lmn-client/inventory-fvs.yml

---
ungrouped:
  hosts:

all:
  vars:
    domain: "{{ ansible_domain }}"

    vm_support: true
    vm_torrent_serv: seedbox.pn.steinbeis.schule

    extra_pkgs:
      - vim
      - mc
      - tmux
      - debconf-utils
      - firmware-sof-signed

    ## Additional roles to run:
    custom_roles:
      - fvs

    ## Enable automatic reports
    misc_reporter: true
    ## Server to which reports should be sent. If you don't want to use reporting, this can be empty:
    misc_reporter_serv: collector.steinbeis.schule

    ## Proxy configuration:
    localproxy: true
    no_proxy: firewall.pn.steinbeis.schule,server.pn.steinbeis.schule,idam.steinbeis.schule,dw.steinbeis.schule,.pn.steinbeis.schule,.steinbeis.schule

    kerberize_uris: "idam.steinbeis.schule, *.steinbeis.schule, steinbeis.schule"

    apt_conf: Acquire::http::Proxy "http://aptcache.pn.steinbeis.schule:3142/";
    ntp_serv: server.pn.steinbeis.schule

    ## NFS-Server for additional mount. Remove or leave empty to use no additional NFS-Server:
    nfs_server: files.pn.steinbeis.schule

    ## List of print servers. The order of the print servers determines which print server the printer will be installed from:
    printservers:
      - 10.190.4.3
      - 10.190.4.2
      - 10.190.1.1

    ## PAM mount nextcloud, remove or leave empty to skip:
    # web_dav: https://nc.steinbeis.schule/remote.php/dav/files/%(USER)

    ## Local mirror for mscorefonts. Remove or leave empty to use no mirror:
    mirror_msfonts: http://livebox.pn.steinbeis.schule/mscorefonts/ ## http://livebox.example.org/mscorefonts/

    ## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
    mirror_dvdcss: http://livebox.pn.steinbeis.schule/libdvdcss/ ## http://livebox.example.org/libdvdcss/

    ## SSH-keys to deploy:
    keys2deploy:
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOY0hChWaCDtuiuQcM0v4/u1499esjTtnMjl4uYlnS0'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAN5ylqP936MPjGNxzrzV5jMwIfMhKJdOGuVh3xGQKTM'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxgeu7Rpb/1++531+MopqP9haUkyh1XXpv5kmbgSjx6'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbdOT+WSDmsBcaVFfzPRcmvOfd3CqO/FBOH44UVm7c7'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGICjy88HnMg5oaz4BJ20hgzqFWSem+HHD2PQ+As42pA'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9lu9dDo5TG99QWTkl2G5G+ZbYikLlRNOXfs/bRTHy'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMR4TP7jE+wS7zcH0iUBmlxCbvy9saYeEjonX/0yYfEJ'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE4KWQsrcM1ilTgI1eaTsscTbpdIXVAPk8j5aACjw3D8'
      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII1hcR20r+8JbBUeWHds00gmfbxEYZ9CQM+oV1X7BzKn'

    ## Use grub-mkpasswd-pbkdf2 to calculate the password hash:
    grub_pwd: 'grub.pbkdf2.sha512.10000.FB60266F69FB181327AFB76193192454FC64151559EFF4D6B8FB7C7904A2A9C4778EDD515B46F770DB6A009F36903C193917BBBC571C5B6AAB2A69208BE01A6E.7B82114A0239C0EC55A50E95C48FA74A8910DEE4088447786DAB35770B9C2CF2D1550CF3B7452155EB55D5F84E5D357BF12B8D299CF9B01BF5D71D516CF826DB'

infrastructure:
  hosts:
    wireguard_server:
      ansible_host: wg.steinbeis.schule
    radius_server:
      ansible_host: radius.steinbeis.schule

proxmox:
  hosts:
    lmnclient[1:3]:
    lmnclient4:
      localhome: true
R016:
  # VLAN 3119
  hosts:
    r016pc[01:16]:
    r016pc80:
R115:
  # VLAN 3113
  hosts:
    r115pc[01:35]:
    r115pc80:
      dual_screen: [DP-1, DP-1]
      audio_output: [pci-0000_00_1f.3-platform-skl_hda_dsp_generic, pro-autput-0]
R117:
  # VLAN 3114
  hosts:
    r117pc[01:35]:
    r117pc80:
      dual_screen: [HDMI-1, HDMI-A-1]
      audio_output: [pci-0000_00_1b.0, analog-stereo]
R121:
  # VLAN 3118
  hosts:
    r121pc[01:35]:
    r121pc80:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
R202:
  # VLAN 3107
  hosts:
    r202pc[01:20]:
    r202pc80:
    r202pc90:
  vars:
    misc_pxe_first: true
R205:
  # VLAN 3117
  hosts:
    r205pc[01:10]:
R216:
  # VLAN 3108
  hosts:
    r216pc[01:28]:
    r216pc80:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
  vars:
    misc_pxe_first: true
R217:
  # VLAN 3106
  hosts:
    r217pc[01:28]:
    r217pc80:
      dual_screen: [DisplayPort-1, DP-1]
      audio_output: [pci-0000_00_1f.3, analog-stereo]
  vars:
    misc_pxe_first: true
R314:
  # VLAN 3109
  hosts:
    r314pc[01:24]:
    r314pc80:
      audio_output: [pci-0000_04_00.0, hdmi-stereo-extra1]
  vars:
    misc_pxe_first: true
R317:
  # VLAN 3110
  hosts:
    r317pc[01:24]:
    r317pc80:
      dual_screen: [HDMI-1, HDMI-A-1]
  vars:
    misc_pxe_first: true
R319:
  # VLAN 3105
  hosts:
    r319pc[01:12]:
    r319pc80:
      dual_screen: [HDMI-1, HDMI-A-1]
      audio_output: [pci-0000_00_1b.0, analog-stereo]
  vars:
    misc_pxe_first: true
R406:
  # VLAN 3111
  hosts:
    r406pc[01:18]:
    r406pc80:
      dual_screen: [DP-2, DP-2]
  vars:
    misc_pxe_first: true
R407:
  # VLAN 3112
  hosts:
    r407pc[01:18]:
    r407pc80:
      dual_screen: [HDMI-1, HDMI-A-1]
      audio_output: [pci-0000_00_1f.3, hdmi-stereo-extra1]
  vars:
    misc_pxe_first: true
CU051:
  # VLAN 3126
  hosts:
    cu051pc[01:16]:
C051:
  # VLAN 3122
  hosts:
    c051pc[01:32]:
## Extra Rechner Lehrer kein Laptop:
C051pc:
  # VLAN 3122
  hosts:
    c051pc80:
## Extra Rechner Lehrer kein Laptop:
C054:
  # VLAN 3122
  hosts:
    c051pc81:
C055:
  # VLAN 3124
  hosts:
    c055pc[01:32]:
C061:
  # VLAN 3120
  hosts:
    c061pc[01:12]:
    c061pc80:
C062:
  # VLAN 3121
  hosts:
    c062pc[01:16]:
    c062pc80:
E021:
  # VLAN 3132
  hosts:
    e021pc80:
E024:
  # VLAN 3133
  hosts:
    e024pc80:
E026:
  # VLAN 3134
  hosts:
    e026pc[01:16]:
E029:
  # VLAN 3135
  hosts:
    e029pc[01:16]:
M146:
  # VLAN 3136
  hosts:
    m146pc[01:08]:
A126:
  # VLAN 3128
  hosts:
    a126pc[01:12]:
A127:
  # VLAN 3159
  hosts:
    a127pc01:
A130:
  # VLAN 3129
  hosts:
    a130pc[01:12]:
A134:
  # VLAN 3130
  hosts:
    a134pc[01:26]:
    a134pc[80:81]:
  vars:
    exam_teacherpc_ips:
      - 10.190.30.80
      - 10.190.30.81
      - 10.190.30.82
A134pc:
  # VLAN 3130
  hosts:
    a134pc82:
      dual_screen: [HDMI-1, HDMI-A-1]
A135:
  # VLAN 3131
  hosts:
    a135pc[01:08]:
    a135pc[21:24]:
    a135pc80:

K000:
  # VLAN 3195
  hosts:
    r007pc01:
    r008pc01:
    r010pc01:
    r011pc01:
    r013pc01:
    r014pc01:
    r017pc01:
K100:
  # VLAN 3196
  hosts:
    r103pc01:
      dual_screen: [HDMI-2, HDMI-A-2]
    r104pc01:
      dual_screen: [HDMI-2, HDMI-A-2]
    r112pc01:
    r114pc01:
      audio_output: [pci-0000_00_1b.0, analog-stereo]
    r118pc01:
      dual_screen: [HDMI-1, HDMI-A-1]
      audio_output: [pci-0000_00_1b.0, analog-stereo]
    r120pc01:
K200:
  # VLAN 3199
  hosts:
    r204pc01:
    r204pc02:
    r207pc01:
    r208pc01:
    r209pc01:
    r210pc01:
    r212pc01:
    r214pc01:
K300:
  # VLAN 3198
  hosts:
    r302pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
    r304pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
    r307pc01:
    r308pc01:
    r310pc01:
    r311pc01:
    r313pc01:
      audio_output: [pci-0000_00_1f.3, hdmi-stereo-extra1]
    r316pc01:
K400:
  # VLAN 3197
  hosts:
    r405pc01:
      dual_screen: [HDMI-3, HDMI-A-3]
    r409pc01:
      dual_screen: [HDMI-3, HDMI-A-3]
    r410pc01:
      dual_screen: [HDMI-3, HDMI-A-3]
    r411pc01:
      dual_screen: [HDMI-3, HDMI-A-3]
    r413pc01:
      dual_screen: [HDMI-3, HDMI-A-3]
    r414pc01:
      dual_screen: [HDMI-3, HDMI-A-3]
    r415pc01:
      dual_screen: [HDMI-3, HDMI-A-3]
CK100:
  # VLAN 3190
  hosts:
    c152pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
    c153pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
    c154pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
      misc_clonescreen_mode: "1680x1050@60"
    c155pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
      misc_clonescreen_mode: "1680x1050@60"
    c156pc01:
    c157pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
      misc_clonescreen_mode: "1440x900@60"
    c158pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
    c159pc01:
      audio_output: [pci-0000_00_1f.3, analog-stereo]
      misc_clonescreen_mode: "1440x900@60"
EK100:
  # VLAN 3191
  hosts:
    e019pc01:

L000:
  # VLAN 3155
  hosts:
    r002pc01:
    r002pc02:
    r003pc01:
    r005pc01:
      localhome: true
    r009pc01:
    r012pc01:
    r015pc01:
L100:
  # VLAN 3154
  hosts:
    r102pc01:
    r105pc01:
    r109pc01:
    r112pc01:
      localhome: true
    r112pc02:
      localhome: true
    r116pc01:
    r116pc02:
    r118pc01:
L200:
  # VLAN 3151
  hosts:
    r201pc[01:03]:
    r206pc01:
    r211pc01:
    r211pc02:
      localhome: true
    r213pc01:
    r215pc[01:03]:
    r218pc01:
L300:
  # VLAN 3152
  hosts:
    r301pc01:
    r306pc[01:03]:
    r309pc[01:03]:
    r312pc01:
    r315pc01:
L400:
  # VLAN 3153
  hosts:
    r404pc[01:02]:
    r408pc01:
    r412pc01:
CK000:
  # VLAN 3189
  hosts:
    c059pc01:
      misc_clonescreen_mode: "1440x900@60"
      audio_output: [pci-0000_00_1f.3, analog-stereo]
    c060pc01:
CL100:
  # VLAN 3162
  hosts:
    c161pc[01:05]:
ML100:
  # VLAN 3158
  hosts:
    m080pc01:
    m144pc01:
    m144pc02:
    m153pc01:
    m155pc01:
    m158pc01:
    m162pc01:
EL100:
  # VLAN 3159
  hosts:
    a127pc01:

CloneScreen:
  hosts:
    r016pc80:
    r115pc80:
    r117pc80:
    r121pc80:
    r202pc80:
    r216pc80:
    r217pc80:
    r314pc80:
    r317pc80:
    r319pc80:
    r406pc80:
    r407pc80:
    r407pc80:
    a134pc82:
    a135pc80:
    c061pc80:
    c062pc80:
    e021pc80:
    e024pc80:
  children:
    K000:
    K100:
    K200:
    K300:
    K400:
    CK100:
    CK000:
  vars:
    misc_clonescreen: true

PCroom:
  children:
    R016:
    R115:
    R117:
    R121:
    R202:
    R216:
    R217:
    R314:
    R317:
    R319:
    R406:
    R407:
    CU051:
    C051:
    C055:
    C061:
    C062:
    M146:
    A126:
    A130:
    A134:
    A135:
    E026:
    E029:
  vars:
    sudo_permissions:
      "%role-teacher":
        - /usr/bin/journalctl --since today
    exam_destination_allowed_ipv4:
      - 10.190.1.0/24
      - 10.190.2.0/24
      - 10.190.4.0/24
      - 192.168.122.0/24

Kroom:
  children:
    K200:
    K300:
    K400:
    CK100:
Lroom:
  children:
    L000:
    L100:
    L200:
    L300:
    L400:
    ML100:
    EL100:
    CL000:
    CL100:
  vars:
    cifsopt: ""
desktop:
  children:
    PCroom:
    Kroom:
    Lroom:
    C054:
laptop:
  children:
    CU051:
    C051:
    C055:
    A126:
    A130:
    A134:
    E026:
    E029:
    teacherlaptop:
  hosts:
    # Experimental Laptop installed in JuFo LAN
    m080pc01:
    r302pc01:
    r304pc01:
    a135pc[21:24]:
    nb[001:104]:
    nb105:
      localhome_logout_missing_serverhome: false
    nb[106:112]:
    nb113:
      localhome_logout_missing_serverhome: false
    nb[114:999]:
  vars:
    wlan: "eap-tls"
    cifsopt: ",cache=loose,echo_interval=10"
    localhome: true
    localuser: ferdi
    localuser_password: !unsafe steini
    sudo_permissions:
      "%role-teacher":
        - /usr/bin/journalctl --since today
teacherlaptop:
  hosts:
    nbt[001:105]:
    nbt[106:999]:
      encrypt_tpm2: true
  vars:
    exam_mode: false
    vpn: wg
    extra_pkgs1:
      - plasma-discover
      - nextcloud-desktop
      - dolphin-nextcloud
    sudo_permissions:
      "%role-teacher":
        - /usr/bin/apt
        - /usr/sbin/cryptsetup
    polkit_rules:
      "role-teacher":
        - "org.freedesktop.NetworkManager.settings.modify.system"
        - "org.freedesktop.packagekit.package-install"
        - "org.freedesktop.packagekit.package-reinstall"
        - "org.freedesktop.packagekit.system-update"
        - "org.freedesktop.packagekit.upgrade-system"
        - "org.freedesktop.packagekit.package-install-untrusted"
    localuser: false
    localhome_logout_missing_serverhome: false
    wlan_enable_on_boot: false
    misc_avoid_suspend: false
    misc_pwroff: false
    misc_pwroff_idle: false
    misc_reporter: false
    printer_admin_group: role-teacher
    fvs_remove_discover: false