ansible-edda/inventory/group_vars/asgard/vars.yml

116 lines
5.0 KiB
YAML

---
# --------------------------------------------------------------------------------------------------
# system:var
# --------------------------------------------------------------------------------------------------
system_etc_home_directory: "{{ system_etc_root_directory }}/services"
system_var_data_directory: "{{ system_var_root_directory }}/data"
system_var_containers_directory: "{{ system_var_root_directory }}/containers"
# --------------------------------------------------------------------------------------------------
# vpn:wireguard
# --------------------------------------------------------------------------------------------------
vpn_wireguard_port: 51820
vpn_wireguard_inet_prefix: "10.66.0"
vpn_wireguard_inet_address: "{{ vpn_wireguard_inet_prefix }}.{{ vpn_subnet_id }}"
vpn_wireguard_inet_prefixlen: 30
vpn_wireguard_inet_subnet: "{{ vpn_wireguard_inet_prefix }}.0/{{ vpn_wireguard_inet_prefixlen }}"
vpn_wireguard_inet6_prefix: "{{ vpn_global_inet6_prefix }}:6600"
vpn_wireguard_inet6_address: "{{ vpn_wireguard_inet6_prefix }}::{{ vpn_subnet_id }}"
vpn_wireguard_inet6_prefixlen: 64
vpn_wireguard_inet6_subnet: "{{ vpn_wireguard_inet6_prefix }}::/{{ vpn_wireguard_inet6_prefixlen }}"
# --------------------------------------------------------------------------------------------------
# vpn:bridge
# --------------------------------------------------------------------------------------------------
vpn_bridge_inet_prefix: "10.66.{{ vpn_subnet_id }}"
vpn_bridge_inet_address: "{{ vpn_bridge_inet_prefix }}.1"
vpn_bridge_inet_prefixlen: "24"
vpn_bridge_inet_subnet: "{{ vpn_bridge_inet_prefix }}.0/{{ vpn_bridge_inet_prefixlen }}"
vpn_bridge_inet6_prefix: "{{ vpn_global_inet6_prefix }}:{{ '%04x' % (0x6600 + vpn_subnet_id) }}"
vpn_bridge_inet6_address: "{{ vpn_bridge_inet6_prefix }}::1"
vpn_bridge_inet6_prefixlen: "64"
vpn_bridge_inet6_subnet: "{{ vpn_bridge_inet6_prefix }}::/{{ vpn_bridge_inet6_prefixlen }}"
vpn_bridge_dnat: "\
{% set vpn_bridge_dnat = [] %}\
{% for properties in ( services_host_services.values() | selectattr('tcp', 'defined') ) %}\
{{ vpn_bridge_dnat.append({
'inet_address': properties.inet_address,
'inet6_address': properties.inet6_address,
'ports': properties.tcp
}) }}\
{% endfor %}\
{{ vpn_bridge_dnat }}"
# --------------------------------------------------------------------------------------------------
# services
# --------------------------------------------------------------------------------------------------
services_root_directory: "{{ system_var_root_directory }}"
services_home_directory: "{{ system_etc_home_directory }}"
services_data_directory: "{{ system_var_data_directory }}"
services_containers_directory: "{{ system_var_containers_directory }}"
services_all_hosts: "{{ groups['asgard'] }}"
services_all_services: "{{
services_all_hosts | map('extract', hostvars, 'services_host_services') | map('dict2items') |
flatten | items2dict }}"
services_resolv_host: "valkyrie"
services:
rproxy: {}
www:
repo:
user: "{{ vault_services.www.repo.user }}"
token: "{{ vault_services.www.repo.token }}"
lrproxy: {}
database:
pgadmin:
email: "{{ vault_services.database.pgadmin.email }}"
password: "{{ vault_services.database.pgadmin.password }}"
postgres:
password: "{{ vault_services.database.postgres.password }}"
cloud:
domain: "{{ vault_services.cloud.domain }}"
database:
name: "{{ vault_services.cloud.database.name }}"
user: "{{ vault_services.cloud.database.user }}"
password: "{{ vault_services.cloud.database.password }}"
smtp:
host: "{{ vault_services.cloud.smtp.host }}"
user: "{{ vault_services.cloud.smtp.user }}"
password: "{{ vault_services.cloud.smtp.password }}"
git:
domain: "{{ vault_services.git.domain }}"
database:
name: "{{ vault_services.git.database.name }}"
user: "{{ vault_services.git.database.user }}"
password: "{{ vault_services.git.database.password }}"
smtp:
host: "{{ vault_services.git.smtp.host }}"
user: "{{ vault_services.git.smtp.user }}"
password: "{{ vault_services.git.smtp.password }}"
ssh_port: 2770
notes:
domain: "{{ vault_services.notes.domain }}"
database:
name: "{{ vault_services.notes.database.name }}"
user: "{{ vault_services.notes.database.user }}"
password: "{{ vault_services.notes.database.password }}"
smtp:
host: "{{ vault_services.notes.smtp.host }}"
user: "{{ vault_services.notes.smtp.user }}"
password: "{{ vault_services.notes.smtp.password }}"
music:
domain: "{{ vault_services.music.domain }}"
password_encryption_key: "{{ vault_services.music.password_encryption_key }}"
# --------------------------------------------------------------------------------------------------
# services:user_setup
# --------------------------------------------------------------------------------------------------
services_bridge_inet_gateway: "{{ vpn_bridge_inet_address }}"
services_bridge_inet6_gateway: "{{ vpn_bridge_inet6_address }}"