# Example customer YAML configuration
name: TechCorp Solutions

# Cloud/web services available regardless of VPN connection
services:
  - name: Office 365
    url: https://portal.office.com
    service_type: Email & Office
    description: Microsoft Office suite and email
  
  - name: Pascom Cloud PBX
    url: https://techcorp.pascom.cloud
    service_type: Phone System
    description: Cloud-based phone system
  
  - name: Salesforce CRM
    url: https://techcorp.salesforce.com
    service_type: CRM
    description: Customer relationship management

# Customer locations with VPN configurations
locations:
  - name: Main Office
    vpn_type: OpenVPN
    vpn_config: /etc/openvpn/techcorp-main.ovpn
    
    # VPN credentials - three options:
    # Option 1: Dictionary with username/password
    vpn_credentials:
      username: vpnuser
      password: securepass123
    
    # Option 2: Passbolt UUID (for future implementation when CLI is updated)
    # vpn_credentials: "550e8400-e29b-41d4-a716-446655440000"
    
    # Option 3: Omit or set to null if no credentials needed
    # vpn_credentials: null
    
    # Hosts at this location
    hosts:
      - name: PVE-01
        ip_address: 192.168.1.10
        host_type: Proxmox
        description: Main virtualization server
        services:
          - name: Web Interface
            service_type: Web GUI
            port: 8006
          - name: SSH
            service_type: SSH
            port: 22
        
        # VMs running on this host
        sub_hosts:
          - name: DC-01
            ip_address: 192.168.1.20
            host_type: Windows Server
            description: Domain Controller
            services:
              - name: RDP
                service_type: RDP
                port: 3389
              - name: Admin Web
                service_type: Web GUI
                port: 8080
          
          - name: FILE-01
            ip_address: 192.168.1.21
            host_type: Linux
            description: File Server (Samba)
            services:
              - name: SSH
                service_type: SSH
                port: 22
              - name: SMB Share
                service_type: SMB
                port: 445
              - name: Web Panel
                service_type: Web GUI
                port: 9000
          
          - name: DB-01
            ip_address: 192.168.1.22
            host_type: Linux
            description: PostgreSQL Database
            services:
              - name: SSH
                service_type: SSH
                port: 22
              - name: PostgreSQL
                service_type: Database
                port: 5432
              - name: pgAdmin
                service_type: Web GUI
                port: 5050
      
      - name: FW-01
        ip_address: 192.168.1.1
        host_type: Router
        description: pfSense Firewall/Router
        services:
          - name: Web Interface
            service_type: Web GUI
            port: 443
          - name: SSH
            service_type: SSH
            port: 22
      
      - name: SW-01
        ip_address: 192.168.1.2
        host_type: Switch
        description: Managed Switch
        services:
          - name: Web Interface
            service_type: Web GUI
            port: 80
          - name: SSH
            service_type: SSH
            port: 22
  
  - name: Branch Office
    vpn_type: WireGuard
    vpn_config: /etc/wireguard/techcorp-branch.conf
    
    # No credentials needed for WireGuard (uses keys in config file)
    vpn_credentials: null
    
    hosts:
      - name: BRANCH-01
        ip_address: 10.10.1.10
        host_type: Linux
        description: Branch office server
        services:
          - name: SSH
            service_type: SSH
            port: 22
          - name: File Share
            service_type: SMB
            port: 445
          - name: Local Web
            service_type: Web GUI
            port: 8080