---
system_lvm_volume_size_root: 3584M
system_lvm_volume_size_varlog: 5G
install:
  cloud:
    credentials: "{{ vault_hroot_robot_account }}"
    server_name: "{{ host_name }}"
  disks:
    primary: software-raid
    raid:
      level: 1
      members:
      - /dev/nvme0n1
      - /dev/nvme1n1
  system_lvm:
    size: 15G


apt_repo_components:
  - main
  - contrib  ## for zfs
  - non-free-firmware

spreadspace_apt_repo_components:
  - main
  - container


zfs_arc_size:
  min: 2GB
  max: 16GB

zfs_pools:
  storage:
    mountpoint: /srv/storage
    create_vdevs: mirror /dev/nvme0n1p3 /dev/nvme1n1p3
    properties:
      ashift: 12
      autotrim: "on"

zfs_sanoid_modules:
  storage/nextcloud:
    use_template: production
    recursive: yes
    process_children_only: yes
  storage/etherpad-lite:
    use_template: production
    recursive: yes
    process_children_only: yes
  storage/keycloak:
    use_template: production
    recursive: yes
    process_children_only: yes
  storage/onlyoffice:
    use_template: production
    recursive: yes
    process_children_only: yes


docker_pkg_provider: docker-com

docker_storage:
  type: zfs
  pool: storage
  name: docker
  properties:
    quota: 40G

kubelet_storage:
  type: zfs
  pool: storage
  name: kubelet
  properties:
    quota: 20G

kubernetes_version: 1.30.0
kubernetes_container_runtime: docker
kubernetes_standalone_max_pods: 100
kubernetes_standalone_pod_cidr: 192.168.255.0/24
kubernetes_standalone_cni_variant: with-portmap

kubernetes_standalone_local_services_tcp:
  - 25

postfix_base_mynetworks:
  - "127.0.0.0/8"
  - "[::ffff:127.0.0.0]/104"
  - "[::1]/128"
  - "{{ kubernetes_standalone_pod_cidr }}"
postfix_base_inet_protocols:
  - "ipv4"


acme_directory_server: "{{ acme_directory_server_le_live_v2 }}"
acme_client: acmetool

## TODO: remove once migration of elevate services has been done
ssh_users_root:
  - equinox
  - dan
  - brt