diff --git a/.gitmodules b/.gitmodules index cdb505e..d27752a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -99,7 +99,7 @@ url = https://github.com/roles-ansible/ansible_role_ntp.git branch = master [submodule "roles/do1jlr.etebase"] - path = roles/do1jlr.etebase + path = roles/l3d.etebase url = https://github.com/roles-ansible/ansible_role_etebase.git branch = master [submodule "collections/ansible_collections/community/mysql"] @@ -144,3 +144,9 @@ [submodule "roles/l3d.homebox"] path = roles/l3d.homebox url = https://github.com/roles-ansible/ansible_role_homebox.git +[submodule "collections/ansible_collections/l3d/users"] + path = collections/ansible_collections/l3d/users + url = https://github.com/roles-ansible/ansible_collection_users.git +[submodule "roles/l3d.rustdesk"] + path = roles/l3d.rustdesk + url = https://github.com/roles-ansible/ansible_role_rustdesk.git diff --git a/.yamllint b/.yamllint index 3a9ae97..3982173 100644 --- a/.yamllint +++ b/.yamllint @@ -8,11 +8,8 @@ rules: level: warning ignore: | - host_vars/mail01.l3d.space/vault.yml - host_vars/web01.l3d.space/vault.yml - host_vars/luna.l3d.ch/vault.yml - host_vars/services.l3d.space/vault.yml - group_vars/all/vault.yml + group_vars/*/vault.yml roles/ ansible/ collections/ + host_vars/*/vault.yml diff --git a/collections/ansible_collections/community/crypto b/collections/ansible_collections/community/crypto index 5159189..4167d2c 160000 --- a/collections/ansible_collections/community/crypto +++ b/collections/ansible_collections/community/crypto @@ -1 +1 @@ -Subproject commit 51591891d388c86399f6a04d99f45a49c54947b2 +Subproject commit 4167d2c4b34ae5d0e561ae82c140d8b6102d647a diff --git a/collections/ansible_collections/community/general b/collections/ansible_collections/community/general index eded6eb..05bf5ee 160000 --- a/collections/ansible_collections/community/general +++ b/collections/ansible_collections/community/general @@ -1 +1 @@ -Subproject commit eded6ebf648bc0ff76bcff5ddaf1d99ee4384636 +Subproject commit 05bf5ee1df35a878f69f16ef8d6690e4d901f7a8 diff --git a/collections/ansible_collections/community/grafana b/collections/ansible_collections/community/grafana index 6773070..a3056e9 160000 --- a/collections/ansible_collections/community/grafana +++ b/collections/ansible_collections/community/grafana @@ -1 +1 @@ -Subproject commit 67730703f38cdf85b511f8261e712db1bf85d76e +Subproject commit a3056e92e196f11c4b3550bd1891ef6b22b6acb1 diff --git a/collections/ansible_collections/community/mysql b/collections/ansible_collections/community/mysql index 32718ca..c99c19a 160000 --- a/collections/ansible_collections/community/mysql +++ b/collections/ansible_collections/community/mysql @@ -1 +1 @@ -Subproject commit 32718ca2956b2b776d633710a940d45c4d517431 +Subproject commit c99c19a489d0c1db85457bc8b7ffbeccf82788dd diff --git a/collections/ansible_collections/grafana/grafana b/collections/ansible_collections/grafana/grafana index 02ea399..3018442 160000 --- a/collections/ansible_collections/grafana/grafana +++ b/collections/ansible_collections/grafana/grafana @@ -1 +1 @@ -Subproject commit 02ea399c6363d8cf403478436988731e0d704f08 +Subproject commit 30184421efe13fec79222fc5c871551624b5fbc4 diff --git a/collections/ansible_collections/l3d/git b/collections/ansible_collections/l3d/git index 6976e94..5174fe5 160000 --- a/collections/ansible_collections/l3d/git +++ b/collections/ansible_collections/l3d/git @@ -1 +1 @@ -Subproject commit 6976e9434e31290271290435d7872fa84c275f43 +Subproject commit 5174fe5ee1ddd2c95ddf0e99db0a3d6382f553f1 diff --git a/collections/ansible_collections/l3d/users b/collections/ansible_collections/l3d/users new file mode 160000 index 0000000..c9da584 --- /dev/null +++ b/collections/ansible_collections/l3d/users @@ -0,0 +1 @@ +Subproject commit c9da5848168e0e3d5a4ff9b71c3554bf152198bb diff --git a/collections/ansible_collections/prometheus/prometheus b/collections/ansible_collections/prometheus/prometheus index f189e53..cf2db42 160000 --- a/collections/ansible_collections/prometheus/prometheus +++ b/collections/ansible_collections/prometheus/prometheus @@ -1 +1 @@ -Subproject commit f189e53e77223f30e461b6c6c9668325e3ee90e0 +Subproject commit cf2db420c255f37a500a08c09434984b37560fe2 diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index fc97ebf..c040445 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -21,3 +21,28 @@ ntp_servers: # prometheus.prometeus.node_exporter node_exporter_web_listen_address: '127.0.0.1:9100' + +# l3d.users +l3d_users__default_users: + - name: 'l3d' + state: 'present' + shell: '/bin/bash' + create_home: true + admin: true + admin_nopassword: true + admin_commands: 'ALL' + pubkeys: | + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPvvXN33GwkTF4ZOwPgF21Un4R2z9hWUuQt1qIfzQyhC + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAG65EdcM+JLv0gnzT9LcqVU47Pkw0SqiIg7XipXENi8 + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJz7zEvUVgJJJsIgfG3izsqYcM22IaKz4jGVUbNRL2PX + +# l3d.users.user +l3d_users__create_ansible: true +l3d_users__ansible_user_state: 'present' +l3d_users__set_ansible_ssh_keys: true +l3d_users__ansible_ssh_keys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + +# do1jlr.users +admins: + - l3d + - ansible diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml index 8dcddd0..753def8 100644 --- a/group_vars/all/vault.yml +++ b/group_vars/all/vault.yml @@ -1,12 +1,14 @@ $ANSIBLE_VAULT;1.1;AES256 -62313734366533326334646163383462373265303264643366323937666564653064383037623931 -3831643363613132376165373936306638366439613536650a383536663736313232623965313362 -34366438343164353836333739316261363233366463613964636665306232333534633434643164 -3930333935356131620a613931343230383862353639663862356139663664356163623938376561 -35383464386237363736313265613137656530323165613965633463376464366133376430613965 -33623464383730396265613536336437303964333763633563616662313762346235316531313139 -62373134393865306562346332613361623534396433666232333665336139333730313362353539 -64386135346638643234653536353439646235303634306362376463343135386464663962333934 -65376265353436353038333830636566343834643737333537376235613038343661646431373131 -35633065333233383334383661666533353765653230653361366461613138613935383165623739 -326231316564393161333839393733616531 +36383439323339386166633331333531376634633838636635666665633363333265623061393137 +3263633634633231366361366634366563623734393763660a386363396336356532633562313836 +62643663356366323261353138333663393764646334623263626362636337636539363538346538 +3236636433363663340a633361363661366436633538363261623438396463303030363531326231 +35316335383139303638643661666132636139653032363935666533623832666539373033353631 +33303139643730616335343763356130653934633465396130666439343531353261343538363664 +34613834623762323063356234636132383339613030386133633333356138333730633032316138 +35363030323433623939303339366536343361616430383832623235313630613931386231656232 +36393765623664373562623965626362666362383063316163383735656366396131356666303735 +34313963623439663332626133346638666163646666313963653439326262653236393964326330 +38306138306437396261303965306161633733316130666465643135313663633238333932656131 +36613164323062643134653565663439383766613235633961373161346132353161643434653233 +66353166353033383437316266666337373566386234626437313437376232316362 diff --git a/host_vars/mail01.l3d.space/vars.yml b/host_vars/mail01.l3d.space/vars.yml index af34209..d700f42 100644 --- a/host_vars/mail01.l3d.space/vars.yml +++ b/host_vars/mail01.l3d.space/vars.yml @@ -1,31 +1,13 @@ --- -users: - l3d: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@business.wingcon.com - weechat: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@business.wingcon.com - mailwebuser: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@business.wingcon.com - -accounts: - - l3d - - mailwebuser - - weechat +l3d_users__local_users: + - name: 'weechat' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'mailwebuser' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" # mail domains additional_dns_maildomains: 'mail.l3d.space imap.l3d.space smtp.l3d.space' diff --git a/host_vars/mail01.l3d.space/vault.yml b/host_vars/mail01.l3d.space/vault.yml index a5798aa..2ba6cc0 100644 --- a/host_vars/mail01.l3d.space/vault.yml +++ b/host_vars/mail01.l3d.space/vault.yml @@ -1,263 +1,257 @@ $ANSIBLE_VAULT;1.1;AES256 -35343833393466333865306434336163313366343538396166396364633431333161396338653937 -6137616433336533333232616665326235343435646137380a343437323865356362353832376363 -33643762303231376133653231353639666136643364333830313634623865303239653964663762 -3661313737623361610a366164336661333466326138303036613964363837656262663434393165 -38336363333061383631633639363865646231623062666164316432626437373362376432643461 -66613865623132306263353465663065383265646330643434623134396563313139366439636139 -34323933316264393636353631356232643866333030376233316465376334373438386631613134 -31383634383534333139323638363938393039656437353032643239313864346130643639383737 -34616536616363316535626666626238343065643735623737303636336535613833663234346436 -37613230643538333536333036636136613335633061396463313331633566653037343966383361 -38326165343437396166663361393434303936663737343134616237646436343032626536353161 -62326662636433333333386235383263626661323435623538356138616433393030313239383937 -63316163666561386335326263353238376430376665356465336233303733616133363465353938 -38326432303161326336336332313930313165373930356538376330643734613332636634313364 -65316139643864316462363338393663366139323130633962656335653835326130353239303063 -30353765333733393736313437356332333030326165386238643433613235323364373630643830 -34653966633932343130653063323139386635363862313261613863383939613665393737356162 -62656138653032653631393636376434666465376162346638323264633965613661336136653831 -64646537643936323463333633373331613866626263326537356238363538363762633763636664 -39633139376330633032363936333633316131626533303733356638663031646136663537326230 -39653832393035643839663730303735373337326336323564383332666437396338316665376366 -64623733323565383231373262633336653436656636343038303734323032663432383962343962 -65363830396437306533323131613465663438363832353837343861626632363238623035646530 -33353536616338336335396661623365663638666363616363343866343632333231303366306466 -66633833326164393839666165646462613830653939396663343839396130363034623638373238 -33613236653839376461336136613564303964303432396135623839373437333930383132316262 -33396335653234396133363265353533616333343136336330323863613165616130373238663166 -39666163643430313164346461636234633864616265313737653639326566363762393934326363 -63313764663237646231333030666563356236316365653237363136393437646237666466613465 -33336333363236333035643438396363313732373137653930623061656633303236313438616632 -66336333346531356236633564366264396164643434326665363264386362616436346530373865 -31396361346632663865366230393761336165366535336130396333663363336439396137303938 -38653162356537643933653338346539343538306234363363613266376530363830346139386465 -37316663303136613130356539663731616239383337666662356537343765323337343538393265 -33336333306566633332303935653566376434343330613937323563386632613932653361353230 -66323065366633333766363139636535613466636438366433303461366565646361366634393335 -64336337333938313430373736373037326164633661343164656139313632356662363836363133 -32666162316336643564336165613338636430313264353035373732353762356236653138363964 -31383432373238616663343662383864363830363134346566653235646134306336653233306637 -31383438373939313932346538323031623066333630636533373532636130653965353565633363 -62663266643038313634633938386536396665356635653335393664643165363436396531323265 -35653165663262383538316134613236313466656438396135353463356165313863383661613234 -31616665346333613639343962343236303230363563396637396264306364636139336537653035 -37633930323062393262653838326636356362343739306163666562353563326632613037636463 -31323135303130313530383333663236396561363135386362356630396164383863653436613564 -36366631643335376539333864323435633330633830326564316635396361656338636536313262 -36373036623164656161653663313737636338623062613230333030643661653566633934653864 -37656335653739656361303338613964653832363535376234353061633762653536653465383565 -62316637393831653436386637336532656636613836386433393662366230653933643435616333 -66636632336565623936643036303237323438643264376463343336313539313861633236366364 -65643566633430353632326338303236396335316366623335313639326339373130373963646432 -62313365633663626563323037396433326265326631356437326431383630316461303934653064 -35633830303661393964383630346338646564306438396565623034363237366266306134333264 -30613532656238333038306262396233633436613735383034383932313234333264393736353861 -39363031366666333038326432646632646636383731346264663964396637346163626561656236 -62323461656338653538653736383739396131663264616535353238366266653562626462333163 -33376636376461336635336133313265303033396332613436336661333738313061306364313336 -64363931366161306230353563363466326639396232636433386461666232623933366664663035 -65623330633863633338333635353064306538656165396637626234666165323231323131623465 -34666564616338376163333239363133663830633530353661666162653135643238663131343130 -64396231633830643830353861633339343861346138383035303232323138343339626233663365 -61313634356134653761366434343064373562663438336435393134633666303439306439303533 -34646664393662336135623239373865663731643464666530636264613662636364363336636333 -32326532373065383631623530313733333936643462383665653865353862363861653464346266 -39666164306261363530393164313232333861366464623262343432353161303133613138363439 -37616665623564303762353539646133646432646631376632373564383166633238613436373965 -36366464333834343133346264643736633764626461323065343534326130313539623430386337 -33646336636662623366613336383132663631663664643237663266326634396530336166333035 -66316363666134363563333232373934356264336635353138643433353532373332373938383438 -65666231363833386330616438373838636162343633323434366339333063643339623039663662 -32613764633665366261333636343237396466363237323235373565336532343562623262643861 -62373336376430383933396339303530343838636433323737306361663638353965353035353265 -64396334303438376338366536663161343835336564626235346462316263323137643864306638 -63306363303465653632616265316334643565313137363665363666636134663137366666656463 -38653832343832393666323365343936346630313033626331626430353762383161653561633961 -33636538346435303063616430313032666365393061363236363737313661633734333562653262 -34343632643262656139663763386437646238336165636135363261633163653530356539306230 -31373433396135303637343561636432623666386563363361353561383863353833393039616662 -64383339383663613861653762373231353263316137366637633538353038306364333538393334 -63656434346230306639633435626235396330353162333933306332343366303532323864323361 -38383738363536363466313639643564636337353332373335346434393132373764396462633662 -62386234333662396161616539333864326362613062363762656266636562636338636561633435 -37666266653035623361666562343433613832613266313966666561666336333032646432356564 -32363631333139633632646236626138636266363830636266376565306332323562643135633164 -39623633323335316338383133313434313331313538383064323165363662626533346538646164 -63326537613063363064363634613435623062366636623466323033303761613937366137373831 -65316135653961353436363866373839356437396238383633343339323266356334343665366638 -37663334366261626565336234613335316664393030383932656634366263396230636538313338 -31376365323933313633613639303038636435666561623130613261616533313162633335653236 -62626564323530363739353334343866643233343833326466666236303630363239626234646464 -34376133323132303439323331653231353436623237623764333638386332353930633630326139 -61323332363762613636326333303235383138663964393162393939393533653162643532366232 -31396238363463303538386466343738623238363962313733643936653938336135313164316637 -30626166653366343662303736623938396334396638343832303562383636616666326137343561 -35346665316137636233646566373162663165333330323763313233333962616538653661626332 -32626434663035653565353430393433656336326131623037663238633161613135376131306235 -62626263633737323831623134386633376330363132343337633562356230386435346662303835 -63316361663434386331613138393961373665363733333461623263366166363131666438666336 -66356362613632326663633532396630363262353733393263353436656436636665373666303132 -30346235643037306137303363656437333939636162616533353465376462383530343138376632 -66346636326137353635396365303737313136343364333361383965623931353031323035663439 -65633832613165303264623338326430336464633234633861386361656265653836366430633238 -66376534313166333933316231653831333732656461626632633334336538636239643231636166 -62623462623561326230396162373837613563393037306330343331363430373966366166656332 -65373862346533333831613733366161383031363130393664666363396361306365306631663130 -34356636663465636630386562336630366465373162306230636663393061326338336465306163 -65643431313161663735346630653032626666653463646365393837323934663161383130363766 -35616262633761653962323565303361656665373634653738313162343466363638363630666439 -36346136613235653066373361313364366162303038646135653038626163663832303034393933 -34356134323235373533656139623461626664633464626630306136623834653662336330306336 -32646364316535656630613962616239613539333363336366353663643735363035313736396265 -36326634656561633831633666326263336362646365613634633435343036373232613963663339 -35623839303930633763663336343432393561643866623766333231656137613335303538363637 -30626539373564303163393833656337653166303232643332643633323930653338393266613239 -34306336363937643330323238356563343831633036306638343330663632336134336432653036 -34396134356565663932366566393362666538363137653662646565356563666534316431653736 -66613162323831363836366362363133666362313936326564353437373630343662356639633535 -66323366643662663732333437306664666136353037393164373636343735336437656135663633 -35373731633238303137316564623361376231663235373361326234626561393435376562666333 -37376661336135316634316539653938316334323033333237613164313063656261306465363533 -66393538386138636630306532636464353162366663366134663633636461386238313932633464 -35656430346266666265333135393063656566306465643335653165303737326365316339343239 -37636138376634373361663661353937623966613536633432666665396539326238306365343630 -63363165393139623636353032666330623533363661333437383435613166383537386332396431 -37616562363662393234373138373132373461376563323763326639636538616463653034313431 -31396461353466333938303833343338633435623031653732613961346165353165613437393434 -66363634646535663031303131666632393931336135653238313666393466373835343563356536 -64326462386465313539306235346331346432373936323464396438363432663137623430623563 -34313034626562353035303961396132663761323563666239373238303463653230356139613866 -31373235393039363739313038313231613866316138373861333236336463316334303633353839 -63383838663938386337653132346263356365653933616436656461363534636135623432636166 -64633161376162623532343766656664643339306162653163346663363761366633343638333031 -62376635623164643439343639633738386637333261383030633431666665303165303036303235 -65346162393531303933396330346462363034353635323431326161346535663632363966373438 -38626163613235653063666161373531373333623161323435646562646635333364303462626261 -33633666353336643334633162656536393232613264613831356431653133666334316663306461 -34376438343838643066303736396337663162343031626263623130313537363564363934646139 -34613961313637636166373736376466626131386430373566323764626163303765396663356465 -39633134336230663337616233656537363962626330646336633431326562666666303235396535 -63353163656335613932336630386365663534386463323566363162613130653038646662316538 -66323733386233613438393337643834666333323538323037313161336665306461646466353334 -66373063366232633065373233396261643636376239343766353938323232313738313963653535 -38303966616436653634613735313631323533303233333431303764396636643761646436653865 -34373430383265633831363531623363396162386364636237363332303236343035636636303738 -63336634326638303165653866646530396236393039646266396139386239343634643139306330 -66653464356562306136303037633936636434306630623233366566343362333835393439633831 -63333737346234366464626630323039623263656132346239386637343334626135376461346364 -39373236393637613336356338356564373764333139643033663733343631666234353736303638 -31613761646463396262643535313764346433346533333438313634346430633866393835366539 -35383161663134666439396132613138326635633533643261333232313964613639373931396334 -38333231306366396132623762353031383265393165343937663839653063303436323466626333 -64633330626136643330636537643163616561613334393163303964613339393830376135303236 -37313937386465613262313432346263376661653738303537326135343430396535626632663633 -63383464653234333632646438643030623231333833656239373331376333636566623037663931 -38636335366437383031353165656566343665393364633066333338383035643539653137626664 -66326537316132633439363738303535353534663835633839613232653839653031313039353537 -36653062366638353931346638613230313639353638346666366431366331623562343531306331 -38326266323761653638656337393561306165636639613436373964623839613365336535633239 -32336239303163613538623239393139373465353165313937613939636438663134303938376563 -30656639343861663534363633373465386339666431303035316538313037613233353363373664 -31613037663038346161343561643738376362656664316631366631323534316235666439623935 -61323065663832396137356134303836653036303433653535353634326561666637626462633064 -39396435386337633831633138333165636137333162306564386666343732623065306637303432 -36646461386333663963376338396534343466666664653466613930663162666632376436343763 -30663466343539363338313936313861326137323638343933386237343431366362643766386533 -38663939353433663039666535633564323038326530643766363336396166343836386466626237 -63383832323939613336663965353636376534333362316530383965313664386665636239333038 -34653465643961346164383830343765313337623566306332333165656664613632316264353931 -36366638366566376432316234653139623334303536616463393865393037333132383061316430 -31353234383432643031316532363762646164666131633334643866626464633937623339643761 -63346364363334633764646261646135366537313966366665363734643066353830623334616530 -30633939323863653264643437643034336232303736616630356561336362353335623238333964 -33616239336133666163343131353562623661633761376436313434666231643736313866346237 -33366136383930396534376231363036346136623164373230663461376261343832356434643465 -39616564666434396432353735306265393564656531656138313830623061396533363234356637 -63353266656363333031663038356239383865336366616436636665393638316464313330373235 -36626361613430303236306565623765303139346334656231313539656132303837343964366665 -34366433316237306165356565366132363832636163616532656363353761373666383436613364 -35353163643334343162636461653964303361336634373462393138373363323931356637616438 -64313435313937666161313439633464643039636134646563386562653238623834653361316537 -66613732643564373831313836343563333034646462333962383034363135666264366462656566 -36623762626235393238666536613565623630656463333564373562333031343430353263343966 -64383439393230653964373964346164333866653837363331373132333533646531663735373163 -62633432633036663133393431636434306131343533643264616665663932366230353563633836 -66363831336362313332356663626338646238313462643830363833346664383066643536653332 -62353261343763323861303661666539396332383464333863333236313730363535653436623565 -32326165356538356633353765353465306135613135336432306538613838646531343730363635 -30633438633661343765306531656432643038353638633066653435356633616237373738313963 -62323131636139646365306466623434346132333031626136623432633061343765613966333131 -30666138656537623936393737326239333232643363366432383937376266633332313966393261 -31323766636566343665366135343735643238363637323235326266376336373732313965323734 -65623639623761323166333635653230343663623839373765313635356662666563633936646264 -33373033613737353832623433633964643061323762313631363164306138316336363662663364 -65336263626536323536643866346333636634653963643132623031396132336665643532366362 -37643335333766393838643561313164323563646239353039313332373464613164653664343030 -38363166313665323930636534363961356232316435313432616239666633333139643238333436 -35613038386235343035326137326265323237646133666439316565396135346633333833336336 -33396332306462323435646362363863643939336266323661363163303865663434626533353733 -32343430653430303963373935323064336665383333346564346638663130386631353961383064 -61303238346538313166653364336532623837323335353961663639613638306361383063383262 -65383030386261306438373832346237616134633764363638666231653036373465343166663061 -33653333306361316665623764626165663038626631333362613765333265393435613937353936 -35643163666563613938616531376165363465613566326265666664613439643738633036376535 -33646662336663326665323536316633313938653265326533636664336164643439306564666635 -31323861343137383537616230313366306362666332383737663537363233323365313065666562 -39656165376435366366326363306331366166363565623136633237616237376231646364326239 -33313261663363306164666334363261613763633539373132626463663037613434303265393036 -32623866343766353435316533313030333432623832623664313639306430643261396639306564 -66393561343436633731633734386561633736316538666131336539336535316562643461613038 -66393639623362316237363935303535636437366233393431353233663664316339666139333134 -34613062643162383538613064333335643865323932346332666231376236326365636562623066 -31346466613331396531653635653739353766313863646566653431336336623238306161666135 -63303136366363336362346638646362373962383638613662356363666161386132643337333235 -30666130613039623634383334636666346632363733383431333234353130343862616462623337 -61613330353161663130643436363435633861613865333462646236643335396235353330633838 -36656433633836373165663266646364356633633664626131313136363732393164343964343430 -62343762346261646132306664313165383565623166343165376139323539306133633166383131 -61663165643531653032366537633166353962663337353435313637333538346662363666353561 -34333161333835643961656333616362383234663864653137313839653431343161323536643030 -34323237376435663938626339643163656532643931626639346233333931336562376535643233 -63323465303662313331353963373437383035653965343161343461653934653334383861386561 -38383836663935383139306536313133306634653331633562616262326435323931353466353039 -33613961323533626238613862616332376461303339303162323630383531646566366130376637 -38363436366664613564386334333761626634386562623138326532376633663865663661663734 -64393939313862313336303936616561653766393430306530633238633664343661636163636239 -64623738626463303463343061313734393939306362393164663637663032343837396238623135 -65363634396337396562306236356434303335353263376662306235333162653839383430333061 -36656632366364323564373263343437653465623663623830633766393631626362313837616330 -34333937343033393739303061383361633761383938303666303662346230343635356366663535 -36663135326139326266313030353038356134323337663333303064616337636463656361343763 -35663565363034663765663533303131313630646434323562393062626436313136313366396361 -36343366643330626335663530353134346133376434366166353361373332653964366534323161 -31373965383962393561396132633364363864613566303238343337303861663339373562353966 -30643130333736313061313863333638656464633764383339316433633963653062316666386566 -32623735626433303861346136353637333132326462336235663237316633353237613433646535 -63383933313034353937366435356331346535333237343435623439643633626133623532656265 -62383561356230363961366161643966666437633665303637646265353939363465333730653630 -63373537633239353862393363376637326661656236663162336366303736326231363334346434 -36343430613838313663303863366533646266316162653139613035626531376530323739323433 -31363932396433303261383663613166373937343764613531313035376561383239313834616134 -36646333626364353533623630663866666330643530303836643335646331326130373566623938 -39396633303935346630383162656362323338343330653032363162303633353333386439393033 -33653761353162366261373664663862386633396534393738393465353434306161343837303164 -62366633613537393834356135333732643461633939303965363364656536346362383935383764 -30383563383931653261623939326538623537353863633662313939373630643064643735636364 -62623662383631613135376531326635363362383534393532313438313462313665313966383664 -63363964393736366262313636323562643162316666663966313639626266626231646631656535 -36303461316562393865346339396335663263383436636231333662383837383235326134616234 -35333036633131303633383933613738636465313763353839373663353034333761353430613362 -36646238656535616261313863653865666463373436353430393633393730613235623132326630 -61303164333535363265643461656331633236656537373162373266623762636662333234363536 -65613336303037303930373663303137383539636563343332396233313839396338353830653238 -39396663336565333737623765373937363966383239316531396434333238303837643038356331 -64616131333932303336623833343630353361303239363162333133386632373862613363306230 -35613666643336326264336363336434306265643864623461663361343037333635383534643233 -34306133663464323032653565613730303039663166626566343636646361313663626136643732 -38633536363133353439353832613133643861666464666330623134633634373965626139343836 -61363464653964663663356137623963303136323466663139666437666331356562313762353836 -62303862323733313465313334313638626539306566353230646463666231396433653335653530 -33333938623933376236346663363436663639303934633432303630303930373365613335653630 -38323237383936373536643063623131626332313133626631373432353361333662653666636232 -6663656435663863323236616630363461383866393165303265 +34356238396430656266663034316464383432613036666231343765373537333365386537316264 +3166616264373937656466373132616634316131633334390a326235376130323962636361663265 +63373633323332316264393730346530643639646239383939336565316663393164396166303261 +3034303138623839360a373061373332646136303232636531373561646466316164353964353534 +61666565623334656138363831343262323039346237336363353466663537346332363661663431 +63353637616361323065383935623839656132626439633235303566303839643263666636666137 +35346130333930376266613335353933316435383763663064663361636537613135363534336339 +35376266356364383865386231363765316361666137653630333930306238623530366635393734 +38666464663064346136666562353231633864646232656132333538303839386137316635343231 +35653164326664643537353835393632666161666532326334356462636262383932633866613066 +61306563626534616131336364383164613534353066633163383433623766303634363737613161 +65623033363037366136343539356432653963376262333930323634623039313535313336326430 +63646463306639313463613235313833326664643764343838326661663964353061613065653236 +33363762376137363735356265386439383962663937303732386133346365306266623666636631 +38643337633438656363303232323265356665373032633231633161663838633166343662626263 +30646635633836396364343439316436313762326263313939306531303430326639356437386633 +30316631366666316234363033323434363533336230313737323933346435613336616438386264 +64633065616433333266383631343964643233643135373236663664376134616634303230656130 +32353635643332373838616432366465653033633163666130663437643666303463316434643336 +30323961333633363566646463356237333366623933303161306630333037333661313936316634 +63376431306162643730316530343131323037303462336564646564386566386231623763323137 +66643337643462646331663033323330613963386663313536393031383364376330633263323461 +32386462646562656237616538386138393232363032343432383438663138393139366465333230 +32636436633065336634623638376335396166383438333265306564376266656430666562626365 +62626138626531633933333561636166333238613438353265393336653163663430336437313064 +62303465653735353830323937333864643865366135303430316461633836663435666364326330 +37393735306335653161336233626565613436336430323338663339356565653662653763343062 +34313834613766363365383939336562376139626634643337653565643437383062306532333534 +34393030633633633930306232626330653662656633326466636461313236363266666465633433 +34626464363566323366633636643065646564303664393039313434323132306632653663303735 +35353939323033333264303134356239363138316363333361303832616237633034626438666431 +33633466383261636532636231393066393335363166646539626465393261366466316363343036 +65343761326665396565623464623364666463353161646131353164623535373363303338613637 +39363761643533393536336666623966386139633635363562643230613561376337383161343464 +61313030396634366130376234666564353964363330626666303137343635336365633166373661 +39666166343466333463626536616134626237636463616463336466336236643633353265353836 +61366335363263613061636139316562393333363765343331343538626361646536393632323634 +33363165376165653032663837376462626461366361623738366635623236613036313532623766 +36303934633035613239616431396134306238663264666337356663306338333337313134393132 +38326263666436613662306436366165623238613931636332316133396539363538356230656165 +36356265653234393739373563336663336331356634323665633864353530633363356338623161 +32613933396433316337336262613761343565653561323965306535633038393435323433393632 +32393064366537613639623961376264393364313266303034343736353339376265613433633864 +61376237656162343936613465333233373061316231363764383535626537663935383033303734 +31306637316433653134346534336136303238376139653866393131303765613362366638663031 +64616336343339623662663139306131333738616236663431326238623333346533373037646132 +65303861633264333532396664396336396161653135663665343930353563343962353631626361 +34633934333563666362366661623365386532663564396661376138346136663435653639643337 +64613439636634643661613137623331306531313566613836323863633166373161336638303065 +65396531656230346465336434316337303462616134396239386564393931343438616536393864 +32303035353838333036623439613438393437373931366266393465333131363862303734376437 +34393538613564666335613335396262643762666635323364353964623561656235386566653230 +30636331316632613637386530653637346230346439636662393737376338393962353238363238 +61313436303832336433373439356665346665376265656563653431373638663035633330326232 +36343762353330353939613334623366616235646166656131636537656133333462306664653531 +33373133393938396331363164313138383535613764653466373934353662363835646335353162 +32366365636334653064303038393664626431336162346463633832396630373234313139323962 +31346235633538343434636237393636616330356663656562656639353532363637636431393033 +38326565306138306561323839643334313933623365333864663534373462373536313834636165 +33636361663562356233383534383761636333666263613964383465353032363166643130663038 +63346336326235373764323437636335326530646130306137313332646632323635613237626237 +65376231353464633161663833633036336138616131373961383434376564643533656337643964 +65656631656166386364336434656539336135363565653531343235323165353835326565643861 +31633262393734333739383532333162633130663562356539653765393739336163323063376230 +61383966323735353561366536373961613139353864643361643136313335376339393863643332 +65396536613362643565646139643933393132393536653565643263313566306330653135303063 +62633464656664306132393531363835383934386637376466663131363762353239323337336531 +61376533363132623433363938666462646132383035373964346635613362316634363462323332 +36353962363034623534623361636632303038636165353034643665663538353237353362326432 +37383562396238363334613038353837633731623833653465373830346266323663666462363533 +66303930656638623431636362626334393363343834666466653230313837306663356462326233 +39373530663232356564386531633535656537623335663333306536393837326134623032323235 +31393736663563343632393331646664373661656166333263383338363030363532323935353438 +63386565623439643931343837333730303237643464353532316466643764326233643466333931 +34663931643035353133626437656263353437653636336236383535313030333566626438643535 +35633732396334366137356437336133376433303733653631356434303435323936376165653734 +62376231363165306366313330613631396231303735316531306331663562643037306231343837 +30643838306362373337363465326236363036336339376265646261383837633466346565616462 +64326230373365333138336135383234326164326236303435313238366262656462613436306261 +36393439613535633536393133333364633462343030313233333364343231366462336566366663 +31396238623830363636616662616532333832303365303037333562353962623038373063656135 +39363666643234643031313563643834646235656462373633626432326333343935643362383332 +62616564663034326161363934623834363734356536313531633766313864313965383166653830 +31323230313335303731636563643564353066313831306166373135353565623736393134386566 +37306337303666393731666665323632333334383236643634386165346363646135323364616437 +39633735366139333435663535396362623764346337663938313661343735663862333632336130 +62356239613232373864326436396538303462353038376430356338663935323633316334663262 +33636634623764343230653132386662663234326639353635396637356131616462616432353766 +30393539326335323132323461323235653866363533363663623531663163623630356234666438 +65396132646132346139303935363838613031636432396431313134666433626165636237636138 +35663964653363383664356339336235313964613231663861366662656164373664626535653566 +64346634326137643263313938316334353436363239633432363262303166613634623466386335 +37646632313964313165633936393561633039313636626465363937353666646164633565333735 +30343265656163633961336432626239366337633061313862323539653132383564383763323733 +61323161656434643764333462313537626337343139653163366465626430663464613563396534 +38363233653933646263386639616561326164623233373735646566303635303266356539623963 +66393730626432356162306232643363663631396665383761623961316535636130326463653236 +37633335376338383264623732303837323534633334363164656531616632343736663465613232 +32386431623936316332326532323039343161326363633266633761383831623133626230663731 +37366339653631393338353334656465373233623737613061366530353639363831643466646230 +64313861613630336234623465326665313364643338313962636235346535646136663266646563 +39623437396464316465346566313234663533316336316364396331646336313131626264663366 +31336364303637663231616264346362313063616131613832613663393162316666363930633663 +66393633346531633035643565393638643339626334363838616363613665303765633732346361 +65356162636530333032396531386531353030346131656631396230643535306531383261393431 +64623438356362396532616565373332333137373238346237346637626237646339643363643637 +64613931393662303831623735343233383338323237653432623763633136626539663732333934 +32666565353938653833336336386165643863373561303133636238333139663765616633356661 +37646633376133303666366165643831653634636139363638633862623333373037303166356633 +37653536626633343039346166316431363764663263366534393833336535356562663064616631 +37376365383764363665653865393433336331653465316532663932623333646563323637353463 +30653363323834393135333036353864633063396536643537646166323837356131303638383338 +65386532393239633165666264326166383063626534646434376235633332653430633436336538 +30363135366637386638613961653938636339326564643965366138656364356339336132323266 +33326236313534396530633039313435383562373732326430626363613038383339323131323732 +63306439623665633639393930663331393432383133393332393566633535396237373030353831 +36616535336339613462626634326532333366333834613061643365373438303431636138316139 +65376433623535643463326430383565323666373433396533613530343530653262323038613236 +36376437616533313135363539396131613538613137386330363935303930313562303861373537 +63666632363964326234613736323765633134633861643965356639613362363861393965373265 +61353738343135643034653233363637653366656232363237313733666433336339326561633538 +64303863636630353439323730303131383165656362386163373236363139396163326438363938 +34643866363837333565623237346232646561613036666235653434343166343164366364653635 +61333435383231316535373733323330663362303139366530333164613939363033306564383230 +37313965313730616235386462613636336466666161666539343130623234616237346234383661 +31343864363438666638663330623630343761356664343330643265626134613065633935326239 +30343939643838303161396534396633393465623339653764633838353038636264643934336463 +66353835636638643931383931643864656438353437393332356237306362623561633937313765 +61343865353938373339323932346636323263653639323635636264326436343064386433366430 +32353637656230386330653161386339383734353130393633353038383034313366366462636536 +61326465623166636664313262383837313736386163363132373065613861363563626134313238 +65386330316162653665323638373461333662613465323639323935613839636261396639303337 +32336332396133306663616235316637623964646433616164636332373166356433663265663566 +36313936306532393635383937303038356436613838313532383264303136373030613239303130 +61313036666638646438663161343433613137653438633136626636336131633862396539653230 +33646635356265336566393539306230623464316165326465356639623664643861333639306662 +36376665633563623766313034373839653039306138353939333735303534636430613563633362 +65356335663534323661333538316162623236393331393337663763376563633962626465336662 +64346535616534326530306436623462366439356464613435663132663063626266346133306137 +64363561613034303564653038633938646163353737666436613764653332616632303532346336 +39343732336565306438396538306633636538396339636264616264316231373830613436303764 +37633532666336656666663937336235643664633561306266393962353266636430393530376631 +30666566326137303832303534313532316532633566613766393761336530363731666663663364 +61663066626666393133373163643365386166623037643838656666323538343766666438656163 +31323463363964356262633165356561373761343330366462336337303666613865373264373934 +34326438626139393437353661613238313139303963326230343534326237646666356631386133 +37356534613263633838633161656366383333623562373531386132663938346633333765353065 +64653465663238396630633763623133633130336535653733313134666263313837363331313566 +30326535373130366162613934303135633137663161363366363765306362316461383939353535 +37323961663431383537393639366463663664393064666139666435663562646332376366343539 +66613539373234326338363864323834316534373636633732373733333335303034393438623533 +37393563353036353864666163386238326632316136623638303338306232343737616632363639 +31326537393835636338323437376232383336393831333330646238656139383565653830323930 +63366637656661383630626633316334323330306162653932393362316634613134613837353561 +33623036306439313765383762336135626631613130346664633430643336616334653166326137 +64653531393432376465313466666565333834636138316661653166663333366637646232326337 +39663661366566616233373333343730323664653738353537656139613433646638343838353733 +37373035663734643438373637323661363163376631353561383038646334366337633234353032 +31623532663234333730656237663065346330346530663339353833373164366536663130643966 +66333134393763353735633031643531663034613832313930306666326435326535363066333137 +62643933396534343662313139613639323062373335356663336330653266306663363634636434 +38663939376332373632323433663964326130353862636161643838356131313963333637306337 +61366234323861306234623463326133333265663032386666643365373834313133646331333666 +34333965306562623632303938363838633030643662396265653238373737383431313563383161 +31323235363862346362653562316536376539313736646632663732313163616538333236656133 +38343533363561653537313631376531323739313232363065323834333738626534393934366666 +33613561356164383738383765363865323639393736396264666636333639643261386630633530 +32653266396430373231396433313331323738623931343038343633393431373238643564363239 +34323334323534396630623735303738313663626239353637653132386433633436396164643861 +38656536663832333064653661663261366234663139383565663462333333623537303562323931 +33376664653535616365663562366631323131383034646534316332386564373238326632303035 +31313332613562623736653238326531666566646630656530633935316466373435353131633362 +65666666376130626361376232333135616530653430376530386630343631316536656262366563 +39666137663262626266653461363134643530353361663635393565326363393365663566666438 +34653364343630393430666365623233623466613361313531633166313832613663616566663636 +39313233326638343163383933356634636539396135626239366664393162376637643562336130 +36613966316364326665626365383431343930613431333833333464633936316533353465306364 +38356439356565343534386134386631636162303237623162353363363733333863323134376133 +35333936356361373338336630376364373138356663393462633163363762656466663265666261 +65313365366463316330343962356164346431333835653466613062613866613831376165353935 +36653164356139376538613337323135623434646636363137343534303639386330636665653663 +61633636323665316334646163656366313434333432613337366435356361323431613336363830 +37616464653161393361613431623937323238303866623864373231613435353339613733626262 +31333363663033383831313136373866623133363265613866616264353935623138616361323863 +36396434613835663634623737346130386139623261303634346333633432376534646462623938 +65353135616563626231656631646134346164313861316531303532636330616465396366366337 +37326462323635396533363031653832656562373331363137336433393663393863366264303737 +30393665616266613230353835613965366439663864323834643065383733383731363836363166 +36623537323032316337383563623434333731653262616464383761373866376331306536643433 +63646333323063393131613039663635383131643262636437666464373066393231363562323534 +30633265336330336134636530336338613063626262343031376163323662626161633563323262 +30383033613837613064626233373238613135666330633264663731326433346532353430356139 +63336138343966376135623663323832356161393764303730353938666230313163366633316236 +31313166303762353536623666373636653431336439313561636565363534336131626639343034 +38626362646266343661363162373332623461326539633663303134376339646233316639626665 +31656561633965623366363138343361356137623733356637343933323034396361373634316366 +34363138646438616430656665333762326464643462313733626438323766613464393238663634 +38656137373133343562373434343365313561363134393863653932666137626239323639623664 +33316333306466616636313961316430376162383063663931316465303838316435303564613164 +33306534636537666639653038333839376665393231663935633032396566393064373361313661 +31643263643833353033633466383038653663653130353065386133613462373363613163333037 +61666334383031623035366138396164373334623132656264333862653665393433386164323737 +38346337306435336430396239366437626165633235663338393732373237366134326337336436 +37663839646435643639306164306232323034383839643436343136366331303839616130383165 +39303137636437633838613366663038626538326564323339343536313431336237636435633965 +33316530633962346464343738306465653739303638616261306264313335396531373031343936 +66666633366138343634363837393534383433663136623762383063383039373661316464393132 +38323130653863616362316338663564383137396163323530613562393661616666306637626538 +65386330356461343538313963333263373766363632313266313937616664356237313566623338 +66653566333161616531653539383330663733393737383731356130333163336636353163393864 +66653133303361663831313237393538393935653063643630363733373330656538386539653262 +33353336313666643535326533303063366632303561323136626461386430316165323736313865 +63353336656562303834633934333539326362313231323432363633346434356435303763326465 +35666636643439383366316265383033373466613064323035383862303338313338353062393639 +35306130333933376561636131616662346661626461363933633937643066616239313931396437 +62393064323936353231303463356431656164373562653039633737626232666439333033386363 +34336234303334363236386436323465633662326466633661323637626338346564616363616435 +66393137323331363632356631363963653733613961653632353631376335393433333066653639 +30623162356334616161333233343464616465643262663430396662656361623066666434356636 +64323362326464386264396366376538646237656561313836623561623434396563346330303866 +30616362363437653964666639353731396233613862323762303435646535313836633235616131 +66656333373737393635653437393565666164373136373036346338323937633061353737393265 +62333831656664363533636438356436343966363937313632623331383931626363386564623466 +32363939303830303465336264643132383461393235326333323266313663393431313832356335 +30633038316538343539343036623863323938653464376663333261343063313339363034306539 +64323061333236353065343131303164626130626662306137303563346163396661623064333435 +31613435303230646363303034343532316337643462396466363861356562333039323135386334 +35353432393732646135636438373734653331306332643863653561383861613531646462303030 +63343233323065626537376366393535336364366637663166643262383931663437666638343035 +37623431363566343361323932366464613966396434656233363064663430636562363539363165 +36653763376635663666303562306265303763376538633237313735323465393533613733396363 +64356234323466396238396136633632623436613066636531343963623433343334666630356365 +62356233646537306634373639626535653437346562613663313730353961353237636266663563 +30383161326231363863346261303662376436333865336538376664363331333831643335623634 +35373363306231616638613535643231316630356635316236386465373163653662333430346238 +33383637326566613966396434313432383738386664656637323065653134333534306364383233 +33653432333032386336333330666561313636626662636133366335313166336139373665353330 +39616131626365333663616239653530366661393234643964386663326135633934316539346166 +62656165626330333335333435343338383266373237363130653538313339343566376430343330 +65366630366230643863653833383033636436303037336339656436643934386566336166306638 +64376430373432336266343937626162313236343737646664343331323062383666663932636432 +66373562373233373161306331356664623132326530653835383634633430383561373464333764 +61656536613533636433653163623062363663636634363634303263633063386366613638383933 +31343330343037306635653238663264623661646437303132393735613165386336386638383761 +35623138653438376634333239613730346437656132633664343466393934303038646134343537 +61656362383833306266353634326238623564323836393963313064303338663166303137663235 +38346538303330663039373161366530313933356232343737633531653736373735303830376639 +65386665616565333764623836353036653730346636643530633262333162613133363134353639 +34653565356438656265396562653761343335666236396366663866383739393261643264646533 +66623164383665636164623731633335653463623734303238613733666339303432323862393335 +30313237346462323632356665653737396633333265386134353338313562633531396337323861 +35333432633966333731646465613339646532313938303536383465383565313063333630336633 +32636264316635333837396436356539656334636665636531653039633462656435393830353363 +32333266333761613430373762366330373162633134346635633333623530376464626566393261 +61646132613661666438363839376330393231646261333364343261653565333735643438306530 +63323033373432633834 diff --git a/host_vars/mx.l3d.ch/vars.yml b/host_vars/mx.l3d.ch/vars.yml new file mode 100644 index 0000000..00e9dda --- /dev/null +++ b/host_vars/mx.l3d.ch/vars.yml @@ -0,0 +1,39 @@ +--- +l3d_users__local_users: + - name: 'mxusr' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + +acme_domain_unwant_list: [] +# - name: 'example.com' + +nginx_sites: + - name: 'mx.l3d.ch' + webroot: + user: 'mxusr' + - name: 'node-exporter.mx.l3d.ch' + - name: 'nginx-exporter.mx.l3d.ch' + +# letsencrypt +acme_notification_email: "{{ _acme_notification_email }}" + +# acmetool config +acme_reload_services: + - 'nginx' + +# firewall +fail2ban_destemail: "{{ _fail2ban_destemail }}" +firewall_allowed_tcp_ports: + - "22" + - "80" + - "443" + +nginx__infrastructure_domain__enabled: false + +# l3d.time.ntp +ntp_statistics: true + +# l3d.nginx_exporter +nginx_exporter_listen_address: '127.0.0.1:9113' +nginx_exporter_scrape_uri: 'https://node-exporter.mx.l3d.ch/nginx_status' diff --git a/host_vars/mx.l3d.ch/vault.yml b/host_vars/mx.l3d.ch/vault.yml new file mode 100644 index 0000000..82fd91b --- /dev/null +++ b/host_vars/mx.l3d.ch/vault.yml @@ -0,0 +1,16 @@ +$ANSIBLE_VAULT;1.1;AES256 +63656237376635396638613937623136656236383833663266356330663365303339636139386332 +6530326534316231323333666434353866376461613066640a653333333037396132646637346362 +36383761313731353532666632353561306233663139316532393764396431373036626361663830 +3334373338663333370a343562376530373461663636306135313864626638343631303036616165 +38386166316432663866383865383834383135646530303739383562616439363137623430373732 +34376566616266613664313034306461343863383132633631316135383239343635653034343362 +63656331396135646238623138323438366532636364613865323066623666303531626632393031 +36373163656539376262363962633234393936306438663836383431643461623533363939333566 +66336636353462336338663937303039303734383937393135653737666638633935313335303935 +66323836663634633532616537656533663236663465343862346562396263366335343535396266 +33376362343362643237363664623836346366623539323863323162366364383034393066393930 +62326133653630346132323563636261383631323931333638633233353835636235306334323631 +31386164326435353639396263376439363130663331356364646266336330646466353862656532 +61623839366439343266643833373563393163306466303863333932336566666265613666383063 +393632663233343964353161346639616332 diff --git a/host_vars/services.l3d.ch/vars.yml b/host_vars/services.l3d.ch/vars.yml new file mode 100644 index 0000000..6e8748a --- /dev/null +++ b/host_vars/services.l3d.ch/vars.yml @@ -0,0 +1,74 @@ +--- +l3d_users__local_users: + - name: 'mxusr' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'rustdesk-web' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + +acme_domain_unwant_list: [] +# - name: 'example.com' + +nginx_sites: + - name: 'services.l3d.ch' + webroot: + user: 'mxusr' + - name: 'node-exporter.services.l3d.ch' + - name: 'nginx-exporter.services.l3d.ch' + - name: 'rustdesk.l3d.ch' + webroot: + user: 'rustdesk-web' + - name: 'grafana.winkekatze.tv' + - name: 'www.grafana.winkekatze.tv' + +# letsencrypt +acme_notification_email: "{{ _acme_notification_email }}" + +# acmetool config +acme_reload_services: + - 'nginx' + +# firewall +fail2ban_destemail: "{{ _fail2ban_destemail }}" +firewall_allowed_tcp_ports: + - "22" + - "80" + - "443" + - "21115" + - "21116" + - "21117" + +firewall_allowed_udp_ports: + - "21116" + +# l3d.time.ntp +ntp_statistics: true + +# l3d.nginx_exporter +nginx_exporter_listen_address: '127.0.0.1:9113' +nginx_exporter_scrape_uri: 'https://node-exporter.mx.l3d.ch/nginx_status' + +# grafana.grafana-grafana +grafana_address: '127.0.0.1' +grafana_instance: 'grafana.l3d.ch' +grafana_users: + allow_sign_up: false + auto_assign_org_role: Viewer + default_theme: dark + +grafana_dashboards: + - dashboard_id: '1860' + revision_id: '33' + datasource: '{{ grafana_datasources.0.name }}' + - dashboard_id: '12708' + revision_id: '1' + datasource: '{{ grafana_datasources.0.name }}' + - dashboard_id: '19688' + revision_id: '1' + datasource: '{{ grafana_datasources.0.name }}' + +# l3d.rustdesk +rustdesk__relay_server_domain: 'rustdesk.l3d.ch' diff --git a/host_vars/services.l3d.ch/vault.yml b/host_vars/services.l3d.ch/vault.yml new file mode 100644 index 0000000..e4b77c8 --- /dev/null +++ b/host_vars/services.l3d.ch/vault.yml @@ -0,0 +1,117 @@ +$ANSIBLE_VAULT;1.1;AES256 +61306630323333386332333633366463383930306537626431393335396133613961623338666631 +3932636163303836666534363830393937653136336339360a386264373965396535373038316665 +32343732393061613666303563623636353034313964316662323365383461613833633631643734 +6662303434666631340a303630386566366637626665393563323132396535656136356662646363 +39383262336531626462636436666363393434353433323135636361623136656330316131336562 +63333962626135643062373661633138343435666463646638313631333062336661393131653539 +39313535653961393061323161303930643064393730616264303130353463303766336331653166 +37643665366333656266613733616562363766393130316439363035316361333230356664313339 +32373461313365363464663365623364643335616431643638646336346431343739326537363432 +30386164633634343339356463643730353936393631383536323030646438386432336463623165 +66333939613737366633393530666566663132633335626265343962663836646231643539633835 +30623532323735363066303865393162626139366633396663653462623930653665373238643763 +63396537353963616636353233343562666232383937643538353263343861333161653663366234 +32306636666663636266386566303539663532356566663138326265396338353966623561646538 +64623238393235303737356533303965353638646236623763313236633334653064313733666535 +39366534393166313033343764363138386361623639396335313962326636636136323633333561 +31356139313865656538613565313964303737313331326336363966646338656166643765626239 +31333034393164373138383064656133353761343438373161383764383562313731376463386137 +38366531643466653336363534363435353534386331336637313764343133366131363234343732 +32303066383461613163373335336430623435343761353834306134353438613333396139363036 +36306662313534653437323761303038353432356266623538376264623565623632396635623330 +61313966613133623834636566363638363266623533353639393361666434613762663231346339 +30336663643864626234633437303262643639386131393538306137303934653136323432323564 +31353433346639316664616531653637353263363766323461633963663766323562373365366666 +36396432393636376432396137376563303865636164343865636432623465663133643434373235 +65383136626164633366643262356437646339393739626262616535363966366164653465613139 +35396435343535616438343933663963353038663535313239396131656633646664386336353035 +31316333393061616439386438316338633033653036303336346335343261633133313939663033 +66653564333761376334346232393230616462623163396165363932346338323732333436323136 +35636565636233663038313162616562353039623065343931653561663236623865353138383638 +64343465383962663162646232623861303938313333323665616135383031616632373564656530 +62353132376364666563623862316133643930623836333138343133323064343033623866613965 +62333938343033346532323062663239353639306333393836363961616130353438373837313866 +38376566643533623565633834613830613837306332663533333834316464613363313532373936 +63313366333236393161613062666633393262326235306236653336313566383661383835346463 +31316133386331333433323130323434313736613365313237353135626363343339623663373533 +36626434326534626666396438646534613765353330363535313462373039393836303261383236 +36626661653838643565663335353533616634613031363461383637383063326365633831623539 +30346365643337323965333937386265316134663462306536663065373265613434336365633436 +35653465636330376464663434643637613335616237373531623036303038313732656131303437 +66373631303530393034363038663139363436326538393664663235333633323635303163343033 +66623636346439323533316530616662333030343531363833633664653635323266326137613030 +37376331616431396332353237646133636663343264646131616564613561616333643437613638 +62356565373364336134383834386236343837366666633838643036373037656664393235323535 +32613963323334643266333165666437626532303263396564306636643835323061653764613365 +61393733333263336536646464623166373836636266356530316430613965366162613731343335 +39363862333632623061323762623861663966613263636338386339653538626232343963633833 +30396636353132653138393134623037636638383735383661383931613734613331623064326634 +30366533336135616337393635363564616131643537336235336330633261386632353434633637 +38666561633339313535623266613766366163653366346336376533313539323439393232373730 +30376265366636616633626531613366376662393532643965323537383539393635356136373465 +66326565373262643338356365656264646332393663346632383566336164363063323636613537 +30366137383534353032666233643535353665653261326465633732313438666334646462336361 +30303966653165643531303266373963663563373865373131653439386363356631633965386438 +31393937643033353639373131346433376134333561663035666438366135636636353336313261 +35643032623530343631336663613930393366616264313430386665663539333361646635646433 +30373130343632306636363437306132316139646136316433643235616662343437393635353630 +38613066653035326330656361366539363938323830663065336562656362363634386232306565 +62336639306361616631303535366335653661656366623637376663666338376533303133333265 +33623866323333633636303062333239663663353131346635326339636161633665343035333931 +34356138383064393532303133366263386430373438633831313431623936646236396637346237 +36653262323038643133303231613032326361323965633732613764343831313836663530306365 +31393035376637646435636333666231363333373438636564313862306538353565386464633864 +63363139306431303833656634613763313535386333376262303162363062633437353333613366 +65373361373833663237303837396639343466383934393238326336633237373738333936656534 +34336636386435646230333637346235346537353433393630656330323839393435303537383363 +39373538333232353864393932303434323239626438666330366432613136613131396231663363 +62323637623630383766303637383763396363366339333236383330656139336661613165383737 +32633061653134353135386335373239356635313334653531393561646334326435393938633531 +61646430353537366531666536613131376234313564626132326639336231326261633132333236 +61623662383430356334666339653265376532633762346335643434346435363130393063313335 +31323561646565393935303865646161626230663231386431613330656462346137623561366638 +34303833346366653466653236303133333435306434663832303364386238373334333865626466 +38303066613931393866656433393163646436383035373939326537613237656432656664366564 +39353866313361633932346437313462623634343464376361653664353337373966353233313765 +30633766353863653135383233653630343364313534336136366136316437326463313736376639 +30383534323030373830383165633939646431353662663630633530666635306331663434383736 +39306136353532653963306239646563623635353132643336623463393836626561393834303066 +30653662623464323331653064393134663032666538346638616339636464316166366230663766 +66396232396139646365616333616636626166323065343534393430663530346636346134313539 +66363135373637353237313835663434636465653839613662633937313733633166316266396337 +65346336343362326362643534333533656230663037303862646438316432643164613139623362 +66306132343430383433373532666434343939333838353131646530303838376263316337386439 +30376439393638613034313662633866643962623364323763343161376133303963633433376335 +64663132383536363137613631656561393261633539393731383063356634376661653564313062 +66386438653437663737306663643333613935306463356663653266653835663938383766366365 +62363166333764643638663464333064613930643839303666393365343031326438376366323839 +35326633346265313938376234396535373234353233366233356334656134396364313638633830 +61373430646563353332616262656364646235616666336662653362313033373263623766396438 +35643363616462393165306366633737363266323738613330376432343531643061333334336232 +32306638393531313664313935373161303838323863326436363033653736616264613930353837 +38613265303233393365333763323061383430643661356237393562636239393438396537336366 +62626635613666356363326462316334373532313230343832316131386464303866343639316366 +66376638343638333061376238323436353038383337353963633032343966636631313761633133 +64326533336134656334383930353035303730353662623133326463373335343431666331343435 +36363538653137663262643335663363626465636161336664663463343463343362343961353035 +33346362383566383133306337383261366465366138393961323136383063356365303563326633 +34666330636530626439313233323663383535303263376632623831653039323466666331613665 +65643066346339326631613039393635306634373135343733366565623931353234613631663666 +38353737636435366261663839666337623831646336373866313263666534643532373964383261 +37363134323162343831383663353063323864353236636166643262636461326532643465636631 +61383734363735663336363465303866336635343466616363306331333661313331373565333137 +38356561313431366532366635356263626662313861656636633862643166376664323135356230 +30663535376466656665356139643232623537633764363433333036383032373965646466346136 +35316632373039623435366533326233313864376430326139623362383931376236313030353662 +31613637636632336432383366643266646461353837356661343933663239636262316438383432 +35383337313030643461633666393532316162633065316231613031386264623631366262326634 +64366138316464356563656433383339396339373065343439366230353737343831393530323266 +63373032623964653933613635356237613236663962613335636231663466386239646664313832 +33326165356139373632323036343362313631333733613864373636633038633530616333616530 +34356439366231353837386439303865343538313365616263656666643463363032393936653366 +61316464373533306366303934333763643835353438356232326664373861646531363765353233 +37636461316335323066333861393562666531363363613839373830653161363266663831663834 +32666666613636376238366631623131353866333465323935656332646439653864303439373232 +62303433363133626630363961633435306663653166636633346261613564623264656266333836 +35613534666439306334 diff --git a/host_vars/services.l3d.space/vars.yml b/host_vars/services.l3d.space/vars.yml index 5c5aa11..02ad3c2 100644 --- a/host_vars/services.l3d.space/vars.yml +++ b/host_vars/services.l3d.space/vars.yml @@ -1,4 +1,10 @@ --- +l3d_users__local_users: + - name: 'mxusr' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + acme_domain_unwant_list: [] # - name: 'example.com' diff --git a/host_vars/services.l3d.space/vault.yml b/host_vars/services.l3d.space/vault.yml index 179cb61..8482ea4 100644 --- a/host_vars/services.l3d.space/vault.yml +++ b/host_vars/services.l3d.space/vault.yml @@ -1,82 +1,90 @@ $ANSIBLE_VAULT;1.1;AES256 -39303134626437393662336266636533656235623863333638306161383663323130363538663563 -3533653865653136616563623365623033623337623433360a336131376135343864633638666264 -61323737613439613035653433666433613030613331666234633833336238386135623035386335 -3137356662626465640a653736363266356435656234656365363035386264333637626130666532 -39373330303363353061346364323035613031343965636435313033376330653032643334306132 -32313262373536396137313336343832633734633361633234393634636637636432623866623431 -64373230316330636533323966613963373533363964666165386233303965376139653263316663 -30633261613764303832663432313166656538353132643531363864353266356431303865663235 -64333665663739336163633933653831623464353962663836613765353935346635323161633831 -38653235353436303934393061353439653732616565643561336438613931656164666136616537 -61643364616632616563313534353139363762643163373339663262653466393065653434653935 -62366166393763353136663331386661643361353634326561643766653963303934383939316665 -31336433633435666564373538316537353531306632306632373031346235663562343731316431 -37353036663666383761373065333937643030353464633433343962626366636437326131653934 -64343461636364336130636566633962613733346430393135303965373635383538666137396335 -37633739633366353765666537336362346530336132376165656135376261623530313831663839 -38663061383564393464333135393731323639353531393964316136333665356166643634316461 -32343734653134343633313630623234636338663935386636656235313635356364336632383462 -64393366313964653833323031633036396264383166643935666331346133663534353937333361 -31383734303636383230386335323030663034303331366264623933646537316638373134663861 -36616334343563373839393063383330636630303132663332643038393933383565656338646436 -35386537333666336663353235333634623935396131663364646264326137343263306631356238 -33326333653336653332393235363265616137616331356566643634333763383762626531633635 -31336333363231643630333361633837386131353264303037386364366264633632343134643365 -33623265363133366639383033316132663431346539343131353664363834316566306464646262 -65303037656363656335346662326461353165633566316661303332666136353537316533306665 -37383862633964333063343333626231393438653838626466393565613466656662623265363166 -63303237656130353132653039333562363638643565363731623135653264393361343932613937 -36623835633466353139633966663531663433303335376437643031353630393365353236306635 -64376134613865393261613330373433666661393731333262663335616232646665333931663038 -64323037303536616566663962633535656664633330623331666239326136623433333931636462 -31626236326336646165623834626566343533363938373635633832623761313030653533646431 -37653763383136643465363335386636306136336632356339653264396532623039653533353036 -36313833363434376538346433313436383035646366353639313461346133383632643334346537 -66363537326537626565393735316636373365386339646264316365303665323234633838316330 -66306566346261373633323862363637653636343338316335373066643130616662323664306336 -34313061343034663262396630353231393930393538623736616337336133393163646635326431 -34393963386364653433323765626566306232616161666536306663636635343238323630353039 -35386331663136383461313866386466336164616635363138306239356334306265393331633062 -38313335633931353232336163643562323636326564643864636236303530303135393132333232 -38643139376534366264633233656334653938306232303631356339356164333335313737346134 -31333135663965393533333737356132383533653161636562346264373132346463346239633162 -64326464356435393963373639613063343764343964643432363165353662393039323039666139 -64306136656236663935333538303437393333363631616463656230663931313432396666616633 -62366336336162393264376137643066633038376332623330336534383235663562366136663762 -39656565336631323431346364666563366561336661316239313231313833633939336638666465 -37376265326433363735656266336339653136386461336531316634626532626138303437313737 -61303232633265383035663666663663623962383331376364313961333237363265653134656361 -39363962396138323761346431636533333234616361306437326666393065303332386439343664 -32306663633565343130663261623337323035333165373062396334356330616635663932616362 -34663331633065613738373631666434633132353664663132386532396365643063363161396430 -65613861653538616263633533323136636235616133383266366362623461323363353361323762 -62326333633564346331333861656564303161643033363935356331306133343066323738656363 -33303966323033643862303235323238633335303065356233656133376433393564643462633232 -32303730313839343931616235623437366330623539636361373165643162343836323731396535 -36316566623231373234306166306239336235613639636234343034663961393339656663313830 -65333366366333343963313533653439643931393363346132636539343631366536373564363832 -30613266663062343262343263306134363539343264636331313132373165353738303538613639 -33363130383463356233383864383738336361633437383639633164383737393432633838396434 -36356230623962376263313466663834626132336331616236313939313034613432633532643161 -62303963336139396566386232316138663562633435396463363534383735303039373836353530 -36323161656566366566356462353834623536313932386632623135653562333134316630376531 -33623362396165313530393739646566366265656665383563643632333336636235343835333362 -39306462316439336133393832316664333736633561313362613765373235373462343638356430 -63336265363763646434623364373139333165613337323635303238353231633165636633336566 -31373130326232653661393765313430633330613439613261646530633139613533313662633538 -65623565373232356166346364303538626164376538633265633261393335633363393136316539 -35303036653932333831303961633364393238663537653763376163333863616138666565666533 -65666530316434333565663336373235353437623433306234393336323065323165323432656236 -30333538376534333431353836636339346137396166633130336262663638376138613530356563 -33373564326231333064663563613637316436333531313037333930636363373030373863373162 -30383835303730323839333265633533656131636633333131643262383132396135366635363035 -64363564306236633537393766623766383530356135346236653531663265336264376530383961 -65386139663664353133633837643538646532386164626438363861316435636133393461666132 -39366663366165363138613063353563653966386561633435306661383935376335663535663065 -32366434323038623338383637366534313263363666646434363737373536373033386639333132 -31333037623864636162613336363133616665663839383262333630616132333663366237366136 -62343661666532626232346563323333336238336662646237366639666336303036393339336433 -66373661313838303363363131313537323661386462306538643663373866646363303935376539 -33346465303836343563363532656164663637656136646137323364333861613932326539393037 -39623265333633343832643237393962373865343932663161373937303831316263 +37363663376530626135313236316461366463303730383161656434356631343230313939643965 +3161373965316564646462383061373239383162623639340a636335303761313262626630306233 +63363337313232323465646330313134376134626434376538393661343430636335346261306361 +3266393932376464660a616663306438626530383830373465393139336435376665356363663364 +66623464353633636133353538313465653338333036326364363335336130303730303662356438 +39396333323737613065333662656562653436303561356366623363396138613434623635663534 +31356139306236626666326638396430333763396539616538373039383231363539353235633865 +37323836353266646364313033366165363934316335626666343831656262326362336437656534 +39633463633437303033623462393130633832303533353536323065353232323538613965626335 +37323731366665396134633835663434363137666363636132626661303732333733383766343737 +64366131363433626132333665663665366434326330376661313165316166653339393834376562 +61393737653135653762643531376163663065633632336562356635313463623839343034313564 +64623864663333623736333362363463363066636566633364366161313639376465613562313935 +35366133663133326463303939633630656538383530346433646537303066363232626538313439 +64613233333438623232396435333239323865613433336265623630373035623235393130656232 +64383234616266323233636435393334383032336638623162346565303535396336616639346434 +39613861343664393763653932316430653337643131333133393461346339663735653662636463 +34613762653730393931656530383661303761356166376430393261303862303333663135313832 +64633831316263333661653063613162613134626634383632376466383230313038313866353864 +33306533343663626132366134376163633231373165323531366365613131656535386662323061 +33376530333862373136623935383030623164643639356364363663623332653365393564376234 +66306635663866323337666432313537643138313234366661383064333435376239316138326438 +62383663313861313962656635326336363064663230303633363836326666346461303864336639 +37356331333332663739346237383861636230383138613136356133623461386137646361646530 +35393730326135663834333334346436323563376138336531376531373036336138373130613138 +66656163643737306132326666613033616263646662653864656263326465366237373830633333 +37303838646438306661626331626430623663613565353463643863383839366430393265396131 +61323638626263326539386332383037366533386164313339633866633439663039373362626431 +39383666636434373537393636393763366338306230336130363063343862373536386431336339 +30633162626566383663356666303330623334653337343931346437626434623764346233623061 +64626461333938363533643266643965663835393534376661373531616532363832363763613039 +65396663353734346166356666393964326664666531623534326632363334376634373862646364 +36623333646565306237376165623034653132643334626630363964343633623030326361393233 +66313838306364396365373735366230376466626534663461383137616439643533353566343662 +35313734333463336135353562623231303164303365633535396563383934666230623064393861 +66303934323164656532383766643063386264633630343165636434373836656439666638323832 +65626637313264643631623531643332333330316234663236323664623266633038393765353234 +35376538316565316164633238346362356238316231343666323134663062396333313630363935 +39383331613134326139303165306332323761366535353361303762313632643934303938303862 +30663262383264333237373535396464656438353037663539333233613532623262326462666338 +63323865656334386163383364656237666431626336633265656231323837386464323061353266 +61373262666566306262313235623163666438336532343265303062333635303661623261333766 +62313230643766356161333336313666323333303033366366316662363733663930653066323734 +66643466653761396333343631373762663461353533303638316661646637646566633332616136 +63393461383730336230653938646430613133623166643939623764656633613663363731383466 +31616534316131616131353532666664303661386331396437376362333031316230393064303863 +30613536643661393063633431376638663663373335636432376133303036386633356461643630 +30363665653636356165303436613662313031623837636538646530623139303635366364663930 +61386630663733653165373863666364373635333163356464626535343239343864336239393962 +34383835393165343031356431613634623731343938643664396231356264323934346365386130 +62366333383038656366393937633061376631363562353161373632623536666466633866633661 +31353564636264653966383761396237643464313264626437303434303935373635323530363066 +66653937363066616234313930373161346637343763393038643435313363643766376539626163 +65643933623461366136666663313633653764386538666537323439393330386530663062373939 +36333562646132643431616337353263663739623330363836316133366431613834363631336436 +61326530636433393534343736613533643536363537376235343832336531613536306561333937 +63653835633266353031646263303434643266626236356133326435623230653161633130636238 +63313637393136623039343536616335363461353131326435666635306161613933396532666338 +35643731366335633539636563653337383739303631636635323435303934623335633662633636 +35353162386332343135646434383934653861343939333661373161313430366164373963393834 +62636533656134376130626664613835623866616664323736636361646463303939343633336534 +37393339303531373339313231336133386361663064616232383832643436376538633436303836 +33393231313763333331353434623864353138613437393435386230666562313632643434326462 +62646564323762333632656532623535623461363331353435636363633565363734326362373238 +66643266393732333830613231646135616239623231353431316335666633633231613236646537 +66326238383338616463373365613261376263373539666534653964313566353666393163323338 +62643662616538363663663930633737383530323761326431363239346166373334613962386337 +38393739373538373239616465623166366334386438386639623939353936623866383938323462 +38613037393732323364376333633131636666366537303937303739363865376437366136323931 +61393932656164343934393062616136353730323463313239346232343862663165343662366335 +32353831373331316264323561343834643463613430303336626632346466653631663030656237 +65333838626130303734386166623666303038613663326436393364373533656535626238386166 +33633263313235323731356533303538323030373539393337633038613766643938393334636262 +65643630336334323039333730363930313262623433626136646139333835613066663834383236 +35656435376138616162306664383436623439636165626465356231633534366631626230333462 +33613263396233326661383030633635363530636237376336383135613163376233326133346465 +37383461353761623537636262316638653363363939343965663832636261303238316234303734 +33653239623762636166616264393864393665623834363565383432373962363731383331646262 +64316230346261333766613562353365633061356138636162623639343537613866326639323334 +31386161633635623833643565663638653130313134633866373434633263373861306139376661 +66613330336532333666643866313366623865623333363765626431313336363263643962393066 +62323362353238666666373934633465663862656432323064316238353336303363626631656138 +64393835356639363535336362333063316330336536356535343435663630353537366332613733 +39393731363034383066303939393831636334663465306630623839663162646465373663623139 +30663637336134643365666665633834353133376464636663313739366536393165386665393337 +66386532616238306538306530396430363834636336663965643238366162373164373736623330 +65356437333537333638376264623461363966633438343135343631393035663931306366666434 +66393333316365356663353666343637653032343565396664383837666363303763646239633762 +3731 diff --git a/host_vars/web01.l3d.space/vars.yml b/host_vars/web01.l3d.space/vars.yml index 31cd92b..9759339 100644 --- a/host_vars/web01.l3d.space/vars.yml +++ b/host_vars/web01.l3d.space/vars.yml @@ -1,111 +1,47 @@ --- postgres_users_no_log: false -local_users: - webwaffel: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - webwaffelpodcast: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - files: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - preview: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - see: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - winkekatze: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - m2: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - klima: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d - roles: - - l3d@pinkie.l3d.yt - - l3d@mobile.l3d.yt - - l3d@backup.l3d.yt - - l3d@derpy.l3d.yt - - l3d@backup-rsa.l3d.yt - - l3d@bsns.l3d +l3d_users__local_users: + - name: 'webwaffel' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'webwaffelpodcast' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'files' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'preview' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'see' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'winkekatze' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'm2' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'klima' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + - name: 'roles' + state: 'present' + admin: false + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" -sshd__allowed_users: - - "root" - - "ansible" - - "l3d" - - "webwaffel" - - "webwaffelpodcast" - - "gitea" - - "files" - - "preview" - - 'see' - - 'winkekatze' - - 'm2' - - 'klima' - - 'roles' +l3d_users__ssh_login: + - name: 'gitea' + state: 'present' -sshd__allowed_groups: - - "root" - - "ansible" - - "l3d" - - "webwaffel" - - "webwaffelpodcast" - - "gitea" - - "files" - - "preview" - - 'see' - - 'winkekatze' - - 'm2' - - 'klima' - - 'roles' - -local_accounts: - - 'l3d' - - 'webwaffel' - - 'webwaffelpodcast' - - 'files' - - 'preview' - - 'see' - - 'winkekatze' - - 'm2' - - 'klima' - - 'roles' # acmetool config acme_reload_services: @@ -114,9 +50,7 @@ acme_reload_services: acme_restart_services: - 'gitea' -acme_domain_unwant_list: - - name: 'backwesen.de' - - name: 'www.backwesen.de' +acme_domain_unwant_list: [] # - name: 'example.com' nginx_sites: @@ -149,6 +83,8 @@ nginx_sites: - name: 'l3d.yt' - name: 'www.l3d.yt' - name: 'l3d.ch' + webroot: + user: 'l3d' - name: 'www.l3d.ch' - name: 'l3d.me' - name: 'www.l3d.me' @@ -206,6 +142,7 @@ firewall_allowed_tcp_ports: - "443" # gitea settings +gitea_fork: 'forgejo' gitea_app_name: 'git.l3d.ch' gitea_http_domain: 'git.l3d.ch' gitea_root_url: 'https://git.l3d.ch' diff --git a/hosts.ini b/hosts.ini index a7dbfd4..9d16c17 100644 --- a/hosts.ini +++ b/hosts.ini @@ -3,8 +3,10 @@ web01.l3d.space [mail] mail01.l3d.space +# mx.l3d.ch [services] +services.l3d.ch services.l3d.space # [home] diff --git a/roles/do1jlr.etebase b/roles/do1jlr.etebase deleted file mode 160000 index e230d0f..0000000 --- a/roles/do1jlr.etebase +++ /dev/null @@ -1 +0,0 @@ -Subproject commit e230d0fa99553eebdc9e223054984b06a9364458 diff --git a/roles/l3d.etebase b/roles/l3d.etebase new file mode 160000 index 0000000..ffa80c3 --- /dev/null +++ b/roles/l3d.etebase @@ -0,0 +1 @@ +Subproject commit ffa80c3d5bef119a0958f70444f53cd7b92e2800 diff --git a/roles/l3d.homebox b/roles/l3d.homebox index 4478757..6d8b21c 160000 --- a/roles/l3d.homebox +++ b/roles/l3d.homebox @@ -1 +1 @@ -Subproject commit 447875762b3e8827d180bbcb227942ba1ffa3c67 +Subproject commit 6d8b21c0c4f8e97feca9d0cc2a306dd4a924a24f diff --git a/roles/l3d.nginx_exporter b/roles/l3d.nginx_exporter index 4bb172e..68fc26d 160000 --- a/roles/l3d.nginx_exporter +++ b/roles/l3d.nginx_exporter @@ -1 +1 @@ -Subproject commit 4bb172e407c75ce73ad1a0d1163a8d8354ec9f0a +Subproject commit 68fc26dcb9afa3fa1996699697238c696a1cc9b9 diff --git a/roles/l3d.rustdesk b/roles/l3d.rustdesk new file mode 160000 index 0000000..da72e5b --- /dev/null +++ b/roles/l3d.rustdesk @@ -0,0 +1 @@ +Subproject commit da72e5bf650f6fa1032e3d5e4fe504963cc1633f diff --git a/roles/unattended_upgrades b/roles/unattended_upgrades index ddbe5af..681dddd 160000 --- a/roles/unattended_upgrades +++ b/roles/unattended_upgrades @@ -1 +1 @@ -Subproject commit ddbe5af54b34b015806fe0efad4ae515aea545f1 +Subproject commit 681ddddce36473d749ee7b1cbf15785457fbb7ce diff --git a/site.yml b/site.yml index bcd610a..2fefc10 100644 --- a/site.yml +++ b/site.yml @@ -7,9 +7,12 @@ - name: General roles for all hosts hosts: all roles: + - {role: l3d.users.user, tags: [test, users, user]} + - {role: l3d.users.admin, tags: [test, users, admin]} + - {role: l3d.users.sshd, tags: [test, users, sshd]} - {role: l3d.packages, tags: [packages, general]} - {role: do1jlr.ranger, tags: [packages, ranger]} - - {role: gantsign.bat, tags: [packages, bat], when: [ansible_os_family == 'Debian']} + - {role: gantsign.bat, tags: [packages, bat], when: [ansible_os_family == 'Debian' and "ansible_architecture" == "x86_64"]} - {role: unattended_upgrades, tags: [default, unattended, unattended_upgrades, security], become: true, when: ansible_distribution == 'Debian'} - {role: do1jlr.rtl_nic_firmware, tags: [apu, rtl_nic, firmware]} - {role: do1jlr.avahi_client, tags: [avahi, avahi_client]} @@ -19,8 +22,8 @@ - name: User specific roles for all hosts hosts: all roles: - - {role: do1jlr.admin_base, tags: [default, init, users, accounts, dotfiles]} - - {role: do1jlr.dotfiles, tags: [default, dotfiles]} + # - {role: do1jlr.admin_base, tags: [default, init, users, accounts, dotfiles]} + # - {role: do1jlr.dotfiles, tags: [default, dotfiles]} - {role: geerlingguy.firewall, tags: [default, firewall], become: true} - {role: robertdebock.fail2ban, tags: [default, fail2ban], become: true} @@ -47,13 +50,14 @@ - name: Deploy services hosts: services roles: - - {role: do1jlr.etebase, tags: [etebase, etesync, calendar, kalender, contacts, kontakte]} - - {role: grafana.grafana.grafana, tags: [grafana. monitoring]} + - {role: l3d.etebase, tags: [etebase, etesync, calendar, kalender, contacts, kontakte]} + - {role: grafana.grafana.grafana, tags: grafana} - {role: prometheus.prometheus.prometheus, tags: [monitoring, prometheus]} - {role: l3d.homebox, tags: [homebox]} + - {role: l3d.rustdesk, tags: [rustdesk]} -- name: Deploy mail config - hosts: mail +- name: Deploy legacy mail config + hosts: mail01.l3d.space roles: # - {role: do1jlr.mysql, tags: [mail, mysql, mariadb], become: true} - {role: do1jlr.mailserver_preperation, tags: [mail, mailserver_preperation, prep, mailserver]} diff --git a/templates/files/nginx/sites/grafana.winkekatze.tv_tls.conf b/templates/files/nginx/sites/grafana.winkekatze.tv_tls.conf new file mode 100644 index 0000000..8a54022 --- /dev/null +++ b/templates/files/nginx/sites/grafana.winkekatze.tv_tls.conf @@ -0,0 +1,18 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name grafana.winkekatze.tv; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + location / { + proxy_pass http://localhost:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} diff --git a/templates/files/nginx/sites/l3d.ch_tls.conf b/templates/files/nginx/sites/l3d.ch_tls.conf index 751278d..5e148eb 100644 --- a/templates/files/nginx/sites/l3d.ch_tls.conf +++ b/templates/files/nginx/sites/l3d.ch_tls.conf @@ -8,8 +8,10 @@ server { include snippets/tls_certificate_{{ site.name }}.snippet.conf; include snippets/logging_{{ site.name }}.snippet.conf; + root /srv/www/l3d.ch; + location / { - add_header X-Served-By "teapot CYBER 4.0 (with blockchain)"; - return 418; + charset utf-8; + try_files $uri $uri/ =404; } } diff --git a/templates/files/nginx/sites/mx.l3d.ch_tls.conf b/templates/files/nginx/sites/mx.l3d.ch_tls.conf new file mode 100644 index 0000000..3eb38d2 --- /dev/null +++ b/templates/files/nginx/sites/mx.l3d.ch_tls.conf @@ -0,0 +1,17 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name mx.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + root /srv/www/services.l3d.ch; + + location / { + charset utf-8; + try_files $uri $uri/ =404; + } +} diff --git a/templates/files/nginx/sites/nginx-exporter.mail01.l3d.space_tls.conf b/templates/files/nginx/sites/nginx-exporter.mail01.l3d.space_tls.conf index 01d7898..a438b7c 100644 --- a/templates/files/nginx/sites/nginx-exporter.mail01.l3d.space_tls.conf +++ b/templates/files/nginx/sites/nginx-exporter.mail01.l3d.space_tls.conf @@ -17,8 +17,9 @@ server { proxy_set_header X-Real-IP $remote_addr; allow 127.0.0.1; # allow requests from localhost allow ::1; # allow requests from localhost - allow {{ prometheus_v4 }}; # allow prometheus IPv4 - allow {{ prometheus_v6 }}; # allow prometheus IPv6 +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} deny all; # deny all other hosts } } diff --git a/templates/files/nginx/sites/nginx-exporter.mx.l3d.ch_tls.conf b/templates/files/nginx/sites/nginx-exporter.mx.l3d.ch_tls.conf new file mode 100644 index 0000000..2faa3cc --- /dev/null +++ b/templates/files/nginx/sites/nginx-exporter.mx.l3d.ch_tls.conf @@ -0,0 +1,25 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name nginx-exporter.mx.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + + location / { + charset utf-8; + proxy_pass http://localhost:9113; + proxy_read_timeout 3600; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + allow 127.0.0.1; # allow requests from localhost + allow ::1; # allow requests from localhost +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} + deny all; # deny all other hosts + } +} diff --git a/templates/files/nginx/sites/nginx-exporter.services.l3d.ch_tls.conf b/templates/files/nginx/sites/nginx-exporter.services.l3d.ch_tls.conf new file mode 100644 index 0000000..70b7844 --- /dev/null +++ b/templates/files/nginx/sites/nginx-exporter.services.l3d.ch_tls.conf @@ -0,0 +1,25 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name nginx-exporter.services.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + + location / { + charset utf-8; + proxy_pass http://localhost:9113; + proxy_read_timeout 3600; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + allow 127.0.0.1; # allow requests from localhost + allow ::1; # allow requests from localhost +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} + deny all; # deny all other hosts + } +} diff --git a/templates/files/nginx/sites/nginx-exporter.services.l3d.space_tls.conf b/templates/files/nginx/sites/nginx-exporter.services.l3d.space_tls.conf index 849cbae..5080a41 100644 --- a/templates/files/nginx/sites/nginx-exporter.services.l3d.space_tls.conf +++ b/templates/files/nginx/sites/nginx-exporter.services.l3d.space_tls.conf @@ -17,8 +17,9 @@ server { proxy_set_header X-Real-IP $remote_addr; allow 127.0.0.1; # allow requests from localhost allow ::1; # allow requests from localhost - allow {{ prometheus_v4 }}; # allow prometheus IPv4 - allow {{ prometheus_v6 }}; # allow prometheus IPv6 +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} deny all; # deny all other hosts } } diff --git a/templates/files/nginx/sites/nginx-exporter.web01.l3d.space_tls.conf b/templates/files/nginx/sites/nginx-exporter.web01.l3d.space_tls.conf index e63e0a7..35ac239 100644 --- a/templates/files/nginx/sites/nginx-exporter.web01.l3d.space_tls.conf +++ b/templates/files/nginx/sites/nginx-exporter.web01.l3d.space_tls.conf @@ -17,8 +17,9 @@ server { proxy_set_header X-Real-IP $remote_addr; allow 127.0.0.1; # allow requests from localhost allow ::1; # allow requests from localhost - allow {{ prometheus_v4 }}; # allow prometheus IPv4 - allow {{ prometheus_v6 }}; # allow prometheus IPv6 +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} deny all; # deny all other hosts } } diff --git a/templates/files/nginx/sites/node-exporter.mail01.l3d.space_tls.conf b/templates/files/nginx/sites/node-exporter.mail01.l3d.space_tls.conf index 5b50fd7..1c42b59 100644 --- a/templates/files/nginx/sites/node-exporter.mail01.l3d.space_tls.conf +++ b/templates/files/nginx/sites/node-exporter.mail01.l3d.space_tls.conf @@ -18,8 +18,9 @@ server { proxy_set_header X-Real-IP $remote_addr; allow 127.0.0.1; # allow requests from localhost allow ::1; # allow requests from localhost - allow {{ prometheus_v4 }}; # allow prometheus IPv4 - allow {{ prometheus_v6 }}; # allow prometheus IPv6 +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} deny all; # deny all other hosts } location /nginx_status { diff --git a/templates/files/nginx/sites/node-exporter.mx.l3d.ch_tls.conf b/templates/files/nginx/sites/node-exporter.mx.l3d.ch_tls.conf new file mode 100644 index 0000000..c29446a --- /dev/null +++ b/templates/files/nginx/sites/node-exporter.mx.l3d.ch_tls.conf @@ -0,0 +1,38 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name node-exporter.mx.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + + location / { + charset utf-8; + proxy_pass http://localhost:9100; + client_max_body_size 256M; + proxy_read_timeout 3600; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + allow 127.0.0.1; # allow requests from localhost + allow ::1; # allow requests from localhost +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} + deny all; # deny all other hosts + } + location /nginx_status { + stub_status; + allow 127.0.0.1; # allow requests from localhost + allow ::1; # allow requests from localhost +{% for ipv4 in ansible_all_ipv4_addresses %} + allow {{ ipv4 }}; # allow local ipv4 address +{% endfor %} +{% for ipv6 in ansible_all_ipv6_addresses %} + allow {{ ipv6 }}; # allow local ipv6 address +{% endfor %} + deny all; # deny all other hosts + } +} diff --git a/templates/files/nginx/sites/node-exporter.services.l3d.ch_tls.conf b/templates/files/nginx/sites/node-exporter.services.l3d.ch_tls.conf new file mode 100644 index 0000000..17d6bf1 --- /dev/null +++ b/templates/files/nginx/sites/node-exporter.services.l3d.ch_tls.conf @@ -0,0 +1,38 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name node-exporter.services.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + + location / { + charset utf-8; + proxy_pass http://localhost:9100; + client_max_body_size 256M; + proxy_read_timeout 3600; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + allow 127.0.0.1; # allow requests from localhost + allow ::1; # allow requests from localhost +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} + deny all; # deny all other hosts + } + location /nginx_status { + stub_status; + allow 127.0.0.1; # allow requests from localhost + allow ::1; # allow requests from localhost +{% for ipv4 in ansible_all_ipv4_addresses %} + allow {{ ipv4 }}; # allow local ipv4 address +{% endfor %} +{% for ipv6 in ansible_all_ipv6_addresses %} + allow {{ ipv6 }}; # allow local ipv6 address +{% endfor %} + deny all; # deny all other hosts + } +} diff --git a/templates/files/nginx/sites/node-exporter.services.l3d.space_tls.conf b/templates/files/nginx/sites/node-exporter.services.l3d.space_tls.conf index 2ff807d..3610cb7 100644 --- a/templates/files/nginx/sites/node-exporter.services.l3d.space_tls.conf +++ b/templates/files/nginx/sites/node-exporter.services.l3d.space_tls.conf @@ -18,8 +18,9 @@ server { proxy_set_header X-Real-IP $remote_addr; allow 127.0.0.1; # allow requests from localhost allow ::1; # allow requests from localhost - allow {{ prometheus_v4 }}; # allow prometheus IPv4 - allow {{ prometheus_v6 }}; # allow prometheus IPv6 +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} deny all; # deny all other hosts } location /nginx_status { diff --git a/templates/files/nginx/sites/node-exporter.web01.l3d.space_tls.conf b/templates/files/nginx/sites/node-exporter.web01.l3d.space_tls.conf index 35ec54b..3db722e 100644 --- a/templates/files/nginx/sites/node-exporter.web01.l3d.space_tls.conf +++ b/templates/files/nginx/sites/node-exporter.web01.l3d.space_tls.conf @@ -18,8 +18,9 @@ server { proxy_set_header X-Real-IP $remote_addr; allow 127.0.0.1; # allow requests from localhost allow ::1; # allow requests from localhost - allow {{ prometheus_v4 }}; # allow prometheus IPv4 - allow {{ prometheus_v6 }}; # allow prometheus IPv6 +{% for address in prometheus_addr %} + allow {{ address }}; # allow prometheus Address +{% endfor %} deny all; # deny all other hosts } location /nginx_status { diff --git a/templates/files/nginx/sites/rustdesk.l3d.ch_tls.conf b/templates/files/nginx/sites/rustdesk.l3d.ch_tls.conf new file mode 100644 index 0000000..005bba3 --- /dev/null +++ b/templates/files/nginx/sites/rustdesk.l3d.ch_tls.conf @@ -0,0 +1,17 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name rustdesk.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + root /srv/www/rustdesk.l3d.ch; + + location / { + charset utf-8; + try_files $uri $uri/ =404; + } +} diff --git a/templates/files/nginx/sites/services.l3d.ch_tls.conf b/templates/files/nginx/sites/services.l3d.ch_tls.conf new file mode 100644 index 0000000..4c6799b --- /dev/null +++ b/templates/files/nginx/sites/services.l3d.ch_tls.conf @@ -0,0 +1,17 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name services.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + root /srv/www/services.l3d.ch; + + location / { + charset utf-8; + try_files $uri $uri/ =404; + } +} diff --git a/templates/files/nginx/sites/winkekatze.tv_tls.conf b/templates/files/nginx/sites/winkekatze.tv_tls.conf index fbcbbe5..c101e04 100644 --- a/templates/files/nginx/sites/winkekatze.tv_tls.conf +++ b/templates/files/nginx/sites/winkekatze.tv_tls.conf @@ -14,12 +14,24 @@ server { charset utf-8; try_files $uri $uri/ =404; } - location /impressum/ { + location ~* /impressum { charset utf-8; return 308 https://c3woc.de/impressum/; } - location /kontakt/events/fff_bodensee_21/ { + location ~* /kontakt/events/fff_bodensee_21 { charset utf-8; return 308 https://winkekatze.tv/events/fff_bodensee_21/; } + location ~* /hall1 { + charset utf-8; + return 308 https://vdo.ninja/?room=wk24_hall1&password=winkekatze&hash=7fce; + } + location ~* /hall2 { + charset utf-8; + return 308 https://vdo.ninja/?room=wk24_hall2&password=winkekatze&hash=7fce; + } + location ~* /hall3 { + charset utf-8; + return 308 https://vdo.ninja/?room=wk24_hall3&password=winkekatze&hash=7fce; + } } diff --git a/templates/files/nginx/sites/www.grafana.winkekatze.tv_tls.conf b/templates/files/nginx/sites/www.grafana.winkekatze.tv_tls.conf new file mode 100644 index 0000000..e3cf383 --- /dev/null +++ b/templates/files/nginx/sites/www.grafana.winkekatze.tv_tls.conf @@ -0,0 +1,14 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name www.grafana.winkekatze.tv; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + location / { + return 308 https://grafana.winkekatze.tv/; + } +}