--- system_lvm_volume_size_root: 3072M install: cloud: credentials: "{{ vault_hroot_robot_account }}" server_name: "{{ host_name }}" disks: primary: software-raid raid: level: 1 members: - /dev/nvme0n1 - /dev/nvme1n1 system_lvm: size: 10G network: nameservers: "{{ vm_host.network.dns }}" domain: "{{ host_domain }}" interfaces: - name: br-public address: "{{ vm_host.network.bridges.public.prefix | ansible.utils.ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) }}" external_ip: "94.130.129.165" base_intel_nic_stability_fix: true ssh_users_root: - equinox - dan ssh_keys_root_extra: - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus apt_repo_components: - main - contrib ## for zfs - non-free ## for microcode updates luks_volumes: crypto-nvme0: passphrase: "{{ vault_luks_volumes['crypto-nvme0'].passphrase }}" device: /dev/disk/by-id/nvme-eui.0025388291b201dc-part3 crypto-nvme1: passphrase: "{{ vault_luks_volumes['crypto-nvme1'].passphrase }}" device: /dev/disk/by-id/nvme-eui.0025388291b201cb-part3 zfs_arc_size: min: 2GB max: 8GB zfs_pools: storage: mountpoint: /srv/storage create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 properties: ashift: 12 autotrim: "on" zfs_sanoid_modules: storage/vm: use_template: production hourly: 0 ## TODO: re-enable backups once the disk has been cleaned up daily: 0 ## recursive: yes process_children_only: yes storage/vm/sk-testvm: use_template: ignore recursive: yes