commit 7f0f83f93be798041bb877c91917be4e3a0d7e83
parent 91c41579ea6fcf524830ef8e00254e5adefadc0e
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 13 Jan 2022 13:54:20 +0100
parent 91c41579ea6fcf524830ef8e00254e5adefadc0e
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 13 Jan 2022 13:54:20 +0100
remove joguhrtbecher
3 files changed, 0 insertions(+), 203 deletions(-)
D
|
175
-------------------------------------------------------------------------------
diff --git a/configuration/joguhrtbecher.yml b/configuration/joguhrtbecher.yml @@ -1,175 +0,0 @@ -system: - hostname: joguhrtbecher - domain: ctu.cx - timezone: Europe/Berlin - enableOwnRepos: true - enableSudo: true - useNTP: true - extraPackages: - - iftop - - iotop - - htop - - rsync - - mtr - - traceroute - - dnsutils - - tar - - unzip - - wget - - curl - - hdparm - users: - - name: root - allowedSshKeys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829 - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161 - - name: leah - groups: "wheel" - password: "{{ lookup('diskcache', 'passwordstore', 'Server/leah.password')}}" - allowedSshKeys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829 - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161 - -network: - nftables: - enable: true - configFile: config-files/nftables/joguhrtbecher.nft - -networkd: - networkd_resolv_conf_content: - - nameserver 1.1.1.1 - - nameserver 8.8.8.8 - networkd_apply_action: "restart" - netdev: - - name: wg-pbb - priority: 30 - content: - - NetDev: - - Name: wg-pbb - - Kind: wireguard - - WireGuard: - - PrivateKey: "{{ lookup('diskcache', 'passwordstore', 'Server/joguhrtbecher/wireguard.privkey returnall=true') }}" - - FirewallMark: 0x8888 - - WireGuardPeer: - - PublicKey: "{{ lookup('diskcache', 'passwordstore', 'Server/desastro/wireguard.pubkey returnall=true') }}" - - AllowedIPs: "0.0.0.0/0, ::/0" - - Endpoint: "195.39.247.172:51820" - - PersistentKeepalive: 10 - network: - - name: enp0s25 - priority: 20 - content: - - Match: - - Name: enp0s25 - - Network: - - DHCP: yes - - name: wg-pbb - priority: 30 - content: - - Match: - - Name: wg-pbb - - Network: - - Address: 195.39.247.49/32 - - Address: 2a0f:4ac0:acab:1234::49/128 - - DNS: 8.8.8.8 - - DNSDefaultRoute: true - - Domains: ~. - - Link: - - MTUBytes: 1472 - - RoutingPolicyRule: - - FirewallMark: 0x8888 - - InvertRule: true - - Table: 1000 - - Priority: 10 - - Route: - - Destination: 0.0.0.0/0 - - Table: 1234 - - Route: - - Destination: ::/0 - - Table: 1234 - - RoutingPolicyRule: - - From: 195.39.247.49/32 - - Table: 1234 - - Priority: 2000 - - RoutingPolicyRule: - - From: 2a0f:4ac0:acab:1234::49/128 - - Table: 1234 - - Priority: 2000 - -files: - /etc/udev/rules.d/69-hdparm-disable-spindown.rules: - state: "file" - content: 'ACTION=="add", SUBSYSTEM=="block", KERNEL=="sda", RUN+="/usr/bin/hdparm -B 254 -S 0 /dev/sda"' - mode: "0755" - owner: "root" - group: "root" - -services: - openssh: - enable: true - port: 22 - permitRootLogin: true - passwordAuthentication: false - - prometheus_node_exporter: - enable: true - - vnstat: - enable: true - - mariadb: - enable: true - databases: - - name: db1 - - name: db2 - users: - - username: test1 - password: test1 - state: present - privileges: - "db1.*": "ALL,GRANT" - "db2.*": "ALL,GRANT" - - username: test2 - password: test2 - state: present - privileges: - "db2.*": "ALL,GRANT" - - syncthing: - enable: true - user: leah - nginx: - enable: true - domain: "syncthing.lollo.ctu.cx" - sslOnly: true - ssl: - enable: true - cert: "/var/lib/acme-redirect/live/syncthing.joguhrtbecher.ctu.cx/fullchain" - privkey: "/var/lib/acme-redirect/live/syncthing.joguhrtbecher.ctu.cx/privkey" - - - acme_redirect: - enable: true - email: lets-encrypt@ctu.cx - certs: - joguhrtbecher.ctu.cx: - renew_tasks: - - systemctl restart nginx - syncthing.joguhrtbecher.ctu.cx: - renewTasks: - - systemctl restart nginx - - - nginx: - enable: true - sslOnly: true - vhosts: - joguhrtbecher.ctu.cx: - defaultserver: true - ssl: - enable: true - cert: "/var/lib/acme-redirect/live/joguhrtbecher.ctu.cx/fullchain" - privkey: "/var/lib/acme-redirect/live/joguhrtbecher.ctu.cx/privkey" - locations: - - path: /node-exporter - proxy: http://127.0.0.1:9100/metrics
diff --git a/inventory b/inventory @@ -19,13 +19,6 @@ lollo.ctu.cx [stasicontainer] stasicontainer.home.ctu.cx -[joguhrtbecher] -#10.10.0.78 -#c4y72xuu85nwkhkx.myfritz.net -joguhrtbecher.ctu.cx -#[joguhrtbecher:vars] -#ansible_ssh_port=2222 - [repo] repo.ctu.cx
diff --git a/playbook.yml b/playbook.yml @@ -75,27 +75,6 @@ - role: backup tags: backup -- hosts: joguhrtbecher - name: Install joguhrtbecher - vars_files: configuration/joguhrtbecher.yml - roles: - - role: common - tags: common - - role: openssh - tags: [ openssh, common ] - - role: systemd-networkd - tags: systemd-networkd - - role: files - tags: files - - role: vnstat - tags: vnstat - - role: mariadb - tags: mariadb - - role: nginx - tags: nginx - - role: syncthing - tags: syncthing - - hosts: lollo name: Install lollo vars_files: configuration/lollo.yml