environments/configuration.yml

---

##########################################################
# Global
traefik_enable: true
host_facts: generic

##########################################################
# proxy/client

# docker ##################################################
docker_configure_proxy: true
docker_proxy_http: "http://{{ groups['manager'][0] }}:8888"
docker_proxy_https: "http://{{ groups['manager'][0] }}:8888"

docker_proxy_no_proxy_extra:
  - "landscape.scs.community"
  - "10.0.0.0/8"
  - "172.16.0.0/12"
  - "192.168.0.0/16"

# apt #####################################################
proxy_proxies:
  http: "http://{{ groups['manager'][0] }}:8888"
  https: "http://{{ groups['manager'][0] }}:8888"
proxy_no_proxy_extra:
  - "landscape.scs.community"

# Kubernetes ##############################################

proxy_env:
  HTTP_PROXY: "http://{{ groups['manager'][0] }}:8888"
  HTTPS_PROXY: "http://{{ groups['manager'][0] }}:8888"
  NO_PROXY: "localhost,127.0.0.1,landscape.scs.community,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"

##########################################################
# proxy/server

squid_configuration_directory: /opt/squid/configuration
squid_docker_compose_directory: /opt/squid

squid_host: 0.0.0.0
#squid_tag: 5.7-23.04_beta  # don't get fooled by "beta". this is actually production ready
squid_tag: edge


##########################
# system settings
motd_show_ssh: true
network_interface: "dummy0"
kernel_version_expected: 6.8

#osism_setup_gather_subset:
# - "!network_switches"
# - "!dhcp_static_nodes"

management_domain: mgmt.landscape.scs.community
management_gw: 10.10.23.254

##########################
# dnscrypt

dnscrypt_cloaks:
  - "api-internal.zone1.landscape.scs.community      10.10.21.200"
  - "api.zone1.landscape.scs.community          10.10.21.201"

############################
# kubernetes - K3s configuration
apiserver_endpoint: "10.10.21.202"
metal_lb_ip_range: "10.10.21.203-10.10.21.220"

cluster_cidr: "10.52.0.0/16"
cilium_mode: "native"

k3s_interface: "dummy0"
kube_vip_iface: "dummy0"
cilium_iface: "dummy0"

# Because the FRR instance on the node itself is responsible for propagate routes
# to the metallb endpoints, there is no need to have a extra BGP routing instance in K3s.
kube_vip_bgp: true

# ARP Broadcasts are not available in Layer3 Underlay Networks, therefore we disabled it
# to make leader election functional.
kube_vip_arp: false

##########################
# docker

docker_user: "{{ operator_user }}"


##########################
# Projects and Basic Setup

# The user in  of the "openstack" project
# (container project for flavors and images)

openstack_admin_user: "openstack-admin"
openstack_admin_email: "team@scs.community"

##########################
# operator

operator_user: dragon
operator_groups: [ "dragon", "adm", "sudo", "docker", "dialout" ]
user_sudoers_type: "user"

# The following users will get ssh login access to the sonic switches using the admin user
# and the defined public keys of the listed github accounts
operator_sonic_list:
  - "scoopex"
  - "garloff"
  - "berendt"
  - "fkr"
  - "osfrickler"
  - "zuse-z3"
  - "matofeder"
  - "MatusJenca2"
  - "gtema"
  - "jschoone"
  - "fzakfeld"

# Do not add users here, because they are deleted enirely
# please add state=absent to the users to be deleted in user_list to
# have proper numeric uid management and to not delete relevant files
# If you really want to delete a user add remove=true and force=true to the user.
user_delete:
  - "osism"

user_list:
    # The user gets a password because this is sometimes useful on the bmc console
    # for debugging in exceptional problem situations where "dragon" is not usable.
    # (i.e. extremly high load, sudo configuration and file system status of /home)
    # The system will not provide root login by ssh.
  - name: "root"
    password: "{{ operator_password_root }}"
    key: ""
  - name: "scoopex"
    key: "github"
    primary_group: dragon
    uid: 45001
    groups:
      - docker
      - dialout
  - name: "garloff"
    key: "github"
    primary_group: dragon
    uid: 45002
    groups:
      - docker
      - dialout
  - name: "berendt"
    key: "github"
    primary_group: dragon
    uid: 45003
    groups:
      - docker
      - dialout
  - name: "ignatov17"
    key: "github"
    primary_group: dragon
    uid: 45004
    state: absent
    groups:
      - docker
      - dialout
  - name: "akafazov"
    key: "github"
    primary_group: dragon
    uid: 45005
    state: absent
    groups:
      - docker
      - dialout
  - name: "fkr"
    key: "github"
    primary_group: dragon
    uid: 45006
    groups:
      - docker
      - dialout
  - name: "fdobrovolny"
    key: "github"
    primary_group: dragon
    uid: 45007
    groups:
      - docker
      - dialout
  - name: "osfrickler"
    key: "github"
    primary_group: dragon
    uid: 45008
    groups:
      - docker
      - dialout
  - name: "zuse-z3"
    key: "github"
    primary_group: dragon
    uid: 45009
    groups:
      - docker
      - dialout
  - name: "matofeder"
    key: "github"
    primary_group: dragon
    uid: 45010
    groups:
      - docker
      - dialout
  - name: "MatusJenca2"
    key: "github"
    primary_group: dragon
    uid: 45011
    groups:
      - docker
      - dialout
  - name: "gtema"
    key: "github"
    primary_group: dragon
    uid: 45012
    groups:
      - docker
      - dialout
  - name: "bitkeks"
    key: "github"
    primary_group: dragon
    uid: 45013
    state: absent
    groups:
      - docker
      - dialout
  - name: "jschoone"
    key: "github"
    primary_group: dragon
    uid: 45014
    groups:
      - docker
      - dialout
  - name: "fzakfeld"
    key: "github"
    primary_group: dragon
    uid: 45015
    groups:
      - docker
      - dialout


# yamllint disable rule:line-length
operator_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC2wE2xiuO+i3qmDvu8kCCKX7U7H1diOICbWmR2UrKIxqWgcfWMQsT3WclotJKuVJuKIWyFD6ZNwwLuvC3RxVSqhCiWjqxg3jzJBj7/C1O3IYyLGTUl/x7Cky530lf/aj4wrwt3Ketk/4QNwgget2nCvOy0S2NDCJ3rL6oIUjdJekvRrFf9IbWeX8fqYYCoh1cYJWto1XYPnhMDAB/lqtjN1ssurLSKoJg/bUT7q/KkIvvA/BOR2NMqS0aGx+bKhdkeB22V/t75Ct8ymoCYk9+MTC9i/QX20Fi7835/W7Gl18J8NiO9ebaWyYbsxZ5klWXQa5EiLLBDZ82OR88G+0FjXp1Z3VG6FcpdYpW7sxrT21HEvWOnQACZCdlzwyBJ31id/LjDRhJU6BmZm0Sa9EOJNL8XVOUUzuoa0XL1mIVTsmLpUwqLSfw6Ditb+q4afFi0iYMe3JKOt+JmftvBgeQCjNUsCzk+Ny2j6dZKv2aeF5LOQZGRM3HzG39Gkir3q1zdWmCl4lc3QQBfr5ZcdAp+wQMFSgJAudKffO9kdDVNoyjgih7rD3E+JjJdhY9//WQEEBm2vfEqm7qqEQUAELd0JBCivJmOhUVH0rGbTrnkTBtLR4Au40W5aYaNQJ7+U3hTRrvpycSC1pUU3Wq3OXJd2FRDgKQJljQcpBw4V9j8GQ==
# yamllint enable rule:line-length

# Todo: add lookup to created users instead of repeating
operator_authorized_keys_minimal: 2
operator_authorized_keys:
  - "{{ operator_public_key }}"
  - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCg4wI3FupkrmzAkQfRkqkS5CQUp3NiIf3jkFk+E7ax/hdgbaW/UjBl9j15BMv/Mmguk11OtHTDgg57VrsL+mPtortKe2DvoVQZxvtnuDhZPFXlNZWJxYkcUUoPy7OwlDjTvfX9QS27rX8Kmz+wKRWz2VSZU3IqTDho+0NX8r3Zrbtkq75nB4Fq99WOzbhdve78GmTABgQvbT5Ypm7bc77cftARWJiyprHocUizui6CdITTPpxUf98HaFo5ZP3YhnZsMlSDu2T2ofiHKXhW+Q7FHP9GiiaH173zLxXFV6LpJ/wDyI8wT3jqPE+FKXyPXKVCDohmbQHOzY5eiePSqhsRbd19wGmkqqqTtKjL9/yUPQ8Lkft0iQPvmepzrB3qL9dLBthKrLNqDAeEv3Eg9MsTTaRyVuQRDizCeySXNMgv+CoeT6PyQstKV68SwUhsCAyIok8y6hFdHSVve66De31fYvkHtMu9C/R5NuhxMuZazazKlpDN9eeBmvT4Pqc5lrc="
  - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTMjccqOa268YWdqAhP9awmMtjey/MK92gl+IwpQbxxsEW/HM/EKPGQnF0+7lD6G1W2IqJnFTM5fgWjAmIfzGeR3ySjJDlaQtZdiMHk5YR7VrgRot0odlGZpkkkJnK88xDVYqkq3xmJx39DTF8sKxfWThc1eu5c7Ws7hIvDCvFu4I5w+iPB4R2eycw//A1q3hutagyghJAXad46PgBmu1kODwQG3+sPqNyb4ruh0ODDbSlBZ1XIW4TgaYce5tR8ABlVvASafhZOw3CNK9rThhU4IG3IHvqCsGax269WrIGvSWIkI4EKjvFAEyshOcBsGwjaxm9GxrJLBLpyMVds/Rn3vu4JmupJJFHnWtEyQY6pd77TKyatRcZFjDXrGTPtiHCaMLG49RXvoeHIebjPB3bHqVWJSK5c81oSQwPZTxze5jY2LQOHmpBQ6D2l+5lkzgTQiF3EL7gD6m5Wweht++gQHJ+PnsCkaMZzoT1VdIGrzMO6Tf4O1WTQGkuD/9YtaM="
  - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACLmNpHitBkZGVbWAFxZjUATNvLjSktAKwokFIQ9Z1k"

##########################
# hosts

hosts_type: template
hosts_additional_entries:
  api-internal.zone1.landscape.scs.community: 10.10.21.200
  api.zone1.landscape.scs.community: 10.10.21.201

##########################
# ceph

# TODO: can be removed when the follwing PR is released: https://github.com/osism/defaults/pull/225
monitor_interface: "dummy0"
radosgw_interface: "dummy0"
rgw_multisite: false

ceph_cluster_fsid: 44bc2d19-fd83-4b92-a6c4-eed358e35672
# BEGIN: TLS
certificates_ca:
  - name: custom.crt
    certificate: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          38313863383533303866373064613038316464363236663364363962343330353139326435653064
          3965383666303063383466613061346366343361303862350a656562383430636538326639336632
          30373935366536373934343466616530376530313839653635393138313764383732353037616435
          3537306134323032300a663662363261343936323231393235326537373364316166343934616233
          30356330323963323664323136373734356432623363363162646464626366386430646464303739
          35353566633333623134363134363636633936393537643536313365653236646139323936396338
          63636133303939643330323432316137663039393365613434373431643839323765343339396430
          32656164636634333263393061633361373631633461353562666133306230376133353365393465
          33383231333635653362613334303966393239333966353862343434353231373466373037366466
          31313435616136376564303133623236333363393465386164643666386135353765316231386133
          62336565633331363334363065643638613931336262626231636237343537353639386332393130
          37613564633635386630633234376133636663303436363365356462656633613463383732623365
          65613735396136363134616336316563386132373938316633396265336364616662666637666330
          33666132363161643038313838393731393637326632656561353661336262636130313633313239
          30306139633436333736313461333533303935623130313261353864613666373430653538383932
          64393231336631303763666638353565356263366534626261643335353431343331353331386263
          65383263616431616637333466363161383361633532386162306431393265306563633333366335
          32643866623534353861643162636230386639333165376337633530663762643039656139363338
          38383430316363626535323766303065323830366263306234396431666639636535306666646235
          65376162393830393237633933623433616263343337656337316530386332393132653139363736
          38666330613935366163663635653361366662393065653465643038306430323032353534613962
          36323633633632373132306464353735363232333964363434656634306639623063376336653131
          34663535633861383430326565376237656632353537666232323535323065353134613463646461
          34343261333936303061386234663337353338663934356663303532373563656137316136653661
          66646465363164393963313564623562363234393633343763303737346234653436393164366565
          32643863373232373931616661633332383838653966636532393862636131666263626366643564
          62396261646332363966373136356631383932343631396663623532616531333463316336643831
          64616565653930383238333666363862303765346236326431663937343738613235336663613136
          61313336313362616538323135653761643761373539613962363233663737333031663231393063
          30386362383462336465373539356437333136353961646264626365346233643962393038383537
          36626162666339393936363063303561666631653262396431336232663733663931363933376436
          31663365383661353133633334343038663134306465633539636531383362386632383235343137
          37363463396664633135313862316364393134386334623330313739393964656134343331323437
          30353461333937386439653235663533393762396636333063343239633464623830656361306336
          34663033626138393534666335636331313266323337373132363439613732343861633364396535
          62373032396431393639343639373336653332376665616365316636653061653062383735646436
          61363966666138633038366566613263353865333437336662363436356461346530343839663062
          62636164343562633139346639353261656366646466666463663666366132646361623964653034
          32393565653435333932326631386433366362393535623932636462393936366165373639396138
          36633362313962383766386633333034633663643535653933306563396362343630326462343033
          65633631353837303238396361386632306531613933306363303533353762366463353063346636
          32643566663365376362346162346662303662386261326436346339306431396637376565356635
          65636335613632643737376238366564663161333434323264663932373032646331643063613432
          36303634623864663030303563653832626562326364656337393063396635393435613561333563
          65313537303330636634336365313364613037306338346130373834353930336265356263373838
          66616165316363316161386339646430376235316338333830356465343830613337343664643463
          33323334366539633534323961383830636664653038623430333434653531613465666663393234
          65306364653866623431316630303864613263346330613938636564653462663237616530323632
          35666639633066376536363132653662343333343465323436376562323331383834323934313132
          35393961653039356538363233616336356633353064363330373030623964346261636164376236
          32386333656665356438333334386636643363663739613161366166643065653866633365336533
          37316361666366363630366330663133663132613930383661383832393930356464653065313930
          34333565366465313030333766366135366236353361383936653135373130303132356263326661
          37613061363235303139646437353830316631656365373530386338383365333233363061383338
          36656338396662653536393866643833343633633334316332653831383934666330656265656266
          35643765386537653966326261326461356363663632313739656661656466373563643038333537
          38653839663064656332383630623962613862383963393339353861616665313534396365303738
          64313530663735353130613631316166623266346534663665653139343837363737316438363132
          30306137376165316266353633633063383132646564396565323363623234336663323561633631
          61303965376130326163376464306337623863333632356233316534633565346563633862376462
          36333362363261333836343333343034353435663563633666373135353531333463363766363735
          38656435356130646664356664666436363763386363643961666232333262623630326339376261
          33323138633438623561356661393430633136396538616265306561393164393866363333373261
          66356364656535336331356631353865376535326430626663306132386462656666363261333236
          63386130653933626366373765323661616663346361663165653262646164396366353133393234
          34313961653836396464346661353531616237373936343335643638316136636339383838653031
          32376233326336316330303937376134393162656664373563393732313631326530306636343131
          35646330636463386339656636666232386139343133626537313234376534393262393064626339
          61356430643933643135316533306332656637633663663230656536313765396534623634333430
          39343331336538396566636430613366323430386464396664366361313763303335363462626632
          61366565306462366163396334363938643238633533313639303361306132613062393734616339
          32383361363661366231643961303835383936363238383239656430623530363166636131643336
          37346531623739363936373437643430633537323138313831303536626136333931303630633439
          31363031636435316139623138393339333837663535626333356638373233323930653266346233
          63626465623865613936633161653064363030346638633733366663363063633636343864663161
          65363063383633663431636637646561613863373362343233376462623464666562383832386337
          37656463653939366630653939373635393731666638613337336139386161373030396632623534
          37306465383732636663313465666433323265383162636363653235326233613830653334613432
          62393135653635353166373362346139383261653439653565643931383336636465396333616363
          39343034613436343735386535623361393239353838366632623064643636656562393931653563
          64343064643763303266646536666632653862373135633539313663643361313037363365323034
          36363232383065336635353332333531396237646437633034363563336135363662386333353061
          62643534313865346561653030623535623233623234616161373738333033626431343832346139
          36653336346464353666393137326464343936663730633966623930356235613163336335376162
          38313637383663373132643630663665663332643839376635393363343234396566666236386133
          34316131356564383631386235636439343039336339366433313032616136623662353963643434
          62656564366462396335306562346266333035626337373532386238376131646330396264323539
          39346431346534356630663434623337383439356536376235613534356437666363383661623135
          37383433326138386537333430343333303261386666323836383331383030633938306531303836
          38383638353061333364343536653438383634333236646632373661306330376630643337353834
          64666164626430353439303662316531373865613661393130373661623330393365613431333037
          35643064633062396261623931356236653564323665303633616362333030656131393938393931
          36346132303666356339343465356635613536383237653964646634373137633938393238646364
          66613163356164363964313566393965376664303765636465636239303331666161353937303236
          37363838623530356336613737626135343339363732643630636462306136336664643937663165
          34313264313139393536346238623130313332303431363836356337616265353438353031613638
          31303533346632303737626635393631366438666365356130366437376135626161316235393830
          35333164376535383738396436383138343063633461353239306230333132383662303938326664
          61393132356362646236623464343035336263393633326330636661623130343737363261663539
          66646164653662373661376439333330633532333039623934343465623630636434653830343139
          33356631646561353235626564643937306466616439363437323733373035353638643939313731
          39636464383534306132633730353233643837323333636663376530646332616266656166623661
          32663465616135373264306535306533646232356561376366633465323037383233626231356363
          63393263633335343363
# END: TLS