all:
  hosts:
    hollyhock:
      tmp_dir: "{{ inventory_dir }}/tmp"

      domain: sorantics.com
      admin_email: "admin@{{ domain }}"

      automation_user: ansible
      automation_group: ansible

      ansible_host: "hollyhock.{{ domain }}"
      ansible_user: "{{ automation_user }}"
      ansible_port: "{{ ssh_port }}"
      ansible_become_password: "{{ automation_password }}"

      admin_user: admin
      admin_group: admin

      deploy_user: deploy
      deploy_group: deploy

      nginx_user: www-data
      nginx_group: www-data
      nginx_log_group: adm

      git_user: git
      git_group: git
      git_repo_root: "/home/{{ git_user }}"

      sites:
        - name: landing
          domains: ["{{ domain }}", "www.{{ domain }}"]
        - name: hollyhock
          domains: ["hollyhock.{{ domain }}"]
        - name: console
          domains: ["console.{{ domain }}"]
        - name: git
          domains: ["git.{{ domain }}"]

      mtls:
        ca:
          cn: "Sorantics CA"
          days: 3650 # 10 years
          dir: /etc/nginx/mtls
        client:
          cn: "{{ ansible_user_id  }}@hollyhock.{{ domain }}"
          days: 730 # 2 years