From c71701f2d1de698176e4ba6bbd2de32adebadfe1 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 19 Aug 2020 03:36:00 +0200
Subject: ch-prometheus: crypt disks

---
 inventory/host_vars/ch-prometheus.yml | 40 +++++++++++++++++++++++++++++++----
 1 file changed, 36 insertions(+), 4 deletions(-)

(limited to 'inventory')

diff --git a/inventory/host_vars/ch-prometheus.yml b/inventory/host_vars/ch-prometheus.yml
index de31cd83..425411df 100644
--- a/inventory/host_vars/ch-prometheus.yml
+++ b/inventory/host_vars/ch-prometheus.yml
@@ -8,10 +8,10 @@ install:
     raid:
       level: 1
       members:
-      - /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_512GB_S5JYNC0N310327Y
       - /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_512GB_S5JYNC0N310329Z
+      - /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_512GB_S5JYNC0N310327Y
   system_lvm:
-    size: 20G
+    size: 25G
 
 network:
   nameservers:
@@ -40,17 +40,49 @@ apt_repo_components:
   - non-free ## for microcode updates
 
 
+installer_lvm:
+  vg: "{{ host_name }}"
+  lv: installer
+  size: 10G
+  fs: ext4
+
+
+cryptdisk_volumes:
+  crypto-nvme0:
+    passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}"
+    device: /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_512GB_S5JYNC0N310329Z-part4
+  crypto-nvme1:
+    passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme1'].passphrase }}"
+    device: /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_512GB_S5JYNC0N310327Y-part4
+  crypto-sata0:
+    passphrase: "{{ vault_cryptdisk_volumes['crypto-sata0'].passphrase }}"
+    device: /dev/disk/by-id/ata-WDC_WD102KRYZ-01A5AB0_VCG6HGTN
+  crypto-sata1:
+    passphrase: "{{ vault_cryptdisk_volumes['crypto-sata1'].passphrase }}"
+    device: /dev/disk/by-id/ata-WDC_WD102KRYZ-01A5AB0_VCG6GT2N
+  crypto-sata2:
+    passphrase: "{{ vault_cryptdisk_volumes['crypto-sata2'].passphrase }}"
+    device: /dev/disk/by-id/ata-WDC_WD102KRYZ-01A5AB0_VCG6A2UN
+
+
 zfs_arc_size:
   min: "{{ 2 * 1024 * 1024 * 1024 }}"
-  max: "{{ 8 * 1024 * 1024 * 1024 }}"
+  max: "{{ 24 * 1024 * 1024 * 1024 }}"
 
 zfs_zpools:
   nvme:
     mountpoint: /srv/nvme
-    create_vdevs: mirror /dev/nvme0n1p4 /dev/nvme1n1p4
+    create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1
+  storage:
+    mountpoint: /srv/storage
+    create_vdevs: mirror /dev/mapper/crypto-sata0 /dev/mapper/crypto-sata1 /dev/mapper/crypto-sata2
 
 zfs_sanoid_modules:
   nvme/vm:
     use_template: production
     recursive: yes
     process_children_only: yes
+  storage:
+    use_template: production
+    recursive: yes
+    process_children_only: yes
-- 
cgit v1.2.3