--- raspios_variant: lite raspios_arch: arm64 network: nameservers: "{{ network_zones.lan.dns }}" domain: "{{ host_domain }}" primary: &_network_primary_ name: eth0 address: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) }}" gateway: "{{ network_zones.lan.gateway }}" interfaces: - *_network_primary_ raspios_boot_config: - regexp: '^#?dtparam=i2c_vc' line: 'dtparam=i2c_vc=on' - regexp: '^#?dtoverlay=i2c-rtc' line: 'dtoverlay=i2c-rtc,rv3028,i2c0' ## TODO: eeprom config... # POWER_OFF_ON_HALT=1 # WAKE_ON_GPIO=0 base_entropy_generator: rngd apt_repo_components: - main - contrib ## for zfs - non-free-firmware spreadspace_apt_repo_components: - prometheus prometheus_exporter_node_textfile_collector_scripts: - deleted-libraries - smartmon prometheus_exporters_extra: - ssl prometheus_job_multitarget_blackbox__probe: ch-mon: - instance: "ssh-{{ inventory_hostname }}" target: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }}:{{ ansible_port | default(22) }}" module: ssh_banner prometheus_job_multitarget_ssl__probe: ch-epimetheus: - instance: "sslcert-prometheus-{{ inventory_hostname }}" target: "/etc/ssl/prometheus/**/*.pem" module: file luks_devices: crypto-sata0: passphrase: "{{ vault_luks_devices['crypto-sata0'].passphrase }}" device: /dev/disk/by-id/ata-ST4000VN008-2DR166_ZGY976JP crypto-sata1: passphrase: "{{ vault_luks_devices['crypto-sata1'].passphrase }}" device: /dev/disk/by-id/ata-ST4000VN008-2DR166_ZDHAVYJT crypto-sata2: passphrase: "{{ vault_luks_devices['crypto-sata2'].passphrase }}" device: /dev/disk/by-id/ata-ST4000VN008-2DR166_ZGY9802C crypto-sata3: passphrase: "{{ vault_luks_devices['crypto-sata3'].passphrase }}" device: /dev/disk/by-id/ata-ST4000VN008-2DR166_ZDHADPQL zfs_from_backports: yes zfs_arc_size: min: 1GB max: 2GB zfs_pools: backup: mountpoint: /srv/backup create_vdevs: raidz /dev/mapper/crypto-sata0 /dev/mapper/crypto-sata1 /dev/mapper/crypto-sata2 /dev/mapper/crypto-sata3 zfs_sanoid_templates: backup: frequently: 0 hourly: 48 daily: 90 monthly: 6 yearly: 0 autosnap: no autoprune: yes ignore: autoprune: no autosnap: no monitor: no zfs_sanoid_modules: backup: use_template: backup recursive: yes process_children_only: yes zfs_syncoid_autosuspend: disks zfs_syncoid_autosuspend_disks: "{{ luks_devices | dict2items | map(attribute='value.device') }}" zfs_syncoid_target_pool: backup zfs_syncoid_sources: 'ch-prometheus': ssh_hostname: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets['ch-prometheus']) | ansible.utils.ipaddr('address') }}" ssh_port: "{{ hostvars['ch-prometheus'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:31:00" timeout: 5h paths: nvme/vm: recursive: yes skip_parent: yes storage/vm: recursive: yes skip_parent: yes storage: recursive: yes skip_parent: yes exclude: - '^storage/vm' 'ch-phoebe': ssh_hostname: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets['ch-phoebe']) | ansible.utils.ipaddr('address') }}" ssh_port: "{{ hostvars['ch-phoebe'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:23:00" timeout: 5h paths: nvme/vm: recursive: yes skip_parent: yes 'ch-apps': ssh_hostname: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets['ch-apps']) | ansible.utils.ipaddr('address') }}" ssh_port: "{{ hostvars['ch-apps'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:15:00" timeout: 5h paths: storage: recursive: yes skip_parent: yes 'ch-mimas': ssh_hostname: "{{ hostvars['ch-mimas'].external_ip }}" ssh_port: "{{ hostvars['ch-mimas'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:10:00" timeout: 5h paths: storage: recursive: yes skip_parent: yes 'ch-atlas': ssh_hostname: "{{ hostvars['ch-atlas'].vm_host.network.bridges.public.prefix | ansible.utils.ipaddr(hostvars['ch-atlas'].vm_host.network.bridges.public.offsets['ch-atlas']) | ansible.utils.ipaddr('address') }}" ssh_port: "{{ hostvars['ch-atlas'].ansible_port }}" report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector" periodic: schedule: "*-*-* 00,06,12,18:05:00" timeout: 5h paths: ssd/vm: recursive: yes skip_parent: yes 'ch-equinox-ws': ssh_hostname: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets['ch-equinox-ws']) | ansible.utils.ipaddr('address') }}" ssh_port: "{{ hostvars['ch-equinox-ws'].ansible_port }}" paths: storage: recursive: yes skip_parent: yes periodic: schedule: "*-*-* 04:20:00" timeout: 2h 'sk-2019vm': ssh_hostname: "{{ hostvars['sk-2019vm'].external_ip }}" ssh_port: "{{ hostvars['sk-2019vm'].ansible_port }}" paths: #storage/mas: {} storage/streamstats: {} storage/vm: recursive: yes skip_parent: yes periodic: schedule: "*-*-* 02:10:00" timeout: 2h 'ch-equinox-t450s': ssh_hostname: 192.168.28.139 ssh_port: 222 paths: storage: recursive: yes skip_parent: yes