4 openwrt_output_image_suffixes:
6 - combined-squashfs.img
8 openwrt_packages_extra:
21 /usr/local/bin/door_client:
23 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_client/door_client"
24 /usr/local/bin/door_daemon:
26 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_daemon/door_daemon"
27 /usr/local/bin/update-keys:
29 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/update-keys/update-keys"
31 /usr/local/bin/authorized_keys.sh:
33 file: "{{ global_artifacts_dir }}/{{ inventory_hostname }}/authorized_keys.sh"
35 /usr/local/bin/update-keys-from-stdin.sh:
37 file: "{{ global_artifacts_dir }}/{{ inventory_hostname }}/update-keys-from-stdin.sh"
43 AllowUsers root tuerctl tuergit
44 AuthenticationMethods publickey
45 AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
47 AllowAgentForwarding no
50 UsePrivilegeSeparation sandbox
52 Subsystem sftp /usr/libexec/sftp-server
55 AuthorizedKeysFile /dev/null
56 AuthorizedKeysCommand /usr/local/bin/authorized_keys.sh
57 AuthorizedKeysCommandUser tuergit
59 /etc/ssh/authorized_keys.d/root:
61 {% for key in noc_ssh_keys %}
65 /etc/ssh/authorized_keys.d/tuergit:
67 {% for key in noc_ssh_keys %}
75 hostname: '{{ inventory_hostname }}'
76 timezone: 'CET-1CEST,M3.5.0,M10.5.0/3'
81 - name: timeserver 'ntp'
86 - '0.lede.pool.ntp.org'
87 - '1.lede.pool.ntp.org'
88 - '2.lede.pool.ntp.org'
89 - '3.lede.pool.ntp.org'
92 - name: globals 'globals'
94 ula_prefix: fdc9:e01f:83db::/48
96 - name: interface 'loopback'
103 - name: interface 'lan'
108 ipaddr: 192.168.32.100
109 netmask: 255.255.255.0
110 gateway: 192.168.32.254
112 dns_search: realraum.at
119 opts: nosuid,nodev,noexec,noatime
125 shell: /usr/bin/git-shell
127 shell: /bin/false # TODO fixme