system: hostname: lollo domain: ctu.cx timezone: Europe/Berlin enableOwnRepos: true enableSudo: true useNTP: true extraPackages: - iftop - iotop - htop - rsync - mtr - traceroute - dnsutils - tar - unzip - wget - curl - webmusic-nginx users: - name: root allowedSshKeys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829 - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161 - name: leah groups: "wheel" shell: /usr/bin/bash password: "{{ lookup('diskcache', 'passwordstore', 'Server/leah.password')}}" allowedSshKeys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829 - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161 - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrvhqC/tZzpLMs/qy+1xNSVi2mfn8LXPIEhh7dcGn9e isa@Isabelles-MacBook-Pro.local network: ipForwarding: true nftables: enable: true configFile: config-files/nftables/lollo.nft networkd: networkd_resolv_conf_content: - nameserver 1.1.1.1 - nameserver 8.8.8.8 networkd_apply_action: "restart" netdev: - name: enp2s0.5 priority: 20 content: - NetDev: - Name: enp2s0.5 - Kind: vlan - VLAN: - Id: 5 - name: wg-pbb priority: 30 content: - NetDev: - Name: wg-pbb - Kind: wireguard - WireGuard: - PrivateKey: "{{ lookup('diskcache', 'passwordstore', 'Server/lollo/wireguard.privkey returnall=true') }}" - FirewallMark: 51820 - WireGuardPeer: - PublicKey: "{{ lookup('diskcache', 'passwordstore', 'Server/desastro/wireguard.pubkey returnall=true') }}" - AllowedIPs: "0.0.0.0/0, ::/0" - Endpoint: "195.39.247.172:51820" - PersistentKeepalive: 10 - name: brlan priority: 40 content: - NetDev: - Name: brlan - Kind: bridge network: - name: enp2s0 priority: 20 content: - Match: - Name: enp2s0 - Network: - DHCP: yes - VLAN: enp2s0.5 - name: enp2s0.5 priority: 20 content: - Match: - Name: enp2s0.5 - Network: - Bridge: brlan - name: wg-pbb priority: 30 content: - Match: - Name: wg-pbb - Link: - MTUBytes: 1472 - Route: - Destination: 0.0.0.0/0 - Table: 1234 - Route: - Destination: ::/0 - Table: 1234 - name: brlan priority: 40 content: - Match: - Name: brlan - Driver: bridge - Network: - DHCP: no - Address: 195.39.246.41/28 - Address: 10.0.0.1/24 - Address: 2a0f:4ac0:acab::1/62 - RoutingPolicyRule: - From: 195.39.246.32/28 - Table: 254 - Priority: 1900 - SuppressPrefixLength: 0 - RoutingPolicyRule: - From: 2a0f:4ac0:acab::/62 - Table: 254 - Priority: 1900 - SuppressPrefixLength: 0 - RoutingPolicyRule: - From: 195.39.246.32/28 - Table: 1234 - Priority: 2000 - RoutingPolicyRule: - From: 2a0f:4ac0:acab::/62 - Table: 1234 - Priority: 2000 - name: usb-tetherring priority: 91 content: - Match: - Name: enp*s*u* - Network: - DHCP: yes files: /var/lib/websites: state: "directory" mode: "0755" owner: "leah" group: "http" /var/lib/websites/dnsmasq.home.ctu.cx: state: "directory" mode: "0755" owner: "leah" group: "http" /etc/udev/rules.d/99-modbus-serial.rules: state: "file" content: 'SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{serial}=="1337", SYMLINK+="modbus0"' mode: "0755" owner: "root" group: "root" /etc/udev/rules.d/99-tempsensors-serial.rules: state: "file" content: 'SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", SYMLINK+="tempsensors0"' mode: "0755" owner: "root" group: "root" /etc/udev/rules.d/99-zigbee-serial.rules: state: "file" content: 'SUBSYSTEM=="tty", ATTRS{idVendor}=="1d6b", ATTRS{idProduct}=="0002", SYMLINK+="zigbee0"' mode: "0755" owner: "root" group: "root" /etc/nginx/passwd/music.ctu.cx: state: "file" content: "{{ lookup('diskcache', 'passwordstore', 'Server/taurus/passwd/music.ctu.cx returnall=true')}}" mode: "0600" owner: "http" group: "http" services: openssh: enable: true port: 22 permitRootLogin: true passwordAuthentication: false prometheus_node_exporter: enable: true vnstat: enable: true acme_redirect: enable: true email: lets-encrypt@ctu.cx renew_if_days_left: 30 certs: lollo.ctu.cx: renewTasks: - systemctl restart nginx syncthing.lollo.ctu.cx: renewTasks: - systemctl restart nginx restic.lollo.ctu.cx: renewTasks: - systemctl restart nginx home.ctu.cx: extraDnsNames: - legacy.home.ctu.cx renewTasks: - systemctl restart nginx dnsmasq.home.ctu.cx: renewTasks: - systemctl restart nginx music.home.ctu.cx: renewTasks: - systemctl restart nginx repo.home.ctu.cx: renewTasks: - systemctl restart nginx influx.home.ctu.cx: renewTasks: - systemctl restart nginx wiki.home.ctu.cx: renewTasks: - systemctl restart nginx meme.ctu.cx: renewTasks: - systemctl restart nginx php_fpm: enable: true version: 8 extraModules: - gd - intl listeners: www: user: leah group: leah listenerPath: /run/php-fpm/php-fpm.sock listenerOwner: http listenerGroup: http nginx: enable: true enableXSLTFilter: true sslOnly: true extraConfig: " server { server_name webmusic.local; listen 81; access_log off; allow 127.0.0.1; deny all; root '/home/leah/syncthing/Music (Originals)'; location / { autoindex on; autoindex_exact_size off; autoindex_format xml; xslt_string_param domain $http_domain; xslt_string_param path $uri; xslt_stylesheet /home/leah/webmusic-nginx/webmusic-playlist.xslt; } } " vhosts: lollo.ctu.cx: defaultserver: true ssl: enable: true cert: "/var/lib/acme-redirect/live/lollo.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/lollo.ctu.cx/privkey" locations: - path: /node-exporter proxy: http://127.0.0.1:9100/metrics repo.home.ctu.cx: ssl: enable: true cert: "/var/lib/acme-redirect/live/repo.home.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/repo.home.ctu.cx/privkey" locations: - path: / directoryListing: true root: /var/cache/pacman/aurto dnsmasq.home.ctu.cx: root: /var/lib/websites/dnsmasq.home.ctu.cx extraConfig: " try_files $uri $uri/ /index.php?$query_string; " enablePhpSupport: true phpSocket: /run/php-fpm/php-fpm.sock ssl: enable: true cert: "/var/lib/acme-redirect/live/dnsmasq.home.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/dnsmasq.home.ctu.cx/privkey" music.home.ctu.cx: root: "'/home/leah/syncthing/Music (Originals)'" ssl: enable: true cert: "/var/lib/acme-redirect/live/music.home.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/music.home.ctu.cx/privkey" extraConfig: " satisfy any; allow 2a0f:4ac0:acab::/48; allow 10.0.0.0/8; allow 195.39.246.32/28; allow 195.39.247.48/29; " locations: - path: "~ ^(.*/)$" directoryListing: true extraConfig: " auth_basic 'Auth required'; auth_basic_user_file /etc/nginx/passwd/music.ctu.cx; autoindex_format xml; xslt_string_param path $uri; xslt_stylesheet /home/leah/webmusic-nginx/webmusic.xslt; " - path: "~(.*)playlist.m3u$" extraConfig: " set $url http://127.0.0.1:81$1; proxy_pass $url; proxy_set_header Domain $scheme://$host; proxy_hide_header 'Content-Type'; add_header 'Content-Type' 'text/plain'; " - path: /assets/ extraConfig: "alias /home/leah/webmusic-nginx/;" wiki.home.ctu.cx: root: /var/lib/websites/wiki.home.ctu.cx/public enablePhpSupport: true phpSocket: /run/php-fpm/php-fpm.sock ssl: enable: true cert: "/var/lib/acme-redirect/live/wiki.home.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/wiki.home.ctu.cx/privkey" meme.ctu.cx: root: /var/lib/websites/meme.ctu.cx extraConfig: " try_files $uri $uri/ /index.php?$query_string; " enablePhpSupport: true phpSocket: /run/php-fpm/php-fpm.sock ssl: enable: true cert: "/var/lib/acme-redirect/live/meme.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/meme.ctu.cx/privkey" hostapd: enable: false interface: wlp3s0 bridge: brlan channel: 1 ssid: hostapd.home.ctu.cx passphrase: "{{ lookup('diskcache', 'passwordstore', 'WiFi/legacy.home.ctu.cx returnall=true')}}" dnsmasq: enable: true local_service: true no_resolv: true no_hosts: true domain_needed: true bogus_priv: true expand_hosts: false read_ethers: false enable_ra: true quiet_ra: true domain: home.ctu.cx auth_ttl: 600 auth_server: home.ctu.cx, wg-pbb auth_zones: - home.ctu.cx, 10.0.0.1/24, 195.39.246.32/28, 2a0f:4ac0:acab::1/64 local_addresses: - /fritz.box/192.168.178.1 - /lollo/10.0.0.1 addresses: - home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - lollo.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - lollo.home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - legacy.home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - dnsmasq.home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - music.home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - influx.home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - repo.home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - wiki.home.ctu.cx, 195.39.246.41, 2a0f:4ac0:acab::1 - pbx.home.ctu.cx, 195.39.246.46 dns_servers: - 1.1.1.1 - 1.0.0.1 - 8.8.8.8 - 8.8.4.4 dhcp: authoritative: true rapid_commit: true sequential_ip: true options: - option6:information-refresh-time, 6h - option6:dns-server, [2a0f:4ac0:acab::1] - private, option:router, 10.0.0.1 - private, option:dns-server, 10.0.0.1 - public, option:router, 195.39.246.41 - public, option:dns-server, 195.39.246.41 ranges: - private, 10.0.0.100, 10.0.0.200, 255.255.255.0, 48h - public, 195.39.246.34, static, 255.255.255.240, 195.39.246.47, 48h - 2a0f:4ac0:acab::100, 2a0f:4ac0:acab::01ff, ra-names,slaac, 64, 48h hosts: # accesspoint - f4:06:8d:df:1f:e3, accesspoint, 10.0.0.2 # garmin vivoactive 3 music - 2a0f:4ac0:acab::12a, garmin-vivo-3, 10.0.0.210 # isa thinkpad x390 - id:04:ea:56:f2:b4:6c, isa-x390, [2a0f:4ac0:acab::36] - 04:ea:56:f2:b4:6c, isa-x390, 195.39.246.36 # isa p2max - id:ac:67:5d:12:2f:5a, isa-p2max, [2a0f:4ac0:acab::37] - ac:67:5d:12:2f:5a, isa-p2max, 195.39.246.37 # isa macbook - id:00:01:00:01:29:1c:39:07:f4:5c:89:c1:dc:b1, isabelles-mbp, [2a0f:4ac0:acab::38] - f4:5c:89:c1:dc:b1, isabelles-mbp, 195.39.246.38 # ctucx thinkcentre - id:e8:6a:64:f4:49:e7, stasicontainer, [2a0f:4ac0:acab::42] - e8:6a:64:f4:49:e7, stasicontainer, 195.39.246.42 # ctucx thinkpad x390 (mac: wlan, eth) - id:04:ea:56:f3:0b:5b, coladose, [2a0f:4ac0:acab::43] - 04:ea:56:f3:0b:5b, e8:6a:64:d6:e3:33, coladose, 195.39.246.43 # ctucx fritzbox 7312 (DECT-SIP-Gateway) - 34:31:c4:46:88:31, fritz7312, 195.39.246.46 syncthing: enable: true user: leah nginx: enable: true domain: "syncthing.lollo.ctu.cx" sslOnly: true ssl: enable: true cert: "/var/lib/acme-redirect/live/syncthing.lollo.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/syncthing.lollo.ctu.cx/privkey" frpc: enable: true serverAddress: osterei.ctu.cx serverPort: 5050 token: "{{ lookup('diskcache', 'passwordstore', 'Server/osterei/frps/token returnall=true')}}" dashboard: false tunnels: - name: lollo-ssh type: tcp local_ip: 127.0.0.1 local_port: 22 remote_port: 2202 influxdb: enable: true nginx: enable: true domain: "influx.home.ctu.cx" sslOnly: true ssl: enable: true cert: "/var/lib/acme-redirect/live/influx.home.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/influx.home.ctu.cx/privkey" mosquitto: enable: true enableAnonymousLogin: true zigbee2mqtt: enable: true config: homeassistant: false permit_join: false mqtt: base_topic: zigbee2mqtt server: 'mqtt://127.0.0.1' serial: port: /dev/ttyACM0 disable_led: true frontend: port: 8422 host: 0.0.0.0 advanced: ikea_ota_use_test_url: true log_level: warn log_output: - console network_key: - 151 - 53 - 144 - 35 - 165 - 3 - 110 - 254 - 114 - 158 - 84 - 52 - 29 - 5 - 62 - 223 devices: '0x84fd27fffeaaa597': friendly_name: ikea_lamp_i '0x84fd27fffe6b9ddd': friendly_name: ikea_lamp_l '0x84fd27fffe44369e': friendly_name: ikea_lamp_kitchen '0x84fd27fffe3a0b93': friendly_name: ikea_lamp_bathroom '0x84fd27fffea515fc': friendly_name: ikea_lamp_hallway '0x842e14fffe57daae': friendly_name: ikea_lamp_i_rgb '0x5c0272fffec9006c': friendly_name: ikea_remote_i_door '0x804b50fffe42a74e': friendly_name: ikea_remote_l_door '0x5c0272fffeca585a': friendly_name: ikea_remote_kitchen_door '0x842e14fffe1ab485': friendly_name: ikea_remote_bathroom '0x804b50fffe7df0be': friendly_name: ikea_remote_hallway_entrancedoor '0x0c4314fffe194a18': friendly_name: ikea_remote_hallway '0x0c4314fffe194ca3': friendly_name: ikea_remote_i_desk '0x588e81fffe3ec895': friendly_name: ikea_button_l_desk '0xcc86ecfffe8bf621': friendly_name: ikea_control_outlet_i_desk '0x588e81fffebcdc1e': friendly_name: ikea_control_outlet_l '0x847127fffecd89b6': friendly_name: ikea_motionsensor groups: '1': friendly_name: room_i retain: false transition: 2 optimistic: true devices: - ikea_lamp_i - ikea_lamp_i_rgb '2': friendly_name: room_l retain: false transition: 2 optimistic: true devices: - ikea_lamp_l '3': friendly_name: room_kitchen retain: false transition: 2 optimistic: true devices: - ikea_lamp_kitchen '4': friendly_name: room_bathroom retain: false transition: 2 optimistic: true devices: - ikea_lamp_bathroom '5': friendly_name: room_hallway retain: false transition: 2 optimistic: true devices: - ikea_lamp_hallway '6': friendly_name: room_i_desk retain: false transition: 2 optimistic: true devices: - ikea_control_outlet_i_desk mbusd: enable: true device: modbus0 serial2tcp: enable: true device: tempsensors0 smartied: enable: true config: devices: modbus-20: type: RelayBoard firstRegister: 0 count: 4 address: 20 modbus-60: type: PowerMeter model: SDM120 address: 60 lacrosse-l1: type: LacrosseTempSensor id: '27' lacrosse-l2: type: LacrosseTempSensor id: '3a' lacrosse-kuehlschrank: type: LacrosseTempSensor id: '33' lacrosse-bad: type: LacrosseTempSensor id: '5' tradfri-lamp-l: type: Zigbee2MqttLamp lampType: WhiteSpectrum deviceName: ikea_lamp_l tradfri-lamp-i: type: Zigbee2MqttLamp lampType: WhiteSpectrum deviceName: ikea_lamp_i tradfri-lamp-hallway: type: Zigbee2MqttLamp lampType: WhiteSpectrum deviceName: ikea_lamp_hallway tradfri-lamp-kitchen: type: Zigbee2MqttLamp lampType: WhiteSpectrum deviceName: ikea_lamp_kitchen tradfri-lamp-bathroom: type: Zigbee2MqttLamp lampType: WhiteSpectrum deviceName: ikea_lamp_bathroom tradfri-lamp-i-rgb: type: Zigbee2MqttLamp lampType: RGB deviceName: ikea_lamp_i_rgb tradfri-co-l: type: Zigbee2MqttRelay deviceName: ikea_control_outlet_l tradfri-co-i-desk: type: Zigbee2MqttRelay deviceName: ikea_control_outlet_i_desk tradfri-button-l-desk: type: Zigbee2MqttRemote deviceName: ikea_button_l_desk actions: "on": - type: SwitchStateAction deviceName: tradfri-co-l toggle: true tradfri-motion-sensor: type: Zigbee2MqttMotionSensor deviceName: ikea_motionsensor occupyActions: - type: SwitchStateAction deviceName: tradfri-lamp-bathroom relay: 0 state: true clearActions: - type: SwitchStateAction deviceName: tradfri-lamp-bathroom relay: 0 state: false clientConfigs: smarthome-pwa: views: - url: room_l name: Room (L) icon: lightbulb type: switches switches: - name: 'Ceiling Light' device: tradfri-lamp-l relay: 0 - name: Lights under Desk device: modbus-20 relay: 1 - name: Bed device: tradfri-co-l relay: 0 - name: PC-Speaker device: modbus-20 relay: 0 - url: room_i name: Room (I) icon: lightbulb type: switches switches: - name: 'Ceiling Light' device: tradfri-lamp-i relay: 0 - name: 'RGB Lamp' device: tradfri-lamp-i-rgb relay: 0 - name: 'Desk' device: tradfri-co-i-desk relay: 0 - url: room_others name: Other Rooms icon: lightbulb type: switches switches: - name: 'Hallway: Ceiling Light' device: tradfri-lamp-hallway relay: 0 - name: 'Kitchen: Ceiling Light' device: tradfri-lamp-kitchen relay: 0 - name: 'Bathroom: Ceiling Light' device: tradfri-lamp-bathroom relay: 0 - url: powermeter name: Power Meter icon: power type: powermeter meters: - name: Zimmer device: modbus-60 - url: temperature name: Temperature icon: brightness_7 type: temperature sensors: - name: Kühlschrank device: lacrosse-kuehlschrank - name: L Zimmer device: lacrosse-l1 - name: L Zimmer2 device: lacrosse-l2 - name: Bad device: lacrosse-bad - url: departures name: Departures icon: departure_board type: departures source: https://f2k1.de/haltestellen.php - url: fritzbox name: Fritz!Box icon: router type: redirect destination: http://192.168.178.1/ - url: grafana name: Grafana-Dashboard icon: multiline_chart type: redirect destination: https://grafana.ctu.cx - url: fahrrad name: Fahrradkarte icon: directions_bike type: redirect destination: https://www.nextbike.de/de/kielregion/ - url: settings name: Settings icon: settings type: settings sourceLink: https://cgit.ctu.cx/smarthome-pwa serverConfig: frontendPort: 5000 modbus: host: 10.0.0.1 port: 502 mqtt: host: 10.0.0.1 port: 1883 lacrosse: host: 10.0.0.1 port: 2342 influx: host: 10.0.0.1 port: 8086 authToken: "{{ lookup('diskcache', 'passwordstore', 'Server/lollo/influx/smartied.token')}}" powermetersDatabase: powermeters sensorsDatabase: sensors powermeterUpdateIntervalSec: 20 accessToken: penis123 nginx: enable: true domain: "home.ctu.cx" sslOnly: true ssl: enable: true cert: "/var/lib/acme-redirect/live/home.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/home.ctu.cx/privkey" rest_server: enable: true port: 8060 user: leah nginx: enable: true domain: "restic.lollo.ctu.cx" password: "{{ lookup('diskcache', 'passwordstore', 'Server/lollo/rest-server.htpasswd returnall=true') }}" sslOnly: true ssl: enable: true cert: "/var/lib/acme-redirect/live/restic.lollo.ctu.cx/fullchain" privkey: "/var/lib/acme-redirect/live/restic.lollo.ctu.cx/privkey"