This commit is contained in:
2021-05-17 10:24:50 +02:00
parent 62ff3af6a9
commit 05e27102c0
20 changed files with 950 additions and 346 deletions

View File

@ -1,250 +0,0 @@
---
# ---
# vars used by roles/ansible_dependencies
# ---
# ---
# vars used by roles/ansible_user
# ---
# ---
# vars used by roles/common/tasks/basic.yml
# ---
# ---
# vars used by roles/common/tasks/sshd.yml
# ---
# ---
# vars used by roles/common/tasks/apt.yml
# ---
apt_install_compiler_pkgs: true
apt_install_postgresql_pkgs: true
# ---
# vars used by roles/common/tasks/users.yml
# ---
insert_root_ssh_keypair: true
root_ssh_keypair:
- name: id-rsa-dehydrated
priv_key_src: root/.ssh/a.mx-id_rsa-dehydrated
priv_key_dest: /root/.ssh/id_rsa-dehydrated
pub_key_src: root/.ssh/a.mx-id_rsa-dehydrated.pub
pub_key_dest: /root/.ssh/id_rsa-dehydrated.pub
- name: id-rsa-opendkim
priv_key_src: root/.ssh/a.mx-id_rsa-opendkim
priv_key_dest: /root/.ssh/id_rsa-opendkim
pub_key_src: root/.ssh/a.mx-id_rsa-opendkim.pub
pub_key_dest: /root/.ssh/id_rsa-opendkim.pub
# ---
# vars used by roles/common/tasks/users-systemfiles.yml
# ---
# ---
# vars used by roles/common/tasks/webadmin-user.yml
# ---
# ---
# vars used by roles/common/tasks/sudoers.yml
# ---
#
# see: roles/common/tasks/vars
# ---
# vars used by roles/common/tasks/caching-nameserver.yml
# ---
# ---
# vars used by roles/common/tasks/git.yml
# ---
#
# see: roles/common/tasks/vars
# ---
# vars used by roles/common/tasks/copy_files.yml
# ---
copy_plain_files:
# /root/bin/monitoring
#
- name: monitoring_check_cert_for_dovecot.conf
src_path: a.mx/root/bin/monitoring/conf/check_cert_for_dovecot.conf
dest_path: /root/bin/monitoring/conf/check_cert_for_dovecot.conf
- name: monitoring_check_webservice_load.conf
src_path: a.mx/root/bin/monitoring/conf/check_webservice_load.conf
dest_path: /root/bin/monitoring/conf/check_webservice_load.conf
# /root/bin/postfix
#
- name: postfix_create_opendkim_key.conf
src_path: a.mx/root/bin/postfix/conf/create_opendkim_key.conf
dest_path: /root/bin/postfix/conf/create_opendkim_key.conf
- name: postfix_postfix_add_mailboxes.conf
src_path: a.mx/root/bin/postfix/conf/postfix_add_mailboxes.conf
dest_path: /root/bin/postfix/conf/postfix_add_mailboxes.conf
- name: postfix_sent_userinfo_postfix.conf
src_path: a.mx/root/bin/postfix/conf/sent_userinfo_postfix.conf
dest_path: /root/bin/postfix/conf/sent_userinfo_postfix.conf
- name: postfix_whitelist_mb_sigs.conf
src_path: a.mx/root/bin/postfix/conf/whitelist_mb_sigs.conf
dest_path: /root/bin/postfix/conf/whitelist_mb_sigs.conf
# Postfix Firewall postfwd
#
- name: postfwd.bl-sender
src_path: a.mx/etc/postfix/postfwd.bl-sender
dest_path: /etc/postfix/postfwd.bl-sender
- name: postfwd.bl-sender_domain
src_path: a.mx/etc/postfix/postfwd.bl-sender_domain
dest_path: /etc/postfix/postfwd.bl-sender_domain
- name: postfwd.bl-user
src_path: a.mx/etc/postfix/postfwd.bl-user
dest_path: /etc/postfix/postfwd.bl-user
- name: postfwd.wl-user
src_path: a.mx/etc/postfix/postfwd.wl-user
dest_path: /etc/postfix/postfwd.wl-user
copy_template_files: []
#
# - name: mailsystem_install_amavis.conf
# src_path: usr/local/src/mailsystem/conf/install_amavis.conf.j2
# dest_path: /usr/local/src/mailsystem/conf/install_amavis.conf
# ---
# vars used by roles/common/tasks/config_files_mailsystem_scripts.yml
# ---
hostname: a.mx.oopen.de
ipv4_address: 95.217.204.247
ipv6_address: 2a01:4f9:4a:47e5::247
admin_email: argus@oopen.de
is_relay_host: false
# postfix_db_type
#
# possible values are 'PostgreSQL' and 'MySQL'
postfix_db_type: PostgreSQL
postfix_db_name: postfix
postfix_db_user: postfix
postfix_db_host: localhost
postfix_db_pass: FKt4z55FxMZp
# install_amavis.conf
#
mp_receipt_number: 106015125438
si_authorisation_signature: b0b7e94d3fcc8f3b1f128edd5830392361868cf0174723a9924ac25bf8b1b588cb974b50234e1bc1d9839dfe0ca6e1627733d90daf1399347b1046d20c2e3a89
# install_postfixadmin.conf
#
website_name_postfixadmin: adm.oopen.de
email_welcome_message: "\n
Hallo,\n
Ihre/Deine neue E-Mail Adresse ist eingerichtet.\n
O.OPEN\n
--\n
O.OPEN | Phone: +49 30 / 290 484 91\n
Erkelenzdamm 21 | Fax: +49 30 / 290 484 99\n
D-10999 Berlin | E-MAIL: oo@oopen.de\n
"
# install_update_dovecot.conf
#
dovecot_from_address: "o.open <oo@oopen.de>"
dovecot_reply_to: "oo@oopen.de"
webmailer_address: "https://webmail.oopen.de"
salutation: "O.OPEN\n
--\n
O.OPEN | Phone: +49 30 / 290 484 91\n
Erkelenzdamm 21 | Fax: +49 30 / 290 484 99\n
D-10999 Berlin | http://oopen.de"
# install_upgrade_roundcube-webmail.conf
#
# Webmailer
webmail_site_name: webmail.oopen.de
autoreply_hostname: autoreply.oopen.de
# possible values: 'pgsql' or 'mysql'
roundcube_db_type: pgsql
roundcube_db_name: roundcubemail
roundcube_db_user: roundcube
roundcube_db_host: localhost
roundcube_db_pass: '3Dsz3j5R'
roundcube_product_name: O.OPEN - Webmailer
roundcube_support_url: https://www.oopen.de
roundcube_skin_logo: "images/oopen-logo.png"
# 2 Webmailer
webmaili_2_site_name: webmail2.oopen.de
autoreply_2_hostname: autoreply.oopen.de
# possible values: 'pgsql' or 'mysql'
roundcube_2_db_type: pgsql
roundcube_2_db_name: roundcubemail2
roundcube_2_db_user: roundcube
roundcube_2_db_host: localhost
roundcube_2_db_pass: '3Dsz3j5R'
roundcube_2_product_name: O.OPEN - Webmailer
roundcube_2_support_url: https://www.oopen.de
roundcube_2_skin_logo: "images/oopen-logo.png"
template_files_mailsystem_script:
- name: mailsystem_install_amavis.conf
src_path: usr/local/src/mailsystem/conf/install_amavis.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_amavis.conf
- name: mailsystem_install_postfixadmin.conf
src_path: usr/local/src/mailsystem/conf/install_postfix_advanced.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_postfix_advanced.conf
- name: mailsystem_install_postfixadmin.conf
src_path: usr/local/src/mailsystem/conf/install_postfixadmin.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_postfixadmin.conf
- name: mailsystem_install_update_dovecot.conf
src_path: usr/local/src/mailsystem/conf/install_update_dovecot.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_update_dovecot.conf
- name: mailsystem_install_upgrade_roundcube-webmail.conf
src_path: usr/local/src/mailsystem/conf/install_upgrade_roundcube-webmail.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_upgrade_roundcube-webmail.conf
- name: mailsystem_install_upgrade_roundcube-webmail2.conf
src_path: usr/local/src/mailsystem/conf/install_upgrade_roundcube-webmail2.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_upgrade_roundcube-webmail2.conf

View File

@ -147,8 +147,9 @@ ipv4_address: 95.217.204.247
ipv6_address: 2a01:4f9:4a:47e5::247
admin_email: argus@oopen.de
is_relay_host: false
is_relay_host: !!str "false"
db_in_use: !!str "true"
# postfix_db_type
#
# possible values are 'PostgreSQL' and 'MySQL'

145
host_vars/b.mx.oopen.de.yml Normal file
View File

@ -0,0 +1,145 @@
---
# ---
# vars used by roles/ansible_dependencies
# ---
# ---
# vars used by roles/ansible_user
# ---
# ---
# vars used by roles/common/tasks/basic.yml
# ---
# ---
# vars used by roles/common/tasks/sshd.yml
# ---
# ---
# vars used by roles/common/tasks/apt.yml
# ---
apt_install_compiler_pkgs: true
# ---
# vars used by roles/common/tasks/users.yml
# ---
insert_root_ssh_keypair: true
root_ssh_keypair:
- name: id-rsa-dehydrated
priv_key_src: root/.ssh/b.mx-id_rsa-dehydrated
priv_key_dest: /root/.ssh/id_rsa-dehydrated
pub_key_src: root/.ssh/b.mx-id_rsa-dehydrated.pub
pub_key_dest: /root/.ssh/id_rsa-dehydrated.pub
- name: id-rsa-opendkim
priv_key_src: root/.ssh/b.mx-id_rsa-opendkim
priv_key_dest: /root/.ssh/id_rsa-opendkim
pub_key_src: root/.ssh/b.mx-id_rsa-opendkim.pub
pub_key_dest: /root/.ssh/id_rsa-opendkim.pub
# ---
# vars used by roles/common/tasks/users-systemfiles.yml
# ---
# ---
# vars used by roles/common/tasks/webadmin-user.yml
# ---
# ---
# vars used by roles/common/tasks/sudoers.yml
# ---
#
# see: roles/common/tasks/vars
# ---
# vars used by roles/common/tasks/caching-nameserver.yml
# ---
# ---
# vars used by roles/common/tasks/git.yml
# ---
#
# see: roles/common/tasks/vars
# ---
# vars used by roles/common/tasks/copy_files.yml
# ---
copy_plain_files:
# /root/bin/monitoring
#
- name: monitoring_check_webservice_load.conf
src_path: b.mx/root/bin/monitoring/conf/check_webservice_load.conf
dest_path: /root/bin/monitoring/conf/check_webservice_load.conf
# /root/bin/postfix
#
- name: postfix_create_opendkim_key.conf
src_path: b.mx/root/bin/postfix/conf/create_opendkim_key.conf
dest_path: /root/bin/postfix/conf/create_opendkim_key.conf
- name: postfix_whitelist_mb_sigs.conf
src_path: b.mx/root/bin/postfix/conf/whitelist_mb_sigs.conf
dest_path: /root/bin/postfix/conf/whitelist_mb_sigs.conf
# Postfix Firewall postfwd
#
- name: postfwd.bl-sender
src_path: a.mx/etc/postfix/postfwd.bl-sender
dest_path: /etc/postfix/postfwd.bl-sender
- name: postfwd.bl-user
src_path: a.mx/etc/postfix/postfwd.bl-user
dest_path: /etc/postfix/postfwd.bl-user
- name: postfwd.wl-user
src_path: a.mx/etc/postfix/postfwd.wl-user
dest_path: /etc/postfix/postfwd.wl-user
copy_template_files: []
#
# - name: mailsystem_install_amavis.conf
# src_path: usr/local/src/mailsystem/conf/install_amavis.conf.j2
# dest_path: /usr/local/src/mailsystem/conf/install_amavis.conf
# ---
# vars used by roles/common/tasks/config_files_mailsystem_scripts.yml
# ---
hostname: b.mx.oopen.de
ipv4_address: 162.55.82.73
ipv6_address: 2a01:4f8:271:1266::73
admin_email: argus@oopen.de
is_relay_host: !!str "true"
sasl_auth_enable: !!str "yes"
template_files_mailsystem_script:
- name: mailsystem_install_amavis.conf
src_path: usr/local/src/mailsystem/conf/install_amavis.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_amavis.conf
- name: install_postfix_advanced.conf
src_path: usr/local/src/mailsystem/conf/install_postfix_advanced.conf.j2
dest_path: /usr/local/src/mailsystem/conf/install_postfix_advanced.conf

View File

@ -0,0 +1,108 @@
---
# ---
# vars used by roles/ansible_dependencies
# ---
# ---
# vars used by roles/ansible_user
# ---
# ---
# vars used by roles/common/tasks/basic.yml
# ---
# ---
# vars used by roles/common/tasks/sshd.yml
# ---
# ---
# vars used by roles/common/tasks/apt.yml
# ---
# ---
# vars used by roles/common/tasks/users.yml
# ---
default_user:
- name: chris
password: $6$KHaRubWiBQk1amaA$.adqxBIlrlulGGcdK1EWR0XoGiMiyRwf5LPub/MxVFbTjBrH.m3edIAV2KmO06gVGiTlHUZH3XsvtUOXIptpT0
shell: /bin/bash
ssh_keys:
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna'
- name: sysadm
user_id: 1050
group_id: 1050
group: sysadm
password: $6$XI.g9q9bTmzqe35q$tDrpoJFBGsHrmy/mtOAQfrstgIhZEaYGt6hxfTCXI0YvAAUiHT4cJOLR6ivN0CPVNtkv8IFe7dk8NXR/1yScm.
shell: /bin/bash
ssh_keys:
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna'
- name: back
user_id: 1060
group_id: 1060
group: back
password: $6$8v0PKesHmS2Z1xIO$n2a19e2GawIvHNi9U.W4nTxjJCTDtO5AlEP082PnCdp.fw5vIMv1AA.i2RMbXH2XuMdphXU6srSV/wFmp0e0q.
shell: /bin/bash
ssh_keys:
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
sudo_users:
- chris
- sysadm
# ---
# vars used by roles/common/tasks/users-systemfiles.yml
# ---
# ---
# vars used by roles/common/tasks/webadmin-user.yml
# ---
# ---
# vars used by roles/common/tasks/sudoers.yml
# ---
#
# see: roles/common/tasks/vars
# ---
# vars used by roles/common/tasks/caching-nameserver.yml
# ---
apt_install_bind9_packages: true
# ---
# vars used by roles/common/tasks/git.yml
# ---
git_firewall_repository:
name: ipt-gateway
repo: https://git.oopen.de/firewall/ipt-gateway
dest: /usr/local/src/ipt-gateway
# ==============================
# ---
# vars used by scripts/reset_root_passwd.yml
# ---
root_user:
name: root
password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.

View File

@ -1,5 +1,100 @@
---
# ---
# vars used by roles/network_interfaces
# ---
# If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted
network_manage_devices: True
# Should the interfaces be reloaded after config change?
network_interface_reload: False
network_interface_path: /etc/network/interfaces.d
network_interface_required_packages:
- vlan
- bridge-utils
- ifmetric
- ifupdown2
network_interfaces:
- device: br0
# use only once per device (for the first device entry)
headline: br0 - bridge over device enp41s0
# auto & allow are only used for the first device entry
allow: [] # array of allow-[stanzas] eg. allow-hotplug
auto: true
family: inet
mode: static
description: Bridge Interface IPv4 for LXC
address: '162.55.82.89'
netmask: '255.255.255.192'
network: '162.55.82.64'
broadcast: '162.55.82.127'
gateway: '162.55.82.65'
# optional dns settings nameservers: []
# nameservers:
# - "194.150.168.168" # dns.as250.net
# - "91.239.100.100" # anycast.censurfridns.dk
# optional additional subnets/ips subnets: []
# subnets:
# - '192.168.123.0/24'
# - '192.168.124.11/32'
# optional bridge parameters bridge: {}
# bridge:
# ports:
# stp:
# fd:
# maxwait:
# waitport:
bridge:
ports: enp41s0 # for mor devices support a blan separated list
stp: !!str off
fd: 5
hello: 2
# optional bonding parameters bond: {}
# bond:
# mode:
# miimon:
# master:
# slaves:
# lacp-rate:
bond: {}
# optional vlan settings | vlan: {}
# vlan: {}
# raw-device: 'eth0'
vlan: {}
# inline hook scripts
pre-up: [] # pre-up script lines
up:
- !!str "route add -net 162.55.82.64 netmask 255.255.255.192 gw 162.55.82.65 dev br0" # up script lines
post-up: [] # post-up script lines (alias for up)
pre-down: [] # pre-down script lines (alias for down)
down: [] # down script lines
post-down: [] # post-down script lines
- device: br0
family: inet6
mode: static
description: Bridge Interface IPv6 for LXC
address: '2a01:4f8:271:1266::2'
netmask: 64
gateway: 'fe80::1'
# ---
# vars used by roles/ansible_dependencies
# ---
@ -24,8 +119,6 @@
# vars used by roles/common/tasks/apt.yml
# ---
#apt_manage_sources_list: false
# ---
# vars used by roles/common/tasks/users.yml
@ -107,15 +200,6 @@ git_firewall_repository:
repo: https://git.oopen.de/firewall/ipt-server
dest: /usr/local/src/ipt-server
git_other_repositories:
- name: jitsi
repo: https://git.oopen.de/install/jitsi
dest: /usr/local/src/jitsi
- name: etherpad-lite
repo: https://git.oopen.de/install/etherpad-lite
dest: /usr/local/src/etherpad-lite
# ==============================