---
all:
  vars:
    client_id: "GPT-001"
    client_name: "GP Technologies"
    billing_model: "hybrid"
    maintenance_window_start: "02:00"
    maintenance_window_end: "05:00"
    maintenance_window_tz: "UTC"
    change_freeze: false
    hypervisor_type: "none"
    vpn_type: "none"
    auto_reboot: false
    human_estimate_seconds: 2700


  children:

    firewalls:
      children:
        pfsense_nodes:
          hosts:
            fw1-gpt:
              vendor: "pfsense"
              ansible_host: "fw1.gptechnologies.com"
              ansible_port: 22222
              ansible_user: "{{ fw_user }}"
              ansible_password: "{{ vault_fw_password }}"
              ansible_ssh_private_key_file: ~/.ssh/client_{{ CLIENT_SLUG }}
              ha_role: "primary"
              ha_peer: "fw2-gpt"  # Uncomment if this node is part of an HA pair
            fw2-gpt:
              vendor: "pfsense"
              ansible_host: "fw2.gptechnologies.com"
              ansible_port: 22222
              ansible_user: "{{ fw_user }}"
              ansible_password: "{{ vault_fw_password }}"
              ansible_ssh_private_key_file: ~/.ssh/client_{{ CLIENT_SLUG }}
              ha_role: "backup"
              ha_peer: "fw1-gpt"  # Uncomment if this node is part of an HA pair

    linux_hosts:
      hosts: {}
      vars:
        ansible_user: root
        os_family: "debian"

    windows_hosts:
      hosts: {}
      vars:
        ansible_user: Administrator
        ansible_connection: winrm
        ansible_winrm_transport: ntlm
        ansible_winrm_server_cert_validation: validate
        ansible_port: 5986