---
install:
  disks:
    primary: /dev/disk/by-id/ata-Samsung_SSD_840_Series_S14GNEACC92243K

network:
  nameservers: "{{ network_zones.lan.dns }}"
  domain: "{{ host_domain }}"
  primary: &_network_primary_
    name: eno1
    address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
    gateway: "{{ network_zones.lan.gateway }}"
  interfaces:
  - *_network_primary_

network_setup: elevate-festival


dyndns:
  server: ch-pan


admin_users_host:
  - equinox


nginx_pkg_variant: nginx

mysql_root_password: "{{ vault_mysql_root_password }}"


docker_daemon_config:
  bridge: "none"
  iptables: false

docker_lvm:
  vg: "{{ host_name }}"
  lv: docker
  size: 20G
  fs: ext4

acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}"

nextcloud_hostnames:
  - media.elevate.at
  - media.elev8.at

nextcloud_db:
  db: nextcloud
  user: nextcloud
  password: "{{ vault_nextcloud_db.password }}"

nextcloud_admin:
  username: admin
  password: "{{ vault_nextcloud_admin.password }}"

nextcloud_lvm:
  system:
    vg: "{{ host_name }}"
    lv: nextcloud
    size: 20G
    fs: ext4
  data:
    vg: "{{ host_name }}"
    lv: ncdata
    size: 150G
    fs: ext4


wireguard_keys:
  gwhetzner:
    pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg="
    priv: "{{ vault_wireguard_priv_keys.gwhetzner }}"

wireguard_gateway_tunnels:
  wg-gwhetzner:
    priv_key: "{{ wireguard_keys.gwhetzner.priv }}"
    addresses:
    - 192.168.254.2/30
    default_gateway:
      outer: 178.63.180.138
      inner: 192.168.254.1
    peers:
    - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}"
      endpoint:
        host: 178.63.180.138 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}"
        port: 51820
      keepalive_interval: 15
      allowed_ips:
      - 0.0.0.0/0