67 lines
2.0 KiB
YAML
67 lines
2.0 KiB
YAML
---
|
|
all:
|
|
vars:
|
|
client_id: "{{ CLIENT_ID }}"
|
|
client_name: "{{ CLIENT_NAME }}"
|
|
billing_model: "hybrid"
|
|
maintenance_window_start: "02:00"
|
|
maintenance_window_end: "05:00"
|
|
maintenance_window_tz: "UTC"
|
|
n8n_webhook_url: "{{ lookup('env', 'N8N_WEBHOOK_URL') }}"
|
|
human_estimate_seconds: 2700
|
|
change_freeze: false
|
|
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
|
|
|
|
children:
|
|
# --- NETWORK LAYER ---
|
|
firewalls:
|
|
children:
|
|
opnsense:
|
|
hosts:
|
|
client-fw-01:
|
|
ansible_host: "{{ FW_HOST }}"
|
|
|
|
pfsense_nodes:
|
|
# Depends on variables set in group_vars/pfsense_nodes.yml
|
|
# Set variables for FW_HOST in semaphore
|
|
|
|
hosts:
|
|
client-fw-01:
|
|
ansible_host: "{{ FW_HOST }}"
|
|
ansible_port: 22222
|
|
ansible_user: "{{ FW_USER }}"
|
|
ansible_ssh_private_key_file: "~/.ssh/client_{{ CLIENT_SLUG }}"
|
|
ha_role: "primary" # Use: primary | backup
|
|
#ha_peer: "client-fw-02" # Uncomment if this node is part an HA pair
|
|
# To perform upgrade the following to true (or set in pfsense_nodes.yml):
|
|
# perform_upgrade: true
|
|
# allow_major_upgrade: true
|
|
# --- INFRASTRUCTURE ---
|
|
hypervisors:
|
|
children:
|
|
proxmox:
|
|
hosts:
|
|
client-pv-01:
|
|
ansible_host: "{{ PV_HOST }}"
|
|
xcp:
|
|
hosts:
|
|
client-xcp-01:
|
|
ansible_host: "{{ XCP_HOST }}"
|
|
|
|
# --- WORKSTATIONS/SERVERS ---
|
|
linux_hosts:
|
|
hosts: {}
|
|
vars:
|
|
ansible_user: root
|
|
ansible_ssh_private_key_file: "~/.ssh/client_{{ CLIENT_SLUG }}"
|
|
os_family: "debian"
|
|
|
|
windows_hosts:
|
|
hosts: {}
|
|
vars:
|
|
ansible_user: Administrator
|
|
ansible_connection: winrm
|
|
ansible_winrm_transport: ntlm
|
|
ansible_winrm_server_cert_validation: validate
|
|
ansible_port: 5986
|