update..
This commit is contained in:
parent
bec58dbf36
commit
ebc9d1303e
14
ansible.cfg
14
ansible.cfg
@ -10,7 +10,19 @@
|
||||
|
||||
|
||||
[defaults]
|
||||
ansible_managed = *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
ansible_managed = *** [ Ansible managed file: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# Use of 'ansible_managed'
|
||||
#
|
||||
# + use with filter 'comment' - WITHOUT leading comment sign:
|
||||
#
|
||||
# {{ ansible_managed | comment }}
|
||||
#
|
||||
#
|
||||
# + use without filter 'comment' - WITH leading comment sign:
|
||||
#
|
||||
# # {{ ansible_managed }}
|
||||
|
||||
#gathering = smart
|
||||
#fact_caching = jsonfile
|
||||
#fact_caching_connection = ~/.cache/
|
||||
|
||||
51
hosts
51
hosts
@ -22,9 +22,7 @@ gw-irights.oopen.de
|
||||
gw-km.oopen.de
|
||||
gw-mbr.oopen.de
|
||||
gw-opp.oopen.de
|
||||
172.16.62.2
|
||||
gw-ro.oopen.de
|
||||
172.16.72.1
|
||||
gw-spr.oopen.de
|
||||
|
||||
gw-kb.oopen.de
|
||||
@ -41,7 +39,6 @@ ga-st-gw-ersatz.ga.netz
|
||||
ga-st-gw.oopen.de
|
||||
ga-al-gw.ga.netz
|
||||
ga-nh-gw.ga.netz
|
||||
192.168.11.182
|
||||
|
||||
server16.warenform.de
|
||||
helden.warenform.de
|
||||
@ -87,9 +84,6 @@ o13-pad.oopen.de
|
||||
o13-schleuder.oopen.de
|
||||
o13-web.oopen.de
|
||||
|
||||
o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
o17.oopen.de
|
||||
test.mx.oopen.de
|
||||
meet2.oopen.de
|
||||
@ -162,7 +156,7 @@ e.mx.oopen.de
|
||||
etherpad.oopen.de
|
||||
web-02.oopen.de
|
||||
d.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# O.OPEN - b.mx web-01 ...
|
||||
o36.oopen.de
|
||||
@ -191,9 +185,7 @@ gw-km.oopen.de
|
||||
gw-irights.oopen.de
|
||||
gw-mbr.oopen.de
|
||||
gw-opp.oopen.de
|
||||
172.16.62.2
|
||||
gw-ro.oopen.de
|
||||
172.16.72.1
|
||||
gw-km.oopen.de
|
||||
gw-spr.oopen.de
|
||||
|
||||
@ -213,7 +205,6 @@ ga-st-gw-ersatz.ga.netz
|
||||
ga-st-gw.oopen.de
|
||||
ga-al-gw.ga.netz
|
||||
ga-nh-gw.ga.netz
|
||||
192.168.11.182
|
||||
|
||||
# ---
|
||||
# - Warenform Server
|
||||
@ -287,10 +278,6 @@ o13-pad.oopen.de
|
||||
o13-schleuder.oopen.de
|
||||
o13-web.oopen.de
|
||||
|
||||
# - o14.oopen.de
|
||||
o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
o17.oopen.de
|
||||
test.mx.oopen.de
|
||||
test.mariadb.oopen.de
|
||||
@ -373,7 +360,7 @@ e.mx.oopen.de
|
||||
etherpad.oopen.de
|
||||
web-02.oopen.de
|
||||
d.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# O.OPEN - b.mx web-01 ...
|
||||
o36.oopen.de
|
||||
@ -445,9 +432,6 @@ o13-mail.oopen.de
|
||||
o13-mumble.oopen.de
|
||||
o13-web.oopen.de
|
||||
|
||||
# o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
# o17.oopen.de
|
||||
test.mariadb.oopen.de
|
||||
test.mx.oopen.de
|
||||
@ -485,7 +469,7 @@ cl-02.oopen.de
|
||||
e.mx.oopen.de
|
||||
web-02.oopen.de
|
||||
d.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# o36 - b.mx, web-01, web-03,--
|
||||
matomo-01.oopen.de
|
||||
@ -703,9 +687,6 @@ c.mx.oopen.de
|
||||
o13-mail.oopen.de
|
||||
o13-schleuder.oopen.de
|
||||
|
||||
# o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
# o17.oopen.de
|
||||
test.mx.oopen.de
|
||||
|
||||
@ -718,7 +699,7 @@ mail.faire-mobilitaet.de
|
||||
# o35.oopen.de
|
||||
e.mx.oopen.de
|
||||
d.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# o36 - b.mx, web-01, web-03,--
|
||||
web-01.oopen.de
|
||||
@ -756,16 +737,13 @@ lists.mx.warenform.de
|
||||
o13-board.oopen.de
|
||||
o13-mail.oopen.de
|
||||
|
||||
# o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
# o25.oopen.de
|
||||
mail.faire-mobilitaet.de
|
||||
|
||||
# o35.oopen.de
|
||||
e.mx.oopen.de
|
||||
d.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# o36 - b.mx, web-01, web-03,--
|
||||
web-01.oopen.de
|
||||
@ -959,9 +937,6 @@ c.mx.oopen.de
|
||||
# o13.oopen.de
|
||||
o13-mail.oopen.de
|
||||
|
||||
# o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
# o17.oopen.de
|
||||
test.mx.oopen.de
|
||||
|
||||
@ -977,7 +952,7 @@ mail.faire-mobilitaet.de
|
||||
# o35.oopen.de
|
||||
d.mx.oopen.de
|
||||
e.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# o36.oopen.de - b.mx, web-01, web-03
|
||||
b.mx.oopen.de
|
||||
@ -1078,7 +1053,6 @@ o34.oopen.de
|
||||
|
||||
o12.oopen.de
|
||||
o13.oopen.de
|
||||
o14.oopen.de
|
||||
o17.oopen.de
|
||||
o18.oopen.de
|
||||
#o20.oopen.de
|
||||
@ -1142,9 +1116,6 @@ o13-pad.oopen.de
|
||||
o13-schleuder.oopen.de
|
||||
o13-web.oopen.de
|
||||
|
||||
# - o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
# - o17.oopen.de
|
||||
test.mx.oopen.de
|
||||
test.mariadb.oopen.de
|
||||
@ -1218,7 +1189,7 @@ etherpad.oopen.de
|
||||
web-02.oopen.de
|
||||
b.ns.oopen.de
|
||||
d.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# o36 - b.mx, web-01, web-03,--
|
||||
b.mx.oopen.de
|
||||
@ -1321,10 +1292,6 @@ o13-pad.oopen.de
|
||||
o13-schleuder.oopen.de
|
||||
o13-web.oopen.de
|
||||
|
||||
# - o14.oopen.de
|
||||
o14.oopen.de
|
||||
a.mx.oopen.de
|
||||
|
||||
# - o17.oopen.de
|
||||
o17.oopen.de
|
||||
test.mx.oopen.de
|
||||
@ -1410,7 +1377,7 @@ etherpad.oopen.de
|
||||
web-02.oopen.de
|
||||
b.ns.oopen.de
|
||||
d.mx.oopen.de
|
||||
95.217.204.247
|
||||
a.mx.oopen.de
|
||||
|
||||
# o36 - b.mx, web-01, web-03,--
|
||||
b.mx.oopen.de
|
||||
@ -1458,7 +1425,6 @@ ga-st-gw-ersatz.ga.netz
|
||||
ga-st-gw.oopen.de
|
||||
ga-al-gw.ga.netz
|
||||
ga-nh-gw.ga.netz
|
||||
192.168.11.182
|
||||
|
||||
# - readonly gateways
|
||||
gw-123.oopen.de
|
||||
@ -1504,7 +1470,6 @@ ga-st-gw-ersatz.ga.netz
|
||||
ga-st-gw.oopen.de
|
||||
ga-al-gw.ga.netz
|
||||
ga-nh-gw.ga.netz
|
||||
192.168.11.182
|
||||
|
||||
gw-replacement3.local.netz
|
||||
|
||||
|
||||
@ -1,4 +1,8 @@
|
||||
# *** ---------------------------------------------- ***
|
||||
# *** ***
|
||||
# {{ ansible_managed }}
|
||||
# *** ***
|
||||
# *** ---------------------------------------------- ***
|
||||
|
||||
#-----------------------------
|
||||
# Daemon
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
# {{ ansible_managed }}
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# This file MUST be edited with the 'visudo' command as root.
|
||||
#
|
||||
|
||||
@ -804,6 +804,49 @@
|
||||
- nc_turn_service_ipv6_present is changed
|
||||
|
||||
|
||||
# ---
|
||||
# Allow Outbound Streamin / Echo360 Video Streaming
|
||||
# ---
|
||||
|
||||
- name: Check if String 'allow_outbound_streaming..' (IPv4) is present
|
||||
shell: grep -q -E "^allow_outbound_streaming=" /ro/etc/ipt-firewall/main_ipv4.conf
|
||||
register: allow_outbound_streaming_ipv4_present
|
||||
when: main_ipv4_exists.stat.exists
|
||||
failed_when: "allow_outbound_streaming_ipv4_present.rc > 1"
|
||||
changed_when: "allow_outbound_streaming_ipv4_present.rc > 0"
|
||||
|
||||
- name: Adjust file '/ro/etc/ipt-firewall/main_ipv4.conf' (allow_outbound_streaming)
|
||||
blockinfile:
|
||||
path: /ro/etc/ipt-firewall/main_ipv4.conf
|
||||
insertafter: '^#?\s*allow_mumble_request_out'
|
||||
block: |
|
||||
allow_outbound_streaming=true
|
||||
allow_echo360_video_streaming=true
|
||||
marker: "# Marker set by modify-ipt-gateway.yml (allow_outbound_streaming)"
|
||||
when:
|
||||
- main_ipv4_exists.stat.exists
|
||||
- allow_outbound_streaming_ipv4_present is changed
|
||||
|
||||
- name: Check if String 'allow_outbound_streaming..' (IPv6) is present
|
||||
shell: grep -q -E "^allow_outbound_streaming=" /ro/etc/ipt-firewall/main_ipv6.conf
|
||||
register: allow_outbound_streaming_ipv6_present
|
||||
when: main_ipv6_exists.stat.exists
|
||||
failed_when: "allow_outbound_streaming_ipv6_present.rc > 1"
|
||||
changed_when: "allow_outbound_streaming_ipv6_present.rc > 0"
|
||||
|
||||
- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (allow_outbound_streaming)
|
||||
blockinfile:
|
||||
path: /ro/etc/ipt-firewall/main_ipv6.conf
|
||||
insertafter: '^#?\s*allow_mumble_request_out'
|
||||
block: |
|
||||
allow_outbound_streaming=true
|
||||
allow_echo360_video_streaming=true
|
||||
marker: "# Marker set by modify-ipt-gateway.yml (allow_outbound_streaming)"
|
||||
when:
|
||||
- main_ipv6_exists.stat.exists
|
||||
- allow_outbound_streaming_ipv6_present is changed
|
||||
|
||||
|
||||
# ---
|
||||
# Remove Marker set by blockinfile
|
||||
# ---
|
||||
|
||||
@ -935,6 +935,49 @@
|
||||
- bigbluebutton_service_ipv6_present is changed
|
||||
|
||||
|
||||
# ---
|
||||
# Allow Outbound Streamin / Echo360 Video Streaming
|
||||
# ---
|
||||
|
||||
- name: Check if String 'allow_outbound_streaming..' (IPv4) is present
|
||||
shell: grep -q -E "^allow_outbound_streaming=" /etc/ipt-firewall/main_ipv4.conf
|
||||
register: allow_outbound_streaming_ipv4_present
|
||||
when: main_ipv4_exists.stat.exists
|
||||
failed_when: "allow_outbound_streaming_ipv4_present.rc > 1"
|
||||
changed_when: "allow_outbound_streaming_ipv4_present.rc > 0"
|
||||
|
||||
- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (allow_outbound_streaming)
|
||||
blockinfile:
|
||||
path: /etc/ipt-firewall/main_ipv4.conf
|
||||
insertafter: '^#?\s*allow_mumble_request_out'
|
||||
block: |
|
||||
allow_outbound_streaming=true
|
||||
allow_echo360_video_streaming=true
|
||||
marker: "# Marker set by modify-ipt-gateway.yml (allow_outbound_streaming)"
|
||||
when:
|
||||
- main_ipv4_exists.stat.exists
|
||||
- allow_outbound_streaming_ipv4_present is changed
|
||||
|
||||
- name: Check if String 'allow_outbound_streaming..' (IPv6) is present
|
||||
shell: grep -q -E "^allow_outbound_streaming=" /etc/ipt-firewall/main_ipv6.conf
|
||||
register: allow_outbound_streaming_ipv6_present
|
||||
when: main_ipv6_exists.stat.exists
|
||||
failed_when: "allow_outbound_streaming_ipv6_present.rc > 1"
|
||||
changed_when: "allow_outbound_streaming_ipv6_present.rc > 0"
|
||||
|
||||
- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (allow_outbound_streaming)
|
||||
blockinfile:
|
||||
path: /etc/ipt-firewall/main_ipv6.conf
|
||||
insertafter: '^#?\s*allow_mumble_request_out'
|
||||
block: |
|
||||
allow_outbound_streaming=true
|
||||
allow_echo360_video_streaming=true
|
||||
marker: "# Marker set by modify-ipt-gateway.yml (allow_outbound_streaming)"
|
||||
when:
|
||||
- main_ipv6_exists.stat.exists
|
||||
- allow_outbound_streaming_ipv6_present is changed
|
||||
|
||||
|
||||
# ---
|
||||
# Remove Marker set by blockinfile
|
||||
# ---
|
||||
|
||||
Loading…
Reference in New Issue
Block a user