blob: f780275038b096c17b229afb35df6a0a6b269bfc (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
|
---
install_jumphost: ch-jump
install:
vm:
memory: 12G
numcpus: 8
autostart: True
disks:
primary: /dev/sda
scsi:
sda:
type: zfs
name: root
size: 25g
sdb:
type: zfs
name: data
size: 100g
properties:
'syncoid:sync': 'false'
system_lvm:
volumes:
- name: root
size: 4G
filesystem: ext4
mountpoint: /
- name: var
size: 1280M
filesystem: ext4
mountpoint: /var
- name: var+log
size: 768M
filesystem: ext4
mountpoint: /var/log
mount_options:
- noatime
- nodev
- noexec
interfaces:
- bridge: br-svc
name: svc0
network:
nameservers: "{{ network_zones.svc.dns }}"
domain: "{{ host_domain }}"
systemd_link:
interfaces: "{{ install.interfaces }}"
primary: &_network_primary_
name: svc0
address: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
gateway: "{{ network_zones.svc.gateway }}"
static_routes:
- destination: "{{ network_zones.lan.prefix }}"
gateway: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ipaddr('address') }}"
interfaces:
- *_network_primary_
apt_repo_components:
- main
- contrib ## for zfs
spreadspace_apt_repo_components:
- container
- prometheus
ssh_keys_root_extra:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus
prometheus_job_multitarget_blackbox__probe:
ch-mon:
- instance: "ssh-{{ inventory_hostname }}"
target: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address') }}:{{ ansible_port | default(22) }}"
module: ssh_banner
zfs_arc_size:
min: 512MB
max: 2GB
zfs_pools:
storage:
mountpoint: /srv/storage
create_vdevs: /dev/sdb
zfs_sanoid_modules:
storage:
use_template: production
recursive: yes
process_children_only: yes
storage/docker:
use_template: ignore
recursive: yes
storage/kubelet:
use_template: ignore
recursive: yes
docker_pkg_provider: docker-com
docker_storage:
type: zfs
pool: storage
name: docker
properties:
quota: 10G
'syncoid:sync': 'false'
kubelet_storage:
type: zfs
pool: storage
name: kubelet
properties:
quota: 10G
'syncoid:sync': 'false'
kubernetes_version: 1.23.2
kubernetes_container_runtime: docker
kubernetes_standalone_max_pods: 42
kubernetes_standalone_cni_variant: with-portmap
alerta_base_path: /srv/storage/alerta
alerta_storage:
type: zfs
pool: storage
name: alerta
properties:
quota: 1G
'syncoid:sync': 'false'
alerta_web_version: 8.7.0
alerta_postgres_version: 14.2
alerta_redis_version: 6.2.6
alerta_web_secret_key: "{{ vault_alerta_web_secret_key }}"
alerta_postgres_password: "{{ vault_alerta_postgres_password }}"
alerta_default_environment: unknown
alerta_environments:
- unknown
- chaos-at-.*
alerta_plugins:
- reject
- blackout
- heartbeat
- amqp
alerta_plugin_heartbeat:
events:
- PrometheusAlertmanagerE2eDeadManSwitch
alerta_mailer:
severities: critical, warning
smtp_host: 192.168.28.250
smtp_port: 25
smtp_starttls: False
skip_mta: False
mail_to: equinox@chaos-at-home.org
mail_from: noreply@chaos-at-home.org
dashboard_url: http://192.168.32.1:8080
|