--- ### PROXMOX # acng2 ist ein LXC-Container; der Container ist "privileged" damit der Bind-Mount die richtigen Rechte bekommt ### mgrote.apt_manage_sources manage_sources_apt_proxy: "" # weil der Apt-Cacher-NG sich nicht selbst als Quelle nehmen kann ### oefenweb.ufw ufw_rules: - rule: allow to_port: 22 protocol: tcp comment: 'ssh' from_ip: 0.0.0.0/0 - rule: allow to_port: 4949 protocol: tcp comment: 'munin' from_ip: 192.168.2.144/24 - rule: allow to_port: "{{ acng_server_port }}" comment: 'acng' from_ip: 0.0.0.0/0 ### mgrote.acng acng_server_port: 9999 acng_server_exthreshold: "60" #hebt Pakete 60 Tage auf acng_server_auth_user: acngadmin acng_server_auth_pass: "{{ lookup('keepass', 'acng_webinterface', 'password') }}" ### mgrote.munin-node munin_node_plugins: - name: timesync src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status - name: systemd_status src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status - name: systemd_mem src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_mem config: | [systemd_mem] env.all_services true - name: fail2ban src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban config: | [fail2ban] env.client /usr/bin/fail2ban-client env.config_dir /etc/fail2ban user root - name: acng src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/apt/acng config: | env.logfile /var/log/apt-cacher-ng/apt-cacher.log - name: http_response src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response config: | [http_response] env.sites http://acng2.grote.lan:9999/acng-report.html env.max_time 20 env.short_label true env.follow_redirect true