ansible-msp-automations/inventories/clients/danchilla/client_template/hosts.yml

---
all:
  vars:
    client_id: "CLIENT_ID"
    client_name: "Client Name"
    billing_model: "hybrid"
    maintenance_window_start: "02:00"
    maintenance_window_end: "05:00"
    maintenance_window_tz: "UTC"
    n8n_webhook_url: "{{ lookup('env', 'N8N_WEBHOOK_URL') }}"
    human_estimate_seconds: 2700
    change_freeze: false
    ansible_ssh_extra_args: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"

  children:
    # --- NETWORK LAYER ---
    firewalls:
      children:
        opnsense:
          hosts:
            client-fw-01:
              ansible_host: "{{ FW_HOST }}"

        pfsense:
          hosts:
            client-fw-01:
              ansible_host: "{{ FW_HOST }}"
              ansible_port: 22222
              ha_role: "primary"        # Use: primary | backup
              #ha_peer: "client-fw-02"  # Uncomment if this node is part an HA pair

    # --- INFRASTRUCTURE ---
    hypervisors:
      children:
        proxmox:
          hosts:
            client-pv-01:
              ansible_host: "{{ PV_HOST }}"
        xcp:
          hosts:
            client-xcp-01:
              ansible_host: "{{ XCP_HOST }}"

    # --- WORKSTATIONS/SERVERS ---
    linux_hosts:
      hosts: {}
      vars:
        ansible_user: root
        ansible_ssh_private_key_file: "~/.ssh/client_key"
        os_family: "debian"

    windows_hosts:
      hosts: {}
      vars:
        ansible_user: Administrator
        ansible_connection: winrm
        ansible_winrm_transport: ntlm
        ansible_winrm_server_cert_validation: validate
        ansible_port: 5986