2022-12-18 23:43:40 +01:00
|
|
|
---
|
2023-02-19 17:49:35 +01:00
|
|
|
# --------------------------------------------------------------------------------------------------
|
2023-10-08 00:18:32 +02:00
|
|
|
# system:base
|
2023-02-19 17:49:35 +01:00
|
|
|
# --------------------------------------------------------------------------------------------------
|
2023-09-30 00:45:24 +02:00
|
|
|
system_etc_home_directory: "{{ system_etc_root_directory }}/services"
|
2023-02-19 17:49:35 +01:00
|
|
|
system_var_data_directory: "{{ system_var_root_directory }}/data"
|
|
|
|
system_var_containers_directory: "{{ system_var_root_directory }}/containers"
|
|
|
|
|
2023-10-08 00:18:32 +02:00
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
|
|
# system:extra
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
2023-10-08 16:48:27 +02:00
|
|
|
system_extra_netdata_bind_to: "localhost"
|
|
|
|
system_extra_netdata_stream_parent: false
|
|
|
|
system_extra_netdata_stream_dest_inet6: "{{ hostvars.yggdrasil.vpn_wireguard_inet6_address }}"
|
2023-10-08 00:18:32 +02:00
|
|
|
system_extra_netdata_stream_api_key: "{{ vault_system_extra_netdata_stream_api_key }}"
|
|
|
|
|
2022-12-13 22:06:29 +01:00
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
|
|
# vpn:wireguard
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
|
|
vpn_wireguard_port: 51820
|
2023-07-28 22:32:05 +02:00
|
|
|
|
|
|
|
vpn_wireguard_inet_prefix: "10.66.0"
|
|
|
|
vpn_wireguard_inet_address: "{{ vpn_wireguard_inet_prefix }}.{{ vpn_subnet_id }}"
|
|
|
|
vpn_wireguard_inet_prefixlen: 30
|
|
|
|
vpn_wireguard_inet_subnet: "{{ vpn_wireguard_inet_prefix }}.0/{{ vpn_wireguard_inet_prefixlen }}"
|
|
|
|
|
|
|
|
vpn_wireguard_inet6_prefix: "{{ vpn_global_inet6_prefix }}:6600"
|
|
|
|
vpn_wireguard_inet6_address: "{{ vpn_wireguard_inet6_prefix }}::{{ vpn_subnet_id }}"
|
|
|
|
vpn_wireguard_inet6_prefixlen: 64
|
|
|
|
vpn_wireguard_inet6_subnet: "{{ vpn_wireguard_inet6_prefix }}::/{{ vpn_wireguard_inet6_prefixlen }}"
|
2022-12-13 22:06:29 +01:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
|
|
# vpn:bridge
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
2023-07-27 23:13:26 +02:00
|
|
|
vpn_bridge_inet_prefix: "10.66.{{ vpn_subnet_id }}"
|
|
|
|
vpn_bridge_inet_address: "{{ vpn_bridge_inet_prefix }}.1"
|
|
|
|
vpn_bridge_inet_prefixlen: "24"
|
|
|
|
vpn_bridge_inet_subnet: "{{ vpn_bridge_inet_prefix }}.0/{{ vpn_bridge_inet_prefixlen }}"
|
|
|
|
|
|
|
|
vpn_bridge_inet6_prefix: "{{ vpn_global_inet6_prefix }}:{{ '%04x' % (0x6600 + vpn_subnet_id) }}"
|
|
|
|
vpn_bridge_inet6_address: "{{ vpn_bridge_inet6_prefix }}::1"
|
|
|
|
vpn_bridge_inet6_prefixlen: "64"
|
|
|
|
vpn_bridge_inet6_subnet: "{{ vpn_bridge_inet6_prefix }}::/{{ vpn_bridge_inet6_prefixlen }}"
|
|
|
|
|
2022-12-18 02:53:05 +01:00
|
|
|
vpn_bridge_dnat: "\
|
|
|
|
{% set vpn_bridge_dnat = [] %}\
|
|
|
|
{% for properties in ( services_host_services.values() | selectattr('tcp', 'defined') ) %}\
|
2023-07-27 23:13:26 +02:00
|
|
|
{{ vpn_bridge_dnat.append({
|
|
|
|
'inet_address': properties.inet_address,
|
|
|
|
'inet6_address': properties.inet6_address,
|
|
|
|
'ports': properties.tcp
|
|
|
|
}) }}\
|
2022-12-18 02:53:05 +01:00
|
|
|
{% endfor %}\
|
|
|
|
{{ vpn_bridge_dnat }}"
|
2022-12-13 22:06:29 +01:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
|
|
# services
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
2023-02-19 17:49:35 +01:00
|
|
|
services_root_directory: "{{ system_var_root_directory }}"
|
2023-09-30 00:45:24 +02:00
|
|
|
services_home_directory: "{{ system_etc_home_directory }}"
|
2023-02-19 17:49:35 +01:00
|
|
|
services_data_directory: "{{ system_var_data_directory }}"
|
|
|
|
services_containers_directory: "{{ system_var_containers_directory }}"
|
2022-12-18 00:05:58 +01:00
|
|
|
|
2022-12-16 22:16:23 +01:00
|
|
|
services_all_hosts: "{{ groups['asgard'] }}"
|
2022-12-16 23:57:38 +01:00
|
|
|
services_all_services: "{{
|
|
|
|
services_all_hosts | map('extract', hostvars, 'services_host_services') | map('dict2items') |
|
|
|
|
flatten | items2dict }}"
|
2022-12-16 22:16:23 +01:00
|
|
|
|
2023-02-12 19:37:33 +01:00
|
|
|
services_resolv_host: "valkyrie"
|
|
|
|
|
2022-12-13 22:06:29 +01:00
|
|
|
services:
|
|
|
|
rproxy: {}
|
|
|
|
www:
|
2023-07-08 15:34:11 +02:00
|
|
|
repo:
|
|
|
|
user: "{{ vault_services.www.repo.user }}"
|
|
|
|
token: "{{ vault_services.www.repo.token }}"
|
2022-12-13 22:06:29 +01:00
|
|
|
lrproxy: {}
|
|
|
|
database:
|
2023-08-17 17:09:30 +02:00
|
|
|
pgadmin:
|
|
|
|
email: "{{ vault_services.database.pgadmin.email }}"
|
|
|
|
password: "{{ vault_services.database.pgadmin.password }}"
|
|
|
|
postgres:
|
|
|
|
password: "{{ vault_services.database.postgres.password }}"
|
2022-12-13 22:06:29 +01:00
|
|
|
cloud:
|
|
|
|
domain: "{{ vault_services.cloud.domain }}"
|
2023-07-08 15:34:11 +02:00
|
|
|
database:
|
|
|
|
name: "{{ vault_services.cloud.database.name }}"
|
|
|
|
user: "{{ vault_services.cloud.database.user }}"
|
|
|
|
password: "{{ vault_services.cloud.database.password }}"
|
|
|
|
smtp:
|
|
|
|
host: "{{ vault_services.cloud.smtp.host }}"
|
|
|
|
user: "{{ vault_services.cloud.smtp.user }}"
|
|
|
|
password: "{{ vault_services.cloud.smtp.password }}"
|
2022-12-13 22:06:29 +01:00
|
|
|
git:
|
|
|
|
domain: "{{ vault_services.git.domain }}"
|
2023-07-08 15:34:11 +02:00
|
|
|
database:
|
|
|
|
name: "{{ vault_services.git.database.name }}"
|
|
|
|
user: "{{ vault_services.git.database.user }}"
|
|
|
|
password: "{{ vault_services.git.database.password }}"
|
|
|
|
smtp:
|
|
|
|
host: "{{ vault_services.git.smtp.host }}"
|
|
|
|
user: "{{ vault_services.git.smtp.user }}"
|
|
|
|
password: "{{ vault_services.git.smtp.password }}"
|
2022-12-17 00:09:05 +01:00
|
|
|
ssh_port: 2770
|
2022-12-13 22:06:29 +01:00
|
|
|
notes:
|
|
|
|
domain: "{{ vault_services.notes.domain }}"
|
2023-07-08 15:34:11 +02:00
|
|
|
database:
|
|
|
|
name: "{{ vault_services.notes.database.name }}"
|
|
|
|
user: "{{ vault_services.notes.database.user }}"
|
|
|
|
password: "{{ vault_services.notes.database.password }}"
|
|
|
|
smtp:
|
|
|
|
host: "{{ vault_services.notes.smtp.host }}"
|
|
|
|
user: "{{ vault_services.notes.smtp.user }}"
|
|
|
|
password: "{{ vault_services.notes.smtp.password }}"
|
2023-02-21 00:06:29 +01:00
|
|
|
music:
|
|
|
|
domain: "{{ vault_services.music.domain }}"
|
|
|
|
password_encryption_key: "{{ vault_services.music.password_encryption_key }}"
|
2022-12-13 22:06:29 +01:00
|
|
|
|
2022-12-14 21:19:05 +01:00
|
|
|
# --------------------------------------------------------------------------------------------------
|
|
|
|
# services:user_setup
|
|
|
|
# --------------------------------------------------------------------------------------------------
|
2023-07-29 14:38:57 +02:00
|
|
|
services_bridge_inet_gateway: "{{ vpn_bridge_inet_address }}"
|
|
|
|
services_bridge_inet6_gateway: "{{ vpn_bridge_inet6_address }}"
|