pez-infra/ansible/inventory/host_vars/helsinki-a.yml

---
host_role: proxy
host_description: "Reverse proxy (Caddy), main traffic gateway"
host_location: "Hetzner Cloud"

caddy_config_src: "{{ playbook_dir }}/services/caddy/Caddyfile"

docker_services:
  - authelia
  - forgejo
  - bitwarden

node_exporter_bind_tailscale: true

common_ufw_allowed_ports:
  - {port: 80, proto: tcp, comment: "HTTP"}
  - {port: 443, proto: tcp, comment: "HTTPS"}