Skip to content
Snippets Groups Projects
Commit 1bb735bf authored by void's avatar void
Browse files

initialkonfiguration interner proxmox server

parent 8b536a14
No related branches found
No related tags found
No related merge requests found
--- ---
- name: restart nginx - name: restart pveproxy
service: name=nginx state=restarted service: name=pveproxy state=restarted
...@@ -38,7 +38,6 @@ ...@@ -38,7 +38,6 @@
file: file:
path: /etc/apt/sources.list.d/pve-enterprise.list path: /etc/apt/sources.list.d/pve-enterprise.list
state: absent state: absent
- name: disable and stop all rpcbind services (hardening) - name: disable and stop all rpcbind services (hardening)
systemd: systemd:
...@@ -50,3 +49,9 @@ ...@@ -50,3 +49,9 @@
- rpcbind.socket - rpcbind.socket
- rpcbind.service - rpcbind.service
# see: https://www.fw23networks.com/proxmox-ve-7-0-web-gui-zugriff-ohne-ipv6/
- name: deploy pveproxy config
template:
src: pveproxy
dest: /etc/default/pveproxy
notify: restart pveproxy
LISTEN_IP="0.0.0.0"
# Host spezifische Variablen
motd_lines:
- "Weathermax - Interner Proxmox Server @ warpzone"
- "Öffentliche IPs: {{ansible_enp3s0.ipv4.address}} / {{ansible_enp3s0.ipv6[0].address}}"
debian_sources:
- "deb http://deb.debian.org/debian/ bullseye main non-free contrib"
- "deb http://security.debian.org/debian-security bullseye-security main contrib non-free"
- "deb http://deb.debian.org/debian/ bullseye-updates main contrib non-free"
- "deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription"
debian_keys_id:
debian_keys_url:
- "https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg"
# Art des Hosts: physical, vm, docker
host_type: "physical"
# Primäre IP Adressen des Hosts
int_ip4: 192.168.0.200
administratorenteam:
- "void"
- "sandhome"
# Nameskonvention für Server: Pratchett Name/Charaktere
# Nächste freie Namen: ogg, carrot, vimes
[prod] [prod]
...@@ -7,6 +9,9 @@ ...@@ -7,6 +9,9 @@
# https://wiki.warpzone.ms/intern:warpzone_internal_it_infrastructure#host_fuer_interne_dienste_watchguard_xtm_505 # https://wiki.warpzone.ms/intern:warpzone_internal_it_infrastructure#host_fuer_interne_dienste_watchguard_xtm_505
warpsrvint ansible_ssh_host=192.168.0.201 warpsrvint ansible_ssh_host=192.168.0.201
# Interner Proxmox-Server (neu ab 09-2022)
weatherwax ansible_ssh_host=192.168.0.200
# Octoprint Server für 3d Drucker # Octoprint Server für 3d Drucker
octoprint1 ansible_ssh_host=10.0.2.188 octoprint1 ansible_ssh_host=10.0.2.188
......
...@@ -41,6 +41,13 @@ ...@@ -41,6 +41,13 @@
} }
- hosts: weatherwax
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/cronapt, tags: cronapt }
- hosts: warpsrvint - hosts: warpsrvint
remote_user: root remote_user: root
roles: roles:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment