mg
71aa41cb24
Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#212 Co-authored-by: mg <mg@noreply.git.mgrote.net> Co-committed-by: mg <mg@noreply.git.mgrote.net>
129 lines
4.1 KiB
YAML
129 lines
4.1 KiB
YAML
---
|
|
# Bind Mounts - fileserver
|
|
# wird ohne bind-mounts betrieben
|
|
|
|
### mgrote.smb_fileserver
|
|
smb_users:
|
|
- name: 'annemariedroessler2'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_amd', 'password') }}"
|
|
- name: 'restic'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}"
|
|
- name: 'win10'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_win10', 'password') }}"
|
|
- name: 'kodi'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_kodi', 'password') }}"
|
|
- name: 'michaelgrote'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_mg', 'password') }}"
|
|
- name: 'navidrome'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_navidrome', 'password') }}"
|
|
- name: 'docker'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_docker', 'password') }}"
|
|
- name: 'pve'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_pve', 'password') }}"
|
|
- name: 'brother_ads2700w'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_brother_ads2700w', 'password') }}"
|
|
- name: 'photoprism'
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_photoprism', 'password') }}"
|
|
|
|
smb_shares:
|
|
- name: 'videos'
|
|
path: '/shares_videos'
|
|
users_ro: 'kodi'
|
|
users_rw: 'annemariedroessler2 michaelgrote win10'
|
|
- name: 'scans'
|
|
path: '/shares_scans'
|
|
users_ro: 'annemariedroessler2 michaelgrote'
|
|
users_rw: 'brother_ads2700w'
|
|
- name: 'papa_backup'
|
|
path: '/shares_papa_backup'
|
|
users_ro: 'michaelgrote'
|
|
users_rw: 'win10'
|
|
- name: 'amd'
|
|
path: '/shares_amd'
|
|
users_ro: 'michaelgrote win10'
|
|
users_rw: 'annemariedroessler2'
|
|
- name: 'backup'
|
|
path: '/shares_backup'
|
|
users_ro: 'annemariedroessler2'
|
|
users_rw: 'win10 michaelgrote'
|
|
- name: 'archiv'
|
|
path: '/shares_archiv'
|
|
users_ro: ''
|
|
users_rw: 'michaelgrote win10'
|
|
- name: 'hm'
|
|
path: '/shares_hm'
|
|
users_ro: 'win10'
|
|
users_rw: 'michaelgrote'
|
|
- name: 'mg'
|
|
path: '/shares_data_crypt'
|
|
users_ro: ''
|
|
users_rw: 'win10 michaelgrote'
|
|
- name: 'musik'
|
|
path: '/shares_music'
|
|
users_ro: 'navidrome kodi annemariedroessler2 '
|
|
users_rw: 'win10 michaelgrote'
|
|
- name: 'tmp'
|
|
path: '/shares_tmp'
|
|
users_ro: 'win10'
|
|
users_rw: 'kodi annemariedroessler2 win10 michaelgrote'
|
|
- name: 'bilder'
|
|
path: '/shares_bilder'
|
|
users_ro: 'photoprism'
|
|
users_rw: 'annemariedroessler2 michaelgrote win10'
|
|
- name: 'proxmox'
|
|
path: '/shares_pve_backup'
|
|
users_ro: 'michaelgrote'
|
|
users_rw: 'pve win10'
|
|
- name: 'restic'
|
|
path: '/shares_restic'
|
|
users_ro: ''
|
|
users_rw: 'annemariedroessler2 restic win10 michaelgrote'
|
|
smb_workgroup: WORKGROUP
|
|
smb_min_protocol: "SMB2"
|
|
smb_client_min_protocol: "SMB2"
|
|
smb_client_max_protocol: "SMB3_11"
|
|
|
|
### oefenweb.ufw
|
|
ufw_rules:
|
|
- rule: allow
|
|
to_port: 22
|
|
protocol: tcp
|
|
comment: 'ssh'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 445
|
|
comment: 'smb'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 139
|
|
comment: 'smb'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 4949
|
|
protocol: tcp
|
|
comment: 'munin'
|
|
from_ip: 192.168.2.144/24
|
|
|
|
### geerlingguy.munin-node
|
|
munin_node_disabled_plugins:
|
|
- name: meminfo # zu hohe last
|
|
- name: hddtemp2 # ersetzt durch hddtemp_smartctl
|
|
- name: ntp # verursacht zu viele dns ptr request
|
|
- name: hddtempd # ersetzt durch hddtemp_smartctl
|
|
- name: ipmi_power # für pve2, leeres diagramm
|
|
- name: lvm_
|
|
- name: samba_locked
|
|
- name: samba_users
|
|
munin_node_plugins:
|
|
- name: chrony
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/chrony
|
|
- name: systemd_status
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/systemd_status
|
|
- name: samba
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/samba
|
|
config: |
|
|
[samba]
|
|
user root
|
|
group root
|
|
env.smbstatus /usr/bin/smbstatus
|
|
env.ignoreipcshare 1
|