toallab-automation/roles/sno_deploy/defaults/main.yml

---
# --- Proxmox connection ---
# proxmox_api_host / proxmox_api_port are derived from the 'proxmox_api'
# inventory host (ansible_host / ansible_port).  Do not set them here.
proxmox_node: pve1
proxmox_api_user: ansible@pam
proxmox_api_token_id: ansible
proxmox_api_token_secret: "{{ vault_proxmox_token_secret }}"
proxmox_validate_certs: false

# --- Storage ---
proxmox_storage: local-lvm
proxmox_iso_storage: local
proxmox_iso_dir: /var/lib/vz/template/iso
sno_credentials_dir: "/root/sno-{{ ocp_cluster_name }}"

# --- VM specification ---
sno_vm_name: "sno-{{ ocp_cluster_name }}"
sno_cpu: 8
sno_memory_mb: 32768
sno_disk_gb: 120
sno_pvc_disk_gb: 100
sno_vnet: ocp
sno_mac: ""  # populated after VM creation; set here to pin MAC
sno_vm_id: 0

sno_storage_ip: ""
sno_storage_ip_prefix_length: 24
sno_storage_vnet: storage
sno_storage_mac: ""  # populated after VM creation; set here to pin MAC

# --- Installer ---
sno_install_dir: "/tmp/sno-{{ ocp_cluster_name }}"
sno_iso_filename: agent.x86_64.iso

# --- OIDC ---
oidc_provider_name: keycloak
oidc_client_id: openshift
oidc_admin_groups: []
oidc_ca_cert_file: ""

# --- Keycloak ---
keycloak_context: ""

# --- cert-manager ---
sno_deploy_certmanager_channel: "stable-v1"
sno_deploy_certmanager_source: redhat-operators
sno_deploy_letsencrypt_email: ""
sno_deploy_letsencrypt_server: "https://acme-v02.api.letsencrypt.org/directory"
sno_deploy_letsencrypt_staging_server: "https://acme-staging-v02.api.letsencrypt.org/directory"
sno_deploy_letsencrypt_use_staging: false
sno_deploy_certmanager_wait_timeout: 300
sno_deploy_certificate_wait_timeout: 600
sno_deploy_certmanager_dns_provider: dnsmadeeasy
sno_deploy_webhook_image: "ghcr.io/ptoal/cert-manager-webhook-dnsmadeeasy:latest"
sno_deploy_webhook_group_name: "acme.toal.ca"