---
  ### mgrote.postfix-gmail
  empfaenger_mail: michael.grote@posteo.de
  nutzer_gmail: michael.grote@gmail.com
  passwort_gmail: "{{ lookup('keepass', 'passwort_gmail', 'password') }}"
  postfix_gmail_erlaubte_netzwerke: "127.0.0.0/8 192.168.2.0/24"
  mail_nach_cronjob: false
  ### mgrote.set_apt_sources
  acng_server: acng.grote.lan
  acng_server_port: 9999
  ### mgrote.restic
  restic_cron_hours: "19"
  restic_repository: "//fileserver2.grote.lan/backup/restic"
  restic_repository_password: "{{ lookup('keepass', 'restic_repository_password', 'password') }}"
  restic_mount: "/mnt/restic"
  restic_mount_user: restic
  restic_mount_password: restic
  ### mgrote.tmux
  tmux_conf_destination: "/home/mg/.tmux.conf"
  tmux_bashrc_destination: "/home/mg/.bashrc"
  tmux_standardsession_name: "default"
  ### mgrote.fail2ban
  f2b_bantime: 300
  f2b_findtime: 300
  f2b_maxretry: 5
  ### oefenweb.ufw
  ufw_rules:
    - rule: allow
      to_port: 22
      protocol: tcp
      comment: 'ssh'
  ### ryandaniels.create_users
  users:
  - username: mg
    password: "{{ lookup('keepass', 'linux_mg_user_password', 'password') }}"
    update_password: on_create
    ssh_key: "{{ lookup('keepass', 'ssh_pubkey_mg', 'password') }}"
    use_sudo: yes
    use_sudo_nopass: yes
    user_state: present
    groups: ssh, sudo
    servers:
      - production
      - staging
      - test
      - virt
      - ceph
      - k8s
  ### geerlingguy.dotfiles
  dotfiles_repo: "https://github.com/quotengrote/dotfiles.git"
  dotfiles_repo_local_destination: "/home/mg/dotfiles-repo"
  dotfiles_home:  "/home/mg"
  dotfiles_user: "mg"
  dotfiles_repo_accept_hostkey: true
  dotfiles_files:
    - .bash_aliases
    - .tmux.conf
    - .gitconfig


  # Ansible Variablen
  ### User
  ansible_user: "ansible-user"
  ### SSH
  ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'"
  ### python3
  # https://docs.ansible.com/ansible/latest/reference_appendices/python_3_support.html
  ansible_python_interpreter: "/usr/bin/python3"
  ansible_ssh_private_key_file: /home/mg/ansible/id_rsa_ansible_user

  # Ansible Plugin Variablen
  ### Keepass
  # https://github.com/viczem/ansible-keepass
  # liegt unter /home/mg/ansible/.ansible/plugins/keepass.py
  keepass_dbx: "/home/mg/ansible/keepass_db.kdbx"
  keepass_psw: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          62383737623066396239383336646164616537646630653964313532383130343533346561633039
          3437306134656535353438666165376332633064383135650a636537626662656130376537633164
          61613132326536666466636632363866393066656236303766333338356337396338376266346631
          6364336331623539300a313562303161373631613734313938346666376239613333333363376236
          38363035376662353135333332363431343833656666643036326234656166643531