---

# ansible overrides

ansible_hostname: "{{ ansible_host }}"
ansible_become_method: su

# roles overrides

wireguard_domain_controller: "{{ __global_domain_controller }}"
relayd_domain_name: "{{ __domain_name }}"
nfsclient_server: stack0
httpd_use_nfs: true
acme_rules: "[
    {% for rule in __services if 'domain' in rule %}
    {{ {'domain': rule.domain} }},
    {% endfor %}
  ]"
pf_rules: "[
    {% for rule in __services if
        'port' in rule and 'protocol' in rule and 'name' in rule %}
    {{ {'name': rule.name, 'port': rule.port, 'protocol': rule.protocol} }},
    {% endfor %}
  ]"
relayd_rules: "[
    {% for rule in __services if
        'domain' in rule and 'port' in rule %}
    {{ {'name': rule.name, 'domain': rule.domain, 'port': rule.port} }},
    {% endfor %}
  ]"

# playbook specific

__is_vm: false

__ip:
  external:
  internal:

__services: {}
__domain_name: rgoncalves.se

__global_domain_controller: dc0
__global_domain_name_hosts: owo
__global_domain_name_servers:
  - 8.8.8.8
  - 1.1.1.1

__global_services:
  - name: ssh
    protocol: tcp
    port: 22

  - name: healthcheck
    protocol: tcp
    port: 8000
    is_public: true