SHARE
TWEET

Untitled

a guest Nov 9th, 2019 74 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #Rh base users maken
  2. rhbase_users:
  3.   - name: stevenh
  4.     password: '$1$xnZj7M/3$nGSm.RywiHx6PzxN.lH0N0'
  5.     groups:
  6.       - management
  7.   - name: stevenv
  8.     password: '$1$XwcVu3za$bD4QEHvznU1/c/VDelLv71'
  9.     groups:
  10.       - technical
  11.   - name: leend
  12.     password: '$1$yXG3hTkY$9jRmLFBIiJgwYHe0Pu3Cy0'
  13.     groups:
  14.       - technical
  15.   - name: svena
  16.     password: '$1$Y7CZ3KwY$JP96wincNhREJeWU9PeDl.'
  17.     groups:
  18.       - sales
  19.   - name: nehirb
  20.     password: '$1$HbWVjMIv$Mhg3OitQmJQxAjD2mvGiu/'
  21.     groups:
  22.       - it
  23.   - name: alexanderd
  24.     password: '$1$BAedyZtK$M9sLM7hsR8RBrCmXGds4N0'
  25.     groups:
  26.       - technical
  27.   - name: krisv
  28.     password: '$1$uvnxHKcc$j8QSGtX.nnfpjrsDdcnIF.'
  29.     groups:
  30.       - management
  31.   - name: benoitp
  32.     password: '$1$SPnOobcN$htZcoClWrvCgE.B3nUB931'
  33.     groups:
  34.       - sales
  35.   - name: anc
  36.     password: '$1$mg91Ka52$oHTr6WrMp6qCQK8/RPsyk.'
  37.     groups:
  38.       - technical
  39.   - name: elenaa
  40.     password: '$1$NgLLDE0y$UW.6mKjCZ8UlwPIu4uut5.'
  41.     groups:
  42.       - management
  43.   - name: evyt
  44.     password: '$1$R3rcDTYn$HuvDGd6Q5iuuc1SwmuIBs1'
  45.     groups:
  46.       - technical
  47.   - name: christophev
  48.     password: '$1$h2r2WDZJ$ctld.P552H4mTphkf7SiG/'
  49.     groups:
  50.       - it
  51.   - name: stefaanv
  52.     password: '$1$h8IB4PO8$lRJoBYPRnPZMH1o5naLhR1'
  53.     groups:
  54.       - technical
  55.   - name: bob
  56.     comment: 'Administrator - Admin2020'
  57.     password: '$1$0zASIx7U$kX8aYMcgDWENdOLgYQE/v0'  
  58.     groups:
  59.       - wheel
  60.       - it
  61. #-------------------Samba configuratie------------------      
  62. #Samba users en passwoord aanmaken
  63. samba_users:
  64.   - name: stevenh
  65.     password: stevenh
  66.   - name: stevenv
  67.     password: stevenv
  68.   - name: leend
  69.     password: leend
  70.   - name: svena
  71.     password: svena
  72.   - name: nehirb
  73.     password: nehirb
  74.   - name: alexanderd
  75.     password: alexanderd
  76.   - name: krisv
  77.     password: krisv
  78.   - name: benoitp
  79.     password: benoitp
  80.   - name: anc
  81.     password: anc
  82.   - name: elenaa
  83.     password: elenaa
  84.   - name: evyt
  85.     password: evyt
  86.   - name: christophev
  87.     password: christophev
  88.   - name: stefaanv
  89.     password: stefaanv
  90.   - name: bob
  91.     password: Admin2020  
  92. #Samba shares aanmaken
  93. samba_shares:
  94.   - name: public
  95.     group: management
  96.     valid_users:
  97.       +technical
  98.       +management
  99.       +it
  100.       +sales    
  101.     write_list:
  102.       +technical
  103.       +management
  104.       +it
  105.       +sales
  106.     guest_ok: no
  107.   - name: management
  108.     group: management
  109.     valid_users: +management
  110.     write_list: +management
  111.     guest_ok: no
  112.   - name: technical
  113.     group: technical
  114.     valid_users:
  115.       +technical
  116.       +management
  117.       +it
  118.       +sales
  119.     write_list:
  120.       +technical      
  121.     guest_ok: no
  122.   - name: sales
  123.     group: sales
  124.     valid_users:
  125.       +sales
  126.       +management
  127.     write_list:
  128.       +sales
  129.     guest_ok: no
  130.   - name: it
  131.     group: it
  132.     valid_users:
  133.       +management
  134.       +it
  135.     write_list: +it
  136.     guest_ok: no
  137.  
  138. #NetBIOSname instellen
  139. samba_netbios_name: files
  140. #printer sharing afzetten
  141. samba_load_printers: false
  142.  
  143. #Laat bepaalde users toe om een SSH verbinding op te zetten naar de server ssh'en
  144. rhbase_ssh_allow_groups:
  145.   - it
  146.   - wheel
  147.   - vagrant
  148.  
  149. #Samba door de firewall laten gaan.
  150. rhbase_firewall_allow_services:
  151.   - samba
  152.   - ftp
  153.  
  154. #-------------------Vsftpd configuratie------------------      
  155. vsftpd_listen: true
  156. #Geen anonymous user toelaten
  157. vsftpd_anonymous_enable: false
  158. #registered users toe laten
  159. vsftpd_local_enable: true
  160. #default share voor registered users
  161. vsftpd_local_root: /srv/shares
  162. #logs in journalctl zetten
  163. vsftpd_syslog_enable: true
  164.  
  165. #ftp share configuratie
  166. vsftpd_extra_permissions:
  167. #Public share configuratie    
  168.   - folder: "/srv/shares/public"
  169.     entity: "management"
  170.     etype: "group"
  171.     permissions: "rwx"
  172.   - folder: "/srv/shares/public"
  173.     entity: "technical"
  174.     etype: "group"
  175.     permissions: "rwx"
  176.   - folder: "/srv/shares/public"
  177.     entity: "sales"
  178.     etype: "group"
  179.     permissions: "rwx"
  180.   - folder: "/srv/shares/public"
  181.     entity: "it"
  182.     etype: "group"
  183.     permissions: "rwx"
  184. #Management share configuratie
  185.   - folder: "/srv/shares/management"
  186.     entity: "management"
  187.     etype: "group"
  188.     permissions: "rwx"
  189.   - folder: "/srv/shares/management"
  190.     entity: "it"
  191.     etype: "group"
  192.     permissions: "---"
  193.   - folder: "/srv/shares/management"
  194.     entity: "sales"
  195.     etype: "group"
  196.     permissions: "---"
  197.   - folder: "/srv/shares/management"
  198.     entity: "technical"
  199.     etype: "group"
  200.     permissions: "---"
  201. #Technical share configuratie
  202.   - folder: "/srv/shares/technical"
  203.     entity: "technical"
  204.     etype: "group"
  205.     permissions: "rwx"
  206.   - folder: "/srv/shares/technical"
  207.     entity: "management"
  208.     etype: "group"
  209.     permissions: "r-x"
  210.   - folder: "/srv/shares/technical"
  211.     entity: "sales"
  212.     etype: "group"
  213.     permissions: "r-x"
  214.   - folder: "/srv/shares/technical"
  215.     entity: "it"
  216.     etype: "group"
  217.     permissions: "r-x"
  218. #Sales share configuratie
  219.   - folder: "/srv/shares/sales"
  220.     entity: "sales"
  221.     etype: "group"
  222.     permissions: "rwx"
  223.   - folder: "/srv/shares/sales"
  224.     entity: "management"
  225.     etype: "group"
  226.     permissions: "r-x"
  227.   - folder: "/srv/shares/sales"
  228.     entity: "it"
  229.     etype: "group"
  230.     permissions: "---"
  231.   - folder: "/srv/shares/sales"
  232.     entity: "technical"
  233.     etype: "group"
  234.     permissions: "---"
  235. #IT share configuratie
  236.   - folder: "/srv/shares/it"
  237.     entity: "management"
  238.     etype: "group"
  239.     permissions: "r-x"
  240.   - folder: "/srv/shares/it"
  241.     entity: "it"
  242.     etype: "group"
  243.     permissions: "rwx"
  244.   - folder: "/srv/shares/it"
  245.     entity: "sales"
  246.     etype: "group"
  247.     permissions: "---"
  248.   - folder: "/srv/shares/it"
  249.     entity: "technical"
  250.     etype: "group"
  251.     permissions: "---"
  252.  
  253. #TO DO:
  254. #-----Samba-----
  255. # -NetBIOS name resolution => variabele toevoegen met de netbios naam. => werkt nu
  256. # - Read public share => omdat het niet aan een groep was toegekend kon de test niet runnen. => werkt nu
  257. # - Write access shares => had -group gebruikt ipv +group => werkt nu
  258. # - SSH key vervangen door nieuwe want moet nog passwoord ingeven.
  259. #samba_load_printers => moet nog op false staan => done
  260.  
  261. #-----Vsftpd-----
  262. #Voor elke share per group permissions apart definiëren
  263. #vsftpd_local_enable moet op true staan zodat registered users zich kunnen aanmelden op de share
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top