20 lines
996 B
YAML
20 lines
996 B
YAML
ansible_port: 22
|
|
ansible_ssh_user: root
|
|
ansible_ssh_private_key_file: ~/.ssh/id_rsa
|
|
ansible_host_key_checking: False
|
|
|
|
# Global security level for public access.
|
|
# Set to 'strict' to disable public Caddy/Ingress access for all roles.
|
|
ai_workspace_security_level: standard
|
|
|
|
# Caddy ingress is enabled by default on Linux where we expect a dedicated box.
|
|
# It is disabled on macOS (developer workstation with port conflicts) and Windows
|
|
# (Caddy not natively supported in our Windows pipeline).
|
|
# Override anytime with -e caddy_enabled=true or -e caddy_enabled=false.
|
|
caddy_enabled: "{{ ansible_os_family != 'Darwin' and ansible_os_family != 'Windows' }}"
|
|
|
|
# Caddy config root. Linux uses the system path /etc/caddy; macOS (Homebrew)
|
|
# uses /opt/homebrew/etc/caddy. Roles derive their Caddyfile / conf.d / fragment
|
|
# paths from this so a force-enabled Caddy on macOS writes to the brew location.
|
|
caddy_config_dir: "{{ '/opt/homebrew/etc/caddy' if ansible_os_family == 'Darwin' else '/etc/caddy' }}"
|