---

# ansible overrides

ansible_hostname: "{{ ansible_host }}"
ansible_become_method: su
ansible_port: 22

# custom variables
# secrets and globals

__ip:
  external:
  internal:

__services: {}
__users: "{{ __secrets__users }}"
__domain_name: rgoncalves.se

__global_domain_controller: dc0
__global_domain_name_hosts: owo
__global_domain_name_servers:
  - 8.8.8.8
  - 1.1.1.1

__global_services:
  - name: ssh
    protocol: tcp
    port: 22

  - name: healthcheck
    protocol: tcp
    port: 8000
    is_public: true

# roles overrides

httpd__log_format: forwarded

wireguard_domain_controller: "{{ __global_domain_controller }}"
relayd__domain_name: "{{ __domain_name }}"
acme__rules: "[
    {% for rule in __services if 'domain' in rule %}
    {{ {'domain': rule.domain} }},
    {% endfor %}
  ]"
pf__rules: "[
    {% for rule in __services if
        'port' in rule and 'protocol' in rule and 'name' in rule %}
    {{ {'name': rule.name, 'port': rule.port, 'protocol': rule.protocol} }},
    {% endfor %}
  ]"
relayd__rules: "[
    {% for rule in __services if
        'domain' in rule and 'port' in rule %}
    {{ {'name': rule.name, 'domain': rule.domain, 'port': rule.port} }},
    {% endfor %}
  ]"
httpd__rules: "[
    {% for rule in __services if
        'domain' in rule and 'port' in rule %}
    {{ {
        'name': rule.name,
        'domain': rule.domain,
        'port': rule.port,
        'extra': rule.extra if rule.extra is defined else {}
    } }},
    {% endfor %}
  ]"

unix_users__users: "[
    {% for user in __users %}
    {{ {
        'username': user.username,
        'comment': user.firstname + ' ' + user.lastname
    } }},
    {% endfor %}
  ]"

sshd_keys__users: "[
    {% for user in __users %}
      {{ user.username }},
    {% endfor %}
  ]"