---
ansible_version_minimum: "2.6"
debug_fastd: False

site_code: ffmwu
site_name: "Mainz, Wiesbaden und Umgebung"

as_private: 65037
as_public_ffrl: 201701

internet_exit_tcp_mss_ipv4: 1240
internet_exit_tcp_mss_ipv6: 1220

icvpn_ipv4_transfer_net: 10.207.0.0/16
icvpn_ipv6_transfer_net: fec0::a:cf:0:0/96

loopback_net_ipv4: 10.87.255.0/24
loopback_net_ipv6: fd86:b4dc:4b1e:00ff::/64
anycast_ipv4: 10.87.255.255/32
anycast_ipv6: fd86:b4dc:4b1e:00ff::ff/128

internal_prefixes:
  - ipv4: 10.37.0.0/16
    ipv6: fd37:b4dc:4b1e::/48
  - ipv4: 10.56.0.0/16
    ipv6: fd56:b4dc:4b1e::/48
  - ipv4: 10.86.0.0/15
    ipv6: fd86:b4dc:4b1e::/48

public_prefixes:
  - ipv6: 2a03:2260:11a::/48
  - ipv6: 2a03:2260:11b::/48

bgp_ipv4_transfer_net_legacy: 10.37.0.0/18
bgp_ipv6_transfer_net_legacy: fd37:b4dc:4b1e::/64
bgp_groups:
  - ffmwu-gateways
  - ffmwu-mesh-services
  - ffmwu-monitoring

wireguard_networks:
  - ipv4: 10.87.253.0/31
    ipv6: fd86:b4dc:4b1e:fd::/127
    peers:
      - lotuswurzel
      - spinat
    port: 50000
  - ipv4: 10.87.253.2/31
    ipv6: fd86:b4dc:4b1e:fd::2/127
    peers:
      - lotuswurzel
      - wasserfloh
    port: 50001
  - ipv4: 10.87.253.4/31
    ipv6: fd86:b4dc:4b1e:fd::4/127
    peers:
      - lotuswurzel
      - uffschnitt
    port: 50002
  - ipv4: 10.87.253.6/31
    ipv6: fd86:b4dc:4b1e:fd::6/127
    peers:
      - lotuswurzel
      - ingwer
    port: 50003
  - ipv4: 10.87.253.8/31
    ipv6: fd86:b4dc:4b1e:fd::8/127
    peers:
      - spinat
      - wasserfloh
    port: 50004
  - ipv4: 10.87.253.10/31
    ipv6: fd86:b4dc:4b1e:fd::a/127
    peers:
      - spinat
      - uffschnitt
    port: 50005
  - ipv4: 10.87.253.12/31
    ipv6: fd86:b4dc:4b1e:fd::c/127
    peers:
      - spinat
      - ingwer
    port: 50006
  - ipv4: 10.87.253.14/31
    ipv6: fd86:b4dc:4b1e:fd::e/127
    peers:
      - ingwer
      - wasserfloh
    port: 50007
  - ipv4: 10.87.253.16/31
    ipv6: fd86:b4dc:4b1e:fd::10/127
    peers:
      - wasserfloh
      - uffschnitt
    port: 50008
  - ipv4: 10.87.253.18/31
    ipv6: fd86:b4dc:4b1e:fd::12/127
    peers:
      - ingwer
      - uffschnitt
    port: 50009
  - ipv4: 10.87.253.20/31
    ipv6: fd86:b4dc:4b1e:fd::14/127
    peers:
      - lotuswurzel
      - kichererbse
    port: 50010
#  - ipv4: 10.87.253.22/31
#    ipv6: fd86:b4dc:4b1e:fd::16/127
#    peers:
#      - lotuswurzel
#      - zuckerwatte
#    port: 50011
#  - ipv4: 10.87.253.24/31
#    ipv6: fd86:b4dc:4b1e:fd::18/127
#    peers:
#      - lotuswurzel
#      - glueckskeks
#    port: 50012
#  - ipv4: 10.87.253.26/31
#    ipv6: fd86:b4dc:4b1e:fd::1a/127
#    peers:
#      - lotuswurzel
#      - aubergine
#    port: 50013
  - ipv4: 10.87.253.28/31
    ipv6: fd86:b4dc:4b1e:fd::1c/127
    peers:
      - spinat
      - kichererbse
    port: 50014
#  - ipv4: 10.87.253.30/31
#    ipv6: fd86:b4dc:4b1e:fd::1e/127
#    peers:
#      - spinat
#      - zuckerwatte
#    port: 50015
#  - ipv4: 10.87.253.32/31
#    ipv6: fd86:b4dc:4b1e:fd::20/127
#    peers:
#      - spinat
#      - glueckskeks
#    port: 50016
#  - ipv4: 10.87.253.34/31
#    ipv6: fd86:b4dc:4b1e:fd::22/127
#    peers:
#      - spinat
#      - aubergine
#    port: 50017
  - ipv4: 10.87.253.36/31
    ipv6: fd86:b4dc:4b1e:fd::24/127
    peers:
      - wasserfloh
      - kichererbse
    port: 50018
#  - ipv4: 10.87.253.38/31
#    ipv6: fd86:b4dc:4b1e:fd::26/127
#    peers:
#      - wasserfloh
#      - zuckerwatte
#    port: 50019
#  - ipv4: 10.87.253.40/31
#    ipv6: fd86:b4dc:4b1e:fd::28/127
#    peers:
#      - wasserfloh
#      - glueckskeks
#    port: 50020
#  - ipv4: 10.87.253.42/31
#    ipv6: fd86:b4dc:4b1e:fd::2a/127
#    peers:
#      - wasserfloh
#      - aubergine
#    port: 50021
  - ipv4: 10.87.253.44/31
    ipv6: fd86:b4dc:4b1e:fd::2c/127
    peers:
      - uffschnitt
      - kichererbse
    port: 50022
#  - ipv4: 10.87.253.46/31
#    ipv6: fd86:b4dc:4b1e:fd::2e/127
#    peers:
#      - uffschnitt
#      - zuckerwatte
#    port: 50023
#  - ipv4: 10.87.253.48/31
#    ipv6: fd86:b4dc:4b1e:fd::30/127
#    peers:
#      - uffschnitt
#      - glueckskeks
#    port: 50024
#  - ipv4: 10.87.253.50/31
#    ipv6: fd86:b4dc:4b1e:fd::32/127
#    peers:
#      - uffschnitt
#      - aubergine
#    port: 50025
  - ipv4: 10.87.253.52/31
    ipv6: fd86:b4dc:4b1e:fd::34/127
    peers:
      - ingwer
      - kichererbse
    port: 50026
#  - ipv4: 10.87.253.54/31
#    ipv6: fd86:b4dc:4b1e:fd::36/127
#    peers:
#      - ingwer
#      - zuckerwatte
#    port: 50027
#  - ipv4: 10.87.253.56/31
#    ipv6: fd86:b4dc:4b1e:fd::38/127
#    peers:
#      - ingwer
#      - glueckskeks
#    port: 50028
#  - ipv4: 10.87.253.58/31
#    ipv6: fd86:b4dc:4b1e:fd::3a/127
#    peers:
#      - ingwer
#      - aubergine
#    port: 50029
  - ipv4: 10.87.253.60/31
    ipv6: fd86:b4dc:4b1e:fd::34/127
    peers:
      - lotuswurzel
      - suesskartoffel
    port: 50030
  - ipv4: 10.87.253.62/31
    ipv6: fd86:b4dc:4b1e:fd::36/127
    peers:
      - spinat
      - suesskartoffel
    port: 50031
  - ipv4: 10.87.253.64/31
    ipv6: fd86:b4dc:4b1e:fd::38/127
    peers:
      - ingwer
      - suesskartoffel
    port: 50032
  - ipv4: 10.87.253.66/31
    ipv6: fd86:b4dc:4b1e:fd::3a/127
    peers:
      - wasserfloh
      - suesskartoffel
    port: 50033
  - ipv4: 10.87.253.68/31
    ipv6: fd86:b4dc:4b1e:fd::3c/127
    peers:
      - uffschnitt
      - suesskartoffel
    port: 50034
  - ipv4: 10.87.253.70/31
    ipv6: fd86:b4dc:4b1e:fd::3e/127
    peers:
      - kichererbse
      - suesskartoffel
    port: 50036

fastd_groups:
  - ffmwu-gateways
  - ffmwu-monitoring

prometheus_groups:
  - ffmwu-gateways
  - ffmwu-mesh-services
  - ffmwu-monitoring

node_exporter_opts: "--collector.systemd"

http_domain_internal: ffmwu.org
http_domain_external: freifunk-mwu.de

mail_domain: freifunk-mwu.de

acme_server: zuckerwatte

git_path: "/home/admin/clones"

gopath: "/opt/go"

meshes:
  - id: dom0
    domain_number: 0
    domain_code: dom0
    domain_name: Domain 0
    aliases:
      umland: Umland
    ipv4_network: 10.86.0.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e::/64
    ipv6_public:
      - 2a03:2260:11a:ff::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom0vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom0igvpn

  - id: dom1
    domain_number: 1
    domain_code: dom1
    domain_name: Domain 1
    aliases:
      mainz: Mainz
    ipv4_network: 10.86.16.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e:1::/64
    ipv6_public:
      - 2a03:2260:11a:1::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom1vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom1igvpn

  - id: dom2
    domain_number: 2
    domain_code: dom2
    domain_name: Domain 2
    aliases:
      wiesbaden: Wiesbaden
    ipv4_network: 10.86.32.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e:2::/64
    ipv6_public:
      - 2a03:2260:11a:2::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom2vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom2igvpn

  - id: dom3
    domain_number: 3
    domain_code: dom3
    domain_name: Domain 3
    aliases:
      bingen: Bingen
    ipv4_network: 10.86.48.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e:3::/64
    ipv6_public:
      - 2a03:2260:11a:3::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom3vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom3igvpn

  - id: dom4
    domain_number: 4
    domain_code: dom4
    domain_name: Domain 4
    aliases:
      rheingau: Rheingau
    ipv4_network: 10.86.64.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e:4::/64
    ipv6_public:
      - 2a03:2260:11a:4::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom4vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom4igvpn

  - id: dom5
    domain_number: 5
    domain_code: dom5
    domain_name: Domain 5
    aliases:
      taunus: Taunus
    ipv4_network: 10.86.80.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e:5::/64
    ipv6_public:
      - 2a03:2260:11a:5::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom5vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom5igvpn

  - id: dom6
    domain_number: 6
    domain_code: dom6
    domain_name: Domain 6
    aliases:
      limburg: Limburg
    ipv4_network: 10.86.96.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e:6::/64
    ipv6_public:
      - 2a03:2260:11a:6::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom6vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom6igvpn

  - id: dom7
    domain_number: 7
    domain_code: dom7
    domain_name: Domain 7
    aliases:
      weilrod: Weilrod
    ipv4_network: 10.86.112.0/20
    ipv6_ula:
      - fd86:b4dc:4b1e:7::/64
    ipv6_public:
      - 2a03:2260:11a:7::/64
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom7vpn
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
      backbone:
        instances:
          - id: 0
            mtu: 1406
            pass: fastd/dom7igvpn

  - id: mz
    legacy: true
    domain_number: 37
    domain_code: ffmz
    domain_name: Mainz
    aliases:
      ffbin: "Bingen (legacy)"
      ffrhg: "Rheingau (legacy)"
    ipv4_network: 10.37.0.0/18
    ipv6_ula:
      - fd37:b4dc:4b1e::/64
    ipv6_public:
      - 2a03:2260:11a::/64
    dnssl:
      - ffmz.org
      - user.ffmz.org
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 86400
      advpreferredlifetime: 14400
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
            pass: fastd/mzvpn
      backbone:
        instances:
          - id: 0
            mtu: 1406
            peers:
              repo: https://github.com/freifunk-mwu/ffmz-infrastructure-peers.git
              version: master
            pass: fastd/mzigvpn
    http_domain_internal: ffmz.org
    http_domain_external: freifunk-mainz.de

  - id: wi
    legacy: true
    domain_number: 56
    domain_code: ffwi
    domain_name: Wiesbaden
    aliases:
      ffta: "Taunus (legacy)"
    ipv4_network: 10.56.0.0/18
    ipv6_ula:
      - fd56:b4dc:4b1e::/64
    ipv6_public:
      - 2a03:2260:11b::/64
    dnssl:
      - ffwi.org
      - user.ffwi.org
    batman:
      it: 10000
      gw: server 96mbit/96mbit
      mm: 0
      dat: 1
      hop_penalty: 60
    radvd:
      maxrtradvinterval: 900
      advvalidlifetime: 864000
      advpreferredlifetime: 172800
    iface_mtu: 1350
    fastd:
      nodes:
        instances:
          - id: 0
            mtu: 1406
            peers:
              repo: https://github.com/freifunk-mwu/peers-ffmwu.git
              version: master
            pass: fastd/wivpn
      backbone:
        instances:
          - id: 0
            mtu: 1406
            peers:
              repo: https://github.com/freifunk-mwu/ffwi-infrastructure-peers.git
              version: master
            pass: fastd/wiigvpn
    http_domain_internal: ffwi.org
    http_domain_external: wiesbaden.freifunk.net

icvpn:
  prefix: mwu
  interface: icvpn
  icvpn_repo: https://github.com/freifunk/icvpn

bgp_legacy_servers:
  zuckerwatte:
    ipv4: 10.37.1.2
    ipv6: fd37:b4dc:4b1e::a25:102
  aubergine:
    ipv4: 10.37.1.3
    ipv6: fd37:b4dc:4b1e::a25:103
  glueckskeks:
    ipv4: 10.37.1.1
    ipv6: fd37:b4dc:4b1e::a25:101
  extrasahne:
    ipv4: 10.37.0.42
    ipv6: fd37:b4dc:4b1e::a25:2a

dns_internal:
  master_ipv4: 10.87.255.67
  master_ipv6: fd86:b4dc:4b1e:ff::43
  zones:
    - ffmwu.org
    - ffmz.org
    - ffwi.org
    - bb.ffmz.org
    - bb.ffwi.org
    - user.ffmz.org
    - user.ffwi.org
    - ffbin
    - 37.10.in-addr.arpa
    - 56.10.in-addr.arpa
    - 86.10.in-addr.arpa
    - 87.10.in-addr.arpa
    - 0.0.0.0.e.1.b.4.c.d.4.b.7.3.d.f.ip6.arpa
    - 0.0.0.0.e.1.b.4.c.d.4.b.6.5.d.f.ip6.arpa
    - e.1.b.4.c.d.4.b.6.8.d.f.ip6.arpa