--- # --- # NFS # --- nfs_server: 192.168.112.10 # Set 'fs_encrypted' to true if filesystem lives on an encrypted # partition. # nfs_exports: - src: 192.168.112.10:/data/home path: /data/home mount_opts: users,rsize=8192,wsize=8192,hard,intr export_opt: rw,root_squash,sync,subtree_check export_networks: - 192.168.112.0/24 - 10.0.112.0/24 - 10.1.112.0/24 - 192.168.63.0/24 fs_encrypted: true - src: 192.168.112.10:/data/shares path: /data/shares mount_opts: users,rsize=8192,wsize=8192,hard,intr export_opt: rw,root_squash,sync,subtree_check export_networks: - 192.168.112.0/24 - 10.0.112.0/24 - 10.1.112.0/24 - 192.168.63.0/24 fs_encrypted: true # --- # Samba / NIS # --- samba_server: file-mbr.mbr-bln.netz samba_shares: - name: Arbeitsrechtliches group: mbr-finanzen user: - anne - bianca - birgit.erhardt - christina.wendt - chris - isabell.wiesner - sysadm - name: Ausschreibungen group: mbr-personal user: - anne - bianca - chris - matthias.mueller - sysadm - name: BGN-Finanzen-Personal group: bgn-finanzen-personal user: - anne - bianca - christina.wendt - chris - isabell.wiesner - lena.mahler - sysadm - ulf.balmer - name: BVV-Projekt group: mbr-buero user: - alexander.rasumny - anna.mueller1 - anne - benjamin - bianca - birgit.erhardt - bjoern.renkewitz - christina.wendt - chris - daniel.poensgen - doku.mbr2 - doku.mbr4 - dorina.feldmann - felix.mueller - hamid.mohseni - isabell.wiesner - janine.budich - johannes.radke - judith.heinmueller - julia.kopp - kerstin.kuballa - lavinia.schwedersky - lena.mahler - manja.kasten - mathias - matthias.mueller - michael.sulies - pia.lamberty - honorar.mbr1 - nina.rink - praktikum.bgn1 - praktikum.mbr1 - praktikum.mbr2 - praktikum.rias1 - bianca.loy - praktikum.rias2 - honorar.rias1 - samuel.signer - scan - simon - sysadm - ulf.balmer - name: Finanzen group: mbr-finanzen user: - anne - bianca - birgit.erhardt - christina.wendt - chris - isabell.wiesner - sysadm - name: Install group: mbr-admins user: - chris - sysadm - lokaladmin - name: Kamera group: mbr-kamera user: - anne - axis - bianca - chris - sysadm - name: MBR group: mbr-buero user: - alexander.rasumny - anna.mueller1 - anne - benjamin - bianca - birgit.erhardt - bjoern.renkewitz - christina.wendt - chris - daniel.poensgen - doku.mbr2 - doku.mbr4 - dorina.feldmann - felix.mueller - hamid.mohseni - isabell.wiesner - janine.budich - johannes.radke - judith.heinmueller - julia.kopp - kerstin.kuballa - lavinia.schwedersky - lena.mahler - manja.kasten - mathias - matthias.mueller - michael.sulies - pia.lamberty - honorar.mbr1 - nina.rink - praktikum.bgn1 - praktikum.mbr1 - praktikum.mbr2 - praktikum.rias1 - bianca.loy - praktikum.rias2 - honorar.rias1 - samuel.signer - scan - simon - sysadm - ulf.balmer - name: Mobilisierungsplattform group: mbr-buero user: - alexander.rasumny - anna.mueller1 - anne - benjamin - bianca - birgit.erhardt - bjoern.renkewitz - christina.wendt - chris - daniel.poensgen - doku.mbr2 - doku.mbr4 - dorina.feldmann - felix.mueller - hamid.mohseni - isabell.wiesner - janine.budich - johannes.radke - judith.heinmueller - julia.kopp - kerstin.kuballa - lavinia.schwedersky - lena.mahler - manja.kasten - mathias - matthias.mueller - michael.sulies - pia.lamberty - honorar.mbr1 - nina.rink - praktikum.bgn1 - praktikum.mbr1 - praktikum.mbr2 - praktikum.rias1 - bianca.loy - praktikum.rias2 - honorar.rias1 - samuel.signer - scan - simon - sysadm - ulf.balmer - name: Regishut group: regishut user: - alexander.steder - alexander.lorenz.milord - benjamin - bianca - christina.wendt - isabell.wiesner - linda.giesel - name: Regishut-Personal-Finanzen group: regishut-personal-finanzen user: - benjamin - bianca - christina.wendt - isabell.wiesner - linda.giesel - name: RIAS group: mbr-buero user: - alexander.rasumny - anna.mueller1 - anne - benjamin - bianca - birgit.erhardt - bjoern.renkewitz - christina.wendt - chris - daniel.poensgen - doku.mbr2 - doku.mbr4 - dorina.feldmann - felix.mueller - hamid.mohseni - isabell.wiesner - janine.budich - johannes.radke - judith.heinmueller - julia.kopp - kerstin.kuballa - lavinia.schwedersky - lena.mahler - manja.kasten - mathias - matthias.mueller - michael.sulies - pia.lamberty - honorar.mbr1 - nina.rink - praktikum.bgn1 - praktikum.mbr1 - praktikum.mbr2 - praktikum.rias1 - bianca.loy - praktikum.rias2 - honorar.rias1 - samuel.signer - scan - simon - sysadm - ulf.balmer - name: RIAS-Finanzen-Personal group: rias-finanzen-personal user: - anne - bianca - benjamin - birgit.erhardt - christina.wendt - chris - isabell.wiesner - sysadm - name: SCAN group: buero-scan user: - alexander.lorenz.milord - alexander.rasumny - alexander.steder - anna.mueller1 - anne - benjamin - bianca - birgit.erhardt - bjoern.renkewitz - christina.wendt - chris - daniel.poensgen - doku.mbr2 - doku.mbr4 - dorina.feldmann - felix.mueller - hamid.mohseni - isabell.wiesner - janine.budich - johannes.radke - judith.heinmueller - julia.kopp - kerstin.kuballa - lavinia.schwedersky - lena.mahler - linda.giesel - manja.kasten - mathias - matthias.mueller - michael.sulies - pia.lamberty - honorar.mbr1 - nina.rink - praktikum.bgn1 - praktikum.mbr1 - praktikum.mbr2 - praktikum.rias1 - bianca.loy - praktikum.rias2 - honorar.rias1 - samuel.signer - scan - simon - sysadm - ulf.balmer - name: VDK group: mbr-buero user: - alexander.rasumny - anna.mueller1 - anne - benjamin - bianca - birgit.erhardt - bjoern.renkewitz - christina.wendt - chris - daniel.poensgen - doku.mbr2 - doku.mbr4 - dorina.feldmann - felix.mueller - hamid.mohseni - isabell.wiesner - janine.budich - johannes.radke - judith.heinmueller - julia.kopp - kerstin.kuballa - lavinia.schwedersky - lena.mahler - manja.kasten - mathias - matthias.mueller - michael.sulies - pia.lamberty - honorar.mbr1 - nina.rink - praktikum.bgn1 - praktikum.mbr1 - praktikum.mbr2 - praktikum.rias1 - bianca.loy - praktikum.rias2 - honorar.rias1 - samuel.signer - scan - simon - sysadm - ulf.balmer - name: Video group: mbr-buero user: - alexander.rasumny - anna.mueller1 - anne - benjamin - bianca - birgit.erhardt - bjoern.renkewitz - christina.wendt - chris - daniel.poensgen - doku.mbr2 - doku.mbr4 - dorina.feldmann - felix.mueller - hamid.mohseni - isabell.wiesner - janine.budich - johannes.radke - judith.heinmueller - julia.kopp - kerstin.kuballa - lavinia.schwedersky - lena.mahler - manja.kasten - mathias - matthias.mueller - michael.sulies - pia.lamberty - honorar.mbr1 - nina.rink - praktikum.bgn1 - praktikum.mbr1 - praktikum.mbr2 - praktikum.rias1 - bianca.loy - praktikum.rias2 - honorar.rias1 - samuel.signer - scan - simon - sysadm - ulf.balmer nis_domain: mbr-bln.netz nis_server_address: 192.168.112.10 nis_server_name: file-mbr.mbr-bln.netz nis_common_packages: - nis - nscd nis_deleted_user: [] #nis_deleted_user: # - name: sabine.kritter # - name: kristina.holzapfel # - name: carolin # - name: franziska # - name: michael.trube # - name: praktikum # - name: praktikum2_rias # - name: praktikum3 # - name: praktikum4 nis_base_home: /data/home nis_groups: - name: mbr-buero group_id: 1200 - name: mbr-finanzen group_id: 1210 - name: mbr-personal group_id: 1220 - name: mbr-kamera group_id: 1250 - name: mbr-admins group_id: 1260 - name: vdk group_id: 1300 - name: rias group_id: 1400 - name: rias-finanzen-personal group_id: 1410 - name: bgn group_id: 1500 - name: bgn-finanzen-personal group_id: 1510 - name: regishut group_id: 1600 - name: regishut-personal-finanzen group_id: 1610 - name: buero-scan group_id: 1700 nis_user: - name: chris groups: - mbr-buero - mbr-finanzen - mbr-personal - mbr-kamera - mbr-admins - vdk - rias - rias-finanzen-personal - bgn - bgn-finanzen-personal - regishut - regishut-personal-finanzen - buero-scan is_samba_user: true password: !vault | $ANSIBLE_VAULT;1.1;AES256 38643435653764393333613564393733666139656264343833333632373938323230393036303234 3633303562636465643930643961663165646237386664370a386362346162313037353163383365 61343263386239316164613935633062343165363863376462653165306464633136313839343962 3865353333373661390a643564386432643532396632323664383330646430613033643130626430 6139 - name: lokaladmin groups: - mbr-buero - mbr-finanzen - mbr-personal - mbr-kamera - mbr-admins - vdk - rias - rias-finanzen-personal - bgn - bgn-finanzen-personal - regishut - regishut-personal-finanzen - buero-scan is_samba_user: true password: 'd4r1usz' - name: sysadm groups: - mbr-buero - mbr-finanzen - mbr-personal - mbr-kamera - mbr-admins - vdk - rias - rias-finanzen-personal - bgn - bgn-finanzen-personal - regishut - regishut-personal-finanzen - buero-scan is_samba_user: true password: 'KPk_Wf2F' - name: alexander.lorenz.milord groups: - regishut - buero-scan is_samba_user: true password: 'R3GI_20_poliz_!' - name: alexander.rasumny groups: - mbr-buero - buero-scan is_samba_user: true password: 'twT9Rjbv9mjq' - name: alexander.steder groups: - regishut - buero-scan is_samba_user: true password: 'SHUT_20_s3nc3!' - name: anna.mueller1 groups: - mbr-buero - buero-scan is_samba_user: true password: '5xp5ll9ar13us!' - name: anne groups: - mbr-buero - mbr-finanzen - mbr-personal - mbr-kamera - mbr-admins - vdk - rias - rias-finanzen-personal - bgn - bgn-finanzen-personal - buero-scan is_samba_user: true password: 'YA!LiLiC0MP5' - name: axis groups: - mbr-buero - buero-scan is_samba_user: true password: '20_axis_16' - name: benjamin groups: - mbr-buero - vdk - rias - rias-finanzen-personal - buero-scan is_samba_user: true password: 'C2-0U#ch' - name: bianca groups: - mbr-buero - mbr-finanzen - mbr-personal - mbr-kamera - mbr-admins - vdk - rias - rias-finanzen-personal - bgn - bgn-finanzen-personal - buero-scan is_samba_user: true password: '73_BiBole_29' - name: birgit.erhardt groups: - mbr-buero - mbr-finanzen - vdk - buero-scan is_samba_user: true password: '20_purpel!rain_17' - name: bjoern.renkewitz groups: - mbr-buero - buero-scan is_samba_user: true password: 'Tz9-Wq-51' - name: christina.wendt groups: - mbr-buero - mbr-finanzen - vdk - rias-finanzen-personal - bgn-finanzen-personal - regishut - regishut-personal-finanzen - buero-scan is_samba_user: true password: '8!Varianten' - name: daniel.poensgen groups: - mbr-buero - buero-scan is_samba_user: true password: 'rcMRCm7jcpbp' - name: doku.mbr2 groups: - mbr-buero - buero-scan is_samba_user: true password: '*M0ss4d*' - name: doku.mbr4 groups: - mbr-buero - buero-scan is_samba_user: true password: 'PwmNvPh9KM4T' - name: dorina.feldmann groups: - mbr-buero - buero-scan is_samba_user: true password: '17?4XPQ_!abc' - name: felix.mueller groups: - mbr-buero - buero-scan is_samba_user: true password: 'U_i5zAR5H+ti' - name: frederick.kannenberg groups: - mbr-buero - buero-scan is_samba_user: true password: 'riasFK2019!#' - name: hamid.mohseni groups: - mbr-buero - buero-scan is_samba_user: true password: 'TFhCW9J4Vn4F' - name: isabell.wiesner groups: - mbr-buero - mbr-finanzen - vdk - rias-finanzen-personal - bgn-finanzen-personal - buero-scan is_samba_user: true password: 'XY_bunt_2020!' - name: janine.budich groups: - mbr-buero - buero-scan is_samba_user: true password: 'LoS_r3f_20_AS!' - name: johannes.radke groups: - mbr-buero - buero-scan is_samba_user: true password: 'Furzf4brik!' - name: judith.heinmueller groups: - mbr-buero - buero-scan is_samba_user: true password: 't32_aHxV.' - name: julia.kopp groups: - mbr-buero - buero-scan is_samba_user: true password: '-a2%3bTzkW.A' - name: kerstin.kuballa groups: - mbr-buero - buero-scan is_samba_user: true password: 'sVY2_2t+a+db' - name: lavinia.schwedersky groups: - mbr-buero - buero-scan is_samba_user: true password: 'xJw.3R9vKf/N' - name: lena.mahler groups: - mbr-buero - bgn - bgn-finanzen-personal - buero-scan is_samba_user: true password: 'YZ_bgn_2020!' - name: linda.giesel groups: - buero-scan - regishut - regishut-personal-finanzen is_samba_user: true password: 'SHUT_20_s3nc3!' - name: manja.kasten groups: - mbr-buero - buero-scan is_samba_user: true password: 'Rasili_&n' - name: mathias groups: - mbr-buero - buero-scan is_samba_user: true password: 'p3r*45p3r4*4d*45tr4m' - name: matthias.mueller groups: - mbr-buero - mbr-personal - buero-scan is_samba_user: true password: 'V1v@H@f3rdr1nk' - name: michael.sulies groups: - mbr-buero - buero-scan is_samba_user: true password: 'Cryst4lp4l4c3' - name: pia.lamberty groups: - mbr-buero - buero-scan is_samba_user: true password: 'oasd31*as+Q%' - name: honorar.mbr1 groups: - mbr-buero - buero-scan is_samba_user: true password: '_F313r4b3nd*' - name: nina.rink groups: - mbr-buero - buero-scan is_samba_user: true password: 'BMW_mobit_2020!' - name: pierre.ahrent groups: - buero-scan is_samba_user: true password: 'GYiI3-s/_7wG' - name: praktikum.bgn1 groups: - mbr-buero - buero-scan is_samba_user: true password: 'MPL_baerin_20!' - name: praktikum.mbr1 groups: - mbr-buero - buero-scan is_samba_user: true password: '2001_RAT_urban!' - name: praktikum.mbr2 groups: - mbr-buero - buero-scan is_samba_user: true password: '20praktikum213' - name: praktikum.rias1 groups: - mbr-buero - buero-scan is_samba_user: true password: '7z7F%d3cv_dfjz' - name: bianca.loy groups: - mbr-buero - buero-scan is_samba_user: true password: 'ctnrk3CczcJ9' - name: praktikum.rias2 groups: - mbr-buero - buero-scan is_samba_user: true password: 'Q56V.6kf/JLQ' - name: honorar.rias1 groups: - mbr-buero - buero-scan is_samba_user: true password: '6jA,nmD,fdK!' - name: samuel.signer groups: - mbr-buero - buero-scan is_samba_user: true password: 'S4mmyC0mput3r!' - name: scan groups: - mbr-buero - buero-scan is_samba_user: true password: '20scan13' - name: simon groups: - mbr-buero - buero-scan is_samba_user: true password: 'S4u3rkr4ut!' - name: ulf.balmer groups: - mbr-buero - bgn - bgn-finanzen-personal - buero-scan is_samba_user: true password: 'ALL3_e6ene#' # --- # vars used by roles/ansible_dependencies # --- apt_ansible_dependencies: - python - python-apt - python3 - python3-apt - lsb-release - apt-transport-https - dbus - sudo - vim - net-tools - vlan # --- # vars used by roles/ansible_user # --- ssh_keys_admin: - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' ansible_remote_user: - name: lokaladmin password: $6$KLQUDbiw$qvsGUndXr2G3DxhML6maD/nsJtXfElSLQ7ufkMuJu2vACbYX7kqNXdiU17oX6CyN5L1xARZ.TiES/w7zfh0Cu/ shell: /bin/bash # --- # vars used by roles/common/tasks/basic.yml # --- time_zone: Europe/Berlin locales: - en_US.UTF-8 - de_DE.UTF-8 set_default_limit_nofile: false # --- # vars used by roles/common/tasks/sshd.yml # --- sshd_ports: - 22 sshd_listen_address: - '::' - '0.0.0.0' sshd_host_keys: - /etc/ssh/ssh_host_rsa_key - /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ed25519_key sshd_max_startups: !!str "10:30:100" sshd_max_auth_tries: 3 sshd_max_sessions: 10 sshd_permit_root_login: !!str "no" sshd_authorized_keys_file: ".ssh/authorized_keys .ssh/authorized_keys2" sshd_pubkey_authentication: !!str "yes" sshd_password_authentication: !!str "no" sshd_use_pam: !!str "yes" sshd_print_motd: !!str "no" # sshd_kexalgorithms # # Example: # sshd_kexalgorithms: # - curve25519-sha256@libssh.org # - diffie-hellman-group-exchange-sha256 # - diffie-hellman-group14-sha1 # sshd_kexalgorithms: {} # sshd_kexalgorithms # # Example: # sshd_ciphers: # - chacha20-poly1305@openssh.com # - aes256-gcm@openssh.com # - aes256-ctr sshd_ciphers: {} sshd_use_dns: !!str "no" sshd_allowed_users: {} # --- # vars used by apt.yml # --- apt_manage_sources_list: true apt_src_enable: true apt_backports_enable: true apt_debian_mirror: http://ftp.de.debian.org/debian/ apt_debian_contrib_nonfree_enable: true apt_update_cache_valid_time: 3600 apt_upgrade: true apt_update: true apt_clean: true apt_autoremove: true apt_dpkg_configure: true apt_upgrade_type: dist apt_upgrade_dpkg_options: - force-confdef - force-confold apt_initial_install_stretch: - apt-transport-https - dbus - openssh-server - rssh - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - rcconf - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - exuberant-ctags - mime-support - file - coreutils - moreutils - less - realpath - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.24 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man-db - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart apt_initial_install_buster: - apt-transport-https - dbus - openssh-server - rush - vim - vim-common - vim-doc - mc - screen - tmux - bc - figlet - rcconf - sudo - rsync - dselect - iputils-ping - apt-utils - aptitude - zip - unzip - bzip2 - arj - locate - curl - gawk - mawk - lynx - links - w3m - ctags - mime-support - file - coreutils - moreutils - less - sipcalc - psmisc - dnsutils - rblcheck - whois - gettext - gettext-base - gettext-doc - debian-keyring - patch - patchutils - recode - recode-doc - librecode0 - librecode-dev - sharutils - perl - perl-modules-5.28 - perl-doc - libperl-dev - libterm-readline-gnu-perl - libterm-readline-perl-perl - libterm-readkey-perl - libmail-imapclient-perl - libtime-duration-perl - libtimedate-perl - libwww-perl - libpcre3 - libio-compress-perl - libreadline5 - re2c - util-linux - parted - lshw - gdisk - smartmontools - tcpdump - telnet - unhide - lsof - hdparm - groff - iproute2 - bridge-utils - vlan - ethtool - wipe - iperf - mtr - iptraf - wget - logrotate - rsyslog - haveged - rdate - ntpdate - wipe - man - groff - iptables - shellcheck - ssl-cert - ssl-cert-check - git - ftp - htop - net-tools - lsb-release - attr - acl - quota - quotatool - needrestart apt_install: {} apt_install_state: latest apt_remove: - apt-transport-tor - tor - tor-geoipdb - torsocks apt_remove_purge: false microcode_package: intel-microcode # --- # vars used by roles/common/tasks/sudoers.yml # --- sudo_users: - lokaladmin # /etc/sudoers # sudoers_defaults: - env_reset - mail_badpass - 'secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' sudoers_host_aliases: [] sudoers_user_aliases: [] sudoers_cmnd_aliases: [] sudoers_runas_aliases: [] sudoers_user_privileges: - name: root entry: 'ALL=(ALL:ALL) ALL' sudoers_group_privileges: [] # /etc/sudoers.d/50-user # sudoers_file_defaults: [] sudoers_file_host_aliases: [] sudoers_file_user_aliases: [] sudoers_file_cmnd_aliases: - name: MOUNT entry: '/bin/mount,/bin/umount' sudoers_file_runas_aliases: [] vnc_password: !vault | $ANSIBLE_VAULT;1.1;AES256 34646461313062646632343839653332643963386236623838646233663437626165316261313035 6330643938623565363865616531316364353664383132630a353132366239663865653261323037 61326231636261366339633835636538313330343862303538356636616264663065323834623832 6138303037643333660a643461356138343639663662653263306666643433643561373432613966 6663 luks_device: /dev/sda3