--- # Username of the user that's being set up target_user: None # Group of the user that's being set up target_group: None # GitLab username used to obtain the public GPG key and public SSH keys gitlab_login: None # Full name for git fullname: None # Email used for git git_email: None # Signing key used for signing git commits and tags gpg_signingkey: None # Used as the FQDN that's set up in DNS and reachable from the network host_fqdn: None # Address of the HashiCorp Vault that is used to download the trusted CA # certificate for an SSH server setup hashicorp_vault_address: None # Address of the Vaultwarden instance vaultwarden_address: None # Porkbun ‹apikey› and ‹secretapikey› that are used by Certbot (SSL/TLS renewal) # and DDNS (updating DNS records) porkbun_apikey: None porkbun_secretapikey: None # Public ID tied to the Yubikey OTP yubikey_token_id: None # Client IP for the ‹wg-admin› VPN wg_admin_ip: None # Wireguard connections # List of connections to set up, example: # # - ifname: ‹interface name› # generate_keypair: true/false # domain: ‹domain, adjust DNS resolution, if set› # gateway: ‹part of the DNS resolution setup› # address: ‹assigned address on the VPN› # peers: # - { note, public_key, allowed_ips, endpoint, keepalive } wg_connections: []