From 2bebc9f3608bc622fb847def97c3a3c2b8f04d84 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Mon, 29 Oct 2018 23:16:47 +0100 Subject: [PATCH 01/33] Set static global IPv4 for ariane --- host_vars/ariane | 28 ++++++++++++++++++++++------ templates/interfaces_ariane.j2 | 20 +++++++++++++------- 2 files changed, 35 insertions(+), 13 deletions(-) diff --git a/host_vars/ariane b/host_vars/ariane index 4212874..865516b 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -9,13 +9,29 @@ common_iptables_v6: "iptables_ariane_v6.j2" lxc: containers: + - name: sputnik + revision: "01" + template: voidlinux + config: + - lxc.network.type = veth + - lxc.network.hwaddr = 2e:6d:b6:07:13:01 + - lxc.network.link = br1 + - lxc.network.flags = up + + - lxc.network.1.type = veth + - lxc.network.1.hwaddr = 00:50:fc:ce:1b:c3 + - lxc.network.1.link = br0 + - lxc.network.1.flags = up + - lxc.network.1.ipv4 = 128.131.95.206/24 + - lxc.network.1.ipv4.gateway = 128.131.95.1 + - name: laika revision: "01" template: debian config: - lxc.network.type = veth - lxc.network.hwaddr = 1c:bd:b9:7f:fe:a4 - - lxc.network.link = br0 + - lxc.network.link = br1 - lxc.network.flags = up - name: betam @@ -24,7 +40,7 @@ lxc: config: - lxc.network.type = veth - lxc.network.hwaddr = 2e:6d:b6:07:14:01 - - lxc.network.link = br0 + - lxc.network.link = br1 - lxc.network.flags = up - lxc.cgroup.devices.allow = c 188:0 rwm @@ -34,7 +50,7 @@ lxc: config: - lxc.network.type = veth - lxc.network.hwaddr = 2e:6d:b6:07:15:01 - - lxc.network.link = br0 + - lxc.network.link = br1 - lxc.network.flags = up - lxc.pts = 6 @@ -44,7 +60,7 @@ lxc: config: - lxc.network.type = veth - lxc.network.hwaddr = 2e:6d:b6:07:19:01 - - lxc.network.link = br0 + - lxc.network.link = br1 - lxc.network.flags = up - lxc.pts = 6 - lxc.mount.entry = /zv1/daten/Scans /var/lib/lxc/lxc-progress-01/rootfs/mnt/scans none bind,create=dir 0 0 @@ -55,7 +71,7 @@ lxc: config: - lxc.network.type = veth - lxc.network.hwaddr = 2e:6d:b6:07:17:01 - - lxc.network.link = br0 + - lxc.network.link = br1 - lxc.network.flags = up - lxc.pts = 6 - lxc.mount.entry = /zv1/sojus /var/lib/lxc/lxc-sojus-01/rootfs/home/backup/repos none bind,create=dir 0 0 @@ -66,7 +82,7 @@ lxc: config: - lxc.network.type = veth - lxc.network.hwaddr = 2e:6d:b6:07:16:01 - - lxc.network.link = br0 + - lxc.network.link = br1 - lxc.network.flags = up common_zfs: True diff --git a/templates/interfaces_ariane.j2 b/templates/interfaces_ariane.j2 index 95cdc13..c23124f 100644 --- a/templates/interfaces_ariane.j2 +++ b/templates/interfaces_ariane.j2 @@ -2,16 +2,22 @@ source /etc/network/interfaces.d/* -auto lo +auto lo br0 br1 iface lo inet loopback -allow-hotplug enp8s0 -iface enp8s0 inet dhcp +allow-hotplug enp8s0 enp10s0 -auto br0 -iface br0 inet manual - bridge_ports enp9s0 +iface br0 inet static + bridge_ports enp10s0 bridge_fd 0 bridge_maxwait 0 + address 128.131.95.207 + netmask 255.255.255.0 + network 128.131.95.0 + broadcast 128.131.95.255 + gateway 128.131.95.1 -dns-nameservers 192.168.86.1 +iface br1 inet dhcp + bridge_ports enp8s0 + bridge_fd 0 + bridge_maxwait 0 From 873a148809cc9b31cec57cdf16d54cf7163a56c5 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Tue, 30 Oct 2018 00:29:55 +0100 Subject: [PATCH 02/33] Revert "Disable snapper temporary" This reverts commit b61178dd12b529def16a5501949d887d5913aa31. --- host_vars/ariane | 1 - 1 file changed, 1 deletion(-) diff --git a/host_vars/ariane b/host_vars/ariane index 865516b..e68e942 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -86,4 +86,3 @@ lxc: - lxc.network.flags = up common_zfs: True -common_snapper: False From 683b48bd684f4e8f3e8b0c571c5a71e686ef96d6 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Wed, 31 Oct 2018 10:46:30 +0100 Subject: [PATCH 03/33] Add 6 pts for lxc container --- host_vars/ariane | 1 + hosts/production | 1 + roles/ldap/tasks/main.yml | 3 +++ site.yml | 4 ++++ 4 files changed, 9 insertions(+) create mode 100644 roles/ldap/tasks/main.yml diff --git a/host_vars/ariane b/host_vars/ariane index e68e942..307a2a0 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -24,6 +24,7 @@ lxc: - lxc.network.1.flags = up - lxc.network.1.ipv4 = 128.131.95.206/24 - lxc.network.1.ipv4.gateway = 128.131.95.1 + - lxc.pts = 6 - name: laika revision: "01" diff --git a/hosts/production b/hosts/production index 9499faf..47fc6e5 100644 --- a/hosts/production +++ b/hosts/production @@ -11,6 +11,7 @@ all: proteus: fet_lxc_void: hosts: + sputnikov: zyklon: sojus: progress: diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml new file mode 100644 index 0000000..943b715 --- /dev/null +++ b/roles/ldap/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- import_tasks: ldap.yml + tags: [ ldap ] diff --git a/site.yml b/site.yml index 012e9b2..22cc3bc 100644 --- a/site.yml +++ b/site.yml @@ -26,6 +26,10 @@ - ariane # - rvm1-ansible +#- hosts: sputnikov +# roles: +# - ldap + - hosts: betam roles: - ups From 9cfa893b8df40de7db125db6c257d00e222df14d Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 3 Nov 2018 14:52:59 +0100 Subject: [PATCH 04/33] Add setuid for lxc zfs vol --- doc/ariane.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/ariane.md b/doc/ariane.md index 1923ae4..88adb9b 100644 --- a/doc/ariane.md +++ b/doc/ariane.md @@ -88,7 +88,7 @@ zfs create -o canmount=off -o setuid=off -o exec=off ssd/var zfs create -o com.sun:auto-snapshot=false -o mountpoint=/var/lib/nfs ssd/var/nfs zfs create -o com.sun:auto-snapshot=false -o exec=on ssd/var/cache zfs create ssd/var/log -zfs create -o exec=on ssd/var/lxc +zfs create -o setuid=on -o exec=on ssd/var/lxc mv /var/cache/* /ssd/var/cache/ zfs set mountpoint=/var/cache/ ssd/var/cache mv /var/log/* /ssd/var/log/ From 0abe97831a0dc61f70eecaa10451bbc4bc17fd1c Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 3 Nov 2018 14:56:17 +0100 Subject: [PATCH 05/33] Set SSH prohibit-password for root, but allow users --- group_vars/all | 3 ++- roles/common | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/group_vars/all b/group_vars/all index 4064fb2..26caefc 100644 --- a/group_vars/all +++ b/group_vars/all @@ -17,7 +17,8 @@ common_aliases: common_hostname: True common_rsyslog: True -common_openssh_permit_root_login: "yes" +common_openssh_permit_root_login: "prohibit-password" +common_openssh_password_authentication: "yes" common_ntp_servers: - tutimea.tuwien.ac.at diff --git a/roles/common b/roles/common index 5e27af2..a3ab58b 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit 5e27af2b21af707053caaa9c2d434303aa1a78ef +Subproject commit a3ab58bc633b6ea8dd736e6985d243e8e45f4420 From ba2046f93cf6e579dd181375a11682c2c0dd59f5 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 3 Nov 2018 14:56:38 +0100 Subject: [PATCH 06/33] Add NFS role --- roles/nfs/tasks/main.yml | 3 +++ roles/nfs/tasks/nfs.yml | 20 ++++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 roles/nfs/tasks/main.yml create mode 100644 roles/nfs/tasks/nfs.yml diff --git a/roles/nfs/tasks/main.yml b/roles/nfs/tasks/main.yml new file mode 100644 index 0000000..e7bb2b6 --- /dev/null +++ b/roles/nfs/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- import_tasks: nfs.yml + tags: [ nfs ] diff --git a/roles/nfs/tasks/nfs.yml b/roles/nfs/tasks/nfs.yml new file mode 100644 index 0000000..5cd522a --- /dev/null +++ b/roles/nfs/tasks/nfs.yml @@ -0,0 +1,20 @@ +--- +- name: nfs - install + package: name=nfs-utils + +- name: nfs - create mountpoints + file: "path={{ item }} owner=root group=root mode=0755 state=directory" + with_items: + - /mnt/save/daten + - /mnt/save/fotos + failed_when: False + +- name: nfs - add mountpoints + blockinfile: + path: /etc/fstab + block: | + ariane:/zv1/homes /home nfs intr,hard,rw,fsc 0 0 + ariane:/zv1/daten /mnt/save/daten nfs intr,hard,rw,fsc 0 0 + ariane:/zv1/fotos /mnt/save/fotos nfs intr,hard,rw,fsc 0 0 + validate: "mount -a -T %s" + From b55b369e9bdbbf86c40c9e6a6c0051bb24f44743 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 3 Nov 2018 14:57:03 +0100 Subject: [PATCH 07/33] Add LDAP role for void lxc containers --- roles/ldap/handlers/main.yml | 3 ++ roles/ldap/tasks/ldap.yml | 56 +++++++++++++++++++++++++++ roles/ldap/templates/nslcd.conf.j2 | 9 +++++ roles/ldap/templates/nsswitch.conf.j2 | 17 ++++++++ 4 files changed, 85 insertions(+) create mode 100644 roles/ldap/handlers/main.yml create mode 100644 roles/ldap/tasks/ldap.yml create mode 100644 roles/ldap/templates/nslcd.conf.j2 create mode 100644 roles/ldap/templates/nsswitch.conf.j2 diff --git a/roles/ldap/handlers/main.yml b/roles/ldap/handlers/main.yml new file mode 100644 index 0000000..1ae22c4 --- /dev/null +++ b/roles/ldap/handlers/main.yml @@ -0,0 +1,3 @@ +--- + - name: restart nslcd + service: name=nslcd enabled=yes state=restarted diff --git a/roles/ldap/tasks/ldap.yml b/roles/ldap/tasks/ldap.yml new file mode 100644 index 0000000..297d0d4 --- /dev/null +++ b/roles/ldap/tasks/ldap.yml @@ -0,0 +1,56 @@ +--- +- name: ldap - install + package: name={{ item }} + with_items: + - nss-pam-ldapd + +- name: ldap - /etc/nsswitch.conf + template: dest=/etc/nsswitch.conf src=nsswitch.conf.j2 owner=root group=root mode=0644 + +- name: ldap - /etc/nslcd.conf + template: dest=/etc/nslcd.conf src=nslcd.conf.j2 owner=root group=nslcd mode=0640 + notify: restart nslcd + +- name: ldap - start nslcd + service: name=nslcd enabled=yes state=started + +- name: ldap - PAM + pamd: + name: "{{ item.name }}" + type: "{{ item.type }}" + new_type: "{{ item.type }}" + control: required + new_control: "{{ item.control }}" + module_path: pam_unix.so + new_module_path: "{{ item.module_path }}" + module_arguments: "{{ item.module_arguments }}" + state: "{{ item.state }}" + with_items: + - { name: system-auth, type: auth, control: sufficient, module_path: pam_ldap.so, module_arguments: minimum_uid=1000, state: before } + - { name: system-auth, type: account, control: sufficient, module_path: pam_ldap.so, module_arguments: minimum_uid=1000, state: before } + - { name: system-auth, type: password, control: sufficient, module_path: pam_ldap.so, module_arguments: minimum_uid=1000, state: before } + - { name: system-auth, type: session, control: optional, module_path: pam_ldap.so, module_arguments: minimum_uid=1000, state: after } + +- name: ldap - enable passwd change + lineinfile: + dest: /etc/pam.d/passwd + line: "password sufficient pam_ldap.so" + insertbefore: "^password" + firstmatch: yes + state: present + +- name: ldap - sudoers ensure includedir + lineinfile: + dest: /etc/sudoers + line: "#includedir /etc/sudoers.d" + state: present + validate: "/usr/sbin/visudo -cf %s" + +- name: sudoers - create + copy: + content: "%admin ALL=(ALL) ALL" + dest: "/etc/sudoers.d/admin" + mode: 0440 + owner: root + group: root + validate: "/usr/sbin/visudo -cf %s" diff --git a/roles/ldap/templates/nslcd.conf.j2 b/roles/ldap/templates/nslcd.conf.j2 new file mode 100644 index 0000000..9ed4457 --- /dev/null +++ b/roles/ldap/templates/nslcd.conf.j2 @@ -0,0 +1,9 @@ +# {{ ansible_managed }} + +# See the manual page nslcd.conf(5) for more information. + +uid nslcd +gid nslcd + +uri ldap://gagarin.fet.htu.tuwien.ac.at/ +base dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at diff --git a/roles/ldap/templates/nsswitch.conf.j2 b/roles/ldap/templates/nsswitch.conf.j2 new file mode 100644 index 0000000..8972846 --- /dev/null +++ b/roles/ldap/templates/nsswitch.conf.j2 @@ -0,0 +1,17 @@ +# {{ ansible_managed }} + +# /etc/nsswitch.conf +# +# See nsswitch.conf(5) for information. +# +passwd: files ldap +group: files ldap +shadow: files ldap + +hosts: files mdns mdns4_minimal mdns4 myhostname dns +networks: files + +protocols: files +services: files +ethers: files +rpc: files From ed5366df89cfe68beb95d019ff08460950046988 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 3 Nov 2018 15:00:21 +0100 Subject: [PATCH 08/33] Enable LDAP and NFS for sputnik --- site.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/site.yml b/site.yml index 22cc3bc..13da812 100644 --- a/site.yml +++ b/site.yml @@ -26,9 +26,10 @@ - ariane # - rvm1-ansible -#- hosts: sputnikov -# roles: -# - ldap +- hosts: sputnik + roles: + - ldap + - nfs - hosts: betam roles: From d4ae37d2106d497cd1eda421a694c58e2eb814dd Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 11:30:19 +0100 Subject: [PATCH 09/33] Fix sputnik name --- hosts/production | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/production b/hosts/production index 47fc6e5..9ab4f7d 100644 --- a/hosts/production +++ b/hosts/production @@ -11,7 +11,7 @@ all: proteus: fet_lxc_void: hosts: - sputnikov: + sputnik: zyklon: sojus: progress: From 021f431261fcd206995ccbcb111480f2e4abb9e4 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 14:06:43 +0100 Subject: [PATCH 10/33] Add ZFS mount for gitea, add doc --- doc/ariane.md | 1 + doc/gitea.md | 14 ++++++++++++++ host_vars/ariane | 1 + 3 files changed, 16 insertions(+) diff --git a/doc/ariane.md b/doc/ariane.md index 88adb9b..573aebe 100644 --- a/doc/ariane.md +++ b/doc/ariane.md @@ -97,6 +97,7 @@ mv /var/lib/lxc/* /ssd/var/lxc/ zfs set mountpoint=/var/lib/lxc ssd/var/lxc zfs create -o com.sun:auto-snapshot=false zv1/sojus zfs create -o com.sun:auto-snapshot=false zv1/daten/Scans +zfs create -o setuid=off -o exec=off zv1/zyklon ``` ### Set dataset quota ```shell diff --git a/doc/gitea.md b/doc/gitea.md index da43492..f61ddfd 100644 --- a/doc/gitea.md +++ b/doc/gitea.md @@ -3,6 +3,7 @@ ## Setup using installer, create user root ```shell +vim /etc/gitea.conf INSTALL_LOCK to false ``` @@ -21,3 +22,16 @@ INSTALL_LOCK to false - Email attribute: `mail` No Bind-DN and password needed! + +## Create backup dump to file + +```shell +cd /var/lib/gitea/ +sudo -u _gitea gitea dump -c /etc/gitea.conf +``` + +## Reset root password +```shell +cd /var/lib/gitea/ +sudo -u _gitea gitea admin change-password --config /etc/gitea.conf -u root -p pw +``` diff --git a/host_vars/ariane b/host_vars/ariane index 307a2a0..0d6d42a 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -54,6 +54,7 @@ lxc: - lxc.network.link = br1 - lxc.network.flags = up - lxc.pts = 6 + - lxc.mount.entry = /zv1/zyklon /var/lib/lxc/lxc-zyklon-01/rootfs/var/lib/gitea/ none bind,create=dir 0 0 - name: progress revision: "01" From 3b63308158122866f937fb82868514f7e3cee3b6 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 16:07:36 +0100 Subject: [PATCH 11/33] Update gitea --- doc/ariane.md | 1 + doc/gitea.md | 4 ++-- roles/gitea/tasks/gitea.yml | 8 ++++---- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/doc/ariane.md b/doc/ariane.md index 573aebe..8625616 100644 --- a/doc/ariane.md +++ b/doc/ariane.md @@ -98,6 +98,7 @@ zfs set mountpoint=/var/lib/lxc ssd/var/lxc zfs create -o com.sun:auto-snapshot=false zv1/sojus zfs create -o com.sun:auto-snapshot=false zv1/daten/Scans zfs create -o setuid=off -o exec=off zv1/zyklon +chown 997:996 /zv1/zyklon ``` ### Set dataset quota ```shell diff --git a/doc/gitea.md b/doc/gitea.md index f61ddfd..580abf1 100644 --- a/doc/gitea.md +++ b/doc/gitea.md @@ -3,8 +3,8 @@ ## Setup using installer, create user root ```shell -vim /etc/gitea.conf -INSTALL_LOCK to false +vim /etc/gitea.conf # INSTALL_LOCK to false +sv restart gitea ``` ## Gitea LDAP Authentication settings diff --git a/roles/gitea/tasks/gitea.yml b/roles/gitea/tasks/gitea.yml index 9d2d03c..f4a9190 100644 --- a/roles/gitea/tasks/gitea.yml +++ b/roles/gitea/tasks/gitea.yml @@ -5,9 +5,9 @@ - git-all - gitea -- name: gitea - /etc/gitea.conf - template: dest=/etc/gitea.conf src=gitea.conf.j2 owner=root group=root mode=0644 - notify: restart gitea - - name: gitea - git user user: name=_gitea shell=/bin/bash + +- name: gitea - /etc/gitea.conf + template: dest=/etc/gitea.conf src=gitea.conf.j2 owner=_gitea group=root mode=0640 + notify: restart gitea From c9d0f133a962446ff6fad7165702eb2f7faf0ad5 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 16:10:50 +0100 Subject: [PATCH 12/33] Update known_hosts --- roles/common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/common b/roles/common index a3ab58b..d738a88 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit a3ab58bc633b6ea8dd736e6985d243e8e45f4420 +Subproject commit d738a88a2fad083777860b6fec9c64456ad62ac6 From 1f4d7a6386a34a3cf2b3171807448bf439544dfc Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 16:11:18 +0100 Subject: [PATCH 13/33] Remove lxc.aa_profile = unconfined --- roles/ariane/files/lxc_default.conf | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/ariane/files/lxc_default.conf b/roles/ariane/files/lxc_default.conf index de6f698..e69de29 100644 --- a/roles/ariane/files/lxc_default.conf +++ b/roles/ariane/files/lxc_default.conf @@ -1 +0,0 @@ -lxc.aa_profile = unconfined From 9af85e552afb8baa2591fdc4ad3e1462fc67d556 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 16:15:15 +0100 Subject: [PATCH 14/33] Allow exec for git repos --- doc/ariane.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/ariane.md b/doc/ariane.md index 8625616..5eb1663 100644 --- a/doc/ariane.md +++ b/doc/ariane.md @@ -97,7 +97,7 @@ mv /var/lib/lxc/* /ssd/var/lxc/ zfs set mountpoint=/var/lib/lxc ssd/var/lxc zfs create -o com.sun:auto-snapshot=false zv1/sojus zfs create -o com.sun:auto-snapshot=false zv1/daten/Scans -zfs create -o setuid=off -o exec=off zv1/zyklon +zfs create -o setuid=off -o zv1/zyklon chown 997:996 /zv1/zyklon ``` ### Set dataset quota From 16ae555450541cce6509d2110b66a342c284039a Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 16:32:12 +0100 Subject: [PATCH 15/33] Allow password auth on sputnik --- group_vars/all | 1 - group_vars/backup | 7 ------- hosts/production | 1 - hosts/production_pet | 2 -- hosts/test_andi | 3 --- 5 files changed, 14 deletions(-) delete mode 100644 group_vars/backup delete mode 100644 hosts/production_pet delete mode 100644 hosts/test_andi diff --git a/group_vars/all b/group_vars/all index 26caefc..cfe6c0b 100644 --- a/group_vars/all +++ b/group_vars/all @@ -18,7 +18,6 @@ common_hostname: True common_rsyslog: True common_openssh_permit_root_login: "prohibit-password" -common_openssh_password_authentication: "yes" common_ntp_servers: - tutimea.tuwien.ac.at diff --git a/group_vars/backup b/group_vars/backup deleted file mode 100644 index 23a39d0..0000000 --- a/group_vars/backup +++ /dev/null @@ -1,7 +0,0 @@ -backup: - repositories: - - path: "/srv/rep1" - name: "Repository1" - - path: "/srv/rep2" - name: "Repository2" - \ No newline at end of file diff --git a/hosts/production b/hosts/production index 9ab4f7d..82f0b51 100644 --- a/hosts/production +++ b/hosts/production @@ -5,7 +5,6 @@ all: ariane: fet_lxc_debian: hosts: - lxc-pet-01: laika: betam: proteus: diff --git a/hosts/production_pet b/hosts/production_pet deleted file mode 100644 index fffed14..0000000 --- a/hosts/production_pet +++ /dev/null @@ -1,2 +0,0 @@ -[fet_container] -lxc-pet-01 diff --git a/hosts/test_andi b/hosts/test_andi deleted file mode 100644 index e6231d1..0000000 --- a/hosts/test_andi +++ /dev/null @@ -1,3 +0,0 @@ -[ruby] -#test01 -test03 From 4b48b83ce9eea9150c1c3aef63aba375e607b2aa Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 21:01:49 +0100 Subject: [PATCH 16/33] Enable SSH with password, iptables for sputnik --- host_vars/sputnik | 7 +++++++ templates/iptables_sputnik_v4.j2 | 14 ++++++++++++++ templates/iptables_sputnik_v6.j2 | 12 ++++++++++++ 3 files changed, 33 insertions(+) create mode 100644 host_vars/sputnik create mode 100644 templates/iptables_sputnik_v4.j2 create mode 100644 templates/iptables_sputnik_v6.j2 diff --git a/host_vars/sputnik b/host_vars/sputnik new file mode 100644 index 0000000..4b33fb3 --- /dev/null +++ b/host_vars/sputnik @@ -0,0 +1,7 @@ +inventory_hostname: sputnik.fet.htu.tuwien.ac.at +inventory_hostname_short: sputnik + +common_iptables_v4: "iptables_sputnik_v4.j2" +common_iptables_v6: "iptables_sputnik_v6.j2" + +common_openssh_password_authentication: "yes" diff --git a/templates/iptables_sputnik_v4.j2 b/templates/iptables_sputnik_v4.j2 new file mode 100644 index 0000000..b7efa99 --- /dev/null +++ b/templates/iptables_sputnik_v4.j2 @@ -0,0 +1,14 @@ +# {{ ansible_managed }} + +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT +-A INPUT -p icmp -j ACCEPT +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i lo -j ACCEPT +-A INPUT -p tcp -j REJECT --reject-with tcp-reset +-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable +-A INPUT -j REJECT --reject-with icmp-proto-unreachable +COMMIT diff --git a/templates/iptables_sputnik_v6.j2 b/templates/iptables_sputnik_v6.j2 new file mode 100644 index 0000000..d2927b5 --- /dev/null +++ b/templates/iptables_sputnik_v6.j2 @@ -0,0 +1,12 @@ +# {{ ansible_managed }} + +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -p tcp --syn -j DROP +-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT +-A INPUT -p ipv6-icmp -j ACCEPT +-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +-A INPUT -i lo -j ACCEPT +COMMIT From 59b79dadc4658d07a354235f470992b31213818e Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 4 Nov 2018 21:23:40 +0100 Subject: [PATCH 17/33] Activate iptables for all except old qemu --- host_vars/ariane | 1 - host_vars/progress | 1 - host_vars/proteus | 2 ++ host_vars/zyklon | 2 ++ roles/common | 2 +- templates/iptables_ariane_v4.j2 | 8 ++++---- templates/iptables_ariane_v6.j2 | 12 ------------ templates/iptables_progress_v6.j2 | 12 ------------ ...ables_sputnik_v4.j2 => iptables_proteus_v4.j2} | 1 + templates/iptables_sputnik_v6.j2 | 12 ------------ templates/iptables_zyklon_v4.j2 | 15 +++++++++++++++ 11 files changed, 25 insertions(+), 43 deletions(-) delete mode 100644 templates/iptables_ariane_v6.j2 delete mode 100644 templates/iptables_progress_v6.j2 rename templates/{iptables_sputnik_v4.j2 => iptables_proteus_v4.j2} (90%) delete mode 100644 templates/iptables_sputnik_v6.j2 create mode 100644 templates/iptables_zyklon_v4.j2 diff --git a/host_vars/ariane b/host_vars/ariane index 0d6d42a..7b3e027 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -5,7 +5,6 @@ inventory_hostname_short: ariane common_interfaces: True common_interfaces_file: interfaces_ariane.j2 common_iptables_v4: "iptables_ariane_v4.j2" -common_iptables_v6: "iptables_ariane_v6.j2" lxc: containers: diff --git a/host_vars/progress b/host_vars/progress index e75b5ce..dd9fd5c 100644 --- a/host_vars/progress +++ b/host_vars/progress @@ -2,5 +2,4 @@ inventory_hostname: progress.fet.htu.tuwien.ac.at inventory_hostname_short: progress common_iptables_v4: "iptables_progress_v4.j2" -common_iptables_v6: "iptables_progress_v6.j2" printer_ip: dell3465 diff --git a/host_vars/proteus b/host_vars/proteus index 9ce50c9..a55e037 100644 --- a/host_vars/proteus +++ b/host_vars/proteus @@ -1,2 +1,4 @@ inventory_hostname: proteus.fet.htu.tuwien.ac.at inventory_hostname_short: proteus + +common_iptables_v4: "iptables_proteus_v4.j2" diff --git a/host_vars/zyklon b/host_vars/zyklon index 4e75b4b..2e6462d 100644 --- a/host_vars/zyklon +++ b/host_vars/zyklon @@ -1,2 +1,4 @@ inventory_hostname: zyklon.fet.htu.tuwien.ac.at inventory_hostname_short: zyklon + +common_iptables_v4: "iptables_zyklon_v4.j2" diff --git a/roles/common b/roles/common index d738a88..5e916ca 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit d738a88a2fad083777860b6fec9c64456ad62ac6 +Subproject commit 5e916ca510e01a4a13424dc4bf69a1f4dc043649 diff --git a/templates/iptables_ariane_v4.j2 b/templates/iptables_ariane_v4.j2 index 6112834..1ec0d86 100644 --- a/templates/iptables_ariane_v4.j2 +++ b/templates/iptables_ariane_v4.j2 @@ -4,14 +4,14 @@ :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] --A INPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p udp -m multiport --dports 10053,111,2049,32769,875,892 -m state --state NEW,ESTABLISHED -j ACCEPT --A INPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p tcp -m multiport --dports 10053,111,2049,32803,875,892 -m state --state NEW,ESTABLISHED -j ACCEPT --A OUTPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p udp -m multiport --sports 10053,111,2049,32769,875,892 -m state --state ESTABLISHED -j ACCEPT --A OUTPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p tcp -m multiport --sports 10053,111,2049,32803,875,892 -m state --state ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT +-A INPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p udp -m multiport --dports 10053,111,2049,32769,875,892 -m state --state NEW,ESTABLISHED -j ACCEPT +-A INPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p tcp -m multiport --dports 10053,111,2049,32803,875,892 -m state --state NEW,ESTABLISHED -j ACCEPT +-A OUTPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p udp -m multiport --sports 10053,111,2049,32769,875,892 -m state --state ESTABLISHED -j ACCEPT +-A OUTPUT -s 192.168.86.0/24 -d 192.168.86.0/24 -p tcp -m multiport --sports 10053,111,2049,32803,875,892 -m state --state ESTABLISHED -j ACCEPT -A INPUT -p tcp -j REJECT --reject-with tcp-reset -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable -A INPUT -j REJECT --reject-with icmp-proto-unreachable diff --git a/templates/iptables_ariane_v6.j2 b/templates/iptables_ariane_v6.j2 deleted file mode 100644 index d2927b5..0000000 --- a/templates/iptables_ariane_v6.j2 +++ /dev/null @@ -1,12 +0,0 @@ -# {{ ansible_managed }} - -*filter -:INPUT DROP [0:0] -:FORWARD DROP [0:0] -:OUTPUT ACCEPT [0:0] --A INPUT -p tcp --syn -j DROP --A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT --A INPUT -p ipv6-icmp -j ACCEPT --A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT --A INPUT -i lo -j ACCEPT -COMMIT diff --git a/templates/iptables_progress_v6.j2 b/templates/iptables_progress_v6.j2 deleted file mode 100644 index d2927b5..0000000 --- a/templates/iptables_progress_v6.j2 +++ /dev/null @@ -1,12 +0,0 @@ -# {{ ansible_managed }} - -*filter -:INPUT DROP [0:0] -:FORWARD DROP [0:0] -:OUTPUT ACCEPT [0:0] --A INPUT -p tcp --syn -j DROP --A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT --A INPUT -p ipv6-icmp -j ACCEPT --A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT --A INPUT -i lo -j ACCEPT -COMMIT diff --git a/templates/iptables_sputnik_v4.j2 b/templates/iptables_proteus_v4.j2 similarity index 90% rename from templates/iptables_sputnik_v4.j2 rename to templates/iptables_proteus_v4.j2 index b7efa99..cbe5456 100644 --- a/templates/iptables_sputnik_v4.j2 +++ b/templates/iptables_proteus_v4.j2 @@ -8,6 +8,7 @@ -A INPUT -p icmp -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT +-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -j REJECT --reject-with tcp-reset -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable -A INPUT -j REJECT --reject-with icmp-proto-unreachable diff --git a/templates/iptables_sputnik_v6.j2 b/templates/iptables_sputnik_v6.j2 deleted file mode 100644 index d2927b5..0000000 --- a/templates/iptables_sputnik_v6.j2 +++ /dev/null @@ -1,12 +0,0 @@ -# {{ ansible_managed }} - -*filter -:INPUT DROP [0:0] -:FORWARD DROP [0:0] -:OUTPUT ACCEPT [0:0] --A INPUT -p tcp --syn -j DROP --A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT --A INPUT -p ipv6-icmp -j ACCEPT --A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT --A INPUT -i lo -j ACCEPT -COMMIT diff --git a/templates/iptables_zyklon_v4.j2 b/templates/iptables_zyklon_v4.j2 new file mode 100644 index 0000000..66618d3 --- /dev/null +++ b/templates/iptables_zyklon_v4.j2 @@ -0,0 +1,15 @@ +# {{ ansible_managed }} + +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT +-A INPUT -p icmp -j ACCEPT +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i lo -j ACCEPT +-A INPUT -p tcp -m tcp --dport 3000 -j ACCEPT +-A INPUT -p tcp -j REJECT --reject-with tcp-reset +-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable +-A INPUT -j REJECT --reject-with icmp-proto-unreachable +COMMIT From a751a6549df3e388d299e5be338b4923fc65641c Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 10 Nov 2018 12:51:58 +0100 Subject: [PATCH 18/33] Add README.md --- README.md | 20 +++++++++ roles/common | 2 +- ssh.cfg | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 142 insertions(+), 1 deletion(-) create mode 100644 README.md create mode 100644 ssh.cfg diff --git a/README.md b/README.md new file mode 100644 index 0000000..5428566 --- /dev/null +++ b/README.md @@ -0,0 +1,20 @@ +# Ansible configuration management for FET IT + +# See [Service documentation](./doc) + +# Install ansible +```shell +./install +``` +Put [ssh_config](./ssh.cfg) in your `~/.ssh/config` or specify local one each time +Put `./roles/common/files/known_hosts` in your `~/.ssh/known_hosts` + +# Run ansible +```shell +./ansible-playbook -i hosts/production site.yml --ssh-extra-args "-F ./ssh.cfg" +``` + +# Run ansible for specific server and role +```shell +./ansible-playbook -i hosts/production site.yml --ssh-extra-args "-F ./ssh.cfg" --limit sputnik --tags openssh +``` diff --git a/roles/common b/roles/common index 5e916ca..a8c75a1 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit 5e916ca510e01a4a13424dc4bf69a1f4dc043649 +Subproject commit a8c75a12f5089acb3cbb6ff9557fe3ea6460f81c diff --git a/ssh.cfg b/ssh.cfg new file mode 100644 index 0000000..4a86806 --- /dev/null +++ b/ssh.cfg @@ -0,0 +1,121 @@ +# FET + +Host sputnik + Hostname sputnik.htu.tuwien.ac.at + +Host kistl + ProxyJump sputnik + +Host wlan + User root + ProxyJump sputnik + +Host atlas + ProxyJump sputnik + +Host ariane + Hostname ariane.htu.tuwien.ac.at + User root + ProxyJump sputnik + +## virtual on ariane +Host laika + User root + ProxyJump ariane + +Host betam + User root + ProxyJump ariane + +Host proteus + User root + ProxyJump ariane + +Host zyklon + User root + ProxyJump ariane + +Host sojus + User root + ProxyJump sputnik + +Host progress + User root + Proxyjump sputnik + +Host energija + Hostname energija.htu.tuwien.ac.at + ProxyJump sputnik + +## virtual on energija +Host nauka + User root + ProxyJump sputnik + +Host buran + Hostname buran.htu.tuwien.ac.at + User root + ProxyJump sputnik + +Host backup + ProxyJump sputnik + +Host gagarin + ProxyJump sputnik + +Host horde5 + ProxyJump sputnik + +Host triton + User root + ProxyJump sputnik + DynamicForward 127.0.0.1:4444 + +Host mogok + ProxyJump sputnik + +Host maria-storage + User root + ProxyJump sputnik + +Host miruk + Port 222 + User root + ProxyJump triton + +Host cloud + ProxyJump sputnik + +Host fetruby + ProxyJump sputnik + +Host fetwiki # triton-2 + Hostname 192.168.95.12 + ProxyJump sputnik + +Host triton-amp + ProxyJump sputnik + +Host fet + ProxyJump miruk + +Host baroness + User root + Proxyjump sputnik + +## Workstations +Host potemkin + ProxyJump sputnik + +Host proton + ProxyJump sputnik + +Host suchoi + ProxyJump sputnik + +Host lunik + ProxyJump sputnik + +# FET Ende + +EscapeChar ~ From 5116516af6ffe77a55da2a054582343913d468d5 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Mon, 12 Nov 2018 00:02:57 +0100 Subject: [PATCH 19/33] Add samba reboot restart cronjob --- doc/progress.md | 6 ++++++ roles/scans/tasks/samba.yml | 8 ++++++++ 2 files changed, 14 insertions(+) create mode 100644 doc/progress.md diff --git a/doc/progress.md b/doc/progress.md new file mode 100644 index 0000000..76e661d --- /dev/null +++ b/doc/progress.md @@ -0,0 +1,6 @@ +# Check if share works + +```shell +smbclient -L //localhost -U dell +smbclient //localhost/scans -U dell +``` diff --git a/roles/scans/tasks/samba.yml b/roles/scans/tasks/samba.yml index 4d96a24..fd8ca94 100644 --- a/roles/scans/tasks/samba.yml +++ b/roles/scans/tasks/samba.yml @@ -3,6 +3,7 @@ package: name={{ item }} with_items: - samba + - smbclient - name: samba - /etc/smb.conf template: dest=/etc/samba/smb.conf src=smb.conf.j2 owner=root group=root mode=0644 @@ -18,3 +19,10 @@ - name: samba - set smbpasswds shell: "(echo {{ item['smbpasswd'] }}; echo {{ item['smbpasswd'] }}) | smbpasswd -s -a {{ item['name'] }}" with_items: '{{ samba_users }}' + changed_when: False + +- name: samba - add cronjob for fixing IPv4 + cron: + name: samba reboot restart + special_time : reboot + job: "sleep 15 && sv restart smbd" From 9c1f29d6fd8d59ddb3a9f22b20e8e2f1abbc65c7 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Mon, 12 Nov 2018 00:21:00 +0100 Subject: [PATCH 20/33] Add dell3465 config file --- doc/configs/dell3465_settings.ucf | 1479 +++++++++++++++++++++++++++++ 1 file changed, 1479 insertions(+) create mode 100644 doc/configs/dell3465_settings.ucf diff --git a/doc/configs/dell3465_settings.ucf b/doc/configs/dell3465_settings.ucf new file mode 100644 index 0000000..4ad32eb --- /dev/null +++ b/doc/configs/dell3465_settings.ucf @@ -0,0 +1,1479 @@ +// UCF File from 192.168.86.14 +// This file has been exported in UTF-8 format.If you modify this file + +// it should be modified with a UTF-8 compliant editor. + +mfp.general.country "4" +print.blankPages "1" +PRNDARK "3" +printTimeout "90" +ports.standard.parallel.0.honorInit "0" +print.numberOfCopies "1" +print.duplex.bindingEdge "0" +language "0" +ports.standard.parallel.0.fastBytes "1" +printRecovery.pageProtect "0" +paperSource "1" +tray1.paperType "0" +//ERROR GETTING tray2.paperType +manualPaper.paperType "0" +pcl.orientation "0" +alarm.toner "0" +menuDisable "0" +printRecovery.autoContinue "5" +fontNumber "0" +symbolSet "405" +fontSize "1200" +pcl.A4Width "198" +pcl.autoCRafterLF "0" +pcl.autoLFafterCR "0" +jobTimeout "0" +manualFeedTimeout "60" +timeout.wait "40" +postscript.printErrors "0" +printRecovery.jamRecovery "2" +ports.standard.parallel.0.smartSwitch.PS "1" +ports.standard.parallel.0.smartSwitch.PCL5 "1" +resourceSave "0" +trayRenumber "0" +ports.standard.parallel.0.advancedStatus "1" +ports.standard.parallel.0.mode2 "1" +//ERROR GETTING tray3.paperType +substSize "99" +print.collation "1" +print.separatorSheets "0" +print.separatorSource "1" +brightness "0" +contrast "0" +colorCorrection "7" +outputBin "1" +finisher.staple "0" +offset "0" +type1Fonts "1" +MPTray.paperType "133" +//ERROR GETTING tray4.paperType +//ERROR GETTING tray5.paperType +plainPaper.weight "1" +plainPaper.texture "1" +roughPaper.weight "2" +colorPaper.weight "1" +colorPaper.texture "1" +transparency.weight "1" +transparency.texture "1" +cardstock.weight "1" +cardstock.texture "1" +labels.weight "1" +labels.texture "1" +letterheadPaper.weight "1" +letterheadPaper.texture "1" +prepunchedPaper.weight "1" +prepunchedPaper.texture "2" +preprintedPaper.weight "1" +preprintedPaper.texture "1" +envelope.weight "1" +envelope.texture "1" +customType1.weight "1" +customType1.texture "1" +customType1.type "0" +customType1.name "" +customType2.weight "1" +customType2.texture "1" +customType2.type "0" +customType2.name "" +customType3.weight "1" +customType3.texture "1" +customType3.type "0" +customType3.name "" +customType4.weight "1" +customType4.texture "1" +customType4.type "0" +customType4.name "" +customType5.weight "1" +customType5.texture "1" +customType5.type "0" +customType5.name "" +customType6.weight "1" +customType6.texture "1" +customType6.type "0" +customType6.name "" +manualEnvelope.paperType "8" +printPageMode "0" +ports.standard.parallel.0.PSBinaryFiltering "2" +MPFeedRenumber "0" +multiPage "0" +multiPageOrientation "99" +print.multiPage.border "0" +multiPageOrder "0" +ports.standard.usb.0.smartSwitch.PS "1" +ports.standard.usb.0.smartSwitch.PCL5 "1" +print.resolution "3" +letterheadPaper.loading "0" +preprintedPaper.loading "0" +customType1.loading "0" +customType2.loading "0" +customType3.loading "0" +customType4.loading "0" +customType5.loading "0" +customType6.loading "0" +prepunchedPaper.loading "0" +cardstock.loading "0" +labels.loading "0" +colorPaper.loading "0" +ports.standard.usb.0.PSBinaryFiltering "2" +finisher.punch "0" +ports.standard.network.0.smartSwitch.PS "1" +ports.standard.network.0.smarkSwitch.PCL5 "1" +ports.standard.network.0.interpretAsP_TCPIP "2" +ports.standard.network.0.PSBinaryFiltering "1" +pcl.linesPerPage "64" +print.darkness "7" +pseudo.fontSource "0" +universalPaper.paperWidth "183600" +universalPaper.paperHeight "302400" +universalPaper.paperOrientation "0" +holePunchMode "1" +glossyPaper.weight "1" +glossyPaper.texture "1" +glossyPaper.loading "0" +MICRJob "0" +pdf.scaleToFit "226" +pdf.orientation "226" +pdf.halfTone "227" +pdf.annotations "226" +paperCHGPromptSource "0" +ENV_CHGPromptSource "0" +confidentialJobExpire "0" +printerLockoutMaxRetry "0" +vinyllabels.weight "1" +vinyllabels.texture "1" +vinyllabels.loading "0" +linedetail "1" +pdf.autoSourceSearch "1" +lightpaper.texture "1" +lightpaper.paperloading "0" +heavypaper.papertexture "1" +heavypaper.paperloading "0" +nvEcoMode "0" +recycledpaper.paperweight "1" +recycledpaper.papertexture "1" +recycledpaper.type "0" +recycledpaper.paperloading "0" +printerRFIDTagNotify "1" +printerRFIDAutoretryCnt "0" +printerRFIDBadTagBin "254" +nvQuietMode "0" +printerRFIDMarkOnError "0" +ChgPromptSourceAction "0" +print.usbDirectLateBind.duplex "0" +print.usbDirectLateBind.duplex.bindingEdge "0" +print.usbDirectLateBind.numberOfCopies "1" +finisher.usbDirectLateBind.staple "0" +finisher.usbDirectLateBind.punch "0" +usbDirectLateBind.holePunchMode "1" +print.usbDirectLateBind.blankPages "1" +print.usbDirectLateBind.collation "1" +print.usbDirectLateBind.separatorSheets "0" +print.usbDirectLateBind.separatorSource "1" +print.usbDirectLateBind.multiPage.border "0" +usbDirectLateBind.offset "0" +supplies.blackCart.earlyWarning.behavior "0" +supplies.blackCart.nearlyLow.behavior "0" +supplies.blackCart.LowBehavior "2" +supplies.blackCart.nearEndOfLife.behavior "2" +supplies.blackCart.endOfLife.behavior "4" +supplies.blackCart.earlyWarning.level "50" +supplies.blackCart.nearlyLow.level "30" +supplies.blackCart.nearEndOfLife.level "10" +supplies.cyanCart.earlyWarning.behavior "0" +supplies.cyanCart.nearlyLow.behavior "0" +supplies.cyanCart.LowBehavior "2" +supplies.cyanCart.nearEndOfLife.behavior "2" +supplies.cyanCart.endOfLife.behavior "4" +supplies.cyanCart.earlyWarning.level "40" +supplies.cyanCart.nearlyLow.level "10" +supplies.cyanCart.nearEndOfLife.level "10" +supplies.magentaCart.earlyWarning.behavior "0" +supplies.magentaCart.nearlyLow.behavior "0" +supplies.magentaCart.LowBehavior "2" +supplies.magentaCart.nearEndOfLife.behavior "0" +supplies.magentaCart.endOfLife.behavior "0" +supplies.magentaCart.earlyWarning.level "40" +supplies.magentaCart.nearlyLow.level "30" +supplies.magentaCart.nearEndOfLife.level "10" +supplies.yellowCart.earlyWarning.behavior "0" +supplies.yellowCart.nearlyLow.behavior "0" +supplies.yellowCart.LowBehavior "2" +supplies.yellowCart.nearEndOfLife.behavior "0" +supplies.yellowCart.endOfLife.behavior "0" +supplies.yellowCart.earlyWarning.level "40" +supplies.yellowCart.nearlyLow.level "30" +supplies.yellowCart.nearEndOfLife.level "10" +supplies.blackPC.earlyWarning.behavior "0" +supplies.blackPC.nearlyLow.behavior "0" +supplies.blackPC.LowBehavior "3" +supplies.blackPC.nearEndOfLife.behavior "0" +supplies.blackPC.endOfLife.behavior "4" +supplies.blackPC.earlyWarning.level "40" +supplies.blackPC.nearlyLow.level "30" +supplies.blackPC.nearEndOfLife.level "10" +supplies.cyanPC.earlyWarning.behavior "0" +supplies.cyanPC.nearlyLow.behavior "0" +supplies.cyanPC.LowBehavior "3" +supplies.cyanPC.nearEndOfLife.behavior "0" +supplies.cyanPC.endOfLife.behavior "4" +supplies.cyanPC.earlyWarning.level "40" +supplies.cyanPC.nearlyLow.level "30" +supplies.cyanPC.nearEndOfLife.level "10" +supplies.magentaPC.earlyWarning.behavior "0" +supplies.magentaPC.nearlyLow.behavior "0" +supplies.magentaPC.LowBehavior "3" +supplies.magentaPC.nearEndOfLife.behavior "0" +supplies.magentaPC.endOfLife.behavior "4" +supplies.magentaPC.earlyWarning.level "40" +supplies.magentaPC.nearlyLow.level "30" +supplies.magentaPC.nearEndOfLife.level "10" +supplies.yellowPC.earlyWarning.behavior "0" +supplies.yellowPC.nearlyLow.behavior "0" +supplies.yellowPC.LowBehavior "3" +supplies.yellowPC.nearEndOfLife.behavior "0" +supplies.yellowPC.endOfLife.behavior "4" +supplies.yellowPC.earlyWarning.level "40" +supplies.yellowPC.nearlyLow.level "30" +supplies.yellowPC.nearEndOfLife.level "10" +supplies.fuser.earlyWarning.behavior "0" +supplies.fuser.nearlyLow.behavior "0" +supplies.fuser.LowBehavior "0" +supplies.fuser.nearEndOfLife.behavior "0" +supplies.fuser.endOfLife.behavior "0" +supplies.fuser.earlyWarning.level "40" +supplies.fuser.nearlyLow.level "30" +supplies.fuser.nearEndOfLife.level "10" +supplies.maintenance.earlyWarning.behavior "0" +supplies.maintenance.nearlyLow.behavior "0" +supplies.maintenance.LowBehavior "0" +supplies.maintenance.nearEndOfLife.behavior "2" +supplies.maintenance.endOfLife.behavior "2" +supplies.maintenance.earlyWarning.level "40" +supplies.maintenance.nearlyLow.level "10" +supplies.maintenance.nearEndOfLife.level "10" +supplies.itm.earlyWarning.behavior "0" +supplies.itm.nearlyLow.behavior "0" +supplies.itm.LowBehavior "3" +supplies.itm.nearEndOfLife.behavior "0" +supplies.itm.endOfLife.behavior "4" +supplies.itm.earlyWarning.level "40" +supplies.itm.nearlyLow.level "30" +supplies.itm.nearEndOfLife.level "10" +supplies.oilRoller.earlyWarning.behavior "0" +supplies.oilRoller.nearlyLow.behavior "0" +supplies.oilRoller.LowBehavior "3" +supplies.oilRoller.nearEndOfLife.behavior "0" +supplies.oilRoller.endOfLife.behavior "4" +supplies.oilRoller.earlyWarning.level "40" +supplies.oilRoller.nearlyLow.level "30" +supplies.oilRoller.nearEndOfLife.level "10" +supplies.Supply12.earlyWarning.behavior "0" +supplies.Supply12.nearlyLow.behavior "0" +supplies.Supply12.LowBehavior "3" +supplies.Supply12.nearEndOfLife.behavior "0" +supplies.Supply12.endOfLife.behavior "4" +supplies.Supply12.earlyWarning.level "40" +supplies.Supply12.nearlyLow.level "30" +supplies.Supply12.nearEndOfLife.level "10" +heavycardPaper.loading "0" +roughenvelopePaper.weight "2" +roughenvelopePaper.loading "0" +heavycottonPaper.loading "0" +veryheavyPaper.loading "0" +heavyglossyPaper.texture "1" +heavyglossyPaper.loading "0" +rfidlabelsPaper.loading "0" +roughPaper.loading "0" +usbDirectLateBind.paperSource "1" +jobParkEnabled "0" +jobParkFaxEnabled "0" +jobParkTimeout "30" +diskWipeAutomaticStyle "0" +usbDirectLateBind.colorModel "0" +outputLightingStdBinReady "2" +tonerAlarmSound "0" +pixelBoost "0" +outputLightingStdBinPowerSav "1" +outputLightingOptBinReady "2" +outputLightingOptBinPowerSav "1" +pseudo.fontSourceXtra "0" +pelBlurring "0" +manualEnvelope.paperSize "88" +bestSpeed "0" +spotColor1C "0" +spotColor2C "0" +spotColor3C "0" +spotColor4C "0" +spotColor5C "0" +spotColor6C "0" +spotColor7C "0" +spotColor8C "0" +spotColor9C "0" +spotColor10C "0" +spotColor11C "0" +spotColor12C "0" +spotColor13C "0" +spotColor14C "0" +spotColor15C "0" +spotColor16C "0" +spotColor17C "0" +spotColor18C "0" +spotColor19C "0" +spotColor20C "0" +spotColor1M "0" +spotColor2M "0" +spotColor3M "0" +spotColor4M "0" +spotColor5M "0" +spotColor6M "0" +spotColor7M "0" +spotColor8M "0" +spotColor9M "0" +spotColor10M "0" +spotColor11M "0" +spotColor12M "0" +spotColor13M "0" +spotColor14M "0" +spotColor15M "0" +spotColor16M "0" +spotColor17M "0" +spotColor18M "0" +spotColor19M "0" +spotColor20M "0" +spotColor1Y "0" +spotColor2Y "0" +spotColor3Y "0" +spotColor4Y "0" +spotColor5Y "0" +spotColor6Y "0" +spotColor7Y "0" +spotColor8Y "0" +spotColor9Y "0" +spotColor10Y "0" +spotColor11Y "0" +spotColor12Y "0" +spotColor13Y "0" +spotColor14Y "0" +spotColor15Y "0" +spotColor16Y "0" +spotColor17Y "0" +spotColor18Y "0" +spotColor19Y "0" +spotColor20Y "0" +spotColor1K "0" +spotColor2K "0" +spotColor3K "0" +spotColor4K "0" +spotColor5K "0" +spotColor6K "0" +spotColor7K "0" +spotColor8K "0" +spotColor9K "0" +spotColor10K "0" +spotColor11K "0" +spotColor12K "0" +spotColor13K "0" +spotColor14K "0" +spotColor15K "0" +spotColor16K "0" +spotColor17K "0" +spotColor18K "0" +spotColor19K "0" +spotColor20K "0" +spotColorName1 "" +spotColorName2 "" +spotColorName3 "" +spotColorName4 "" +spotColorName5 "" +spotColorName6 "" +spotColorName7 "" +spotColorName8 "" +spotColorName9 "" +spotColorName10 "" +spotColorName11 "" +spotColorName12 "" +spotColorName13 "" +spotColorName14 "" +spotColorName15 "" +spotColorName16 "" +spotColorName17 "" +spotColorName18 "" +spotColorName19 "" +spotColorName20 "" +jaEnabled "0" +jaFrequency "1" +jaNearFullLvl "5" +jaPostURL "" +jaEmailAddress "" +jaFreqAction "0" +jaNearFullAction "0" +jaMediaFullAction "0" +jaLogPrefix "" +//ERROR GETTING nvLedErrorLighting +nvLedOutputLighting "2" +nvPressSleepButton "1" +nvPressAndHoldSleepButton "0" +nvMIBversion "1.0.0" +nvMIBSupportLevel "48" +nvEnableCopyDeskew "2" +nvEnableHaptics "1" +nvEnableFaxDeskew "2" +nvEnableFTPDeskew "2" +nvEnableEmailDeskew "2" +nvEnableDocumentDeskew "2" +nvEnableUSBDeskew "2" +UCF_BUTTON_FEEDBACK "1" +UCF_DEVICE_VOLUME "4" +nvAlwaysDisplayErrorScreens "1" +nvTonerType "0" +repeatJobExpire "0" +verifyJobExpire "0" +reserveJobExpire "0" +DEFAULT_ADF_MEDIA_TYPE "0" +nvFuserSpeed "0" +nvServiceErrorRebootCountMax "2" +nvServiceErrorRebootMode "1" +nvServiceErrorRebootWindowMax "720" +nvA5Loading "0" +nvFontDensity "3" +nvHibernateTimeout "7" +nvHibernateTimeoutOverride "0" +nvJamAssist "1" +nvSafeMode "0" +nvOemMfgShortName "Dell" +nvOemMfgLongName "Dell" +nvPagesRemainingDisplay "1" +nvAccessibilityTimeoutExtension "0" +supplies.blackCart.low.level "10" +supplies.cyanCart.low.level "5" +supplies.magentaCart.low.level "20" +supplies.yellowCart.low.level "20" +supplies.blackPC.low.level "20" +supplies.cyanPC.low.level "20" +supplies.magentaPC.low.level "20" +supplies.yellowPC.low.level "20" +supplies.fuser.low.level "20" +supplies.maintenance.low.level "5" +supplies.itm.low.level "20" +supplies.oilRoller.low.level "20" +supplies.Supply12.low.level "20" +jaNearFullLvlUserFlash "5" +sleepTimeOutOverrideAlgeria "65535" +sleepTimeOutOverrideArgentina "65535" +sleepTimeOutOverrideAustralia "65535" +sleepTimeOutOverrideAustria "65535" +sleepTimeOutOverrideBangladesh "65535" +sleepTimeOutOverrideBelgium "65535" +sleepTimeOutOverrideBolivia "65535" +sleepTimeOutOverrideBrazil "65535" +sleepTimeOutOverrideBulgaria "65535" +sleepTimeOutOverrideCanada "65535" +sleepTimeOutOverrideChile "65535" +sleepTimeOutOverrideColumbia "65535" +sleepTimeOutOverrideCostaRica "65535" +sleepTimeOutOverrideCroatia "65535" +sleepTimeOutOverrideCyprus "65535" +sleepTimeOutOverrideCzechRepublic "65535" +sleepTimeOutOverrideDenmark "65535" +sleepTimeOutOverrideDominicanRepublic "65535" +sleepTimeOutOverrideEcuador "65535" +sleepTimeOutOverrideEgypt "65535" +sleepTimeOutOverrideElSalvador "65535" +sleepTimeOutOverrideEstonia "65535" +sleepTimeOutOverrideFinland "65535" +sleepTimeOutOverrideFrance "65535" +sleepTimeOutOverrideGermany "65535" +sleepTimeOutOverrideGreece "65535" +sleepTimeOutOverrideGuam "65535" +sleepTimeOutOverrideGuatemala "65535" +sleepTimeOutOverrideHonduras "65535" +sleepTimeOutOverrideHongKong "65535" +sleepTimeOutOverrideHungary "65535" +sleepTimeOutOverrideIceland "65535" +sleepTimeOutOverrideIndia "65535" +sleepTimeOutOverrideIndonesia "65535" +sleepTimeOutOverrideIreland "65535" +sleepTimeOutOverrideIsrael "65535" +sleepTimeOutOverrideItaly "65535" +sleepTimeOutOverrideJapan "65535" +sleepTimeOutOverrideKorea "65535" +sleepTimeOutOverrideKuwait "65535" +sleepTimeOutOverrideLatvia "65535" +sleepTimeOutOverrideLeichtenstein "65535" +sleepTimeOutOverrideLithuania "65535" +sleepTimeOutOverrideLuxembourg "65535" +sleepTimeOutOverrideMalaysia "65535" +sleepTimeOutOverrideMalta "65535" +sleepTimeOutOverrideMexico "65535" +sleepTimeOutOverrideMorocco "65535" +sleepTimeOutOverrideNetherlandsHolland "65535" +sleepTimeOutOverrideNewZealand "65535" +sleepTimeOutOverrideNicaragua "65535" +sleepTimeOutOverrideNigeria "65535" +sleepTimeOutOverrideNorway "65535" +sleepTimeOutOverridePanama "65535" +sleepTimeOutOverrideParaguay "65535" +sleepTimeOutOverridePeru "65535" +sleepTimeOutOverridePhilippines "65535" +sleepTimeOutOverridePoland "65535" +sleepTimeOutOverridePortugal "65535" +sleepTimeOutOverridePuertoRico "65535" +sleepTimeOutOverrideQatar "65535" +sleepTimeOutOverrideRomania "65535" +sleepTimeOutOverrideRussia "65535" +sleepTimeOutOverrideSaudiArabia "65535" +sleepTimeOutOverrideMontenegro "65535" +sleepTimeOutOverrideSerbia "65535" +sleepTimeOutOverrideSenegal "65535" +sleepTimeOutOverrideSingapore "65535" +sleepTimeOutOverrideSlovakia "65535" +sleepTimeOutOverrideSlovania "65535" +sleepTimeOutOverrideSouthAfrica "65535" +sleepTimeOutOverrideSpain "65535" +sleepTimeOutOverrideSriLanka "65535" +sleepTimeOutOverrideSweden "65535" +sleepTimeOutOverrideSwitzerland "65535" +sleepTimeOutOverrideTaiwan "65535" +sleepTimeOutOverrideThailand "65535" +sleepTimeOutOverrideTunisia "65535" +sleepTimeOutOverrideTurkey "65535" +sleepTimeOutOverrideUAE "65535" +sleepTimeOutOverrideUkraine "65535" +sleepTimeOutOverrideUnitedKingdom "65535" +sleepTimeOutOverrideUnitedStates "65535" +sleepTimeOutOverrideUruguay "65535" +sleepTimeOutOverrideVenezuela "65535" +sleepTimeOutOverrideVietnam "65535" +sleepTimeOutOverrideVirginIslands "65535" +sleepTimeOutOverrideAlbania "65535" +sleepTimeOutOverrideMacedonia "65535" +sleepTimeOutOverridePRC "65535" +offset.support "2" +offset.mode "2" +timemgr.timezone "11" +timemgr.dst "1" +timemgr.timesource "0" +timemgr.ntpserver "" +timemgr.ntpbroadcast "0" +nvVNCEnabled "0" +nvVNCAuthenticationType "1" +nvVNCUseSecurity "0" +nvA4Fuser "0" +nvEnableUIIfWakeDueToPort "0" +nvScanLedType "0" +dcs.optinLevel "255" +dcs.quietPeriodStart "0" +dcs.quietPeriodStop "0" +cms.enable "1" +mfp.general.settingsTimeout "30" +mfp.general.dateFormat "2" +mfp.ldap.serverAddress "" +mfp.ldap.serverPort "389" +mfp.ldap.searchBase "" +mfp.ldap.userIdAttribute "cn" +mfp.ldap.searchTimeout "30" +mfp.ldap.maxSearchResults "100" +mfp.ldap.mfpDN "" +mfp.scanner.edgeErase.adf "3" +mfp.scanner.edgeErase.flatbed "3" +mfp.copy.numberOfCopies "1" +mfp.copy.contentType "1" +mfp.copy.nUp "0" +mfp.copy.nUpBorder "false" +mfp.copy.duplex "0" +mfp.copy.collate "1" +mfp.copy.holePunch "0" +mfp.copy.darkness "5" +mfp.copy.transparencySeparators "true" +mfp.copy.separatorSheets "0" +mfp.copy.separatorSource "1" +mfp.copy.scanQuality "0" +mfp.copy.priorityCopies "true" +mfp.copy.messageOverlay "0" +mfp.copy.customMessageOverlay "" +mfp.copy.paperSource "1" +mfp.copy.memoryReserve "26214400" +mfp.copy.printDuplex "0" +mfp.fax.speakerMode "2" +mfp.fax.ringerVolume "4" +mfp.fax.mode "0" +mfp.fax.detectEOLS "3" +mfp.fax.autoPrintT30Logs "false" +mfp.fax.enableManualFax "false" +mfp.fax.memoryUse "2" +mfp.fax.allowCancel "0" +mfp.fax.stationID "1" +mfp.fax.send.resolution "0" +mfp.fax.send.contentType "0" +mfp.fax.send.dialingMode "0" +mfp.fax.send.behindPABX "false" +mfp.fax.send.autoRedial "5" +mfp.fax.send.redialFrequency "3" +mfp.fax.send.darkness "5" +mfp.fax.send.dialingPrefix "" +mfp.fax.send.enableECM "true" +mfp.fax.send.enableDriverFax "true" +mfp.fax.send.enableScanFax "true" +mfp.fax.send.allowSave "true" +mfp.fax.receive.enableFaxReceive "true" +mfp.fax.receive.ringsToAnswer "3" +mfp.fax.receive.autoReduction "true" +mfp.fax.receive.enableSingleRing "true" +mfp.fax.receive.enableDoubleRing "true" +mfp.fax.receive.enableTripleRing "true" +mfp.fax.receive.paperSource "0" +mfp.fax.receive.printDuplex "false" +mfp.fax.logs.transmissionLog "0" +mfp.fax.logs.receiveErrorLog "1" +mfp.fax.logs.autoPrintLogs "true" +mfp.fax.logs.enableSendLog "true" +mfp.fax.logs.enableReceiveLog "true" +mfp.fax.logs.sendLogDisplays "0" +mfp.fax.logs.paperSource "1" +mfp.email.primarySMTPServer "" +mfp.email.primarySMTPPort "25" +mfp.email.secondarySMTPServer "" +mfp.email.secondarySMTPPort "25" +mfp.email.smtpTimeout "30" +mfp.email.replyAddress "" +mfp.email.subject "" +mfp.email.message "" +mfp.email.attachmentType "0" +mfp.email.webLinkServer "" +mfp.email.webLinkLogin "" +mfp.email.webLinkFileName "image" +mfp.email.webLinkURL "" +mfp.email.webLinkPath "/" +mfp.networkScan.enableFTP "true" +mfp.email.smtp.username "" +mfp.email.smtp.authenticationRequired "0" +mfp.networkScan.fileFormat "2" +mfp.networkScan.color "1" +mfp.networkScan.resolution "150" +mfp.networkScan.darkness "5" +mfp.networkScan.jpegQuality "-1" +mfp.networkScan.scanQuality "0" +mfp.networkScan.originalOrientation "0" +mfp.networkScan.contentType "1" +mfp.networkScan.scanDuplex "0" +mfp.networkScan.multiPageTiff "true" +mfp.networkScan.printErrorLogs "true" +mfp.networkScan.printFTPConfirmationPage "true" +mfp.networkScan.logPaperSource "1" +mfp.networkScan.printScanLogs "0" +mfp.faxServer.toFormat "" +mfp.faxServer.replyAddress "" +mfp.faxServer.subject "" +mfp.faxServer.message "" +mfp.faxServer.fileFormat "2" +mfp.faxServer.originalOrientation "0" +mfp.faxServer.multiPageTiff "true" +mfp.shadowSettings.print.tray1Renumber "200" +mfp.shadowSettings.print.tray2Renumber "200" +mfp.shadowSettings.print.mpfeederRenumber "200" +mfp.shadowSettings.print.manualPaperRenumber "200" +mfp.shadowSettings.print.manualEnvelopeRenumber "200" +mfp.shadowSettings.printer.powerSaver "15" +mfp.fax.debugMask "1431655765" +mfp.fax.receive.mailboxMode "0" +mfp.fax.receive.mode "0" +mfp.fax.receive.forwarding.shortcut "" +mfp.fax.send.scanDuplex "0" +mfp.fax.send.originalBinding "2" +mfp.fax.orientation "0" +mfp.scanner.scansource "2" +mfp.fax.receive.junkfax.blockNoId "false" +mfp.fax.forwarding.destination "0" +mfp.fax.forwarding.ldss.server "" +mfp.fax.forwarding.ldss.script "" +mfp.fax.receive.allowV34 "true" +mfp.fax.receive.allowV17 "true" +mfp.fax.receive.allowV29 "true" +mfp.fax.receive.allowV27 "true" +mfp.fax.send.allowV34 "true" +mfp.fax.send.allowV17 "true" +mfp.fax.send.allowV29 "true" +mfp.fax.send.allowV27 "true" +mfp.fax.send.maxspeed "0" +mfp.fax.receive.maxspeed "0" +mfp.copy.createBooklet "2" +mfp.copy.customJob "false" +mfp.copy.orientation "0" +mfp.copy.originalDuplex "0" +mfp.fax.receive.enablefooter "false" +mfp.fax.forwarding.ldss.fileFormat "2" +mfp.networkScan.pdfVersion "3" +mfp.email.limitDestinations "" +mfp.copy.autoSizeMatch "false" +mfp.fax.forwarding.useSubaddress "true" +mfp.ftpScan.fileFormat "2" +mfp.ftpScan.color "1" +mfp.ftpScan.resolution "150" +mfp.ftpScan.darkness "5" +mfp.ftpScan.originalOrientation "0" +mfp.ftpScan.contentType "1" +mfp.ftpScan.printScanLogs "0" +mfp.fax.customJob "false" +mfp.email.customJob "false" +mfp.ftp.customJob "false" +mfp.email.bitDepth "8" +mfp.ftp.bitDepth "8" +mfp.general.keyboardType "0" +mfp.general.allowCustomJobScans "true" +mfp.general.timeFormat "1" +mfp.fax.receive.blockedNumbers "" +mfp.general.screenBrightness "100" +mfp.scan.scanPreview "false" +mfp.ftpScan.logPaperSource "1" +mfp.ftpScan.jpegQuality "-1" +mfp.ftpScan.photojpegQuality "50" +mfp.fax.old.countryCode "4" +mfp.ldap.SSL_TLS "0" +mfp.ldap.GSSAPI "false" +mfp.ldap.displayedName "0" +mfp.ldap.mail "mail" +mfp.ldap.faxAttribute "facsimiletelephonenumber" +mfp.ldap.defaultNTDomain "" +mfp.security.formsAccess "0" +mfp.networkScan.photojpegQuality "50" +mfp.networkScan.originalBinding "2" +mfp.networkScan.baseFileName "image" +mfp.fax.pulseDialType "0" +mfp.networkScan.sendMeCopy "0" +mfp.networkScan.maxEmailSize "0" +mfp.networkScan.emailSizeErrorMsg "" +mfp.scanner.jamRecovery "0" +mfp.scanToUsbDrive.customJob "false" +les.applications.enable "1" +mfp.ldap.search.mailAttribute "false" +mfp.ldap.search.faxAttribute "false" +mfp.ldap.search.cn "true" +mfp.ldap.search.sn "true" +mfp.ldap.search.givenName "true" +mfp.ldap.search.samaccountname "true" +mfp.ldap.search.userDefined1 "false" +mfp.ldap.search.userDefined2 "false" +mfp.ldap.search.userDefined3 "false" +mfp.ldap.search.userDefinedString1 "" +mfp.ldap.search.userDefinedString2 "" +mfp.ldap.search.userDefinedString3 "" +mfp.ldap.search.oc.person "true" +mfp.ldap.search.oc.userDefined1 "false" +mfp.ldap.search.oc.userDefined2 "false" +mfp.ldap.search.oc.userDefined3 "false" +mfp.ldap.search.oc.userDefinedString1 "" +mfp.ldap.search.oc.userDefinedString2 "" +mfp.ldap.search.oc.userDefinedString3 "" +mfp.ldap.kerberos.username "" +mfp.fax.speakerVolume "3" +mfp.ldap.anonymousBind "true" +mfp.copy.backgroundRemoval "0" +mfp.copy.contrast "-1" +mfp.copy.shadowDetail "0" +mfp.copy.edgeToEdge "false" +mfp.fax.send.backgroundRemoval "0" +mfp.fax.send.contrast "-1" +mfp.fax.send.shadowDetail "0" +mfp.fax.send.edgeToEdge "false" +mfp.networkScan.backgroundRemoval "0" +mfp.networkScan.contrast "-1" +mfp.networkScan.shadowDetail "0" +mfp.networkScan.edgeToEdge "false" +mfp.ftpScan.backgroundRemoval "0" +mfp.ftpScan.contrast "-1" +mfp.ftpScan.shadowDetail "0" +mfp.ftpScan.edgeToEdge "false" +mfp.scanToUsbDrive.backgroundRemoval "0" +mfp.scanToUsbDrive.contrast "-1" +mfp.scanToUsbDrive.shadowDetail "0" +mfp.scanToUsbDrive.edgeToEdge "false" +mfp.copy.outputBin "1" +mfp.email.allowSaveAsShortcut "true" +mfp.ftp.allowSaveAsShortcut "true" +mfp.email.logOutputBin "1" +mfp.ftp.logOutputBin "1" +mfp.ftpScan.scanDuplex "0" +mfp.ftpScan.pdfVersion "3" +mfp.fax.logs.logOutputBin "1" +mfp.keyboard.keyRepeatInitialDelay "100" +mfp.keyboard.keyRepeatRate "300" +mfp.shadowSettings.printer.standbyMode "15" +mfp.ui.showBookmarks "true" +les.restoreFactoryDefaults "false" +mfp.networkScan.scanPCPortRange "9751:12000" +mfp.general.units "1" +mfp.fax.serialDebugMask "0" +mfp.general.customKey1 ".com" +mfp.general.customKey2 ".org" +mfp.ldap.search.uid "false" +mfp.fax.receive.OutputBin "1" +mfp.general.operationHourDisable "0" +mfp.email.scanPreview "false" +mfp.fax.send.scanPreview "false" +mfp.ftp.scanPreview "false" +mfp.scanToUsbDrive.scanPreview "false" +mfp.scanner.jamAlert "0" +mfp.ui.home.showNetworkInfo "true" +mfp.fax.callerId.pattern "1" +mfp.copy.overlayAvailable "true" +mfp.copy.tiledOverlay "false" +mfp.ui.home.accentTab "true" +mfp.ui.home.russoPolishTab "true" +mfp.ui.home.koreanTab "true" +mfp.ui.home.chineseTab "true" +mfp.scanToUsbDrive.bitDepth "8" +mfp.scanToUsbDrive.photojpegQuality "50" +mfp.general.leftSide "1" +mfp.general.rightSide "5" +mfp.general.customText1 "" +mfp.general.customText2 "" +mfp.general.allowBackgroundRemoval "true" +mfp.ldap.tls_reqcert "2" +mfp.scanToDoc.fileFormat "2" +mfp.scanToDoc.color "0" +mfp.scanToDoc.resolution "150" +mfp.scanToDoc.darkness "5" +mfp.scanToDoc.originalOrientation "0" +mfp.scanToDoc.originalSize "0" +mfp.scanToDoc.contentType "1" +mfp.scanToDoc.customJob "false" +mfp.scanToDoc.backgroundRemoval "0" +mfp.scanToDoc.contrast "-1" +mfp.scanToDoc.shadowDetail "0" +mfp.scanToDoc.edgeToEdge "false" +mfp.scanToDoc.scanDuplex "0" +mfp.scanToDoc.pdfVersion "3" +mfp.scanToDoc.photojpegQuality "50" +mfp.scanToDoc.jpegQuality "-1" +mfp.scanToDoc.scanPreview "false" +mfp.scanToDoc.scanQuality "0" +mfp.scanToDoc.multiPageTiff "true" +mfp.scanToDoc.originalBinding "2" +mfp.copy.enableEdgeToEdge "false" +mfp.scanToDoc.bitDepth "8" +mfp.fax.send.CoverPageTo "" +mfp.fax.send.CoverPageFrom "" +mfp.fax.send.CoverPageMessage "" +mfp.fax.send.CoverPageFooter "" +mfp.fax.receive.holePunch "0" +mfp.copy.colorBalance.red "0" +mfp.copy.colorBalance.green "0" +mfp.copy.colorBalance.blue "0" +mfp.networkScan.emailFileName "image" +mfp.copy.mirrorImage "false" +mfp.copy.negativeImage "false" +mfp.fax.send.mirrorImage "false" +mfp.fax.send.negativeImage "false" +mfp.networkScan.mirrorImage "false" +mfp.networkScan.negativeImage "false" +mfp.ftpScan.mirrorImage "false" +mfp.ftpScan.negativeImage "false" +mfp.fax.receive.enableAutoAnswer "true" +mfp.fax.receive.manualAnswerCode "*9*" +mfp.securityAudit.remoteSyslogOnOff "0" +mfp.securityAudit.remoteSyslogServerAddress "" +mfp.securityAudit.remoteSyslogServerPort "514" +mfp.securityAudit.remoteSyslogMethod "0" +mfp.securityAudit.remoteSyslogFacility "4" +mfp.securityAudit.logFullBehavior "0" +mfp.securityAudit.adminEmailAddress "" +mfp.securityAudit.digitallySignExports "0" +mfp.fax.numberMasking "0" +mfp.security.usbPortSchedule "false" +mfp.email.enableCcBcc "false" +mfp.copy.autoCenter "false" +mfp.fax.send.CoverPageFooter2 "" +mfp.fax.send.CoverPage "0" +mfp.fax.send.includeToField "false" +mfp.fax.send.includeFromField "false" +mfp.fax.send.includeMsgField "false" +mfp.fax.send.includeLogoField "false" +mfp.fax.send.includeFooter1 "false" +mfp.fax.send.includeFooter2 "false" +mfp.security.usbPortLock "0" +mfp.email.useSystemCredentials "0" +mfp.email.smtp.credentialsPrompts "0" +mfp.email.smtp.protocolSecurity "0" +mfp.email.smtp.ntlmDomain "" +mfp.email.smtp.kerberos5Realm "" +mfp.copy.sharpness "3" +mfp.fax.send.sharpness "3" +mfp.networkScan.sharpness "3" +mfp.ftp.sharpness "3" +mfp.scanToUsbDrive.sharpness "3" +mfp.scantodoc.sharpness "3" +mfp.copy.colorDropout "0" +mfp.fax.send.colorDropout "0" +mfp.networkScan.colorDropout "0" +mfp.ftp.colorDropout "0" +mfp.scan2usb.colorDropout "0" +mfp.scanToDoc.colorDropout "0" +mfp.fax.send.colorDropoutRedThreshold "128" +mfp.fax.send.colorDropoutGreenThreshold "128" +mfp.fax.send.colorDropoutBlueThreshold "128" +mfp.networkScan.colorDropoutRedThreshold "128" +mfp.networkScan.colorDropoutGreenThreshold "128" +mfp.networkScan.colorDropoutBlueThreshold "128" +mfp.ftp.colorDropoutRedThreshold "128" +mfp.ftp.colorDropoutGreenThreshold "128" +mfp.ftp.colorDropoutBlueThreshold "128" +mfp.scan2usb.colorDropoutRedThreshold "128" +mfp.scan2usb.colorDropoutGreenThreshold "128" +mfp.scan2usb.colorDropoutBlueThreshold "128" +mfp.scanToDoc.colorDropoutRedThreshold "128" +mfp.scanToDoc.colorDropoutGreenThreshold "128" +mfp.scanToDoc.colorDropoutBlueThreshold "128" +mfp.fax.digitsToMask "0" +mfp.securityAudit.loggingOnOff "0" +mfp.securityAudit.logAtSeverityLevel "4" +mfp.securityAudit.remoteSyslogBelowSeverityLevel "0" +mfp.securityAudit.emailAlertCleared "0" +mfp.securityAudit.emailAlertWrap "0" +mfp.securityAudit.emailAlertXFull "0" +mfp.securityAudit.emailAlertXFullX "90" +mfp.securityAudit.emailAlertExport "0" +mfp.securityAudit.emailAlertSettingChange "0" +mfp.securityAudit.exportLineEnding "0" +mfp.scanToUsbDrive.mirrorImage "false" +mfp.scanToUsbDrive.negativeImage "false" +mfp.scanToDoc.mirrorImage "false" +mfp.scanToDoc.negativeImage "false" +mfp.ui.home.switchLanguage "false" +mfp.scanner.scannerDisabled "0" +mfp.fax.send.enableAutoImageConversion "true" +mfp.fax.receive.enableColorFax "true" +mfp.fax.send.textQuality "75" +mfp.fax.send.photoQuality "50" +mfp.fax.send.mixedQuality "75" +mfp.general.enableCompositeUsb "true" +mfp.ui.copy.actionButtonText "" +mfp.ui.email.actionButtonText "" +mfp.ui.fax.actionButtonText "" +mfp.ui.ftp.actionButtonText "" +mfp.ui.scantodoc.actionButtonText "" +mfp.ui.usb.actionButtonText "" +mfp.general.onePageCopy "false" +mfp.scan.customSize.width1 "183600" +mfp.scan.customSize.height1 "302400" +mfp.scan.customSize.orientation1 "0" +mfp.scan.customSize.concatenation1 "false" +mfp.scan.customSize.width2 "183600" +mfp.scan.customSize.height2 "302400" +mfp.scan.customSize.orientation2 "0" +mfp.scan.customSize.concatenation2 "false" +mfp.scan.customSize.width3 "183600" +mfp.scan.customSize.height3 "302400" +mfp.scan.customSize.orientation3 "0" +mfp.scan.customSize.concatenation3 "false" +mfp.scan.customSize.width4 "183600" +mfp.scan.customSize.height4 "302400" +mfp.scan.customSize.orientation4 "0" +mfp.scan.customSize.concatenation4 "false" +mfp.scan.customSize.width5 "183600" +mfp.scan.customSize.height5 "302400" +mfp.scan.customSize.orientation5 "0" +mfp.scan.customSize.concatenation5 "false" +mfp.scan.customSize.width6 "183600" +mfp.scan.customSize.height6 "302400" +mfp.scan.customSize.orientation6 "0" +mfp.scan.customSize.concatenation6 "false" +mfp.fax.send.includeCoverPage "false" +mfp.scan.customSize.name1 "" +mfp.scan.customSize.name2 "" +mfp.scan.customSize.name3 "" +mfp.scan.customSize.name4 "" +mfp.scan.customSize.name5 "" +mfp.scan.customSize.name6 "" +mfp.ui.endSessionPolicy "1" +mfp.fax.send.CoverPageLogo "/var/faxdata/logo" +mfp.fax.send.Color "0" +mfp.copy.allowSaveAsShortcut "true" +mfp.general.numpadJobAssist "false" +mfp.ftp.send.originalBinding "2" +mfp.fax.faxdataStorageLocation "0" +mfp.general.enableAdfLoadedBeep "true" +mfp.copy.verify "false" +mfp.general.showProfiles "false" +mfp.general.showBookmarks "false" +mfp.general.showUSBDrive "true" +mfp.general.showJobsByUser "true" +mfp.general.showCopyShortcut "false" +mfp.general.showEmailShortcut "false" +mfp.general.showFTPShortcut "false" +mfp.general.showFaxShortcut "false" +mfp.copy.topLeftHeaderFooter "4" +mfp.copy.topLeftCustomTxt "" +mfp.copy.topMiddleHeaderFooter "4" +mfp.copy.topMiddleCustomTxt "" +mfp.copy.topRightHeaderFooter "4" +mfp.copy.topRightCustomTxt "" +mfp.copy.bottomLeftHeaderFooter "4" +mfp.copy.bottomLeftCustomTxt "" +mfp.copy.bottomMiddleHeaderFooter "4" +mfp.copy.bottomMiddleCustomTxt "" +mfp.copy.bottomRightHeaderFooter "4" +mfp.copy.bottomRightCustomTxt "" +mfp.general.showCartridgeLevel "false" +mfp.general.colorDropoutRedThreshold "128" +mfp.general.colorDropoutGreenThreshold "128" +mfp.general.colorDropoutBlueThreshold "128" +mfp.ldap.use_logged_in_creds "false" +mfp.fax.send.dialingPrefixRules "=;=;=;=;=" +mfp.copy.topLeftHdrFtrPrintOn "0" +mfp.copy.topMiddleHdrFtrPrintOn "0" +mfp.copy.topRightHdrFtrPrintOn "0" +mfp.copy.bottomLeftHdrFtrPrintOn "0" +mfp.copy.bottomMiddleHdrFtrPrintOn "0" +mfp.copy.bottomRightHdrFtrPrintOn "0" +mfp.copy.topLeftBatesNumTxt "" +mfp.copy.topMiddleBatesNumTxt "" +mfp.copy.topRightBatesNumTxt "" +mfp.copy.bottomLeftBatesNumTxt "" +mfp.copy.bottomMiddleBatesNumTxt "" +mfp.copy.bottomRightBatesNumTxt "" +mfp.copy.topLeftBatesNumNumber "1" +mfp.copy.topMiddleBatesNumNumber "1" +mfp.copy.topRightBatesNumNumber "1" +mfp.copy.bottomLeftBatesNumNumber "1" +mfp.copy.bottomMiddleBatesNumNumber "1" +mfp.copy.bottomRightBatesNumNumber "1" +mfp.ldap.ssl.cert.friendly.name "" +mfp.copy.leftHeaderJustify "0" +mfp.copy.middleHeaderJustify "2" +mfp.copy.rightHeaderJustify "1" +mfp.copy.leftFooterJustify "0" +mfp.copy.middleFooterJustify "2" +mfp.copy.rightFooterJustify "1" +mfp.copy.topLeftInitialPageNumber "1" +mfp.copy.topMiddleInitialPageNumber "1" +mfp.copy.topRightInitialPageNumber "1" +mfp.copy.bottomLeftInitialPageNumber "1" +mfp.copy.bottomMiddleInitialPageNumber "1" +mfp.copy.bottomRightInitialPageNumber "1" +mfp.fax.receive.enableInFaxServerMode "false" +mfp.general.showSearchHeldJobs "false" +mfp.general.showFaxJobIcon "false" +mfp.general.showCopyJobIcon "true" +mfp.general.showEmailJobIcon "false" +mfp.general.showFtpJobIcon "true" +mfp.general.showHeldJobsIcon "true" +mfp.networkScan.textjpegQuality "75" +mfp.networkScan.textphotojpegQuality "75" +mfp.ftpScan.textjpegQuality "75" +mfp.ftpScan.textphotojpegQuality "75" +mfp.scanToUsbDrive.textjpegQuality "75" +mfp.scanToUsbDrive.textphotojpegQuality "75" +mfp.scanToDoc.textjpegQuality "75" +mfp.scanToDoc.textphotojpegQuality "75" +mfp.fax.receive.separatorSheets "0" +mfp.fax.receive.separatorSource "1" +mfp.copy.scanBookStartSide "0" +mfp.general.backgroundImageSource "1" +mfp.copy.colorTemperature "0" +mfp.scanToUsbDrive.colorTemperature "0" +mfp.fax.send.colorTemperature "0" +mfp.email.colorTemperature "0" +mfp.ftpScan.colorTemperature "0" +mfp.scanToUsbDrive.colorBalance.red "0" +mfp.scanToUsbDrive.colorBalance.blue "0" +mfp.scanToUsbDrive.colorBalance.green "0" +mfp.fax.send.colorBalance.red "0" +mfp.fax.send.colorBalance.blue "0" +mfp.fax.send.colorBalance.green "0" +mfp.email.colorBalance.red "0" +mfp.email.colorBalance.blue "0" +mfp.email.colorBalance.green "0" +mfp.ftp.colorBalance.red "0" +mfp.ftp.colorBalance.blue "0" +mfp.ftp.colorBalance.green "0" +mfp.scanToDoc.colorBalance.red "0" +mfp.scanToDoc.colorBalance.blue "0" +mfp.scanToDoc.colorBalance.green "0" +mfp.scanToDoc.colorTemperature "0" +mfp.copy.documentSource "0" +mfp.fax.send.documentSource "0" +mfp.networkScan.documentSource "0" +mfp.ftpScan.documentSource "0" +mfp.scanToDoc.documentSource "0" +mfp.scanToUsbDrive.documentSource "0" +mfp.ldap.ads.credentials "false" +mfp.fax.receive.answerOn "0" +mfp.fax.send.useAltFaxCoverPage "false" +mfp.fax.send.altFaxFooter "" +mfp.email.validateCA "true" +mfp.fax.lowPowerSupport "2" +mfp.email.useActiveDirDeviceCred "false" +mfp.scan.customSize.mediaType1 "0" +mfp.scan.customSize.mediaType2 "0" +mfp.scan.customSize.mediaType3 "0" +mfp.scan.customSize.mediaType4 "0" +mfp.scan.customSize.mediaType5 "0" +mfp.scan.customSize.mediaType6 "0" +mfp.fax.receive.footerTime "1" +mfp.networkScan.tiffCompression "5" +mfp.ftpScan.tiffCompression "5" +mfp.scanToUsbDrive.tiffCompression "5" +mfp.fax.enableCallerId "true" +mfp.fax.enableLineConnectedDetection "true" +mfp.fax.enableLineInWrongJackDetection "false" +mfp.fax.enableExtensionInUseSupport "true" +mfp.networkScan.pdfCompression "1" +mfp.ftpScan.pdfCompression "1" +mfp.scanToUsbDrive.pdfCompression "1" +mfp.networkScan.pdfSearchable "0" +mfp.ftpScan.pdfSearchable "0" +mfp.scanToUsbDrive.pdfSearchable "0" +mfp.scanToDoc.pdfSearchable "0" +mfp.networkScan.pdfSecure "0" +mfp.ftpScan.pdfSecure "0" +mfp.scanToUsbDrive.pdfSecure "0" +mfp.scanToDoc.pdfSecure "0" +mfp.ocr.autoRotate "0" +mfp.ocr.despeckle "0" +mfp.ocr.inverseDetection "0" +mfp.ocr.autoContrastEnhance "0" +mfp.ocr.languageEnglish "1" +mfp.ocr.languageFrench "0" +mfp.ocr.languageGerman "1" +mfp.ocr.languageSpanish "0" +mfp.ocr.languageItalian "0" +mfp.ocr.languagePortuguese "0" +mfp.ocr.languageDanish "0" +mfp.ocr.languageDutch "0" +mfp.ocr.languageNorwegian "0" +mfp.ocr.languageSwedish "0" +mfp.ocr.languageFinnish "0" +mfp.ocr.languageHungarian "0" +mfp.ocr.languagePolish "0" +mfp.fax.enableJBIG "true" +mfp.ocr.recognizedLanguages "1" +talkbackSetting "0" +externalJackSetting "0" +externalJackVolume "5" +speechRate "150" +keyNavFocus "1" +mfp.fax.voipSettings.faxTransport "0" +mfp.fax.voipSettings.voipProtocol "1" +mfp.fax.voipSettings.traceLevel "0" +mfp.fax.voipSettings.stunServer "" +mfp.fax.voipSettings.forceFaxMode "false" +mfp.fax.sipSettings.proxy "" +mfp.fax.sipSettings.outboundProxy "" +mfp.fax.sipSettings.registrar "" +mfp.fax.sipSettings.user "" +mfp.fax.sipSettings.contact "" +mfp.fax.sipSettings.realm "" +mfp.fax.sipSettings.authID "" +mfp.fax.sipSettings.disableIncomingCalls "false" +mfp.fax.sipSettings.sipDialOutDigit "-1" +mfp.fax.h323Settings.gateway "" +mfp.fax.h323Settings.enableFastStart "false" +mfp.fax.h323Settings.disableH245Tunneling "false" +mfp.fax.h323Settings.gatekeeper "" +mfp.fax.h323Settings.user "" +mfp.fax.h323Settings.disableGatekeeperDiscovery "true" +mfp.fax.h323Settings.disableIncomingCalls "false" +mfp.fax.h323Settings.h323DialOutDigit "-1" +mfp.fax.t38Settings.indicatorRedundancy "3" +mfp.fax.t38Settings.lowSpeedRedundancy "3" +mfp.fax.t38Settings.highSpeedRedundancy "1" +mfp.fax.t38Settings.udptlKeepAliveInterval "0" +mfp.pii.configuration "0" +mfp.scan.endianness "0" +mfp.fax.voipSettings.forceFaxModeDelay "0" +mfp.scan.tiffRowsPerStrip "0" +mfp.fax.enableAutoCaptureLogsOnError "true" +mfp.fax.digitalLineGuard "true" +mfp.fax.digitalLineThreshold "130" +mfp.fax.offHookLineSettleTime "500" +emailAlerts.list1 "" +emailAlerts.list2 "" +emailAlerts.alertflag1.staplesempty "true" +emailAlerts.alertflag1.staplesmissing "true" +emailAlerts.alertflag1.stapleslow "true" +emailAlerts.alertflag1.loadstaples "true" +emailAlerts.alertflag1.staplejam "true" +emailAlerts.alertflag1.tonerlow "true" +emailAlerts.alertflag1.changecartridge "true" +emailAlerts.alertflag1.defectivecartridge "true" +emailAlerts.alertflag1.unsupportedcartridge "true" +emailAlerts.alertflag1.tonermissing "true" +emailAlerts.alertflag1.calibrationerror "true" +emailAlerts.alertflag1.replacetoner "true" +emailAlerts.alertflag1.scheduledmaintenance "true" +emailAlerts.alertflag1.fusermissing "true" +emailAlerts.alertflag1.fuserlifewarning "true" +emailAlerts.alertflag1.replacefuser "true" +emailAlerts.alertflag1.wastetonernearlyfull "true" +emailAlerts.alertflag1.replacewastetoner "true" +emailAlerts.alertflag1.wastetonermissing "true" +emailAlerts.alertflag1.transferbeltmissing "true" +emailAlerts.alertflag1.transferbeltlifewarning "true" +emailAlerts.alertflag1.replacetransferbelt "true" +emailAlerts.alertflag1.pcunitlifewarning "true" +emailAlerts.alertflag1.replacepcunit "true" +emailAlerts.alertflag1.pcunitmissing "true" +emailAlerts.alertflag1.photodevmissing "true" +emailAlerts.alertflag1.photodevlifewarning "true" +emailAlerts.alertflag1.photodevabnormal "true" +emailAlerts.alertflag1.replacephotodev "true" +emailAlerts.alertflag1.ocrmissing "true" +emailAlerts.alertflag1.replaceocr "true" +emailAlerts.alertflag1.ocrlifewarning "true" +emailAlerts.alertflag1.punchboxmissing "true" +emailAlerts.alertflag1.punchboxfull "true" +emailAlerts.alertflag1.loadmedia "true" +emailAlerts.alertflag1.changemedia "true" +emailAlerts.alertflag1.loadmanualrequests "true" +emailAlerts.alertflag1.2xxpaperjam "true" +emailAlerts.alertflag2.staplesempty "true" +emailAlerts.alertflag2.staplesmissing "true" +emailAlerts.alertflag2.stapleslow "true" +emailAlerts.alertflag2.loadstaples "true" +emailAlerts.alertflag2.staplejam "true" +emailAlerts.alertflag2.tonerlow "true" +emailAlerts.alertflag2.changecartridge "true" +emailAlerts.alertflag2.defectivecartridge "true" +emailAlerts.alertflag2.unsupportedcartridge "true" +emailAlerts.alertflag2.tonermissing "true" +emailAlerts.alertflag2.calibrationerror "true" +emailAlerts.alertflag2.replacetoner "true" +emailAlerts.alertflag2.scheduledmaintenance "true" +emailAlerts.alertflag2.fusermissing "true" +emailAlerts.alertflag2.fuserlifewarning "true" +emailAlerts.alertflag2.replacefuser "true" +emailAlerts.alertflag2.wastetonernearlyfull "true" +emailAlerts.alertflag2.replacewastetoner "true" +emailAlerts.alertflag2.wastetonermissing "true" +emailAlerts.alertflag2.transferbeltmissing "true" +emailAlerts.alertflag2.transferbeltlifewarning "true" +emailAlerts.alertflag2.replacetransferbelt "true" +emailAlerts.alertflag2.pcunitlifewarning "true" +emailAlerts.alertflag2.replacepcunit "true" +emailAlerts.alertflag2.pcunitmissing "true" +emailAlerts.alertflag2.photodevmissing "true" +emailAlerts.alertflag2.photodevlifewarning "true" +emailAlerts.alertflag2.photodevabnormal "true" +emailAlerts.alertflag2.replacephotodev "true" +emailAlerts.alertflag2.ocrmissing "true" +emailAlerts.alertflag2.replaceocr "true" +emailAlerts.alertflag2.ocrlifewarning "true" +emailAlerts.alertflag2.punchboxmissing "true" +emailAlerts.alertflag2.punchboxfull "true" +emailAlerts.alertflag2.loadmedia "true" +emailAlerts.alertflag2.changemedia "true" +emailAlerts.alertflag2.loadmanualrequests "true" +emailAlerts.alertflag2.2xxpaperjam "true" +emailAlerts.alertflag1.insertpcunit "true" +emailAlerts.alertflag2.insertpcunit "true" +emailAlerts.alertflag1.pcunitabnormal "true" +emailAlerts.alertflag2.pcunitabnormal "true" +emailAlerts.alertflag1.outputbinfull "true" +emailAlerts.alertflag2.outputbinfull "true" +emailAlerts.alertflag1.scannerjam "true" +emailAlerts.alertflag2.scannerjam "true" +emailAlerts.alertflag1.invalidcartridge "true" +emailAlerts.alertflag2.invalidcartridge "true" +nvContactName "" +nvContactLocation "" +mfp.scanToUsbDrive.darkness "5" +mfp.scanToUsbDrive.jpegQuality "-1" +mfp.scanToUsbDrive.scanQuality "0" +mfp.scanToUsbDrive.originalOrientation "0" +mfp.scanToUsbDrive.originalSize "4" +mfp.scanToUsbDrive.contentType "1" +mfp.scanToUsbDrive.scanDuplex "2" +mfp.scanToUsbDrive.color "1" +mfp.scanToUsbDrive.fileFormat "2" +mfp.scanToUsbDrive.fileName "Scanned-image" +mfp.scanToUsbDrive.resolution "600" +mfp.Certmon.enabled "false" +mfp.Certmon.immediateFetch "false" +mfp.Certmon.scheduledTime "0" +mfp.Certmon.repeatInterval "2" +mfp.Certmon.logDebug "false" +network.gcp.disable_peer_validation "false" +network.gcp.disable_local_discovery "false" +GCP_ENABLE "true" +GCP_DISPLAY_NAME "" +GCP_DESCRIPTION "" +GCP_PEER_VERIFICATION "true" +GCP_LOCAL_DISCOVERY "true" +GCP_FORCE_PWG_RASTER "false" +imagequick.FontName "36" +imagequick.FontSize "12" +imagequick.Scale "100" +imagequick.Orientation "0" +imagequick.Margin "19" +imagequick.BGImages "227" +imagequick.DirectImageAutoFit "1" +imagequick.DirectImageInvert "0" +imagequick.DirectImageScaling "6" +imagequick.DirectImageOrientation "0" +emulation "1" +powerSaver "15" +print.duplex "0" +alarm.alarmControl "1" +universalPaper.unitMeasure "1" +manualPaper.paperSize "22" +MPTray.paperSize "22" +tray1.paperSize "22" +//ERROR GETTING tray2.paperSize +//ERROR GETTING tray3.paperSize +//ERROR GETTING tray4.paperSize +//ERROR GETTING tray5.paperSize +mfp.copy.originalSize "0" +mfp.fax.send.originalSize "15" +mfp.networkScan.originalSize "0" +mfp.email.autoComplete "" +mfp.ftpScan.originalSize "0" +mfp.general.mixedSizes "0" +GENJOBTIMEOUT 90 +INTBANNERPAGE FALSE +INTOPTRAFORMSMODE FALSE +INTOPTRAFORMSSTR "\1B%-12345X@PJL ENTER LANGUAGE=POSTSCRIPT\0A\01M%PS\0A(LexForm)run Bs\0A" +INTOPTRAFORMSPOSTSTR "" +ALLOW_DHCP_TO_UPDATE_TIMESERVER TRUE +IPBOOTPENABLE TRUE +LPDTIMEOUT 90 +IPFTPENABLE TRUE +LPDAUTOCR FALSE +IPDHCPENABLE TRUE +IPRARPENABLE FALSE +IPWINSADDR "0.0.0.0" +IPDNSSERVERADDR "192.168.86.1" +IPRESTRICT 0 "" +IPRESTRICT 1 "" +IPRESTRICT 2 "" +IPRESTRICT 3 "" +IPRESTRICT 4 "" +IPRESTRICT 5 "" +IPRESTRICT 6 "" +IPRESTRICT 7 "" +IPRESTRICT 8 "" +IPRESTRICT 9 "" +IPRESTRICT 10 "" +IPRESTRICT 11 "" +IPRESTRICT 12 "" +IPRESTRICT 13 "" +IPRESTRICT 14 "" +IPRESTRICT 15 "" +IPRESTRICT 16 "" +IPRESTRICT 17 "" +IPRESTRICT 18 "" +IPRESTRICT 19 "" +IPRESTRICT 20 "" +IPRESTRICT 21 "" +IPRESTRICT 22 "" +IPRESTRICT 23 "" +IPRESTRICT 24 "" +IPRESTRICT 25 "" +IPRESTRICT 26 "" +IPRESTRICT 27 "" +IPRESTRICT 28 "" +IPRESTRICT 29 "" +IPRESTRICT 30 "" +IPRESTRICT 31 "" +IPRESTRICT 32 "" +IPRESTRICT 33 "" +IPRESTRICT 34 "" +IPRESTRICT 35 "" +IPRESTRICT 36 "" +IPRESTRICT 37 "" +IPRESTRICT 38 "" +IPRESTRICT 39 "" +IPRESTRICT 40 "" +IPRESTRICT 41 "" +IPRESTRICT 42 "" +IPRESTRICT 43 "" +IPRESTRICT 44 "" +IPRESTRICT 45 "" +IPRESTRICT 46 "" +IPRESTRICT 47 "" +IPRESTRICT 48 "" +IPRESTRICT 49 "" +IPMTU 1500 +IPDEFTTL 254 +LPDBANNPAGE FALSE +LPDTRAILPAGE FALSE +IPHTTPENABLE TRUE +IPHTTPCONF TRUE +HTTPSETTING 0 5 +HTTPSETTING 1 5 +HTTPSETTING 2 5 +HTTPSETTING 3 5 +HTTPSETTING 4 5 +HTTPSETTING 5 4 +HTTPLABEL 0 "www.dell.com/supplies" +HTTPLABEL 1 "Order Toner" +HTTPLABEL 2 "support.dell.com" +HTTPLABEL 3 "Online Help" +HTTPLABEL 4 "Help" +HTTPLABEL 5 "Online Help" +HTTPLINK 0 "http://accessories.us.dell.com/sna/PrinterSeg.aspx?DL=0&ST=9MDJSS1&MD=B3465dnf&KTS=2500&KTL=69&KCMY=50&CRU=04,60000,100,100" +HTTPLINK 1 "http://accessories.us.dell.com/sna/PrinterSeg.aspx" +HTTPLINK 2 "http://support.dell.com" +HTTPLINK 3 "http://support.dell.com" +HTTPLINK 4 "http://support.dell.com" +HTTPLINK 5 "http://support.dell.com/us/en/docs/index.asp" +SLPBROADCAST TRUE +PPLOCALDOMAIN "" +PPHTTPPROXYADDRESS "0.0.0.0" +PPHTTPDEFAULTPORT 80 +PPFTPPROXYADDRESS "0.0.0.0" +PPFTPDEFAULTPORT 21 +PPTIMEOUT 30 +PPRETRIES 3 +PPENABLED TRUE +PPSECSELDEVCERT "default" +DOMAINSEARCH "" +PNPSERVER "0.0.0.0" +IPDOMAIN "fet.htu.tuwien.ac.at" +LPDRAW FALSE +MDNSENABLE FALSE +DDNSENABLE FALSE +IPDNSSERVERADDR2 "0.0.0.0" +PPHTTPPROXYADDRESS_STR "" +PPFTPPROXYADDRESS_STR "" +THNPRTPORT 4000 +THNPRTPACKETSIZE 0 +THNPRTBANDWIDTH 0 +THNPRTENABLED TRUE +TRAFFICSHAPING 0 +HTTPSSECSELDEVCERT "default" +IPDNSSERVERADDR3 "0.0.0.0" +IPDNSSERVERADDR4 "0.0.0.0" +HTTPSENABLE TRUE +EJMODE1_LINKMON FALSE +EJMODE2_OPT_TAG_60 FALSE +ENABLE_SSL2_WEAKCIPHERS FALSE +DNS_LEASE_TIME_SECONDS 3600 +WS_PRINT_ENABLED TRUE +WS_SCAN_ENABLED TRUE +DDNS_REFRESH_TIME_SECONDS 604800 +RAW_PRINT_PORT 9100 +RESOLVE_WITH_DNS TRUE +RSL_OPTIONS 0 +ENABLE_SSL3 FALSE +ATACTIVE FALSE +ATTYPE 0 "LaserWriter" +ATZONE 0 "*" +ATPREFIX 0 "" +ATPOSTFIX 0 "" +ATDATAMODE 0 0 +NTPTIMESOURCE 1 +NTPCOUNTRYCODE 11 +NTPDSTMODE 0 +NTPDSTNOW 0 +NTPBROADCAST FALSE +NTPTIMESERVERNAME "" +NTPAUTHENABLE FALSE +SNMPV12CENABLED TRUE +SNMPV3ENABLED TRUE +SNMPCOMMUNITY "public" +SNMPSET TRUE From a08e30c4e9c8b1a1e6018666e91ac921e75cbf28 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sun, 9 Dec 2018 00:18:46 +0100 Subject: [PATCH 21/33] Remove special iptables for sputnik --- host_vars/sputnik | 3 --- roles/common | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/host_vars/sputnik b/host_vars/sputnik index 4b33fb3..2b61db2 100644 --- a/host_vars/sputnik +++ b/host_vars/sputnik @@ -1,7 +1,4 @@ inventory_hostname: sputnik.fet.htu.tuwien.ac.at inventory_hostname_short: sputnik -common_iptables_v4: "iptables_sputnik_v4.j2" -common_iptables_v6: "iptables_sputnik_v6.j2" - common_openssh_password_authentication: "yes" diff --git a/roles/common b/roles/common index a8c75a1..d1d0964 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit a8c75a12f5089acb3cbb6ff9557fe3ea6460f81c +Subproject commit d1d09647e9e85db5f8d548e6e80af2d717775960 From b1b82ce8f7bb9676b51922833db3667e6a52e567 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 26 Jan 2019 02:42:52 +0100 Subject: [PATCH 22/33] Replace sojus by laika --- doc/ariane.md | 4 ++-- doc/{sojus.md => laika.md} | 6 +++--- host_vars/ariane | 21 ++++++++++----------- host_vars/baroness | 2 +- host_vars/buran | 2 +- host_vars/laika | 5 +++++ host_vars/maria-storage | 2 +- host_vars/nauka | 2 +- host_vars/sojus | 7 ------- hosts/production | 3 +-- site.yml | 2 +- 11 files changed, 26 insertions(+), 30 deletions(-) rename doc/{sojus.md => laika.md} (86%) delete mode 100644 host_vars/sojus diff --git a/doc/ariane.md b/doc/ariane.md index 5eb1663..06976ee 100644 --- a/doc/ariane.md +++ b/doc/ariane.md @@ -95,7 +95,7 @@ mv /var/log/* /ssd/var/log/ zfs set mountpoint=/var/log ssd/var/log mv /var/lib/lxc/* /ssd/var/lxc/ zfs set mountpoint=/var/lib/lxc ssd/var/lxc -zfs create -o com.sun:auto-snapshot=false zv1/sojus +zfs create -o com.sun:auto-snapshot=false zv1/laika zfs create -o com.sun:auto-snapshot=false zv1/daten/Scans zfs create -o setuid=off -o zv1/zyklon chown 997:996 /zv1/zyklon @@ -103,7 +103,7 @@ chown 997:996 /zv1/zyklon ### Set dataset quota ```shell zfs set quota=1T zv1/homes zv1/daten zv1/fotos -zfs set quota=3T zv1/sojus +zfs set quota=3T zv1/laika zfs set quota=5G zv1/daten/Scans ``` ### If intend using ACL someday diff --git a/doc/sojus.md b/doc/laika.md similarity index 86% rename from doc/sojus.md rename to doc/laika.md index 9653b67..bf62e5e 100644 --- a/doc/sojus.md +++ b/doc/laika.md @@ -1,4 +1,4 @@ -# sojus +# laika ## test if backups work ```shell @@ -10,7 +10,7 @@ borg check -v /system ## test if backups work from remote ```shell /etc/borg/system_create_.sh -cat /var/log/borg/system_create_sojus.lastlog +cat /var/log/borg/system_create_laika.lastlog ``` ## retrieve files from backup @@ -30,7 +30,7 @@ zpool import zpool import lab zfs create -o com.sun:auto-snapshot=false lab/backup borg init -e none /lab/backup/ariane.fet.htu.tuwien.ac.at -./borg create --show-rc --verbose --stats backup@sojus:system::ariane-{now} /zv1/daten /zv1/fotos /zv1/homes +./borg create --show-rc --verbose --stats backup@laika:system::ariane-{now} /zv1/daten /zv1/fotos /zv1/homes zpool export lab cryptsetup luksClose ata--part1 sync diff --git a/host_vars/ariane b/host_vars/ariane index 7b3e027..5771984 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -25,15 +25,6 @@ lxc: - lxc.network.1.ipv4.gateway = 128.131.95.1 - lxc.pts = 6 - - name: laika - revision: "01" - template: debian - config: - - lxc.network.type = veth - - lxc.network.hwaddr = 1c:bd:b9:7f:fe:a4 - - lxc.network.link = br1 - - lxc.network.flags = up - - name: betam revision: "01" template: debian @@ -66,7 +57,7 @@ lxc: - lxc.pts = 6 - lxc.mount.entry = /zv1/daten/Scans /var/lib/lxc/lxc-progress-01/rootfs/mnt/scans none bind,create=dir 0 0 - - name: sojus + - name: laika revision: "01" template: voidlinux config: @@ -74,8 +65,16 @@ lxc: - lxc.network.hwaddr = 2e:6d:b6:07:17:01 - lxc.network.link = br1 - lxc.network.flags = up + + - lxc.network.1.type = veth + - lxc.network.1.hwaddr = 00:15:c5:5d:78:0e + - lxc.network.1.link = br0 + - lxc.network.1.flags = up + - lxc.network.1.ipv4 = 128.131.95.204/24 + - lxc.network.1.ipv4.gateway = 128.131.95.1 + - lxc.pts = 6 - - lxc.mount.entry = /zv1/sojus /var/lib/lxc/lxc-sojus-01/rootfs/home/backup/repos none bind,create=dir 0 0 + - lxc.mount.entry = /zv1/laika /var/lib/lxc/lxc-laika-01/rootfs/home/backup/repos none bind,create=dir 0 0 - name: proteus revision: "01" diff --git a/host_vars/baroness b/host_vars/baroness index afd8f40..6d31253 100644 --- a/host_vars/baroness +++ b/host_vars/baroness @@ -7,7 +7,7 @@ borgbackup_binary_uri: "https://borg.bauerj.eu/borg-{{ borgbackup_binary_version borgbackup_encryption_mode: "none" -borgbackup_client_backup_server: sojus +borgbackup_client_backup_server: laika borgbackup_create_jobs: - name: system diff --git a/host_vars/buran b/host_vars/buran index 52809fb..b6cc497 100644 --- a/host_vars/buran +++ b/host_vars/buran @@ -6,7 +6,7 @@ borgbackup_binary_platform: "borg-linux32" borgbackup_encryption_mode: "none" -borgbackup_client_backup_server: sojus +borgbackup_client_backup_server: laika borgbackup_create_jobs: - name: system diff --git a/host_vars/laika b/host_vars/laika index 72f2338..c015965 100644 --- a/host_vars/laika +++ b/host_vars/laika @@ -1,2 +1,7 @@ inventory_hostname: laika.fet.htu.tuwien.ac.at inventory_hostname_short: laika + +borgbackup_install_from_repo: True +borgbackup_binary: "/usr/bin/borg" + +borgbackup_encryption_mode: "none" diff --git a/host_vars/maria-storage b/host_vars/maria-storage index 486f8dc..845669c 100644 --- a/host_vars/maria-storage +++ b/host_vars/maria-storage @@ -5,7 +5,7 @@ borgbackup_install_from_repo: False borgbackup_encryption_mode: "none" -borgbackup_client_backup_server: sojus +borgbackup_client_backup_server: laika borgbackup_create_jobs: - name: system diff --git a/host_vars/nauka b/host_vars/nauka index 9e184cf..5a4751d 100644 --- a/host_vars/nauka +++ b/host_vars/nauka @@ -5,7 +5,7 @@ borgbackup_install_from_repo: False borgbackup_encryption_mode: "none" -borgbackup_client_backup_server: sojus +borgbackup_client_backup_server: laika borgbackup_create_jobs: - name: system diff --git a/host_vars/sojus b/host_vars/sojus deleted file mode 100644 index 3972b5d..0000000 --- a/host_vars/sojus +++ /dev/null @@ -1,7 +0,0 @@ -inventory_hostname: sojus.fet.htu.tuwien.ac.at -inventory_hostname_short: sojus - -borgbackup_install_from_repo: True -borgbackup_binary: "/usr/bin/borg" - -borgbackup_encryption_mode: "none" diff --git a/hosts/production b/hosts/production index 82f0b51..db14146 100644 --- a/hosts/production +++ b/hosts/production @@ -5,14 +5,13 @@ all: ariane: fet_lxc_debian: hosts: - laika: betam: proteus: fet_lxc_void: hosts: sputnik: zyklon: - sojus: + laika: progress: fet_qemu: hosts: diff --git a/site.yml b/site.yml index 13da812..e788de9 100644 --- a/site.yml +++ b/site.yml @@ -39,7 +39,7 @@ roles: - gitea -- hosts: sojus +- hosts: laika roles: - borg_server From 798490bd10a5f456db1f7caf3b52d8270be51018 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 26 Jan 2019 02:43:10 +0100 Subject: [PATCH 23/33] Fix apt --- group_vars/fet_hosts | 1 - 1 file changed, 1 deletion(-) diff --git a/group_vars/fet_hosts b/group_vars/fet_hosts index 2793ed5..75ca972 100644 --- a/group_vars/fet_hosts +++ b/group_vars/fet_hosts @@ -2,7 +2,6 @@ common_basic_packages: - cron-apt - curl - - emacs-nox - ncurses-term - etckeeper - git From a3ae32bc2ae279c22a2876832828309b2c10b7d4 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 26 Jan 2019 02:43:35 +0100 Subject: [PATCH 24/33] Add ruby to borg backup --- hosts/production | 1 + site.yml | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/hosts/production b/hosts/production index db14146..ca8a41c 100644 --- a/hosts/production +++ b/hosts/production @@ -18,6 +18,7 @@ all: maria-storage: buran: nauka: + ruby: fet_pi: hosts: baroness: diff --git a/site.yml b/site.yml index e788de9..b837a67 100644 --- a/site.yml +++ b/site.yml @@ -60,6 +60,10 @@ roles: - borg_client +- hosts: ruby + roles: + - borg_client + - hosts: progress roles: - scans From 4eebace4009e2394f14a0dd5abfc0f0cd8035965 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 26 Jan 2019 02:43:57 +0100 Subject: [PATCH 25/33] Update for Void Linux renaming --- roles/ariane/files/lxc-voidlinux | 4 ++-- roles/ariane/tasks/lxc_void.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/ariane/files/lxc-voidlinux b/roles/ariane/files/lxc-voidlinux index 0259d0b..101650c 100644 --- a/roles/ariane/files/lxc-voidlinux +++ b/roles/ariane/files/lxc-voidlinux @@ -60,7 +60,7 @@ userns_config="/usr/share/lxc/config/voidlinux.userns.conf" pkg_blacklist=("linux>=0" "e2fsprogs>=0" "btrfs-progs>=0" "xfsprogs>=0" "f2fs-tools>=0" "dosfstools>=0") base_packages=() -for pkg in $(xbps-query -Mv --repository="http://repo2.voidlinux.eu/current/" -x base-system); do +for pkg in $(xbps-query -Mv --repository="https://alpha.de.repo.voidlinux.org/current/" -x base-system); do containsElement "$pkg" "${pkg_blacklist[@]}" || base_packages+=($pkg) done declare -a additional_packages @@ -87,7 +87,7 @@ copy_configuration() { } install_void() { - if ! yes | xbps-install -Sy -R http://repo2.voidlinux.eu/current -r "${rootfs_path}" "${base_packages[@]}" + if ! yes | xbps-install -Sy -R https://alpha.de.repo.voidlinux.org/current -r "${rootfs_path}" "${base_packages[@]}" then echo "Failed to install container packages" return 1 diff --git a/roles/ariane/tasks/lxc_void.yml b/roles/ariane/tasks/lxc_void.yml index f323318..8c1c615 100644 --- a/roles/ariane/tasks/lxc_void.yml +++ b/roles/ariane/tasks/lxc_void.yml @@ -1,11 +1,11 @@ --- - name: lxc - install xbps build depencies - package: name="{{ item }}" + package: "name={{ item }}" with_items: - zlib1g-dev - pkg-config - libarchive-dev - - libssl1.0-dev + - libssl-dev - name: lxc - xbps git git: From a96e137f0fae3f1cbbc554ef09b777d484fd3ee4 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 26 Jan 2019 02:44:27 +0100 Subject: [PATCH 26/33] Add ruby backup config file --- host_vars/ruby | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 host_vars/ruby diff --git a/host_vars/ruby b/host_vars/ruby new file mode 100644 index 0000000..318d208 --- /dev/null +++ b/host_vars/ruby @@ -0,0 +1,42 @@ +inventory_hostname: ruby.fet.htu.tuwien.ac.at +inventory_hostname_short: ruby + +borgbackup_install_from_repo: False + +borgbackup_encryption_mode: "none" + +borgbackup_client_backup_server: laika + +borgbackup_create_jobs: + - name: system + options: "--lock-wait 7200" + day: "*" + hour: 0 # default value = 1 + minute: 0 # default value = 0 + random_hour: 5 # default value : ignore randomization + random_minute: 59 # default value : ignore randomization + directories: + - "/var/lib/mysql" + - "/srv" + excludes: [] + +borgbackup_prune_enabled: yes +borgbackup_prune_jobs: + - name: system + prune_options: "--lock-wait 7200 --keep-daily=7 --keep-weekly=4 --keep-monthly=12 --keep-yearly=-1" + day: "*" + hour: 12 # default value = 1 + minute: 0 # default value = 0 + random_hour: 5 # default value : ignore randomization + random_minute: 59 # default value : ignore randomization + +borgbackup_check_enabled: yes +borgbackup_check_jobs: + - name: system + check_options: "--lock-wait 28800" + day: 1 + hour: 12 # default value = 1 + minute: 0 # default value = 0 + random_hour: 5 # default value : ignore randomization + random_minute: 59 # default value : ignore randomization + random_day: 27 # default value : ignore randomization From b00ef83616cf453eda803b149931e4f17c20337d Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 26 Jan 2019 02:46:15 +0100 Subject: [PATCH 27/33] Update known_hosts --- roles/common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/common b/roles/common index d1d0964..8f3aff1 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit d1d09647e9e85db5f8d548e6e80af2d717775960 +Subproject commit 8f3aff10dab28b2a4b7fd02b112242dd872293ee From 2509e35998555c19adeb7ce6d57aa681f232dca8 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Sat, 23 Feb 2019 00:39:44 +0100 Subject: [PATCH 28/33] Add fsdr backup on fsdrnas --- doc/fsdrnas.yml | 20 ++++++++++++++++++++ host_vars/fsdr | 47 +++++++++++++++++++++++++++++++++++++++++++++++ host_vars/fsdrnas | 7 +++++++ hosts/production | 2 ++ roles/common | 2 +- site.yml | 8 ++++++++ 6 files changed, 85 insertions(+), 1 deletion(-) create mode 100644 doc/fsdrnas.yml create mode 100644 host_vars/fsdr create mode 100644 host_vars/fsdrnas diff --git a/doc/fsdrnas.yml b/doc/fsdrnas.yml new file mode 100644 index 0000000..437706c --- /dev/null +++ b/doc/fsdrnas.yml @@ -0,0 +1,20 @@ +# fsdrnas +## Enable SSH and prohibit-password +```shell +xbps-install -Su +vim /etc/ssh/sshd_config +ln -s /etc/sv/sshd/ /var/service/ +``` +# Create RAID +```shell +xbps-install mdadm +mdadm --create --verbose /dev/md0 --level=1 --raid-devices=2 /dev/sda2 /dev/sdb2 +mkfs.btrfs -f /dev/md0 +cat /proc/mdstat +``` +## Check disks +```shell +xbps-install smartmontools +smartctl -a /dev/sda +smartctl -a /dev/sdb +``` diff --git a/host_vars/fsdr b/host_vars/fsdr new file mode 100644 index 0000000..62cd986 --- /dev/null +++ b/host_vars/fsdr @@ -0,0 +1,47 @@ +inventory_hostname: fsdr.htu.tuwien.ac.at +inventory_hostname_short: fsdr + +borgbackup_install_from_repo: False + +borgbackup_encryption_mode: "none" + +borgbackup_client_backup_server: fsdrnas + +borgbackup_create_jobs: + - name: system + options: "--lock-wait 7200" + day: "*" + hour: 0 # default value = 1 + minute: 0 # default value = 0 + random_hour: 5 # default value : ignore randomization + random_minute: 59 # default value : ignore randomization + directories: + - "/srv" + - "/etc" + - "/home" + - "/root" + - "/var/lib/mailman" + - "/var/www" + - "/var/lib/automysqlbackup/daily/" + excludes: [] + +borgbackup_prune_enabled: yes +borgbackup_prune_jobs: + - name: system + prune_options: "--lock-wait 7200 --keep-daily=7 --keep-weekly=4 --keep-monthly=12 --keep-yearly=-1" + day: "*" + hour: 12 # default value = 1 + minute: 0 # default value = 0 + random_hour: 5 # default value : ignore randomization + random_minute: 59 # default value : ignore randomization + +borgbackup_check_enabled: yes +borgbackup_check_jobs: + - name: system + check_options: "--lock-wait 28800" + day: 1 + hour: 12 # default value = 1 + minute: 0 # default value = 0 + random_hour: 5 # default value : ignore randomization + random_minute: 59 # default value : ignore randomization + random_day: 27 # default value : ignore randomization diff --git a/host_vars/fsdrnas b/host_vars/fsdrnas new file mode 100644 index 0000000..9ab5a11 --- /dev/null +++ b/host_vars/fsdrnas @@ -0,0 +1,7 @@ +inventory_hostname: fsdrnas.htu.tuwien.ac.at +inventory_hostname_short: fsdrnas + +borgbackup_install_from_repo: True +borgbackup_binary: "/usr/bin/borg" + +borgbackup_encryption_mode: "none" diff --git a/hosts/production b/hosts/production index ca8a41c..50c25ef 100644 --- a/hosts/production +++ b/hosts/production @@ -13,12 +13,14 @@ all: zyklon: laika: progress: + fsdrnas: fet_qemu: hosts: maria-storage: buran: nauka: ruby: + fsdr: fet_pi: hosts: baroness: diff --git a/roles/common b/roles/common index 8f3aff1..3ae3c5e 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit 8f3aff10dab28b2a4b7fd02b112242dd872293ee +Subproject commit 3ae3c5ee50d70d30ff8892ce50c3f1bee32d0249 diff --git a/site.yml b/site.yml index b837a67..999f914 100644 --- a/site.yml +++ b/site.yml @@ -64,6 +64,14 @@ roles: - borg_client +- hosts: fsdr + roles: + - borg_client + +- hosts: fsdrnas + roles: + - borg_server + - hosts: progress roles: - scans From 611b5a5ebb045f2801bbe66e012cd6aeb2ef5354 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Fri, 1 Mar 2019 20:43:53 +0100 Subject: [PATCH 29/33] Disable common_resolvconf as dhcpcd is used --- host_vars/fsdrnas | 2 ++ 1 file changed, 2 insertions(+) diff --git a/host_vars/fsdrnas b/host_vars/fsdrnas index 9ab5a11..ea0acd5 100644 --- a/host_vars/fsdrnas +++ b/host_vars/fsdrnas @@ -1,6 +1,8 @@ inventory_hostname: fsdrnas.htu.tuwien.ac.at inventory_hostname_short: fsdrnas +common_resolvconf: False + borgbackup_install_from_repo: True borgbackup_binary: "/usr/bin/borg" From 327da6eb1206c553f4445486d9911f484215d8ee Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Fri, 1 Mar 2019 20:47:02 +0100 Subject: [PATCH 30/33] Add ssh pubkeys --- host_vars/fsdrnas | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/host_vars/fsdrnas b/host_vars/fsdrnas index ea0acd5..1137aa7 100644 --- a/host_vars/fsdrnas +++ b/host_vars/fsdrnas @@ -1,6 +1,10 @@ inventory_hostname: fsdrnas.htu.tuwien.ac.at inventory_hostname_short: fsdrnas +common_openssh_keys_root: + - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzkK6ENya4mKcoG9iuMaodMpifeCgZK56zVF1zxyZhLtUyBx//qsLCXEdBNiGJY57Yp4l0PJKk9B4hpCFKuz6H622l84SOHzXhmFQUXWe/L6x4kRfQJvhBCNMi9brfR0n6AwX59RNRsbUeUjb7RuhCrzpbW0iWYjv/H9rjeyfY5Ne9dUUeBQDcsM1O7XfZJWwA5nxEGjbDB7l4/K43DoqaqzHOEOoETmHGfugO7A5QwhRmblu90pLD4+DOPv/4LGBRNpS8FyRzYrEJm7yUyF7nDzR+0xlLCapU4pKhmIFfSv4afsuBFvLb6Rgln5wUt2KIPh/qnqSP9jZGovYOadC0yb70dec7nnfwXTmqwzdwXtBlo3UzbPwt0iJG9fhYCw83Bkt/GpOsIW2fcxZhJ8CUeBw3Ox71lkeozb49oRMeHzUpYckrFt1FGxUWuHHykCrOXcxso0MRfKjl9RPUc+O5oQDG1KAoTd9doB3jygVr68wYVc/4kTTsXUlMIBMOUiek8XygQ7sV6Et6FpzvLvdf/iL1FMXAluRgUWJvKqe4IBPyWu2KyDF+2ZDMse3WhQYlYgNRqGCwfxOJGWtkvVO0L4YGJrLXKhY4yw2H+pQOHaugfGO8IYPV/vbPi+dB9OV89Zonu2iVjjDFFXI0xE7WSXCV3RQyed26Bq9BBO9DDQ== damadmai@fet.at" + - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyK21mF11p4DAWSL2x7sAs9brbuRYgbdlEm/npOT1ufV6YGnNGjgrIS+a5VxiyKXhor8TUgTHjlmzcLSdEs3puBB2nZifwIEnbEwxvj5LRIljPp9rx9irPG6wnkpMXmRRuyAijf+Lhf1jMtsSgCH9HVG2F6H5hwFwaXcwiInn8tiKaDyuxl1Y9kNDUayTmbWfu2hyyRTDRvpgG4PITuUpXuA5/lHv9+kEXKl71BlyFsJ2LQx+1Lwruy6cQmfttApsrbowlbdtaJOWwnoFGNKupBpFgcGGqNTUajPGx3R1QREm+44NzPH9vGdYTg/+8vDCcTYe3zX0/XecB+Ka4WI2B3c4NPsxtZJNPWzihCVW8xpV4ipHqqFnZuVThJYtoC5C8h3LKbpQeaBwMIv34sN/AS7y3l8k7/70ttcvH4AmoEjc4OgXOE8nkwly2XZx1ndfevBdUU5osf6UTsCa3gdB/d67djz7jU50q/LtiSsL3oontw5khBR98iZAu4m7MXC7VvbyFz0Ju4OLmDBY6mxwBjakihEdfrs8jwnzxsZ3QuVIq96HC/E8gWpspECzGeXwezwTvT1tUefD7rwz9jD18qLMK8SSteDUqhXION/6gXhZ8FENUnBI2Qj6gHcwFc2tbfKMbXDqHAUHrtDdxgyxRc7JTnOI/9gS5idKXzsanhw== bajo@fet.at" + common_resolvconf: False borgbackup_install_from_repo: True From 00e070c0acaa467e0ab2598128fab56135b41a6f Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Tue, 19 Mar 2019 14:54:40 +0100 Subject: [PATCH 31/33] Update SSH keys --- group_vars/all | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/group_vars/all b/group_vars/all index cfe6c0b..4dc41b6 100644 --- a/group_vars/all +++ b/group_vars/all @@ -44,8 +44,9 @@ common_vim_default: False common_openssh_keys_root: - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzkK6ENya4mKcoG9iuMaodMpifeCgZK56zVF1zxyZhLtUyBx//qsLCXEdBNiGJY57Yp4l0PJKk9B4hpCFKuz6H622l84SOHzXhmFQUXWe/L6x4kRfQJvhBCNMi9brfR0n6AwX59RNRsbUeUjb7RuhCrzpbW0iWYjv/H9rjeyfY5Ne9dUUeBQDcsM1O7XfZJWwA5nxEGjbDB7l4/K43DoqaqzHOEOoETmHGfugO7A5QwhRmblu90pLD4+DOPv/4LGBRNpS8FyRzYrEJm7yUyF7nDzR+0xlLCapU4pKhmIFfSv4afsuBFvLb6Rgln5wUt2KIPh/qnqSP9jZGovYOadC0yb70dec7nnfwXTmqwzdwXtBlo3UzbPwt0iJG9fhYCw83Bkt/GpOsIW2fcxZhJ8CUeBw3Ox71lkeozb49oRMeHzUpYckrFt1FGxUWuHHykCrOXcxso0MRfKjl9RPUc+O5oQDG1KAoTd9doB3jygVr68wYVc/4kTTsXUlMIBMOUiek8XygQ7sV6Et6FpzvLvdf/iL1FMXAluRgUWJvKqe4IBPyWu2KyDF+2ZDMse3WhQYlYgNRqGCwfxOJGWtkvVO0L4YGJrLXKhY4yw2H+pQOHaugfGO8IYPV/vbPi+dB9OV89Zonu2iVjjDFFXI0xE7WSXCV3RQyed26Bq9BBO9DDQ== damadmai@fet.at" - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmv/aixvhRzeQiD3XABD448WHW2sHSX5wj5TkqKmHG3MekovCjacEDwAEdH+3MzXzbQXCD8NOHxlvRsqfzsaIZw6al+i7hd7xeYzRAITeXAod/eQNJY71Czh1xt/rtfjgVrwFKe6kUo+RqUUBxOXjKNtCROxvsa/gxTSJD4xz/TGOTM7EbRfkOGBh3j/xmdBinURTACwKwHCR4SUnpAA7usY/QQGW22Nqczvj9SW1Un0TnYpMm7jAghGo7pvwInTerbbA2OQ07QEp9T/mAbPUks5QGEw1lwMZgEtl0EZrKxDoWjssGPw5ZA6RzwIggjuEN1zzE+pn9jWL+9sd2Tihr pet@fet.at" - - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEer+2Q3/bSJv2SpaGo8tjkQdSw/Kqoyy3XZ2RrtEqwzGozfvjyrZ0jd2Vy6LJ37o3n34brfVOvzeBaiSzc+5ciNgRVohaMydM6ADSGvZ9S2BGod1KonKfTbultWA1+BzJAjn7ZTjLlPJmceITYlh5uAnHrWQgZNPipMHLbKnSMUUd7AbkBy/nhg/ad5dO6e9TOXmEY+cNMCcA20R1i/O9nA1LIgXfnx1WKtW40gOf5YioHnhOMo8rNP5WlzZ1Lf5SiMJgxeT0covc3pq+hAHa+Y6KKdeO5oQ36RMi5FJUk2txQHGQtAjLMg0dv+bJgepIakM5wxekk9oY0J8inZOMh0mRH86KMH3SDwXt2xPomXfkGKeHVkM5VO6qfv8CzX/FjMoTTFGVaKDEPngbA8BIrPD7++gicdcnkmYOJLXgBDuJhhpis/Yp8F+F1tMBDT9LRLNvM18BXpekoFJNwTWJOAR8gktsiYP3VMt6oN1Y5lStvzv6MkhaEa0WGqjQoOJsQuI1roVHwlQhyWM/igCeO0Egb7qz/qPJHRRCgNfVjDO/rtFK09EjmG1bQrgOP7dJv0E+3scxilnoIED6ocCpKNVpc/okehgHwC+QdIpWrn5fPrXJt/hifguCn7KziWfQne8eIxaQOWBaZLdcY7HmgtQmOi3KRlKy+ORXtj/+MQ== hans@fet.at" - - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZAVxkHZYqjgCBcfHy0yggdVALZKoQbJP1TJAEYgLIAWFQ0ZPMGDaidOQiTzFTE0i35MUlQB6Rc+pTYnW/+h9rzktWbU/8RNirQve2XR5TWiRIUa13p31Xgjyw05O0uF3LEL/SmZruMHy25ncDXGF+xC2VllIttC+fLHJWLXIbWVujHdOA69fBqOonQrcPTsg1l4QQv6ZAxwVgCsbeOccZkdpoT0BJk03nflW+SGsKthTYX2VMGJlc/4QjArfZ2hTykr0I/lSA6E9FkFSLl65ejovGxCp1oXn484DlyajoXqJY7IOD86izXqkQSq4w4bLKEdrfQOnfGKe1XmxzFdk92SNEW41RXokNQ16xOBZzO1ZHkXd6hx0Pj6aBvUbs3PlCn4q764LKIcjSk7ADgeC5OBA4xgRxyZt9vuP93o7jl3vvqLWevsFa0j8orxC0D3cO5SMPbowW9LqrtqHynC0WltrtLT5+Q2tBSavP615NOu+bfcakgiWN8otv41ST+2hWka8qNptOxTRj/h7+MMOyi9bh1vjgB1KkOZYotJtFdXKFiYz+buIKwguWZWEni9uTRMiEsu84x8aJwdptPO0UIgZGroyUZJcWlUkwrkdE5T4cg9zP14M6zmogAYEI7oRX56FyspRVlA7J6VF/mcZ1z6ufH+97cle613gPKUVkpw== andis@fet.at" - - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKrEdkD1Oecw++r77MVrga1e20FA+e/O37rhMc0etS5MvlbsAHd6Ftx2SIXVtwDnHDzyUAOJb8WlYPdG5r/QJYtXgVMGZrZ31UFdlAZq3K8ytczKkcMgnEEOWYSSyQRJlEW5LkZ9tD0hv1myIg5iw6Vpuqe6YFSkdDHtGxf0lnLAfi1XKwu7b7tARJz7teOAjaFzXumvsZlFx9BdufMW32uu7BSYWjSGcrEzMyyB/5C3kU/d5Q1ZTNK6tceopFr/K1lKBzvj85safD5BH8NpjvLe1QkzHu+C0AVxYNtqGHI5oWJbcR+UOwelBeEM/On+/Xq0ZIVmiLmFx03Qun8t1n berni@fet.at" + - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyK21mF11p4DAWSL2x7sAs9brbuRYgbdlEm/npOT1ufV6YGnNGjgrIS+a5VxiyKXhor8TUgTHjlmzcLSdEs3puBB2nZifwIEnbEwxvj5LRIljPp9rx9irPG6wnkpMXmRRuyAijf+Lhf1jMtsSgCH9HVG2F6H5hwFwaXcwiInn8tiKaDyuxl1Y9kNDUayTmbWfu2hyyRTDRvpgG4PITuUpXuA5/lHv9+kEXKl71BlyFsJ2LQx+1Lwruy6cQmfttApsrbowlbdtaJOWwnoFGNKupBpFgcGGqNTUajPGx3R1QREm+44NzPH9vGdYTg/+8vDCcTYe3zX0/XecB+Ka4WI2B3c4NPsxtZJNPWzihCVW8xpV4ipHqqFnZuVThJYtoC5C8h3LKbpQeaBwMIv34sN/AS7y3l8k7/70ttcvH4AmoEjc4OgXOE8nkwly2XZx1ndfevBdUU5osf6UTsCa3gdB/d67djz7jU50q/LtiSsL3oontw5khBR98iZAu4m7MXC7VvbyFz0Ju4OLmDBY6mxwBjakihEdfrs8jwnzxsZ3QuVIq96HC/E8gWpspECzGeXwezwTvT1tUefD7rwz9jD18qLMK8SSteDUqhXION/6gXhZ8FENUnBI2Qj6gHcwFc2tbfKMbXDqHAUHrtDdxgyxRc7JTnOI/9gS5idKXzsanhw== bajo@fet.at" + - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGP2Y1fDTbN/fbWBCVYVpXUDyBRgUYo+OwDJq2gdII6O2YHeW7k6wY5wQEIIJR6sjHUrT7lNIx8/xv3SRlaq5w0KLZrI3fpiK07GMy0AxGIBCN1xhKb6fvlgLTTSl+/X2XhsmuxtUREENnq9M909kUuUb/8BiVV4sGSIURk4khN3oh/E7mL/sICDju1N2j+p/V0pn4kWuXRp8BMG73xIBvOMzjP/B7Y0SdLWI08bgQHi/OYLBDSHj17N4B/ZE4f5OqpZI7RqwC+TxkCJey04IMw+AXitm6q25zffGI9Mt+4lrBi/RMlEOjE7bQU4p9ZyZY2OIDNRPSr3nDBqA6g3a/v0C7cpdIYPf3khyNtV61x/irRBcOjsc44g0umaUgrmity5f/ZLyvD/zd+HSF0ft1m3AAp6z9w7bxAWs7m894HWZPJ0l39SRGVF2uiOJhbZEXG1lmCWss+do0jfy+U4hb6vC7LTKUBp6or5PF9tHDsNe3CxOmiRPt5GQmr/AA/FQRBC1BC+PO8INltKO4Np15DZ2v7Y2+nlcI++F2ef/IgJmAEfl5Y7d8N/wT5IyfBYy5+PuqLqCOOFBc/sOb2OJvsR0syX5SJM5roznrQ071G2BpxPWaPIgfABKJ8T0M/R+mdIGxlttD3z6S2LRNLoeNOKF1vIEYkxIErpRBavuvXQ== andis@fet.at" + - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGy7lvScEwrJ7/PiykH1b2+K7WQH2WovdUMV/1n7y90kwm2sMERJN9R9mSQIGdF325MPWREAv+cEPIvyRAgER9CuiLF9fWFPas8tKumtu4rPyGim0jR30nn4ARSe5GEn+R8lgdJ9nKiBF0D5kFCeUoxkSu4mF9hqHL4JtmU7IfcD05VLTLNivInKAh6OuN2iF6D9BfWS1TkB7LCYjpKPJ94srh86EM5uV5WjPLnERZkBixk0Bi7mVq8qXWZCrMP4o7wwCCeEnbTKUq9zy629fu28O9t7N5J23g0SdH+3Y+WfYjp4CAtFWULdAHwjNp8ql0IbBzY7Q6Pf0+rOKaM7d3HvnV7Ihv8+hEHVtxC/PiCaIQJKpVpi5qhf8mMHMkPmdJZ9a3zmdUvVQVCrCMqXjn6fx0/4s1aogkujXnN5yZP4KfPkiEc0+FtY7j0P4dOZ/Uc6INkxSXphnjDoAi5M8dbH3Gn7prS+jZpSX/S4q7HDxnEZDvhD9gu0v3eaVmjVaVZEiuPgtKiTvXK/kJzIu7RdgHSqTx2kN9rR61oTVu2fcDr1N94axQTqjuey27ixytOMYVP3ZsCNFi+M4Y8ExYGgpDl34ne8IN6JHtCsIiUSPVteLppjOr4C2IkXBuqnHymfzt0Il2RKLnnbJvgxVgzEyqnAMTKuKjv2DWWK7H4w== berni@fet.at" + - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC97hn9b7HPGpD2iQTelwxn/xLuvc2ZmOKoczpYequTYYNBf2SGBWTj75rIk7En+6J7cwRd+UDzI1MU09+TPY+e9PenzxCed9cvdhrjkigqBs9Gwz1rTE8Sgl2m9XtIqzg4Pu2ZTyTFB2ZOrF/3BEJ6UBycmnUaxOuoCoxMflEk/Xc14ZXnjAw2M5IZzgZBPYeHtn032noBlglXtgfXQy5dZy2DvbfuEPlc2x/m/zz/QFiWyFHn05FNpvz8grifz+7VIuWvXS0H7uWFFq2Zwjf3yfr8EZo3/bX/fseW5lpkWwYYKjeIXGkwZOnfCFqbbopB+vqhhISwTCQM3ObpY3VlEKyIpKM+0pzfDdQhv3ze4NPLf4wl4fHKvUEdOvpYBkn54s3inft6AzwRw1PRzIiBZbCHM2Lj1/m0s0LB979MvDkkG9wyAWqrRfVRZHO8D/9xfPyDJsNiSpO0R4rpfTV21BRowxBfEjGDsxf+MtzGHSpt6G0MUbg4LOPXmJKecfxK46hFMCDGotQHNf3ZUF2hMpee8dbNhj7Ao0fuf+hYmGrYBdA9SB8XJJLoAjiA0yQpreQD+jTd4pjfofKr5FHZnEBRY0etl6oc4wALfhSDSqd81lBGTEfJx4++6Vm7fI1aQ7UAfqLeT126rXqG9aN20MZ10sEU4isJFgm5741w2w== moses@fet.at" - key: 'no-pty,no-agent-forwarding,no-X11-forwarding,command="zfs_mount.sh shutdown || shutdown -h +1" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCiI41+XkobMT0K8ZrHdCeomdGAIRMZbdX1VjGe5OWa72rcaDFmBtK7MxD5xPZEdSaDkn+Nrpwv5/j10MccvkAOI/tx6PIxcgDF52FnHLMMVrXRM3cnkm9CrBi4kCN0D2fpbDLhknJhiqftIcPdct/a9foZQwkWOzGUN2Rk0mCw2QzkGyWHNxOMzMjV0gpfAWPv6Jg+JKDl5EHf2xJTeJ/l0TG6O0lsc5YY/7cqjRJJzTVFDo1Gy+qNgff0mbPrhcbWepG5R1tjkdT++f8uuoVkBUamwkjwDpH2y57sdESEPB0C5ES2cglOp2X3MMN7EnUBHYU3mMiYU0wV+b7Q3oKmQuG86a2D+yEp+0+WFaUY/TMCNpslGOtTBrNLshMIX/bnrx/aF9DApl9L/kUIlSxwwBNiPIl4VVU1p5Zzj/YAPvRl0kAKjosOZgl108JeRUbhQSGVrcODyhaIMQv4BAzHnV0kii7jNACHhqBR36eo3N6HX7GkbnU1YadZRcrxrpE9z9mrXuqWxzl4Cmz1yHb1JTwsnQQ2Dy0trIklQjEmLxvG8zpxHLV3EQmtIMK/g2Mk6VTdz9HZnwYLU7Mj/uZk0DWhTZ5Eyj6QAbcw2gLPLEUmdQhkHSoQKxHY0at3OjGFGydyc/3n7B7d578uxVBrp04uhTbW7SDi6mYGCkvCRQ== nut ups shutdown' state: present From 6423a7f1e16089c15589abd4c9d9b5f3b08d4dea Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Tue, 19 Mar 2019 14:54:48 +0100 Subject: [PATCH 32/33] Add juri --- host_vars/ariane | 9 +++++++++ hosts/production | 1 + 2 files changed, 10 insertions(+) diff --git a/host_vars/ariane b/host_vars/ariane index 5771984..7468be5 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -85,4 +85,13 @@ lxc: - lxc.network.link = br1 - lxc.network.flags = up + - name: juri + revision: "01" + template: debian + config: + - lxc.network.type = veth + - lxc.network.hwaddr = 2e:6d:b6:07:20:01 + - lxc.network.link = br1 + - lxc.network.flags = up + common_zfs: True diff --git a/hosts/production b/hosts/production index 50c25ef..03f59e7 100644 --- a/hosts/production +++ b/hosts/production @@ -7,6 +7,7 @@ all: hosts: betam: proteus: + juri: fet_lxc_void: hosts: sputnik: From f46321ae838d6d2a9bfe457f33e9e2c61a9af293 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Tue, 19 Mar 2019 16:32:09 +0100 Subject: [PATCH 33/33] Add juri and fetsite containers --- host_vars/ariane | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/host_vars/ariane b/host_vars/ariane index 7468be5..9f21d9d 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -94,4 +94,13 @@ lxc: - lxc.network.link = br1 - lxc.network.flags = up + - name: fetsite + revision: "01" + template: debian + config: + - lxc.network.type = veth + - lxc.network.hwaddr = 2e:6d:b6:07:10:01 + - lxc.network.link = br1 + - lxc.network.flags = up + common_zfs: True