--- # file: host_vars/10.30.51.26.yaml hostname: "s26-nomad" inventory_ipmi_hostname: "10.30.50.26" # User management. users: - username: localadmin groups: [adm, sudo] password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" ssh_key: - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKM1D1kkGX1l7fSma1MOgw2yLI7zJHwTCcfVROQ4hh7r peter.mikus@protonmail.ch" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1" sshd_disable_password_login: true # Nomad settings. nomad_version: "1.6.1" nomad_certificates: - src: "{{ file_nomad_ca_pem }}" dest: "{{ nomad_tls_ca_file }}" - src: "{{ file_nomad_server_pem }}" dest: "{{ nomad_tls_cert_file }}" - src: "{{ file_nomad_server_key_pem }}" dest: "{{ nomad_tls_key_file }}" nomad_datacenter: "yul1" nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" nomad_node_role: "both" nomad_node_class: "builder" nomad_options: driver.raw_exec.enable: 1 docker.cleanup.image: true docker.privileged.enabled: true docker.volumes.enabled: true driver.whitelist: "docker,raw_exec,exec" fingerprint.network.disallow_link_local: true nomad_service_mgr: "systemd" nomad_consul_use_ssl: false nomad_use_tls: false nomad_tls_http: false nomad_tls_rpc: false nomad_use_vault: false nomad_retry_servers: - "10.30.51.23" - "10.30.51.24" - "10.30.51.25" nomad_servers: - "10.30.51.23:4647" - "10.30.51.24:4647" - "10.30.51.25:4647" nomad_volumes: - name: "prod-volume-data1-1" path: "/data" read_only: false # Consul settigs. nomad_use_consul: true consul_certificates: - src: "{{ file_consul_ca_pem }}" dest: "{{ consul_ca_file }}" - src: "{{ file_consul_server_3_pem }}" dest: "{{ consul_cert_file }}" - src: "{{ file_consul_server_3_key_pem }}" dest: "{{ consul_key_file }}" consul_verify_incoming: false consul_verify_outgoing: false consul_vefify_server_hostname: false consul_allow_tls: true consul_datacenter: "yul1" consul_node_role: "both" consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" consul_node_name: "{{ ansible_hostname }}" consul_retry_join: true consul_retry_servers: - "10.30.51.23" - "10.30.51.24" - "10.30.51.25" consul_service_mgr: "systemd" # Vault settings. vault_version: "1.13.1" # Docker daemon settings. docker_daemon: dns: ["172.17.0.1"] dns-opts: [] dns-search: ["{{ansible_hostname}}"]