diff --git a/.sops.yaml b/.sops.yaml index 7a79c76..d19954a 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -11,7 +11,6 @@ keys: - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB - &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - - &host_netbox_ansible_pull_age_key age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 creation_rules: - path_regex: inventories/chaosknoten/host_vars/cloud.* key_groups: @@ -118,8 +117,6 @@ creation_rules: - *admin_gpg_c6ristian - *admin_gpg_lilly - *admin_gpg_langoor - age: - - *host_netbox_ansible_pull_age_key - path_regex: inventories/chaosknoten/host_vars/tickets.* key_groups: - pgp: diff --git a/inventories/chaosknoten/host_vars/netbox.sops.yaml b/inventories/chaosknoten/host_vars/netbox.sops.yaml index 8c08ac3..3ae3b55 100644 --- a/inventories/chaosknoten/host_vars/netbox.sops.yaml +++ b/inventories/chaosknoten/host_vars/netbox.sops.yaml @@ -1,233 +1,222 @@ netbox__db_password: ENC[AES256_GCM,data:4k0wmOe1c5AE298Juw5HMm5dttTKB1WsVxha4MwaIILpyIbJO0CfmzjYflfBTFPPGgVeuYdCobzchzqkP+8eAQ==,iv:25Cj2BLGJK9tMDr42AqV1IzJc5zG2dk1YH5vC0b1T3M=,tag:knyB+nALZwME8y7CAQ4BCg==,type:str] secret__netbox_secret_key: ENC[AES256_GCM,data:zPzoFK5Sx7gJ31/Apwex9ffFU/GY+HxIfwrItCW68MM4kVvS33e+LY4cI0vbPYEUF10=,iv:SjpKxyxSAVo+p9vvE/YAQFCzAEudcZ1lwnJ6scxeQD4=,tag:oA+lBep610IfelGwdTohvw==,type:str] secret__netbox_social_auth_keycloak_secret: ENC[AES256_GCM,data:HP753hmQ7ssbYSQRH0zcRC0vRN5bKptvMXo9jjzcuk4=,iv:GQUoojXLAJxqdB92kKLhavDaka0Rkkg2uocBLshdvTk=,tag:LVnL/JHMsAd5UmmpnUv7og==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:KgD61z3hYRPSoCXmJgOMmHFqXtqoKHRPUT/+ayEImPsbpk+6B1hVscQbmsKJFWNsyQlCAV2MqYlIrP68pP9ckfURIaN8g5n9X+Y=,iv:eTjmF0e4/5NSnORZVtZKTaL4r1RBg1ZbHZueOrnMVlY=,tag:v1ndJchirNLPvg8mWA1otA==,type:str] sops: - age: - - recipient: age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrY3VsVTVSdC83SXNuMEhp - Z051c2RrT29mbGhGZmtxUnFmMWY0UUt4MmpJCnhwWjlQcnJHUDI5QWhPYUFKMzhW - eUpteTdUdTNvczFPNXRnQzlkNFh3bUUKLS0tIFN2bndWTGRKZ3ZSYisyU1hBbk1K - RU1La1Z2Q0lPYW5qYnl3OEVhaXZ1cFEKGMbMxcGda3uTGO6DjhnY57d6ulnfsKxt - PFVehZXh+/FD+u0RDnWMBcdjI1Qi7e6+q/dZX7xCn9dGloDynycbJg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-21T18:08:40Z" - mac: ENC[AES256_GCM,data:SvTSvRYd7ljYpQb72yRkQ+fDrDWRMQzFwTrI4RuLglBCzKNxu1g2JFAVFUSNRybWASCYhg0FqtHoC31HRHbs24g43fRFrXrvBB3sCwQ503y7A78/UfX55Bz3VBqYVJfh9w/Fm23Tak0ki1CQoAl53lz88eUHjCJjeyKtY81/PnI=,iv:y4C3RMWPsnTTgkscvfqVEzcgAg6L0QaKinzcBFLOfSg=,tag:kIcvmJXSNhpQDUHy+ZpPyQ==,type:str] + lastmodified: "2025-05-04T13:54:30Z" + mac: ENC[AES256_GCM,data:/+JlBnsQuJrx3+CXlH/0dtst8PdBw7cTnUpBavcQRXFjd5PsZ54kUCosFu7Y2ngL9xh6WOWKSJCKpHFb8TCrBhslJz+8SQiH97py9m59diMwG5m/RF3I3YHBIoonSZvl8ocDTbz5myycS41fad3CMs5XtGt/vEcceSFhgqjZs9A=,iv:yL8aRIn22zmTIQ53/e71t6o2z7q1fyvmgqvpz4va39M=,tag:DH1oCBbdOgK2NdanzMSn9w==,type:str] pgp: - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtAQ//c7qCMOidrBOwgXR02ajbMhzNdo5T+QnhLPh44y/YTICp - JGoTowZ+hPyK5gwaTPRkduRzK074uxcjSedUfcKAPvnmmYkl4oMo/7BjXRNAgUNX - leqmHnE/9+gR8EgVcYbfbsk5EPg9shhq9IYrt32PCL0D+17O5KCi78wMykmU9ZX3 - +DpZUHsZQHUUKKwCtBy4HgaFMIRTUIRFDYyfdVyKyDYvPypKzXw9ljZT4DPo257o - 3pRLRltzxrehRgvVgajdd8NCmy17KLxdgI/TV0EWuQkRV/C6kzyvts4GYnFScyT5 - B54X7ApFoHitjWcNl28kYg0zcwd8Grk5ucWqDdMaelG5of4nIqzphcVmsm/4we9Q - Br0vbI1coNYzOoC+5SEzdnmqeouPR6IQ+uwza0m5srCTEoKsTwDlPKwU8oFqCJBY - Hi6pjEbLFBwnkn2hIO+B9YEJUENjLw04DAKfmiTXr8H0/DvVdQBeQtSpRTUdijSK - x1GXJm2+lgWzLtcYB2W7QphktO78hQ8lUx3lEP4j1VM9aTAhCfSrdsx+4EmrRSTm - q2AjSYXI+xzAldSnYyXP6Oy4IWUaJ9vf0x3PqfCrn78rJghQC3PEPpeg5YoQz5VL - 6NvULUpSlC0huFgSxHyYoGOfM1fNAAAXPUg0BqaORTLcOMdXA+BC8scd7CPfcyLS - XAFG8sQUz1KWp/0rB5cOfSM8Cg5zqY1c4lG46NK3sPOaun3RXRoyq2BjB4izlMKM - tZ3fixqUoAr3yYSo6WEeKnFwT14wog4al124tn9QHhUHq2Nm1w0u76qssDgL - =Oiyj + hQIMAxK/JaB2/SdtARAAgv0wpzF+jFkc/5dlF9m33aXqRacTsTJutFkSv+NcCHwL + nbOjXr817ujXarA+NNFeu58FQEW9+fxA1T1O2azbgtOz0xXdlDfkSkS8kCm4B335 + cAu8B8UwDwMOpiRgmHrsnFmvDct1sOZ/tgnd6AB1bgSyKijNGtdIfAimbOM0pEo4 + pNWkwh6WdsbjpSFohfuh5c3yc2unCKLV42QDyPbGYmE/MP88DW/bgBNmhept1vGM + k72Ih1lCaRcqZLEDaL042ttSqk3MCK8tbAzq5682MAyIJGq0H+OU4uysPgsxy7GS + OGDmyDHOD557msVZ+ftHpQKDsHMdN//DDo66uUR4VCS2IqILVAo4mFAbmbzF+yZ0 + Bt79T2Cgd+c2GdhiZ7pADtuVmLGE24mw5FXxCQxb/fbouXidH+2neVIjPCqzJE7b + yJoaYMIo3gWIdIM7fhlFnWrh4KGMh8z/eaVW3oG2uPCtO5OBpts1VCmvcmBBE4JT + kTz/1w/v3kz0rwze9JTKXHyg2wK1chn5V20T+5SwP6MAL25zxZa/tlPHEIH3lte/ + x0LHEU/5WXcQLYpYxNF7yy0mrwRlMs0SLRxC2l1Txk/O7xFffnFL0I5vBluxLU3y + FMB5EtIUamapM3FuOC+hzf9rCE4I+fQJ/8aBQD2hjzOQNamg7CTXTNWldbzKL/DS + XAHo8+Rd9b1dvjzZfxfRp/bF5Av2bfTO65lb9G6YiBHLD7+AFbo2Pn7NWh9X6J7I + qpYAK9Wfs0sFNm/UIhmSkFJIXmlhMbrsp14ebfH305OSoe+dvkHfLD50frdG + =3PUx -----END PGP MESSAGE----- fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA6EyPtWBEI+2AQ/7BpnVJCzGYCmtfzG115O6575g44wna0k/UmNp9T25HCsr - Ka59WhuqqUMbRNo+ZcxhOl2fiABeBjPT0GR4lU/Z0L3+fDE91ayPN7cWSThVf8fH - jU7u6A4ljRQCzh1zVCbLrYw/KvpIZm0+pIsPhtf48yKvvJA1VJ8iGSrsnkz91ABc - 13JN9BQ2I0jELTBYNbXJ/rxmH26ypyZ7u2tER6Xh+cFCoNILWdnkPkTnFvLI2c45 - /6dbAUsrSQNeQiPhjsYBi3MwNbjjOIk0qbqzEuC0Ow4WpbvW/1JVB/wDipLpudqP - TSmvAe6CgbbkPTabFHOMWQRHgR87YJMwiiA4iJuSsYzvF6hGkRT1C7sF+riMc2Vy - zaK0v1YpXkR0yrI+XqEHl4+K5mh8GOhR2gT2QA6U3hvgFwXwaTpzJBbYT9JzJFML - yz0FUDxGTpPBBL4ltC1vfexXEAe+z/9AZTTvMPYUHNLR9n3oNWXmhuAioiSPfeCX - ketaB4kX+gcYW8+5VnqDL44rtPooRZtIWP/e0GIhApcHZjQLEfowGiZjUeEGaXR0 - RDqyUSd6eYnoZ5n3ew03DtG/1wlzaKfDCszRa22oZxP2p9XVW7oYiRGobKwwU6qS - wQzahX1rL2NTKzjYzORSXRIzH/ZANGlgQAn82kFRbQRehUiq8OxnA7ZPWa02fFPS - XAGk5eFschzQhXfgBNN0FoTl54/guA+xi1bOZ77erVMP4XhEEQMJd5LH/uieDhGy - FfSJJAr7ArayJaOH9ULhD05om76Q9ufR/zfa2pu/bBNknhXxa/qNpxREGdx8 - =GL38 + hQIMA6EyPtWBEI+2ARAAkHsW/Uz7zqX2bvbgP1SlNiQGJ979f/wAHA0q154N22r9 + 02H3RB9zlyLQhEYlBKC8X1O7N8l4ZTod5GNGeWeqiEUacTve084u+rkrLz9HaNxt + Tfdpq0fqGofEvThOUB9I2B7yWahg1g+D5xee1PLhB03dhMwlWgfj2hD2+7oshlTi + USJsY7mR4GImWYVqcm9/nANpoQzEYJ24K0h6dw8NBDvgLPQAB8h6Td7DjXJw8NX4 + 21gfToS8E62gUV+K66MYwCZWuc/FxS2DZz4pewm2R52ReP7yl/nmpqlYb0iCfiTC + RmxhFbV6+E73sPzKjK8BJDMB6k4uPHFu5Hkh86o3XjwkpAaX84EzjVKi3VIGTLG3 + biyeWwh6efCjUhXptaGTIFZscdGiEDJGtTn0Z0J8iDXotb6pZms2Cde+oXpg2CBX + i6uiKiz/KtBaRNYbrb8rcDQ3IHcO8WWSvAp6dYrbOmY/bYu6q2dc4hhTVs4JFVzr + 5I8m5jRQdzyhaoB88S23VKS1jaOUwYhN1THKPAmcR840kAA217Jq/GwUoBx/G1t5 + DJQmStvo5f+nYBB6N/PVNzUWLU6gblFYiYnDIFy8hFHYmkmmWjU5J6qfITyzTULa + f079U9SJiqdE/t5UELAPbvIz/Hl0nGemJfit3XhZV3IelaFCxSJUR4DmE+rXTV3S + XAE1zXyTvV6b9bYkjY6UvUMETH3NbR3yYjn2CMnnHiPykF6rK7jXQ7Z6AP+drna+ + q9B0cmmMmGx1LcwO60wBOdbDyWsw/6aCt7SaMwX7CXw8kzQ7ZNRQDPrXtLPM + =3SiJ -----END PGP MESSAGE----- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAz5uSgHG2iMJARAA6hFD9VSOsX7LMTz5Iv3fEF9m6d9J9DvFGdVhzKjrl13P - RS3NdRUReyExTgJv1UztRSOWAFpYjt7EY5cDv9KejbQcuVUmknCV0rLiKkgKcn0T - Q3L761zy8BXfCSk1O8wSSgQyOgOe2jGdqP94sr8vF5/BHZpZjYAUvoTUCe/to/VJ - wXBwZOXsxeL6ipbgvUhDv/V2lr/SXxEEkAmmrsm2JzsjFi0kyj0XF81bxafnYNsX - TI85/Ejs4+WFhubr9UAJ5R2/tnPCXJq8fgZTemRpl+6OH0DnpuMUB3CsA13m2CnI - ftGvdy4j4ihVFN6M2sbUbeUFY2u92X7E9PLUSKQVn5TX0j1FM9Nzm2//V6yE+y5/ - GBYKL1zk2m0EFPLvc7LqboMu1RAej8dZ5VvhJBKG1oaN3c7bLUpFUuQm1uPTJrYB - I/2T2B+iyZp1+KCOpqLQKZCTY4yr5RbMlGqwvOcpzEP5xMCNPkIoFGKm9KyPMpFk - /O2WwaC/ewRAmSBiEVM38SOOS1Gm5Z7BXlmaZrD3GT1jBmTPqjrX9u89Q1EmJrEq - 2Go61OwGtmi2PcMSZ4ah99mBnP9aVei0br4OkZxa/wGfKPzlSqB4cLI8oAEnJk40 - JRU3BxlsunE5RCEOlNS08Id+/osjFI4VFDRZqDnw1NPaDbCvo5a2NkpEc+fTGzvS - XAHAT+2ZErI1QeQV3jM/zbk5U7jxRpx1HCOQN9fnGPS01WpAgY3dlpy1US5T4LbH - qNeuH5drHt4NaSvipAzKOoC+zZfciYgfsSVNOXDlztnjP0O/NqL35BzJ3FMV - =omHk + hQIMAz5uSgHG2iMJARAAyfykThjQAYOrOMy+nHwMHNXhmQRhHwtLIb+WEekWkRP+ + +t88NlZ0fgtQtKVZbme8V2a0TCFXK7DFmC/6ZYtawfSR6LsJCsybQ5iEXEiLnaMd + mddYwQocrHC8/P+MPPvG4Wu7WzPc1yl95k/GR/M/o/Jef5nsmlfsO4fEJbB1tVTc + rGjFZidiFIsJ12Nt0DavJi5iV+wXcrFkAEdDWSCbmp+93IVK2kEeSnSEJ2I0JOHz + 8EuroP9wGFSaq2pcVhEHs8LBm8fjUizMZGOVTjZPVWLH9Jc55Qwm+APKBMHkoAEW + KaX63+uj/IgqDKTo556JyYhK4ZzexPwduelsWfOYOY+r2coW0bV5haFEq4pvHMJH + 7A6m10lM2XcUzEC1j9r0BxPJuLtS5sYhub9gWsgxHsCbgArKcvkEfpC3ZRJyOmvo + 1EbB1Stvh4vr++ASmHlLl314qpLSt1YEYtBhGKg5XUPnGM86fOYOtH+pX9fOM5dk + xC4CXKLRmOfRcR+rllGoliyUrrXMTugf5r/UEeYOrSsKd40JsVPVC123Uoo8Y2j9 + FO7xGVQ3WBy4rDrqjRXoV1nakdKOvGD8iS0hSGs8yk569YtKA34RLAcwpji3U+sm + wIE4X/Z6Vyrsht/PvsbIcptexG2rxq7dze7eZd1T5C/pdcwh+rQG0ujJ/GB7klnS + XAHpuT2TgiN3oGIKMZh2cqfJ/rEBd61pvWMJQYW6ve2JhxSNL/Zo25GxsDoCzoqO + ruhYleZuFEYyuVIJQ1ePwt6AeQ4yy2PaNmZAJgW5scbSn0LKMoX3T8oRtgxN + =tPWV -----END PGP MESSAGE----- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1AQ/+K42NmCDc6ZHlF+EBvXvbueEUrXIcrNA68XIeLr3YXPOW - rzWMhSGVxT6tQOueM6bsMROMLfhJr4daRAmyHmAGP9j3pcQXJJYQpmzGuU/Pz7uZ - nWoD9u9fkk4NyvTvDCM9ZHrg7/R2yEQrhCkGnqwu/Of6DL90DvTgQ/3QFcwTnbDp - FcyHsAufvtovjEWv4XCYujjo0fEMvmWmPoVgfsoFMXReNBD6f43jw5iEN31oAcfQ - sULeplAxBk/gFQj3IivSGKvIG/U6CIxNWfgQZcxMISxlKByX6u3aYbM+3xtCXAH4 - oG1hu0db/L5H0Espys+dK0cWs/hRy9QUOgOVF88oFtYUkW/5DbfFSIxFcJpTdFGv - NgQF7w3aZpRL8ZSHc4zbqqwB35bV5dfFV/28ygYxBK7qZzTlBxh2XUvXA/VhxWM5 - Yqp9IIrb8TLRogYhxGD0ha5o5S5nWFIlprjclSFgkCZWO707jfFxVSRZ0l4a8R27 - Tf9lmCKVs92keLOFe7lZ2bsAOCjupOjbztc81pmom0Ql9/BUCiZJVjn3eUs9q3cM - Zj5sS2+etLOPjzWlO24MMnP3cVpSVdkp+biN8l01Gzb5Q4BXVdSQo1frvh7f0PRi - yeuXlNdUbGV+xyaz/gk6DTgIs5HNhOKawEO32M6vZoUlLiJ85Sl6SUPvdSamZ33S - XAHkr/lYlp+ZdbIvJuMH8dOPQxWwM1GzGRMKZLy0yCs7TrM/AkzdU/26BsZByT3X - L5V4hzFxWiIWjUg6T6B7ID3W8rCqusGYql2Le3sNIC/6VxrHqZRPVc1FGzXP - =JsQQ + hQIMAw5vwmoEJHQ1AQ/+IFSE4p67ld1nl5V8FYCHwDoZBAFKBz89KNv6nMmKZiVE + sa41YCWky0d8Tv3QXiYyL0jZuyQpN3DSXNrtQLHbjHya/mvHT16Oi51/A5ZvW8Sk + dABW7DHokET8cmtUpnhpx2hKGG2SbbkkGmZCBKOveVn5wq5VUPDqJjOF0P4wZWh6 + IkEQFfequPcCsM8MAtM3ocC5Lkkjwb91p0e0A35gE92kms7iPE7ecX2DJIiaATIs + ABRmcgwOJeuYV7nhvpFbq5FSBUXvjuVN9IGfIG3Dl+IcCYg5xF2eJWnK/sOiqNmc + uFoPkaoueTYEZkgwg9ItAvHN853WPzt7ppsduEvd3kwnsCrtj+veylr1upTjxQJK + Rx2+a70NJz9+eaVm4hLMBDl9Ov6cEril+vZU/N0x3tSQ/vZgAJ+ofK803k6717Mn + TkSLjLkP6BNoKI7DLMLfxiCy0IssDsiX1po2wPSn2sDa+4rYt8U9dhfI8wYzUF5Z + T8IGE7ZdVvGR0FfxbPdFgxeNJSPv7atIWemnqEAMQ5fVFQ3JsBS8xHoqoLcLJHh0 + Q8A+HPU3oSiU2ZjGlAM9yKWdUjz/DWeo0HodqaNBonJqCaxids0P0oHSGbTB6xY2 + pYYXnD9knobCUr/etjv1eMvU3lIi8bz8Xmdn4KKmWr2SQKmxUU+9Mf1BWWq45PjS + XAFK4pHgiE3+YLK4ygIrjBFls6g3BPQA6rUZAiFzsr2D0g16rejdhosacoJcKcGd + rpYHLCfu1CfgSlz3Qx3Ass5TD+xwHdsfT9SPpRQZSoxxpcxmDUcYpqdwGeO7 + =Fnjp -----END PGP MESSAGE----- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hF4DerEtaFuTeewSAQdAQEgSJ3Q/NpXw+IJGJRAvR39zMTlXbN0qt3ghoKOTnkcw - a+PCLvg3ud8vbFe52dN4vVFYqrCZcLKWJ1ehoYgH9LqA+Wh6t7YAYKr2QkHXm5ye - 0lwBF+AqFoT509SjXRZSv20bM1PBbc81pJU88CaOzfrxUqNfo6pxr4W1AvgmVYFK - Qz3GypWGkz3zspmML+VtFAbi/aLm+UMhL7JIxYg71kidPCnF4HOS1S6sYyLEVw== - =c0K9 + hF4DerEtaFuTeewSAQdAHaWsbzMdKQlM4f16MMkD06MaR9hPsvalNE1/K4d8Mygw + j5vWYfwadl8XuI/GRoyZG8hnddb0Vg545yVcHk/+0+W/SfWFzwhhvDUX8H6Qr8n8 + 0lwB89rZt3ztUxEN+C/0UAlhFZVb1OWZ+xpDC2u53j3f/zxAtCUKjJA/cqlL9sLG + u037d6B3Wn0XZsmC+jK67BFZiMWs4ZD5oM03rXMLqTVMuDzjV0LO5rUFDgiq6Q== + =CzYe -----END PGP MESSAGE----- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fAQ/+L7rNz2P8t00W4dy880oUR0j1Bu9UEzk1DzQCw2VTRMeU - InpbyXkTzsBeKlnX6sPUKu9asEO8EuaKnMzTg780HQTgeavJn7I/BgrdOce0hYWC - Gt5W7s73un3/2RXSjeugR7xaWDc8FOjiH3oLMmHNBVL22kGZ2KenfQ98M3LJdMoV - ROas97fjFYvhRG5DU9qGafv3SJs2lx6SU5Rhmg+RHsJPeYFh2OyZRqyIn9VdBt+E - X5g96AlTS3KrvUrafvHXur7tR3GGioqC7Wr28zHyTJlf1o7BwxvYUdk7s9z7wPUv - yznieBrqu3WvdteX2qUBtOlFFtbDWVpWDgRkdA+1ZYAJonVpKuTpH8KBZrG+sCOp - OOJc1nneWk12Gay1dX33pKWC2CSqsznekzkAnQYTcrQtx/9EsA4G30trZcZMKwfn - JluHD+r9zdRGNWEXP6zyT8Gu+qa+1XrUftfut8Gva9RIPQlfCJuqyT3ZJkRW42W0 - NbsSDhMKSXEKyBvQhnyFZfw/mN36H5lraiX0N3v3MWC+jPjL4PLwvHg8UEAYVyeO - bLyJfyAr/b2RZ+oWmrmvkV8KG9PIWHOzIgheeswKa3EuwrvkHlzCpDkSTvm74GxE - J8unBed5rkKpvYdPtwb2Nez2bVd1UGbl4PpPNz6p/wyCVF/NjAZGz96+TsJ6/LjS - XAHw/zBQr1QYDCZNOCPyf6HwZBCKYGI/uFjvMesFj3M7qAUOr0YPmw7xn20ic8v+ - C1hvgE+3OdO8ugXdte5ckT8Wfn7bMweOVW6AZ2UMGxzWBPPq06/LvXZ/XMMx - =sFro + hQIMAxjNhCKPP69fAQ/+PmNa3+9KdW8QK3Qp0xFsA5JCwFJ+ePnZqSy++0o39Cxf + htNykQUd1aNmHjlBTmfomzoGe4L8mIRULbVRDB39d8bqHI2EIUibFK2MPQrSvF9x + WLk3BLCKjBf0jja6y9DsgNHMIKOVKJKZ8+MSNiEwPr5yy3t+wRXIE7bTfRCSj2vO + mQ8MtN6XHH1klcg2MzQ2VBgt0/TgKNYRnF18d0bTzNTPg0XMosd9vT3HIdYNVtRG + Bs88WxoLQX4ki9B00R1diWneW3TNkD+SG+3QdbQYbkwfKVE7+/ZY1zbmAf9bUfM1 + FAyUeUH2ZfiqDnGTTSQEyLjWXsPx8OmaeWHdvY+Nay1tQxfyvdFldjmkhnhUYhot + epu4o0vih7y8dPAPvD2v3eflXo4I0R8kANKDkVZmB/ugayeR27Uv6+Rb6XQ27aKc + qrYMEzWsNJ14Cz/mM2eqyPBaI5mxhttxlFuPRho+wz1XISqsmJz14VojT18dtY5q + 3gv2dvzap9+xbs2+d8VnNvjWzocJYXy18ZLoZomNIuuKl6s0OdNEQxiC1/riWMIO + QjkbPt3037rtM5ZczhzgFLm1r45/nFx+T7nm42fEVLYnEP4Ln8bgvsasKHOoAocs + QWxUFMQ1VAyMs/IftTnxMZQe6eJmqHthH+3q/wYhIqsPy3r8gnkuqjqwoCb/XTrS + XAEQB91o4HxiecHP6Ks7QGI3+Z1CbEF3GWBrhCVtI0j+s+r0qsSa+6zeyaSK2Z2f + uRQijSuYw09UTsQHY3dsxZm1KNebkXXzVqrY1Wt9Qtf2Yr2seZiCPygvPVLB + =aDv7 -----END PGP MESSAGE----- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoAQ/+LMO10efzBKOBSoqYM80n4JwV15nY19yRPo8MeJdo4RVU - txY3YGH25l0hfH5Uba4vU8mltIfF6+ZfxfKRXKgqG3OKSl+C9s/eLFpVgmOXyGER - R5BT53cOfboES5v0oWhwtp9Bya5d7TtD0SaShR6h0CKT/AAybF8IJ4QrioM03dxZ - 00JyT7ikmgSQCq1IrTQOvXNR4nFCZwu5npThsantJePmKdtGFvGmwZ7XIOkmS+mM - XEM7IQv0q7xCyw+N7YlH9E+rXeDyB3tCZS68228p4JvvNaN2zOTHpGRCbQ2Xrd8B - 36qtai0osZjsyPbOqnXSSAOVATsLtlmqxn12qBXPbmcet8Mn1Xr89ezRYg8EqPwA - K1aEjVcAKuojmTdLx+UNofJxq86QHvNV9DdbFddttgRyRcqSQj3/4oCmdBRPxR13 - eL5NSP2uj2qeun5+7AToxdGGOD7CL5EsClmKVA6qxdaO/DEcVcwypyaCZxqX69c6 - d+mPNZqgyoxBT+oif6JPr+ywZVeKN5VDyncxre1zGSx/pXTTz01LzdUDZ5ww9W7y - sN9LVoDncxA3ijte8JW8+JLw5/Yoc14bf3qIo2FH/Fk8o49sUIzYljP4fqwlPbWn - H/dCrzjT4m66jN01MT/B6Y+Yen+PHW71aCLQZDVdFuDfuVX6bPAea01b9/hca+XS - XAFQGaqLizvr6jWZfewixnL8MI90GI08fw31a3zKFgDGUginOX61+24FTR+jxYMg - L61u0oB2FGCNXO6UQjGRTSckrw4Z7X8h292iso3A4lVc9ExhE1brCeFLgW3A - =Nujv + hQIMA1Hthzn+T1OoAQ//bEgJM9+WRz3K5KwV9I7fpiAb+BoXfNWh/mnwUGLv8FRP + aq72bbw1vXqBhI4jkna42eJVUm2AThL/q0QOJvGKDtud0MjJyS1tZj44kfwwC90E + QrybaasPvZ0WOLmSQO9DW8oyoqDqM8ue8smN9HJTOfHl15QV1oXWYjH0j2l1D/AC + 2iqLW7KOzo+zFr3s7HxXnCgv9/BwqmafW742aKM8amRb885b4CAzFKvhrYlvQ43T + Tntgp63veu+IIW1YiqrdLld+hJpPaVHHDuCRANuQ3r8hQlzjOMC0ZeAW0uXnRuIc + 3fOk+uQxV/POIauSQskUXSHztD8CacVjUyySi0+ZFTtJo39ulykalVy01UCNuWVE + O1cJW6I5ItpBsUqb6KZyMVVgQa5Iv4JkrTEaOsPXC/O8wb+JxiAz06rb8j0rn+Yx + z623wZNi+QwvFPc1c62DXFZN9sxFY1xcildSpjh/h491FAUE+QKYEPIMf7ChyqRw + uVc9A1f+tJFI9M+gzWYI0A0+Wbl5V4wMdJKzzSyZJAK4+AyJjfpwHRU33vvOk/MO + Cz5VdrCs0WQ/x34KauuM//AranbqjG7QLGVZT0pkknSyG57NF+T9KI8aZ/i3E1La + 9LEnMf50WLf0kBX7OrGryFs4RrFNWsTfSt37X1EZCmWubGTiINc96JsMQIa00bjS + XAEOFQq9PM2w/X8RyLnaE0s4m0gau9baCQxonUwq37S+XbjKreupgY1SldcyVMsU + RUWiwJwVMNI3UGdQ4LBoJYstTEhH2HLQFZecw0dlZfrLtGgWJAPYvRWAx8uw + =iOrq -----END PGP MESSAGE----- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA46L6MuPqfJqAQ//UAy0uZUyPPGm/GoAKew4uDa/xYAWpAx+rxQQiRZBmSZY - MnGQUsgiMIBsQt2gdyutzlggSZzjc5WRcaghlYzXZaKIRDakp92ajgL49snaYEnX - LX6qFmoMgRSbxmQPlrEfcj2yJ2bbC+GF2MZNtMMQISvsgA94KMyZ+UEZSI/ooZGF - +PbEnfibu0kgTFdmz841E0AkT8xEab/ERa/AYxE+l3Iz/+WPUNd6U4n3RXonzcaE - WvpvDXKqA7o3erZvULX2u1XJlZbbZM13HLwXDBCODOqG8JtDh6UvX8ZiUADtb4up - 4QlO6ETaWtWgzx+OrF70URFEzJ8biqczC/cAuaXHZzfoLZZ+smcFwBUaRQQbdIwr - pR1GGosJrY7kwNrKPgKF+jucAtVo1k7PrYSHTN+FB4pDR2qLcm3PFU1BBfpViJDo - cWlivN3sS0/8/dQvf49WBOqWfdz8I9MuX6H+dAQu4X51yjUU0nVIDD9dxvDFdk/O - KUMLJDgyfzS4bsNPBjAJs/49JsQeiTDbldM1MNDgICPGp8AbOrwudvS/l9iueoOo - mPdQTtFwxzM21t2M+pTvkuBpB8lNfUspmfvotWdYXCKG5rWCUD+kaRHoKpg8L9us - 1762pnE5Bu0ofzvBbpxNcUOO0HGMkE9Sv/Gk2E6khpfXo6m5sLXzfL7PwfjuzP7S - XAFfCp4gp0Ms3hLz+vlkwNGfMlSY11OrqANN1uwXb7FARdNBhqitd9BSufdtce9c - S1Kw9zApbVOSr2MtoNR4MKMplrJpIWE0lKYDhfCpr/wR1xXO6OraAqGgoNko - =uqNL + hQIMA46L6MuPqfJqARAAjJP/zQeLJ1qXKrz4ck4x+8z1TJx91XQU1aXLWLZjLcAw + 4v2G4ikG75WLfJcHaHNS56bhYKhPt4/xzmse16O8xuztz8xLVKsYuChna1J96IiU + pk0GbfWK5N/BVgPlntFE29gwXc2XhBSucHVwe9XseuIAlu99+OSf18TVXC41tKmQ + ZuvxgLMy5gLlt8fLLmsrgU7JM6QQXD/zfdziI9acrDw4CYKgE0Yt16+/JGCO4LI+ + 2yeoV/GvFTS431lsVmTxhC59DVNCVXW36o6EKQxXjcLFhuzNxCSI+hUZYJr476XS + wgdHQWoKrTL8B6l4nJ4/2zR6ltFM3JZi62aNW88DvW/SmJsHXt1b1tATie4kVpLo + S1ns85v0A4NmXmDyxiORVbGT087AvdtoJw3TbLNNYiWdE1FakNW9KVcjVeqly9XA + Kjr72wdyRE1vyjsuDtUnM9Apuo9V2PWtfqrsNqYxgK9WJPFEzVlvhD1CkXXXsdfh + ncVIywwU0CYG9xOAR7DTO/pPKa+faZStU3bRlE89D+9+iUkLXqJnjx4ZPUeIMg4v + oByjEAX0jOqJLsUR10tSmJ7hrmdWoKSJTVEdx6pc45jyt6CZD5EOl7qMlteCVZAg + gkkZ71uQLde5CRFrEPIJ3UdF8xDvnjJ8HgoaLCv9AewMlWiMNrGWV31rFqp7CRnS + XAGsOtTt6y6VT5C1rKamG4IKK998ycirXQPlwC1svxP44sRS/LE9OI820jEiGUxT + SYeFvLISOje6f8Qf34hP9X5MmyxQd0lqMiOt8lkGj2GDqFzKsrKeu1cpylby + =Fivv -----END PGP MESSAGE----- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA4EEKdYEzV0pAQ/+J3y2ilg+0a++IuFyeAS+1S4akdbOSE5K8pwcSulmrT8K - hnZ2Y/U+IF4pjhZYbFeCiVh8BzH6VwXLqFQrpsQhq2fNs0U7M6KuZxFEcMhrRH7O - ULs7ZtoVg3qQ1F6uM5YS3cW1bzHZdRZ0mYNUi46LQWwFVNisjtMKrjJBN9fr4aeR - Cei1+bkPUMCQ/7ChQwf9MHO5pUzwXA5ttsChXPMU+HzzbcCuVZjHT6rptrPsSLPR - QsR/fDOTweUiRk6+Lj5/OAjwgGRaO/yLgdS9fGrezwssVvDm08ZxFMPCBEn7Yrob - Jwe2uMdkGOE/e6SJyfh/glg+uie42g/HYo+PaBwuLot/3E/q7TbaAAHKEIlRfZSo - LRsSs/FaX+2HGnNgHHNxHhvEh+FDvp/EdMcZG9vF5mIM/XYFCbUJEdwWMfgyFq6N - hOxMK7KCcnqbMJPPdypSjyOnyBD7asyhqBwavxnqJrQ+6gH8XvVtOgc6Kt04QlP9 - CgrWuqrEq8Ulx8w9KkKP9VGg9z6FbWdF4TYQwQ6KfVC5EMSrVHM+N2Y6DDpoXHuS - HZKtJH3qITxsofPhdssjxlvGtJRU+t1Bsa/wponQC4hJpKQ2QpNRWxrI7Oewy8jT - ku78htjN7HFD9IrF/Dg+3kxLDIdi7/+Z8mE0eMg4RvfBBJJSJHADV+BqH/9vZ+jS - XAETzKYL69TUOxK4xohMkICkjVms0z/LyMgWjAuY70MC5EaNSXKNVqDGYTtsWLYS - 4ZGh3YNZCC1uK+lwos+s4OhtGLEs4pRWubz8wH66MlrAKfrI4hgQv0V4bO29 - =o5Ja + hQIMA4EEKdYEzV0pAQ//WS8zjYnuGKpQ63BdGAEU55mAlGu8etvOLlj3JGL/EAjX + CKadwY1gIPjN/AZzDN8twadasFE/o02Cz1hLAPQIS4IYgh2L5pZZVm6D/5v0rQgJ + Da74NBoFKXLD7D7P/+abLTFSrTG7u3rRL8AAOsXHiMpyxn1AgvNPS/lHrdTWi/7Y + RfvjaMqjynZs6tsOZrQjUjz1mdwZ0Pl0g4soJ/4KBN5riz+U5wubKb8g1qxEaWZ+ + CiyGcF6rHfL1/7rugg+Z7QhRlW09wAqkQzpeB9h3rIqczqsPZVuw2gtBhSnjAGa2 + i2q8HWFwegJYMemSxtqyO4kdtMp8J/KOXQ235ge96kMfid0muFeqD4QehSqaSta4 + gJsPiQslhlRyBUraTAzWo+1Pgx6oBpU2Z4GD3xAsKyQ6m+wVg+7OsZJYXuMt3Y6n + DkMfbjJOvGUlN1XiZM5GT3YqRFFXpmn1NZ4RMBHv61vDuq6z9EWm/+6i/tR/ugxM + Y+qiBYohMEIwdEpzlVZVQElCt9atKPk4YLnpele/midAKVwtBnQ+IpNEjKEtXSYe + QYDRVu+OkYSiMxvnJ1ZmL4lKJVHhHtQ6Pi4xkK0eTPUaWvCI6T+t4Dj9r/OJTbLW + APOXEQ54CnDmGqG83op1wdMuwmw8edEBowogILlUyaP8mB3cK9KJt7B/31ntlc3S + XAFQHLwHWB3PjCYiegJYQUbXIAfL/cdTwwBfmX8uMDerJ81IQSzu5hVDhIL9pE7l + UVWxGbGzfUdTE2U45M082DrjTmBkV3RdE0Y3JaBqPJ0oVQh6p1aM4d2aqyhk + =nWD2 -----END PGP MESSAGE----- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hF4DQrf1tCqiJxoSAQdAcZJvd8VKNf+utHb2ndF8WC713BKaMip39sdKr5MII1sw - U5z2I11J3lvM7hJ0ZIWdjLeZyok69Kk7kSRxbWxn26YfMtxlrR/zNkr6glj9TKoI - 0lwB+c7VagQFT9bcMDab/+1Vh3P4gGAF/nzw/aP9K6W1gbW7Ji5ZS6RQN8kfeJxJ - 14qesoUtJ02a69xVGxmuMK7FgMbEpNHvAUkTKIVEjb7t3MQv7nCHa4bCVyYspw== - =Wjzk + hF4DQrf1tCqiJxoSAQdAr+L6oXEIIepvoeDrCt4z9snnaxL/Pmp6dpCAkxaXXmIw + 5J6eEv5G83So6+XXJXvOaoneKu5qevc0fSbEBAhJfKBUYk/ygb5seBcGycBWQhDL + 0lwB+3jIywPou71D15VbcMJQuWshrGPkpEf8/7aaL3kiZAQbxtuajECD6/0zk9E5 + /owG/AWfR/W8bHJ2S/CFHb+m+aLHWI0emOg/OMGKjLG4JrarB3tbdsPcdH+8jQ== + =K0rr -----END PGP MESSAGE----- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hF4DzAGzViGx4qcSAQdALleBKgLCOu4Y6BGE6Z8URBAHPwl4AUdOLxBne4zgtwUw - JWcx6dlmEa1CVsV7U8jtxGbqI6oxDeqdBRRnSkG/VgHunx83p4d0XIIzt0UZCOdl - 0lYBR0PWpdHc/73Iuqjb6tNl4f/uMEmPWMY2gsauF+FMPjQoenPLPi3uvqbVrqVu - Y6FGIg7Y3fTjE0oW0dZ1XXurDgpZNw1W/R1k5lPi+ChYAbjWChcQkg== - =LGE9 + hF4DzAGzViGx4qcSAQdAkzDgkAALby9UfWjtDDCJEgMH/tcIAHWeRqOx7CyojjMw + 0XdXIl6Q6x82GOnYKtJuFkvpGc+fSoREGiAVCOzaXi9J3vKUV410nSQEpyXuiC4c + 0lYBDC0rwF3mDKX7Pd7LZCH5ImaJiUB26Q6M2k6bfVhSyTygADlqcrvev6buc7sC + 1cfZdBGkTLJeqADe5p3+wJvHiUvK/VhlwV+hXt8PBkywDpSyLgaGWg== + =x/XZ -----END PGP MESSAGE----- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-07-21T18:15:42Z" + - created_at: "2025-07-20T18:28:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA2pVdGTIrZI+ARAAspXdhAYalua5flBfBxEXq6zlXxQolT1+91bWRoW7mA4d - RV0GyJuGmlBr84fwys5qoyYMZZfkSioW+IluK/Z2+07flygwlHntpRBQeXVMhT05 - uZMQsmyT1Q73XWsYAb0BKXkrMz/xUvhnHbyytE6SkBADC18xmcX3O2o7dbVFRFpz - 1Yz//wdt5ErF3ms1fdmLZa2heLFudBrNxvaexgHnnk/gtJ9nH6kTb/c5hn6G53Xx - ez1Vy72+qi0lFJswId7jgSGyf6bXlHHsEeAp9/H1LsUqoscnk5hmnrOCLzVNSPmK - V/qjMAxGuN8lQVf7MCJ4zbGLFZe2kTaFLBaRqIz8YSAdIuGTrM54Tu8193K73se6 - fBuhL5gQELKWLRpUNe96HF/NeEnswCprNwyr9Yu58/EjKDyMo8AYhKo6Ia7QTofQ - 67vtSOpHVQqbYYV+CRVhpQqxYu7XiC2bjtBoMmMz7vXUAFnUe+EScPrFLlAsaDD6 - 9S01IEZcqe8D98X6e6W+0D0jTgd7JkvRZGOD1PWm+S1hyCgZ3AkTiiv70forhsGv - YPEqNyOvetiWFYxbgylzxeact5kyUfK4ckYfeNYK66NS/QwOfgfBvafHhLSSDmct - H4hm2ct1R8bMbMIM23oIkeuxudRi2J9Uf2/+/hT2kn3zeGYYVGBfqEnUfBoaZafS - XAFGyI1xu0sgZNP6M3muvk1/NqxVxfRB9uVh1bfDcCDM+rlolFhdWPN4S1MmfiEV - 9E2Pi1mF2M0ii5rM1kXnzEKPMgXcvhakNhn/J1MxDTlDzWIkMuWY2WQNTT57 - =WSNg + hQIMA2pVdGTIrZI+ARAAuQj5yvmmxjrUXFquA58u8LqIIn9lS8fW04vvO7s66Kt3 + RhwiM1K+uTpPD0IeYO4t7xUpfQwxLKGybVBvOnjisWyTWZYWRPvpqpR8mrt/od0R + 3GcB/hval/O2HtL/CwtOwMu4RcfNKVMozLpZjWYZ5N61UgHgnSPxqAbizh2MDPJ9 + UCM3PesL54kwBDxGUgoCOD+EnIlUOIFFrys6GLWHLqQhNsNgOeXtYQAiFhMuCzqC + PVeKqOJrRD5q/mgRnOnMhXC6E5xgOOHB1war4rDaEF6rx0YujgiMt/c4NTqFPM36 + aMF1Kw/XawEQthhXdCcxYtQefcAs1lFhAhAo93tGcqnwQc6MrfIgKJV8pdE8FBAk + xGhzQlwjQsilJ/YoXvNDm6Iy0UH1WVVcVRSKE+ogC9dw1JyG3tu4kfp7GioQvhkD + tGEg/9hNMcWXa7Gbyr3kCpmTHuaJGaC8R4dy0rzL/SXDMfWm3zbFZVZoZieOuzeX + gl1F6bUnc4gUnlOa2XPYYrIVWfQMdAJYbj6ywvl0lMLxeOtStcYVD1EdRhiGEWrJ + 9YoEjDAMg99WHfEvNSe+90CnBPY/UNig97lcdGZzmKAYIMh5OutJsS5t+Lx318Yn + C8dDvk7QbDyG0lgaZHAAeY1SPbVW4eUdRxZIOrGPsiRUpzYxlExLVdy8vtXfFHnS + XAEc6y4UA3fhOYN7i6MZNVye186v9gZZyGjeZX1nLJN130A1TwMOg/tIeuFBmxpO + 0C4SX0xckcZQuWCR51Xjeu4hDCeMVQJuMJaypjhVoyQPiw4yaWWbELuSC5/F + =ERpn -----END PGP MESSAGE----- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 unencrypted_suffix: _unencrypted - version: 3.10.2 + version: 3.9.4 diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml index d8da335..4726885 100644 --- a/inventories/chaosknoten/host_vars/netbox.yaml +++ b/inventories/chaosknoten/host_vars/netbox.yaml @@ -1,10 +1,3 @@ -ansible_pull__repo_url: https://git.hamburg.ccc.de/CCCHH/ansible-infra.git -ansible_pull__inventory: inventories/chaosknoten -ansible_pull__playbook: playbooks/maintenance.yaml -ansible_pull__timer_on_calendar: "*-*-* 04:00:00 Europe/Berlin" -ansible_pull__timer_randomized_delay_sec: 30min -ansible_pull__checkout: ansible_pull - netbox__version: "v4.1.7" netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}" netbox__custom_pipeline_oidc_group_and_role_mapping: true diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index 0891fff..93ea984 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -180,6 +180,3 @@ alloy_hosts: hosts: grafana: ntfy: -ansible_pull_hosts: - hosts: - netbox: diff --git a/inventories/z9/host_vars/waybackproxy.yaml b/inventories/z9/host_vars/waybackproxy.yaml new file mode 100644 index 0000000..18540ee --- /dev/null +++ b/inventories/z9/host_vars/waybackproxy.yaml @@ -0,0 +1,7 @@ +docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/waybackproxy/docker_compose/compose.yaml.j2') }}" +docker_compose__configuration_files: [ ] + +nginx__version_spec: "" +nginx__configurations: + - name: waybackproxy.ccchh.net + content: "{{ lookup('ansible.builtin.file', 'resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf') }}" diff --git a/inventories/z9/hosts.yaml b/inventories/z9/hosts.yaml index 4d847bf..62cacf1 100644 --- a/inventories/z9/hosts.yaml +++ b/inventories/z9/hosts.yaml @@ -11,6 +11,9 @@ all: ansible_user: chaos thinkcccore0: ansible_host: thinkcccore0.z9.ccchh.net + waybackproxy: + ansible_host: waybackproxy.ccchh.net + ansible_user: chaos yate: ansible_host: yate.ccchh.net ansible_user: chaos @@ -20,6 +23,7 @@ certbot_hosts: docker_compose_hosts: hosts: dooris: + waybackproxy: yate: foobazdmx_hosts: hosts: @@ -32,11 +36,13 @@ infrastructure_authorized_keys_hosts: dooris: light: authoritative-dns: + waybackproxy: yate: nginx_hosts: hosts: dooris: light: + waybackproxy: ola_hosts: hosts: light: diff --git a/playbooks/deploy.yaml b/playbooks/deploy.yaml index c11a0e7..952aeec 100644 --- a/playbooks/deploy.yaml +++ b/playbooks/deploy.yaml @@ -78,10 +78,5 @@ ansible.builtin.include_role: name: grafana.grafana.alloy -- name: Ensure ansible_pull deployment on ansible_pull_hosts - hosts: ansible_pull_hosts - roles: - - ansible_pull - - name: Run ensure_eh22_styleguide_dir Playbook ansible.builtin.import_playbook: ensure_eh22_styleguide_dir.yaml diff --git a/resources/z9/waybackproxy/docker_compose/compose.yaml.j2 b/resources/z9/waybackproxy/docker_compose/compose.yaml.j2 new file mode 100644 index 0000000..b6752fa --- /dev/null +++ b/resources/z9/waybackproxy/docker_compose/compose.yaml.j2 @@ -0,0 +1,10 @@ +services: + # https://github.com/richardg867/WaybackProxy + waybackproxy: + image: cttynul/waybackproxy:latest + environment: + DATE: 19990101 + DATE_TOLERANCE: 730 + ports: + - "1999:8888" + restart: unless-stopped diff --git a/resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf b/resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf new file mode 100644 index 0000000..7c616c7 --- /dev/null +++ b/resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf @@ -0,0 +1,5 @@ +# TODO: set up caching proxy + +# server { +# listen 1999 +# } diff --git a/roles/ansible_pull/README.md b/roles/ansible_pull/README.md deleted file mode 100644 index a7e3dc7..0000000 --- a/roles/ansible_pull/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# `ansible_pull` role - -A role for setting up automatic `ansible_pull` runs. - -## Supported Distributions - -Should work on Debian-based distributions. - -## Required Arguments - -- `ansible_pull__age_private_key`: The age private key to use to decrypt SOPS secrets with. -- `ansible_pull__repo_url`: The URL of the repo to run the playbook from. -- `ansible_pull__inventory`: The inventory to use. -- `ansible_pull__playbook`: The playbook to run. -- `ansible_pull__timer_on_calendar`: When to run the playbook. This is the argument to a systemd timers OnCalendar. See the systemd.time man page for reference. - -## Optional Arguments - -- `ansible_pull__user`: The user to run `ansible_pull` as. Defaults to `ansible_user`. -- `ansible_pull__checkout`: The branch/tag/commit to check out to run the playbook from. Defaults to `main`. -- `ansible_pull__timer_randomized_delay_sec`: The timer will be randomly delayed by a value between 0 and this. Useful to not have all timers fire at the same time, even if `ansible_pull__timer_on_calendar` is the same. Time value in seconds. Defaults to 0. - -## Links & Resources diff --git a/roles/ansible_pull/defaults/main.yaml b/roles/ansible_pull/defaults/main.yaml deleted file mode 100644 index 3b9acb2..0000000 --- a/roles/ansible_pull/defaults/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ -ansible_pull__user: "{{ ansible_user }}" -ansible_pull__checkout: "main" -ansible_pull__timer_randomized_delay_sec: "0" diff --git a/roles/ansible_pull/handlers/main.yaml b/roles/ansible_pull/handlers/main.yaml deleted file mode 100644 index ada2426..0000000 --- a/roles/ansible_pull/handlers/main.yaml +++ /dev/null @@ -1,4 +0,0 @@ -- name: systemd daemon reload - ansible.builtin.systemd_service: - daemon_reload: true - become: true diff --git a/roles/ansible_pull/meta/argument_specs.yaml b/roles/ansible_pull/meta/argument_specs.yaml deleted file mode 100644 index e5c88af..0000000 --- a/roles/ansible_pull/meta/argument_specs.yaml +++ /dev/null @@ -1,27 +0,0 @@ -argument_specs: - main: - options: - ansible_pull__age_private_key: - type: str - required: true - ansible_pull__repo_url: - type: str - required: true - ansible_pull__inventory: - type: str - required: true - ansible_pull__playbook: - type: str - required: true - ansible_pull__timer_on_calendar: - type: str - required: true - ansible_pull__user: - type: str - required: false - ansible_pull__checkout: - type: str - required: false - ansible_pull__timer_randomized_delay_sec: - type: str - required: false diff --git a/roles/ansible_pull/tasks/main.yaml b/roles/ansible_pull/tasks/main.yaml deleted file mode 100644 index 53fc219..0000000 --- a/roles/ansible_pull/tasks/main.yaml +++ /dev/null @@ -1,63 +0,0 @@ -- name: ensure dependencies are installed - ansible.builtin.apt: - name: virtualenv - state: present - become: true - -# https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-and-upgrading-ansible-with-pip -# https://www.redhat.com/en/blog/python-venv-ansible -- name: ensure Ansible installation exists - ansible.builtin.pip: - name: - - ansible - - jmespath - state: present - virtualenv: /usr/local/lib/ansible_pull_venv - become: true - -- name: ensure secrets directory exists - ansible.builtin.file: - path: /etc/ansible_pull_secrets - state: directory - mode: "0750" - owner: root - group: "{{ ansible_pull__user }}" - become: true - -- name: ensure age private key is deployed - ansible.builtin.copy: - content: "{{ ansible_pull__age_private_key }}" - dest: /etc/ansible_pull_secrets/age_private_key - mode: "0640" - owner: root - group: "{{ ansible_pull__user }}" - become: true - -- name: ensure systemd service exists - ansible.builtin.template: - src: ansible-pull.service.j2 - dest: /etc/systemd/system/ansible-pull.service - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer exists - ansible.builtin.template: - src: ansible-pull.timer.j2 - dest: /etc/systemd/system/ansible-pull.timer - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer is started and enabled - ansible.builtin.systemd_service: - name: ansible-pull.timer - state: started - enabled: true - become: true diff --git a/roles/ansible_pull/templates/ansible-pull.service.j2 b/roles/ansible_pull/templates/ansible-pull.service.j2 deleted file mode 100644 index 8a17190..0000000 --- a/roles/ansible_pull/templates/ansible-pull.service.j2 +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=ansible-pull for configuration and maintenance -After=network-online.target -Wants=network-online.target - -[Service] -Type=oneshot -Environment="SOPS_AGE_KEY_FILE=/etc/ansible_pull_secrets/age_private_key" -ExecStart=/usr/local/lib/ansible_pull_venv/bin/ansible-pull \ - --directory /home/chaos/ansible_pull_checkout \ - --clean \ - --url "{{ ansible_pull__repo_url }}" \ - --checkout "{{ ansible_pull__checkout }}" \ - --inventory "{{ ansible_pull__inventory }}" \ - "{{ ansible_pull__playbook }}" -User={{ ansible_pull__user }} diff --git a/roles/ansible_pull/templates/ansible-pull.timer.j2 b/roles/ansible_pull/templates/ansible-pull.timer.j2 deleted file mode 100644 index 24bc8ba..0000000 --- a/roles/ansible_pull/templates/ansible-pull.timer.j2 +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=ansible-pull for configuration and maintenance on a timer - -[Timer] -OnCalendar={{ ansible_pull__timer_on_calendar }} -RandomizedDelaySec={{ ansible_pull__timer_randomized_delay_sec }} - -[Install] -WantedBy=timers.target diff --git a/roles/apt_update_and_upgrade/handlers/main.yaml b/roles/apt_update_and_upgrade/handlers/main.yaml index 4af18be..001bbe4 100644 --- a/roles/apt_update_and_upgrade/handlers/main.yaml +++ b/roles/apt_update_and_upgrade/handlers/main.yaml @@ -1,5 +1,3 @@ - name: reboot the system - ansible.builtin.include_tasks: "../../reboot/tasks/main.yaml" - vars: - # Simply don't reboot on local connections and rely on proper handling of /var/run/reboot-required. - reboot__local_handling: ignore + become: true + ansible.builtin.reboot: diff --git a/roles/reboot/README.md b/roles/reboot/README.md deleted file mode 100644 index 1aaa6a6..0000000 --- a/roles/reboot/README.md +++ /dev/null @@ -1,26 +0,0 @@ -# Role `reboot` - -A role for rebooting a host, which also handles local connections gracefully. - -## Optional Arguments - -- `reboot__local_handling`: How to handle reboot on local connections. The default mode is `none`. - Possible choices: - - `none`: Just runs `ansible.builtin.reboot`, which would fail on local connections. - - `ignore`: Just doesn't reboot on local connections. - - `file`: Doesn't reboot on local connections and instead touches the file defined by `reboot__local_handling_file`. -- `reboot__local_handling_file`: The file to touch, if `reboot__local_handling` is `file`. Defaults to `/var/run/ansible-reboot-required`. - -## Usage in a Handler - -Since a reboot should often be triggered from a handler and since handlers can't include or import roles, this roles logic can also be run by including the `main.yaml` task using `ansible.builtin.include_tasks` as a workaround. -When doing so, arguments should be specified explicitly as necessary (so at least `reboot__local_handling`) as the default role inclusion mechanisms like setting default values don't work. - -An example handler would look like this: - -```yaml -- name: reboot the system - ansible.builtin.include_tasks: "../../reboot/tasks/main.yaml" - vars: - reboot__local_handling: ignore -``` diff --git a/roles/reboot/defaults/main.yaml b/roles/reboot/defaults/main.yaml deleted file mode 100644 index dbcdd1b..0000000 --- a/roles/reboot/defaults/main.yaml +++ /dev/null @@ -1,2 +0,0 @@ -reboot__local_handling: none -reboot__local_handling_file: /var/run/ansible-reboot-required diff --git a/roles/reboot/meta/argument_specs.yaml b/roles/reboot/meta/argument_specs.yaml deleted file mode 100644 index 7bad88f..0000000 --- a/roles/reboot/meta/argument_specs.yaml +++ /dev/null @@ -1,13 +0,0 @@ -argument_specs: - main: - options: - reboot__local_handling: - type: str - required: false - choices: - - "none" - - "ignore" - - "file" - reboot__local_handling_file: - type: path - required: false diff --git a/roles/reboot/tasks/main.yaml b/roles/reboot/tasks/main.yaml deleted file mode 100644 index 791bf73..0000000 --- a/roles/reboot/tasks/main.yaml +++ /dev/null @@ -1,14 +0,0 @@ -- name: Reboot - ansible.builtin.reboot: - become: true - when: ansible_connection != "local" or reboot__local_handling == "none" - -- name: Touch a reboot required file - ansible.builtin.file: - path: "{{ reboot__local_handling_file }}" - state: touch - owner: root - group: root - mode: "0644" - become: true - when: ansible_connection == "local" and reboot__local_handling == "file"