Add and update host variable files for various servers

- Created new host variable file for `iam-nd.oopen.de` with network and cron configurations. - Created new host variable file for `test.mariadb.oopen.de` with cron environment entries. - Updated `file-km.anw-km.netz.yml.BAK.2026-04-18-1218` with network interface configurations and DNS settings. - Modified `gw-campus.oopen.de.yml` to change device names for network interfaces. - Updated `nd-archiv.warenform.de.yml`, `nd-live.warenform.de.yml`, `nd.warenform.de.yml`, `web0.warenform.de.yml`, `web1.warenform.de.yml`, and `web2.warenform.de.yml` to replace `wkhtmltopdf` with `weasyprint` in the list of extra packages. - Updated `o26.oopen.de.yml` to correct SSH key destination and change backup job script path. - Added `iam-nd.oopen.de` to the hosts file for server management.
2026-05-01 02:30:31 +02:00
parent 7d5640f3bd
commit b0dd95318a
20 changed files with 1378 additions and 108 deletions
--- a/host_vars/file-km.anw-km.netz.yml
+++ b/host_vars/file-km.anw-km.netz.yml
@@ -60,7 +60,7 @@ network_interfaces:
      maxage: 12

    # inline hook scripts
-    pre-up: 
+    pre-up:
      - !!str "ip link set dev enp97s0 up" # pre-up script lines
    up: [] #up script lines
    post-up: [] # post-up script lines (alias for up)
@@ -175,6 +175,44 @@ cron_user_special_time_entries:
    job: "sleep 10 ; /bin/systemctl restart systemd-resolved"
    insertafter: PATH

+  - name: "Activate ksm support"
+    special_time: reboot
+    job: "echo 1 > /sys/kernel/mm/ksm/run"
+    insertafter: PATH
+
+
+cron_user_entries:
+
+  - name: "Check if SSH service is running. Restart service if needed."
+    minute: '*/5'
+    hour: '*'
+    job: /root/bin/monitoring/check_ssh.sh
+
+  - name: "Check if postfix mailservice is running. Restart service if needed."
+    minute: "*/5"
+    hour: "*"
+    job: /root/bin/monitoring/check_postfix.sh
+
+  - name: "Check Postfix E-Mail LOG file for 'fatal' errors."
+    minute: "*/30"
+    hour: "*"
+    job: /root/bin/postfix/check-postfix-fatal-errors.sh
+
+  - name: "Clean up Samba Trash Dirs"
+    minute: "02"
+    hour: "23"
+    job: /root/bin/samba/clean_samba_trash.sh
+
+  - name: "Set (group and access) Permissons for Samba shares"
+    minute: "14"
+    hour: "23"
+    job: /root/bin/samba/set_permissions_samba_shares.sh
+
+  - name: "Check if ntpsec is running. Restart service if needed."
+    minute: "*/6"
+    hour: "*"
+    job: /root/bin/monitoring/check_ntpsec_service.sh
+


 # ---
@@ -233,10 +271,12 @@ samba_groups:
    group_id: 1110
  - name: intern
    group_id: 1120
-  - name: aulmann
+  - name: wildvang
    group_id: 1130
-  - name: howe
-    group_id: 1140
+  #- name: aulmann
+  #  group_id: 1130
+  #- name: howe
+  #  group_id: 1140
  - name: stahmann
    group_id: 1150
  - name: traine
@@ -266,8 +306,6 @@ samba_user:
  - name: andrea
    groups:
      - advoware
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -284,8 +322,6 @@ samba_user:
  - name: aphex2
    groups:
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -302,8 +338,6 @@ samba_user:
  - name: beuster
    groups:
      - advoware
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -355,11 +389,11 @@ samba_user:
      - a-jur
      - advoware
      - alle
-      - aulmann
      - intern
      - kanzlei
      - stahmann
      - traine
+      - wildvang
      - public
    password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
@@ -373,8 +407,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -384,8 +416,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -405,7 +435,6 @@ samba_user:
  - name: ho-st1
    groups:
      - alle
-      - howe
      - stahmann
    password: '44-Ro-440'

@@ -421,8 +450,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -432,8 +459,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -452,8 +477,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -463,8 +486,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -474,8 +495,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -485,8 +504,6 @@ samba_user:
    groups:
      - advoware
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
    password: '66koeln66'
@@ -510,8 +527,6 @@ samba_user:
  - name: rolf
    groups:
      - alle
-      - aulmann
-      - howe
      - stahmann
      - traine
      - public
@@ -522,11 +537,11 @@ samba_user:
      - a-jur
      - advoware
      - alle
-      - aulmann
      - intern
      - kanzlei
      - stahmann
      - traine
+      - wildvang
      - public
    password: 'Ax_GSHh5'

@@ -543,12 +558,18 @@ samba_user:
      - advoware
      - alle
      - kanzlei
-      - howe
      - stahmann
      - traine
      - public
    password: 'maltzwo2'

+  - name: wiebke
+    groups:
+      - alle
+      - wildvang
+      - public
+    password: 'uJ5gF/m53p.P'
+
  - name: winadm
    groups:
      - a-jur
@@ -605,27 +626,38 @@ samba_shares:
    dir_create_mask: !!str 2770
    vfs_object_recycle: false

-  - name: aulmann
-    comment: Aulmann auf Fileserver
-    path: /data/samba/Aulmann
-    group_valid_users: aulmann
-    group_write_list: aulmann
+  - name: wildvang
+    comment: Wildvang auf Fileserver
+    path: /data/samba/Wildvang
+    group_valid_users: wildvang
+    group_write_list: wildvang
    file_create_mask: !!str 660
    dir_create_mask: !!str 2770
    vfs_object_recycle: true
    recycle_path: '@Recycle'
    vfs_object_recycle_is_visible: true

-  - name: howe
-    comment: Howe auf Fileserver
-    path: /data/samba/Howe
-    group_valid_users: howe
-    group_write_list: howe
-    file_create_mask: !!str 660
-    dir_create_mask: !!str 2770
-    vfs_object_recycle: true
-    recycle_path: '@Recycle'
-    vfs_object_recycle_is_visible: true
+#  - name: aulmann
+#    comment: Aulmann auf Fileserver
+#    path: /data/samba/Aulmann
+#    group_valid_users: aulmann
+#    group_write_list: aulmann
+#    file_create_mask: !!str 660
+#    dir_create_mask: !!str 2770
+#    vfs_object_recycle: true
+#    recycle_path: '@Recycle'
+#    vfs_object_recycle_is_visible: true
+
+#  - name: howe
+#    comment: Howe auf Fileserver
+#    path: /data/samba/Howe
+#    group_valid_users: howe
+#    group_write_list: howe
+#    file_create_mask: !!str 660
+#    dir_create_mask: !!str 2770
+#    vfs_object_recycle: true
+#    recycle_path: '@Recycle'
+#    vfs_object_recycle_is_visible: true

  - name: stahmann
    comment: Stahmann auf Fileserver