---
ansible_ssh_private_key_secret: dataplane-adoption-secret

default_timesync_ntp_servers:
  - hostname: pool.ntp.org

swift_conversion_nodeset_name: openstack-edpm-ipam
swift_conversion_deployment_name: openstack-edpm-ipam

edpm_node_hostname: edpm-swift-0
edpm_user: root

edpm_bootstrap_command: |
  # This is a hack to deploy RDO Delorean repos to RHEL as if it were Centos 9 Stream
  set -euxo pipefail
  curl -sL https://github.com/openstack-k8s-operators/repo-setup/archive/refs/heads/main.tar.gz | tar -xz
  python3 -m venv ./venv
  PBR_VERSION=0.0.0 ./venv/bin/pip install ./repo-setup-main
  # This is required for FIPS enabled until trunk.rdoproject.org
  # is not being served from a centos7 host, tracked by
  # https://issues.redhat.com/browse/RHOSZUUL-1517
  dnf -y install crypto-policies
  update-crypto-policies --set FIPS:NO-ENFORCE-EMS
  ./venv/bin/repo-setup current-podified -b antelope -d centos9 --stream
  rm -rf repo-setup-main

swift_conversion_nodeset: |
  apiVersion: dataplane.openstack.org/v1beta1
  kind: OpenStackDataPlaneNodeSet
  metadata:
    name: {{ swift_conversion_nodeset_name }}
  spec:
    preProvisioned: true
    networkAttachments:
    - ctlplane
    - storage
    nodeTemplate:
      ansible:
        ansibleUser: {{ edpm_user }}
        ansibleVars:
          edpm_swift_disks: []
          edpm_bootstrap_release_version_package: []
          edpm_bootstrap_command: |
            {{ edpm_bootstrap_command| indent(10) }}
          edpm_nodes_validation_validate_controllers_icmp: false
          edpm_nodes_validation_validate_gateway_icmp: false
          edpm_service_removal_skip_list:
          - tripleo-container-shutdown.service
          edpm_sshd_allowed_ranges:
          - 192.168.122.0/24
          enable_debug: false
          gather_facts: false
          timesync_ntp_servers: {{ timesync_ntp_servers | default(default_timesync_ntp_servers) }}
      ansibleSSHPrivateKeySecret: {{ ansible_ssh_private_key_secret }}
      managementNetwork: ctlplane
    nodes:
      standalone:
        ansible:
          ansibleHost: "{{ standalone_ip | default(edpm_node_ip) }}"
          ansibleVars:
            edpm_swift_disks: []
        hostName: "{{ edpm_node_hostname }}"
        networks:
        - defaultRoute: true
          fixedIP: "{{ standalone_ip | default(edpm_node_ip) }}"
          name: ctlplane
          subnetName: subnet1
        - name: internalapi
          subnetName: subnet2
        - name: storage
          subnetName: subnet3
        - name: tenant
          subnetName: subnet4
    services:
    - bootstrap
    - download-cache
    - install-os
    - configure-os
    - ssh-known-hosts
    - run-os
    - reboot-os
    - install-certs
    - swift-conversion
    tlsEnabled: {{ enable_tlse }}