--- # -------------------------------------------------------------------------------------------------- # system:zfs # -------------------------------------------------------------------------------------------------- system_zfs_zpools: - "bpool" - "rpool" - "hpool" system_zfs_zpools_trim: - "bpool" - "rpool" system_zfs_zpools_load_key: - "hpool" # -------------------------------------------------------------------------------------------------- # system:mail # -------------------------------------------------------------------------------------------------- system_mail_smtp_pass: "{{ vault_system_mail_smtp_pass }}" # -------------------------------------------------------------------------------------------------- # system:base # -------------------------------------------------------------------------------------------------- system_base_additional_ssh_users: - "music" system_base_udp_ports: - 67 # dhcp (libvirt) - 68 # dhcp (libvirt) - 137 # samba - 138 # samba system_base_tcp_ports: - 139 # samba - 445 # samba system_base_unattended_upgrades_blacklist: - "linux-" - "zfs(utils)?-" # -------------------------------------------------------------------------------------------------- # system:var # -------------------------------------------------------------------------------------------------- system_var_hostname: "yggdrasil" system_var_root_dataset: "rpool{{ system_var_root_directory }}" system_var_home_dataset: "rpool{{ system_var_home_directory }}" system_var_data_dataset: "rpool{{ system_var_data_directory }}" system_var_containers_dataset: "rpool{{ system_var_containers_directory }}" # -------------------------------------------------------------------------------------------------- # system:backup # -------------------------------------------------------------------------------------------------- system_backups_snapshots_dataset: "hpool/backup" system_backups_snapshots_root_dataset: "{{ system_var_root_dataset | replace('rpool/var/lib', 'hpool/backup') }}" system_backups_snapshots_data_dataset: "{{ system_var_data_dataset | replace('rpool/var/lib', 'hpool/backup') }}" # -------------------------------------------------------------------------------------------------- # vpn # -------------------------------------------------------------------------------------------------- vpn_subnet_id: 2 # -------------------------------------------------------------------------------------------------- # vpn:wireguard # -------------------------------------------------------------------------------------------------- vpn_wireguard_role: "client" vpn_wireguard_interface_private_key: "{{ vault_vpn_wireguard_interface_private_key }}" vpn_wireguard_server_public_key: "{{ vault_vpn_wireguard_server_public_key }}" vpn_wireguard_server_preshared_key: "{{ vault_vpn_wireguard_server_preshared_key }}" vpn_wireguard_server_address: "{{ vault_vpn_wireguard_server_address }}" vpn_wireguard_routing_table: 66 # -------------------------------------------------------------------------------------------------- # vpn:bridge # -------------------------------------------------------------------------------------------------- vpn_bridge_routing_table: "{{ vpn_wireguard_routing_table }}" # -------------------------------------------------------------------------------------------------- # backups:snapshots # -------------------------------------------------------------------------------------------------- backups_snapshots_sanoid_system_datasets: - name: "bpool/BOOT" templates: ["system"] recursive: true children_only: true - name: "rpool/ROOT" templates: ["system"] recursive: true children_only: true - name: "rpool/home" templates: ["system", "home"] recursive: true children_only: true # -------------------------------------------------------------------------------------------------- # music:rip # -------------------------------------------------------------------------------------------------- music_user_name: "music" music_user_password: "{{ vault_music_user_password }}" music_user_samba_password: "{{ vault_music_user_samba_password }}" music_user_home_directory: "{{ system_var_home_directory }}/{{ music_user_name }}" music_user_data_directory: "{{ system_var_data_directory }}/{{ music_user_name }}" music_user_data_collection_directory: "{{ music_user_data_directory }}/collection" music_user_data_archive_directory: "{{ music_user_data_directory }}/archive" music_user_home_dataset: "rpool{{ music_user_home_directory }}" music_user_data_dataset: "rpool{{ music_user_data_directory }}" music_user_data_collection_dataset: "{{ music_user_data_dataset }}/collection" music_user_data_archive_dataset: "{{ music_user_data_dataset }}/archive" # -------------------------------------------------------------------------------------------------- # music:backups # -------------------------------------------------------------------------------------------------- music_user_backups_snapshots_data_dataset: "\ {{ system_backups_snapshots_data_dataset }}/{{ music_user_name }}" music_user_backups_snapshots_recursive: true music_user_backups_snapshots_skip_parent: true # -------------------------------------------------------------------------------------------------- # music:org # -------------------------------------------------------------------------------------------------- music_user_nextcloud_domain: "cloud.wojciechkozlowski.eu" music_user_nextcloud_url: "https://{{ music_user_nextcloud_domain }}/public.php/webdav" music_user_nextcloud_user: "{{ vault_music_user_nextcloud_user }}" music_user_nextcloud_pswd: "{{ vault_music_user_nextcloud_pswd }}" # -------------------------------------------------------------------------------------------------- # services # -------------------------------------------------------------------------------------------------- services_root_dataset: "{{ system_var_root_dataset }}" services_home_dataset: "{{ system_var_home_dataset }}" services_data_dataset: "{{ system_var_data_dataset }}" services_containers_dataset: "{{ system_var_containers_dataset }}" services_host_services: lrproxy: address: "{{ vpn_bridge_prefix }}.2" tcp: [80, 443] rproxy_host: "valkyrie" rproxy_user: "pod-rproxy" database: address: "{{ vpn_bridge_prefix }}.3" cloud: address: "{{ vpn_bridge_prefix }}.4" git: address: "{{ vpn_bridge_prefix }}.5" tcp: ["{{ services.git.ssh_port }}"] notes: address: "{{ vpn_bridge_prefix }}.6" music: address: "{{ vpn_bridge_prefix }}.7" music_path: "{{ music_user_data_collection_directory }}" # -------------------------------------------------------------------------------------------------- # services:backups # -------------------------------------------------------------------------------------------------- services_backups_snapshots_dataset: "{{ system_backups_snapshots_dataset }}" services_backups_snapshots_root_dataset: "{{ system_backups_snapshots_root_dataset }}" services_backups_snapshots_data_dataset: "{{ system_backups_snapshots_data_dataset }}" services_backups_snapshots_services: "\ {% set services_backups_snapshots_service = {} %}\ {% for service in services_host_services.keys() %}\ {{ services_backups_snapshots_service.update( { service: { 'user_name': ( 'pod-' ~ service ), 'data_dataset': ( services_data_dataset ~ '/pod-' ~ service ), 'backup_dataset': ( services_backups_snapshots_data_dataset ~ '/pod-' ~ service ), 'recursive': true, 'skip_parent': true, }} ) }}\ {% endfor %}\ {{ services_backups_snapshots_service }}"