From 7238579d9c13cabe3f50966c9526973f51c1f5f9 Mon Sep 17 00:00:00 2001 From: Christoph Date: Sat, 14 Feb 2026 14:29:00 +0100 Subject: [PATCH] update.. --- ....yml => file-ah-alt.kanzlei-kiel.netz.yml} | 68 ++++++------------- host_vars/file-ah.kanzlei-kiel.netz.yml | 63 ++++++++++++++--- host_vars/mail.cadus.org.yml | 28 ++++++-- hosts | 7 ++ roles/common/tasks/caching-nameserver.yml | 20 +++--- .../conf/install_update_dovecot.conf.j2 | 5 ++ 6 files changed, 117 insertions(+), 74 deletions(-) rename host_vars/{file-ah-neu.kanzlei-kiel.netz.yml => file-ah-alt.kanzlei-kiel.netz.yml} (91%) diff --git a/host_vars/file-ah-neu.kanzlei-kiel.netz.yml b/host_vars/file-ah-alt.kanzlei-kiel.netz.yml similarity index 91% rename from host_vars/file-ah-neu.kanzlei-kiel.netz.yml rename to host_vars/file-ah-alt.kanzlei-kiel.netz.yml index 6949808..e306fc2 100644 --- a/host_vars/file-ah-neu.kanzlei-kiel.netz.yml +++ b/host_vars/file-ah-alt.kanzlei-kiel.netz.yml @@ -24,7 +24,7 @@ network_interfaces: - device: br0 # use only once per device (for the first device entry) - headline: br0 - bridge over device eno1np0 + headline: br0 - bridge over device enp33s0 # auto & allow are only used for the first device entry allow: [] # array of allow-[stanzas] eg. allow-hotplug @@ -32,9 +32,9 @@ network_interfaces: family: inet method: static - hwaddress: 7c:c2:55:c0:26:74 + hwaddress: 0c:c4:7a:ea:dd:56 description: - address: 192.168.100.20 + address: 192.168.100.10 netmask: 24 gateway: 192.168.100.254 @@ -57,22 +57,22 @@ network_interfaces: # maxwait: # waitport: bridge: - ports: eno1np0 # for mor devices support a blank separated list + ports: enp33s0 # for mor devices support a blank separated list stp: !!str off fd: 5 hello: 2 maxage: 12 # inline hook scripts - pre-up: - - !!str "ip link set dev eno1np0 up" # pre-up script lines + pre-up: + - !!str "ip link set dev enp33s0 up" # pre-up script lines up: [] #up script lines post-up: [] # post-up script lines (alias for up) pre-down: [] # pre-down script lines (alias for down) down: [] # down script lines post-down: [] # post-down script lines - + # --- # vars used by roles/ansible_dependencies # --- @@ -238,41 +238,6 @@ default_user: # vars used by roles/common/tasks/cron.yml # --- -cron_user_entries: - - - name: "Check if postfix mailservice is running. Restart service if needed." - minute: "*/5" - hour: "*" - job: /root/bin/monitoring/check_postfix.sh - - - name: "Check Postfix E-Mail LOG file for 'fatal' errors." - minute: "*/30" - hour: "*" - job: /root/bin/postfix/check-postfix-fatal-errors.sh - - - name: "Clean up Samba Trash Dirs" - minute: "02" - hour: "23" - job: /root/bin/samba/clean_samba_trash.sh - - - name: "Set (group and access) Permissons for Samba shares" - minute: "14" - hour: "23" - job: /root/bin/samba/set_permissions_samba_shares.sh - - - name: "Check if ntpsec is running. Restart service if needed." - minute: "*/6" - hour: "*" - job: /root/bin/monitoring/check_ntpsec_service.sh - - -cron_user_special_time_entries: - - - name: "Restart DNS Cache service 'systemd-resolved'" - special_time: reboot - job: "sleep 10 ; /bin/systemctl restart systemd-resolved" - insertafter: PATH - #cron_user_special_time_entries: # # - name: "Restart DNS Cache service 'systemd-resolved'" @@ -317,7 +282,7 @@ cron_user_special_time_entries: # vars used by roles/common/tasks/nfs.yml # --- -nfs_server: 192.168.100.20 +nfs_server: 192.168.100.10 # --- @@ -325,12 +290,12 @@ nfs_server: 192.168.100.20 # vars used by roles/common/tasks/samba-user.yml # --- -samba_server_ip: 192.168.100.20 +samba_server_ip: 192.168.100.10 samba_server_cidr_prefix: 24 -samba_workgroup: AH-NEU +samba_workgroup: AH-ALT -samba_netbios_name: FILE-AH-NEU +samba_netbios_name: FILE-AH-Alt samba_groups: - name: verwaltung @@ -383,6 +348,7 @@ samba_user: - verwaltung - intern - hoffmann-elberling + - gubitz-partner password: 'buero2011' - name: axel @@ -468,9 +434,17 @@ samba_user: - name: heckert groups: - intern + - verwaltung - gubitz-partner password: '0-heckert.22%' + - name: weber + groups: + - intern + - verwaltung + - gubitz-partner + password: '20.ni-klas.weber_26!' + - name: hh-lucke groups: [] password: 'Ole20Steffen_17' @@ -567,7 +541,7 @@ samba_shares: vfs_object_recycle: true recycle_path: '@Recycle' - - name: Scans_schnell + - name: Scans_schnell path: /data/samba/shares/Scans_schnell group_valid_users: intern group_write_list: intern diff --git a/host_vars/file-ah.kanzlei-kiel.netz.yml b/host_vars/file-ah.kanzlei-kiel.netz.yml index 14c80dc..a074621 100644 --- a/host_vars/file-ah.kanzlei-kiel.netz.yml +++ b/host_vars/file-ah.kanzlei-kiel.netz.yml @@ -24,7 +24,7 @@ network_interfaces: - device: br0 # use only once per device (for the first device entry) - headline: br0 - bridge over device enp33s0 + headline: br0 - bridge over device eno1np0 # auto & allow are only used for the first device entry allow: [] # array of allow-[stanzas] eg. allow-hotplug @@ -32,9 +32,9 @@ network_interfaces: family: inet method: static - hwaddress: 0c:c4:7a:ea:dd:56 + hwaddress: 7c:c2:55:c0:26:74 description: - address: 192.168.100.10 + address: 192.168.100.20 netmask: 24 gateway: 192.168.100.254 @@ -57,22 +57,22 @@ network_interfaces: # maxwait: # waitport: bridge: - ports: enp33s0 # for mor devices support a blank separated list + ports: eno1np0 # for mor devices support a blank separated list stp: !!str off fd: 5 hello: 2 maxage: 12 # inline hook scripts - pre-up: - - !!str "ip link set dev enp33s0 up" # pre-up script lines + pre-up: + - !!str "ip link set dev eno1np0 up" # pre-up script lines up: [] #up script lines post-up: [] # post-up script lines (alias for up) pre-down: [] # pre-down script lines (alias for down) down: [] # down script lines post-down: [] # post-down script lines - + # --- # vars used by roles/ansible_dependencies # --- @@ -238,6 +238,41 @@ default_user: # vars used by roles/common/tasks/cron.yml # --- +cron_user_entries: + + - name: "Check if postfix mailservice is running. Restart service if needed." + minute: "*/5" + hour: "*" + job: /root/bin/monitoring/check_postfix.sh + + - name: "Check Postfix E-Mail LOG file for 'fatal' errors." + minute: "*/30" + hour: "*" + job: /root/bin/postfix/check-postfix-fatal-errors.sh + + - name: "Clean up Samba Trash Dirs" + minute: "02" + hour: "23" + job: /root/bin/samba/clean_samba_trash.sh + + - name: "Set (group and access) Permissons for Samba shares" + minute: "14" + hour: "23" + job: /root/bin/samba/set_permissions_samba_shares.sh + + - name: "Check if ntpsec is running. Restart service if needed." + minute: "*/6" + hour: "*" + job: /root/bin/monitoring/check_ntpsec_service.sh + + +cron_user_special_time_entries: + + - name: "Restart DNS Cache service 'systemd-resolved'" + special_time: reboot + job: "sleep 10 ; /bin/systemctl restart systemd-resolved" + insertafter: PATH + #cron_user_special_time_entries: # # - name: "Restart DNS Cache service 'systemd-resolved'" @@ -282,7 +317,7 @@ default_user: # vars used by roles/common/tasks/nfs.yml # --- -nfs_server: 192.168.100.10 +nfs_server: 192.168.100.20 # --- @@ -290,7 +325,7 @@ nfs_server: 192.168.100.10 # vars used by roles/common/tasks/samba-user.yml # --- -samba_server_ip: 192.168.100.10 +samba_server_ip: 192.168.100.20 samba_server_cidr_prefix: 24 samba_workgroup: AH @@ -434,9 +469,17 @@ samba_user: - name: heckert groups: - intern + - verwaltung - gubitz-partner password: '0-heckert.22%' + - name: weber + groups: + - intern + - verwaltung + - gubitz-partner + password: '20.ni-klas.weber_26!' + - name: hh-lucke groups: [] password: 'Ole20Steffen_17' @@ -533,7 +576,7 @@ samba_shares: vfs_object_recycle: true recycle_path: '@Recycle' - - name: Scans_schnell + - name: Scans_schnell path: /data/samba/shares/Scans_schnell group_valid_users: intern group_write_list: intern diff --git a/host_vars/mail.cadus.org.yml b/host_vars/mail.cadus.org.yml index 763c89b..c306d74 100644 --- a/host_vars/mail.cadus.org.yml +++ b/host_vars/mail.cadus.org.yml @@ -242,21 +242,35 @@ si_authorisation_signature: abb4ec6b194639f3d123154f1b971843a3b8751d8c1bcdc7d07e website_name_postfixadmin: adm.cadus.org email_welcome_message: "\n -Hallo,\n +Hello, -Ihre/Deine neue E-Mail Adresse ist eingerichtet.\n +Your email address has been set up. Cadus e.V. - Redefine Global Solidarity\n --\n Cadus e.V.\n -Am Sudhaus 2\n -D-12053 Berlin\n +Holzmarktstr. 25\n +D-10243 Berlin\n admin@cadus.org\n " -# install_update_dovecot.conf +#email_welcome_message: "\n +#Hallo,\n # +#Ihre/Deine neue E-Mail Adresse ist eingerichtet.\n +# +#Cadus e.V. - Redefine Global Solidarity\n +# +#--\n +#Cadus e.V.\n +#Am Sudhaus 2\n +#D-12053 Berlin\n +#admin@cadus.org\n +#" + +# install_update_dovecot.conf +dovecot_msg_language: en dovecot_from_address: "Administrator E-Mail " dovecot_reply_to: "admin@cadus.org" webmailer_address: "https://webmail.cadus.org" @@ -264,8 +278,8 @@ salutation: "Cadus e.V. - Redefine Global Solidarity\n --\n Cadus e.V.\n -Am Sudhaus 2\n -D-12053 Berlin\n +Holzmarktstr. 25\n +D-10243 Berlin\n admin@cadus.org\n " diff --git a/hosts b/hosts index 25ffc0c..c3f8879 100644 --- a/hosts +++ b/hosts @@ -71,6 +71,7 @@ gw-kb.oopen.de bbb-server.b3-bornim.netz file-ah.kanzlei-kiel.netz file-ah-neu.kanzlei-kiel.netz +file-ah-alt.kanzlei-kiel.netz file-ebs.ebs.netz file-fm.fm.netz file-fhxb.fhxb.netz @@ -566,6 +567,7 @@ gw-elster.oopen.de gw-ah.oopen.de file-ah.kanzlei-kiel.netz file-ah-neu.kanzlei-kiel.netz +file-ah-alt.kanzlei-kiel.netz # Kanzlei Kreuzbergstraße gw-kb.oopen.de @@ -1387,6 +1389,7 @@ at-10-neu.ak.netz bbb-server.b3-bornim.netz file-ah.kanzlei-kiel.netz file-ah-neu.kanzlei-kiel.netz +file-ah-alt.kanzlei-kiel.netz file-ebs.ebs.netz file-fm.fm.netz file-fhxb.fhxb.netz @@ -1404,6 +1407,7 @@ file-blkr.blkr.netz file-dissens.dissens.netz file-ah.kanzlei-kiel.netz file-ah-neu.kanzlei-kiel.netz +file-ah-alt.kanzlei-kiel.netz file-ebs.ebs.netz file-fm.fm.netz file-fhxb.fhxb.netz @@ -1516,6 +1520,7 @@ lxc-host-kb.anw-kb.netz bbb-server.b3-bornim.netz file-ah.kanzlei-kiel.netz file-ah-neu.kanzlei-kiel.netz +file-ah-alt.kanzlei-kiel.netz file-km.anw-km.netz file-kb.anw-kb.netz file-blkr.blkr.netz @@ -1672,6 +1677,7 @@ at-10-neu.ak.netz bbb-server.b3-bornim.netz file-ah.kanzlei-kiel.netz file-ah-neu.kanzlei-kiel.netz +file-ah-alt.kanzlei-kiel.netz file-ebs.ebs.netz file-fm.fm.netz file-fhxb.fhxb.netz @@ -1910,6 +1916,7 @@ at-10-neu.ak.netz bbb-server.b3-bornim.netz file-ah.kanzlei-kiel.netz file-ah-neu.kanzlei-kiel.netz +file-ah-alt.kanzlei-kiel.netz file-ebs.ebs.netz file-fm.fm.netz file-fhxb.fhxb.netz diff --git a/roles/common/tasks/caching-nameserver.yml b/roles/common/tasks/caching-nameserver.yml index 4692e2f..dcc4cc9 100644 --- a/roles/common/tasks/caching-nameserver.yml +++ b/roles/common/tasks/caching-nameserver.yml @@ -10,7 +10,7 @@ update_cache: true cache_valid_time: "{{ 0 if apt_config_updated is defined and apt_config_updated.changed else apt_update_cache_valid_time }}" when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - apt_update|bool tags: - apt-caching-nameserver @@ -21,7 +21,7 @@ changed_when: (_dpkg_configure.stdout | default('')) | length > 0 failed_when: _dpkg_configure.rc != 0 when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - apt_update|bool tags: - apt-caching-nameserver @@ -33,7 +33,7 @@ update_cache: true dpkg_options: "{{ apt_upgrade_dpkg_options | join(',') }}" when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - apt_dpkg_configure|bool tags: - apt-caching-nameserver @@ -44,7 +44,7 @@ name: "{{ apt_bind_pkgs }}" state: present when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - install_bind_packages|bool == true tags: - apt-caching-nameserver @@ -61,7 +61,7 @@ #cache_valid_time: 3600 when: - ansible_os_family == "RedHat" - - ansible_distribution == "CentOS" + - ansible_facts["distribution"] == "CentOS" tags: - yum-update @@ -71,7 +71,7 @@ state: "{{ yum_install_state }}" when: - ansible_os_family == "RedHat" - - ansible_distribution == "CentOS" + - ansible_facts["distribution"] == "CentOS" tags: - yum-caching-nameserver @@ -87,7 +87,7 @@ group: bind mode: '0755' when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - name: (caching-nameserver.yml) update named.conf.options configuration file (normal server) @@ -104,7 +104,7 @@ - apt-caching-nameserver - caching-nameserver when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - inventory_hostname not in groups["gateway_server"] # -------------------- @@ -130,7 +130,7 @@ - apt-caching-nameserver - caching-nameserver when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - inventory_hostname in groups["gateway_server"] # - not file_named_conf_options.stat.exists @@ -150,6 +150,6 @@ tags: - apt-caching-nameserver when: - - ansible_distribution == "Debian" + - ansible_facts["distribution"] == "Debian" - not systemd_resolved diff --git a/roles/common/templates/usr/local/src/mailsystem/conf/install_update_dovecot.conf.j2 b/roles/common/templates/usr/local/src/mailsystem/conf/install_update_dovecot.conf.j2 index ff65a07..98c6836 100644 --- a/roles/common/templates/usr/local/src/mailsystem/conf/install_update_dovecot.conf.j2 +++ b/roles/common/templates/usr/local/src/mailsystem/conf/install_update_dovecot.conf.j2 @@ -194,6 +194,11 @@ auth_mechanisms="plain login" # - Settings for quota warning sript # - +{% if dovecot_msg_language is defined and dovecot_msg_language %} +msg_language="{{ dovecot_msg_language }}" +{% else %} +msg_language= +{% endif %} {% if dovecot_from_address is defined and dovecot_from_address %} from_address="{{ dovecot_from_address }}" {% else %}