ansible/hosts.yml

200 lines
4.9 KiB
YAML

---
all:
hosts:
pikvm:
ansible_host: pikvm
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
dags:
- acme_rsync
snitch:
ansible_host: snitch
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
alpine_mode: diskless
alpine_version: v3.17
alpine_repos:
- main
suricata:
ansible_host: suricata
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
alpine_mode: data
alpine_version: v3.17
alpine_repos:
- main
- community
lbu_encrypt: true
lbu_media: mmcblk0p2
apk_cache_dir: /media/mmcblk0p2/cache
k3s_args:
- --secrets-encryption
dmcrypt_targets:
- name: "WDC WDS400T1R0A"
target: "disk0"
source_uuid: "202c924c-ee53-4321-9efd-1f776e939702"
key: "/etc/dmcrypt/key.bin"
options: "--allow-discards"
- name: "Samsung SSD 870"
target: "disk1"
source_uuid: "247ea237-54ce-45d2-9974-04344c06aba4"
key: "/etc/dmcrypt/key.bin"
options: "--allow-discards"
mounts:
- src: "/dev/mmcblk0p1"
path: "/media/mmcblk0p1"
fstype: "vfat"
opts: "noauto,defaults,ro"
passno: "0"
- src: "/media/mmcblk0p1/boot"
path: "/boot"
fstype: "none"
opts: "defaults,bind"
passno: "0"
- src: "/dev/mmcblk0p2"
path: "/media/mmcblk0p2"
fstype: "ext4"
opts: "defaults,ro"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/btr_pool"
fstype: "btrfs"
opts: "subvolid=5,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/btr_backup"
fstype: "btrfs"
opts: "subvol=btr_backup,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/log"
fstype: "btrfs"
opts: "subvol=logs,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/home"
fstype: "btrfs"
opts: "subvol=home,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/backups"
fstype: "btrfs"
opts: "subvol=backups,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/opt"
fstype: "btrfs"
opts: "subvol=opt,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/lib/builder/src"
fstype: "btrfs"
opts: "subvol=src,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/etc/rancher"
fstype: "btrfs"
opts: "subvol=rancher_config,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/lib/rancher"
fstype: "btrfs"
opts: "subvol=rancher_data,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/var/lib/containers"
fstype: "btrfs"
opts: "subvol=containers,noatime,compress=zstd"
passno: "0"
- src: "/dev/mapper/disk0"
path: "/mnt/certs"
fstype: "btrfs"
opts: "subvol=certs,noatime,compress=zstd"
passno: "0"
- src: "/mnt/certs/acme"
path: "/srv/nfs/k8s/acme"
fstype: "none"
opts: "bind"
passno: "0"
nfs_exports:
- path: "/srv/nfs"
hosts:
- hostname: localhost
options:
- ro
- all_squash
- no_subtree_check
- fsid=0
- path: "/srv/nfs/k8s"
hosts:
- hostname: localhost
options:
- rw
- no_root_squash
- no_subtree_check
- sync
- crossmnt
rpi_cfg:
- "enable_uart=1"
- "otg_mode=1"
- "hdmi_group=2"
- "hdmi_mode=4"
caladan:
ansible_host: caladan
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
alpine_mode: system
alpine_version: v3.17
alpine_repos:
- main
- community
narwhal:
ansible_host: narwhal
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/bin/python3
ansible_become_method: doas
fugu:
ansible_host: fugu
ansible_user: ansible
ansible_port: 22
ansible_python_interpreter: /usr/local/bin/python3
ansible_become_method: doas