veza/ansible/group_vars/all.yml

# Group variables for Veza V5 Ultra deployment
# Domain and ACME configuration
domain: veza.talas.fr
acme_email: ops@talas.fr

# Frontend runtime/build environment variables
VITE_API_URL: "https://{{ domain }}/api"
VITE_WS_URL: "wss://{{ domain }}/ws"
VITE_STREAM_URL: "https://{{ domain }}/stream"

# HAProxy configuration (for in-container setup)
haproxy_letsencrypt: true
haproxy_https_monitoring:
  - "{{ domain }}"

# OVN/Incus single-host configuration
ovn_cluster_name: veza_single
ovn_cluster_main_name: edge-1
ovn_ip: 127.0.0.1
ovn_central_servers: [edge-1]

# Incus profile for Veza network (created in play 20)
incus_network_profiles:
  - name: veza
    devices:
      root:
        type: disk
        path: /
        pool: default
      eth0:
        type: nic
        nictype: ovn
        network: veza-ovn

# Container configuration
veza_containers:
  - name: veza-haproxy
    image: debian/bookworm
    profiles: [veza]
    proxy_devices:
      - name: http80
        listen: tcp:0.0.0.0:80
        connect: tcp:127.0.0.1:80
      - name: https443
        listen: tcp:0.0.0.0:443
        connect: tcp:127.0.0.1:443
  - name: veza-backend
    image: debian/bookworm
    profiles: [veza]
  - name: veza-chat
    image: debian/bookworm
    profiles: [veza]
  - name: veza-stream
    image: debian/bookworm
    profiles: [veza]
  - name: veza-web
    image: debian/bookworm
    profiles: [veza]

# Application ports
veza_backend_port: 8080
veza_chat_port: 8081
veza_stream_port: 8082
veza_web_port: 80

# Database and Redis configuration (will be set via vault)
veza_database_url: "postgresql://veza:veza_password@localhost:5432/veza_db"
veza_redis_url: "redis://localhost:6379"
veza_jwt_secret: "super-secret-jwt-key-change-in-production"
veza_jwt_refresh_secret: "super-secret-refresh-key"

# Storage paths
veza_storage_path: "/opt/veza/storage"
veza_stream_path: "/opt/veza/streams"