#Rh base users makenrhbase_users: - name: stevenh password: '$1$xnZj7M

1. #Rh base users maken
2. rhbase_users:
3. - name: stevenh
4. password: '$1$xnZj7M/3$nGSm.RywiHx6PzxN.lH0N0'
5. groups:
6. - management
7. - name: stevenv
8. password: '$1$XwcVu3za$bD4QEHvznU1/c/VDelLv71'
9. groups:
10. - technical
11. - name: leend
12. password: '$1$yXG3hTkY$9jRmLFBIiJgwYHe0Pu3Cy0'
13. groups:
14. - technical
15. - name: svena
16. password: '$1$Y7CZ3KwY$JP96wincNhREJeWU9PeDl.'
17. groups:
18. - sales
19. - name: nehirb
20. password: '$1$HbWVjMIv$Mhg3OitQmJQxAjD2mvGiu/'
21. groups:
22. - it
23. - name: alexanderd
24. password: '$1$BAedyZtK$M9sLM7hsR8RBrCmXGds4N0'
25. groups:
26. - technical
27. - name: krisv
28. password: '$1$uvnxHKcc$j8QSGtX.nnfpjrsDdcnIF.'
29. groups:
30. - management
31. - name: benoitp
32. password: '$1$SPnOobcN$htZcoClWrvCgE.B3nUB931'
33. groups:
34. - sales
35. - name: anc
36. password: '$1$mg91Ka52$oHTr6WrMp6qCQK8/RPsyk.'
37. groups:
38. - technical
39. - name: elenaa
40. password: '$1$NgLLDE0y$UW.6mKjCZ8UlwPIu4uut5.'
41. groups:
42. - management
43. - name: evyt
44. password: '$1$R3rcDTYn$HuvDGd6Q5iuuc1SwmuIBs1'
45. groups:
46. - technical
47. - name: christophev
48. password: '$1$h2r2WDZJ$ctld.P552H4mTphkf7SiG/'
49. groups:
50. - it
51. - name: stefaanv
52. password: '$1$h8IB4PO8$lRJoBYPRnPZMH1o5naLhR1'
53. groups:
54. - technical
55. - name: bob
56. comment: 'Administrator - Admin2020'
57. password: '$1$0zASIx7U$kX8aYMcgDWENdOLgYQE/v0'
58. groups:
59. - wheel
60. - it
61. #-------------------Samba configuratie------------------
62. #Samba users en passwoord aanmaken
63. samba_users:
64. - name: stevenh
65. password: stevenh
66. - name: stevenv
67. password: stevenv
68. - name: leend
69. password: leend
70. - name: svena
71. password: svena
72. - name: nehirb
73. password: nehirb
74. - name: alexanderd
75. password: alexanderd
76. - name: krisv
77. password: krisv
78. - name: benoitp
79. password: benoitp
80. - name: anc
81. password: anc
82. - name: elenaa
83. password: elenaa
84. - name: evyt
85. password: evyt
86. - name: christophev
87. password: christophev
88. - name: stefaanv
89. password: stefaanv
90. - name: bob
91. password: Admin2020
92. #Samba shares aanmaken
93. samba_shares:
94. - name: public
95. group: management
96. valid_users:
97. +technical
98. +management
99. +it
100. +sales
101. write_list:
102. +technical
103. +management
104. +it
105. +sales
106. guest_ok: no
107. - name: management
108. group: management
109. valid_users: +management
110. write_list: +management
111. guest_ok: no
112. - name: technical
113. group: technical
114. valid_users:
115. +technical
116. +management
117. +it
118. +sales
119. write_list:
120. +technical
121. guest_ok: no
122. - name: sales
123. group: sales
124. valid_users:
125. +sales
126. +management
127. write_list:
128. +sales
129. guest_ok: no
130. - name: it
131. group: it
132. valid_users:
133. +management
134. +it
135. write_list: +it
136. guest_ok: no
137.  
138. #NetBIOSname instellen
139. samba_netbios_name: files
140. #printer sharing afzetten
141. samba_load_printers: false
142.  
143. #Laat bepaalde users toe om een SSH verbinding op te zetten naar de server ssh'en
144. rhbase_ssh_allow_groups:
145. - it
146. - wheel
147. - vagrant
148.  
149. #Samba door de firewall laten gaan.
150. rhbase_firewall_allow_services:
151. - samba
152. - ftp
153.  
154. #-------------------Vsftpd configuratie------------------
155. vsftpd_listen: true
156. #Geen anonymous user toelaten
157. vsftpd_anonymous_enable: false
158. #registered users toe laten
159. vsftpd_local_enable: true
160. #default share voor registered users
161. vsftpd_local_root: /srv/shares
162. #logs in journalctl zetten
163. vsftpd_syslog_enable: true
164.  
165. #ftp share configuratie
166. vsftpd_extra_permissions:
167. #Public share configuratie
168. - folder: "/srv/shares/public"
169. entity: "management"
170. etype: "group"
171. permissions: "rwx"
172. - folder: "/srv/shares/public"
173. entity: "technical"
174. etype: "group"
175. permissions: "rwx"
176. - folder: "/srv/shares/public"
177. entity: "sales"
178. etype: "group"
179. permissions: "rwx"
180. - folder: "/srv/shares/public"
181. entity: "it"
182. etype: "group"
183. permissions: "rwx"
184. #Management share configuratie
185. - folder: "/srv/shares/management"
186. entity: "management"
187. etype: "group"
188. permissions: "rwx"
189. - folder: "/srv/shares/management"
190. entity: "it"
191. etype: "group"
192. permissions: "---"
193. - folder: "/srv/shares/management"
194. entity: "sales"
195. etype: "group"
196. permissions: "---"
197. - folder: "/srv/shares/management"
198. entity: "technical"
199. etype: "group"
200. permissions: "---"
201. #Technical share configuratie
202. - folder: "/srv/shares/technical"
203. entity: "technical"
204. etype: "group"
205. permissions: "rwx"
206. - folder: "/srv/shares/technical"
207. entity: "management"
208. etype: "group"
209. permissions: "r-x"
210. - folder: "/srv/shares/technical"
211. entity: "sales"
212. etype: "group"
213. permissions: "r-x"
214. - folder: "/srv/shares/technical"
215. entity: "it"
216. etype: "group"
217. permissions: "r-x"
218. #Sales share configuratie
219. - folder: "/srv/shares/sales"
220. entity: "sales"
221. etype: "group"
222. permissions: "rwx"
223. - folder: "/srv/shares/sales"
224. entity: "management"
225. etype: "group"
226. permissions: "r-x"
227. - folder: "/srv/shares/sales"
228. entity: "it"
229. etype: "group"
230. permissions: "---"
231. - folder: "/srv/shares/sales"
232. entity: "technical"
233. etype: "group"
234. permissions: "---"
235. #IT share configuratie
236. - folder: "/srv/shares/it"
237. entity: "management"
238. etype: "group"
239. permissions: "r-x"
240. - folder: "/srv/shares/it"
241. entity: "it"
242. etype: "group"
243. permissions: "rwx"
244. - folder: "/srv/shares/it"
245. entity: "sales"
246. etype: "group"
247. permissions: "---"
248. - folder: "/srv/shares/it"
249. entity: "technical"
250. etype: "group"
251. permissions: "---"
252.  
253. #TO DO:
254. #-----Samba-----
255. # -NetBIOS name resolution => variabele toevoegen met de netbios naam. => werkt nu
256. # - Read public share => omdat het niet aan een groep was toegekend kon de test niet runnen. => werkt nu
257. # - Write access shares => had -group gebruikt ipv +group => werkt nu
258. # - SSH key vervangen door nieuwe want moet nog passwoord ingeven.
259. #samba_load_printers => moet nog op false staan => done
260.  
261. #-----Vsftpd-----
262. #Voor elke share per group permissions apart definiëren
263. #vsftpd_local_enable moet op true staan zodat registered users zich kunnen aanmelden op de share