1
0
Fork 0
home-stack-ansible/group_vars/all.yml

299 lines
12 KiB
YAML

users:
marchambault:
# generated with `openssl passwd -salt <salt> -1 <plaintext>`
default_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
35393364373830636539356334653263306262613038643231313762626537383637616534643237
3433636332383765653665643235633464343433636435300a623365666266366665363966303033
34656561653763636438303166363631636138616563636331323866643166323232353834376165
3939303664343638300a326131333663333365373036666634363235636663333465343337313638
39356365633332643132336438373131313239653231383735656436636332303034303466626232
3461626364346238666434303839373839633661616166613364
authorized_keys:
- https://github.com/badjware.keys
haproxy:
routing:
https:
- frontend:
- cloud.badjware.dev
- code.badjware.dev
- drone.badjware.dev
- ci.badjware.dev
- grafana.badjware.dev
# - jellyfin.badjware.dev
- chat.badjware.dev
backend:
- server: 192.168.20.20:8443
- server: 192.168.20.21:8443
- server: 192.168.20.22:8443
- server: 192.168.20.23:8443
- server: 192.168.20.24:8443
- server: 192.168.20.25:8443
- server: 192.168.20.20
extra_param: backup
- server: 192.168.20.21
extra_param: backup
- server: 192.168.20.22
extra_param: backup
- server: 192.168.20.23
extra_param: backup
- server: 192.168.20.24
extra_param: backup
- frontend:
- longhorn.badjware.dev
- traefik.badjware.dev
- prometheus.badjware.dev
- deluge.badjware.dev
- tavern.badjware.dev
- actual.badjware.dev
backend:
- server: 192.168.20.20:8443
- server: 192.168.20.21:8443
- server: 192.168.20.22:8443
- server: 192.168.20.23:8443
- server: 192.168.20.24:8443
- server: 192.168.20.25:8443
- server: 192.168.20.20
extra_param: backup
- server: 192.168.20.21
extra_param: backup
- server: 192.168.20.22
extra_param: backup
- server: 192.168.20.23
extra_param: backup
- server: 192.168.20.24
extra_param: backup
allowlist:
- 127.0.0.1
- 192.168.20.20/24
- 192.168.30.20/24
- 10.100.0.0/24
- frontend:
- jellyfin.badjware.dev
backend:
- server: 192.168.20.34:8096
ssl: false
- frontend:
- hass.badjware.dev
backend:
- server: 192.168.31.20:8123
ssl: false
- frontend:
- zigbee2mqtt.badjware.dev
backend:
- server: 192.168.31.20:8080
allowlist:
- 192.168.30.20 # only allow pallet
ssl: false
- frontend:
- s3.badjware.dev
backend:
- server: 192.168.20.30:9000
ssl: false
# - frontend:
# - kubernetes-dashboard.badjnet.home
# - traefik.badjnet.home
# - longhorn.badjnet.home
# - grafana.badjnet.home
# - prometheus.badjnet.home
# backend:
# - 192.168.20.20
# - 192.168.20.21
# - 192.168.20.22
# - 192.168.20.23
tcp:
- frontend: "30022" # gitea-ssh
backend:
- server: 192.168.20.20:2222
- server: 192.168.20.21:2222
- server: 192.168.20.22:2222
- server: 192.168.20.23:2222
- server: 192.168.20.24:2222
- server: 192.168.20.25:2222
- server: 192.168.20.20:30022
extra_param: backup
- server: 192.168.20.21:30022
extra_param: backup
- server: 192.168.20.22:30022
extra_param: backup
- server: 192.168.20.23:30022
extra_param: backup
- server: 192.168.20.24:30022
extra_param: backup
- server: 192.168.20.25:30022
extra_param: backup
- frontend: "58846" # deluge-daemon
backend:
- server: 192.168.20.20:58846
- server: 192.168.20.21:58846
- server: 192.168.20.22:58846
- server: 192.168.20.23:58846
- server: 192.168.20.24:58846
- server: 192.168.20.25:58846
- server: 192.168.20.20:31000
extra_param: backup
- server: 192.168.20.21:31000
extra_param: backup
- server: 192.168.20.22:31000
extra_param: backup
- server: 192.168.20.23:31000
extra_param: backup
- server: 192.168.20.24:31000
extra_param: backup
- server: 192.168.20.25:31000
extra_param: backup
- frontend: "6881" # deluge-torrent
backend:
- server: 192.168.20.20:6881
- server: 192.168.20.21:6881
- server: 192.168.20.22:6881
- server: 192.168.20.23:6881
- server: 192.168.20.24:6881
- server: 192.168.20.25:6881
- server: 192.168.20.20:31001
extra_param: backup
- server: 192.168.20.21:31001
extra_param: backup
- server: 192.168.20.22:31001
extra_param: backup
- server: 192.168.20.23:31001
extra_param: backup
- server: 192.168.20.24:31001
extra_param: backup
- server: 192.168.20.25:31001
extra_param: backup
- frontend: "11434" # ollama
backend:
- server: 192.168.20.20:11434
- server: 192.168.20.21:11434
- server: 192.168.20.22:11434
- server: 192.168.20.23:11434
- server: 192.168.20.24:11434
- server: 192.168.20.25:11434
- server: 192.168.20.20:31002
extra_param: backup
- server: 192.168.20.21:31002
extra_param: backup
- server: 192.168.20.22:31002
extra_param: backup
- server: 192.168.20.23:31002
extra_param: backup
- server: 192.168.20.24:31002
extra_param: backup
- server: 192.168.20.25:31002
extra_param: backup
letsencrypt:
domains:
- badjware.dev
- '*.badjware.dev'
email: marchambault@badjware.dev
cloudflare:
email: marchambault@badjware.dev
api_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
63633030346535666665366565663237626164343939303930663339363430653064616638343831
3365313362613934666535323261643266313630646137320a323564303234316637653234653563
30653739316665363863393839306232353833663165323962633963306330333963363239306162
3465663233383163330a313532663161653732663565396339306631326564626164393761333838
66346336396163663361333962333137336538643062343732636437626135656464366137316234
6533396561346635383166346131303438326233303831653734
# digitalocean:
# token: !vault |
# $ANSIBLE_VAULT;1.1;AES256
# 35643864626166636564363831336663363335356530316464353864643030316662633230343763
# 3439343831386632366137376137383936396164646237640a633132356332636134653832666636
# 63386235636632613666393036643737633635613139326362353166653264633536633037306632
# 3461313436326139330a366265343131366436653635623138373736353262653633666337623935
# 31653964336664313261373031613566636337643934316430306638626631633434366164306639
# 30616238613334633933343339393938326561633036633062323463636161336665373732626330
# 37386264353239353435643266333033353931336637343038353765396134333763386637653638
# 35343739666634323562
wireguard:
address: 10.100.0.1/24
port: 7353
peers:
# pixel
- public_key: 3mkPtY29F3/0WhSIEUkSAHJexJWOJfFzc6LOzBX9Hjc=
allowed_ips: 10.100.0.2/32
# pallet
# - public_key: ZbLgn0EnkKbv8L6nxysix/fRoASNGFIIvEuLn/aLbm4=
# allowed_ips: 10.100.0.3/32
zigbee2mqtt:
serial:
port: /dev/serial/by-id/usb-Silicon_Labs_Sonoff_Zigbee_3.0_USB_Dongle_Plus_0001-if00-port0
hydroqc2mqtt:
version: 1.2.0
hydroquebec:
username: !vault |
$ANSIBLE_VAULT;1.1;AES256
37396435663264653032376432313063666364353761303765356437383861303366323533363066
6661393635636230616264346235373132643164303436340a663937613063633432383932356638
35663432333137666133646633346431313934326263663962316361663938663132376566353433
3736633436616363630a623438373264393031363362356662313038393835386261653961633661
64386233613561663139343435636232623932353338333062396265373138393862
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
61356433363930303239653231623766303130393962303666363438373365326133626131363230
3632656132336463386463373532396366393234326239340a643763393030626139313337326263
39616431636262616463386561636633653032346363313362646239643664633065363066336434
3339356430393765650a386561303332636434643935353735626234396266616132666465363033
62386336316437636233626332666361303963386365663733636533646163353561
customer: !vault |
$ANSIBLE_VAULT;1.1;AES256
32363839636334636261316134303366373731313966303365363031343935393033356635303161
3631393633616539363734373064356137393361346530620a303639356666306539613163636565
65643232663963393136396637623335396533313736616634316338616534633834653066343563
6663333737656464610a643161353236323630383837316562393233303361643339616630303934
3230
account: !vault |
$ANSIBLE_VAULT;1.1;AES256
38353533356530616532306539663561353266616364363963376432663666323131313739303265
6235646232323036623566346233626635643361616532370a626663623362653134303633383538
37616635326531623033353066316231393636333331643765616138386235343264376665393430
3830366336663861370a613464373866636136633361306433386430303864653139383731396434
3861
contract: !vault |
$ANSIBLE_VAULT;1.1;AES256
31616638626566366135386632303465383631646131633835386131366663353830316330323937
6161373134363433363737396434343462313335303735630a316338346332393139346434376231
65333362663362313638623064353365653464616638633139323361343162316130633131656230
3731326339666563360a396131373637343631623331373263663632336663626461646362363565
3532
homeassistant:
token: !vault |
$ANSIBLE_VAULT;1.1;AES256
31333333316533626430363132386665633238666537303936626438613738353134616437303635
3836636664363164313630303031663161653436323431320a393031656463376362633461653439
66643939643766306631303064653737633435636465333465343636623933393162303930366538
6465363062393038320a626139323362383263643662613737616266613535396334633566663833
66353638643465383539383539616337363333613366353865376666323736663633623236303239
63626134333765623138323231646234373234633163366433316439393762303763333865656331
34306431363239656161643964623565623232326366303362363330396263643636636636373435
65353234613433376531393836373635656165613539646133366238396139663665623465326436
30353539346332626564316335663731663631613965316433373863633137333564356233613139
63626330636561326564373431373961376332613836666562623832663632663764336333333036
62393635323130333535353634303238376161333462636437666436386663313464623661633030
37666361346139646534663632333762636464363566363933626634353730373163323231303162
66363939656339373365303532313365333964326139643261653832653132636237
homeassistant:
version: 2024.1.3
nut_server:
ansible_host: usbip
ups:
liebert-psi:
driver: usbhid-ups
vendorid: "10af"
productid: "0001"
nut_client:
ups: liebert-psi
sched:
# How many seconds we are allowed to run on battery
on_bat: 300 # 5 minutes