# -------------------------------------------------------------------------------------------------- # system:base # -------------------------------------------------------------------------------------------------- system_base_additional_tcp_ports: "{{ services_host_services | dict2items | map(attribute='value.tcp', default=[]) | flatten }}" # -------------------------------------------------------------------------------------------------- # vpn:wireguard # -------------------------------------------------------------------------------------------------- vpn_wireguard_port: 51820 vpn_wireguard_address: "10.66.0.{{ vpn_subnet_id }}" vpn_wireguard_netmask: "255.255.255.252" vpn_wireguard_subnet: "10.66.0.0/30" # -------------------------------------------------------------------------------------------------- # vpn:bridge # -------------------------------------------------------------------------------------------------- vpn_bridge_prefix: "10.66.{{ vpn_subnet_id }}" vpn_bridge_address: "{{ vpn_bridge_prefix }}.1" vpn_bridge_broadcast: "{{ vpn_bridge_prefix }}.255" vpn_bridge_netmask: "255.255.255.0" vpn_bridge_dnat: "{{ services_host_services | dict2items | community.general.json_query('[?@.value.tcp]. {address: value.address, ports: value.tcp}') }}" # -------------------------------------------------------------------------------------------------- # services # -------------------------------------------------------------------------------------------------- services_root_directory: "/var/lib/{{ ansible_hostname }}" services_home_directory: "{{ services_root_directory }}/home" services_data_directory: "{{ services_root_directory }}/data" services_containers_directory: "{{ services_root_directory }}/containers" services_all_hosts: "{{ groups['asgard'] }}" services_all_services: "{{ services_all_hosts | map('extract', hostvars, 'services_host_services') | map('dict2items') | flatten | items2dict }}" services: rproxy: {} www: repo_user: "{{ vault_services.www.repo_user }}" repo_token: "{{ vault_services.www.repo_token }}" lrproxy: {} database: password: "{{ vault_services.database.password }}" cloud: domain: "{{ vault_services.cloud.domain }}" database_name: "{{ vault_services.cloud.database_name }}" database_user: "{{ vault_services.cloud.database_user }}" database_password: "{{ vault_services.cloud.database_password }}" admin_user: "{{ vault_services.cloud.admin_user }}" admin_password: "{{ vault_services.cloud.admin_password }}" smtp_host: "{{ vault_services.cloud.smtp_host }}" smtp_name: "{{ vault_services.cloud.smtp_name }}" smtp_password: "{{ vault_services.cloud.smtp_password }}" git: domain: "{{ vault_services.git.domain }}" database_name: "{{ vault_services.git.database_name }}" database_user: "{{ vault_services.git.database_user }}" database_passwd: "{{ vault_services.git.database_passwd }}" smtp_host: "{{ vault_services.git.smtp_host }}" smtp_user: "{{ vault_services.git.smtp_user }}" smtp_passwd: "{{ vault_services.git.smtp_passwd }}" ssh_port: 2770 notes: domain: "{{ vault_services.notes.domain }}" database_name: "{{ vault_services.notes.database_name }}" database_user: "{{ vault_services.notes.database_user }}" database_password: "{{ vault_services.notes.database_password }}" smtp_host: "{{ vault_services.notes.smtp_host }}" smtp_name: "{{ vault_services.notes.smtp_name }}" smtp_password: "{{ vault_services.notes.smtp_password }}" # -------------------------------------------------------------------------------------------------- # services:user_setup # -------------------------------------------------------------------------------------------------- services_bridge_gateway: "{{ vpn_bridge_address }}" scw_bucket_endpoint: "{{ vault_scw_bucket_endpoint }}" scw_access_key: "{{ vault_scw_access_key }}" scw_secret_key: "{{ vault_scw_secret_key }}" restic_password: "{{ vault_restic_password }}"