Compare commits
No commits in common. 'master' and 'DNS' have entirely different histories.
@ -1,5 +1,3 @@
|
||||
# ---> Ansible
|
||||
*.retry
|
||||
.main_vault_password
|
||||
.user_vault_password
|
||||
.vpn_vault_password
|
||||
.vault_password
|
||||
|
@ -1,18 +0,0 @@
|
||||
[submodule "roles/matrix-bridge-discord"]
|
||||
path = roles/matrix-bridge-discord
|
||||
url = ssh://git@gitea.auro.re:2222/Pains-Perdus/matrix-bridge-discord.git
|
||||
[submodule "roles/matrix-bridge-facebook"]
|
||||
path = roles/matrix-bridge-facebook
|
||||
url = ssh://git@gitea.auro.re:2222/Pains-Perdus/matrix-bridge-facebook.git
|
||||
[submodule "roles/matrix-bridge-signal"]
|
||||
path = roles/matrix-bridge-signal
|
||||
url = ssh://git@gitea.auro.re:2222/Pains-Perdus/matrix-bridge-signal.git
|
||||
[submodule "roles/matrix-bridge-instagram"]
|
||||
path = roles/matrix-bridge-instagram
|
||||
url = ssh://git@gitea.auro.re:2222/Pains-Perdus/matrix-bridge-instagram.git
|
||||
[submodule "roles/postgre"]
|
||||
path = roles/postgre
|
||||
url = ssh://git@gitea.auro.re:2222/Pains-Perdus/postgre.git
|
||||
[submodule "roles/matrix-bridge-telegram"]
|
||||
path = roles/matrix-bridge-telegram
|
||||
url = ssh://git@gitea.auro.re:2222/Pains-Perdus/matrix-bridge-telegram.git
|
@ -1,40 +0,0 @@
|
||||
# My todo list
|
||||
|
||||
Stuff that I should do but will probably never do.
|
||||
|
||||
## Polish the user role
|
||||
|
||||
The role is fine, but could use some default filter, like for the shell value.
|
||||
|
||||
Also, the variables are messy.
|
||||
|
||||
Also, a more atomique gestion of the users would be great.
|
||||
|
||||
## Create a role "generate certificate"
|
||||
|
||||
Curently, reverse_proxt_http and similare roles implement certbot themselves, and there is a role
|
||||
for generating self signed certificate.
|
||||
|
||||
It would be better to manage certbot in a role, to allow off-wan machine to use reverse_proxy_http with self signed certificates for instance.
|
||||
|
||||
Bonus point if the role chose whether to use certbot or a self-signed certificate (but the dependencie gestion could begin to get tricky :/ )
|
||||
|
||||
## Proxmox setup
|
||||
|
||||
setup:
|
||||
|
||||
- x509 for clickodrom
|
||||
- bind the clickodrom to a specific interface
|
||||
- remove the "please pay us" message
|
||||
- remove the enterprise apt repo
|
||||
|
||||
## VM setup
|
||||
|
||||
- create a VM from template using cloud init
|
||||
- add VM to dynamic inventory
|
||||
- use the cloud init account to connect to the new VM
|
||||
- setup the VM
|
||||
- disable cloud init
|
||||
- remove cloud init account and change the connenction variable for the vm
|
||||
|
||||
good luck
|
@ -1,5 +1,5 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
- hosts: apt_proxies
|
||||
- hosts: all,
|
||||
roles:
|
||||
- apt_cacher_ng
|
||||
- base_config
|
@ -1,18 +0,0 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
- hosts: vpn, !tests,
|
||||
roles:
|
||||
- vpn
|
||||
- client_apt_proxy
|
||||
|
||||
- hosts: all, !tests,
|
||||
roles:
|
||||
- networking
|
||||
- base_config
|
||||
- prometheus-node-exporter
|
||||
|
||||
- hosts: all, !tests, !no_user,
|
||||
roles:
|
||||
- create_users
|
||||
- ssh_totp
|
||||
|
@ -1,8 +0,0 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
|
||||
- hosts: gitea_host
|
||||
roles:
|
||||
- install_docker
|
||||
- generate_self_signed_certificate
|
||||
- install_gitea
|
@ -1,8 +0,0 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
|
||||
- hosts: keycloak_host
|
||||
roles:
|
||||
- install_docker
|
||||
- generate_self_signed_certificate
|
||||
- install_keycloak
|
@ -1,14 +0,0 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
- hosts: matrix
|
||||
roles:
|
||||
- synapse
|
||||
- matrix-bridge-discord
|
||||
- matrix-bridge-facebook
|
||||
- matrix-bridge-signal
|
||||
- matrix-bridge-instagram
|
||||
- matrix-bridge-telegram
|
||||
|
||||
- hosts: proxy
|
||||
roles:
|
||||
- rp_synapse
|
@ -1,12 +0,0 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
- hosts: prometheus_servers
|
||||
roles:
|
||||
- prometheus
|
||||
- prometheus-alert-manager
|
||||
- grafana
|
||||
- prometheus-blackbox-exporter
|
||||
|
||||
- hosts: all, !tests,
|
||||
roles:
|
||||
- prometheus-node-exporter
|
@ -1,7 +0,0 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
|
||||
- hosts: all, !tests, !no_user
|
||||
roles:
|
||||
- create_users
|
||||
- base_totp
|
@ -1,6 +0,0 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
- hosts: vpn, !tests
|
||||
roles:
|
||||
- vpn
|
||||
- networking
|
@ -1,9 +0,0 @@
|
||||
---
|
||||
apt_proxy_port: 3142
|
||||
apt_proxy_admin_user: admin
|
||||
apt_proxy_admin_mdp: "{{ vault_apt_proxy_admin_mdp }}"
|
||||
|
||||
apt_proxy_allowed_clients:
|
||||
- "{{ intranet['ipv4'] }}/{{ intranet['netmaskv4'] }}"
|
||||
|
||||
apt_proxy_address: "{{ intranet['subnets']['physical']['subnets']['hindley']['ipv4'] }}"
|
@ -1,57 +0,0 @@
|
||||
---
|
||||
ca_passphrase: "{{ vault_ca_passphrase }}"
|
||||
ca_key: "{{ vault_ca_key }}"
|
||||
ca_cert: |
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFhzCCA2+gAwIBAgIUP+ptXLNUBVsZm5oYpynQd5mhB60wDQYJKoZIhvcNAQEL
|
||||
BQAwUzELMAkGA1UEBhMCRlIxEzARBgNVBAgMClNvbWUtU3RhdGUxFTATBgNVBAoM
|
||||
DFBhaW5zLVBlcmR1czEYMBYGA1UEAwwPQ0EgUGFpbnMtUGVyZHVzMB4XDTIxMDky
|
||||
MTE0NDUxNloXDTMxMDkxOTE0NDUxNlowUzELMAkGA1UEBhMCRlIxEzARBgNVBAgM
|
||||
ClNvbWUtU3RhdGUxFTATBgNVBAoMDFBhaW5zLVBlcmR1czEYMBYGA1UEAwwPQ0Eg
|
||||
UGFpbnMtUGVyZHVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4jG+
|
||||
8N5YN91KghYjYTOBQ+lRYJ45X5S9mfcwwf8OIMGe+NyNkXx2GX4uYpZOitYOApI4
|
||||
rGnAjhll7tdZevzfdqpUDCYUDT6iR4BzL32k22mIN+iW6zQPaZetOU7VIA9V5TsM
|
||||
WbDsftqh6fj3N4SwVMpHiuiajMkX8CIELxoXDAJULvwyreWOONlwDMObtVCHBIhM
|
||||
uf1Jbx2DfRNS/w6lbHPCrZefMCea1FrSaotOANXxNgQfptX3fLZbhH5RiZQLDU8k
|
||||
ZChAUoW9hE4+uiSOUMd2hl9XgCWHcGEMcKyWG+/lx8UUw3Zl+oOrfb+IWo5IByVZ
|
||||
8nV5aiTMCuRlcTcMHUuedRaPcWfl5ZaEOVzhYXIYM4Oa8ShqXuWqW0WZ8oIhI2ya
|
||||
hTE03mIPV1nX3ucE9GsDZpnrj7t+qd8etiZXFGVihKEqVFfhzKRsPh4wgUKH/gwG
|
||||
AJshPA9NyJ0JpzUaWQ2acUjo3Hg9WPSTaMb46FS7hUdZUcZZiwSq9JjHDNAUKjNY
|
||||
zudKjTyqJXkqwhNvMfKWFIGYjldvZgQXzuT8XmSHYSKuLfH9Ko28FX0Aujye1TTH
|
||||
MPljXruyO04Q7NUg/jqtxdsWRpH/qCt12PmRuIiXsNCAeLjSuc75H+AOPbNudJLT
|
||||
w2AUTkfn3mw/XTwEBfemHAo6GAdtCDKo6GxBqvcCAwEAAaNTMFEwHQYDVR0OBBYE
|
||||
FIh4sxxlmesmbVKPWKo81BXMFVqVMB8GA1UdIwQYMBaAFIh4sxxlmesmbVKPWKo8
|
||||
1BXMFVqVMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAKipx6Nu
|
||||
QwnYmwYPd3kUVBOj9ia0PVeE4LoUSRapzRTF2HilSIo9Sa7qD1HVxbWrghUPLjW/
|
||||
Ru04k82hxvAm26gc1XeqIBzpgZmxwF0QibCeuj1vDXsndACXVHd6Atvnl0rW4bEI
|
||||
pVCqerXNu0T4STk2V/xNqndGMRp/vZX67BlyHAHD4el957R9RYlyxW6fADrHDKqk
|
||||
tC1eTeQtEi5W7v9X3dNGdtFS+exDrYpUTHPDwM81u25oCGUFGsH3RlG7LUEQ5mYW
|
||||
SsJ3EKpIkMxSZB3/GqttCIHi+yEMtwDDL3dN8UnVaTkRjVNQxraOUwe66QByGqnJ
|
||||
9YeQNpUfZxWFW/GW2fBAvD/RaLrLZ4ywhUze38ks4jsLnAIduawjQ8GlNg9i2MqD
|
||||
zvDat41LWSCDjRUOfCp7fc9lMlI5blTafozrAddMV8YUs3bQ6XD0H31pP59jb7nc
|
||||
5kmwqH6RivbFZZYBquQVujiiI7d+9m+X9OfTZJTCpRPCGYZcLuqH7txyPhixxrZd
|
||||
a8lWJ+5jHOdncV/ZWSB5JnjKbaMMEPcaTo3puEPt/yl74CR7UOJXr5oM0bVFKjas
|
||||
90hY5U+jPAcneCk2oc44R4NWuQ7qbsjPRfcxxi27DoLbhlmPp9jQwYQEqmdflcZ0
|
||||
zCTEq81KO2mAbJgTc/ahhcvAV/huJ5d8c9R1
|
||||
-----END CERTIFICATE-----
|
||||
crl_distribution_points:
|
||||
- full_name: "URI:https://ca.deso-palaiseau.fr/revocations.crl"
|
||||
reasons:
|
||||
- key_compromise
|
||||
- ca_compromise
|
||||
- affiliation_changed
|
||||
- superseded
|
||||
- cessation_of_operation
|
||||
- certificate_hold
|
||||
- privilege_withdrawn
|
||||
- aa_compromise
|
||||
- full_name: "URI:https://ca-pains-perdus.intra/revocations.crl"
|
||||
reasons:
|
||||
- key_compromise
|
||||
- ca_compromise
|
||||
- affiliation_changed
|
||||
- superseded
|
||||
- cessation_of_operation
|
||||
- certificate_hold
|
||||
- privilege_withdrawn
|
||||
- aa_compromise
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
country_name: FR
|
||||
organization_name: Pains-Perdus
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
in_memoriam:
|
||||
- Terry Pratchett
|
||||
- Pierre Bottero
|
||||
- Alan Turing
|
||||
- Ada Lovelace
|
||||
- Evariste Galois
|
||||
- Grace Hopper
|
||||
- John Conway
|
||||
- Leonhard Euler
|
||||
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
gitea_ssh_port: 2222
|
||||
gitea_https_port: 8443
|
@ -1,2 +0,0 @@
|
||||
---
|
||||
keycloak_https_port: 7443
|
@ -1,65 +0,0 @@
|
||||
---
|
||||
matrix_server_name: pains-perdus.fr
|
||||
matrix_local_server_name: synapse.pp.intra
|
||||
matrix_enable_registration: False
|
||||
synapse_postgre_user_pwd: "{{ vault_synapse_postgre_user_pwd }}"
|
||||
matrix_max_upload_size: 50M
|
||||
matrix_registration_shared_secret: "{{ vault_matrix_registration_shared_secret }}"
|
||||
matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}"
|
||||
matrix_form_secret: "{{ vault_matrix_form_secret }}"
|
||||
|
||||
matrix_apps_services:
|
||||
- discord
|
||||
- facebook
|
||||
- signal
|
||||
- instagram
|
||||
- telegram
|
||||
|
||||
# bridge discord
|
||||
matrix_bridge_discord_postgre_user_pwd: "{{ vault_matrix_bridge_discord_postgre_user_pwd }}"
|
||||
matrix_bridge_discord_client_ID: "{{ vault_matrix_bridge_discord_client_ID }}"
|
||||
matrix_bridge_discord_botToken: "{{ vault_matrix_bridge_discord_botToken }}"
|
||||
|
||||
# bridge facebook
|
||||
matrix_bridge_facebook_postgre_user_pwd: "{{ vault_matrix_bridge_facebook_postgre_user_pwd }}"
|
||||
# Those values are generated by the bridge the first time the bridge is launched.
|
||||
# we copied the values generated from our test config
|
||||
matrix_bridge_facebook_integration_manager_shared_secret: "{{ vault_matrix_bridge_facebook_integration_manager_shared_secret }}"
|
||||
# matrix_bridge_facebook_as_token: "{{ vault_matrix_bridge_facebook_as_token }}"
|
||||
# matrix_bridge_facebook_hs_token: "{{ vault_matrix_bridge_facebook_hs_token }}"
|
||||
matrix_bridge_facebook_admins:
|
||||
- g33kex
|
||||
- histausse
|
||||
matrix_bridge_facebook_allowed_external_user:
|
||||
- '@dorianx:matrix.rezel.net'
|
||||
|
||||
# bridge signal
|
||||
matrix_bridge_signal_postgre_user_pwd: "{{ vault_matrix_bridge_signal_postgre_user_pwd }}"
|
||||
matrix_bridge_signal_admins:
|
||||
- g33kex
|
||||
- histausse
|
||||
matrix_bridge_signal_allowed_external_user:
|
||||
- '@dorianx:matrix.rezel.net'
|
||||
|
||||
# bridge instagram
|
||||
matrix_bridge_instagram_postgre_user_pwd: "{{ vault_matrix_bridge_instagram_postgre_user_pwd }}"
|
||||
matrix_bridge_instagram_admins:
|
||||
- g33kex
|
||||
- histausse
|
||||
matrix_bridge_instagram_allowed_external_user:
|
||||
- '@dorianx:matrix.rezel.net'
|
||||
|
||||
# bridge telegram
|
||||
matrix_bridge_telegram_postgre_user_pwd: "{{ vault_matrix_bridge_telegram_postgre_user_pwd }}"
|
||||
matrix_bridge_telegram_admins:
|
||||
- g33kex
|
||||
- histausse
|
||||
matrix_bridge_telegram_allowed_external_user:
|
||||
- '@dorianx:matrix.rezel.net'
|
||||
matrix_bridge_telegram_api_id: "{{ vault_matrix_bridge_telegram_api_id }}"
|
||||
matrix_bridge_telegram_api_hash: "{{ vault_matrix_bridge_telegram_api_hash }}"
|
||||
matrix_bridge_telegram_bot_token: "{{ vault_matrix_bridge_telegram_bot_token }}"
|
||||
|
||||
# Not configured for now
|
||||
matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push
|
||||
|
@ -1,59 +0,0 @@
|
||||
---
|
||||
intranet:
|
||||
domaine: intra
|
||||
ipv4: 172.20.0.0
|
||||
netmaskv4: 16
|
||||
gateway: 172.20.1.1
|
||||
comment: The intranet
|
||||
subnets:
|
||||
physical:
|
||||
domaine: phy
|
||||
ipv4: 172.20.1.0
|
||||
netmaskv4: 24
|
||||
gateway: 172.20.1.1
|
||||
comment: Physical machines
|
||||
subnets:
|
||||
hindley:
|
||||
domaine: hindley
|
||||
ipv4: 172.20.1.1
|
||||
netmaskv4: 32
|
||||
comment: Hindley
|
||||
router_hellman:
|
||||
domaine: 'router-hellman'
|
||||
ipv4: 172.20.1.3
|
||||
netmaskv4: 32
|
||||
comment: Router on Hellman
|
||||
matrix:
|
||||
domaine: matrix
|
||||
ipv4: 172.20.1.5
|
||||
netmaskv4: 32
|
||||
comment: Matrix server
|
||||
guest_hellman:
|
||||
domaine: hllm
|
||||
ipv4: 172.20.198.0
|
||||
netmaskv4: 24
|
||||
gateway: 172.20.198.1
|
||||
comment: Lan for the vm hosted on hellman
|
||||
subnets:
|
||||
hellman:
|
||||
domaine: router
|
||||
ipv4: 172.20.198.1
|
||||
netmaskv4: 32
|
||||
comment: Router
|
||||
test:
|
||||
domaine: test
|
||||
ipv4: 172.20.199.0
|
||||
netmaskv4: 24
|
||||
comment: Test VM
|
||||
guest:
|
||||
domaine: guest
|
||||
ipv4: 172.20.200.0
|
||||
netmaskv4: 24
|
||||
comment: Guest machines
|
||||
subnets:
|
||||
knuth:
|
||||
domaine: knuth
|
||||
ipv4: 172.20.200.1
|
||||
netmaskv4: 32
|
||||
comment: Knuth
|
||||
|
@ -1,9 +0,0 @@
|
||||
---
|
||||
|
||||
reverse_proxy_sites:
|
||||
- {from: wiki.pains-perdus.fr, to: "https://azerty.fil.sand.auro.re:2443"}
|
||||
- {from: hindley.pains-perdus.fr, to: "http://127.0.0.1:5000"}
|
||||
- {from: "{{ grafana_domain_name }}", to: "http://127.0.0.1:3000"}
|
||||
|
||||
sharing_sites:
|
||||
- {from: share.deso-palaiseau.fr, folder: "/home/histausse/www", user: histausse, group: histausse}
|
@ -1,4 +1,5 @@
|
||||
---
|
||||
|
||||
reverse_proxy_stream:
|
||||
- {from_port: 2222, type: "tcp", to: "azerty.fil.sand.auro.re:2222"}
|
||||
- {from_port: 53, type: "udp", to: "dns-histausse.fil.sand.auro.re:53"}
|
||||
- {from_port: 53, type: "tcp", to: "dns-histausse.fil.sand.auro.re:53"}
|
||||
|
@ -1,4 +0,0 @@
|
||||
---
|
||||
totp_periode: 60
|
||||
totp_digits: 6
|
||||
totp_machine: "pains-perdus"
|
@ -1,162 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;user_vault
|
||||
66646139353961656263643538333430306336343661306434346136646234336534393663333732
|
||||
6265656462333262363466366232313434643739616235660a323232393330383037636664303162
|
||||
66343861653038663534313139653266376563613030633934323335383431623538643135643637
|
||||
6634656439313233390a316435623232376135323666656332323038646565353733393039373533
|
||||
64663035613930303631313536636130333363633362383934623863333631633538393231633531
|
||||
30646430346634346433323339343461323430643938613634613164393461613863356633346638
|
||||
33396463303162333338623731646431663839623034613664616166383237323435623631393737
|
||||
32316336393330633330616530306538353136623737346530343838313634386535376633393134
|
||||
36306438393531613464326561356633373139663863666564323433353161656266616638626436
|
||||
66316363663631646562333566356638343830626437643666306335393364353165313939323363
|
||||
39323362333364323531353330343164643938346636333865626630363431663130373161353263
|
||||
34366131333362396634326336396635343961393239333665626632343533363263653535306438
|
||||
66343430343734653261386230653738373436313432393839313765333062363165373762303536
|
||||
34303939663837333531626437653263383662326238306162356361333362353863313466343031
|
||||
65646537323762373234633134323737333137316161343539663065386538653762616236396133
|
||||
33313637316331326432363132643462666438663037613537363263306564316530396433383662
|
||||
34356464353562336331623934316138376662396466626430383162656430653935626537303138
|
||||
61663033353961303061646364363865653135346362373433666531363432366566396638376139
|
||||
32656265636163326632356133653639623633663934353636396365356662666563623735353830
|
||||
33386166326564656135386161653032646635663832383662323162343039323665326165613263
|
||||
38613732373962363264373237643239383961383639393832616631613535316332306330353637
|
||||
39613638656434393039613362383738383039343030393761666534393633666630656632613739
|
||||
65376461323363643462613064336566353463363031303436616335633632623838306565313464
|
||||
61323431363635356431333336323434353334666539323233666132333931633636633632626461
|
||||
39366335613739393634636637663535643663353035663731613939323864613965663632616136
|
||||
61613133316636336336623563373564333533343062333262336539363962623739373233633462
|
||||
66643664616438383030303764313038613133353535636130643531623564373639396563333934
|
||||
32353663343533616262323165373564303239356635633136306133326666313037363062633132
|
||||
62363364623465353435386461623062373836353531616361346533626266623961393166323639
|
||||
35613261666533363436386438656232653732396631626638356532306163656661633738326361
|
||||
38353961323135383439326331663139613730303362326233363436353532373865656633633462
|
||||
32326339323865666531393565333633386234663463663133386463323730323230646533393535
|
||||
35356336326235333536663165393938353730653862356161356137666532653231396265663336
|
||||
63633330336264383765356661303431353239346433326138383565396663643638666330633161
|
||||
65323338646436323237613235343936636333653332666435373461346632643462383961356233
|
||||
62373066616239303437383637323838613666353465383035303230386565366138663933653838
|
||||
33626665663562353137316561303863333862376537303831316665653164656336323461666436
|
||||
33323165393762616664356561633138383836316433623635383664353564353664383566313561
|
||||
38623631356432316431343934306334633532383034383432323562313033356238323736316239
|
||||
31653261333035663631666362366231303237656630656435373636383164306266646164363265
|
||||
30653064306132393330376561616431343765656637356336306565306135336664373837353566
|
||||
65323636646235386661616132316461376531653738343632393638663938626564333235643238
|
||||
61653164616331653933336138393763613837353030653239626532633562396530373736316462
|
||||
63643930313264393363613564316637306562643336373536353036306233343266653066343832
|
||||
35306231383866613439636333623039376465386463653266663365646332336335326564323939
|
||||
65386630336131343964653037646365616631663466323036623661363836363135363636623361
|
||||
65613831653164393732623031613234323437383136636466353362313966656661623861373532
|
||||
64653063373933373730386363353939373062386637303936646566646137353238633765326132
|
||||
62393239386264346133623039616630636139646261366132623765613439303836336266323930
|
||||
64623861386131613239323261306636373065343233353566353565643532643031346332336331
|
||||
35663564353433383966633961383061613739373039643265653661666139363735313131363637
|
||||
62383539643433633164313563366161393133333433656131656331383861393566366631656136
|
||||
32653131363836366330313239383635336662633838363734366234343533353035356334303662
|
||||
66613833653930653836663137333064656564376464633435636431326336316339336533613866
|
||||
31373962333134653863316339623838333439386433663937306539343635363134633062306237
|
||||
64663834613937663733666662343933633839343532376662366561326535316530363466663432
|
||||
33626332303032386232363165653439666233616362306665656133656561306564363561633138
|
||||
34393237316239643462613931633530643062373130386162333537663136666131623263363534
|
||||
34333164376238353534623038333532343266636535366532633837633161393363393734613765
|
||||
37333438613332653466653231303361623439376465343231383135316230323337616330613262
|
||||
31613235356137313233616637333733633437376262383862323566343865313138633538333136
|
||||
35356261336263323330653664306635656332646365646630373437386536363538376636323533
|
||||
63383531336261626463613265386337346639616130613333363061643065313766326262313635
|
||||
30396438653535653739316264346531646438323862346438633339613563383930306230663932
|
||||
39653564336531376234373364306462396433633738313565363335303435353736616264313131
|
||||
38363738303431653963363765666238613435386261613037353465303337613933353430353131
|
||||
38653366643866303863616366383339653631666466646332323463616663376139636632393434
|
||||
35376537646236623339346366613066383061353535303036383732616337643331616263373131
|
||||
32633336303963653562386664313532373666346132663334313065336564346362373433326532
|
||||
65396532356238326237353034333264393233343138363739383830653230643665646362663630
|
||||
39333537353832616331363534326164323133373761306630623130383465663636636464313539
|
||||
61646363626434393530333465316333623139626433326337383766343730323963353731333930
|
||||
35646535376531656262326536306536633137636138663732366330656565633565313533306465
|
||||
34383464326330353133303731303534663834393837323965393363303635343236313666656264
|
||||
33633735653135643062313664663432363231653230636339386438386339623363323336393566
|
||||
62353037346564633535376638363037363861366263323766333961303534393539356530633562
|
||||
61616664633236613865626663636632323066643534393630393033626635663336366632393134
|
||||
32326565303031333566346461633136326566306461323436393539353533313033333061383032
|
||||
34326337616338626630316661663237333831616363346130653663663861353562366164643730
|
||||
34656638303531353861386437646662346132346662336164616232623839303934383166623532
|
||||
63343538656130306636313337646238663663636432376237353738303864303835646433353137
|
||||
61653931383837353934663536663266636636373936376230353836636134653531353031363938
|
||||
65333361303361363334393733666466643063653266363262306233633834353331666565353266
|
||||
38666431643139316139623263663864386534376566393437373965346530343433366535323732
|
||||
65626336396362393331623564656436383135636539333934633233666330643465633531316166
|
||||
62306637323739346639306630623132346665373630343566656437303630626664333465383766
|
||||
62303365653332653162336230336634333232663732653237386533646531643839643465366637
|
||||
65303964626463363130383164633938636538316461366335356664613138336463653539393465
|
||||
35353637616462613833636137333139356538386162616538613562333337383233313038313035
|
||||
31303065663630353865303338643533393839373665373231383666646634353035316261613662
|
||||
34663661323235383331643634636534363238353934303837666531376630643830323863343932
|
||||
32333934376332646537373064346666343535303038383234356165303635633732373939656438
|
||||
30326463396631376538346366373135373164666631323036623066613664376334353331386463
|
||||
32346132643361646136376362356266316231336162333834646232353935656363373766323338
|
||||
63616337343631383963343165303938333665333731373163383264656537356130343536626661
|
||||
63663236643539313436636531623232643163643036363438616230306264373166336630363833
|
||||
39396530643765336436386639323533643638336566636135613438643936623531613436653733
|
||||
62326536663538376266393233373135333231613161613335323562613734653639633137383364
|
||||
39313263303036396635663431356363663964393231333663396433653263333337653763613738
|
||||
66653636653436326636353361623637346562303465303034356561663964666139623630366261
|
||||
34656338363863393861323735613739366339363063633762363235626264666561373334376135
|
||||
33396663306131313530663763393137313264383335373830333939636238393163303065323731
|
||||
33636630363033646530383438343465623462346666333131626434616138363435623732663030
|
||||
65616632393866633466363837383238386264363536633439366661313265316333666435333536
|
||||
33376661663733343136353061623065393061306435396338623961623466376532613163353739
|
||||
64343033626666646130663861383236613961663335623134313063376436383666636338633332
|
||||
65643365656161373631633232353930343533653134346566643066376265626661366234303439
|
||||
33386539386536663932636238626234646266643432626162633534376161633262366631356662
|
||||
63643066383631326632643732616432343733306134616432636561393333326431626230643935
|
||||
32663232373331643335356562336563653837656164653531323561623432303334333330656263
|
||||
35303237663131616133643235646634373931313831313965346661356334396266356437613362
|
||||
63393136353762636666343538663134336138353661663161663936366531316662373666363035
|
||||
65363333393464303933646230396230363238313264373665623465393434346638663837366364
|
||||
65633536633464306138663033323132653436663461646432636161353038663836393735316663
|
||||
32316130383234633664663163663965313436656461353835633439303239663038646464653662
|
||||
63636261653263373337356433353935323563616438363964653036633139393836366537343562
|
||||
35323935396461303136623961633730623361663631393036633635663564306139353139646230
|
||||
32333731643838613465343064633638663738333666653637393331373033383834346134396261
|
||||
62393564633630353065646563336439623735636461313231343864326132323935633235643637
|
||||
33353935383665613162663364356232356661393565386231396534633865303938663239353137
|
||||
36323364346438386231643664306637333039353330616232356536323361356332643564323065
|
||||
64373137316131643631333331353062643930323265663935656532613430333537663038666337
|
||||
30656636666233386564663362386366353634613261393261303738643762656266653463633534
|
||||
35643537376639633563363266663534633662363432373032613738613130313065643134613635
|
||||
33336236346231346534363064356461653330383763626133386663616661306330393438333139
|
||||
63326264623864623463333937303338383061393835386132383336666234396437313165373634
|
||||
37346363616237666337613335313432386563323434333031626261373031343662376430336638
|
||||
30316466633362623663353037353863633037383631653233616334383562333236386633326464
|
||||
37336134663563656233623639643665343633323965613136613536633161353835363636663863
|
||||
34376234633364323534616465633762643033396433326436316435663533653639303536303931
|
||||
33643261623935363032346233393462653136346461383334336462613735633836663732323735
|
||||
61353538623534313564643037333162396562373836383763373861343361373164646564343537
|
||||
34326230393730333766356663343831616663666564613237636661353237313162623237313565
|
||||
38343239336561343435326535363363313739353165663835363865333164623332346234346430
|
||||
36336333626434343964383635363864386535343230313036663331666538363433363639346634
|
||||
65356534343432643064356332343337633034323735623531303638366461383137383038663833
|
||||
35373262356462666136313564643932663534396366386161326662316166626336353334313333
|
||||
64326238383962386534396466636235616464633166636134313162646663356438393331633066
|
||||
37333532373137646139653535623938386364613331346437626537646637366565653038633563
|
||||
63643431653538396363333566343339326632626566383035356631323931643135303830316162
|
||||
35336563396534633136343166623638643661623662366466613432616332313133663366323735
|
||||
63663533383735623262643963353530643330353130356131623733373937623662336536613565
|
||||
62306535353738613139326337326130333234373036646663633932366532336463616162343936
|
||||
33373764336530383439333133646339646330376265396639393063623761386464303532376338
|
||||
30306630626262333839613533663766613730653764373939306437613032323536623531353363
|
||||
32316464636231386634356534616162373064653066326637636533393230643263633635303263
|
||||
31663939393236306362616534646136643038666436306137313139366162303163333366323231
|
||||
33313763623839306162373134623361626263363365633834636331313030313635353932313165
|
||||
61666364646435643233303862613238373333303130333465643561656634663531303231323936
|
||||
37626565366334386536343637366162666464613639356139353761656563313532343764653064
|
||||
31396139373337353363643436666634623037613136333637313931323539383833316338623164
|
||||
63633562313536396462613437373031396137396532616466343034333839316461663632366365
|
||||
39396663366536373833363533353039623833613436393065366163383566303537316334343064
|
||||
31356334343034356431303533633236646334376136666665326365373239376233636436666337
|
||||
35333731366133616365303365396338653031343432373966356633313136303063653033643462
|
||||
36653566363630646564303531336330343566383861313431633933386265343661393965653439
|
||||
65636262393335373038643432633236646134356135323835616336323737373738353636323036
|
||||
35396363613565633431333434376530666662316434313938653338316163303033623931373932
|
||||
38363538303561646161636662633136313536633634366133316166366631663732633162663130
|
||||
33313038383230313464656131623039396230613661626534303563353033623365663765363936
|
||||
38396234356563373465366134646165633464323166333832393465393433363361
|
@ -1,10 +0,0 @@
|
||||
---
|
||||
uservault_users:
|
||||
- {
|
||||
name: lorem,
|
||||
groups: sudo,
|
||||
shell: "/bin/bash",
|
||||
password_hash: "$6$lvbzekjvbzejbvzvzvbzvbzhvbzbv....aezrfv/", # the string betwenn the first and second `:` in /etc/shadow
|
||||
ssh_key: "ssh-rsa azrekgnbmoienbzrinoien...aoeuzn user@host",
|
||||
totp: "daeae8ce486f6636d68c37c21ce002" # the hex value
|
||||
}
|
@ -1,305 +1,7 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
66396364626137653230336236313132366334386632383339303335333062323833373534643931
|
||||
3035323936343830646136386237623565303262616366320a303665383565613936323763383538
|
||||
32373832626130636665313664356636623339353266656433366563366439363764386136616537
|
||||
6230376436363463620a663761633130383262353661313461343839656361356238376433396639
|
||||
36643034376539383136633937613031343862653739396536346130303164346465356530323564
|
||||
38396130343031343862383237383566333661623466353538343462343565373765316132666430
|
||||
32393635623834343566303932343734653566326231303531346662303436653437663034333865
|
||||
65666230623861393161353339336663616131393830333136373366626233363966613064656630
|
||||
65663362636566323263353838393932343036613337383533393838636338393738303835666538
|
||||
34373266393237326465613064656231616562626531353937653565346634646162653038356566
|
||||
37643364336562643439616464636536353335666162623831313035663039386637323639623035
|
||||
66653538646665306130393934333732346366366439396637313932366463343935303264613033
|
||||
64633162373062373534643938646633306332303064356662366163366366326561656266636234
|
||||
36613630346162353061313532386330653939373663616534653263306339633139653935663565
|
||||
31316237373766653865326632306232346234613237643038613334353737323930636365303562
|
||||
63333261646638633031313032386239383938386439376333613762346237313463643663336133
|
||||
36353833333661323632633461333064313263323937613263356264366539313036366637646138
|
||||
63373761626566613732623365643065626234643032323263623965316464343734386532333165
|
||||
37626561616334396561333930326461393863346139663738393536626135386463366366396336
|
||||
36306538373331616562373263653636643938643031386435633234666561353164386463323339
|
||||
63353761653538663264333762613731336333656139313434613563343061386462643535346533
|
||||
65366263383735306336386430636338396561346236333837336465323866333933333337626235
|
||||
39653030326430663332636263333938326536356366643734346362643430336366623164633330
|
||||
65383838383830306133626461643632656637336264666638383636376565666231373331393834
|
||||
38663939633137363236303632616638646238313431653262346437313237356263616530656339
|
||||
34336634386133383434623739326234313339333265636364373963343334363836313934653565
|
||||
64336132376336323063663765643365336366303732666137376631323231343631656439383666
|
||||
36383535316232636434653238313738653166633836303461376232333933316332326462656432
|
||||
39313166396234613162623361343037383131663465383438356438663130306138356266656561
|
||||
37306232653730653962656336373634643937333633623361343132393964623739623161373233
|
||||
35373461303833343666623261616534323435663634363639316466613761616533646531616635
|
||||
37663038396537343361393635343264613635666564343065313930376365393361363934643234
|
||||
34663830386664613062626465633666616430646566633435303837623536646466616337376162
|
||||
39376431643738336163653333333638663564356237393630636537306564333531336330333039
|
||||
61386261316335323866353637626536363939346564373333633561323361396264373034353063
|
||||
33613835393064393363326263623964353131326566353938623431396566663961633863313465
|
||||
37373264343331333839356538346436336561656435643434353532626539333538343261616336
|
||||
66623432653930633334363266316339373830643631316432303633633337666537373039323037
|
||||
62316333356438346364663734613863316334636365316565336561626563373266386636366164
|
||||
62346536313965643661356433383538646532633234313137353035633732356366643934663661
|
||||
63373735323138356565613131373938613338653061383734643633636363353438373533313765
|
||||
65393665616139343137643565626437373033363737633061386362376332353739313861623339
|
||||
66333538666563636264303239353535306166656530346363396338373963653536333066383035
|
||||
39633938353932303164306236626564306235326237646238393461306464386536616463376132
|
||||
38666237376533353965656131373639353533333532396430616165383037303266653033633432
|
||||
36666535616633333736653033386263616434343361383066663163363936386435626130303836
|
||||
66623833323735643435653261323437386338663137653633663261336434636234623232356664
|
||||
39376338303433303534636632376136656366633165616638623934666362666638653730343564
|
||||
38303566653464383231633464306139306635386136336634643732623237643961643636333761
|
||||
66326136633434346262343364633732303831323337663566613833646537346237643761616236
|
||||
36373966356330333233336330663063663966633337373835656334326330326630353261666437
|
||||
65316362643165353166656330313839623562633562373161356561663163636437633133323131
|
||||
30373462336532353063663164303837653332383565663436383436396265373966653036316661
|
||||
62663534383061656363643439633032383735376237653832616563383865613733356633323633
|
||||
65326631353265383433346130636364656533333736653834333661623733333966666638326437
|
||||
37353833663432613133336566663337313833323334393065303633396464613333393663643732
|
||||
39666235353664323036306531306462653161613937313633623333306663333834303763623362
|
||||
34613362396331383636626237376433303966626463633364353265356637653533623538653630
|
||||
35393766306639633431373530363633306635663666373137653932663963363939616134643366
|
||||
37363436336535663861336463653639653536303634363661666335666633306530633934363466
|
||||
31386437363765633938633966343535386335323735623739656131623232393238316161353634
|
||||
38633338643937623663346561383239313933613330626166636334333838333531666233356233
|
||||
65343439373233353463663462333036376362643066613762303963383065633337326139353638
|
||||
39373461386664313935393463313231353833663133663930323435353332373562396638343138
|
||||
33636465626238663534313765363333326561386164346139396432336431376234383238333530
|
||||
66356535353966633132626161343661643465633730633164666465366332623061386261383164
|
||||
39313433663237633166343033353063613733383130636237393063623962613938373164653630
|
||||
66343031613439316434666364366662373838626164653637636232643737376637633863616330
|
||||
30326233323137323865643262363837353162363634333336353465373264336337383066323939
|
||||
35336462336462613634363831343266336364646334386239373832653863323832303766643435
|
||||
34356339653964373532326138303132616530663362303664633861373931373061393566313765
|
||||
66343937343532386162346431623166366262623163306633393933663266616135663961643436
|
||||
37653663303337623662393761336632356534663430316264343437653763656635323437646637
|
||||
38393661306362313064613434396331613366373037613464356565373461393663636138633532
|
||||
64343561346463316532366361646438323731383963646337623165383663666266316139656166
|
||||
37336463633834636435343761613837666635653166326163346539626139613562396439306130
|
||||
33363230626633346138303538373439626161623163626135643665613932666535343532303036
|
||||
35373431343635393665616366643332643035623133613666396234353338623636663762636336
|
||||
35346431303536613962323861336539396333346234393763396438383539383036333636353637
|
||||
39646333383633326238393164333835393237623734383537376230353264346237353866333264
|
||||
38643231343536356339373531633165393334353365336261656665336230373266633938343134
|
||||
37646266383438633835323233306363643765653833666363376338356265663831636431646637
|
||||
39633532353130396635383965643531363564373766323064616165376134613834303666306231
|
||||
38643366333166633238626335313463623935373233353236393663353561383763636131383862
|
||||
34623536343664623962326237326532643830636533636361666432333261363530373464356233
|
||||
64373865653035613363373832653163326165363061623531373337663765653937303036656663
|
||||
66636463346139663962393431633162303664313031306331323865313739323661303538336238
|
||||
65313639663663393962396333666438633432323533613064313765353362326532613834373136
|
||||
65326265646136613030353862326233646331396238343634323534626136376136356561316635
|
||||
66333662666437613339396563323531396261366138323938303834393865633439313965613463
|
||||
38343961646664626663346464393061396234356237663339323462623864663864383939353862
|
||||
34313266373138346235626236303433613062306332343638663538356431663930303863306461
|
||||
63386262333663393262623364343864376437616237313537343839656632363436613933376438
|
||||
65346137313732316639353937336162313661386536383339633938613763336532353634373935
|
||||
64393635366435666639346537386661383362623565623365636136316363336337663738356463
|
||||
32333466363366336337653739313166396435323434376662356165643662353332306431383839
|
||||
61613331313164336537313037393166356537656530616336663138316532323164346266353831
|
||||
65666238306135346235376237376561333063373163633433386461383834633762646431396462
|
||||
65313637623266646332336332363139376265363037383533613763373734313664343835396335
|
||||
35323230326463356333653833326561306236336238373539653938653933636239626661376436
|
||||
35303639643832343364393439386631616632313830363461326665303162383839653762366630
|
||||
34656330393539636564346461316638396230323566376431636236306632616331323132623962
|
||||
35666466326136633166323466666361326137306335353565326232373363323965373261636235
|
||||
32363935323865303630383836303964326138393632333234643261386361393961336161636664
|
||||
36393163343634633033396561313535663534623936323564373430396238356635356231386365
|
||||
64313331633231336361613333313532626439393562356430386238396430393861396136633339
|
||||
34303962343336356331663530613031636361333836646132316131343839623235356561633266
|
||||
31343733353631653266353631376161613632373063323765663932646633653964366563363531
|
||||
31313363393136643036366531333138353135666235303335393531353833313231386364393934
|
||||
63653566616235303835393136646562626562353830653663386564366633343061613034383634
|
||||
33363238303661313034636562356235393861356563333039313136396232343964613437356232
|
||||
36346239303732333462613838653232326234353737633236396165616433656531393332663433
|
||||
62366161373231646235656562323765653662343161383031613461643138303462386236666339
|
||||
33623037366431353462346534636565393234626434613134343135343466623662386537386535
|
||||
62306533386532353962626532613839346236303963646265333235336363653037373961663236
|
||||
34366162353466373265643765356236313732353830303934376538343833343065363562356362
|
||||
61623364386366396366353037393434626530326231623165376337306261373164343030383533
|
||||
39353633656332363130326361636233363739333662663362366534396331353330343633313130
|
||||
61326266343235396461353637333630333133326339303431376234356433623631316132633632
|
||||
34653365623632613630306134643666373961623137393135393163383666326232633933393630
|
||||
34666430316266326638613537373337386138383261643564313564666663666664363363323463
|
||||
38366633346563343964653561316533323965366662663965623661613735366333313133663730
|
||||
63626432306132356138623762366432613064326138646238643766313737653531653530663337
|
||||
62393136356331636131303163313236386436663261613935353532666534386265313964656235
|
||||
62633135643630313032666134393638663136373162646365343163353432333232613733346539
|
||||
36666664613461343831373733393231303962356461383632303539633862633630636331613236
|
||||
65376464363235326338366262323535646636316438356161316333663134613865326465626639
|
||||
34633834376130663235316563333936633036623031326232636436363563633432323930383636
|
||||
36383538333162623836306339613236623632353063366332636366376231353132663163623737
|
||||
66373563663166666235313364383761383730346233363466623133386530313265383962333130
|
||||
61313064316264613466626131616162376563346363323639303630343361613230333434613836
|
||||
39303065626232393663626562376239356531613931323530323666353734396132613461643133
|
||||
66356564626666303836326262666466623431373933303435616461653837383765393363623635
|
||||
63386335313835366139633761613539366539356536663763396530356230353138633833316337
|
||||
62343434323330393439656236626336323439333063376131643964376631376564306339323066
|
||||
39666433663438306266393430303538316435336238383934323439323261373936326666623539
|
||||
39633035313633313563663366666231383865333032333162386365633163366635393766366162
|
||||
35663334303061303862346337376435616337663130633864383439653764366262323539666433
|
||||
61306432626635323730373964353338323030656437656364663035336531353537653839623133
|
||||
66363934333866356635383930383036326638326534333164383034613730383861303439383632
|
||||
30343434623834366162366564356131356139363432353864646535623537656137383166303262
|
||||
33313433303561333932333832383465366633336262386163363137353731393135636632323931
|
||||
37373233663336333332326238323338373639346333663366383966653337623132653537356632
|
||||
66366462336133613735666631366661643432333037383536303736333432663338623165653834
|
||||
36383930303664313432363433333130396236343332303561373261353561303331356333393330
|
||||
38613037383038376335313836363337313633346539626532383132323766613838303237333766
|
||||
62623235343232663566616233653764323132613634316263373330356635396232656264346333
|
||||
31333339336630373934353130353464373962656264613938366132646665646531646633646536
|
||||
37373639393030303161373032373638656566316666393239326338353164626434393235366264
|
||||
63343864646336376538323235313333363531303563316634373338393137656663323132333533
|
||||
35343062373534376531383531313835303738376439636630336161303539346363633064383435
|
||||
38656434666239396539353338396662343035626333633862323739366136393063646431363531
|
||||
33643566343736616665666361633961336163306632383632616264636165366165396132303237
|
||||
32643436613034623062616463623038313061356364303235656439323430366430623339386339
|
||||
66383130323530333963666431306130633565353833336464626331313030616239336138343035
|
||||
31343833613631666461313631336565376264333336353561386233626234623730323561373134
|
||||
61616236333962386231343532323464646235633530333062343663373830656130636665623865
|
||||
36643633323539376165616238646139336365316532643565656266353539366433366330323330
|
||||
62663735396233386463653437616639313331623736613562343236613564306139336233656263
|
||||
65646534643762336435323232373062306434393463623662323963333232373631373530353237
|
||||
35373131356538646462303961663862656533643162383436303361306639643134383436343739
|
||||
66393238663837353164333662653933353530376433633930663336373634383036393637663934
|
||||
39336337313264366135386464363061356664303638333866303562316664336636333566623366
|
||||
32306639303963336233386365373562366466303930303931643266373235343366336163303930
|
||||
30386337393966633135326164646532376637636265663762326562336565383935613062323462
|
||||
62353536663936633837316363653366356231323664363439393866393133336261346134333863
|
||||
64643832306236666636333939326531346163346335356636643566333362643533333034643739
|
||||
36373736353464653531316262636231343963376633653239633037336133373130643762626461
|
||||
35346637653434656339323861316233303863393263373638353664326430303731643439613430
|
||||
65313161336137656536346435356132343835326636616164366266373561323864386366366432
|
||||
66613039663836626161643336316432343436333130383935306638393564303838373938313930
|
||||
37393633343562646461653339626135303262626434343132303462353662323066633639346433
|
||||
64336239663733613234333738633730306337313936343865323030626566323066306266336334
|
||||
33393332373163353130623132633264656137386163373662613965343162646433653263393566
|
||||
39356464393962636233306462323730333837656363643164376438363565303138666564656633
|
||||
33343933313138386539303837306365373639373464306537663439376637303134626262656264
|
||||
64336663663238376231323030306438616434626466616566303135363333366564346636323562
|
||||
32343765353931663261633338356161383734303764356465616136643862393266343031353534
|
||||
37393030656663613764323831353839616466633664623530663962666466383562663464353334
|
||||
37376435363230366362633939613764383863653438303933633962653937643332633063353937
|
||||
36613434306634623362643233313164333832663639653066313137336565333138363864306363
|
||||
31643366393733316236353263316537396336656139643435373365313965383235376166353862
|
||||
62363438613163626564383966343331316338343835656236303565303631313733353265396537
|
||||
38316463633931633431653837633134383563366133373362326664323731326363326137326232
|
||||
30373536386435353236313330373537303239313538303361396330663837383166393536383966
|
||||
34313466623333623466326365643664383737363363623731316565353366373864636135656333
|
||||
64633132613138313564336337383338656639666330313939376234343839386438636433373832
|
||||
37653366633238663266383565346564396135356163326566313665343339346333323765336631
|
||||
35643762313662636662376331336139373866373437623631363636326135346536363765613936
|
||||
32306166306135313638643633353131643939366465346233636639663961303563643162366133
|
||||
32316634383963653038613037366266346634323361313337666262343432386239326337326334
|
||||
65653461626264353564323161656631373865666433353139363639393338376661353064353966
|
||||
33663064613665326564333737303733633433333735303461613933353435303461333033623433
|
||||
62356236323735653338333861656435616661386339303439653531643065643030393536663963
|
||||
64613730343036353636616462633365326661333038383264616336633839346466393665393465
|
||||
30316465323466633234376466383538613539313239353937353531316462636463316238356634
|
||||
38346439363033336363396165376162633536363361386564633362623864316339623233313235
|
||||
36646161323832346332386261623837663135646237343864333564653533623835333834343333
|
||||
33333739633130386131316537386636363234333466623730303061336136633330646361366632
|
||||
37386336623862373561386663353063616635326131663535313337623232376164316631346436
|
||||
65656536313761653739623130313766366662613630396337373034323562343633333234373031
|
||||
63383861656461336333303436353739646461623333616236333962356564623566363031353334
|
||||
38636165646632346633353766393230343736313966333564313730353262636135633164393334
|
||||
32373063393964656365333164623165326532643633313563643337653062363566393636653934
|
||||
63383533326337393762343462313732323561316532303137336133616634373339633864306334
|
||||
64333032356531313763313838353730633939393536383165376130663163643339393439616163
|
||||
35363162313063663765616332613834306134393731633662306130656464336132303130303165
|
||||
32303261333162303438366436653963326162626334613030653038343834336232333733643461
|
||||
62326632373832623863333536613339373539396533393639326463633837306439383439643437
|
||||
61326261373064313733636566316631343132656663376234323339383464363537643266383238
|
||||
63353366383664653837326637376537616266346161653038306331353938373230386131333032
|
||||
36653461633134373034656534623262383335626539623939313936396136376565643332353230
|
||||
62643633323835376563653337306631376664336464646234666336626532356562613864626464
|
||||
64323135373835613239613830616134303561363630623435346562633466323462643839303536
|
||||
62303634386563313565663837393761666532303834623063343431343364363338663838313961
|
||||
39643431366661333465313066643939356336643264613133653738666438653630353239386465
|
||||
32363739663566616431623665363763613531346134343933333963623033313762346438343937
|
||||
31306262353364353434663231656538376262393235346432383936663065316165376364326134
|
||||
61396563636462396438623262343537636131636339636566393138666565356438333562613461
|
||||
64313139326365393439366138623366646435333132326638656438396161386139393036656439
|
||||
32646535663564663462343862366666386633623730336333346335666436623866613564636665
|
||||
64316230343332306266303831373139353934353633323032646135376632303631616533663534
|
||||
31656539353538653539306331373233333337653864323433393038636232373439326462336337
|
||||
65356565633835333939373736383134373963396132306638323664363639663262393232383335
|
||||
30386231353535643139363536653065326663353665353932376533363634373164333061326634
|
||||
33343330626136363465313132363563326666323335383239376133633161623033386231616332
|
||||
66636566353337356433333266336565646133346637386366353239623937626431633039663734
|
||||
31656466383362666333393165306561323164313164363030393639363435656262643461613033
|
||||
30303466623230643330313164663535663836363536353238663136373133356663323062336438
|
||||
33393935353161633536356134363064646235323339663730383464636134636433353062353537
|
||||
30613135626264366566623339613037383636353334363530653732626165323738643461613337
|
||||
35383138323336616563333965643630353836383032363034623963373733626232353365643536
|
||||
32303761613033353563333531396630646261343966393662336661313336626662306538636633
|
||||
30346430653736346636646264633936353562313537323863363462316561333865353563363630
|
||||
37326336363234313933363333396336626436343936623535316665366437656637386539303862
|
||||
34336330316430626563623331656464313663633432396263346564376532306364353566363664
|
||||
61653131643837633639356533376163643465326166636436646165336635323838386265316264
|
||||
38393433346262626365303261303533653931366531303565623165376661323834333535376364
|
||||
30633034346635663262653835326131396165306632663161366138376631366364356162626338
|
||||
65666465336365313535376637313365653632346432393937326334633861313562323564663638
|
||||
36623462653539356339623666643234363361656639313133313635306362373738636264646531
|
||||
32313063393731373666373266326661623562633935656233383339383161316564393130643932
|
||||
39336163306462336638646138626236396237363939323461633330633762616561343432613937
|
||||
66636663623063333333376666646334306662303561656231333365626164366336653237396236
|
||||
63323531333139646336393033633731653437313230376465616663623734623339623238313863
|
||||
35366639613930303166393739393163313635663063326432323434333363613930653937653136
|
||||
65663766616465383736333164346533643236326561323335653331623931326130616236306462
|
||||
63336434326464613335356333666237303261326432396361376534326566346435376461613933
|
||||
39313537323939373264333064356166386339356131396466376437323638313366336336653766
|
||||
63613365303032373939326463383463303136396239333236303437326331636637356133353135
|
||||
63666430386631626139626664376264333833386437316563383830666135663431383162383366
|
||||
33343463633462333263613965383034666336396564376635313666343434346366376434313830
|
||||
38613638656439343465363261653737333362316433353964653530366562613137303231633464
|
||||
33656364363032396566353830656634613434636561633063643261396334613935343133653830
|
||||
37386634653166636561646163623964313465616163343661646464313036356435636338313237
|
||||
39323266623861366562323238316666613237353236363235333436303333653561316635373233
|
||||
61323233346330643431333866623861656632376164616533653765393866623432363130653331
|
||||
36323937393138616162326438323463363438633437303665313630643432353633316337613537
|
||||
33623130303738623763383936653333386631333135616637393731346665626634633238326537
|
||||
36336539306166333062313465653630393134363936616237643866313264306531363163616136
|
||||
30616166643439643034616562646464316662666539653439626461636537333639383636643630
|
||||
38353266303831396630653261643536376633633430616365303866366132343062306539346530
|
||||
65353836313464333833623364326661356164313963383462623138306534613934373366646535
|
||||
38646630363564343865613035383130666663373333643530643237323030643432633139646239
|
||||
61623136663139343866636663313731633530363033666536666137303861643339306331313233
|
||||
30633665306333653734383731396663396433353862326162643463326365363565303634396661
|
||||
36663832626636333936336131383236323538306131613237393835663235313636373330633164
|
||||
32383331636561386164373964373664643436663830623361393965656265646137666263666632
|
||||
33653736363232373838653235343665663465333562653861646436633061393430333133613735
|
||||
33343238373633383966366365383333373263343139646533356439333763663462343263383631
|
||||
35663666656562383230333065376439643132313734316166313430386661313234396164356338
|
||||
39653265306637376239343537626237323332313234373862393862653265386266323161316135
|
||||
64353139613530323264326639333464333366323437633932363334633635343436353462343130
|
||||
32623337663533666334323965656435636561333865303461326163653061316137306339626136
|
||||
64363166623962346366353732633865373037636563373338333061303263636363393632633337
|
||||
61633833646466626663613063663131323139663263356663356538623536313230623361363332
|
||||
35343630353637376636663762323564323033393834336261333838326332333966383266333363
|
||||
66626436323566623866333462333832323536363465373265333830353265306263343731343662
|
||||
37663036356330353537333434313165313662303038326335653761343432383639663365613334
|
||||
63376239373638343432616665336437373266376463623330393238396138393734633934626661
|
||||
34333164643330313531346636636432656230633264396130636338613564306337353337653030
|
||||
39623466373732336435343738383539663833356233666165616638356436373231656661613138
|
||||
31353062393463383035323962633330393733346237666366363939333437396163353433336638
|
||||
65393433613337373935353338613630666539303231633139376235376162373932646338333436
|
||||
65663363613831363538336233616666393836316237653432343137376262636632646234363230
|
||||
39373133333931393963363339376166623563633733363137363361653463333066666465613432
|
||||
39316662613734636462393936613338346361323438396634313234393335323462666632653938
|
||||
65626464393733666431366161653238373266646266376463633366336332303133633738343165
|
||||
32616239653230646565316463373139373933323365366430663463653631343837376232613666
|
||||
63336134316536353962396430326166306339656137333765306233336234393233646136633833
|
||||
31623861303530313739666636373138353339393434396335646535613932343666643261383639
|
||||
39386135356463663335616466633137623035376639623635613765303732326232303937366262
|
||||
34326464336666613566333562316164333339303636613265323538373263363866333932656532
|
||||
33306163343437343861363861666533393462373561303562386135306133363664313638336163
|
||||
61666239636535326634393437656536333034313139383961353062326138373463323361613533
|
||||
61376264616361393262306237336363386237383665383839373637346535663639323065636135
|
||||
33363436383031373232323936653163383535633436623936653766666231343838656533643532
|
||||
64623961613837363362393563353438656631666336653861666233636437363632376365363630
|
||||
66636536343365653761353235353435383132366464306432323434386135356631653538306134
|
||||
65616630323833373732323535633932633563386233353062333739393562353338663663343734
|
||||
62616333366630303833313131313633346539316163633665633438323237396533636232396661
|
||||
63333432636166646433366138356263343535613334623538396335303739356135313566353265
|
||||
34313936393436356334396139643863383561616130376466643533336363323163386437636138
|
||||
34663961313534646439
|
||||
66346339616339316665383163613863376439383934626434313163376634306435656437353165
|
||||
6263666165323933346232356234656137646466336466360a656639643838323563643235363933
|
||||
30333435366138343930636130373239663735303164636639633039326131343533343561393561
|
||||
3864653732636464320a396563643963393862353962323462616231393332633131633832336338
|
||||
36633138646430623563316538643534666230363638333732633432316533343263303766616561
|
||||
6431623436633030393133616166323434613464636631646338
|
||||
|
@ -1,5 +0,0 @@
|
||||
vault_email: user@example.com
|
||||
|
||||
# keycloak
|
||||
vault_admin_keycloak: admin
|
||||
vault_mdp_admin_keycloak: my_password
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
vpn_port: 51820
|
||||
vpn_keepalive_period: 25
|
||||
|
||||
vpn_guest_keys:
|
||||
knuth: "NVKyKcX6PEEApSZvAwnT9gfMmMo6o5Go5FtzEPvh+y8="
|
@ -1,36 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;vpn_vault
|
||||
63336164323763623961373136616238363832356135343764343966356631333766396265653566
|
||||
6139626665393664343961363966363339346636376431340a343730653565383265616365386366
|
||||
32333533666333373663373037653731666361343737356261636532303562663063343633346537
|
||||
3337643137653839320a346236613362393636363935373162643237343831333535393461633963
|
||||
37343039383931613031663733666538383735383064356532373232633661386237366433396236
|
||||
63666134376463313637643061623934653666353364353235323431633930373663636137313462
|
||||
30666263386237303563393936373566386563386631656162303634306466656663666330313937
|
||||
32313431343536666437626130646231333237343734303538363639383933633661323565353661
|
||||
32343065383433623730346664643361306539623937656331333764346336396231656465373561
|
||||
33343034303263303833373936383936366131663962613961666161303134316134316635626639
|
||||
36666334393961306662626162393433643961646339323934653335613933383131633635623763
|
||||
34656538336434303339613032623432613239303239373937643361306535383137643239646134
|
||||
33336461613034303362353837313362643934666239363036333432373631336162646330333532
|
||||
36303332306333623765653838373361353435646366323462383237343134643736376230353434
|
||||
35333738313030636339363538656130643163353238666638383830316665646438366164636138
|
||||
30643031336164323862633135313630666561656335626464336162386564306261396532396238
|
||||
36666139386236663736613936633964363166343765626366323566613733353233313862646165
|
||||
33373264633763386166373739313136343362383864343866323231373536633130633032616334
|
||||
30383930333130646636666134363661316236323937373861343333333833616633346161323965
|
||||
31343966396635626465613630333732353335373264646464373764363433393439656635636430
|
||||
31303930333731656339633032366166386265653632633638323932626161623966613761636236
|
||||
61303134663931636139336436313637333739626336643838663861626539323336393239643131
|
||||
37383665326332393663323166643338353135363831306561623639643663326364343639316665
|
||||
38343337323633353066653666366238633932393836396338336261663331656565653532613438
|
||||
36323462326431333235376566343134663734373534663834316133333236636166386439633766
|
||||
31323931363066343334363764356630383764346332353162316461333762613366663130393831
|
||||
36633430383131326335333130303832666430366134393462616163326239383538616531373166
|
||||
37383130616339343832313335636364623434636434393430383566376433363565626336303064
|
||||
63376234613835666338373662373735386561643431633037336231643033393563316363613131
|
||||
61656232363035333635636464656465613763613032376666623238613362343032613465313331
|
||||
62353035313862323631653766393463383565336535616630383839376135393037363038343639
|
||||
39646531666130626638666535623533373766386531343236313962636539373233363462363032
|
||||
61373938373139376236633062353063643037333062363464383638333635643331616465643533
|
||||
34646238663731616635313131313438376536633862346165666631326632623534306666396264
|
||||
636139633664356536626239303631643864
|
@ -1,4 +0,0 @@
|
||||
---
|
||||
vpn_vault_hindley_key: "AAAAAcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
|
||||
vpn_vault_azerty_key: "BBBBBcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
|
||||
vpn_vault_hellman_key: "CCCCCcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
|
@ -1,2 +0,0 @@
|
||||
---
|
||||
ansible_host: "hindley.adh.auro.re"
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
proxy_apt_interfaces:
|
||||
- "{{ interfaces['wg0'].ipv4 }}"
|
@ -1,14 +0,0 @@
|
||||
---
|
||||
interfaces:
|
||||
enp2s0:
|
||||
ipv4: 45.66.110.3
|
||||
type: dhcp
|
||||
wg0:
|
||||
ipv4: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
|
||||
netmaskv4: "{{ intranet.netmaskv4 }}"
|
||||
type: wireguard
|
||||
|
||||
ipv4_forwarding: true
|
||||
ipv6_forwarding: false
|
||||
|
||||
lan_address: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
|
@ -1,27 +0,0 @@
|
||||
---
|
||||
vpn_interfaces:
|
||||
wg0:
|
||||
ip: "{{ interfaces.wg0.ipv4 }}"
|
||||
private_key: "{{ vpn_vault_hindley_key }}"
|
||||
public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
|
||||
keepalive: false
|
||||
peers:
|
||||
- endpoint: ""
|
||||
public_key: "jvjOCj5xVTLwyQ8o7QsYvF2ep1HbD/GKnmjpqJuztB8="
|
||||
allowed_ips:
|
||||
- "{{ intranet.subnets.physical.subnets.router_hellman.ipv4 }}/{{ intranet.subnets.physical.subnets.router_hellman.netmaskv4 }}"
|
||||
- "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}"
|
||||
comment: "Router hosted on Hellman"
|
||||
- endpoint: ""
|
||||
public_key: "{{ vpn_guest_keys.knuth }}"
|
||||
allowed_ips:
|
||||
- "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
|
||||
comment: "Client laptop: knuth"
|
||||
- endpoint: ""
|
||||
public_key: "{{ hostvars['matrix_server'].vpn_interfaces.wg0.public_key }}"
|
||||
allowed_ips:
|
||||
- "{{ hostvars['matrix_server'].vpn_interfaces.wg0.ip }}/32"
|
||||
comment: "matrix VM, hosted on g33kex's server"
|
||||
|
||||
|
||||
|
@ -1,4 +0,0 @@
|
||||
---
|
||||
#ansible_host: "172.20.1.5"
|
||||
ansible_host: "nyx.ovh"
|
||||
ansible_port: "4502"
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
interfaces:
|
||||
ens18:
|
||||
type: dhcp
|
||||
wg0:
|
||||
ipv4: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
|
||||
netmaskv4: "{{ intranet.netmaskv4 }}"
|
||||
type: wireguard
|
||||
|
||||
ipv4_forwarding: false
|
||||
ipv6_forwarding: false
|
||||
|
||||
lan_address: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
vpn_interfaces:
|
||||
wg0:
|
||||
ip: "{{ interfaces.wg0.ipv4 }}"
|
||||
private_key: "{{ vpn_vault_matrix_key }}"
|
||||
public_key: "oQH8CBofxNSOGevaz1HZlz3ZW+H3ndb/TmqM0pCiRR8="
|
||||
keepalive: true
|
||||
peers:
|
||||
- endpoint: "{{ hostvars['hindley'].interfaces.enp2s0.ipv4 }}"
|
||||
public_key: "{{ hostvars['hindley'].vpn_interfaces.wg0.public_key }}"
|
||||
allowed_ips:
|
||||
- "{{ hostvars['hindley'].vpn_interfaces.wg0.ip }}/{{ interfaces.wg0.netmaskv4 }}"
|
||||
comment: "hindley"
|
@ -1,28 +1,21 @@
|
||||
# Servers and VMs inventory
|
||||
|
||||
all:
|
||||
children:
|
||||
ubuntu:
|
||||
hosts:
|
||||
hindley:
|
||||
debian_bullseye:
|
||||
hindley.adh.auro.re:
|
||||
debian:
|
||||
hosts:
|
||||
matrix_server:
|
||||
proxy:
|
||||
hosts:
|
||||
hindley:
|
||||
vpn:
|
||||
hosts:
|
||||
hindley:
|
||||
matrix_server:
|
||||
apt_proxies:
|
||||
azerty.fil.sand.auro.re:
|
||||
dns-histausse.fil.sand.auro.re:
|
||||
re2o.deso-palaiseau.fr:
|
||||
proxmox:
|
||||
hosts:
|
||||
hindley:
|
||||
prometheus_servers:
|
||||
hosts:
|
||||
hindley:
|
||||
matrix:
|
||||
hellman.fil.sand.auro.re:
|
||||
proxy:
|
||||
hosts:
|
||||
matrix_server:
|
||||
no_user:
|
||||
hindley.adh.auro.re:
|
||||
dns:
|
||||
hosts:
|
||||
matrix_server:
|
||||
dns-histausse.fil.sand.auro.re:
|
||||
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
- name: Restart apt-cacher-ng
|
||||
systemd:
|
||||
name: apt-cacher-ng
|
||||
state: restarted
|
@ -1,88 +0,0 @@
|
||||
---
|
||||
- name: Use a newer version of apt cacher nc for ubuntu 20.04
|
||||
block:
|
||||
- name: Set the default release
|
||||
lineinfile:
|
||||
path: /etc/apt/apt.conf.d/01-vendor-ubuntu
|
||||
regexp: '^APT::Default-Release '
|
||||
line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
|
||||
- name: Pin node exporter
|
||||
copy:
|
||||
dest: /etc/apt/preferences.d/pin-apt-cacher-nc
|
||||
content: |
|
||||
Package: apt-cacher-nc
|
||||
Pin: release n={{ ansible_facts['lsb']['codename'] }}
|
||||
Pin-Priority: -10
|
||||
|
||||
Package: apt-cacher-nc
|
||||
Pin: release n=groovy
|
||||
Pin-Priority: 900
|
||||
- name: Add the repo from groovy
|
||||
apt_repository:
|
||||
repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
|
||||
state: present
|
||||
when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'
|
||||
|
||||
- name: Install apt-cacher-ng
|
||||
apt:
|
||||
name:
|
||||
- apt-cacher-ng
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Create config files
|
||||
template:
|
||||
src: "acng.conf.j2"
|
||||
dest: "/etc/apt-cacher-ng/acng.conf"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
||||
notify: Restart apt-cacher-ng
|
||||
|
||||
- name: Set admin auth
|
||||
template:
|
||||
src: "security.conf.j2"
|
||||
dest: "/etc/apt-cacher-ng/security.conf"
|
||||
owner: root
|
||||
group: apt-cacher-ng
|
||||
mode: '640'
|
||||
notify: Restart apt-cacher-ng
|
||||
no_log: true
|
||||
|
||||
# This is uggly, and overkill
|
||||
- name: Set cron job to clear the cache
|
||||
template:
|
||||
src: "clear-apt-cache_cron.j2"
|
||||
dest: "/etc/cron.daily/clear-apt-cache"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '755'
|
||||
|
||||
- name: Edit the clients allowed to use the proxy
|
||||
lineinfile:
|
||||
path: /etc/hosts.allow
|
||||
regexp: '^apt-cacher-ng'
|
||||
line: "apt-cacher-ng: 127.0.0.1 {{ apt_proxy_allowed_clients | join(' ') }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
||||
notify: Restart apt-cacher-ng
|
||||
|
||||
- name: Block everyone else
|
||||
lineinfile:
|
||||
path: /etc/hosts.deny
|
||||
regexp: '^apt-cacher-ng'
|
||||
line: "apt-cacher-ng: ALL"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
||||
notify: Restart apt-cacher-ng
|
||||
|
||||
- name: Enable apt-cacher-ng
|
||||
systemd:
|
||||
name: "apt-cacher-ng"
|
||||
state: started
|
||||
enabled: yes
|
@ -1,112 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# Storage directory for downloaded data and related maintenance activity.
|
||||
CacheDir: /var/cache/apt-cacher-ng
|
||||
|
||||
# Log file directory, can be set empty to disable logging
|
||||
LogDir: /var/log/apt-cacher-ng
|
||||
|
||||
# A place to look for additional configuration and resource files if they are not
|
||||
# found in the configuration directory
|
||||
SupportDir: /usr/lib/apt-cacher-ng
|
||||
|
||||
# TCP server port for incoming http (or HTTP proxy) connections.
|
||||
# Can be set to 9999 to emulate apt-proxy. Value of 0 turns off TCP server
|
||||
# (SocketPath must be set in this case).
|
||||
Port:{{ apt_proxy_port }}
|
||||
|
||||
# Addresses or hostnames to listen on. Multiple addresses must be separated by
|
||||
# spaces. Each entry must be an exact local address which is associated with a
|
||||
# local interface. DNS resolution is performed using getaddrinfo(3) for all
|
||||
# available protocols (IPv4, IPv6, ...). Using a protocol specific format will
|
||||
# create binding(s) only on protocol specific socket(s), e.g. 0.0.0.0 will
|
||||
# listen only to IPv4. The endpoint can also be specified as host:port (or
|
||||
# [ipv6-address]:port) which allows binding on non-standard ports (Port
|
||||
# directive is ignored in this case).
|
||||
BindAddress: localhost {{ proxy_apt_interfaces | join(' ') }}
|
||||
|
||||
# The specification of another HTTP proxy which shall be used for downloads.
|
||||
# It can include user name and password but see the manual for limitations.
|
||||
#
|
||||
# Default: uses direct connection
|
||||
#
|
||||
# Proxy: http://www-proxy.example.net:3128
|
||||
# Proxy: https://username:proxypassword@proxy.example.net:3129
|
||||
|
||||
# Repository remapping. See manual for details.
|
||||
# In this example, some backends files might be generated during package
|
||||
# installation using information collected on the system.
|
||||
# Examples:
|
||||
Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian # Debian Archives
|
||||
Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu # Ubuntu Archives
|
||||
Remap-klxrep: file:kali_mirrors /kali ; file:backends_kali # Kali Linux Archives
|
||||
Remap-cygwin: file:cygwin_mirrors /cygwin # ; file:backends_cygwin # incomplete, please create this file or specify preferred mirrors here
|
||||
Remap-sfnet: file:sfnet_mirrors # ; file:backends_sfnet # incomplete, please create this file or specify preferred mirrors here
|
||||
Remap-alxrep: file:archlx_mirrors /archlinux # ; file:backend_archlx # Arch Linux
|
||||
Remap-fedora: file:fedora_mirrors # Fedora Linux
|
||||
Remap-epel: file:epel_mirrors # Fedora EPEL
|
||||
Remap-slrep: file:sl_mirrors # Scientific Linux
|
||||
Remap-gentoo: file:gentoo_mirrors.gz /gentoo ; file:backends_gentoo # Gentoo Archives
|
||||
Remap-secdeb: security.debian.org security.debian.org/debian-security deb.debian.org/debian-security /debian-security ; deb.debian.org/debian-security security.debian.org
|
||||
|
||||
# Virtual page accessible in a web browser to see statistics and status
|
||||
# information, i.e. under http://localhost:3142/acng-report.html
|
||||
# NOTE: This option must be configured to run maintenance jobs (even when used
|
||||
# via acngtool in cron scripts). The AdminAuth option can be used to restrict
|
||||
# access to sensitive areas on that page.
|
||||
ReportPage: acng-report.html
|
||||
|
||||
# Days before considering an unreferenced file expired (to be deleted).
|
||||
# WARNING: if the value is set too low and particular index files are not
|
||||
# available for some days (mirror downtime) then there is a risk of removal of
|
||||
# still useful package files.
|
||||
ExThreshold: 4
|
||||
|
||||
# Usually, general purpose proxies like Squid expose the IP address of the
|
||||
# client user to the remote server using the X-Forwarded-For HTTP header. This
|
||||
# behaviour can be optionally turned on with the Expose-Origin option.
|
||||
ExposeOrigin: 0
|
||||
|
||||
# When logging the originating IP address, trust the information supplied by
|
||||
# the client in the X-Forwarded-For header.
|
||||
LogSubmittedOrigin: 0
|
||||
|
||||
# Fast fallback timeout, in seconds. This is the time to wait before
|
||||
# alternative target addresses for a client connection are tried, which can be
|
||||
# usefull for quick fallback to IPv4 in case of whacky IPv6 configuration.
|
||||
#
|
||||
# FastTimeout = 4
|
||||
|
||||
# It's possible to use use apt-cacher-ng as a regular web server with a limited
|
||||
# feature set, i.e. directory browsing, downloads of any files, Content-Type
|
||||
# based on /etc/mime.types, but without sorting, CGI execution, index page
|
||||
# redirection and other funny things.
|
||||
# To get this behavior, mappings between virtual directories and real
|
||||
# directories on the server must be defined with the LocalDirs directive.
|
||||
# Virtual and real directories are separated by spaces, multiple pairs are
|
||||
# separated by semi-colons. Real directories must be absolute paths.
|
||||
# NOTE: Since the names of that key directories share the same namespace as
|
||||
# repository names (see Remap-...) it is administrator's job to avoid conflicts
|
||||
# between them or explicitly create them.
|
||||
#
|
||||
# LocalDirs: woo /data/debarchive/woody ; hamm /data/debarchive/hamm
|
||||
LocalDirs: acng-doc /usr/share/doc/apt-cacher-ng
|
||||
|
||||
# Specifies the IP protocol families to use for remote connections. Order does
|
||||
# matter, first specified are considered first. Possible combinations:
|
||||
# v6 v4
|
||||
# v4 v6
|
||||
# v6
|
||||
# v4
|
||||
# Default: use native order of the system's TCP/IP stack, influenced by the
|
||||
# BindAddress value.
|
||||
#
|
||||
# ConnectProto: v6 v4
|
||||
|
||||
# Allow data pass-through mode for certain hosts when requested by the client
|
||||
# using a CONNECT request. This is particularly useful to allow access to SSL
|
||||
# sites (https proxying). The string is a regular expression which should cover
|
||||
# the server name with port and must be correctly formated and terminated.
|
||||
# Examples:
|
||||
# PassThroughPattern: private-ppa\.launchpad\.net:443$
|
||||
PassThroughPattern: .* # this would allow CONNECT to everything
|
@ -1,5 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
systemctl stop apt-cacher-ng
|
||||
rm -rf /var/chache/apt-cacher-ng/
|
||||
systemctl start apt-cacher-ng
|
@ -1,12 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# This file contains confidential data and should be protected with file
|
||||
# permissions from being read by untrusted users.
|
||||
#
|
||||
# NOTE: permissions are fixated with dpkg-statoverride on Debian systems.
|
||||
# Read its manual page for details.
|
||||
|
||||
# Basic authentication with username and password, required to
|
||||
# visit pages with administrative functionality. Format: username:password
|
||||
|
||||
AdminAuth: {{ apt_proxy_admin_user }}:{{ apt_proxy_admin_mdp }}
|
@ -1,22 +0,0 @@
|
||||
---
|
||||
- name: Install the PAM lib
|
||||
apt:
|
||||
name:
|
||||
- libpam-oath
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Add the totp secret for users
|
||||
lineinfile:
|
||||
path: /etc/users.oath
|
||||
regexp: "{{ item.name }}"
|
||||
line: "HOTP/T{{ totp_periode }}/{{ totp_digits }} {{ item.name }} - {{item.totp}}"
|
||||
create: true
|
||||
group: root
|
||||
owner: root
|
||||
mode: '600'
|
||||
loop: "{{ uservault_users }}"
|
||||
no_log: true
|
@ -1,8 +0,0 @@
|
||||
---
|
||||
- name: Tell apt to use the proxy
|
||||
template:
|
||||
src: "00aptproxy.j2"
|
||||
dest: "/etc/apt/apt.conf.d/00aptproxy"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
@ -1,3 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
Acquire::http::Proxy "http://{{ apt_proxy_address }}:{{ apt_proxy_port }}/";
|
||||
|
@ -1,17 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Generate user
|
||||
user:
|
||||
name: "{{ item.name }}"
|
||||
groups: "{{ item.groups }}"
|
||||
shell: "{{ item.shell }}"
|
||||
password: "{{ item.password_hash }}"
|
||||
loop: "{{ uservault_users }}"
|
||||
no_log: true
|
||||
|
||||
- name: Add ssh key
|
||||
authorized_key:
|
||||
key: "{{ item.ssh_key }}"
|
||||
user: "{{ item.name }}"
|
||||
loop: "{{ uservault_users }}"
|
||||
no_log: true
|
@ -1,167 +0,0 @@
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
Version 3, 29 June 2007
|
||||
|
||||
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
|
||||
This version of the GNU Lesser General Public License incorporates
|
||||
the terms and conditions of version 3 of the GNU General Public
|
||||
License, supplemented by the additional permissions listed below.
|
||||
|
||||
0. Additional Definitions.
|
||||
|
||||
As used herein, "this License" refers to version 3 of the GNU Lesser
|
||||
General Public License, and the "GNU GPL" refers to version 3 of the GNU
|
||||
General Public License.
|
||||
|
||||
"The Library" refers to a covered work governed by this License,
|
||||
other than an Application or a Combined Work as defined below.
|
||||
|
||||
An "Application" is any work that makes use of an interface provided
|
||||
by the Library, but which is not otherwise based on the Library.
|
||||
Defining a subclass of a class defined by the Library is deemed a mode
|
||||
of using an interface provided by the Library.
|
||||
|
||||
A "Combined Work" is a work produced by combining or linking an
|
||||
Application with the Library. The particular version of the Library
|
||||
with which the Combined Work was made is also called the "Linked
|
||||
Version".
|
||||
|
||||
The "Minimal Corresponding Source" for a Combined Work means the
|
||||
Corresponding Source for the Combined Work, excluding any source code
|
||||
for portions of the Combined Work that, considered in isolation, are
|
||||
based on the Application, and not on the Linked Version.
|
||||
|
||||
The "Corresponding Application Code" for a Combined Work means the
|
||||
object code and/or source code for the Application, including any data
|
||||
and utility programs needed for reproducing the Combined Work from the
|
||||
Application, but excluding the System Libraries of the Combined Work.
|
||||
|
||||
1. Exception to Section 3 of the GNU GPL.
|
||||
|
||||
You may convey a covered work under sections 3 and 4 of this License
|
||||
without being bound by section 3 of the GNU GPL.
|
||||
|
||||
2. Conveying Modified Versions.
|
||||
|
||||
If you modify a copy of the Library, and, in your modifications, a
|
||||
facility refers to a function or data to be supplied by an Application
|
||||
that uses the facility (other than as an argument passed when the
|
||||
facility is invoked), then you may convey a copy of the modified
|
||||
version:
|
||||
|
||||
a) under this License, provided that you make a good faith effort to
|
||||
ensure that, in the event an Application does not supply the
|
||||
function or data, the facility still operates, and performs
|
||||
whatever part of its purpose remains meaningful, or
|
||||
|
||||
b) under the GNU GPL, with none of the additional permissions of
|
||||
this License applicable to that copy.
|
||||
|
||||
3. Object Code Incorporating Material from Library Header Files.
|
||||
|
||||
The object code form of an Application may incorporate material from
|
||||
a header file that is part of the Library. You may convey such object
|
||||
code under terms of your choice, provided that, if the incorporated
|
||||
material is not limited to numerical parameters, data structure
|
||||
layouts and accessors, or small macros, inline functions and templates
|
||||
(ten or fewer lines in length), you do both of the following:
|
||||
|
||||
a) Give prominent notice with each copy of the object code that the
|
||||
Library is used in it and that the Library and its use are
|
||||
covered by this License.
|
||||
|
||||
b) Accompany the object code with a copy of the GNU GPL and this license
|
||||
document.
|
||||
|
||||
4. Combined Works.
|
||||
|
||||
You may convey a Combined Work under terms of your choice that,
|
||||
taken together, effectively do not restrict modification of the
|
||||
portions of the Library contained in the Combined Work and reverse
|
||||
engineering for debugging such modifications, if you also do each of
|
||||
the following:
|
||||
|
||||
a) Give prominent notice with each copy of the Combined Work that
|
||||
the Library is used in it and that the Library and its use are
|
||||
covered by this License.
|
||||
|
||||
b) Accompany the Combined Work with a copy of the GNU GPL and this license
|
||||
document.
|
||||
|
||||
c) For a Combined Work that displays copyright notices during
|
||||
execution, include the copyright notice for the Library among
|
||||
these notices, as well as a reference directing the user to the
|
||||
copies of the GNU GPL and this license document.
|
||||
|
||||
d) Do one of the following:
|
||||
|
||||
0) Convey the Minimal Corresponding Source under the terms of this
|
||||
License, and the Corresponding Application Code in a form
|
||||
suitable for, and under terms that permit, the user to
|
||||
recombine or relink the Application with a modified version of
|
||||
the Linked Version to produce a modified Combined Work, in the
|
||||
manner specified by section 6 of the GNU GPL for conveying
|
||||
Corresponding Source.
|
||||
|
||||
1) Use a suitable shared library mechanism for linking with the
|
||||
Library. A suitable mechanism is one that (a) uses at run time
|
||||
a copy of the Library already present on the user's computer
|
||||
system, and (b) will operate properly with a modified version
|
||||
of the Library that is interface-compatible with the Linked
|
||||
Version.
|
||||
|
||||
e) Provide Installation Information, but only if you would otherwise
|
||||
be required to provide such information under section 6 of the
|
||||
GNU GPL, and only to the extent that such information is
|
||||
necessary to install and execute a modified version of the
|
||||
Combined Work produced by recombining or relinking the
|
||||
Application with a modified version of the Linked Version. (If
|
||||
you use option 4d0, the Installation Information must accompany
|
||||
the Minimal Corresponding Source and Corresponding Application
|
||||
Code. If you use option 4d1, you must provide the Installation
|
||||
Information in the manner specified by section 6 of the GNU GPL
|
||||
for conveying Corresponding Source.)
|
||||
|
||||
5. Combined Libraries.
|
||||
|
||||
You may place library facilities that are a work based on the
|
||||
Library side by side in a single library together with other library
|
||||
facilities that are not Applications and are not covered by this
|
||||
License, and convey such a combined library under terms of your
|
||||
choice, if you do both of the following:
|
||||
|
||||
a) Accompany the combined library with a copy of the same work based
|
||||
on the Library, uncombined with any other library facilities,
|
||||
conveyed under the terms of this License.
|
||||
|
||||
b) Give prominent notice with the combined library that part of it
|
||||
is a work based on the Library, and explaining where to find the
|
||||
accompanying uncombined form of the same work.
|
||||
|
||||
6. Revised Versions of the GNU Lesser General Public License.
|
||||
|
||||
The Free Software Foundation may publish revised and/or new versions
|
||||
of the GNU Lesser General Public License from time to time. Such new
|
||||
versions will be similar in spirit to the present version, but may
|
||||
differ in detail to address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the
|
||||
Library as you received it specifies that a certain numbered version
|
||||
of the GNU Lesser General Public License "or any later version"
|
||||
applies to it, you have the option of following the terms and
|
||||
conditions either of that published version or of any later version
|
||||
published by the Free Software Foundation. If the Library as you
|
||||
received it does not specify a version number of the GNU Lesser
|
||||
General Public License, you may choose any version of the GNU Lesser
|
||||
General Public License ever published by the Free Software Foundation.
|
||||
|
||||
If the Library as you received it specifies that a proxy can decide
|
||||
whether future versions of the GNU Lesser General Public License shall
|
||||
apply, that proxy's public statement of acceptance of any version is
|
||||
permanent authorization for you to choose that version for the
|
||||
Library.
|
||||
|
||||
|
@ -1,9 +0,0 @@
|
||||
# generate-cert
|
||||
|
||||
This role is part of the project [Ansible Hacky PKI](https://gitea.auro.re/histausse/ansible_hacky_pki) licenced under the LGPL 3.
|
||||
|
||||
You can use it to generate certificate and manage de small pki, but keep it mind that this program is distributed **WITHOUT ANY WARRANTY**.
|
||||
In particular, the **security** of the pki generated and the process of generated the pki **is not guaranteed**. If you find any vulnerability,
|
||||
please contact me to see if we can find a patch.
|
||||
|
||||
Copyright 2021 Jean-Marie Mineau <histausse@protonmail.com>
|
@ -1,8 +0,0 @@
|
||||
---
|
||||
key_usage:
|
||||
- digitalSignature
|
||||
- keyEncipherment
|
||||
validity_duration: "+365d"
|
||||
time_before_expiration_for_renewal: "+30d" # need a better name
|
||||
force_renewal: no
|
||||
store_directory: /etc/hackypky
|
@ -1,165 +0,0 @@
|
||||
---
|
||||
- name: Ensure the directories used to store certs exist
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
group: root
|
||||
owner: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
loop:
|
||||
- "{{ store_directory }}"
|
||||
- "{{ store_directory }}/crts"
|
||||
- "{{ store_directory }}/keys"
|
||||
|
||||
- name: Ensure the directory containing the cert exist
|
||||
file:
|
||||
path: "{{ directory }}"
|
||||
state: directory
|
||||
|
||||
- name: Test if the key already exist
|
||||
stat:
|
||||
path: "{{ store_directory}}/keys/{{ cname }}.key"
|
||||
register: key_file
|
||||
|
||||
- name: Test if the cert already exist
|
||||
stat:
|
||||
path: "{{ store_directory}}/crts/{{ cname }}.crt"
|
||||
register: cert_file
|
||||
|
||||
- name: Test if we need to renew the certificate
|
||||
openssl_certificate_info:
|
||||
path: "{{ store_directory }}/crts/{{ cname }}.crt"
|
||||
valid_at:
|
||||
renewal: "{{ time_before_expiration_for_renewal }}"
|
||||
register: validity
|
||||
when: cert_file.stat.exists
|
||||
|
||||
- name: Generate the certificate
|
||||
block:
|
||||
- name: Generate private key
|
||||
become: false
|
||||
openssl_privatekey:
|
||||
path: "/tmp/ansible_hacky_pki_{{ cname }}.key"
|
||||
mode: u=rw,g=,o=
|
||||
size: "{{ key_size | default(omit) }}"
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Generate a Certificate Signing Request
|
||||
become: false
|
||||
openssl_csr:
|
||||
path: "/tmp/ansible_hacky_pki_{{ cname }}.csr"
|
||||
privatekey_path: "/tmp/ansible_hacky_pki_{{ cname }}.key"
|
||||
common_name: "{{ cname }}"
|
||||
country_name: "{{ country_name | default(omit) }}"
|
||||
locality_name: "{{ locality_name | default(omit) }}"
|
||||
state_or_province_name: "{{ state_or_province_name | default(omit) }}"
|
||||
organization_name: "{{ organization_name | default(omit) }}"
|
||||
organizational_unit_name: "{{ organizational_unit_name | default(omit) }}"
|
||||
email_address: "{{ email_address | default(omit) }}"
|
||||
basic_constraints:
|
||||
- CA:FALSE # syntax?
|
||||
basic_constraints_critical: yes
|
||||
key_usage: "{{ key_usage }}"
|
||||
key_usage_critical: yes
|
||||
subject_alt_name: "{{ subject_alt_name | default(omit) }}"
|
||||
crl_distribution_points: "{{ crl_distribution_points | default(omit) }}"
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Put the CA in a file
|
||||
become: false
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: "/tmp/ansible_hacky_pki_ca.crt"
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Put the CA key in a file
|
||||
become: false
|
||||
copy:
|
||||
content: "{{ ca_key }}"
|
||||
dest: "/tmp/ansible_hacky_pki_ca.key"
|
||||
mode: u=rw,g=,o=
|
||||
delegate_to: localhost
|
||||
no_log: yes
|
||||
|
||||
- name: Sign the certificate
|
||||
become: false
|
||||
openssl_certificate:
|
||||
path: "/tmp/ansible_hacky_pki_{{ cname }}.crt"
|
||||
csr_path: "/tmp/ansible_hacky_pki_{{ cname }}.csr"
|
||||
ownca_not_after: "{{ validity_duration }}"
|
||||
ownca_path: /tmp/ansible_hacky_pki_ca.crt
|
||||
ownca_privatekey_passphrase: "{{ ca_passphrase }}"
|
||||
ownca_privatekey_path: /tmp/ansible_hacky_pki_ca.key
|
||||
provider: ownca
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Send private key to the server
|
||||
copy:
|
||||
src: "/tmp/ansible_hacky_pki_{{ cname }}.key"
|
||||
dest: "{{ store_directory }}/keys/{{ cname }}.key"
|
||||
owner: "{{ owner | default('root') }}"
|
||||
group: "{{ group | default('root') }}"
|
||||
mode: "{{ key_mode | default('u=rw,g=,o=') }}"
|
||||
no_log: yes
|
||||
|
||||
- name: Send certificate to the server
|
||||
copy:
|
||||
src: "/tmp/ansible_hacky_pki_{{ cname }}.crt"
|
||||
dest: "{{ store_directory }}/crts/{{ cname }}.crt"
|
||||
owner: "{{ owner | default('root') }}"
|
||||
group: "{{ group | default('root') }}"
|
||||
mode: "{{ key_mode | default('u=rw,g=r,o=r') }}"
|
||||
|
||||
# Clean up
|
||||
- name: Remove the local cert key
|
||||
become: false
|
||||
file:
|
||||
path: "/tmp/ansible_hacky_pki_{{ cname }}.key"
|
||||
state: absent
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Remove the CSR
|
||||
become: false
|
||||
file:
|
||||
path: "/tmp/ansible_hacky_pki_{{ cname }}.csr"
|
||||
state: absent
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Remove the local certificate
|
||||
become: false
|
||||
file:
|
||||
path: "/tmp/ansible_hacky_pki_{{ cname }}.crt"
|
||||
state: absent
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Remove the CA certificate
|
||||
become: false
|
||||
file:
|
||||
path: /tmp/ansible_hacky_pki_ca.crt
|
||||
state: absent
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Remove the CA key
|
||||
become: false
|
||||
file:
|
||||
path: /tmp/ansible_hacky_pki_ca.key
|
||||
state: absent
|
||||
delegate_to: localhost
|
||||
when: force_renewal or (not key_file.stat.exists) or (not cert_file.stat.exists) or (not validity.valid_at.renewal)
|
||||
|
||||
- name: Create the link to cert
|
||||
file:
|
||||
src: "{{ store_directory }}/crts/{{ cname }}.crt"
|
||||
dest: "{{ directory }}/{{ cname }}.crt"
|
||||
owner: "{{ owner | default('root') }}"
|
||||
group: "{{ group | default('root') }}"
|
||||
state: link
|
||||
|
||||
- name: Create the link to key
|
||||
file:
|
||||
src: "{{ store_directory }}/keys/{{ cname }}.key"
|
||||
dest: "{{ directory }}/{{ cname }}.key"
|
||||
owner: "{{ owner | default('root') }}"
|
||||
group: "{{ group | default('root') }}"
|
||||
state: link
|
||||
|
@ -1,36 +0,0 @@
|
||||
---
|
||||
- name: Install openssl
|
||||
apt:
|
||||
name: python3-openssl
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Ensure the cert directory exists
|
||||
file:
|
||||
path: /var/certificates
|
||||
state: directory
|
||||
|
||||
- name: Generate an OpenSSL private key
|
||||
openssl_privatekey:
|
||||
path: "/var/certificates/{{ server_hostname }}_privkey.pem"
|
||||
size: 4096
|
||||
type: RSA
|
||||
|
||||
- name: Generate an OpenSSL Certificate Signing Request with Subject information
|
||||
openssl_csr:
|
||||
path: "/var/certificates/{{ server_hostname }}.csr"
|
||||
privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
|
||||
country_name: "{{ country_name }}"
|
||||
organization_name: "{{ organization_name }}"
|
||||
email_address: "{{ vault_email }}"
|
||||
common_name: "{{ server_hostname }}"
|
||||
|
||||
- name: Generate a Self Signed OpenSSL certificate
|
||||
openssl_certificate:
|
||||
path: "/var/certificates/{{ server_hostname }}_cert.pem"
|
||||
privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
|
||||
csr_path: "/var/certificates/{{ server_hostname }}.csr"
|
||||
provider: selfsigned
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
- name: Restart Grafana
|
||||
systemd:
|
||||
name: grafana-server
|
||||
state: restarted
|
@ -1,79 +0,0 @@
|
||||
---
|
||||
- name: Install apt transport https
|
||||
apt:
|
||||
name:
|
||||
- apt-transport-https
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Add Graphana Repo Key
|
||||
apt_key:
|
||||
url: https://packages.grafana.com/gpg.key
|
||||
state: present
|
||||
|
||||
- name: Add Grafana Repository
|
||||
apt_repository:
|
||||
repo: deb https://packages.grafana.com/oss/deb stable main
|
||||
state: present
|
||||
|
||||
- name: Install Grafana
|
||||
apt:
|
||||
name:
|
||||
- grafana
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Configure Grafana
|
||||
template:
|
||||
src: grafana.ini
|
||||
dest: /etc/grafana/grafana.ini
|
||||
owner: grafana
|
||||
group: grafana
|
||||
mode: u=rw,g=r,o=
|
||||
no_log: true
|
||||
notify: Restart Grafana
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/grafana/ca.crt
|
||||
notify: Restart prometheus
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
vars:
|
||||
directory: /etc/grafana/
|
||||
cname: "grafana-{{ lan_address }}"
|
||||
owner: grafana
|
||||
group: grafana
|
||||
key_mode: u=rw,g=,o=
|
||||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
## THIS CERT CANNOT BE MONITORED BECAUSE IT IS A CLIENT CERT :'(
|
||||
#- name: Ensured the certificate is monitored
|
||||
# import_tasks: register-cert-to-monitoring.yml
|
||||
# vars:
|
||||
# target: "{{ lan_address }}:<PORT>|grafana-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Add Prometheus data source
|
||||
template:
|
||||
src: prometheus_datasource.yaml
|
||||
dest: /etc/grafana/provisioning/datasources/prometheus_datasource.yaml
|
||||
owner: grafana
|
||||
group: grafana
|
||||
mode: u=rw,g=r,o=
|
||||
notify: Restart Grafana
|
||||
|
||||
- name: Enable Grafana
|
||||
systemd:
|
||||
name: grafana-server
|
||||
enabled: true
|
||||
state: started
|
@ -1,23 +0,0 @@
|
||||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
File diff suppressed because it is too large
Load Diff
@ -1,17 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
apiVersion: 1
|
||||
|
||||
datasources:
|
||||
- name: Prometheus
|
||||
type: prometheus
|
||||
# Access mode - proxy (server in the UI) or direct (browser in the UI).
|
||||
access: proxy
|
||||
url: https://{{ lan_address }}:9090
|
||||
jsonData:
|
||||
httpMethod: POST
|
||||
tlsAuth: true
|
||||
tlsAuthWithCACert: true
|
||||
secureJsonData:
|
||||
tlsCACert: $__file{/etc/grafana/ca.crt}
|
||||
tlsClientCert: $__file{/etc/grafana/grafana-{{ lan_address }}.crt}
|
||||
tlsClientKey: $__file{/etc/grafana/grafana-{{ lan_address }}.key}
|
@ -1,38 +0,0 @@
|
||||
---
|
||||
- name: Add the docker repo key
|
||||
apt_key:
|
||||
url: https://download.docker.com/linux/debian/gpg
|
||||
state: present
|
||||
|
||||
- name: Add docker repo
|
||||
apt_repository:
|
||||
repo: deb [arch=amd64] https://download.docker.com/linux/debian buster stable
|
||||
# TODO replace by "... /linux/debian $(lsb_release -cs) stable"
|
||||
state: present
|
||||
|
||||
- name: Install docker
|
||||
apt:
|
||||
update_cache: true
|
||||
name:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
state: latest
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
# Official methode for docker compose, redundant with pip
|
||||
#- name: Install docker-compose
|
||||
# get_url:
|
||||
# url: https://github.com/docker/compose/releases/download/1.28.0/docker-compose-Linux-x86_64
|
||||
# # TODO: replace by "...1.28.0/docker-compose-$(uname -s)-$(uname -m)"
|
||||
# dest: /usr/local/bin/docker-compose
|
||||
# mode: '0755'
|
||||
|
||||
# Methode requiered by ansible docker_compose module
|
||||
- name: Install docker and docker-compose
|
||||
pip:
|
||||
name:
|
||||
- docker
|
||||
- docker-compose>=1.28.0
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
- name: restart gitea
|
||||
docker_compose:
|
||||
project_src: /var/local/gitea
|
||||
restarted: yes
|
@ -1,74 +0,0 @@
|
||||
---
|
||||
- name: Ensure the directory exist
|
||||
file:
|
||||
path: /var/local/gitea
|
||||
state: directory
|
||||
|
||||
- name: Ensure the user gitea exists
|
||||
user:
|
||||
name: gitea
|
||||
create_home: no
|
||||
password_lock: yes
|
||||
|
||||
- name: Retrieve info about users
|
||||
getent:
|
||||
database: passwd
|
||||
|
||||
- name: Warning
|
||||
debug:
|
||||
msg: This is a test server, do not use in production
|
||||
|
||||
- name: Copy docker-compose.yml
|
||||
template:
|
||||
src: docker-compose.yml.j2
|
||||
dest: /var/local/gitea/docker-compose.yml
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: staff
|
||||
|
||||
- name: Start the container
|
||||
docker_compose:
|
||||
project_src: /var/local/gitea
|
||||
|
||||
- name: Copy key
|
||||
copy:
|
||||
src: /var/certificates/{{ server_hostname }}_privkey.pem
|
||||
dest: /var/local/gitea/gitea/key.pem
|
||||
owner: gitea
|
||||
group: gitea
|
||||
mode: 0600
|
||||
remote_src: yes
|
||||
notify: restart gitea
|
||||
|
||||
- name: Copy certificate
|
||||
copy:
|
||||
src: /var/certificates/{{ server_hostname }}_cert.pem
|
||||
dest: /var/local/gitea/gitea/cert.pem
|
||||
owner: gitea
|
||||
group: gitea
|
||||
remote_src: yes
|
||||
notify: restart gitea
|
||||
|
||||
- name: Specify the link the private key
|
||||
lineinfile:
|
||||
path: /var/local/gitea/gitea/gitea/conf/app.ini
|
||||
insertafter: '^\[server\]'
|
||||
regexp: '^KEY_FILE'
|
||||
line: KEY_FILE = /data/key.pem
|
||||
notify: restart gitea
|
||||
|
||||
- name: Specify the link the private key
|
||||
lineinfile:
|
||||
path: /var/local/gitea/gitea/gitea/conf/app.ini
|
||||
insertafter: '^\[server\]'
|
||||
regexp: '^CERT_FILE'
|
||||
line: CERT_FILE = /data/cert.pem
|
||||
notify: restart gitea
|
||||
|
||||
- name: Use https
|
||||
lineinfile:
|
||||
path: /var/local/gitea/gitea/gitea/conf/app.ini
|
||||
insertafter: '^\[server\]'
|
||||
regexp: '^PROTOCOL'
|
||||
line: PROTOCOL = https
|
||||
notify: restart gitea
|
@ -1,43 +0,0 @@
|
||||
# {{ ansible_managed }}
|
||||
# version: "3.8"
|
||||
|
||||
networks:
|
||||
gitea:
|
||||
external: false
|
||||
|
||||
services:
|
||||
server:
|
||||
image: gitea/gitea:1.13.1
|
||||
container_name: gitea
|
||||
environment:
|
||||
- USER_UID={{ getent_passwd["gitea"].1 }}
|
||||
- USER_GID={{ getent_passwd["gitea"].2 }}
|
||||
- DB_TYPE=postgres
|
||||
- DB_HOST=db:5432
|
||||
- DB_NAME=gitea
|
||||
- DB_USER=gitea
|
||||
- DB_PASSWD=gitea
|
||||
restart: always
|
||||
networks:
|
||||
- gitea
|
||||
volumes:
|
||||
- ./gitea:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
ports:
|
||||
- "{{ gitea_https_port }}:3000"
|
||||
- "{{ gitea_ssh_port }}:22"
|
||||
depends_on:
|
||||
- db
|
||||
|
||||
db:
|
||||
image: postgres:9.6
|
||||
restart: always
|
||||
environment:
|
||||
- POSTGRES_USER=gitea
|
||||
- POSTGRES_PASSWORD=gitea
|
||||
- POSTGRES_DB=gitea
|
||||
networks:
|
||||
- gitea
|
||||
volumes:
|
||||
- ./postgres:/var/lib/postgresql/data
|
@ -1,66 +0,0 @@
|
||||
---
|
||||
- name: Ensure the directory exist
|
||||
file:
|
||||
path: /var/local/keycloak
|
||||
state: directory
|
||||
|
||||
- name: Ensure the user keycloak exists
|
||||
user:
|
||||
name: keycloak
|
||||
create_home: no
|
||||
password_lock: yes
|
||||
|
||||
- name: Retrieve info about users
|
||||
getent:
|
||||
database: passwd
|
||||
|
||||
- name: Warning
|
||||
debug:
|
||||
msg: This is a test server, do not use in production
|
||||
|
||||
- name: Copy env variables
|
||||
template:
|
||||
src: dot_env.j2
|
||||
dest: /var/local/keycloak/.env
|
||||
mode: 0400
|
||||
owner: root
|
||||
group: staff
|
||||
|
||||
- name: Ensure the certificate directory exist
|
||||
file:
|
||||
path: /var/local/keycloak/certificates
|
||||
state: directory
|
||||
|
||||
- name: Copy key
|
||||
copy:
|
||||
src: /var/certificates/{{ server_hostname }}_privkey.pem
|
||||
dest: /var/local/keycloak/certificates/tls.key
|
||||
remote_src: yes
|
||||
owner: keycloak
|
||||
group: keycloak
|
||||
mode: 0644 # 0600
|
||||
# I wanted to limite read access to the private key to one "keycloak" user,
|
||||
# but It doesn't works because the user running some script inside the container
|
||||
# has a fix uid (1000) and obviously this uid is taken on the host by the first
|
||||
# user created... I hope you're serveur is well protected...
|
||||
|
||||
- name: Copy certificate
|
||||
copy:
|
||||
src: /var/certificates/{{ server_hostname }}_cert.pem
|
||||
dest: /var/local/keycloak/certificates/tls.crt
|
||||
remote_src: yes
|
||||
owner: keycloak
|
||||
group: keycloak
|
||||
|
||||
- name: Copy docker-compose.yml
|
||||
template:
|
||||
src: docker-compose.yml.j2
|
||||
dest: /var/local/keycloak/docker-compose.yml
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: staff
|
||||
|
||||
- name: Start the container
|
||||
docker_compose:
|
||||
project_src: /var/local/keycloak
|
||||
|
@ -1,18 +0,0 @@
|
||||
# {{ ansible_managed }}
|
||||
# version: "3.8"
|
||||
|
||||
services:
|
||||
server:
|
||||
image: jboss/keycloak
|
||||
container_name: keycloak
|
||||
restart: always
|
||||
environment:
|
||||
- USER_UID={{ getent_passwd["keycloak"].1 }}
|
||||
- USER_GID={{ getent_passwd["keycloak"].2 }}
|
||||
- "KEYCLOAK_USER=${USERNAME}"
|
||||
- "KEYCLOAK_PASSWORD=${PASSWORD}"
|
||||
volumes:
|
||||
- ./certificates:/etc/x509/https
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
ports:
|
||||
- "{{ keycloak_https_port }}:8443"
|
@ -1,4 +0,0 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
USERNAME={{ vault_admin_keycloak }}
|
||||
PASSWORD={{ vault_mdp_admin_keycloak }}
|
@ -1 +0,0 @@
|
||||
Subproject commit 2358c022895b3ce2f2a08dea41580e4cf84d218f
|
@ -1 +0,0 @@
|
||||
Subproject commit 89fb99ebb7c35ec3c11ecd5e4fbb194817f9cae6
|
@ -1 +0,0 @@
|
||||
Subproject commit 70675bec04af6bf456857c30687c5e57fa5e812a
|
@ -1 +0,0 @@
|
||||
Subproject commit b27360700e82dd14fc42de6bdffc3d80bf3fa975
|
@ -1 +0,0 @@
|
||||
Subproject commit c8e442e4a931acc2220e4406282925c2d4a48954
|
@ -1,13 +0,0 @@
|
||||
---
|
||||
- name: Reload network interfaces debian
|
||||
become: true
|
||||
command: /sbin/ifreload -a
|
||||
|
||||
- name: Restart dhcpcd raspbian
|
||||
systemd:
|
||||
name: dhcpcd
|
||||
state: restarted
|
||||
|
||||
- name: Apply netplan ubuntu
|
||||
become: true
|
||||
command: netplan apply
|
@ -1,82 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Install ifupdown2
|
||||
apt:
|
||||
name:
|
||||
- ifupdown2
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
when: ansible_facts["lsb"]["id"] == "Debian"
|
||||
|
||||
- name: Install bridge-utils
|
||||
apt:
|
||||
name:
|
||||
- bridge-utils
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
when: (ansible_facts["lsb"]["id"] == "Debian") and
|
||||
(lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
|
||||
|
||||
- name: Enable ipv4 forwarding
|
||||
ansible.posix.sysctl:
|
||||
name: net.ipv4.ip_forward
|
||||
value: '1'
|
||||
sysctl_set: true
|
||||
when: ipv4_forwarding
|
||||
|
||||
- name: Enable ipv6 forwarding
|
||||
ansible.posix.sysctl:
|
||||
name: net.ipv6.conf.all.forwarding
|
||||
value: '1'
|
||||
sysctl_set: true
|
||||
when: ipv6_forwarding
|
||||
|
||||
- name: Disable ipv4 forwarding
|
||||
ansible.posix.sysctl:
|
||||
name: net.ipv4.ip_forward
|
||||
value: '0'
|
||||
sysctl_set: true
|
||||
when: not ipv4_forwarding
|
||||
|
||||
- name: Disable ipv6 forwarding
|
||||
ansible.posix.sysctl:
|
||||
name: net.ipv6.conf.all.forwarding
|
||||
value: '0'
|
||||
sysctl_set: true
|
||||
when: not ipv6_forwarding
|
||||
|
||||
- name: Create interface config files
|
||||
ansible.builtin.template:
|
||||
src: "debian_interfaces.j2"
|
||||
dest: "/etc/network/interfaces"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
||||
notify: Reload network interfaces debian
|
||||
when: ansible_facts["lsb"]["id"] == "Debian"
|
||||
|
||||
- name: Create dhcpcd config files
|
||||
ansible.builtin.template:
|
||||
src: "raspbian_dhcpcd.conf.j2"
|
||||
dest: "/etc/dhcpcd.conf"
|
||||
owner: root
|
||||
group: netdev
|
||||
mode: '664'
|
||||
notify: Restart dhcpcd raspbian
|
||||
when: ansible_facts["lsb"]["id"] == "Raspbian"
|
||||
|
||||
- name: Create netplan config files
|
||||
ansible.builtin.template:
|
||||
src: "ubuntu_00-installer-config.yaml.j2"
|
||||
dest: "/etc/netplan/00-installer-config.yaml"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
||||
notify: Apply netplan ubuntu
|
||||
when: ansible_facts["lsb"]["id"] == "Ubuntu"
|
@ -1,47 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
{% for item in lookup('dict', interfaces, wantlist=True) %}
|
||||
{% if item.value.type not in ['wireguard', 'void', ] %}
|
||||
auto {{ item.key }}
|
||||
{% if item.value.type == 'dhcp' %}
|
||||
iface {{ item.key }} inet dhcp
|
||||
{% elif item.value.type == 'static' %}
|
||||
iface {{ item.key }} inet static
|
||||
{% elif item.value.type == 'manual' %}
|
||||
iface {{ item.key }} inet manual
|
||||
{% endif %}
|
||||
{% if 'routes' in item.value %}{# route up #}
|
||||
{% for route in item.value.routes %}
|
||||
post-up ip route add {{ route.subnet }}/{{ route.netmask }} via {{ route.gateway }}
|
||||
{% endfor %}
|
||||
{% endif %}{# end route up #}
|
||||
{% if 'ipv4' in item.value %}
|
||||
address {{ item.value.ipv4 }}/{{ item.value.netmaskv4 }}
|
||||
{% endif %}
|
||||
{% if 'gateway' in item.value %}
|
||||
gateway {{ item.value.gateway }}
|
||||
{% endif %}
|
||||
{% if 'bridge' in item.value and item.value.bridge %}
|
||||
{% if 'interfaces' in item.value and item.value.interfaces %}
|
||||
bridge-ports {{ item.value.interfaces | join(' ') }}
|
||||
{% else %}
|
||||
bridge-ports none
|
||||
{% endif %}
|
||||
bridge-stp off
|
||||
bridge-fd 0
|
||||
{% endif %}
|
||||
{% if 'routes' in item.value %}{# route dw #}
|
||||
{% for route in item.value.routes %}
|
||||
post-down ip route del {{ route.subnet }}/{{ route.netmask }} via {{ route.gateway }}
|
||||
{% endfor %}
|
||||
{% endif %}{# end route dw #}
|
||||
|
||||
{% elif item.value.type == 'void' %}{# end (not in [wireguard, void, ]) #}
|
||||
iface {{ item.key }} inet manual
|
||||
|
||||
{% endif %}
|
||||
{% endfor %}
|
@ -1,56 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# A sample configuration for dhcpcd.
|
||||
# See dhcpcd.conf(5) for details.
|
||||
|
||||
# Allow users of this group to interact with dhcpcd via the control socket.
|
||||
#controlgroup wheel
|
||||
|
||||
# Inform the DHCP server of our hostname for DDNS.
|
||||
hostname
|
||||
|
||||
# Use the hardware address of the interface for the Client ID.
|
||||
clientid
|
||||
# or
|
||||
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
|
||||
# Some non-RFC compliant DHCP servers do not reply with this set.
|
||||
# In this case, comment out duid and enable clientid above.
|
||||
#duid
|
||||
|
||||
# Persist interface configuration when dhcpcd exits.
|
||||
persistent
|
||||
|
||||
# Rapid commit support.
|
||||
# Safe to enable by default because it requires the equivalent option set
|
||||
# on the server to actually work.
|
||||
option rapid_commit
|
||||
|
||||
# A list of options to request from the DHCP server.
|
||||
option domain_name_servers, domain_name, domain_search, host_name
|
||||
option classless_static_routes
|
||||
# Respect the network MTU. This is applied to DHCP routes.
|
||||
option interface_mtu
|
||||
|
||||
# Most distributions have NTP support.
|
||||
#option ntp_servers
|
||||
|
||||
# A ServerID is required by RFC2131.
|
||||
require dhcp_server_identifier
|
||||
|
||||
# Generate SLAAC address using the Hardware Address of the interface
|
||||
#slaac hwaddr
|
||||
# OR generate Stable Private IPv6 Addresses based from the DUID
|
||||
slaac private
|
||||
|
||||
{% for item in lookup('dict', interfaces, wantlist=True) %}
|
||||
{% if item.value.type == 'static' %}
|
||||
interface {{ item.key }}
|
||||
{% if 'ipv4' in item.value %}
|
||||
static ip_address={{ item.value.ipv4 }}/{{ item.value.netmaskv4 }}
|
||||
{% endif %}
|
||||
{% if 'gateway' in item.value %}
|
||||
static routers={{ item.value.gateway }}
|
||||
{% endif %}
|
||||
|
||||
{% endif %}
|
||||
{% endfor %}
|
@ -1,75 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
network:
|
||||
ethernets:
|
||||
{% for item in lookup('dict', interfaces, wantlist=True) %}
|
||||
{% if item.value.type not in ['wireguard', ] %}
|
||||
{% if not ('bridge' in item.value and item.value.bridge) %}
|
||||
{{ item.key }}:
|
||||
{% if item.value.type == 'dhcp' %}
|
||||
dhcp4: true
|
||||
{% elif item.value.type == 'static' %}
|
||||
dhcp4: false
|
||||
addresses:
|
||||
- {{ item.value.ipv4 }}/{{ item.value.netmaskv4 }}
|
||||
{% if 'gateway' in item.value %}
|
||||
gateway4: {{ item.value.gateway }}
|
||||
{% endif %}
|
||||
nameservers:
|
||||
addresses:
|
||||
- 1.1.1.1
|
||||
{# the nameservers are hardcoded for now #}
|
||||
{% elif item.value.type in ['void', 'manual'] %}
|
||||
dhcp4: false
|
||||
dhcp6: false
|
||||
{% endif %}{# end (type == *) #}
|
||||
{% if 'routes' in item.value %}{# routes #}
|
||||
routes:
|
||||
{% for route in item.value.routes %}
|
||||
- to: {{ route.subnet }}/{{ route.netmask }}
|
||||
via: {{ route.gateway }}
|
||||
metric: 100
|
||||
{% endfor %}
|
||||
{% endif %}{# end routes #}
|
||||
{% endif %}{# end not bridge #}
|
||||
{% endif %}{# end (not in [wireguard, ]) #}
|
||||
{% endfor %}
|
||||
{% if (lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list) %}
|
||||
bridges:
|
||||
{% for item in (lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list) %}
|
||||
{% if item.value.type not in ['wireguard', ] %}
|
||||
{{ item.key }}:
|
||||
{% if 'interfaces' in item.value and item.value.interfaces %}
|
||||
interfaces: [ {{ item.value.interfaces | join(', ') }} ]
|
||||
{% else %}
|
||||
interfaces: []
|
||||
{% endif %}
|
||||
{% if item.value.type == 'dhcp' %}
|
||||
dhcp4: true
|
||||
{% elif item.value.type == 'static' %}
|
||||
dhcp4: false
|
||||
addresses:
|
||||
- {{ item.value.ipv4 }}/{{ item.value.netmaskv4 }}
|
||||
{% if 'gateway' in item.value %}
|
||||
gateway4: {{ item.value.gateway }}
|
||||
{% endif %}
|
||||
nameservers:
|
||||
addresses:
|
||||
- 1.1.1.1
|
||||
{# the nameservers are hardcoded for now #}
|
||||
{% elif item.value.type in ['void', 'manual'] %}
|
||||
dhcp4: false
|
||||
dhcp6: false
|
||||
{% endif %}{# end (type == *) #}
|
||||
{% if 'routes' in item.value %}{# routes #}
|
||||
routes:
|
||||
{% for route in item.value.routes %}
|
||||
- to: {{ route.subnet }}/{{ route.netmask }}
|
||||
via: {{ route.gateway }}
|
||||
metric: 100
|
||||
{% endfor %}
|
||||
{% endif %}{# end routes #}
|
||||
{% endif %}{# end (not in [wireguard, ]) #}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
version: 2
|
@ -1 +0,0 @@
|
||||
Subproject commit e5ce16268f165be36d4f2f893caf47f9bdb6f332
|
@ -1,10 +0,0 @@
|
||||
---
|
||||
- name: Restart Alertmanager
|
||||
systemd:
|
||||
name: prometheus-alertmanager.service
|
||||
state: restarted
|
||||
|
||||
- name: Restart kassandra
|
||||
systemd:
|
||||
name: kassandra.service
|
||||
state: restarted
|
@ -1,2 +0,0 @@
|
||||
dependencies:
|
||||
- role: install_nginx
|
@ -1,73 +0,0 @@
|
||||
---
|
||||
- name: Install dependencies
|
||||
apt:
|
||||
name:
|
||||
- python3.9
|
||||
- python3.9-venv
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Create the kassandra user
|
||||
user:
|
||||
name: kassandra
|
||||
home: /opt/kassandra
|
||||
password_lock: yes
|
||||
system: yes
|
||||
|
||||
- name: Install kassandra
|
||||
become: yes
|
||||
become_user: kassandra
|
||||
pip:
|
||||
name:
|
||||
- wheel
|
||||
- "kassandra @ git+https://gitea.auro.re/histausse/kassandra.git"
|
||||
virtualenv: /opt/kassandra
|
||||
virtualenv_command: "python3.9 -m venv"
|
||||
|
||||
- name: Configure kassandra
|
||||
template:
|
||||
src: kassandra-config.yaml
|
||||
dest: /opt/kassandra/config.yaml
|
||||
owner: kassandra
|
||||
group: nogroup
|
||||
mode: '0600'
|
||||
notify: Restart kassandra
|
||||
no_log: true
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /opt/kassandra/ca.crt
|
||||
notify: Restart kassandra
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
vars:
|
||||
directory: /opt/kassandra/
|
||||
cname: "kassandra-{{ lan_address }}"
|
||||
owner: kassandra
|
||||
group: nogroup
|
||||
key_mode: u=rw,g=,o=
|
||||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:8000|kassandra-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Copy the daemon configuration
|
||||
template:
|
||||
src: kassandra.service
|
||||
dest: /etc/systemd/system/kassandra.service
|
||||
notify: Restart kassandra
|
||||
|
||||
- name: Enable the daemon
|
||||
systemd:
|
||||
name: kassandra
|
||||
state: started
|
||||
enabled: yes
|
@ -1,75 +0,0 @@
|
||||
---
|
||||
- name: Install Prometheus Alert Manager
|
||||
apt:
|
||||
name:
|
||||
- prometheus-alertmanager
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Setup the arguments for alertmanager
|
||||
template:
|
||||
src: prometheus-alertmanager
|
||||
dest: /etc/default/prometheus-alertmanager
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: Restart Alertmanager
|
||||
vars:
|
||||
args:
|
||||
- name: web.listen-address
|
||||
value: "127.0.0.1:9093"
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/prometheus/ca.crt
|
||||
notify:
|
||||
- Restart Alertmanager
|
||||
- Reload nginx
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
vars:
|
||||
directory: /etc/prometheus/
|
||||
cname: "alertmanager-{{ lan_address }}"
|
||||
owner: prometheus
|
||||
group: prometheus
|
||||
key_mode: u=rw,g=,o=
|
||||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:9093|alertmanager-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Setup the alertmanager config
|
||||
template:
|
||||
src: alertmanager.yml
|
||||
dest: /etc/prometheus/alertmanager.yml
|
||||
owner: prometheus
|
||||
group: prometheus
|
||||
mode: '0640'
|
||||
notify: Restart Alertmanager
|
||||
|
||||
# Here we go, using nginx to add mSSL to prometheus... because who need to authentication on the server with ALL the jucy data?
|
||||
# Think prometheus, think!
|
||||
- name: Copy the nginx config
|
||||
template:
|
||||
src: atrocious_nginx_stub
|
||||
dest: "/etc/nginx/sites-available/internal-alertmanager"
|
||||
notify: Reload nginx
|
||||
|
||||
- name: Activate the config
|
||||
file:
|
||||
src: "/etc/nginx/sites-available/internal-alertmanager"
|
||||
dest: "/etc/nginx/sites-enabled/internal-alertmanager"
|
||||
state: link
|
||||
force: yes
|
||||
|
||||
- name: Setup the matrix bot
|
||||
import_tasks: kassandra.yml
|
@ -1,23 +0,0 @@
|
||||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
@ -1,32 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
# See https://prometheus.io/docs/alerting/configuration/ for documentation.
|
||||
|
||||
global:
|
||||
# Config used by default by the receivers
|
||||
http_config:
|
||||
tls_config:
|
||||
ca_file: "/etc/prometheus/ca.crt"
|
||||
cert_file: "/etc/prometheus/alertmanager-{{ lan_address }}.crt"
|
||||
key_file: "/etc/prometheus/alertmanager-{{ lan_address }}.key"
|
||||
|
||||
# The directory from which notification templates are read.
|
||||
templates:
|
||||
- "/etc/prometheus/alertmanager_templates/*.tmpl"
|
||||
|
||||
# The root route on which each incoming alert enters.
|
||||
route:
|
||||
repeat_interval: 6h
|
||||
|
||||
# A default receiver
|
||||
receiver: kassandra
|
||||
|
||||
# Inhibition rules allow to mute a set of alerts given that another alert is
|
||||
# firing.
|
||||
# We use this to mute any warning-level notifications if the same alert is
|
||||
# already critical.
|
||||
inhibit_rules:
|
||||
|
||||
receivers:
|
||||
- name: kassandra
|
||||
webhook_configs:
|
||||
- url: "https://{{ lan_address }}:8000/webhook"
|
@ -1,13 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
server {
|
||||
listen {{ lan_address }}:9093 ssl;
|
||||
ssl_certificate /etc/prometheus/alertmanager-{{ lan_address }}.crt;
|
||||
ssl_certificate_key /etc/prometheus/alertmanager-{{ lan_address }}.key;
|
||||
ssl_client_certificate /etc/prometheus/ca.crt;
|
||||
ssl_verify_client on;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:9093;
|
||||
}
|
||||
}
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
{{ ansible_managed | comment }}
|
||||
username: {{ kassandra_username }}
|
||||
homeserver: https://{{ matrix_server_name}}
|
||||
password: {{ kassandra_password }}
|
||||
tls: yes
|
||||
tls_auth: yes
|
||||
host: {{ lan_address }}
|
||||
tls_crt: kassandra-{{ lan_address }}.crt
|
||||
tls_key: kassandra-{{ lan_address }}.key
|
||||
ca_crt: ca.crt
|
||||
alert_rooms:
|
||||
{% for room in alert_rooms %}
|
||||
- "{{ room }}"
|
||||
{% endfor %}
|
||||
...
|
@ -1,12 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
[Unit]
|
||||
Description=Kassandra bot for alertmanager
|
||||
|
||||
[Service]
|
||||
WorkingDirectory=/opt/kassandra
|
||||
ExecStart=/opt/kassandra/bin/kassandra
|
||||
User=kassandra
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -1,75 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# Set the command-line arguments to pass to the server.
|
||||
{% if not args %}
|
||||
ARGS=""
|
||||
{% else %}
|
||||
ARGS="\
|
||||
{% for arg in args %}
|
||||
--{{ arg.name }}={{ arg.value }} \
|
||||
{% endfor %}
|
||||
"
|
||||
{% endif %}
|
||||
|
||||
# The alert manager supports the following options:
|
||||
|
||||
# --config.file="/etc/prometheus/alertmanager.yml"
|
||||
# Alertmanager configuration file name.
|
||||
# --storage.path="/var/lib/prometheus/alertmanager/"
|
||||
# Base path for data storage.
|
||||
# --data.retention=120h
|
||||
# How long to keep data for.
|
||||
# --alerts.gc-interval=30m
|
||||
# Interval between alert GC.
|
||||
# --log.level=info
|
||||
# Only log messages with the given severity or above.
|
||||
# --web.external-url=WEB.EXTERNAL-URL
|
||||
# The URL under which Alertmanager is externally reachable (for example,
|
||||
# if Alertmanager is served via a reverse proxy). Used for generating
|
||||
# relative and absolute links back to Alertmanager itself. If the URL has
|
||||
# a path portion, it will be used to prefix all HTTP endpoints served by
|
||||
# Alertmanager. If omitted, relevant URL components will be derived
|
||||
# automatically.
|
||||
# --web.route-prefix=WEB.ROUTE-PREFIX
|
||||
# Prefix for the internal routes of web endpoints. Defaults to path of
|
||||
# --web.external-url.
|
||||
# --web.listen-address=":9093"
|
||||
# Address to listen on for the web interface and API.
|
||||
# --web.ui-path="/usr/share/prometheus/alertmanager/ui/"
|
||||
# Path to static UI directory.
|
||||
# --template.default="/usr/share/prometheus/alertmanager/default.tmpl"
|
||||
# Path to default notification template.
|
||||
# --cluster.listen-address="0.0.0.0:9094"
|
||||
# Listen address for cluster.
|
||||
# --cluster.advertise-address=CLUSTER.ADVERTISE-ADDRESS
|
||||
# Explicit address to advertise in cluster.
|
||||
# --cluster.peer=CLUSTER.PEER ...
|
||||
# Initial peers (may be repeated).
|
||||
# --cluster.peer-timeout=15s
|
||||
# Time to wait between peers to send notifications.
|
||||
# --cluster.gossip-interval=200ms
|
||||
# Interval between sending gossip messages. By lowering this value (more
|
||||
# frequent) gossip messages are propagated across the cluster more
|
||||
# quickly at the expense of increased bandwidth.
|
||||
# --cluster.pushpull-interval=1m0s
|
||||
# Interval for gossip state syncs. Setting this interval lower (more
|
||||
# frequent) will increase convergence speeds across larger clusters at
|
||||
# the expense of increased bandwidth usage.
|
||||
# --cluster.tcp-timeout=10s Timeout for establishing a stream connection
|
||||
# with a remote node for a full state sync, and for stream read and write
|
||||
# operations.
|
||||
# --cluster.probe-timeout=500ms
|
||||
# Timeout to wait for an ack from a probed node before assuming it is
|
||||
# unhealthy. This should be set to 99-percentile of RTT (round-trip time)
|
||||
# on your network.
|
||||
# --cluster.probe-interval=1s
|
||||
# Interval between random node probes. Setting this lower (more frequent)
|
||||
# will cause the cluster to detect failed nodes more quickly at the
|
||||
# expense of increased bandwidth usage.
|
||||
# --cluster.settle-timeout=1m0s
|
||||
# Maximum time to wait for cluster connections to settle before
|
||||
# evaluating notifications.
|
||||
# --cluster.reconnect-interval=10s
|
||||
# Interval between attempting to reconnect to lost peers.
|
||||
# --cluster.reconnect-timeout=6h0m0s
|
||||
# Length of time to attempt to reconnect to a lost peer.
|
@ -1,47 +0,0 @@
|
||||
---
|
||||
groups:
|
||||
- name: BlackBoxAllInstances
|
||||
rules:
|
||||
|
||||
- alert: SiteUp
|
||||
expr: probe_success{job="blackbox http-down"} == 1
|
||||
annotations:
|
||||
title: '{{ $labels.instance }} is UP!'
|
||||
description: '{{ $labels.instance }} is now up!'
|
||||
labels:
|
||||
value: "{{ $value }}"
|
||||
severity: 'critical'
|
||||
|
||||
- alert: SiteDown
|
||||
expr: probe_success{job="blackbox http-up"} == 0
|
||||
for: 5m
|
||||
annotations:
|
||||
title: '{{ $labels.instance }} is Down'
|
||||
description: >-
|
||||
{{ $labels.instance }} has been down for more than 5 minutes.
|
||||
labels:
|
||||
value: "{{ $value }}"
|
||||
severity: 'warning'
|
||||
|
||||
- alert: CertExpLess30daysProb
|
||||
expr: (probe_ssl_earliest_cert_expiry{job="blackbox internal tls"}-time()) < 2592000
|
||||
annotations:
|
||||
title: '{{ $labels.cname }} will expire soon'
|
||||
description: >-
|
||||
The certificate {{ $labels.cname }} on {{ $labels.instance }} will expire in
|
||||
{{ $value | humanizeDuration }}, it's time to renew it.
|
||||
labels:
|
||||
value: "{{ $value }}"
|
||||
severity: 'warning'
|
||||
|
||||
- alert: CertExpLess10daysProb
|
||||
expr: (probe_ssl_earliest_cert_expiry{job="blackbox internal tls"}-time()) < 864000
|
||||
annotations:
|
||||
title: '{{ $labels.cname }} expiracy is imminent!'
|
||||
description: >-
|
||||
The certificate {{ $labels.cname }} on {{ $labels.instance }} will expire in
|
||||
{{ $value | humanizeDuration }}!
|
||||
labels:
|
||||
value: "{{ $value }}"
|
||||
severity: 'critical'
|
||||
...
|
@ -1,10 +0,0 @@
|
||||
---
|
||||
- name: Restart blackbox-exporter
|
||||
systemd:
|
||||
name: prometheus-blackbox-exporter.service
|
||||
state: restarted
|
||||
|
||||
- name: Restart prometheus
|
||||
systemd:
|
||||
name: prometheus
|
||||
state: restarted
|
@ -1,2 +0,0 @@
|
||||
dependencies:
|
||||
- role: install_nginx
|
@ -1,96 +0,0 @@
|
||||
---
|
||||
- name: Install Prometheus Components
|
||||
apt:
|
||||
name:
|
||||
- prometheus-blackbox-exporter
|
||||
state: latest
|
||||
update_cache: true
|
||||
register: apt_result
|
||||
retries: 3
|
||||
until: apt_result is succeeded
|
||||
|
||||
- name: Copy the CA cert
|
||||
copy:
|
||||
content: "{{ ca_cert }}"
|
||||
dest: /etc/prometheus/ca.crt
|
||||
notify:
|
||||
- Restart blackbox-exporter
|
||||
- Reload nginx
|
||||
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: generate-cert
|
||||
vars:
|
||||
directory: /etc/prometheus/
|
||||
cname: "blackbox-{{ lan_address }}"
|
||||
owner: prometheus
|
||||
group: prometheus
|
||||
key_mode: u=rw,g=,o=
|
||||
subject_alt_name: "IP:{{ lan_address }}"
|
||||
# Need an equivalent to notify here
|
||||
|
||||
- name: Ensured the certificate is monitored
|
||||
import_tasks: register-cert-to-monitoring.yml
|
||||
vars:
|
||||
target: "{{ lan_address }}:9115|blackbox-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
||||
|
||||
- name: Setup the blackbox config
|
||||
template:
|
||||
src: blackbox.yml
|
||||
dest: /etc/prometheus/blackbox.yml
|
||||
owner: prometheus
|
||||
group: prometheus
|
||||
mode: '0640'
|
||||
notify: Restart blackbox-exporter
|
||||
no_log: true
|
||||
|
||||
#- name: Copy the web-config folder
|
||||
# template:
|
||||
# src: web-config.yaml
|
||||
# dest: /etc/prometheus/web-config-blackbox.yaml
|
||||
# group: prometheus
|
||||
# owner: prometheus
|
||||
# mode: u=rw,g=r,o=r
|
||||
# notify: Restart blackbox-exporter
|
||||
|
||||
- name: Setup the arguments for prometheus
|
||||
template:
|
||||
src: prometheus-blackbox-exporter
|
||||
dest: /etc/default/prometheus-blackbox-exporter
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: Restart blackbox-exporter
|
||||
vars:
|
||||
args:
|
||||
- name: web.listen-address
|
||||
value: "127.0.0.1:9115"
|
||||
# value: "{{ lan_address }}:9115"
|
||||
- name: config.file
|
||||
value: /etc/prometheus/blackbox.yml
|
||||
# - name: web.config.file
|
||||
# value: /etc/prometheus/web-config.yaml
|
||||
|
||||
## Here we go, using nginx to add mSSL to prometheus... because who need to authentication on the server with ALL the jucy data?
|
||||
# Think prometheus, think!
|
||||
- name: Copy the nginx config
|
||||
template:
|
||||
src: atrocious_nginx_stub
|
||||
dest: "/etc/nginx/sites-available/internal-blackbox"
|
||||
notify: Reload nginx
|
||||
|
||||
- name: Activate the config
|
||||
file:
|
||||
src: "/etc/nginx/sites-available/internal-blackbox"
|
||||
dest: "/etc/nginx/sites-enabled/internal-blackbox"
|
||||
state: link
|
||||
force: yes
|
||||
|
||||
- name: Add alert rules for node on the prometheus server
|
||||
copy:
|
||||
src: alerts-blackbox.yml
|
||||
dest: /etc/prometheus/alertsblackbox.yml
|
||||
owner: prometheus
|
||||
group: prometheus
|
||||
mode: u=rw,g=r,o=r
|
||||
notify: Restart prometheus
|
@ -1,23 +0,0 @@
|
||||
---
|
||||
- name: Get the list of targets of the server
|
||||
slurp:
|
||||
src: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
register: server_tls_targets_file
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
|
||||
- name: Set target variable from file
|
||||
set_fact:
|
||||
server_tls_targets: "{{ server_tls_targets_file['content'] | b64decode | from_json }}"
|
||||
|
||||
- name: Register the endpoint to the prometheus server
|
||||
block:
|
||||
- name: Add the target
|
||||
set_fact:
|
||||
new_server_tls_targets: "[{{ server_tls_targets[0] | combine({'targets': [target]}, list_merge='append_rp') }}]"
|
||||
|
||||
- name: Put the new target list
|
||||
copy:
|
||||
content: "{{ new_server_tls_targets | to_nice_json }}"
|
||||
dest: /etc/prometheus/targets/blackbox-tls-internal-targets.json
|
||||
delegate_to: "{{ appointed_prometheus_server }}"
|
||||
when: target not in server_tls_targets.0.targets
|
@ -1,13 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
server {
|
||||
listen {{ lan_address }}:9115 ssl;
|
||||
ssl_certificate /etc/prometheus/blackbox-{{ lan_address }}.crt;
|
||||
ssl_certificate_key /etc/prometheus/blackbox-{{ lan_address }}.key;
|
||||
ssl_client_certificate /etc/prometheus/ca.crt;
|
||||
ssl_verify_client on;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:9115;
|
||||
}
|
||||
}
|
@ -1,23 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
modules:
|
||||
http_2xx:
|
||||
prober: http
|
||||
http:
|
||||
http_post_2xx:
|
||||
prober: http
|
||||
http:
|
||||
method: POST
|
||||
tcp_connect:
|
||||
prober: tcp
|
||||
icmp:
|
||||
prober: icmp
|
||||
internal_tls_connect:
|
||||
prober: tcp
|
||||
timeout: 10s
|
||||
tcp:
|
||||
tls: true
|
||||
tls_config:
|
||||
ca_file: '/etc/prometheus/ca.crt'
|
||||
cert_file: '/etc/prometheus/blackbox-{{ lan_address }}.crt'
|
||||
key_file: '/etc/prometheus/blackbox-{{ lan_address }}.key'
|
@ -1,21 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# Set the command-line arguments to pass to the server.
|
||||
{% if not args %}
|
||||
ARGS=""
|
||||
{% else %}
|
||||
ARGS="\
|
||||
{% for arg in args %}
|
||||
--{{ arg.name }}={{ arg.value }} \
|
||||
{% endfor %}
|
||||
"
|
||||
{% endif %}
|
||||
|
||||
# Usage of prometheus-blackbox-exporter:
|
||||
# --config.file="blackbox.yml"
|
||||
# Blackbox exporter configuration file.
|
||||
# --web.listen-address=":9115"
|
||||
# The address to listen on for HTTP requests.
|
||||
# --timeout-offset=0.5 Offset to subtract from timeout in seconds.
|
||||
# --log.level=info Only log messages with the given severity or above.
|
||||
# One of: [debug, info, warn, error]
|
@ -1,6 +0,0 @@
|
||||
[
|
||||
{
|
||||
"targets": [
|
||||
]
|
||||
}
|
||||
]
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue