PVE-Cluster: Playbooks angepasst
This commit is contained in:
parent
1b5c28dad5
commit
36ebd32aad
5 changed files with 31 additions and 6 deletions
|
|
@ -13,10 +13,6 @@
|
||||||
smart_smartctlmail_cron_minutes: "15"
|
smart_smartctlmail_cron_minutes: "15"
|
||||||
smart_smartctlmail_cron_hours: "6"
|
smart_smartctlmail_cron_hours: "6"
|
||||||
smart_smartctlmail_cron_weekday: "3"
|
smart_smartctlmail_cron_weekday: "3"
|
||||||
### mgrote.tmux
|
|
||||||
tmux_conf_destination: "/root/.tmux.conf"
|
|
||||||
tmux_bashrc_destination: "/root/.bashrc"
|
|
||||||
tmux_standardsession_name: "default"
|
|
||||||
### mgrote.zfs_extra # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_*
|
### mgrote.zfs_extra # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_*
|
||||||
zfs_extra_max_usage_health: "80"
|
zfs_extra_max_usage_health: "80"
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -57,6 +57,8 @@ all:
|
||||||
hosts:
|
hosts:
|
||||||
gitlab-runner-test.grote.lan:
|
gitlab-runner-test.grote.lan:
|
||||||
gitlab-runner.grote.lan:
|
gitlab-runner.grote.lan:
|
||||||
|
gitlab-runner2.grote.lan:
|
||||||
|
gitlab-runner3.grote.lan:
|
||||||
|
|
||||||
production:
|
production:
|
||||||
hosts:
|
hosts:
|
||||||
|
|
@ -72,6 +74,8 @@ all:
|
||||||
gitlab-runner.grote.lan:
|
gitlab-runner.grote.lan:
|
||||||
pve3.grote.lan:
|
pve3.grote.lan:
|
||||||
pve4.grote.lan:
|
pve4.grote.lan:
|
||||||
|
gitlab-runner2.grote.lan:
|
||||||
|
gitlab-runner3.grote.lan:
|
||||||
test:
|
test:
|
||||||
hosts:
|
hosts:
|
||||||
wireguard-test.grote.lan:
|
wireguard-test.grote.lan:
|
||||||
|
|
|
||||||
|
|
@ -2,5 +2,6 @@
|
||||||
- hosts: all
|
- hosts: all
|
||||||
roles:
|
roles:
|
||||||
- { role: mgrote.motd, tags: "motd" }
|
- { role: mgrote.motd, tags: "motd" }
|
||||||
- { role: mgrote.tmux, tags: "tmux", when: "not 'proxmox' in group_names" }
|
- { role: mgrote.tmux, tags: "tmux",
|
||||||
|
when: "not 'proxmox' in group_names" }
|
||||||
- { role: geerlingguy.dotfiles, become: true, tags: "dotfiles" }
|
- { role: geerlingguy.dotfiles, become: true, tags: "dotfiles" }
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,9 @@
|
||||||
roles:
|
roles:
|
||||||
- { role: mgrote.fail2ban, tags: "f2b" }
|
- { role: mgrote.fail2ban, tags: "f2b" }
|
||||||
- { role: mgrote.postfix, tags: "postfix" }
|
- { role: mgrote.postfix, tags: "postfix" }
|
||||||
- { role: mgrote.deactivate_ssh_password_login, tags: "ssh" }
|
- { role: mgrote.deactivate_ssh_password_login,
|
||||||
|
tags: "ssh",
|
||||||
|
when: "not 'proxmox' in group_names" }
|
||||||
- { role: oefenweb.ufw, # Regeln werden in den Group/Host-Vars gesetzt
|
- { role: oefenweb.ufw, # Regeln werden in den Group/Host-Vars gesetzt
|
||||||
tags: "ufw",
|
tags: "ufw",
|
||||||
become: true,
|
become: true,
|
||||||
|
|
|
||||||
22
playbooks/on-off/activate_ssh_password_login.yml
Normal file
22
playbooks/on-off/activate_ssh_password_login.yml
Normal file
|
|
@ -0,0 +1,22 @@
|
||||||
|
---
|
||||||
|
- hosts: proxmox
|
||||||
|
become: yes
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: allow ssh login with password
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/ssh/sshd_config
|
||||||
|
regexp: 'PasswordAuthentication no'
|
||||||
|
line: '#PasswordAuthentication yes'
|
||||||
|
state: present
|
||||||
|
validate: "/usr/sbin/sshd -T -f %s"
|
||||||
|
notify: restart_sshd
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
- name: restart_sshd
|
||||||
|
become: yes
|
||||||
|
systemd:
|
||||||
|
name: sshd
|
||||||
|
enabled: yes
|
||||||
|
state: restarted
|
||||||
Loading…
Reference in a new issue