--- # -------------------------------------------------------------------------------------------------- # system:zfs # -------------------------------------------------------------------------------------------------- system_zfs_zpools: - "bpool" - "rpool" - "hpool" system_zfs_zpools_trim: - "bpool" - "rpool" system_zfs_zpools_load_key: - "hpool" # -------------------------------------------------------------------------------------------------- # system:mail # -------------------------------------------------------------------------------------------------- system_mail_smtp_pass: "{{ vault_system_mail_smtp_pass }}" # -------------------------------------------------------------------------------------------------- # vpn # -------------------------------------------------------------------------------------------------- vpn_subnet_id: 2 # -------------------------------------------------------------------------------------------------- # vpn:wireguard # -------------------------------------------------------------------------------------------------- vpn_wireguard_role: "client" vpn_wireguard_interface_private_key: "{{ vault_vpn_wireguard_interface_private_key }}" vpn_wireguard_server_public_key: "{{ vault_vpn_wireguard_server_public_key }}" vpn_wireguard_server_preshared_key: "{{ vault_vpn_wireguard_server_preshared_key }}" vpn_wireguard_server_address: "{{ vault_vpn_wireguard_server_address }}" vpn_wireguard_routing_table: 66 # -------------------------------------------------------------------------------------------------- # vpn:bridge # -------------------------------------------------------------------------------------------------- vpn_bridge_routing_table: "{{ vpn_wireguard_routing_table }}" # -------------------------------------------------------------------------------------------------- # backups:snapshots # -------------------------------------------------------------------------------------------------- backups_snapshots_sanoid_system_datasets: - name: "bpool/BOOT" templates: ["system"] recursive: true children_only: true - name: "rpool/ROOT" templates: ["system"] recursive: true children_only: true - name: "rpool/home" templates: ["system", "home"] recursive: true children_only: true # -------------------------------------------------------------------------------------------------- # services # -------------------------------------------------------------------------------------------------- services_hostname: "yggdrasil" services_root_dataset: "rpool{{ services_root_directory }}" services_home_dataset: "rpool{{ services_home_directory }}" services_data_dataset: "rpool{{ services_data_directory }}" services_containers_dataset: "rpool{{ services_containers_directory }}" services_host_services: lrproxy: address: "{{ vpn_bridge_prefix }}.2" tcp: [80, 443] rproxy_host: "valkyrie" rproxy_user: "pod-rproxy" database: address: "{{ vpn_bridge_prefix }}.3" cloud: address: "{{ vpn_bridge_prefix }}.4" git: address: "{{ vpn_bridge_prefix }}.5" tcp: ["{{ services.git.ssh_port }}"] notes: address: "{{ vpn_bridge_prefix }}.6" # -------------------------------------------------------------------------------------------------- # services:backups # -------------------------------------------------------------------------------------------------- services_backups_snapshots_dataset: "hpool/backup" services_backups_snapshots_root_dataset: "{{ services_root_dataset | replace('rpool/var/lib', 'hpool/backup') }}" services_backups_snapshots_data_dataset: "{{ services_data_dataset | replace('rpool/var/lib', 'hpool/backup') }}" services_backups_snapshots_services: "\ {% set services_backups_snapshots_service = {} %}\ {% for service in services_host_services.keys() %}\ {{ services_backups_snapshots_service.update( { service: { 'backup_dataset': ( services_backups_snapshots_data_dataset ~ '/pod-' ~ service ), 'recursive': true, 'skip_parent': true, }} ) }}\ {% endfor %}\ {{ services_backups_snapshots_service }}"