mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 1 Activity Actions
homeserver/group_vars/all.yml
mg 492ac5b187 gitlab runner von rierms als submodule 
Group Vars und Inventory hinzugefügt

Gruppe umbenannt, bindestrich nicht in gruppennamen erlaubt

wip

Einrückung

Datei richtig benannt

playbook mit richtiger rolle

readme

meta

doku dict

collectipn in doku

doku

funktioniert
2021-01-17 19:34:17 +01:00

125 lines
3.7 KiB
YAML
Raw Blame History

---
empfaenger_mail: michael.grote@posteo.de
### mgrote.postfix / werden auch bei gitlab verwendet
postfix_absender_mailadresse: info@mgrote.net
postfix_absender_passwort: "{{ lookup('keepass', 'postfix_absender_passwort', 'password') }}"
postfix_erlaubte_netzwerke: "127.0.0.0/8 192.168.2.0/24"
postfix_mail_nach_cronjob: false
postfix_smtp_server: smtp.strato.de
postfix_smtp_server_port: 587
postfix_smtp_use_tls: "yes"
### mgrote.set_apt_proxy
apt_proxy_server_hostname: acng.grote.lan
apt_proxy_server_port: 9999
### mgrote.restic
restic_folders_to_backup: "/usr/local /etc /root /var/www /home"
restic_cron_hours: "19"
restic_repository: "//fileserver2.grote.lan/backup/restic"
restic_repository_password: "{{ lookup('keepass', 'restic_repository_password', 'password') }}"
restic_mount: "/mnt/restic"
restic_mount_user: restic
restic_mount_password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}"
restic_exclude: |
._*
desktop.ini
.Trash-*
**/**cache***/**
**/**Cache***/**
**/**AppData***/**
### mgrote.tmux
tmux_conf_destination: "/home/mg/.tmux.conf"
tmux_bashrc_destination: "/home/mg/.bashrc"
tmux_standardsession_name: "default"
### mgrote.fail2ban
f2b_bantime: 300
f2b_findtime: 300
f2b_maxretry: 5
f2b_destemail: "{{ empfaenger_mail }}"
f2b_sender: "{{ postfix_absender_mailadresse }}"
### oefenweb.ufw
ufw_rules:
- rule: allow
to_port: 22
protocol: tcp
comment: 'ssh'
from_ip: 192.168.2.0/24
ufw_default_incoming_policy: deny
ufw_default_outgoing_policy: allow
### ryandaniels.create_users
users:
- username: mg
password: "{{ lookup('keepass', 'linux_mg_user_password_hash', 'password') }}"
update_password: on_create
ssh_key: "{{ lookup('keepass', 'ssh_pubkey_mg', 'password') }}"
use_sudo: yes
use_sudo_nopass: yes
user_state: present
groups: ssh, sudo
servers:
- production
- staging
- test
### geerlingguy.dotfiles
dotfiles_repo: "https://git.mgrote.net/mg/dotfiles"
dotfiles_repo_local_destination: "/home/mg/dotfiles-repo"
dotfiles_home: "/home/mg"
dotfiles_user: "mg"
dotfiles_repo_accept_hostkey: true
dotfiles_files:
- .bash_aliases
- .tmux.conf
- .gitconfig
- .vimrc
### mgrote.install_packages
programs_common:
- locales
- build-essential
- ntp
- htop
- git
- dnsutils
- nano
- mc
- cifs-utils
- netdiscover
- tree
- curl
- logrotate
- ncdu
- net-tools
- apt-transport-https
- neofetch
- ntpdate
- acl
- vim
programs_only_physical:
- hddtemp
- ipmitool
- powertop
- s-tui
programs_only_vms:
- qemu-guest-agent
- open-vm-tools
# Ansible Variablen
### User
ansible_user: "ansible-user"
### SSH
ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'"
### python3
# https://docs.ansible.com/ansible/latest/reference_appendices/python_3_support.html
ansible_python_interpreter: "/usr/bin/python3"
# Ansible Plugin Variablen
### Keepass
# https://github.com/viczem/ansible-keepass
# liegt unter ./plugins/lookup/keepass.py
keepass_dbx: "./keepass_db.kdbx"
keepass_psw: !vault |
$ANSIBLE_VAULT;1.1;AES256
62383737623066396239383336646164616537646630653964313532383130343533346561633039
3437306134656535353438666165376332633064383135650a636537626662656130376537633164
61613132326536666466636632363866393066656236303766333338356337396338376266346631
6364336331623539300a313562303161373631613734313938346666376239613333333363376236
38363035376662353135333332363431343833656666643036326234656166643531
Reference in a new issue View git blame Copy permalink