Merge pull request #69 from stadtnavi/poi

POI service
stadtnavi · Nov 24, 2024 · 9ba01d2 · 9ba01d2
2 parents d0e7c47 + 584cffa
commit 9ba01d2
Show file tree

Hide file tree

Showing 18 changed files with 585 additions and 60 deletions.
diff --git a/group_vars/all.yml b/group_vars/all.yml
@@ -24,11 +24,12 @@ firewall_allowed_tcp_ports:
 firewall_state: started
 firewall_enabled_at_boot: true
 firewall_flush_rules_and_chains: false
+
 # ssh hardening
 network_ipv6_enable: true
 ssh_allow_agent_forwarding: true
-ssh_permit_tunnel: true
-ssh_allow_tcp_forwarding: 'yes'
+ssh_permit_tunnel: "yes"
+ssh_allow_tcp_forwarding: "yes"
 sftp_enabled: true
 sftp_chroot: true
 

diff --git a/group_vars/infrastructure.yml b/group_vars/infrastructure.yml
@@ -3,14 +3,6 @@ server_name: photon-eu.stadtnavi.eu
 
 matrix_room_address: "!UXrSFkkJoppiEZEfgC:matrix.org"
 
-# ssh hardening
-network_ipv6_enable: true
-ssh_allow_agent_forwarding: true
-ssh_permit_tunnel: true
-ssh_allow_tcp_forwarding: 'yes'
-sftp_enabled: true
-sftp_chroot: true
-
 firewall_state: stopped
 firewall_allowed_tcp_ports:
   - "22"
@@ -74,3 +66,14 @@ photon_languages:
   - pl
   - nl
 photon_domain: "photon-eu.stadtnavi.eu"
+
+poi_postgres_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  64376438333432666530336462363031376638323263363434346138656538373965363932343338
+  3432336563366564376137623665383931306465643137300a383663623832646462643539633931
+  34393763656639363339366665626664393730346235323632613563303637386433626639343336
+  3065623439323034380a313934666537303065613331383765353665336639393366343865643965
+  31333238666231383033643065343336393636656336386630656635643964636234633463666537
+  6539316338353964333762366332383338626532616137653036
+
+poi_domain: "features.stadtnavi.eu"
diff --git a/requirements.yml b/requirements.yml
@@ -5,12 +5,14 @@ collections:
   version: 5.2.0
 - name: community.docker
   version: 3.7.0
+- name: devsec.hardening
+  version: 10.1.0
 
 # directory containing the collection
 #- source: ../../ansible-baseline
 #  type: dir
 - name: leonardehrenfried.baseline
-  version: 1.7.19
+  version: 1.7.24
 
 roles:
 - src: geerlingguy.docker
@@ -20,6 +22,4 @@ roles:
 - src: geerlingguy.swap
   version: 1.0.1
 - src: geerlingguy.firewall
-  version: 2.5.0
-- src: dev-sec.ssh-hardening
-  version: 9.7.0
+  version: 2.5.0
diff --git a/roles/base/meta/main.yml b/roles/base/meta/main.yml
@@ -1,5 +1,5 @@
 ---
 dependencies:
   - role: geerlingguy.firewall
-  - role: dev-sec.ssh-hardening
   - role: geerlingguy.docker
+  - role: devsec.hardening.ssh_hardening
diff --git a/roles/poi/defaults/main.yml b/roles/poi/defaults/main.yml
@@ -1,2 +1,6 @@
 ---
-poi_pbf_download_url: http://download.geofabrik.de/europe/germany-latest.osm.pbf
+poi_pbf_download_url: https://download.geofabrik.de/europe/germany-latest.osm.pbf
+poi_postgres_port: 6432
+poi_layers_url: "https://docs.google.com/spreadsheets/d/1-iKEeaits4W1EPoMzI29uazZRZJ9s2GJGUPnkO9GzKM/gviz/tq?tqx=out:csv&sheet=Layer"
+poi_pg_tileserv_port: 7800
+poi_cache_port: 7801
diff --git a/roles/poi/files/themes/stadtnavi/init.lua b/roles/poi/files/themes/stadtnavi/init.lua
@@ -0,0 +1,12 @@
+-- ---------------------------------------------------------------------------
+--
+-- Theme: stadtnavi
+--
+-- ---------------------------------------------------------------------------
+
+local themepark = ...
+local theme = {}
+
+return theme
+
+-- ---------------------------------------------------------------------------