Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Rh base users maken
- rhbase_users:
- - name: stevenh
- password: '$1$xnZj7M/3$nGSm.RywiHx6PzxN.lH0N0'
- groups:
- - management
- - name: stevenv
- password: '$1$XwcVu3za$bD4QEHvznU1/c/VDelLv71'
- groups:
- - technical
- - name: leend
- password: '$1$yXG3hTkY$9jRmLFBIiJgwYHe0Pu3Cy0'
- groups:
- - technical
- - name: svena
- password: '$1$Y7CZ3KwY$JP96wincNhREJeWU9PeDl.'
- groups:
- - sales
- - name: nehirb
- password: '$1$HbWVjMIv$Mhg3OitQmJQxAjD2mvGiu/'
- groups:
- - it
- - name: alexanderd
- password: '$1$BAedyZtK$M9sLM7hsR8RBrCmXGds4N0'
- groups:
- - technical
- - name: krisv
- password: '$1$uvnxHKcc$j8QSGtX.nnfpjrsDdcnIF.'
- groups:
- - management
- - name: benoitp
- password: '$1$SPnOobcN$htZcoClWrvCgE.B3nUB931'
- groups:
- - sales
- - name: anc
- password: '$1$mg91Ka52$oHTr6WrMp6qCQK8/RPsyk.'
- groups:
- - technical
- - name: elenaa
- password: '$1$NgLLDE0y$UW.6mKjCZ8UlwPIu4uut5.'
- groups:
- - management
- - name: evyt
- password: '$1$R3rcDTYn$HuvDGd6Q5iuuc1SwmuIBs1'
- groups:
- - technical
- - name: christophev
- password: '$1$h2r2WDZJ$ctld.P552H4mTphkf7SiG/'
- groups:
- - it
- - name: stefaanv
- password: '$1$h8IB4PO8$lRJoBYPRnPZMH1o5naLhR1'
- groups:
- - technical
- - name: bob
- comment: 'Administrator - Admin2020'
- password: '$1$0zASIx7U$kX8aYMcgDWENdOLgYQE/v0'
- groups:
- - wheel
- - it
- #-------------------Samba configuratie------------------
- #Samba users en passwoord aanmaken
- samba_users:
- - name: stevenh
- password: stevenh
- - name: stevenv
- password: stevenv
- - name: leend
- password: leend
- - name: svena
- password: svena
- - name: nehirb
- password: nehirb
- - name: alexanderd
- password: alexanderd
- - name: krisv
- password: krisv
- - name: benoitp
- password: benoitp
- - name: anc
- password: anc
- - name: elenaa
- password: elenaa
- - name: evyt
- password: evyt
- - name: christophev
- password: christophev
- - name: stefaanv
- password: stefaanv
- - name: bob
- password: Admin2020
- #Samba shares aanmaken
- samba_shares:
- - name: public
- group: management
- valid_users:
- +technical
- +management
- +it
- +sales
- write_list:
- +technical
- +management
- +it
- +sales
- guest_ok: no
- - name: management
- group: management
- valid_users: +management
- write_list: +management
- guest_ok: no
- - name: technical
- group: technical
- valid_users:
- +technical
- +management
- +it
- +sales
- write_list:
- +technical
- guest_ok: no
- - name: sales
- group: sales
- valid_users:
- +sales
- +management
- write_list:
- +sales
- guest_ok: no
- - name: it
- group: it
- valid_users:
- +management
- +it
- write_list: +it
- guest_ok: no
- #NetBIOSname instellen
- samba_netbios_name: files
- #printer sharing afzetten
- samba_load_printers: false
- #Laat bepaalde users toe om een SSH verbinding op te zetten naar de server ssh'en
- rhbase_ssh_allow_groups:
- - it
- - wheel
- - vagrant
- #Samba door de firewall laten gaan.
- rhbase_firewall_allow_services:
- - samba
- - ftp
- #-------------------Vsftpd configuratie------------------
- vsftpd_listen: true
- #Geen anonymous user toelaten
- vsftpd_anonymous_enable: false
- #registered users toe laten
- vsftpd_local_enable: true
- #default share voor registered users
- vsftpd_local_root: /srv/shares
- #logs in journalctl zetten
- vsftpd_syslog_enable: true
- #ftp share configuratie
- vsftpd_extra_permissions:
- #Public share configuratie
- - folder: "/srv/shares/public"
- entity: "management"
- etype: "group"
- permissions: "rwx"
- - folder: "/srv/shares/public"
- entity: "technical"
- etype: "group"
- permissions: "rwx"
- - folder: "/srv/shares/public"
- entity: "sales"
- etype: "group"
- permissions: "rwx"
- - folder: "/srv/shares/public"
- entity: "it"
- etype: "group"
- permissions: "rwx"
- #Management share configuratie
- - folder: "/srv/shares/management"
- entity: "management"
- etype: "group"
- permissions: "rwx"
- - folder: "/srv/shares/management"
- entity: "it"
- etype: "group"
- permissions: "---"
- - folder: "/srv/shares/management"
- entity: "sales"
- etype: "group"
- permissions: "---"
- - folder: "/srv/shares/management"
- entity: "technical"
- etype: "group"
- permissions: "---"
- #Technical share configuratie
- - folder: "/srv/shares/technical"
- entity: "technical"
- etype: "group"
- permissions: "rwx"
- - folder: "/srv/shares/technical"
- entity: "management"
- etype: "group"
- permissions: "r-x"
- - folder: "/srv/shares/technical"
- entity: "sales"
- etype: "group"
- permissions: "r-x"
- - folder: "/srv/shares/technical"
- entity: "it"
- etype: "group"
- permissions: "r-x"
- #Sales share configuratie
- - folder: "/srv/shares/sales"
- entity: "sales"
- etype: "group"
- permissions: "rwx"
- - folder: "/srv/shares/sales"
- entity: "management"
- etype: "group"
- permissions: "r-x"
- - folder: "/srv/shares/sales"
- entity: "it"
- etype: "group"
- permissions: "---"
- - folder: "/srv/shares/sales"
- entity: "technical"
- etype: "group"
- permissions: "---"
- #IT share configuratie
- - folder: "/srv/shares/it"
- entity: "management"
- etype: "group"
- permissions: "r-x"
- - folder: "/srv/shares/it"
- entity: "it"
- etype: "group"
- permissions: "rwx"
- - folder: "/srv/shares/it"
- entity: "sales"
- etype: "group"
- permissions: "---"
- - folder: "/srv/shares/it"
- entity: "technical"
- etype: "group"
- permissions: "---"
- #TO DO:
- #-----Samba-----
- # -NetBIOS name resolution => variabele toevoegen met de netbios naam. => werkt nu
- # - Read public share => omdat het niet aan een groep was toegekend kon de test niet runnen. => werkt nu
- # - Write access shares => had -group gebruikt ipv +group => werkt nu
- # - SSH key vervangen door nieuwe want moet nog passwoord ingeven.
- #samba_load_printers => moet nog op false staan => done
- #-----Vsftpd-----
- #Voor elke share per group permissions apart definiëren
- #vsftpd_local_enable moet op true staan zodat registered users zich kunnen aanmelden op de share
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement