2024-02-09 18:41:51 +01:00
|
|
|
---
|
|
|
|
|
### oefenweb.ufw
|
|
|
|
|
ufw_rules:
|
|
|
|
|
- rule: allow
|
|
|
|
|
to_port: 22
|
|
|
|
|
protocol: tcp
|
|
|
|
|
comment: 'ssh'
|
2024-02-09 18:44:05 +01:00
|
|
|
from_ip: 192.168.2.0/24
|
2024-02-09 18:41:51 +01:00
|
|
|
ufw_default_incoming_policy: deny
|
|
|
|
|
ufw_default_outgoing_policy: allow
|
|
|
|
|
|
|
|
|
|
### apt_install_packages
|
|
|
|
|
apt_packages_extra:
|
|
|
|
|
- qemu
|
|
|
|
|
- virt-manager
|
|
|
|
|
- tmux
|
|
|
|
|
- keychain
|
|
|
|
|
- jq
|
|
|
|
|
- vim
|
|
|
|
|
- cifs-utils
|
|
|
|
|
- nextcloud-desktop
|
|
|
|
|
- keepassxc
|
|
|
|
|
- openssh-server
|
|
|
|
|
- sshpass
|
|
|
|
|
- ansible
|
2024-02-09 18:44:05 +01:00
|
|
|
- linux-oem-22.04c
|
2024-02-09 18:46:31 +01:00
|
|
|
- vlc
|
|
|
|
|
- rofi
|
2024-02-13 20:30:50 +01:00
|
|
|
- wireguard
|
2024-02-09 20:54:50 +01:00
|
|
|
|
|
|
|
|
### mgrote_user
|
|
|
|
|
users:
|
|
|
|
|
- username: mg
|
|
|
|
|
password: "{{ lookup('keepass', 'mg_irantu_hash', 'password') }}"
|
|
|
|
|
update_password: always
|
|
|
|
|
groups: ssh, sudo
|
|
|
|
|
state: present
|
|
|
|
|
public_ssh_key: "{{ ssh_public_key_mg }}"
|
|
|
|
|
allow_sudo: true
|
|
|
|
|
allow_passwordless_sudo: true
|
|
|
|
|
- username: ansible-user
|
|
|
|
|
password: "{{ lookup('keepass', 'ansible_user_linux_password_hash', 'password') }}"
|
|
|
|
|
update_password: always
|
|
|
|
|
groups: ssh, sudo
|
|
|
|
|
state: present
|
|
|
|
|
public_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJcBwOjanQV6sFWaTetqpl20SVe3aRzGjKbsp7hKkDCE mg@irantu
|
|
|
|
|
allow_sudo: true
|
|
|
|
|
allow_passwordless_sudo: true
|
