mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 1 Activity Actions
homeserver/group_vars/fileserver.yml
Michael Grote 6b01cf8879
Some checks failed
ansible-lint / ansible-lint (push) Failing after 4s
Details
gitleaks / gitleaks (push) Successful in 4s
Details
traefik: rate-limit for forgejo (#176) 
Reviewed-on: https://git.mgrote.net///mg/homeserver/pulls/176
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>

remove ubuntu-pro-client

set rate-limit higher and let... (#177)

Reviewed-on: https://git.mgrote.net///mg/homeserver/pulls/177
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
2024-09-12 13:26:14 +00:00

67 lines
1.7 KiB
YAML
Raw Blame History

---
### PROXMOX
# fileserver3 ist ein LXC-Container; der Container ist "privileged" damit der Bind-Mount die richtigen Rechte bekommt
### oefenweb.ufw
ufw_rules:
- rule: allow
to_port: 22
protocol: tcp
comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow
to_port: 4949
protocol: tcp
comment: 'munin'
from_ip: 192.168.2.0/24
- rule: allow
to_port: 445
comment: 'smb'
from_ip: 0.0.0.0/0
- rule: allow
to_port: 139
comment: 'smb'
from_ip: 0.0.0.0/0
### mgrote_fileserver_smb
smb_workgroup: WORKGROUP
smb_min_protocol: "SMB2"
smb_client_min_protocol: "SMB2"
smb_client_max_protocol: "SMB3_11"
smb_enable_snapshots_dir: true
smb_enable_snapshots_shadow: true
### mgrote_munin_node
munin_node_plugins:
- name: chrony
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/chrony/chrony
- name: systemd_status
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/systemd/systemd_status
- name: systemd_mem
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
config: |
[systemd_mem]
env.all_services true
- name: fail2ban
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
config: |
[fail2ban]
env.client /usr/bin/fail2ban-client
env.config_dir /etc/fail2ban
user root
- name: samba
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/samba
config: |
[samba]
user root
group root
env.smbstatus /usr/bin/smbstatus
env.ignoreipcshare 1
### mgrote_apt_manage_packages
apt_packages_absent:
- nano
- snapd
- ubuntu-advantage-tools
- fwupd # weil LXC
- ubuntu-pro-client
Reference in a new issue View git blame Copy permalink