--- hosts: - settings: # Vagrant Debug debug_build: false # Identifiers hostname: ::SERVER_HOSTNAME:: domain: ::SERVER_DOMAIN:: server_id: '::SERVER_ID::' # Extra Actions post_provision: ::POST_PROVISION:: ## This calls extra things after Ansible completes, like syncing the new SSH key from the lockdown role, or the id_files or the support bundle # Resources vcpus: ::RESOURCES_CPU:: memory: ::RESOURCES_RAM:: # Console Access consoleport: ::SERVER_ID:: consolehost: 0.0.0.0 show_console: ::SHOW_CONSOLE:: ## Some people have reported issues when VBox doesn't show the Console, default to false # Box information box: 'STARTcloud/debian12-server' box_url: ::BOX_URL:: # Should default to 'https://boxvault.startcloud.com' but can be set to 'https://vagrantcloud.com' box_version: 2025.2.9 # Provider Specific Settings provider_type: virtualbox os_type: 'Debian_64' firmware_type: UEFI # Setup Variables setup_wait: 420 # Vagrant Configurations vagrant_user: ::SERVER_DEFAULT_USER:: # startcloud vagrant_user_pass: ::SERVER_DEFAULT_USER_PASS:: # 'STARTcloud24@!' vagrant_user_private_key_path: ./id_rsa vagrant_ssh_insert_key: true vagrant_ssh_forward_agent: true vagrant_ssh_keep_alive: true plugins: install: - name: vagrant-scp-sync version: latest remove: - name: vagrant-scp networks: # if ::NO_BRIDGE_INTERFACE:: # TO SHI DEVs, if user wants to to disable the external bridged interface, then you should remove the below block - type: external address: ::NETWORK_ADDRESS:: netmask: ::NETWORK_NETMASK:: gateway: ::NETWORK_GATEWAY:: autoconf: false vlan: dhcp4: ::NETWORK_DHCP4:: dhcp6: false is_control: false route: default provisional: false bridge: ::NETWORK_BRIDGE:: nic_type: virtio mac: auto dns: - nameserver: ::NETWORK_DNS_NAMESERVER_1:: - nameserver: ::NETWORK_DNS_NAMESERVER_2:: disks: boot: array: null dataset: null volume_name: null mount: / size: 48G additional_disks: # if ::ADDITIONAL_DISK:: # TO SHI DEVs, if user wants to store thier data on a secondary disk, you would enable this block # - array: null # dataset: null # sparse: true # live: false # filesystem: xfs # mount: ::ADDITIONAL_DISK_MOUNT_POINT:: # size: ::ADDITIONAL_DISK_SIZE:: # port: 5 # volume_name: disk1 provisioning: shell: enabled: false scripts: - './scripts/aliases.sh' ansible: enabled: true playbooks: - local: - description: "This playbook imports Hosts.yml variables into a generated playbook: /vagrant/ansible/playbook.yml" playbook: ansible/generate-playbook.yml ansible_python_interpreter: /usr/bin/python3 compatibility_mode: 2.0 install_mode: pip ssh_pipelining: true verbose: false callbacks: profile_tasks run: always remote_collections: false collections: [] - description: "This playbook configures the machine using the generated playbook: /vagrant/ansible/playbook.yml" playbook: ansible/playbook.yml ansible_python_interpreter: /usr/bin/python3 compatibility_mode: 2.0 install_mode: pip ssh_pipelining: true verbose: false callbacks: profile_tasks run: once remote_collections: false collections: - startcloud.startcloud_roles - startcloud.hcl_roles - description: "This playbook configures the machine for roles tagged as always, using the generated playbook: /vagrant/ansible/playbook.yml" playbook: ansible/always-playbook.yml ansible_python_interpreter: /usr/bin/python3 compatibility_mode: 2.0 install_mode: pip ssh_pipelining: true verbose: false callbacks: profile_tasks run: not_first remote_collections: false collections: - startcloud.startcloud_roles folders: - description: "Disables VBoxSF, do not enable" map: . to: /vagrant type: virtualbox disabled: true automount: true - description: "Directory for Ansible Scripts" map: ./provisioners/ansible/ to: /vagrant/ansible/ type: ::SYNC_METHOD:: ## rsync or scp args: - '--verbose' - '--archive' - '--delete' - '-z' - '--copy-links' - description: "Directory for Ansible Scripts" map: ./provisioners/ansible_collections/ to: /vagrant/ansible_collections/ type: ::SYNC_METHOD:: ## rsync or scp args: - '--verbose' - '--archive' - '--delete' - '-z' - '--copy-links' - description: "Directory for Application Installers" map: ./installers/ to: /vagrant/installers/ type: ::SYNC_METHOD:: ## rsync or scp - description: "Directory for Pre-Signed SSLs" map: ./ssls/ to: /secure/ type: ::SYNC_METHOD:: ## rsync or scp - description: "Directory for Server and User IDs" map: ./id-files/ to: /id-files/ type: ::SYNC_METHOD:: ## rsync or scp syncback: ::SYNCBACK_ID_FILES:: vars: # Secrets Override: If you don't want to use a secrets file you can override secrets here #secrets: # domino_installer_base_url: ::DOWNLOAD_BASE_URL:: # domino_installer_url_user: ::DOWNLOAD_AUTH_USER:: # domino_installer_url_pass: ::DOWNLOAD_AUTH_PASS:: ## Provisioner Debug debug_all: ::DEBUG_ALL_ANSIBLE_TASKS:: ## SSL selfsigned_enabled: ::CERT_SELFSIGNED:: haproxy_ssl_redirect: true letsencrypt_enabled: false letsencrypt_staging_enabled: false #dns_entries_list: # - nomadweb # - domino # - traveler # - verse # - console # - downloads ## Use Proxy for downloads and updates use_proxy: ::USE_HTTP_PROXY:: proxy_server: ::HTTP_PROXY_HOST:: proxy_port: ::HTTP_PROXY_PORT:: ## Extra Packages extra_packages: ['htop'] ## Domino Configuration Variables domino_organization: ::SERVER_ORGANIZATION:: domino_admin_notes_id_password: ::DOMINO_ADMIN_PASSWORD:: # Domino OIDC Configurations domino_oidc_provider_enabled: true domino_oidc_provider_federation_enabled: true ## Additional server options is_additional_server: ::DOMINO_IS_ADDITIONAL_INSTANCE:: domino_server_id: ::DOMINO_SERVER_ID:: origin_server: ::DOMINO_ORIGIN_HOSTNAME:: ## Note to SHI dev, may be able to use ::SERVER_DOMAIN:: instead of ::DOMINO_ORIGIN_DOMAIN:: origin_server_ip: ::DOMINO_ORIGIN_SERVER_IP:: # ots: Use One Touch Setup to generate the ID (server names are incremented, ie mail1 mail2 mail3 . .) # asja: Use Custom Additional Server Java Applet to generate the additional server ID #domino_server_id_creation_tool: ::DOMINO_SERVER_ID_CREATION_TOOL:: # For use in Domino 14 and above #ots_generate_server_names: # - ::DOMINO_ADITIONAL_HOSTNAME::.::SERVER_DOMAIN:: # For use in Domino 12 and below #ots_generate_server_id_count: ::DOMINO_SERVER_CLUSTERMATES:: #ots_generate_server_id_pattern: ::DOMINO_SERVER_CLUSTERMATES_PATTERN:: #asja_generate_server_ids: # - ::DOMINO_ADITIONAL_HOSTNAME::.::SERVER_DOMAIN::.id # - ::OTHER_DOMINO_ADITIONAL_HOSTNAME::.::SERVER_DOMAIN::.id # - ::THIRD_DOMINO_ADITIONAL_HOSTNAME::.::SERVER_DOMAIN::.id ## Genesis Variables genesis_packages: - netmonitor - SuperHumanPortal ## Domino Installer Variables domino_hash: ::DOMINO_HASH:: domino_server_installer_tar: ::DOMINO_INSTALLER:: domino_major_version: ::DOMINO_INSTALLER_MAJOR_VERSION:: domino_minor_version: ::DOMINO_INSTALLER_MINOR_VERSION:: domino_patch_version: ::DOMINO_INSTALLER_PATCH_VERSION:: ## Domino fixpack Variables domino_fp_hash: ::DOMINO_FP_HASH:: domino_installer_fixpack_install: ::DOMINO_INSTALLER_FIXPACK_INSTALL:: domino_fixpack_version: ::DOMINO_INSTALLER_FIXPACK_VERSION:: domino_server_fixpack_tar: ::DOMINO_INSTALLER_FIXPACK:: ## Domino Hotfix Variables domino_hf_hash: ::DOMINO_HF_HASH:: domino_installer_hotfix_install: ::DOMINO_INSTALLER_HOTFIX_INSTALL:: domino_hotfix_version: ::DOMINO_INSTALLER_HOTFIX_VERSION:: domino_server_hotfix_tar: ::DOMINO_INSTALLER_HOTFIX:: ## Jedi Overrides jedi_enabled: true ## If you prefer Nashed Domino Management, but want to have Jedi Installed, set this to False, otherwise if you want Jedi to manage domino, set this to true ## Leap Variables leap_hash: ::LEAP_HASH:: leap_archive: ::LEAP_INSTALLER:: leap_version: ::LEAP_INSTALLER_VERSION:: ## Nomad Web Variables nomadweb_hash: ::NOMADWEB_HASH:: nomadweb_archive: ::NOMADWEB_INSTALLER:: nomadweb_version: ::NOMADWEB_VERSION:: ## Traveler Variables #traveler_hash: ::TRAVELER_HASH:: traveler_archive: ::TRAVELER_INSTALLER:: traveler_base_version: ::TRAVELER_INSTALLER_VERSION:: traveler_fixpack_archive: ::TRAVELER_FP_INSTALLER:: traveler_fixpack_version: ::TRAVELER_FP_INSTALLER_VERSION:: ## Verse Variables #verse_hash: ::VERSE_HASH:: verse_archive: ::VERSE_INSTALLER:: verse_base_version: ::VERSE_INSTALLER_VERSION:: ## AppDev Web Pack Variables #appdevpack_hash: ::APPDEVPACK_HASH:: appdevpack_archive: ::APPDEVPACK_INSTALLER:: appdevpack_version: ::APPDEVPACK_INSTALLER_VERSION:: ## Domino Rest API Variables #domino_rest_api_hash: ::DOMINO_REST_API_HASH:: domino_rest_api_version: ::DOMINO_REST_API_INSTALLER_VERSION:: domino_rest_api_archive: ::DOMINO_REST_API_INSTALLER:: ## Hosts entries for /etc/hosts etc_hosts_entries: - hostname: ::DOMINO_ORIGIN_HOSTNAME::.::DOMINO_ORIGIN_DOMAIN:: aliases: - ::DOMINO_ORIGIN_HOSTNAME:: ip: ::DOMINO_ORIGIN_SERVER_IP:: roles: - name: startcloud.startcloud_roles.setup - name: startcloud.startcloud_roles.networking tags: always - name: startcloud.startcloud_roles.disks - name: startcloud.startcloud_roles.hostname - name: startcloud.startcloud_roles.dependencies - name: startcloud.startcloud_roles.mdns - name: startcloud.startcloud_roles.service_user - name: startcloud.startcloud_roles.sdkman_install - name: startcloud.startcloud_roles.sdkman_java - name: startcloud.startcloud_roles.sdkman_maven - name: startcloud.startcloud_roles.sdkman_gradle - name: startcloud.startcloud_roles.ssl - name: startcloud.hcl_roles.domino_reset vars: run_tasks: ::ROLE_DOMINO_RESET:: - name: startcloud.hcl_roles.domino_install - name: startcloud.hcl_roles.domino_vagrant_rest_api - name: startcloud.hcl_roles.domino_service_nash - name: startcloud.hcl_roles.domino_java_config - name: startcloud.hcl_roles.domino_java_tools - name: startcloud.hcl_roles.domino_updatesite - name: startcloud.hcl_roles.domino_config - name: startcloud.hcl_roles.domino_genesis - name: startcloud.hcl_roles.domino_genesis_applications # Cross-certification not available on additional server, since certifier ID is not present #- name: startcloud.hcl_roles.domino_cross_certify - name: startcloud.hcl_roles.domino_cross_certify vars: run_tasks: false - name: startcloud.hcl_roles.domino_java_app_example vars: run_tasks: true - name: startcloud.hcl_roles.domino_leap vars: run_tasks: ::ROLE_LEAP:: - name: startcloud.hcl_roles.domino_traveler vars: run_tasks: ::ROLE_TRAVELER:: - name: startcloud.hcl_roles.domino_traveler_htmo vars: run_tasks: ::ROLE_TRAVELER_HTMO:: - name: startcloud.hcl_roles.domino_verse vars: run_tasks: ::ROLE_VERSE:: - name: startcloud.hcl_roles.domino_appdevpack vars: run_tasks: ::ROLE_APPDEVPACK:: - name: startcloud.hcl_roles.domino_rest_api vars: run_tasks: ::ROLE_DOMINO_RESTAPI:: - name: startcloud.hcl_roles.domino_nomadweb vars: run_tasks: ::ROLE_NOMADWEB:: - name: startcloud.hcl_roles.domino_jedi vars: run_tasks: ::ROLE_JEDI:: - name: startcloud.hcl_roles.domino_vagrant_readme - name: startcloud.startcloud_roles.quick_start tags: always vars: run_tasks: ::ROLE_STARTCLOUD_QUICK_START:: - name: startcloud.startcloud_roles.haproxy vars: run_tasks: ::ROLE_STARTCLOUD_HAPROXY:: - name: startcloud.startcloud_roles.vagrant_readme vars: run_tasks: ::ROLE_STARTCLOUD_VAGRANT_README:: - name: startcloud.startcloud_roles.lockdown