# When adding a new host:
# 1. create new user `useradd -m -G sudo -s /bin/bash ansible`
# 2. configure user password `passwd ansible` (set password to badjnet/ssh/ansible)

# These will throw some warnings that can be safely be ignored
.user_config: &user_config
  ansible_user: ansible
  ansible_password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          34376132666239383830316437356430306535396466396537323833633137376239386464343363
          6234303430623964353762383935323335383737666533390a643033363235383138393932393833
          34633732646430383131643662626635373661373261323365366531316439653963353739383664
          6139363534616231380a373931333530373339653132626238333566663362343663623532393330
          35616230643533363032623066376536366236353335373130643262613561396131
  ansible_become: 'yes'
  ansible_become_password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          34376132666239383830316437356430306535396466396537323833633137376239386464343363
          6234303430623964353762383935323335383737666533390a643033363235383138393932393833
          34633732646430383131643662626635373661373261323365366531316439653963353739383664
          6139363534616231380a373931333530373339653132626238333566663362343663623532393330
          35616230643533363032623066376536366236353335373130643262613561396131

# Actual config starts here
all:
  hosts:
    pfsense:
      ansible_host: 192.168.30.1
  children:
    proxmox:
      hosts:
        router-0:
          ansible_host: 192.168.10.10
        server-0:
          ansible_host: 192.168.10.11
          vfio_pci_ids:
            - '1000:0086' # Broadcom / LSI SAS2308 PCI-Express Fusion-MPT SAS-2
    bastions:
      hosts:
        bastion:
          ansible_host: 192.168.20.10
          users_enable_sudo: false
    plex:
      hosts:
        plex:
          ansible_host: 192.168.20.31
          nfs_libraries:
            - 192.168.20.30:/mnt/pool0/badjware/Videos/Movies
            - 192.168.20.30:/mnt/pool0/badjware/Videos/Series
    k3s:
      children:
        k3s-server:
          hosts:
            k3s-server0:
              ansible_host: 192.168.20.20
              platform: vm
              k3s_extra_args: --node-taint kubernetes.io/arch=amd64:PreferNoSchedule
        k3s-agent:
          hosts:
            k3s-agent0:
              ansible_host: 192.168.20.21
              platform: raspberrypi
            k3s-agent1:
              ansible_host: 192.168.20.22
              platform: raspberrypi
            k3s-agent2:
              ansible_host: 192.168.20.23
              platform: raspberrypi
            k3s-agent3:
              ansible_host: 192.168.20.24
              platform: raspberrypi
    debian:
      hosts:
        ubiquiti:
          ansible_host: 192.168.10.2
        pihole:
          ansible_host: 192.168.20.2
      children:
        proxmox:
        bastions:
        k3s:
        plex:
      vars:
        <<: *user_config