231 lines
8.2 KiB
YAML
231 lines
8.2 KiB
YAML
---
|
|
### PROXMOX
|
|
# fileserver3 ist ein LXC-Container; der Container ist "privileged" damit der Bind-Mount die richtigen Rechte bekommt
|
|
|
|
### oefenweb.ufw
|
|
ufw_rules:
|
|
- rule: allow
|
|
to_port: 22
|
|
protocol: tcp
|
|
comment: 'ssh'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 445
|
|
comment: 'smb'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 139
|
|
comment: 'smb'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 4949
|
|
protocol: tcp
|
|
comment: 'munin'
|
|
from_ip: 192.168.2.144/24
|
|
### mgrote.munin-node
|
|
munin_node_plugins:
|
|
- name: timesync
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
|
- name: systemd_status
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
|
- name: systemd_mem
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
|
|
config: |
|
|
[systemd_mem]
|
|
env.all_services true
|
|
- name: fail2ban
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
|
config: |
|
|
[fail2ban]
|
|
env.client /usr/bin/fail2ban-client
|
|
env.config_dir /etc/fail2ban
|
|
user root
|
|
- name: samba
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/samba
|
|
config: |
|
|
[samba]
|
|
user root
|
|
group root
|
|
env.smbstatus /usr/bin/smbstatus
|
|
env.ignoreipcshare 1
|
|
|
|
### mgrote.apt_manage_packages
|
|
apt_packages_internet:
|
|
- https://github.com/rclone/rclone/releases/download/v1.59.2/rclone-v1.59.2-linux-amd64.deb
|
|
- http://docker10.grote.lan:3344/bash-helper-scripts-mgrote-latest.deb
|
|
|
|
### mgrote.youtubedl
|
|
ytdl_dl_url: "https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp"
|
|
ytdl_timer: "Tue,Sat 03:00"
|
|
ytdl_bin_path: /usr/local/bin/yt-dlp
|
|
ytdl_active: true
|
|
ytdl_video_urls:
|
|
- https://www.youtube.com/c/KurzgesagtDE/videos # Kurzgesagt - Deutsch
|
|
- https://www.youtube.com/c/inanutshell/videos # Kurzgesagt - Englisch
|
|
- https://www.youtube.com/c/MartinSonneborn/videos #martin sonneborn
|
|
- https://www.youtube.com/c/100SekundenPhysik/videos #100 sekunden physik
|
|
- https://www.youtube.com/c/Handwerkskunst/videos #swr handwerkskunst kanal
|
|
- https://www.youtube.com/c/PracticalEngineeringChannel/videos # pracrical engineering
|
|
- https://www.youtube.com/channel/UClZbmi9JzfnB2CEb0fG8iew/videos #primal space
|
|
- https://www.youtube.com/channel/UC0vFIgkGrbmfxKVhZ2hgMeg/videos #gaby weber
|
|
- https://www.youtube.com/c/ExpeditionThemePark/videos #Expedition Theme Park
|
|
- https://www.youtube.com/playlist?list=PLPM-eyPokAWNhhDNO4YzC5cGRwuI2ykwE # music
|
|
- https://www.youtube.com/playlist?list=PLPM-eyPokAWNnDxuyX131R5wkl8fzvu7D # lost and found
|
|
- https://www.youtube.com/playlist?list=PLPM-eyPokAWPmStfh37roJge-JuLfgma0 # lost and found 2
|
|
- https://www.youtube.com/playlist?list=PLcpuu5BzmasC7cI-B713EY3xdpWrLhDdH #Japan Day in the Life Series by Paolo fromTOKYO
|
|
- https://www.youtube.com/playlist?list=PLlQWnS27jXh9gX1kvMT1frhzvFnDgP_8M # arte die großen mythen
|
|
- https://www.youtube.com/playlist?list=PLrMX9ct-uNyOKfDG0WrRd6fQsB21MzorZ # JoBlo - Videos - WTF HAPPENED TO THIS MOVIE?!
|
|
- https://www.youtube.com/playlist?list=PLrMX9ct-uNyOt0Z-iqBGuyiZU9pFJyvD5 # JoBlo - Videos - THE MOVIE THAT ALMOST WAS
|
|
- https://www.youtube.com/playlist?list=PLrMX9ct-uNyMNMZgSkxRdNh2xa8GEZQn4 # JoBlo - Videos - WTF HAPPENED TO THIS CELEBRITY?!
|
|
- https://www.youtube.com/watch?v=TowKvEJcYDw&list=PLlQWnS27jXh9aEp7hl54xrk5CgiVbvMBy # arte - zu Tisch in...
|
|
- https://www.youtube.com/playlist?list=PLs4hTtftqnlAkiQNdWn6bbKUr-P1wuSm0 # jimmy kimmel mean tweets
|
|
- https://www.youtube.com/tomstantonengineering
|
|
ytdl_podcast_urls:
|
|
- https://sternengeschichten.podigee.io/feed/aac # Sternengeschichten
|
|
- https://feeds.br.de/radiowissen/feed.xml # BR2 RadioWissen
|
|
|
|
ytdl_video_output: "/shares_videos/Youtube/%(uploader)s/%(title)s-%(id)s.%(ext)s" # Videos werden jetzt IMMEr nach "Uploader/Name.ext" geschrieben
|
|
|
|
ytdl_podcast_output: "/shares_music/Podcasts/%(playlist)s/%(id)s.%(ext)s"
|
|
ytdl_video_log_output: "/shares_videos/Youtube/archive-youtube.log"
|
|
ytdl_podcast_log_output: "/shares_music/Podcasts/archive-podcast.log"
|
|
ytdl_youtube_username: "{{ lookup('keepass', 'youtubedl_youtube_login', 'username') }}"
|
|
ytdl_youtube_password: "{{ lookup('keepass', 'youtubedl_youtube_login', 'password') }}"
|
|
ytdl_conf_dir: "/etc/youtubedl" #ohne / am ende
|
|
ytdl_download_limit: "10000K"
|
|
|
|
### mgote.rclone
|
|
rclone_jobs:
|
|
- name: smb_archiv_glacier
|
|
quelle: "/shares_archiv"
|
|
ziel: "scaleway-encrypt-glacier:/archiv"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_backup_glacier
|
|
quelle: "/shares_backup"
|
|
ziel: "scaleway-encrypt-glacier:/backup"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_bilder_glacier
|
|
quelle: "/shares_bilder"
|
|
ziel: "scaleway-encrypt-glacier:/bilder"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_buecher_glacier
|
|
quelle: "/shares_buecher"
|
|
ziel: "scaleway-encrypt-glacier:/buecher"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_hm_glacier
|
|
quelle: "/shares_hm"
|
|
ziel: "scaleway-encrypt-glacier:/hm"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_musik_glacier
|
|
quelle: "/shares_music"
|
|
ziel: "scaleway-encrypt-glacier:/musik"
|
|
timer: "*-*-* 23:15"
|
|
loglevel: INFO
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_programme_glacier
|
|
quelle: "/shares_programme"
|
|
ziel: "scaleway-encrypt-glacier:/programme"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
transfers: 4
|
|
- name: smb_tmp_glacier
|
|
quelle: "/shares_tmp"
|
|
ziel: "scaleway-encrypt-glacier:/tmp"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_scans_glacier
|
|
quelle: "/shares_scans"
|
|
ziel: "scaleway-encrypt-glacier:/scans"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
- name: smb_restic_glacier
|
|
quelle: "/shares_restic"
|
|
ziel: "scaleway-encrypt-glacier:/restic"
|
|
timer: "*-*-* 23:15"
|
|
state: true
|
|
bwlimit: 2M
|
|
mode: "--size-only"
|
|
|
|
rclone_config: "{{ lookup('keepass', 'rclone.conf', 'notes') }}"
|
|
|
|
### mgrote.smb_fileserver
|
|
smb_shares:
|
|
- name: 'videos'
|
|
path: '/shares_videos'
|
|
users_ro: 'kodi'
|
|
users_rw: 'michaelgrote win10'
|
|
- name: 'scans'
|
|
path: '/shares_scans'
|
|
users_ro: ' michaelgrote'
|
|
users_rw: 'brother_ads2700w'
|
|
- name: 'papa_backup'
|
|
path: '/shares_papa_backup'
|
|
users_ro: 'michaelgrote'
|
|
users_rw: 'win10'
|
|
- name: 'backup'
|
|
path: '/shares_backup'
|
|
users_ro: ''
|
|
users_rw: 'win10 michaelgrote'
|
|
- name: 'archiv'
|
|
path: '/shares_archiv'
|
|
users_ro: ''
|
|
users_rw: 'michaelgrote win10'
|
|
- name: 'hm'
|
|
path: '/shares_hm'
|
|
users_ro: ''
|
|
users_rw: 'michaelgrote win10'
|
|
- name: 'musik'
|
|
path: '/shares_music'
|
|
users_ro: 'navidrome kodi '
|
|
users_rw: 'win10 michaelgrote'
|
|
- name: 'tmp'
|
|
path: '/shares_tmp'
|
|
users_ro: 'win10'
|
|
users_rw: 'kodi win10 michaelgrote'
|
|
- name: 'bilder'
|
|
path: '/shares_bilder'
|
|
users_ro: 'photoprism'
|
|
users_rw: ' michaelgrote win10'
|
|
- name: 'proxmox'
|
|
path: '/shares_pve_backup'
|
|
users_ro: 'michaelgrote'
|
|
users_rw: 'pve win10'
|
|
- name: 'restic'
|
|
path: '/shares_restic'
|
|
users_ro: ''
|
|
users_rw: ' restic win10 michaelgrote'
|
|
- name: 'buecher'
|
|
path: '/shares_buecher'
|
|
users_ro: ''
|
|
users_rw: 'michaelgrote win10'
|
|
- name: 'programme'
|
|
path: '/shares_programme'
|
|
users_ro: ''
|
|
users_rw: 'michaelgrote win10'
|
|
- name: 'vm'
|
|
path: '/shares_vm'
|
|
users_ro: ''
|
|
users_rw: 'michaelgrote'
|