2020-08-19 12:29:49 +02:00
|
|
|
---
|
|
|
|
### mgrote.postfix-gmail
|
|
|
|
empfaenger_mail: michael.grote@posteo.de
|
2020-12-14 15:06:04 +01:00
|
|
|
gmail_nutzer_gmail: michael.grote@gmail.com
|
|
|
|
gmail_nutzer_passwort: "{{ lookup('keepass', 'gmail_nutzer_passwort', 'password') }}"
|
|
|
|
gmail_postfix_erlaubte_netzwerke: "127.0.0.0/8 192.168.2.0/24"
|
|
|
|
gmail_mail_nach_cronjob: false
|
|
|
|
gmail_smtp_server: smtp.gmail.com
|
|
|
|
gmail_smtp_server_port: 587
|
2020-12-18 22:07:03 +01:00
|
|
|
gmail_smtp_use_tls: "yes"
|
2020-08-19 12:29:49 +02:00
|
|
|
### mgrote.set_apt_sources
|
|
|
|
acng_server: acng.grote.lan
|
|
|
|
acng_server_port: 9999
|
|
|
|
### mgrote.restic
|
|
|
|
restic_cron_hours: "19"
|
|
|
|
restic_repository: "//fileserver2.grote.lan/backup/restic"
|
|
|
|
restic_repository_password: "{{ lookup('keepass', 'restic_repository_password', 'password') }}"
|
|
|
|
restic_mount: "/mnt/restic"
|
|
|
|
restic_mount_user: restic
|
2020-12-03 12:04:01 +01:00
|
|
|
restic_mount_password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}"
|
2020-12-22 12:23:10 +01:00
|
|
|
restic_exclude: |
|
|
|
|
._*
|
|
|
|
desktop.ini
|
|
|
|
.Trash-*
|
|
|
|
**/**cache***/**
|
|
|
|
**/**Cache***/**
|
|
|
|
**/**AppData***/**
|
2020-08-19 12:29:49 +02:00
|
|
|
### mgrote.tmux
|
|
|
|
tmux_conf_destination: "/home/mg/.tmux.conf"
|
|
|
|
tmux_bashrc_destination: "/home/mg/.bashrc"
|
|
|
|
tmux_standardsession_name: "default"
|
|
|
|
### mgrote.fail2ban
|
|
|
|
f2b_bantime: 300
|
|
|
|
f2b_findtime: 300
|
|
|
|
f2b_maxretry: 5
|
|
|
|
### oefenweb.ufw
|
|
|
|
ufw_rules:
|
|
|
|
- rule: allow
|
|
|
|
to_port: 22
|
|
|
|
protocol: tcp
|
2020-12-23 17:34:11 +01:00
|
|
|
from_ip: 192.168.2.0/24
|
2020-08-19 12:29:49 +02:00
|
|
|
comment: 'ssh'
|
2020-11-05 17:16:30 +01:00
|
|
|
### ryandaniels.create_users
|
|
|
|
users:
|
|
|
|
- username: mg
|
2020-12-02 10:49:08 +01:00
|
|
|
password: "{{ lookup('keepass', 'linux_mg_user_password_hash', 'password') }}"
|
2020-11-05 17:16:30 +01:00
|
|
|
update_password: on_create
|
2020-11-05 21:52:43 +01:00
|
|
|
ssh_key: "{{ lookup('keepass', 'ssh_pubkey_mg', 'password') }}"
|
2020-11-05 17:16:30 +01:00
|
|
|
use_sudo: yes
|
|
|
|
use_sudo_nopass: yes
|
|
|
|
user_state: present
|
2020-11-05 21:52:43 +01:00
|
|
|
groups: ssh, sudo
|
2020-11-05 17:16:30 +01:00
|
|
|
servers:
|
|
|
|
- production
|
|
|
|
- staging
|
|
|
|
- test
|
2020-11-05 21:52:43 +01:00
|
|
|
### geerlingguy.dotfiles
|
2020-12-08 09:18:33 +01:00
|
|
|
dotfiles_repo: "https://git.mgrote.net/mg/dotfiles"
|
2020-11-05 21:52:43 +01:00
|
|
|
dotfiles_repo_local_destination: "/home/mg/dotfiles-repo"
|
|
|
|
dotfiles_home: "/home/mg"
|
|
|
|
dotfiles_user: "mg"
|
|
|
|
dotfiles_repo_accept_hostkey: true
|
|
|
|
dotfiles_files:
|
|
|
|
- .bash_aliases
|
|
|
|
- .tmux.conf
|
|
|
|
- .gitconfig
|
2020-12-17 10:05:29 +01:00
|
|
|
- .vimrc
|
2020-12-22 13:20:29 +01:00
|
|
|
### mgrote.install_packages
|
|
|
|
programs_common:
|
|
|
|
- locales
|
|
|
|
- build-essential
|
|
|
|
- ntp
|
|
|
|
- htop
|
|
|
|
- git
|
|
|
|
- dnsutils
|
|
|
|
- nano
|
|
|
|
- mc
|
|
|
|
- cifs-utils
|
|
|
|
- netdiscover
|
|
|
|
- tree
|
|
|
|
- curl
|
|
|
|
- logrotate
|
|
|
|
- ncdu
|
|
|
|
- net-tools
|
|
|
|
- apt-transport-https
|
|
|
|
- neofetch
|
|
|
|
- ntpdate
|
|
|
|
- acl
|
|
|
|
- vim
|
|
|
|
programs_only_physical:
|
|
|
|
- hddtemp
|
|
|
|
- ipmitool
|
|
|
|
- powertop
|
|
|
|
- s-tui
|
|
|
|
programs_only_vms:
|
|
|
|
- qemu-guest-agent
|
|
|
|
- open-vm-tools
|
2020-11-05 17:16:30 +01:00
|
|
|
|
2020-08-19 12:29:49 +02:00
|
|
|
# Ansible Variablen
|
|
|
|
### User
|
|
|
|
ansible_user: "ansible-user"
|
|
|
|
### SSH
|
|
|
|
ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'"
|
|
|
|
### python3
|
|
|
|
# https://docs.ansible.com/ansible/latest/reference_appendices/python_3_support.html
|
|
|
|
ansible_python_interpreter: "/usr/bin/python3"
|
|
|
|
|
|
|
|
# Ansible Plugin Variablen
|
|
|
|
### Keepass
|
|
|
|
# https://github.com/viczem/ansible-keepass
|
2020-12-09 10:21:40 +01:00
|
|
|
# liegt unter ./plugins/lookup/keepass.py
|
|
|
|
keepass_dbx: "./keepass_db.kdbx"
|
2020-08-19 12:29:49 +02:00
|
|
|
keepass_psw: !vault |
|
|
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
|
|
62383737623066396239383336646164616537646630653964313532383130343533346561633039
|
|
|
|
3437306134656535353438666165376332633064383135650a636537626662656130376537633164
|
|
|
|
61613132326536666466636632363866393066656236303766333338356337396338376266346631
|
|
|
|
6364336331623539300a313562303161373631613734313938346666376239613333333363376236
|
|
|
|
38363035376662353135333332363431343833656666643036326234656166643531
|