--- # ========== # vars used by roles/common/tasks/basic.yml # ========== time_zone: Europe/Berlin locales: - en_US.UTF-8 - de_DE.UTF-8 set_default_limit_nofile: false # ========== # vars used by roles/common/tasks/sshd.yml # ========== sshd_ports: - 22 sshd_listen_address: - '::' - '0.0.0.0' sshd_host_keys: - /etc/ssh/ssh_host_rsa_key - /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ed25519_key sshd_max_startups: !!str "10:30:100" sshd_max_auth_tries: 3 sshd_max_sessions: 10 sshd_permit_root_login: !!str "no" sshd_authorized_keys_file: ".ssh/authorized_keys .ssh/authorized_keys2" sshd_pubkey_authentication: !!str "yes" sshd_password_authentication: !!str "no" sshd_use_pam: !!str "yes" sshd_print_motd: !!str "no" # sshd_kexalgorithms # # Example: # sshd_kexalgorithms: # - curve25519-sha256@libssh.org # - diffie-hellman-group-exchange-sha256 # - diffie-hellman-group14-sha1 # sshd_kexalgorithms: {} # sshd_kexalgorithms # # Example: # sshd_ciphers: # - chacha20-poly1305@openssh.com # - aes256-gcm@openssh.com # - aes256-ctr sshd_ciphers: {} sshd_use_dns: !!str "no" sshd_allowed_users: {} # ========== # vars used by roles/common/tasks/apt.yml # ========== apt_manage_sources_list: true apt_src_enable: true apt_backports_enable: true apt_debian_mirror: http://ftp.de.debian.org/debian/ apt_debian_contrib_nonfree_enable: true # Ubuntu mirror apt_ubuntu_mirror: http://archive.ubuntu.com/ubuntu apt_update_cache_valid_time: 3600 apt_upgrade: true apt_update: true apt_clean: true apt_autoremove: true apt_dpkg_configure: true apt_upgrade_type: dist apt_upgrade_dpkg_options: - force-confdef - force-confold apt_initial_install_stretch: - apt-transport-https - dbus - openssh-server - rssh - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - rcconf - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - exuberant-ctags - mime-support - file - coreutils - moreutils - less - realpath - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.24 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man-db - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - socat - wakeonlan apt_initial_install_buster: - apt-transport-https - dbus - openssh-server - rush - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - rcconf - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - ctags - mime-support - file - coreutils - moreutils - less - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.28 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libio-compress-perl - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - socat - wakeonlan apt_initial_install_xenial: - apt-transport-https - dbus - openssh-server - rush - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - ctags - mime-support - file - coreutils - moreutils - less - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.22 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libio-compress-perl - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - ifupdown - socat apt_initial_install_bionic: - apt-transport-https - dbus - openssh-server - rush - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - ctags - mime-support - file - coreutils - moreutils - less - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.26 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libio-compress-perl - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart - ifupdown - socat microcode_intel_package: - intel-microcode microcode_amd_package: - amd64-microcode firmware_packages: - firmware-linux firmware_non_free_packages: - firmware-linux-nonfree apt_install_state: latest apt_remove: - apt-transport-tor - tor - tor-geoipdb - torsocks apt_remove_xenial: apt_remove_bionic: apt_remove_purge: false # ========== # vars used by roles/common/tasks/git.yml # ========== # --- # default # --- git_default_repositories: # script repositories (destination /root/bin/) - name: admin-stuff repo: https://git.oopen.de/script/admin-stuff dest: /root/bin/admin-stuff # --- # group [file_server] # --- git_oopen_server_repositories: # install repositories (destination: /usr/local/src/) # mailsystem - name: mailsystem repo: https://git.oopen.de/install/mailsystem dest: /usr/local/src/mailsystem # script repositories (destination /root/bin/) # Monitoring - name: monitoring repo: https://git.oopen.de/script/monitoring dest: /root/bin/monitoring # script repositories (destination /root/bin/) - name: backup-rcopy repo: https://git.oopen.de/backup/backup-rcopy dest: /root/crontab/backup-rcopy # --- # group [samba_server] # --- git_samba_repositories: # script repositories (destination /root/bin/) - name: samba repo: https://git.oopen.de/script/samba dest: /root/bin/samba # --- # group [gateway_server] # --- git_gateway_repositories: # install repositories (destination: /usr/local/src/) # mailsystem - name: mailsystem repo: https://git.oopen.de/install/mailsystem dest: /usr/local/src/mailsystem # firewall - name: ipt-gateway repo: https://git.oopen.de/firewall/ipt-gateway dest: /usr/local/src/ipt-gateway # script repositories (destination /root/bin/) # Monitoring - name: monitoring repo: https://git.oopen.de/script/monitoring dest: /root/bin/monitoring # ========== # vars used by roles/common/tasks/cups-install.yml # ========== apt_install_server_cups_buster: - cups apt_install_client_cups: - cups - cups-client - cups-common - cups-ppdc - cups-bsd - cups-filters-ippusbxd - lsb-printing - hpijs-ppds - printer-driver-hpcups # ========== # vars used by roles/common/tasks/ntp.yml # ========== # name or ip-adress from the (local) ntp server, mostly the gateway # ntp_server: gw-flr.flr.netz # ========== # vars used by roles/common/tasks/nfs.yml # ========== nfs_server: 192.168.102.10 # Set 'fs_encrypted' to true if filesystem lives on an encrypted # partition. # nfs_exports: - src: 192.168.102.10:/data/home path: /data/home mount_opts: users,rsize=8192,wsize=8192,hard,intr export_opt: rw,root_squash,sync,subtree_check export_networks: - 192.168.102.0/24 - 10.0.102.0/24 - 10.1.102.0/24 - 192.168.63.0/24 fs_encrypted: false # ========== # vars used by roles/common/tasks/system-user.yml # ========== # ! Notice ! # # On NIS supported Server put your users and groups in the # appropriate section for playbook 'nis-user.yml' # # ! Notice ! remove_system_users: [] system_users: [] #system_users: # - name: sysadm # password: '9xFXkdPR_2' system_groups: [] base_home: /home # ========== # vars used by roles/common/tasks/nis-install-server.yml # vars used by roles/common/tasks/nis-user.yml # vars used by roles/common/tasks/nis-install-client.yml # ========== # used by templates # - yp.conf.j2 # - defaultdomain.j2 nis_domain: flr.netz nis_server_address: 192.168.102.10 nis_server_name: file-flr.flr.netz nis_common_packages: - nis - nscd nis_base_home: /data/home nis_groups: - name: esf group_id: 1021 - name: buero group_id: 1022 - name: verwaltung group_id: 1023 remove_nis_users: [] #remove_nis_users: # - name: test # - name: ivana nis_user: - name: chris groups: - esf - buero - verwaltung is_samba_user: true password: !vault | $ANSIBLE_VAULT;1.1;AES256 38643435653764393333613564393733666139656264343833333632373938323230393036303234 3633303562636465643930643961663165646237386664370a386362346162313037353163383365 61343263386239316164613935633062343165363863376462653165306464633136313839343962 3865353333373661390a643564386432643532396632323664383330646430613033643130626430 6139 - name: mara groups: - esf is_samba_user: true password: '20/mara_16!' - name: flr groups: - buero is_samba_user: true password: '20-flr-brb_18' - name: hannah groups: - esf - buero - verwaltung is_samba_user: true password: 'Y7ef%9+V_LoE' - name: kamue groups: - buero - verwaltung is_samba_user: true password: '20_katha-mue%19' - name: lotta groups: - buero - verwaltung is_samba_user: true password: '20_lotta_15!' - name: mustafa groups: - buero is_samba_user: true password: 'mu-20-sta-21_%!' - name: kirstin groups: - esf - buero - verwaltung is_samba_user: true password: '20_kir-17-stin!' - name: pierre groups: - esf - buero is_samba_user: true password: '20_pierre16!20' - name: verwaltung groups: - verwaltung is_samba_user: false password: 'pLq3PvFRz7mx' - name: vincent groups: - esf - buero is_samba_user: true password: 'vin-20-cent_21!' - name: buero groups: - buero is_samba_user: false password: 'dH3C4x7sfVj3' # ========== # vars used by roles/common/tasks/samba-install.yml # ========== apt_install_server_samba: - samba - nscd # - winbind apt_install_client_samba: - samba-client - samba-common samba_server: file-flr.flr.netz samba_cronjob_trash_dirs: name: Clean up Samba Trash Dirs minute: "02" hour: "23" day: "*" month: "*" weekday: '*' user: root job: "/root/bin/samba/clean_samba_trash.sh" samba_cronjob_permissions: name: Set (group and access) Permissons for Samba shares minute: "14" hour: "23" day: "*" month: "*" weekday: '*' user: root job: "/root/bin/samba/set_permissions_samba_shares.sh" # ========== # vars used by roles/common/tasks/samba-user.yml # ========== # ! Notice ! # # variables used from other previos sections: # # - remove_system_users: roles/common/tasks/system-user.yml # - remove_nis_users: roles/common/tasks/nis-install-server.yml # - nis_user: roles/common/tasks/nis-install-server.yml # ========== # vars used by roles/common/tasks/mount_samba_shares.yml # ========== # ! Notice ! # # variables used from other previos sections: # # - nis_user: roles/common/tasks/nis-install-server.yml samba_workgroup: FLR samba_netbios_name: FILE-FLR samba_shares: - name: Altlasten path: /data/samba/Altlasten group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Archiv path: /data/samba/Archiv group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Buchhaltung path: /data/samba/Buchhaltung group_valid_users: verwaltung group_write_list: verwaltung file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - hannah - marina - name: Buero path: /data/samba/Buero group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Buero_und_Film path: /data/samba/Buero_und_Film group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Datenbank path: /data/samba/Datenbank group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Einzelfaelle path: /data/samba/Einzelfaelle group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: ESF-Teilnehmende path: /data/samba/ESF-Teilnehmende group_valid_users: esf group_write_list: esf file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - hannah - kirstin - mara - marina - pierre - vincent - name: Finanzen path: /data/samba/Finanzen group_valid_users: verwaltung group_write_list: verwaltung file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - hannah - marina - name: Foerderverein path: /data/samba/Foerderverein group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: FR path: /data/samba/FR group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: install path: /data/samba/install group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - name: Personal path: /data/samba/Personal group_valid_users: verwaltung group_write_list: verwaltung file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - hannah - marina - name: Praktikum path: /data/samba/Praktikum group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Pressearchiv path: /data/samba/Pressearchiv group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Projektarbeit path: /data/samba/Projektarbeit group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent - name: Projektverwaltung path: /data/samba/Projektverwaltung group_valid_users: buero group_write_list: buero file_create_mask: '0660' dir_create_mask: '2770' vfs_object_recycle: true recycle_path: '@Recycle.Bin' user: - chris - flr - hannah - kamue - marina - mustafa - kirstin - pierre - vincent # ========== # vars used by roles/common/tasks/system-user-systemfiles.yml # ========== # ! Notice ! # # variables used from other previos sections: # # - system_users: roles/common/tasks/system-user.yml # ========== # vars used by roles/common/tasks/nis-user-systemfiles.yml # ========== # ! Notice ! # # variables used from other previos sections: # # - nis_user: roles/common/tasks/nis-install-server.yml # ========== # vars used by roles/common/tasks/sudoers-pc.yml # ========== sudo_pc_users: - chris - sysadm # /etc/sudoers # sudoers_pc_defaults: - env_reset - mail_badpass - 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' sudoers_pc_host_aliases: [] sudoers_pc_user_aliases: [] sudoers_pc_cmnd_aliases: [] sudoers_pc_runas_aliases: [] sudoers_pc_user_privileges: - name: root entry: 'ALL=(ALL:ALL) ALL' sudoers_pc_group_privileges: [] # /etc/sudoers.d/50-user # sudoers_pc_file_defaults: [] sudoers_pc_file_host_aliases: [] sudoers_pc_file_user_aliases: [] sudoers_pc_file_cmnd_aliases: - name: MOUNT entry: '/bin/mount,/bin/umount' sudoers_pc_file_runas_aliases: [] # ========== # vars used by roles/common/tasks/sudoers-server.yml # ========== sudo_server_users: - chris - sysadm # /etc/sudoers # sudoers_server_defaults: - env_reset - mail_badpass - 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' sudoers_server_host_aliases: [] sudoers_server_user_aliases: [] sudoers_server_cmnd_aliases: [] sudoers_server_runas_aliases: [] sudoers_server_user_privileges: - name: root entry: 'ALL=(ALL:ALL) ALL' sudoers_server_group_privileges: [] sudoers_server_remove_user: - back - www-data # /etc/sudoers.d/50-user # sudoers_server_file_defaults: [] sudoers_server_file_host_aliases: [] sudoers_server_file_user_aliases: [] sudoers_server_file_cmnd_aliases: [] sudoers_server_file_runas_aliases: [] sudoers_server_file_user_back_privileges: - 'ALL=(root) NOPASSWD: /usr/bin/rsync' - 'ALL=(root) NOPASSWD: /usr/bin/find' - 'ALL=(root) NOPASSWD: /usr/bin/realpath' sudoers_server_file_user_back_disk_privileges: - 'ALL=(root) NOPASSWD: /usr/bin/which' - 'ALL=(root) NOPASSWD: /sbin/hdparm -I /dev/*' - 'ALL=(root) NOPASSWD: /sbin/fdisk' - 'ALL=(root) NOPASSWD: /sbin/sgdisk' - 'ALL=(root) NOPASSWD: /sbin/sfdisk -d /dev/*' - 'ALL=(root) NOPASSWD: /bin/dd if=/dev/*' - 'ALL=(root) NOPASSWD: /sbin/parted' - 'ALL=(root) NOPASSWD: /sbin/gdisk' # sudoers_server_file_user_privileges # - name: # entry: # - name : # entry: # - ... # sudoers_server_file_user_privileges: [] # sudoers_server_file_group_privileges # - name: # entry: # - name : # entry: # - ... # sudoers_server_file_group_privileges: [] # --- # vars used by roles/ansible_dependencies # --- apt_ansible_dependencies: - python - python-apt - python3 - python3-apt - lsb-release - apt-transport-https - dbus - sudo - vim - net-tools - vlan # --- # vars used by roles/ansible_user # --- ssh_keys_admin: - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' ansible_remote_user: - name: local password: $6$hJSDt2xM$mWlfc6Ve11Y7F9J3KRapYGpN7KCD1IlbelYq/jd/xuG.UfK04nl2VOHJXVPYqC3H6q3VToAyD3yPqEcwT.KPA0 shell: /bin/bash