mg
209f80efa3
Docker: allow all weg, dafür einzelne dienste freigeschaltet smb aus lan jenkins-webgui aus lan pihole-webgui aus lan acng aus LAN ssh nur aus LAN Co-authored-by: Michael Grote <38253905+quotengrote@users.noreply.github.com> Reviewed-on: mg/ansible#11
35 lines
1,023 B
YAML
35 lines
1,023 B
YAML
---
|
|
### geerlingguy.jenkins
|
|
jenkins_package_state: latest
|
|
jenkins_http_port: 8080
|
|
jenkins_admin_username: "{{ lookup('keepass', 'jenkins_admin_name', 'password') }}"
|
|
jenkins_admin_password: "{{ lookup('keepass', 'jenkins_admin_password', 'password') }}"
|
|
jenkins_plugins_install_dependencies: true
|
|
jenkins_plugins_state: latest
|
|
jenkins_java_options: "-Djenkins.install.runSetupWizard=true"
|
|
### geerlingguy.pip
|
|
pip_package: python3-pip
|
|
pip_install_packages:
|
|
- name: pykeepass
|
|
- name: Jinja2
|
|
- name: markupsafe
|
|
### geerlingguy.ansible
|
|
ansible_install_method: pip
|
|
ansible_install_version_pip: '2.10'
|
|
### oefenweb.ufw
|
|
ufw_rules:
|
|
- rule: allow
|
|
to_port: 22
|
|
protocol: tcp
|
|
from_ip: 192.168.2.0/24
|
|
comment: 'ssh'
|
|
- rule: allow
|
|
to_port: 8080
|
|
from_ip: 192.168.2.0/24
|
|
comment: 'jenkins'
|
|
### mgrote.restic
|
|
restic_folders_to_backup: /usr/local /etc /root /home /var/lib/jenkins
|
|
### mgrote.install_packages
|
|
programs_extra:
|
|
- sshpass
|