--- # --- # vars used by roles/common/tasks/apt.yml # --- apt_manage_sources_list: true apt_src_enable: true apt_backports_enable: true apt_debian_mirror: http://ftp.de.debian.org/debian/ apt_debian_contrib_nonfree_enable: true # Ubuntu mirror apt_ubuntu_mirror: http://archive.ubuntu.com/ubuntu apt_update_cache_valid_time: 3600 apt_upgrade: true apt_update: true apt_clean: true apt_autoremove: true apt_dpkg_configure: true apt_upgrade_type: dist apt_upgrade_dpkg_options: - force-confdef - force-confold apt_initial_install_stretch: - apt-transport-https - dbus - openssh-server - rssh - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - rcconf - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - exuberant-ctags - mime-support - file - coreutils - moreutils - less - realpath - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.24 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man-db - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - socat apt_initial_install_buster: - apt-transport-https - dbus - openssh-server - rush - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - rcconf - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - ctags - mime-support - file - coreutils - moreutils - less - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.28 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libio-compress-perl - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - socat apt_initial_install_xenial: - apt-transport-https - dbus - openssh-server - rush - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - ctags - mime-support - file - coreutils - moreutils - less - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.22 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libio-compress-perl - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - ifupdown - socat apt_initial_install_bionic: - apt-transport-https - dbus - openssh-server - rush - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - ctags - mime-support - file - coreutils - moreutils - less - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.26 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libio-compress-perl - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - ifupdown - socat microcode_package: - intel-microcode - amd64-microcode apt_install_state: latest apt_remove: - apt-transport-tor - tor - tor-geoipdb - torsocks - netplan.io apt_remove_purge: false # --- # Samba # --- apt_install_server_samba: - samba apt_install_client_samba: - samba-client - samba-common # --- # CUPS # --- apt_install_server_cups_buster: - cups apt_install_client_cups: - cups - cups-client - cups-common - cups-ppdc - cups-bsd - cups-filters-ippusbxd - lsb-printing - hpijs-ppds - printer-driver-hpcups # --- # NFS # --- nfs_server: 192.168.82.10 # Set 'fs_encrypted' to true if filesystem lives on an encrypted # partition. # nfs_exports: - src: 192.168.82.10:/data/home path: /data/home mount_opts: user,exec,rsize=8192,wsize=8192,hard,intr export_opt: rw,fsid=0,root_squash,sync,subtree_check export_networks: - 192.168.82.0/24 - 10.0.82.0/24 - 10.1.82.0/24 - 192.168.63.0/24 fs_encrypted: false # --- # Samba / NIS # --- samba_server: file-akb.akb.netz samba_shares: - name: Transfer user: - anna - buero - chris - jibran - praktikum - maica - julia - fsj - thomas - frauke - name: Verwaltung user: - anna - jonas - buero - birgit - chris - jibran - praktikum - maica - julia - fsj - thomas - frauke - name: Scans user: - anna - buero - birgit - chris - jibran - praktikum - maica - julia - fsj - thomas - frauke - name: Buero_Scans user: - buero - name: Frauke_Scans user: - frauke - name: FSJ_Scans user: - fsj - name: Jibran_Scans user: - jibran - name: Julia_Scans user: - julia - name: Maica_scans user: - maica - name: Thomas_Scans user: - thomas - name: Birgit_Scans user: - birgit - name: Kamera user: - anna - buero - chris - kamera - praktikum - maica - thomas - frauke - name: Install user: - anna - buero - chris - kamera - praktikum - maica - thomas - frauke nis_domain: akb.netz nis_server_address: 192.168.82.10 nis_server_name: file-akb.akb.netz nis_common_packages: - nis - nscd nis_deleted_user: - name: frank nis_base_home: /data/home nis_groups: - name: intern group_id: 119 - name: verwaltung group_id: 1010 - name: transfer group_id: 1011 - name: scans group_id: 1012 nis_user: - name: chris groups: - intern - verwaltung - transfer - scans - lpadmin is_samba_user: true password: !vault | $ANSIBLE_VAULT;1.1;AES256 38643435653764393333613564393733666139656264343833333632373938323230393036303234 3633303562636465643930643961663165646237386664370a386362346162313037353163383365 61343263386239316164613935633062343165363863376462653165306464633136313839343962 3865353333373661390a643564386432643532396632323664383330646430613033643130626430 6139 - name: sysadm groups: [] is_samba_user: false password: '9xFXkdPR_2' - name: anna groups: - intern - verwaltung - transfer - scans - lpadmin is_samba_user: true password: 'an20na11' - name: buero groups: - intern - verwaltung - transfer - scans - lpadmin is_samba_user: true password: 'buero2011' - name: frauke groups: - intern - verwaltung - transfer - scans - lpadmin is_samba_user: true password: 'frau20ke19!' - name: fsj groups: - verwaltung - transfer - scans is_samba_user: true password: 'IbFiBdA' - name: jibran groups: - intern - verwaltung - transfer - scans - lpadmin is_samba_user: true password: '20jib15ran' - name: jonas groups: - intern - verwaltung - transfer - scans - lpadmin is_samba_user: true password: '20jo11nas' - name: julia groups: - verwaltung - transfer - scans is_samba_user: true password: '20-julia-16_!' - name: kamera groups: - verwaltung - transfer - scans is_samba_user: true password: 'tfC9BVmH' - name: maica groups: - intern - verwaltung - transfer - scans - lpadmin is_samba_user: true password: 'mai20ca16!' - name: praktikum groups: - verwaltung - transfer - scans is_samba_user: true password: 'praktikum_2016!' - name: thomas groups: - intern - verwaltung - transfer - scans is_samba_user: true password: '20_thomas/19-!' - name: birgit groups: - verwaltung - scans is_samba_user: true password: '20-birgit_20%' # --- # vars used by roles/ansible_dependencies # --- apt_ansible_dependencies: - python - python-apt - python3 - python3-apt - lsb-release - apt-transport-https - dbus - sudo - vim - net-tools - vlan # --- # vars used by roles/ansible_user # --- ssh_keys_admin: - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' ansible_remote_user: - name: chris password: $6$yac6oA6k$W9oRZ9sKVhg16072IlfHWD8Hp4BZh5Wn8rsNYenMhwEm5j1EsQZxzo43jAOv5b63uhkwEczpYyE2EvFvxAh9p/ shell: /bin/bash # --- # vars used by roles/common/tasks/basic.yml # --- time_zone: Europe/Berlin locales: - en_US.UTF-8 - de_DE.UTF-8 set_default_limit_nofile: false # --- # vars used by roles/common/tasks/sudoers.yml # --- sudo_users: - chris - sysadm # /etc/sudoers # sudoers_defaults: - env_reset - mail_badpass - 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' sudoers_host_aliases: [] sudoers_user_aliases: [] sudoers_cmnd_aliases: [] sudoers_runas_aliases: [] sudoers_user_privileges: - name: root entry: 'ALL=(ALL:ALL) ALL' sudoers_group_privileges: [] # /etc/sudoers.d/50-user # sudoers_file_defaults: [] sudoers_file_host_aliases: [] sudoers_file_user_aliases: [] sudoers_file_cmnd_aliases: - name: MOUNT entry: '/bin/mount,/bin/umount' sudoers_file_runas_aliases: []