--- # --- # vars used by roles/network_interfaces # --- # If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted network_manage_devices: True # Should the interfaces be reloaded after config change? network_interface_reload: False network_interface_path: /etc/network/interfaces.d network_interface_required_packages: - vlan - bridge-utils - ifmetric - ifupdown - ifenslave network_interfaces: - device: eno1 # use only once per device (for the first device entry) headline: eno1 - The primary network interface # auto & allow are only used for the first device entry allow: [] # array of allow-[stanzas] eg. allow-hotplug auto: true family: inet method: static description: address: 192.168.62.10 netmask: 24 gateway: 192.168.62.254 # optional dns settings nameservers: [] # # nameservers: # - 194.150.168.168 # dns.as250.net # - 91.239.100.100 # anycast.censurfridns.dk # search: warenform.de # nameservers: - 192.168.62.1 search: opp.netz # --- # vars used by roles/ansible_dependencies # --- # --- # vars used by roles/ansible_user # --- # --- # vars used by roles/common/tasks/basic.yml # --- # --- # vars used by roles/common/tasks/sshd.yml # --- # --- # vars used by roles/common/tasks/apt.yml # --- # --- # vars used by roles/common/tasks/systemd-resolved.yml # --- systemd_resolved: true # CyberGhost - Schnelle Verbindung mit Keine-Logs-Datenschutzrichtlinie # Primäre DNS-Adresse: 38.132.106.139 # Sekundäre DNS-Adresse: 194.187.251.67 # # Cloudflare (USA) Bester kostenloser DNS-Server für Gaming mit zuverlässigen Verbindungen # primäre DNS-Adresse # IPv4: 1.1.1.1 # IPv6: 2606:4700:4700::1111 # sekundäre DNS-Adresse # IPv4: 1.0.0.1 # IPv6: 2606:4700:4700::1001 # # Google (USA) Public DNS - Großartige Kombination aus Geschwindigkeit und Sicherheit # primäre DNS-Adresse # IPv4: 8.8.8.8 # IPv6: 2001:4860:4860::8888 # sekundäre DNS-Adresse # IPv4: 8.8.4.4 # IPv6: 2001:4860:4860::8844 # # Quad9 (CH) - Blockiert mühelos schädliche Seiten und verhindert Phishing-Betrug # primäre DNS-Adresse # IPv4: 9.9.9.9 # IPv6: 2620:fe::fe # sekundäre DNS-Adresse # IPv4: 149.112.112.112 # IPv6: 2620:fe::9 # # OpenNIC - https://www.opennic.org/ # IPv4: 195.10.195.195 - ns31.de # IPv4: 94.16.114.254 - ns28.de # IPv4: 51.254.162.59 - ns9.de # IPv4: 194.36.144.87 - ns29.de # IPv6: 2a00:f826:8:2::195 - ns31.de # # Freifunk München (normales DNS, DNS-over-TLS und DNS-over-HTTPS) # IPv4: 5.1.66.255 # IPv6: 2001:678:e68:f000:: # Servername für DNS-over-TLS: dot.ffmuc.net # IPv4: 185.150.99.255 # IPv6: 2001:678:ed0:f000:: # Servername für DNS-over-TLS: dot.ffmuc.net # für iOS 14+: DoT-Server-Konfiguration (unsigniert, vom PrHdb) resolved_nameserver: - 192.168.62.1 # search domains # # If there are more than one search domains, then specify them here in the order in which # the resolver should also search them # #resolved_domains: [] resolved_domains: - ~. - opp.netz resolved_dnssec: false # dns.as250.net: 194.150.168.168 # resolved_fallback_nameserver: - 172.16.62.254 # --- # vars used by roles/common/tasks/cron.yml # --- cron_user_special_time_entries: - name: "Restart DNS Cache service 'systemd-resolved'" special_time: reboot job: "sleep 10 ; /bin/systemctl restart systemd-resolved" insertafter: PATH # --- # vars used by roles/common/tasks/users.yml # --- # --- # vars used by roles/common/tasks/users-systemfiles.yml # --- # --- # vars used by roles/common/tasks/webadmin-user.yml # --- # --- # vars used by roles/common/tasks/sudoers.yml # --- # # see: roles/common/tasks/vars # --- # vars used by roles/common/tasks/caching-nameserver.yml # --- # --- # vars used by roles/common/tasks/git.yml # --- # --- # vars used by roles/common/tasks/samba-config-server.yml # vars used by roles/common/tasks/samba-user.yml # --- samba_server_ip: 192.168.62.10 samba_server_cidr_prefix: 24 samba_workgroup: OPP samba_netbios_name: ZAPATA samba_server_min_protocol: !!str NT1 samba_groups: - name: buero group_id: 1100 - name: beratung group_id: 1110 - name: verwaltung group_id: 1120 samba_user: - name: alba groups: - buero - beratung password: '4l#3a=behandlg' - name: almut groups: - buero - beratung - verwaltung password: 'Tax!ko11ekt!v' - name: anika groups: - buero - beratung password: '4n1k4*adb_23' - name: anne groups: - buero - beratung password: 'antilottka110' - name: birgit groups: - buero - beratung password: '6/shd9c2.cHE' # passwort unbekannt - name: chris groups: - buero - verwaltung password: !vault | $ANSIBLE_VAULT;1.1;AES256 63643330373231636537366333326630333265303265653933613835656262323863363038653234 3462653135633266373439626263356636646637643035340a653466356235346663626163306363 61313164643061306433643738643563303036646334376536626531383965303036386162393832 6631333038306462610a356535633265633563633962333137326533633834636331343562633765 3631 - name: cristina groups: - buero - beratung password: '20_cristina_18!' - name: dori groups: - buero - beratung password: 'K4lt3r_hUnD' - name: drucker groups: - buero password: '20-printer-18' - name: hannes groups: - buero - beratung password: 'U24Pdm-2' - name: joschka groups: - buero - beratung password: '20_joschka_15' - name: judith groups: - buero - beratung - verwaltung password: '20judith14' - name: julian groups: - buero - beratung password: 'Jul14n_2018' - name: juliana groups: - buero - beratung password: '24-Jul!ana#OPP' - name: lavinia groups: - buero - beratung password: '20!lavinia*20' - name: luise groups: - buero - beratung password: '24_s.l.h._adb' - name: magdalena groups: - buero - beratung password: 'magdalena_23' - name: marcus groups: - buero - beratung - verwaltung password: '' - name: maria groups: - buero - beratung password: 'm4ri4+adb22' - name: martin groups: - buero - beratung password: '20_martin_18' - name: opp groups: - buero - beratung - verwaltung password: 'DaWirdIhnenGeholfen!' - name: opp7 groups: - buero - beratung - verwaltung password: '20_opp6_19!' - name: paul groups: - buero - beratung password: '#polsfuss*adb24' - name: praktikum groups: - buero password: 'praktikant*in_00p' - name: robin groups: - buero - beratung password: 'Schattenber!cht#53' - name: samantha groups: - buero - beratung password: 'art_12*lvbbg+adb' - name: simon groups: - buero - beratung password: '20_simon_18!' - name: ute groups: - buero - beratung password: '23_ut3*obs' base_home: /home # remove_samba_users: # - name: name1 # - name: name2 # # remove_samba_users: [] remove_samba_users: - name: unknown samba_shares: - name: buero comment: Büro auf Fileserver path: /data/samba/OPP/buero group_valid_users: buero group_write_list: buero file_create_mask: !!str 660 dir_create_mask: !!str 2770 vfs_object_recycle: true recycle_path: '@Recycle' - name: beratung comment: Beratung auf Fileserver path: /data/samba/OPP/beratung group_valid_users: beratung group_write_list: beratung file_create_mask: !!str 660 dir_create_mask: !!str 2770 vfs_object_recycle: true recycle_path: '@Recycle' - name: verwaltung comment: Verwaltung auf Fileserver path: /data/samba/OPP/verwaltung group_valid_users: verwaltung group_write_list: verwaltung file_create_mask: !!str 0660 dir_create_mask: !!str 2770 vfs_object_recycle: true recycle_path: '@Recycle' - name: backup comment: Sicherungen User path: /data/backup browseable: !!str yes read_only: !!str yes writeable: !!str no guest_ok: !!str no file_create_mask: !!str 0664 dir_create_mask: !!str 0755 vfs_object_recycle: false # ============================== # --- # vars used by scripts/reset_root_passwd.yml # --- root_user: name: root password: $6$J1ssJfdshf/$mknQEPDcW4HN5.wFfawbamamywI7F7fhdZmaR1abNrc4DA7DNRx766lz3ygf9YV3gcmRq3QhJ3fBVlkwGMCvq.