2020-08-19 12:29:49 +02:00
|
|
|
---
|
|
|
|
### oefenweb.ufw
|
|
|
|
ufw_rules:
|
|
|
|
- rule: allow
|
2020-12-23 17:34:11 +01:00
|
|
|
to_port: 22
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'ssh'
|
2020-12-31 14:39:17 +01:00
|
|
|
from_ip: 192.168.2.0/24
|
2020-12-31 15:14:22 +01:00
|
|
|
# Weitere Regeln sind nicht notwendig da Docker iptables selber verwaltet.
|
2020-12-23 17:34:11 +01:00
|
|
|
# - rule: allow
|
|
|
|
# comment: 'alles erlauben'
|
2020-11-04 11:49:02 +01:00
|
|
|
### geerlingguy.docker
|
|
|
|
docker_users:
|
|
|
|
- mg
|
|
|
|
- root
|
|
|
|
- ansible-user
|
2020-11-30 09:34:33 +01:00
|
|
|
### ryandaniels.create_users
|
|
|
|
users:
|
|
|
|
- username: mg
|
2020-12-02 10:49:08 +01:00
|
|
|
password: "{{ lookup('keepass', 'linux_mg_user_password_hash', 'password') }}"
|
2020-11-30 09:34:33 +01:00
|
|
|
update_password: on_create
|
|
|
|
ssh_key: "{{ lookup('keepass', 'ssh_pubkey_mg', 'password') }}"
|
|
|
|
use_sudo: yes
|
|
|
|
use_sudo_nopass: yes
|
|
|
|
user_state: present
|
|
|
|
groups: ssh, sudo, docker
|
|
|
|
servers:
|
|
|
|
- production
|
|
|
|
- staging
|
|
|
|
- test
|
2020-12-03 12:18:00 +01:00
|
|
|
### mgrote.restic
|
2020-12-03 13:18:00 +01:00
|
|
|
restic_folders_to_backup: /usr/local /etc /root /home /var/lib/docker
|
2020-12-03 12:04:01 +01:00
|
|
|
restic_cron_hours: "*"
|
2020-12-22 12:27:43 +01:00
|
|
|
restic_exclude: |
|
|
|
|
._*
|
|
|
|
desktop.ini
|
|
|
|
.Trash-*
|
|
|
|
**/**cache***/**
|
|
|
|
**/**Cache***/**
|
|
|
|
**/**AppData***/**
|
|
|
|
/var/lib/docker/volumes/***Musik***
|
|
|
|
/var/lib/docker/volumes/***musik***
|
2021-01-21 19:08:30 +01:00
|
|
|
/var/lib/docker/volumes/***musik***
|
|
|
|
/var/lib/docker/volumes/ocrmypdf-auto_scan_input/*
|
|
|
|
/var/lib/docker/volumes/ocrmypdf-auto_scan_output/*
|
2020-12-22 12:27:43 +01:00
|
|
|
# https://github.com/restic/restic/issues/1005
|
|
|
|
# https://forum.restic.net/t/exclude-syntax-confusion/1531/12
|