7 files changed, 219 insertions, 0 deletions

diff --git a/inventory/host_vars/sk-cloudio/collabora.yml b/inventory/host_vars/sk-cloudio/collabora.yml
new file mode 100644
index 00000000..3fc973c3
--- /dev/null
+++ b/inventory/host_vars/sk-cloudio/collabora.yml
@@ -0,0 +1,16 @@
+---
+collabora_code_base_path: /srv/storage/collabora/code
+
+collabora_code_instances:
+  o.skillz.biz:
+    version: 4.2.4.5
+    port: 8200
+    hostname: o.skillz.biz
+    admin:
+      username: admin
+      password: "{{ vault_collabora_code_admin_passwords['o.skillz.biz'] }}"
+    backend_storages:
+    - wolke.elevate.at
+    - insomnia.skillz.biz
+    - nc.skillz.biz
+    - wae.elevate.at
diff --git a/inventory/host_vars/sk-cloudio/coturn.yml b/inventory/host_vars/sk-cloudio/coturn.yml
new file mode 100644
index 00000000..43dc2d3c
--- /dev/null
+++ b/inventory/host_vars/sk-cloudio/coturn.yml
@@ -0,0 +1,14 @@
+---
+coturn_base_path: /srv/storage/coturn
+
+coturn_version: 4.5.1.3
+coturn_realm: elev8.at
+coturn_hostnames:
+  - stun.elev8.at
+  - turn.elev8.at
+
+coturn_max_bps: 1048576  ## 8Mbit/s
+coturn_bps_capacity: 13107200  ## 100Mbit/s
+coturn_threads: 4
+
+coturn_auth_secret: "{{ vault_coturn_auth_secret }}"
diff --git a/inventory/host_vars/sk-cloudio/etherpad.yml b/inventory/host_vars/sk-cloudio/etherpad.yml
new file mode 100644
index 00000000..1d82e4b3
--- /dev/null
+++ b/inventory/host_vars/sk-cloudio/etherpad.yml
@@ -0,0 +1,58 @@
+---
+etherpad_lite_zfs:
+  pool: storage
+  name: etherpad-lite
+  properties:
+    compression: lz4
+
+etherpad_lite_instances:
+  pad.elevate.at:
+    version: c65c5f17aa26c9179ce591f44721861ba6f6bec4-elevate
+    port: 8300
+    hostnames:
+      - pad.elevate.at
+    zfs_properties:
+      quota: 5G
+    settings:
+      title: Elevate Etherpad
+      users:
+        admin:
+          is_admin: true
+          password: "{{ vault_etherpad_lite_user_passwords['pad.elevate.at']['admin'] }}"
+        user:
+          is_admin: false
+          password: "{{ vault_etherpad_lite_user_passwords['pad.elevate.at']['user'] }}"
+
+      defaultPadText: "Welcome to the ELEVATE - Etherpad!\n\nThis pad text is synchronized\
+        \ as you type, so that everyone viewing this page sees the same text. This allows\
+        \ you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at http://etherpad.org\n\
+        \n IMPORTANT: THIS PAD IS PRIVIDED FOR FREE TO THE PUBLIC! There is no guarantee\
+        \ for your data - please take care of backups yourself! This is usually intended\
+        \ only for the Elevate Team and it might get access control in the future! If you\
+        \ are interested in having a PAD for your project, please get back to dan@elevate.at\
+        \ for information. It can be made available!"
+      favicon: favicon.ico
+
+      maxAge: 21600
+      editOnly: false
+      minify: true
+      requireSession: false
+      requireAuthentication: false
+      requireAuthorization: false
+      socketTransportProtocols: [xhr-polling, jsonp-polling, htmlfile]
+      abiword: null
+      loglevel: INFO
+      logconfig:
+        appenders:
+        - type: console
+      dbType: "mysql"
+      dbSettings:
+        host: "127.0.0.1"
+        user: "etherpad-lite"
+        password: "{{ vault_etherpad_lite_database_passwords['pad.elevate.at'] }}"
+        database: "etherpad-lite"
+        charset: "utf8mb4"
+    database:
+      type: mariadb
+      version: 10.4.8
+      password: "{{ vault_etherpad_lite_database_passwords['pad.elevate.at'] }}"
diff --git a/inventory/host_vars/sk-cloudio/jitsi.yml b/inventory/host_vars/sk-cloudio/jitsi.yml
new file mode 100644
index 00000000..1c50c94c
--- /dev/null
+++ b/inventory/host_vars/sk-cloudio/jitsi.yml
@@ -0,0 +1,8 @@
+---
+jitsi_meet_base_path: /srv/storage/jitsi/meet
+
+jitsi_meet_version: stable-4857
+jitsi_meet_hostnames:
+  - meet.elev8.at
+
+jitsi_meet_secrets: "{{ vault_jitsi_meet_secrets }}"
diff --git a/inventory/host_vars/sk-cloudio/nextcloud.yml b/inventory/host_vars/sk-cloudio/nextcloud.yml
new file mode 100644
index 00000000..2bb6eab5
--- /dev/null
+++ b/inventory/host_vars/sk-cloudio/nextcloud.yml
@@ -0,0 +1,56 @@
+---
+nextcloud_zfs:
+  pool: storage
+  name: nextcloud
+  properties:
+    compression: lz4
+
+nextcloud_instances:
+  wolke.elevate.at:
+    # new: true
+    version: 18.0.6
+    port: 8100
+    hostnames:
+    - wolke.elevate.at
+    zfs_properties:
+      quota: 300G
+    database:
+      type: mariadb
+      version: 10.4.13
+      password: "{{ vault_nextcloud_database_passwords['wolke.elevate.at'] }}"
+  insomnia.skillz.biz:
+    # new: true
+    version: 18.0.6
+    port: 8101
+    hostnames:
+      - insomnia.skillz.biz
+    zfs_properties:
+      quota: 200G
+    database:
+      type: mariadb
+      version: 10.4.13
+      password: "{{ vault_nextcloud_database_passwords['insomnia.skillz.biz'] }}"
+  nc.skillz.biz:
+    # new: true
+    version: 18.0.6
+    port: 8102
+    hostnames:
+      - nc.skillz.biz
+    zfs_properties:
+      quota: 200G
+    database:
+      type: mariadb
+      version: 10.4.13
+      password: "{{ vault_nextcloud_database_passwords['nc.skillz.biz'] }}"
+  wae.elevate.at:
+    # new: true
+    version: 18.0.6
+    port: 8104
+    hostnames:
+    - wae.elevate.at
+    zfs_properties:
+      quota: 100G
+    database:
+      type: mariadb
+      version: 10.4.13
+      password: "{{ vault_nextcloud_database_passwords['wae.elevate.at'] }}"
diff --git a/inventory/host_vars/sk-cloudio/vars.yml b/inventory/host_vars/sk-cloudio/vars.yml
new file mode 100644
index 00000000..b8e3d2a5
--- /dev/null
+++ b/inventory/host_vars/sk-cloudio/vars.yml
@@ -0,0 +1,64 @@
+---
+install:
+  cloud:
+    credentials: "{{ vault_hroot_robot_account }}"
+    server_name: "{{ host_name }}"
+  disks:
+    primary: software-raid
+    raid:
+      level: 1
+      members:
+      - /dev/nvme0n1
+      - /dev/nvme1n1
+  system_lvm:
+    size: 15G
+
+network: {}
+
+
+apt_repo_components:
+  - main
+  - contrib  ## for zfs
+  - non-free ## for microcode updates
+
+
+zfs_arc_size:
+  min: "{{ 2 * 1024 * 1024 * 1024 }}"
+  max: "{{ 16 * 1024 * 1024 * 1024 }}"
+
+zfs_zpools:
+  storage:
+    mountpoint: /srv/storage
+    create_vdevs: mirror nvme0n1p3 nvme1n1p3
+
+zfs_sanoid_modules:
+  storage/nextcloud:
+    use_template: production
+    recursive: yes
+    process_children_only: yes
+  storage/etherpad-lite:
+    use_template: production
+    recursive: yes
+    process_children_only: yes
+
+
+docker_zfs:
+  pool: storage
+  name: docker
+  properties:
+    quota: 40G
+
+kubelet_zfs:
+  pool: storage
+  name: kubelet
+  properties:
+    quota: 20G
+
+kubernetes_version: 1.18.6
+kubernetes_container_runtime: docker
+kubernetes_standalone_max_pods: 100
+kubernetes_standalone_resolv_conf: /var/run/systemd/resolve/resolv.conf
+kubernetes_standalone_pod_cidr: 192.168.255.0/24
+kubernetes_standalone_cni_variant: with-portmap
+
+# acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}"
diff --git a/inventory/hosts.ini b/inventory/hosts.ini
index c099ddd9..17360d01 100644
--- a/inventory/hosts.ini
+++ b/inventory/hosts.ini
@@ -116,6 +116,7 @@ env_group=dan
 [skillz]
 sk-2019 host_name=2019
 sk-cloudia host_name=cloudia
+sk-cloudio host_name=cloudio
 sk-2019vm host_name=2019vm
 sk-tomnext host_name=tomnext
 sk-tomnext-nc host_name=tomnext-nc
@@ -312,6 +313,7 @@ vmhost-sk-tomnext-guests
 [hroot]
 sk-2019
 sk-cloudia
+sk-cloudio
 sk-2019vm
 sk-tomnext
 
@@ -369,6 +371,7 @@ k8s-lwl
 
 [standalone-kubelet]
 sk-cloudia
+sk-cloudio
 ele-thetys
 lw-thetys
 sk-tomnext-nc