--- # -------------------------------------------------------------------------------------------------- # system:var # -------------------------------------------------------------------------------------------------- system_etc_root_directory: "/etc/the-nine-worlds" system_var_root_directory: "/var/lib/the-nine-worlds" system_var_home_directory: "{{ system_var_root_directory }}/home" system_var_data_directory: "{{ system_var_root_directory }}/data" system_var_containers_directory: "{{ system_var_root_directory }}/containers" # -------------------------------------------------------------------------------------------------- # vpn:wireguard # -------------------------------------------------------------------------------------------------- vpn_wireguard_port: 51820 vpn_wireguard_inet_prefix: "10.66.0" vpn_wireguard_inet_address: "{{ vpn_wireguard_inet_prefix }}.{{ vpn_subnet_id }}" vpn_wireguard_inet_prefixlen: 30 vpn_wireguard_inet_subnet: "{{ vpn_wireguard_inet_prefix }}.0/{{ vpn_wireguard_inet_prefixlen }}" vpn_wireguard_inet6_prefix: "{{ vpn_global_inet6_prefix }}:6600" vpn_wireguard_inet6_address: "{{ vpn_wireguard_inet6_prefix }}::{{ vpn_subnet_id }}" vpn_wireguard_inet6_prefixlen: 64 vpn_wireguard_inet6_subnet: "{{ vpn_wireguard_inet6_prefix }}::/{{ vpn_wireguard_inet6_prefixlen }}" # -------------------------------------------------------------------------------------------------- # vpn:bridge # -------------------------------------------------------------------------------------------------- vpn_bridge_inet_prefix: "10.66.{{ vpn_subnet_id }}" vpn_bridge_inet_address: "{{ vpn_bridge_inet_prefix }}.1" vpn_bridge_inet_prefixlen: "24" vpn_bridge_inet_subnet: "{{ vpn_bridge_inet_prefix }}.0/{{ vpn_bridge_inet_prefixlen }}" vpn_bridge_inet6_prefix: "{{ vpn_global_inet6_prefix }}:{{ '%04x' % (0x6600 + vpn_subnet_id) }}" vpn_bridge_inet6_address: "{{ vpn_bridge_inet6_prefix }}::1" vpn_bridge_inet6_prefixlen: "64" vpn_bridge_inet6_subnet: "{{ vpn_bridge_inet6_prefix }}::/{{ vpn_bridge_inet6_prefixlen }}" vpn_bridge_dnat: "\ {% set vpn_bridge_dnat = [] %}\ {% for properties in ( services_host_services.values() | selectattr('tcp', 'defined') ) %}\ {{ vpn_bridge_dnat.append({ 'inet_address': properties.inet_address, 'inet6_address': properties.inet6_address, 'ports': properties.tcp }) }}\ {% endfor %}\ {{ vpn_bridge_dnat }}" # -------------------------------------------------------------------------------------------------- # services # -------------------------------------------------------------------------------------------------- services_root_directory: "{{ system_var_root_directory }}" services_home_directory: "{{ system_var_home_directory }}" services_data_directory: "{{ system_var_data_directory }}" services_containers_directory: "{{ system_var_containers_directory }}" services_all_hosts: "{{ groups['asgard'] }}" services_all_services: "{{ services_all_hosts | map('extract', hostvars, 'services_host_services') | map('dict2items') | flatten | items2dict }}" services_resolv_host: "valkyrie" services: rproxy: {} www: repo: user: "{{ vault_services.www.repo.user }}" token: "{{ vault_services.www.repo.token }}" lrproxy: {} database: password: "{{ vault_services.database.password }}" cloud: domain: "{{ vault_services.cloud.domain }}" database: name: "{{ vault_services.cloud.database.name }}" user: "{{ vault_services.cloud.database.user }}" password: "{{ vault_services.cloud.database.password }}" smtp: host: "{{ vault_services.cloud.smtp.host }}" user: "{{ vault_services.cloud.smtp.user }}" password: "{{ vault_services.cloud.smtp.password }}" git: domain: "{{ vault_services.git.domain }}" database: name: "{{ vault_services.git.database.name }}" user: "{{ vault_services.git.database.user }}" password: "{{ vault_services.git.database.password }}" smtp: host: "{{ vault_services.git.smtp.host }}" user: "{{ vault_services.git.smtp.user }}" password: "{{ vault_services.git.smtp.password }}" ssh_port: 2770 notes: domain: "{{ vault_services.notes.domain }}" database: name: "{{ vault_services.notes.database.name }}" user: "{{ vault_services.notes.database.user }}" password: "{{ vault_services.notes.database.password }}" smtp: host: "{{ vault_services.notes.smtp.host }}" user: "{{ vault_services.notes.smtp.user }}" password: "{{ vault_services.notes.smtp.password }}" music: domain: "{{ vault_services.music.domain }}" password_encryption_key: "{{ vault_services.music.password_encryption_key }}" # -------------------------------------------------------------------------------------------------- # services:user_setup # -------------------------------------------------------------------------------------------------- services_bridge_inet_gateway: "{{ vpn_bridge_inet_address }}" services_bridge_inet6_gateway: "{{ vpn_bridge_inet6_address }}"