pez-infra/ansible/inventory/host_vars/helsinki-a.yml

---
host_role: proxy
host_description: "Reverse proxy (Caddy), main traffic gateway"
host_location: "Hetzner Cloud"

caddy_config_src: "{{ playbook_dir }}/services/caddy/Caddyfile"

docker_services:
  - authelia
  - forgejo
  - bitwarden

ufw_allowed_ports:
  - { port: 80, proto: tcp, comment: "HTTP" }
  - { port: 443, proto: tcp, comment: "HTTPS" }