aboutsummaryrefslogtreecommitdiff
path: root/vars
diff options
context:
space:
mode:
authorCullum Smith <cullum@sacredheartsc.com>2024-10-15 23:35:53 -0400
committerCullum Smith <cullum@sacredheartsc.com>2024-10-15 23:35:53 -0400
commit145668c3dd67c5271eddcb62d1e7843487d768a7 (patch)
tree4c7d563e9d320e6b122ee3dbf048d93eee6776c3 /vars
parentb2af400a1098ebf445575d169e11a6717867045f (diff)
downloadinfrastructure-145668c3dd67c5271eddcb62d1e7843487d768a7.tar.gz
huge amount of fixes
Diffstat (limited to 'vars')
-rw-r--r--vars/common2
-rw-r--r--vars/hostclass/cups_server3
-rw-r--r--vars/hostclass/desktop45
-rw-r--r--vars/hostclass/invidious_server3
l---------vars/hostclass/laptop1
-rw-r--r--vars/hostclass/nfs_server3
-rw-r--r--vars/hostclass/pkg_repository2
-rw-r--r--vars/hostclass/radius_server3
l---------vars/hostclass/roadwarrior_laptop/desktop1
-rw-r--r--vars/hostclass/roadwarrior_laptop/vars (renamed from vars/hostclass/roadwarrior_laptop)2
-rw-r--r--vars/hostclass/unifi_controller8
-rw-r--r--vars/hostname/invidious14
-rw-r--r--vars/hostname/nfs13
-rw-r--r--vars/hostname/radius13
-rw-r--r--vars/hostname/unifi13
-rw-r--r--vars/hostname/znc13
16 files changed, 87 insertions, 2 deletions
diff --git a/vars/common b/vars/common
index 92a0c96..d072ea8 100644
--- a/vars/common
+++ b/vars/common
@@ -58,7 +58,7 @@ tcp_buffer_size=2097152 # suitable for 1 GigE
nginx_nofile=2048
nginx_worker_connections=768
-if (( nproc > 4 )); then
+if [ "$nproc" -gt 4 ]; then
nginx_worker_processes=4
else
nginx_worker_processes=$nproc
diff --git a/vars/hostclass/cups_server b/vars/hostclass/cups_server
new file mode 100644
index 0000000..9c2915a
--- /dev/null
+++ b/vars/hostclass/cups_server
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+allowed_tcp_ports="ssh http https ipp"
diff --git a/vars/hostclass/desktop b/vars/hostclass/desktop
new file mode 100644
index 0000000..fe6f4bc
--- /dev/null
+++ b/vars/hostclass/desktop
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+desktop_common_packages="
+bind-tools
+chromium
+eclipse
+firefox
+git
+gnupg
+krb5
+libreoffice
+libva-intel-media-driver
+password-store
+py${python_version}-pip
+signal-desktop
+stow
+terminus-font
+terminus-ttf
+tmux
+tree
+wireguard-tools
+xorg"
+
+desktop_kde_packages='
+dino
+gajim
+juk
+k3b
+kde5
+kid3-qt6
+kmix
+konversation
+sddm'
+
+desktop_i3_packages='
+compton
+dunst
+dmenu
+i3
+i3lock
+i3status
+profanity
+xfontsel
+xidle
+xterm'
diff --git a/vars/hostclass/invidious_server b/vars/hostclass/invidious_server
new file mode 100644
index 0000000..5ae7588
--- /dev/null
+++ b/vars/hostclass/invidious_server
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+allowed_tcp_ports="ssh http https"
diff --git a/vars/hostclass/laptop b/vars/hostclass/laptop
new file mode 120000
index 0000000..8714ca2
--- /dev/null
+++ b/vars/hostclass/laptop
@@ -0,0 +1 @@
+desktop \ No newline at end of file
diff --git a/vars/hostclass/nfs_server b/vars/hostclass/nfs_server
new file mode 100644
index 0000000..2957aec
--- /dev/null
+++ b/vars/hostclass/nfs_server
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+allowed_tcp_ports='ssh nfsd'
diff --git a/vars/hostclass/pkg_repository b/vars/hostclass/pkg_repository
index 4752685..e60a0c4 100644
--- a/vars/hostclass/pkg_repository
+++ b/vars/hostclass/pkg_repository
@@ -1,4 +1,4 @@
#!/bin/sh
-allowed_tcp_ports='ssh http'
+allowed_tcp_ports='ssh http https'
nginx_redirect=false
diff --git a/vars/hostclass/radius_server b/vars/hostclass/radius_server
new file mode 100644
index 0000000..1354ecd
--- /dev/null
+++ b/vars/hostclass/radius_server
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+allowed_udp_ports="radius"
diff --git a/vars/hostclass/roadwarrior_laptop/desktop b/vars/hostclass/roadwarrior_laptop/desktop
new file mode 120000
index 0000000..2c7c348
--- /dev/null
+++ b/vars/hostclass/roadwarrior_laptop/desktop
@@ -0,0 +1 @@
+../desktop \ No newline at end of file
diff --git a/vars/hostclass/roadwarrior_laptop b/vars/hostclass/roadwarrior_laptop/vars
index 45bade8..712d724 100644
--- a/vars/hostclass/roadwarrior_laptop
+++ b/vars/hostclass/roadwarrior_laptop/vars
@@ -1,4 +1,6 @@
#!/bin/sh
+
resolvers=$bootstrap_resolvers
pf_skip_interfaces=wg
see_other_uids=1
+enable_idm=false
diff --git a/vars/hostclass/unifi_controller b/vars/hostclass/unifi_controller
new file mode 100644
index 0000000..d937b0d
--- /dev/null
+++ b/vars/hostclass/unifi_controller
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+allowed_tcp_ports='ssh 6789 8080 8443 8843 8880'
+allowed_udp_ports='3478 10001'
+
+redirect_tcp_ports='
+https 8443
+http 8880'
diff --git a/vars/hostname/invidious1 b/vars/hostname/invidious1
new file mode 100644
index 0000000..f06a891
--- /dev/null
+++ b/vars/hostname/invidious1
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+cnames=invidious
+invidious_fqdn="invidious.${domain}"
diff --git a/vars/hostname/nfs1 b/vars/hostname/nfs1
new file mode 100644
index 0000000..3ea50e6
--- /dev/null
+++ b/vars/hostname/nfs1
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cnames=nfs
diff --git a/vars/hostname/radius1 b/vars/hostname/radius1
new file mode 100644
index 0000000..5d5380e
--- /dev/null
+++ b/vars/hostname/radius1
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cnames='radius'
diff --git a/vars/hostname/unifi1 b/vars/hostname/unifi1
new file mode 100644
index 0000000..7c418d9
--- /dev/null
+++ b/vars/hostname/unifi1
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cnames=unifi
diff --git a/vars/hostname/znc1 b/vars/hostname/znc1
new file mode 100644
index 0000000..dc11b11
--- /dev/null
+++ b/vars/hostname/znc1
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cnames=znc