chef-server-playbook/settings.yml.sample at master · cnsa/chef-server-playbook · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
---
admin_user: SERVER_ADMIN_USER

letsencrypt: no

chef_version: 12.9.1
chef_version_full: "{{ chef_version }}-1"
chef_version_sum: 06ea7499dcd7eeef0629cee96ed58600376ac39484cc54efa5b37d68fa323e06

chef_rpm:
  path: /path/to/local/chef/dir
  url: https://web-dl.packagecloud.io/chef/stable/packages/el/6/
  file: chef-server-core-{{ chef_version_full }}.el6.x86_64.rpm

chef_email: "some@email.com"

chef:
  user: someuser
  firstname: Name
  lastname: LastName
  email: "{{ chef_email }}"
  password: SOMEPASSWORD
  rsa_file: /path/to/rsafilename.pem
  organization_id: organization_id
  organization: Organization Name
  server:
    ports_azure:
      - 80
      - 443
      - 9683
      # - 10000
      # - 10001
      # - 10002
      # - 10003
    ports:
      - 80
      - 443
      - 9683
      # - "10000:10003" # Pushy ports
    options:
      - name: api_fqdn
        value: "{{ inventory_hostname }}"
      - name: bootstrap
        value: true
      # - name: api_version
      #   value: "ipv4"
      - name: notification_email
        value: "{{ chef_email }}"

      ## With LetsEncrypt
      # - name: nginx['ssl_certificate']
      #   value: '/etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem'
      # - name: nginx['ssl_certificate_key']
      #   value: '/etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem'
      # - name: "nginx['ssl_protocols']"
      #   value: "TLSv1 TLSv1.1 TLSv1.2"
      # - name: "nginx['ssl_ciphers']"
      #   value: "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"

      ## With default cert
      # - name: "nginx['ssl_protocols']"
      #   value: "TLSv1 TLSv1.1 TLSv1.2"
      # - name: "nginx['ssl_ciphers']"
      #   value: "HIGH:MEDIUM:!LOW:!kEDH:!aNULL:!ADH:!eNULL:!EXP:!SSLv2:!SEED:!CAMELLIA:!PSK"
manage:
  enable: false
  options:
    - name: disable_sign_up
      value: false
    # - name: "logging.chef_log_level"
    #   value: "info"
    # - name: "logging.log_level"
    #   value: "info"
    # - name: secret_token
    #   value: 21e75caa2cd91ef21c3d59a38cf21e82ec156b0d49521579781224911bd441177022bf589cc2d1da180a2395417bb87c8578931def409ce866bc217448cbc75c
reporting:
  enable: false
  options: []
pushy:
  enable: false
  options: []