From 1d9af301748d3aa54d0cb48a8c0b87d6ed5ffe31 Mon Sep 17 00:00:00 2001 From: Christoph Date: Wed, 8 Jan 2020 14:51:51 +0100 Subject: [PATCH] Some minor changes.. --- ansible.cfg | 12 +- group_vars/all/main.yml.00 | 556 ------------------------ group_vars/all/main.yml.BAK | 753 --------------------------------- hosts | 4 + roles/common/tasks/sudoers.yml | 16 +- 5 files changed, 18 insertions(+), 1323 deletions(-) delete mode 100644 group_vars/all/main.yml.00 delete mode 100644 group_vars/all/main.yml.BAK diff --git a/ansible.cfg b/ansible.cfg index 3453ac3..74e5fc0 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -23,8 +23,8 @@ ansible_managed = ############################################ # #fact_caching_timeout = 86400 #forks = 20 inventory = ./hosts -remote_user = lokaladmin -#remote_user = root +#remote_user = lokaladmin +remote_user = root #ask_pass=True roles_path = ./roles vault_password_file = mbr-bln_the_vault.sh @@ -34,10 +34,10 @@ interpreter_python: auto #interpreter_python: /usr/bin/python3 [privilege_escalation] -#become=False -become=True -become_method=sudo -become_ask_pass=True +become=False +#become=True +#become_method=sudo +#become_ask_pass=True [ssh_connection] diff --git a/group_vars/all/main.yml.00 b/group_vars/all/main.yml.00 deleted file mode 100644 index 0575652..0000000 --- a/group_vars/all/main.yml.00 +++ /dev/null @@ -1,556 +0,0 @@ ---- - -# --- -# NFS -# --- - -nfs_server: 192.168.112.10 - -# Set 'fs_encrypted' to true if filesystem lives on an encrypted -# partition. -# -nfs_exports: - - src: 192.168.112.10:/data/home - path: /data/home - mount_opts: users,rsize=8192,wsize=8192,hard,intr - export_opt: rw,root_squash,sync,subtree_check - export_networks: - - 192.168.112.0/24 - - 10.0.112.0/24 - - 10.1.112.0/24 - - 192.168.63.0/24 - fs_encrypted: false - - - src: 192.168.112.10:/data/shares - path: /data/home - mount_opts: users,rsize=8192,wsize=8192,hard,intr - export_opt: rw,root_squash,sync,subtree_check - export_networks: - - 192.168.112.0/24 - - 10.0.112.0/24 - - 10.1.112.0/24 - - 192.168.63.0/24 - fs_encrypted: false - -# --- -# Samba / NIS -# --- - -samba_server: file-mbr.mbr-bln.netz - -samba_shares: - - name: Arbeitsrechtliches - user: - - anne - - bianca - - birgit.erhardt - - christina.wendt - - chris - - sysadm - - name: Ausschreibungen - user: - - anne - - bianca - - chris - - matthias.mueller - - sysadm - - name: BGN-Finanzen-Personal - user: - - anne - - bianca - - carolin - - christina.wendt - - chris - - sysadm - - ulf.balmer - - name: BVV-Projekt - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: Finanzen - user: - - anne - - bianca - - birgit.erhardt - - christina.wendt - - chris - - sysadm - - name: Install - user: - - chris - - sysadm - - lokaladmin - - name: Kamera - user: - - anne - - axis - - bianca - - chris - - sysadm - - name: MBR - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: Mobilisierungsplattform - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: RIAS - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: RIAS-Finanzen-Personal - user: - - anne - - bianca - - benjamin - - birgit.erhardt - - christina.wendt - - chris - - sysadm - - name: SCAN - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: VDK - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: Video - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - -nis_domain: mbr-bln.netz -#nis_domain: local.netz - -nis_server_address: 192.168.112.10 - -nis_server_name: file-mbr.mbr-bln.netz -#nis_server_name: luna.local.netz - -nis_common_packages: - - nis - - nscd - -nis_deleted_user: [] - - -nis_base_home: /data/home - -nis_groups: - - name: mbr-buero - group_id: 1200 - - name: mbr-finanzen - group_id: 1210 - - name: mbr-personal - group_id: 1220 - - name: mbr-kamera - group_id: 1250 - - name: mbr-admins - group_id: 1260 - - name: vdk - group_id: 1300 - - name: rias - group_id: 1400 - - name: rias-finanzen-personal - group_id: 1410 - - name: bgn - group_id: 1500 - - name: bgn-finanzen-personal - group_id: 1510 - -nis_user: - - name: chris - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 38643435653764393333613564393733666139656264343833333632373938323230393036303234 - 3633303562636465643930643961663165646237386664370a386362346162313037353163383365 - 61343263386239316164613935633062343165363863376462653165306464633136313839343962 - 3865353333373661390a643564386432643532396632323664383330646430613033643130626430 - 6139 - - name: lokaladmin - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: 'd4r1usz' - - name: sysadm - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: 'KPk_Wf2F' - - name: alexander.rasumny - groups: - - mbr-buero - is_samba_user: true - password: 'twT9Rjbv9mjq' - - name: anna.mueller1 - groups: - - mbr-buero - is_samba_user: true - password: '5xp5ll9ar13us!' - - - -# --- -# vars used by roles/ansible_dependencies -# --- - -apt_ansible_dependencies: - - python - - python-apt - - python3 - - python3-apt - - lsb-release - - apt-transport-https - - dbus - - sudo - - vim - - net-tools - - vlan - - -# --- -# vars used by roles/ansible_user -# --- - -ssh_keys_admin: - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' - -ansible_remote_user: - - name: lokaladmin - password: $6$KLQUDbiw$qvsGUndXr2G3DxhML6maD/nsJtXfElSLQ7ufkMuJu2vACbYX7kqNXdiU17oX6CyN5L1xARZ.TiES/w7zfh0Cu/ - shell: /bin/bash - - - -# --- -# vars used by roles/common/tasks/basic.yml -# --- - -time_zone: Europe/Berlin - -locales: - - en_US.UTF-8 - - de_DE.UTF-8 - -set_default_limit_nofile: false - - -# --- -# vars used by roles/common/tasks/sudoers.yml -# --- - -sudo_users: - - lokaladmin - - chris - - sysadm - - localadmin - - -# /etc/sudoers -# -sudoers_defaults: - - env_reset - - mail_badpass - - 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' - -sudoers_host_aliases: [] - -sudoers_user_aliases: [] - -sudoers_cmnd_aliases: [] - -sudoers_runas_aliases: [] - -sudoers_user_privileges: - - name: root - entry: 'ALL=(ALL:ALL) ALL' - -sudoers_group_privileges: [] - - - -# /etc/sudoers.d/50-user -# -sudoers_file_defaults: [] - -sudoers_file_host_aliases: [] - -sudoers_file_user_aliases: [] - -sudoers_file_cmnd_aliases: - - name: MOUNT - entry: '/bin/mount,/bin/umount' - -sudoers_file_runas_aliases: [] - diff --git a/group_vars/all/main.yml.BAK b/group_vars/all/main.yml.BAK deleted file mode 100644 index 09e5284..0000000 --- a/group_vars/all/main.yml.BAK +++ /dev/null @@ -1,753 +0,0 @@ ---- - -# --- -# NFS -# --- - -nfs_server: 192.168.112.10 - -# Set 'fs_encrypted' to true if filesystem lives on an encrypted -# partition. -# -nfs_exports: - - src: 192.168.112.10:/data/home - path: /data/home - mount_opts: users,rsize=8192,wsize=8192,hard,intr - export_opt: rw,root_squash,sync,subtree_check - export_networks: - - 192.168.112.0/24 - - 10.0.112.0/24 - - 10.1.112.0/24 - - 192.168.63.0/24 - fs_encrypted: false - - - src: 192.168.112.10:/data/shares - path: /data/home - mount_opts: users,rsize=8192,wsize=8192,hard,intr - export_opt: rw,root_squash,sync,subtree_check - export_networks: - - 192.168.112.0/24 - - 10.0.112.0/24 - - 10.1.112.0/24 - - 192.168.63.0/24 - fs_encrypted: false - -# --- -# Samba / NIS -# --- - -samba_server: file-mbr.mbr-bln.netz - -samba_shares: - - name: Arbeitsrechtliches - user: - - anne - - bianca - - birgit.erhardt - - christina.wendt - - chris - - sysadm - - name: Ausschreibungen - user: - - anne - - bianca - - chris - - matthias.mueller - - sysadm - - name: BGN-Finanzen-Personal - user: - - anne - - bianca - - carolin - - christina.wendt - - chris - - sysadm - - ulf.balmer - - name: BVV-Projekt - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: Finanzen - user: - - anne - - bianca - - birgit.erhardt - - christina.wendt - - chris - - sysadm - - name: Install - user: - - chris - - sysadm - - lokaladmin - - name: Kamera - user: - - anne - - axis - - bianca - - chris - - sysadm - - name: MBR - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: Mobilisierungsplattform - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: RIAS - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: RIAS-Finanzen-Personal - user: - - anne - - bianca - - benjamin - - birgit.erhardt - - christina.wendt - - chris - - sysadm - - name: SCAN - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: VDK - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - - name: Video - user: - - alexander.rasumny - - anna.mueller1 - - anne - - benjamin - - bianca - - birgit.erhardt - - bjoern.renkewitz - - carolin - - christina.wendt - - chris - - daniel.poensgen - - doku2 - - doku_4 - - doku_7 - - dorina.feldmann - - franziska - - johannes.radke - - judith.heinmueller - - kristina.holzapfel - - lavinia.schwedersky - - manja.kasten - - mathias - - matthias.mueller - - michael.sulies - - michael.trube - - pia.lamberty - - praktikum - - praktikum_rias - - praktikum2 - - praktikum2_rias - - sabine.kritter - - samuel.signer - - scan - - simon - - sysadm - - ulf.balmer - -nis_domain: mbr-bln.netz -#nis_domain: local.netz - -nis_server_address: 192.168.112.10 - -nis_server_name: file-mbr.mbr-bln.netz -#nis_server_name: luna.local.netz - -nis_common_packages: - - nis - - nscd - -nis_deleted_user: [] - - -nis_base_home: /data/home - -nis_groups: - - name: mbr-buero - group_id: 1200 - - name: mbr-finanzen - group_id: 1210 - - name: mbr-personal - group_id: 1220 - - name: mbr-kamera - group_id: 1250 - - name: mbr-admins - group_id: 1260 - - name: vdk - group_id: 1300 - - name: rias - group_id: 1400 - - name: rias-finanzen-personal - group_id: 1410 - - name: bgn - group_id: 1500 - - name: bgn-finanzen-personal - group_id: 1510 - -nis_user: - - name: chris - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 38643435653764393333613564393733666139656264343833333632373938323230393036303234 - 3633303562636465643930643961663165646237386664370a386362346162313037353163383365 - 61343263386239316164613935633062343165363863376462653165306464633136313839343962 - 3865353333373661390a643564386432643532396632323664383330646430613033643130626430 - 6139 - - name: lokaladmin - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: 'd4r1usz' - - name: sysadm - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: 'KPk_Wf2F' - - name: alexander.rasumny - groups: - - mbr-buero - is_samba_user: true - password: 'twT9Rjbv9mjq' - - name: anna.mueller1 - groups: - - mbr-buero - is_samba_user: true - password: '5xp5ll9ar13us!' - - name: anne - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: 'YA!LiLiC0MP5' - - name: benjamin - groups: - - mbr-buero - - vdk - - rias - - rias-finanzen-personal - is_samba_user: true - password: 'C2-0U#ch' - - name: bianca - groups: - - mbr-buero - - mbr-finanzen - - mbr-personal - - mbr-kamera - - mbr-admins - - vdk - - rias - - rias-finanzen-personal - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: '73_BiBole_29' - - name: birgit.erhardt - groups: - - mbr-buero - - mbr-finanzen - - vdk - is_samba_user: true - password: '20_purpel!rain_17' - - name: bjoern.renkewitz - groups: - - mbr-buero - is_samba_user: true - password: 'Tz9-Wq-51' - - name: carolin - groups: - - mbr-buero - - bgn-finanzen-personal - is_samba_user: true - password: '20_carol1n_14' - - name: christina.wendt - groups: - - mbr-buero - - mbr-finanzen - - vdk - - rias-finanzen-personal - - bgn-finanzen-personal - is_samba_user: true - password: '8!Varianten' - - name: daniel.poensgen - groups: - - mbr-buero - is_samba_user: true - password: 'rcMRCm7jcpbp' - - name: doku_4 - groups: - - mbr-buero - is_samba_user: true - password: 'PwmNvPh9KM4T' - - name: - groups: doku_7 - - mbr-buero - is_samba_user: true - password: 'TFhCW9J4Vn4F' - - name: dorina.feldmann - groups: - - mbr-buero - is_samba_user: true - password: '17?4XPQ_!abc' - - name: franziska - groups: - - mbr-buero - is_samba_user: true - password: 'f49mCjbj3Jh7' - - name: frederick.kannenberg - groups: - - mbr-buero - is_samba_user: true - password: 'riasFK2019!#' - - name: doku2 - groups: - - mbr-buero - is_samba_user: true - password: '*M0ss4d*' - - name: johannes.radke - groups: - - mbr-buero - is_samba_user: true - password: 'Furzf4brik!' - - name: judith.heinmueller - groups: - - mbr-buero - is_samba_user: true - password: 't32_aHxV.' - - name: kristina.holzapfel - groups: - - mbr-buero - is_samba_user: true - password: 'c7PvX_39.' - - name: lavinia.schwedersky - groups: - - mbr-buero - is_samba_user: true - password: 'xJw.3R9vKf/N' - - name: - groups: manja.kasten - - mbr-buero - is_samba_user: true - password: 'Rasili_&n' - - name: mathias - groups: - - mbr-buero - is_samba_user: true - password: 'p3r*45p3r4*4d*45tr4m' - - name: matthias.mueller - groups: - - mbr-buero - - mbr-personal - is_samba_user: true - password: 'V1v@H@f3rdr1nk' - - name: michael.sulies - groups: - - mbr-buero - is_samba_user: true - password: 'Cryst4lp4l4c3' - - name: michael.trube - groups: - - mbr-buero - - mbr-kamera - is_samba_user: true - password: '*R13sl1ng*' - - name: pia.lamberty - groups: - - mbr-buero - is_samba_user: true - password: 'oasd31*as+Q%' - - name: praktikum - groups: - - mbr-buero - is_samba_user: true - password: '_F313r4b3nd*' - - name: praktikum_rias - groups: - - mbr-buero - is_samba_user: true - password: '7z7F%d3cv_dfjz' - - name: praktikum2 - groups: - - mbr-buero - is_samba_user: true - password: '20praktikum213' - - name: praktikum2_rias - groups: - - mbr-buero - is_samba_user: true - password: 'ctnrk3CczcJ9' - - name: sabine.kritter - groups: - - mbr-buero - is_samba_user: true - password: '#17_abc_?!' - - name: samuel.signer - groups: - - mbr-buero - is_samba_user: true - password: 'S4mmyC0mput3r!' - - name: scan - groups: - - mbr-buero - is_samba_user: true - password: '20scan13' - - name: simon - groups: - - mbr-buero - is_samba_user: true - password: 'S4u3rkr4ut!' - - name: ulf.balmer - groups: - - mbr-buero - - bgn - - bgn-finanzen-personal - is_samba_user: true - password: 'ALL3_e6ene#' - - - -# --- -# vars used by roles/ansible_dependencies -# --- - -apt_ansible_dependencies: - - python - - python-apt - - python3 - - python3-apt - - lsb-release - - apt-transport-https - - dbus - - sudo - - vim - - net-tools - - vlan - - -# --- -# vars used by roles/ansible_user -# --- - -ssh_keys_admin: - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' - -ansible_remote_user: - - name: lokaladmin - password: $6$KLQUDbiw$qvsGUndXr2G3DxhML6maD/nsJtXfElSLQ7ufkMuJu2vACbYX7kqNXdiU17oX6CyN5L1xARZ.TiES/w7zfh0Cu/ - shell: /bin/bash - - - -# --- -# vars used by roles/common/tasks/basic.yml -# --- - -time_zone: Europe/Berlin - -locales: - - en_US.UTF-8 - - de_DE.UTF-8 - -set_default_limit_nofile: false - - -# --- -# vars used by roles/common/tasks/sudoers.yml -# --- - -sudo_users: - - lokaladmin - - chris - - sysadm - - localadmin - - -# /etc/sudoers -# -sudoers_defaults: - - env_reset - - mail_badpass - - 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' - -sudoers_host_aliases: [] - -sudoers_user_aliases: [] - -sudoers_cmnd_aliases: [] - -sudoers_runas_aliases: [] - -sudoers_user_privileges: - - name: root - entry: 'ALL=(ALL:ALL) ALL' - -sudoers_group_privileges: [] - - - -# /etc/sudoers.d/50-user -# -sudoers_file_defaults: [] - -sudoers_file_host_aliases: [] - -sudoers_file_user_aliases: [] - -sudoers_file_cmnd_aliases: - - name: MOUNT - entry: '/bin/mount,/bin/umount' - -sudoers_file_runas_aliases: [] - diff --git a/hosts b/hosts index 37173dc..5865438 100644 --- a/hosts +++ b/hosts @@ -1,12 +1,16 @@ [initial_setup] file-mbr.mbr-bln.netz ansible_user=root +pc101.mbr-bln.netz [client_pc] +pc101.mbr-bln.netz [nfs_client] +pc101.mbr-bln.netz [nis_client] +pc101.mbr-bln.netz [file_server] file-mbr.mbr-bln.netz ansible_user=root diff --git a/roles/common/tasks/sudoers.yml b/roles/common/tasks/sudoers.yml index fb277a6..f9a3af1 100644 --- a/roles/common/tasks/sudoers.yml +++ b/roles/common/tasks/sudoers.yml @@ -22,11 +22,11 @@ tags: - sudoers-global-configuration -- name: (sudoers.yml) Ensure all sudo_users are in sudo group - user: - name: "{{ item }}" - groups: sudo - append: yes - with_items: "{{ sudo_users }}" - tags: - - sudo-users +#- name: (sudoers.yml) Ensure all sudo_users are in sudo group +# user: +# name: "{{ item }}" +# groups: sudo +# append: yes +# with_items: "{{ sudo_users }}" +# tags: +# - sudo-users