# When adding a new host:
# 1. create new user `useradd -m -G sudo -s /bin/bash ansible`
# 2. configure user password `passwd ansible` (set password to badjnet/ssh/ansible)

# Actual config starts here
all:
  hosts:
    pfsense:
      ansible_host: 192.168.30.1
    truenas:
      ansible_host: 192.168.20.30
  children:
    proxmox:
      hosts:
        router-0:
          ansible_host: 192.168.10.10
        server-0:
          ansible_host: 192.168.10.11
          vfio_pci_ids:
            - '1000:0086' # Broadcom / LSI SAS2308 PCI-Express Fusion-MPT SAS-2
    bastion:
      hosts:
        bastion:
          ansible_host: 192.168.20.10
          users_enable_sudo: false
    plex:
      hosts:
        plex:
          ansible_host: 192.168.20.31
          nfs_libraries:
            - 192.168.20.30:/mnt/pool0/media/Movies
            - 192.168.20.30:/mnt/pool0/media/Series
    minecraft-server:
      hosts:
        minecraft-server:
          ansible_host: 192.168.20.32
          mc_server_jar: https://piston-data.mojang.com/v1/objects/5b868151bd02b41319f54c8d4061b8cae84e665c/server.jar
          mc_server_memory: 3500M
          mc_server_ops:
            - uuid: 649a9370-5cad-4553-93c8-cf0af25208dd
              name: jirost
              level: 4
    cups:
      hosts:
        cups:
          ansible_host: cups.local
    k3s:
      children:
        k3s-server:
          hosts:
            k3s-server0:
              ansible_host: 192.168.20.20
              platform: vm
              k3s_extra_args: --node-taint kubernetes.io/arch=amd64:PreferNoSchedule
        k3s-agent:
          hosts:
            k3s-agent0:
              ansible_host: 192.168.20.21
              platform: raspberrypi
            k3s-agent1:
              ansible_host: 192.168.20.22
              platform: raspberrypi
            k3s-agent2:
              ansible_host: 192.168.20.23
              platform: raspberrypi
            k3s-agent3:
              ansible_host: 192.168.20.24
              platform: raspberrypi
    generic-linux:
      hosts:
        ubiquiti:
          ansible_host: 192.168.10.2
        pihole:
          ansible_host: 192.168.20.2
      children:
        proxmox:
        bastion:
        k3s:
        plex:
        minecraft-server:
        cups:
      vars:
        ansible_user: ansible
        ansible_password: !vault |
                $ANSIBLE_VAULT;1.1;AES256
                34376132666239383830316437356430306535396466396537323833633137376239386464343363
                6234303430623964353762383935323335383737666533390a643033363235383138393932393833
                34633732646430383131643662626635373661373261323365366531316439653963353739383664
                6139363534616231380a373931333530373339653132626238333566663362343663623532393330
                35616230643533363032623066376536366236353335373130643262613561396131
        ansible_become: 'yes'
        ansible_become_password: !vault |
                $ANSIBLE_VAULT;1.1;AES256
                34376132666239383830316437356430306535396466396537323833633137376239386464343363
                6234303430623964353762383935323335383737666533390a643033363235383138393932393833
                34633732646430383131643662626635373661373261323365366531316439653963353739383664
                6139363534616231380a373931333530373339653132626238333566663362343663623532393330
                35616230643533363032623066376536366236353335373130643262613561396131