proxy_role/defaults/main.yml
2024-01-06 01:57:28 +00:00

98 lines
3.2 KiB
YAML

# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
# these can be overridden using --extra-vars on the playbook command line
# bind to all interfaces for docker
# this is base - before /var/local is used
PROXY_VAR_LOCAL: "{{ VAR_LOCAL }}"
PROXY_USR_LOCAL: "{{ USR_LOCAL }}"
PROXY_POLIPO_HTTPPORT: 3128
PROXY_POLIPO_PROXYPORT: 3128
PROXY_PRIVOXY_HTTPPORT: 3128
PROXY_TOR_DNS_FORWARD: socat # polipo privoxy socat
PLAY_CA_CERT: "/usr/local/etc/ssl/cacert-curl.haxx.se.pem" # proxy?
PROXY_POLIPO_LOG: '{{ "/var/log/polipo.log" if ansible_distribution == "Gentoo" else "/var/log/polipo/polipo.log" }}'
PROXY_POLIPO_OWNER: '{{ "polipo" if ansible_distribution == "Gentoo" else "proxy" }}'
PROXY_POLIPO_GROUP: '{{ "root" if ansible_distribution == "Gentoo" else "adm" }}'
PROXY_PRIVOXY_LOG: '{{ "/var/log/privoxy.log" if ansible_distribution == "Gentoo" else "/var/log/privoxy/privoxy.log" }}'
PROXY_PRIVOXY_OWNER: '{{ "privoxy" if ansible_distribution == "Gentoo" else "proxy" }}'
PROXY_PRIVOXY_GROUP: '{{ "root" if ansible_distribution == "Gentoo" else "adm" }}'
PROXY_DNS_PORT: 53
HARDEN_DNS_PORT: "{{PROXY_DNS_PORT}}"
PROXY_SERVICE_DNSPORT: 53
PROXY_SERVICE_NTPPORT: 123
PROXY_NTP_OWNER: "ntp"
# could derive from SOCKS
PROXY_WHONIX_HTTPS_PORT: "{{BOX_WHONIX_HTTPS_PORT|default(9128)}}"
PROXY_WHONIX_SOCKS_HOST: "{{BOX_WHONIX_HTTPS_PORT|default('10.0.2.15')}}"
PROXY_WHONIX_SOCKS_NET: "{{BOX_WHONIX_HTTPS_PORT|default('10.0.2.2')}}"
PROXY_WHONIX_SOCKS_PORT: "{{BOX_WHONIX_SOCKS_PORT|default(9050)}}"
PROXY_WHONIX_SOCKS_USER: ""
PROXY_WHONIX_SOCKS_PASS: ""
PROXY_WHONIX_DNS_PORT: "{{BOX_WHONIX_DNS_PORT|default(9053)}}"
PROXY_WHONIX_TRANS_PORT: "{{BOX_WHONIX_TRANS_PORT|default(9040)}}"
PROXY_WHONIX_BUKU_PORT: "{{BOX_WHONIX_BUKU_PORT|default(7001)}}"
PROXY_DNSCRYPT_TGZ_URL: github.com/jedisct1/dnscrypt-proxy/releases/download/2.0.19/dnscrypt-proxy-linux_x86_64-2.0.19.tar.gz
PROXY_GATEWAY_QEMU_DIR: /c/data/Vms/Lati/Qemu/var/lib/kvm/2020-10-30
PRIV_WHONIX_VERSION: 15.0.1.4.9
# was dnscrypt was "pdnsd"
# new default - figure out tor/gateway/socks-neither
PROXY_DNS_PROXY: "dnsmasq"
HARDEN_DNS_PROXY: "{{PROXY_DNS_PROXY}}"
PROXY_DNS_PROXY_ALL:
- "dnsmasq"
- "dnscrypt"
- socat
# - "pdnsd"
PROXY_DNS_NETMAN: "{{BOX_NET_MANAGER}}"
PROXY_DNS_NETMAN_ALL:
- "networkmanager"
- "wicd"
PROXY_NTP_GROUP: "{{BOX_NTP_GROUP}}"
PROXY_NTP_SERVERS:
- 132.163.97.4
- time.nist.gov
- 159.203.158.197
- pool.ntp.org
PROXY_GNUPG_SERVERS:
#dead keyserver hkp://keys.gnupg.net
#dead keyserver hkp://hkps.pool.sks-keyservers.net
# 18.9.60.141
- hkp://pgp.mit.edu
# 162.213.33.8
- hkp://keyserver.ubuntu.com
PROXY_GNUPG_CERTS:
- "{{PLAY_CA_CERT}}"
# these are ignored
- /usr/local/etc/ssl/cacert-testforge.pem
- /usr/share/gnupg/sks-keyservers.netCA.pem
#? - /usr/share/gnupg/sks-keyservers.netCA.pem
#hkp-cacert /usr/local/etc/ssl/cacert-curl.se.pem
#hkp-cacert /usr/local/etc/ssl/cacert-testforge.pem
#hkp-cacert /usr/share/gnupg/sks-keyservers.netCA.pem
PROXY_FEATURES: "{{BOX_PROXY_FEATURES}}"
proxy_also_users: "{{BOX_ALSO_USERS}}"
#- stat: path=/etc/java-config-2/current-system-vm/jre/lib/net.properties
# register: net_properties_file
proxy_net_properties_file: "{{BOX_PROXY_JAVA_NET_PROPERTIES}}"