2021-02-18 13:25:26 +00:00
|
|
|
# My own laptop.
|
|
|
|
|
|
|
|
nodes['kunsi-t470'] = {
|
|
|
|
'hostname': 'localhost',
|
|
|
|
'bundles': {
|
2021-02-18 14:11:05 +00:00
|
|
|
'lldp',
|
2021-06-05 10:23:09 +00:00
|
|
|
'lm-sensors',
|
2021-03-11 14:23:47 +00:00
|
|
|
'nfs-client',
|
2021-11-15 20:18:42 +00:00
|
|
|
'telegraf-battery-usage',
|
2021-02-18 13:25:26 +00:00
|
|
|
},
|
2021-05-23 10:24:00 +00:00
|
|
|
'groups': {
|
|
|
|
'arch',
|
|
|
|
},
|
2021-02-18 13:25:26 +00:00
|
|
|
'metadata': {
|
2021-02-18 16:57:33 +00:00
|
|
|
'timezone': 'Europe/Berlin',
|
2021-02-18 13:25:26 +00:00
|
|
|
'icinga_options': {
|
|
|
|
'exclude_from_monitoring': True,
|
|
|
|
},
|
2021-02-18 13:52:06 +00:00
|
|
|
'hosts': {
|
|
|
|
'entries': {
|
|
|
|
'10.101.64.10': {
|
|
|
|
'www.wifionice.de',
|
|
|
|
'wifionice.de',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-02-18 16:57:33 +00:00
|
|
|
'interfaces': {
|
2021-06-11 13:02:03 +00:00
|
|
|
'br0': {
|
2021-02-18 16:57:33 +00:00
|
|
|
'dhcp': True,
|
2021-04-18 09:05:42 +00:00
|
|
|
'use_dhcp_domains': True,
|
|
|
|
'send_hostname': False,
|
2021-02-18 16:57:33 +00:00
|
|
|
},
|
|
|
|
# there is also wlp4s0, but that's managed by netctl
|
|
|
|
},
|
2021-06-03 11:59:15 +00:00
|
|
|
'firewall': {
|
2021-05-23 10:24:00 +00:00
|
|
|
'port_rules': {
|
2021-12-09 09:23:16 +00:00
|
|
|
# obs websocket thingie - just allow all RFC1918 ips here
|
|
|
|
'4444': {
|
|
|
|
'10.0.0.0/8',
|
|
|
|
'172.16.0.0/12',
|
|
|
|
'192.168.0.0/16',
|
|
|
|
},
|
2021-05-23 10:24:00 +00:00
|
|
|
# For the occasional file-share using `python -m http.server`
|
|
|
|
'8000': {'*'},
|
|
|
|
},
|
|
|
|
},
|
2021-02-18 13:52:06 +00:00
|
|
|
'locale': {
|
|
|
|
'default': 'en_DK.UTF-8',
|
|
|
|
},
|
2021-03-11 14:23:47 +00:00
|
|
|
'nfs-client': {
|
|
|
|
'mounts': {
|
2021-05-23 13:24:21 +00:00
|
|
|
'nas-scansnap': {
|
|
|
|
'mountpoint': '/mnt/scansnap',
|
2021-05-29 07:21:18 +00:00
|
|
|
'serverpath': '172.19.138.20:/srv/scansnap',
|
2021-05-23 13:24:21 +00:00
|
|
|
'mount_options': {
|
|
|
|
'retry=0',
|
|
|
|
'rw',
|
|
|
|
},
|
|
|
|
},
|
2021-03-11 14:23:47 +00:00
|
|
|
'nas-storage': {
|
|
|
|
'mountpoint': '/mnt/nas',
|
|
|
|
'serverpath': '172.19.138.20:/storage/nas',
|
|
|
|
'mount_options': {
|
|
|
|
'retry=0',
|
|
|
|
'ro',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-12-14 11:42:16 +00:00
|
|
|
'openssh': {
|
|
|
|
'restrict-to': {
|
|
|
|
'10.0.0.0/8',
|
|
|
|
'172.16.0.0/12',
|
|
|
|
'192.168.0.0/16',
|
|
|
|
'ipv6',
|
|
|
|
},
|
|
|
|
},
|
2021-02-18 13:25:26 +00:00
|
|
|
'pacman': {
|
2021-05-23 10:24:00 +00:00
|
|
|
'install_gui': True,
|
2021-02-18 13:25:26 +00:00
|
|
|
},
|
2021-02-18 16:57:33 +00:00
|
|
|
'systemd-networkd': {
|
|
|
|
'enable-resolved': True,
|
2021-06-11 13:02:03 +00:00
|
|
|
'bridges': {
|
|
|
|
'br0': {
|
|
|
|
'match': {
|
|
|
|
'enp0s31f6',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-02-18 16:57:33 +00:00
|
|
|
},
|
2021-02-18 13:25:26 +00:00
|
|
|
'users': {
|
|
|
|
'kunsi': {
|
|
|
|
'password': vault.decrypt('encrypt$gAAAAABgLmmuQGRUStrQawoPee-758emIYn2u8-8ebrgzNAFSp7ifeFDdXXvs-zL3QogwNYlCtBHboH2xfy1rSj6OF5bbNO-tg=='),
|
|
|
|
'shell': '/usr/bin/fish',
|
2021-03-06 08:55:32 +00:00
|
|
|
# FIXME move qemu VMs out of /home/kunsi
|
|
|
|
'home-mode': '0755',
|
2021-02-18 13:25:26 +00:00
|
|
|
},
|
|
|
|
'sophie': {
|
|
|
|
'delete': True,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'os': 'arch',
|
|
|
|
}
|