---
# Global vars
ansible_ssh_private_key_file: "/etc/secrets/{{ hostvars['console']['node']['uid'] }}/id_console"

# CA
root_cert_filename: "ilnmors_root_ca.crt"
intermediate_cert_filename: "ilnmors_intermediate_ca.crt"
intermediate_key_filename: "ilnmors_intermediate_ca.key"


# local SAN and SSH SAN should be updated manually on host_vars
domain:
  public: "ilnmors.com"
  internal: "ilnmors.internal"
  dc: "dc=ilnmors,dc=internal"
  org: "ilnmors"

# DNS configuration including bind and blocky should be set manually.
# named.conf.j2 is also set manually.
# Check the hosts.j2 when cname records are fixed

services:
  crowdsec:
    domain: "crowdsec"
    ports:
      https: "8080"
  bind:
    domain: "bind"
    ports:
      dns: "53"
  blocky:
    domain: "blocky"
    ports:
      https: "443"
      dns: "53"
  postgresql:
    domain: "postgresql"
    ports:
      tcp: "5432" # postgresql db connection port
    subuid: "100998"
  ldap:
    domain: "ldap"
    ports:
      http: "17170"
      ldaps: "6360"
    subuid: "100999"
  ca:
    domain: "ca"
    ports:
      https: "9000"
    subuid: "100999"
  x509-exporter:
    ports:
      http: "9793"
    subuid: "165533"
  prometheus:
    domain: "prometheus"
    ports:
      https: "9090"
    subuid: "165533"
  loki:
    domain: "loki"
    ports:
      https: "3100"
    subuid: "110000"
  grafana:
    domain: "grafana"
    ports:
      http: "3000"
    subuid: "100471"
  caddy:
    ports:
      http: "2080"
      https: "2443"
  nas:
    domain: "nas"
    ports:
      https: "5001"
  kopia:
    domain: "nas"
    ports:
      https: "51515"
  authelia:
    domain: "authelia"
    ports:
      http: "9091"
  redis:
    subuid: "100998"
  vaultwarden:
    domain:
      public: "vault"
      internal: "vault.app"
    ports:
      http: "8000"
  gitea:
    domain:
      public: "gitea"
      internal: "gitea.app"
    ports:
      http: "3000"
    subuid: "100999"
  immich:
    domain:
      public: "immich"
      internal: "immich.app"
    ports:
      http: "2283"
      redis: "6379"
  immich-ml:
    ports:
      http: "3003"
  actualbudget:
    domain:
      public: "budget"
      internal: "budget.app"
    ports:
      http: "5006"
    subuid: "101000"
  paperless:
    domain:
      public: "paperless"
      internal: "paperless.app"
    ports:
      http: "8001"
      redis: "6380"
    subuid: "100999"
  vikunja:
    domain:
      public: "vikunja"
      internal: "vikunja.app"
    ports:
      http: "3456"
    subuid: "100999"
  opencloud:
    domain:
      public: "opencloud"
      internal: "opencloud.app"
    ports:
      http: "9200"
    subuid: "100999"
  manticore:
    subuid: "100998"
  affine:
    domain:
      public: "affine"
      internal: "affine.app"
    ports:
      http: "3010"
      redis: "6381"
      manticore: "9308"

version:
  packages:
    sops: "3.12.1"
    step: "0.29.0"
    kopia: "0.22.3"
    blocky: "0.28.2"
    alloy: "1.13.0"
  containers:
    # common
    caddy: "2.10.2"
    # infra
    step: "0.29.0"
    ldap: "v0.6.2"
    x509-exporter: "3.19.1"
    prometheus: "v3.9.1"
    loki: "3.6.5"
    grafana: "12.3.3"
    ## Postgresql
    postgresql: "18.2"
    # For immich - https://github.com/immich-app/base-images/blob/main/postgres/versions.yaml
#    pgvector: "v0.8.1"
    vectorchord: "0.5.3"
    # Auth
    authelia: "4.39.15"
    # App
    vaultwarden: "1.35.4"
    gitea: "1.25.5"
    redis: "8.6.1"
    immich: "v2.7.5"
    actualbudget: "26.3.0"
    paperless: "2.20.13"
    vikunja: "2.2.2"
    opencloud: "4.0.4"
    manticore: "25.0.0"
    affine: "0.26.3"