---
install:
  efi: true
  disks:
    primary: /dev/disk/by-id/ata-KINGSTON_SMS200S360G_50026B7244002329

network:
  nameservers: "{{ network_zones.lan.dns }}"
  domain: "{{ host_domain }}"
  primary: &_network_primary_
    name: enp5s0
    address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
    gateway: "{{ network_zones.lan.gateway }}"
  interfaces:
  - *_network_primary_


apt_repo_components:
  - main
  - contrib  ## for zfs
  - non-free ## for microcode updates


luks_volumes:
  # crypto-sata0:
  #   passphrase: "{{ vault_luks_volumes['crypto-sata0'].passphrase }}"
  #   device: /dev/disk/by-id/ata-WDC_WD30EFRX-68AX9N0_WD-WMC1T1674991
  crypto-sata1:
    passphrase: "{{ vault_luks_volumes['crypto-sata1'].passphrase }}"
    device: /dev/disk/by-id/ata-WDC_WD30EFRX-68AX9N0_WD-WMC1T1357355
  crypto-sata2:
    passphrase: "{{ vault_luks_volumes['crypto-sata2'].passphrase }}"
    device: /dev/disk/by-id/ata-WDC_WD30EFRX-68AX9N0_WD-WMC1T1522231
  crypto-sata3:
    passphrase: "{{ vault_luks_volumes['crypto-sata3'].passphrase }}"
    device: /dev/disk/by-id/ata-WDC_WD30EFRX-68AX9N0_WD-WMC1T1696205


zfs_arc_size:
  min: 2GB
  max: 20GB

zfs_pools:
  backup:
    mountpoint: /srv/backup
#    create_vdevs: raidz /dev/mapper/crypto-sata0 /dev/mapper/crypto-sata1 /dev/mapper/crypto-sata2 /dev/mapper/crypto-sata3
    create_vdevs: raidz /dev/mapper/crypto-sata1 /dev/mapper/crypto-sata2 /dev/mapper/crypto-sata3


zfs_sanoid_templates:
  backup:
    frequently: 0
    hourly: 48
    daily: 90
    monthly: 6
    yearly: 0
    autosnap: no
    autoprune: yes

  ignore:
    autoprune: no
    autosnap: no
    monitor: no

zfs_sanoid_modules:
  backup:
    use_template: backup
    recursive: yes
    process_children_only: yes


zfs_syncoid_target_pool: backup
zfs_syncoid_sources:
  'ch-prometheus':
    ssh_hostname: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus']) | ipaddr('address') }}"
    ssh_port: "{{ hostvars['ch-prometheus'].ansible_port }}"
    periodic:
      schedule: "*-*-* 00,06,12,18:30:00"
      timeout: 5h
    paths:
      nvme/vm:
        recursive: yes
        skip_parent: yes
      storage/vm:
        recursive: yes
        skip_parent: yes
      storage:
        recursive: yes
        skip_parent: yes
        exclude:
        - '^storage/backups'
        - '^storage/vm'
  'ch-equinox-t450s':
    ssh_hostname: 192.168.28.103
    ssh_port: 222
    paths:
      storage:
        recursive: yes
        skip_parent: yes