4 files changed, 21 insertions, 8 deletions

diff --git a/group_vars/all.yml b/group_vars/all.yml
index 40d888c..5066a4d 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -8,6 +8,9 @@ rfc1918_cgnat_networks:
   - 100.64.0.0/10
 
 timezone: "America/Los_Angeles"
+domain: "liz.coffee"
+idm_domain: "idm.{{ domain }}"
+headscale_host: "vpn.{{ domain }}"
 
-# first deployment
-homelab_build: true
+# first deployment?
+homelab_build: false
diff --git a/group_vars/kanidm.yml b/group_vars/kanidm.yml
index 0e871a9..4e508eb 100644
--- a/group_vars/kanidm.yml
+++ b/group_vars/kanidm.yml
@@ -1,5 +1,4 @@
 ---
 
 kanidm_base: "{{ swarm_base }}/kanidm"
-kanidm_host: "idm.liz.coffee"
 
diff --git a/group_vars/outbound.yml b/group_vars/outbound.yml
index c8cde32..0dac73a 100644
--- a/group_vars/outbound.yml
+++ b/group_vars/outbound.yml
@@ -1,10 +1,21 @@
 ---
 
-headscale_host: 'vpn.liz.coffee'
 headscale_url: 'https://{{ headscale_host }}'
-headscale_base_domain: 'vpn.liz.coffee'
+headscale_base_domain: '{{ headscale_host }}'
 headscale_port: '8080'
-headscale_listen_addr: '127.0.0.1:{{ headscale_port }}'
+headscale_listen_addr: '0.0.0.0:{{ headscale_port }}'
 
 headscale_dns_for_connected_clients_1: '1.1.1.1'
 headscale_dns_for_connected_clients_2: '1.0.0.1'
+
+generate_api_key: '{{ homelab_build }}'
+api_key_expiration: '1y'
+generate_auth_key: '{{ homelab_build }}'
+auth_key_expiration: '1y'
+auth_key_user: 'pocketmonsters'
+
+headscale_allowed_users:
+  - liz
+  - lucina
+  - riley
+  - "{{ auth_key_user }}"
diff --git a/group_vars/traefik.yml b/group_vars/traefik.yml
index 85d890b..75d7e0f 100644
--- a/group_vars/traefik.yml
+++ b/group_vars/traefik.yml
@@ -1,6 +1,6 @@
 ---
 
-# super incredible processing servers
-traefik_domain: sips.liz.coffee
+# super internal private servers
+traefik_domain: "sips.{{ domain }}"
 certs_email: "{{ cloudflare_email }}"
 traefik_base: "{{ swarm_base }}/traefik"