Di. 21 Mai 2019 19:07:14 CEST in /home/jens/Development/ansible/roles/tweaks on deathbolt.927589452.space

templates/bluetooth_hcsecd.conf.j2

@@ -0,0 +1,63 @@
+{{ ansible_managed | comment }}
+
+# $Id: hcsecd.conf,v 1.1 2003/05/26 22:50:47 max Exp $
+# $FreeBSD: releng/12.0/usr.sbin/bluetooth/hcsecd/hcsecd.conf 338155 2018-08-21 19:28:53Z brd $
+#
+# HCI security daemon configuration file
+#
+# Format:
+#
+# device {
+#	option	value ;
+# }
+#
+# Possible options and values
+#
+# Options	Values
+# ----------------------------------
+# bdaddr	xx:xx:xx:xx:xx:xx ;  	- remote device BD_ADDR
+# name 		"any char" ;		- to set user friendly device name
+# key		0x11223344 | nokey ;	- to set link key for the device
+# pin		"secret" | nopin ;	- to PIN code for the device
+#
+# Notes:
+#
+#	Currently there is no way to select keys/PIN code based on which
+#	local device received the request. Everything is based on remote
+#	device BD_ADDR.
+#
+#	"nokey"	means that no link key has been defined and we should
+#		send Link_Key_Negative_Reply command to the device.
+#
+#	"nopin"	means that no PIN code has been defined and we should
+#		send PIN_Code_Negative_Reply command to the device
+#
+
+# Default entry is applied if no better match found
+# It MUST have 00:00:00:00:00:00 as bdaddr
+device {
+	bdaddr	00:00:00:00:00:00;
+	name	"Default entry";
+	key	nokey;
+	pin	nopin;
+}
+
+device {
+	bdaddr	00:01:02:03:04:05;
+	name	"Dummy";
+	key	nokey;
+	pin	"0000";
+}
+
+device {
+	bdaddr	00:11:22:33:44:55;
+	name	"Dummy";
+	key	0x00112233445566778899aabbccddeeff; # 16 bytes key (hex string)
+	pin	nopin;
+}
+device {
+        bdaddr  8e:09:ab:dd:6e:ff;
+        name    "Black TMouse";
+        key     nokey;
+        pin     "0000";
+      }

templates/keyboard-conf.j2

@@ -0,0 +1,7 @@
+Section "InputClass"
+	Identifier	"KeyboardDefaults"
+	Driver		"keyboard"
+	MatchIsKeyboard	"on"
+	Option		"XkbLayout" "{{ kblayout }}"
+	Option		"XkbVariant" "{{ kbvariant }}"
+EndSection

templates/local_unbound_access_control.conf.j2

@@ -0,0 +1,8 @@
+{{ ansible_managed | comment }}
+
+server:
+	## private addresses only
+	## https://tools.ietf.org/html/rfc1918
+	access-control: 10.0.0.0/8 allow
+	access-control: 172.16.0.0/12 allow
+	access-control: 192.168.0.0/16 allow

templates/local_unbound_lan-zones.conf.j2

@@ -0,0 +1,6 @@
+# This file was generated by local-unbound-setup.
+# Modifications will be overwritten.
+server:
+	# Unblock reverse lookups for LAN addresses
+	unblock-lan-zones: yes
+	insecure-lan-zones: yes

templates/local_unbound_local_resolver.conf.j2

@@ -0,0 +1,12 @@
+{{ ansible_managed | comment }}
+
+server:
+{% for domain in local_domains %}
+
+# {{ domain }}
+	local-zone: {{ domain.name }} transparent
+	local-data: "{{ domain.name }} IN NS {{ domain.ns }}"
+	local-data: "{{ domain.ns }} IN A {{ domain.ip }}"
+	local-data-ptr: "{{domain.ip}} {{domain.ns}}"
+
+{% endfor %}

templates/local_unbound_opennic.conf.j2

@@ -0,0 +1,4 @@
+{{ ansible_managed | comment }}
+# https://wiki.opennic.org/tier_2_unbound
+server:
+	root-hints: "{{ local_unbound_run_d }}/{{ hints_opennic }}"

templates/local_unbound_unbound.conf.j2

@@ -0,0 +1,14 @@
+# This file was generated by local-unbound-setup.
+# Modifications will be overwritten.
+server:
+	username: unbound
+	directory: {{ local_unbound_run_d }}
+	chroot: {{ local_unbound_run_d }}
+	pidfile: /var/run/local_unbound.pid
+	auto-trust-anchor-file: {{ local_unbound_run_d }}/root.key
+	root-hints: {{ local_unbound_run_d }}/root.hints
+
+include: {{ local_unbound_run_d }}/forward.conf
+include: {{ local_unbound_run_d }}/lan-zones.conf
+include: {{ local_unbound_run_d }}/control.conf
+include: {{ local_unbound_run_d }}/conf.d/*.conf

templates/resolv.conf.j2

@@ -0,0 +1,7 @@
+{{ ansible_managed | comment }}
+search dietzenbach.927589452.space 927589452.space
+# nameserver 10.47.11.72
+# nameserver 185.181.104.74
+nameserver 127.0.0.1
+#nameserver 8.8.8.8
+options edns0