ansible/oopen-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update..

Browse Source
This commit is contained in:
Christoph
2026-02-14 14:29:00 +01:00
parent f9652dbbf9
commit 7238579d9c
6 changed files with 117 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
host_vars/file-ah-neu.kanzlei-kiel.netz.yml → host_vars/file-ah-alt.kanzlei-kiel.netz.yml
View File

@@ -24,7 +24,7 @@ network_interfaces:
- device: br0
# use only once per device (for the first device entry)
headline: br0 - bridge over device eno1np0
headline: br0 - bridge over device enp33s0
# auto & allow are only used for the first device entry
allow: [] # array of allow-[stanzas] eg. allow-hotplug
@@ -32,9 +32,9 @@ network_interfaces:
family: inet
method: static
hwaddress: 7c:c2:55:c0:26:74
hwaddress: 0c:c4:7a:ea:dd:56
description:
address: 192.168.100.20
address: 192.168.100.10
netmask: 24
gateway: 192.168.100.254
@@ -57,22 +57,22 @@ network_interfaces:
# maxwait:
# waitport:
bridge:
ports: eno1np0 # for mor devices support a blank separated list
ports: enp33s0 # for mor devices support a blank separated list
stp: !!str off
fd: 5
hello: 2
maxage: 12
# inline hook scripts
pre-up:
- !!str "ip link set dev eno1np0 up" # pre-up script lines
pre-up:
- !!str "ip link set dev enp33s0 up" # pre-up script lines
up: [] #up script lines
post-up: [] # post-up script lines (alias for up)
pre-down: [] # pre-down script lines (alias for down)
down: [] # down script lines
post-down: [] # post-down script lines
# ---
# vars used by roles/ansible_dependencies
# ---
@@ -238,41 +238,6 @@ default_user:
# vars used by roles/common/tasks/cron.yml
# ---
cron_user_entries:
- name: "Check if postfix mailservice is running. Restart service if needed."
minute: "*/5"
hour: "*"
job: /root/bin/monitoring/check_postfix.sh
- name: "Check Postfix E-Mail LOG file for 'fatal' errors."
minute: "*/30"
hour: "*"
job: /root/bin/postfix/check-postfix-fatal-errors.sh
- name: "Clean up Samba Trash Dirs"
minute: "02"
hour: "23"
job: /root/bin/samba/clean_samba_trash.sh
- name: "Set (group and access) Permissons for Samba shares"
minute: "14"
hour: "23"
job: /root/bin/samba/set_permissions_samba_shares.sh
- name: "Check if ntpsec is running. Restart service if needed."
minute: "*/6"
hour: "*"
job: /root/bin/monitoring/check_ntpsec_service.sh
cron_user_special_time_entries:
- name: "Restart DNS Cache service 'systemd-resolved'"
special_time: reboot
job: "sleep 10 ; /bin/systemctl restart systemd-resolved"
insertafter: PATH
#cron_user_special_time_entries:
#
# - name: "Restart DNS Cache service 'systemd-resolved'"
@@ -317,7 +282,7 @@ cron_user_special_time_entries:
# vars used by roles/common/tasks/nfs.yml
# ---
nfs_server: 192.168.100.20
nfs_server: 192.168.100.10
# ---
@@ -325,12 +290,12 @@ nfs_server: 192.168.100.20
# vars used by roles/common/tasks/samba-user.yml
# ---
samba_server_ip: 192.168.100.20
samba_server_ip: 192.168.100.10
samba_server_cidr_prefix: 24
samba_workgroup: AH-NEU
samba_workgroup: AH-ALT
samba_netbios_name: FILE-AH-NEU
samba_netbios_name: FILE-AH-Alt
samba_groups:
- name: verwaltung
@@ -383,6 +348,7 @@ samba_user:
- verwaltung
- intern
- hoffmann-elberling
- gubitz-partner
password: 'buero2011'
- name: axel
@@ -468,9 +434,17 @@ samba_user:
- name: heckert
groups:
- intern
- verwaltung
- gubitz-partner
password: '0-heckert.22%'
- name: weber
groups:
- intern
- verwaltung
- gubitz-partner
password: '20.ni-klas.weber_26!'
- name: hh-lucke
groups: []
password: 'Ole20Steffen_17'
@@ -567,7 +541,7 @@ samba_shares:
vfs_object_recycle: true
recycle_path: '@Recycle'
- name: Scans_schnell
- name: Scans_schnell
path: /data/samba/shares/Scans_schnell
group_valid_users: intern
group_write_list: intern

63
host_vars/file-ah.kanzlei-kiel.netz.yml
View File

@@ -24,7 +24,7 @@ network_interfaces:
- device: br0
# use only once per device (for the first device entry)
headline: br0 - bridge over device enp33s0
headline: br0 - bridge over device eno1np0
# auto & allow are only used for the first device entry
allow: [] # array of allow-[stanzas] eg. allow-hotplug
@@ -32,9 +32,9 @@ network_interfaces:
family: inet
method: static
hwaddress: 0c:c4:7a:ea:dd:56
hwaddress: 7c:c2:55:c0:26:74
description:
address: 192.168.100.10
address: 192.168.100.20
netmask: 24
gateway: 192.168.100.254
@@ -57,22 +57,22 @@ network_interfaces:
# maxwait:
# waitport:
bridge:
ports: enp33s0 # for mor devices support a blank separated list
ports: eno1np0 # for mor devices support a blank separated list
stp: !!str off
fd: 5
hello: 2
maxage: 12
# inline hook scripts
pre-up:
- !!str "ip link set dev enp33s0 up" # pre-up script lines
pre-up:
- !!str "ip link set dev eno1np0 up" # pre-up script lines
up: [] #up script lines
post-up: [] # post-up script lines (alias for up)
pre-down: [] # pre-down script lines (alias for down)
down: [] # down script lines
post-down: [] # post-down script lines
# ---
# vars used by roles/ansible_dependencies
# ---
@@ -238,6 +238,41 @@ default_user:
# vars used by roles/common/tasks/cron.yml
# ---
cron_user_entries:
- name: "Check if postfix mailservice is running. Restart service if needed."
minute: "*/5"
hour: "*"
job: /root/bin/monitoring/check_postfix.sh
- name: "Check Postfix E-Mail LOG file for 'fatal' errors."
minute: "*/30"
hour: "*"
job: /root/bin/postfix/check-postfix-fatal-errors.sh
- name: "Clean up Samba Trash Dirs"
minute: "02"
hour: "23"
job: /root/bin/samba/clean_samba_trash.sh
- name: "Set (group and access) Permissons for Samba shares"
minute: "14"
hour: "23"
job: /root/bin/samba/set_permissions_samba_shares.sh
- name: "Check if ntpsec is running. Restart service if needed."
minute: "*/6"
hour: "*"
job: /root/bin/monitoring/check_ntpsec_service.sh
cron_user_special_time_entries:
- name: "Restart DNS Cache service 'systemd-resolved'"
special_time: reboot
job: "sleep 10 ; /bin/systemctl restart systemd-resolved"
insertafter: PATH
#cron_user_special_time_entries:
#
# - name: "Restart DNS Cache service 'systemd-resolved'"
@@ -282,7 +317,7 @@ default_user:
# vars used by roles/common/tasks/nfs.yml
# ---
nfs_server: 192.168.100.10
nfs_server: 192.168.100.20
# ---
@@ -290,7 +325,7 @@ nfs_server: 192.168.100.10
# vars used by roles/common/tasks/samba-user.yml
# ---
samba_server_ip: 192.168.100.10
samba_server_ip: 192.168.100.20
samba_server_cidr_prefix: 24
samba_workgroup: AH
@@ -434,9 +469,17 @@ samba_user:
- name: heckert
groups:
- intern
- verwaltung
- gubitz-partner
password: '0-heckert.22%'
- name: weber
groups:
- intern
- verwaltung
- gubitz-partner
password: '20.ni-klas.weber_26!'
- name: hh-lucke
groups: []
password: 'Ole20Steffen_17'
@@ -533,7 +576,7 @@ samba_shares:
vfs_object_recycle: true
recycle_path: '@Recycle'
- name: Scans_schnell
- name: Scans_schnell
path: /data/samba/shares/Scans_schnell
group_valid_users: intern
group_write_list: intern

28
host_vars/mail.cadus.org.yml
View File

@@ -242,21 +242,35 @@ si_authorisation_signature: abb4ec6b194639f3d123154f1b971843a3b8751d8c1bcdc7d07e
website_name_postfixadmin: adm.cadus.org
email_welcome_message: "\n
Hallo,\n
Hello,
Ihre/Deine neue E-Mail Adresse ist eingerichtet.\n
Your email address has been set up.
Cadus e.V. - Redefine Global Solidarity\n
--\n
Cadus e.V.\n
Am Sudhaus 2\n
D-12053 Berlin\n
Holzmarktstr. 25\n
D-10243 Berlin\n
admin@cadus.org\n
"
# install_update_dovecot.conf
#email_welcome_message: "\n
#Hallo,\n
#
#Ihre/Deine neue E-Mail Adresse ist eingerichtet.\n
#
#Cadus e.V. - Redefine Global Solidarity\n
#
#--\n
#Cadus e.V.\n
#Am Sudhaus 2\n
#D-12053 Berlin\n
#admin@cadus.org\n
#"
# install_update_dovecot.conf
dovecot_msg_language: en
dovecot_from_address: "Administrator E-Mail <admin@cadus.org>"
dovecot_reply_to: "admin@cadus.org"
webmailer_address: "https://webmail.cadus.org"
@@ -264,8 +278,8 @@ salutation: "Cadus e.V. - Redefine Global Solidarity\n
--\n
Cadus e.V.\n
Am Sudhaus 2\n
D-12053 Berlin\n
Holzmarktstr. 25\n
D-10243 Berlin\n
admin@cadus.org\n
"

7
hosts
View File

@@ -71,6 +71,7 @@ gw-kb.oopen.de
bbb-server.b3-bornim.netz
file-ah.kanzlei-kiel.netz
file-ah-neu.kanzlei-kiel.netz
file-ah-alt.kanzlei-kiel.netz
file-ebs.ebs.netz
file-fm.fm.netz
file-fhxb.fhxb.netz
@@ -566,6 +567,7 @@ gw-elster.oopen.de
gw-ah.oopen.de
file-ah.kanzlei-kiel.netz
file-ah-neu.kanzlei-kiel.netz
file-ah-alt.kanzlei-kiel.netz
# Kanzlei Kreuzbergstraße
gw-kb.oopen.de
@@ -1387,6 +1389,7 @@ at-10-neu.ak.netz
bbb-server.b3-bornim.netz
file-ah.kanzlei-kiel.netz
file-ah-neu.kanzlei-kiel.netz
file-ah-alt.kanzlei-kiel.netz
file-ebs.ebs.netz
file-fm.fm.netz
file-fhxb.fhxb.netz
@@ -1404,6 +1407,7 @@ file-blkr.blkr.netz
file-dissens.dissens.netz
file-ah.kanzlei-kiel.netz
file-ah-neu.kanzlei-kiel.netz
file-ah-alt.kanzlei-kiel.netz
file-ebs.ebs.netz
file-fm.fm.netz
file-fhxb.fhxb.netz
@@ -1516,6 +1520,7 @@ lxc-host-kb.anw-kb.netz
bbb-server.b3-bornim.netz
file-ah.kanzlei-kiel.netz
file-ah-neu.kanzlei-kiel.netz
file-ah-alt.kanzlei-kiel.netz
file-km.anw-km.netz
file-kb.anw-kb.netz
file-blkr.blkr.netz
@@ -1672,6 +1677,7 @@ at-10-neu.ak.netz
bbb-server.b3-bornim.netz
file-ah.kanzlei-kiel.netz
file-ah-neu.kanzlei-kiel.netz
file-ah-alt.kanzlei-kiel.netz
file-ebs.ebs.netz
file-fm.fm.netz
file-fhxb.fhxb.netz
@@ -1910,6 +1916,7 @@ at-10-neu.ak.netz
bbb-server.b3-bornim.netz
file-ah.kanzlei-kiel.netz
file-ah-neu.kanzlei-kiel.netz
file-ah-alt.kanzlei-kiel.netz
file-ebs.ebs.netz
file-fm.fm.netz
file-fhxb.fhxb.netz

20
roles/common/tasks/caching-nameserver.yml
View File

@@ -10,7 +10,7 @@
update_cache: true
cache_valid_time: "{{ 0 if apt_config_updated is defined and apt_config_updated.changed else apt_update_cache_valid_time }}"
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- apt_update|bool
tags:
- apt-caching-nameserver
@@ -21,7 +21,7 @@
changed_when: (_dpkg_configure.stdout | default('')) | length > 0
failed_when: _dpkg_configure.rc != 0
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- apt_update|bool
tags:
- apt-caching-nameserver
@@ -33,7 +33,7 @@
update_cache: true
dpkg_options: "{{ apt_upgrade_dpkg_options | join(',') }}"
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- apt_dpkg_configure|bool
tags:
- apt-caching-nameserver
@@ -44,7 +44,7 @@
name: "{{ apt_bind_pkgs }}"
state: present
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- install_bind_packages|bool == true
tags:
- apt-caching-nameserver
@@ -61,7 +61,7 @@
#cache_valid_time: 3600
when:
- ansible_os_family == "RedHat"
- ansible_distribution == "CentOS"
- ansible_facts["distribution"] == "CentOS"
tags:
- yum-update
@@ -71,7 +71,7 @@
state: "{{ yum_install_state }}"
when:
- ansible_os_family == "RedHat"
- ansible_distribution == "CentOS"
- ansible_facts["distribution"] == "CentOS"
tags:
- yum-caching-nameserver
@@ -87,7 +87,7 @@
group: bind
mode: '0755'
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- name: (caching-nameserver.yml) update named.conf.options configuration file (normal server)
@@ -104,7 +104,7 @@
- apt-caching-nameserver
- caching-nameserver
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- inventory_hostname not in groups["gateway_server"]
# --------------------
@@ -130,7 +130,7 @@
- apt-caching-nameserver
- caching-nameserver
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- inventory_hostname in groups["gateway_server"]
# - not file_named_conf_options.stat.exists
@@ -150,6 +150,6 @@
tags:
- apt-caching-nameserver
when:
- ansible_distribution == "Debian"
- ansible_facts["distribution"] == "Debian"
- not systemd_resolved

5
roles/common/templates/usr/local/src/mailsystem/conf/install_update_dovecot.conf.j2
View File

@@ -194,6 +194,11 @@ auth_mechanisms="plain login"
# - Settings for quota warning sript
# -
{% if dovecot_msg_language is defined and dovecot_msg_language %}
msg_language="{{ dovecot_msg_language }}"
{% else %}
msg_language=
{% endif %}
{% if dovecot_from_address is defined and dovecot_from_address %}
from_address="{{ dovecot_from_address }}"
{% else %}