---
install_jumphost: ch-jump

install:
  vm:
    memory: 1G
    numcpus: 1
    autostart: False
  disks:
    primary: /dev/sda
    scsi:
      sda:
        type: zfs
        name: root
        size: 10g
        properties:
          'syncoid:sync': 'false'
  interfaces:
  - bridge: br-svc
    name: svc0

network:
  nameservers: "{{ network_zones.svc.dns }}"
  domain: "{{ host_domain }}"
  systemd_link:
    interfaces: "{{ install.interfaces }}"
  primary: &_network_primary_
    name: svc0
    address: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets[inventory_hostname]) }}"
    gateway: "{{ network_zones.svc.gateway }}"
    static_routes:
    - destination: "{{ network_zones.lan.prefix }}"
      gateway: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ansible.utils.ipaddr('address') }}"
  interfaces:
  - *_network_primary_

ntp_variant: systemd-timesyncd



###
whawty_auth_store:
  name: foo
  config:
    basedir: "/var/lib/whawty/auth/foo"
    default: 1
    params:
    - id: 1
      argon2id:
        time: 1
        memory: 65536 ## 64 MB
        threads: 4
        length: 32
  permissions:
    owner: root
    group: foo
    file-mode: "0640"
    dir-mode: "0750"
  sync:
    type: client
    hostname: 192.168.32.1
    port: 3022
    user: sync