update...

2024-12-13 10:44:19 +01:00 · 2024-12-13 10:44:19 +01:00 · f61e2ff73c
commit f61e2ff73c
parent 229c4bb27d
56 changed files with 1017 additions and 3057 deletions
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@ -2003,6 +2003,9 @@ default_user:
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQMCGCyIvs5hoNDoTIkKvKmEbxLf+uCYI1vx//ZQYY root@o26-backup'
 extra_user: []
--- a/group_vars/gateway_server.yml
+++ b/group_vars/gateway_server.yml
@ -74,6 +74,9 @@ default_user:
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup'
 sudo_users:
  - chris
--- a/group_vars/oopen_office.yml
+++ b/group_vars/oopen_office.yml
@ -75,6 +75,9 @@ default_user:
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup'
 sudo_users:
  - chris
--- a/group_vars/oopen_office_ga.yml
+++ b/group_vars/oopen_office_ga.yml
@ -96,7 +96,9 @@ default_user:
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup'
 sudo_users:
  - chris
--- a/group_vars/oopen_server.yml
+++ b/group_vars/oopen_server.yml
@ -84,12 +84,10 @@ default_user:
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMvy+IDUeoVwLg+cJNcKzls5guOrVUretsf05v3Y2N+Y root@default-oopen-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcEPd+MDJKzWqWStt3XpJU1OpJ0uxmipacIGkm6k3MS root@default-warenform-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/eGKbdxPYu7L/b/DjZrWek50e0AnkHFZS+zV12o5jy root@borg-client-key-warenform'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6Sra1D8JU2A68G4rSny7D0ukYKy89NVMXbdxrtdZwr root@borg-client-key-oopen'
 sudo_users:
--- a/group_vars/warenform_office.yml
+++ b/group_vars/warenform_office.yml
@ -81,7 +81,10 @@ default_user:
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID5v9m8a7zcMqIjm+faCYK9CdyHZjS8poMZrsUODzTSL root@devel-root'
 sudo_users:
  - chris
--- a/group_vars/warenform_server.yml
+++ b/group_vars/warenform_server.yml
@ -87,7 +87,9 @@ default_user:
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup'
 sudo_users:
  - chris
--- a/host_vars/135.181.79.202.yml
+++ b/host_vars/135.181.79.202.yml
@ -1,335 +0,0 @@
 ---
 # ---
 # vars used by roles/network_interfaces
 # ---
 # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted
 network_manage_devices: True
 # Should the interfaces be reloaded after config change?
 network_interface_reload: False
 network_interface_path: /etc/network/interfaces.d
 network_interface_required_packages:
  - vlan
  - bridge-utils
  - ifmetric
  - ifupdown
  - ifenslave
  - rcconf
 network_interfaces:
  # Many device configurations are possible (as many as needed)
  #
  - device: enp35s0
    # use only once per device (for the first device entry)
    headline: enp35s0 - primary device
    # auto & allow are only used for the first entry of that devicei-name)
    #
    allow: [] # array of allow-[stanzas] eg. allow-hotplug
    auto: true
    family: inet
    # The statisc Mode
    #    Options
    #       address        <dotted quad address[/netmask]>
    #       gateway        <dotted quad address>
    #       pointopoint    <Address of other end point (dotted quad). Note the spelling of "point-to">
    #       hwaddress      <mac-address>
    #       mtu            <size>
    #       scope          <Address validity scope. Possible values: global, link, host>
    #
    # The manual Method
    #    Options
    #       hwaddress      <mac-address>
    #       mtu            <size>
    #
    # The dhcp Method
    #    Options
    #       hwaddress      <mac-address>
    #       hostname       <Hostname to be requested (pump, dhcpcd, udhcpc)>
    #       metric         <metric>
    #       leasehours     <Preferred lease time in hours (pump)>
    #       leasetime      <Preferred lease time in seconds (dhcpcd)>
    #       vendor         <Vendor class identifier (dhcpcd)>
    #       client         <Client identifier (dhcpcd), or "no" (dhclient)>
    #    
    # The bootp Method  
    #    Options
    #       bootfile:      <file: Tell the server to use 'file' as the bootfile.>
    #       server:        <address: Use the IP address 'address' to communicate with the server.>
    #       hwaddr         <mac-address: Use addr as the hardware address instead of whatever it really is.>
    #    
    method: static
    hwaddress: 
    description:
    address: 135.181.79.202
    # dotted quad or number of bits
    #
    # the entry will be: address/netmask
    netmask: 255.255.255.192
    gateway: 135.181.79.193
    metric: 
    pointopoint: 
    mtu: 
    scope: 
    # additional user by dhcp method
    #
    hostname:
    leasehours:
    leasetime:
    vendor:
    client:
    # additional used by bootp method
    #
    bootfile:
    server:
    hwaddr:
    # optional dns settings nameservers: []
    # nameservers:
    #  - "194.150.168.168"  # dns.as250.net
    #  - "91.239.100.100"   # anycast.censurfridns.dk
    # optional additional subnets/ips subnets: []
    # subnets: 
    #   - '192.168.123.0/24'
    #   - '192.168.124.11/32'
    # optional bridge parameters bridge: {}
    # bridge:
    #   ports:
    #   stp:
    #   fd:
    #   maxwait:
    #   waitport:
    bridge: {}
    #  optional bonding parameters bond: {}
    #  bond:
    #    master
    #    primary
    #    slave
    #    mode:
    #    miimon:
    #    lacp-rate:
    #    ad-select-rate:
    #    master:
    #    slaves:
    bond: {}
    # optional vlan settings | vlan: {}
    # vlan: {}
    #   raw-device: 'eth0'
    vlan: {}
    # inline hook scripts
    #
    # example:
    #
    # up:
    #   - !!str "route add -net 135.181.79.192 netmask 255.255.255.192 gw 135.181.79.193 dev enp35s0"
    #
    pre-up: [] # pre-up script lines
    up:
      - !!str "route add -net 135.181.79.192 netmask 255.255.255.192 gw 135.181.79.193 dev enp35s0"
    post-up: [] # post-up script lines (alias for up)
    pre-down: [] # pre-down script lines (alias for down)
    down: [] # down script lines
    post-down: [] # post-down script lines
  - device: enp35s0
    # use only once per device (for the first device entry)
    headline:
    # auto & allow are only used for the first device entry
    allow: [] # array of allow-[stanzas] eg. allow-hotplug
    auto: 
    family: inet6
    method: static
    description:
    address: 2a01:4f9:4b:17ce::2
    netmask: 64
    gateway: fe80::1
    # optional dns settings nameservers: []
    # nameservers:
    #  - "194.150.168.168"  # dns.as250.net
    #  - "91.239.100.100"   # anycast.censurfridns.dk
    # optional additional subnets/ips subnets: []
    # subnets: 
    #   - '192.168.123.0/24'
    #   - '192.168.124.11/32'
    # optional bridge parameters bridge: {}
    # bridge:
    #   ports:
    #   stp:
    #   fd:
    #   maxwait:
    #   waitport:
    bridge: {}
    #  optional bonding parameters bond: {}
    #  bond:
    #    mode:
    #    miimon:
    #    master:
    #    slaves:
    #    lacp-rate:
    bond: {}
    # optional vlan settings | vlan: {}
    # vlan: {}
    #   raw-device: 'eth0'
    vlan: {}
    # inline hook scripts
    pre-up: []# pre-up script lines
    up: [] # up script lines
    post-up: [] # post-up script lines (alias for up)
    pre-down: [] # pre-down script lines (alias for down)
    down: [] # down script lines
    post-down: [] # post-down script lines
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 #apt_manage_sources_list: false
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 create_sftp_group: true
 default_user:
  - name: chris
    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 extra_system_user:
  - name: www-data
    home: /var/www
    groups: sftp_users
 sudo_users:
  - chris
  - sysadm
  - localadmin
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 git_firewall_repository:
  name: ipt-server
  repo: https://git.oopen.de/firewall/ipt-server
  dest: /usr/local/src/ipt-server
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/172.16.122.2.yml
+++ b/host_vars/172.16.122.2.yml
@ -1,309 +0,0 @@
 ---
 # ---
 # vars used by roles/network_interfaces
 # ---
 # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted
 network_manage_devices: True
 # Should the interfaces be reloaded after config change?
 network_interface_reload: False
 network_interface_path: /etc/network/interfaces.d
 network_interface_required_packages:
  - vlan
  - bridge-utils
  - ifmetric
  - ifupdown
  - ifenslave
 network_interfaces:
  - device: eno1
    headline: eno1 - Uplink DSL via Fritz!Box
    auto: true
    family: inet
    method: static
    address: 172.16.122.2
    netmask: 24
    gateway: 172.16.122.254
  - device: eno2
    headline: eno2 -  LAN 
    auto: true
    family: inet
    method: static
    address: 192.168.122.253
    netmask: 24
  - device: eno2:ns
    headline: eno2:ns - Alias on eno5 (Nameserver)
    auto: true
    family: inet
    method: static
    address: 192.168.122.2
    netmask: 32
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 # ---
 # vars used by roles/common/tasks/cron.yml
 # ---
 cron_user_entries:
  - name: "Check if Postfix Mailservice is up and running?"
    minute: '*/15'
    hour: '*'
    job: /root/bin/monitoring/check_postfix.sh
  - name: "Check if SSH service is up and running?"
    minute: '*/15'
    hour: '*'
    job: /root/bin/monitoring/check_ssh.sh
  - name: "Check if OpenVPN service is up and running?"
    minute: '*/30'
    hour: '*'
    job: /root/bin/monitoring/check_vpn.sh
  - name: "Check if nameservice (bind) is running?"
    minute: '*/10'
    hour: '*'
    job: /root/bin/monitoring/check_dns.sh
  - name: "Check forwarding ( /proc/sys/net/ipv4/ip_forward contains \"1\" )"
    minute: '0-59/2'
    hour: '*'
    job: /root/bin/monitoring/check_forwarding.sh
  - name: "Copy gateway configuration"
    minute: '09'
    hour: '3'
    job: /root/bin/manage-gw-config/copy_gateway-config.sh ANW-KM
 #cron_user_special_time_entries: []
 cron_user_special_time_entries:
  - name: "Check if Postfix Service is running at boot time"
    special_time: reboot
    job: "sleep 7 ; /root/bin/monitoring/check_postfix.sh"
    insertafter: PATH
  - name: "Restart Systemd's resolved at boottime."
    special_time: reboot
    job: "sleep 10 ; /bin/systemctl restart systemd-resolved"
    insertafter: PATH
  - name: "Restart NTP service 'ntpsec'"
    special_time: reboot
    job: "sleep 15 ; /bin/systemctl restart ntpsec"
    insertafter: PATH
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 sshd_hostkeyalgorithms:
  - ssh-ed25519
  - ssh-ed25519-cert-v01@openssh.com
  - rsa-sha2-256
  - rsa-sha2-512
  - ecdsa-sha2-nistp256
  - rsa-sha2-256-cert-v01@openssh.com
  - rsa-sha2-512-cert-v01@openssh.com
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 # ---
 # vars used by roles/common/tasks/systemd-resolved.yml
 # ---
 systemd_resolved: true
 # CyberGhost - Schnelle Verbindung mit Keine-Logs-Datenschutzrichtlinie
 #   Primäre DNS-Adresse: 38.132.106.139
 #   Sekundäre DNS-Adresse: 194.187.251.67
 #
 # Cloudflare (USA) Bester kostenloser DNS-Server für Gaming mit zuverlässigen Verbindungen
 #   primäre DNS-Adresse
 #      IPv4: 1.1.1.1
 #      IPv6: 2606:4700:4700::1111
 #   sekundäre DNS-Adresse
 #      IPv4: 1.0.0.1
 #      IPv6: 2606:4700:4700::1001
 #
 # Google (USA) Public DNS - Großartige Kombination aus Geschwindigkeit und Sicherheit
 #   primäre DNS-Adresse
 #      IPv4: 8.8.8.8
 #      IPv6: 2001:4860:4860::8888
 #   sekundäre DNS-Adresse
 #      IPv4: 8.8.4.4
 #      IPv6: 2001:4860:4860::8844
 #
 # Quad9 (CH) - Blockiert mühelos schädliche Seiten und verhindert Phishing-Betrug
 #   primäre DNS-Adresse
 #      IPv4: 9.9.9.9
 #      IPv6: 2620:fe::fe
 #   sekundäre DNS-Adresse
 #      IPv4: 149.112.112.112
 #      IPv6: 2620:fe::9
 #
 # OpenNIC - https://www.opennic.org/
 #      IPv4: 195.10.195.195 - ns31.de
 #      IPv4: 94.16.114.254  - ns28.de
 #      IPv4: 51.254.162.59  - ns9.de
 #      IPv4: 194.36.144.87  - ns29.de
 #      IPv6: 2a00:f826:8:2::195 - ns31.de
 #
 # Freifunk München (normales DNS, DNS-over-TLS und DNS-over-HTTPS)
 #    IPv4: 5.1.66.255
 #    IPv6: 2001:678:e68:f000::
 #    Servername für DNS-over-TLS: dot.ffmuc.net
 #    IPv4: 185.150.99.255
 #    IPv6: 2001:678:ed0:f000::
 #    Servername für DNS-over-TLS: dot.ffmuc.net
 #    für iOS 14+: DoT-Server-Konfiguration (unsigniert, vom PrHdb)
 resolved_nameserver:
  - 127.0.0.1
 # search domains
 #
 # If there are more than one search domains, then specify them here in the order in which
 # the resolver should also search them
 #
 #resolved_domains: []
 resolved_domains:
  - ~.
  - anw-km.netz
 resolved_dnssec: false
 # dns.as250.net: 194.150.168.168
 #
 resolved_fallback_nameserver:
   - 194.150.168.168
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 insert_ssh_keypair_backup_server: false
 ssh_keypair_backup_server:
  - name: backup
    backup_user: back
    priv_key_src: root/.ssh/id_rsa.backup.oopen.de
    priv_key_dest: /root/.ssh/id_rsa
    pub_key_src: root/.ssh/id_rsa.backup.oopen.de.pub
    pub_key_dest: /root/.ssh/id_rsa.pub
 insert_keypair_backup_client: true
 ssh_keypair_backup_client:
  - name: backup
    priv_key_src: root/.ssh/id_ed25519.oopen-server
    priv_key_dest: /root/.ssh/id_ed25519
    pub_key_src: root/.ssh/id_ed25519.oopen-server.pub
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.oopen.de
 default_user:
  - name: chris
    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
 sudo_users:
  - chris
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 install_bind_packages: true
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 git_firewall_repository:
  name: ipt-gateway
  repo: https://git.oopen.de/firewall/ipt-gateway
  dest: /usr/local/src/ipt-gateway
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/172.16.63.32.yml
+++ b/host_vars/172.16.63.32.yml
@ -1,115 +0,0 @@
 ---
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 copy_additional_plain_files_sysctl:
  - name: enable-ipv6
    src_path: etc/sysctl.d/30-enable-ipv6.conf
    dest_path: /etc/sysctl.d/30-enable-ipv6.conf
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 install_bind_packages: true
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 git_firewall_repository:
  name: ipt-gateway
  repo: https://git.oopen.de/firewall/ipt-gateway
  dest: /usr/local/src/ipt-gateway
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/37.27.121.218.yml
+++ b/host_vars/37.27.121.218.yml
@ -1,523 +0,0 @@
 ---
 # ---
 # vars used by roles/network_interfaces
 # ---
 # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted
 network_manage_devices: True
 # Should the interfaces be reloaded after config change?
 network_interface_reload: False
 network_interface_path: /etc/network/interfaces.d
 network_interface_required_packages:
  - vlan
  - bridge-utils
  - ifmetric
  - ifupdown
  - ifenslave
 network_interfaces:
  # Many device configurations are possible (as many as needed)
  #
  - device: enp6s0
    # use only once per device (for the first device entry)
    headline: enp6s0 - primary device
    # auto & allow are only used for the first entry of that devicei-name)
    #
    allow: [] # array of allow-[stanzas] eg. allow-hotplug
    auto: true
    family: inet
    # The statisc Mode
    #    Options
    #       address        <dotted quad address[/netmask]>
    #       gateway        <dotted quad address>
    #       pointopoint    <Address of other end point (dotted quad). Note the spelling of "point-to">
    #       hwaddress      <mac-address>
    #       mtu            <size>
    #       scope          <Address validity scope. Possible values: global, link, host>
    #
    # The manual Method
    #    Options
    #       hwaddress      <mac-address>
    #       mtu            <size>
    #
    # The dhcp Method
    #    Options
    #       hwaddress      <mac-address>
    #       hostname       <Hostname to be requested (pump, dhcpcd, udhcpc)>
    #       metric         <metric>
    #       leasehours     <Preferred lease time in hours (pump)>
    #       leasetime      <Preferred lease time in seconds (dhcpcd)>
    #       vendor         <Vendor class identifier (dhcpcd)>
    #       client         <Client identifier (dhcpcd), or "no" (dhclient)>
    #    
    # The bootp Method  
    #    Options
    #       bootfile:      <file: Tell the server to use 'file' as the bootfile.>
    #       server:        <address: Use the IP address 'address' to communicate with the server.>
    #       hwaddr         <mac-address: Use addr as the hardware address instead of whatever it really is.>
    #    
    method: static
    hwaddress: 
    description:
    address: 37.27.129.85
    # dotted quad or number of bits
    #
    # the entry will be: address/netmask
    netmask: 26
    gateway: 37.27.129.65
    metric: 
    pointopoint: 
    mtu: 
    scope: 
    # additional user by dhcp method
    #
    hostname:
    leasehours:
    leasetime:
    vendor:
    client:
    # additional used by bootp method
    #
    bootfile:
    server:
    hwaddr:
    # optional dns settings nameservers: []
    #
    #    nameservers:
    #      - 194.150.168.168  # dns.as250.net
    #      - 91.239.100.100   # anycast.censurfridns.dk
    #    search: warenform.de
    #
    #nameservers:
    #  - 185.12.64.1
    #  - a01:4ff:ff00::add:2
    #search:
    # optional additional subnets/ips subnets: []
    # subnets: 
    #   - '192.168.123.0/24'
    #   - '192.168.124.11/32'
    # optional bridge parameters bridge: {}
    # bridge:
    #   ports:
    #   stp:
    #   fd:
    #   maxwait:
    #   waitport:
    bridge: {}
    #  optional bonding parameters bond: {}
    #  bond:
    #    master
    #    primary
    #    slave
    #    mode:
    #    miimon:
    #    lacp-rate:
    #    ad-select-rate:
    #    master:
    #    slaves:
    bond: {}
    # optional vlan settings | vlan: {}
    # vlan: {}
    #   raw-device: 'eth0'
    vlan: {}
    # inline hook scripts
    #
    # example:
    #
    # up:
    #   - !!str "route add -net 135.181.79.192 netmask 255.255.255.192 gw 135.181.79.193 dev enp6s0"
    #
    pre-up: [] # pre-up script lines
    up:
      - !!str "route add -net 37.27.129.64 netmask 255.255.255.192 gw 37.27.129.65 dev enp6s0"
    post-up: [] # post-up script lines (alias for up)
    pre-down: [] # pre-down script lines (alias for down)
    down: [] # down script lines
    post-down: [] # post-down script lines
  - device: enp6s0
    # use only once per device (for the first device entry)
    headline:
    # auto & allow are only used for the first device entry
    allow: [] # array of allow-[stanzas] eg. allow-hotplug
    auto: 
    family: inet6
    method: static
    address: 2a01:4f9:3071:1141::2
    netmask: 64
    gateway: fe80::1
    metric:
    pointopoint:
    mtu:
    scope:
    # additional user by dhcp method
    #
    hostname:
    leasehours:
    leasetime:
    vendor:
    client:
    # additional used by bootp method
    #
    bootfile:
    server:
    hwaddr:
    # optional dns settings nameservers: []
    #
    #    nameservers:
    #      - 194.150.168.168  # dns.as250.net
    #      - 91.239.100.100   # anycast.censurfridns.dk
    #    search: warenform.de
    #
    nameservers:
    search:
    # optional additional subnets/ips subnets: []
    # subnets: 
    #   - '192.168.123.0/24'
    #   - '192.168.124.11/32'
    # optional bridge parameters bridge: {}
    # bridge:
    #   ports:
    #   stp:
    #   fd:
    #   maxwait:
    #   waitport:
    bridge: {}
    #  optional bonding parameters bond: {}
    #  bond:
    #    mode:
    #    miimon:
    #    master:
    #    slaves:
    #    lacp-rate:
    bond: {}
    # optional vlan settings | vlan: {}
    # vlan: {}
    #   raw-device: 'eth0'
    vlan: {}
    # inline hook scripts
    pre-up: []# pre-up script lines
    up: [] # up script lines
    post-up: [] # post-up script lines (alias for up)
    pre-down: [] # pre-down script lines (alias for down)
    down: [] # down script lines
    post-down: [] # post-down script lines
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 #apt_manage_sources_list: false
 # ---
 # vars used by roles/common/tasks/systemd-resolved.yml
 # ---
 systemd_resolved: true
 # CyberGhost - Schnelle Verbindung mit Keine-Logs-Datenschutzrichtlinie
 #   Primäre DNS-Adresse: 38.132.106.139
 #   Sekundäre DNS-Adresse: 194.187.251.67
 #
 # Cloudflare (USA) Bester kostenloser DNS-Server für Gaming mit zuverlässigen Verbindungen
 #   primäre DNS-Adresse
 #      IPv4: 1.1.1.1
 #      IPv6: 2606:4700:4700::1111
 #   sekundäre DNS-Adresse
 #      IPv4: 1.0.0.1
 #      IPv6: 2606:4700:4700::1001
 #
 # Google (USA) Public DNS - Großartige Kombination aus Geschwindigkeit und Sicherheit
 #   primäre DNS-Adresse
 #      IPv4: 8.8.8.8
 #      IPv6: 2001:4860:4860::8888
 #   sekundäre DNS-Adresse
 #      IPv4: 8.8.4.4
 #      IPv6: 2001:4860:4860::8844
 #
 # Quad9 (CH) - Blockiert mühelos schädliche Seiten und verhindert Phishing-Betrug
 #   primäre DNS-Adresse
 #      IPv4: 9.9.9.9
 #      IPv6: 2620:fe::fe
 #   sekundäre DNS-Adresse
 #      IPv4: 149.112.112.112
 #      IPv6: 2620:fe::9
 #
 # OpenNIC - https://www.opennic.org/
 #      IPv4: 195.10.195.195 - ns31.de
 #      IPv4: 94.16.114.254  - ns28.de
 #      IPv4: 51.254.162.59  - ns9.de
 #      IPv4: 194.36.144.87  - ns29.de
 #      IPv6: 2a00:f826:8:2::195 - ns31.de
 #
 # Freifunk München (normales DNS, DNS-over-TLS und DNS-over-HTTPS)
 #    IPv4: 5.1.66.255
 #    IPv6: 2001:678:e68:f000::
 #    Servername für DNS-over-TLS: dot.ffmuc.net
 #    IPv4: 185.150.99.255
 #    IPv6: 2001:678:ed0:f000::
 #    Servername für DNS-over-TLS: dot.ffmuc.net
 #    für iOS 14+: DoT-Server-Konfiguration (unsigniert, vom PrHdb)
 resolved_nameserver:
  - 185.12.64.1
  - 2a01:4ff:ff00::add:2
  - 185.12.64.2
  - 2a01:4ff:ff00::add:1
 # search domains
 #
 # If there are more than one search domains, then specify them here in the order in which
 # the resolver should also search them
 #
 #resolved_domains: []
 resolved_domains:
  - ~.
  - oopen.de
 resolved_dnssec: false
 # dns.as250.net: 194.150.168.168
 #
 resolved_fallback_nameserver:
   - 194.150.168.168
 # ---
 # vars used by roles/common/tasks/cron.yml
 # ---
 cron_env_entries:
  - name: PATH
    job: /root/bin/admin-stuff:/root/bin:/usr/local/apache2/bin:/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
  - name: SHELL
    job: /bin/bash
    insertafter: PATH
 cron_user_special_time_entries:
  - name: "Restart DNS Cache service 'systemd-resolved'"
    special_time: reboot
    job: "sleep 5 ; /bin/systemctl restart systemd-resolved"
    insertafter: PATH
  - name: "Check if postfix mailservice is running. Restart service if needed."
    special_time: reboot
    job: "sleep 10 ; /root/bin/monitoring/check_postfix.sh > /dev/null 2>&1"
    insertafter: PATH
 cron_user_entries:
  - name: "Remote Borg Backup"
    minute: '04'
    hour: '00'
    job: /root/crontab/backup-rborg/rborg.sh
  - name: "Check if SSH service is running. Restart service if needed."
    minute: '*/5'
    hour: '*'
    job: /root/bin/monitoring/check_ssh.sh
  - name: "Check connectifity - reboot if needed"
    minute: '*/10'
    hour: '*'
    job: /root/bin/admin-stuff/check-connectivity.sh
  - name: "Check if Postfix Mailservice is up and running?"
    minute: '*/15'
    hour: '*'
    job: /root/bin/monitoring/check_postfix.sh
  - name: "Check if NTP service 'ntpsec' is up and running?"
    minute: '*/30'
    hour: '*'
    job: /root/bin/monitoring/check_ntpsec_service.sh > /dev/null 2>&1
 #  - name: "Backup internet hosts and then print out hdd-usage for all backuped hosts"
 #    minute: '16'
 #    hour: '00'
 #    weekday: '1-6'
 #    job: /root/crontab/backup-rcopy/rcopy.sh -B ; /root/crontab/backup-rcopy/rcopy.sh -N
 #
 #  - name: "On sunday morning also determin diskspace usage"
 #    minute: '16'
 #    hour: '00'
 #    weekday: 7
 #    job: /root/crontab/backup-rcopy/rcopy.sh -B ; /root/crontab/backup-rcopy/rcopy.sh -N ; /root/bin/admin-stuff/disk-space_usage.sh -q -o /root/disk-space_usage /backup
 #
 #  - name: "Generate/Renew Let's Encrypt Certificates if needed (using dehydrated script)"
 #    minute: '23'
 #    hour: '05'
 #    job: /var/lib/dehydrated/cron/dehydrated_cron.sh
 #
 #  - name: "Check whether all certificates are included in the VHOST configurations"
 #    minute: '33'
 #    hour: '05'
 #    job: /var/lib/dehydrated/tools/update_ssl_directives.sh
  - name: "Check hard disc usage."
    minute: '43'
    hour: '6'
    job: /root/bin/admin-stuff/check-disc-usage.sh -c 85
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 create_sftp_group: true
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$LIF1RrShGDGdCXkUubRPR/$N8M5c/dhBdJkJrLP3/Lchyosjg0FxaQ2M4epvuzTI78
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 extra_system_user:
  - name: www-data
    home: /var/www
    groups: sftp_users
 sudo_users:
  - chris
  - sysadm
  - localadmin
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 git_firewall_repository:
  name: ipt-server
  repo: https://git.oopen.de/firewall/ipt-server
  dest: /usr/local/src/ipt-server
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/backup.oopen.de.yml
+++ b/host_vars/backup.oopen.de.yml
@ -22,16 +22,21 @@ root_ssh_keypair:
    priv_key_dest: /root/.ssh/id_ed25519-borg-backup
    pub_key_src: backup.oopen.de/root/.ssh/id_ed25519-borg-backup.pub
    pub_key_dest: /root/.ssh/id_ed25519-borg-backup.pub
-  - name: id_rsa
+  - name: id_ed25519-backup
-    priv_key_src: backup.oopen.de/root/.ssh/id_rsa
+    priv_key_src: backup.oopen.de/root/.ssh/id_ed25519-backup
-    priv_key_dest: /root/.ssh/id_rsa
+    priv_key_dest: /root/.ssh/id_ed25519-backup
-    pub_key_src: backup.oopen.de/root/.ssh/id_rsa.pub
+    pub_key_src: backup.oopen.de/root/.ssh/id_ed25519-backup.pub
-    pub_key_dest: /root/.ssh/id_rsa.pub
+    pub_key_dest: /root/.ssh/id_ed25519-backup.pub
  - name: id_ed25519-gitea
    priv_key_src: backup.oopen.de/root/.ssh/id_ed25519-gitea
-    priv_key_dest: /root/.ssh/id_rsa
+    priv_key_dest: /root/.ssh/id_ed25519-gitea
    pub_key_src: backup.oopen.de/root/.ssh/id_ed25519-gitea.pub
-    pub_key_dest: /root/.ssh/id_rsa.pub
+    pub_key_dest: /root/.ssh/id_ed25519-gitea.pub
 #  - name: id_rsa
 #    priv_key_src: backup.oopen.de/root/.ssh/id_rsa
 #    priv_key_dest: /root/.ssh/id_rsa
 #    pub_key_src: backup.oopen.de/root/.ssh/id_rsa.pub
 #    pub_key_dest: /root/.ssh/id_rsa.pub
 # ---
@ -236,11 +241,9 @@ default_user:
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMvy+IDUeoVwLg+cJNcKzls5guOrVUretsf05v3Y2N+Y root@default-oopen-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcEPd+MDJKzWqWStt3XpJU1OpJ0uxmipacIGkm6k3MS root@default-warenform-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQMCGCyIvs5hoNDoTIkKvKmEbxLf+uCYI1vx//ZQYY root@o26-backup'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/eGKbdxPYu7L/b/DjZrWek50e0AnkHFZS+zV12o5jy root@borg-client-key-warenform'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6Sra1D8JU2A68G4rSny7D0ukYKy89NVMXbdxrtdZwr root@borg-client-key-oopen'
  - name: borg
    user_id: 1065
--- a/host_vars/backup.warenform.de.yml
+++ b/host_vars/backup.warenform.de.yml
@ -36,11 +36,17 @@ root_ssh_keypair:
    pub_key_src: backup.warenform.de/root/.ssh/id_ed25519-borg-backup.pub
    pub_key_dest: /root/.ssh/id_ed25519-borg-backup.pub
-  - name: id_rsa
+  - name: id_ed25519-backup
-    priv_key_src: backup.warenform.de/root/.ssh/id_rsa
+    priv_key_src: backup.warenform.de/root/.ssh/id_ed25519-backup
-    priv_key_dest: /root/.ssh/id_rsa
+    priv_key_dest: /root/.ssh/id_ed25519-backup
-    pub_key_src: backup.warenform.de/root/.ssh/id_rsa.pub
+    pub_key_src: backup.warenform.de/root/.ssh/id_ed25519-backup.pub
-    pub_key_dest: /root/.ssh/id_rsa.pub
+    pub_key_dest: /root/.ssh/id_ed25519-backup.pub
 #  - name: id_rsa
 #    priv_key_src: backup.warenform.de/root/.ssh/id_rsa
 #    priv_key_dest: /root/.ssh/id_rsa
 #    pub_key_src: backup.warenform.de/root/.ssh/id_rsa.pub
 #    pub_key_dest: /root/.ssh/id_rsa.pub
 # ---
@ -237,11 +243,9 @@ default_user:
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMvy+IDUeoVwLg+cJNcKzls5guOrVUretsf05v3Y2N+Y root@default-oopen-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcEPd+MDJKzWqWStt3XpJU1OpJ0uxmipacIGkm6k3MS root@default-warenform-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQMCGCyIvs5hoNDoTIkKvKmEbxLf+uCYI1vx//ZQYY root@o26-backup'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/eGKbdxPYu7L/b/DjZrWek50e0AnkHFZS+zV12o5jy root@borg-client-key-warenform'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6Sra1D8JU2A68G4rSny7D0ukYKy89NVMXbdxrtdZwr root@borg-client-key-oopen'
  - name: borg
    user_id: 1065
--- a/host_vars/bbb-server.b3-bornim.netz.yml
+++ b/host_vars/bbb-server.b3-bornim.netz.yml
@ -161,54 +161,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$LIF1RrShGDGdCXkUubRPR/$N8M5c/dhBdJkJrLP3/Lchyosjg0FxaQ2M4epvuzTI78
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
--- a/host_vars/file-ah.kanzlei-kiel.netz.yml
+++ b/host_vars/file-ah.kanzlei-kiel.netz.yml
@ -185,59 +185,6 @@ resolved_fallback_nameserver:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$1X6iXiYz2fIQcfKWSSzno1$9Uos8SGn/8V3oHWwiR6kaRPfUuIrxKP8kRNUZ1.da3/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - localadmin
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
--- a/host_vars/file-blkr-alt.blkr.netz.yml
+++ b/host_vars/file-blkr-alt.blkr.netz.yml
@ -182,59 +182,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$qmeacaq0WLATk6o7374lj1$1MrdyEubi5m4E9MCNZWrS04nZi1Qgk4vHu.J5LwKrJB:19757
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - localadmin
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
--- a/host_vars/file-blkr.blkr.netz.yml
+++ b/host_vars/file-blkr.blkr.netz.yml
@ -182,59 +182,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$qmeacaq0WLATk6o7374lj1$1MrdyEubi5m4E9MCNZWrS04nZi1Qgk4vHu.J5LwKrJB:19757
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - localadmin
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/file-dissens.dissens.netz.yml
+++ b/host_vars/file-dissens.dissens.netz.yml
@ -0,0 +1,396 @@
 ---
 # ---
 # vars used by roles/network_interfaces
 # ---
 # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted
 network_manage_devices: True
 # Should the interfaces be reloaded after config change?
 network_interface_reload: False
 network_interface_path: /etc/network/interfaces.d
 network_interface_required_packages:
  - vlan
  - bridge-utils
  - ifmetric
  - ifupdown
  - ifenslave
 network_interfaces:
  - device: eno1np0
    # use only once per device (for the first device entry)
    headline: eno1 - LAN
    # auto & allow are only used for the first device entry
    allow: [] # array of allow-[stanzas] eg. allow-hotplug
    auto: true
    family: inet
    method: static
    description:
    address: 192.168.132.10
    netmask: 24
    gateway: 192.168.132.254
    # optional dns settings nameservers: []
    #
    #    nameservers:
    #      - 194.150.168.168  # dns.as250.net
    #      - 91.239.100.100   # anycast.censurfridns.dk
    #    search: warenform.de
    #
    #nameservers:
    #  - 192.168.132.1
    #search: blkr.netz
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 # ---
 # vars used by roles/common/tasks/systemd-resolved.yml
 # ---
 systemd_resolved: true
 # CyberGhost - Schnelle Verbindung mit Keine-Logs-Datenschutzrichtlinie
 #   Primäre DNS-Adresse: 38.132.106.139
 #   Sekundäre DNS-Adresse: 194.187.251.67
 #
 # Cloudflare (USA) Bester kostenloser DNS-Server für Gaming mit zuverlässigen Verbindungen
 #   primäre DNS-Adresse
 #      IPv4: 1.1.1.1
 #      IPv6: 2606:4700:4700::1111
 #   sekundäre DNS-Adresse
 #      IPv4: 1.0.0.1
 #      IPv6: 2606:4700:4700::1001
 #
 # Google (USA) Public DNS - Großartige Kombination aus Geschwindigkeit und Sicherheit
 #   primäre DNS-Adresse
 #      IPv4: 8.8.8.8
 #      IPv6: 2001:4860:4860::8888
 #   sekundäre DNS-Adresse
 #      IPv4: 8.8.4.4
 #      IPv6: 2001:4860:4860::8844
 #
 # Quad9 (CH) - Blockiert mühelos schädliche Seiten und verhindert Phishing-Betrug
 #   primäre DNS-Adresse
 #      IPv4: 9.9.9.9
 #      IPv6: 2620:fe::fe
 #   sekundäre DNS-Adresse
 #      IPv4: 149.112.112.112
 #      IPv6: 2620:fe::9
 #
 # OpenNIC - https://www.opennic.org/
 #      IPv4: 195.10.195.195 - ns31.de
 #      IPv4: 94.16.114.254  - ns28.de
 #      IPv4: 51.254.132.59  - ns9.de
 #      IPv4: 194.36.144.87  - ns29.de
 #      IPv6: 2a00:f826:8:2::195 - ns31.de
 #
 # Freifunk München (normales DNS, DNS-over-TLS und DNS-over-HTTPS)
 #    IPv4: 5.1.66.255
 #    IPv6: 2001:678:e68:f000::
 #    Servername für DNS-over-TLS: dot.ffmuc.net
 #    IPv4: 185.150.99.255
 #    IPv6: 2001:678:ed0:f000::
 #    Servername für DNS-over-TLS: dot.ffmuc.net
 #    für iOS 14+: DoT-Server-Konfiguration (unsigniert, vom PrHdb)
 resolved_nameserver:
  - 192.168.132.1
 # search domains
 #
 # If there are more than one search domains, then specify them here in the order in which
 # the resolver should also search them
 #
 #resolved_domains: []
 resolved_domains:
  - ~.
  - dissens.netz
 resolved_dnssec: false
 # dns.as250.net: 194.150.168.168
 #
 resolved_fallback_nameserver:
   - 194.150.168.168
 # ---
 # vars used by roles/common/tasks/cron.yml
 # ---
 cron_user_special_time_entries:
  - name: "Restart DNS Cache service 'systemd-resolved'"
    special_time: reboot
    job: "sleep 10 ; /bin/systemctl restart systemd-resolved"
    insertafter: PATH
  - name: "Restart NTP Service ntpsec"
    special_time: reboot
    job: "sleep 15 ; /bin/systemctl restart intpsec > /dev/null 2>&1"
    insertafter: PATH
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 sudoers_file_user_aliases:
   - name: MAIN_USER
     entry: 'malte.taeubrich, ulla.wittenzellner, sarah.klemm, bernard.koennecke, elenor.faellgrem,mario.freidank '
 sudoers_file_cmnd_aliases:
   - name: REBOOT 
     entry: '/sbin/reboot'
   - name: MANAGE_SERVICE
     entry: '/usr/bin/systemctl'
 sudoers_file_user_privileges:
  - name: MAIN_USER
    entry: ALL = REBOOT
  - name: MAIN_USER
    entry: ALL = MANAGE_SERVICE
 #  - name: julius
 #    entry: 'ALL=(root) NOPASSWD: /sbin/reboot'
 #  - name: josephine
 #    entry: 'ALL=(root) NOPASSWD: /sbin/reboot'
 #  - name: sebastian
 #    entry: 'ALL=(root) NOPASSWD: /sbin/reboot'
 #  - name: julius-e
 #    entry: 'ALL=(root) NOPASSWD: /sbin/reboot'
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 # ---
 # vars used by roles/common/tasks/nfs.yml
 # ---
 nfs_server: 192.168.132.10
 # Set 'fs_encrypted' to true if filesystem lives on an encrypted
 # partition.
 #
 # NOTE !!
 #    Take car to increase 'fsid' in case of more than one export
 #
 nfs_exports:
   - src: 192.168.132.10:/data/samba/shares
     path: /data/samba/shares
     mount_opts: users,rsize=8192,wsize=8192,hard,intr
     export_opt: rw,root_squash,sync,subtree_check
     export_networks:
       - 192.168.132.0/24
       - 10.0.192.0/24
       - 10.1.192.0/24
       - 192.168.63.0/24
     use_fsid_option: true
 # ---
 # vars used by roles/common/tasks/samba-config-server.yml
 # vars used by roles/common/tasks/samba-user.yml
 # ---
 samba_server_ip: 192.168.132.10
 samba_server_cidr_prefix: 24
 samba_workgroup: DISSENS
 samba_netbios_name: FILE-DISSENS
 samba_server_min_protocol: !!str NT1
 samba_groups:
  - name: team
    group_id: 1100
  - name: projekte
    group_id: 1110
  - name: verwaltung
    group_id: 1120
  - name: gf
    group_id: 1120
 samba_user:
  - name: bernard.koennecke
    groups:
      - gf
      - projekte
      - team
      - verwaltung
    password: '20.ber-n4rd.ko3n-3cke-24!'
  - name: chris
    groups:
      - gf
      - projekte
      - team
      - verwaltung
    password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          63643330373231636537366333326630333265303265653933613835656262323863363038653234
          3462653135633266373439626263356636646637643035340a653466356235346663626163306363
          61313164643061306433643738643563303036646334376536626531383965303036386162393832
          6631333038306462610a356535633265633563633962333137326533633834636331343562633765
          3631
  - name: david.gelhaar
    groups:
      - projekte
      - team
      - verwaltung
    password: '20-da-v1d.g3lh44r_24%'
  - name: elenor.faellgrem
    groups:
      - projekte
      - team
    password: '20/313n0r-g3l.h4r/24?'
  - name: johanna.hess
    groups:
      - buero
      - verwaltung
    password: '20_j0.h4nn4_h3ss-24+'
  - name: leonie
    groups:
      - buero
      - verwaltung
    password: '6.4aVX7rQ-9H'
  - name: philip
    groups:
      - buero
      - verwaltung
    password: 'fN%749Psv_NR'
  - name: buero1
    groups:
      - buero
    password: 'Mfr!7tK+d49C'
  - name: buero2
    groups:
      - buero
    password: 'gW-wg3Pttf4/'
  - name: buero3
    groups:
      - buero
    password: 'Qc-WyMhJ/3-2'
  - name: referendariat
    groups:
      - buero
    password: '4/zCNXnVF7+i'
  - name: ref1
    groups:
      - buero
    password: '???'
  - name: sebastian
    groups:
      - buero
      - verwaltung
    password: 'bhNC.P5eTy-2'
  - name: buero-05
    groups:
      - buero
    password: '5/SXbV-M3vmQ'
  - name: buero-06
    groups:
      - buero
    password: 'N-ba2R+i/2eM'
 base_home: /data/home
 # remove_samba_users:
 #   - name: name1
 #   - name: name2
 #
 remove_samba_users: []
 samba_shares:
  - name: buero
    comment: Buero auf Fileserver
    path: /data/samba/shares/buero
    group_valid_users: buero
    group_write_list: buero
    file_create_mask: !!str 664
    dir_create_mask: !!str 2775
    vfs_object_recycle: true
    recycle_path: '@Recycle'
  - name: Verwaltung
    comment: verwaltung auf Fileserver
    path: /data/samba/shares/verwaltung
    group_valid_users: verwaltung
    group_write_list: verwaltung
    file_create_mask: !!str 664
    dir_create_mask: !!str 2775
    vfs_object_recycle: true
    recycle_path: '@Recycle'
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/file-ebs.ebs.netz.yml
+++ b/host_vars/file-ebs.ebs.netz.yml
@ -191,59 +191,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$WWsYp2DSIw4jNx5/IaKzY1$VjvTQYvSaQtJDiiNYxOUDEx9QdIPTZ1YWXSSaS1whH/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
  - localadmin
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/file-fhxb.fhxb.netz.yml
+++ b/host_vars/file-fhxb.fhxb.netz.yml
@ -161,39 +161,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$2aYNjVAaYCJ7KuKYMjX3o1$M7E8/NkOHJnmmVcx0zD27oYExIf2aEergJ1KBnVbn92
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/file-kb.anw-kb.netz.yml
+++ b/host_vars/file-kb.anw-kb.netz.yml
@ -117,39 +117,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$LIF1RrShGDGdCXkUubRPR/$N8M5c/dhBdJkJrLP3/Lchyosjg0FxaQ2M4epvuzTI78
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/file-km.anw-km.netz.yml
+++ b/host_vars/file-km.anw-km.netz.yml
@ -181,59 +181,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$ypzdcD.iMXQGS4W1nCJvn1$pzQKmc6Y6rej4ZRBRGzAyHIyWHFhsUkTK2WYEi/a9s1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - localadmin
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
--- a/host_vars/ga-al-gw.oopen.de.yml
+++ b/host_vars/ga-al-gw.oopen.de.yml
@ -353,60 +353,6 @@ ssh_keypair_backup_client:
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.oopen.de
 default_user:
  - name: chris
    password: $y$j9T$rDrvWa/KInzTe601YYf9./$WjDlaItCrgX7gu4nCs481y8WLxiRaNJCC/MgFgKuzg3
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: maadmin
    password: $y$j9T$LCkYWvykWzrpFxIlmSUB01$e1ROfZxXAU53UdAwZAECzED4iV4LS02Q4IPQ2fycv51
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHCQRRXy0+9D+mhLniRlUpZZ3kZdZcQKXBsGnlsFYaRi maadmin@ga-st-lsx1'
  - name: wadmin
    password: $6$sLWIXKTW$i/STlSS0LijkrnGR/XMbaxJsEbrRdDYgqyCqIr.muLN5towes8yHDCXsyCYDjuaBNKPHXyFpr8lclg5DOm9OF1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF5GDIFA6/i6lzkr+EP/EZM9glrK0eSR0nmrEFgUJ4n8 wadmin@ga-st-lsx1'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID17MN6fUg0D1dMSgVYIBpIy+sDBBmiaHmXRXU63TXJA wadmin@ga-st-li1303'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKtK8/rxHL1MKX5AHrgAzUYu0kV+1iYCmknpTQ7F0ham wadmin@wolf-debtest'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcaDFxj0pYjOv/ohFVxVY2RKvy6ACZFPX9UkrUPHkbN wadmin@wolf-x1'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$awYUu9oRvV39ojITZOC7D1$czTh5HHIE32PXb0vl40ayAarm39txR4jaH1QzBscqfC
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHCQRRXy0+9D+mhLniRlUpZZ3kZdZcQKXBsGnlsFYaRi maadmin@ga-st-lsx1'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF5GDIFA6/i6lzkr+EP/EZM9glrK0eSR0nmrEFgUJ4n8 wadmin@ga-st-lsx1'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID17MN6fUg0D1dMSgVYIBpIy+sDBBmiaHmXRXU63TXJA wadmin@ga-st-li1303'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKtK8/rxHL1MKX5AHrgAzUYu0kV+1iYCmknpTQ7F0ham wadmin@wolf-debtest'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcaDFxj0pYjOv/ohFVxVY2RKvy6ACZFPX9UkrUPHkbN wadmin@wolf-x1'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$wpg8hlvMpO4PAWSVdLoJq/$dgpQh4cEnbUOQkkZzKUM4S8XzNS/Md5gMmMuNTqec74
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
 sudo_users:
  - chris
  - sysadm
  - maadmin
  - wadmin
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/gw-ah.oopen.de.yml
+++ b/host_vars/gw-ah.oopen.de.yml
@ -140,59 +140,6 @@ ssh_keypair_backup_client:
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.oopen.de
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$1X6iXiYz2fIQcfKWSSzno1$9Uos8SGn/8V3oHWwiR6kaRPfUuIrxKP8kRNUZ1.da3/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - localadmin
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
--- a/host_vars/gw-akb.oopen.de.yml
+++ b/host_vars/gw-akb.oopen.de.yml
@ -128,60 +128,6 @@ cron_user_special_time_entries:
 # ---
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$K/AHoqM8bynaxxgb6l3a41$my3J.c2hXYxkHgQviZZww5OP6ZgaaPsNscKPRSRT5E5
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$d5p0SWRwuW2CDvpMdtFcQ0$fKsGolV/38OZzTDRq00wjrbw3MfnJkUAWMreb3xNgT2
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$K/AHoqM8bynaxxgb6l3a41$my3J.c2hXYxkHgQviZZww5OP6ZgaaPsNscKPRSRT5E5
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$QczbPLpIHiEZFf7FChcTC0$9SoBJzI8k/j5gjRdfK/x3vc/h73sNRGyAmr0KninMn0
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
  - localadmin
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
--- a/host_vars/gw-blkr.oopen.de.yml
+++ b/host_vars/gw-blkr.oopen.de.yml
@ -249,59 +249,6 @@ ssh_keypair_backup_client:
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.oopen.de
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$qmeacaq0WLATk6o7374lj1$1MrdyEubi5m4E9MCNZWrS04nZi1Qgk4vHu.J5LwKrJB:19757
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - localadmin
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/gw-ckubu.local.netz.yml
+++ b/host_vars/gw-ckubu.local.netz.yml
@ -118,39 +118,6 @@ cron_user_special_time_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $y$j9T$KUDlIDddLeymNRsoS7Z51/$eelMaGW/JhVsCjl6nducJmjxrHpuyLStWuOGrohKZZD
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$1SUeBB9jQKPnG9JPt30O5/$aiZOeMJbJqE.cEKkFdSBxeuhma8n1thBVn00SClT3C/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$n17mARf7i72xHDBW0lfT40$2WQMFPops.4.T3H7mk7Kzh3sRt3YfJtlhtn0Vl.uU37
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/gw-dissens.oopen.de.yml
+++ b/host_vars/gw-dissens.oopen.de.yml
@ -186,40 +186,6 @@ ssh_keypair_backup_client:
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.oopen.de
 default_user:
  - name: chris
    password: $y$j9T$JLezdt23fYO1OVfqTGPLG.$0WZW1GBGvIs7aITanCemuvZ9CbHwCFg1uxMynQiO7Y/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$daq5sPNG0I8/BEqIRc8tq0$gLVISkrP7ziAnQUbBD6ZROpU2ud0/Y1Vmkqkq/yPH09
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$Sc6W8dHBquFeXxNvdaB9r1$S.yGBl7KHTvmlSNncI6cJ.2dHHg8LCoy.JSfJaZneH7
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/gw-ebs.oopen.de.yml
+++ b/host_vars/gw-ebs.oopen.de.yml
@ -186,59 +186,6 @@ ssh_keypair_backup_client:
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.oopen.de
 default_user:
  - name: chris
    password: $y$j9T$t0OK33lTuB/3TME5h/GHn.$4EjhvjhelkpUB2vqWPBdDCV3xCwBcJHpDobTkkuHxy.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$WWsYp2DSIw4jNx5/IaKzY1$VjvTQYvSaQtJDiiNYxOUDEx9QdIPTZ1YWXSSaS1whH/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$bqr.c39mSZOjjhVo/qmM2.$riPJ81SHLqfJMQ6/ZdeWNP7ma8R5nehI9mo5K8oUkw1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$uYqbl2A6vQ6WsLinzhUfG0$/w02iPud/LURbhY19DGtKWgKNFTpNEP7J.jOu5CZPh.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: borg
    user_id: 1065
    group_id: 1065
    group: borg
    password: $y$j9T$JPKlR6kIk7GJStSdmAQWq/$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - sysadm
  - localadmin
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/gw-kb.oopen.de.yml
+++ b/host_vars/gw-kb.oopen.de.yml
@ -230,38 +230,6 @@ ssh_keypair_backup_client:
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.oopen.de
 default_user:
  - name: chris
    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
 sudo_users:
  - chris
  - sysadm
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/host_vars/o13-alt.oopen.de.yml
+++ b/host_vars/o13-alt.oopen.de.yml
@ -1,187 +0,0 @@
 ---
 # ---
 # vars used by roles/network_interfaces
 # ---
 # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted
 network_manage_devices: True
 # Should the interfaces be reloaded after config change?
 network_interface_reload: False
 network_interface_path: /etc/network/interfaces.d
 network_interface_required_packages:
  - vlan
  - bridge-utils
  - ifmetric
  - ifupdown
  - ifenslave
 network_interfaces:
  - device: br0
    # use only once per device (for the first device entry)
    headline: br0 - bridge over device ens3
    # auto & allow are only used for the first device entry
    allow: [] # array of allow-[stanzas] eg. allow-hotplug
    auto: true
    family: inet
    method: manual
    hwaddress: 52:54:00:62:fb:9c
    description:
    address:
    netmask:
    gateway:
    metric:
    pointopoint:
    mtu:
    scope:
    # additional user by dhcp method
    #
    hostname:
    leasehours:
    leasetime:
    vendor:
    client:
    # additional used by bootp method
    #
    bootfile:
    server:
    hwaddr:
    # optional dns settings nameservers: []
    #
    #    nameservers:
    #      - 194.150.168.168  # dns.as250.net
    #      - 91.239.100.100   # anycast.censurfridns.dk
    #    search: warenform.de
    #
    #nameservers:
    #  - 195.201.179.131
    #  - 95.217.204.204
    #search:
    # optional additional subnets/ips subnets: []
    # subnets: 
    #   - '192.168.123.0/24'
    #   - '192.168.124.11/32'
    # optional bridge parameters bridge: {}
    # bridge:
    #   ports:
    #   stp:
    #   fd:
    #   maxwait:
    #   waitport:
    bridge:
      ports: ens3 # for mor devices support a blank separated list
      stp: !!str off
      fd: 1
      hello: 2
      maxage: 12
    #  optional bonding parameters bond: {}
    #  bond:
    #    master
    #    primary
    #    slave
    #    method:
    #    miimon:
    #    lacp-rate:
    #    ad-select-rate:
    #    master:
    #    slaves:
    bond: {}
    # optional vlan settings | vlan: {}
    # vlan: {}
    #   raw-device: 'eth0'
    vlan: {}
    # inline hook scripts
    pre-up: [] # pre-up script lines
    up: 
      - !!str "ip addr add 83.223.86.200/24 dev br0"
      - !!str "ip route add default via 83.223.86.1"
    post-up: [] # post-up script lines (alias for up)
    pre-down: [] # pre-down script lines (alias for down)
    down: [] # down script lines
    post-down: [] # post-down script lines
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 git_firewall_repository:
  name: ipt-server
  repo: https://git.oopen.de/firewall/ipt-server
  dest: /usr/local/src/ipt-server
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/o13-board.oopen.de.yml
+++ b/host_vars/o13-board.oopen.de.yml
@ -1,73 +0,0 @@
 ---
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 git_firewall_repository:
  name: ipt-server
  repo: https://git.oopen.de/firewall/ipt-server
  dest: /usr/local/src/ipt-server
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/o13-cryptpad.oopen.de.yml
+++ b/host_vars/o13-cryptpad.oopen.de.yml
@ -100,67 +100,30 @@ resolved_fallback_nameserver:
 # vars used by roles/common/tasks/users.yml
 # ---
-default_user:
+extra_user:
-  - name: chris
+  - name: marsupilami
-    password: $y$j9T$KUDlIDddLeymNRsoS7Z51/$eelMaGW/JhVsCjl6nducJmjxrHpuyLStWuOGrohKZZD
+    password: $y$j9T$guTT3egsLUFwxUGCnDJ0o0$WCQt3gXcYIpArTxbn2BunvIWG6w7GZLx./fFGJYCsd/
    shell: /bin/bash
    group: marsupilami
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4wVpkMrF4M5wKBxRAonR4gVngO9+yhBEAyhV03l6Is'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $y$j9T$1SUeBB9jQKPnG9JPt30O5/$aiZOeMJbJqE.cEKkFdSBxeuhma8n1thBVn00SClT3C/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $y$j9T$/TGIkTdH5zV4wTPsrZNko0$nGIMPM7WhOaeg4qUrwqiJ4Fvmn7He0bmYdZlXQ4ow80
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $y$j9T$n17mARf7i72xHDBW0lfT40$2WQMFPops.4.T3H7mk7Kzh3sRt3YfJtlhtn0Vl.uU37
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: cryptpad
    user_id: 2010
    group_id: 2010
    group: cryptpad
    home: /var/www/cryptpad
    password: $y$j9T$TUSURhYNq5B1eWlxis.xy.$YfCpyp24dmaZwiIEMaJvX7u3P.MEdAyz8YXMusM4lu7
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: c3po
    password: $6$z0yywBoF$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/
    shell: /bin/bash
    group: c3po
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDinfnbnVooKT0iFpkZeRZMj8JpYJk+EkgGHyK2xhb0HNoYvDoG06Clckm0vauuRlSYnWkZC0dLIbqHlACA+jbCKa2w/5yOjCXmJiJEO04YCMhkQH08It+wpWZb/Bx2O6DB3cY+3mHwPocp/la8caYW4NIE5+67AnHxIQifJLXM44TgkmFEhXSBMIZj8b8wL+MA0zKD0LXwgEH9Wllcccq6D5lfsrUSLvTRHq362pE+ZtVXh2peVkS4r98HNtYVUjBMgOIIPEypopceUzXC0L+vB7s2SolAsh3CGjqyjYW8x3fWnAewlfa5TbgIC+11e+KJKFr5+tVfwSgHC+TtfuXDU5Ws80ETejbuwx2iRVfHG0fDcjPzaVUXGmY+j8OR4jACz5KY5+VMJgMuXJTbZBEf1C5O3lCTaEf/Pmw50SHrshT/bhdrMBUaS+AOTFHrI3WOu+ujWMXJK3pRdROXDFDtPfc1afaJkMuKO5Uay/qwTEKd8NwXNoAGkXjowKBerNgJRy5JwhmbHMA6xsCDEjXMVy+yiMw+58JE76g5HVVu7dpyz0bjXD3LrpB+lclQHRLxNajWAjVsAu/eI2zQDDS7YHi1IZVUGdYD0g0qXdeNQ//KA7FVr22VFUP8xtbseZfOZpKFGVEMVkIOcYHZoYhOYxZDVNNmvle13F4PU1zOiQ== c3po@riseup.net'
 sudo_users:
  - chris
  - c3po
  - marsupilami
  - sysadm
  - localadmin
  - c3po
 # ---
--- a/host_vars/o13-mumble.oopen.de.yml
+++ b/host_vars/o13-mumble.oopen.de.yml
@ -100,53 +100,28 @@ resolved_fallback_nameserver:
 # vars used by roles/common/tasks/users.yml
 # ---
-default_user:
+extra_user:
-  - name: chris
+  - name: marsupilami
-    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
+    password: $y$j9T$guTT3egsLUFwxUGCnDJ0o0$WCQt3gXcYIpArTxbn2BunvIWG6w7GZLx./fFGJYCsd/
    shell: /bin/bash
    group: marsupilami
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4wVpkMrF4M5wKBxRAonR4gVngO9+yhBEAyhV03l6Is'
  - name: c3po
    password: $6$z0yywBoF$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/
    shell: /bin/bash
    group: c3po
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDinfnbnVooKT0iFpkZeRZMj8JpYJk+EkgGHyK2xhb0HNoYvDoG06Clckm0vauuRlSYnWkZC0dLIbqHlACA+jbCKa2w/5yOjCXmJiJEO04YCMhkQH08It+wpWZb/Bx2O6DB3cY+3mHwPocp/la8caYW4NIE5+67AnHxIQifJLXM44TgkmFEhXSBMIZj8b8wL+MA0zKD0LXwgEH9Wllcccq6D5lfsrUSLvTRHq362pE+ZtVXh2peVkS4r98HNtYVUjBMgOIIPEypopceUzXC0L+vB7s2SolAsh3CGjqyjYW8x3fWnAewlfa5TbgIC+11e+KJKFr5+tVfwSgHC+TtfuXDU5Ws80ETejbuwx2iRVfHG0fDcjPzaVUXGmY+j8OR4jACz5KY5+VMJgMuXJTbZBEf1C5O3lCTaEf/Pmw50SHrshT/bhdrMBUaS+AOTFHrI3WOu+ujWMXJK3pRdROXDFDtPfc1afaJkMuKO5Uay/qwTEKd8NwXNoAGkXjowKBerNgJRy5JwhmbHMA6xsCDEjXMVy+yiMw+58JE76g5HVVu7dpyz0bjXD3LrpB+lclQHRLxNajWAjVsAu/eI2zQDDS7YHi1IZVUGdYD0g0qXdeNQ//KA7FVr22VFUP8xtbseZfOZpKFGVEMVkIOcYHZoYhOYxZDVNNmvle13F4PU1zOiQ== c3po@riseup.net'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - c3po
  - marsupilami
  - sysadm
  - localadmin
--- a/host_vars/o13-pad.oopen.de.yml
+++ b/host_vars/o13-pad.oopen.de.yml
@ -100,64 +100,28 @@ resolved_fallback_nameserver:
 # vars used by roles/common/tasks/users.yml
 # ---
-default_user:
+extra_user:
-  - name: chris
+  - name: marsupilami
-    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
+    password: $y$j9T$guTT3egsLUFwxUGCnDJ0o0$WCQt3gXcYIpArTxbn2BunvIWG6w7GZLx./fFGJYCsd/
    shell: /bin/bash
    group: marsupilami
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4wVpkMrF4M5wKBxRAonR4gVngO9+yhBEAyhV03l6Is'
  - name: c3po
    password: $6$z0yywBoF$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/
    shell: /bin/bash
    group: c3po
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDinfnbnVooKT0iFpkZeRZMj8JpYJk+EkgGHyK2xhb0HNoYvDoG06Clckm0vauuRlSYnWkZC0dLIbqHlACA+jbCKa2w/5yOjCXmJiJEO04YCMhkQH08It+wpWZb/Bx2O6DB3cY+3mHwPocp/la8caYW4NIE5+67AnHxIQifJLXM44TgkmFEhXSBMIZj8b8wL+MA0zKD0LXwgEH9Wllcccq6D5lfsrUSLvTRHq362pE+ZtVXh2peVkS4r98HNtYVUjBMgOIIPEypopceUzXC0L+vB7s2SolAsh3CGjqyjYW8x3fWnAewlfa5TbgIC+11e+KJKFr5+tVfwSgHC+TtfuXDU5Ws80ETejbuwx2iRVfHG0fDcjPzaVUXGmY+j8OR4jACz5KY5+VMJgMuXJTbZBEf1C5O3lCTaEf/Pmw50SHrshT/bhdrMBUaS+AOTFHrI3WOu+ujWMXJK3pRdROXDFDtPfc1afaJkMuKO5Uay/qwTEKd8NwXNoAGkXjowKBerNgJRy5JwhmbHMA6xsCDEjXMVy+yiMw+58JE76g5HVVu7dpyz0bjXD3LrpB+lclQHRLxNajWAjVsAu/eI2zQDDS7YHi1IZVUGdYD0g0qXdeNQ//KA7FVr22VFUP8xtbseZfOZpKFGVEMVkIOcYHZoYhOYxZDVNNmvle13F4PU1zOiQ== c3po@riseup.net'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: cryptpad
    user_id: 2010
    group_id: 2010
    group: cryptpad
    home: /var/www/cryptpad
    password: $y$j9T$TUSURhYNq5B1eWlxis.xy.$YfCpyp24dmaZwiIEMaJvX7u3P.MEdAyz8YXMusM4lu7
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - c3po
  - marsupilami
  - sysadm
  - localadmin
--- a/host_vars/o13-schleuder.oopen.de.yml
+++ b/host_vars/o13-schleuder.oopen.de.yml
@ -1,120 +0,0 @@
 ---
 # ---
 # vars used by roles/ansible_dependencies
 # ---
 # ---
 # vars used by roles/ansible_user
 # ---
 # ---
 # vars used by roles/common/tasks/basic.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sshd.yml
 # ---
 # ---
 # vars used by roles/common/tasks/apt.yml
 # ---
 # ---
 # vars used by roles/common/tasks/users.yml
 # ---
 default_user:
  - name: chris
    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: c3po
    password: $6$z0yywBoF$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDinfnbnVooKT0iFpkZeRZMj8JpYJk+EkgGHyK2xhb0HNoYvDoG06Clckm0vauuRlSYnWkZC0dLIbqHlACA+jbCKa2w/5yOjCXmJiJEO04YCMhkQH08It+wpWZb/Bx2O6DB3cY+3mHwPocp/la8caYW4NIE5+67AnHxIQifJLXM44TgkmFEhXSBMIZj8b8wL+MA0zKD0LXwgEH9Wllcccq6D5lfsrUSLvTRHq362pE+ZtVXh2peVkS4r98HNtYVUjBMgOIIPEypopceUzXC0L+vB7s2SolAsh3CGjqyjYW8x3fWnAewlfa5TbgIC+11e+KJKFr5+tVfwSgHC+TtfuXDU5Ws80ETejbuwx2iRVfHG0fDcjPzaVUXGmY+j8OR4jACz5KY5+VMJgMuXJTbZBEf1C5O3lCTaEf/Pmw50SHrshT/bhdrMBUaS+AOTFHrI3WOu+ujWMXJK3pRdROXDFDtPfc1afaJkMuKO5Uay/qwTEKd8NwXNoAGkXjowKBerNgJRy5JwhmbHMA6xsCDEjXMVy+yiMw+58JE76g5HVVu7dpyz0bjXD3LrpB+lclQHRLxNajWAjVsAu/eI2zQDDS7YHi1IZVUGdYD0g0qXdeNQ//KA7FVr22VFUP8xtbseZfOZpKFGVEMVkIOcYHZoYhOYxZDVNNmvle13F4PU1zOiQ== c3po@riseup.net'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
 # ---
 # ---
 # vars used by roles/common/tasks/webadmin-user.yml
 # ---
 # ---
 # vars used by roles/common/tasks/sudoers.yml
 # ---
 #
 # see: roles/common/tasks/vars
 # ---
 # vars used by roles/common/tasks/caching-nameserver.yml
 # ---
 # ---
 # vars used by roles/common/tasks/git.yml
 # ---
 git_firewall_repository:
  name: ipt-server
  repo: https://git.oopen.de/firewall/ipt-server
  dest: /usr/local/src/ipt-server
 # ==============================
 # ---
 # vars used by scripts/reset_root_passwd.yml
 # ---
 root_user:
  name: root
  password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.
--- a/host_vars/o13-staging-board.oopen.de.yml
+++ b/host_vars/o13-staging-board.oopen.de.yml
@ -106,40 +106,30 @@ resolved_fallback_nameserver:
 # vars used by roles/common/tasks/users.yml
 # ---
-default_user:
+extra_user:
-  - name: chris
+  - name: marsupilami
-    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
+    password: $y$j9T$guTT3egsLUFwxUGCnDJ0o0$WCQt3gXcYIpArTxbn2BunvIWG6w7GZLx./fFGJYCsd/
    shell: /bin/bash
    group: marsupilami
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4wVpkMrF4M5wKBxRAonR4gVngO9+yhBEAyhV03l6Is'
-  - name: sysadm
+  - name: c3po
-
+    password: $6$z0yywBoF$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    group: c3po
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDinfnbnVooKT0iFpkZeRZMj8JpYJk+EkgGHyK2xhb0HNoYvDoG06Clckm0vauuRlSYnWkZC0dLIbqHlACA+jbCKa2w/5yOjCXmJiJEO04YCMhkQH08It+wpWZb/Bx2O6DB3cY+3mHwPocp/la8caYW4NIE5+67AnHxIQifJLXM44TgkmFEhXSBMIZj8b8wL+MA0zKD0LXwgEH9Wllcccq6D5lfsrUSLvTRHq362pE+ZtVXh2peVkS4r98HNtYVUjBMgOIIPEypopceUzXC0L+vB7s2SolAsh3CGjqyjYW8x3fWnAewlfa5TbgIC+11e+KJKFr5+tVfwSgHC+TtfuXDU5Ws80ETejbuwx2iRVfHG0fDcjPzaVUXGmY+j8OR4jACz5KY5+VMJgMuXJTbZBEf1C5O3lCTaEf/Pmw50SHrshT/bhdrMBUaS+AOTFHrI3WOu+ujWMXJK3pRdROXDFDtPfc1afaJkMuKO5Uay/qwTEKd8NwXNoAGkXjowKBerNgJRy5JwhmbHMA6xsCDEjXMVy+yiMw+58JE76g5HVVu7dpyz0bjXD3LrpB+lclQHRLxNajWAjVsAu/eI2zQDDS7YHi1IZVUGdYD0g0qXdeNQ//KA7FVr22VFUP8xtbseZfOZpKFGVEMVkIOcYHZoYhOYxZDVNNmvle13F4PU1zOiQ== c3po@riseup.net'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - c3po
  - marsupilami
  - sysadm
  - localadmin
 # ---
--- a/host_vars/o13-web.oopen.de.yml
+++ b/host_vars/o13-web.oopen.de.yml
@ -100,54 +100,28 @@ resolved_fallback_nameserver:
 # vars used by roles/common/tasks/users.yml
 # ---
-default_user:
+extra_user:
-  - name: chris
+  - name: marsupilami
-    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
+    password: $y$j9T$guTT3egsLUFwxUGCnDJ0o0$WCQt3gXcYIpArTxbn2BunvIWG6w7GZLx./fFGJYCsd/
    shell: /bin/bash
    group: marsupilami
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4wVpkMrF4M5wKBxRAonR4gVngO9+yhBEAyhV03l6Is'
  - name: c3po
    password: $6$z0yywBoF$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/
    shell: /bin/bash
    group: c3po
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDinfnbnVooKT0iFpkZeRZMj8JpYJk+EkgGHyK2xhb0HNoYvDoG06Clckm0vauuRlSYnWkZC0dLIbqHlACA+jbCKa2w/5yOjCXmJiJEO04YCMhkQH08It+wpWZb/Bx2O6DB3cY+3mHwPocp/la8caYW4NIE5+67AnHxIQifJLXM44TgkmFEhXSBMIZj8b8wL+MA0zKD0LXwgEH9Wllcccq6D5lfsrUSLvTRHq362pE+ZtVXh2peVkS4r98HNtYVUjBMgOIIPEypopceUzXC0L+vB7s2SolAsh3CGjqyjYW8x3fWnAewlfa5TbgIC+11e+KJKFr5+tVfwSgHC+TtfuXDU5Ws80ETejbuwx2iRVfHG0fDcjPzaVUXGmY+j8OR4jACz5KY5+VMJgMuXJTbZBEf1C5O3lCTaEf/Pmw50SHrshT/bhdrMBUaS+AOTFHrI3WOu+ujWMXJK3pRdROXDFDtPfc1afaJkMuKO5Uay/qwTEKd8NwXNoAGkXjowKBerNgJRy5JwhmbHMA6xsCDEjXMVy+yiMw+58JE76g5HVVu7dpyz0bjXD3LrpB+lclQHRLxNajWAjVsAu/eI2zQDDS7YHi1IZVUGdYD0g0qXdeNQ//KA7FVr22VFUP8xtbseZfOZpKFGVEMVkIOcYHZoYhOYxZDVNNmvle13F4PU1zOiQ== c3po@riseup.net'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    group: sysadm
    password: $6$EEVWxA5E$bNxU8EOp/tTcYVghFharUM10k3vRt2siEnIiiznfGmhMSM6zJTP0umdxql9VVEj856oKa.Sp.q3N2nthgNMeN1
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: back
    user_id: 1060
    group_id: 1060
    group: back
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - c3po
  - marsupilami
  - sysadm
  - localadmin
--- a/host_vars/o26.oopen.de.yml
+++ b/host_vars/o26.oopen.de.yml
@ -255,9 +255,14 @@ root_ssh_keypair:
    pub_key_dest: /root/.ssh/id_ed25519-borg-backup.pub
  - name: id_ed25519-gitea
    priv_key_src: o26.oopen.de/root/.ssh/id_ed25519-gitea
-    priv_key_dest: /root/.ssh/id_rsa
+    priv_key_dest: /root/.ssh/id_ed25519-gitea
    pub_key_src: o26.oopen.de/root/.ssh/id_ed25519-gitea.pub
-    pub_key_dest: /root/.ssh/id_rsa.pub
+    pub_key_dest: /root/.ssh/id_ed25519-gitea.pub
  - name: id_ed25519-backup
    priv_key_src: o26.oopen.de/root/.ssh/id_ed25519-backup
    priv_key_dest: /root/.ssh/id_ed25519-backup
    pub_key_src: o26.oopen.de/root/.ssh/id_ed25519-backup.pub
    pub_key_dest: /root/.ssh/id_ed25519-backup
 # ---
@ -474,10 +479,9 @@ default_user:
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMvy+IDUeoVwLg+cJNcKzls5guOrVUretsf05v3Y2N+Y root@default-oopen-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcEPd+MDJKzWqWStt3XpJU1OpJ0uxmipacIGkm6k3MS root@default-warenform-server'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de'
-      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/eGKbdxPYu7L/b/DjZrWek50e0AnkHFZS+zV12o5jy root@borg-client-key-warenform'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQMCGCyIvs5hoNDoTIkKvKmEbxLf+uCYI1vx//ZQYY root@o26-backup'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6Sra1D8JU2A68G4rSny7D0ukYKy89NVMXbdxrtdZwr root@borg-client-key-oopen'
  - name: borg
    user_id: 1065
--- a/host_vars/server28.warenform.de.yml
+++ b/host_vars/server28.warenform.de.yml
@ -309,78 +309,6 @@ cron_user_entries:
 # vars used by roles/common/tasks/users.yml
 # ---
 insert_ssh_keypair_backup_server: false
 ssh_keypair_backup_server:
  - name: backup
    backup_user: back
    priv_key_src: root/.ssh/id_rsa.backup.warenform.de
    priv_key_dest: /root/.ssh/id_rsa
    pub_key_src: root/.ssh/id_rsa.backup.warenform.de.pub
    pub_key_dest: /root/.ssh/id_rsa.pub
 insert_keypair_backup_client: true
 ssh_keypair_backup_client:
  - name: backup
    priv_key_src: root/.ssh/id_ed25519.warenform-server
    priv_key_dest: /root/.ssh/id_ed25519
    pub_key_src: root/.ssh/id_ed25519.warenform-server.pub
    pub_key_dest: /root/.ssh/id_ed25519.pub
    target: backup.warenform.de
 default_user:
  - name: chris
    password: $6$bSHlaLHC$URSMVq090e/cJ1v55Jh9ws0w5WekhO7X3Y0RqryAl5R76K9khWBegC76Smjastja.xMiD57/LzUUXW7y9NvAL.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
  - name: axel
    password: $6$zUWC465e$XblctxwnBIOa7mPcN6foEQrwChjpwoY7lLtacXJrSsvjZS3I6Ox1mYUtN3/gzkvpbzOPx/9PlRJV.mbl939mD.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICOPnP788dlfeFi9oo8UkS0Chi/jcxUGjsOuQnxW/GR+ axel@wf.netz'
  - name: sysadm
    user_id: 1050
    group_id: 1050
    password: $6$vvccwrTc$Sz1HaSb3ujObprltiG7D6U1Rr3fpgfjkKuDDWYdHzPkPx/0pEofCWC.vyTn78hcemkntl.6wVUOnJnNloKt/E/
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICOPnP788dlfeFi9oo8UkS0Chi/jcxUGjsOuQnxW/GR+ axel@wf.netz'
  - name: localadmin
    user_id: 1051
    group_id: 1051
    password: $6$flo5afeu$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFkl+5aVg4l40bxmf6k2dpopV8oAXyLhGGmKfzspW3GTfD29WjhuGS/mefrqr3tZRYrybPA5GDQ1QdwwRL16+6xfjAt/B62p3dMXnjsHalk74DTcQCZDlsj0UxTV1+gfOYzcB/CAqRd2wtB+vqGWRP+oGP3E7AIgoBlE44MaEDDuMP0Vvm8hNQ5N+/3zcrE626yDHAa4qmOd5d+J/HWrHLeJ4915g9VcCYCNGCgepb//4RdCpzEqUJiBGwihb/iJk3RoHcAv3L+tht8vmBF7Wz0iJ9BtLRTsJGFCkET0i50E18mU3bfaa7ov/PY/+UcE8FZSWZcoZ6AtmoBy0Zg2mp6/F9serfe67qtILNAbWD+qNRC7GjW3c5UvF5GJM6WvG8OZRvwarovZOU8uw1NLL3unY8O1bdihXmCXatXz+MvHCOvmZekUolKMBu7mziH5wificprUY9YeGX1FHVh4/hsL04zZdu/Q8Rr/BxM8+mJCCPsrkEoNnZNJfxCSwynd3jjqkhBpzZkEW9EGDBG5qnx4f6QPtcf/sv7eoNjzhEUs5k9GstbgW0ZD6381Ws/EpIdRbZUl52wFXalE8N/Z9hU6vfBC1xk0DIardUkZk+6lTsS8orBZkmPDNhX5hT8nmwNszQI0WgHPs+xDAdFskMcB/j20G5NupZm+2QgNXoww== jonas@meurer.it'
      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCzd5rFYvV5/V2NZE4jxL09qZ4TTsgmhbfSHpsj9wX89+j7ZrfTAkAkAFxyrWs8FR3CQ11DGkrXW059a0ppRQ7R8bUW9CniXS/RaRAvqX9AMM9Xo/lmL4pXNM0sV4nHJWphi5Bc+zTIM2I4PSbHYw+5dDnj8ZIQ8ucBff+k29Zd90JRuKx72tk0pQNf7sQbWVKNCT/B4g4MJV84NvnO+ExCWvGM95Cy5NCTnQfO94/OSkN72R//tIR7Nd/aK7hEj69MoVJZrFy4qzE9KskLhKeUYCqoz86XOQ6Dfag/B2adTeG3r9DEacG3ao/ACZKQChj0X12LEV/PZUHLORqYpWIwMuIx54vhbxarSwlKhoOCv1XQJwo9BTavMhFNsMtZpAJYdvAakRCbf18bDrHyqYYqjAyYOp+L+G+wlSh3tz0qQL8aAnaV3RPN0fDd7Zu1dpMGAM2gMnBEMJ+k82V7EtACp1jf37LW11Lbv2o+dRUJEgsrU9TNGxaGSTWqGc65TuP9PUfDXq1ZNOPQWSK/KseqB0WUx6ePfZzkgkr7kGXT/d9hUSCq2+iprhfwQpYLcXE9XtCdo1aivIKQ8zCuR44q11HePyNtEMaJfq33p4uDTVOy7UOtuACzSbk6vs7h6h8CUGPwU9aw+PRiWY4Jdm0caJ8trFfH1R8XaIe3SaUEw== t@NB-003258-RLS'
  - name: back
    user_id: 1060
    group_id: 1060
    password: $6$GntX81EP$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.
    shell: /bin/bash
    ssh_keys:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO90culn3sicU2chTHn40ytcTay0nUIHap0uF/5fVM6P chris@sol'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQHMUKlDh2ufno5pZOhUY5xFljC1R5zQ/GjOHDkS58D root@sol'
 sudo_users:
  - chris
  - axel
  - sysadm
  - localadmin
 # ---
 # vars used by roles/common/tasks/users-systemfiles.yml
--- a/27
+++ b/27
@ -189,7 +189,6 @@ cloud.akweb.de
 # o31.oopen.de - Cadus e.V.
 o31.oopen.de
 mail.cadus.org
 135.181.22.161
 web.cadus.org
 # etventure
@ -384,7 +383,6 @@ cloud.akweb.de
 # o31.oopen.de - Cadus e.V.
 o31.oopen.de
 mail.cadus.org
 135.181.22.161
 web.cadus.org
 # etventure
@ -546,9 +544,7 @@ ga-al-kvm3.ga.netz
 devel-root.wf.netz
 anita.wf.netz
 devel-cloud.wf.netz
 devel-db.wf.netz
 devel-git.wf.netz
 devel-repos.wf.netz
 devel-php.wf.netz
 devel-todo.wf.netz
@ -632,7 +628,6 @@ o20.oopen.de
 # o31.oopen.de
 web.cadus.org
 mail.cadus.org
 135.181.22.161
 # o22.oopen.de
 oolm-shop-dev.oopen.de
@ -871,7 +866,6 @@ test.mx.oopen.de
 # o31.oopen.de
 mail.cadus.org
 135.181.22.161
 # o27.oopen.de
 mail.faire-mobilitaet.de
@ -1037,7 +1031,6 @@ cloud.akweb.de
 # o31.oopen.de - Cadus e.V.
 web.cadus.org
 mail.cadus.org
 135.181.22.161
 # etventure
 o32.oopen.de
@ -1195,7 +1188,6 @@ test.mx.oopen.de
 # o31.oopen.de
 mail.cadus.org
 135.181.22.161
 # o27.oopen.de
@ -1459,7 +1451,6 @@ munin.oopen.de
 # - o31.oopen.de
 mail.cadus.org
 135.181.22.161
 web.cadus.org
 # o21.oopen.de
@ -1610,9 +1601,7 @@ dns1.warenform.de
 # devel-root
 anita.wf.netz
 devel-cloud.wf.netz
 devel-db.wf.netz
 devel-git.wf.netz
 devel-php.wf.netz
 devel-repos.wf.netz
 devel-todo.wf.netz
@ -1699,7 +1688,6 @@ cloud.akweb.de
 # - o31.oopen.de
 o31.oopen.de
 mail.cadus.org
 135.181.22.161
 web.cadus.org
 # etventure
@ -1883,8 +1871,6 @@ dns1.warenform.de
 anita.wf.netz
 devel-root.wf.netz
 devel-db.wf.netz
 devel-cloud.wf.netz
 devel-git.wf.netz
 devel-php.wf.netz
 devel-repos.wf.netz
 devel-todo.wf.netz
@ -1894,13 +1880,16 @@ devel-ruby.wf.netz
 [oopen_office_ga]
 # - GA - Gemeinschaft Altensclirf
-ga-st-lxc1.ga.netz
+ga-al-gw.oopen.de
 ga-st-mail.ga.netz
 ga-al-relay.ga.netz
 ga-st-services.ga.netz
 ga-st-kvm1.ga.netz
 ga-al-kvm2.ga.netz
 ga-al-kvm3.ga.netz
 ga-al-relay.ga.netz
 ga-nh-gw.oopen.de.yml
 ga-st-lxc1.ga.netz
 ga-st-mail.ga.netz
 ga-st-services.ga.netz
 ga-st-kvm1.ga.netz
 ga-st-kvm5.ga.netz
 [o13_server]
--- a/roles/common/files/backup.oopen.de/root/.ssh/id_ed25519
+++ b/roles/common/files/backup.oopen.de/root/.ssh/id_ed25519
@ -0,0 +1,7 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
 QyNTUxOQAAACCHBD3fjAySs1qlkrbd16SVNTqSdLsZoqWnCBpJupNzEgAAAJDPLbb2zy22
 9gAAAAtzc2gtZWQyNTUxOQAAACCHBD3fjAySs1qlkrbd16SVNTqSdLsZoqWnCBpJupNzEg
 AAAEBJe9jEXHRRNKsWRZnEC6gkT+68rSus6TQsWoCIo1f+S4cEPd+MDJKzWqWStt3XpJU1
 OpJ0uxmipacIGkm6k3MSAAAACmNocmlzQGx1bmEBAgM=
 -----END OPENSSH PRIVATE KEY-----
--- a/roles/common/files/backup.oopen.de/root/.ssh/id_ed25519-backup
+++ b/roles/common/files/backup.oopen.de/root/.ssh/id_ed25519-backup
@ -0,0 +1,7 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
 QyNTUxOQAAACCndAMEx2wwSuA4LPiGVprZwwY6FSKIDlL5CyGL7H39cgAAAJCPEfpPjxH6
 TwAAAAtzc2gtZWQyNTUxOQAAACCndAMEx2wwSuA4LPiGVprZwwY6FSKIDlL5CyGL7H39cg
 AAAEAU6QJe7XCLoBUkLQQfUIO6lqRS8eG0Aya2mMuIfU9Vo6d0AwTHbDBK4Dgs+IZWmtnD
 BjoVIogOUvkLIYvsff1yAAAAC3Jvb3RAYmFja3VwAQI=
 -----END OPENSSH PRIVATE KEY-----
--- a/roles/common/files/backup.oopen.de/root/.ssh/id_ed25519-backup.pub
+++ b/roles/common/files/backup.oopen.de/root/.ssh/id_ed25519-backup.pub
@ -0,0 +1 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de
--- a/roles/common/files/backup.warenform.de/root/.ssh/id_ed25519
+++ b/roles/common/files/backup.warenform.de/root/.ssh/id_ed25519
@ -0,0 +1,7 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
 QyNTUxOQAAACCHBD3fjAySs1qlkrbd16SVNTqSdLsZoqWnCBpJupNzEgAAAJDPLbb2zy22
 9gAAAAtzc2gtZWQyNTUxOQAAACCHBD3fjAySs1qlkrbd16SVNTqSdLsZoqWnCBpJupNzEg
 AAAEBJe9jEXHRRNKsWRZnEC6gkT+68rSus6TQsWoCIo1f+S4cEPd+MDJKzWqWStt3XpJU1
 OpJ0uxmipacIGkm6k3MSAAAACmNocmlzQGx1bmEBAgM=
 -----END OPENSSH PRIVATE KEY-----
--- a/roles/common/files/backup.warenform.de/root/.ssh/id_ed25519-backup
+++ b/roles/common/files/backup.warenform.de/root/.ssh/id_ed25519-backup
@ -0,0 +1,7 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
 QyNTUxOQAAACDY9JwnRTmZudQFQnz22dtkETiBIm6F2e0Wph7zNhPSDAAAAJD+EYMa/hGD
 GgAAAAtzc2gtZWQyNTUxOQAAACDY9JwnRTmZudQFQnz22dtkETiBIm6F2e0Wph7zNhPSDA
 AAAEBqjDwPH+BcqDhXZcMYac/0aRMS5mN5xHYc/61tyP2Ogtj0nCdFOZm51AVCfPbZ22QR
 OIEiboXZ7RamHvM2E9IMAAAAC3Jvb3RAYmFja3VwAQI=
 -----END OPENSSH PRIVATE KEY-----
--- a/roles/common/files/backup.warenform.de/root/.ssh/id_ed25519-backup.pub
+++ b/roles/common/files/backup.warenform.de/root/.ssh/id_ed25519-backup.pub
@ -0,0 +1 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts
@ -19,66 +19,15 @@
 # ---
 # give hostnames to blocke here
-illuminatus\.lionheart\.lovejoy$
+
-dancortez\.500$
+# edge.toprains.shop:w
-geplosser\.pl$
+edge\.toprains\.shop$
-zukunftbeitragen\.quest$
+
-gulpagerts\.com$
+#  Specht Office
-flodesyta\.shop$
+mta3\.dev\.60cr\.com$
-einfach-mail-express\.eu$
+
-feowatley\.shop$
+# lichtbringer.sho
-kssalon\.com$
+lichtbringer\.shop$
-zeitarbeitsgruppe\.com$
+
-jobinscenter\.mom$
+# insights.sternenpfad.shop
-bilingates\.gsm\.pl$
+insights\.sternenpfad\.shop$
 ^mail\.finsky-palace\.radio\.am$
 ^mail\.newslinkes\.radio\.fm$
 thecaffeinatedquilter\.com$
 ^mail\.hossted\.app$
 rea\.realflightshop\.com$
 tetontimberlinetrading\.com$
 walelaber\.shop$
 technedigitale\.com$
 dia-two-2\.de$
 surlumice\.store$
 mail\.notistall\.balashov\.su$
 mail\.batistase\.hz\.cz$
 mail\.lorinsales\.de\.fr$
 mail\.jostalles\.azerbaijan\.su$
 mail\.batistase\.hz\.cz$
 circuitlogix\.com$
 a27-10\.smtp-out.us-west-2\.amazonses\.com$
 relay01\.cne\.gob\.ve$
 mta01\.cne\.gob\.ve$
 news1\.worldnews\.hair$
 ritechager\.info$
 berligpot\.quest$
 chwestinstrumentalmusic\.com$
 nrgroekle\.site$
 classyak\.com$
 childswork\.com$
 ywgf\.net$
 alnweohct\.online$
 kitchenfantasy\.com$
 kitchenfaucetcenter\.com$
 fqmeta\.net$
 kitchenespial\.com$
 owboyhardware\.com$
 comicartcollective\.com$
 fesg56wesg\.xyz$
 convinceandconvert\.com$
 thelargest\.homes$
 eamyobai\.cfd$
 countryfields\.ca$
 urgencypasture\.shop$
 detectivecomics\.net$
 bell\.net$
 beheshtfoundation\.com$
 tohochina\.com$
 mailer-service\.de$
 hunshachang\.com$
 likelark\.com$
 mlmlh\.xyz$
 osdh\.net$
 trentbbs\.com$
 sharelikecrazy\.com$
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts.00
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts.00
@ -0,0 +1,84 @@
 # *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
 # ---
 # hosts blocked by postfwd
 #
 #    This file is called with '=~'. This means perl regexp is possible
 #
 #
 # To increase performance use ^ and/or $ in regular expressions
 #
 # Example:
 #
 #  # block all hosts of domain 'oopen.de'
 #  \.oopen\.de$
 #
 #  # block host a.mx.oopen.de
 #  ^a\.mx\.oopen\.de$
 #
 # ---
 # give hostnames to blocke here
 illuminatus\.lionheart\.lovejoy$
 dancortez\.500$
 geplosser\.pl$
 zukunftbeitragen\.quest$
 gulpagerts\.com$
 flodesyta\.shop$
 einfach-mail-express\.eu$
 feowatley\.shop$
 kssalon\.com$
 zeitarbeitsgruppe\.com$
 jobinscenter\.mom$
 bilingates\.gsm\.pl$
 ^mail\.finsky-palace\.radio\.am$
 ^mail\.newslinkes\.radio\.fm$
 thecaffeinatedquilter\.com$
 ^mail\.hossted\.app$
 rea\.realflightshop\.com$
 tetontimberlinetrading\.com$
 walelaber\.shop$
 technedigitale\.com$
 dia-two-2\.de$
 surlumice\.store$
 mail\.notistall\.balashov\.su$
 mail\.batistase\.hz\.cz$
 mail\.lorinsales\.de\.fr$
 mail\.jostalles\.azerbaijan\.su$
 mail\.batistase\.hz\.cz$
 circuitlogix\.com$
 a27-10\.smtp-out.us-west-2\.amazonses\.com$
 relay01\.cne\.gob\.ve$
 mta01\.cne\.gob\.ve$
 news1\.worldnews\.hair$
 ritechager\.info$
 berligpot\.quest$
 chwestinstrumentalmusic\.com$
 nrgroekle\.site$
 classyak\.com$
 childswork\.com$
 ywgf\.net$
 alnweohct\.online$
 kitchenfantasy\.com$
 kitchenfaucetcenter\.com$
 fqmeta\.net$
 kitchenespial\.com$
 owboyhardware\.com$
 comicartcollective\.com$
 fesg56wesg\.xyz$
 convinceandconvert\.com$
 thelargest\.homes$
 eamyobai\.cfd$
 countryfields\.ca$
 urgencypasture\.shop$
 detectivecomics\.net$
 bell\.net$
 beheshtfoundation\.com$
 tohochina\.com$
 mailer-service\.de$
 hunshachang\.com$
 likelark\.com$
 mlmlh\.xyz$
 osdh\.net$
 trentbbs\.com$
 sharelikecrazy\.com$
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets
@ -12,158 +12,17 @@
 #
 # ---
-# give networks to block here
+# edge.toprains.shop
-188.214.104.0/24
+51.89.16.112
-91.219.236.254
+
-85.254.72.106
+# Specht Office
-103.136.40.0/23
+91.193.18.0/24
-185.53.170.115
+
-# zukunftbeitragen.quest
+# lichtbringer.shop
-86.107.103.211
+94.23.144.0/21
-# RU (u.a. mail.geplosser.pl)
+
-62.152.59.0/24
+# insights.sternenpfad.shop
-# GB mx.bilingates.gsm.pl
+94.23.152.0/21
-95.168.184.156
+
-# RU (u.a. mx.jobinscenter.mom)
+# ??
-31.28.27.0/24
+181.214.99.0/24
 # RU (u.a. mx.novatechs.gen.tr)
 93.189.44.0/22
 # RU (u.a. vh126.timeweb.ru)
 92.53.96.0/24
 # RU (u.a. mail.newslinkes.radio.am)
 45.130.151.0/24
 # US - OLink Cloud LLC US Cloud ( u.a. pritionch.store)
 104.160.19.0/24
 # TR (u.a. dosvufpro.store
 185.219.135.0/24
 # RZ ( u.a. mx.jobinscenter.mom)
 31.28.27.0/24
 # RU (mx.novatechs.gen.tr)
 93.189.44.0/22
 # mx.bilingates.gsm.pl
 95.168.184.156
 # mail.finsky-palace.radio.am
 89.163.230.186
 # mail.newslinkes.radio.fm
 62.3.58.20
 # SC ( u.a. undialogy.store)
 149.3.170.0/24
 # tetontimberlinetrading.com
 155.94.219.66
 185.43.108.101
 # US (u.a.walelaber.shop)
 216.250.247.0/24
 # IN (u.a. couetsart.xyz)
 103.174.86.0/23
 # DE ( u.a. smtp15.dia-two-2.de
 193.168.252.0/23
 # US ( u.a. surlumice.store )
 # 192.161.160.0/19
 192.161.173.22
 # RU
 194.87.236.0/22
 # SC (u.a. werkzeughandeldirekt.net)
 146.19.253.0/24
 # Piscataway NJ (u.a. werkzeughandeldirekt.net)
 209.182.224.0/22
 # LV (u.a. eur-versand.com )
 217.199.96.0/19
 # viastarco.xyz (eur-versand.com)
 163.123.180.214
 # RU (u.a lorinsales.de.fr) 
 185.31.160.0/22
 # RU (batistase.hz.cz)
 93.189.42.0/23
 # RU (notistall.balashov.su)
 77.87.212.0/24
 # RU (jostalles.azerbaijan.su)
 62.173.128.0/19
 # RU ( u.a. batistase.hz.cz )
 62.76.184.0/21
 # US (u.a. premiumofen.com)
 172.93.96.0/20
 # US (u.a. premiumofen.com)
 108.171.192.0/19
 # VE ( u.a. cne.gob.ve)
 201.130.82.0/23
 # classic-british-motorcycles.com
 172.67.189.127
 104.21.33.94
 # (u.a. direktpaket.com)
 194.116.228.0/24
 # GB (u.a.versand-king.com)
 78.129.191.68/28
 # US ( u.a.profiverkauf.com)
 192.30.240.0/22
 # (u.a. profiverkauf.com)
 185.221.200.0/22
 # US u.a.(liefer-experten.com)
 69.12.79.32/27
 207.167.64.0/23
 # US (u.a. premiumversender.com)
 192.161.172.0/23
 # LIR (u.a. premiumversender.com)
 185.101.92.0/22
 # US (u.a. d-logistik.com)
 216.144.236.224/28
 # GB
 146.59.88.240/29
 # UA (Ukraine)
 193.3.23.0/24
 # DE (u.a. lagerexpress.com)
 41.216.188.0/24
 # US (u.a. echtzeit-video.com>)
 104.161.0.0/17
 158.51.124.0/22
 193.42.38.0/24
 # US (u.a. pro-versender.com)
 173.254.192.0/18
 # US ( u.a. werksvertriebe.com)
 104.218.236.0/23
 # US ( u.a. notstrom-generatoren.com)
 68.69.187.0/24
 104.156.156.0/22
 # US (u.a direktversender.net)
 103.83.37.0/24
 103.114.162.0/24
 # US (u.a.versender50.com)
 204.152.197.0/24
 # US (u.a.vs-dienst.com)
 45.134.11.0/24
 212.83.56.0/24
 # US ( u.a. urgencypasture.shop)
 194.87.84.0/24
 # US ( u.a. dkdirekt.com)
 64.188.1.176/28
 # CA (Canada) (u.a. bell.net)
 209.71.192.0/18
 # HU (u.a. beheshtfoundation.com)
 83.137.158.0/24
 # US (u.a. josephraffael.com / auftrag@v-markt-direkt.com)
 64.188.4.0/22
 # IR (Iran) brute force on SASL Login
 46.148.32.0/20
 # US
 45.15.128.0/22
 #  US
 103.114.163.0/24
 # US 
 192.154.224.0/21
 # US
 139.28.234.0/23
 # US
 213.59.118.0/23
 # US cityboxing.com
 103.114.160.0/24
 104.237.192.0/19
 # CZ 
 176.102.65.0/24
 46.36.39.0/24
 # US
 91.193.19.0/24
 # US
 103.125.147.0/24
 # US
 79.141.173.0/24
 # LU Luxenburg
 107.189.3.105
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets.00
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-nets.00
@ -0,0 +1,169 @@
 # *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
 # ---
 # Networks blocked by postfwd
 #
 # Example:
 #
 #   # web0.warenform.de
 #   #83.223.86.76
 #   #2a01:30:0:505:286:96ff:fe4a:6ee
 #   #2a01:30:0:13:286:96ff:fe4a:6eee
 #
 # ---
 # give networks to block here
 188.214.104.0/24
 91.219.236.254
 85.254.72.106
 103.136.40.0/23
 185.53.170.115
 # zukunftbeitragen.quest
 86.107.103.211
 # RU (u.a. mail.geplosser.pl)
 62.152.59.0/24
 # GB mx.bilingates.gsm.pl
 95.168.184.156
 # RU (u.a. mx.jobinscenter.mom)
 31.28.27.0/24
 # RU (u.a. mx.novatechs.gen.tr)
 93.189.44.0/22
 # RU (u.a. vh126.timeweb.ru)
 92.53.96.0/24
 # RU (u.a. mail.newslinkes.radio.am)
 45.130.151.0/24
 # US - OLink Cloud LLC US Cloud ( u.a. pritionch.store)
 104.160.19.0/24
 # TR (u.a. dosvufpro.store
 185.219.135.0/24
 # RZ ( u.a. mx.jobinscenter.mom)
 31.28.27.0/24
 # RU (mx.novatechs.gen.tr)
 93.189.44.0/22
 # mx.bilingates.gsm.pl
 95.168.184.156
 # mail.finsky-palace.radio.am
 89.163.230.186
 # mail.newslinkes.radio.fm
 62.3.58.20
 # SC ( u.a. undialogy.store)
 149.3.170.0/24
 # tetontimberlinetrading.com
 155.94.219.66
 185.43.108.101
 # US (u.a.walelaber.shop)
 216.250.247.0/24
 # IN (u.a. couetsart.xyz)
 103.174.86.0/23
 # DE ( u.a. smtp15.dia-two-2.de
 193.168.252.0/23
 # US ( u.a. surlumice.store )
 # 192.161.160.0/19
 192.161.173.22
 # RU
 194.87.236.0/22
 # SC (u.a. werkzeughandeldirekt.net)
 146.19.253.0/24
 # Piscataway NJ (u.a. werkzeughandeldirekt.net)
 209.182.224.0/22
 # LV (u.a. eur-versand.com )
 217.199.96.0/19
 # viastarco.xyz (eur-versand.com)
 163.123.180.214
 # RU (u.a lorinsales.de.fr) 
 185.31.160.0/22
 # RU (batistase.hz.cz)
 93.189.42.0/23
 # RU (notistall.balashov.su)
 77.87.212.0/24
 # RU (jostalles.azerbaijan.su)
 62.173.128.0/19
 # RU ( u.a. batistase.hz.cz )
 62.76.184.0/21
 # US (u.a. premiumofen.com)
 172.93.96.0/20
 # US (u.a. premiumofen.com)
 108.171.192.0/19
 # VE ( u.a. cne.gob.ve)
 201.130.82.0/23
 # classic-british-motorcycles.com
 172.67.189.127
 104.21.33.94
 # (u.a. direktpaket.com)
 194.116.228.0/24
 # GB (u.a.versand-king.com)
 78.129.191.68/28
 # US ( u.a.profiverkauf.com)
 192.30.240.0/22
 # (u.a. profiverkauf.com)
 185.221.200.0/22
 # US u.a.(liefer-experten.com)
 69.12.79.32/27
 207.167.64.0/23
 # US (u.a. premiumversender.com)
 192.161.172.0/23
 # LIR (u.a. premiumversender.com)
 185.101.92.0/22
 # US (u.a. d-logistik.com)
 216.144.236.224/28
 # GB
 146.59.88.240/29
 # UA (Ukraine)
 193.3.23.0/24
 # DE (u.a. lagerexpress.com)
 41.216.188.0/24
 # US (u.a. echtzeit-video.com>)
 104.161.0.0/17
 158.51.124.0/22
 193.42.38.0/24
 # US (u.a. pro-versender.com)
 173.254.192.0/18
 # US ( u.a. werksvertriebe.com)
 104.218.236.0/23
 # US ( u.a. notstrom-generatoren.com)
 68.69.187.0/24
 104.156.156.0/22
 # US (u.a direktversender.net)
 103.83.37.0/24
 103.114.162.0/24
 # US (u.a.versender50.com)
 204.152.197.0/24
 # US (u.a.vs-dienst.com)
 45.134.11.0/24
 212.83.56.0/24
 # US ( u.a. urgencypasture.shop)
 194.87.84.0/24
 # US ( u.a. dkdirekt.com)
 64.188.1.176/28
 # CA (Canada) (u.a. bell.net)
 209.71.192.0/18
 # HU (u.a. beheshtfoundation.com)
 83.137.158.0/24
 # US (u.a. josephraffael.com / auftrag@v-markt-direkt.com)
 64.188.4.0/22
 # IR (Iran) brute force on SASL Login
 46.148.32.0/20
 # US
 45.15.128.0/22
 #  US
 103.114.163.0/24
 # US 
 192.154.224.0/21
 # US
 139.28.234.0/23
 # US
 213.59.118.0/23
 # US cityboxing.com
 103.114.160.0/24
 104.237.192.0/19
 # CZ 
 176.102.65.0/24
 46.36.39.0/24
 # US
 91.193.19.0/24
 # US
 103.125.147.0/24
 # US
 79.141.173.0/24
 # LU Luxenburg
 107.189.3.105
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender
@ -36,83 +36,29 @@ ludwigpestow@gmail.com
 # annoying spammer domains
@acieu\.co\.uk$
@sendelope\.eu$
@growthrecords\.com$
@videosicherheit.biz$
@arbeitsschutzmasken.shop$
@medprodukte.shop$
@geplosser\.pl$
@alfasells\.de$
@news-des-tages\.de$
@handel2022\.com$
@zukunftbeitragen\.quest$
@ip-51-83-242\.eu$
@notreesnolife\.com$
@ilsang\.biz$
 vorteilsemail\.de$
@inbox\.ru$
@poeloker\.com$
@jobinscenter\.mom$
@novatechs\.gen\.tr$
@bilingates\.gsm\.pl$
@newslinkes\.radio\.fm$
@finsky-palace\.radio\.am$
@deutsche-ecommerce\.net$
@cpsarg\.com$
@markenhandelonline\.com$
 firmen-infos\.com$
-@inx1and1\..+$
+# ----
@ppe-healthcare-europe\.\S+$
@testbedarf\.shop$
@acievents\.\S+$
@dokpotenz\.\S+$
@doktorapo\.\S+$
@team-de-luxe\.\S+$
@klickensiejetzt\.\S+$
@podiumskate\.\S+$
@ppe-healthcare-europe\.\S+$
-@direktpaket\.com$
+# edge.toprains.shop
-@revzilla\.com$
+@edge.toprains.shop$
@christopherhinz\.com$
@versand-king\.com$
-@profiverkauf\.com$
+# Specht Offic
-@liefer-experten\.com$
+officeuf@jxb669\.com$
-@premiumversender\.com$
+officeuf@
@longhornvapor\.com$
@d-logistik\.com$
@corvsport\.com$
@echtzeit-video\.com$
@cortlandparkcashmere\.com$
@pro-versender\.com$
@werksvertriebe\.com$
@notstrom-generatoren\.com$
-# annoying spammer addresses
+# edge.toprains.shop
-^error@mailfrom\.com$
+@edge.toprains.shop$
-^sqek@eike\.se$
+
-^info@webmeinung\.de$
+# lichtbringer.shop
-^info@handel-versand\.com$
+lichtbringer\.shop$
-^order@direktversender\.net$
+
-versender.*\.com$
+# insights.sternenpfad.shop
-vs-dienst\.com$
+@insights\.sternenpfad\.shop$
-urgencypasture\.shop$
+
-dkdirekt\.com$
+# ??  181.214.99.0/24
-nb\.sympatico\.ca$
+imrx4k.com$
-beheshtfoundation\.com$
+
-josephraffael\.com$
+# ---
-v-markt-direkt\.com$
+
-mailer-service\.de$
+# Google Mail Adresse
-swissad\.biz$
+@laravel.digital
@math-salamanders\.com$
 mazdas247\.com$
 johnnybugs\.com$
 livingoncookies\.com$
 joshua24\.com$
 cityboxing\.com$
 clotheswithoutlimits\.com$
 distrowatch\.com$
 designerwicker\.com$
 sharelikecrazy\.com$
--- a/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender.00
+++ b/roles/common/files/mailserver/etc/postfix/postfwd.bl-sender.00
@ -0,0 +1,118 @@
 # *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
 # ---
 # Sender addresses blocked by postfwd
 #
 #    This file is called with '=~'. This means perl regexp is possible
 #
 #
 # To increase performance use ^ and/or $ in regular expressions
 #
 #  @acieu\.co\.uk$
 #  ^error@mailfrom.com$
 #
 # instedt of 
 #
 #  @acieu.co.uk
 #  error@mailfrom.com
 #
 #
 # Example:
 #
 #  #  # annoying spammer domains
 #  # block all senders of maildomaindomain 'oopen.de'
 #  @acieu\.co\.uk$
 #
 #  # annoying spammer addresses
 #  # block sender address 
 #  error@mailfrom.com
 #  sqek@eike\.se$
 #
 # ---
 # reported by MBR
 paul.graber99@gmail.com
 ludwigpestow@gmail.com
 # annoying spammer domains
@acieu\.co\.uk$
@sendelope\.eu$
@growthrecords\.com$
@videosicherheit.biz$
@arbeitsschutzmasken.shop$
@medprodukte.shop$
@geplosser\.pl$
@alfasells\.de$
@news-des-tages\.de$
@handel2022\.com$
@zukunftbeitragen\.quest$
@ip-51-83-242\.eu$
@notreesnolife\.com$
@ilsang\.biz$
 vorteilsemail\.de$
@inbox\.ru$
@poeloker\.com$
@jobinscenter\.mom$
@novatechs\.gen\.tr$
@bilingates\.gsm\.pl$
@newslinkes\.radio\.fm$
@finsky-palace\.radio\.am$
@deutsche-ecommerce\.net$
@cpsarg\.com$
@markenhandelonline\.com$
 firmen-infos\.com$
@inx1and1\..+$
@ppe-healthcare-europe\.\S+$
@testbedarf\.shop$
@acievents\.\S+$
@dokpotenz\.\S+$
@doktorapo\.\S+$
@team-de-luxe\.\S+$
@klickensiejetzt\.\S+$
@podiumskate\.\S+$
@ppe-healthcare-europe\.\S+$
@direktpaket\.com$
@revzilla\.com$
@christopherhinz\.com$
@versand-king\.com$
@profiverkauf\.com$
@liefer-experten\.com$
@premiumversender\.com$
@longhornvapor\.com$
@d-logistik\.com$
@corvsport\.com$
@echtzeit-video\.com$
@cortlandparkcashmere\.com$
@pro-versender\.com$
@werksvertriebe\.com$
@notstrom-generatoren\.com$
 # annoying spammer addresses
 ^error@mailfrom\.com$
 ^sqek@eike\.se$
 ^info@webmeinung\.de$
 ^info@handel-versand\.com$
 ^order@direktversender\.net$
 versender.*\.com$
 vs-dienst\.com$
 urgencypasture\.shop$
 dkdirekt\.com$
 nb\.sympatico\.ca$
 beheshtfoundation\.com$
 josephraffael\.com$
 v-markt-direkt\.com$
 mailer-service\.de$
 swissad\.biz$
@math-salamanders\.com$
 mazdas247\.com$
 johnnybugs\.com$
 livingoncookies\.com$
 joshua24\.com$
 cityboxing\.com$
 clotheswithoutlimits\.com$
 distrowatch\.com$
 designerwicker\.com$
 sharelikecrazy\.com$
--- a/roles/common/files/o26.oopen.de/root/.ssh/id_ed25519-backup
+++ b/roles/common/files/o26.oopen.de/root/.ssh/id_ed25519-backup
@ -0,0 +1,7 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
 QyNTUxOQAAACAOS7nTPgYP6JzoAa3XC3yXGe7Npmp60Gtj+A++LRkmvQAAAJDAkxXywJMV
 8gAAAAtzc2gtZWQyNTUxOQAAACAOS7nTPgYP6JzoAa3XC3yXGe7Npmp60Gtj+A++LRkmvQ
 AAAEAEJeME+8h4U47VvVWXQGMHvI6MgjFG83h4zZoq7jS4wg5LudM+Bg/onOgBrdcLfJcZ
 7s2manrQa2P4D74tGSa9AAAACHJvb3RAbzI2AQIDBAU=
 -----END OPENSSH PRIVATE KEY-----
--- a/roles/common/files/o26.oopen.de/root/.ssh/id_ed25519-backup.pub
+++ b/roles/common/files/o26.oopen.de/root/.ssh/id_ed25519-backup.pub
@ -0,0 +1 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup
--- a/roles/common/tasks/users.yml
+++ b/roles/common/tasks/users.yml
@ -145,58 +145,58 @@
 # - Take care backup host has rsa key to connect via ssh to the other hosts
 # ---
- name: (users.yml) Copy ssh rsa private key to user root on backup server
+#- name: (users.yml) Copy ssh rsa private key to user root on backup server
-  copy:
+#  copy:
-    src: '{{ item.priv_key_src }}'
+#    src: '{{ item.priv_key_src }}'
-    dest: '{{ item.priv_key_dest }}'
+#    dest: '{{ item.priv_key_dest }}'
-    owner: root
+#    owner: root
-    group: root
+#    group: root
-    mode: '0600'
+#    mode: '0600'
-  loop: "{{ ssh_keypair_backup_server }}"
+#  loop: "{{ ssh_keypair_backup_server }}"
-  loop_control:
+#  loop_control:
-    label: '{{ item.priv_key_dest }}'
+#    label: '{{ item.priv_key_dest }}'
-  when: 
+#  when: 
-    - insert_ssh_keypair_backup_server|bool
+#    - insert_ssh_keypair_backup_server|bool
-    - ssh_keypair_backup_server is defined
+#    - ssh_keypair_backup_server is defined
-    - ssh_keypair_backup_server|length > 0
+#    - ssh_keypair_backup_server|length > 0
-  tags:
+#  tags:
-    - insert-ssh-keypair-backup-server
+#    - insert-ssh-keypair-backup-server
-    - keypair-backup-server
+#    - keypair-backup-server
-
+#
-
+#
- name: (users.yml) Copy ssh rsa public key to user root on backup server
+#- name: (users.yml) Copy ssh rsa public key to user root on backup server
-  copy:
+#  copy:
-    src: '{{ item.pub_key_src }}'
+#    src: '{{ item.pub_key_src }}'
-    dest: '{{ item.pub_key_dest }}'
+#    dest: '{{ item.pub_key_dest }}'
-    owner: root
+#    owner: root
-    group: root
+#    group: root
-    mode: '0644'
+#    mode: '0644'
-  loop: "{{ ssh_keypair_backup_server }}"
+#  loop: "{{ ssh_keypair_backup_server }}"
-  loop_control:
+#  loop_control:
-    label: '{{ item.pub_key_dest }}'
+#    label: '{{ item.pub_key_dest }}'
-  when:
+#  when:
-    - insert_ssh_keypair_backup_server|bool
+#   - insert_ssh_keypair_backup_server|bool
-    - ssh_keypair_backup_server is defined
+#    - ssh_keypair_backup_server is defined
-    - ssh_keypair_backup_server|length > 0
+#    - ssh_keypair_backup_server|length > 0
-  tags:
+#  tags:
-    - insert-ssh-keypair-backup-server
+#    - insert-ssh-keypair-backup-server
-    - keypair-backup-server
+#- keypair-backup-server
-
+#
-
+#
- name: (users.yml) Ensure user back has public rsa key of backup server
+#- name: (users.yml) Ensure user back has public rsa key of backup server
-  authorized_key:
+#  authorized_key:
-    user: "{{ item.backup_user }}"
+#    user: "{{ item.backup_user }}"
-    key: "{{ lookup('file', item.pub_key_src) }}"
+#    key: "{{ lookup('file', item.pub_key_src) }}"
-    state: present
+#    state: present
-  loop: "{{ ssh_keypair_backup_server }}"
+#  loop: "{{ ssh_keypair_backup_server }}"
-  loop_control:
+#  loop_control:
-    label: 'authorized_keys - user: {{ item.backup_user }}'
+#    label: 'authorized_keys - user: {{ item.backup_user }}'
-  when: 
+#  when: 
-    - ssh_keypair_backup_server is defined
+#    - ssh_keypair_backup_server is defined
-    - ssh_keypair_backup_server|length > 0
+#    - ssh_keypair_backup_server|length > 0
-  tags:
+#  tags:
-    - authorized_key
+#    - authorized_key
-    - keypair-backup-server
+#    - keypair-backup-server
 # ---
		`@ -0,0 +1 @@`
							`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd0AwTHbDBK4Dgs+IZWmtnDBjoVIogOUvkLIYvsff1y root@backup.open.de`
		`@ -0,0 +1 @@`
							`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINj0nCdFOZm51AVCfPbZ22QROIEiboXZ7RamHvM2E9IM root@backup.warenform.de`
		`@ -0,0 +1 @@`
							`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5LudM+Bg/onOgBrdcLfJcZ7s2manrQa2P4D74tGSa9 root@o26-backup`