--- install: efi: true disks: primary: /dev/disk/by-id/ata-KINGSTON_SMS200S360G_50026B7244002329 network: nameservers: "{{ network_zones.lan.dns }}" domain: "{{ host_domain }}" primary: &_network_primary_ name: enp1s0 address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ network_zones.lan.gateway }}" interfaces: - *_network_primary_ wakeonlan_interfaces: - enp6s0 ## onboard GBit/s port - enp1s0 is a 10g SFP+ card without support for WOL apt_repo_components: - main - contrib ## for zfs - non-free ## for microcode updates luks_volumes: crypto-sata0: passphrase: "{{ vault_luks_volumes['crypto-sata0'].passphrase }}" device: /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N6ZP3KFJ crypto-sata1: passphrase: "{{ vault_luks_volumes['crypto-sata1'].passphrase }}" device: /dev/disk/by-id/ata-ST4000VN008-2DR166_ZDHAVYJT crypto-sata2: passphrase: "{{ vault_luks_volumes['crypto-sata2'].passphrase }}" device: /dev/disk/by-id/ata-WDC_WD30EFRX-68AX9N0_WD-WMC1T1522231 crypto-sata3: passphrase: "{{ vault_luks_volumes['crypto-sata3'].passphrase }}" device: /dev/disk/by-id/ata-ST4000VN008-2DR166_ZDHADPQL zfs_arc_size: min: 2GB max: 20GB zfs_pools: backup: mountpoint: /srv/backup create_vdevs: raidz /dev/mapper/crypto-sata0 /dev/mapper/crypto-sata1 /dev/mapper/crypto-sata2 /dev/mapper/crypto-sata3 zfs_sanoid_templates: backup: frequently: 0 hourly: 48 daily: 90 monthly: 6 yearly: 0 autosnap: no autoprune: yes ignore: autoprune: no autosnap: no monitor: no zfs_sanoid_modules: backup: use_template: backup recursive: yes process_children_only: yes # zfs_syncoid_autosuspend: yes zfs_syncoid_target_pool: backup zfs_syncoid_sources: 'ch-prometheus': ssh_hostname: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus']) | ipaddr('address') }}" ssh_port: "{{ hostvars['ch-prometheus'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:31:00" timeout: 5h paths: nvme/vm: recursive: yes skip_parent: yes storage/vm: recursive: yes skip_parent: yes storage: recursive: yes skip_parent: yes exclude: - '^storage/vm' 'ch-phoebe': ssh_hostname: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-phoebe']) | ipaddr('address') }}" ssh_port: "{{ hostvars['ch-phoebe'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:23:00" timeout: 5h paths: nvme/vm: recursive: yes skip_parent: yes 'ch-apps': ssh_hostname: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-apps']) | ipaddr('address') }}" ssh_port: "{{ hostvars['ch-apps'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:15:00" timeout: 5h paths: storage: recursive: yes skip_parent: yes 'ch-equinox-t450s': ssh_hostname: 192.168.28.139 ssh_port: 222 paths: storage: recursive: yes skip_parent: yes