4 openwrt_output_image_suffixes:
6 - combined-squashfs.img
8 openwrt_packages_extra:
22 /usr/local/bin/door_client:
24 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_client/door_client"
25 /usr/local/bin/door_daemon:
27 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_daemon/door_daemon"
28 /usr/local/bin/update-keys:
30 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/update-keys/update-keys"
32 /usr/local/bin/authorized_keys.sh:
34 file: "{{ global_files_dir }}/{{ inventory_hostname }}/authorized_keys.sh"
36 /usr/local/bin/update-keys-from-stdin.sh:
38 file: "{{ global_files_dir }}/{{ inventory_hostname }}/update-keys-from-stdin.sh"
44 AllowUsers root tuerctl tuergit
45 AuthenticationMethods publickey
46 AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
48 AllowAgentForwarding no
51 UsePrivilegeSeparation sandbox
53 Subsystem sftp /usr/libexec/sftp-server
56 AuthorizedKeysFile /dev/null
57 AuthorizedKeysCommand /usr/local/bin/authorized_keys.sh
58 AuthorizedKeysCommandUser tuergit
60 /etc/ssh/authorized_keys.d/root:
62 {% for key in noc_ssh_keys %}
66 /etc/ssh/authorized_keys.d/tuergit:
68 {% for key in noc_ssh_keys %}
76 hostname: '{{ inventory_hostname }}'
77 timezone: 'CET-1CEST,M3.5.0,M10.5.0/3'
82 - name: timeserver 'ntp'
87 - '0.lede.pool.ntp.org'
88 - '1.lede.pool.ntp.org'
89 - '2.lede.pool.ntp.org'
90 - '3.lede.pool.ntp.org'
93 - name: globals 'globals'
95 ula_prefix: fdc9:e01f:83db::/48
97 - name: interface 'loopback'
104 - name: interface 'mgmt'
109 ipaddr: "{{ net.mgmt.prefix | ipaddr(100) | ipaddr('address') }}"
110 netmask: "{{ net.mgmt.prefix | ipaddr('netmask') }}"
111 gateway: "{{ net.mgmt.gw }}"
112 dns: "{{ net.mgmt.dns | join(' ') }}"
113 dns_search: realraum.at
120 opts: nosuid,nodev,noexec,noatime
126 shell: /usr/bin/git-shell
128 shell: /bin/false # TODO fixme