# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*- --- # these can be overridden using --extra-vars on the playbook command line # bind to all interfaces for docker # this is base - before /var/local is used PROXY_VAR_LOCAL: "{{ VAR_LOCAL }}" PROXY_USR_LOCAL: "{{ USR_LOCAL }}" PROXY_POLIPO_HTTPPORT: 3128 PROXY_POLIPO_PROXYPORT: 3128 PROXY_PRIVOXY_HTTPPORT: 3128 PROXY_TOR_DNS_FORWARD: socat # polipo privoxy socat PLAY_CA_CERT: "/usr/local/etc/ssl/cacert-curl.haxx.se.pem" # proxy? PROXY_POLIPO_LOG: '{{ "/var/log/polipo.log" if ansible_distribution == "Gentoo" else "/var/log/polipo/polipo.log" }}' PROXY_POLIPO_OWNER: '{{ "polipo" if ansible_distribution == "Gentoo" else "proxy" }}' PROXY_POLIPO_GROUP: '{{ "root" if ansible_distribution == "Gentoo" else "adm" }}' PROXY_PRIVOXY_LOG: '{{ "/var/log/privoxy.log" if ansible_distribution == "Gentoo" else "/var/log/privoxy/privoxy.log" }}' PROXY_PRIVOXY_OWNER: '{{ "privoxy" if ansible_distribution == "Gentoo" else "proxy" }}' PROXY_PRIVOXY_GROUP: '{{ "root" if ansible_distribution == "Gentoo" else "adm" }}' PROXY_DNS_PORT: 53 HARDEN_DNS_PORT: "{{PROXY_DNS_PORT}}" PROXY_SERVICE_DNSPORT: 53 PROXY_SERVICE_NTPPORT: 123 PROXY_NTP_OWNER: "ntp" # could derive from SOCKS PROXY_WHONIX_HTTPS_PORT: "{{BOX_WHONIX_HTTPS_PORT|default(9128)}}" PROXY_WHONIX_SOCKS_HOST: "{{BOX_WHONIX_HTTPS_PORT|default('10.0.2.15')}}" PROXY_WHONIX_SOCKS_NET: "{{BOX_WHONIX_HTTPS_PORT|default('10.0.2.2')}}" PROXY_WHONIX_SOCKS_PORT: "{{BOX_WHONIX_SOCKS_PORT|default(9050)}}" PROXY_WHONIX_SOCKS_USER: "" PROXY_WHONIX_SOCKS_PASS: "" PROXY_WHONIX_DNS_PORT: "{{BOX_WHONIX_DNS_PORT|default(9053)}}" PROXY_WHONIX_TRANS_PORT: "{{BOX_WHONIX_TRANS_PORT|default(9040)}}" PROXY_WHONIX_BUKU_PORT: "{{BOX_WHONIX_BUKU_PORT|default(7001)}}" PROXY_DNSCRYPT_TGZ_URL: github.com/jedisct1/dnscrypt-proxy/releases/download/2.0.19/dnscrypt-proxy-linux_x86_64-2.0.19.tar.gz PROXY_GATEWAY_QEMU_DIR: /c/data/Vms/Lati/Qemu/var/lib/kvm/2020-10-30 PRIV_WHONIX_VERSION: 15.0.1.4.9 # was dnscrypt was "pdnsd" # new default - figure out tor/gateway/socks-neither PROXY_DNS_PROXY: "dnsmasq" HARDEN_DNS_PROXY: "{{PROXY_DNS_PROXY}}" PROXY_DNS_PROXY_ALL: - "dnsmasq" - "dnscrypt" - socat # - "pdnsd" PROXY_DNS_NETMAN: "{{BOX_NET_MANAGER}}" PROXY_DNS_NETMAN_ALL: - "networkmanager" - "wicd" PROXY_NTP_GROUP: "{{BOX_NTP_GROUP}}" PROXY_NTP_SERVERS: - 132.163.97.4 - time.nist.gov - 159.203.158.197 - pool.ntp.org PROXY_GNUPG_SERVERS: #dead keyserver hkp://keys.gnupg.net #dead keyserver hkp://hkps.pool.sks-keyservers.net # 18.9.60.141 - hkp://pgp.mit.edu # 162.213.33.8 - hkp://keyserver.ubuntu.com PROXY_GNUPG_CERTS: - "{{PLAY_CA_CERT}}" # these are ignored - /usr/local/etc/ssl/cacert-testforge.pem - /usr/share/gnupg/sks-keyservers.netCA.pem #? - /usr/share/gnupg/sks-keyservers.netCA.pem #hkp-cacert /usr/local/etc/ssl/cacert-curl.se.pem #hkp-cacert /usr/local/etc/ssl/cacert-testforge.pem #hkp-cacert /usr/share/gnupg/sks-keyservers.netCA.pem PROXY_FEATURES: "{{BOX_PROXY_FEATURES}}" proxy_also_users: "{{BOX_ALSO_USERS}}" #- stat: path=/etc/java-config-2/current-system-vm/jre/lib/net.properties # register: net_properties_file proxy_net_properties_file: "{{BOX_PROXY_JAVA_NET_PROPERTIES}}"