ansible/oopen-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add and update host variable files for various servers

Browse Source 
- Created new host variable file for `iam-nd.oopen.de` with network and cron configurations.
- Created new host variable file for `test.mariadb.oopen.de` with cron environment entries.
- Updated `file-km.anw-km.netz.yml.BAK.2026-04-18-1218` with network interface configurations and DNS settings.
- Modified `gw-campus.oopen.de.yml` to change device names for network interfaces.
- Updated `nd-archiv.warenform.de.yml`, `nd-live.warenform.de.yml`, `nd.warenform.de.yml`, `web0.warenform.de.yml`, `web1.warenform.de.yml`, and `web2.warenform.de.yml` to replace `wkhtmltopdf` with `weasyprint` in the list of extra packages.
- Updated `o26.oopen.de.yml` to correct SSH key destination and change backup job script path.
- Added `iam-nd.oopen.de` to the hosts file for server management.
This commit is contained in:
Christoph
2026-05-01 02:30:31 +02:00
parent 7d5640f3bd
commit b0dd95318a
20 changed files with 1378 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
host_vars/file-km-neu.anw-km.netz.yml
View File

@@ -60,7 +60,7 @@ network_interfaces:
maxage: 12
# inline hook scripts
pre-up:
pre-up:
- !!str "ip link set dev eno1np0 up" # pre-up script lines
up: [] #up script lines
post-up: [] # post-up script lines (alias for up)
@@ -93,6 +93,13 @@ network_interfaces:
# vars used by roles/common/tasks/apt.yml
# ---
apt_install_extra_pkgs:
- lvm2
- kpartx
- ntfs-3g
- swtpm
- swtpm-tools
# ---
# vars used by roles/common/tasks/systemd-resolved.yml
@@ -175,6 +182,44 @@ cron_user_special_time_entries:
job: "sleep 10 ; /bin/systemctl restart systemd-resolved"
insertafter: PATH
- name: "Activate ksm support"
special_time: reboot
job: "echo 1 > /sys/kernel/mm/ksm/run"
insertafter: PATH
cron_user_entries:
- name: "Check if SSH service is running. Restart service if needed."
minute: '*/5'
hour: '*'
job: /root/bin/monitoring/check_ssh.sh
- name: "Check if postfix mailservice is running. Restart service if needed."
minute: "*/5"
hour: "*"
job: /root/bin/monitoring/check_postfix.sh
- name: "Check Postfix E-Mail LOG file for 'fatal' errors."
minute: "*/30"
hour: "*"
job: /root/bin/postfix/check-postfix-fatal-errors.sh
- name: "Clean up Samba Trash Dirs"
minute: "02"
hour: "23"
job: /root/bin/samba/clean_samba_trash.sh
- name: "Set (group and access) Permissons for Samba shares"
minute: "14"
hour: "23"
job: /root/bin/samba/set_permissions_samba_shares.sh
- name: "Check if ntpsec is running. Restart service if needed."
minute: "*/6"
hour: "*"
job: /root/bin/monitoring/check_ntpsec_service.sh
# ---
@@ -270,9 +315,9 @@ sudoers_file_user_back_mount_privileges:
samba_server_ip: 192.168.122.210
samba_server_cidr_prefix: 24
samba_workgroup: WORKGROUP
samba_workgroup: ANW-KM
samba_netbios_name: FILE-KM
samba_netbios_name: FILE-KM-01
samba_server_min_protocol: !!str NT1
@@ -285,10 +330,12 @@ samba_groups:
group_id: 1115
- name: intern
group_id: 1120
- name: aulmann
- name: wildvang
group_id: 1130
- name: howe
group_id: 1140
#- name: aulmann
# group_id: 1130
#- name: howe
# group_id: 1140
- name: stahmann
group_id: 1150
- name: traine
@@ -318,8 +365,6 @@ samba_user:
- name: andrea
groups:
- advoware
- aulmann
- howe
- stahmann
- traine
- public
@@ -336,8 +381,6 @@ samba_user:
- name: aphex2
groups:
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -354,8 +397,6 @@ samba_user:
- name: beuster
groups:
- advoware
- aulmann
- howe
- stahmann
- traine
- public
@@ -407,11 +448,11 @@ samba_user:
- a-jur
- advoware
- alle
- aulmann
- intern
- kanzlei
- stahmann
- traine
- wildvang
- public
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
@@ -425,8 +466,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -436,8 +475,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -457,7 +494,6 @@ samba_user:
- name: ho-st1
groups:
- alle
- howe
- stahmann
password: '44-Ro-440'
@@ -473,8 +509,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -484,8 +518,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -504,8 +536,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -515,8 +545,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -526,8 +554,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -537,8 +563,6 @@ samba_user:
groups:
- advoware
- alle
- aulmann
- howe
- stahmann
- traine
password: '66koeln66'
@@ -562,8 +586,6 @@ samba_user:
- name: rolf
groups:
- alle
- aulmann
- howe
- stahmann
- traine
- public
@@ -574,11 +596,11 @@ samba_user:
- a-jur
- advoware
- alle
- aulmann
- intern
- kanzlei
- stahmann
- traine
- wildvang
- public
password: 'Ax_GSHh5'
@@ -595,12 +617,18 @@ samba_user:
- advoware
- alle
- kanzlei
- howe
- stahmann
- traine
- public
password: 'maltzwo2'
- name: wiebke
groups:
- alle
- wildvang
- public
password: 'uJ5gF/m53p.P'
- name: winadm
groups:
- a-jur
@@ -657,27 +685,38 @@ samba_shares:
dir_create_mask: !!str 2770
vfs_object_recycle: false
- name: aulmann
comment: Aulmann auf Fileserver
path: /data/samba/Aulmann
group_valid_users: aulmann
group_write_list: aulmann
- name: wildvang
comment: Wildvang auf Fileserver
path: /data/samba/Wildvang
group_valid_users: wildvang
group_write_list: wildvang
file_create_mask: !!str 660
dir_create_mask: !!str 2770
vfs_object_recycle: true
recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true
- name: howe
comment: Howe auf Fileserver
path: /data/samba/Howe
group_valid_users: howe
group_write_list: howe
file_create_mask: !!str 660
dir_create_mask: !!str 2770
vfs_object_recycle: true
recycle_path: '@Recycle'
vfs_object_recycle_is_visible: true
# - name: aulmann
# comment: Aulmann auf Fileserver
# path: /data/samba/Aulmann
# group_valid_users: aulmann
# group_write_list: aulmann
# file_create_mask: !!str 660
# dir_create_mask: !!str 2770
# vfs_object_recycle: true
# recycle_path: '@Recycle'
# vfs_object_recycle_is_visible: true
# - name: howe
# comment: Howe auf Fileserver
# path: /data/samba/Howe
# group_valid_users: howe
# group_write_list: howe
# file_create_mask: !!str 660
# dir_create_mask: !!str 2770
# vfs_object_recycle: true
# recycle_path: '@Recycle'
# vfs_object_recycle_is_visible: true
- name: stahmann
comment: Stahmann auf Fileserver