diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml index df2fa8b..c888c20 100644 --- a/group_vars/all/main.yml +++ b/group_vars/all/main.yml @@ -990,6 +990,11 @@ git_apache2_repositories: repo: https://git.oopen.de/script/apache2 dest: /root/bin/apache2 + # Monitoring + - name: monitoring + repo: https://git.oopen.de/script/monitoring + dest: /root/bin/monitoring + # install repositories (destination: /usr/local/src/) - name: apache2 repo: https://git.oopen.de/install/apache2 @@ -999,6 +1004,11 @@ git_apache2_repositories: repo: https://git.oopen.de/install/php dest: /usr/local/src/php + # dehydrated-cron + - name: dehydrated-cron + repo: https://git.codecoop.org/so36intern/dehydrated-cron.git + dest: /usr/local/src/dehydrated-cron + # --- # group [nginx_webserver] diff --git a/host_vars/o36.oopen.de.yml b/host_vars/o36.oopen.de.yml new file mode 100644 index 0000000..a6a5492 --- /dev/null +++ b/host_vars/o36.oopen.de.yml @@ -0,0 +1,148 @@ +--- + +# --- +# vars used by roles/ansible_dependencies +# --- + + +# --- +# vars used by roles/ansible_user +# --- + + +# --- +# vars used by roles/common/tasks/basic.yml +# --- + + +# --- +# vars used by roles/common/tasks/sshd.yml +# --- + + +# --- +# vars used by roles/common/tasks/apt.yml +# --- + +#apt_manage_sources_list: false + + +# --- +# vars used by roles/common/tasks/users.yml +# --- +ssh_keypair_backup_server: + - name: backup + backup_user: back + priv_key_src: root/.ssh/id_rsa.backup.oopen.de + priv_key_dest: /root/.ssh/id_rsa + pub_key_src: root/.ssh/id_rsa.backup.oopen.de.pub + pub_key_dest: /root/.ssh/id_rsa.pub + +insert_root_ssh_keypair: true + +root_ssh_keypair: + - name: backup + login: root + priv_key_src: root/.ssh/id_ed25519.oopen-server + priv_key_dest: /root/.ssh/id_ed25519 + pub_key_src: root/.ssh/id_ed25519.oopen-server.pub + pub_key_dest: /root/.ssh/id_ed25519.pub + target: backup.oopen.de + + +default_user: + + - name: chris + password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL. + shell: /bin/bash + ssh_keys: + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' + + - name: sysadm + + user_id: 1050 + group_id: 1050 + group: sysadm + password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1 + shell: /bin/bash + ssh_keys: + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna' + + - name: localadmin + user_id: 1051 + group_id: 1051 + password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90 + shell: /bin/bash + ssh_keys: + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it' + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS' + + - name: back + user_id: 1060 + group_id: 1060 + group: back + password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n. + shell: /bin/bash + ssh_keys: + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna' + +sudo_users: + - chris + - sysadm + - localadmin + + +# --- +# vars used by roles/common/tasks/users-systemfiles.yml +# --- + + +# --- +# vars used by roles/common/tasks/webadmin-user.yml +# --- + + +# --- +# vars used by roles/common/tasks/sudoers.yml +# --- +# +# see: roles/common/tasks/vars + + +# --- +# vars used by roles/common/tasks/caching-nameserver.yml +# --- + + +# --- +# vars used by roles/common/tasks/git.yml +# --- + +git_firewall_repository: + name: ipt-server + repo: https://git.oopen.de/firewall/ipt-server + dest: /usr/local/src/ipt-server + +git_other_repositories: + - name: jitsi + repo: https://git.oopen.de/install/jitsi + dest: /usr/local/src/jitsi + + - name: etherpad-lite + repo: https://git.oopen.de/install/etherpad-lite + dest: /usr/local/src/etherpad-lite + +# ============================== + + +# --- +# vars used by scripts/reset_root_passwd.yml +# --- + +root_user: + name: root + password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq. + diff --git a/hosts b/hosts index bb3c28f..85ed868 100644 --- a/hosts +++ b/hosts @@ -38,12 +38,6 @@ ga-st-gw.ga.netz ga-al-gw.ga.netz ga-nh-gw.ga.netz -o19.oopen.de -backup.oopen.de -git.oopen.de -munin.oopen.de -nscache.oopen.de - server16.warenform.de helden.warenform.de @@ -53,11 +47,6 @@ cloud-giz.warenform.de server26.warenform.de git.warenform.de -o10.oopen.de -cloud.oopen.de -etherpad.oopen.de -limesurvey.oopen.de - o12.oopen.de initiativenserver.oopen.de stolpersteine.oopen.de @@ -87,19 +76,17 @@ o13-mail.oopen.de o13-mumble.oopen.de o13-pad.oopen.de o13-schleuder.oopen.de -o13-test.oopen.de o13-web.oopen.de o14.oopen.de b.ns.oopen.de d.mx.oopen.de -www2.oopen.de o15.oopen.de b.mx.oopen.de piwik.oopen.de -www.oopen.de -www3.oopen.de +www-01.oopen.de +web-03.oopen.de o17.oopen.de test.mx.oopen.de @@ -144,12 +131,9 @@ o27.oopen.de # Backup Server o28.oopen.de -# BigBlueButton Mäx +# Jitsi Meet - Anwaeltinnenbüro o29.oopen.de -# Jitsi Meet Faire Mobilitaet -o30.oopen.de - # Jibri - Faire Mobilitaet o31.oopen.de @@ -165,10 +149,15 @@ o34.oopen.de o35.oopen.de cl-02.oopen.de e.mx.oopen.de +etherpad.oopen.de +web-02.oopen.de # Jitsi Meet - ReachOut o36.oopen.de +# Backup Faire Mobilitaet +o37.oopen.de + [initial_setup] @@ -259,12 +248,6 @@ dns1.warenform.de # - O.OPEN Server # --- -# - o10.oopen.de -o10.oopen.de -cloud.oopen.de -etherpad.oopen.de -limesurvey.oopen.de - o12.oopen.de c.mx.oopen.de initiativenserver.oopen.de @@ -276,7 +259,6 @@ o13-mail.oopen.de o13-mumble.oopen.de o13-pad.oopen.de o13-schleuder.oopen.de -o13-test.oopen.de o13-web.oopen.de # - o14.oopen.de @@ -284,27 +266,19 @@ o14.oopen.de a.mx.oopen.de b.ns.oopen.de d.mx.oopen.de -www2.oopen.de # - o15.oopen.de o15.oopen.de b.mx.oopen.de piwik.oopen.de -www.oopen.de -www3.oopen.de +www-01.oopen.de +web-03.oopen.de o17.oopen.de test.mx.oopen.de test.mariadb.oopen.de meet2.oopen.de -# o19.oopen.de -o19.oopen.de -backup.oopen.de -git.oopen.de -munin.oopen.de -nscache.oopen.de - # - o20.oopen.de (srv-cityslang.cityslang.com) o20.oopen.de @@ -347,14 +321,14 @@ o27.oopen.de # - o28.oopen.de o28.oopen.de +backup.oopen.de +git.oopen.de +munin.oopen.de +nscache.oopen.de -# BigBlueButton Mäx -# - o29.oopen.de +# Jitsi Meet - Anwaeltinnenbüro o29.oopen.de -# Jitsi Meet Faire Mobilitaet -o30.oopen.de - # Jibri - Faire Mobilitaet o31.oopen.de @@ -371,10 +345,15 @@ o34.oopen.de o35.oopen.de cl-02.oopen.de e.mx.oopen.de +etherpad.oopen.de +web-02.oopen.de # Jitsi Meet - ReachOut o36.oopen.de +# Backup Faire Mobilitaet +o37.oopen.de + # - Vserver von Sinma a.ns.oopen.de @@ -417,10 +396,6 @@ devel-wiki.wf.netz # - O.OPEN Server # --- -# o10.oopen.de -cloud.oopen.de -limesurvey.oopen.de - # o12.oopen.de initiativenserver.oopen.de c.mx.oopen.de @@ -433,18 +408,17 @@ o13-web.oopen.de # o14.oopen.de a.mx.oopen.de d.mx.oopen.de -www2.oopen.de # o15.oopen.de -www.oopen.de -www3.oopen.de +www-01.oopen.de +web-03.oopen.de piwik.oopen.de # o17.oopen.de test.mariadb.oopen.de test.mx.oopen.de -# o19.oopen.de +# o28.oopen.de munin.oopen.de # o20.oopen.de (srv-cityslang.cityslang.com) @@ -472,6 +446,10 @@ mail.faire-mobilitaet.de # o35.oopen.de cl-02.oopen.de e.mx.oopen.de +web-02.oopen.de + +# Backup Faire Mobilitaet +o37.oopen.de # --- # O.OPEN office network @@ -563,9 +541,6 @@ devel-repos.wf.netz [nginx_webserver] -# o10.oopen.de -etherpad.oopen.de - # o12.oopen.de stolpersteine.oopen.de @@ -594,12 +569,9 @@ o26.oopen.de # netcup - Jitsi Meet Martin Beck o27.oopen.de -# BigBlueButton Mäx +# Jitsi Meet - Anwaeltinnenbüro o29.oopen.de -# Jitsi Meet Faire Mobilitaet -o30.oopen.de - # Jibri - Faire Mobilitaet o31.oopen.de @@ -631,12 +603,9 @@ initiativenserver.oopen.de # o13.oopen.de o13-web.oopen.de -# o14.oopen.de -www2.oopen.de - # o15.oopen.de -www.oopen.de -www3.oopen.de +www-01.oopen.de +web-03.oopen.de # o21.oopen.de web.cadus.org @@ -656,6 +625,10 @@ o31.oopen.de # etventure o32.oopen.de +# o35.oopen.de +etherpad.oopen.de +web-02.oopen.de + # --- # Warenform server @@ -684,7 +657,7 @@ d.mx.oopen.de # o15.oopen.de b.mx.oopen.de -www.oopen.de +www-01.oopen.de # o17.oopen.de test.mx.oopen.de @@ -738,8 +711,8 @@ o13-mail.oopen.de a.mx.oopen.de # o15.oopen.de -www3.oopen.de -www.oopen.de +web-03.oopen.de +www-01.oopen.de # o25.oopen.de mail.faire-mobilitaet.de @@ -774,11 +747,6 @@ verdi-django.warenform.de # O.OPEN # --- -# o10.oopen.de -cloud.oopen.de -etherpad.oopen.de -limesurvey.oopen.de - # o12.oopen.de c.mx.oopen.de initiativenserver.oopen.de @@ -791,12 +759,11 @@ o13-web.oopen.de # o14.oopen.de d.mx.oopen.de -www2.oopen.de # o15.oopen.de piwik.oopen.de -www.oopen.de -www3.oopen.de +www-01.oopen.de +web-03.oopen.de # o17.oopen.de test.mx.oopen.de @@ -834,6 +801,11 @@ o32.oopen.de # o35.oopen.de cl-02.oopen.de +etherpad.oopen.de +web-02.oopen.de + +# Backup Faire Mobilitaet +o37.oopen.de # --- @@ -884,9 +856,6 @@ ga-al-ws1.ga.netz # O.OPEN # --- -# o10.oopen.de -cloud.oopen.de - # o23.oopen.de cl-01.oopen.de @@ -945,7 +914,7 @@ b.mx.oopen.de # o17.oopen.de test.mx.oopen.de -# o19.oopen.de +# o28.oopen.de nscache.oopen.de # o21.oopen.de @@ -984,6 +953,9 @@ k1371.dyndns.org backup.oopen.de devel-root.wf.netz +# Backup Faire Mobilitaet +o37.oopen.de + # --- # Warenform # --- @@ -1022,14 +994,12 @@ nscache.oopen.de # O.OPEN # --- -o10.oopen.de o12.oopen.de o13.oopen.de o14.oopen.de o15.oopen.de o17.oopen.de o18.oopen.de -o19.oopen.de #o20.oopen.de o21.oopen.de o22.oopen.de @@ -1074,11 +1044,6 @@ devel-root.wf.netz # O.OPEN # --- -# - o10.oopen.de -cloud.oopen.de -etherpad.oopen.de -limesurvey.oopen.de - # - o12.oopen.de c.mx.oopen.de initiativenserver.oopen.de @@ -1090,33 +1055,24 @@ o13-mail.oopen.de o13-mumble.oopen.de o13-pad.oopen.de o13-schleuder.oopen.de -o13-test.oopen.de o13-web.oopen.de # - o14.oopen.de a.mx.oopen.de b.ns.oopen.de d.mx.oopen.de -www2.oopen.de # - o15.oopen.de b.mx.oopen.de piwik.oopen.de -www.oopen.de -www3.oopen.de +www-01.oopen.de +web-03.oopen.de # - o17.oopen.de test.mx.oopen.de test.mariadb.oopen.de meet2.oopen.de -# - o19.oopen.de -backup.oopen.de -git.oopen.de -nscache.oopen.de -munin.oopen.de -nc-gw.oopen.de - # - o21.oopen.de mail.cadus.org web.cadus.org @@ -1151,13 +1107,15 @@ o26.oopen.de o27.oopen.de o28.oopen.de +backup.oopen.de +git.oopen.de +nscache.oopen.de +munin.oopen.de +nc-gw.oopen.de -# BigBlueButton Mäx +# Jitsi Meet - Anwaeltinnenbüro o29.oopen.de -# Jitsi Meet Faire Mobilitaet -o30.oopen.de - # Jibri - Faire Mobilitaet o31.oopen.de @@ -1176,6 +1134,8 @@ o34.oopen.de # o35.oopen.de cl-02.oopen.de e.mx.oopen.de +etherpad.oopen.de +web-02.oopen.de # Jitsi Meet - ReachOut o36.oopen.de @@ -1249,12 +1209,6 @@ devel-wiki.wf.netz # All oopen server (except office networks) [oopen_server] -# - o10.oopen.de -o10.oopen.de -cloud.oopen.de -etherpad.oopen.de -limesurvey.oopen.de - # - o12.oopen.de o12.oopen.de c.mx.oopen.de @@ -1268,7 +1222,6 @@ o13-mail.oopen.de o13-mumble.oopen.de o13-pad.oopen.de o13-schleuder.oopen.de -o13-test.oopen.de o13-web.oopen.de # - o14.oopen.de @@ -1276,14 +1229,13 @@ o14.oopen.de a.mx.oopen.de b.ns.oopen.de d.mx.oopen.de -www2.oopen.de # - o15.oopen.de o15.oopen.de b.mx.oopen.de piwik.oopen.de -www.oopen.de -www3.oopen.de +www-01.oopen.de +web-03.oopen.de # - o17.oopen.de o17.oopen.de @@ -1291,14 +1243,6 @@ test.mx.oopen.de test.mariadb.oopen.de meet2.oopen.de -# - o19.oopen.de -o19.oopen.de -backup.oopen.de -git.oopen.de -nscache.oopen.de -munin.oopen.de -nc-gw.oopen.de - # - o20.oopen.de (srv-cityslang.cityslang.com) o20.oopen.de @@ -1341,14 +1285,16 @@ o26.oopen.de o27.oopen.de # - o28.oopen.de -o18.oopen.de +o28.oopen.de +backup.oopen.de +git.oopen.de +nscache.oopen.de +munin.oopen.de +nc-gw.oopen.de -# BigBlueButton Mäx +# Jitsi Meet - Anwaeltinnenbüro o29.oopen.de -# Jitsi Meet Faire Mobilitaet -o30.oopen.de - # Jibri - Faire Mobilitaet o31.oopen.de @@ -1365,10 +1311,15 @@ o34.oopen.de o35.oopen.de cl-02.oopen.de e.mx.oopen.de +etherpad.oopen.de +web-02.oopen.de # Jitsi Meet - ReachOut o36.oopen.de +# Backup Faire Mobilitaet +o37.oopen.de + # - Vserver von Sinma a.ns.oopen.de @@ -1522,5 +1473,4 @@ o13-mail.oopen.de o13-mumble.oopen.de o13-pad.oopen.de o13-schleuder.oopen.de -o13-test.oopen.de o13-web.oopen.de diff --git a/roles/modify-ipt-server/tasks/main.yml b/roles/modify-ipt-server/tasks/main.yml index 733598d..b5581cc 100644 --- a/roles/modify-ipt-server/tasks/main.yml +++ b/roles/modify-ipt-server/tasks/main.yml @@ -818,8 +818,8 @@ shell: grep -q -E "^nc_turn_server_ips=" /etc/ipt-firewall/main_ipv6.conf register: nc_turn_service_ipv6_present when: main_ipv4_exists.stat.exists - failed_when: "nc_turn_service_ipv4_present.rc > 1" - changed_when: "nc_turn_service_ipv4_present.rc > 0" + failed_when: "nc_turn_service_ipv6_present.rc > 1" + changed_when: "nc_turn_service_ipv6_present.rc > 0" - name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (jitsi service) blockinfile: @@ -844,6 +844,60 @@ - nc_turn_service_ipv6_present is changed + +# --- +# DHCP Client +# --- + +- name: Check if String 'dhcp_client_ifs=..' (IPv4) is present + shell: grep -q -E "^dhcp_client_ifs=" /etc/ipt-firewall/main_ipv4.conf + register: dhcp_client_ifs_ipv4_present + when: main_ipv4_exists.stat.exists + failed_when: "dhcp_client_ifs_ipv4_present.rc > 1" + changed_when: "dhcp_client_ifs_ipv4_present.rc > 0" + +- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (dhclient service) + blockinfile: + path: /etc/ipt-firewall/main_ipv4.conf + insertafter: '^#?\s*dhcp_server_ifs' + block: | + + # DHCP Client + # + # Comma seperated list of Interface, which are dhcp clients + # + dhcp_client_ifs="" + + marker: "# Marker set by modify-ipt-server.yml ( dhclient service)" + when: + - main_ipv4_exists.stat.exists + - dhcp_client_ifs_ipv4_present is changed + +- name: Check if String 'dhcp_client_ifs=..' (IPv6) is present + shell: grep -q -E "^dhcp_client_ifs=" /etc/ipt-firewall/main_ipv6.conf + register: dhcp_client_ifs_ipv6_present + when: main_ipv4_exists.stat.exists + failed_when: "dhcp_client_ifs_ipv6_present.rc > 1" + changed_when: "dhcp_client_ifs_ipv6_present.rc > 0" + +- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (dhclient service) + blockinfile: + path: /etc/ipt-firewall/main_ipv6.conf + insertafter: '^#?\s*dhcp_server_ifs' + block: | + + # DHCP Client + # + # Comma seperated list of Interface, which are dhcp clients + # + dhcp_client_ifs="" + + marker: "# Marker set by modify-ipt-server.yml (dhclient service)" + when: + - main_ipv6_exists.stat.exists + - dhcp_client_ifs_ipv6_present is changed + + # --- # Remove Marker set by blockinfile # ---