---

# ansible overrides

ansible_hostname: "{{ ansible_host }}"
ansible_become_method: su
ansible_port: 22

# custom variables
# secrets and globals

__ip:
  external:
  internal:

__services: {}
__users: "{{ __secrets__users }}"
__domain_name: rgoncalves.se

__global_domain_controller: ams-dcontroller-01
__global_domain_name_hosts: owo
__global_domain_name_servers:
  - 8.8.8.8
  - 1.1.1.1

__global_services:
  - name: ssh
    protocol: tcp
    port: 22

  - name: healthcheck
    protocol: tcp
    port: 8000
    is_public: true

# roles overrides

nextcloud__db_password: "{{ lookup(
  'ansible.builtin.password',
  'secrets/files/passwords/' + inventory_hostname + '_nextcloud__db.txt',
  )}}"
nextcloud__admin_password: "{{ lookup(
  'ansible.builtin.password',
  'secrets/files/passwords/' + inventory_hostname + '_nextcloud__admin.txt',
  )}}"
nextcloud__admin_email: contact@rgoncalves.se

httpd__log_format: forwarded

wireguard__domain_controller: "{{ __global_domain_controller }}"
relayd__domain_name: "{{ __domain_name }}"
acme__rules: "[
    {% for rule in __services if 'domain' in rule %}
    {{ {'domain': rule.domain} }},
    {% endfor %}
  ]"
pf__rules: "[
    {% for rule in __services if
        'port' in rule and 'protocol' in rule and 'name' in rule %}
    {{ {'name': rule.name, 'port': rule.port, 'protocol': rule.protocol} }},
    {% endfor %}
  ]"
relayd__rules: "[
    {% for rule in __services if
        'domain' in rule and 'port' in rule %}
    {{ {'name': rule.name, 'domain': rule.domain, 'port': rule.port} }},
    {% endfor %}
  ]"
httpd__rules: "[
    {% for rule in __services if
        'domain' in rule and 'port' in rule %}
    {{ {
        'name': rule.name,
        'domain': rule.domain,
        'port': rule.port,
        'extra': rule.extra if rule.extra is defined else {}
    } }},
    {% endfor %}
  ]"

unix_users__users: "[
    {% for user in __users %}
    {{ {
        'username': user.username,
        'comment': user.firstname + ' ' + user.lastname
    } }},
    {% endfor %}
  ]"

sshd_keys__dir: secrets/files/authorized_keys

nextcloud__users: "[
    {% for user in __users %}
    {{ {
        'username': user.username,
        'display_name': user.firstname + ' ' + user.lastname,
        'email': user.email if user.email else '',
    } }},
    {% endfor %}
  ]"