---
dns_primary: 1.1.1.1
dns_secondary: 1.0.0.1
dns_over_https: false

gateway_server_ip: 10.0.0.2
actual_gateway_ip: 10.0.0.1
wireguard_server_ip: 10.0.0.8 # static route to webers through this server
gateway_internal_interface: enp3s0
# TODO split out static route in dhcpd.conf.j2 (currently hardcoded)


wg_interface: wg0
wg_private_key: "{{ vaulted_wg_private_key }}"
wg_address: "{{ vaulted_wg_address }}"
wg_allowed_ips: 0.0.0.0/0,::0/0
wg_info: "{{ vaulted_wg_info | shuffle | first }}"
wg_public_key: "{{ wg_info.pubkey }}"
wg_endpoint: "{{ wg_info.endpoint }}"

dhcp_cidr: 10.0.0.0
dhcp_netmask: 255.255.255.0
dhcp_range_start: 10.0.0.100
dhcp_range_end: 10.0.0.200
dhcp_routers: "{{ actual_gateway_ip }}"

allowed_access_cidrs:
  - 10.0.0.0/24

allowed_services:
  - dns
  - dhcp

status_services:
  - wg-quick@wg0
  - unbound
  - dhcpd

reservations:
  - type: default
    name: gateway
    mac: 00:e0:4c:68:01:ad # internal
    ip: 10.0.0.2

  - type: default
    name: netgearap
    mac: 94:a6:7e:58:3a:9f
    #mac: 10:da:43:8c:a3:13
    ip: 10.0.0.3

  - type: secured
    name: nas
    mac: fc:aa:14:86:9d:7b
    ip: 10.0.0.4

  - type: secured
    name: kodimb
    mac: e4:5f:01:4f:7c:74
    ip: 10.0.0.5

  - type: secured
    name: kodilv
    mac: 48:21:0b:26:31:34
    #mac: dc:a6:32:b4:ed:be # busted pi
    ip: 10.0.0.6

  - type: secured
    name: kodijb
    mac: dc:a6:32:69:fc:80
    ip: 10.0.0.7

  - type: default
    name: tvheadend
    mac: 00:11:2f:fd:52:ba
    ip: 10.0.0.8

  - type: secured
    name: arm
    mac: 10:bf:48:d4:d5:fc
    ip: 10.0.0.9

  - type: default
    name: arm2 # don't know
    mac: 00:25:4b:bc:cc:e0
    ip: 10.0.0.10

  - type: devnull
    name: ipcameras
    mac: 9c:8e:cd:2e:51:9c
    ip: 10.0.0.11

  - type: default
    name: retropie
    mac: b8:27:eb:42:71:dc
    ip: 10.0.0.12

  - type: default
    name: kitchen
    mac: 68:a3:c4:16:fb:74
    ip: 10.0.0.15

  - type: default
    name: x10
    mac: b8:27:eb:7c:f3:ff
    ip: 10.0.0.16

  - type: default
    name: brother-print-server
    mac: 80:1f:02:4a:cd:cf
    ip: 10.0.0.17

  - type: default
    name: dellxps
    mac: f0:1f:af:36:0c:48
    ip: 10.0.0.19

  - type: devnull
    name: zoom
    mac: 00:12:41:ba:5c:00
    ip: 10.0.0.20

  # Ricky's Camera joystick manually set to 10.0.0.21

  - type: default
    name: k8s-host
    mac: 1c:69:7a:0f:d3:a4
    ip: 10.0.0.25

  # will set cameras to 10.0.0.30

  - type: default
    name: nixos-laptop
    mac: 28:d2:44:d8:7f:95
    ip: 10.0.0.40

  # Ricky's new laptop wifi manually set to 10.0.0.41

  # Ricky's old laptop manually set to 10.0.0.42

  # Ricky's new laptop ethernet manually set to 10.0.0.43

  - type: cloudflare
    name: blaine-work-laptop
    mac: 08:3a:88:57:ab:fa
    ip: 10.0.0.45

  - type: default
    name: s7
    mac: 8c:f5:a3:6a:55:f6
    ip: 10.0.0.51

  - type: default
    name: t440s-ethernet
    mac: 68:f7:28:21:36:60
    ip: 10.0.0.52

  - type: default
    name: t440s-wifi
    mac: a4:c4:94:df:2f:c3
    ip: 10.0.0.53

  - type: default
    name: blaine-iphone
    mac: f0:a3:5a:95:b4:cd
    ip: 10.0.0.54

  - type: default
    name: xen-titanium
    mac: f0:57:a6:87:50:23
    ip: 10.0.0.55

  - type: cloudflare
    name: julie-macbook
    mac: b8:8d:12:36:f1:16
    ip: 10.0.0.90

  # Ken is using 10.0.0.91

  - type: devnull
    name: cameradvr
    mac: 00:12:41:12:e5:22
    ip: 10.0.0.158

  - type: devnull
    name: backyard-camera
    mac: 00:2a:2a:5c:06:9a
    ip: 10.0.0.173

  - type: default
    name: netgear-switch1
    mac: cc:40:d0:4c:3a:b6
    ip: 10.0.0.254