Cyber/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: Cyber:master
Branches Tags
Cyber:master
Cyber:gluebuddy
Cyber:smart_monitoring
Cyber:artafinde_tu
Cyber:artifact-signing-rfc
Cyber:securit_tracker_limit
Cyber:dbscripts_archweb_auth
Cyber:oomd-config
Cyber:make-sure-unset-variable-doesnt-delete-root
Cyber:kape_servers_network
Cyber:mysql_dashboard
Cyber:upgrade_docs
Cyber:known_hosts_archlinux.org
Cyber:archweb-redirect-cors
Cyber:aur_robots.txt
Cyber:prometheus
Cyber:doc/jmespath-required-for-query
Cyber:keycloak_prometheus
Cyber:mariadb-nocow
Cyber:wip/mailman3
Cyber:wip/security-tracker-0.9
Cyber:monitor-mysql-table-stats
Cyber:wip/ansiblemgmttmpl
..
compare: Cyber:kape_servers_network
Branches Tags
Cyber:gluebuddy
Cyber:master
Cyber:smart_monitoring
Cyber:artafinde_tu
Cyber:artifact-signing-rfc
Cyber:securit_tracker_limit
Cyber:dbscripts_archweb_auth
Cyber:oomd-config
Cyber:make-sure-unset-variable-doesnt-delete-root
Cyber:kape_servers_network
Cyber:mysql_dashboard
Cyber:upgrade_docs
Cyber:known_hosts_archlinux.org
Cyber:archweb-redirect-cors
Cyber:aur_robots.txt
Cyber:prometheus
Cyber:doc/jmespath-required-for-query
Cyber:keycloak_prometheus
Cyber:mariadb-nocow
Cyber:wip/mailman3
Cyber:wip/security-tracker-0.9
Cyber:monitor-mysql-table-stats
Cyber:wip/ansiblemgmttmpl

1 commit
master ... kape_serve

Author SHA1 Message Date
Jelle van der Waa 686a43d1fe
Set the correct network interface for europe 2021-03-07 17:27:40 +01:00
489 changed files with 3671 additions and 23930 deletions
Show stats Expand all files Collapse all files

2
.gitlab-ci.yml
View file

@ -1,7 +1,7 @@
image: "archlinux:latest"
before_script:
- pacman -Syu --needed --noconfirm ansible-lint ansible yamllint terraform
- pacman -Syu --needed --noconfirm ansible-lint yamllint terraform
ansible-lint:
script:

19
.gitlab/issue_templates/New Official Project.md
View file

@ -38,18 +38,6 @@ If you want to add a new official project, here are some guidelines to follow:
- All of these should be activated by default as per group rules but it's good to check.
1. [ ] The *Protected Branches* in https://gitlab.archlinux.org/archlinux/my-example/-/settings/repository should specify
`Allowed to merge` and `Allowed to push` as `Developers + Maintainers.`
1. [ ] Disable unneeded project features under *Visibility, project features, permissions* (https://gitlab.archlinux.org/archlinux/my-example/edit)
Always:
- `Users can request access`: `off`
Often, but not always:
- Repository -> Container registry
- Repository -> Git Large File Storage (LFS)
- Repository -> Packages
- Analytics
- Requirements
- Security & Compliance
- Wiki
- Operations
## GitHub.com mirroring checklist
@ -85,13 +73,6 @@ If you want to add a new official project, here are some guidelines to follow:
- `Wiki`
- `Issues`
- `Projects`
1. [ ] Go to https://github.com/archlinux/my-example/settings/hooks and add a new webhook
- `Payload URL`: `$(misc/get_key.py misc/vault_github.yml github_pull_closer_webhook_url)`
- `Content type`: `application/json`
- `Which events would you like to trigger this webhook?`
- `Let me select individual events.`: `Pull requests`
1. [ ] In the GitHub description of the mirrored project, append " (read-only mirror)" so that people know it's a mirror.
1. [ ] Disable `Packages` and `Environments` from being shown on the main page.
1. [ ] In the website field put the full url to the repository on our GitLab.
1. [ ] Go to https://github.com/archlinux/my-example/settings/access and remove the GitHub account `archlinux-github`
1. [ ] Go to https://github.com/orgs/archlinux/teams/read-only-mirrors/repositories and add the repository with `write` permission

9
.gitlab/issue_templates/Offboarding.md
View file

@ -15,19 +15,16 @@ This template should be used for offboarding Arch Linux team members.
- [ ] Remove user email by reverting instructions from `docs/email.md`.
- [ ] Set user to inactive in archweb: https://www.archlinux.org/admin/auth/user/
- [ ] Remove member from [staff mailing list](https://lists.archlinux.org/admin/staff/members)
- [ ] Ask the user to leave `#archlinux-staff` on Libera Chat and forget the password
- [ ] Remove staff cloak on Libera Chat ([Group contacts](https://wiki.archlinux.org/title/Arch_IRC_channels#Libera_Chat_group_contacts))
## TU/Developer offboarding checklist
- [ ] Remove entry in `group_vars/all/archusers.yml`.
- [ ] Remove SSH pubkey from `pubkeys/<username>.pub`.
- [ ] Run `ansible-playbook -t archusers $(git grep -l archusers playbooks/ | grep -v phrik)`.
- [ ] Run `ansible-playbook -t archusers playbooks/*.yml`.
- [ ] Remove the user from the `Trusted Users`/`Developers` groups on Keycloak.
- [ ] Moderate email address on [arch-dev-public](https://lists.archlinux.org/admin/arch-dev-public/members) (find member and moderate)
- [ ] Remove member from [arch-tu](https://lists.archlinux.org/admin/arch-tu/members) and/or [arch-dev](https://lists.archlinux.org/admin/arch-dev/members) mailing lists
- [ ] Create [issue in archlinux-keyring](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/issues/new) (choose *"Remove Packager Key"* and/or *"Remove Main Key"* template)
- [ ] Remove member from [arch-tu mailing lists](https://lists.archlinux.org/admin/arch-tu/members)
- [ ] Remove member from [staff mailing lists](https://lists.archlinux.org/admin/staff/members)
## DevOps offboarding checklist

68
.gitlab/issue_templates/Onboarding.md
View file

@ -2,90 +2,50 @@
This template should be used for onboarding new Arch Linux team members.
It can also be used as a reference for adding new roles to an existing team member.
-->
/confidential
<!--
NOTE: Do not remove the above short actions.
They ensure that the ticket is created confidential and that personal
information is not publicly visible.
-->
# Onboarding an Arch Linux team member
## Details
- **Team member username**: <!-- Used for SSO account and @archlinux.org e-mail address -->
- **Team member username**:
- **Application**: <!-- Add link to relevant mailing list mail -->
- **Voting result**: <!-- Add link to relevant mailing list mail -->
- **SSH public key**: <!-- Add this when a user's access to machines is added or updated -->
- **Full Name**: <!-- Relevant for all new users -->
- **Personal e-mail address**: <!-- Relevant for users who will get a new archweb and/or SSO account -->
- **PGP key ID used with personal e-mail address**: <!-- Relevant for users who will get a new archweb account -->
- **Communication e-mail address**: [arch, personal] <!-- Relevant for users who will be signed up to mailing lists. Either choose "arch" or "personal". -->
<!--
NOTE: When creating this ticket as the sponsor for a new trusted user or
support staff member, attach the above information as a clearsigned document to
this ticket.
https://www.gnupg.org/gph/en/manual/x135.html
-->
- **Voting result**: <!-- Add link to relevant mailing list mail -->
## All roles checklist
The mailing list password can be found in misc/additional-credentials.vault.
- [ ] Add new user email as per `docs/email.md`.
- [ ] Create a new user in [archweb](https://www.archlinux.org/devel/newuser/). Select the appropriate group membership and allowed repos (if applicable).
- [ ] Subscribe **communication e-mail address** to internal [staff mailing list](https://lists.archlinux.org/admin/staff/members/add).
- [ ] Give the user access to `#archlinux-staff` on Libera Chat.
- [ ] Give the user a link to our [staff services page](https://wiki.archlinux.org/title/DeveloperWiki:Staff_Services).
- [ ] Replace the **Team member username** with the @-prefixed username on Gitlab.
- [ ] Remove personal information (such as **Full Name** and **Personal e-mail
address**, as well as the clearsigned representation of this data), remove
the description history and make the issue non-confidential.
- [ ] Request staff cloak on Libera Chat ([Group contacts](https://wiki.archlinux.org/title/Arch_IRC_channels#Libera_Chat_group_contacts))
- [ ] Go to [Arch Linux group](https://gitlab.archlinux.org/groups/archlinux/-/group_members) -> Enter Admin mode -> go to members -> add username as "minimal access"
- [ ] Go to [Arch Staff group](https://gitlab.archlinux.org/groups/archlinux/teams/staff/-/group_members) -> Enter Admin mode -> go to members -> add username as "reporter"
## Packager onboarding checklist
<!-- The ticket should be created by a sponsor of the new packager -->
- [ ] Create [issue in archlinux-keyring](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/issues/new) (choose *"New Packager Key"* template).
## Main key onboarding checklist
- [ ] Add new user email for the `master-key.archlinux.org` subdomain as per `docs/email.md`.
<!-- The ticket should be created by the developer becoming a new main key holder -->
- [ ] Create [issue in archlinux-keyring](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/issues/new) (choose *"New Main Key"* template).
- [ ] Create a new user in archweb: https://www.archlinux.org/devel/newuser/
This is also linked in the django admin backend at the top
- [ ] Subscribe user to internal [staff mailing list](https://lists.archlinux.org/admin/staff/members/add)
## Developer onboarding checklist
- [ ] Add entry in `group_vars/all/archusers.yml`.
- [ ] Add SSH pubkey to `pubkeys/<username>.pub`.
- [ ] Run `ansible-playbook -t archusers $(git grep -l archusers playbooks/ | grep -v phrik)`.
- [ ] Run `ansible-playbook -t archusers playbooks/*.yml`.
- [ ] Assign the user to the `Developers` groups on Keycloak.
- [ ] Assign the user to the `Developers` group on [archlinux.org](https://archlinux.org/admin/auth/user/).
- [ ] Subscribe **communication e-mail address** to internal [arch-dev](https://lists.archlinux.org/admin/arch-dev/members/add) mailing list.
- [ ] Allow sending from **communication e-mail address** on [arch-dev-public](https://lists.archlinux.org/admin/arch-dev-public/members) (subscribe and/or find address and remove moderation).
- [ ] Subscribe user to internal [arch-dev mailing list](https://lists.archlinux.org/admin/arch-dev/members/add)
- [ ] Whitelist email address on [arch-dev-public](https://lists.archlinux.org/admin/arch-dev-public/members) (find member and unmoderate)
## TU onboarding checklist
- [ ] Add entry in `group_vars/all/archusers.yml`.
- [ ] Add SSH pubkey to `pubkeys/<username>.pub`.
- [ ] Run `ansible-playbook -t archusers $(git grep -l archusers playbooks/ | grep -v phrik)`.
- [ ] Run `ansible-playbook -t archusers playbooks/*.yml`.
- [ ] Assign the user to the `Trusted Users` groups on Keycloak.
- [ ] Assign the user to the `Trusted Users` group on [archlinux.org](https://archlinux.org/admin/auth/user/).
- [ ] Subscribe **communication e-mail address** to internal [arch-tu](https://lists.archlinux.org/admin/arch-tu/members/add) mailing list.
- [ ] Allow sending from **communication e-mail address** on [arch-dev-public](https://lists.archlinux.org/admin/arch-dev-public/members) (subscribe and/or find address and remove moderation).
- [ ] Whitelist email address on [arch-dev-public](https://lists.archlinux.org/admin/arch-dev-public/members) (find member and unmoderate)
- [ ] Subscribe user to internal [arch-tu mailing list](https://lists.archlinux.org/admin/arch-tu/members/add)
## DevOps onboarding checklist
- [ ] Add entries in `group_vars/all/root_access.yml`.
- [ ] Run `ansible-playbook -t root_ssh playbooks/all-hosts-basic.yml`.
- [ ] Run `ansible-playbook -t root_ssh playbooks/*.yml`.
- [ ] Run `ansible-playbook playbooks/hetzner_storagebox.yml playbooks/rsync.net.yml`.
- [ ] Assign the user to the `DevOps` group on Keycloak.
- [ ] Subscribe **communication e-mail address** to internal [arch-devops-private](https://lists.archlinux.org/admin/arch-devops-private/members/add) mailing list.
- [ ] Subscribe user to [arch-devops-private mailing lists](https://lists.archlinux.org/admin/arch-devops-private/members/add)
- [ ] Add pubkey to [Hetzner's key management](https://robot.your-server.de/key/index) for Dedicated server rescue system.
## Wiki Administrator checklist
- [ ] Assign the user to the `Wiki Admins` group on Keycloak.
- [ ] Subscribe **communication e-mail address** to the [arch-wiki-admins](https://lists.archlinux.org/admin/arch-wiki-admins/members/add) mailing list.
- [ ] Subscribe the user to the [arch-wiki-admins mailing list](https://lists.archlinux.org/admin/arch-wiki-admins/members/add).

28
README.md
View file

@ -9,7 +9,7 @@ This repository contains the complete collection of ansible playbooks and roles
Install these packages:
- terraform
- python-click
- python-typer
- python-jmespath
- moreutils (for playbooks/tasks/reencrypt-vault-key.yml)
@ -65,7 +65,7 @@ but for the time being, this is what we're stuck with.
The very first time you run terraform on your system, you'll have to init it:
cd tf-stage1 # and also tf-stage2
terraform init -backend-config="conn_str=postgres://terraform:$(../misc/get_key.py ../group_vars/all/vault_terraform.yml vault_terraform_db_password)@state.archlinux.org"
terraform init -backend-config="conn_str=postgres://terraform:$(../misc/get_key.py group_vars/all/vault_terraform.yml vault_terraform_db_password)@state.archlinux.org"
After making changes to the infrastructure in `tf-stage1/archlinux.tf`, run
@ -124,27 +124,11 @@ Arch-audit can be used to find servers in need of updates for security issues.
The following steps should be used to update our managed servers:
* pacman -Syu
* manually update the kernel, since it is in IgnorePkg by default
* sync
* checkservices
* reboot
##### Semi-automated server updates (experimental)
For updating a lot of servers in a more unattended manner, the following
playbook can be used:
ansible-playbook playbooks/tasks/upgrade-servers.yml [-l SUBSET]
It runs `pacman -Syu` on the targeted hosts in batches and then reboots them.
If any server fails to reboot successfully, the rolling update stops and
further batches are cancelled. To display the packages updated on each host,
you can pass the `--diff` option to ansible-playbook.
Using this update method, `.pacnew` files are left unmerged which is OK for
most configuration files that are managed by Ansible. However, care must be
taken with updates that require manual intervention (e.g. major PostgreSQL
releases).
## Servers
This section has been moved to [docs/servers.md](docs/servers.md).
@ -168,7 +152,7 @@ This section has been moved to [docs/servers.md](docs/servers.md).
### Fetching the borg keys for local storage
- Make sure you have all the GPG keys **at least** locally signed
- Run the `playbooks/tasks/fetch-borg-keys.yml` playbook
- Run the playbooks/tasks/fetch-borg-keys.yml playbook
- Make sure the playbook runs successfully and check the keys under the borg-keys directory
## Backup documentation
@ -182,9 +166,7 @@ See [docs/backups.md](./docs/backups.md) for detailed backup information.
Our Gitlab installation uses [Omnibus](https://docs.gitlab.com/omnibus/) to run Gitlab on Docker. Updating Gitlab is as simple as running the ansible gitlab playbook:
ansible-playbook playbooks/gitlab.archlinux.org.yml --diff -t gitlab
To view the current Gitlab version visit [this url](https://gitlab.archlinux.org/help/)
ansible-playbook playbooks/gitlab.archlinux.org -t gitlab
## One-shots

3
ansible.cfg
View file

@ -8,8 +8,7 @@ roles_path = roles
vault_password_file = misc/get-vault-pass.sh
retry_files_enabled = False
callback_plugins = plugins/callback
callbacks_enabled = profile_tasks
max_diff_size = 250000
callback_whitelist = profile_tasks
[ssh_connection]
pipelining = True

25
docs/backups.md
View file

@ -8,21 +8,21 @@ You'll have to get the correct username from the vault.
We use two different borg backup hosts: A primary one and an offsite one.
The URL format for the primary one is
ssh://u236610@u236610.your-storagebox.de:23/~/backup/<hostname>/repo
ssh://<hetzner_storagebox_username>@u236610.your-storagebox.de:23/~/backup/<hostname>
while for the offsite one it's
ssh://zh1905@zh1905.rsync.net:22/~/backup/<hostname>
ssh://<rsync_net_username>@prio.ch-s012.rsync.net:22/~/backup/<hostname>
In the examples below, we'll just abbreviate the full address as `<backup_address>`.
If you want to use one of the examples below, you'll have to fill in the
placeholder with your desired full address to the backup repository. For instance,
misc/borg.sh list <backup_address>
misc/borg.sh list <backup_address>::20191127-084357
becomes
misc/borg.sh list ssh://u236610@u236610.your-storagebox.de:23/~/backup/homedir.archlinux.org/repo
misc/borg.sh ssh://<hetzner_storagebox_username>@u236610.your-storagebox.de:23/~/backup/homedir.archlinux.org::20191127-084357
A convenience wrapper script is available at `misc/borg.sh` which makes sure you
use the correct keyfile for the given server.
@ -72,23 +72,6 @@ or just a sub-directory:
misc/borg.sh extract <backup_address>::<archive_name> backup/srv/gitlab
## Special backups
### Mariadb
For Mariadb backups are made using mariabackup to `mysql_backup_dir`.Backups can are made and
restored using the `mariabackup` tool. See also [official MariaDB docs](https://mariadb.com/kb/en/full-backup-and-restore-with-mariabackup/).
### PostgreSQL
For PostgreSQL backups are made using pg_dump to `postgres_backup_dir`.
Restoring backups can be done with `pg_restore`. See also [official PostgreSQL docs](https://www.postgresql.org/docs/current/app-pgrestore.html).
### Gitlab
GitLab is backupped up using the `gitlab_backup` tool to `gitlab_backupdir`. See also [official GitLab docs](https://docs.gitlab.com/ee/raketasks/backup_restore.html).
## Adding a new server
Adding a new server to be backed up goes as follows:

35
docs/banning.md
View file

@ -1,35 +0,0 @@
# Banning IP Addresses for abuse
For banning with an expiry `fail2ban` can be used, the expiry time depends on the configured fail2ban jail:
```
fail2ban-client set sshd banip 1.1.1.1
```
To permanently ban an IP address `firewall-cmd` can be used as shown below:
```
firewall-cmd --add-rich-rule="rule family='ipv4' source address='1.1.1.1' reject" --zone=public
```
```
firewall-cmd --add-rich-rule="rule family='ipv6' source address='1:2:3:4:6::' reject" --zone=public
```
Note that on Gitlab, you must block the ip address for the docker zone:
```
firewall-cmd --add-rich-rule="rule family='ipv4' source address='1.1.1.1' reject" --zone=docker
```
To see the bans/rules:
```
firewall-cmd --list-all
```
To remove a banned IP Address:
```
firewall-cmd --remove-rich-rule='rule family="ipv6" source address="1:2:3:4:6::" reject' --zone=public
```

42
docs/email.md
View file

@ -1,7 +1,7 @@
# Configuration for users
SMTP/IMAP server: mail.archlinux.org
SMTP port: 465 (TLS)
SMTP port: 465 (TLS), [deprecated: 587 STARTTLS]
IMAP port: 993 (TLS)
username: the system account name
@ -16,13 +16,6 @@ If the user wants to forward email, either enter the destination directly in
the /etc/postfix/users file or enter a username and then put the destination
into `~username/.forward` so that they can edit it themselves.
If the user is a new onboarded user the password has to be made empty, so the
user can login and set a password:
```
passwd -d $username
```
# SMTP Architecture
All hosts should be relaying outbound SMTP traffic via our primary MX server
@ -38,16 +31,19 @@ to the server. This gives us several benefits:
When a new host is provisioned:
- The *postfix_null* role has a task delegated to 'mail.archlinux.org' to create a local user
- The *postfix* role has a task delegated to 'mail.archlinux.org' to create a local user
on 'mail.archlinux.org' that is used for the new server to authenticate against. The user
name is the shortname of the new servers hostname (ie, "foobar.archlinux.org"
will authenticate with the username "foobar")
- You will need to run the *postfwd* role against mail.archlinux.org to update the
rate-limiting it performs (servers are given higher rate-limits than normal
users - see `/etc/postfwd/postfwd.cf` for exact limits). This *should*
happen automatically as the *postfwd* role is a dependency of the *postfix_null*
happen automatically as the *postfwd* role is a dependency of the *postfix*
role (using `delegate_to` to run it against 'mail.archlinux.org' regardless of the target
host that the postfix role is being run on)
- Any services on the new host that need to relay mail should relay using SMTP
to `localhost` on port 10027 which bypasses any filtering/restrictions that
are applied by postfix to port 25 traffic.
# Create new DKIM keys
@ -62,29 +58,3 @@ The keys generated need to go to the vault:
roles/rspamd/files/archlinux.org.dkim-rsa.key
roles/rspamd/files/archlinux.org.dkim-ed25519.key
```
# Gitlab servicedesk
Gitlab has a [servicedesk
feature](https://docs.gitlab.com/ee/user/project/service_desk.html) which
creates issues for incomding emails and allows multiple people to reply via
Gitlab on those issues and assign issues. Gitlab generates a default email
address with the following logic:
```
gitlab+<group>-<project>-<project-id>-issue-@archlinux.org
```
As we prefer to use user friendly addresses such as `privacy@archlinux.org` for communication a postfix alias is configured in `/etc/postix/aliases`.
For a new Gitlab service desk project, add a new alias to `/etc/postfix/aliases` as:
```
foobar: gitlab+<group>-<project>-<project-id>-issue-@archlinux.org
```
Then run `postalias`:
```
postalias /etc/postfix/aliases
```

9
docs/fail2ban.md
View file

@ -33,12 +33,3 @@ Add `fail2ban_jails` dict with `postfix: true` to the host's `host_vars`.
The dovecot jail is enabled for our mail server, blocking failed logins. Adding it to a host:
Add `fail2ban_jails` dict with `dovecot: true` to the host's `host_vars`.
### nginx_limit_req
The nginx_limit_req jail is not enabled on any server. This jail bans IPs based repeated errors on nginx error log. Default blocking is 1 hour(s). Adding to a host:
Add `fail2ban_jails` dict with `nginx_limit_req: true` to the host's `host_vars`.
The `rsslimit` zone is whitelisted from being banned with `ignoreregex`, as we
choose to not ban RSS abusers.

15
docs/grafana.md
View file

@ -1,8 +1,8 @@
# Grafana
Our Grafana is hosted on https://monitoring.archlinux.org and is accessible only to DevOps Staff.
A public accessible instance is hosted on https://dashboards.archlinux.org with selected metrics using prometheus "remote write" feature.
Our Grafana is hosted on https://monitoring.archlinux.org and is accessible for
all Arch Linux Staff, editing rights are restricted to users with the Devops
Role.
Dashboards and datasources are automatically provisioned by Grafana with Grafana's built-in [provisioning configuration](https://grafana.com/docs/grafana/latest/administration/provisioning/).
@ -13,12 +13,3 @@ A new dashboard can be configured in our Grafana instance to try it out and if s
* Export the dashboard to json (top left, share dashboard => exporter => save to file).
* Save the json file in `roles/grafana/files/dashboards'
* Git add the file and run the grafana playbook
* If it needs to be available in `dashboards.archlinux.org` create a symlink in `roles/grafana/files/public-dashboards` to the dashboard in `roles/grafana/files/dashboards`
## Adding new metrics to dashboards.archlinux.org
Metrics can be added to the public grafana instance if they are already collected on `monitoring.archlinux.org`
* Verify that the metrics are allowed to be made public and check with another DevOps member.
* Edit `roles/prometheus/templates/prometheus.yml.j2` and extending the `regex` of the `remote_write` block.
* Run `ansible-playbook playboks/monitoring.archlinux.org -t prometheus` to update the `remote_write` configuration.

32
docs/matrix.md
View file

@ -7,16 +7,17 @@ integrations with third-party services.
## Signing in
For the initial sign-in you need to use a client that supports OpenID Single-Sign-On, such as
[Element Web](https://app.element.io/). Enter `@username:archlinux.org` as the username and Element
should offer to sign into our homeserver.
For the initial sign-in you need to use a client that supports OpenID Single-Sign-On, such as [Element
Web](https://app.element.io/). Enter `@username:archlinux.org` as the username and Element should
offer to sign into our homeserver.
You will be automatically invited to several rooms:
- `#archlinux:archlinux.org`: A public room for Arch Linux users.
- `#staff:archlinux.org`: Bridged with the `#archlinux-staff` IRC channel on Freenode.
- `#internal:archlinux.org`: A staff-only room with end-to-end encryption.
Password login is currently disabled, which might exclude some clients. It can be re-enabled should
demand exist.
After signing in you can use Element's settings to set a password for the account if you want to use
a client that does not support SSO.
If you need to provide your client with a homeserver address, use `https://matrix.archlinux.org`.
@ -24,24 +25,21 @@ If you need to provide your client with a homeserver address, use `https://matri
### Our bridge
We bridge several of our private IRC channels on Libera Chat to Matrix, which you need to be invited
We bridge several of our private IRC channels on Freenode to Matrix, which you need to be invited
into:
- `#developers:archlinux.org`: Bridged with `#archlinux-dev`.
- `#trusted-users:archlinux.org`: Bridged with `#archlinux-tu`.
- `#staff:archlinux.org`: Bridged with `#archlinux-staff`.
Please request an invitation in `#internal:archlinux.org` for the rooms you need to be in.
### Matrix.org bridge
Channels without keys are available via the official Libera Chat bridge. For example:
- `#archlinux-devops:libera.chat`: Bridged with `#archlinux-devops`.
- `#archlinux-projects:libera.chat`: Bridged with `#archlinux-projects`.
Channels without keys are available via the "official" Freenode bridge at Matrix.org. For example:
- `#freenode_#archlinux-devops:matrix.org`: Bridged with `#archlinux-devops`.
- `#freenode_#archlinux-projects:matrix.org`: Bridged with `#archlinux-projects`.
**Please avoid joining large bridged rooms (such as `#archlinux:libera.chat`), as these slow down
the server immensely.**
**Please avoid joining large bridged rooms (such as `#freenode_#archlinux:matrix.org`), as these
slow down the server immensely.**
Libera Chat may require you to have a registered nick to join certain channels. Once
`@appservice:libera.chat` contacts you, tell it `!username <username>`, then `!storepass <password>`
with the username and the password of your Libera Chat NickServ account. Then `!reconnect` and it
will reconnect you as registered.
Freenode may require you to have a registered nick to join certain channels. Once
`@appservice-irc:matrix.org` contacts you, tell it to `!storepass <username>:<password>` with the
username and the password of your Freenode account and it will reconnect you as registered.

14
docs/monitoring.md
View file

@ -23,7 +23,7 @@ For general system performance monitoring [prometheus-node-exporter](https://git
### Borg
For monitoring our borg backups prometheus-node-exporter's textfile collector feature is used, the textfile is written by a systemd service called prometheus-borg-textcollector. Borg's last backup time is recorded for our Hetzner and rsync.net backups. Adding monitoring to a system is as simple as:
For monitoring our borg backups prometheus-node-exporter's textfile collector feature is used, the textfile is written by a systemd service run periodically by a systemd timer called prometheus-borg-textcollector. Borg's last backup time is recorded for our Hetzner and rsync.net backups. Adding monitoring to a system is as simple as:
* Add the host to the `borg_clients` group
* Rollout exporter on host: `ansible-playbook playbooks/host.yml -t prometheus_exporters`
@ -65,15 +65,3 @@ For http(s)/icmp monitoring [prometheus-black-exporter](https://github.com/prome
### Archive monitoring
The [Archive](https://archive.archlinux.org) and its mirrors defined in `archive_mirrors` are monitored using a textcollector which monitors the archive size in bytes.
### Log monitoring
The Nginx access logs/systemd logs are indexed by loki. For non webserver hosts the `promtail` job, for hosts with nginx an extra access_log line needs to be added to log json output which can be scraped by promtail.
### AUR monitoring
Some fun statistics are scraped from aur.archlinux.org using `curl` and `hq` as there is no proper AUR prometheus endpoint as of yet. The statistics are the AUR packages and users and is retrieved every 5 minutes.
### Smart
TODO:

25
docs/otp.md
View file

@ -37,31 +37,6 @@ You can then run
to generate a token to log in.
## UptimeRobot
Run
pass otp insert -i UptimeRobot -a archlinux UptimeRobot/archlinux-master-token -s
When asked for a secret, provide the `2FA token seed` from `misc/additional-credentials.vault`.
You can then run
pass otp code UptimeRobot/archlinux-master-token
to generate a token to log in.
## Rsync.net
Run
pass otp insert -i rsync.net -a archlinux Rsync.net/archlinux-master-token -s
When asked for a secret, provide the `2FA token seed` from `group_vars/all/vault_rsync.net.yml`.
You can then run
pass otp code Rsync.net/archlinux-master-token
to generate a token to log in.
### Adding your own account

8
docs/quassel.md
View file

@ -2,11 +2,11 @@
We offer a Quassel instance for Arch team members who can not easily run their own bouncer.
## Libera Chat restrictions
## Freenode restrictions
Libera Chat restricts or limits multiple connections from the same IP Address. Every quassel user uses
a separate connection. We are currently not near the limit. If we need more we have to email
support@libera.chat.
Freenode restricts or limits multiple connections from the same IP Address. Every quassel user uses
a separate connection. We current have a limit of 100 connections. If we need more we have to email
ilines@freenode.net.
## Add a user

21
docs/servers.md
View file

@ -10,11 +10,12 @@
- sources (sources.archlinux.org)
- archive (archive.archlinux.org)
## lists.archlinux.org
## luna
### Services
- mailman
- projects (projects.archlinux.org)
## archlinux.org
@ -26,14 +27,6 @@
### Services
- aurweb
## aur-dev.archlinux.org
### Services
- aurweb deployed with the `pu` branch
The database is filled using the `./schema/gendummydata.py` script in the aurweb repository with a
modification to create suspended users. Test users can sign up using the normal registration flow.
## bugs.archlinux.org
### Services
@ -118,21 +111,13 @@ Medium-fast-ish packet.net Arch Linux box.
## monitoring.archlinux.org
Prometheus, Loki and Grafana server which collects performance/metrics and logs from our services and runs alertmanager.
Prometheus and Grafana server which collects performance/metrics from our services and runs alertmanager.
### Services
- Alertmanager
- [Grafana](https://monitoring.archlinux.org) and [docs/grafana.md](./docs/grafana.md)
- Prometheus
## dashboards.archlinux.org
Prometheus, and Grafana server which receives selected performance/metrics from monitoring.archlinux.org and make them public accessible.
### Services
- [Grafana](https://dashboards.archlinux.org) and [docs/grafana.md](./docs/grafana.md)
- Prometheus
## patchwork.archlinux.org
### Services

81
docs/ssh-hostkeys.txt
View file

@ -97,17 +97,6 @@
256 MD5:7b:38:67:01:59:c8:a7:b3:66:ec:78:df:ec:dd:30:72 root@build.archlinux.org (ED25519)
3072 MD5:f2:6a:ba:b0:53:9b:d4:73:83:21:d6:76:0f:70:71:72 root@build.archlinux.org (RSA)
# dashboards.archlinux.org
1024 SHA256:+3thWVH8prQwcpDSmAUGuJugpHWWk5IGvHjnOsKaeZY root@archlinux-packer (DSA)
256 SHA256:b9dVKP5g+tEvBDxSVeDy5st0K/3MrlHqoIZreusIag8 root@archlinux-packer (ECDSA)
256 SHA256:DvYeApOHuG/tZDiWHwAoOkY5ayT0S32fbCyJEMMCJ0M root@archlinux-packer (ED25519)
3072 SHA256:wqlRFmjOSlBuIbYMxCaSF0rmZ/dk322rS12rjXX+qqY root@archlinux-packer (RSA)
1024 MD5:c5:d6:c1:4f:14:90:8e:74:cb:dd:d5:06:05:88:3c:6d root@archlinux-packer (DSA)
256 MD5:da:b1:48:49:e4:78:e0:d4:88:01:be:20:cd:11:b9:1f root@archlinux-packer (ECDSA)
256 MD5:5b:6b:10:c6:78:b3:ad:cf:0b:3f:84:e4:24:7b:92:5a root@archlinux-packer (ED25519)
3072 MD5:2c:88:5f:24:07:2a:63:ef:86:27:1b:f1:18:2d:fe:dd root@archlinux-packer (RSA)
# europe.mirror.pkgbuild.com
1024 SHA256:Oq3eikchfo8Wt6AUzWAiU1mDR24rXudJR/zqKBFnrMo root@europe.mirror.pkgbuild.com (DSA)
256 SHA256:3S0HuO72jHUUrPM8BjfcjsB0FNXkubxovc7Sm5jZBjc root@europe.mirror.pkgbuild.com (ECDSA)
@ -153,15 +142,26 @@
3072 MD5:50:c8:93:43:05:d5:73:a4:84:b1:07:66:a7:20:a5:79 root@archlinux-packer (RSA)
# lists.archlinux.org
1024 SHA256:/o3BhNZ6MdfHXrqDzVxP5OgKcTmo1/e2v80Xb+Q2ypc root@archlinux-packer (DSA)
256 SHA256:Xe+YrG+IfhtQkNft+SB7UsTQCIgbqNnqMl/Pqs6uzBE root@archlinux-packer (ECDSA)
256 SHA256:fAKD+26rDZ74MOMWZI8L3k2c7RzTYd69+iwKp4zhw8c root@archlinux-packer (ED25519)
3072 SHA256:NyspEiVRnuRtL854ErcdybtjoBia+miQkpuToYZEl78 root@archlinux-packer (RSA)
1024 SHA256:az7ZHreYtkvFBgA1goSjry0/e62JKhk4NRXXgT/+VFg root@archlinux-packer (DSA)
256 SHA256:vt22ZCpoWg0/L5uFfNsbrZ5EkdBnOh5G3jENuBpQeGo root@archlinux-packer (ECDSA)
256 SHA256:E0ivN9XqSi7U9GIPQ3JUvw6CP6uiS68M5No0DA/BFfI root@archlinux-packer (ED25519)
3072 SHA256:5YZCzd1C0bVsaye5l/lNiqsn1/IdOGjTmHqwyjV8lc0 root@archlinux-packer (RSA)
1024 MD5:fb:bb:0e:a8:0c:5c:41:5a:b1:d9:61:4d:e5:c3:bf:b1 root@archlinux-packer (DSA)
256 MD5:56:43:80:27:a7:4e:4c:1f:a4:14:dd:d1:eb:37:13:a9 root@archlinux-packer (ECDSA)
256 MD5:3c:91:d8:b0:4b:5c:36:40:79:27:8a:c7:24:d6:26:af root@archlinux-packer (ED25519)
3072 MD5:88:99:f2:47:b1:e3:3c:99:52:67:d5:d5:55:b0:af:2c root@archlinux-packer (RSA)
1024 MD5:74:6b:bd:62:a9:52:52:e9:f7:78:fe:44:8a:fa:4f:d2 root@archlinux-packer (DSA)
256 MD5:ed:60:7c:e3:d6:4d:5a:f5:b9:cd:9e:30:4a:6a:64:c0 root@archlinux-packer (ECDSA)
256 MD5:a7:2e:f4:3a:3e:34:84:ca:6f:73:05:0e:2e:da:60:d0 root@archlinux-packer (ED25519)
3072 MD5:ae:ad:58:b8:0a:12:a7:d1:86:f0:c6:ba:fa:9e:ea:9f root@archlinux-packer (RSA)
# luna.archlinux.org
1024 SHA256:9Nqu9y1LhT3L3Kd6J9CSyuOc1AdGWo0eLsPxoc5bpaw root@alderaan (DSA)
256 SHA256:L71Q91yHwmHPYYkJMDgj0xmUuw16qFOhJbBr1mzsiOI root@alderaan (ECDSA)
256 SHA256:HQ03dn6EasJHNDlt51KpQpFkT3yBX83x7BoIkA1iv2k root@alderaan.archlinux.org (ED25519)
2048 SHA256:Ju+yWiMb/2O+gKQ9RJCDqvRg7l+Q95KFAeqM5sr6l2s root@alderaan (RSA)
1024 MD5:f2:56:a9:3c:4d:f9:b7:88:7f:e4:a6:7c:eb:55:c0:15 root@alderaan (DSA)
256 MD5:11:d1:4c:ae:9a:4f:15:06:d7:c8:0a:b4:08:02:aa:95 root@alderaan (ECDSA)
256 MD5:1d:92:08:da:8e:a1:fb:1c:c5:65:00:c8:15:a4:87:32 root@alderaan.archlinux.org (ED25519)
2048 MD5:c4:7f:00:d4:5e:c7:23:45:97:bb:40:ec:15:ce:7c:a9 root@alderaan (RSA)
# mail.archlinux.org
1024 SHA256:/d3MC4NoQbPSNgNebFyzNCze4HVHPhITVWy9vWdZUp4 root@archlinux-packer (DSA)
@ -175,15 +175,15 @@
3072 MD5:b6:14:30:bd:fe:43:46:6a:20:a2:8b:b0:aa:d4:35:19 root@archlinux-packer (RSA)
# mailman3.archlinux.org
1024 SHA256:uYhlq19YzcZ8PEModMv2Y65xsiq1H+mjdwZ8PtbPET8 root@archlinux-packer (DSA)
256 SHA256:85YiWFreKiw2Pv/XaKTqs0J0VInFtyVahpDRx2O9/B4 root@archlinux-packer (ECDSA)
256 SHA256:b0mcOvNMzGrekDDtx83ZB1p5kN0meFek7zz1LbkfeHM root@archlinux-packer (ED25519)
3072 SHA256:5hC4XSzA+/CgpL6cLYt0UbHB4aUs/o0IPxSScZwoi4A root@archlinux-packer (RSA)
1024 SHA256:Vs/PxyU74qe6uR5EUUMWhDLA+B8lBQO2PEbRSmZwzYA root@archlinux-packer (DSA)
256 SHA256:ARXQTmcvjHISznthbjI04GBOUEuQAIT2v/fRdAg3Zqw root@archlinux-packer (ECDSA)
256 SHA256:R6sapXFYhonwFNXA90p6OMy3vhKD9P9oPd00/BeuPTA root@archlinux-packer (ED25519)
3072 SHA256:xIJSPj5r2b3WEwwyx1qG7cCysqFHQfELUGE3vaRlxsM root@archlinux-packer (RSA)
1024 MD5:3b:20:ad:1e:65:d8:3a:2e:09:69:62:46:e6:d9:6a:3e root@archlinux-packer (DSA)
256 MD5:8d:ee:10:9b:05:56:b3:c7:4a:de:00:ad:95:c1:95:fa root@archlinux-packer (ECDSA)
256 MD5:25:a8:b9:3c:fe:74:e7:7f:39:03:8e:23:dc:20:eb:bf root@archlinux-packer (ED25519)
3072 MD5:20:a0:74:13:bd:97:59:11:75:a4:67:28:92:c3:40:35 root@archlinux-packer (RSA)
1024 MD5:93:7b:7f:47:09:5b:b5:bf:a3:ad:f7:5f:a2:a1:e5:dd root@archlinux-packer (DSA)
256 MD5:e5:30:24:b4:03:0a:8b:07:23:5b:8b:9e:68:f3:7e:45 root@archlinux-packer (ECDSA)
256 MD5:91:95:e9:e2:1f:17:24:66:10:ae:29:ea:90:41:d9:fb root@archlinux-packer (ED25519)
3072 MD5:97:9f:77:0e:f5:99:44:f3:ab:db:4b:f4:4a:98:cd:dc root@archlinux-packer (RSA)
# man.archlinux.org
1024 SHA256:11C7Qa1GSNBBspSlber3Sp+LEMRpfr/VWkypfu6OnhA root@archlinux-packer (DSA)
@ -318,15 +318,15 @@
3072 MD5:42:0a:57:89:2a:ae:e6:c5:c1:ae:6a:a2:bd:3d:5f:dc root@archlinux-packer (RSA)
# runner1.archlinux.org
1024 SHA256:/8lwFrCJznKrOXlMWWzq2SwInUAdEp/2WxpL4VMPnTE root@runner3.archlinux.org (DSA)
256 SHA256:VIbire3ek5TUMOFgLAO/hQV9FG5/OYWSJif0CziS/CI root@runner3.archlinux.org (ECDSA)
256 SHA256:gWeV6cBQPoe6hrqtItOVhv9Wr7Awnzgt1YcnzcmArJM root@runner3.archlinux.org (ED25519)
3072 SHA256:Ke3/DVYRlx8EA/JzmdD4evxbyVwPQ3rQAroGkmScpRs root@runner3.archlinux.org (RSA)
1024 SHA256:TgWGBKCSo3rkdYuP4mJzGtH+Ucub8dmEJXnnzrhUSwM root@84.17.49.250 (DSA)
256 SHA256:2OEO/Pv1OxCLaVg9r8wHzTR7V3YTWEw//g7LJgIBMGs root@84.17.49.250 (ECDSA)
256 SHA256:nXpZ/R3IuOEAasoIvCCTkdMlyNjCnWVTvQBh6xvycIg root@84.17.49.250 (ED25519)
3072 SHA256:Ii5JwUoEKXV37rdjnsts4k3ppbEX+GHYjBC9mygdwY4 root@84.17.49.250 (RSA)
1024 MD5:68:27:02:26:23:b8:95:cc:d3:82:34:57:54:61:29:41 root@runner3.archlinux.org (DSA)
256 MD5:54:d3:ac:fa:52:e6:38:be:09:5c:51:c4:5c:3f:0e:d4 root@runner3.archlinux.org (ECDSA)
256 MD5:fe:fc:6f:0f:0f:5e:76:25:ed:ac:6d:f1:5d:22:94:13 root@runner3.archlinux.org (ED25519)
3072 MD5:92:43:38:30:47:11:2a:a3:df:2d:df:93:ce:3f:cc:d8 root@runner3.archlinux.org (RSA)
1024 MD5:31:f6:9c:50:d2:80:f1:fa:b5:50:c5:06:3a:9e:80:cc root@84.17.49.250 (DSA)
256 MD5:ad:cb:d6:53:cb:42:8d:33:26:99:33:fd:c9:19:a0:ea root@84.17.49.250 (ECDSA)
256 MD5:c1:7f:43:ad:dc:69:17:b4:33:df:bb:94:00:22:33:5a root@84.17.49.250 (ED25519)
3072 MD5:da:9f:ec:c4:f3:c1:63:6e:ca:f4:9b:ac:32:23:d9:74 root@84.17.49.250 (RSA)
# runner2.archlinux.org
1024 SHA256:tK3XeUrt/ahlj1fdl5tQgeVXticllUIaewK2y86Jvzc root@runner2.archlinux.org (DSA)
@ -372,6 +372,17 @@
256 MD5:2b:7f:a8:75:ef:38:e3:c3:f7:2e:ea:9e:73:fd:3e:d5 root@archlinux-packer (ED25519)
2048 MD5:f8:a9:75:e2:99:4f:ae:2b:70:72:a2:ae:9e:fb:f1:a2 root@archlinux-packer (RSA)
# svn2gittest.archlinux.org
1024 SHA256:R5uXRsoC0CXMxAE+dV6Ola8K1amyK84VFknjM9QgonI root@archlinux-packer (DSA)
256 SHA256:CVc0FXXE1DY1wmwoHCseGg5TnzYOgbf6adTbgstVWx0 root@archlinux-packer (ECDSA)
256 SHA256:kcuaxYVB/oCraE0q+ZsnUeozpVJYYDZ24tW5MEObj1E root@archlinux-packer (ED25519)
3072 SHA256:YMH0JwP+KqyNZ0JR1T0e4SrugZUGpwiUCHKwndHaAYw root@archlinux-packer (RSA)
1024 MD5:be:c7:a8:0d:86:b6:08:b6:bc:3b:f5:ae:d6:9d:2d:55 root@archlinux-packer (DSA)
256 MD5:62:eb:27:c4:a1:6f:a4:21:ed:50:6f:dd:bf:37:4e:ab root@archlinux-packer (ECDSA)
256 MD5:9a:97:48:f7:11:b3:32:ba:fa:ab:9f:0c:41:41:da:e4 root@archlinux-packer (ED25519)
3072 MD5:f3:11:d6:58:f9:32:d1:34:fa:4e:d9:e3:d7:c8:6b:f2 root@archlinux-packer (RSA)
# wiki.archlinux.org
1024 SHA256:MnCkxFpWB/mTDRHPVB4RLuSPMNfPQyotpFaWuc55DCk root@archlinux-packer (DSA)
256 SHA256:26K98Dg4laIWFt++vxGPiANR6w+AvxgQUTb1TzeLilY root@archlinux-packer (ECDSA)

39
docs/ssh-known_hosts.txt
View file

@ -43,11 +43,6 @@ build.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
build.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmifn4KBLX24gBH4RwdBzYwLCSyVM1UbjGWxdtvoN1k
build.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9B5/QjC8I8co2r7HmqHLXFo1VdAsrGHxZkdqK5xcU2AMkkWE3orjza83em6+rX43NbHytOs/59h3wN8y5T0sfSD37gn/1WVkyP+/H+QvqNPSx7pgx4yu7tcVjAuxgm2UsObSymRJlxMZ4/k26JY/r8lbWAamYpzFI0aSJAvxkTvhyWU6O3VoVWm9TaUjXTATGBPanWaxAfrVnW4x3CplDPEi1QcwUuPfbJLgtYSyw8M7Brklftr1/stoViK6lVP6uRkAqThY9qsxgbfKhPVlsNMQ3YBHzEWGtrRghHTiDJh8JVTkVfpL7pB9hkFeJiutemwKs0b/4eeikLnUwCIX9cluJPPdJiZEhE2gWA1yB3nHFVp/qLN9nSO+UyKxfUSiOPgkfmp8tbEPkzDUW1H1xLwRZKKQ6OfiWk+IUmkbm2VqLv1SuMpVjgsHjKexMgZrejvh3YfE0PR4+JHpTjnaTL1Ywfr+YH/uJ1cwd2xQHXhIQtUicEpcvnRGPEeNAOyM=
# dashboards.archlinux.org
dashboards.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCAfVE0DIkafjiLvlCYuHqdqQSLpFHusNjF8DcXcpQjZxlxwBFpApqoPdNbN2Bry/k7lwonciJ2qE1uglrgKY6w=
dashboards.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBlMtNCc3M9ZlCFCXVzdRscvJfB6DJpCEeOoraVD4/b
dashboards.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCfE077N+TtbUCXn4vau12+OhnrSM7GY3vyEDF5+GkVKAQA3M2Cvme8K0o64sAnEegpGDAysVVCg81vlHonqERFxCp0Reu0qvbIqMc4nsesGUyM8Mqps7BJtZOiYUv6cWZAEeTvRvU1717M+43Os/q/3YFOPSvC5y7Sud4JSmOKp1+zTbDZF+9kL0EjlS452FaCcAA5PG74LsZzqmOwbw+TyFwE73Dt1D7CifFoTwejDFhY5mQoGHuopwO3BA+cqfM2v3LNq0j2AuJebq5PajK9YzdNPEMqEoxw6U3VWpQAU9QNkxLrxsIT8Vu18YAFg84520ie3GQ49F8Lj6dw9qBhUzSMHoLdsMFKwUfHJrYeXNsRpQNiPOlqXX7QCw62joF211Er5cGf19rFGC7y1F2iG8MWrSEW6x9rgrgisBT05ecGtyEx0LXH/vINAhA5/zvWjDuefn/wCSy7IR0I9n7nSTXMXm0/qr4brtsFA0V+O7mmAA9ErclGE6lIBHpWfd0=
# europe.mirror.pkgbuild.com
europe.mirror.pkgbuild.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBASkHNbJZvfME9OAFLZpxoVMt7JfKhN8/VpH6JPRD8eRXfXc2Wt0YOZQGzJsrUNoFchEUUGeNxs7vmj8nwtfqGI=
europe.mirror.pkgbuild.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6sVYSrTIVj+xwyC5uJdFVU+X50tAIDEndsnGta75C7
@ -69,9 +64,14 @@ homedir.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxEHvFCXujU6s4eW0U79o
homedir.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDuQbGoCSIPisaZeqtJhM369ugQWc8pHE8404AZu0yUgDxMl6AP5BUfdynlR6VGt4edSaEyp9BkT15YaKh5vph/9MUtZ2zbQ7WPRuvfLNG+RI458q4CYdykVMmTs1DEeAxaVMIAL3225pqh7QMcME0edX9f4PLLkQk8+AAAy24rvgwxLE0BnSLB3zp7wCJw5rm2iZAcqsKkIZw2FJKMlRuEovdvgc7A0FfkSc8muvvHET1FK/Uqv5i9R2Xk3NPFkt/bzcwOVBXCeqUrjLmD0UhRWX8J8GMmrEVPVQLBT6mn/OtlXpOiDcr9HkSLS1mqo59N9wyI4tCKjYQZMEWU36PYjXlDzqOGmdAR6Ly8vDo3BC+ByQqLf/ixkoFD/I5inGejPnAv9eXuiP8o0KoPDOALD8gqwqCoPjElE9ZVObp+NJbuQeXRZt70VKxZEWrUKxKxHM3RoYvgd3h/GHaYEGWdbvTMTVK+xnrczL+Eme4Y81zA8KTwY5qbyc5QCHvksKM=
# lists.archlinux.org
lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKBHMlX50Jr2HiVJ/qDSH3mAjobpbBrGvBRXTKB/xXFBiVXCbJQCQ9HKXQZunLALaIm+jAgpskbXqLQMEpWzST8=
lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVKwNsXUXpgNhlwPVlBRNlpvOt0U9deANS/n//nxbe1
lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuKQnkGRdXyu74f92lzJcQMMDjTzVXkne/mLHiMYKQWlboIBIry3FkzyUGDLbNlZOe4PNR43D9FI0/1EjAuVV72HVQ9sidCbJR/azw3+JF8zwU1HDMOhtCNaWYNqk0DHDvHuWhL6N0duFASf+ZTKRB5Rgk3+p0FisKMCep2vJy5kHY0829INk6ORgPxYzCHCZOLEfZX0aydwscTnubKq1t9blWUdqKSm5Xq5+NEJNPKlo6TgdcBihkdAyaGnZ9KWrXycV6j0UaT/VJNuumZ9KlsvI7Xi/TVDWcLcsU/UqeEvnzUi3oRrvkADzIcoFa5/QrSRQJppKAUgjuhOuk+Px38IIvRdrwDxDoChei+qU8S2O24PP7Cu4oYZ/ecGb8wJleEWVVaYrD5JTEugg0iTe2t0LJiP6rTC1faxErZ9wru18nGNWYR2b+b1MfBzppAoikZUoqygKYYLAerHj3B9wFmw2RJG8JFZ95lMukJmDG8kCYz7eq753PYAAmpFZbdZU=
lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMaKy4TZsOKC5tAJvfEXdIeLU+TMVHiwlJAWxSl9MKikkyf1Qmh0NAMFv0tYd+sJSwwaW+AqEuVnsO+JponGIqc=
lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIWh0NnauWbG40MJHmMisPPGrMkY+jumTBajLllb9CBQ
lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9A62LNNGbjqdpEBbinEHJMH/RhjcDIH0SU5BbJB/WONNkhcNWZ6h6AnyEhOhspHLNBxFroQf3voQ8Pfu6gBf9YeWe60j2aSMQBwnWIug8TB+HuPrOWTWdjEudagZjdZ3jdVRX2Fjt8/C2QL2JfRFZWEpWKOa79qaBOTF3qbvNUJi8iggC4zSAwJMmJ2JwCnFBz69sqFWKTgPCE/SzRZodHAiDuO7XSCn+zPaG7re8P6YZz3eQSizcJMUs+t9L17ipqgUVDwUj9+1+q6YSxxNE4t43xYcUEQMIn48XzAQo1ZBhkzPGkV2ezttDkpAJgdKI0ssOoG2EA+1zLF7rKgBufLP3Fi03X7r77ppFrtKyBcxFYoChs0Twz0lV8JM0qcKWXldmu0s2+1o5PFzx+qfsa+EQiczydgZg0Lg2hOhx8jfGI8HQCbYqw4CirItVYF80/HA9jxt8ZQiKsJCYiZ4/4J/pd0eQlpmyy73Zf49CMwxty2HzNMFmRTx7ksqrbu8=
# luna.archlinux.org
luna.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOZAVWmj2k+dHTfyum7FyIivGcVUkDFHaXmPNxDwF7l8TvkAN8VDQJHEEGJhALMYtNsQ+kt0gksSh4HZqj9n5hI=
luna.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2DCBtPSTwWvBU3/3bAYwJVtnAmy+GEJf98Ek5QhOXh
luna.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDErOc9MQyj8vf20sZrcVOU+bxfa6B0DVl28pUdG+03seGM+bTVT84HnCcKwz7iASvGSJSAWfzYUQa6Gq8JuDWATd419L8Rtou0UEoK30c9oprGfCmB4extsFkEpMDihnvpUyK/qwBukCY8WxRx9MsZAVgmyQSt3ibBrExnm0+RckctYlJf19/LF+W1ckzNcnbG5Yc/54W7/B2P4iCglniYZMjQpfVPALVc2Iew0GpEWj0wQbpxenPgOZWDgFcQCYxHGgCVUaBSTcbeT4CgwqI4O1+P2X/JVkdwYfD4+j99VQAlA5z+jsCsacMqRiWSu+p7urCED2VIoApg2fffwtv3
# mail.archlinux.org
mail.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFvJy2P8zOSKt3EocULHN85PVGW1AINk15+GilqUc5a79Zsy0FvWqV16fjxLRN3zIOkBvSKZMvsNadja+quEr9s=
@ -79,9 +79,9 @@ mail.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTOoGxsf23f6AjIHcQQuvbTO
mail.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPrURadxte8UJiteGa6+Q+OjTAjhvGAQFkNSXj1pr4k03uxkU6l2v2LuTygk+4SZSCyUsKvNx/ljJeHBnuecQ8rRv19ZFqy/GQKB3oEmiNYMo2dYYlJWwTVBHatmghhB1j2y40yqdKWH2xQuXC3HtnS7fHG0g1Rc4R9KB4MQlcXkwnSEMpwpWBoO7sr0M4YTdwE+nSG9aNfyPbPGp3mX4ATz5X5hPJOlSFVDV6NuKrA+5qyt4jSKdeG5IuWeEnEJesYJEvShYdY9DvMCXnZykB0emzzk+5+Cp2lTPf9LOO3wNsTgHV/CwkoAoMgr9+ASefhBr3nxmmrs9T7nwuobGCGFUqQ2D8IKCmsWGVKXYERViz3x/gYUIlHgVJpoIXCFFqbdpWwxKR1aDMug2fFe699/FzuPdqrWPFdQMF2mPQ0w3AH/62KGp+PULE2HxrlCiY/gF2m8iJLgunxVKmi/c0ufgK9QilnKcPO+W4tcISa5MYt7MSTTLV9eVsgVjGhOU=
# mailman3.archlinux.org
mailman3.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFIHctq5/hKXaU//Jkzifp71ePIzcxdlxE5SZz1e7AcNp0Cci9W8A8NPtP6DMUvv4ezdKp+A/Czcy49tQolI30s=
mailman3.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL0FZBrH2DQQoGn85t+2PN8t8FmUst9PsEsmGekfFAc+
mailman3.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqZnMXg8rPkeKh3w9U/rNMc9NXjLu5K7Azfs0o/rIm3Hm2thLJH4i6hVGpSIfCw77WzoW0kotAEMkX3WaO/MXqp7qWiEv5Xy/Y9p2YNYdCdkhDdDhmuHSlYT+acnSHVPSjdN3SaaxXoN1/GAb5jlRMItZncind3gU0G6Kpls6N9tHsbjNqOG9Yv6hAlYfyVn4Q20H1ABLCJSUgWNOXq5DrqOLddblajbg4gQ8u6tYSpKDkPyEA8vmOueoTcwzB7k+aZRJmR9CVh5tsYc6QyBlljkFY8xhwLxVRMAe7dPND7LsTbfO20zVlZ94rPkTN46lb9ekrVwlzLlFd0nnJ2iWFiBU9HKelsxj5r8OorZfRkpXa8QVW04smQxycgHutEmsDGob5OFYkAPrdbuE0vA8KOk02D8NWhFHcG2nR/zMohNEJQsoTIHx7xeagFrC4Xgn7M+nhCVIIpbAOkRFjHAr4j2fGHjLzxV3EPkLN08aIcK53uHZTo2YSHL+JoU936o8=
mailman3.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBE6mE3BtsReBFLagZwLn1Mo3N7RIqILAzFMOMUINFi41EEmGBNinjwOfX0qNx8AHo41g+M6Yu3CiDcC/BimCWto=
mailman3.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIxf1nIo36jwbX9nkuYIcbE6t/jVxY7Fnlf99u9MWSvt
mailman3.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDaAmU1BnGf8S9QJUch42cpsQ671gMa7SS6+7L4XwJPd5Dv7rlBgKsCCpssa7NNCEUSTZyFr3Wo8RVXsZwjvisYmqS3AR6GeZ94zMMnOK4QlwsvMQEUwdR96PF+ANK16tJ94KENIQLDUB5gnz/RitRV4k8hVTKuqKGDUFlzzlVl8X9evwgOPyWImPVdLiCDIi/8lWz3qNeEfaFkCqLwr4nZi+b9K3qJVrR3DdKmGutEg4m7O1DR9RNBtzq1oTW49Uhv2W/7t/1MTYzmHA4yIZQ25cbi+k7Q6hY0j1oXAJ4NWOqcPM2arNUJWN4m0NlispvdJ81l7AIhXzuX4XGHGtWzhFsfweVgTnDYAsq/Hra/LB5w/43fKTqC8Lqty7JyllB1/9J6JoSGvx/e7JjXdJS8lvwMN3LivAfUbWnGz+Qs9lfKNT+dDRLryO086+DKCJ1jL7MqovRB0CZHHfUvXZ6YKQciyCWD0RM8pFa0DUJbG9b5XRKDI9KTvHRbL2xb0n0=
# man.archlinux.org
man.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPhnsStoFw6rbVpE1S1vsXNk8de1SyMag1C+v0DWVSuNYzTylYg4322WbYzw45z2XhxrF6XmCSDMvgxvFwnfLQA=
@ -144,9 +144,9 @@ reproducible.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDjL6uJx0faep1bFH
reproducible.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/kp2Rm2jhGQn0PJskhrmxUkYDDeEC8tXwvR+J+t40KACQnqi4SMdeu61Jyy2NBdBOw3muegb9kspOzN+NSQFpjYhfkYJGswyF46vTkgXUWJpuHBKiWkWmZzVKcveS6iAOEDLaeAesRHmcuEjaK323d0QDf6vJ4Gbb2veFoW5Kip37phrjZH2RCCLFdrw1IGopPuKHYDGwIIqt0hQLSkyq/A1BgmiR+eo4S8AlN7D/w0MVz7bKIuQkSmm5taTjo9FpOJJ0O6KMFXrXCPKPDuzSa/zMSQgNw+JnwhjQRbnH5AUB+xFe/qt8wstBGE/VT7WoyOsfTvfsgdQmz55BgPxR9lZI+rKl43Lp3zGojCaVOd+9wV08DgGN13W7imGqWuVq0vPyIkGl19Ch5mgemED49g2ehddeAUt0FR/MM8ewD1U4cHYpd4PHLgOdC9KfGvRJkymWFPd/EypwhEdFSCJ4BNDbQfYl4ciXnuTmbh3eM/Z/TjAmztQqAok08KAQYd8=
# runner1.archlinux.org
runner1.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKvHLgeAi6GFIpXYVDRfiTW24QsQeTCDTEB4oiEfWyt6fge/3kmLCQ8ho0r3BuGdZSzDBJdLhMOEq3T0YL2nCYU=
runner1.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+eji5tWpLLWOJKqWJSW2niUQNxPaY+AeKXxFCQ+u+9
runner1.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDHnXZd8LCb5qKbKFUNVYDNRCRFhmm7bjx1uMhy6yrSj5D7S1LacCra4qPLpQmhDZOgcslRzUue7ZHr+TNbYFxkBc2SsffkqgPovdkpMc4JkSA652vAqzeQKVcIhpgh7nk96JAlTP9y598Ud574CTIxzIXgldr6n+9UMqErSg1tlCXCkCBQ7aA/TVKWoVSRrdTJdWwzEUqv3espq4MN7H4gJLJMyqEDlYIYXuiKU0PSBC+piyPu0PZto6cTLY/l9gvcTmF9XM6Z8KIXuz7KHSsXF594SI8712WW2o7l2VyQhHkwg7E1YTEcZ3L7+g3Qci1Pzpu+85dkg8dyVJ8VvBAAroybB93WZQKC9q3w55rReoVhOohoL2HDTcpKo7gE36r7L1CfyS959x52v0QA99U6IQS1u9apoMhIa83QPSCbnSzhBlXesBR6hTuxEDapBUxEmqGa2gMoEli0VSOpNJHFUiDGzxTPhODcZnoqm3VRlVSJmyqpev/9AxgPdF0l4fs=
runner1.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFXWZCrWgRV7mPbjSLccWOlq7W0TwWyeVc/BWwFMstmBFwEDwo89VseT9zfaabHgPjLmTaN+uzQg75xNIzAJl2U=
runner1.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMO4pNVClWcKyQXI8oqhqDWKxYkVu+/1qUIz6vkVG2St
runner1.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDepdBpbpetW7NjMX5H3r6ZJj6lbde3p5RswTM80pazzOacXaRH8SHo0acuyabsJY0LJxgXzq9wZXvVasQ4L2zV+byPXvvT8CoyPtgeknk53beByNNvO2PUPuidtXhVspDAhqL/LNxUUBbel1ATRx+BX3cUo71A+NoFT3p6I5zIsUWbBfPP34Idckj8T1+54pAJ25bf133ustQfoOU0pZs+JsJEnFpMK8qrLk5Pt0OcvvQ9/42OI7ZSYg/mRaRX0JYQCAKyAIhSlrCynrpmj+wh38YnbT/fB5uBt6Gv80rC5e7lvRBy09MXK35YeN8Jr7rXLedH6XGBCf0IrcS1bp+JkfXPjMe9uDSQyK4ujElrYcVZlbrt4OyIh0OGgShmOW+pwouerypHuSzzjeDH8kl0UUa+ZijzQvIrm861EbHmusBVfoLJBVUQk/bPpUh+Zzu0cANPDEE6RjzUsFRReAga4NIqscOy7/YNNc4aAVyVLgFEquNBvUKsXWJoY08PTDE=
# runner2.archlinux.org
runner2.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBUZk2jW9uO9Hnjmbf9Bnpm2/HrR5vg8wpVPIUgcSQhkoU7B54j28UgVvnmcEeoD9gyO9gH9gJG9xN95kM3JobI=
@ -168,14 +168,21 @@ state.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
state.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbZyVxaIdyd5f/dhPN7qGBnOSpLCYzoEqAKuakhi5ou
state.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoH0lD8Je2KUktA0RWREiN9v2oIpl/kTZfXZw7LhBaJLdZorqGLI/Nu0Kzb+7Wp0RvcNi5eOpLtFctAwIEs2nEvkPHmKH70KoMBiNNzMWHK6IwTH0EdyYQzjOm4E7qWtbIdK6vSUqtLwgkfaUJ+EokJu51632hmTE2Bk0I12K93hjODmZnM7GhGmSx6h+3KrYfkCz4a2PXVpTptvTTl5t4SkFQMdioQ6k+1m2itjhhEujkewl4N6rar6jB6b4yGHlPZN5Y3lmYaQhraZwen6kuPHfjuMjtkf6lR0cqoK7FvwwrkiXcuGqS8xcVYmRsqRQdXZzLORcMSW4wjlizwQCd
# svn2gittest.archlinux.org
svn2gittest.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPUurgjvGKpn7RCQwlSicMzwLowQ4M0Gtf60GE0Rl5nN2XUGe5lDl/A0bUi16dHCPEUbQWlmBxNBNoa0r4bwo6k=
svn2gittest.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFgvu1kXUUucO0ss+A+cDR1dsn71N77T9U/wWtcf+1w5
svn2gittest.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/2iOTxrCAXRfpzLfJzvwlnISD+G7wxH5aONHybVga3O1p/KQv8TiTK/+dqnH9ZW6KBPnQjtsIEmzx/ZIr/aAMeZX8OwZAl1wbKdFSpeCAhJtK7zKGr/f8qlYttHgttiGq9PJMQ8bwldaAWEllgFhr/hveKPckfACrgADTJStaWW7eeqAe28BjqHm7BpT/jO3DAeVaHrcY8CVtHsCFUXCoHSFf5ER3QOH4LTfqM7Imz0cK8i29x1H5RruM+pzIMaHthabWHERwE/V/j0Xt0gEyfXZOWK5K+3ueZjVl5yUsvpSxoYSQzpQg+rvsnN7L7qRYjA04bI6NWopFdpMKzk0NcVF64tR4wfPfaaTjYdH2HU3uO/JRtN4IZmFdI2vL1UtycM9w44humZyNUGjeMUBFbBwwPGTAkcTWjPW8HLtVYjgS6Zl5/cBjLSG90qpg7hPo0V80ybRRRJbOH14txlX4z2btxCiurHCi+nxzYBABGINsZgd9s+7AORWtvfBGo0U=
# wiki.archlinux.org
wiki.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFtDdXEOfPTQfdsZGHIHRtYZaXZLV6lFddU0LkzyxlsYhHf84sWDSMKrQcJn6ywBInh00K8BE90N6H+mOgiLaeY=
wiki.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILFxxvRi7khrt6mUQGiXX35O1MBrrDeEmvaAnWo9ql/7
wiki.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZQmj2D2B66bBHzze7+LEITju0rmtJT2rYsV/1GGpEPg6q6GAkUnIgRpyYxRn+UKRO9akDFXLv7W02h86cfbxOjeHufGMy/Y7NCPl2OSP9VauavJ3c3v/n80nmntU/Ji/U/p/roP0z+/OPgdWymFm0n33cl+XhmNOUumYQ7Y3z7EzrvCFZo2gt1EYChXb5Pd32rkd9tiwr3O0/M7TEiUxODzoD1dum+TJafUttC20V/4Sj8HztPx2BzhRugXfeEDbVlYvMXMMYgxbbhXLZyuE/dCaYpRvuekouAob7voIRSUaNqFXBLcGgo0udRI0mnKLgTb5bMprrRZ1zXIBU77H3gWyfHqe2I20arhXivtsHLEOZi0hc2/ni15WqkNS8G23n/+hJ+H16bjVb6t+8opErY4mL8T+F6OkxmNo8d0ztwUdxHEa+fvNPQ8UO6W4CN6kNVB9JE4f8j9FeHQq8rtlzo0wjUof4D7PhDn2WYA1l9RDiuRUxlGS4waStmttM3dE=
# zh1905.rsync.net
zh1905.rsync.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJtclizeBy1Uo3D86HpgD3LONGVH0CJ0NT+YfZlldAJd
# prio.ch-s012.rsync.net
prio.ch-s012.rsync.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO5lfML3qjBiDXi4yh3xPoXPHqIOeLNp66P3Unrl+8g3
# u236610.your-storagebox.de
[u236610.your-storagebox.de]:23,[2a01:4f8:b16:3000::68]:23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs

6
docs/testing.md
View file

@ -1,6 +0,0 @@
## Testing Ansible Roles
The following projects have been created to allow testing Ansible roles locally to some level:
- [foxboron/infrastructure-shim](https://gitlab.archlinux.org/foxboron/infrastructure-shim) (uses LXD)
- [lahwaacz/infrastructure-testing](https://gitlab.archlinux.org/lahwaacz/infrastructure-testing) (uses systemd-nspawn)

93
group_vars/all/archusers.yml
View file

@ -5,7 +5,8 @@ arch_groups:
- tu
- fellows
- multilib
- support-staff
- archboxes-sudo
- docker-image-sudo
arch_users:
alertmanager:
@ -27,18 +28,6 @@ arch_users:
alad:
name: "Alad Wenter"
ssh_key: alad.pub
hosts:
- mail.archlinux.org
groups:
- support-staff
alerque:
name: "Caleb Maclennan"
ssh_key: alerque.pub
groups:
- tu
alex19ep:
name: "Alexander Epaneshnikov"
ssh_key: alex19ep.pub
groups:
- tu
allan:
@ -55,11 +44,6 @@ arch_users:
- dev
- tu
- multilib
artafinde:
name: "Leonidas Spyropoulos"
ssh_key: "artafinde.pub"
groups:
- tu
anatolik:
name: "Anatol Pomozov"
ssh_key: anatolik.pub
@ -137,6 +121,11 @@ arch_users:
ssh_key: cbehan.pub
groups:
- tu
cesura:
name: "Brad Fanella"
ssh_key: cesura.pub
groups:
- tu
coderobe:
name: "Robin Broda"
ssh_key: coderobe.pub
@ -160,18 +149,10 @@ arch_users:
- dev
- tu
- multilib
denisse:
name: "Andrea Denisse Gómez-Martínez"
ssh_key: denisse.pub
hosts:
- mail.archlinux.org
groups:
- support-staff
diabonas:
name: "Jonas Witschel"
ssh_key: diabonas.pub
groups:
- dev
- tu
donate:
name: ""
@ -183,6 +164,12 @@ arch_users:
- dev
- multilib
- tu
eschwartz:
name: "Eli Schwartz"
ssh_key: eschwartz.pub
groups:
- tu
- multilib
escondida:
name: "Ivy Foster"
ssh_key: escondida.pub
@ -239,18 +226,10 @@ arch_users:
fukawi2:
name: "Phillip Smith"
ssh_key: fukawi2.pub
hosts:
- mail.archlinux.org
groups:
- support-staff
groups: []
gitlab:
name: ""
groups: []
grawlinson:
name: "George Rawlinson"
ssh_key: grawlinson.pub
groups:
- tu
grazzolini:
name: "Giancarlo Razzolini"
ssh_key: grazzolini.pub
@ -261,13 +240,8 @@ arch_users:
hashworks:
name: "Justin Kromlinger"
ssh_key: hashworks.pub
shell: /bin/zsh
groups:
- tu
additional_ssh_keys:
- name: hashworks_yubikey_5_nfc.pub
hosts:
- all
heftig:
name: "Jan Steffens"
ssh_key: heftig.pub
@ -291,6 +265,13 @@ arch_users:
- dev
- tu
- multilib
jgc:
name: "Jan de Groot"
ssh_key: jgc.pub
groups:
- dev
- multilib
- tu
jleclanche:
name: "Jerome Leclanche"
ssh_key: jleclanche.pub
@ -330,24 +311,6 @@ arch_users:
groups:
- tu
- multilib
klausenbusk:
name: "Kristian Klausen"
ssh_key: klausenbusk.pub
hosts:
- mail.archlinux.org
groups:
- support-staff
additional_ssh_keys:
- name: klausenbusk_2.pub
hosts:
- all
lahwaacz:
name: "Jakub Klinkovský"
ssh_key: lahwaacz.pub
hosts:
- mail.archlinux.org
groups:
- support-staff
lcarlier:
name: "Laurent Carlier"
ssh_key: lcarlier.pub
@ -421,17 +384,21 @@ arch_users:
ssh_key: sangy.pub
groups:
- tu
- docker-image-sudo
schuay:
name: "Jakob Gruber"
ssh_key: schuay.pub
groups:
- tu
- multilib
scimmia:
name: "Doug Newgard"
ssh_key: scimmia.pub
groups: []
morganamilo:
name: "Morgan Adamiec"
ssh_key: morganamilo.pub
groups:
- tu
groups: []
freswa:
name: "Frederik Schwan"
ssh_key: freswa.pub
@ -452,6 +419,7 @@ arch_users:
shell: /bin/zsh
groups:
- tu
- archboxes-sudo
kpcyrd:
name: "Kpcyrd"
ssh_key: kpcyrd.pub
@ -473,11 +441,6 @@ arch_users:
groups:
- tu
- multilib
segaja:
name: "Andreas Schleifer"
ssh_key: segaja.pub
groups:
- tu
svenstaro:
name: "Sven-Hendrik Haase"
ssh_key: svenstaro.pub

1
group_vars/all/common.yml
View file

@ -16,4 +16,3 @@ fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: false

18
group_vars/all/root_access.yml
View file

@ -10,19 +10,16 @@ sudo_users:
- jelle
- svenstaro
- anthraxx
- klausenbusk
# deploy tag 'root_ssh' when this changes
root_ssh_keys:
- key: foutrelis.pub
- key: freswa.pub
- key: grazzolini.pub
- key: heftig.pub
- key: jelle.pub
- key: svenstaro.pub
- key: anthraxx.pub
- key: klausenbusk.pub
additional_keys: [klausenbusk_2.pub]
- foutrelis.pub
- freswa.pub
- grazzolini.pub
- heftig.pub
- jelle.pub
- svenstaro.pub
- anthraxx.pub
# run playbook 'playbooks/tasks/reencrypt-vault-key.yml' when this changes
# before running it, make sure to gpg --lsign-key all of the below keys
@ -34,4 +31,3 @@ root_gpgkeys:
- E499C79F53C96A54E572FEE1C06086337C50773E # jelle
- 8FC15A064950A99DD1BD14DD39E4B877E62EB915 # svenstaro
- E240B57E2C4630BA768E2F26FC1B547C8D8172C8 # anthraxx
- DB650286BD9EAE39890D3FE6FE3DC1668CB24956 # klausenbusk

49
group_vars/all/vault_archweb.yml
View file

@ -1,27 +1,24 @@
$ANSIBLE_VAULT;1.1;AES256
34373565336261636435623037626134306239363436343463363062633131333864373165363031
3037393931396437633135326630333366626537663061350a346136346130343132386434366333
64356266373637616535656531306161393332653036633136393234336436303562636235383535
6366303962643064620a653863646433333539336239656531626134323032643832356165396563
30313261373931343066356132616363653663373339343364313563343332646565363561393562
37633334613931373964323537633361663230343434386565316432393336363263343164353933
35636235663466613562306432383333663066356632613039353962356337333737353439386537
31313439326237366639323230343961393330623633333737353063613963373766363734343064
32316661646437643663323134663762653636383563396562353533613566656662336566393536
31636533343561393534663233663030393363663837363965663038343966353830633764386339
30646163383731376130636462346235616633316161623135303264633332633063633362356638
33306138633064613463386438386365643063616537616666393266336136636530353662636161
66646631613031653339356236356233343936626439396539306462376566306230363933663235
33356362316264383733313437326437636566323263383062343066393435616663306336613465
62373965616134643830313562386437396437353036323038353439613833316233653962663265
36663763393636376138663938643761346434396331336637313034323838393361636135316637
63306630653264366639663031666135343564636564613639333432363431393737376464383263
31343434383331363937323833376232353335626132353332373835303363646562393039636235
30313239656135626539386437626630626162646262336638646435633639356461653935653234
30376266383464623561633139303164376565373761323535616332313630323732396533363730
38353561373937623961343464633465306566616266633038653231653534323533623562376335
31623638643336663637356331656363333633663730316635326133376633303933346461373838
39326537376338313161376537303738376139613631316332663739313266366434323465313335
61323964396331626365363737373566336565333438303935623534626433363130316133626236
64656535613435326464633561343065313865313437366365316162323534666430393234383163
3663353632333065383764313531303631386335646363636363
63306162336566643630366662653265303939376338636235616239653937363131383434386333
3734623331386639396165313166646164393166623931360a353338386437346366316132643337
66643535396164623932656236633232316135623530613862393666333866663030336433336161
3033306130646265370a316130353338393766623761653035633633623834653439336161616561
32666462313961323664393735643434336162306363626335373235666334626337346130386561
32386337316433393731656632646662346130356535396434376363356261663332376637323839
36666232393564346337616566393336623566643334383835346230333938636135383039633861
37616265396261313237363837346236616331383662636462336263356366383064333532656361
34653735316365366637386561663939336363633763316564646263303136346232396639383437
35663666303562626339343765613563346663326433323162396165653533626239316434356137
32356430323766393061356234643133623439306437373164363339393866616338616462383338
30376365326232386161336366353763323632303964336466353834643561366465353562353664
38383466326533353630663962396662616438303939333434303430623836373164323136333761
62613466356662316461373033643630333734313135613061346130303761636262633033323639
66373737353865316665363737633037393163323166363261383466363530363366356566343166
31396530396662323565393863663336333866313839636266363239636364376130343634613165
39623039383435353639343664656337323330623231663036376131323934393236623531303437
35323565623638643930393362613336303533353561643661613739343239653666666462643238
66303566353465663933396361306135616331643436323565333362353434623530326534346364
65656466623231323366646537383264303966376139616634646334663332383037636163323032
33636265626565373761666538623866313566633833663136663466333237326462643431336438
65316130303535653461643461306261303139386563323530346232366133656165306362613633
666239353561336532623835653935663734

8
group_vars/all/vault_aurweb.yml Normal file
View file

@ -0,0 +1,8 @@
$ANSIBLE_VAULT;1.1;AES256
66613036313336393231313839303731346131383434303632626336653231383532333236663031
6431643637346238646633353039356430363533643332380a303836626635366261383064393339
32383263356566373061363961623864663038666230306239666562333336343963336631306438
3638663363323565300a343665383330323837643135653439623733396636616639636364646430
61653538623662366636396132313031326632313162373063363562353932613136663166663238
61393464343264306434396462613739613763366333353339343966343137386130636565623836
313730336638643830386635306261346163

15
group_vars/all/vault_grafana.yml
View file

@ -1,10 +1,7 @@
$ANSIBLE_VAULT;1.1;AES256
33303032383363646637316136373435613162343563656333343061636335363135366662623033
3833393361303933343134333865653935616563343766650a386339333365623732656633666533
31396436373530623666623933653433346331393033313364313166636335613531383238646539
3764346333323962340a366463666662356563636664323235316662653161623261623430653766
37626463323563393433343461333563663561373862633239393166613463333863336236376336
32386164363864303939313338636331653432393431366337336136373933663534316262636335
65343237356562396137346431366364336231633635663432636636303331333437316162613538
62393732653064316466613832346334643765643964303438336662653931313861353039386263
31666637303066353534366237643266306263663332373362663263353665613066
30343635623662626436393831386266353561386231373066373638393830306539343630393633
6436343736396133623364383261353937643037613435630a313662633335373365316230303234
32333336633738383435643762333561343034376264303736343138636564623432636133313765
6232333937613031330a353466656534376565636137653165396632316261306533366239656465
66663832306138343361346637636534396533623939333962653164643838316463666632643938
6165623333313564643834343262393538663435366432666131

25
group_vars/all/vault_hedgedoc.yml
View file

@ -1,15 +1,12 @@
$ANSIBLE_VAULT;1.1;AES256
61643961653135363134373939383336353031333730303262376130643562356631666462663837
3031373734656539393930373938643139323633336135390a396430383064376431633839303730
65323464633737353234636530356662666433623730303765643532623137623338376164633265
3262373263626261640a623236383564346239383630373138363264383535366366663163646262
36386166336361623336376436346662393831313263616131326433663534373437323265333330
32303162383762336531623664373563613536366433323730323736326664643262656532383761
64653535343762666262386361653966653333373363303165663836303636336363356461646465
34646264343165353131613234356237383536653938636137626365313438363437386632653532
30336438373364636434356431373862633133306336393466643231636637393866336134303766
31613130636632303539353462386161616364626463646539303061356131353532626466663439
64303433653832633662663765316262373335393665306438653232653062303036313563666432
61326237343432626230373065383166643265633532313033623134366561383536653438393030
36643834356263653930386531343566613832663230363036353233353631383663626333383737
6230666363303436333835333463626230646464396564393363
63373465656232323265643638376633383230643139323535656565396362636330396130663263
6233666233646537363536323032366337613765336530350a336130303663383337643737323665
66393863666135616430643931376239616266616664623034653134303563306239653736616464
3666386534306434640a386261383039643937316564303561666133643536353839346262353833
63313264363162336166666361366533336265386433376136623435666661363861663239303236
32623930393838323964646166393037633564343262336565383331636633666230313434326635
35366433313636646466303565356138386436323266316534343231303861336462343637383065
66643663356363356466613933376331656432306434393432643163326663343161636333303134
62383362393933636164363666613230316439396235383636346530343536636432343330623330
33373135343033623437613836393564376366613366636662383337623534386161623663386631
356435336630613834356535646239616139

19
group_vars/all/vault_hetzner_storagebox.yml
View file

@ -1,11 +1,10 @@
$ANSIBLE_VAULT;1.1;AES256
37316639623364363536666561383935376436663233323431626639316438646631643165663734
6431386565316161653535656137393634656333633863330a353364633135376461343137663938
34343133336337656237373961303530393765383338613937313332313433363838383064363061
3061376164316662350a313534656536303164626464353030356339353237313834336632393039
65333832336635633730326230323934383733653533346135656431356534303765383365323538
66323437313839653733323063343436386130343139343761363037646437653263333066316665
63373335656238336136323961356133353833313737303538313936663366303435306134326138
30396366336130386263356264336361343231313763326239643562666662346634616639663165
33653962323336613537616363323931366235373930326436643863376463656165303433643635
3632343163323137633630373561333731616334306135616234
30353736373466623531333732393935376435353939366632383839376531653761656631646638
3831333465373263336232653931643162656363653039320a383736393636613231386465663430
37313062303933653633626637623539363565316161666433656138393036343538623863386666
3039346264393066620a396231646534303262616162346261643639323838313635366332653861
39353239393134326130383766323832383361656431336335616138363865623865356538636139
63363234343962333166313038646633613534653963613961656336646464393338373635663832
62396633363932663931633532363732653766356136393137363366376134363135663864313935
63323635666431353165396235633066313334316161396163646633366536366361643331386461
6535

10
group_vars/all/vault_hetzner_webservice.yml
View file

@ -1,10 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
39623835306534616661653830393863636639343938313031316132376662316530366330623162
3936383035626238336439363638633634623036343238300a366332303632323235303038343534
34643833623730346430623961396464353235393465313264313465653864316131636665373864
6565333732636366330a326664316638353065643838633865333036616331313637303736303865
39316434636563653237376131636266333834626331356331613039366664373561353631666336
63643439383163636239396232626131393431303637623236613433313533666562623339653239
61336566613136383537623863316533343465343237636563313633653136373734376561373164
30386533346162333662393337633133666138356139343331313662383038633561313265613534
38343833313534303839316264633436313831633631666539663062396363333334

43
group_vars/all/vault_keycloak.yml
View file

@ -1,25 +1,20 @@
$ANSIBLE_VAULT;1.1;AES256
64326337646461313665316164323764313937643638663430643162313233653132366535303462
3932656466316661353738313135373866663631333061650a613566316364393730653965393361
64623737363334636163383137376230663630373236393935313633346363633636616161383462
6235616162613134330a613231353965663539396636303235323438346663653466376339306638
61353864633933363361636234313634323231356163383364616161623734636332626233666164
61633930373263653038383866396431636138633963346133383266306132373339323135373362
61383065303036336235316564336438393432656631333063363333663066316565323736343539
33343731333566323530346466383333613561333034383131366138623437663030336466383231
31363539323964363565663537623036396130313938646662323265386234623735363666636562
34646130363336643032313533343537646365633530323536643765633135393331333339306466
65643637633038376364333566393233343262323232373538393238653332366330656537373638
62343564383833376162316365666230636234623161313036636462353031303936373332633839
39366436386438383162653637343937326561303465376138633634636161643535373233396461
64373236633834333565623830393339353539623163353463386364613862333039663364636235
37626666636335366330376331613430356165376539623136613435653563633534613561373830
64373038336238343131393839623830656232373634376430633164626564353435613036326631
32393734633635326132326233353636623664656137643239363630613833353431333765616665
33303538323266313335353865666237366436323665646439326162373962376430393033326363
65613732353266376662383730666566343563386131313362303664326237393832363732353938
33303635646530643062393432383266666435363566633365363061623966636535643864363337
31646637646265353532383439313439353434653135616462636530613737393632623533383364
32326238366436623664306330616635623065396466643262346461386464393133313162353766
32383435353535316630316462303734303062366264633735646664656363656465313562653761
30396261373236623065
33633161366238616563613336356635353433646634623833303462623731616439336533396263
3234313663646437663864316637623065326434643132630a643536666665346331316339363034
39313739346138353061623139303034656339316262646161396338313065316461336636663661
3163663737393062370a396238663831313366646138663161353930616532373936663533616535
62613266386534343937313762323263363665366564313931646237663934616437326364313030
37323034306165626130343639326564393239633033343633623261366431656139626136356434
33666261303831346339653135363134646663323633306462616233623239333864353832393336
30343335316463333134363937366335343561303434396364383362386139303933386630336233
66616335633338353232636231333065326232383665613131393263336333653662393738633433
66643063336531613030376462353962656536376336383838356162313864373434366639323064
62366661396532356238663030303163623836313165643039623838383736346161373534623236
30373764396663643861653238303535336235643762326134363238656464633463386135343665
39306265653636656361633433333162333235633435386232646163316564323938646662363631
63316462373137653138323535313933626430373631666236636534666232613262303439313739
36353534333965326666643132636630383634353230303063313735353133643933643634303061
39343162373463376332306330656535613833616137323738336337376230343863393363633037
62613733306466626263643237303930386634373635643166653439613230656335366262666434
62636334323733303932386464343834373239633831653263323862376335333236336563316136
633064616535613235343934383333623930

8
group_vars/all/vault_loki.yml
View file

@ -1,8 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
37643130346638613539323431666164623435666264346231643964626232343534666338646335
3834376365383264306438316137313163613262323630370a666637316461396132383864633539
37653062643062663563353635376462396237616634626633633762366334373665306563643366
3139316239303165380a653166623863366130346231313465336666383365646264396337303334
30383231653734613230376139326137306137333037616636336663656532316637633531313538
63643330643031663563643430666165323933633933363436306334643166313231616664666664
653339626466616537613738636465346538

9
group_vars/all/vault_mailman.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
33663534393934353761333131636338343835616465386562393436663463343566376536303962
3463363464623530653630383464326232303565333039320a386364623664613931636531336233
34366536623139613733626539306462366139356562393166346234343261306631333763396462
3735643430396562650a646463303232633039313037346238636239616461373337656563393239
62386464396237303634336661363135333464363135343234626234336432333963666136346633
66636633633237383937393431326639623938356133323566663562653964613564343231323939
38336537656532353163366439393366373264366363303730663139383436356335613462653234
64313365643833333739

388
group_vars/all/vault_matrix.yml
View file

@ -1,214 +1,176 @@
$ANSIBLE_VAULT;1.1;AES256
64316530616561373830333937656630366635366132626236656633613462666662366438663836
6635646463323166323938376562343966336334373832370a323530303332356363313335656638
66306433323432636131383632383637633462363666356364326461366132303830353966386138
3731326532383730390a326265376431383138663638363765333335306231313362663939653933
35396233303964663865333139356332396535313132616563313461393030653062383565376438
33626231373337626539643862666562313663363634303037626461316561616233613332626236
35326466623436626433303064363562333761313966633266346462636536316563376233323966
30376663633764366435366537626636363432653566656238346461616562396131616136373439
32376166336338643034333938313136393963653530363765363165613562616438643431626236
39373938353733303165653537653534396437333835393864613335616563663235393538616662
66623432313530316134646332663433316138353139633839636231633362386435333830343730
36363563663361396632616636633238613664366263373364623738323563666465316566663262
33393964376335353630663264656566623937643834663961383162366336353862333538303431
63306135376233343464323162636266386539623933313437346433373162353164323335373837
34303562366662613438333233366334653366616463656539396261346535323565343534326164
64633565636266643161363538613235633364663065373232653536643130356463333263613733
35383964663062356264303234363164633331366232373838666230366430373563663036396131
62353436323362626462623663376333393931393732376233616439373962373735353136653635
32333766613636373965376233316630633636616161306637353630333963333534613636633266
65306338333732316630663238393036643735336466666365383130393937666136656133666137
35613235316537303639383164333732636531326638393036386537656136363137383966366461
32386462383630373535626432383262316137383534656333333563353537333865323330303132
35366461363832613366646663643766326434633063396437346365306564653530393131626135
32363231363730323133346663366665306161613730626531326365323531373463343137616361
32396565393663306534613931653361653838306534333939643661653331306231333735633534
38613264323433323239373130353731393535643233623637366233663661393565306262393337
38393762396464353931373137373134666236616561383162656164663537386166663662663864
39313935663434333334343536633635336135613936353936373138613764333130323666646666
38393837316264656335303862333931343433346336373531323539636230653836376233386266
66363232653463323531373738666535623166653531353030636130353931376636373863656339
39613331656366393437323530373966306535626333326230656638333531653935666663633738
38393763376134323931313131643362313264313963616339393561303833333030373233353133
61333736363232356337343937653065316133346435393838653035626132363235613163323234
65623737383963376565666565636530646135373231353737343063623266393739656664613363
30393165653436623238363363643839306234383862376538646264376361663637613161396230
64346165663430363461626431643734363833623532356234336462646631623161323037643831
35373537643337363135356464666137633138336337373863633734633037343731323435666162
64353537383033326439653962373666386463333263386234663762363832356663613331303030
31303463623861623932653231363537326266626436636131373865366534633464656334373830
33303138613432653633333739616531306238383738626364376263633366623230323437303064
65623663313263633764366266353035623866353261326261623535326134633037613366383839
35336634613635633931623336633761393333653731323464643461363031393535323065363431
36393134363865353263646534326166633865306361373965346665396261636437326139643666
30356433393464643038376632656439653433376131653737663434356462396261313566643234
30376361393165386338643937303165393734623631383062343435323962376239316161346665
30623366373561333133306564656333303835626338323836356130666465383234326533383434
38353339336464383762383239646362306636613635373730313933643430393265373534393035
64326161393330396666613233356466313062333538623362653533353164656164663430633930
37343366643431636463393331336135643733633565646162373431623137623038626563393230
39363366623464656666356436636638383237363631313766363761666131313761653330306537
65333264343637326232633232343539326562396433643632383566343131383665313964653935
38313166363561366232626164356665383332396233316633343533346363396335343439656462
38663830393661353837636235333562666232363635616430313765623238363132363066323034
61346635353530366330326465363865303231376437333266383161623937626463316564346233
66343635613066646138306630313130316666396237633138396336633238306236366630346330
35333934626230616562653062353864323864636436633463633766393961616165323765366133
63663639613962616131356633306530376264646230636633333339383863656632353130623634
36393765333361666637346338323062323334306238343032383965336464356338396365323266
65306565663237306236636336373230666134653630666434646561306364393437346335616233
64313331363566653534363137343237356331353238663530626238653139656530633363363232
66343264303934626166646561396566646263643233626262633162313764343466643636666537
31373061356339366536613530653032626438363337656638613536373833376666393134306539
37366334333863373039626563653433333435623737343635323339343836663934393863323165
66363337623261613138623738613835383938386338313261303666393639386362353132373863
35333032323566396133383031373336623635613937643530633632353463653037613663373763
38653630396231643566643133663662653833326433353034373437326166616130366562613565
30633063343366353834633138663437333935626432353365336630653939633635346130613538
39636638333661363239313331383738316337643161663665303863633664373233373534623163
36363339353763386132306432316362383865646234613835346663353564616233663562323562
32356231386465356532376334373437616466313833633035353866343633303233346635306535
34623465306236336633666239313237633162323133393465663836323766383830356438396264
62623434643863666538363139313639333261393933366139316533623562653239376231356461
61636466353633643433633636343266306161353435613031303030366566383035303637353538
36316537376230383235623338316432653766623564663663363039393733343165323431643861
35303362643832656239613365656562393333396333383863366363373961343232356463383331
64326131663039663234393630393731663132376165346634613935653235646462626136303439
35666265623838623164363166396465386564313365653031383563653133373062643539316262
32613462663731316639386266356534613563353764366239303063366266383762393464316462
66343430623839313539363561313338666464636231353435626537663263666132313430313134
39306635643737393936376637663361336439623837303461636138386239633166303138343932
30383762313265616131303333393537303064616230303030613439623266303361343566626234
62313137373730313937653434383334616337636565346239666436616530336438633232313532
63336430353633343331393736323637343163636635346263333134313936336561323263646266
31626137333535643463636136623765303962333437393461383538373133646432323531373931
31376163633463353935373633333164323735366163366337363436343334333934323338393464
64343262653530306433393131613933333632386437353838373838663933383739373861623663
36623735353466336330633831633235613832346234363530356234313935633233623837333435
63623432656336393163343735303236653332376637363934663238643931313232346431303839
38373462613235396464323936363462343034376462653236626564613762646637306634353536
37326162393431313936646164303835373933303066636536663863363262376661636238366636
66353661336131383933663730623238666636363733363366373538393432643930663163636334
33326565363564653131666331626465333935643332633161316162653136346563393830303764
32343834383637343931666234636434353736616161306461373432626439316335383564373431
39626432343636633736666638303263393365383361363765666334663164626434346639623831
34303638303564663432623263393465373930346365363766366166363665653931373965356137
63303234353363336331353162343133626431646135616435633734353438663532633335393062
32306330356264393038313065386635626363613633356332386330643131323462323632613766
64366262383063643132613538643861316335663534383532353165616562643832366361643066
63393030313830366236613336313163396261336230663135623835376336356635663937633333
35656534616432333939646266343534373036613933653262343561623563663833343536646563
61353737663865613135313964306364386661316364653735633830636638383538663135623832
36613261663233323064663265656230643436383239343739626361303062623330323835633130
30333435643061626661333366636431663037333331363032323965373365353434343237306530
31306436366438306464336639356434333635643737646238303436646163363031396263636330
38333164386235626563323165363636346466313036636561336533383337373932396638623638
65633238333930306561663465333263656639336538633262306233383235333762366561616162
65373562386132663535356661343962633034346336383736326563316466383366626433313861
33303432616132356361633632613863316533366230613036303162636336343335373663623533
62616638663130363132396663373561646339303533623532623230656330323930386133383235
61663739616263633237633031326535383739363533643562636162353032316234613530633834
61356636623632373239323135346365353933643765653138656166643061663033396430393361
34363965313332663432633466306362656663616162323836366636386363633762393038663664
35633637623339326439323766396330376464383030636135333831336366326135633835626566
30336536316462333837376264386661383463376266383033663365323339653666383238616561
39626264336361373264383030616661323661323130376464313934366239333339373435306534
65316533343466333033326339643262663365323266643035646436343034353736623139353664
62646532633232386331393339623461633661323962646561366634643832353732313461636537
61303863656566633637333933653661333034623839373735346461666537663463333763303935
64323265373830653732363762663364353231363663643838343832353765383139636637646635
65376333663338326138643930333237316263626533393262306631323061386666303064366666
64376133343561333864333830373862396131656561373564326166353764363663363732373633
62343433636335393161353465303735313134353661636266366164373734333737343762356338
64653664633039336138343232656537653531393236363033306331316265613536616566613031
30343631643361313932623965383739303866333233646366303739386232343034396231326234
64386532633339613935333661343638373438613030613334313939366263323637326430636132
66366466326666313234393232316535616466353765383635633832663733303730636633633236
61643334363230353362356636646361386564383139323233653931623538653535616361653734
35646165653333633937386631613563623861393663356330396533323833633762653866393530
61643334313361656336613966376461303933626339653764636433323061343339646563376532
37613336333635353731386165313261353737623333366538346337613335386139303763613463
35663633303562626462373332633836343332306636316233303433396233313164333533346636
35376264393237656137343961313366313235353336383237306637376330326336316266613563
30396362373866336463383161643134636634333865336263646139313131313631316231356134
36663365383466663762313731336363393037666634313763303030373233353932336135363266
33636565643638613966333130616264336337373030333533386461386665313965376339353662
30363861646366346665333563323161353166346162623637636465383837323738303031663534
66326239666232393037623438663439326637636133353931666135343734623964353166353538
35366666363630376531363764343138646637323732346437316565656336393133396330663163
33363565343536623035333864623136663663656333353133623432626165636637303662653136
63366266333138643739626337616130393239383265623765666432653435626534613363393064
31306231343531363166316536366238376266333736303733303438306438613664636332383533
39303930353132633739656537346135383466633062333739656535626363643134323533356235
32653361336638333435373831333761613230316462633233383761653934313166616364326631
35363366383532353266356164613662356532623261363036366236376164343333346666323161
37356165643262326336636362393139643231373262636134386230633332323831316465333465
34666139643731353731626361386237323738653833376237313234616563316463373133323165
62343932323434623733313165363339666230666664356662363736656331633137313832663662
36633235613864643666363134623962633130373234396361363036663936393739303734343335
65343862663838616531303562656562353365623935653232356161323662653331366132633963
39373534663430653437653837366261333862356235643961343231366262383833353438653563
36393562303834653637323164316639373265633833343437663962613732656661366564303234
31383738623639363464643630306634616432323031616365643734346562343562313637343234
66653333363835663830633337333535613636306664393931366330333031666330626237653938
63356139623732366431326639653138653531653162616162623061663265626334343063623231
39333435353465613064646563303632613563643236663966343035663337303831373132656331
63313761383962356463313339333235636335376331326134343438393435643162616264663538
38326536623139643664623865393362323131396334323037383936323435613962373061393837
30396465353130613232363130313433623533396466626436653439613231643030383534383736
33323264376531633031623536363437633035343532626338353931333536656265353765623361
37626666613261613631363062396266386239336230623234626562646162323530306536373163
37323362313633336431613761336136393062633433666230356364643338646566343232306333
38653535393533336266313935376134353236373961343939376537306439653137646363333363
66636339653838353130663262383862393231626465646562373563306537333266643437333161
30636534636537636466333936343461326331393264663832313161353963396238663333346538
61313539363833396334373238666434333161306534643966326363386538633535393165386436
38656532633361383437323164393666393634623737333862353565643339623232336661636437
63343630373337373163316463343631643862636363313661363336346162616231326432633363
30343561663431666233366533653630616665656536626631666662626261326665623334663163
35383832313430323864616162316164633366356437353266343535653162383931316263626337
64356439373863633233396133653764376265323734383134613535346631393533393531356333
63396637613430373863333666386536656136336430333033636364653530653030663537316161
32646533636564316331393630303435633939383762616161353738663131633964396137633933
38303436633438666237396138353537646533626537643434343034343962353431616330326535
38613238663335643762663861656134343637396132343933326439373937613339323763353763
31666239383633373064346536373331623230656363663463333562356163393161396131633064
34623633373366616336333836636330383631356663653436336436336238623161313132363364
34393635396139626361383931336639663735636236646334613362316633636162643035393335
39323762343939396132323966353264663133613930383962303261353263313834663365646265
66323138313333386462383230353365643663616231303666373035633931613836313435643035
63633838346561663666343734643839616232646164383661633662343366366539633531376166
33643139633432346538626464656231393337326137623936613733636164363366623265373737
34323536356535663939356665343439316138633330636665653761393064336532383838363363
62303535343664613735323733363832323039306634383563366633383263623565313839373962
66363165643536303162336534396533663336653137636238373534303463623434636536623435
62343165633630626137373735663539373833613939313335306363633939663064643862303732
34373264356130636338396166363332306164303364333430386562353532343933313561303236
30373561613438356531656536326566353534633266346636636234643139386434656136663631
34356438303532306337313965313032633431353537396431313939363165643932316465646636
38393463313434396362613736646565623238663766623364396432623266633030336531366239
30343662623731623636643937323066373636396261316435393432666635303562643134303936
64353330333333346666633336626365626136316135306261376561623137356564653061623039
33623131313038333961373236393739353630626631613232393338646665393431623961313033
38623462663431643364386134376631363365353162363432626433373336653361313464353434
63376336313564393737643037613665616436306130383663303735653162373066306564333031
36336539313333383366343637633465616138636665386133653962363862653635616362386162
66613538366134346462366664363363643830326234616436623330386237663735653161656336
35613433353531666233663064363038626230633930343331646331633332333139616162323131
66363136626264383465643932633137303230346566323038623266303137313461316630666633
63653031356338613266343663383765343936616335646265366635333462656635373761353437
31353065363834323561346262356532373162386438383663646536636566663363656163333037
34323261326238666564316162353163353432306564623961383063616134306136306439363164
63393966613534376238653864373333396231663938346665373262653862306466303461303035
36666365396137356533313561653763663534333633623933323137343661373839653863313266
34393332663365323962306634653066636639353233663339626533643064316563653639316632
66356132303235303737663332303537613130613331336533363664613534366162383433383966
39663862633336626538306666623064306139313831653130663035303539313139333965333939
33656239663166383131313139383962663262333161316232356131313561323232313930653064
62633366626137653236316462653737373365613964326633663636313739333530396638373930
61623964316137303636373635356366363966626362646434323830646238393736396666623333
65333762306563356130663536346338666335356165363663353736633566326365626339303565
63363234343435643365363537303331356131396265336661366130653831663437613562633831
61663131386162303330393334643237393630613130353039396639386532643932623461663636
6336
31353334396363353235636432313235666361316265336434363561633265353565306331383136
3261636531343061643037623930386130393261613830360a646464613038613330353930333937
38643035303665643762633732656564346566346235663932353637663136626438643463346436
6639323661363638660a653735323762383935343338643037373332633338393433613563346264
35346230353632316433623732376264343532313365323633323431393861376262373737363639
66323666386334616639376435373538663464353839363930613634313332393831626230306263
38343135343134376532333534313063393739633234333835393563646634393339353166633734
34376665333464396338376338353635626437393364333236393765623233626637373038326564
35306636663535623731313466383665313136333635333032376637396230613435326438323065
37613133353534643261393834396633323561343233636262383838363535396232313938373830
36383936656138633265643566396630343833306463623436656336373864643063633265316531
64326538633166643032316461386337393439306165663062316530636566316665313664363666
33366634333435613238393732373530323130663738356161346636633166393364613561316335
62356563343931633161363866353561383363363534613762363832306637323235316635393566
66363932303839613731386461363534376132323734336237323438306434313033373662323663
33376336623432323063346661633235643737333430623064346335363232653031623537623863
35396164613534323663343561663131366433343734653463633862383830356331326232303932
63643038393534303835643331633133346635663234356563373365623533353733366134643638
38643466613634653531303132386363316638383466343832383565313866306336626431346633
38363465383938346539626462393466623462323237636334363361626531313235326339343864
64656233303931663632643131313564666234303839626431383564333439386165333466613039
31393839343731396163633664373836626539313462613764353263336563363530623438346161
62353334303163323331326134316539356161626536343934636563623037633336303265666133
31666361613036373738386163653338636465666163653633366664323734663338386463333465
32303961313732373935356437393833323964366636623562653563346366636434643563393631
36613361613232376562376432616531646336363432336262396665366362313466333033373266
64383439373234643762633136386439353232623539306262393832313337616332636135623966
38376335323936393632623932393064396631633839333239656531333336356362636261633930
61316637346638616632623162616566623865643932353364376334656236653734616137316539
63653536616464613639643233363961646261333834626566366235346338656233653033323639
35623261613464393838396535363861376633646465356435646332346161343062343862643734
63643066306236366431623232626366393463346538306439363662326139353063303538633962
32303637383939616133356264363830323236623035386131386233613339626431313237623535
62316334396263363636613739343536643139353262656130306265383632386564333434376330
64656661386133343561663861303666393135636539323337373838373436386439373138346635
34356263616135313330663737633438306464646435396337653362663964396361626666356532
38336133326431356534306463393263373334396565393961303834663737656630363937353030
61353032616535323963323033386531376631383631646666376564303330643463616365376133
32656137323266333462363232653838336435343363626239653633313162623332303862663931
61643565313964383264386663316338666437656461656662366638643762366162353233323136
36393164636438316530346631376437633334323533376634666661613638303730366463613966
64353931613131336366363938353537663630666135386333393663633935383337616363656231
64643638323330343262643862366536313063356262646462626439306563643130393533663639
33393438653239633833316361363961323338363361306266393839383665326131333562663663
66666366653935346637343737343863323237343236653937383732326538303361656135346437
31616432646635623231383335303063643266613939366532616363343435323337633763663130
35636331646235323931363930313636663233356563613961306538346138663935623864303734
32323035623163636535646662353235343166376139653161383863383866383838346531393533
30383433646531626263343434393934323035373833316335313563616437336462383735373632
64373339373037313462356230313864613363353234376538666539373236336434333262303539
33336430663533633437343533363138623939393137303730666261643564333363333830386334
34633534663035396630653265376338616434386238653866336333303536356534623636663336
35643764653363336531346563383636346266393535633834373064393831336235613634633363
65336430636530346161623365666266666666393733613963383835663337376338643765356134
66313532316364636662623562313636343438656535353263366339663139313865333635386431
64306431623234666632623431373936353965316438383764613931613936363636666233656232
66623831316366396531666563373664393938336162626265363937663930373835623966646432
39386632373136636363363536383738626434363766386237616362303761363966333864316461
38383935386238666130343636646631623335336364616461376665326530333761343966633035
34376464313337383435353632306661356663373237366434666166636565626630636238643234
39363866623065333135316339656665653262613163623236323936343835393435373037643861
30656165633530666464313235633132626363386633376139333130393833323335663635303233
61323832313634666363303631343532306164393663353164646165383931653562626364616635
34326638383839383435346634376438313730623662633932396335383162653363623932623936
62316661316535373333646666323839616264356665623031613064356534323763373935623535
34396166396637646262346632346137316636396532386563303462383532366635333765613761
66306562316438313966633665626665303231363935623235306365333963326533326264646134
64306132376538663731323938633831353435633161303763653834636662373138396533643835
62613738303830353833396662356436636233373438396533323535366161323464313937313333
61633731623764306533313630373837376139633533646531653737383738626339646263393938
63643336636236663636353763393964373764373465643330323030383361616566333031663966
64623530353461383864323331316136396234376639653134626239373139396339316461316636
39613732316638623439373263306635633865353434326238626662623064316639306565663634
39623230346539326434666261356162653036353164353562376164306531656666633433663832
65356132623530666339323339336661303338373033306331353937643362326636366637303631
61343937323162623962363663646339643061306264393361303963663335363664393538623161
61623865613731343064353666343733646235326439643039393332326561616538666237343531
66316265633533626163376661343230313436663035653163373963633233313064656639376135
38323534343131323735373234366334343861393362336536373166356330303238303164323234
64383534633931646364626134626563363634346235623366633363383230303236366663633538
34363037616434633163633239633739646263343136383036363130366238616633316434333330
63376430366436373330323139373436626631346462363637356562353664326534393836353532
34343765303439353364396637333139366530373431663136663534356464633633633030653333
31666633333662643166616139326366613237366135656134333437336235386434363439333361
62373461643332353635326439656130626466626233396539653661316466653262303361616233
34636361643361313432653461613030366262656331303664623662323135393536363964343132
61643062386437373962383633643235393036306430316432356666303737646636323739636331
61333064323936353138643231653138663136363135343061326566353637646537623261383230
39643364313763613532366336626134623538663164386662613964386635646638333835376365
35383135656230623430323633346666643262393437613962653131326139663536383037643230
31663739613564313234623866613066663438656137326239356432616130303837626461396436
32386238396231366139313837333230373866623965663365333364643965366133356365303633
66393465373333346631643663303062636663393237653437343333396131643262353662363931
30376466363164613731353164356166643466366233356332326637333461346263333335633161
62643465633862376535613937366165393464666165656166313263346632643832653561633439
63643533633730393364373536396332323033653839666638306363383163373139383039323035
62613863313964356434373838303935343061313865393436636462633631653431363362636262
35383761646164633261373930393738356663343761616236346335313936643738346261633762
64366465663265313733323630653038326532333161653731363362313463613165646263323766
30346132386130646462343530333661636331656331316133323734363262643832343965636338
63663334613463393563636233393062663233336531383164623761356136366137306664323666
37323137323537623933653130373532616464386666656464353462333734643966313063346465
35373761356339663765356532336231333939303433663765386165616361663039393061313736
30303639653939343066616336393437613034633733666236373235643234376562353132373963
34313063636263643436666161336534653966626233633766386237376536333165373138393964
37653934643232333939333263363833373764333561343938666630313838306636613037396430
62663038656561386532363765653364366337663231373139343866613532383833636537396334
32383035356362633037333534353362343364636238626664323533373163313163353738643135
65336231666235613163393663303236623361323732353833643462623237376335613833303338
33383732623832323336656236383732616134616161663638336164363065656365663665643264
63386439633731633638383665303766636264626338333932336465656637656435316163646230
30383634326334663538396361303334326266663337646137386430333931663432323835646530
31316264303863663632613762633033316566363934613331316461633766643865313762373037
34376164323032323864363032393132326137373462613133326439363865643562303262323734
37313437363633343666663065633062663237356266613661313363346635616462653563666231
33313539336161356130663737333835383538656536333335333934326630313639633534636436
66386230663839326337343165653339363664373935643831613536623233646364363061393635
39626661666331353266656631323461326633323430623561366661663730393031613232616233
36366435323764356231323637363930333334623431666664653863646330663532656164633337
61356530353363313634303537616532363834396235643330623436323066336664373135653366
31313536643064376439373464346437663833393662313532386362396331366461626532623662
30353863353566306434333333666666333832343732346163383965663965613964326566376235
34363232653565313530313563306363366462666536356564393565363230356163643064646239
39636166303965623931626262353261653132383339323137346533316166386539326663646537
34656163393636623932613131393933366361323638343166623436643238393361393731346639
30373862353934636434373833303239613139363466663732626538393332323838336264323837
36333334363134323465366234353938613563343535643939343131656133663934383434353862
31323362326436633761363435373664383564313565373535653838336330316330643765663734
65303135666436316266356430343064336133396661333235323938316136336530303865383439
61646537336630653434633366656639346561303438653164613337663839353933316337643566
61313632333763383030353563626636323361303065613734366361313034386464396332663731
65336530356337376362383765373138326135396431626237333837323135303066626539653761
61303730663735646363633262633636633833656462653637353363336264666166376162663963
65346364616230303262366666383564356638326331616437313336313365373634316362653535
62313061353238643865626564343535303730366135326662623030333562336662336633616362
62373130653532653461306639633332346439386365626637613766396362653066663964623635
61316439653266353032303031636661393865633334396132643635636361336438333062356237
36613430373861346262363866366266346261333066643830383536383732633166393432383563
62333132326131356138383438386330363663613464366462613530333437343137666530666261
36353865313330393636323733303633613263353861343033626366343765623866626139316364
32336437633333633135376130613235306133386533356436373763386339623063366136633636
62613037646130646134346439656436353630633661653436623461323066623161666237363963
31333431663533306363306537316634363663643864323666613565336139636338663365386438
32333139353532373039656466316638346363316234323465383038303439366665613336363764
63626465373365396238363231396564623737346666653762386565626136313838316437623362
62633765386330363136333961393461303766353935646539646630323861343638633061633865
32666233656661303262346231343530323336626237346233636163656561356330383065353939
34313864613235346263333363383636663765633030626130626363363836646131623635623933
37343666333833366263343664666662366338623333666432663561653562306536326631343834
33613866653036356437326338376364356363303165626531616138643162636534666634643364
34313231613633373737663931633365653934343662656636386332356163643833613763366664
66313032336562393538356133343839363764633833393438613266303634383439393661373266
30353235626165643965653430306336656232663462653031333830383138633431653934636662
62383831613862313565326131366236313265636639383766323266666130643330613035636132
64356433636163336534376462626462633533316530336639306234313561346266373164393531
32303663626636306239393963623137633631626231613935396136313734613037643536336332
66393937623730373134383730336238363332303230313831633263366161373464346362373539
61356439643365326561343366363464373462626432353433316463323637633163393865396661
64346263383434386238623938323336383032363433336433393232366239306634633062653261
37343034636434353534376538356435303832323734303961613435356330373539323163613638
31363539646332656636313262303833373833323432353234353633656162663631306366383633
62643336353232373933326335366339323336623033363632313136666239386332376138666332
30633937316338623263653164346666323138623863373839386164383363386461313136353837
35306131356236363134343036626262323931653735313965646238383163356536633737303130
30666330653531613935383666363866643866313339336162346465323765663736363661633631
33633963663735346139633037666563326431653065313361356534363065376336343631646137
34643364326234663335303962333531623633366630643630613436613030643739326536633666
64613765653336353938353137623066383763373561306139336530356662336162336332633965
65323631333935316632306263326130303234393962663439323966376537343935313164396632
35636434393737636433393866343563666130666465326430666136303665336662333737653966
66646161623434616531356239343361643938393935643464333039616663646263393438336237
64613534313430633466353763313562313162623362656462666135663632346330643632623333
36623965326437643565636232356533623965386262306266636133356361303932616630326437
62373838386164373634336637653861613137346364626162333934373632383834613139386132
353634383466386362363430663635666639

10
group_vars/all/vault_prometheus.yml
View file

@ -1,10 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
63656330666262373530636561383864633939666130616362333334613138366331623030303866
3434363632333236363030663230623236343033653732610a343730316238343235663162386334
66616263316363326238313434616538313462386439633338326332306537353231366137363263
3865303131326439640a643362623166626161626364343537613939383965346264306532313530
36343966653564653137633837613237323061663239643966363539306432393733303939646263
30663230643837396361303830623731303362623863363234333636633438393933396631326464
30663034646563343635316465356631656136306635623962353735373231656364643961333731
35613433616464326336323933363164643832333935393638363339396131663964636539376430
3533

19
group_vars/all/vault_rsync.net.yml
View file

@ -1,13 +1,8 @@
$ANSIBLE_VAULT;1.1;AES256
61636661646538643333653838373262333039643437666165333332663337373733363135333639
6233383866323934306362373036363836623432353363380a393039626130633562646165636635
63616463616233313135336430343961656333613530633161313365613434306361316564666535
3361353438326434330a613361633764393833383364303664646535346462386437333437393263
34633734313762376564386364636131313233376165626533396332303665323131616339383432
61306439363730356337363266646662333437376133636434313365373839636263326264343439
39626433376462623532663632336234646339623237366133623230613430356435323030326138
34643861396563346230626332313835616337346536373463393432316430656464396534393233
34656634386337356565333634346664323339643466313337333030623939616364626433353834
38383739646433633666633936393234633038376535366137346363383830396266316164313765
34633839343734383533393165613234383635633062356166633038396635336332363832363063
63626666656332646438
31363037363934306662343830323131313361383561656330316537366362656133643237666339
3932386437386338336663613461653463326461336666350a346536333865333338376638643834
30306264356232333761333361313239383931663632396534346333643131326364303066363464
6130363230346562310a626439396536656231643265316438623835656363333034323038616234
39383731303637346233653332333965623961343163363935633532623235316633373566336464
38363433663862636233376164313566613732323138333135663530333866333732666539376563
663861353832316436633761323334313362

11
group_vars/all/vault_uptimerobot.yml
View file

@ -1,11 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
62633262613331616434383361643166396632326534376238363661343162383563633738666165
3265376465363330373030636337643838663232346331660a356536353363363837323466363066
65363737363465643633323536393261636438383336343334656439333136383934376538653466
3965373639366131330a633962366637396332363237363364383238663133323664616132303365
62653761353366623364363365633937343339386562323133353030316635376265356166343965
64333931383836306563373138383262313335663530623863666565656136653162333437333536
34346632313438386362643433373936346266353562333562303562303432316330663261303636
32363735346366323038346336386364313634356131633463373837366261623534626361636563
36656164633363396231346135643765663062656230333838343538643361383632373533306236
3261343064333737346166316562616637353330373736633634

1
group_vars/hcloud.yml
View file

@ -1,4 +1,3 @@
---
enable_zram_swap: true
configure_network: true
dhcp: true

2
group_vars/mirrors.yml
View file

@ -1,5 +1,5 @@
---
archweb_db_host: "{{ hostvars['archlinux.org']['wireguard_address'] }}"
archweb_db_host: 'archlinux.org'
# raise tcp window limits to 32MiB
tcp_rmem: "10240 87380 33554432"

16
hcloud_inventory.py
View file

@ -19,7 +19,12 @@ def parse_args():
return parser.parse_args()
def get_host_details(server):
def list_running_hosts(client):
return [server.name for server in client.servers.get_all()]
def get_host_details(client, host):
server = client.servers.get_by_name(host)
return {'ansible_host': server.public_net.ipv4.ip,
'ansible_port': 22,
'ansible_user': "root"}
@ -29,14 +34,13 @@ def main():
args = parse_args()
loaded = load_vault('misc/vault_hetzner.yml')
client = Client(token=loaded["hetzner_cloud_api_key"])
servers = client.servers.get_all()
hostvars = {server.name: get_host_details(server) for server in servers}
if args.list:
hosts = [server.name for server in servers]
json.dump({'hcloud': hosts, '_meta': {'hostvars': hostvars}}, sys.stdout)
hosts = list_running_hosts(client=client)
json.dump({'hcloud': hosts}, sys.stdout)
else:
json.dump(hostvars[args.host], sys.stdout)
details = get_host_details(client, args.host)
json.dump(details, sys.stdout)
if __name__ == '__main__':

2
host_vars/accounts.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

4
host_vars/accounts.archlinux.org/misc
View file

@ -1,4 +0,0 @@
---
filesystem: btrfs
wireguard_address: 10.0.0.16
wireguard_public_key: 8CbVXc2+FllLpZb/sv/csHzqaOOsasJlV0gmkIzhBXo=

9
host_vars/accounts.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
33323763616365653362633239316230356233346361653863363765383130303035386333643832
6637323065373731633063333065383461613537383462630a336561616238643339353366373061
36316264303337336462653330623236316434663364616434373531393139343237623235343731
6630623763376636360a393064373336333135323938646462303938386430383033323131346165
37663532343234366533353065663731393764323833393065383835303163666234613834633830
32363133646239316163343464643364313135643263333666383633356130363162336338633231
32336639626138383532333532343839613161366133616232303030346430656438383639383333
66626231326564313630

3
host_vars/america.mirror.pkgbuild.com/misc → host_vars/america.mirror.pkgbuild.com
View file

@ -1,7 +1,6 @@
hostname: "america.mirror.pkgbuild.com"
archive_domain: "america.archive.pkgbuild.com"
mirror_domain: "america.mirror.pkgbuild.com"
archweb_mirrorcheck_locations: [14, 15]
ipv4_address: "143.244.34.62"
ipv4_netmask: "/25"
ipv4_gateway: "143.244.34.126"
@ -15,5 +14,3 @@ system_disks:
- /dev/sdb
- /dev/sdc
raid_level: "raid5"
wireguard_address: 10.0.0.27
wireguard_public_key: aC544PuXq63LgIeOvVD5dw++9XJE47YKUqeRw3ol0Qo=

9
host_vars/america.mirror.pkgbuild.com/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
30316462376531623136316535643161623535663533376130663738646436633339336135363030
6138666365643535376161373732346263343237373865380a333035343065623366663630623762
37646339666230643763313262353362613833303739623530663062653936616434353538313736
3430633630663762310a623361353137613535303265313365323832643038383731323766633031
65623863343039333064613536373338376263333433633766366438306639366464383234303334
31343233386464623137313661376637663562663161656662343563323564613331363861326363
33623161653962626632303937616437656234623934336165646433376461633034343565306636
30306464333861613636

3
host_vars/archlinux.org/misc
View file

@ -10,6 +10,3 @@ fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: true
wireguard_address: 10.0.0.1
wireguard_public_key: 0Vx7jfWinpTPHKPxvmKtZlp3hcLebawz+vQM8EIEm1k=

9
host_vars/archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
33396138393732366231323839666464383363356230393034653837623739666463633165613562
3038656463616662356637353031633366626263366132630a326561366130393361356663353265
63333162633432653262313663643931323839303064343663333964653964316631623463303464
3466613661643264340a323634306365626133336364623562343662356666363135396639323562
65353932656133373161616431353030646232613230636236323132663539373038386134656439
31666164343136643065666261393632376135333763323036363630653336323466633835613061
31373663626265663736666639346531396130336564376561353866663331643139343363346137
62663431366662646239

3
host_vars/asia.mirror.pkgbuild.com/misc → host_vars/asia.mirror.pkgbuild.com
View file

@ -1,7 +1,6 @@
hostname: "asia.mirror.pkgbuild.com"
archive_domain: "asia.archive.pkgbuild.com"
mirror_domain: "asia.mirror.pkgbuild.com"
archweb_mirrorcheck_locations: [16, 17]
ipv4_address: "84.17.57.98"
ipv4_netmask: "/24"
ipv4_gateway: "84.17.57.110"
@ -15,5 +14,3 @@ system_disks:
- /dev/sdb
- /dev/sdc
raid_level: "raid5"
wireguard_address: 10.0.0.26
wireguard_public_key: Bvia4T68/PCa01MSg+wclUJ1rJ5Hth9khui3y3Tr5EM=

9
host_vars/asia.mirror.pkgbuild.com/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
33323264633434383735333239373530343739393265333232346364373231653235306434643362
6637643163343432353631383864313933656461363664610a356533303134343463346261303534
37346261383837313739396663393061653366623461363636303332383764386138343662623434
3732633633653835380a626663346139366662353465656131626361373535633664633130323465
61333364393033613963333231616164623363306463613463333265353038336362366134656533
36666363303931313565656165353932656436623064346134336364656263313962326166373633
39366163643734626637633330616361623963373261306234613933653862653732653037373663
39373433313638333932

3
host_vars/aur-dev.archlinux.org Normal file
View file

@ -0,0 +1,3 @@
---
filesystem: btrfs
memcached_socket: "/var/run/aurweb.sock"

5
host_vars/aur-dev.archlinux.org/misc
View file

@ -1,5 +0,0 @@
---
filesystem: btrfs
memcached_socket: "/var/run/aurweb.sock"
wireguard_address: 10.0.0.3
wireguard_public_key: E4wLmumdWE1oVjWxPL5FU+BiuPxPdJa6K0wLZVlC0ys=

8
host_vars/aur-dev.archlinux.org/vault_aurweb.yml
View file

@ -1,8 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
34333262646637333030666438633639653163316562626232383765383733323632353635626534
6136663761633231326438323466366436626635363862370a633832383065626666346436633362
31346430383730353234313166363665326663316233383561623765393834356661363134663138
3233653039633830610a356631313330626533313239316662336138306664343436336630653362
62653538663665336339636162316564323638303864636533393632633337396236653735663236
65643965636166646165386335636462383866346139393934626335313033636330646239373265
363331656536343431613936636331646233

9
host_vars/aur-dev.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
35373338643430383735666136303462623436376563373865613234336666303166616434333062
6266353665626536613135303662316165303933336338360a383665313933613532306266306265
62633635613337306230623866666635616561613162386463653038643533396465373532613731
6637363030396430380a613137623063666166393733363835323232353131396534326432616230
64353532633266396264356461313533313838666166633436343839663532346336323036663461
64613063643764633330383962646665613931303262306232323931353137396635316662623331
62356530616466346239316262653037306635613363316634383738336166306664643366623664
36386336383837623130

3
host_vars/aur.archlinux.org Normal file
View file

@ -0,0 +1,3 @@
---
filesystem: btrfs
memcached_socket: "/var/run/aurweb.sock"

5
host_vars/aur.archlinux.org/misc
View file

@ -1,5 +0,0 @@
---
filesystem: btrfs
memcached_socket: "/var/run/aurweb.sock"
wireguard_address: 10.0.0.2
wireguard_public_key: TPLeGQ7qU6ZNtcgDbEV0SSYScvK+XS5igcPdGSXo6UA=

8
host_vars/aur.archlinux.org/vault_aurweb.yml
View file

@ -1,8 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
39666139613363323634346538326233393165646338393231386136623839613135623232663665
6636316361636366623031323331663138313635616431360a373633356434666434303063653564
61636662616633393039343633376333343266373465646235386437336135346132303162373431
6232383034626363340a653662373932396435356433616431303861313863363263656162663964
63653661616438313031323639346236373339656139626561623166373664346438306639343862
65613735663135653764363935366637313864616563373665393536316438393930306637313261
633062343032303033303039646165613961

9
host_vars/aur.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
35363236323535383430323830613237333164626435346232383939313331383762393734373563
3931386663623766333861363632646561343363343939650a333134663238346663666235646239
32376162333866343336636338346530373062656261313337663463633566643134353930313266
6332313361353561360a383136666164363762383934633263643634373131333566616137646363
36626538393565353730623632643363393433333464313430386265666434663031613263326333
66303134646332316336303436343165303162623536383236633138333364343262396537623036
32616631393963623066353261653236343065356136653662613962626138666436346433336261
32373837363436666234

2
host_vars/bbs.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

4
host_vars/bbs.archlinux.org/misc
View file

@ -1,4 +0,0 @@
---
filesystem: btrfs
wireguard_address: 10.0.0.17
wireguard_public_key: i65GF9BaoTDvTXLJBpZWbuu2jV3F2mc0tH16Y6cQY1g=

9
host_vars/bbs.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
30313339663933346136303730396535623437363431643439643163383638336366393961356537
6135306633366235343262343462643565343633353236660a333432653666626564613134313233
39396335383536303263353436653265373163393439636639383030633630636161653165306238
3630393533383231340a623466396335306538656535386233313633623836336332666331323230
33386631626430306431373035306261653964613064666462303132316537663664643263373833
65656565306233323464373365656661626431373136663539363239663037363836393262643932
37653064633534666539656666303434396163326666636161653363636365386661626232333138
31626630363439346461

2
host_vars/bugs.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

4
host_vars/bugs.archlinux.org/misc
View file

@ -1,4 +0,0 @@
---
filesystem: btrfs
wireguard_address: 10.0.0.19
wireguard_public_key: Y5sWHwa/Hy6A7ga6lOU8uD/i/ZHZEBlkw2EW/CFE4ys=

9
host_vars/bugs.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
30393733656630383333323036613031653966633339653535623763303031663335353535386633
3061316664646533343765633766653337373736343236630a383566393435396138613363383937
30313137643061643034653835343935353438646236393066636631376464386664623436383932
3937333264303436310a326664633066333735646365333561346134353862393930303433346266
35373936393337343530383966373636366239653437303466393465376339396432376339616538
64373463393665323732663930666265343764346232636535393866323036323466336633346338
65343638636566353264653930656638343032343539303763306461306363303865373836363331
65313837396133323539

2
host_vars/build.archlinux.org/misc → host_vars/build.archlinux.org
View file

@ -12,5 +12,3 @@ system_disks:
- /dev/nvme0n1
archbuild_fs: 'btrfs'
wireguard_address: 10.0.0.18
wireguard_public_key: /P8QGSFgvRETkYdsvAtNQWWT3pE7FpouCz+x1N4yIm4=

9
host_vars/build.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
31396131356132383730343334323834623361633934373162346361366631306163383636356633
3938336234613135353362643463306437303961313466630a646464376262376330373761633435
62373031616661653533363536383136646231323566366663316363353439663534383331353934
3330333130653839390a353035393062353364356264333063393461313135343233653462626136
37623039623037303064356162313665366331666635356530633038336631643166373233333366
65653161303666306337346435383837323966626665623863323866393339343963373863626336
36633330373735643632383962376265323538393562373433373466323163613635353438643862
30323131663936653134

5
host_vars/dashboards.archlinux.org/misc
View file

@ -1,5 +0,0 @@
---
filesystem: btrfs
ipv4_address: 157.90.255.107
wireguard_address: 10.0.0.33
wireguard_public_key: lLZtvFIrmtUXRXmw+qQC8LZ00NzN1wlvcI4grNWt2lE=

9
host_vars/dashboards.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
32316238313666326461626231613030353366386164303430623436363762396564363738356266
3433653635376539393737663535356234343066626439340a323031393966373963313438393663
30383339326336346237313564643238303561363430336530356663323963393365646365383763
3633386165623532660a333863386535656237343431623730373539366664306237613532393565
37646132656639343862653637623031633965363437653664623635363534373464326439373562
65656230306233326538616533653634343163626665356536653565356162363035653564366232
65643164353365633931666433613733306265393033353437643263373839383035663764363935
32626263386661623136

3
host_vars/europe.mirror.pkgbuild.com/misc → host_vars/europe.mirror.pkgbuild.com
View file

@ -1,7 +1,6 @@
hostname: "europe.mirror.pkgbuild.com"
archive_domain: "europe.archive.pkgbuild.com"
mirror_domain: "europe.mirror.pkgbuild.com"
archweb_mirrorcheck_locations: [18, 19]
ipv4_address: "89.187.191.12"
ipv4_netmask: "/26"
ipv4_gateway: "89.187.191.62"
@ -15,5 +14,3 @@ system_disks:
- /dev/sdb
- /dev/sdc
raid_level: "raid5"
wireguard_address: 10.0.0.28
wireguard_public_key: rg3PyaA3nXNZt2C8l4tvzMiTOT47a/jU11WR3EzU0Co=

9
host_vars/europe.mirror.pkgbuild.com/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
36323530653365303339343530633765373330636163663035633534303332373033616137326439
3232663238353661386533383364613765653333616561610a646431383362646666306436366661
66653865633834656135643764656133373931373833386662393266636438626135636135613339
6634356364313835350a303837313139323263396438613665383736343461396161373035316532
32626531613638313563653766623763386332353766643131336466623566666466393630623635
30633532643737646635313630636462313335326630326430386136366363353334356563346262
33626136363732313036373433383466346235393865623239326566313535346237363339396635
31363733333965393738

3
host_vars/gemini.archlinux.org/misc → host_vars/gemini.archlinux.org
View file

@ -8,6 +8,7 @@ ipv6_netmask: "/128"
ipv4_gateway: "49.12.124.65"
ipv6_gateway: "fe80::1"
filesystem: "btrfs"
network_interface: "en*"
system_disks:
- /dev/sda
- /dev/sdb
@ -16,5 +17,3 @@ system_disks:
raid_level: "raid6"
archive_domain: archive.archlinux.org
wireguard_address: 10.0.0.20
wireguard_public_key: 6foPuhPBEUi+tPP7PjFT1nKpEksyyqT8zAX+yOjWDVo=

9
host_vars/gemini.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
65393031333063396465303139613939623236396233326261323265626133313630636436373934
3837366263646666303131663637666230393334333836310a636463633730373234656431303462
64343537613663343432653661373732326535363361333037306365383631326536353835323238
3337623762633732650a343139616436323162383730636538663536346164656233666335363531
62643838636236323762303263316139306130666534386237653834623632306536366530383433
62646166316266333831343637303463643935373437623036613632373138633866643562653832
64333263616637333561656131373635313136393938633230306264666538396139343435353762
61636131653564623661

2
host_vars/gitlab.archlinux.org/misc → host_vars/gitlab.archlinux.org
View file

@ -2,5 +2,3 @@
filesystem: btrfs
gitlab_backupdir: /srv/gitlab/data/backups
additional_addresses: ["116.203.6.156/32", "2a01:4f8:c2c:5d2d::2/64"]
wireguard_address: 10.0.0.5
wireguard_public_key: EbZisS0fwM6B8Nkugy1lyox+A8L13hniucVIPVCK5R0=

9
host_vars/gitlab.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
36336564373231613339326361383934653537653534656639376133326238663965633135353266
6331303335636232356237326362383566613632646237650a393536363063613732616666353164
30643636376330373033323366663337393232353062666330613161643763313537643165623533
3766303365626265310a366333383863376530373861313063396430643738346662636536363936
31386138386362303465616664366639323439323064346235653137323266623062653763613834
31666530323236366466616431653736333332346266666633376233626439663264376536643461
37333739386266336634653438366339666133353064373339313761356135313662636365663334
65616337663531336435

2
host_vars/homedir.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

4
host_vars/homedir.archlinux.org/misc
View file

@ -1,4 +0,0 @@
---
filesystem: btrfs
wireguard_address: 10.0.0.13
wireguard_public_key: 0MrXhX6fmtetZ1Rnu93+rQ8yWgOmxrwyY/hXSsy98FI=

9
host_vars/homedir.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
30343332326135613735616630323036646334643238393634666563323936343934656433396161
3936613433346639336231613930636562363832366464640a623836343162323739333335323036
31643366326366663366306666323139626335666532643436316564373264643533323237366165
6636363865643334630a373431373236656261366539646565356636653765346434353036323333
31343339393262343739616662616235643230613530346330366236653238316662656463613639
30303338626666663037396661653132353531323836336162363432346364343730303835393635
61383736356233353736363462333632333463313231613362343938623338396135633737313839
34623634333935303333

6
host_vars/lists.archlinux.org/misc
View file

@ -1,6 +0,0 @@
---
filesystem: btrfs
ipv4_address: 95.217.236.249
zram_fraction: 1.0
wireguard_address: 10.0.0.34
wireguard_public_key: t6Er4qAMe/lWNnAByWdXhbUwXKYfj9CkkJgMp28UQl8=

9
host_vars/lists.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
30356338396364333231613238656433373562613936633837623136366633396665363330373137
6565326632323834623532613235303861366436363564620a323363303761333161666663663466
64623361636638643565396634653033666666363130623163343730366337383231336139623261
3865623264653563350a306230393265396632343664646336316630663163363530306666383837
62373035306231626461353334393935396661303162633265396132666132663536313062373538
35383935333761323733383264333538623063646538316137353732636164666661653933396362
61313930656238343866656661343036306136393033353163306339636330313235646630626530
39326339326137376230

3
host_vars/mail.archlinux.org/misc
View file

@ -6,9 +6,6 @@ fail2ban_jails:
sshd: true
postfix: true
dovecot: true
nginx_limit_req: false
ipv4_address: "95.216.189.61"
ipv6_address: "2a01:4f9:c010:3052::1"
wireguard_address: 10.0.0.14
wireguard_public_key: +RJ/ZNRmw2uCHxSjJZHftk7lWUl5nJ6VSZww8GPwhEI=

9
host_vars/mail.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
38396238623261393535393638366230386563663339363064396239303463656536303334393066
3665373931353031353934383763343133306530323439330a633235633534356662363038303738
32363565613037633532363830303639366563323939636239613231393739363461383438666665
6261656134363135610a373636393038366361393336366363653335646234656662346333333630
65616235313863646433653536633536306361626331626665333562656132336434343637333139
38623666336336306632363839623937653436336431623231303435363665373465653139336463
30316262303864623335623837613933336561663436343331333837656466643639353939386664
32616663303163616262

2
host_vars/man.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

9
host_vars/man.archlinux.org/misc
View file

@ -1,9 +0,0 @@
---
filesystem: btrfs
fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: true
wireguard_address: 10.0.0.32
wireguard_public_key: PkAuiYdsDs4eI9JytK8MUCK1umDblQHg1SH+Z80zs30=

9
host_vars/man.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
30353562373861623035343865306463663663636631633533393535316335363866396430313832
6530363163656633663332353462613761663035363133310a326531663730303138656265653131
39643362643066343664316564333035623439643566353538656338623233333132396465633466
3663393534623766620a366532336565633665346433333133303130353334376335646363646163
64383230373464373764643133643161336264393934383962353662343261303965353139343430
62383835333562626430663431376638323534363735643036633664616136373739326136376264
63363337343932353635306232366162346561343133663430313635316536396162386166363732
33306330663239363665

2
host_vars/matrix.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

5
host_vars/matrix.archlinux.org/misc
View file

@ -1,5 +0,0 @@
---
filesystem: btrfs
static_dns: true
wireguard_address: 10.0.0.15
wireguard_public_key: QWkTL58mJd0+Lz5AvGVmbdSSk29y/W60WUdhTgyGLCk=

9
host_vars/matrix.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
65373066316239376138383430386530343036303137383361363738356166303463643035336534
3364393039343135633265353937383866303263313530330a333134356665623238363463363534
31356462393438303737636231336666386535356635653138366338393530633763396436626630
6635636464633537610a663039396264336432393232633163653138633862643530643839326536
37373339353538306638303339623566623164653832333831386538613034343534313731356166
32383333333131343037366133386138353262353061383531373765393439376238626338393531
65346337393233653338646663303633393965373438636530346266663130343530386336396139
34366262326138643662

2
host_vars/md.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

4
host_vars/md.archlinux.org/misc
View file

@ -1,4 +0,0 @@
---
filesystem: btrfs
wireguard_address: 10.0.0.31
wireguard_public_key: eCIzf+ckdWPvJYjNaxdlLRH9kq9mfJZswA8KwCmtJgQ=

9
host_vars/md.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
30356136643164646266366536663932326536356132373763303364643762666433656435343033
3734353332633866363031623831306432313565616464640a326238656163386534383762653335
35653766323363343863613265666164333563386664313431303134663564333465343935613265
6331633364616165610a656136616338343038373566376638623965653764343937636430623564
32383438393537383034633665383062636138326663623435616565393539646137653736363539
34646631393964313666383039623031663938343066393936393237313633336666656433353832
66663033616133616333356238386338373363666430336263356533306165303236613261363161
34383263623230356634

4
host_vars/mirror.pkgbuild.com/misc → host_vars/mirror.pkgbuild.com
View file

@ -1,11 +1,9 @@
---
mirror_domain: mirror.pkgbuild.com
archweb_mirrorcheck_locations: [20, 21]
archweb_mirrorcheck_locations: [12, 13]
filesystem: btrfs
ipv4_address: "78.46.209.220"
ipv4_netmask: "/32"
ipv6_address: "2a01:4f8:c2c:c62f::1"
ipv6_netmask: "/64"
wireguard_address: 10.0.0.12
wireguard_public_key: auE2J1+MYo59uZIwADncjCfSX7/Q0YdvmG+CVIgvtgo=

9
host_vars/mirror.pkgbuild.com/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
37653134356362333735633438663031313830356165306335316266613535316431643033346266
3930663733613166343564306164643136383933336637630a333730373039383939313262313237
66333434616638373537666339613530386463366635343433613936613739663962386162353461
3933373038323935650a316332313835613836353361386138656632373131343131633865653433
35623566646130303864623163303364663663353439306130646437363961336232386336336261
31653030653732613330613031656238333736346664353635623963656537313764323035623833
32626163393235376434363330633562363931383535656462656665356533373630343537333162
34386636613431353763

2
host_vars/monitoring.archlinux.org/misc
View file

@ -1,5 +1,3 @@
---
filesystem: btrfs
ipv4_address: 95.217.220.31
wireguard_address: 10.0.0.4
wireguard_public_key: LR3lPa9ABwUkvbm3NqdxeAqX+NOG8FpbICG/+1Ra5lg=

19
host_vars/monitoring.archlinux.org/vault_monitoring.yml
View file

@ -1,13 +1,8 @@
$ANSIBLE_VAULT;1.1;AES256
31323236343730303466386664326630663531616461326232666332383865666539663733313762
3333336539393839646436343632666461383432626535630a656463343761393538316161663334
32333536353430346566373735376632316331346337646530313833303539343762303364666566
3534383361636266640a663335303333643162346661643831386339393039353233616261393665
61396164393336373665326134666136333161613364656238333061383834343132333835376264
63333232356433333261396337636331636531383434363161343632646231343936323030326563
39393764666435333935326134626538323139356138666665396536623962633261363130613265
63653534653336343061326466333665396433626230313231343839636664306637303036373731
66383239623035613730346164373163333730623337656238373565343234386161343232326431
35613262346139363864393037613838393365643363663832666330396236313836386235306564
36363536326363326432353235303733333463343136623139353439613264323831616566626435
62363130633165653337
66633663616636326339373764306333386330353631643734333633663361633437613432323836
6164623837303336343161653838396434623139353939340a386234616563396433393564613665
36613238396137633132313737303166393265393363386538373833316636373964366561303335
3935653864343131350a376236363834383865306566346462646566646439363162393730643831
36346631313335666262643136613734333239366530303365353432306663333265316162636534
33393134643363383433336635366439643465333639346164336362643662666632336336346466
663635323638393661393764666364646530

9
host_vars/monitoring.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
63643864656332633231356361366265386330656137363764613763626262323762613765393639
6533356361343062373664383534383333383535613430370a313936643437646134396663366535
61313364623732393864373230383164333532306235666130613761383035376236343763303131
3364393437313339350a353964336464623738613731326666366435386132303232333262623335
63353332313037633563646537653438306531616161636663656662316464663063303239363634
38623039623836633134623836646161663838623462656236363231346437646562353831383935
64396364373037393332323861303233376237326538613534653631626334346434303461373338
65636563643731373939

1
host_vars/packer-base-image
View file

@ -2,6 +2,7 @@
hostname: "archlinux-packer"
dhcp: true
network_interface: "en*"
filesystem: btrfs
system_disks:
- /dev/sda

4
host_vars/patchwork.archlinux.org/misc
View file

@ -8,7 +8,3 @@ fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: false
wireguard_address: 10.0.0.23
wireguard_public_key: DVeDuKQKf4FzfgS8hp3iZj1tD7gi3SJm8GqDfA+XZn4=

9
host_vars/patchwork.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
64333433393562363961663030376336616636383433633639346463656633396233323939633161
6463623464623533343162613738656363653233336463300a333634326263353865333134303835
34663464363166316131373835326439623662343661373235333261663061396363383966653963
3836326233313832640a623262393561316466303332393839643438313762616434343866316264
37323561613234633130613863326530316136613362386636313034666637353330633539653234
36353363393565653834373631326339663762666463333637323233303135653630306363373162
30393366323931663464666561646266373166326636656366323831333131356261363638393231
32636164616637643632

3
host_vars/phrik.archlinux.org/misc
View file

@ -4,8 +4,7 @@ arch_users:
demize:
name: "Johannes Löthberg"
ssh_key: demize.pub
shell: /bin/zsh
groups:
- tu
arch_groups: []
wireguard_address: 10.0.0.9
wireguard_public_key: ETzZyW9HAwDmJffZOiLH+DF+wl7bR37NYDEtn/zm+hk=

20
host_vars/phrik.archlinux.org/vault_bugbot.yml
View file

@ -1,11 +1,11 @@
$ANSIBLE_VAULT;1.1;AES256
62363835303361653666323763656338656164633562613933356435643863666365643364653262
3763636433363533623862653962656363353432643537610a303639346666373262366466663537
30646232393661303632343530313631376633323735376430363439306637643866633939626665
6463636639376238390a356136353432636461303135303839653636303065636265643232636232
37323761613030616362396435643734373034333864393838303037373637323261356462656237
33323235653734373632336230303862313763323832333730353163373664666234326233656536
30373366366265373264366638663063306437663135613636396663393630633630316639306638
36333134366633363137353631393530393065653639393366386330343031303761383062633238
34333231306362356438656536626233623161636333626439613862663863633833626532376332
3733323264663865306234383064666666656334376636646166
64333130613232393631643238346462383961633739356463326238316265616164626335336333
3838326334666363653837303836656230653939386136330a306339636664666164346565386434
62653765623735313431666232303736623462646162666661643562653935646363346239633037
3738313134306536330a666161633133613538336361623565303837393931376634303035356663
64646438333431383361313264353966363131326566373866666637323637306164633962303530
63383462653263393566613635656339613437376637353134346366356338363136343564636137
38616339633630333361356338306131376131363031656330393761356564353339623438306532
30656134306265316238303535643537353130666561363231356438626336356232376335626439
61646161303232313336323731383666313338316434393535303634396563643234386432323262
6134646437653436386162616238623832353132323565663537

9
host_vars/phrik.archlinux.org/vault_wireguard.yml
View file

@ -1,9 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
32656662326630313831356139366466663166376130613430616262373534633166666163363230
3534613335663264383064316639643761643563643565620a316231646462646465636635343164
62303737623663333762656632613930666164353661626134326461646137323337666139303634
3037376139653062320a393635623332346330383961363733663363326263393234353163613564
39646264336664626634303934306135663031323532303239396234396330623338326665303336
35353261643462373038666366353134323832343336313337633965646431306435643036643432
38643966323264303066306464316362613263316136633432643033383266323964376162636337
35386238623531646433

3
host_vars/prio.ch-s012.rsync.net Normal file
View file

@ -0,0 +1,3 @@
---
ansible_ssh_user: "{{ rsync_net_username }}"
known_host: "prio.ch-s012.rsync.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO5lfML3qjBiDXi4yh3xPoXPHqIOeLNp66P3Unrl+8g3"

2
host_vars/quassel.archlinux.org Normal file
View file

@ -0,0 +1,2 @@
---
filesystem: btrfs

Some files were not shown because too many files have changed in this diff Show more