ansible/hosts.yml

275 lines
8.0 KiB
YAML

---
all:
hosts:
pikvm:
ansible_host: pikvm
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
dags:
- acme_rsync
nut_mode: netclient
nut_upsmon_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
313636333565356536333862386361393439666563353938343934623532366
433363738623862623035663138643532346330346339376437353563633365
320a33356464656230316565376339333331373832643631366562666331333
137386235666437663766313833616135303339643539353931313966623638
3962360a3131383461393435633363366437663535306430343631313935343
465343465343038383961306132653066643933646237313234326435663834
3865663534
nut_device:
name: "cps-homelab"
nut_host: "nut.monotremata.xyz"
snitch:
ansible_host: snitch
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
alpine_mode: diskless
alpine_version: v3.17
alpine_repos:
- main
suricata:
ansible_host: suricata
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
alpine_mode: data
alpine_version: v3.17
alpine_repos:
- main
- community
lbu_encrypt: true
lbu_media: mmcblk0p2
apk_cache_dir: /media/mmcblk0p2/cache
k3s_args:
- --secrets-encryption
dmcrypt_targets:
- name: "WDC WDS400T1R0A"
target: "disk0"
source_uuid: "202c924c-ee53-4321-9efd-1f776e939702"
key: "/etc/dmcrypt/key.bin"
options: "--allow-discards"
- name: "Samsung SSD 870"
target: "disk1"
source_uuid: "247ea237-54ce-45d2-9974-04344c06aba4"
key: "/etc/dmcrypt/key.bin"
options: "--allow-discards"
mounts:
- src: "/dev/mmcblk0p1"
path: "/media/mmcblk0p1"
fstype: "vfat"
opts: "noauto,defaults,ro"
passno: "0"
- src: "/media/mmcblk0p1/boot"
path: "/boot"
fstype: "none"
opts: "defaults,bind"
passno: "0"
- src: "/dev/mmcblk0p2"
path: "/media/mmcblk0p2"
fstype: "ext4"
opts: "defaults,ro"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/btr_pool"
fstype: "btrfs"
opts: "subvolid=5,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/btr_backup"
fstype: "btrfs"
opts: "subvol=btr_backup,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/log"
fstype: "btrfs"
opts: "subvol=logs,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/home"
fstype: "btrfs"
opts: "subvol=home,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/backups"
fstype: "btrfs"
opts: "subvol=backups,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/opt"
fstype: "btrfs"
opts: "subvol=opt,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/lib/builder/src"
fstype: "btrfs"
opts: "subvol=src,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/etc/rancher"
fstype: "btrfs"
opts: "subvol=rancher_config,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/lib/rancher"
fstype: "btrfs"
opts: "subvol=rancher_data,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/lib/containers"
fstype: "btrfs"
opts: "subvol=containers,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/certs"
fstype: "btrfs"
opts: "subvol=certs,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/srv/configs"
fstype: "btrfs"
opts: "subvol=configs,noatime,compress=zstd"
passno: "0"
- src: "/mnt/certs/acme"
path: "/srv/nfs/k8s/acme"
fstype: "none"
opts: "bind"
passno: "0"
nfs_exports:
- path: "/srv/nfs"
hosts:
- hostname: localhost
options:
- ro
- all_squash
- no_subtree_check
- fsid=0
- path: "/srv/nfs/k8s"
hosts:
- hostname: localhost
options:
- rw
- no_root_squash
- no_subtree_check
- sync
- crossmnt
rpi_cfg:
- "enable_uart=1"
- "otg_mode=1"
- "hdmi_group=2"
- "hdmi_mode=4"
nut_device:
name: "cps-homelab"
config:
driver: "usbhid-ups"
port: "auto"
vendorid: "0764"
productid: "0601"
product: "OR1500ERM1U"
serial: "GBULZ2000030"
vendor: "CPS"
bus: "001"
pollinterval: 15
nut_mode: netserver
nut_admin_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
396261663339336265643530373931633034326338386337363539663634663
438626465393132386134383935623061666134646130353138333561326665
330a62346364313562303633643663303430376664356461666166373232316
465653633323235653833303463366330376136356234633339396532643938
3634300a6165363061623264306339303366313365316636383631366262336
564313139303133343633353034613661633639633563356466363865643533
3937323163
nut_upsmon_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
313636333565356536333862386361393439666563353938343934623532366
433363738623862623035663138643532346330346339376437353563633365
320a33356464656230316565376339333331373832643631366562666331333
137386235666437663766313833616135303339643539353931313966623638
3962360a3131383461393435633363366437663535306430343631313935343
465343465343038383961306132653066643933646237313234326435663834
3865663534
nut_host: localhost
caladan:
ansible_host: caladan
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
alpine_mode: system
alpine_version: v3.17
alpine_repos:
- main
- community
narwhal:
ansible_host: narwhal
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
nut_mode: netclient
nut_upsmon_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
313636333565356536333862386361393439666563353938343934623532366
433363738623862623035663138643532346330346339376437353563633365
320a33356464656230316565376339333331373832643631366562666331333
137386235666437663766313833616135303339643539353931313966623638
3962360a3131383461393435633363366437663535306430343631313935343
465343465343038383961306132653066643933646237313234326435663834
3865663534
nut_device:
name: "cps-homelab"
nut_host: "nut.monotremata.xyz"
fugu:
ansible_host: fugu
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/local/bin/python3
ansible_become_method: doas