
||
|
BASE_SCRIPT_DIR: "{{USR_LOCAL}}/sbin"
|
||
|
BASE_LOG_DIR: "{{USR_LOCAL}}/var/log"
|
||
|
|
||
|
# subkeys.pgp.net does NOT work
|
||
|
BASE_GENTOO_KEYSERVER: "keys.gentoo.org"
|
||
|
BASE_GPG_SERVER: "{{BOX_GPG_SERVER}}"
|
||
|
# I tried these four, I believe that number 3 finally worked and allowed me to download the keys in question for accessing the tor update servers.
|
||
|
# https://github.com/Stadicus/RaspiBolt/issues/343
|
||
|
# hkps.pool.sks-keyservers.net
|
||
|
# keys.gnupg.net
|
||
|
# pgp.uni-mainz.de
|
||
|
# pgp.mit.edu
|
||
|
|
||
|
BASE_FUNTOO_PROFILES_DIRS:
|
||
|
- /var/local/git/meta-repo/kits/core-kit/profiles/base
|
||
|
|
||
|
BASE_FUNTOO_MIXINS_DIRS:
|
||
|
- /var/local/git/meta-repo/kits/core-kit/profiles/funtoo/1.0/linux-gnu/mix-ins
|
||
|
|
||
|
BASE_FUNTOO_MIXINS:
|
||
|
- X
|
||
|
- xfce
|
||
|
- no-systemd
|
||
|
|
||
|
# This now gets overwritten in firewall.conf from route|grep ^default
|
||
|
# should get replaced by BASE_ARE_CONNECTED if it's not null
|
||
|
BASE_DEFAULT_OUTPUT_IF: "{{BOX_DEFAULT_OUTPUT_IF|default('wlan7')}}"
|
||
|
|
||
|
BASE_FEATURES: "{{BOX_BASE_FEATURES}}"
|
||
|
BASE_LIB: "{{BOX_USR_LIB}}"
|
||
|
LIB: "{{BASE_LIB}}"
|
||
|
|
||
|
base_ipv4_nat_dev: "{{ ansible_default_ipv4.alias }}" # enp0s3
|
||
|
#? ansible_default_ipv4.address
|
||
|
base_ipv4_nat_ip: "{{ ansible_default_ipv4.address }}" # 10.0.2.15"
|
||
|
base_ipv4_nat_gw_ip: "{{ ansible_default_ipv4.gateway }}" # "10.0.2.2"
|
||
|
# "ansible_dns": {"nameservers": [ "10.0.2.2"
|
||
|
base_ipv4_nat_dns_ip: "{{ ansible_dns[0].nameseervers[0] }}" #? "10.0.2.3"
|
||
|
|
||
|
BASE_PASSWORDS_DATABASE: ""
|
||
|
BASE_PASSWORDS_PASSWORD: ""
|
||
|
BASE_HOSTNAME_HARDWARE: "{{BOX_HOST_NAME}}"
|
||
|
BASE_TIMEZONE: Etc/UTC
|
||
|
|
||
|
base_passwords_database: "{{box_passwords_database}}"
|
||
|
|