hostname = "217.160.71.39" bundles = [ "bird", "icinga2", "php", "postgresql", # 'simple-icinga-dashboard', "unbound", "wireguard", ] groups = [ 'debian-bookworm', 'webserver', ] [metadata] location = "ionos" [metadata.interfaces.ens192] ips = [ "217.160.71.39/32", "2001:8d8:1800:d5::1/128" ] gateway4 = "10.255.255.1" gateway6 = "fe80::1" [metadata.interfaces.wg_home_router] ips = ["172.19.136.4"] [metadata.interfaces.wg_htz-cloud_wi] ips = ["172.19.136.4"] [metadata.bird] static_routes = ["172.19.136.4/32"] [metadata.icinga2] web_domain = "icinga.franzi.business" ntfy.pass = "!decrypt:encrypt$gAAAAABkMtfD8lenogwJc8uKeGZUQ8QVWHMpAqY_GLW3VhF3Jt0TOC4JiJn49qfaC9Ij5rw6GGsowNIsNBe1Ac83HXOLveANEU2o-O4fp5TxNF0xFWebCCtcaTkj_L2DjUbSUe8QVDn3" ntfy.url = "https://ntfy.franzi.business/icinga2" ntfy.user = "!decrypt:encrypt$gAAAAABkMtfW_tyGDUh7TkVX6AN8wSkKixWcQiOrPUWHtDZqnzjqrAkfD40fD8M_PiPDvW5pAa6xHNcUSU34jHolxnC44rDiLw==" sipgate.pass = "!bwpass_attr:sipgate.de/hi@kunsmann.eu:icinga_token" sipgate.user = "!bwpass_attr:sipgate.de/hi@kunsmann.eu:icinga_tokenid" [metadata.icinga2.api_users.icinga2beamer] # Used with password = "!decrypt:encrypt$gAAAAABf3wM9YS5ZpRdhp3xyIFX21_MK0omzqHqykWbWdkZWp2xyJ6awaUSXODnZQ5j-rws6n0yrpaeMdXoj1irb2FrgxMDTdfCh88hIsqcKGOObzwGaRg6Ze0tuiMrzIfOO3tRnc9Kd" permissions = [ "objects/query/Host", "objects/query/Service", ] # 'icinga2_api': { # 'custom': { # # redundant monitoring of services/hosts # 'services': { # 'flauschekatze.space CERTIFICATE': { # 'check_command': 'check_https_cert_at_url', # 'vars.domain': 'flauschekatze.space', # }, # 'matrix.flauschekatze.space CERTIFICATE': { # 'check_command': 'check_https_cert_at_url', # 'vars.domain': 'matrix.flauschekatze.space', # }, # }, # }, # }, # 'nginx': { # 'vhosts': { # 'statuspage': { # 'domain': 'status.franzi.business', # 'ssl': '_.franzi.business', # 'webroot': '/opt/simple-icinga-dashboard/out', # }, # }, # }, [metadata.postgresql] version = 15 # 'simple-icinga-dashboard': { # 'icinga2_api': { # 'baseurl': 'https://127.0.0.1:5665', # 'username': 'dashboard', # 'password': vault.password_for('ovh.icinga2 icinga2 api_user dashboard'), # }, # 'filters': { # 'services': '"statuspage" in service.groups', # }, # 'output': { # 'page_title': 'franzi.business Service Status', # }, # 'prettify': { # 'CONTENT': '', # 'NGINX': 'WEBSERVER', # 'PROCESS': 'SERVICE', # }, # }, [metadata.wireguard.peers.'home.router'] snat_to = "172.19.136.4" [metadata.wireguard.peers.'htz-cloud.wireguard'] snat_to = "172.19.136.4" [metadata.vm] cpu = 2 ram = 2