Compare commits

...

3 Commits

6 changed files with 76 additions and 105 deletions
+2
View File
@@ -420,6 +420,8 @@ nis_user:
password: '20-wieb.ke/24_%'
samba_homes_virusfilter: true
# ==========
# vars used by roles/common/tasks/samba-install.yml
# ==========
+8 -1
View File
@@ -382,6 +382,7 @@ nis_user:
- name: kirstin
groups:
- amif
- team
- aktion-mensch
is_samba_user: true
@@ -419,6 +420,12 @@ nis_user:
is_samba_user: true
password: '20_son+keng-25.%'
- name: victoria
groups:
- amif
is_samba_user: true
password: '20.vic-to-ria/25%'
- name: vincent
groups:
- team
@@ -440,7 +447,7 @@ nis_user:
is_samba_user: true
password: '20-ver-wal-tung%23!'
samba_homes_virusfilter: true
# ==========
+43
View File
@@ -404,6 +404,18 @@ nis_user:
is_samba_user: true
password: '8!Varianten'
- name: hendrik.roth
groups:
- all-users
- buero-scan
- bgn-finanzen-personal
- mbr-finanzen-personal
- rias-berlin-finanzen-personal
- regishut-personal-finanzen
- direx-personal-finanzen
is_samba_user: true
password: 'H-S.tG3/wV46'
- name: janine.budich
groups:
- all-users
@@ -438,6 +450,18 @@ nis_user:
is_samba_user: true
password: 'AfZg3-9S/4IX'
- name: olga.masson
groups:
- all-users
- buero-scan
- bgn-finanzen-personal
- mbr-finanzen-personal
- rias-berlin-finanzen-personal
- regishut-personal-finanzen
- direx-personal-finanzen
is_samba_user: true
password: '6.7.mQ-sPE.o'
- name: swetlana.nikitenko
groups:
- all-users
@@ -669,6 +693,14 @@ nis_user:
is_samba_user: true
password: 't32_aHxV.'
- name: katharina.mueller
groups:
- all-users
- buero-scan
- mbr-buero
is_samba_user: true
password: '6.3b-5Vy/7-3'
- name: kathrin.hain
groups:
- ag-antisem
@@ -730,6 +762,7 @@ nis_user:
- all-users
- buero-scan
- mbr-buero
- technik
is_samba_user: true
password: 'I.E7X.cUd-cc'
@@ -782,6 +815,14 @@ nis_user:
is_samba_user: true
password: 'q9.mL5-a-aYA'
- name: tirza.seene
groups:
- all-users
- buero-scan
- mbr-buero
is_samba_user: true
password: '7a9-7Rz-Rc2p'
# ---
# RIAS Berlin und Bund
# ---
@@ -951,6 +992,8 @@ nis_user:
password: 'RmMq-3Z--2.2'
samba_homes_virusfilter: true
# ==========
# vars used by roles/common/tasks/samba-install.yml
+8 -94
View File
@@ -177,6 +177,13 @@ nis_user:
is_samba_user: true
password: 'spa2014'
- name: genia
groups:
- intern
- buero
is_samba_user: true
password: '240481'
- name: isadora
groups:
- intern
@@ -340,100 +347,7 @@ nis_user:
is_samba_user: true
password: '300195'
# deleted users
#
# - name: marei
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '220792'
#
# - name: virginia
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '160292'
#
# - name: alina
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '140686'
#
# - name: hannah
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '28031973'
#
# - name: kristin
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '49371'
#
# - name: thea
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '060995'
#
# - name: katrine
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '200290'
#
# - name: daniel
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '210984'
#
# - name: andrea
# groups:
# - intern
# - buero
# - lpadmin
# is_samba_user: true
# password: 'kurse2010'
#
# - name: tali
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '220686'
#
# - name: eva
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '250791'
#
# - name: mariam
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '240991'
#
# - name: simone
# groups:
# - intern
# - buero
# is_samba_user: true
# password: '031189'
samba_homes_virusfilter: true
# ==========
+9 -8
View File
@@ -198,7 +198,6 @@
- samba-server
- samba-virusfilter
- name: (samba-config-server.yml) Configure AppArmor local profile for clamd (data paths)
template:
src: etc/apparmor.d/local/usr.sbin.clamd.j2
@@ -206,7 +205,9 @@
owner: root
group: root
mode: "0644"
notify: Reload AppArmor profile clamd
notify:
- Reload AppArmor profile clamd
- Restart clamav-daemon
when:
- inventory_hostname in groups['samba_server']
- samba_shares | selectattr('vfs_object_virusfilter', 'defined') |
@@ -214,7 +215,7 @@
tags:
- samba-server
- samba-virusfilter
- name: (samba-config-server.yml) Ensure AllowAllMatchScan is enabled in clamd.conf
lineinfile:
path: /etc/clamav/clamd.conf
@@ -316,7 +317,7 @@
register: clean_samba_trash_dirs
when:
- inventory_hostname in groups['samba_server']
tags: [ samba-server, samba-cron ]
tags: [samba-server, samba-cron]
- name: (samba-config-server.yml) Creates a cron job for cleaning up samba trash dirs
ansible.builtin.cron:
@@ -332,7 +333,7 @@
- inventory_hostname in groups['samba_server']
- clean_samba_trash_exists.stat.exists | bool
- (clean_samba_trash_dirs.found | int) > 0
tags: [ samba-server, samba-cron ]
tags: [samba-server, samba-cron]
# ---
# Cronjob for setting permissions on samba shares
@@ -344,7 +345,7 @@
register: set_permissions_on_samba_shares_exists
when:
- inventory_hostname in groups['samba_server']
tags: [ samba-server, samba-cron ]
tags: [samba-server, samba-cron]
- name: (samba-config-server.yml) Adjust configuration for script 'set_permissions_samba_shares.sh'
ansible.builtin.template:
@@ -353,7 +354,7 @@
when:
- inventory_hostname in groups['samba_server']
- set_permissions_on_samba_shares_exists.stat.exists | bool
tags: [ samba-server, samba-cron ]
tags: [samba-server, samba-cron]
- name: (samba-config-server.yml) Creates a cron job for setting permissions to samba dirs
ansible.builtin.cron:
@@ -368,7 +369,7 @@
when:
- inventory_hostname in groups['samba_server']
- (clean_samba_trash_dirs.found | int) > 0 # << int -> bool
tags: [ samba-server, samba-cron ]
tags: [samba-server, samba-cron]
# ---
# Samba clients
+6 -2
View File
@@ -342,7 +342,10 @@
virusfilter:cache entry limit = 1000
virusfilter:cache time limit = 60
virusfilter:max file size = 26214400
# Dateigröße: Was wird gescannt?
#virusfilter:max file size = 52428800 # 50 MB max
#virusfilter:max file size = 26214400 # 25 MB max
virusfilter:max file size = 15728640 # 15 MB max
virusfilter:min file size = 10
virusfilter:scan on open = yes
@@ -522,7 +525,8 @@
# Dateigröße: Was wird gescannt?
#virusfilter:max file size = 52428800 # 50 MB max
virusfilter:max file size = 26214400 # 25 MB max
#virusfilter:max file size = 26214400 # 25 MB max
virusfilter:max file size = 15728640 # 15 MB max
virusfilter:min file size = 10 # unter 10 Byte ignorieren
# Scan-Zeitpunkt: nur beim Öffnen, nicht beim Schließen