add lewis as hypervisor

change borg notification urls

ansible/hypervisors.yml

@@ -52,4 +52,7 @@
   roles:
     - {role: ssh_ca_known_hosts, tags: ssh_ca_known_hosts}
     - {role: deploy_ssh_certificates, tags: deploy_ssh_certificates}
+
+- hosts: atlas, jefke
+  roles:
     - {role: borg, tags: borg}

ansible/inventory/host_vars/jefke/wireguard.yml

@@ -1,18 +0,0 @@
-wireguard_addresses:
-  - "10.42.1.1/32"
-wireguard_endpoint: "jefke.hyp"
-wireguard_private_key: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  36376161636365313033613362336239656164643430306437393866353036303938616136613933
-  6333613866643139653130393532613838353031613562350a663664633033353364303035353131
-  66363439353537323636313466303236393530653938393838373837366436316665343831623934
-  3234363066366235300a346636613930346466643566666265613733343266613030613765313161
-  63343133646566623264393533613733363735666432396366623737306232303761366465306164
-  3937653537316461376263613338373439313531383961623333
-wireguard_unmanaged_peers:
-  pim:
-    public_key: "xQ1hkwpIf5x7Wkx1leQHXx3RK8fjGWt2ZmG9XUN3V08="
-    allowed_ips: "10.42.1.2/32"
-  niels:
-    public_key: "WJO/DQUJyDp4rFW291F2Ai51lotU2IC+OATu+5P3Jio="
-    allowed_ips: "10.42.1.3/32"

ansible/inventory/host_vars/lewis/apt.yml

@@ -0,0 +1,5 @@
+apt_install_packages:
+  - qemu-kvm
+  - libvirt-daemon-system
+  - sudo
+  - bridge-utils

ansible/inventory/host_vars/lewis/ssh_certificates.yml

@@ -0,0 +1,12 @@
+deploy_ssh_certificates:
+  - name: ssh_user_ed25519_key
+    type: user
+    key_type: ed25519
+    signing_key: hyp_user
+    host: lewis.hyp
+    principals: hypervisor
+  - name: ssh_host_ed25519_key
+    type: host
+    key_type: ed25519
+    signing_key: hyp_host
+    host: lewis.hyp

ansible/inventory/hosts.yml

@@ -6,3 +6,5 @@ all:
           ansible_host: atlas.hyp
         jefke:
           ansible_host: jefke.hyp
+        lewis:
+          ansible_host: lewis.hyp

ansible/roles/borg/vars/main.yml

@@ -1 +1 @@
-apprise_url: 'apprises://apprise.pim.kunis.nl:444/backups'
+apprise_url: 'apprise:/192.168.30.9:3003/backups'

terraform/main.tf

@@ -20,6 +20,11 @@ provider "libvirt" {
   uri = "qemu+ssh://root@jefke.hyp/system"
 }
 
+provider "libvirt" {
+  alias = "lewis"
+  uri = "qemu+ssh://root@lewis.hyp/system"
+}
+
 resource "libvirt_pool" "iso" {
   name = "iso"
   type = "dir"
@@ -124,3 +129,59 @@ resource "libvirt_network" "dmzbr_jefke" {
   autostart = true
   provider = libvirt.jefke
 }
+
+resource "libvirt_pool" "iso_lewis" {
+  name = "iso"
+  type = "dir"
+  path = "/kvm/iso"
+  provider = libvirt.lewis
+}
+
+resource "libvirt_pool" "disk_lewis" {
+  name = "disk"
+  type = "dir"
+  path = "/kvm/disk"
+  provider = libvirt.lewis
+}
+
+resource "libvirt_pool" "init_lewis" {
+  name = "init"
+  type = "dir"
+  path = "/kvm/init"
+  provider = libvirt.lewis
+}
+
+resource "libvirt_volume" "ubuntu_jammy_lewis" {
+  name   = "ubuntu-jammy.img"
+  pool   = "iso"
+  source = "https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img"
+  provider = libvirt.lewis
+}
+
+resource "libvirt_volume" "debian_bullseye_lewis" {
+  name = "debian-bullseye.iso"
+  pool = "iso"
+  source = "https://cloud.debian.org/images/cloud/bullseye/latest/debian-11-generic-amd64.qcow2"
+  provider = libvirt.lewis
+}
+
+resource "libvirt_volume" "debian_bookworm_lewis" {
+  name = "debian-bookworm.qcow2"
+  pool = "iso"
+  source = "https://cloud.debian.org/images/cloud/bookworm/daily/latest/debian-12-generic-amd64-daily.qcow2"
+  provider = libvirt.lewis
+}
+
+resource "libvirt_network" "dmzbr_lewis" {
+  name = "dmzbr"
+  mode = "bridge"
+  bridge = "dmzbr"
+  dhcp {
+    enabled = false
+  }
+  dns {
+    enabled = false
+  }
+  autostart = true
+  provider = libvirt.lewis
+}