From 302160818ea92444966f2afb4a28ea288d7fc75b Mon Sep 17 00:00:00 2001 From: Christoph Date: Tue, 12 Jan 2021 00:42:48 +0100 Subject: [PATCH] update... --- host_vars/b.ns.oopen.de.yml | 2 - host_vars/bbb.oopen.de.yml | 139 ------------------------- hosts | 18 ++-- roles/modify-ipt-server/tasks/main.yml | 62 ++++++++--- 4 files changed, 56 insertions(+), 165 deletions(-) delete mode 100644 host_vars/bbb.oopen.de.yml diff --git a/host_vars/b.ns.oopen.de.yml b/host_vars/b.ns.oopen.de.yml index 430df6e..280dec0 100644 --- a/host_vars/b.ns.oopen.de.yml +++ b/host_vars/b.ns.oopen.de.yml @@ -86,8 +86,6 @@ extra_user: # vars used by scripts/install-update-firewall.yml # --- -git_firewall_repository: {} - # ============================== diff --git a/host_vars/bbb.oopen.de.yml b/host_vars/bbb.oopen.de.yml deleted file mode 100644 index f620e33..0000000 --- a/host_vars/bbb.oopen.de.yml +++ /dev/null @@ -1,139 +0,0 @@ ---- - -# --- -# vars used by roles/ansible_dependencies -# --- - - -# --- -# vars used by roles/ansible_user -# --- - - -# --- -# vars used by roles/common/tasks/basic.yml -# --- - - -# --- -# vars used by roles/common/tasks/sshd.yml -# --- - - -# --- -# vars used by roles/common/tasks/apt.yml -# --- - -apt_manage_sources_list: false - - -# --- -# vars used by roles/common/tasks/users.yml -# --- -ssh_keypair_backup_server: - - name: backup - backup_user: back - priv_key_src: root/.ssh/id_rsa.backup.oopen.de - priv_key_dest: /root/.ssh/id_rsa - pub_key_src: root/.ssh/id_rsa.backup.oopen.de.pub - pub_key_dest: /root/.ssh/id_rsa.pub - -insert_root_ssh_keypair: true - -root_ssh_keypair: - - name: backup - login: root - priv_key_src: root/.ssh/id_ed25519.oopen-server - priv_key_dest: /root/.ssh/id_ed25519 - pub_key_src: root/.ssh/id_ed25519.oopen-server.pub - pub_key_dest: /root/.ssh/id_ed25519.pub - target: backup.oopen.de - - -default_user: - - - name: chris - password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL. - shell: /bin/bash - ssh_keys: - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' - - - name: sysadm - - user_id: 1050 - group_id: 1050 - group: sysadm - password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1 - shell: /bin/bash - ssh_keys: - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' - - - name: localadmin - user_id: 1051 - group_id: 1051 - password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90 - shell: /bin/bash - ssh_keys: - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS' - - - name: back - user_id: 1060 - group_id: 1060 - group: back - password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n. - shell: /bin/bash - ssh_keys: - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' - -sudo_users: - - chris - - sysadm - - localadmin - - -# --- -# vars used by roles/common/tasks/users-systemfiles.yml -# --- - - -# --- -# vars used by roles/common/tasks/webadmin-user.yml -# --- - - -# --- -# vars used by roles/common/tasks/sudoers.yml -# --- -# -# see: roles/common/tasks/vars - - -# --- -# vars used by roles/common/tasks/caching-nameserver.yml -# --- - - -# --- -# vars used by roles/common/tasks/git.yml -# --- - -git_firewall_repository: - name: ipt-server - repo: https://git.oopen.de/firewall/ipt-server - dest: /usr/local/src/ipt-server - -# ============================== - - -# --- -# vars used by scripts/reset_root_passwd.yml -# --- - -root_user: - name: root - password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq. - diff --git a/hosts b/hosts index 85ed868..8bf4f64 100644 --- a/hosts +++ b/hosts @@ -85,7 +85,7 @@ d.mx.oopen.de o15.oopen.de b.mx.oopen.de piwik.oopen.de -www-01.oopen.de +web-01.oopen.de web-03.oopen.de o17.oopen.de @@ -271,7 +271,7 @@ d.mx.oopen.de o15.oopen.de b.mx.oopen.de piwik.oopen.de -www-01.oopen.de +web-01.oopen.de web-03.oopen.de o17.oopen.de @@ -410,7 +410,7 @@ a.mx.oopen.de d.mx.oopen.de # o15.oopen.de -www-01.oopen.de +web-01.oopen.de web-03.oopen.de piwik.oopen.de @@ -604,7 +604,7 @@ initiativenserver.oopen.de o13-web.oopen.de # o15.oopen.de -www-01.oopen.de +web-01.oopen.de web-03.oopen.de # o21.oopen.de @@ -657,7 +657,7 @@ d.mx.oopen.de # o15.oopen.de b.mx.oopen.de -www-01.oopen.de +web-01.oopen.de # o17.oopen.de test.mx.oopen.de @@ -712,7 +712,7 @@ a.mx.oopen.de # o15.oopen.de web-03.oopen.de -www-01.oopen.de +web-01.oopen.de # o25.oopen.de mail.faire-mobilitaet.de @@ -762,7 +762,7 @@ d.mx.oopen.de # o15.oopen.de piwik.oopen.de -www-01.oopen.de +web-01.oopen.de web-03.oopen.de # o17.oopen.de @@ -1065,7 +1065,7 @@ d.mx.oopen.de # - o15.oopen.de b.mx.oopen.de piwik.oopen.de -www-01.oopen.de +web-01.oopen.de web-03.oopen.de # - o17.oopen.de @@ -1234,7 +1234,7 @@ d.mx.oopen.de o15.oopen.de b.mx.oopen.de piwik.oopen.de -www-01.oopen.de +web-01.oopen.de web-03.oopen.de # - o17.oopen.de diff --git a/roles/modify-ipt-server/tasks/main.yml b/roles/modify-ipt-server/tasks/main.yml index b5581cc..15dd686 100644 --- a/roles/modify-ipt-server/tasks/main.yml +++ b/roles/modify-ipt-server/tasks/main.yml @@ -4,6 +4,10 @@ # Install/Uodate git firewall repository # --- +- meta: end_play + when: git_firewall_repository is not defined or git_firewall_repository|length < 1 + + - name: Install/update firewall repository git: repo: '{{ git_firewall_repository.repo }}' @@ -18,12 +22,12 @@ - name: Check if file '/etc/ipt-firewall/main_ipv6.conf' exists stat: path: /etc/ipt-firewall/main_ipv6.conf - register: main_ipv4_exists + register: main_ipv6_exists - name: Check if file '/etc/ipt-firewall/main_ipv4.conf' exists stat: path: /etc/ipt-firewall/main_ipv4.conf - register: main_ipv6_exists + register: main_ipv4_exists - name: Check if file '/etc/munin/munin-node.conf' exists stat: @@ -81,6 +85,8 @@ path: /etc/ipt-firewall/main_ipv4.conf regexp: '^dovecot_auth_port=' line: 'dovecot_auth_port="$dovecot_external_auth_port"' + when: + - main_ipv4_exists.stat.exists - name: addjust line 'dovecot_auth_port' (IPv6) lineinfile: @@ -95,6 +101,8 @@ path: /etc/ipt-firewall/main_ipv4.conf regexp: '^jitsi_tcp_ports=' line: 'jitsi_tcp_ports="$standard_jitsi_tcp_ports"' + when: + - main_ipv4_exists.stat.exists - name: addjust line 'jitsi_tcp_ports' (IPv6) lineinfile: @@ -109,6 +117,8 @@ path: /etc/ipt-firewall/main_ipv4.conf regexp: '^jitsi_udp_port_range=' line: 'jitsi_udp_port_range="$standard_jitsi_udp_port_range"' + when: + - main_ipv4_exists.stat.exists - name: addjust line 'jitsi_udp_ports' (IPv6) lineinfile: @@ -123,6 +133,8 @@ path: /etc/ipt-firewall/main_ipv4.conf regexp: '^jitsi_dovecot_port=' line: 'jitsi_dovecot_port="$default_jitsi_dovecout_auth_port"' + when: + - main_ipv4_exists.stat.exists - name: addjust line 'jitsi_dovecot_port' (IPv6) lineinfile: @@ -137,6 +149,8 @@ path: /etc/ipt-firewall/main_ipv4.conf regexp: '^nc_turn_ports=' line: 'nc_turn_ports="$standard_turn_service_ports"' + when: + - main_ipv4_exists.stat.exists - name: addjust line 'nc_turn_ports' (IPv6) lineinfile: @@ -725,7 +739,7 @@ failed_when: "jitsi_jibri_remote_auth_ipv4_present.rc > 1" changed_when: "jitsi_jibri_remote_auth_ipv4_present.rc > 0" -- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (jitsi dovecot auth) +- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (jibri streamin/recording) blockinfile: path: /etc/ipt-firewall/main_ipv4.conf insertafter: '^#?\s*jitsi_dovecot_port' @@ -751,7 +765,7 @@ forward_jibri_server_ips="" jibri_remote_jitsi_server="" jibri_remote_auth_port="$default_jibri_out_port" - marker: "# Marker set by modify-ipt-server.yml (jitsi dovecot auth)" + marker: "# Marker set by modify-ipt-server.yml (jibri streamin/recording)" when: - main_ipv4_exists.stat.exists - jitsi_jibri_remote_auth_ipv4_present is changed @@ -759,21 +773,37 @@ - name: Check if String 'jitsi_jibri_remote_auth=..' (IPv6) is present shell: grep -q -E "^jitsi_jibri_remote_auth=" /etc/ipt-firewall/main_ipv6.conf register: jitsi_jibri_remote_auth_ipv6_present - when: main_ipv4_exists.stat.exists + when: main_ipv6_exists.stat.exists failed_when: "jitsi_jibri_remote_auth_ipv6_present.rc > 1" changed_when: "jitsi_jibri_remote_auth_ipv6_present.rc > 0" -- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (jitsi dovecot auth) +- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (jibri streamin/recording) blockinfile: path: /etc/ipt-firewall/main_ipv6.conf insertafter: '^#?\s*jitsi_dovecot_port' block: | - # - Jitsi Dovecot Authentication + # - Jibri extern Client Recording / Streamin # - - jitsi_dovecot_auth=false - jitsi_dovecot_host="" - jitsi_dovecot_port="$default_jitsi_dovecout_auth_port" - marker: "# Marker set by modify-ipt-server.yml (jitsi dovecot auth)" + jitsi_jibri_remote_auth=false + # - Remote Jibri servers + # - + # - colon separated list of ipv6 addresses + # - + jitsi_jibri_remote_ips="" + jitsi_jibri_remote_auth_port="$default_jibri_out_port" + + + # - Jibri Recording / Streaming Service + # - + # - colon separated list of ipv6 addresses + # - + jibri_server_ips="" + # - colon separated list of ipv6 addresses + # - + forward_jibri_server_ips="" + jibri_remote_jitsi_server="" + jibri_remote_auth_port="$default_jibri_out_port" + marker: "# Marker set by modify-ipt-server.yml (jibri streamin/recording)" when: - main_ipv6_exists.stat.exists - jitsi_jibri_remote_auth_ipv6_present is changed @@ -936,7 +966,8 @@ # 1 -> changed # 2 -> not present failed_when: "diff_script_output.rc > 2" - when: git_firewall_repository is defined and git_firewall_repository > 0 + when: + - git_firewall_repository is defined and git_firewall_repository|length > 0 loop: - default_ports.conf - include_functions.conf @@ -958,7 +989,7 @@ - logging_ipv6.conf - post_decalrations.conf when: - - git_firewall_repository is defined and git_firewall_repository > 0 + - git_firewall_repository is defined and git_firewall_repository|length > 0 - diff_script_output.changed notify: - Restart IPv4 Firewall @@ -976,7 +1007,8 @@ # 1 -> changed # 2 -> not present failed_when: "diff_script_output.rc > 2" - when: git_firewall_repository is defined and git_firewall_repository > 0 + when: + - git_firewall_repository is defined and git_firewall_repository|length > 0 loop: - ipt-firewall-server - ip6t-firewall-server @@ -988,7 +1020,7 @@ - ipt-firewall-server - ip6t-firewall-server when: - - git_firewall_repository is defined and git_firewall_repository > 0 + - git_firewall_repository is defined and git_firewall_repository|length > 0 - diff_script_output.changed notify: - Restart IPv4 Firewall