--- ungrouped: hosts: all: vars: domain: "{{ ansible_domain }}" vm_support: true vm_torrent_serv: seedbox.pn.steinbeis.schule extra_pkgs: - vim - mc - tmux - debconf-utils - firmware-sof-signed ## Additional roles to run: custom_roles: - fvs ## Enable automatic reports misc_reporter: true ## Server to which reports should be sent. If you don't want to use reporting, this can be empty: misc_reporter_serv: collector.steinbeis.schule ## Proxy configuration: localproxy: true no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule kerberize_uris: "idam.steinbeis.schule, *.steinbeis.schule, steinbeis.schule" apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/"; ntp_serv: server.pn.steinbeis.schule ## NFS-Server for additional mount. Remove or leave empty to use no additional NFS-Server: nfs_server: files.pn.steinbeis.schule ## List of print servers. The order of the print servers determines which print server the printer will be installed from: printservers: - 10.190.4.3 - 10.190.4.2 - 10.190.1.1 ## PAM mount nextcloud, remove or leave empty to skip: # web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER) ## Local mirror for mscorefonts. Remove or leave empty to use no mirror: mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/ ## http://livebox.example.org/mscorefonts/ ## Local mirror for libdvdcss. Remove or leave empty to use no mirror: mirror_dvdcss: http://livebox.pn.steinbeis.schule/libdvdcss/ ## http://livebox.example.org/libdvdcss/ ## SSH-keys to deploy: keys2deploy: - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE4KWQsrcM1ilTgI1eaTsscTbpdIXVAPk8j5aACjw3D8' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII1hcR20r+8JbBUeWHds00gmfbxEYZ9CQM+oV1X7BzKn' ## Use grub-mkpasswd-pbkdf2 to calculate the password hash: grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB' infrastructure: hosts: wireguard_server: ansible_host: wg.steinbeis.schule radius_server: ansible_host: radius.steinbeis.schule proxmox: hosts: lmnclient[1:3]: lmnclient4: localhome: true R016: # VLAN 3119 hosts: r016pc[01:16]: r016pc80: R115: # VLAN 3113 hosts: r115pc[01:35]: r115pc80: dual_screen: [DP-1, DP-1] audio_output: [pci-0000_00_1f.3-platform-skl_hda_dsp_generic, pro-autput-0] R117: # VLAN 3114 hosts: r117pc[01:35]: r117pc80: dual_screen: [HDMI-1, HDMI-A-1] audio_output: [pci-0000_00_1b.0, analog-stereo] R121: # VLAN 3118 hosts: r121pc[01:35]: r121pc80: audio_output: [pci-0000_00_1f.3, analog-stereo] R202: # VLAN 3107 hosts: r202pc[01:20]: r202pc80: r202pc90: vars: misc_pxe_first: true R205: # VLAN 3117 hosts: r205pc[01:10]: R216: # VLAN 3108 hosts: r216pc[01:28]: r216pc80: audio_output: [pci-0000_00_1f.3, analog-stereo] vars: misc_pxe_first: true R217: # VLAN 3106 hosts: r217pc[01:28]: r217pc80: dual_screen: [DisplayPort-1, DP-1] audio_output: [pci-0000_00_1f.3, analog-stereo] vars: misc_pxe_first: true R314: # VLAN 3109 hosts: r314pc[01:24]: r314pc80: audio_output: [pci-0000_04_00.0, hdmi-stereo-extra1] vars: misc_pxe_first: true R317: # VLAN 3110 hosts: r317pc[01:24]: r317pc80: dual_screen: [HDMI-1, HDMI-A-1] vars: misc_pxe_first: true R319: # VLAN 3105 hosts: r319pc[01:12]: r319pc80: dual_screen: [HDMI-1, HDMI-A-1] audio_output: [pci-0000_00_1b.0, analog-stereo] vars: misc_pxe_first: true R406: # VLAN 3111 hosts: r406pc[01:18]: r406pc80: dual_screen: [DP-2, DP-2] vars: misc_pxe_first: true R407: # VLAN 3112 hosts: r407pc[01:18]: r407pc80: dual_screen: [HDMI-1, HDMI-A-1] audio_output: [pci-0000_00_1f.3, hdmi-stereo-extra1] vars: misc_pxe_first: true CU051: # VLAN 3126 hosts: cu051pc[01:16]: C051: # VLAN 3122 hosts: c051pc[01:32]: ## Extra Rechner Lehrer kein Laptop: C051pc: # VLAN 3122 hosts: c051pc80: ## Extra Rechner Lehrer kein Laptop: C054: # VLAN 3122 hosts: c051pc81: C055: # VLAN 3124 hosts: c055pc[01:32]: C061: # VLAN 3120 hosts: c061pc[01:12]: c061pc80: C062: # VLAN 3121 hosts: c062pc[01:16]: c062pc80: E021: # VLAN 3132 hosts: e021pc80: E024: # VLAN 3133 hosts: e024pc80: E026: # VLAN 3134 hosts: e026pc[01:16]: E029: # VLAN 3135 hosts: e029pc[01:16]: M146: # VLAN 3136 hosts: m146pc[01:08]: A126: # VLAN 3128 hosts: a126pc[01:12]: A127: # VLAN 3159 hosts: a127pc01: A130: # VLAN 3129 hosts: a130pc[01:12]: A134: # VLAN 3130 hosts: a134pc[01:26]: a134pc[80:81]: vars: exam_teacherpc_ips: - 10.190.30.80 - 10.190.30.81 - 10.190.30.82 A134pc: # VLAN 3130 hosts: a134pc82: dual_screen: [HDMI-1, HDMI-A-1] A135: # VLAN 3131 hosts: a135pc[01:08]: a135pc[21:24]: a135pc80: K000: # VLAN 3195 hosts: r007pc01: r008pc01: r010pc01: r011pc01: r013pc01: r014pc01: r017pc01: K100: # VLAN 3196 hosts: r103pc01: dual_screen: [HDMI-2, HDMI-A-2] r104pc01: dual_screen: [HDMI-2, HDMI-A-2] r112pc01: r114pc01: audio_output: [pci-0000_00_1b.0, analog-stereo] r118pc01: dual_screen: [HDMI-1, HDMI-A-1] audio_output: [pci-0000_00_1b.0, analog-stereo] r120pc01: K200: # VLAN 3199 hosts: r204pc01: r204pc02: r207pc01: r208pc01: r209pc01: r210pc01: r212pc01: r214pc01: K300: # VLAN 3198 hosts: r302pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] r304pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] r307pc01: r308pc01: r310pc01: r311pc01: r313pc01: audio_output: [pci-0000_00_1f.3, hdmi-stereo-extra1] r316pc01: K400: # VLAN 3197 hosts: r405pc01: dual_screen: [HDMI-3, HDMI-A-3] r409pc01: dual_screen: [HDMI-3, HDMI-A-3] r410pc01: dual_screen: [HDMI-3, HDMI-A-3] r411pc01: dual_screen: [HDMI-3, HDMI-A-3] r413pc01: dual_screen: [HDMI-3, HDMI-A-3] r414pc01: dual_screen: [HDMI-3, HDMI-A-3] r415pc01: dual_screen: [HDMI-3, HDMI-A-3] CK100: # VLAN 3190 hosts: c152pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] c153pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] c154pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] misc_clonescreen_mode: "1680x1050@60" c155pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] misc_clonescreen_mode: "1680x1050@60" c156pc01: c157pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] misc_clonescreen_mode: "1440x900@60" c158pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] c159pc01: audio_output: [pci-0000_00_1f.3, analog-stereo] misc_clonescreen_mode: "1440x900@60" EK100: # VLAN 3191 hosts: e019pc01: L000: # VLAN 3155 hosts: r002pc01: r002pc02: r003pc01: r005pc01: localhome: true r009pc01: r012pc01: r015pc01: L100: # VLAN 3154 hosts: r102pc01: r105pc01: r109pc01: r112pc01: localhome: true r112pc02: localhome: true r116pc01: r116pc02: r118pc01: L200: # VLAN 3151 hosts: r201pc[01:03]: r206pc01: r211pc01: r211pc02: localhome: true r213pc01: r215pc[01:03]: r218pc01: L300: # VLAN 3152 hosts: r301pc01: r306pc[01:03]: r309pc[01:03]: r312pc01: r315pc01: L400: # VLAN 3153 hosts: r404pc[01:02]: r408pc01: r412pc01: CK000: # VLAN 3189 hosts: c059pc01: misc_clonescreen_mode: "1440x900@60" audio_output: [pci-0000_00_1f.3, analog-stereo] c060pc01: CL100: # VLAN 3162 hosts: c161pc[01:05]: ML100: # VLAN 3158 hosts: m080pc01: m144pc01: m144pc02: m153pc01: m155pc01: m158pc01: m162pc01: EL100: # VLAN 3159 hosts: a127pc01: CloneScreen: hosts: r016pc80: r115pc80: r117pc80: r121pc80: r202pc80: r216pc80: r217pc80: r314pc80: r317pc80: r319pc80: r406pc80: r407pc80: r407pc80: a134pc82: a135pc80: c061pc80: c062pc80: e021pc80: e024pc80: children: K000: K100: K200: K300: K400: CK100: CK000: vars: misc_clonescreen: true PCroom: children: R016: R115: R117: R121: R202: R216: R217: R314: R317: R319: R406: R407: CU051: C051: C055: C061: C062: M146: A126: A130: A134: A135: E026: E029: vars: sudo_permissions: "%role-teacher": - /usr/bin/journalctl --since today exam_destination_allowed_ipv4: - 10.190.1.0/24 - 10.190.2.0/24 - 10.190.4.0/24 - 192.168.122.0/24 Kroom: children: K200: K300: K400: CK100: Lroom: children: L000: L100: L200: L300: L400: ML100: EL100: CL000: CL100: vars: cifsopt: "" desktop: children: PCroom: Kroom: Lroom: C054: laptop: children: CU051: C051: C055: A126: A130: A134: E026: E029: teacherlaptop: hosts: # Experimental Laptop installed in JuFo LAN m080pc01: r302pc01: r304pc01: a135pc[21:24]: nb[001:104]: nb105: localhome_logout_missing_serverhome: false nb[106:112]: nb113: localhome_logout_missing_serverhome: false nb[114:999]: vars: wlan: "eap-tls" cifsopt: ",cache=loose,echo_interval=10" localhome: true localuser: ferdi localuser_password: !unsafe steini sudo_permissions: "%role-teacher": - /usr/bin/journalctl --since today teacherlaptop: hosts: nbt[001:105]: nbt[106:999]: encrypt_tpm2: true vars: exam_mode: false vpn: wg extra_pkgs1: - plasma-discover - nextcloud-desktop - dolphin-nextcloud sudo_permissions: "%role-teacher": - /usr/bin/apt - /usr/sbin/cryptsetup polkit_rules: "role-teacher": - "org.freedesktop.NetworkManager.settings.modify.system" - "org.freedesktop.packagekit.package-install" - "org.freedesktop.packagekit.package-reinstall" - "org.freedesktop.packagekit.system-update" - "org.freedesktop.packagekit.upgrade-system" - "org.freedesktop.packagekit.package-install-untrusted" localuser: false localhome_logout_missing_serverhome: false wlan_enable_on_boot: false misc_avoid_suspend: false misc_pwroff: false misc_pwroff_idle: false misc_reporter: false printer_admin_group: role-teacher fvs_remove_discover: false