updatre..

group_vars/all/main.yml

@@ -898,6 +898,15 @@ tor_hidden_service_port:
   - 993 127.0.0.1:993
   - 995 127.0.0.1:995
 
+
+# ---
+# vars used by modify-munin-ip.yml
+# ---
+
+munin_remote_ipv4: 135.181.136.84
+munin_remote_ipv6: 2a01:4f9:3a:1051::84
+
+
 # ---
 # vars used by cron.yml
 # ---

hosts

@@ -18,6 +18,7 @@ dns1.warenform.de
 
 [extra_hosts]
 backup.oopen.de
+backup-neu.oopen.de
 
 gitea.so36.net
 backup.so36.net
@@ -365,6 +366,8 @@ nscache.oopen.de
 
 # - o29.oopen.de
 o29.oopen.de
+backup-neu.oopen.de
+git-neu.oopen.de
 
 # AK - Server Nextcloud/Jitsi Meet
 o30.oopen.de
@@ -1062,6 +1065,7 @@ gateway_server
 # ---
 
 backup.oopen.de
+backup-neu.oopen.de
 devel-root.wf.netz
 
 # Backup Faire Mobilitaet
@@ -1259,6 +1263,8 @@ munin.oopen.de
 nc-gw.oopen.de
 
 # o29.oopen.de
+backup-neu.oopen.de
+git-neu.oopen.de
 
 # o30.oopen.de - AK Server Nextcloud/Jitsi Meet
 meet.akweb.de
@@ -1445,6 +1451,8 @@ nc-gw.oopen.de
 
 # - o29.oopen.de
 o29.oopen.de
+backup-neu.oopen.de
+git-neu.oopen.de
 
 # AK - Server Nextcloud/Jitsi Meet
 o30.oopen.de

modify-munin-ip.yml

@@ -0,0 +1,6 @@
+---
+
+
+- hosts: all
+  roles:
+    - modify-munin-ip

roles/modify-munin-ip/handlers/main.yml

@@ -0,0 +1,20 @@
+- name: Restart ulogd
+  service:
+    name: ulogd
+    state: restarted
+
+- name: Restart IPv4 Firewall
+  service:
+    name: ipt-firewall
+    state: restarted
+  when:
+     - interfaces_ipv4_exists.stat.exists
+     - main_ipv4_exists.stat.exists
+
+- name: Restart IPv6 Firewall
+  service:
+    name: ip6t-firewall
+    state: restarted
+  when:
+     - interfaces_ipv6_exists.stat.exists
+     - main_ipv6_exists.stat.exists

roles/modify-munin-ip/tasks/main.yml

@@ -0,0 +1,77 @@
+---
+
+
+# ---
+# Set some facts
+# ---
+
+
+- name: (modify-munin-ip) Set fact_sshd_kexalgorithms (comma separated list)
+  set_fact:
+    fact_munin_node_ipv4: "{{ munin_remote_ipv4 | replace('.', '\\.') }}"
+  when:
+    - munin_remote_ipv4 is defined and munin_remote_ipv4 | length > 0
+
+- name: (modify-munin-ip - main.yml)) Set fact_sshd_kexalgorithms (comma separated list)
+  set_fact:
+    fact_munin_node_ipv4_old: "{{ munin_remote_ipv4 | replace('.', '\\.') }}"
+  when:
+    - munin_remote_ipv4_old is defined and munin_remote_ipv4_old | length > 0
+
+  # ---
+  # Some Checks
+  # ---
+
+- name: (modify-munin-ip) Check if file '/etc/ipt-firewall/main_ipv4.conf' exists
+  stat:
+    path: /etc/ipt-firewall/main_ipv4.conf
+  register: main_ipv4_exists
+
+
+- name: Check if /etc/ipt-firewall/interfaces_ipv4.conf are present
+  stat:
+    path: /etc/ipt-firewall/interfaces_ipv4.conf
+  register: interfaces_ipv4_exists
+
+
+- name: Check if /etc/ipt-firewall/interfaces_ipv6.conf are present
+  stat:
+    path: /etc/ipt-firewall/interfaces_ipv6.conf
+  register: interfaces_ipv6_exists
+
+
+- name: Check if file '/etc/ipt-firewall/main_ipv6.conf' exists
+  stat:
+    path: /etc/ipt-firewall/main_ipv6.conf
+  register: main_ipv6_exists
+
+
+- name: (modify-munin-ip) Check if file '/etc/munin/munin-node.conf' exists
+  stat:
+    path: /etc/munin/munin-node.conf
+  register: munin_node__exists
+
+
+- name: (modify-munin-ip) /etc/ipt-firewall/main_ipv4.conf - addjust line 'munin_remote_ip' (IPv4)
+  lineinfile:
+    path: /etc/ipt-firewall/main_ipv4.conf
+    regexp: '^munin_remote_ip='
+    line: 'munin_remote_ip="{{ munin_remote_ipv4 }}"'
+  when:
+    - main_ipv4_exists.stat.exists
+  notify:
+    - Restart IPv4 Firewall
+
+
+- name: (modify-munin-ip) /etc/ipt-firewall/main_ipv6.conf - addjust line 'munin_remote_ip' (IPv6)
+  lineinfile:
+    path: /etc/ipt-firewall/main_ipv6.conf
+    regexp: '^munin_remote_ip='
+    line: 'munin_remote_ip="{{ munin_remote_ipv6 }}"'
+  when:
+    - main_ipv6_exists.stat.exists
+  notify:
+    - Restart IPv6 Firewall
+
+
+