63 lines
2.2 KiB
YAML
63 lines
2.2 KiB
YAML
---
|
|
### PROXMOX
|
|
# acng2 ist ein LXC-Container; der Container ist "privileged" damit der Bind-Mount die richtigen Rechte bekommt
|
|
|
|
### mgrote.apt_manage_sources
|
|
manage_sources_apt_proxy: "" # weil der Apt-Cacher-NG sich nicht selbst als Quelle nehmen kann
|
|
|
|
### oefenweb.ufw
|
|
ufw_rules:
|
|
- rule: allow
|
|
to_port: 22
|
|
protocol: tcp
|
|
comment: 'ssh'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 4949
|
|
protocol: tcp
|
|
comment: 'munin'
|
|
from_ip: 192.168.2.144/24
|
|
- rule: allow
|
|
to_port: "{{ acng_server_port }}"
|
|
comment: 'acng'
|
|
from_ip: 0.0.0.0/0
|
|
### mgrote.acng
|
|
acng_server_port: 9999
|
|
acng_server_exthreshold: "60" #hebt Pakete 60 Tage auf
|
|
acng_server_auth_user: acngadmin
|
|
acng_server_auth_pass: "{{ lookup('keepass', 'acng_webinterface', 'password') }}"
|
|
### mgrote.munin-node
|
|
munin_node_plugins:
|
|
- name: timesync
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
|
- name: systemd_status
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
|
- name: systemd_mem
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
|
|
config: |
|
|
[systemd_mem]
|
|
env.all_services true
|
|
- name: lvm_
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
|
|
config: |
|
|
[lvm_*]
|
|
user root
|
|
- name: fail2ban
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
|
config: |
|
|
[fail2ban]
|
|
env.client /usr/bin/fail2ban-client
|
|
env.config_dir /etc/fail2ban
|
|
user root
|
|
- name: acng
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/apt/acng
|
|
config: |
|
|
env.logfile /var/log/apt-cacher-ng/apt-cacher.log
|
|
- name: http_response
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
|
config: |
|
|
[http_response]
|
|
env.sites http://acng2.grote.lan:9999/acng-report.html
|
|
env.max_time 20
|
|
env.short_label true
|
|
env.follow_redirect true
|