---
### PROXMOX
# acng2 ist ein LXC-Container; der Container ist "privileged" damit der Bind-Mount die richtigen Rechte bekommt
### mgrote.apt_manage_sources
manage_sources_apt_proxy: "" # weil der Apt-Cacher-NG sich nicht selbst als Quelle nehmen kann
### oefenweb.ufw
ufw_rules:
- rule: allow
to_port: 22
protocol: tcp
comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow
to_port: 4949
protocol: tcp
comment: 'munin'
from_ip: 192.168.2.144/24
- rule: allow
to_port: "{{ acng_server_port }}"
comment: 'acng'
from_ip: 0.0.0.0/0
### mgrote.acng
acng_server_port: 9999
acng_server_exthreshold: "60" #hebt Pakete 60 Tage auf
acng_server_auth_user: acngadmin
acng_server_auth_pass: "{{ lookup('keepass', 'acng_webinterface', 'password') }}"
### mgrote.munin-node
munin_node_plugins:
- name: timesync
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
- name: systemd_status
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
- name: systemd_mem
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
config: |
[systemd_mem]
env.all_services true
- name: lvm_
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
config: |
[lvm_*]
user root
- name: fail2ban
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
config: |
[fail2ban]
env.client /usr/bin/fail2ban-client
env.config_dir /etc/fail2ban
user root
- name: acng
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/apt/acng
config: |
env.logfile /var/log/apt-cacher-ng/apt-cacher.log
- name: http_response
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
config: |
[http_response]
env.sites http://acng2.grote.lan:9999/acng-report.html
env.max_time 20
env.short_label true
env.follow_redirect true