---
# Custom variables ────────────────────────────────────────────────────────────

rootfs: btrfs

username: follie

# See roles/user/defaults/main.yml for a list of accepted shells
usershell: fish

repository: https://mirror.math.princeton.edu/pub/alpinelinux

# seatd or elogind
seat_manager: seatd

# busybox's mdev, skarnet's mdevd or eudev's udev
device_manager: mdevd

# Have no effect when seat_manager == 'elogind'
# See use_polkit variable below
polkit: False

# Should be a file name in /usr/share/consolefonts/
console_font: ter-h22b.psf.gz

unbound_upstream_nameservers:
  - 9.9.9.9@853#dns.quad9.net
  - 149.112.112.112@853#dns.quad9.net
  - 2620:fe::fe@853#dns.quad9.net
  - 2620:fe::9@853#dns.quad9.net

# 'virtlockd' and 'virtlogd' will always be started. Don't list them here
libvirt_daemons:
  - virtinterfaced
  - virtnetworkd
  - virtnodedevd
  - virtqemud
  - virtstoraged

# For libvirt's NAT firewall rules
# IPv6 is optional (https://wiki.gentoo.org/wiki/QEMU/KVM_IPv6_Support)
libvirt_bridges:
  - name: virbr0
    ip4: 192.168.122.0/24

# Public facing network interfaces
# https://wiki.alpinelinux.org/wiki/Configure_Networking
network_interfaces:
  - name: eth0
    ip4_type: dhcp
    ip6_type: auto

# Punching holes on the machine
# 546/UDP (IPv6 link-local client) is hardcoded (opened) so don't specify it here
opened_ports:
  tcp: []
  udp: []

# 'podman' or 'nerdctl'
rootless_container_cli: podman

# Configure waydroid base image
waydroid:
  rom_type: lineage # lineage, bliss
  system_type: FOSS # FOSS, GAPPS, VANILLA

# Secrets encrypted with ansible-vault ────────────────────────────────────────

password: '{{ vault_password }}'

# Do NOT change these variables ───────────────────────────────────────────────

# elogind needs polkit to function
use_polkit: '{{ (seat_manager == "elogind") | ternary("True", polkit) }}'