2024-08-12 23:46:08 +02:00
|
|
|
---
|
|
|
|
### oefenweb.ufw
|
|
|
|
ufw_rules:
|
|
|
|
- rule: allow
|
|
|
|
to_port: 22
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'ssh'
|
|
|
|
from_ip: 0.0.0.0/0
|
|
|
|
- rule: allow
|
2024-09-23 21:17:36 +02:00
|
|
|
to_port: 80
|
2024-08-12 23:46:08 +02:00
|
|
|
protocol: tcp
|
|
|
|
comment: 'munin'
|
2024-09-23 21:17:36 +02:00
|
|
|
- rule: allow
|
|
|
|
to_port: 9080
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'promtail'
|
|
|
|
from_ip: 192.168.2.0/24
|
2024-08-12 23:46:08 +02:00
|
|
|
### mgrote_restic
|
|
|
|
restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin"
|
|
|
|
|
|
|
|
### geerlingguy.apache
|
|
|
|
apache_vhosts:
|
|
|
|
# Additional optional properties: 'serveradmin, serveralias, extra_parameters'.
|
|
|
|
- servername: "munin.mgrote.net"
|
|
|
|
documentroot: "/var/cache/munin/www"
|
|
|
|
|
|
|
|
### mrlesmithjr.ansible-manage-lvm
|
|
|
|
lvm_groups:
|
|
|
|
- vgname: vg_munin
|
|
|
|
disks:
|
|
|
|
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
|
|
|
|
create: true
|
|
|
|
lvnames:
|
|
|
|
- lvname: lv_munin
|
|
|
|
size: +100%FREE
|
|
|
|
create: true
|
|
|
|
filesystem: xfs
|
|
|
|
mount: true
|
|
|
|
mntp: /var/lib/munin
|
|
|
|
manage_lvm: true
|
|
|
|
pvresize_to_max: true
|
|
|
|
|
|
|
|
### mgrote_munin_node
|
|
|
|
munin_node_bind_host: "127.0.0.1"
|
|
|
|
munin_node_bind_port: "4949"
|
|
|
|
munin_node_allowed_cidrs: [127.0.0.1]
|
|
|
|
|
|
|
|
### mgrote_munin_master
|
2024-08-21 20:54:49 +02:00
|
|
|
munin_mode: cgi # or cron
|
2024-08-12 23:46:08 +02:00
|
|
|
munin_mail_user: munin@mgrote.net
|
|
|
|
munin_mail_server: "{{ postfix_smtp_server }}"
|
|
|
|
munin_mail_port: "{{ 1025 }}"
|
|
|
|
munin_mail_tls: false
|
|
|
|
munin_enable_alerts: false
|
|
|
|
munin_alerts_to: info@mgrote.net
|
|
|
|
|
|
|
|
munin_hosts:
|
|
|
|
- name: "{{ ansible_fqdn }}.mgrote.net"
|
|
|
|
address: "127.0.0.1"
|
|
|
|
extra: ["use_node_name yes"]
|
|
|
|
- name: fileserver3.mgrote.net
|
|
|
|
address: fileserver3.mgrote.net
|
|
|
|
extra: ["use_node_name yes"]
|
|
|
|
- name: pve5.mgrote.net
|
|
|
|
address: pve5.mgrote.net
|
|
|
|
extra: ["use_node_name yes"]
|
|
|
|
- name: forgejo.mgrote.net
|
|
|
|
address: forgejo.mgrote.net
|
|
|
|
extra: ["use_node_name yes"]
|
|
|
|
- name: docker10.mgrote.net
|
|
|
|
address: docker10.mgrote.net
|
|
|
|
extra: ["use_node_name yes"]
|
|
|
|
- name: pbs.mgrote.net
|
|
|
|
address: pbs.mgrote.net
|
|
|
|
extra: ["use_node_name yes"]
|
|
|
|
- name: blocky.mgrote.net
|
|
|
|
address: blocky.mgrote.net
|
|
|
|
extra: ["use_node_name yes"]
|
|
|
|
- name: ldap.mgrote.net
|
|
|
|
address: ldap.mgrote.net
|
|
|
|
extra: ["use_node_name yes"]
|