2 ssh_users_tuergit: "{{ user_groups.noc | union(['fgenesis']) }}"
4 openwrt_variant: openwrt
5 openwrt_release: 18.06.4
8 openwrt_output_image_suffixes:
10 - combined-squashfs.img.gz
12 openwrt_packages_extra:
27 ## this file will not be created because there is no file, link or content field below it
28 ## but it will force the creation of /home
29 /home/.placeholder: {}
34 /usr/local/bin/door_client:
36 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_client/door_client"
37 /usr/local/bin/door_daemon:
39 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_daemon/door_daemon"
40 /usr/local/bin/update-keys:
42 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/update-keys/update-keys"
44 # door daemon init scripts and configs
47 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/initscripts/doord.openwrt"
50 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/initscripts/door.default"
54 link: "../init.d/doord"
57 /etc/hotplug.d/tty/door.tty:
59 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/scripts/door.tty"
60 /etc/hotplug.d/usb/door.usb:
62 file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/scripts/door.usb"
64 /usr/local/bin/authorized_keys.sh:
66 file: "{{ global_files_dir }}/{{ inventory_hostname }}/authorized_keys.sh"
68 /usr/local/bin/update-keys-from-stdin.sh:
70 file: "{{ global_files_dir }}/{{ inventory_hostname }}/update-keys-from-stdin.sh"
76 AllowUsers root tuerctl tuergit
77 AuthenticationMethods publickey
78 AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
80 AllowAgentForwarding no
83 UsePrivilegeSeparation sandbox
85 Subsystem sftp /usr/libexec/sftp-server
88 AuthorizedKeysFile /dev/null
89 AuthorizedKeysCommand /usr/local/bin/authorized_keys.sh
90 AuthorizedKeysCommandUser tuergit
92 /etc/ssh/authorized_keys.d/root:
93 content: "{{ ssh_users_root | user_ssh_keys(users) | join('\n') }}\n"
95 /etc/ssh/authorized_keys.d/tuergit:
96 content: "{{ ssh_users_tuergit | user_ssh_keys(users) | join('\n') }}\n"
102 hostname: '{{ inventory_hostname }}'
103 timezone: 'CET-1CEST,M3.5.0,M10.5.0/3'
108 - name: timeserver 'ntp'
113 - '0.lede.pool.ntp.org'
114 - '1.lede.pool.ntp.org'
115 - '2.lede.pool.ntp.org'
116 - '3.lede.pool.ntp.org'
119 - name: globals 'globals'
121 ula_prefix: fdc9:e01f:83db::/48
123 - name: interface 'loopback'
130 - name: interface 'mgmt'
135 ipaddr: "{{ net.mgmt.prefix | ipaddr(100) | ipaddr('address') }}"
136 netmask: "{{ net.mgmt.prefix | ipaddr('netmask') }}"
137 gateway: "{{ net.mgmt.gw }}"
138 dns: "{{ net.mgmt.dns | join(' ') }}"
139 dns_search: realraum.at
142 # does not work, using symlink to /var/run instead for now
147 opts: nosuid,nodev,noexec,noatime
153 shell: /usr/bin/git-shell
155 shell: /bin/false # TODO fixme