homeserver/group_vars/fileserver.yml
mg 834c232c15 munin für alle (#37)
Merge branch 'master' into moni

docker users aufgeräumt

doku

doku

sensors bei fileserver entfernt

sensors bei docker aus

gruppe mg docker

allgemeine munin-node vars in all

pve listening interface angepasst

default ipv4

munin in firewall

aber nicht für test

munin für alle

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#37
Co-Authored-By: mg <mg@noreply.git.mgrote.net>
Co-Committed-By: mg <mg@noreply.git.mgrote.net>
2021-03-18 13:46:26 +01:00

94 lines
2.9 KiB
YAML

---
### geerlingguy.munin-node
munin_node_remove_plugins:
- name: sensors
### mgrote.smb_fileserver
smb_users:
- name: 'annemariedroessler'
password: "{{ lookup('keepass', 'fileserver_smb_user_amd', 'password') }}"
- name: 'restic'
password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}"
- name: 'win10'
password: "{{ lookup('keepass', 'fileserver_smb_user_win10', 'password') }}"
- name: 'kodi'
password: "{{ lookup('keepass', 'fileserver_smb_user_kodi', 'password') }}"
- name: 'michaelgrote'
password: "{{ lookup('keepass', 'fileserver_smb_user_mg', 'password') }}"
- name: 'navidrome'
password: "{{ lookup('keepass', 'fileserver_smb_user_navidrome', 'password') }}"
- name: 'docker'
password: "{{ lookup('keepass', 'fileserver_smb_user_docker', 'password') }}"
- name: 'pve'
password: "{{ lookup('keepass', 'fileserver_smb_user_pve', 'password') }}"
- name: 'brother_ads2700w'
password: "{{ lookup('keepass', 'fileserver_smb_user_brother_ads2700w', 'password') }}"
smb_shares:
- name: 'videos'
path: '/shares_videos'
users_ro: ' win10 kodi'
users_rw: 'annemariedroessler michaelgrote'
- name: 'scans'
path: '/shares/scans'
users_ro: 'annemariedroessler michaelgrote'
users_rw: 'brother_ads2700w ocrmypdf'
- name: 'replikation'
path: '/shares/replikation'
users_ro: ''
users_rw: 'win10 michaelgrote'
- name: 'amd'
path: '/shares/amd'
users_ro: 'win10 navidrome michaelgrote'
users_rw: 'annemariedroessler'
- name: 'backup'
path: '/shares/Backup'
users_ro: ''
users_rw: 'annemariedroessler restic win10 michaelgrote'
- name: 'hm'
path: '/shares/hm'
users_ro: 'win10'
users_rw: 'michaelgrote'
- name: 'mg'
path: '/shares/mg'
users_ro: ''
users_rw: 'win10 michaelgrote'
- name: 'musik'
path: '/shares/Musik'
users_ro: 'navidrome kodi annemariedroessler '
users_rw: 'win10 michaelgrote'
- name: 'tmp'
path: '/shares/tmp'
users_ro: 'win10'
users_rw: 'kodi annemariedroessler restic win10 michaelgrote'
- name: 'bilder'
path: '/shares/bilder'
users_ro: 'win10'
users_rw: 'annemariedroessler michaelgrote'
- name: 'proxmox'
path: '/shares/proxmox'
users_ro: 'win10 michaelgrote'
users_rw: 'pve'
smb_workgroup: WORKGROUP
smb_min_protocol: "SMB2"
smb_client_min_protocol: "SMB2"
smb_client_max_protocol: "SMB3_11"
### oefenweb.ufw
ufw_rules:
- rule: allow
to_port: 22
protocol: tcp
comment: 'ssh'
from_ip: 192.168.2.0/24
- rule: allow
to_port: 445
comment: 'smb'
from_ip: 192.168.2.0/24
- rule: allow
to_port: 139
comment: 'smb'
from_ip: 192.168.2.0/24
- rule: allow
to_port: 4949
protocol: tcp
comment: 'munin-node'
from_ip: 192.168.2.0/24