Adding services for wk24

start creating new mx.l3d.ch server
DO1JLR · Feb 28, 2024 · 6738faa · 6738faa
2 parents 3a9b241 + 01b890b
commit 6738faa
Show file tree

Hide file tree

Showing 46 changed files with 969 additions and 529 deletions.
diff --git a/.gitmodules b/.gitmodules
@@ -99,7 +99,7 @@
 	url = https://github.com/roles-ansible/ansible_role_ntp.git
   branch = master
 [submodule "roles/do1jlr.etebase"]
-	path = roles/do1jlr.etebase
+	path = roles/l3d.etebase
 	url = https://github.com/roles-ansible/ansible_role_etebase.git
   branch = master
 [submodule "collections/ansible_collections/community/mysql"]
@@ -144,3 +144,9 @@
 [submodule "roles/l3d.homebox"]
 	path = roles/l3d.homebox
 	url = https://github.com/roles-ansible/ansible_role_homebox.git
+[submodule "collections/ansible_collections/l3d/users"]
+	path = collections/ansible_collections/l3d/users
+	url = https://github.com/roles-ansible/ansible_collection_users.git
+[submodule "roles/l3d.rustdesk"]
+	path = roles/l3d.rustdesk
+	url = https://github.com/roles-ansible/ansible_role_rustdesk.git
diff --git a/.yamllint b/.yamllint
@@ -8,11 +8,8 @@ rules:
     level: warning
 
 ignore: |
-  host_vars/mail01.l3d.space/vault.yml
-  host_vars/web01.l3d.space/vault.yml
-  host_vars/luna.l3d.ch/vault.yml
-  host_vars/services.l3d.space/vault.yml
-  group_vars/all/vault.yml
+  group_vars/*/vault.yml
   roles/
   ansible/
   collections/
+  host_vars/*/vault.yml
diff --git a/collections/ansible_collections/community/crypto b/collections/ansible_collections/community/crypto
diff --git a/collections/ansible_collections/community/general b/collections/ansible_collections/community/general
diff --git a/collections/ansible_collections/community/grafana b/collections/ansible_collections/community/grafana
diff --git a/collections/ansible_collections/community/mysql b/collections/ansible_collections/community/mysql
diff --git a/collections/ansible_collections/grafana/grafana b/collections/ansible_collections/grafana/grafana
diff --git a/collections/ansible_collections/l3d/git b/collections/ansible_collections/l3d/git
diff --git a/collections/ansible_collections/l3d/users b/collections/ansible_collections/l3d/users
diff --git a/collections/ansible_collections/prometheus/prometheus b/collections/ansible_collections/prometheus/prometheus
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
@@ -21,3 +21,28 @@ ntp_servers:
 
 # prometheus.prometeus.node_exporter
 node_exporter_web_listen_address: '127.0.0.1:9100'
+
+# l3d.users
+l3d_users__default_users:
+  - name: 'l3d'
+    state: 'present'
+    shell: '/bin/bash'
+    create_home: true
+    admin: true
+    admin_nopassword: true
+    admin_commands: 'ALL'
+    pubkeys: |
+       ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPvvXN33GwkTF4ZOwPgF21Un4R2z9hWUuQt1qIfzQyhC
+       ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAG65EdcM+JLv0gnzT9LcqVU47Pkw0SqiIg7XipXENi8
+       ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJz7zEvUVgJJJsIgfG3izsqYcM22IaKz4jGVUbNRL2PX
+
+# l3d.users.user
+l3d_users__create_ansible: true
+l3d_users__ansible_user_state: 'present'
+l3d_users__set_ansible_ssh_keys: true
+l3d_users__ansible_ssh_keys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
+
+# do1jlr.users
+admins:
+  - l3d
+  - ansible
diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml
@@ -1,12 +1,14 @@
 $ANSIBLE_VAULT;1.1;AES256
-62313734366533326334646163383462373265303264643366323937666564653064383037623931
-3831643363613132376165373936306638366439613536650a383536663736313232623965313362
-34366438343164353836333739316261363233366463613964636665306232333534633434643164
-3930333935356131620a613931343230383862353639663862356139663664356163623938376561
-35383464386237363736313265613137656530323165613965633463376464366133376430613965
-33623464383730396265613536336437303964333763633563616662313762346235316531313139
-62373134393865306562346332613361623534396433666232333665336139333730313362353539
-64386135346638643234653536353439646235303634306362376463343135386464663962333934
-65376265353436353038333830636566343834643737333537376235613038343661646431373131
-35633065333233383334383661666533353765653230653361366461613138613935383165623739
-326231316564393161333839393733616531
+36383439323339386166633331333531376634633838636635666665633363333265623061393137
+3263633634633231366361366634366563623734393763660a386363396336356532633562313836
+62643663356366323261353138333663393764646334623263626362636337636539363538346538
+3236636433363663340a633361363661366436633538363261623438396463303030363531326231
+35316335383139303638643661666132636139653032363935666533623832666539373033353631
+33303139643730616335343763356130653934633465396130666439343531353261343538363664
+34613834623762323063356234636132383339613030386133633333356138333730633032316138
+35363030323433623939303339366536343361616430383832623235313630613931386231656232
+36393765623664373562623965626362666362383063316163383735656366396131356666303735
+34313963623439663332626133346638666163646666313963653439326262653236393964326330
+38306138306437396261303965306161633733316130666465643135313663633238333932656131
+36613164323062643134653565663439383766613235633961373161346132353161643434653233
+66353166353033383437316266666337373566386234626437313437376232316362
diff --git a/host_vars/mail01.l3d.space/vars.yml b/host_vars/mail01.l3d.space/vars.yml
@@ -1,31 +1,13 @@
 ---
-users:
-  l3d:
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-  weechat:
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-  mailwebuser:
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-
-accounts:
-  - l3d
-  - mailwebuser
-  - weechat
+l3d_users__local_users:
+  - name: 'weechat'
+    state: 'present'
+    admin: false
+    pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
+  - name: 'mailwebuser'
+    state: 'present'
+    admin: false
+    pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
 
 # mail domains
 additional_dns_maildomains: 'mail.l3d.space imap.l3d.space smtp.l3d.space'
+273 −232		CHANGELOG.md
+34 −0		CHANGELOG.rst
+1 −0		README.md
+45 −0		changelogs/changelog.yaml
+0 −4		changelogs/fragments/710-luks_device-keyslot-fixes.yml
+1 −1		galaxy.yml
+20 −0		plugins/action/openssl_privatekey_pipe.py
+4 −0		plugins/doc_fragments/module_csr.py
+4 −0		plugins/filter/openssl_csr_info.py
+66 −0		plugins/filter/parse_serial.py
+68 −0		plugins/filter/to_serial.py
+8 −1		plugins/filter/x509_certificate_info.py
+6 −1		plugins/filter/x509_crl_info.py
+11 −41		plugins/module_utils/acme/backend_cryptography.py
+76 −0		plugins/module_utils/crypto/math.py
+56 −0		plugins/module_utils/serial.py
+6 −1		plugins/modules/ecs_certificate.py
+15 −8		plugins/modules/get_certificate.py
+6 −0		plugins/modules/openssh_cert.py
+4 −0		plugins/modules/openssl_csr_info.py
+17 −0		plugins/modules/openssl_csr_pipe.py
+6 −0		plugins/modules/openssl_privatekey_pipe.py
+8 −1		plugins/modules/x509_certificate_info.py
+17 −0		plugins/modules/x509_certificate_pipe.py
+59 −6		plugins/modules/x509_crl.py
+6 −1		plugins/modules/x509_crl_info.py
+5 −0		tests/integration/targets/filter_parse_serial/aliases
+62 −0		tests/integration/targets/filter_parse_serial/tasks/main.yml
+5 −0		tests/integration/targets/filter_to_serial/aliases
+35 −0		tests/integration/targets/filter_to_serial/tasks/main.yml
+8 −6		tests/integration/targets/x509_crl/tasks/impl.yml
+6 −0		tests/sanity/ignore-2.10.txt
+6 −0		tests/sanity/ignore-2.11.txt
+6 −0		tests/sanity/ignore-2.12.txt
+6 −0		tests/sanity/ignore-2.13.txt
+6 −0		tests/sanity/ignore-2.14.txt
+6 −0		tests/sanity/ignore-2.9.txt
+28 −10		.github/BOTMETA.yml
+2 −0		changelogs/fragments/7717-prevent-modprobe-error.yml
+8 −0		changelogs/fragments/7790-gitlab-runner-api-pagination.yml
+2 −0		changelogs/fragments/7847-gitlab-issue-title.yml
+2 −0		changelogs/fragments/7881-fix-keycloak-client-ckeckmode.yml
+2 −0		changelogs/fragments/7919-onepassword-fieldname-casing.yaml
+2 −0		changelogs/fragments/7951-fix-redfish_info-exception.yml
+2 −0		changelogs/fragments/7956-adding-releases_events-option-to-gitlab_hook-module.yaml
+2 −0		changelogs/fragments/7963-fix-terraform-diff-absent.yml
+10 −0		changelogs/fragments/7970-fix-cargo-path-idempotency.yaml
+2 −0		changelogs/fragments/7976-add-mssql_script-transactional-support.yml
+2 −0		changelogs/fragments/7983-sudoers-add-support-noexec.yml
+2 −0		changelogs/fragments/7994-bitwarden-session-arg.yaml
+2 −0		changelogs/fragments/7996-add-templating-support-to-icinga2-inventory.yml
+2 −0		changelogs/fragments/8003-redfish-get-update-status-empty-response.yml
+2 −0		changelogs/fragments/pkgin.yml
+1 −0		docs/docsite/rst/filter_guide_abstract_informations.rst
+81 −0		docs/docsite/rst/filter_guide_abstract_informations_lists_helper.rst
+1 −1		galaxy.yml
+46 −0		plugins/callback/default_without_diff.py
+210 −0		plugins/filter/lists.py
+48 −0		plugins/filter/lists_difference.yml
+48 −0		plugins/filter/lists_intersect.yml
+48 −0		plugins/filter/lists_symmetric_difference.yml
+48 −0		plugins/filter/lists_union.yml
+11 −1		plugins/inventory/icinga2.py
+23 −0		plugins/lookup/bitwarden.py
+2 −2		plugins/lookup/onepassword.py
+15 −0		plugins/module_utils/gitlab.py
+28 −24		plugins/module_utils/redfish_utils.py
+3 −1		plugins/modules/apk.py
+4 −0		plugins/modules/cargo.py
+2 −3		plugins/modules/gitlab_deploy_key.py
+320 −0		plugins/modules/gitlab_group_access_token.py
+12 −8		plugins/modules/gitlab_group_members.py
+3 −9		plugins/modules/gitlab_group_variable.py
+12 −3		plugins/modules/gitlab_hook.py
+3 −9		plugins/modules/gitlab_instance_variable.py
+1 −1		plugins/modules/gitlab_issue.py
+318 −0		plugins/modules/gitlab_project_access_token.py
+3 −3		plugins/modules/gitlab_project_badge.py
+3 −9		plugins/modules/gitlab_project_variable.py
+2 −2		plugins/modules/gitlab_runner.py
+12 −8		plugins/modules/gitlab_user.py
+2 −1		plugins/modules/htpasswd.py
+1 −0		plugins/modules/ipa_user.py
+3 −2		plugins/modules/keycloak_client.py
+4 −0		plugins/modules/modprobe.py
+33 −1		plugins/modules/mssql_script.py
+8 −1		plugins/modules/pkgin.py
+3 −3		plugins/modules/proxmox.py
+23 −1		plugins/modules/sudoers.py
+18 −3		plugins/modules/terraform.py
+13 −0		tests/integration/targets/apk/aliases
+160 −0		tests/integration/targets/apk/tasks/main.yml
+6 −0		tests/integration/targets/callback_default_without_diff/aliases
+65 −0		tests/integration/targets/callback_default_without_diff/tasks/main.yml
+5 −0		tests/integration/targets/filter_lists/aliases
+64 −0		tests/integration/targets/filter_lists/tasks/main.yml
+8 −0		tests/integration/targets/filter_lists/vars/main.yml
+7 −0		tests/integration/targets/gitlab_group_access_token/aliases
+15 −0		tests/integration/targets/gitlab_group_access_token/defaults/main.yml
+221 −0		tests/integration/targets/gitlab_group_access_token/tasks/main.yml
+7 −0		tests/integration/targets/gitlab_project_access_token/aliases
+15 −0		tests/integration/targets/gitlab_project_access_token/defaults/main.yml
+221 −0		tests/integration/targets/gitlab_project_access_token/tasks/main.yml
+11 −9		tests/integration/targets/keycloak_client/README.md
+0 −31		tests/integration/targets/keycloak_client/docker-compose.yml
+81 −39		tests/integration/targets/keycloak_client/tasks/main.yml
+1 −1		tests/integration/targets/keycloak_client/vars/main.yml
+15 −0		tests/integration/targets/sudoers/tasks/main.yml
+168 −0		tests/unit/plugins/lookup/onepassword_common.py
+102 −0		tests/unit/plugins/lookup/onepassword_fixtures/v2_out_05.json
+3 −0		tests/unit/plugins/lookup/onepassword_fixtures/v2_out_05.json.license
+20 −0		tests/unit/plugins/lookup/test_bitwarden.py
+60 −0		tests/unit/plugins/modules/gitlab.py
+107 −0		tests/unit/plugins/modules/test_gitlab_group_access_token.py
+107 −0		tests/unit/plugins/modules/test_gitlab_project_access_token.py
+16 −0		CHANGELOG.rst
+16 −0		changelogs/changelog.yaml
+3 −0		changelogs/fragments/350-python3.12.yml
+1 −1		galaxy.yml
+10 −10		tests/unit/modules/grafana/grafana_team/test_grafana_team.py
+2 −2		tests/unit/modules/grafana/grafana_user/test_grafana_user.py
+26 −0		CHANGELOG.rst
+78 −3		CONTRIBUTING.md
+13 −10		README.md
+2 −2		TESTING.md
+26 −0		changelogs/changelog.yaml
+0 −2		changelogs/fragments/0-stable-2-eol.yml
+0 −2		changelogs/fragments/602-show-all-slaves-status.yaml
+0 −2		changelogs/fragments/604-user-attributes.yaml
+1 −1		galaxy.yml
+6 −0		plugins/module_utils/implementations/mariadb/user.py
+6 −0		plugins/module_utils/implementations/mysql/user.py
+98 −2		plugins/module_utils/user.py
+2 −1		plugins/modules/mysql_role.py
+29 −3		plugins/modules/mysql_user.py
+2 −0		tests/integration/targets/test_mysql_user/tasks/main.yml
+174 −0		tests/integration/targets/test_mysql_user/tasks/test_password_expire.yml
+56 −0		tests/integration/targets/test_mysql_user/tasks/utils/assert_user_password_expire.yml