---
install:
  efi: true
  disks:
    primary: /dev/disk/by-id/ata-Samsung_SSD_840_Series_S14GNEACC92243K
  system_lvm:
    volumes:
    - name: root
      size: 3584M
      filesystem: ext4
      mountpoint: /
    - name: var
      size: 1280M
      filesystem: ext4
      mountpoint: /var
    - name: var+log
      size: 768M
      filesystem: ext4
      mountpoint: /var/log
      mount_options:
      - noatime
      - nodev
      - noexec
  kernel_cmdline:
    - "consoleblank=0"

network:
  # nameservers: "{{ network_zones.lan.dns }}"
  nameservers:
  - 1.1.1.1
  domain: "{{ host_domain }}"
  primary: &_network_primary_
    name: eno1
    # address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
    # gateway: "{{ network_zones.lan.gateway }}"
    address: "192.168.28.99/24"
    gateway: "192.168.28.254"
  interfaces:
  - *_network_primary_


admin_users_host:
  - equinox

apt_repo_components:
  - main
  - contrib  ## for zfs
  - non-free ## for microcode updates

spreadspace_apt_repo_components:
  - container


docker_pkg_provider: docker-com

docker_storage:
  type: lvm
  vg: "{{ host_name }}"
  lv: docker
  size: 5G
  fs: ext4

kubelet_storage:
  type: lvm
  vg: "{{ host_name }}"
  lv: kubelet
  size: 5G
  fs: ext4

kubernetes_version: 1.23.3
kubernetes_container_runtime: docker
kubernetes_standalone_cni_variant: with-portmap


zfs_arc_size:
  min: 2GB
  max: 8GB

zfs_pools:
  storage:
    mountpoint: /srv/storage
    create_vdevs: raidz /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N2AYHY8E /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4ND0PVLUE /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N6PJ1CSJ /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N3YN09NC


wireguard_keys:
  gwhetzner:
    pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg="
    priv: "{{ vault_wireguard_priv_keys.gwhetzner }}"

wireguard_gateway_tunnels:
  wg-gwhetzner:
    priv_key: "{{ wireguard_keys.gwhetzner.priv }}"
    addresses:
    - 192.168.254.2/30
    default_gateway:
      outer: 178.63.180.138
      inner: 192.168.254.1
    peers:
    - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}"
      endpoint:
        host: 178.63.180.138 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}"
        port: 51820
      keepalive_interval: 15
      allowed_ips:
      - 0.0.0.0/0


## TODO: switch to production acme server once testing is done
# acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}"


elevate_media_share_storage:
  type: zfs
  pool: storage
  name: share
  properties:
    compression: lz4
    quota: 9T


elevate_media_nextcloud_storage:
  type: lvm
  vg: "{{ host_name }}"
  lv: nextcloud
  size: 150G
  fs: ext4

elevate_media_nextcloud_instance:
  new: true
  version: 23.0.0
  port: 8100
  hostnames:
  - media.elevate.at
  - media.elev8.at
  database:
    type: mariadb
    version: 10.7.1
    password: "{{ vault_nextcloud_database_passwords['team.tomwaitz.eu'] }}"



### legacy stuff

# dyndns:
#   server: ch-pan

# network_setup: elevate-festival