--- # Bind Mounts - fileserver # pct set 109 -mp0 /hdd_data_raidz/videos,mp=/shares_videos # pct set 109 -mp1 /hdd_data_raidz/data_crypt,mp=/shares # pct set 109 -mp2 /hdd_data_raidz/vm_backup,mp=/shares_pve_backup # pct set 109 -mp3 /hdd_data_raidz/papa_backup,mp=/shares_papa_backup # pct set 109 -mp4 /hdd_data_raidz/music,mp=/shares_music # pct set 109 -mp5 /hdd_data_raidz/tmp,mp=/shares_tmp # pct set 109 -mp6 /hdd_data_raidz/archiv,mp=/shares_archiv # Bind Mounts - fileserver-test # pct set 158 -mp0 /rpool/vm/dir/vm-158/videos,mp=/shares_videos # pct set 158 -mp1 /rpool/vm/dir/vm-158/data,mp=/shares # pct set 158 -mp2 /rpool/vm/dir/vm-158/proxmox,mp=/shares_pve_backup # pct set 158 -mp3 /rpool/vm/dir/vm-158/papa,mp=/shares_papa_backup # pct set 158 -mp4 /rpool/vm/dir/vm-158/music,mp=/shares_music # pct set 158 -mp5 /rpool/vm/dir/vm-158/tmp,mp=/shares_tmp # pct set 158 -mp6 /rpool/vm/dir/vm-158/archiv,mp=/shares_archiv ### mgrote.smb_fileserver smb_users: - name: 'annemariedroessler2' password: "{{ lookup('keepass', 'fileserver_smb_user_amd', 'password') }}" - name: 'restic' password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}" - name: 'win10' password: "{{ lookup('keepass', 'fileserver_smb_user_win10', 'password') }}" - name: 'kodi' password: "{{ lookup('keepass', 'fileserver_smb_user_kodi', 'password') }}" - name: 'michaelgrote' password: "{{ lookup('keepass', 'fileserver_smb_user_mg', 'password') }}" - name: 'navidrome' password: "{{ lookup('keepass', 'fileserver_smb_user_navidrome', 'password') }}" - name: 'docker' password: "{{ lookup('keepass', 'fileserver_smb_user_docker', 'password') }}" - name: 'pve' password: "{{ lookup('keepass', 'fileserver_smb_user_pve', 'password') }}" - name: 'brother_ads2700w' password: "{{ lookup('keepass', 'fileserver_smb_user_brother_ads2700w', 'password') }}" - name: 'photoprism' password: "{{ lookup('keepass', 'fileserver_smb_user_photoprism', 'password') }}" - name: 'bdfr' password: "{{ lookup('keepass', 'fileserver_smb_user_bdfr', 'password') }}" smb_shares: - name: 'videos' path: '/shares_videos' users_ro: 'kodi' users_rw: 'annemariedroessler2 michaelgrote win10' - name: 'scans' path: '/shares/scans' users_ro: 'annemariedroessler2 michaelgrote' users_rw: 'brother_ads2700w' - name: 'papa_backup' path: '/shares_papa_backup' users_ro: '' users_rw: 'win10 michaelgrote' - name: 'amd' path: '/shares/amd' users_ro: 'navidrome michaelgrote' users_rw: 'annemariedroessler2 win10' - name: 'backup' path: '/shares/Backup' users_ro: '' users_rw: 'annemariedroessler2 restic win10 michaelgrote' - name: 'archiv' path: '/shares_archiv' users_ro: '' users_rw: 'bdfr michaelgrote win10' - name: 'hm' path: '/shares/hm' users_ro: 'win10' users_rw: 'michaelgrote' - name: 'mg' path: '/shares/mg' users_ro: '' users_rw: 'win10 michaelgrote' - name: 'musik' path: '/shares_music' users_ro: 'navidrome kodi annemariedroessler2 ' users_rw: 'win10 michaelgrote' - name: 'tmp' path: '/shares_tmp' users_ro: 'win10' users_rw: 'kodi annemariedroessler2 restic win10 michaelgrote' - name: 'bilder' path: '/shares/bilder' users_ro: 'photoprism' users_rw: 'annemariedroessler2 michaelgrote win10' - name: 'proxmox' path: '/shares_pve_backup' users_ro: 'michaelgrote' users_rw: 'pve win10' smb_workgroup: WORKGROUP smb_min_protocol: "SMB2" smb_client_min_protocol: "SMB2" smb_client_max_protocol: "SMB3_11" ### oefenweb.ufw ufw_rules: - rule: allow to_port: 22 protocol: tcp comment: 'ssh' from_ip: 192.168.2.0/24 - rule: allow to_port: 445 comment: 'smb' from_ip: 192.168.2.0/24 - rule: allow to_port: 139 comment: 'smb' from_ip: 192.168.2.0/24 - rule: allow to_port: 4949 protocol: tcp comment: 'munin' from_ip: 192.168.2.144/24 ### geerlingguy.munin-node munin_node_additional_plugins: - name: chrony src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/chrony - name: systemd_status src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/systemd_status - name: samba_users src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/samba_users - name: samba_locked src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/samba_locked munin_node_disabled_plugins: - name: meminfo # zu hohe last - name: hddtemp2 # ersetzt durch hddtemp_smartctl - name: squid_cache - name: squid_objectsize - name: squid_requests - name: squid_traffic - name: nfsd - name: samba - name: nfsd4 - name: ntp # verursacht zu viele dns ptr request - name: cronjobs - name: hddtempd # ersetzt durch hddtemp_smartctl - name: ipmi_power # für pve2, leeres diagramm - name: fail2ban - name: fail2ban_ - name: apcupsd_pct - name: kvm_io - name: kvm_cpu - name: docker_mem - name: cpuspeed - name: acpi - name: lvm_