ansible/mbr-bln
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Some minor changes..

Browse Source
This commit is contained in:
Christoph 2020-01-08 14:51:51 +01:00
parent a5b1aa43eb
commit 1d9af30174
5 changed files with 18 additions and 1323 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ansible.cfg
View File

@ -23,8 +23,8 @@ ansible_managed = ############################################ #
#fact_caching_timeout = 86400 #fact_caching_timeout = 86400
#forks = 20 #forks = 20
inventory = ./hosts inventory = ./hosts
remote_user = lokaladmin #remote_user = lokaladmin
#remote_user = root remote_user = root
#ask_pass=True #ask_pass=True
roles_path = ./roles roles_path = ./roles
vault_password_file = mbr-bln_the_vault.sh vault_password_file = mbr-bln_the_vault.sh
@ -34,10 +34,10 @@ interpreter_python: auto
#interpreter_python: /usr/bin/python3 #interpreter_python: /usr/bin/python3
[privilege_escalation] [privilege_escalation]
#become=False become=False
become=True #become=True
become_method=sudo #become_method=sudo
become_ask_pass=True #become_ask_pass=True
[ssh_connection] [ssh_connection]

556
group_vars/all/main.yml.00
View File

@ -1,556 +0,0 @@
---
# ---
# NFS
# ---
nfs_server: 192.168.112.10
# Set 'fs_encrypted' to true if filesystem lives on an encrypted
# partition.
#
nfs_exports:
- src: 192.168.112.10:/data/home
path: /data/home
mount_opts: users,rsize=8192,wsize=8192,hard,intr
export_opt: rw,root_squash,sync,subtree_check
export_networks:
- 192.168.112.0/24
- 10.0.112.0/24
- 10.1.112.0/24
- 192.168.63.0/24
fs_encrypted: false
- src: 192.168.112.10:/data/shares
path: /data/home
mount_opts: users,rsize=8192,wsize=8192,hard,intr
export_opt: rw,root_squash,sync,subtree_check
export_networks:
- 192.168.112.0/24
- 10.0.112.0/24
- 10.1.112.0/24
- 192.168.63.0/24
fs_encrypted: false
# ---
# Samba / NIS
# ---
samba_server: file-mbr.mbr-bln.netz
samba_shares:
- name: Arbeitsrechtliches
user:
- anne
- bianca
- birgit.erhardt
- christina.wendt
- chris
- sysadm
- name: Ausschreibungen
user:
- anne
- bianca
- chris
- matthias.mueller
- sysadm
- name: BGN-Finanzen-Personal
user:
- anne
- bianca
- carolin
- christina.wendt
- chris
- sysadm
- ulf.balmer
- name: BVV-Projekt
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Finanzen
user:
- anne
- bianca
- birgit.erhardt
- christina.wendt
- chris
- sysadm
- name: Install
user:
- chris
- sysadm
- lokaladmin
- name: Kamera
user:
- anne
- axis
- bianca
- chris
- sysadm
- name: MBR
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Mobilisierungsplattform
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: RIAS
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: RIAS-Finanzen-Personal
user:
- anne
- bianca
- benjamin
- birgit.erhardt
- christina.wendt
- chris
- sysadm
- name: SCAN
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: VDK
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Video
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
nis_domain: mbr-bln.netz
#nis_domain: local.netz
nis_server_address: 192.168.112.10
nis_server_name: file-mbr.mbr-bln.netz
#nis_server_name: luna.local.netz
nis_common_packages:
- nis
- nscd
nis_deleted_user: []
nis_base_home: /data/home
nis_groups:
- name: mbr-buero
group_id: 1200
- name: mbr-finanzen
group_id: 1210
- name: mbr-personal
group_id: 1220
- name: mbr-kamera
group_id: 1250
- name: mbr-admins
group_id: 1260
- name: vdk
group_id: 1300
- name: rias
group_id: 1400
- name: rias-finanzen-personal
group_id: 1410
- name: bgn
group_id: 1500
- name: bgn-finanzen-personal
group_id: 1510
nis_user:
- name: chris
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
38643435653764393333613564393733666139656264343833333632373938323230393036303234
3633303562636465643930643961663165646237386664370a386362346162313037353163383365
61343263386239316164613935633062343165363863376462653165306464633136313839343962
3865353333373661390a643564386432643532396632323664383330646430613033643130626430
6139
- name: lokaladmin
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: 'd4r1usz'
- name: sysadm
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: 'KPk_Wf2F'
- name: alexander.rasumny
groups:
- mbr-buero
is_samba_user: true
password: 'twT9Rjbv9mjq'
- name: anna.mueller1
groups:
- mbr-buero
is_samba_user: true
password: '5xp5ll9ar13us!'
# ---
# vars used by roles/ansible_dependencies
# ---
apt_ansible_dependencies:
- python
- python-apt
- python3
- python3-apt
- lsb-release
- apt-transport-https
- dbus
- sudo
- vim
- net-tools
- vlan
# ---
# vars used by roles/ansible_user
# ---
ssh_keys_admin:
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna'
ansible_remote_user:
- name: lokaladmin
password: $6$KLQUDbiw$qvsGUndXr2G3DxhML6maD/nsJtXfElSLQ7ufkMuJu2vACbYX7kqNXdiU17oX6CyN5L1xARZ.TiES/w7zfh0Cu/
shell: /bin/bash
# ---
# vars used by roles/common/tasks/basic.yml
# ---
time_zone: Europe/Berlin
locales:
- en_US.UTF-8
- de_DE.UTF-8
set_default_limit_nofile: false
# ---
# vars used by roles/common/tasks/sudoers.yml
# ---
sudo_users:
- lokaladmin
- chris
- sysadm
- localadmin
# /etc/sudoers
#
sudoers_defaults:
- env_reset
- mail_badpass
- 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
sudoers_host_aliases: []
sudoers_user_aliases: []
sudoers_cmnd_aliases: []
sudoers_runas_aliases: []
sudoers_user_privileges:
- name: root
entry: 'ALL=(ALL:ALL) ALL'
sudoers_group_privileges: []
# /etc/sudoers.d/50-user
#
sudoers_file_defaults: []
sudoers_file_host_aliases: []
sudoers_file_user_aliases: []
sudoers_file_cmnd_aliases:
- name: MOUNT
entry: '/bin/mount,/bin/umount'
sudoers_file_runas_aliases: []

753
group_vars/all/main.yml.BAK
View File

@ -1,753 +0,0 @@
---
# ---
# NFS
# ---
nfs_server: 192.168.112.10
# Set 'fs_encrypted' to true if filesystem lives on an encrypted
# partition.
#
nfs_exports:
- src: 192.168.112.10:/data/home
path: /data/home
mount_opts: users,rsize=8192,wsize=8192,hard,intr
export_opt: rw,root_squash,sync,subtree_check
export_networks:
- 192.168.112.0/24
- 10.0.112.0/24
- 10.1.112.0/24
- 192.168.63.0/24
fs_encrypted: false
- src: 192.168.112.10:/data/shares
path: /data/home
mount_opts: users,rsize=8192,wsize=8192,hard,intr
export_opt: rw,root_squash,sync,subtree_check
export_networks:
- 192.168.112.0/24
- 10.0.112.0/24
- 10.1.112.0/24
- 192.168.63.0/24
fs_encrypted: false
# ---
# Samba / NIS
# ---
samba_server: file-mbr.mbr-bln.netz
samba_shares:
- name: Arbeitsrechtliches
user:
- anne
- bianca
- birgit.erhardt
- christina.wendt
- chris
- sysadm
- name: Ausschreibungen
user:
- anne
- bianca
- chris
- matthias.mueller
- sysadm
- name: BGN-Finanzen-Personal
user:
- anne
- bianca
- carolin
- christina.wendt
- chris
- sysadm
- ulf.balmer
- name: BVV-Projekt
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Finanzen
user:
- anne
- bianca
- birgit.erhardt
- christina.wendt
- chris
- sysadm
- name: Install
user:
- chris
- sysadm
- lokaladmin
- name: Kamera
user:
- anne
- axis
- bianca
- chris
- sysadm
- name: MBR
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Mobilisierungsplattform
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: RIAS
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: RIAS-Finanzen-Personal
user:
- anne
- bianca
- benjamin
- birgit.erhardt
- christina.wendt
- chris
- sysadm
- name: SCAN
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: VDK
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
- name: Video
user:
- alexander.rasumny
- anna.mueller1
- anne
- benjamin
- bianca
- birgit.erhardt
- bjoern.renkewitz
- carolin
- christina.wendt
- chris
- daniel.poensgen
- doku2
- doku_4
- doku_7
- dorina.feldmann
- franziska
- johannes.radke
- judith.heinmueller
- kristina.holzapfel
- lavinia.schwedersky
- manja.kasten
- mathias
- matthias.mueller
- michael.sulies
- michael.trube
- pia.lamberty
- praktikum
- praktikum_rias
- praktikum2
- praktikum2_rias
- sabine.kritter
- samuel.signer
- scan
- simon
- sysadm
- ulf.balmer
nis_domain: mbr-bln.netz
#nis_domain: local.netz
nis_server_address: 192.168.112.10
nis_server_name: file-mbr.mbr-bln.netz
#nis_server_name: luna.local.netz
nis_common_packages:
- nis
- nscd
nis_deleted_user: []
nis_base_home: /data/home
nis_groups:
- name: mbr-buero
group_id: 1200
- name: mbr-finanzen
group_id: 1210
- name: mbr-personal
group_id: 1220
- name: mbr-kamera
group_id: 1250
- name: mbr-admins
group_id: 1260
- name: vdk
group_id: 1300
- name: rias
group_id: 1400
- name: rias-finanzen-personal
group_id: 1410
- name: bgn
group_id: 1500
- name: bgn-finanzen-personal
group_id: 1510
nis_user:
- name: chris
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
38643435653764393333613564393733666139656264343833333632373938323230393036303234
3633303562636465643930643961663165646237386664370a386362346162313037353163383365
61343263386239316164613935633062343165363863376462653165306464633136313839343962
3865353333373661390a643564386432643532396632323664383330646430613033643130626430
6139
- name: lokaladmin
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: 'd4r1usz'
- name: sysadm
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: 'KPk_Wf2F'
- name: alexander.rasumny
groups:
- mbr-buero
is_samba_user: true
password: 'twT9Rjbv9mjq'
- name: anna.mueller1
groups:
- mbr-buero
is_samba_user: true
password: '5xp5ll9ar13us!'
- name: anne
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: 'YA!LiLiC0MP5'
- name: benjamin
groups:
- mbr-buero
- vdk
- rias
- rias-finanzen-personal
is_samba_user: true
password: 'C2-0U#ch'
- name: bianca
groups:
- mbr-buero
- mbr-finanzen
- mbr-personal
- mbr-kamera
- mbr-admins
- vdk
- rias
- rias-finanzen-personal
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: '73_BiBole_29'
- name: birgit.erhardt
groups:
- mbr-buero
- mbr-finanzen
- vdk
is_samba_user: true
password: '20_purpel!rain_17'
- name: bjoern.renkewitz
groups:
- mbr-buero
is_samba_user: true
password: 'Tz9-Wq-51'
- name: carolin
groups:
- mbr-buero
- bgn-finanzen-personal
is_samba_user: true
password: '20_carol1n_14'
- name: christina.wendt
groups:
- mbr-buero
- mbr-finanzen
- vdk
- rias-finanzen-personal
- bgn-finanzen-personal
is_samba_user: true
password: '8!Varianten'
- name: daniel.poensgen
groups:
- mbr-buero
is_samba_user: true
password: 'rcMRCm7jcpbp'
- name: doku_4
groups:
- mbr-buero
is_samba_user: true
password: 'PwmNvPh9KM4T'
- name:
groups: doku_7
- mbr-buero
is_samba_user: true
password: 'TFhCW9J4Vn4F'
- name: dorina.feldmann
groups:
- mbr-buero
is_samba_user: true
password: '17?4XPQ_!abc'
- name: franziska
groups:
- mbr-buero
is_samba_user: true
password: 'f49mCjbj3Jh7'
- name: frederick.kannenberg
groups:
- mbr-buero
is_samba_user: true
password: 'riasFK2019!#'
- name: doku2
groups:
- mbr-buero
is_samba_user: true
password: '*M0ss4d*'
- name: johannes.radke
groups:
- mbr-buero
is_samba_user: true
password: 'Furzf4brik!'
- name: judith.heinmueller
groups:
- mbr-buero
is_samba_user: true
password: 't32_aHxV.'
- name: kristina.holzapfel
groups:
- mbr-buero
is_samba_user: true
password: 'c7PvX_39.'
- name: lavinia.schwedersky
groups:
- mbr-buero
is_samba_user: true
password: 'xJw.3R9vKf/N'
- name:
groups: manja.kasten
- mbr-buero
is_samba_user: true
password: 'Rasili_&n'
- name: mathias
groups:
- mbr-buero
is_samba_user: true
password: 'p3r*45p3r4*4d*45tr4m'
- name: matthias.mueller
groups:
- mbr-buero
- mbr-personal
is_samba_user: true
password: 'V1v@H@f3rdr1nk'
- name: michael.sulies
groups:
- mbr-buero
is_samba_user: true
password: 'Cryst4lp4l4c3'
- name: michael.trube
groups:
- mbr-buero
- mbr-kamera
is_samba_user: true
password: '*R13sl1ng*'
- name: pia.lamberty
groups:
- mbr-buero
is_samba_user: true
password: 'oasd31*as+Q%'
- name: praktikum
groups:
- mbr-buero
is_samba_user: true
password: '_F313r4b3nd*'
- name: praktikum_rias
groups:
- mbr-buero
is_samba_user: true
password: '7z7F%d3cv_dfjz'
- name: praktikum2
groups:
- mbr-buero
is_samba_user: true
password: '20praktikum213'
- name: praktikum2_rias
groups:
- mbr-buero
is_samba_user: true
password: 'ctnrk3CczcJ9'
- name: sabine.kritter
groups:
- mbr-buero
is_samba_user: true
password: '#17_abc_?!'
- name: samuel.signer
groups:
- mbr-buero
is_samba_user: true
password: 'S4mmyC0mput3r!'
- name: scan
groups:
- mbr-buero
is_samba_user: true
password: '20scan13'
- name: simon
groups:
- mbr-buero
is_samba_user: true
password: 'S4u3rkr4ut!'
- name: ulf.balmer
groups:
- mbr-buero
- bgn
- bgn-finanzen-personal
is_samba_user: true
password: 'ALL3_e6ene#'
# ---
# vars used by roles/ansible_dependencies
# ---
apt_ansible_dependencies:
- python
- python-apt
- python3
- python3-apt
- lsb-release
- apt-transport-https
- dbus
- sudo
- vim
- net-tools
- vlan
# ---
# vars used by roles/ansible_user
# ---
ssh_keys_admin:
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna'
ansible_remote_user:
- name: lokaladmin
password: $6$KLQUDbiw$qvsGUndXr2G3DxhML6maD/nsJtXfElSLQ7ufkMuJu2vACbYX7kqNXdiU17oX6CyN5L1xARZ.TiES/w7zfh0Cu/
shell: /bin/bash
# ---
# vars used by roles/common/tasks/basic.yml
# ---
time_zone: Europe/Berlin
locales:
- en_US.UTF-8
- de_DE.UTF-8
set_default_limit_nofile: false
# ---
# vars used by roles/common/tasks/sudoers.yml
# ---
sudo_users:
- lokaladmin
- chris
- sysadm
- localadmin
# /etc/sudoers
#
sudoers_defaults:
- env_reset
- mail_badpass
- 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"'
sudoers_host_aliases: []
sudoers_user_aliases: []
sudoers_cmnd_aliases: []
sudoers_runas_aliases: []
sudoers_user_privileges:
- name: root
entry: 'ALL=(ALL:ALL) ALL'
sudoers_group_privileges: []
# /etc/sudoers.d/50-user
#
sudoers_file_defaults: []
sudoers_file_host_aliases: []
sudoers_file_user_aliases: []
sudoers_file_cmnd_aliases:
- name: MOUNT
entry: '/bin/mount,/bin/umount'
sudoers_file_runas_aliases: []

4
hosts
View File

@ -1,12 +1,16 @@
[initial_setup] [initial_setup]
file-mbr.mbr-bln.netz ansible_user=root file-mbr.mbr-bln.netz ansible_user=root
pc101.mbr-bln.netz
[client_pc] [client_pc]
pc101.mbr-bln.netz
[nfs_client] [nfs_client]
pc101.mbr-bln.netz
[nis_client] [nis_client]
pc101.mbr-bln.netz
[file_server] [file_server]
file-mbr.mbr-bln.netz ansible_user=root file-mbr.mbr-bln.netz ansible_user=root

16
roles/common/tasks/sudoers.yml
View File

@ -22,11 +22,11 @@
tags: tags:
- sudoers-global-configuration - sudoers-global-configuration
- name: (sudoers.yml) Ensure all sudo_users are in sudo group #- name: (sudoers.yml) Ensure all sudo_users are in sudo group
user: # user:
name: "{{ item }}" # name: "{{ item }}"
groups: sudo # groups: sudo
append: yes # append: yes
with_items: "{{ sudo_users }}" # with_items: "{{ sudo_users }}"
tags: # tags:
- sudo-users # - sudo-users