# SPDX-License-Identifier: MIT-0
---
# Internal — do not override in inventory.

# Mount points inside containers (Element Pro convention)
_ess_secret_mount: "/secrets/ess-generated"
_ess_conf_mount: "/conf"
_ess_well_known_mount: "/well-known"

# Compose file path
_ess_compose_file: "{{ ess_compose_dir }}/compose.yml"
_ess_env_file: "{{ ess_compose_dir }}/.env"

# Directory tree to create on the host
_ess_dirs:
  - "{{ ess_compose_dir }}"
  - "{{ ess_compose_conf_dir }}"
  - "{{ ess_compose_conf_dir }}/haproxy"
  - "{{ ess_compose_conf_dir }}/haproxy/well-known"
  - "{{ ess_compose_conf_dir }}/synapse"
  - "{{ ess_compose_conf_dir }}/mas"
  - "{{ ess_compose_conf_dir }}/sfu"
  - "{{ ess_compose_conf_dir }}/element-web"
  - "{{ ess_compose_conf_dir }}/postgres"
  - "{{ ess_compose_conf_dir }}/redis"
  - "{{ ess_compose_secrets_dir }}"
  - "{{ ess_compose_data_dir }}"
  - "{{ ess_compose_data_dir }}/postgres"
  - "{{ ess_compose_data_dir }}/synapse-media"

# All Element Pro secret-file names (matches the init-secrets job in the chart)
_ess_secret_names:
  - POSTGRES_ADMIN_PASSWORD
  - POSTGRES_SYNAPSE_PASSWORD
  - POSTGRES_MATRIX_AUTHENTICATION_SERVICE_PASSWORD
  - SYNAPSE_MACAROON
  - SYNAPSE_REGISTRATION_SHARED_SECRET
  - SYNAPSE_WORKERS_REPLICATION_SECRET
  - SYNAPSE_SIGNING_KEY
  - MAS_SYNAPSE_SHARED_SECRET
  - MAS_MATRIX_TOOLS_OIDC_CLIENT_SECRET
  - MAS_ENCRYPTION_SECRET
  - MAS_RSA_PRIVATE_KEY
  - MAS_ECDSA_PRIME256V1_PRIVATE_KEY
  - ELEMENT_CALL_LIVEKIT_SECRET
  - ADMIN_USER_PASSWORD