From b86e31cd045be334f3bf843fd833c1cf6efab08f Mon Sep 17 00:00:00 2001 From: Ullli Date: Tue, 27 Jun 2023 09:34:04 +0200 Subject: [PATCH] =?utf8?q?in=20Zukunft=20lieber=20=C3=B6ffters=20committen?= =?utf8?q?...?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- examples/files/dns-pihole_custom.list | 0 .../dns20-pihole_04-pihole-static-dhcp.conf | 0 examples/files/rumba_smb.conf | 12 ++ examples/files/samba_smb.conf | 28 +++++ .../install_accountmgt.yml | 18 +++ .../install_anmeldapp.yml | 14 +++ .../playbooks-for-server/install_aptproxy.yml | 13 +++ .../playbooks-for-server/install_backup01.yml | 34 ++++++ .../install_bibliothek.yml | 26 +++++ .../install_dns-server.yml | 18 +++ .../install_druckerzentrale-buero.yml | 16 +++ .../install_druckerzentrale.yml | 16 +++ .../playbooks-for-server/install_helpdesk.yml | 50 ++++++++ .../playbooks-for-server/install_homes.yml | 24 ++++ .../install_installbox.yml | 13 +++ .../playbooks-for-server/install_intranet.yml | 13 +++ .../playbooks-for-server/install_ldap.yml | 18 +++ .../playbooks-for-server/install_lists.yml | 18 +++ examples/server-mgt-with-ansible/README.md | 17 +++ .../server-mgt-with-ansible/add-new-client.sh | 110 ++++++++++++++++++ examples/server-mgt-with-ansible/hosts | 10 ++ .../server-mgt-with-ansible/pihole-update.yml | 5 + .../update-all-server.yml | 19 +++ examples/server-mgt-with-ansible/vars.yml | 1 + files/lighttpd-intranet_FuBK-Testbild.png | Bin 0 -> 31748 bytes files/lighttpd-intranet_index.html | 12 ++ library/ansible.yml | 8 ++ library/aptcacher-ng.yml | 7 ++ library/bootstrap.yml | 59 ++++++++++ library/cups.yml | 26 +++++ library/glpi.yml | 65 +++++++++++ library/koha.yml | 79 +++++++++++++ library/lam.yml | 7 ++ library/lighttpd.yml | 42 +++++++ library/nfs.yml | 50 ++++++++ library/openldap.yml | 8 ++ library/pi-hole.yml | 13 +++ library/pihole-update.yml | 27 +++++ library/pocketbase.yml | 2 + library/sympa.yml | 31 +++++ 40 files changed, 929 insertions(+) create mode 100644 examples/files/dns-pihole_custom.list create mode 100644 examples/files/dns20-pihole_04-pihole-static-dhcp.conf create mode 100644 examples/files/rumba_smb.conf create mode 100644 examples/files/samba_smb.conf create mode 100644 examples/playbooks-for-server/install_accountmgt.yml create mode 100644 examples/playbooks-for-server/install_anmeldapp.yml create mode 100644 examples/playbooks-for-server/install_aptproxy.yml create mode 100644 examples/playbooks-for-server/install_backup01.yml create mode 100644 examples/playbooks-for-server/install_bibliothek.yml create mode 100644 examples/playbooks-for-server/install_dns-server.yml create mode 100644 examples/playbooks-for-server/install_druckerzentrale-buero.yml create mode 100644 examples/playbooks-for-server/install_druckerzentrale.yml create mode 100644 examples/playbooks-for-server/install_helpdesk.yml create mode 100644 examples/playbooks-for-server/install_homes.yml create mode 100644 examples/playbooks-for-server/install_installbox.yml create mode 100644 examples/playbooks-for-server/install_intranet.yml create mode 100644 examples/playbooks-for-server/install_ldap.yml create mode 100644 examples/playbooks-for-server/install_lists.yml create mode 100644 examples/server-mgt-with-ansible/README.md create mode 100755 examples/server-mgt-with-ansible/add-new-client.sh create mode 100644 examples/server-mgt-with-ansible/hosts create mode 100644 examples/server-mgt-with-ansible/pihole-update.yml create mode 100644 examples/server-mgt-with-ansible/update-all-server.yml create mode 100644 examples/server-mgt-with-ansible/vars.yml create mode 100644 files/lighttpd-intranet_FuBK-Testbild.png create mode 100644 files/lighttpd-intranet_index.html create mode 100644 library/ansible.yml create mode 100644 library/aptcacher-ng.yml create mode 100644 library/bootstrap.yml create mode 100644 library/cups.yml create mode 100644 library/glpi.yml create mode 100644 library/koha.yml create mode 100644 library/lam.yml create mode 100644 library/lighttpd.yml create mode 100644 library/nfs.yml create mode 100644 library/openldap.yml create mode 100644 library/pi-hole.yml create mode 100644 library/pihole-update.yml create mode 100644 library/pocketbase.yml create mode 100644 library/sympa.yml diff --git a/examples/files/dns-pihole_custom.list b/examples/files/dns-pihole_custom.list new file mode 100644 index 0000000..e69de29 diff --git a/examples/files/dns20-pihole_04-pihole-static-dhcp.conf b/examples/files/dns20-pihole_04-pihole-static-dhcp.conf new file mode 100644 index 0000000..e69de29 diff --git a/examples/files/rumba_smb.conf b/examples/files/rumba_smb.conf new file mode 100644 index 0000000..999aa2e --- /dev/null +++ b/examples/files/rumba_smb.conf @@ -0,0 +1,12 @@ +[global] +workgroup = WORKGROUP +security = user +map to guest = Bad Password + +[fotospeicher] +path = /srv/samba/fotospeicher/ +public = yes +writable = yes +comment = Netzwerkverzeichnis fuer Fotos +printable = no +guest ok = no diff --git a/examples/files/samba_smb.conf b/examples/files/samba_smb.conf new file mode 100644 index 0000000..4c4d3fc --- /dev/null +++ b/examples/files/samba_smb.conf @@ -0,0 +1,28 @@ +[global] +workgroup = WORKGROUP +security = user +map to guest = Bad Password + +[computerraum] +path = /srv/samba/computerraum/ +public = yes +writable = yes +comment = Netzwerkverzeichnis fuer den Computerraum +printable = no +guest ok = yes + +[mediencenter] +path = /srv/samba/mediencenter/ +public = yes +writable = yes +comment = Netzwerkverzeichnis fuer das LibreELEC-Mediencenter +printable = no +guest ok = yes + +[nawi] +path = /srv/samba/nawi/ +public = yes +writable = yes +comment = Netzwerkverzeichnis fuer den NaWi-Raum +printable = no +guest ok = yes diff --git a/examples/playbooks-for-server/install_accountmgt.yml b/examples/playbooks-for-server/install_accountmgt.yml new file mode 100644 index 0000000..00be12b --- /dev/null +++ b/examples/playbooks-for-server/install_accountmgt.yml @@ -0,0 +1,18 @@ +--- +- name: bootstrap CT "accountmgt" + hosts: accountmgt + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "accountmgt" + hosts: accountmgt + become: true + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/lam.yml + +# pct create +# pct resize diff --git a/examples/playbooks-for-server/install_anmeldapp.yml b/examples/playbooks-for-server/install_anmeldapp.yml new file mode 100644 index 0000000..6699b53 --- /dev/null +++ b/examples/playbooks-for-server/install_anmeldapp.yml @@ -0,0 +1,14 @@ +--- +- name: bootstrap CT "anmeldapp" + hosts: anmeldapp + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "anmeldapp" + hosts: anmeldapp + become: true + vars: + tasks: + - include_tasks: fsit-smgt/library/pocketbase.yml diff --git a/examples/playbooks-for-server/install_aptproxy.yml b/examples/playbooks-for-server/install_aptproxy.yml new file mode 100644 index 0000000..f96f506 --- /dev/null +++ b/examples/playbooks-for-server/install_aptproxy.yml @@ -0,0 +1,13 @@ +--- +- name: bootstrap CT "aptproxy" + hosts: aptproxy + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "aptproxy" + hosts: aptproxy + become: true + tasks: + - include_tasks: fsit-smgt/library/aptcacher-ng.yml diff --git a/examples/playbooks-for-server/install_backup01.yml b/examples/playbooks-for-server/install_backup01.yml new file mode 100644 index 0000000..c08043c --- /dev/null +++ b/examples/playbooks-for-server/install_backup01.yml @@ -0,0 +1,34 @@ +--- +- name: bootstrap CT "backup01" + hosts: backup01 + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "backup01" + hosts: backup01 + become: true + vars: + export_root: /srv/nfs4 + export_share: backups + export_dir: /srv/backups + export_dir_subdir: pve + root_ipaddr_string: 192.168.10.0/24(rw,fsid=0,no_subtree_check) + dir_ipaddr_string: 192.168.10.0/24(rw,no_root_squash,no_subtree_check) + tasks: + - include_tasks: fsit-smgt/library/nfs.yml + + - name: make sure the sub-directory for backups from root exists + ansible.builtin.file: + path: "{{ export_dir }}/{{ export_dir_subdir }}" + state: directory + recurse: true + notify: + - restart nfs-kernel-server service + + handlers: + - name: restart nfs-kernel-server service + ansible.builtin.service: + name: nfs-kernel-server.service + state: restarted diff --git a/examples/playbooks-for-server/install_bibliothek.yml b/examples/playbooks-for-server/install_bibliothek.yml new file mode 100644 index 0000000..7de9cad --- /dev/null +++ b/examples/playbooks-for-server/install_bibliothek.yml @@ -0,0 +1,26 @@ +--- +- name: bootstrap CT "bibliothek" + hosts: bibliothek + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "bibliothek" + hosts: bibliothek + become: true + vars: + koha_domain: .srv.lan + koha_libraryname: bibliothek + tasks: + - include_tasks: fsit-smgt/library/bibliothek_koha.yml +# Stop , wenn install einmal schon gelaufen +# Datei erstellen: + + handlers: + - name: restart apache + service: + name: apache2 + state: restarted +#Connection to the memcached servers '__MEMCACHED_SERVERS__' failed. Are the unix socket permissions set properly? Is the host reachable? + diff --git a/examples/playbooks-for-server/install_dns-server.yml b/examples/playbooks-for-server/install_dns-server.yml new file mode 100644 index 0000000..d5333ef --- /dev/null +++ b/examples/playbooks-for-server/install_dns-server.yml @@ -0,0 +1,18 @@ +--- +- name: bootstrap CT "dns-server" + hosts: dns10 dns20 dns30 dns40 + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "dns-server" + hosts: dns20 + become: true + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/pi-hole.yml + +# pct create +# pct resize diff --git a/examples/playbooks-for-server/install_druckerzentrale-buero.yml b/examples/playbooks-for-server/install_druckerzentrale-buero.yml new file mode 100644 index 0000000..4be627b --- /dev/null +++ b/examples/playbooks-for-server/install_druckerzentrale-buero.yml @@ -0,0 +1,16 @@ +--- +- name: bootstrap CT "druckerzentrale-buero" + hosts: druckerzentrale-buero + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "druckerzentrale-buero" + hosts: druckerzentrale-buero + become: true + vars_files: + - vars.yml + - ../password-file-server.yml + tasks: + - include_tasks: fsit-smgt/library/cups.yml diff --git a/examples/playbooks-for-server/install_druckerzentrale.yml b/examples/playbooks-for-server/install_druckerzentrale.yml new file mode 100644 index 0000000..22b46a2 --- /dev/null +++ b/examples/playbooks-for-server/install_druckerzentrale.yml @@ -0,0 +1,16 @@ +--- +- name: bootstrap CT "druckerzentrale" + hosts: druckerzentrale + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "druckerzentrale" + hosts: druckerzentrale + become: true + vars_files: + - vars.yml + - ../password-file-server.yml + tasks: + - include_tasks: fsit-smgt/library/cups.yml diff --git a/examples/playbooks-for-server/install_helpdesk.yml b/examples/playbooks-for-server/install_helpdesk.yml new file mode 100644 index 0000000..487a06f --- /dev/null +++ b/examples/playbooks-for-server/install_helpdesk.yml @@ -0,0 +1,50 @@ +--- +- name: bootstrap CT "helpdesk" + hosts: helpdesk + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "helpdesk" + hosts: helpdesk + become: true + vars: + tasks: + - include_tasks: fsit-smgt/library/glpi.yml + +#https://glpi-install.readthedocs.io/en/latest/prerequisites.html +#https://glpi-install.readthedocs.io/en/latest/install/index.html +#https://neptunet.fr/install-glpi10/ +#https://www.osradar.com/how-to-install-glpi-on-debian-10-buster/ +# +#ANSIBLE +# +#sudo mysql_secure_installation +#(mysql -u root -p) +#mysql -u root -p -e "CREATE DATABASE glpidb;" +#mysql -u root -p -e "GRANT ALL PRIVILEGES ON glpidb.* TO 'glpiuser'@'localhost' IDENTIFIED BY '9vkgKEedBltBr9WPbB5t';" +#mysql -u root -p -e "FLUSH PRIVILEGES;" +# +#sudo rm /var/www/html/index.html +# +#wget https://github.com/DCS-Easyware/gsit/releases/download/GSIT-9.5.10/gsit-9.5.10.tgz +#sudo tar xvfz gsit-9.5.10.tgz -C /var/www/html/ --strip-components=1 +# +#sudo mv /var/www/html/config/* /etc/glpi/ +#kein chown auf www-data! wird spaeter sowieso als Fehler angezeigt +# +#sudo mv /var/www/html/files/* /var/lib/glpi/ +#sudo chown -R root:root /var/www/html/files/ ??? +#sudo chown -R www-data /var/lib/glpi/ +# +# +#ANSIBLE +# +#wget https://github.com/fusioninventory/fusioninventory-for-glpi/releases/download/glpi9.5%2B4.2/fusioninventory-9.5+4.2.zip +#sudo unzip -d /var/www/html/plugins/ fusioninventory-9.5+4.2.zip +# +#sudo php /var/www/html/bin/console glpi:plugin:install --username=glpi fusioninventory +#sudo php /var/www/html/bin/console glpi:plugin:activate fusioninventory +# +# sudo rm /var/www/html/install/install.php diff --git a/examples/playbooks-for-server/install_homes.yml b/examples/playbooks-for-server/install_homes.yml new file mode 100644 index 0000000..eecd2e1 --- /dev/null +++ b/examples/playbooks-for-server/install_homes.yml @@ -0,0 +1,24 @@ +--- +- name: bootstrap CT "homes" + hosts: homes + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "homes" + hosts: homes + become: true + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/nfs.yml + + handlers: + - name: restart nfs-kernel-server service + ansible.builtin.service: + name: nfs-kernel-server.service + state: restarted + +# root@pve01:~# pct create 110 local:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst --arch amd64 --cores 1 --features mount=nfs,nesting=1 --hostname homes --memory 512 --net0 name=eth0,bridge=vmbr10,firewall=1,ip=dhcp,type=veth --ostype debian --ssh-public-keys installbox.key.pub --storage fastpool --swap 512 --unprivileged 0 +# root@pve01:~# pct resize 110 rootfs 120G ???? diff --git a/examples/playbooks-for-server/install_installbox.yml b/examples/playbooks-for-server/install_installbox.yml new file mode 100644 index 0000000..e3f68b6 --- /dev/null +++ b/examples/playbooks-for-server/install_installbox.yml @@ -0,0 +1,13 @@ +--- +- name: bootstrap CT "installbox" + hosts: installbox + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "installbox" + hosts: installbox + become: true + tasks: + - include_tasks: fsit-smgt/library/ansible.yml diff --git a/examples/playbooks-for-server/install_intranet.yml b/examples/playbooks-for-server/install_intranet.yml new file mode 100644 index 0000000..4efa8ee --- /dev/null +++ b/examples/playbooks-for-server/install_intranet.yml @@ -0,0 +1,13 @@ +--- +- name: bootstrap CT "intranet" + hosts: intranet + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "intranet" + hosts: intranet + become: true + tasks: + - include_tasks: fsit-smgt/library/lighttpd.yml diff --git a/examples/playbooks-for-server/install_ldap.yml b/examples/playbooks-for-server/install_ldap.yml new file mode 100644 index 0000000..cd872c3 --- /dev/null +++ b/examples/playbooks-for-server/install_ldap.yml @@ -0,0 +1,18 @@ +--- +- name: bootstrap CT "ldap" + hosts: ldap + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "ldap" + hosts: ldap + become: true + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/openldap.yml + +# pct create +# pct resize diff --git a/examples/playbooks-for-server/install_lists.yml b/examples/playbooks-for-server/install_lists.yml new file mode 100644 index 0000000..df7e499 --- /dev/null +++ b/examples/playbooks-for-server/install_lists.yml @@ -0,0 +1,18 @@ +--- +- name: bootstrap CT "lists" + hosts: lists + remote_user: root + vars_files: + - vars.yml + tasks: + - include_tasks: fsit-smgt/library/bootstrap.yml +- name: install CT "lists" + hosts: lists + become: true + vars: + sympa_lang: de + sympa_domain: lists.freie-schule-leipzig.de + sympa_listmaster: digital@freie-schule-leipzig.de + sympa_wwsympa_url: http://192.168.30.236/wws + tasks: + - include_tasks: fsit-smgt/library/sympa.yml diff --git a/examples/server-mgt-with-ansible/README.md b/examples/server-mgt-with-ansible/README.md new file mode 100644 index 0000000..add9f42 --- /dev/null +++ b/examples/server-mgt-with-ansible/README.md @@ -0,0 +1,17 @@ +# Servermanagement + +Ansible-Konfigurations-Management der Maschinen auf den Proxmox-Servern + +## Virtuelle Server +install über PXE und debianpreseed (gleiches, wie bei den clients) +dann weiter über host-gruppe_server_ und playbook + + +## Container +install über Proxmox-Image +dabei wird der ssh-key vom ansible-User der installbox eingegeben +dann weiter über playbook: ... + + +## Proxmox +nicht geplant diff --git a/examples/server-mgt-with-ansible/add-new-client.sh b/examples/server-mgt-with-ansible/add-new-client.sh new file mode 100755 index 0000000..4ae79bd --- /dev/null +++ b/examples/server-mgt-with-ansible/add-new-client.sh @@ -0,0 +1,110 @@ +#!/bin/bash + +# Wir brauchen: $ip $newhostname $macen $macwl +# Der neue Rechner muss mit PXE und Preseed fertig sein + +ip="$1" +newhostname="$2" + +# Nach den Werten fragen und in Variable schreiben, +# wenn diese beim Aufruf vergessen wurden. +if [ -z $ip ] +then + read -p "ip-Adresse des neuen Rechners: " ip +fi +if [ -z $newhostname ] +then + read -p "Hostname des neuen Rechners: " newhostname +fi + +# temporaere hosts-Datei fuer ansible +echo "$ip" > temphosts +#cat temphosts + +# Pruefe, ob $ip in custom-list +# wenn ja --> Abbruch +#if grep ${ip} files/dns-pihole_custom.list +#then +# echo "IP bereits in dns-pihole_custom.list eingetragen" +# echo " bitte entfernen oder andere IP auswählen! Abbruch :-(" +# exit 1 +#fi + +# suche in ../client-mgt/hosts nach $newhostname +# wenn nein +# stop, +# Echo nicht in hosts dazhei, eingetragen, dann weiter +if grep ${newhostname} ../client-mgt/hosts +then + echo "Rechnername in hosts-Datei eingetragen, suupi!" +else + echo "Rechnername fehlt in ../client-mgt/hosts. Abbruch :-(" + exit 1 +fi + +# suche in /home/ansible/.ssh/known_hosts nach $ip +# wenn ja +ssh-keygen -f "/home/ansible/.ssh/known_hosts" -R "$ip" +#if grep ${ip} $HOME/.ssh/known_hosts + +ssh -o BatchMode=yes -o ConnectTimeout=5 -o StrictHostKeyChecking=no ${ip} 'exit 0' +if [ $? != 0 ] +then + echo "Host nicht per SSH erreichbar! Abbruch :-(" + exit 1 +fi + +# MAC-Adressen finden +macen=$(ssh ${ip} cat /sys/class/net/en*/address) +echo "MAC-Ethernet: $macen" +macwl=$(ssh ${ip} cat /sys/class/net/wl*/address) +echo "MAC-WLAN: $macwl" + +if [ -z $macwl ] +then + echo "dhcp-host=${macen},${ip},${newhostname}" >> files/dns20-pihole_04-pihole-static-dhcp.conf +else + echo "dhcp-host=${macen},${macwl},${ip},${newhostname}" >> files/dns20-pihole_04-pihole-static-dhcp.conf +fi + +# Hostnamen aendern +oldhostname=$(ssh ${ip} hostname) +ssh ${ip} sudo hostnamectl set-hostname ${newhostname} +# change in /etc/hosts +ssh ${ip} sudo sed -i "s/$oldhostname/$newhostname/" /etc/hosts + +echo "$ip $newhostname" >> files/dns-pihole_custom.list + +echo +echo "Prüfe, ob Host perAnsible erreichbar ist" +ansible ${ip} -i temphosts -m ping + +echo +echo "Alle DNS-Server mit neuen Listen versorgen" +ansible-playbook pihole-update.yml + +echo +echo "pruefen, ob DNS-Aufloesung fuer neuen Host funktioniert" +ping -c 3 ${newhostname} + +# temporaere Dateien loeschen" +rm temphosts + +echo +echo "+++ pihole static-dhcp file +++" +tail files/dns20-pihole_04-pihole-static-dhcp.conf + +echo +echo "+++ pihole custom list" +tail files/dns-pihole_custom.list + +echo +echo "fertig?" +echo "fertig!" +echo " :-)" + +### +#ansible ${ip} -i newhost -m ping +#ansible ${ip} -i newhost -m gather_facts +#ansible ${ip} -i newhost -m ansible.builtin.setup -a 'filter=ansible_wlp4s0' + diff --git a/examples/server-mgt-with-ansible/hosts b/examples/server-mgt-with-ansible/hosts new file mode 100644 index 0000000..8bc22b9 --- /dev/null +++ b/examples/server-mgt-with-ansible/hosts @@ -0,0 +1,10 @@ +[baremetal] + +[virtualmachines] + +[container] + +[proxmox] + +[all:vars] +ansible_python_interpreter=/usr/bin/python3 diff --git a/examples/server-mgt-with-ansible/pihole-update.yml b/examples/server-mgt-with-ansible/pihole-update.yml new file mode 100644 index 0000000..bbfcedb --- /dev/null +++ b/examples/server-mgt-with-ansible/pihole-update.yml @@ -0,0 +1,5 @@ +--- +- name: update pihole settings on internal dns-servers + hosts: dns10 dns20 dns30 + tasks: + - include_tasks: fsit-smgt/library/pihole-update.yml diff --git a/examples/server-mgt-with-ansible/update-all-server.yml b/examples/server-mgt-with-ansible/update-all-server.yml new file mode 100644 index 0000000..23144f6 --- /dev/null +++ b/examples/server-mgt-with-ansible/update-all-server.yml @@ -0,0 +1,19 @@ +--- +- name: update all CTs + hosts: container + become: yes + tasks: + - name: Update and upgrade apt packages + apt: + update_cache: yes + upgrade: yes + autoremove: yes +- name: update all Baremetals + hosts: baremetal + become: yes + tasks: + - name: Update and upgrade apt packages + apt: + update_cache: yes + upgrade: yes + autoremove: yes diff --git a/examples/server-mgt-with-ansible/vars.yml b/examples/server-mgt-with-ansible/vars.yml new file mode 100644 index 0000000..cdd65d0 --- /dev/null +++ b/examples/server-mgt-with-ansible/vars.yml @@ -0,0 +1 @@ +aptproxy: ip.ip.ip.ip diff --git a/files/lighttpd-intranet_FuBK-Testbild.png b/files/lighttpd-intranet_FuBK-Testbild.png new file mode 100644 index 0000000000000000000000000000000000000000..2880f660440d4ad77efb0167589ca2204e61bf8f GIT binary patch literal 31748 zcmZU*2RPPk_y+v5MP@~1*MrI`WUo*>A(9e>ij3^c>`F$%EG6T~NJhxsqY#zI-doAa zo{#ZexA*`5zT@BRei1#?t$-UWY)^!sf=LP4HJN=ieM zRW>8s=VsyKJ3sU7_M7`DgJKp6b6r1PuQfHrI%%0^PgiC;g`9O9t@YErwJ=(@>fV}+ zPwPIf93*n4_VwXWjr|L}0qe{vUco$-wTvcrg6u_1z8CI?fpd@P!2dB!+Mg7CY2Z1C zz9`WrpfA{cY6|ovOhvG2h!D}{hkmC)?j!mhCS5zKe5;m~;eX#eQfQ&0tIN7K-^%>) zKAs!Kioxrn=k^}xz;hZ?x+HMwlqd%&=FSXn$$k9L!Gmw;Niex!c+0RH!5@1+qDMb6 zy$sJ^g#Tfp*NlzhCmFG7rxWn6BhTPhBSQCnAO6j~@!vPaNJ#d6TZtYXpzGt~^Oe)4 z@4W_V8xQ6;F&;yYVZ$MJ4Hh@NPMtWRbNO=k)2C1M3=Pv47w>cUZY@l8X2z7d&Zdu! z-Z{j|nvtBWdiU<#Q^LaZvXMJ$RlD8<0vj7!$FE=S!8_fv zw!V7fhIQ!l)YS5y82fY>H$3K^y}iDtXPJzQOnXa9f)e+qW>*#wW1CQZt+)9@K3)n0 z_-}D(=@o%spDp$B<;%atVEKe)+*QJJ^MR5Q<@cs zntes~T_GH@`KI;s+r**WYbq*_4R737dvFt0eY%SZ8%EoUyL|ihh=StoZxP?iLzUh& zgH;6uSIb;yb+xo!z_bf2TaIeZ|Ck00Cj@yEX7l=n!5b*}JS>+~Zb6TelB5gogXJ#8Ci z2b|lqO6Mwx%M0~f87V0jI5;?hSrpcRvn zV_JW2raOnY@|U>nW80H^K1R~M^UD+30@&`^!HOF{fBszcj@>8t&G(MN?v|7M`tak` z=BT@A<>fbFN^Q%NZD+mK9q109R;uT4iw%+eCuQWb@q3ZD-COFC(fQFJ>8y3uoS5`-Vi4*VkgwzWNn#s{;BAsu}n2O*2Laz1Z^tso@ z9%)-XRT4Jc?|%PyJq`P$Y1PMwnW175-yvNy6g|&yMAVExrU?f$|6a!_`JMH#-rT#- zj&NlnN6e0iJ}U_V$cv0H5ZYcOx}{bCI9Wj`!r=^%xE2 zhw~b;-6YLmZ*61K-dkY35=q!ng^kmAEj%?;Rb}23o3=1kKOLq*-@+5fo~R*Qq6&L$ zSn8ZM_+WygV)46xYoETc@t{IqGRJ-;33y&uhu{xgI593O9s1J^$3yk3tkSm2Ha9)? z7Ex|7NMU3AKtVylk>>}aaj=eXXksL6TQiFWPg%`f4P=n{%Z=i)Jt2@YeJoVbxSq?m z+^&4#LZ(TTv3=Ecp|R)e*}R8jO3YBY8cuz-xNT7EkPx?AR8(YL_w9cMlf0GpEDTZD{OfIJZ)Mdoon4is#`!=MGL`5-j`Gx!5(BjL48H3s22t-L zBA9aw`xV-cxp!IigaoHT&-8PZmnyu@YZFG8lus#rDTaO-zmmEP#<>s#r(VLw?^wVmlY+x!0fGnOME%q6FaGi?9~K+u?T^p(w2TT!@2H|e(Jk-N=a&=ov2oFJQxp00oC5!om%&d zb$W+5rw^y>VJgWj6BzRI`3aW%AgZ{IF8TYV!A$zHv)Z zsKWO(Ovw-eS3Mfi`L;PxRz_wS?OeR)zspbqN2nimJ3Bk$me&glC4>xeRVU&-vr66O zvgW+!JY`n9O?8`WG#F`<;;xrgoXk}!PWN}- z#HKh|7vgNuG|Vq~?TCRuwAgY-M@Q-Js2k%;8{)1r*9W|oe#&hAO&U%bI zVO@q|p+k+S%RrXGU)Ix0w$3WKU_$KensHi%uO;z(DU4g{1gBCfnyPx0&$jaqp(0B-a;vr`UJFm`s@=BAot=ky>|!V&sr6nCg+NT%becPH}65VdYh} z*LiKl?R?jN{b>^fUt?{B4czQGY!r@sbwQR<*%X!H`oqf2j%+x5+O30EICf_3ecQ?( zEa|p#l9(|c*yjds?z5c4by88$WN2r#$fein!{k&(cIW%o#_9Sd-dEQK+)Vl{_({WJ zpmM328AMUi9ZfEAnz;At-MQ6SRH*(m#bx}Akrbm1j%|f1`{>c5{JElv3L|(W;a}CR z58V+_)uI8{m?pU;O;qO%3+}!8S3E{qyd|00-%qA*8#D8XB_%C>qW+bdr{B zDO#(xQFlvvS)P!VzXL>)M&Z{t7uxpcXUtirKbmwLGJ0$MPNDSDsLLNY#5H|Lo@>J~)KM6(P9F&%eqmS0Q# z_|c|n=&rKYXVKXe+6#LCUutYx&iHn7ygWL9`L}B*ogQuzY&^DuL|kiMzj3asr@_K% z07$JsF@WsMNfW(A)?oJ`-Xq=EW0Dt89QtM}9FBCr$uab_ezy-|N^k3&s!ei#PfSe1 z@#p|3ocj4Ol|}@r9Yzm+zj`b8Aa~?1hSN|}3;b6}w2SkYO7nmKa{hIWYO-V^zHPv5 zC{x&|^bI|OA5Sa=bpub--O2QftXBA$HKA@C3QOk;$-#!YGK|66*0w|2XYs&QJ-xqK zW&c{4)YubVoA?;ObYo!+Eo9^{tFJHz^OQ?Zda_Lv<%u(SrNfVC^>lRJ8I`$CwrYrU zKvlW0$S@u>Q06xMT_C&t!9?7L^z>74zB?NT&z-gDKHZi;qJA8@#ZUnup$?RH!;h<7 z?Dgc_WwS58%;mitKGJ}_$+hkhHgfn(aa7T#9PRuz^dVhpT;9o0f{Y<`Sv>=clEpxJ zxS9qVz6^7c9oh&%%lLv_TKA!nQg-ELdXvnwV1zFgk<6g5u7q-?vG>YVIyMPSk*cj+ zpM_^8CqzV=oh>olAX04pol}#v8ZE1EJ1mRp49?8vAVAHS(Bzf5fqs6#J$|%Q(yfC}R_jOh$rA;Kkm)e@-Yg z$G*M@I8GKe2?#AoAiG=_5@-h*gWS6x!eyHLan2EyOL23lSy{ro#N=(N(~l2f)nt&w ze7458rr}hz{z_1R*2)Er$224*+y>RKAvfbM=rWvFdn~M*VxG6kU>?6|Y!s)o9Ej3DSU9qgsxN$#hqCS57@=2CIqJWvB)5 zlfN(=iI9@gTi%Qhg~i3!*M@wn0`?y{hKCB?>Q+TGqMxS-69?>5x;d3`_Wro~_8-Zr z7L@Z)9(Ze=b=lN3X>uN`4L*c%|74DPHCO(o>xW2{4gc<3`BDh<6&Dv7xOqFXO|nm3 zN%>pQW!wgUbY<~}$TYN+&mSm1e*E-dBW!Ef`BMS{XMK0P5L$@PgT??QU|H9h)9gpE z>?Pv%TUocgny|4nf%@&evH(~sBR&0lhlHgDxhR-{FT; z;(#U~EUc~?8D&BN)OPyQc=_(#_dArcEYyRXn(Bge!}V1D~09fp%F* zc?E|@yv5z-Pbg!gnw!A%S?Oe;G zW;ycZ$x#I_DIo==fJ9ZQR>4-TT4=?$VTPR}fn36P=zP0=N)Bm`GH{O-6c$dwuC<^> z5f&R^HNy&zf~=|?4*;il-JA9MFm;8>V5NY+Gb?kNJF*trL*8pfu!06WjMSFXotbYX zY~K$00`l>i|Ge2Zw3Ct)B6Bh7uH)I;+$x_)vBTG{Ur#NYtGodS`&GUh%WUa%RvRE} zIyFjc!3stK`3EI6gp|4f$R)rL{R=4XH|iRn?W3>8AX(Hvp{eTmwhMp@)jN24{5-U< zXx|Y8xbXaN0szxmXLU@K1WPuWw|Nb1EPyFakH0)dp0fq6*@Bq+xrrlkvp!P@8 zQ~AOE<^x;OJ27$hN0im~mnRWy+kc)MODl3;xD)5nX+Z3Uv0I)v%3TCRjFodW36J?LpJ`Pck`x=3_I39 z4GplzpJ)qls6}lFm^8pl^~WY#qpYRtqtEUdboz+h!oo68(wgnbQ`5ic_yq7x&665G zaX8Vs2x9tfwh^2g&(y0&AaE}hlL$Mn4#0a!s_SSvoZ^{2Ug~57@RUOZaSFX z!8Bk59#PPWLm1;*(UD(jRy6TkojC(%$c(;fD7z=m!WxB(gv}ekUeZ7!MAOsGi$lm! zAhd^aJRC!`lv(AA7XjY~(hg!uhusETUZbBMI&{bimPBSYzfCic+?|C23xlp{vTA3# z%DLmJ{x`reC_-dh(k1NrEoH>926s5Yzj`bPnZ3P+h>bwNb}|gphE#CDeUWzs$ z3p(&O^t4#+ARu&W^!%xTvLZwXaCpw-q^OX}0rwOXdDq~rm_-QcJvO`)Q0H$E=Mn`i zfmR?T7N6rXeJu_ON-pG{-Hm3KosEeY`h5)^P|w)`?=Hg*P1hdKeuXE_SNtY~=QJ$T`BM9`t3)&$T+;(#6c3;6rbEfY*VAti+` z&huYMdU|?m+K2dbz`RNdTvq!T87iff_M@YLa2_xlkvJ4tV&;w98&rPcme9X6MvHZ{ zwkDo2{rVSPsSD&55MDJq6H6Or2G_cG{cf5;?aR_62V68xjTm0ckNu8TtkfA^0qhy8 zNMU^>pVq}XVP<8oV8^c$?4DXaK9z`2`ThGhKH}cJ9epkz_W;s|-3+UA$qt!9y{BBu ziSZxLFUX&^){@{*G8B5-NSwaA;Om=IP?wzR$h{gByXB>kT`qc!pKvn`=Cv|6WCCQ) z$si#y;FdgNCpSnI>V%CJa!4_Mrr52b{CvxmDY4&ck^+o6jl1t7zIl_)zg2pp7271TP`)z$SD+QtC-y28#MHULM15en>HXB)BWHuyk|gF_1{G)8W1O=}6w zp<$6-9DvIL+dhd`QBiN{X;Hta6joj?$Klj?=6iGV>t({YVzr(OW|ry)+{V`s4uohk zfaf82Ed~RxsYyj?hNHo%KTj-8rY42xo;&vtmsV2pfG|!F`%0qp2S^P>UlrQ)BtCsg zgQz5EIUz1Zfghar75ve9S&id8AUE~im@N^5Tr)znFAJdl1KSp^U+31W*XKuib4&vf zo0fT_NS7Qt2Vi@fe`9XzcuRl(N4FtwH$t8ew8$Nmd1Aow9Tm3>LyQy$H1*KvgwDJ& z!VY5Uk8G+U67L#pe%G&rM*J9l7r&#jvSqPxg~BhkWpFU-AsH2f)x~Y%8bV)YTzwSd z&<~A^|Hwt;4v@tf5pUnV{ld44`Dq^Va81d~)S}{W4g(JJEU=E526j|2Pm-n0e20KikUz6SpLg%vM_r0Qu{tEYyg%C z(TZ?h;+$LY9sta=0?Cs(;Mc#-kJPw8?NEPOH9_dOgEgq;Y~R=c7VPgY6^2*1IPcXS z55Oh5Ob5eqV4)5G+Di1<-o!^BK98gdh^w6DCa?98K$*$pNF08z=K_e&C(Xz0bQ!B& z+FYB82aY|mIghFh9w?s|Fh3Z(z!gA|xt8Wbwiug?K>0=VhQz5C;iOdkWr9fMPlb%Ie( z0q)R)vk>pIX+?By@ngM=ao>)1<#~mUmiKZCNE8q}8uu2p*BCMPF2rUZ61bKMpy)=S z&1FZ&oXIf1m+vs8FQRE524Sz^CFoFldshJK7k_zy1k>e_-ff~HB|*$1?CaGcyMcVi zu?x^b@!#!J;!8lUy-NWF8vO#)0>tAyJtPnjzh%*Ig#t@fhgJ#^if`W@U779Ehl11a zrpievR|l&WqnBUSfky2F03QfQKyvDv3fDCu_FwjsS3p#%1nj>IrSj|ZBT2wL@wyQG ztl*Gc=gaSY&MDukaBCW3^$KVuBS9E88M#%Z0ubw{^!;SghkksQVpI9!-H%NYF-;g_ zC!45QkjL6TA$%{eyho27)h!gc_K<|z&8DwV3$ktm4j2a&)Fk)#`QhLN*QWc5vb|po zm6pn68kKcAsA7K08Ur(p&{ZV>{Jt51sE2M-?ig5bYnRE^^T#hd55ocaySK6U`{a-X zrL!yv);bgFyOre4UJd;|@Xc0I$GFcN#2PLt5VR4kC-@^`Xs)ZzzABEX{uqX7s&7~A z0{NT^wLSIGBU0P$PiR3;4)KSbf>+4^5I~s^y%hb9pkdbDJzU5u&CwhjbX| zBFKAqPudVTDg3{Qn?$sM!#osMP}O3^lZklZ;V>1~YpClvBULU+CP1UJcDj zGE)gD!OkmEQ4|#xrh`OdU%8P2=%)+L{Xzf(S5|JWD83a+{~jPXhAEk!5tD6$+y$(F zVZ<`xZXnrZhfDcgN9QI@j`E#;wz157H5o4+lsG`u`rlW7Q`SSFj=lErdct&8*`)~Q z0hg}Hey8TM>`aW1k3^&H8mzwZ0md!gc~TdW0wx;S(-RFHiZ(#CNZj@agRjnOVWa0? z$y7}tot3@~4+A3egIQT1hwGbCmuWt{2asui8zLgMYro`P66a7h)apFe#*^G*)<%-t zk@&5=$~fxAkcmbsE{W;jp+jjj_(y9!KTc1XP{N@)ylzSOLCu{NKN4cDTb0s@A1ch*pe#Nip_=KW}BXdrTCKyf{CxBJuWQ$j+o zaKK3VL+%__{!y1?WNc>#Jvp}w1(ex}X+d=gYeR6+3`yW4AGg>yqEX_etLy=l7gn39xaWv1tf zNX4@5&AyStq&Qj%>^ZEEN+A6!ocG4>*GNo&?0}_#Oq_}Mln7@aAFQBX3OKGToCIfe zG`fTfs3W8m0*ZksI!$r;J!PZ_=I6e>5bB$+?c@!#)-M`z)AezlS$es7C1AbOd;4gk z=`t1La!=@i2cYMS>;Y=>{~9hBX#xPCb_dmltB`mE0ROnp-@@w}8F6GPVt%-W_?~E? z8-?BV*iB%qrl7)(1cg0=Q++|O{o{Y&QWy@vM;*eYm zmA21k4eBi50PfqL^_NyQypVp4!`s^0Lf(BHjLuUHTb>xmNFOWLM``h`NKyd=KeOaX zgP~_d*nwWTxUuS!54ria)KMVnRDg+tUErOS5BUe2-O$8ZobQc?stb5!T_o#6V;hlg z(ad>PT>NmziIO*7KyI{du1wFGVwdDs+P&$iQ(#2%@Y^n&>jDp)RtZr1ur$|JJpZ@3 zHI0a!pTEv7V*pF|smV7CUi<+{HNF*kLOa4w`0e5@Xss2uC$%Gzc~k=aqRfQ5 zhK0#_MTC7);(iCX?8V_T$`Rubz&_g^HUD#roY#?j25Kh0H6yz+9q1+K`HqCp7^8Fp zVjxJ1J&M^kOYT>Rkv({#Mu1*idhTZvG;ttAYPAlIO(VJi)`gA&W4;Df6wvVTzygl} zbIcY(jfLGPmzG`HoX(yGlJXS}X*sM$&fz0L!zkLi*B8cSb66R+D6s06-y-?@#tI?^^9JC<&`YOFWn*_D~G_;ZX365>|M8i7``0j3})cC1g2fg7XPBy2SMCQ_oBp1?4e5? z3e4xcJS~`yIT|~j2I2(7KfnT;ON8Cn2>0BFcUvgQu?F^`tv`|lP7{~F6yf6R3|^@G zSC8}#9T?XS#_M}+oa_@7HO?3DMTU|wP#r#qr)a7zGGNgS#CpvCim`DPB(*p6WCj5& z+{NYwQIKIxWuO6gH2!a<5fuNVtiNQRPhi7_a4?;Gz}Vua*_x!rurk?J?|isH^dRQ& zqQ@6d%=g(N^Ed1(I-IHZzWE;PDoGb!h;o2;jAz`AHVlVodw>WjHA*ZAn4bVD!LtjI z+6q>unW1*zkzgh7x)Vp42q#bv&?rbWz@GFLXoM>66psWojz|I5o8rFQq6WB+7ynku zG0{t*Ri?OxpW?ESYtP-)vm`!?k%ZKOf({4OKMqHA;E0z<%OYX?hF!_|*1_qOn_$F% z@=*xQg&vT)uW(>Cx(9Isje5XwQmp!T|kxRqeTlqlzk+aPCe)+_Gt;F0kK6`7jLJZuo5iB0d%12F~iJpSUq@0vUk1lUB+ zPYjI#cT>&T94FglrryAO5Tnk3G7rjf6s}@>wGaA@)9m37q;C@8?SIVf1s3d&W`y{i zT53p_aBiZZklY51bSSSLwQ`@;!O`R26Ah4kfOE)w>;>iVa}qE?^{Bi5fnxw0_rPVe zI)}1*wH%B9+Me0&9F+)ht5)2leNThdow<`~Map#`{f6VVwMa_5n>w#?uSR_RN~6 zKp@+Q(|Q^imRk)im33$w{}L8^0{g`9BNs{E_}<-N69))XGd^<*8GwdXAnHaWBNX`f zArmu!W@c0u+9&_0(lTP)dGl`HCiSZ}U*S%I@(C>2X?8kMCJJoT5wvTK z-afU4&sFe-1ejF@XqBzLJ6U9x4q~4W1q#40A{i8Or{5-+Qq((&2FSiJufYf$0)RmJ zLtv#qVB3PlXLTJ^T8YE^Ff8XC#fdjdbL&V|c^uAt;4-GvI{4UETV@i6*Huw@tU#O* zL-^d!9cC~I+Fuwh&f&{GX>UqJghwNiE4_)m8vfAek17qFUSB(ah0#H8RY9WzjQbuv ztlEG(h=t*h)#p?F(x0DVhwZ?e1DMR(zmCJ5({z>(-2kv!X1 zlmRY3Xd$uMM?KLx;9n~MP>pW|T=Ef$M-3Ct6&*|ofniXl&cFgwP$-2UArRyT93Exm z?ND;%vAq)9*yKM3MaS$LGhP=Qec)HTCv^+}upj$`+}bYMc9a}O>t-}@RU1F;XL6S2 z6z;Ra`^AV`MI={H(E#T7X>%GzHi_ynkWBapuuwFfB~c;?`vIMuDS@~Pn>5@sqT`>Y>` zjq{|{-0v^e_wK=qfU18F0#s#FGniYn*mOdYum*tZFLIl=cLB{jTjkPse}Q2=)4+oO z+$VhplmV=R=66XB>`s?K0ntmrAd2@#?#tJ&`SAebi|j>EPYgCn@C2a11Qj7785v|& zS2>}B5m$shAB{-<)hg4_DB}kvmmj$Mi8u!xlzVneBnp# zB?%7I|9{K&b*(D~65J%?FbRTz76MGI_M^4IDJl(Ck^B}GU(UGwyXooGXIpgSIqnR9 ztiz*8#`}g7R>>r0ge^VqhjDpdqSr%Jh3hB!SCJVLs0F@!IvAYK!Z;OB0g%&+1}@1x zSR7C0q^GZO!cMRCcqtD4xbl~5x#yzGJ@FR>{5;R)hoO&^fCh^1jfJ97A`3^ZBrfKreMEDi|yj|awsgBrP0KaesI6r9<6d<9OUdG0Qz}?twy15It zEu6X}Jac4b4veCas1PXebpr)1|3}KNUzsHAxD0W(ueTS7(OU?K-ZF%T#~oOn?rOF> z6tK2%X~GXG8d0MH^{(h`lPl^eT&H^Spr(XD+LIn;8(I&LPl2&u&i6T~96;k>drm&7 zN)kpE>+Q`ZX$OlBum#8EyOo0$JNCcVaatHefh56$huYX%;aP;3Fr}1KaJd5QhO+|d zJs{~^sSf6Tvn$K!s*Vn~mHjL2UD#KLsTq3kPNk=&LSAltNLoDxVvSuWyuIV&a0EP- zK~d>8wHUvdMeo%MU^X{I?{~tK`V{bGwYWcOS8cy&W32?F~_I z2`n_p^6{X8!W8KbVw@89+D~|v->IYdZ(x5K4_pXg2PBhBM&TDIP3s5w6_yHWNiK)1 zD-3xDvxgy{_>tR=`g2{-&%y4ymrF#i0-FdfNM1a+N5_By{%hKHXr_>c=SEhDwt$!bbj(cI1@U{frtN5<5>NaBM8zS;VyX~RTKz6|etF#>cM zNURo8$C4jGL;j61obl2D^CoD(v;xE0pf*5$EN%q!#X02KXG?h;-w6EkEgAn<2>?T2 zr4Kp~%?2ADrm}eD>Sqz-@@`IxQNf4$W1h%XVBUBb-wH%HoT#wzhSmFDsXzx7xw@fY zU=Z!i@)=;mH0bP(+t;)I=ubvutzRdZe?vwuRm~~OFb;EfsEJl|5Za4`H-NF9E)Kz}C4cWd|6lawHCdCW>%uXE`mgs6n-7B)tj83od`ji9 z6nB&0sHP(4BLww3K5{w(WyN)gQG$HBNyyu zI4eN30ZAyHvX+!?S%i?-!|bRDbBgxwmm1*2`ngN-AB=lInaeeoqBcG;(Ps)4KP>Eo zg~DYWom;1wacmTRYEo5i@-fJJs?xOBgzE8JF8CfhxN29|!LqV9!}&*&gYGq)vP=8T z6yf}w5D>_#|DTu0(nuW$D}ouSPMlQY1$wdx?M5|i>;^f7ANsz(6UDojKr;ZstB%3^gK+FpT21x_STHQ@LgffYc_e2TT(FRVtTOBf zd~S-0QUt6I21CNs&(dIXuyuZbIpOqyW$gISJpGTkHKz_V8g4akm%yKKMr(j6Ck;rh zLsu;y4-N7u*KkIWI{nL+k@7vbvK{&P2v_6C^Zh}ALvuy-UIC0E6BE?t$;7$sXp8tX z(A>M$npd~J`-4ZXYK!w%XQ%mp;~8fgJV!E20=DuL6?hP5S4+!n8FJh{NL)JbZ$CYV zIeHq5;T^*P01Zbs0^DHeO5D}aH%Tz1d*Sx(RIpY$uOL|U7Kq!hEogN>0R8XX&c}}k z!S_I}wb^?dSo3-y693P(sQ>Q*@2v;lHLUy@+Hez1LTJ$;xJSYV7B;0am%yH)xe`-=npGD+IXo?E(y%a8O zVDA9HUQoaroJYTS$PXy2!>C-jKNKSj{}(nvaD}IP3=H4s=wc!#goFy}!LtBhBp1C8 z1b2CP|9`;^f`NIc70DtC91({sOixem|9vyqTJ+uPId`7O$3w^dU&OP+g(S!u7Tjn^ zs(=aQU4?rf)@o~_weyQm<@`T0cqvA3_}}rP-DQW8fHD7Wh2GuLMKjy-8DcBKGyRQq|4Syi=+OMu#F9ngl8Qg-R|K8i5~#P z>ml916i>lVgYvKwf`b1+9P=i*#FUh;0Jtb1793fyrXOxFh}tjFYEnzI?x^TXRlQ@U zhIVxHw;UOx(0_UQKmP>3wgf9R;G}y^a-;tx7Tt%C0KwBU;|PrXf92R9lv94@i~zQm z-1|CCRG8Db0fU77#)sp67Q-4R0t`TT+Z|KxKdZ$bjV zfitLauWe&9h`LLlY@b`pNJ^@4P*q1*05TSo;f!@y_Tq3Tn4wi$iyDxGu0j$r2Pm{! zoSF&<6V4!;^b(bYG0EJgEg#=%XGTA`eG^_~9(A{F<@$sm-S9PwjCZ&VuSPN+g{EdE zzZq~Dt2#gnQBpaFu2CR~2l)libu<%`Yyc)!aCZUSs(_mwDPROcSD=t@{~;A;DuDm% z2lzC9LBo}X{tl4n3WP7ZF9l!-5h0+4bbyo#_a4mAr6drIkxii3acoaHQ)74Z2VwUv z7rOWH9y$8A*M_NE{~Oa z$Z>!Mc`e&G6E(|lc?(zoB;?X7ZaE-b8JP?M=sC~@JAf^dz+|<6buAxyS)^_vKc?$U zH}FCr6aY3%J02?6y0UN*bn}+>v@6KOL_y19xwEx_#2@6OKt7~Bv$y3hZXu&mJ+QRC zi}zkNfZJAokxdoIeni+Hal`}6Q!9$QONxeh<}c_K)^8cPbX?u@=|VpA-6amam9&rF z0Y5ETAJnpBl}?>P9)090+?fwl{0p6H2l!>vv%y)9>{;O1JcUPg>p#teY^ZrE$W<>~ zGR}2Bv*8gAecWs6*+;yMElGKo@@<5-%-Hd$Vz79+;V=Z zB`FZP(vLudO~Sn6U?Qx$-vio>P-vJ9~JrdxU%NDr&e z@%kDkT(xx{d8Y%|?0zBdG`b?SyFIik1O(fh&srIBVz_+cef<}dmaDe5naFCpcMAbs zasU_E734>Q<;w>^W8}NNvRNnMlK}2tYj9t9fSR&A#zPF0Ll_>tCo&Njxa$m5=Sd*Z4U(pKHiRsw(qCTBMyUy?}<9P^RvJ;qJz z^IXA=%ly_{-#j!wS&G$#uZBP0E@LVu3=sf+Jb+~@OeF`iJ*zB)hl*z_rjXR)pMQ}tl)RHC#g!%Fw15o3b7a)q`X?WbX7 z?wfLUW-x-{y9QBlTVOG|Pstq$?ZZ2;Q}vEPr}sE~Jj$%Gk&2&d0XLMx!ZTtnr!9Sj$R%tTx+|zws3$wO z*9B)m?|K+-7aUdYe@}AX>zBn^hRpbjqrp7APSdf!Lq5duvgBmFtj#SAe;&PVnIS%6 zr)~EBt9X&)6VIPB;v!mv$<3ZZlkPdw$Ulsb#4@N=-D6E; zEa9Bty%$HV7@ig~hpFo_XU6eH*~%O!bZ@pCUp*5(O26hLYIvr9wYa{_sHmB@eNOaT z@gsruQ~D0!-5V8-SEQblX(tL7?Co2A1}qBI>^Lb=y!BbygA3`(2Md}r;< zQtjr^V&}Hn#m)YMs&?j+rdD)L zgDi74?lL7phIbwanaaoW77x1+%Z8=;Kh{bqj(yvVC5tw%4Psg?UP?YT&j}SAT{lcm zkHEcp{n{xfRXq4*wKL!ToO}`rdw#uR{|aY$^sH6pU6b~8eBdb0z8-HXzEC)a6IJ0n zIZ1!@<@t;MOkecP65pOYc1S#j-Jx%zv{Xnnju?FHM9F~b{OUk0*Hm$+jr)+FI;g@O zVA#O7LhoMO9TNy}ryXf~juRA#VICvq3^hMP%4Y59JB)|vObPwI|f^?;CX-aR2PH`h7JyF~8u(!vPv!A0J3oE#$J7`zCcu;^rex zyK7w~b2@dpABn;F0}jM}f6NaZ*9&K{D{C>&Z#x;)tY18a#VXbxyUEOX(@XV6^!+xw zmkrZ#`{oV+IH~*u)Dd6?!0K{Sps3~7PY{Y18?OUs*z*GTR>Gq-@{f2+dJoufO?cT9 zAM(@DJro(^Gp%ZV@p0dqW3~dtM&GrvJ@SdFh9nM4hH7Qn`L-@Q!Z&5FmzEeY1s9kM zYPB59Qoo2ZU|4$_;8Bs3`RDEzA{ih>k#aEY16E6iMb(3>zg=$uBws+%H;$a;;J~Td z^pcTWLJ#OyiXGNyS+6*VvZrlE24wM1N&B+~2W*GAw1Vn!r* z+KJ3lPE1~eCPIz8upaG=(?zz%O^5rR<{L7VCo-m`nyzy7SRy50)#vN<^fdIOh>l1F z4HexBkARErUk*KNrJKx~6Tlip|*FP*E<}@Q-=&VpUc$^Gw3E6UXF>%y_@s6-VE8 ziFChU-QrlO81B(9kY7@K@(Qoc?Xusw>~vUy}F+} zMrw(CbGIUtw7MpiqWX3qhxzGZ+`L&|$3d*)aKW!5V4_NIcFqb=s&4zEr zAD9ewC3?l4;m`Y}Ugw=;TdyU1bzbU#>hue@L6(0+#@VGq|8|=Cj>!wRODM}rbQ0@Z zbt%mfk&rwFND#V)Noa0wH<3NGXnb=UJx@5AzN?-y#A#LjrZU^y^D?KH7DIn!UVSjZ zpGO#l+Dz9(>%0fi1LzTt{2LV+(QyTsLVsEe1H6c9`&PmyW)@OdNdYe&T zJq^+P4%nwP2$}1^!2zuVvV4&UE4fC6PTtFe5E2L38;9*EcnpVJir;+sIULw$pZum~ zmR~pbP;;ZD;P%P_&e%?Wzj6hYT_{hGWLDF*S)%1Wmtl%Qn7CH*KIz_{)bGSu6RfkI>&DqGdB9_N71>67pu?yLD3tERDde4tA! zLo>OSx8Lch1TDeR`jUh0@01Q)`1YH@3#qeEcUynjG7T4c3+O$ZGGA5b?CYm4pgAy2 z<2SiR)B z++YV!QRaou0;DZ8Z4Pz#azd2@kwmlyF00QjfDHzim1J6YHr)AgT7^3gA`*x3|EMpy z-kHpU2srg{UqR^gQO7}+lZBQG7cNeX8q87`5gbBY4iIkS)N;lOmI}q+@gB5O6iEps z30f`FAq=StsOL1U%5t%4KVMKEU#H}blwNua$Qi{7wAzl)l7hQ45=VDbJV;UVBum;^ zeqDh}`L?|G!>p5~5@%)mcU9_`CO2?nP7{Jbi9f^m?+YpwcS%MmpVVFW!$&`{TVpHP z`Rbh+?OJruvdojsnJ0#4s0*?k1T0$&2O|vj2N(_n=i77N*bjFL_Z$-Nc?C5s+#Hbd zgi(9B1O_v}cLB#23$I6vI)pk7ateP7ez~lw;TPNYoVSN=&_}TDQvP-cQ>=T5?Y>|) z#grnZd$KLYkDZ-j$jhuqrnZdcCj@jaGtSxC`JbZfw-dNB$W{FUQNTDJM6v@H{)Cj9 zN{YB4BeL|Oo%+>5*#k!`?vL@|sn2R0wNp&^`gx7+)vfcr{}ZcUShSVLQ!Le!B?oP9 zGf&AoEP0Izd5OvgJIB1NFTFp?u4ahew_}uiDBNAqv#DOz^!^~r?2b|jo1FV6d1G+! z{V)9w%t=oD>znt3KdYCE=qmco&n59PHgRrWCoT`vj-_bvwhLO8*V7fhknWXGw&f46 zT-W2XUf^2@H@tkTf`0N~7Tq^nO}iW3$7U7XWj}|8u5#ROqi6lM6CSpHJmw}e2dnFF zB|-G?zSdxvUweByIHEKn02sW=5qoOPc#33l%eUCTvq-+}bKm~K%9uWQNb61wN9vLC zpTn;nIS?;i)AmY^{-b*1g|e+!&)SQ^ICa8{>ye$#_kHMPo)G2yi3+MjuP0?yONHv8 zv;{A8LSL-x*y*qMX*z*(ux|_qWT;+opu5z9^9zTrkL$n{{t?UaAG0>8DCy)f#%lUs zR8Z!9YUjgh+u3&{rf-aV)F?bCFb1b+xX8+`ov(VpE612O{Vw@ z+^ShwQ0u$)vC8R+SMf&US7wd;!=pWvw^~7NojEhH+YGQ#dK6^Z{Cak(Fqs7NeKow? z3Fh4@KTm({&6r#5egsQX)a+3A+$kp9qiiht2wlOzb&t9@$H1p2`{yEg`>o-)Iw&6s zPw~HTn`Z3@y^l?C{rMYL9e0|3S~E?1vZWQ&AGwkICEyTdMmw>w`=4CH4Hq!(tHM3v zihMU%YcZ8q$HL83RJPft&g>xp!A!=qr{AQlIi_hIvNg@B#ayM2Kj#+7exXb|d3@lf z^{lH4u6OCFYx()oTG1pVvg}h!2d!NA4xpm~6hkd1TtA)o zAEhh|))dhVa4Spd=v=TxfNXfQ^2E-UpQU`I+wNn*?IK*$J2kv!BQy~@j;a@H`&l#- z%rlS6n@mU?mtPwus`lCyPuM9760+6vrs4qn^iSy(ABu3uHc0&<-CjBBT_HB&P5R{| zL<`(1#7%M-^G=tGo>+7U-GY!57az(>Vl;FZd|B~0$=}}asj2w z4tu)G33pk$r`hU{s>DW~hPoHhy=gD9H}Nb7a^rvW$5FW|k$MswA;zqK_W7-O@0tQ{ zRqIIV5TRB;vzPq8$Tyq)^eBy%XJECMml%CulWJRhM6LH4&TgnnlPT>9zu{KPHFD(v zNxfE%e~zCsWm*b3%Dp8Q0uAH71+3Bi9iQ3toyn;O)d}gDh(7}&gU4#9QW2+?YOv!V z_M|1E&$7=k#>T(YWZrdv&$z`Sz9#d&zsETd~gVz!;+tNpnfDF1tI=qPks0 z;~Xwnd*3JKElEh)N+)o#TA3@f(p;LaJXSZg^;~Q^)JD>-U&?a}`fp%1`9KH`1Gojv zFi1Tb8er)(lR9P}%=?*kt<2$@YwEaUu@FzY#Fqlg;vNe@N3}9}!)z~H0<)N8ol^d` zbmWZcfnA+GdQP<)wvI8H{JCGkZAOf1)bZtc*Y_8^Fsov>Pn=*`c(5lc3SgfVbz z;#;9VY47a?Z$dH~m=7G|>7C(LBIWS~zM@&mmO>`E5dP0EqIAAST9z2(sOL|}^qTg6 z{6xMR``lm9aMvfX@5SBDe&vD#^+_#J6(j^vc=g=FW_cH^!k( zbh7ts>$i55w*Q0e(Hoe z#htX7iLOnFeZR)5Vj9pYE`G4alZ)a^Mf+K z!Zk1JszLGI=JMvA%1vFHXZ~+LKc@05d@W*PcbhrqDUII=r_tJd&8ynJn^(M*Ho_H~ z>@R6rmvr{L;$d^tUjvDhK~8 ztbQ3!iQQn`$9h&9L zJvw^`_48e(O$QrB)OSW_e;v0E9CDATiJ^5Rlean5E?%f(d(r+)QPnevnAzC8OJ|qe znKIUsyyxLl05&+s1rtlWe=|I6v?#tQ9M?qc2pAlrt|Xi^D_p{)zb-SXZ&l6g3xttCztiXWJme3uHh z@586&(-e4? zmTk1-<)Yyu0lt3`zr$-p&i;P&-@tU*AdtGYjz^jH9YQ9;4klHcQdY^Iqt)J|j_`>| zEFYKz(y$<1;n&aL6OX7J2n!n8+C@^~LH>`Bn{JBw7&A6GIf>)tC7B17_}+z#6CX&q zpUN*aip9^q9e8w%IZjkmw0QmtZDt71F_L-Y+s>1>Xkw?0R6n6Z!dMr=rFhA};K=Yl zmUf#%$6BSf6U)u#|2n#=R1`Od&ij~KoT`hI>;lyXcxiEt3R@Hta z*VGupv4)0*`9{)p_}m$z8edfkrF>cW1B}(kcXFGVDMuGfZ+I=O0-1my@@lw*Cf^4Z zu)Nd3{xon3vOa!%4gx!=16+|{WMi{-JjRss1$;&P8OMXvv2Gg)L<^%zS#G?hb}W(x zyImi`5kCuDh2a}j)sMIGdWt7gVm_j|!Nmcp8P~O3ZTs?tfI2IjUMj{2pH?zyaNrhv z)CnwP_$|0u!Uo}RtsVxQDqZdd_ZnFE!gUf!l^kT^W(F(R9GVaGC!VK$b|6^&wADqW z@P>n|to88O2Q<~-#XSd=v@Uq>eKGT&Z-4h>J;(_QQiYEvkn#a;_y&iHD(O4e&G=ck zkw5SS$9zu@qsHKF(Qn{A{r;b-z66@;E^7Z0N-6GD(O|mWQYu4{Inu4JOpzoh86q?o zQf4YI7loTLN1{|zBq3ysM#>Z^glK$?88Us(>HV+&`o7k(R_PAscg{Y0c=q1UZsrjR zT|?-3I*M34n*=TZx8mLdq9c?9Z!lz}GI;|j|0;2j26HZKgdR3+qalM{?gHrjpx8Dh zx1^HN)r%JeDDD1}C*DlU<>Bcf6P&p(F56sP!JyLwz%*v(;P7`5og=LQfetBt%~(U2 zDTTdj#|~b6-W%+&#J;~Ea8YC#b_$xg`wVbF!`yol6sc?dpFQJ&cLV2lX8(38G z{?TPJ-hw&B&Vz@_ANcd<@w$(*;8J@MJj)W3p`^zEqTai2A8$dC;Ey7eJt6{OL8V(x ze0clB!#UHI%@(X3U8V`sNU@X^K?mEsGaLBl;9W}_6ut0RTw~*%BO|B(E(fhkM3}qM z{?z`=NKgNJc>$GcCK)E-k1~wX7SiHpMQpP+eTMquR5?;tf<3Dvx&4aG0+WK7-U$I#$^2C-E?=9UIQg%hG zOa(7sm^qEll)@?@WL9OKYVx@1s4aCSUU0ZDR=h2xq1%mS-QlM zY&elsVp}3jlI@FCGcRqTA^Zfdf zZ9C`<-|lE_3+Qt@DMRVWLRHuVO5Aw0k(~++56{J&9H&c3og*EQ5OJzj_@zrXA&(T$ zVuT=83m4YCy_ZXJA?bs6@Bu^=7)%Kb%EZxIK)|NHj`R)o2h94^jiP)c>mtKihc{61 zE5c@^*|`R+W`A1+PSSO#{92@>7ka8H($J{Eufaf>YXE&^t|MQK*RRrz!%6i$I{IoU z<#KfNx0akVhcE>yzr;q1M<75N{ky7%t;Zp#(Q$F}%BnA|@EClc7&f1xnsHMv);orV z3QM)Y!9nO8>M6~Mo@nS7JV#`t1Dfb4;04P;JrkazfP77lTcIZrBdDKFBq7N2dlG({ zJhk)e@m7>MI@dQea3PSHD;xW&i%FBk5vRRQP~+Rg#)V7?R6Gyb`qC&xbP~LpjF*<<7Kai5hcBUb=PX8M9(9sFboIBB#AlLZWpH^r}g9U5pbPuS74pUY6Itji-N}GJYbk@9o`(?tZxu9e;bi^vBhr(y@Yhn)rrlsasOYo^s)tWAmn zZ_j$1Y4VTgE$o<8tI?eHHIPd_wY}6~q22AV0tYXNmF?pB=lT}xIn+IgP7g_%zN4cf z%3mf=+i3HYB}YdKM~U@+ENsXXyKOtJGvV9)Lc}4&Yy0OJkqvKF(LGvonw+w6VTzEz za#otz{=_eENNGp*&^P*#!Fbn$My!kZYQd}?VIf(D zQZ%o|S8{YMQFL=QQ5om4W2N%`Uc5Uk9yTd3nM}GNl7`P~YagoxGliB=y0lgdXBkS; z=`>exCQQi8+~n5w-EZ1E^Wlrl#qj!jZ|L~1Z4e~Kw#WByG!^6oekTrgkH)-f{vs4A zZ}D+2b7$ntpt}c3ondZRFgL#TGe3libKg%Jv&`L$FWW2?LQak z1~hTjluqERUWL=VagPI>1PP<-f3W zqXi`!$@rCvLSVj4?ogu2;&QlV{1#Je-%Uq}I=D)5T+(y>=yko#e)im%#JK9SAC;l=^xTasQv zW@r!0+k+8Gm!U9J^o6Ul+)g>%s<`f)^=1`qk-)WI!l9-Bce^j^$#M~23;Oy%66*#L zltZhGOcIXwn>UzS+No^5IWmY8L!Kbrr z{xjR1aMz0AF)x+Ad<>U;gLS*cf|r?+wGo3KL^HeDL5$xNHZvwEX{E{Dy<8|8;{DIO z+=I+2-MuDno8~k5a*?Q}T;7&Q);trOC5Q`jKO_Im*9qo4>HgB$r|&1p-`S+Yk80Fre&HVePB;GG33vj+Qu7b{=BN#KdeYu zvOOYaP$6?pXwc&A4wFoJ1qnEo{TT-DpYnwMQ*TO@6&BO4FHy@RC=regYLiGJ~ zl~z2H9!MTFJ2pAF7NrLZ3qocVFJ5e(#Df1h{?91~#_JlZb0xbzc4YaRZa>HLzuxZ8 z8L-c7b$ausp)pm9K68s(TjzYMJ3VdA%}|J>YWW9k zC{qKtzpo&1Tqtd_L!klW_KpEw8nb?9Vd<9ekgI|R6L(ZOskKVeV$jHKWMe}&%!nqm zsIN4)FQ(>xo{wx>M2;ckj`IV-CMdw>YfKPxj+7g{}0C z_5n>5%QN>1*nAb$(i7|7+STWzc8u?2n&!r&l82 zpY@3F`7@DlSfeA@zi#>SJ^ikALt9mfHBZi|6LBg{M$g8!^jj!V8ba-jttcP39C?j2 ze_yd0J0;48BBb9xwysudy|+m6bAP+I+@F99zaumDEd3LFAv3T0-BRf~MmOS=R&?GP z9x=Ptrr$8wy``2+^2B`~11k;p6@5 z9JX5JHV-Sk`R?8C+&rmnrkor8r=#vk-M!>KJLQ7lR-Q2hzcB6gF`|%tP0jsqsr<{5h zT-kNkGxcaYO10Ln96^U$Bav`bu5^@7(U@w&|ARChLlz>x#|WOZ=|;wl6T- zdT5TMROS=fcRUT1ao)va1$S6)B9|3hODopu@yA!Gge1%W8iG6rtz zO6LT_mP9>1!+DV*QIH?fyRCYnxtHI^e=A2kYk0`1e#^{NGpkUROP*6x7>Er70}=d( z{TC4Qe1x0%JW+G${D{JuM58~OTRgt({yMMT(^Sc+Bz3r z)USoE>xnOG@wtANcG;veGQdn&+V0qaKa$20Y}RcBfeX6PYdCRnY{!I)E0ph7+wsy< z$+h9#wd7(+TZx~skLZ^64;r-N@7gJ5sjF#D;-H+6E$HN?fCR4&-K)^M^`7{SBm6KF+K$FopoF}&J}moEzk zp2?1lju*b&(E35+UF{y{%_FySwHenD3M^AUvw;F?q1VZpZCy-yJ1n2ILoZ8ZMuHuB zE`Gh#P7z+^gpRf!qi)BXE5BbMA)yV_b8 z&n4Cn#J@eY__d$$fbat2%#0j?0688Zuq;Zncd!Z!TL*f1_Z(z0jv&U^1;9a5WZKNs z)LcwAT^BoV?q*sZXLaEfuZVxVObLauB9_buc=Qj|=nmhpmE?nx_J7JxW0su?7P;h| zH@kzo8|ca{gfNuj9}74jK5oWS7{J_DnCU8H9qw#@+U4MKLc)1C=tB01`MZ2Fo5Pb= zRCbhT&~>18zO|RAQ$Q+7U9shOHo}xsWC?9EcPAyvN+Qc|?l(`A?wRm;ZYV0i6&5sD z*#7#wU4r$&-q0YF%5MO*2wz$0?DQ$ZehGY}145TQHl#5=-v93}h1}GAEAXv~0fMdk z^+J*<9|ovz#YcP7{dqJFaiZQmJgSEcm|F(*h;6iBCYcH$e4$#mcW3vzpY<7eA@WIN zuAX1T@P${g)*E;7BvHqD*TpU8W^{>!hK3?47yIwdp(D>}O0No@D79SC`a`A5Px+Q# z^0vG!w)YH|oS*t6x~M+Hx^axc^Ytm+M62jiEdp}Hq-i&9oJTC)<)V@mvARnc(q$93 zM!#5Oci2Zwijgeu_R`OJ<3)wyOZzJ5ofoeu8*PIT8LyTX04lO`_wMKk>U z-i!M3X1&;qra0Zq3$480-lopE+s7A>%xx%bcQ(ZT?6Kpg zwRxO9FUi$}vZb^W_)HmZ2_Nt~a8ghXdwp2~np?*ck{pT&_RsmfPqrstoUEv)#K@nk zO`$r0rES6G7W^%-l}v4)mc#>5^v-W#JcrQ!SAYsXE(Gdxz#s%{hIIr-&mL`GWUl(Y zWIB=aHZ4ETD@){-L#3ZerWltPrF|pMt@+wj>%k*;6g^B7aKvxVoZ4+lj;;UHiX#nf zW24(6iykasTUe_tye*fJci~K`8^tSM$ehPigTBoT&1sv!pFkmO;)ERlI<6CMHnyHN zX_>j}<1^*%Qog#mHz%y4tzw(A<)qufz*!UXXNk{BPA?2(b)y+M7;pkNAw|qZB_nJv zPvm?`=yEwwHMP6tAIR7c920LQ{ZPmAaj@UPc^foR+zr}a+b!l26Q^^<0sukXDGm+{ zmPv$Uj;tNxYW$^cZ)bzx#|1%e%+bx0Ww_YRScPXTZEM4-&#LU8u$~?}Fr$aQvA0D7 zxW@FO-msXj&`39GQ>rVT)=5<_GAb3|4>gmXe?$Jzyw?M%E}=o2yV_rKr`v4n`AHKN zM)!|HcH1woFDvV#!{1?MwG1};w&E{qm4Q?2@Q|sde;>S)(ih<#zUdMgs4$4PF6QTr zWJy*%d&WsgF|xE=8L~(Ww2jHxYM0qZAswch3_QEIRHl>^^@1~IxpQ32GUjUpD7Rd? zeob}w=yJ)~o7rJ!e@E8Zhb6r@nZMb&c>~(Ss^6vUnn0cB?ai~aCVWWaCWG;AKbIa# zdiu;Bo+^uLGTBq@OBaPSyrB*(li)JiR<#LgQDb_fA^p}Zx1TKv@P-~#mohcs12yRj zuUYiZsYspSrSi6`tE$Ye$plVK#fvPJNVVRRmK3gxd-gmMm=!8F`GC%J!r{6oroJ@x z6}f4z$m939mA4di7InKEeo{0qdxsOXv#;7^Aegd4U9MfFWHp_jv&r7y*8yZfn(+uo zCDexHhUP4x&;uKI)B4Z%mtKgucjQC(zjt)LtURyC^E|fh=k3XY$Ut#Hsuh9?R3q!| z+{p(TPcguvK>RJl^cZ%xLst#W$(SQvBy1R?-ODR~!m(!wmvx)y=uP7lkB$E9q7E!( zo+k>z@Y+kDWk%N4Qs~!knhH;nsz^|#KXo-Nf8Lgwwb;Un$7q8<(3|ePTNs2 zDS{nitQDv{0upw@l>lfrb5PE0sSJf#yJz1wS#BA_@*Tgd>r+;xQTc;@?I`064Jls} zS#XY5{vXy_;Ekce()Eu|97K_msFKs-MIn{n&FNAwMJ!F3^+&2s{QDr*uDrluRXX*1 ze|X?@k-F-7xux6O+||m~rx&I82?G`4mp>S}opHCqur=eDzel z7;o!Ar&3j;twnpje0g_guQc!;eA5*q5c-ZF5Aj`|8)Fs%k)Z+ZUyC?r z-TL)_0TPhD0GjBkb}e~9ou%yld;6q;kfJW{2v{|_Ui8Vm`!n+=d}w0lgs`?X|Sjx3^z&fp1|K zpv})H5Ehg+OuAlB5Em_NWMXW*4e&H-;Z;^Hsw+jg!|1Ozhu;lCRDQjjoSY3-Pd_${ zcjP&Xz}ro|dv|_=V%>xh6W$Zs^UkA3S7s+tX037SN4__O13|ROZ(A`vo}kH1r`M~% zfMp#jiUGt-0Y}SAQkETD!V(6o;K-fP@Zwa!9nqO*ExD7KV@MGhyvW|DWtLG7VL zf86jfNb61=fS z09`39B|ggF!dU@)WT~`ps3rN%+mK^ax`*R|QBvlejf#UOr@z@iopGYx7JIpq)n*u8 zqnPKP6pO^*i>3OD`Q;B?T1(>rFSaerKoSU=m{LT%L@HgM<8)mKz z-4b=J^=)K$csEGdZ3xBoLLm+t&7(CCy<<&xuQnMod2m=Upxu)L)Q>A5dmNt%xA8Y0 zo5ei#?glSNXXg{9?^$QM6rz0gGZ`6~0s6V{%)H>ya))vEX*xL9TI3H5zYv;QtJ% z$$RnsOr0R8I7#QP=kt+$AWYIoEA4`@1Wf=zHTInfWCv+f%8Q~G!y&8m)fXGcCm7;1 zlV1p;^m&8fI{I~PZAMSrtrxjlbYzhHS?-x%76kJGpI)5$Sy_?+1g_5Y(P7%%-TeT>0U1<$3HeYO=YVlTVA-Z1B#NwaTZy67i`gKhpz!YdF*@z&&ok^gLhJuqcU zP&}7KZk|#+-E76wfxpF(cYmUM1k{jFsc@vLUtV3WtE-!%mcVA-#>HDIYxx{|rORTG z1Qkg2FyCb=7$jvo`w3E+3ZRJ*3<}0c6E~Wp1 z3vz7n@$t#wzH>2!r@E9C1V5Fw4Kp3|AQUaR4uZr91_+7Tfi@^$8lOPrb&Mq`p84~` z60Jy-pKbY(kZJgD4?b_DQ<>WXnRNZ5M^~e#NfLvgdXRlQ3QfOK)B8#XdS8$PJ0NDn z)Y$`thj4OOU<{_y_QmDZ#b~sF4&rF<0n!)b4bgb<=FL&0Tfw)Nfb{5QK;ZDRvLe>d zrRZC>#DF3p8}f*R0dy|fwxSagGqHRgM8vdmgeu_rNyE4+UwjZTYG4+-WL+72K+J%- z!A_Jp%#zCu#k6*uW23qQr*F%kLzM7Yw>0PcQbQ^fGtu(X$V*Ux8pPS2$DX@ zzmk%Yv{zP0zwBG_W!OOFi~7Cv^dO**R|r*xSLw`hHzC6ZDMMazjl;w&U%9gQy5q!@ z>Try;=xO9&Fc2dQ<(_K!AzeR2zV|=)&-uyn1vty$`{Y0Q3-w2_&=|QOX-^KA@d8!z zCC7xrvxs>3`T4hMK3x}}{(E{Ofqqarz(F~%=ki&YpP`9~P*x8Po4!!Ze@X?(04+kQ zfbCz6>^uft#OFD`cS8f6vlv&X8uW9F80uWW8vP0+w&o??O87JdN{FCDFPagrV-{M> zQDM$N>VZIJy0Kxh#tXC=vM*gaiZ+9fAX<8zs2qs{CQ}7Afm9J%H7jBrjf1Ozh!QM~ zFWet@d^4y<-(GR2Z(jHnJZVuG(SQKnAwC^`qYs_4-0f|DAimT3c ze+Iqvc=<0CRNwTW8xqOylLI3ffRnS4|0Po}-h7rr%7$B;nNan`EeBnPF|vnt!^FU? zNXJ#oI$V-~T2m53kby=>&omkDm|A1Ly&W8#&%VA(`-aB6KGZRcF2h)X&)`Sc_Ck`* z(Sr>euTnHHOj0SAm>HN$qtV8v`vdAg;Qt&V;!6M z8_u3lLHD!;xSX2qE;=S2l#`v>@K1Px+B=z<)$2DAdmW`*Wfd zoYTIINWOLJQ=58 zRujEeL_)&q$0W4q`|nG}(U{r#)K8s^`6|Z39+HJU2an7Vba(<4O@wc>8H_C$FLl^i zb`*WVgD{rE=ua5>mEYlHna2}kEox_HN4}`>j~Bcsa2yxI*Cqbjm6(|CXZJ95lIK&X z{0s1mws5nns;UO?7;lD$Ve|it{?dbvc2!yFi%!%HmIYC$;z@veu2h|_D^Mv39go__ z28^qG`0(NPLp&Q0HjaO0GJVOjR)jTt%lhpH$6E!-$U^vzg(zJ4hGHtrJD^;LUL_79 zQFE0cg3e}Aj(cou=pdEpQ7)ZW2yp(s(xW~AJH7z2iNwK4wTLreRso1(GP2@ty#PWO zr|3wdz)2Ah*N7waD|SbZdMy>3qXHEPCVT$%`|tOlkV9tP4Kf+*7_vB}Gru3e!&&g+ z#fxMlFYNGe82mAp2vd@VSA9h~olY|KO!{tAx50(5!5l2n;BvV5H4r4ScAQHFsEcrO z=DIvEDMrr(5U+A{`AQsmwCwZc%a?Job1-2-EdEhf6-4l-AU|27QG$?=Ul4ig`54$dB?zmrB(!2hrg9b0mmkg;zA7 z-VeD57Fdd|O%khvn?tH5;E-#>lR4~8g>RqqfvWctHDVB(dPlb@BTX%&!{)}pg=NHO*xW`Dm&oJy4=f$!kuS6^;qXGf7C zl(i=SolO0H5b)bK098|DNF1hW>_)O07B=ACWGtc<{Ql|Wzv|?NU=&YhXMC{DU|z!< ztGl%y=BB>3&!xg_;5M*!@4kW9`_b{%%OKj0fXyLgt(^FHU0+|{l1RC=Yb7-`KMhYq ze2Go53Ybb;PJlV>1~DAo{7++}DHs3_I~Vn8{8_V&$1vv8!9*6n{&{a6lY7lKJ1Yy`v~**tw$R|WioRA~`4V(|Ul+blh( z5M+3mRW^%4=7dykgCc&WOg{nZiG8uM`AB_Irhts8q=fs{R;>d}*xzB$GbIOSPhRtRzCOb-(x`PGv z+*-Ya8p`wc-K6=L6rVEaq~0uJKdPgc%o{-{+4=hy_B+sG1&&Y}EuFUhf0z*%VVdt# zwaGvD!emSo4kh+My@3B+DVx3->1N6;SXmm@f82>OJ)THnw)B1Z(O7b QP7#Xk4nyXBog?S}2P9VgqyPW_ literal 0 HcmV?d00001 diff --git a/files/lighttpd-intranet_index.html b/files/lighttpd-intranet_index.html new file mode 100644 index 0000000..4e3492f --- /dev/null +++ b/files/lighttpd-intranet_index.html @@ -0,0 +1,12 @@ + + + + + + Intranet - Testbild + + + FuBK_Testbild +

Ups... Hier gibt es nur das alte Fernseh-Testbild.

+ + diff --git a/library/ansible.yml b/library/ansible.yml new file mode 100644 index 0000000..5fdc0cc --- /dev/null +++ b/library/ansible.yml @@ -0,0 +1,8 @@ +--- +- name: install server specific packages + ansible.builtin.apt: + update_cache: yes + pkg: + - ansible + - ansible-lint +... diff --git a/library/aptcacher-ng.yml b/library/aptcacher-ng.yml new file mode 100644 index 0000000..5f2677d --- /dev/null +++ b/library/aptcacher-ng.yml @@ -0,0 +1,7 @@ +--- +- name: install server specific packages + ansible.builtin.apt: + update_cache: yes + pkg: + - apt-cacher-ng +... diff --git a/library/bootstrap.yml b/library/bootstrap.yml new file mode 100644 index 0000000..d47c83f --- /dev/null +++ b/library/bootstrap.yml @@ -0,0 +1,59 @@ +--- +- name: remove apt-config-file derived from preseeding + ansible.builtin.file: + path: /etc/apt/apt.conf + state: absent + when: ("baremetal" in group_names) +- name: create apt-proxy config file + ansible.builtin.template: + src: fsit-smgt/templates/apt-proxy_01proxy.j2 + dest: /etc/apt/apt.conf.d/01proxy + when: ("DMZ" not in group_names) +- name: remove apt-config-file only for aptproxy + ansible.builtin.file: + path: /etc/apt/apt.conf.d/01proxy + state: absent + when: ("aptproxy" in inventory_hostname) +- name: copy apt-unattended-upgrades config file + ansible.builtin.copy: + src: fsit-smgt/files/apt-unattended-upgrades_10periodic + dest: /etc/apt/apt.conf.d/10periodic +- name: Update and upgrade apt packages + ansible.builtin.apt: + update_cache: yes + upgrade: yes + autoremove: true +- name: install core-packages + ansible.builtin.apt: +# update_cache: yes + pkg: + - sudo + - gnupg + - htop + - ncdu + - vim + - tmux + - gnupg2 +- name: install core-packages for bare-metal-server + ansible.builtin.apt: + pkg: + - inxi + when: ("baremetal" in group_names) +- name: add ansible user to server + ansible.builtin.user: + name: ansible + shell: /bin/bash +- name: allow "ansible"-user to have passwordless sudo + ansible.builtin.copy: + src: fsit-smgt/files/sudo_ansible + dest: /etc/sudoers.d/ansible + owner: root + group: root + mode: 0440 +- name: add installbox-ansible-user _public_ ssh-key to the servers authorized_keys file + ansible.builtin.authorized_key: + user: ansible + state: present + manage_dir: yes + key: "{{ lookup('file', '/home/ansible/.ssh/id_ed25519.pub') }}" +... diff --git a/library/cups.yml b/library/cups.yml new file mode 100644 index 0000000..aa61834 --- /dev/null +++ b/library/cups.yml @@ -0,0 +1,26 @@ +--- +- name: install server specific packages + ansible.builtin.apt: + update_cache: yes + pkg: + - cups + - hplip + - printer-driver-gutenprint +- name: cups reset settings + # https://github.com/OpenPrinting/cups/issues/158 + ansible.builtin.command: + cmd: cupsctl --no-remote-admin --no-remote-any --no-share-printers +- name: cups settings + ansible.builtin.command: + cmd: cupsctl --remote-admin --remote-any --share-printers +- name: cups service neustarten + ansible.builtin.command: + cmd: systemctl restart cups +- name: create lpadmin user + ansible.builtin.user: + name: lpadmin + append: true + groups: lpadmin + update_password: always + password: "{{ lpadminuser|password_hash('sha512') }}" +... diff --git a/library/glpi.yml b/library/glpi.yml new file mode 100644 index 0000000..f03132d --- /dev/null +++ b/library/glpi.yml @@ -0,0 +1,65 @@ +--- +- name: install server specific packages + ansible.builtin.apt: + update_cache: yes + pkg: + - apache2 + - php + - libapache2-mod-php + - mariadb-server + - php-mysqli + - php-mbstring + - php-curl + - php-gd + - php-simplexml + - php-intl + - php-ldap + - php-apcu + - php-xmlrpc + - php-cas + - php-zip + - php-bz2 + - php-imap + - unzip +- name: create dirs for glpi + ansible.builtin.file: + path: /etc/glpi + state: directory + owner: www-data +- name: create dirs for glpi + ansible.builtin.file: + path: /var/lib/glpi + state: directory + owner: www-data + group: www-data +- name: create dirs for glpi + ansible.builtin.file: + path: /var/log/glpi + state: directory + owner: www-data +- name: create dirs for glpi + ansible.builtin.file: + path: /var/www/html/inc + state: directory +- name: write config to file + ansible.builtin.copy: + dest: /var/www/html/inc/downstream.php + content: | + check? +#- name: enable koha-plack +# ansible.builtin.command: +# cmd: koha-plack --enable {{ koha_libraryname }} +# notify: restart apache + +#CHECK! +- name: start koha-plack + ansible.builtin.command: + cmd: koha-plack --start {{ koha_libraryname }} +# notify: restart apache +- name: apache restart + ansible.builtin.command: + cmd: systemctl restart apache2 + +# only once -> check how? +- name: install german language-pack + ansible.builtin.command: + cmd: koha-translate --install de-DE + +# thanks to +# https://wiki.koha-community.org/wiki/Koha_on_Debian +# https://zefanjas.de/wie-man-koha-installiert-und-fuer-schulen-einrichtet-teil-1/ +... diff --git a/library/lam.yml b/library/lam.yml new file mode 100644 index 0000000..0825c96 --- /dev/null +++ b/library/lam.yml @@ -0,0 +1,7 @@ +--- +- name: install server specific packages + ansible.builtin.apt: + update_cache: yes + pkg: + - ldap-account-manager +... diff --git a/library/lighttpd.yml b/library/lighttpd.yml new file mode 100644 index 0000000..e99b71f --- /dev/null +++ b/library/lighttpd.yml @@ -0,0 +1,42 @@ +--- +- name: install server specific packages + apt: + pkg: + - lighttpd + - rsync +- name: lighttpd - change simple-vhost config + ansible.builtin.replace: + path: /etc/lighttpd/conf-available/10-simple-vhost.conf + regexp: 'www.example.com' + replace: 'testbild' +# - name: lighttpd - aktiviere simple-vhost +# command: lighty-enable-mod simple-vhost +- name: lighttpd - reload service + command: service lighttpd force-reload +- name: lighttpd - erstelle "Testbild" vhost Verzeichnis + file: + path: /srv/testbild/htdocs + state: directory +- name: lighttpd - kopiere Testbild Webseite + copy: + src: files/lighttpd-intranet_index.html + dest: /srv/testbild/htdocs/index.html + owner: root + group: root + mode: 0644 +- name: lighttpd - kopiere Testbild + copy: + src: files/lighttpd-intranet_FuBK-Testbild.png + dest: /srv/testbild/htdocs/FuBK-Testbild.png + owner: root + group: root + mode: 0644 +- name: lighttpd - erstelle vhost "Intranet" Verzeichnis + file: + path: /srv/intranet/htdocs + state: directory +- name: lighttpd - erstelle vhost "digitales" Verzeichnis + file: + path: /srv/digitales/htdocs + state: directory +... diff --git a/library/nfs.yml b/library/nfs.yml new file mode 100644 index 0000000..b2a9a5c --- /dev/null +++ b/library/nfs.yml @@ -0,0 +1,50 @@ +- name: install server specific packages + ansible.builtin.apt: + pkg: + - nfs-kernel-server + - rsync +- name: make sure the export paths exists + ansible.builtin.file: + path: "{{ export_root }}/{{ export_share }}/" + state: directory + recurse: true + notify: + - restart nfs-kernel-server service +- name: make sure the directory to share exists + ansible.builtin.file: + path: "{{ export_dir }}" + state: directory + recurse: true + notify: + - restart nfs-kernel-server service +#- name: copy exports files +# ansible.builtin.copy: +# src: files/nfs_exports +# dest: /etc/exports +# backup: yes +# notify: +# - restart nfs-kernel-server service +- name: configure exports + ansible.builtin.blockinfile: + dest: /etc/exports + insertbefore: EOF + block: | + {{ export_root }} {{ root_ipaddr_string }} + {{ export_root }}/{{ export_share }}/ {{ dir_ipaddr_string }} + notify: + - restart nfs-kernel-server service + +#- name: copy fstab file +# ansible.builtin.copy: +# src: files/nfs_fstab +# dest: /etc/fstab +# backup: yes +- name: bind mount exported dir + ansible.posix.mount: + path: "{{ export_root }}/{{ export_share }}/" + src: "{{ export_dir }}" + fstype: none + state: mounted + opts: bind + +# https://salsa.debian.org/andi/debian-lan-ansible/-/blob/master/roles/nfsserver/tasks/main.yml diff --git a/library/openldap.yml b/library/openldap.yml new file mode 100644 index 0000000..9cd7ef1 --- /dev/null +++ b/library/openldap.yml @@ -0,0 +1,8 @@ +--- +- name: install server specific packages + ansible.builtin.apt: + update_cache: yes + pkg: + - slapd + - ldap-utils +... diff --git a/library/pi-hole.yml b/library/pi-hole.yml new file mode 100644 index 0000000..461820e --- /dev/null +++ b/library/pi-hole.yml @@ -0,0 +1,13 @@ +--- +- name: check if we are installing + stat: path=/etc/pihole + register: pihole + +- name: download pi-hole script + get_url: + url: https://install.pi-hole.net + dest: /home/ansible/basic-install.sh + owner: ansible + group: ansible + when: not pihole.stat.exists +... diff --git a/library/pihole-update.yml b/library/pihole-update.yml new file mode 100644 index 0000000..4512cf5 --- /dev/null +++ b/library/pihole-update.yml @@ -0,0 +1,27 @@ +--- +- name: kopiere pihole custom.list + copy: + src: files/dns-pihole_custom.list + dest: /etc/pihole/custom.list + owner: root + group: root + mode: 0644 +- name: kopiere pihole dns20-static-dhcp-liste nach dns20 + copy: + src: files/dns20-pihole_04-pihole-static-dhcp.conf + dest: /etc/dnsmasq.d/04-pihole-static-dhcp.conf + owner: root + group: root + mode: 0644 + backup: yes + when: inventory_hostname == 'dns20' +- name: kopiere TFTP config-Datei + copy: + src: files/dns-pihole_10-TFTP.conf + dest: /etc/dnsmasq.d/10-TFTP.conf + owner: root + group: root + mode: 0644 +- name: pihole neustarten + command: pihole restartdns +# ansible.builtin.shell benutzen? diff --git a/library/pocketbase.yml b/library/pocketbase.yml new file mode 100644 index 0000000..91da2a7 --- /dev/null +++ b/library/pocketbase.yml @@ -0,0 +1,2 @@ +--- +... diff --git a/library/sympa.yml b/library/sympa.yml new file mode 100644 index 0000000..65cd471 --- /dev/null +++ b/library/sympa.yml @@ -0,0 +1,31 @@ +--- +- name: install server specific packages + ansible.builtin.apt: + update_cache: yes + pkg: + - sympa +- name: edit config file + ansible.builtin.lineinfile: + path: /etc/sympa/sympa/sympa.conf + regexp: '^lang*' + line: 'lang {{ sympa_lang }}' + backup: true +- name: edit config file + ansible.builtin.lineinfile: + path: /etc/sympa/sympa/sympa.conf + regexp: '^domain*' + line: 'domain {{ sympa_domain }}' + backup: true +- name: edit config file + ansible.builtin.lineinfile: + path: /etc/sympa/sympa/sympa.conf + regexp: '^listmaster*' + line: 'listmaster {{ sympa_listmaster }}' + backup: true +- name: edit config file + ansible.builtin.lineinfile: + path: /etc/sympa/sympa/sympa.conf + regexp: '^wwsympa_url*' + line: 'wwsympa_url {{ sympa_wwsympa_url }}' + backup: true +... -- 2.39.5