--- # Bind Mounts - fileserver # pct set 127 -mp0 /hdd_data_raidz/videos,mp=/shares_videos # pct set 127 -mp1 /hdd_data_raidz/data_crypt,mp=/shares_data_crypt # pct set 127 -mp2 /hdd_data_raidz/pve_backup,mp=/shares_pve_backup # pct set 127 -mp3 /hdd_data_raidz/papa_backup,mp=/shares_papa_backup # pct set 127 -mp4 /hdd_data_raidz/music,mp=/shares_music # pct set 127 -mp5 /hdd_data_raidz/tmp,mp=/shares_tmp # pct set 127 -mp6 /hdd_data_raidz/archiv,mp=/shares_archiv # pct set 127 -mp7 /hdd_data_raidz/bilder,mp=/shares_bilder # pct set 127 -mp8 /hdd_data_raidz/hm,mp=/shares_hm # pct set 127 -mp9 /hdd_data_raidz/scans,mp=/shares_scans # pct set 127 -mp10 /hdd_data_raidz/restic,mp=/shares_restic # pct set 127 -mp11 /hdd_data_raidz/amd,mp=/shares_amd # pct set 127 -mp12 /hdd_data_raidz/backup,mp=/shares_backup ### mgrote.smb_fileserver smb_users: - name: 'annemariedroessler2' password: "{{ lookup('keepass', 'fileserver_smb_user_amd', 'password') }}" - name: 'restic' password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}" - name: 'win10' password: "{{ lookup('keepass', 'fileserver_smb_user_win10', 'password') }}" - name: 'kodi' password: "{{ lookup('keepass', 'fileserver_smb_user_kodi', 'password') }}" - name: 'michaelgrote' password: "{{ lookup('keepass', 'fileserver_smb_user_mg', 'password') }}" - name: 'navidrome' password: "{{ lookup('keepass', 'fileserver_smb_user_navidrome', 'password') }}" - name: 'docker' password: "{{ lookup('keepass', 'fileserver_smb_user_docker', 'password') }}" - name: 'pve' password: "{{ lookup('keepass', 'fileserver_smb_user_pve', 'password') }}" - name: 'brother_ads2700w' password: "{{ lookup('keepass', 'fileserver_smb_user_brother_ads2700w', 'password') }}" - name: 'photoprism' password: "{{ lookup('keepass', 'fileserver_smb_user_photoprism', 'password') }}" smb_shares: - name: 'videos' path: '/shares_videos' users_ro: 'kodi' users_rw: 'annemariedroessler2 michaelgrote win10' - name: 'scans' path: '/shares_scans' users_ro: 'annemariedroessler2 michaelgrote' users_rw: 'brother_ads2700w' - name: 'papa_backup' path: '/shares_papa_backup' users_ro: 'michaelgrote' users_rw: 'win10' - name: 'amd' path: '/shares_amd' users_ro: 'michaelgrote win10' users_rw: 'annemariedroessler2 win10' - name: 'backup' path: '/shares_backup' users_ro: 'annemariedroessler2' users_rw: 'win10 michaelgrote' - name: 'archiv' path: '/shares_archiv' users_ro: '' users_rw: 'michaelgrote win10' - name: 'hm' path: '/shares_hm' users_ro: 'win10' users_rw: 'michaelgrote' - name: 'mg' path: '/shares_data_crypt' users_ro: '' users_rw: 'win10 michaelgrote' - name: 'musik' path: '/shares_music' users_ro: 'navidrome kodi annemariedroessler2 ' users_rw: 'win10 michaelgrote' - name: 'tmp' path: '/shares_tmp' users_ro: 'win10' users_rw: 'kodi annemariedroessler2 win10 michaelgrote' - name: 'bilder' path: '/shares_bilder' users_ro: 'photoprism' users_rw: 'annemariedroessler2 michaelgrote win10' - name: 'proxmox' path: '/shares_pve_backup' users_ro: 'michaelgrote' users_rw: 'pve win10' - name: 'restic' path: '/shares_restic' users_ro: '' users_rw: 'annemariedroessler2 restic win10 michaelgrote' smb_workgroup: WORKGROUP smb_min_protocol: "SMB2" smb_client_min_protocol: "SMB2" smb_client_max_protocol: "SMB3_11" ### oefenweb.ufw ufw_rules: - rule: allow to_port: 22 protocol: tcp comment: 'ssh' from_ip: 0.0.0.0/0 - rule: allow to_port: 445 comment: 'smb' from_ip: 0.0.0.0/0 - rule: allow to_port: 139 comment: 'smb' from_ip: 0.0.0.0/0 - rule: allow to_port: 4949 protocol: tcp comment: 'munin' from_ip: 192.168.2.144/24 ### geerlingguy.munin-node munin_node_disabled_plugins: - name: meminfo # zu hohe last - name: hddtemp2 # ersetzt durch hddtemp_smartctl - name: ntp # verursacht zu viele dns ptr request - name: hddtempd # ersetzt durch hddtemp_smartctl - name: ipmi_power # für pve2, leeres diagramm - name: lvm_ - name: samba_locked - name: samba_users munin_node_plugins: - name: chrony src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/chrony - name: systemd_status src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/systemd_status - name: samba src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/samba config: | [samba] user root group root env.smbstatus /usr/bin/smbstatus env.ignoreipcshare 1