---
hiera_include:
  - profiles::selinux::setenforce
  - frrouting
  - profiles::ceph::node
  - profiles::ceph::client

# FIXME: puppet-python wants to try manage python-dev, which is required by the ceph package
python::manage_dev_package: false

profiles::packages::include:
  bridge-utils: {}
  cephadm: {}

profiles::selinux::setenforce::mode: disabled

profiles::ceph::client::manage_ceph_conf: false
profiles::ceph::client::manage_ceph_package: false
profiles::ceph::client::manage_ceph_paths: false
profiles::ceph::client::fsid: 'de96a98f-3d23-465a-a899-86d3d67edab8'
profiles::ceph::client::mons:
  - 198.18.23.9
  - 198.18.23.10
  - 198.18.23.11
  - 198.18.23.12
  - 198.18.23.13
# additional repos
profiles::yum::global::repos:
  ceph:
    name: ceph
    descr: ceph repository
    target: /etc/yum.repos.d/ceph.repo
    baseurl: https://edgecache.query.consul/ceph/yum/el%{facts.os.release.major}/%{facts.os.architecture}
    gpgkey: https://download.ceph.com/keys/release.asc
    mirrorlist: absent
  ceph-noarch:
    name: ceph-noarch
    descr: ceph-noarch repository
    target: /etc/yum.repos.d/ceph-noarch.repo
    baseurl: https://edgecache.query.consul/ceph/yum/el%{facts.os.release.major}/noarch
    gpgkey: https://download.ceph.com/keys/release.asc
    mirrorlist: absent
  frr-extras:
    name: frr-extras
    descr: frr-extras repository
    target: /etc/yum.repos.d/frr-extras.repo
    baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os
    gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR
    mirrorlist: absent
  frr-stable:
    name: frr-stable
    descr: frr-stable repository
    target: /etc/yum.repos.d/frr-stable.repo
    baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os
    gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR
    mirrorlist: absent

# dns
profiles::dns::base::primary_interface: loopback0

# networking
systemd::manage_networkd: true
systemd::manage_all_network_files: true
networking::interfaces:
  "%{hiera('networking_1000_iface')}":
    type: physical
    ipaddress: "%{hiera('networking_1000_ip')}"
    gateway: 198.18.15.254
    txqueuelen: 10000
    forwarding: true
  "%{hiera('networking_2500_iface')}":
    type: physical
    ipaddress: "%{hiera('networking_2500_ip')}"
    mtu: 1500
    txqueuelen: 10000
    forwarding: true
  loopback0:
    type: dummy
    ipaddress: "%{hiera('networking_loopback0_ip')}"
    netmask: 255.255.255.255
    mtu: 1500
  loopback1:
    type: dummy
    ipaddress: "%{hiera('networking_loopback1_ip')}"
    netmask: 255.255.255.255
    mtu: 1500
  loopback2:
    type: dummy
    ipaddress: "%{hiera('networking_loopback2_ip')}"
    netmask: 255.255.255.255
    mtu: 1500

# frrouting
frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}"
frrouting::ospfd_redistribute:
  - connected
frrouting::ospfd_interfaces:
  "%{hiera('networking_1000_iface')}":
    area: 0.0.0.0
  "%{hiera('networking_2500_iface')}":
    area: 0.0.0.0
  loopback0:
    area: 0.0.0.0
  loopback1:
    area: 0.0.0.0
  loopback2:
    area: 0.0.0.0
frrouting::daemons:
  ospfd: true

# add loopback interfaces to ssh list
ssh::server::options:
  ListenAddress:
    - "%{hiera('networking_loopback0_ip')}"
    - "%{hiera('networking_1000_ip')}"
    - "%{hiera('networking_2500_ip')}"

profiles::ssh::sign::principals:
  - "%{hiera('networking_loopback0_ip')}"
  - "%{hiera('networking_1000_ip')}"
  - "%{hiera('networking_2500_ip')}"