blob: 7892f7befe67c9e2760dd0b975cf39b05ee959fe (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
---
system_lvm_volume_size_root: 4G
install:
efi: true
disks:
primary: /dev/disk/by-id/ata-Samsung_SSD_840_Series_S14GNEACC92243K
kernel_cmdline:
- "consoleblank=0"
network:
nameservers: "{{ network_zones.lan.dns }}"
domain: "{{ host_domain }}"
primary: &_network_primary_
name: eno1
address: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) }}"
gateway: "{{ network_zones.lan.gateway }}"
interfaces:
- *_network_primary_
admin_users_host:
- equinox
apt_repo_components:
- main
- contrib ## for zfs
- non-free ## for microcode updates
spreadspace_apt_repo_components:
- container
- prometheus
ntp_variant: chrony
ntp_client:
servers:
- name: "{{ network_zones.lan.gateway }}"
options: iburst
prometheus_exporter_listen_addr: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }}"
prometheus_exporter_node_textfile_collector_scripts:
- deleted-libraries
- smartmon
- chrony
prometheus_job_multitarget_blackbox__probe:
ele-calypso:
- instance: "ssh-{{ inventory_hostname }}"
target: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }}:{{ ansible_port | default(22) }}"
module: ssh_banner
docker_pkg_provider: docker-com
docker_storage:
type: lvm
vg: "{{ host_name }}"
lv: docker
size: 5G
fs: ext4
kubelet_storage:
type: lvm
vg: "{{ host_name }}"
lv: kubelet
size: 5G
fs: ext4
kubernetes_version: 1.26.1
kubernetes_container_runtime: docker
kubernetes_standalone_cni_variant: with-portmap
zfs_arc_size:
min: 2GB
max: 8GB
zfs_pools:
storage:
mountpoint: /srv/storage
create_vdevs: raidz /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N2AYHY8E /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4ND0PVLUE /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N6PJ1CSJ /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N3YN09NC
wireguard_keys:
gwhetzner:
pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg="
priv: "{{ vault_wireguard_priv_keys.gwhetzner }}"
wireguard_gateway_tunnels:
wg-gwhetzner:
priv_key: "{{ wireguard_keys.gwhetzner.priv }}"
addresses:
- 192.168.254.2/30
default_gateway:
outer: 178.63.180.138
inner: 192.168.254.1
peers:
- pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}"
endpoint:
host: 178.63.180.138 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}"
port: 51820
keepalive_interval: 15
allowed_ips:
- 0.0.0.0/0
acme_directory_server: "{{ acme_directory_server_le_live_v2 }}"
elevate_media_share_storage:
type: zfs
pool: storage
name: share
properties:
compression: lz4
quota: 9T
elevate_media_nextcloud_base_path: /srv/nextcloud
elevate_media_nextcloud_storage:
type: lvm
vg: "{{ host_name }}"
lv: nextcloud
size: 150G
fs: ext4
elevate_media_nextcloud_instance_name: media.elevate.at
elevate_media_nextcloud_instance:
version: 25.0.3
port: 8100
hostnames:
- media.elevate.at
- media.elev8.at
admin:
username: admin
password: "{{ vault_nextcloud_admin_passwords['media.elevate.at'] }}"
database:
type: mariadb
version: 10.8.3
password: "{{ vault_nextcloud_database_passwords['media.elevate.at'] }}"
elevate_media_nextcloud_memory_limit: 4G
elevate_media_nextcloud_max_upload_size: 20G
|