Group/host variable refactor

2025-03-15 00:05:30 +01:00 · 2025-03-15 00:05:30 +01:00 · 4b8aaf3e95
commit 4b8aaf3e95
parent eb308670cc
78 changed files with 445 additions and 374 deletions
--- a/host_vars/desktop/syncthing.yml
+++ b/host_vars/desktop/syncthing.yml
@ -0,0 +1,45 @@
+syncthing_listen_address: '0.0.0.0'
+syncthing_protocol_port: 22000
+syncthing_gui_port: 8384
+
+syncthing_config_version: 37
+syncthing_api_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          39643534383666343331666336356662333165633032356532323730316535616363393330376263
+          6164323430343961646635323739373363623764646361360a666566363736323739313533323562
+          34653032646230313063613265313836383033353336333461376432363530633632313234323733
+          6162646332623837370a646537336139336361666336363861353030633136373063333433643435
+          64666465356566313263376330643664313266646139663433663366316232613562663863366334
+          3061663839656563353663373135393233653130383735366538
+
+syncthing_devices:
+  - name: Desktop
+    id: &syncthing_desktop_id CSDXP5E-4UBNC36-32EHTPK-L6Y6JVZ-HQHM42R-FJXN2LI-2MTYRFX-3ZZPUQN
+    address: dynamic
+
+  - name: Fudiggity
+    id: &syncthing_server_id ZM5JO5E-UYU6XUI-P25TLIP-TLPQD7J-NSPSYZS-A5OOYST-J62ICAQ-Y2A5YQV
+    address: tcp://syncthing.{{ server_domain }}:22000
+
+  - name: XPS15
+    id: &syncthing_xps_id 2AC4LRC-YIJDWWK-YCOEZLT-4OWWC2E-7VEZQQB-F3AAPZR-HU75FE4-PGWWXQH
+    address: tcp://10.0.0.2:22000
+
+syncthing_folders:
+  - id: default
+    label: Default
+    path: '{{ ansible_env.HOME }}/syncthing/default'
+    type: sendreceive
+    devices:
+      - *syncthing_desktop_id
+      - *syncthing_server_id
+      - *syncthing_xps_id
+
+  - id: pictures
+    label: Pictures
+    path: '{{ ansible_env.HOME }}/syncthing/pictures'
+    type: sendreceive
+    devices:
+      - *syncthing_desktop_id
+      - *syncthing_server_id
+      - *syncthing_xps_id
--- a/host_vars/desktop/system.yml
+++ b/host_vars/desktop/system.yml
@ -0,0 +1,17 @@
+modprobe_templates:
+  - src: 'templates/personal/desktop/modprobe/99-amdgpu.conf.j2'
+    dest: '/etc/modprobe.d/99-amdgpu.conf'
+
+mkinitcpio_templates:
+  - src: 'templates/personal/desktop/mkinitcpio/1-modules.conf.j2'
+    dest: '/etc/mkinitcpio.conf.d/1-amdgpu.conf'
+
+  - src: 'templates/personal/desktop/mkinitcpio/linux.preset.j2'
+    dest: '/etc/mkinitcpio.d/linux.preset'
+
+  - src: 'templates/personal/desktop/mkinitcpio/linux-lts.preset.j2'
+    dest: '/etc/mkinitcpio.d/linux-lts.preset'
+
+boot_configuration:
+  disk: /dev/sdc
+  partition: 1
--- a/host_vars/desktop/vpn.yml
+++ b/host_vars/desktop/vpn.yml
@ -0,0 +1,49 @@
+# TODO: scope variables to their destination file
+vpn_default:
+  ip: '10.0.0.3'
+  prefix: '24'
+  interface: 'wg0'
+  dns: '10.0.0.1'
+  domains:
+    - ~vpn.{{ server_domain }}
+    - ~transmission.{{ server_domain }}
+    - ~syncthing.{{ server_domain }}
+
+  public_key_path: '{{ vpn_config_dir }}/keys/public/default/desktop.pub'
+  private_key_path: '{{ vpn_config_dir }}/keys/private/default/desktop.key'
+
+  peers:
+    - name: 'fudiggity'
+      allowed_ips:
+        - address: '10.0.0.0/24'
+          create_route: false
+        - address: '172.16.238.0/24'
+          create_route: true
+        - address: '172.32.238.0/24'
+          create_route: true
+      endpoint: '{{ server_domain }}:51902'
+      public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo='
+      preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk'
+      preshared_key_source_path: 'files/personal/desktop/wireguard/default/preshared.psk'
+
+vpn_media:
+  ip: '10.0.1.3'
+  prefix: '24'
+  interface: 'wg1'
+  dns: '10.0.1.1'
+  domains:
+    - '~media-vpn.{{ server_domain }}'
+
+  public_key_path: '{{ vpn_config_dir }}/keys/public/media/desktop.pub'
+  private_key_path: '{{ vpn_config_dir }}/keys/private/media/desktop.key'
+  private_key_source_path: 'files/personal/desktop/wireguard/media/desktop.key'
+
+  peers:
+    - name: 'zeus-media'
+      allowed_ips:
+        - address: '10.0.1.0/24'
+          create_route: false
+      endpoint: '{{ server_domain }}.nl:51903'
+      public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg='
+      preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk'
+      preshared_key_source_path: 'files/personal/desktop/wireguard/media/preshared.psk'
--- a/host_vars/xps/syncthing.yml
+++ b/host_vars/xps/syncthing.yml
@ -0,0 +1,45 @@
+syncthing_listen_address: '0.0.0.0'
+syncthing_protocol_port: 22000
+syncthing_gui_port: 8384
+
+syncthing_config_version: 37
+syncthing_api_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          35346637623066636261633331343438313736356137633466306633613563343630363565643763
+          6631623461663330633537386539376435356338393537620a666234373932636162653830316339
+          65336339383630313837323137613137303862613061326131313437316637383637666638313235
+          6463333235646536620a316163666431323530353330356633393035663933613761313031656561
+          66333431636134366466373533616438326230323965333763316336393764303737663461363636
+          3061373832313462623765353130616237343966333332623262
+
+syncthing_devices:
+  - name: Desktop
+    id: &syncthing_desktop_id CSDXP5E-4UBNC36-32EHTPK-L6Y6JVZ-HQHM42R-FJXN2LI-2MTYRFX-3ZZPUQN
+    address: tcp://10.0.0.3:22000
+
+  - name: Fudiggity
+    id: &syncthing_server_id ZM5JO5E-UYU6XUI-P25TLIP-TLPQD7J-NSPSYZS-A5OOYST-J62ICAQ-Y2A5YQV
+    address: tcp://syncthing.{{ server_domain }}:22000
+
+  - name: XPS15
+    id: &syncthing_xps_id 2AC4LRC-YIJDWWK-YCOEZLT-4OWWC2E-7VEZQQB-F3AAPZR-HU75FE4-PGWWXQH
+    address: dynamic
+
+syncthing_folders:
+  - id: default
+    label: Default
+    path: '{{ ansible_env.HOME }}/syncthing/default'
+    type: sendreceive
+    devices:
+      - *syncthing_desktop_id
+      - *syncthing_server_id
+      - *syncthing_xps_id
+
+  - id: pictures
+    label: Pictures
+    path: '{{ ansible_env.HOME }}/syncthing/pictures'
+    type: sendreceive
+    devices:
+      - *syncthing_desktop_id
+      - *syncthing_server_id
+      - *syncthing_xps_id
--- a/host_vars/xps/system.yml
+++ b/host_vars/xps/system.yml
@ -0,0 +1,61 @@
+packages:
+  - keepassxc
+  - gimp
+  - nftables
+  - okular
+  - postgresql
+  - plasma-meta
+  - wezterm
+  - tmux
+  - unrar
+  - vim
+  - git
+  - openssl
+  - kmail
+  - iproute2
+  - curl
+  - reflector
+  - pipewire
+  - pipewire-pulse
+  - pipewire-alsa
+  - merkuro
+  - kmail
+  - otf-monaspace-nerd
+  - systemd-ukify
+  - efibootmgr
+  - git-delta
+  - aspell-nl
+  - aspell-en
+
+  # custom packages
+  - firefox
+  - mpv
+  - youtube-dl
+  - nfs-utils
+  - syncthing
+  - mpd
+  - wireguard-tools
+
+  # custom host packages
+  - iwd
+  - nvidia
+  - nvidia-prime
+  - nvidia-utils
+  - lib32-nvidia-utils
+
+boot_configuration:
+  disk: /dev/nvme0n1
+  partition: 1
+
+mkinitcpio_templates:
+  - src: 'templates/personal/xps/mkinitcpio/1-modules.conf.j2'
+    dest: '/etc/mkinitcpio.conf.d/1-modules.conf'
+
+  - src: 'templates/personal/xps/mkinitcpio/2-hooks.conf.j2'
+    dest: '/etc/mkinitcpio.conf.d/2-hooks.conf'
+
+  - src: 'templates/personal/xps/mkinitcpio/linux.preset.j2'
+    dest: '/etc/mkinitcpio.d/linux.preset'
+
+  - src: 'templates/personal/xps/mkinitcpio/linux-lts.preset.j2'
+    dest: '/etc/mkinitcpio.d/linux-lts.preset'
--- a/host_vars/xps/vpn.yml
+++ b/host_vars/xps/vpn.yml
@ -0,0 +1,47 @@
+vpn_default:
+  ip: '10.0.0.2'
+  prefix: '24'
+  interface: 'wg0'
+  dns: '10.0.0.1'
+  domains:
+    - '~vpn.{{ server_domain }}'
+    - '~transmission.{{ server_domain }}'
+    - '~syncthing.{{ server_domain }}'
+
+  public_key_path: '{{ vpn_config_dir }}/keys/public/default/laptop.pub'
+  private_key_path: '{{ vpn_config_dir }}/keys/private/default/laptop.key'
+
+  peers:
+    - name: 'fudiggity'
+      allowed_ips:
+        - address: '10.0.0.0/24'
+          create_route: false
+        - address: '172.16.238.0/24'
+          create_route: true
+        - address: '172.32.238.0/24'
+          create_route: true
+      endpoint: '{{ server_domain }}:51902'
+      public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo='
+      preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk'
+      preshared_key_source_path: 'files/personal/xps/wireguard/default/preshared.psk'
+
+vpn_media:
+  ip: '10.0.1.2'
+  prefix: '24'
+  interface: 'wg1'
+  dns: '10.0.1.1'
+  domains:
+    - '~media-vpn.{{ server_domain }}'
+
+  public_key_path: '{{ vpn_config_dir }}/keys/public/media/laptop.pub'
+  private_key_path: '{{ vpn_config_dir }}/keys/private/media/laptop.key'
+
+  peers:
+    - name: 'fudiggity-media'
+      allowed_ips:
+        - address: '10.0.1.0/24'
+          create_route: false
+      endpoint: '{{ server_domain }}:51903'
+      public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg='
+      preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk'
+      preshared_key_source_path: 'files/personal/xps/wireguard/media/preshared.psk'