mg
9fb0401eca
Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#335 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de>
40 lines
1.3 KiB
YAML
40 lines
1.3 KiB
YAML
---
|
|
### mgrote.docker-compose-deploy
|
|
docker_compose_base_dir: /home/mg/docker
|
|
docker_compose_projects:
|
|
- name: homer
|
|
dir_name: docker-homer
|
|
repository_url: git.mgrote.net/mg/docker-homer
|
|
state: present
|
|
os_username: mg
|
|
git_branch: test
|
|
- name: watchtower
|
|
dir_name: docker-watchtower
|
|
repository_url: git.mgrote.net/mg/docker-watchtower
|
|
repository_user: mg
|
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
|
state: present
|
|
os_username: mg
|
|
- name: munin-master-test
|
|
dir_name: docker-munin-master-test
|
|
repository_url: git.mgrote.net/mg/docker-munin-master_test
|
|
state: present
|
|
os_username: mg
|
|
### geerlingguy.munin-node
|
|
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
|
munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift
|
|
- '^127\.0\.0\.1$'
|
|
- '^::1$'
|
|
- ^0\.0\.0\.0$
|
|
### oefenweb.ufw
|
|
ufw_rules: # ist extra weil bei munin kein subnet angegeben ist
|
|
- rule: allow
|
|
to_port: 22
|
|
protocol: tcp
|
|
comment: 'ssh'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 4949
|
|
protocol: tcp
|
|
comment: 'munin'
|
|
from_ip: 0.0.0.0/0
|