homeserver/group_vars/fileserver.yml

---
  # Bind Mounts - fileserver
  # pct set 109 -mp0 /hdd_data_raidz/videos,mp=/shares_videos
  # pct set 109 -mp1 /hdd_data_raidz/data_crypt,mp=/shares
  # pct set 109 -mp2 /hdd_data_raidz/vm_backup,mp=/shares_pve_backup
  # pct set 109 -mp3 /hdd_data_raidz/papa_backup,mp=/shares_papa_backup
  # pct set 109 -mp4 /hdd_data_raidz/music,mp=/shares_music
  # pct set 109 -mp5 /hdd_data_raidz/tmp,mp=/shares_tmp
  # pct set 109 -mp6 /hdd_data_raidz/archiv,mp=/shares_archiv
  # Bind Mounts - fileserver-test
  # pct set 158 -mp0 /rpool/vm/dir/vm-158/videos,mp=/shares_videos
  # pct set 158 -mp1 /rpool/vm/dir/vm-158/data,mp=/shares
  # pct set 158 -mp2 /rpool/vm/dir/vm-158/proxmox,mp=/shares_pve_backup
  # pct set 158 -mp3 /rpool/vm/dir/vm-158/papa,mp=/shares_papa_backup
  # pct set 158 -mp4 /rpool/vm/dir/vm-158/music,mp=/shares_music
  # pct set 158 -mp5 /rpool/vm/dir/vm-158/tmp,mp=/shares_tmp
  # pct set 158 -mp6 /rpool/vm/dir/vm-158/archiv,mp=/shares_archiv

  ### mgrote.smb_fileserver
  smb_users:
    - name: 'annemariedroessler'
      password: "{{ lookup('keepass', 'fileserver_smb_user_amd', 'password') }}"
    - name: 'restic'
      password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}"
    - name: 'win10'
      password: "{{ lookup('keepass', 'fileserver_smb_user_win10', 'password') }}"
    - name: 'kodi'
      password: "{{ lookup('keepass', 'fileserver_smb_user_kodi', 'password') }}"
    - name: 'michaelgrote'
      password: "{{ lookup('keepass', 'fileserver_smb_user_mg', 'password') }}"
    - name: 'navidrome'
      password: "{{ lookup('keepass', 'fileserver_smb_user_navidrome', 'password') }}"
    - name: 'docker'
      password: "{{ lookup('keepass', 'fileserver_smb_user_docker', 'password') }}"
    - name: 'pve'
      password: "{{ lookup('keepass', 'fileserver_smb_user_pve', 'password') }}"
    - name: 'brother_ads2700w'
      password: "{{ lookup('keepass', 'fileserver_smb_user_brother_ads2700w', 'password') }}"
    - name: 'photoprism'
      password: "{{ lookup('keepass', 'fileserver_smb_user_photoprism', 'password') }}"
    - name: 'bdfr'
      password: "{{ lookup('keepass', 'fileserver_smb_user_bdfr', 'password') }}"

  smb_shares:
    - name: 'videos'
      path: '/shares_videos'
      users_ro: 'kodi'
      users_rw: 'annemariedroessler michaelgrote win10'
    - name: 'scans'
      path: '/shares/scans'
      users_ro: 'annemariedroessler michaelgrote'
      users_rw: 'brother_ads2700w'
    - name: 'papa_backup'
      path: '/shares_papa_backup'
      users_ro: ''
      users_rw: 'win10 michaelgrote'
    - name: 'amd'
      path: '/shares/amd'
      users_ro: 'navidrome michaelgrote'
      users_rw: 'annemariedroessler win10'
    - name: 'backup'
      path: '/shares/Backup'
      users_ro: ''
      users_rw: 'annemariedroessler restic win10 michaelgrote'
    - name: 'archiv'
      path: '/shares_archiv'
      users_ro: ''
      users_rw: 'bdfr michaelgrote'
    - name: 'hm'
      path: '/shares/hm'
      users_ro: 'win10'
      users_rw: 'michaelgrote'
    - name: 'mg'
      path: '/shares/mg'
      users_ro: ''
      users_rw: 'win10 michaelgrote'
    - name: 'musik'
      path: '/shares_music'
      users_ro: 'navidrome kodi annemariedroessler '
      users_rw: 'win10 michaelgrote'
    - name: 'tmp'
      path: '/shares_tmp'
      users_ro: 'win10'
      users_rw: 'kodi annemariedroessler restic win10 michaelgrote'
    - name: 'bilder'
      path: '/shares/bilder'
      users_ro: 'photoprism'
      users_rw: 'annemariedroessler michaelgrote win10'
    - name: 'proxmox'
      path: '/shares_pve_backup'
      users_ro: 'michaelgrote'
      users_rw: 'pve win10'
  smb_workgroup: WORKGROUP
  smb_min_protocol: "SMB2"
  smb_client_min_protocol: "SMB2"
  smb_client_max_protocol: "SMB3_11"

  ### oefenweb.ufw
  ufw_rules:
    - rule: allow
      to_port: 22
      protocol: tcp
      comment: 'ssh'
      from_ip: 192.168.2.0/24
    - rule: allow
      to_port: 445
      comment: 'smb'
      from_ip: 192.168.2.0/24
    - rule: allow
      to_port: 139
      comment: 'smb'
      from_ip: 192.168.2.0/24
    - rule: allow
      to_port: 4949
      protocol: tcp
      comment: 'munin'
      from_ip: 192.168.2.144/24

  ### geerlingguy.munin-node
  munin_node_plugins:
    - name: chrony
    - name: systemd_status
    - name: lvm_
    - name: samba_locked
    - name: samba_users
  munin_node_install_plugins: # in eigenes Repo gesichert
    - remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/chrony
    - remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/lvm_
    - remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/systemd_status
    - remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/samba_locked
    - remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/samba_users
Vars entschlüsselt Rolle zu ansible-Playbook hinzugefügt, Var liegen in Group_Vars KeepassPW mit Vault verschlüsselt wip Umstellung in DB pb var auf testeinzeln miniflux storage gitignore angepasst pb vars wieder auf all virt 2020-08-19 12:29:49 +02:00			`---`
Test-Datasets (#87) Doku Bind-Mounts fileserver-test Datasets erstellt Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/87 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-05-09 18:23:35 +02:00			`# Bind Mounts - fileserver`
Doku für Fileserver Bind-Mounts (#50) Doku für Fileserver Bind-Mounts Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/50 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-03-25 08:15:48 +01:00			`# pct set 109 -mp0 /hdd_data_raidz/videos,mp=/shares_videos`
			`# pct set 109 -mp1 /hdd_data_raidz/data_crypt,mp=/shares`
Test-Datasets (#87) Doku Bind-Mounts fileserver-test Datasets erstellt Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/87 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-05-09 18:23:35 +02:00			`# pct set 109 -mp2 /hdd_data_raidz/vm_backup,mp=/shares_pve_backup`
Doku für Fileserver Bind-Mounts (#50) Doku für Fileserver Bind-Mounts Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/50 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-03-25 08:15:48 +01:00			`# pct set 109 -mp3 /hdd_data_raidz/papa_backup,mp=/shares_papa_backup`
Test-Datasets (#87) Doku Bind-Mounts fileserver-test Datasets erstellt Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/87 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-05-09 18:23:35 +02:00			`# pct set 109 -mp4 /hdd_data_raidz/music,mp=/shares_music`
zfs: dataset tmp ausgelagert (#103) sanoid aufräumen fileserver: tmp auf eigenes dataset snapdir hidden Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/103 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-02 19:23:41 +02:00			`# pct set 109 -mp5 /hdd_data_raidz/tmp,mp=/shares_tmp`
bdfr + bugfixes (#115) lock für script log vars doku changed never pool test bdfr log bdfr log reboot cifs mount vars aufräumen download script tasks playbook group vars doku eiegenes dataset archiv keepass bfdr invalid keepass: bfdr client id + client secret upvoted saved and liked Leerzeichen sources bug inventory vars vm test cv5pve typo Linux MInt fur Apt-Manage Sources bdfr share KeePassPW angepasst bdfr playbook bug cifs bdfr nutzer fileserver Keepass: user bdfr Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/115 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-14 08:34:02 +02:00			`# pct set 109 -mp6 /hdd_data_raidz/archiv,mp=/shares_archiv`
Test-Datasets (#87) Doku Bind-Mounts fileserver-test Datasets erstellt Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/87 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-05-09 18:23:35 +02:00			`# Bind Mounts - fileserver-test`
			`# pct set 158 -mp0 /rpool/vm/dir/vm-158/videos,mp=/shares_videos`
			`# pct set 158 -mp1 /rpool/vm/dir/vm-158/data,mp=/shares`
			`# pct set 158 -mp2 /rpool/vm/dir/vm-158/proxmox,mp=/shares_pve_backup`
			`# pct set 158 -mp3 /rpool/vm/dir/vm-158/papa,mp=/shares_papa_backup`
			`# pct set 158 -mp4 /rpool/vm/dir/vm-158/music,mp=/shares_music`
zfs: dataset tmp ausgelagert (#103) sanoid aufräumen fileserver: tmp auf eigenes dataset snapdir hidden Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/103 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-02 19:23:41 +02:00			`# pct set 158 -mp5 /rpool/vm/dir/vm-158/tmp,mp=/shares_tmp`
bdfr + bugfixes (#115) lock für script log vars doku changed never pool test bdfr log bdfr log reboot cifs mount vars aufräumen download script tasks playbook group vars doku eiegenes dataset archiv keepass bfdr invalid keepass: bfdr client id + client secret upvoted saved and liked Leerzeichen sources bug inventory vars vm test cv5pve typo Linux MInt fur Apt-Manage Sources bdfr share KeePassPW angepasst bdfr playbook bug cifs bdfr nutzer fileserver Keepass: user bdfr Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/115 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-14 08:34:02 +02:00			`# pct set 158 -mp6 /rpool/vm/dir/vm-158/archiv,mp=/shares_archiv`

Vars entschlüsselt Rolle zu ansible-Playbook hinzugefügt, Var liegen in Group_Vars KeepassPW mit Vault verschlüsselt wip Umstellung in DB pb var auf testeinzeln miniflux storage gitignore angepasst pb vars wieder auf all virt 2020-08-19 12:29:49 +02:00			`### mgrote.smb_fileserver`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`smb_users:`
Sanoid Templates als Variablen (#19) Aufräumen In GroupVars eingebaut Templates als Vars Doku aktualisiert Typo neues Dictionary-Format Vars: zfs_pool --> zfs_pools Co-authored-by: Michael Grote <38253905+quotengrote@users.noreply.github.com> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/19 Co-Authored-By: mg <michael.grote@posteo.de> Co-Committed-By: mg <michael.grote@posteo.de> 2020-12-31 01:36:22 +01:00			`- name: 'annemariedroessler'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_amd', 'password') }}"`
			`- name: 'restic'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}"`
			`- name: 'win10'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_win10', 'password') }}"`
			`- name: 'kodi'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_kodi', 'password') }}"`
			`- name: 'michaelgrote'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_mg', 'password') }}"`
			`- name: 'navidrome'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_navidrome', 'password') }}"`
			`- name: 'docker'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_docker', 'password') }}"`
Fileserver: Nutzer PVE hinzugefügt 2021-01-04 09:51:32 +01:00			`- name: 'pve'`
PVE CIFS Share 2021-02-13 20:00:26 +01:00			`password: "{{ lookup('keepass', 'fileserver_smb_user_pve', 'password') }}"`
Fileserver: Scanner hinzugefügt 2021-01-08 20:49:13 +01:00			`- name: 'brother_ads2700w'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_brother_ads2700w', 'password') }}"`
Photoprism (#71) gather facts aus für all user keepass in photoprism user photprism Restc exclude Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/71 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-04-18 10:22:47 +02:00			`- name: 'photoprism'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_photoprism', 'password') }}"`
bdfr + bugfixes (#115) lock für script log vars doku changed never pool test bdfr log bdfr log reboot cifs mount vars aufräumen download script tasks playbook group vars doku eiegenes dataset archiv keepass bfdr invalid keepass: bfdr client id + client secret upvoted saved and liked Leerzeichen sources bug inventory vars vm test cv5pve typo Linux MInt fur Apt-Manage Sources bdfr share KeePassPW angepasst bdfr playbook bug cifs bdfr nutzer fileserver Keepass: user bdfr Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/115 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-14 08:34:02 +02:00			`- name: 'bdfr'`
			`password: "{{ lookup('keepass', 'fileserver_smb_user_bdfr', 'password') }}"`

Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`smb_shares:`
			`- name: 'videos'`
			`path: '/shares_videos'`
fileserver: schreibrechte auf videos für win10 (#70) fileserver: schreibrechte auf videos für win10 Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/70 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-04-13 20:59:59 +02:00			`users_ro: 'kodi'`
			`users_rw: 'annemariedroessler michaelgrote win10'`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`- name: 'scans'`
			`path: '/shares/scans'`
			`users_ro: 'annemariedroessler michaelgrote'`
zfs: Datasets Papa + Sanoid (#49) share papa umbenannt sanoid profil papa typo ocrmypdf entfernt pfad share repliaktion sanoid template papa sanoid profil papa pve_dataset aus host_vars entfernt Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/49 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-03-24 18:35:20 +01:00			`users_rw: 'brother_ads2700w'`
			`- name: 'papa_backup'`
			`path: '/shares_papa_backup'`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`users_ro: ''`
			`users_rw: 'win10 michaelgrote'`
			`- name: 'amd'`
			`path: '/shares/amd'`
win10 Schreibrechte für ale shares (#55) win10 Schreibrechte für ale shares Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/55 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-03-30 07:42:29 +02:00			`users_ro: 'navidrome michaelgrote'`
			`users_rw: 'annemariedroessler win10'`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`- name: 'backup'`
			`path: '/shares/Backup'`
			`users_ro: ''`
			`users_rw: 'annemariedroessler restic win10 michaelgrote'`
bdfr + bugfixes (#115) lock für script log vars doku changed never pool test bdfr log bdfr log reboot cifs mount vars aufräumen download script tasks playbook group vars doku eiegenes dataset archiv keepass bfdr invalid keepass: bfdr client id + client secret upvoted saved and liked Leerzeichen sources bug inventory vars vm test cv5pve typo Linux MInt fur Apt-Manage Sources bdfr share KeePassPW angepasst bdfr playbook bug cifs bdfr nutzer fileserver Keepass: user bdfr Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/115 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-14 08:34:02 +02:00			`- name: 'archiv'`
			`path: '/shares_archiv'`
			`users_ro: ''`
			`users_rw: 'bdfr michaelgrote'`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`- name: 'hm'`
			`path: '/shares/hm'`
			`users_ro: 'win10'`
			`users_rw: 'michaelgrote'`
			`- name: 'mg'`
			`path: '/shares/mg'`
			`users_ro: ''`
			`users_rw: 'win10 michaelgrote'`
			`- name: 'musik'`
Musik als eigenes Dataset (#85) Musik als eigenes Dataset Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/85 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-05-09 10:11:12 +02:00			`path: '/shares_music'`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`users_ro: 'navidrome kodi annemariedroessler '`
			`users_rw: 'win10 michaelgrote'`
			`- name: 'tmp'`
zfs: dataset tmp ausgelagert (#103) sanoid aufräumen fileserver: tmp auf eigenes dataset snapdir hidden Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/103 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-02 19:23:41 +02:00			`path: '/shares_tmp'`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`users_ro: 'win10'`
			`users_rw: 'kodi annemariedroessler restic win10 michaelgrote'`
			`- name: 'bilder'`
			`path: '/shares/bilder'`
Photoprism (#71) gather facts aus für all user keepass in photoprism user photprism Restc exclude Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/71 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-04-18 10:22:47 +02:00			`users_ro: 'photoprism'`
Share Zugriff rw win10 für bilder (#59) Share Zugriff rw win10 für bilder Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/59 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-04-01 22:12:43 +02:00			`users_rw: 'annemariedroessler michaelgrote win10'`
Rolle: Fileserver - Update 2021-02-20 15:58:23 +01:00			`- name: 'proxmox'`
neues Dataset für PVE-Backups (#46) Housekeeping neues dataset als smb_share neues dataset für pve-backups erstellt Bugfix sanoid conf neues dataset angelegt sanoid mit option snapshots zu deaktivieren Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/46 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-03-19 23:07:23 +01:00			`path: '/shares_pve_backup'`
win10 Schreibrechte für ale shares (#55) win10 Schreibrechte für ale shares Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/55 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-03-30 07:42:29 +02:00			`users_ro: 'michaelgrote'`
			`users_rw: 'pve win10'`
Vars entschlüsselt Rolle zu ansible-Playbook hinzugefügt, Var liegen in Group_Vars KeepassPW mit Vault verschlüsselt wip Umstellung in DB pb var auf testeinzeln miniflux storage gitignore angepasst pb vars wieder auf all virt 2020-08-19 12:29:49 +02:00			`smb_workgroup: WORKGROUP`
PVE CIFS Share 2021-02-13 20:00:26 +01:00			`smb_min_protocol: "SMB2"`
			`smb_client_min_protocol: "SMB2"`
			`smb_client_max_protocol: "SMB3_11"`

Vars entschlüsselt Rolle zu ansible-Playbook hinzugefügt, Var liegen in Group_Vars KeepassPW mit Vault verschlüsselt wip Umstellung in DB pb var auf testeinzeln miniflux storage gitignore angepasst pb vars wieder auf all virt 2020-08-19 12:29:49 +02:00			`### oefenweb.ufw`
			`ufw_rules:`
			`- rule: allow`
			`to_port: 22`
			`protocol: tcp`
			`comment: 'ssh'`
Firewallregeln verschärft 2020-12-31 14:39:17 +01:00			`from_ip: 192.168.2.0/24`
Vars entschlüsselt Rolle zu ansible-Playbook hinzugefügt, Var liegen in Group_Vars KeepassPW mit Vault verschlüsselt wip Umstellung in DB pb var auf testeinzeln miniflux storage gitignore angepasst pb vars wieder auf all virt 2020-08-19 12:29:49 +02:00			`- rule: allow`
			`to_port: 445`
			`comment: 'smb'`
Firewallregeln verschärft 2020-12-31 14:39:17 +01:00			`from_ip: 192.168.2.0/24`
Vars entschlüsselt Rolle zu ansible-Playbook hinzugefügt, Var liegen in Group_Vars KeepassPW mit Vault verschlüsselt wip Umstellung in DB pb var auf testeinzeln miniflux storage gitignore angepasst pb vars wieder auf all virt 2020-08-19 12:29:49 +02:00			`- rule: allow`
			`to_port: 139`
			`comment: 'smb'`
Firewallregeln verschärft 2020-12-31 14:39:17 +01:00			`from_ip: 192.168.2.0/24`
munin (#116) motd unit house plugins vereinheitlicht aufräumen user vereinheitlicht samba users aufgeräumt aussortiert apc pwr systemd plugin kvm plugins lvm plguin acng plugin munin user chrony fur alle gruppe playbook docker vars playbook firewall munin für alle Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/116 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net> 2021-06-16 21:57:28 +02:00			`- rule: allow`
			`to_port: 4949`
			`protocol: tcp`
			`comment: 'munin'`
			`from_ip: 192.168.2.144/24`

			`### geerlingguy.munin-node`
			`munin_node_plugins:`
			`- name: chrony`
			`- name: systemd_status`
			`- name: lvm_`
			`- name: samba_locked`
			`- name: samba_users`
			`munin_node_install_plugins: # in eigenes Repo gesichert`
			`- remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/chrony`
			`- remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/lvm_`
			`- remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/systemd_status`
			`- remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/samba_locked`
			`- remote_src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/samba_users`