# --------------------------------------------------------------------------------------------------
# system:zfs
# --------------------------------------------------------------------------------------------------
system_zfs_zpools:
  - "bpool"
  - "rpool"
  - "hpool"
system_zfs_zpools_trim:
  - "bpool"
  - "rpool"
system_zfs_zpools_load_key:
  - "hpool"

# --------------------------------------------------------------------------------------------------
# system:mail
# --------------------------------------------------------------------------------------------------
system_mail_smtp_pass: "{{ vault_system_mail_smtp_pass }}"

# --------------------------------------------------------------------------------------------------
# vpn
# --------------------------------------------------------------------------------------------------
vpn_subnet_id: 2

# --------------------------------------------------------------------------------------------------
# vpn:wireguard
# --------------------------------------------------------------------------------------------------
vpn_wireguard_role: "client"
vpn_wireguard_interface_private_key: "{{ vault_vpn_wireguard_interface_private_key }}"
vpn_wireguard_server_public_key: "{{ vault_vpn_wireguard_server_public_key }}"
vpn_wireguard_server_preshared_key: "{{ vault_vpn_wireguard_server_preshared_key }}"
vpn_wireguard_server_address: "{{ vault_vpn_wireguard_server_address }}"
vpn_wireguard_routing_table: 66

# --------------------------------------------------------------------------------------------------
# backup:snapshots
# --------------------------------------------------------------------------------------------------
backups_snapshots_sanoid_system_datasets:
  - name: "bpool/BOOT"
    templates: ["system"]
    recursive: true
    children_only: true
  - name: "rpool/ROOT"
    templates: ["system"]
    recursive: true
    children_only: true
  - name: "rpool/home"
    templates: ["system", "home"]
    recursive: true
    children_only: true

# --------------------------------------------------------------------------------------------------
# services
# --------------------------------------------------------------------------------------------------
services_root_dataset: "rpool{{ services_root_directory }}"
services_home_dataset: "rpool{{ services_home_directory }}"
services_data_dataset: "rpool{{ services_data_directory }}"
services_containers_dataset: "rpool{{ services_containers_directory }}"

services_host_services:
  lrproxy:
    address: "{{ vpn_bridge_prefix }}.2"
    tcp: [80, 443]
  database:
    address: "{{ vpn_bridge_prefix }}.3"
  cloud:
    address: "{{ vpn_bridge_prefix }}.4"
  git:
    address: "{{ vpn_bridge_prefix }}.5"
    tcp: ["{{ services.git.ssh_port }}"]
  notes:
    address: "{{ vpn_bridge_prefix }}.6"

# --------------------------------------------------------------------------------------------------
# services:backups
# --------------------------------------------------------------------------------------------------
services_backups_datasets_root: "rpool/var/lib/yggdrasil/data"
services_backups_datasets: "\
  {% set datasets = {} %}\
  {% for service in services_host_services.keys() %}\
  {{ datasets.update({ ( 'pod-' ~ service ): None }) }}\
  {% endfor %}\
  {{ datasets }}"
services_backups_snapshots_syncoid:
  datasets_root: "hpool/backup/yggdrasil/data"
  default_recursive: true
  default_skip_parent: true