2020-08-19 12:29:49 +02:00
|
|
|
---
|
2022-11-11 20:08:39 +01:00
|
|
|
### PROXMOX
|
2022-11-24 16:20:57 +01:00
|
|
|
# fileserver3 ist ein LXC-Container; der Container ist "privileged" damit der Bind-Mount die richtigen Rechte bekommt
|
2022-11-25 16:38:17 +01:00
|
|
|
|
2021-11-07 12:22:11 +01:00
|
|
|
### oefenweb.ufw
|
|
|
|
ufw_rules:
|
|
|
|
- rule: allow
|
|
|
|
to_port: 22
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'ssh'
|
|
|
|
from_ip: 0.0.0.0/0
|
|
|
|
- rule: allow
|
|
|
|
to_port: 445
|
|
|
|
comment: 'smb'
|
|
|
|
from_ip: 0.0.0.0/0
|
|
|
|
- rule: allow
|
|
|
|
to_port: 139
|
|
|
|
comment: 'smb'
|
|
|
|
from_ip: 0.0.0.0/0
|
|
|
|
- rule: allow
|
|
|
|
to_port: 4949
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'munin'
|
|
|
|
from_ip: 192.168.2.144/24
|
2022-06-12 22:24:12 +02:00
|
|
|
### mgrote.munin-node
|
2021-11-07 12:22:11 +01:00
|
|
|
munin_node_plugins:
|
2022-02-18 20:34:43 +01:00
|
|
|
- name: timesync
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
2021-11-07 12:22:11 +01:00
|
|
|
- name: systemd_status
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
2022-06-12 22:24:12 +02:00
|
|
|
- name: systemd_mem
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
|
|
|
|
config: |
|
|
|
|
[systemd_mem]
|
|
|
|
env.all_services true
|
|
|
|
- name: fail2ban
|
|
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
|
|
|
config: |
|
|
|
|
[fail2ban]
|
|
|
|
env.client /usr/bin/fail2ban-client
|
|
|
|
env.config_dir /etc/fail2ban
|
|
|
|
user root
|
2021-11-07 12:22:11 +01:00
|
|
|
- name: samba
|
|
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/samba
|
|
|
|
config: |
|
|
|
|
[samba]
|
|
|
|
user root
|
|
|
|
group root
|
|
|
|
env.smbstatus /usr/bin/smbstatus
|
|
|
|
env.ignoreipcshare 1
|
2021-12-20 12:48:50 +01:00
|
|
|
### mgrote.fileserver_smb
|
|
|
|
smb_workgroup: WORKGROUP
|
|
|
|
smb_min_protocol: "SMB2"
|
|
|
|
smb_client_min_protocol: "SMB2"
|
|
|
|
smb_client_max_protocol: "SMB3_11"
|
|
|
|
smb_enable_snapshots_dir: true
|
2021-02-20 15:58:23 +01:00
|
|
|
smb_users:
|
2020-12-31 01:36:22 +01:00
|
|
|
- name: 'restic'
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}"
|
|
|
|
- name: 'win10'
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_win10', 'password') }}"
|
|
|
|
- name: 'kodi'
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_kodi', 'password') }}"
|
|
|
|
- name: 'michaelgrote'
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_mg', 'password') }}"
|
|
|
|
- name: 'navidrome'
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_navidrome', 'password') }}"
|
|
|
|
- name: 'docker'
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_docker', 'password') }}"
|
2021-01-04 09:51:32 +01:00
|
|
|
- name: 'pve'
|
2021-02-13 20:00:26 +01:00
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_pve', 'password') }}"
|
2021-01-08 20:49:13 +01:00
|
|
|
- name: 'brother_ads2700w'
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_brother_ads2700w', 'password') }}"
|
2022-10-15 16:09:45 +02:00
|
|
|
|
|
|
|
### mgrote.apt_manage_packages
|
|
|
|
apt_packages_internet:
|
|
|
|
- https://github.com/rclone/rclone/releases/download/v1.59.2/rclone-v1.59.2-linux-amd64.deb
|
2023-04-14 12:20:34 +02:00
|
|
|
- http://docker10.grote.lan:3344/bash-helper-scripts-mgrote-latest.deb
|