diff --git a/host_vars/172.16.63.32.yml b/host_vars/172.16.63.32.yml new file mode 100644 index 0000000..c991420 --- /dev/null +++ b/host_vars/172.16.63.32.yml @@ -0,0 +1,115 @@ +--- + +# --- +# vars used by roles/ansible_dependencies +# --- + + +# --- +# vars used by roles/ansible_user +# --- + + +# --- +# vars used by roles/common/tasks/basic.yml +# --- + +copy_additional_plain_files_sysctl: + + - name: enable-ipv6 + src_path: etc/sysctl.d/30-enable-ipv6.conf + dest_path: /etc/sysctl.d/30-enable-ipv6.conf + + +# --- +# vars used by roles/common/tasks/sshd.yml +# --- + + +# --- +# vars used by roles/common/tasks/apt.yml +# --- + + +# --- +# vars used by roles/common/tasks/users.yml +# --- + +default_user: + + - name: chris + password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL. + shell: /bin/bash + ssh_keys: + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' + + - name: sysadm + + user_id: 1050 + group_id: 1050 + group: sysadm + password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1 + shell: /bin/bash + ssh_keys: + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' + + - name: back + user_id: 1060 + group_id: 1060 + group: back + password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n. + shell: /bin/bash + ssh_keys: + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' + +sudo_users: + - chris + - sysadm + + +# --- +# vars used by roles/common/tasks/users-systemfiles.yml +# --- + + +# --- +# vars used by roles/common/tasks/webadmin-user.yml +# --- + + +# --- +# vars used by roles/common/tasks/sudoers.yml +# --- +# +# see: roles/common/tasks/vars + + +# --- +# vars used by roles/common/tasks/caching-nameserver.yml +# --- + +apt_install_bind9_packages: true + +# --- +# vars used by roles/common/tasks/git.yml +# --- + +git_firewall_repository: + name: ipt-gateway + repo: https://git.oopen.de/firewall/ipt-gateway + dest: /usr/local/src/ipt-gateway + +# ============================== + + +# --- +# vars used by scripts/reset_root_passwd.yml +# --- + +root_user: + name: root + password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq. + diff --git a/host_vars/gw-123.oopen.de.yml b/host_vars/gw-123.oopen.de.yml index a1f8629..1bb517b 100644 --- a/host_vars/gw-123.oopen.de.yml +++ b/host_vars/gw-123.oopen.de.yml @@ -15,6 +15,13 @@ # --- +copy_additional_plain_files_sysctl: + + - name: enable-ipv6 + src_path: etc/sysctl.d/30-enable-ipv6.conf + dest_path: /etc/sysctl.d/30-enable-ipv6.conf + + # --- # vars used by roles/common/tasks/sshd.yml # --- @@ -87,6 +94,24 @@ sudo_users: apt_install_bind9_packages: true +bind9_gateway_listen_on_v6: + - none + +bind9_gateway_listen_on: + - 127.0.0.1 + - 192.168.142.1 + - 192.168.142.254 + - 172.16.142.1 + +# --- +# vars used by roles/common/tasks/git.yml +# --- + +git_firewall_repository: + name: ipt-gateway + repo: https://git.oopen.de/firewall/ipt-gateway + dest: /usr/local/src/ipt-gateway + # --- # vars used by roles/common/tasks/git.yml # --- @@ -105,5 +130,5 @@ git_firewall_repository: root_user: name: root - password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq. + password: $y$j9T$IVBTpn.OrI6YiQ9q3fA8b1$Y1bmID5yXJbKfoLFt1VmQs6LezeTj5/1M9ppZBD2Pn4 diff --git a/host_vars/o22.oopen.de.yml b/host_vars/o22.oopen.de.yml index c83be83..d4865de 100644 --- a/host_vars/o22.oopen.de.yml +++ b/host_vars/o22.oopen.de.yml @@ -129,12 +129,19 @@ network_interfaces: # vars used by roles/common/tasks/basic.yml # --- +copy_additional_plain_files_sysctl: + + - name: elasticsearch + src_path: etc/sysctl.d/60-elasticsearch.conf + dest_path: /etc/sysctl.d/60-elasticsearch.conf + # --- # vars used by roles/common/tasks/sshd.yml # --- + # --- # vars used by roles/common/tasks/apt.yml # --- @@ -153,13 +160,6 @@ default_user: - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' - - name: c3po - password: $6$z0yywBoF$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/ - shell: /bin/bash - ssh_keys: - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDinfnbnVooKT0iFpkZeRZMj8JpYJk+EkgGHyK2xhb0HNoYvDoG06Clckm0vauuRlSYnWkZC0dLIbqHlACA+jbCKa2w/5yOjCXmJiJEO04YCMhkQH08It+wpWZb/Bx2O6DB3cY+3mHwPocp/la8caYW4NIE5+67AnHxIQifJLXM44TgkmFEhXSBMIZj8b8wL+MA0zKD0LXwgEH9Wllcccq6D5lfsrUSLvTRHq362pE+ZtVXh2peVkS4r98HNtYVUjBMgOIIPEypopceUzXC0L+vB7s2SolAsh3CGjqyjYW8x3fWnAewlfa5TbgIC+11e+KJKFr5+tVfwSgHC+TtfuXDU5Ws80ETejbuwx2iRVfHG0fDcjPzaVUXGmY+j8OR4jACz5KY5+VMJgMuXJTbZBEf1C5O3lCTaEf/Pmw50SHrshT/bhdrMBUaS+AOTFHrI3WOu+ujWMXJK3pRdROXDFDtPfc1afaJkMuKO5Uay/qwTEKd8NwXNoAGkXjowKBerNgJRy5JwhmbHMA6xsCDEjXMVy+yiMw+58JE76g5HVVu7dpyz0bjXD3LrpB+lclQHRLxNajWAjVsAu/eI2zQDDS7YHi1IZVUGdYD0g0qXdeNQ//KA7FVr22VFUP8xtbseZfOZpKFGVEMVkIOcYHZoYhOYxZDVNNmvle13F4PU1zOiQ== c3po@riseup.net' - - name: sysadm user_id: 1050 group_id: 1050 @@ -193,7 +193,6 @@ default_user: sudo_users: - chris - - o13-pad - sysadm - localadmin diff --git a/host_vars/o27.oopen.de.yml b/host_vars/o27.oopen.de.yml index ce52c4f..f5ecf1f 100644 --- a/host_vars/o27.oopen.de.yml +++ b/host_vars/o27.oopen.de.yml @@ -4,6 +4,7 @@ # vars used by roles/network_interfaces # --- + # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted network_manage_devices: True @@ -16,15 +17,14 @@ network_interface_required_packages: - bridge-utils - ifmetric - ifupdown - - ifenslave - resolvconf network_interfaces: - - device: eth0 + - device: br0 # use only once per device (for the first device entry) - headline: eth0 - primary network interface + headline: br0 - bridge over device enp195s0 # auto & allow are only used for the first device entry allow: [] # array of allow-[stanzas] eg. allow-hotplug @@ -32,11 +32,11 @@ network_interfaces: family: inet method: static - hwaddress: + hwaddress: f0:2f:74:97:4a:c4 description: - address: 94.16.115.62 - netmask: 22 - gateway: 94.16.112.1 + address: 142.132.147.171 + netmask: 26 + gateway: 142.132.147.129 metric: pointopoint: mtu: @@ -64,9 +64,10 @@ network_interfaces: # search: warenform.de # nameservers: - - 46.38.225.230 - - 46.38.252.230 - - 2a03:4000:8000::fce6 + - 185.12.64.1 + - 2a01:4ff:ff00::add:2 + - 185.12.64.2 + - 2a01:4ff:ff00::add:1 search: # optional additional subnets/ips subnets: [] @@ -81,7 +82,12 @@ network_interfaces: # fd: # maxwait: # waitport: - bridge: {} + bridge: + ports: enp195s0 # for mor devices support a blank separated list + stp: !!str off + fd: 5 + hello: 2 + maxage: 12 # optional bonding parameters bond: {} # bond: @@ -103,7 +109,7 @@ network_interfaces: # inline hook scripts pre-up: [] # pre-up script lines - up: [] # up script lines + up: [] # up script lines post-up: [] # post-up script lines (alias for up) pre-down: [] # pre-down script lines (alias for down) down: [] # down script lines @@ -111,130 +117,9 @@ network_interfaces: - - device: eth0 + - device: br0 family: inet6 method: static - address: 2a03:4000:28:7d8:c89f:aaff:fe8e:fb89 + address: 2a01:4f8:261:1994::2 netmask: 64 gateway: fe80::1 - - -# --- -# vars used by roles/ansible_dependencies -# --- - - -# --- -# vars used by roles/ansible_user -# --- - - -# --- -# vars used by roles/common/tasks/basic.yml -# --- - - -# --- -# vars used by roles/common/tasks/sshd.yml -# --- - - -# --- -# vars used by roles/common/tasks/apt.yml -# --- - - -# --- -# vars used by roles/common/tasks/users.yml -# --- - -default_user: - - - name: chris - password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL. - shell: /bin/bash - ssh_keys: - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' - - - name: sysadm - - user_id: 1050 - group_id: 1050 - group: sysadm - password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1 - shell: /bin/bash - ssh_keys: - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' - - - name: localadmin - user_id: 1051 - group_id: 1051 - password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90 - shell: /bin/bash - ssh_keys: - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it' - - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS' - - - name: back - user_id: 1060 - group_id: 1060 - group: back - password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n. - shell: /bin/bash - ssh_keys: - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' - - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' - - -sudo_users: - - chris - - sysadm - - localadmin - - -# --- -# vars used by roles/common/tasks/users-systemfiles.yml -# --- - - -# --- -# vars used by roles/common/tasks/webadmin-user.yml -# --- - - -# --- -# vars used by roles/common/tasks/sudoers.yml -# --- -# -# see: roles/common/tasks/vars - - -# --- -# vars used by roles/common/tasks/caching-nameserver.yml -# --- - - -# --- -# vars used by roles/common/tasks/git.yml -# --- - -git_firewall_repository: - name: ipt-server - repo: https://git.oopen.de/firewall/ipt-server - dest: /usr/local/src/ipt-server - -# ============================== - - -# --- -# vars used by scripts/reset_root_passwd.yml -# --- - -root_user: - name: root - password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq. - diff --git a/host_vars/o28.oopen.de.yml b/host_vars/o28.oopen.de.yml index 37f14a6..5dab80a 100644 --- a/host_vars/o28.oopen.de.yml +++ b/host_vars/o28.oopen.de.yml @@ -4,6 +4,7 @@ # vars used by roles/network_interfaces # --- + # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted network_manage_devices: True @@ -22,21 +23,150 @@ network_interface_required_packages: network_interfaces: - - device: br0 + # Many device configurations are possible (as many as needed) + # + - device: enp41s0 # use only once per device (for the first device entry) - headline: br0 - bridge over device enp35s0 + headline: enp41s0 - primary device - # auto & allow are only used for the first device entry + # auto & allow are only used for the first entry of that devicei-name) + # allow: [] # array of allow-[stanzas] eg. allow-hotplug auto: true family: inet + + # The statisc Mode + # Options + # address + # gateway + # pointopoint
+ # hwaddress + # mtu + # scope
+ # + # The manual Method + # Options + # hwaddress + # mtu + # + # The dhcp Method + # Options + # hwaddress + # hostname + # metric + # leasehours + # leasetime + # vendor + # client + # + # The bootp Method + # Options + # bootfile: + # server: + # hwaddr + # method: static - hwaddress: a8:a1:59:0e:9f:2c + + hwaddress: description: - address: 95.217.109.232 + address: 65.108.238.45 + # dotted quad or number of bits + # + # the entry will be: address/netmask netmask: 26 - gateway: 95.217.109.193 + gateway: 65.108.238.1 + metric: + pointopoint: + mtu: + scope: + + # additional user by dhcp method + # + hostname: + leasehours: + leasetime: + vendor: + client: + + # additional used by bootp method + # + bootfile: + server: + hwaddr: + + # optional dns settings nameservers: [] + # + # nameservers: + # - 194.150.168.168 # dns.as250.net + # - 91.239.100.100 # anycast.censurfridns.dk + # search: warenform.de + # + nameservers: + - 185.12.64.1 + - a01:4ff:ff00::add:2 + search: + + # optional additional subnets/ips subnets: [] + # subnets: + # - '192.168.123.0/24' + # - '192.168.124.11/32' + + # optional bridge parameters bridge: {} + # bridge: + # ports: + # stp: + # fd: + # maxwait: + # waitport: + bridge: {} + + # optional bonding parameters bond: {} + # bond: + # master + # primary + # slave + # mode: + # miimon: + # lacp-rate: + # ad-select-rate: + # master: + # slaves: + bond: {} + + # optional vlan settings | vlan: {} + # vlan: {} + # raw-device: 'eth0' + vlan: {} + + # inline hook scripts + # + # example: + # + # up: + # - !!str "route add -net 135.181.79.192 netmask 255.255.255.192 gw 135.181.79.193 dev enp41s0" + # + pre-up: [] # pre-up script lines + up: + - !!str "route add -net 65.108.238.0 netmask 255.255.255.192 gw 65.108.238.1 dev enp41s0" + post-up: [] # post-up script lines (alias for up) + pre-down: [] # pre-down script lines (alias for down) + down: [] # down script lines + post-down: [] # post-down script lines + + - device: enp41s0 + # use only once per device (for the first device entry) + headline: + + # auto & allow are only used for the first device entry + allow: [] # array of allow-[stanzas] eg. allow-hotplug + auto: + + family: inet6 + method: static + address: 2a01:4f9:1a:b226::2 + netmask: 64 + gateway: fe80::1 metric: pointopoint: mtu: @@ -64,8 +194,6 @@ network_interfaces: # search: warenform.de # nameservers: - - 195.201.179.131 - - 95.217.204.204 search: # optional additional subnets/ips subnets: [] @@ -80,24 +208,15 @@ network_interfaces: # fd: # maxwait: # waitport: - bridge: - ports: enp35s0 # for mor devices support a blank separated list - stp: !!str off - fd: 1 - hello: 2 - maxage: 12 + bridge: {} # optional bonding parameters bond: {} # bond: - # master - # primary - # slave - # method: + # mode: # miimon: - # lacp-rate: - # ad-select-rate: # master: # slaves: + # lacp-rate: bond: {} # optional vlan settings | vlan: {} @@ -106,23 +225,13 @@ network_interfaces: vlan: {} # inline hook scripts - pre-up: [] # pre-up script lines - up: - - !!str "route add -net 95.217.109.192 netmask 255.255.255.192 gw 95.217.109.193 dev br0" # up script lines + pre-up: []# pre-up script lines + up: [] # up script lines post-up: [] # post-up script lines (alias for up) pre-down: [] # pre-down script lines (alias for down) down: [] # down script lines post-down: [] # post-down script lines - - - - device: br0 - family: inet6 - method: static - address: 2a01:4f9:4a:2b57::2 - netmask: 64 - gateway: fe80::1 - # --- # vars used by roles/ansible_dependencies # --- @@ -147,11 +256,16 @@ network_interfaces: # vars used by roles/common/tasks/apt.yml # --- +#apt_manage_sources_list: false + # --- # vars used by roles/common/tasks/users.yml # --- +create_sftp_group: true + + default_user: - name: chris @@ -193,6 +307,12 @@ default_user: - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol' + +extra_system_user: + - name: www-data + home: /var/www + groups: sftp_users + sudo_users: - chris - sysadm diff --git a/host_vars/oolm-shop.oopen.de.yml b/host_vars/oolm-shop.oopen.de.yml new file mode 100644 index 0000000..ba852cd --- /dev/null +++ b/host_vars/oolm-shop.oopen.de.yml @@ -0,0 +1,70 @@ +--- + +# --- +# vars used by roles/ansible_dependencies +# --- + + +# --- +# vars used by roles/ansible_user +# --- + + +# --- +# vars used by roles/common/tasks/basic.yml +# --- + + +# --- +# vars used by roles/common/tasks/sshd.yml +# --- + +sshd_password_authentication: !!str "yes" + + +# --- +# vars used by apt.yml +# --- + + +# --- +# vars used by roles/common/tasks/users.yml +# --- + + +# --- +# vars used by roles/common/tasks/users-systemfiles.yml +# --- + + +# --- +# vars used by roles/common/tasks/webadmin-user.yml +# --- + + +# --- +# vars used by roles/common/tasks/sudoers.yml +# --- +# +# see: roles/common/tasks/vars + + +# --- +# vars used by roles/common/tasks/caching-nameserver.yml +# --- + + +# --- +# vars used by roles/common/tasks/git.yml +# --- +# +# see: roles/common/tasks/vars + + +# ============================== + + +# --- +# vars used by scripts/reset_root_passwd.yml +# --- + diff --git a/host_vars/server27.warenform.de.yml b/host_vars/server27.warenform.de.yml index add3825..0f7e238 100644 --- a/host_vars/server27.warenform.de.yml +++ b/host_vars/server27.warenform.de.yml @@ -140,6 +140,12 @@ network_interfaces: # vars used by roles/common/tasks/basic.yml # --- +copy_additional_plain_files_sysctl: + + - name: elasticsearch + src_path: etc/sysctl.d/60-elasticsearch.conf + dest_path: /etc/sysctl.d/60-elasticsearch.conf + # --- # vars used by roles/common/tasks/sshd.yml diff --git a/host_vars/zapata.opp.netz.yml b/host_vars/zapata.opp.netz.yml index ab7487b..90e9e13 100644 --- a/host_vars/zapata.opp.netz.yml +++ b/host_vars/zapata.opp.netz.yml @@ -315,6 +315,12 @@ samba_user: - beratung password: '20!lavinia*20' + - name: mahadi + groups: + - buero + - beratung + password: '22_mahadi#obs' + - name: marcus groups: - buero @@ -322,6 +328,12 @@ samba_user: - verwaltung password: '' + - name: maria + groups: + - buero + - beratung + password: 'm4ri4+adb22' + - name: martin groups: - buero