update...

2023-05-01 10:47:10 +02:00
parent 9766f7841e
commit bb57e8e555
35 changed files with 1416 additions and 274 deletions
--- a/host_vars/b.mx.oopen.de.yml
+++ b/host_vars/b.mx.oopen.de.yml
@ -99,22 +99,24 @@ copy_plain_files:
    dest_path: /root/bin/postfix/conf/whitelist_mb_sigs.conf


-copy_plain_files_postfwd_host_specific: []
+copy_plain_files_postfix_host_specific:

-#copy_plain_files_postfwd_host_specific:
-#  # Postfix Firewall postfwd
-#  #
-#  - name: postfwd.bl-sender
-#    src_path: b.mx/etc/postfix/postfwd.bl-sender
-#    dest_path: /etc/postfix/postfwd.bl-sender
-#
-#  - name: postfwd.bl-user
-#    src_path: b.mx/etc/postfix/postfwd.bl-user
-#    dest_path: /etc/postfix/postfwd.bl-user
-#
-#  - name: postfwd.wl-user
-#    src_path: b.mx/etc/postfix/postfwd.wl-user
-#    dest_path: /etc/postfix/postfwd.wl-user
+  - name: relay_domains
+    src_path: b.mx/etc/postfix/relay_domains
+    dest_path: /etc/postfix/relay_domains
+
+
+copy_plain_files_postfwd_host_specific:
+
+  # Postfix Firewall postfwd
+  #
+  - name: postfwd.wl-nets
+    src_path: b.mx/etc/postfix/postfwd.wl-nets
+    dest_path: /etc/postfix/postfwd.wl-nets
+
+  - name: postfwd.wl-sender
+    src_path: b.mx/etc/postfix/postfwd.wl-sender
+    dest_path: /etc/postfix/postfwd.wl-sender


 copy_template_files: []
--- a/host_vars/o13-mail.oopen.de.yml
+++ b/host_vars/o13-mail.oopen.de.yml
@ -100,6 +100,69 @@ sudo_users:
 # see: roles/common/tasks/vars


+# ---
+# vars used by roles/common/tasks/copy_files.yml
+# ---
+
+copy_plain_files:
+
+  # /root/bin/monitoring
+  #
+  - name: monitoring_check_cert_for_dovecot.conf
+    src_path: o13-mail/root/bin/monitoring/conf/check_cert_for_dovecot.conf
+    dest_path: /root/bin/monitoring/conf/check_cert_for_dovecot.conf
+
+  - name: monitoring_check_webservice_load.conf
+    src_path: o13-mail/root/bin/monitoring/conf/check_webservice_load.conf
+    dest_path: /root/bin/monitoring/conf/check_webservice_load.conf
+
+  # /root/bin/postfix
+  #
+  - name: postfix_check-postfix-fatal-errors.conf
+    src_path: o13-mail/root/bin/postfix/conf/check-postfix-fatal-errors.conf
+    dest_path: /root/bin/postfix/conf/check-postfix-fatal-errors.conf
+
+
+copy_plain_files_postfwd_host_specific:
+
+  - name: header_checks.pcre
+    src_path: o13-mail/etc/postfix/header_checks.pcre
+    dest_path: /etc/postfix/header_checks.pcre
+
+  - name: postfwd.wl-hosts
+    src_path: o13-mail/etc/postfix/postfwd.wl-hosts
+    dest_path: /etc/postfix/postfwd.wl-hosts
+
+  - name: postfwd.wl-hosts
+    src_path: o13-mail/etc/postfix/postfwd.wl-hosts
+    dest_path: /etc/postfix/postfwd.wl-hosts
+
+  - name: postfwd.wl-nets
+    src_path: o13-mail/etc/postfix/postfwd.wl-nets
+    dest_path: /etc/postfix/postfwd.wl-nets
+
+  - name: postfwd.wl-sender
+    src_path: o13-mail/etc/postfix/postfwd.wl-sender
+    dest_path: /etc/postfix/postfwd.wl-sender
+
+  - name: postfwd.wl-user
+    src_path: o13-mail/etc/postfix/postfwd.wl-user
+    dest_path: /etc/postfix/postfwd.wl-user
+
+  # Postfix Firewall postfwd
+  #
+  #- name: postfwd.wl-user
+  #  src_path: o13-mail/etc/postfix/postfwd.wl-user
+  #  dest_path: /etc/postfix/postfwd.wl-user
+
+
+#copy_template_files: []
+#
+#  - name: mailsystem_install_amavis.conf
+#    src_path: usr/local/src/mailsystem/conf/install_amavis.conf.j2
+#    dest_path: /usr/local/src/mailsystem/conf/install_amavis.conf
+
+
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
--- a/host_vars/o34.oopen.de.yml
+++ b/host_vars/o34.oopen.de.yml
@ -22,9 +22,9 @@ network_interface_required_packages:

 network_interfaces:

-  - device: eth0
+  - device: enp6s0
    # use only once per device (for the first device entry)
-    headline: eth0 - primary network interface
+    headline: enp6s0 - primary network interface

    # auto & allow are only used for the first device entry
    allow: [] # array of allow-[stanzas] eg. allow-hotplug
@ -34,9 +34,9 @@ network_interfaces:
    method: static
    hwaddress:
    description:
-    address: 195.128.100.83
-    netmask: 22
-    gateway: 195.128.100.1
+    address: 65.109.158.101
+    netmask: 26
+    gateway: 65.109.158.65
    metric:
    pointopoint:
    mtu:
@ -64,9 +64,9 @@ network_interfaces:
    #    search: warenform.de
    #
    nameservers:
-      - 46.38.225.230
-      - 46.38.252.230
-      - 2a03:4000:8000::fce6
+      - 127.0.0.1
+      - 185.12.64.2
+      - 2a01:4ff:ff00::add:1
    search:

    # optional additional subnets/ips subnets: []
@ -98,7 +98,7 @@ network_interfaces:

    # optional vlan settings | vlan: {}
    # vlan: {}
-    #   raw-device: 'eth0'
+    #   raw-device: 'enp6s0'
    vlan: {}

    # inline hook scripts
@ -111,10 +111,10 @@ network_interfaces:



-  - device: eth0
+  - device: enp6s0
    family: inet6
    method: static
-    address: 2a03:4000:35:761:a438:21ff:fea0:11bc
+    address: 2a01:4f9:3080:155d::2
    netmask: 64
    gateway: fe80::1

@ -151,7 +151,7 @@ network_interfaces:
 default_user:

  - name: chris
-    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
+    password: $y$j9T$4tHDBpAXsLybUcR3EkGsN1$FztD35vOLJ2wkdcMMyWVjx7H6vCYAXK2Sik9RVx6iF6
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
@ -162,7 +162,7 @@ default_user:
    user_id: 1050
    group_id: 1050
    group: sysadm
-    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
+    password: $y$j9T$yvoukGb.97d5zHhCyfsi81$AmUW40NQhF4guOF95AZ/wU52SxmU8pviyqTOKgssLJB
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
@ -171,19 +171,17 @@ default_user:
  - name: localadmin
    user_id: 1051
    group_id: 1051
-    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
+    password: $y$j9T$jS87fYUjhgghnH3Z46quc1$Kc7ywLGc2XidgYNCT3J/cVy5.2JEATyB0oAwxzE92L7
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
-      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it'
-      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS'

  - name: back
    user_id: 1060
    group_id: 1060
    group: back
-    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
+    password: $y$j9T$Q3MnSpKzmdfYWzmQVheWu/$7RcNMpDKF5aln1hk.5ReYfKSNUeRxfOj1yaHmo6YH95
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
--- a/host_vars/rage.so36.net.yml
+++ b/host_vars/rage.so36.net.yml
@ -0,0 +1,131 @@
+---
+  
+# ---
+# vars used by roles/ansible_dependencies
+# ---
+
+
+# ---
+# vars used by roles/ansible_user
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/basic.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/sshd.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/apt.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/users.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/users-systemfiles.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/webadmin-user.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/sudoers.yml
+# ---
+#
+# see: roles/common/tasks/vars
+
+
+# ---
+# vars used by roles/common/tasks/copy_files.yml
+# ---
+
+copy_plain_files:
+
+  # /root/bin/monitoring
+  #
+  - name: monitoring_check_cert_for_dovecot.conf
+    src_path: rage/root/bin/monitoring/conf/check_cert_for_dovecot.conf
+    dest_path: /root/bin/monitoring/conf/check_cert_for_dovecot.conf
+
+  # /root/bin/postfix
+  #
+  - name: postfix_check-postfix-fatal-errors.conf
+    src_path: rage/root/bin/postfix/conf/check-postfix-fatal-errors.conf
+    dest_path: /root/bin/postfix/conf/check-postfix-fatal-errors.conf
+
+  - name: postfix_sent_userinfo_postfix.conf
+    src_path: rage/root/bin/postfix/conf/sent_userinfo_postfix.conf
+    dest_path: /root/bin/postfix/conf/sent_userinfo_postfix.conf
+
+  - name: postfix_get_number_of_deferred_mailqueue.conf
+    src_path: rage/root/bin/postfix/conf/get_number_of_deferred_mailqueue.conf
+    dest_path: /root/bin/postfix/conf/get_number_of_deferred_mailqueue.conf
+
+
+copy_plain_files_postfwd_host_specific:
+
+  - name: header_checks.pcre
+    src_path: rage/etc/postfix/header_checks.pcre
+    dest_path: /etc/postfix/header_checks.pcre
+
+  - name: postfwd.wl-hosts
+    src_path: rage/etc/postfix/postfwd.wl-hosts
+    dest_path: /etc/postfix/postfwd.wl-hosts
+
+  - name: postfwd.wl-hosts
+    src_path: rage/etc/postfix/postfwd.wl-hosts
+    dest_path: /etc/postfix/postfwd.wl-hosts
+
+  - name: postfwd.wl-nets
+    src_path: rage/etc/postfix/postfwd.wl-nets
+    dest_path: /etc/postfix/postfwd.wl-nets
+
+  - name: postfwd.wl-sender
+    src_path: rage/etc/postfix/postfwd.wl-sender
+    dest_path: /etc/postfix/postfwd.wl-sender
+
+  - name: postfwd.wl-user
+    src_path: rage/etc/postfix/postfwd.wl-user
+    dest_path: /etc/postfix/postfwd.wl-user
+
+  # Postfix Firewall postfwd
+  #
+  #- name: postfwd.wl-user
+  #  src_path: rage/etc/postfix/postfwd.wl-user
+  #  dest_path: /etc/postfix/postfwd.wl-user
+
+
+#copy_template_files: []
+#
+#  - name: mailsystem_install_amavis.conf
+#    src_path: usr/local/src/mailsystem/conf/install_amavis.conf.j2
+#    dest_path: /usr/local/src/mailsystem/conf/install_amavis.conf
+
+
+# ---
+# vars used by roles/common/tasks/caching-nameserver.yml
+# ---
+
+
+# ---
+# vars used by roles/common/tasks/git.yml
+# ---
+
+# ==============================
+
+
+# ---
+# vars used by scripts/reset_root_passwd.yml
+# ---
--- a/host_vars/zapata.opp.netz.yml
+++ b/host_vars/zapata.opp.netz.yml
@ -329,7 +329,13 @@ samba_user:
      - beratung
    password: '20!lavinia*20'

-  - name: mahadi 
+  - name: magdalena
+    groups:
+      - buero
+      - beratung
+    password: 'magdalena_23'
+
+  - name: mahadi
    groups:
      - buero
      - beratung