From 3fb347061cad9a91922f02d61a1970ecf6a90f4d Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Wed, 11 Jan 2023 01:03:10 +0100
Subject: [PATCH] update..

---
 host_vars/file-blkr.blkr.netz.yml             |   4 +
 host_vars/gw-elster.oopen.de.yml              |   8 +-
 host_vars/o26.oopen.de.yml                    | 172 ++++++++++++++++++
 .../mailserver/etc/postfix/postfwd.bl-hosts   |   2 +
 .../mailserver/etc/postfix/postfwd.bl-nets    |   5 +
 .../mailserver/etc/postfix/postfwd.bl-sender  |   2 +
 6 files changed, 189 insertions(+), 4 deletions(-)
 create mode 100644 host_vars/o26.oopen.de.yml

diff --git a/host_vars/file-blkr.blkr.netz.yml b/host_vars/file-blkr.blkr.netz.yml
index ac42fdb..20847b1 100644
--- a/host_vars/file-blkr.blkr.netz.yml
+++ b/host_vars/file-blkr.blkr.netz.yml
@@ -247,6 +247,10 @@ samba_user:
     groups:
       - buero
     password: '???'
+  - name: sebastian
+    groups:
+      - buero
+    password: 'bhNC.P5eTy-2'
 
 base_home: /home
 
diff --git a/host_vars/gw-elster.oopen.de.yml b/host_vars/gw-elster.oopen.de.yml
index 324c0f3..0b90447 100644
--- a/host_vars/gw-elster.oopen.de.yml
+++ b/host_vars/gw-elster.oopen.de.yml
@@ -26,12 +26,12 @@ network_interfaces:
     auto: true
     family: inet
     method: static
-    address: 192.168.1.253
+    address: 172.16.202.1
     netmask: 24
-    gateway: 192.168.1.1
+    gateway: 172.16.202.254
     nameservers:
       - 127.0.0.1
-      - 192.168.1.253
+      - 192.168.202.1
     search: elster.netz
 
 
@@ -41,7 +41,7 @@ network_interfaces:
     family: inet
     method: static
     address: 192.168.202.254
-    netmask: 23
+    netmask: 24
 
 
   - device: eno2:ns
diff --git a/host_vars/o26.oopen.de.yml b/host_vars/o26.oopen.de.yml
new file mode 100644
index 0000000..dad45f0
--- /dev/null
+++ b/host_vars/o26.oopen.de.yml
@@ -0,0 +1,172 @@
+---
+
+# ---
+# vars used by roles/network_interfaces
+# ---
+
+  
+# ---
+# vars used by roles/ansible_dependencies
+# ---
+
+
+# ---
+# vars used by roles/ansible_user
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/basic.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/sshd.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/apt.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/users.yml
+# ---
+
+default_user:
+
+  - name: chris
+    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+
+  - name: sysadm
+    user_id: 1050
+    group_id: 1050
+    group: sysadm
+    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+
+  - name: localadmin
+    user_id: 1051
+    group_id: 1051
+    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+
+  - name: back
+    user_id: 1060
+    group_id: 1060
+    group: back
+    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+
+  - name: andreas.guse
+    user_id: 1002
+    group_id: 1002
+    password: $y$j9T$wTowOhsgU3rywvRJGdoyl.$4EjHrBdIrH5GDxpJWIndfdepmyWhceHQu0LtvygDDfC
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7HY+EyRVoSKGy96bPcX6duyuxWL4VgFos8z6lKuWQTNzpLmPMEEi2Us2eLUWdGKeXW9upg7MmUoPrsXYt5xPfh1M2/uR63GEHTE5fCF5m5EO9rX7eAhTW34yxbckGApV+VGOcYYQWnDyb9eXdE4kuDgG+SRcsW46q2fe+0bt44I9Zj++T5vBBvQFLJNaOgNF4pxG+hsgSClsU3cBQT8wSaB8cV8POsQ52rhWizoJOrDIshQxPIRBwhKrxP4dKMshSEhPOrFPHWm8VJeXFOYkY0Ftu7eGiYMmcjhnXbEezgIh7oPhDwOvdS2Xc4GQXUjuCxsWlH6iD6kJaKghbYAK9 mene@freedom'
+
+  - name: mike.koose
+    user_id: 1003
+    group_id: 1003
+    password: $y$j9T$Y3mv9VA5AzTfLBz8LXNvo.$ORl2XWGB18bNheINON62eunpdfg5D.Hfx2B5FJ9eB92
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAhS9VkMqjwC3ritBstVIRulloi7bgEP8a+GuGqU4wi0uAZeY6h7TvIZoD9Ds/OsxcONqdZJiH5lao65Dd1BpRV0Qv58o8YQ9GFggC+tcAh1XtgIE0bdSgpaU9bSwulKUIGCRMeHr+e9MnDWKByNKb9D5Y6Szk+U7kMtG0GwBFcarL/locXP2wwvc2OkAGx/kZ+CypsuvNdHui7bsSy1PHJr30VrbPq4Y2ItuakZaiLlf1BdMeWZIZXT1Tmoz72K6rbRdsR1ppW1ExmvyCQtvPrNhkU6qgJUzWX1doRJ7hWu1EmzFCEja0SX9/WrwuwYEgmJOh1CpOnV6uDOUo1ChGEw== mike@guse-it'
+
+  - name: lorenzo.barabucci
+    user_id: 1004
+    group_id: 1004
+    password: $y$j9T$iLzDF8LMgG1QvvDY74KcS.$GLXyMgtu.rnGp3e/iwgIUVUnj2fzgs6VhJdkzSQ3506
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAmBP+AUTAm8ZhDhYBjFPCsawNbf/B3hsak1aMr12eK0bH8g+DxwrSwOdNC0c5rb6tsuvK4Tt5rq4ysMhAURplUhE2voMy3Cbmcmd93jtHBYNrcUeORJxILOkpoTo5Qamhr4rQcOMHKR+hvAVpa9KQI4Ckrqourb4QS2hfEmSy5TPN1jKGPt9JRaOl+mCFki0P77deOCv0C8r2oWBaVtvc80gfwHKNQ6BbOY+ot/TwsQmIVou1/F2IMwjq6Z8hdhjZT51ySO+Jk3GJB8HgxQ/RJOWhIkNOTFmjMume5ENVE6ChnS+MqiGdg3t086mYzn3fOfSUltQiVDvjlZax7HWu8Q== lorenzo@guse-it'
+
+  - name: jan.reuter
+    user_id: 1005
+    group_id: 1005
+    password: $y$j9T$l7JcPXfmevyQEV1EuzNgq/$rfrIZbC8yXKZVsWjElTCJ5JrRVM39XsBlzdmbXkhxe3
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzw9GJ49RmdrzhluLKqKNK+uJ3i2L/P0tgfEhTF7Ib9OHGutfv1MvzP4lBzOGHK/+N08qLRP+GvVnisAuoNY1LIlv1rmbaXavnqdDoGIpJtmT1thdHZBx1frHVOs5hM13UwAPjQm+eOkznTT/0UTq42YLtJOXTQCHzr4j1CE2iiFRdY/krHfWL/QPcNUmXne6yobDLUm/w7kM1an26dVHjCFNAbL6FR/HekgPaaHg3HpJMACNiqMTxxamXlNI6wh9PaKwyF5rnLGU2F3D9V1OpGMsUsq8e6iYSK/Z7j9fY/fABrV/ZdK/rLuCcNqS6lU26QeoLN0y/5Yy9AFYUgJYdLPBQrrqKGoyoW0ml3shxeYK8E+c8VJXJ/5uHUbq3aJA7kimjPuLwEzR8NFtpcV8PRG2/VQ3pP6w7CHY25gaesQArIBtb+HmP3kmTUl7hjQfukwjdgScvwqFxiy0cHtVrQ8uJz7rtr9H3A3pdw1x4qPesfksv3cozQL6MElp0B8M= Jan Reuter@DESKTOP-EP4O0RA'
+
+  - name: francois.winom
+    user_id: 1006
+    group_id: 1006
+    password: $y$j9T$PRcHzZCoFB0hzVvW.z5I7/$8JR6FCvTs1zV3ihMBzDTNBLqq4/MH4KhtFyGBJ0auz/
+    shell: /bin/bash
+    ssh_keys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
+      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmbJpeyrF0dsUScQ7+ZwHTTh61ttsSyY+c8L6HBOw5sItjybAV2tKD9SaKZ0ZGHNuK99Yq95pXzNWO7JaPN1UPPfjomIK9FwuEWLivDsCy5mezoWmMF8mFBLI4sJMd372Hs/A3OigwMkutPMbMqHWOFabXKFDY5Fc/qVuwLXDMiENsxduZlbgmRTbb/oMxbG5sxBC4iOQGrg/pCklpjt9IqOF0itBJM4TvInXKLYwegAz+VzMuo5XsECAAnGA9/PT2ocJoEehbVPeGlm3VQFUBw40JrzQXxh8Td++jpiFNedSiQWn3ddP0yqqOYgHfuTYvTxY8kQ/tcpLStjlL0+3X francois@GuseIT-Aposien'
+
+sudo_users:
+  - chris
+  - sysadm
+  - localadmin
+  - andreas.guse
+  - mike.koose
+  - lorenzo.barabucci
+  - jan.reuter
+  - francois.winom
+
+
+# ---
+# vars used by roles/common/tasks/users-systemfiles.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/webadmin-user.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/sudoers.yml
+# ---
+#
+# see: roles/common/tasks/vars
+
+
+# ---
+# vars used by roles/common/tasks/caching-nameserver.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/git.yml
+# ---
+
+git_firewall_repository:
+  name: ipt-server
+  repo: https://git.oopen.de/firewall/ipt-server
+  dest: /usr/local/src/ipt-server
+
+
+# ==============================
+
+
+# ---
+# vars used by scripts/reset_root_passwd.yml
+# ---
+
+root_user:
+  name: root
+  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
diff --git a/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts b/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts
index 75db440..d672655 100644
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts
@@ -66,3 +66,5 @@ kitchenespial\.com$
 owboyhardware\.com$
 comicartcollective\.com$
 fesg56wesg\.xyz$
+convinceandconvert\.com$
+thelargest\.homes$
diff --git a/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets b/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets
index 36193e1..39aada9 100644
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets
@@ -125,3 +125,8 @@
 193.42.38.0/24
 # US (u.a. pro-versender.com)
 173.254.192.0/18
+# US ( u.a. werksvertriebe.com)
+104.218.236.0/23
+# US ( u.a. notstrom-generatoren.com)
+68.69.187.0/24
+104.156.156.0/22
diff --git a/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender b/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender
index 7940eea..667ffab 100644
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender
@@ -83,6 +83,8 @@ firmen-infos\.com$
 @echtzeit-video\.com$
 @cortlandparkcashmere\.com$
 @pro-versender\.com$
+@werksvertriebe\.com$
+@notstrom-generatoren\.com$
 
 # annoying spammer addresses
 ^error@mailfrom\.com$