update...

host_vars/b.ns.oopen.de.yml

@@ -86,8 +86,6 @@ extra_user:
 # vars used by scripts/install-update-firewall.yml
 # ---
 
-git_firewall_repository: {}
-
 
 # ==============================
 

host_vars/bbb.oopen.de.yml

@@ -1,139 +0,0 @@
----
-
-# ---
-# vars used by roles/ansible_dependencies
-# ---
-
-
-# ---
-# vars used by roles/ansible_user
-# ---
-
-
-# ---
-# vars used by roles/common/tasks/basic.yml
-# ---
-
-
-# ---
-# vars used by roles/common/tasks/sshd.yml
-# ---
-
-
-# ---
-# vars used by roles/common/tasks/apt.yml
-# ---
-
-apt_manage_sources_list: false
-
-
-# ---
-# vars used by roles/common/tasks/users.yml
-# ---
-ssh_keypair_backup_server:
-  - name: backup
-    backup_user: back
-    priv_key_src: root/.ssh/id_rsa.backup.oopen.de
-    priv_key_dest: /root/.ssh/id_rsa
-    pub_key_src: root/.ssh/id_rsa.backup.oopen.de.pub
-    pub_key_dest: /root/.ssh/id_rsa.pub
-
-insert_root_ssh_keypair: true
-
-root_ssh_keypair:
-  - name: backup
-    login: root
-    priv_key_src: root/.ssh/id_ed25519.oopen-server
-    priv_key_dest: /root/.ssh/id_ed25519
-    pub_key_src: root/.ssh/id_ed25519.oopen-server.pub
-    pub_key_dest: /root/.ssh/id_ed25519.pub
-    target: backup.oopen.de
-
-
-default_user:
-
-  - name: chris
-    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
-    shell: /bin/bash
-    ssh_keys:
-     - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
-     - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna'
-
-  - name: sysadm
-
-    user_id: 1050
-    group_id: 1050
-    group: sysadm
-    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
-    shell: /bin/bash
-    ssh_keys:
-      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
-      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna'
-
-  - name: localadmin
-    user_id: 1051
-    group_id: 1051
-    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
-    shell: /bin/bash
-    ssh_keys:
-     - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
-     - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it'
-     - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS'
-
-  - name: back
-    user_id: 1060
-    group_id: 1060
-    group: back
-    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
-    shell: /bin/bash
-    ssh_keys:
-     - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna'
-
-sudo_users:
-  - chris
-  - sysadm
-  - localadmin
-
-
-# ---
-# vars used by roles/common/tasks/users-systemfiles.yml
-# ---
-
-
-# ---
-# vars used by roles/common/tasks/webadmin-user.yml
-# ---
-
-
-# ---
-# vars used by roles/common/tasks/sudoers.yml
-# ---
-#
-# see: roles/common/tasks/vars
-
-
-# ---
-# vars used by roles/common/tasks/caching-nameserver.yml
-# ---
-
-
-# ---
-# vars used by roles/common/tasks/git.yml
-# ---
-
-git_firewall_repository:
-  name: ipt-server
-  repo: https://git.oopen.de/firewall/ipt-server
-  dest: /usr/local/src/ipt-server
-
-# ==============================
-
-
-# ---
-# vars used by scripts/reset_root_passwd.yml
-# ---
-
-root_user:
-  name: root
-  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
-

hosts

@@ -85,7 +85,7 @@ d.mx.oopen.de
 o15.oopen.de
 b.mx.oopen.de
 piwik.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 web-03.oopen.de
 
 o17.oopen.de
@@ -271,7 +271,7 @@ d.mx.oopen.de
 o15.oopen.de
 b.mx.oopen.de
 piwik.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 web-03.oopen.de
 
 o17.oopen.de
@@ -410,7 +410,7 @@ a.mx.oopen.de
 d.mx.oopen.de
 
 # o15.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 web-03.oopen.de
 piwik.oopen.de
 
@@ -604,7 +604,7 @@ initiativenserver.oopen.de
 o13-web.oopen.de
 
 # o15.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 web-03.oopen.de
 
 # o21.oopen.de
@@ -657,7 +657,7 @@ d.mx.oopen.de
 
 # o15.oopen.de
 b.mx.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 
 # o17.oopen.de
 test.mx.oopen.de
@@ -712,7 +712,7 @@ a.mx.oopen.de
 
 # o15.oopen.de
 web-03.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 
 # o25.oopen.de
 mail.faire-mobilitaet.de
@@ -762,7 +762,7 @@ d.mx.oopen.de
 
 # o15.oopen.de
 piwik.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 web-03.oopen.de
 
 # o17.oopen.de
@@ -1065,7 +1065,7 @@ d.mx.oopen.de
 # - o15.oopen.de
 b.mx.oopen.de
 piwik.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 web-03.oopen.de
 
 # - o17.oopen.de
@@ -1234,7 +1234,7 @@ d.mx.oopen.de
 o15.oopen.de
 b.mx.oopen.de
 piwik.oopen.de
-www-01.oopen.de
+web-01.oopen.de
 web-03.oopen.de
 
 # - o17.oopen.de

roles/modify-ipt-server/tasks/main.yml

@@ -4,6 +4,10 @@
 # Install/Uodate git firewall repository
 # ---
 
+- meta: end_play
+  when: git_firewall_repository is not defined or git_firewall_repository|length < 1
+
+
 - name: Install/update firewall repository
   git:
     repo: '{{ git_firewall_repository.repo }}'
@@ -18,12 +22,12 @@
 - name: Check if file '/etc/ipt-firewall/main_ipv6.conf' exists
   stat:
     path: /etc/ipt-firewall/main_ipv6.conf
-  register: main_ipv4_exists
+  register: main_ipv6_exists
 
 - name: Check if file '/etc/ipt-firewall/main_ipv4.conf' exists
   stat:
     path: /etc/ipt-firewall/main_ipv4.conf
-  register: main_ipv6_exists
+  register: main_ipv4_exists
 
 - name: Check if file '/etc/munin/munin-node.conf' exists
   stat:
@@ -81,6 +85,8 @@
     path: /etc/ipt-firewall/main_ipv4.conf
     regexp: '^dovecot_auth_port='
     line: 'dovecot_auth_port="$dovecot_external_auth_port"'
+  when: 
+      - main_ipv4_exists.stat.exists
 
 - name: addjust line 'dovecot_auth_port' (IPv6)
   lineinfile:
@@ -95,6 +101,8 @@
     path: /etc/ipt-firewall/main_ipv4.conf
     regexp: '^jitsi_tcp_ports='
     line: 'jitsi_tcp_ports="$standard_jitsi_tcp_ports"'
+  when: 
+      - main_ipv4_exists.stat.exists
 
 - name: addjust line 'jitsi_tcp_ports' (IPv6)
   lineinfile:
@@ -109,6 +117,8 @@
     path: /etc/ipt-firewall/main_ipv4.conf
     regexp: '^jitsi_udp_port_range='
     line: 'jitsi_udp_port_range="$standard_jitsi_udp_port_range"'
+  when: 
+      - main_ipv4_exists.stat.exists
 
 - name: addjust line 'jitsi_udp_ports' (IPv6)
   lineinfile:
@@ -123,6 +133,8 @@
     path: /etc/ipt-firewall/main_ipv4.conf
     regexp: '^jitsi_dovecot_port='
     line: 'jitsi_dovecot_port="$default_jitsi_dovecout_auth_port"'
+  when: 
+      - main_ipv4_exists.stat.exists
 
 - name: addjust line 'jitsi_dovecot_port' (IPv6)
   lineinfile:
@@ -137,6 +149,8 @@
     path: /etc/ipt-firewall/main_ipv4.conf
     regexp: '^nc_turn_ports='
     line: 'nc_turn_ports="$standard_turn_service_ports"'
+  when: 
+      - main_ipv4_exists.stat.exists
 
 - name: addjust line 'nc_turn_ports' (IPv6)
   lineinfile:
@@ -725,7 +739,7 @@
   failed_when: "jitsi_jibri_remote_auth_ipv4_present.rc > 1"
   changed_when: "jitsi_jibri_remote_auth_ipv4_present.rc > 0"
 
-- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (jitsi dovecot auth)
+- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (jibri streamin/recording)
   blockinfile:
     path: /etc/ipt-firewall/main_ipv4.conf
     insertafter: '^#?\s*jitsi_dovecot_port'
@@ -751,7 +765,7 @@
       forward_jibri_server_ips=""
       jibri_remote_jitsi_server=""
       jibri_remote_auth_port="$default_jibri_out_port"
-    marker: "# Marker set by modify-ipt-server.yml (jitsi dovecot auth)"
+    marker: "# Marker set by modify-ipt-server.yml (jibri streamin/recording)"
   when: 
     - main_ipv4_exists.stat.exists
     - jitsi_jibri_remote_auth_ipv4_present is changed
@@ -759,21 +773,37 @@
 - name: Check if String 'jitsi_jibri_remote_auth=..' (IPv6) is present
   shell: grep -q -E "^jitsi_jibri_remote_auth=" /etc/ipt-firewall/main_ipv6.conf
   register: jitsi_jibri_remote_auth_ipv6_present
-  when: main_ipv4_exists.stat.exists
+  when: main_ipv6_exists.stat.exists
   failed_when: "jitsi_jibri_remote_auth_ipv6_present.rc > 1"
   changed_when: "jitsi_jibri_remote_auth_ipv6_present.rc > 0"
 
-- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (jitsi dovecot auth)
+- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (jibri streamin/recording)
   blockinfile:
     path: /etc/ipt-firewall/main_ipv6.conf
     insertafter: '^#?\s*jitsi_dovecot_port'
     block: |
-      # - Jitsi Dovecot Authentication
+      # - Jibri extern Client Recording / Streamin
       # -
-      jitsi_dovecot_auth=false
+      jitsi_jibri_remote_auth=false
-      jitsi_dovecot_host=""
+      # - Remote Jibri servers
-      jitsi_dovecot_port="$default_jitsi_dovecout_auth_port"
+      # -
-    marker: "# Marker set by modify-ipt-server.yml (jitsi dovecot auth)"
+      # - colon separated list of ipv6 addresses
+      # -
+      jitsi_jibri_remote_ips=""
+      jitsi_jibri_remote_auth_port="$default_jibri_out_port"
+
+
+      # - Jibri Recording / Streaming Service
+      # -
+      # - colon separated list of ipv6 addresses
+      # -
+      jibri_server_ips=""
+      # - colon separated list of ipv6 addresses
+      # -
+      forward_jibri_server_ips=""
+      jibri_remote_jitsi_server=""
+      jibri_remote_auth_port="$default_jibri_out_port"
+    marker: "# Marker set by modify-ipt-server.yml (jibri streamin/recording)"
   when: 
     - main_ipv6_exists.stat.exists
     - jitsi_jibri_remote_auth_ipv6_present is changed
@@ -936,7 +966,8 @@
   #    1  -> changed
   #    2  -> not present
   failed_when: "diff_script_output.rc > 2"
-  when: git_firewall_repository is defined and git_firewall_repository > 0
+  when: 
+    - git_firewall_repository is defined and git_firewall_repository|length > 0
   loop:
      - default_ports.conf
      - include_functions.conf
@@ -958,7 +989,7 @@
      - logging_ipv6.conf
      - post_decalrations.conf
   when:
-    - git_firewall_repository is defined and git_firewall_repository > 0
+    - git_firewall_repository is defined and git_firewall_repository|length > 0
     - diff_script_output.changed
   notify:
     - Restart IPv4 Firewall
@@ -976,7 +1007,8 @@
   #    1  -> changed
   #    2  -> not present
   failed_when: "diff_script_output.rc > 2"
-  when: git_firewall_repository is defined and git_firewall_repository > 0
+  when: 
+    - git_firewall_repository is defined and git_firewall_repository|length > 0
   loop:
      - ipt-firewall-server
      - ip6t-firewall-server
@@ -988,7 +1020,7 @@
      - ipt-firewall-server
      - ip6t-firewall-server
   when:
-    - git_firewall_repository is defined and git_firewall_repository > 0
+    - git_firewall_repository is defined and git_firewall_repository|length > 0
     - diff_script_output.changed
   notify:
     - Restart IPv4 Firewall