feat: Commit initial

2025-11-07 09:33:38 +01:00 · 2025-11-07 09:33:38 +01:00 · 40dc0f4184
commit 40dc0f4184
43 changed files with 1990 additions and 0 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -0,0 +1,62 @@
+---
+# Global variables for all nodes
+
+# K3s Configuration
+k3s_version: "v1.28.5+k3s1"
+k3s_install_url: "https://get.k3s.io"
+
+# K3s Server Configuration
+k3s_server_1_ip: "10.100.20.10"
+k3s_server_2_ip: "10.100.20.20"
+k3s_witness_ip: "10.100.20.30"
+
+# K3s token (shared between servers)
+# In production, this should be stored in a vault
+k3s_token_file: "/etc/rancher/k3s/token"
+
+# Network Configuration
+pod_cidr: "10.42.0.0/16"
+service_cidr: "10.43.0.0/16"
+cluster_dns: "10.43.0.10"
+
+# System Configuration
+timezone: "Europe/Paris"
+swap_enabled: false
+
+# Unattended Upgrades Configuration
+unattended_upgrades_enabled: true
+unattended_upgrades_automatic_reboot: true
+unattended_upgrades_automatic_reboot_with_users: false
+
+# Reboot schedule (staggered to maintain availability)
+reboot_schedule:
+  k3s-server-1: "02:00"
+  k3s-server-2: "04:00"
+  etcd-witness: "06:00"
+
+# FluxCD Configuration
+flux_version: "v2.2.0"
+flux_namespace: "flux-system"
+
+# System packages to install on all nodes
+common_packages:
+  - curl
+  - wget
+  - git
+  - vim
+  - htop
+  - net-tools
+  - ca-certificates
+  - gnupg
+  - lsb-release
+  - python3
+  - python3-pip
+
+# Kernel parameters for K3s
+sysctl_config:
+  net.bridge.bridge-nf-call-iptables: 1
+  net.bridge.bridge-nf-call-ip6tables: 1
+  net.ipv4.ip_forward: 1
+  vm.swappiness: 0
+  fs.inotify.max_user_instances: 8192
+  fs.inotify.max_user_watches: 524288