--- # Diese Datei enthällt alles für den Laptop, es werden auch alle Variablen aus den Group-Vars extra eingetragen. ### mgrote_install_archived_deb_files_from_url laptop_install_deb_url: - https://github.com/pulsar-edit/pulsar/releases/download/v1.123.0/Linux.pulsar_1.123.0_amd64.deb - https://download.xnview.com/XnViewMP-linux-x64.deb - https://github.com/torakiki/pdfsam/releases/download/v5.2.9/pdfsam_5.2.9-1_amd64.deb ### mgrote_install_deb_files_from_url laptop_install_deb_url_archived: - https://download.mikrotik.com/routeros/winbox/4.0beta14/WinBox_Linux.zip ### mgrote_user_setup dotfiles: - user: mg home: /home/mg dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles dotfiles_vim_vundle_repo_url: "https://{{ ansible_forgejo_user | urlencode }}:{{ ansible_forgejo_user_pass | urlencode }}@git.mgrote.net/mirrors/Vundle.vim.git" ### mgrote_user users: - username: mg password: "{{ lookup('viczem.keepass.keepass', 'mg_linux_password_hash', 'password') }}" update_password: always groups: - ssh - sudo state: present public_ssh_key: "{{ ssh_public_key_mg }}" allow_sudo: true allow_passwordless_sudo: true - username: ansible-user password: "{{ lookup('viczem.keepass.keepass', 'ansible_user_linux_password_hash', 'password') }}" update_password: always groups: - ssh - sudo state: present public_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJcBwOjanQV6sFWaTetqpl20SVe3aRzGjKbsp7hKkDCE allow_sudo: true allow_passwordless_sudo: true - username: docker-user password: "{{ lookup('viczem.keepass.keepass', 'docker-user_linux_password_hash', 'password') }}" update_password: always groups: - ssh - sudo - docker state: present allow_sudo: true allow_passwordless_sudo: true uid: "5000" ### geerlingguy.pip pip_package: python3-pip pip_install_packages: - name: docker # für munin-plugin docker_ ### geerlingguy.docker docker_users: - mg - docker-user docker_install_compose: true docker_add_repo: true docker_apt_repository: "deb [arch={{ docker_apt_arch }}{{' signed-by=/etc/apt/keyrings/docker.asc' if add_repository_key is not failed}}] {{ docker_repo_url }}/ubuntu jammy {{ docker_apt_release_channel }}" # Distribution ubuntu jammy explizit gesetzt docker_apt_gpg_key: "{{ docker_repo_url }}/ubuntu/gpg" # Distribution ubuntu explizit gesetzt ### oefenweb.ufw ufw_rules: - rule: allow to_port: 22 protocol: tcp comment: 'ssh' from_ip: 0.0.0.0/0 ufw_default_incoming_policy: deny ufw_default_outgoing_policy: allow ### mgrote_restic restic_exclude: | ._* desktop.ini .Trash-* **/**cache***/** **/**Cache***/** **/**AppData***/** restic_folders_to_backup: "/usr/local /etc /root /home" restic_repository: "//fileserver3.mgrote.net/restic" restic_fail_mail: "{{ my_mail }}" restic_repository_password: "{{ lookup('viczem.keepass.keepass', 'restic_repository_password', 'password') }}" restic_mount_password: "{{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_restic', 'password') }}" #gitleaks:allow restic_mount_user: restic restic_schedule: "*-*-* 4:00:00" ### mgrote_apt_manage_packages apt_packages_common: - locales - wget - python3 - build-essential - htop - git - dnsutils - mc - cifs-utils - haveged #https://www.linux-magazin.de/ausgaben/2011/09/einfuehrung2/ - ca-certificates - netdiscover - tree - curl - whois - logrotate - ncdu - net-tools - apt-transport-https - moreutils - acl - vim - rsync - at - ripgrep - iotop - pwgen - keychain - bc - jq apt_packages_extra: - firefox - vlc - keepassxc - git - tmux - vim - ripgrep - ca-certificates - nextcloud-desktop - wireguard - dos2unix - remmina - mintstick - picard - network-manager - virt-manager - alacritty apt_packages_physical: - s-tui - smartmontools - lm-sensors - ethtool - fwupd apt_packages_absent: - nano - snapd - ubuntu-advantage-tools - neofetch - graphviz - ubuntu-pro-client - thunderbird - libflatpak0 - nano - snapd - thingy - gnome-calendar - pix - drawing - transmission - transmission-gtk - mintchat - webapp-manager - hypnotix - celluloid - onboard - warpinator - gnome-terminal ...