awx/tools/docker-compose/ansible/roles/sources/defaults/main.yml

---
compose_name: 'docker-compose.yml'
awx_image: 'ghcr.io/ansible/awx_devel'
pg_port: 5432
pg_username: 'awx'
pg_database: 'awx'
control_plane_node_count: 1
minikube_container_group: false
receptor_socket_file: /var/run/awx-receptor/receptor.sock
receptor_image: quay.io/ansible/receptor:devel
ingress_path: /

# Keys for signing work
receptor_rsa_bits: 4096
receptor_work_sign_reconfigure: false
sign_work: no  # currently defaults to no because openssl version mismatch causes "unknown block type PRIVATE KEY"
work_sign_key_dir: '../_sources/receptor'
work_sign_private_keyfile: "{{ work_sign_key_dir }}/work_private_key.pem"
work_sign_public_keyfile: "{{ work_sign_key_dir }}/work_public_key.pem"

# SSO variables
enable_keycloak: false

enable_ldap: false
ldap_public_key_file_name: 'ldap.cert'
ldap_private_key_file_name: 'ldap.key'
ldap_cert_dir: '{{ sources_dest }}/ldap_certs'
ldap_diff_dir: '{{ sources_dest }}/ldap_diffs'
ldap_public_key_file: '{{ ldap_cert_dir }}/{{ ldap_public_key_file_name }}'
ldap_private_key_file: '{{ ldap_cert_dir }}/{{ ldap_private_key_file_name }}'
ldap_cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN="

# Hashicorp Vault
enable_vault: false
vault_tls: false
hashivault_cert_dir: '{{ sources_dest }}/vault_certs'
hashivault_server_cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN=tools-vault-1"
hashivault_server_cert_extensions:
  - "subjectAltName = DNS:tools_vault_1, DNS:localhost"
  - "keyUsage = digitalSignature, nonRepudiation"
  - "extendedKeyUsage = serverAuth"
hashivault_client_cert_extensions:
  - "subjectAltName = DNS:awx-vault-client"
  - "keyUsage = digitalSignature, nonRepudiation"
  - "extendedKeyUsage = serverAuth, clientAuth"
hashivault_client_cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN=awx-vault-client"
hashivault_server_public_keyfile: '{{ hashivault_cert_dir }}/server.crt'
hashivault_server_private_keyfile: '{{ hashivault_cert_dir }}/server.key'
hashivault_client_public_keyfile: '{{ hashivault_cert_dir }}/client.crt'
hashivault_client_private_keyfile: '{{ hashivault_cert_dir }}/client.key'
# Metrics
enable_splunk: false
enable_grafana: false
enable_prometheus: false
scrape_interval: '5s'

# pgbouncer
enable_pgbouncer: false
pgbouncer_port: 6432
pgbouncer_max_pool_size: 70