.gitlab/issue_templates/Bug.md

@@ -40,4 +40,4 @@ Possible fixes
 (If you can, link to the line of code that might be responsible for the problem)
 
 /label ~bug
-/cc @gethmann
+/cc @vn4918

add_ipa_host.yml

+---
+- hosts: all
+  remote_user: root
+  vars:
+    ipa_host: "{{ computer_name }}.las.kit.edu"
+    ipa_host_ip: "129.13.238.{{ ip_suffix }}"
+    ipa_domain: las.kit.edu
+  vars_prompt:
+  - name: "ipa_pass"
+    prompt: "What is the admin@LAS.KIT.EDU password?"
+    private: yes
+
+  # - name: uninstall host
+  #   become: yes
+  #   command: ipa-client --uninstall -U
+
+  roles:
+    - ipa_hosts

admin.yml

@@ -3,6 +3,5 @@
     - name: install admin software
       become: yes
       dnf:
-        name: "{{ item }}"
+        name: "{{ admin_software }}"
         state: present
-      with_items: "{{ admin_software }}"

ansible.cfg

 [defaults]
-inventory=hosts
+inventory = hosts
+roles_path = roles
+
+fact_caching = jsonfile
+fact_caching_connection = cachedir
+fact_caching_timeout = 86400
+
+[inventory]
+
+[privilege_escalation]
+
+[paramiko_connection]
+
+[ssh_connection]
+ssh_args = -C -o ControlMaster=auto -o ControlPersist=3600s
 pipelining = True
-ssh_args = -o ControlMaster=auto -o ControlPersist=60s
-remote_user=gethmann
-roles_path=roles
-become=False
-become_user="root"
-become_ask_pass=True
-become_method="sudo"
+
+[persistent_connection]
+connection_timeout = 3600
+command_timeout = 3600
+
+[accelerate]
+
+[selinux]
+
+[colors]
+
+[diff]
+

common.yml

 - hosts: all
   roles:
       - common
-
-- hosts: cn
-  become: yes
-  tasks:
-    - name: rename CN computer
-      hostname: name=las-bernhard.anka.kit.edu
-  tags:
-    - cn
-    - always

desktop.yml

@@ -2,9 +2,7 @@
   tasks:
     - name: install desktop software
       dnf:
-        name: "{{ item }}"
+        name: "{{ desktop_software }}"
         state: present
       become: yes
       when: ansible_distribution == 'Fedora'
-      with_items:
-      - "{{ desktop_software }}"

dhcpd.yml

 - hosts: dhcpd
+  vars:
+    - dhcpd:
+      domain: las.kit.edu
+      subnet: 129.13.108.0
+      netmask: 255.255.255.0
+      range_start: 129.13.108.74
+      range_end: 129.13.108.89
+      routers: 129.13.108.254
+      broadcast: 129.13.255.255
+      host_list: host-list-las
   roles:
       - dhcpd

group_vars/all/vars.yml

@@ -17,6 +17,7 @@ common_software:
 client_software:
   - gnuplot
   - kpcli
+  - dino
 
 admin_software:
   - ansible
@@ -35,17 +36,40 @@ desktop_software:
   - thunderbird
   - firefox
   - libreoffice
-  # - bwSyncAndShare
   - perl-Clipboard
   - perl-Capture-Tiny
 
-ipaserver: las126.las.kit.edu
-ipaserver2: las100.las.kit.edu
-ipaserver3: las101.las.kit.edu
-
+# Networking
 # this should be the IP or in the sshd_config the "UseDNS" must be set to yes
-ansible_server: 129.13.108.126
+ansible_server: 129.13.238.126
+ansible_server_ipv6: "2a00:1398:4:8200:6840:923e:1415:87f7"
+
+nfs_server: 129.13.238.126
+
+dns4:
+  - "129.13.64.5"
+  - "141.3.175.65"  # extern
+  # use only two, so that IPv6 gets also at least one
+  # - "129.13.96.2"
+
+dns6:
+  - "2a00:1398::1"
+  - "2a00:1398::2"
+  - "2a00:1398::e:1"  # extern
+
+domains:
+  - las.kit.edu
+  - scc.kit.edu
 
+gw4: 129.13.238.65
+
+ntp:
+  - ntp1.scc.kit.edu
+  - ntp2.scc.kit.edu
+  - ntp3.scc.kit.edu
+  - ntp4.scc.kit.edu
+
+# Secure variables
 # file: group_vars/all/vault.yml
 sudoer: "{{ vault_sudoer }}"
 
@@ -54,3 +78,13 @@ userinstall_vars: "{{ vault_userinstall_vars }}"
 admin_mail: "{{ vault_admin_mail }}"
 
 rootkey: "{{ vault_rootkey }}"
+
+# IPA
+gid: "{{ vault_gid }}"
+ipaserver1: "{{ vault_ipaserver1 }}"
+ipaserver2: "{{ vault_ipaserver2 }}"
+ipaserver3: "{{ vault_ipaserver3 }}"
+
+ipa_users: "{{ vault_ipa_users }}"
+
+undine_password: "{{ vault_undine_password }}"

group_vars/dhcpd.yml

----
-primary_dhcpd: 129.13.108.101
-secondary_dhcpd: 129.13.108.126

group_vars/lasarchiv

 ---
-nfs_server: 129.13.108.126
+nfs_server: obelix.las.kit.edu

group_vars/latex.yml

@@ -22,7 +22,7 @@ kit_tikz:
         - texlive-mycv
         - texlive-pgf-spectra
 texlivepackages:
-        - texlive.x86_64
+        - "texlive-scheme-small"
         - kile
         - texmaker
         - texlive-epstopdf-bin
@@ -67,6 +67,7 @@ texlivepackages:
         - texlive-boondox
         - biber
         - texlive-newtx
+        - texlive-newtxtt  # jacow
         # biber dependencies
         # gdbm-devel
         # libdb-devel
@@ -153,79 +154,79 @@ texlivepackages:
         - texlive-xecolor
         - texlive-fontspec
         # Thought to be usefull
-        - texlive-texlive-de-doc.noarch
-        - texlive-texlive-common-doc.noarch
-        - texlive-texlive-docindex-doc.noarch
-        - texlive-ae.noarch
-        - texlive-cm.noarch
-        - texlive-cv.noarch
-        - texlive-ec.noarch
-        - texlive-ed.noarch
-        - texlive-fp.noarch
-        - texlive-gu.noarch
-        - texlive-hc.noarch
-        - texlive-lm.noarch
-        - texlive-t2.noarch
-        - texlive-alg.noarch
-        - texlive-doi.noarch
-        - texlive-dox.noarch
-        - texlive-eco.noarch
-        - texlive-ecv.noarch
-        - texlive-emp.noarch
-        - texlive-esk.noarch
-        - texlive-fbs.noarch
-        - texlive-fmp.noarch
-        - texlive-gmp.noarch
-        - texlive-hep.noarch
-        - texlive-iso.noarch
-        - texlive-lcg.noarch
-        - texlive-lfb.noarch
-        - texlive-msg.noarch
-        - texlive-nag.noarch
-        - texlive-nuc.noarch
-        - texlive-ofs.noarch
-        - texlive-pax.noarch
-        - texlive-pgf.noarch
-        - texlive-qcm.noarch
-        - texlive-sfg.noarch
-        - texlive-svg.noarch
-        - texlive-svn.noarch
-        - texlive-tap.noarch
-        - texlive-ucs.noarch
-        - texlive-uml.noarch
-        - texlive-uri.noarch
-        - texlive-url.noarch
-        - texlive-vpe.noarch
-        - texlive-base.noarch
-        - texlive-abbr.noarch
-        - texlive-acro.noarch
-        - texlive-bohr.noarch
-        - texlive-cals.noarch
-        - texlive-circ.noarch
-        - texlive-cite.noarch
-        - texlive-cmap.noarch
-        - texlive-cmll.noarch
-        - texlive-cmpj.noarch
-        - texlive-cmsd.noarch
-        - texlive-cool.noarch
-        - texlive-crop.noarch
-        - texlive-dhua.noarch
-        - texlive-epsf.noarch
-        - texlive-etoc.noarch
-        - texlive-euro.noarch
-        - texlive-exam.noarch
-        - texlive-feyn.noarch
-        - texlive-fink.noarch
-        - texlive-mycv.noarch
-        - texlive-nath.noarch
-        - texlive-pbox.noarch
-        - texlive-pdfx.noarch
-        - texlive-spot.noarch
+        - texlive-texlive-de-doc
+        - texlive-texlive-common-doc
+        - texlive-texlive-docindex-doc
+        - texlive-ae
+        - texlive-cm
+        - texlive-cv
+        - texlive-ec
+        - texlive-ed
+        - texlive-fp
+        - texlive-gu
+        - texlive-hc
+        - texlive-lm
+        - texlive-t2
+        - texlive-alg
+        - texlive-doi
+        - texlive-dox
+        - texlive-eco
+        - texlive-ecv
+        - texlive-emp
+        - texlive-esk
+        - texlive-fbs
+        - texlive-fmp
+        - texlive-gmp
+        - texlive-hep
+        - texlive-iso
+        - texlive-lcg
+        - texlive-lfb
+        - texlive-msg
+        - texlive-nag
+        - texlive-nuc
+        - texlive-ofs
+        - texlive-pax
+        - texlive-pgf
+        - texlive-qcm
+        - texlive-sfg
+        - texlive-svg
+        - texlive-svn
+        - texlive-tap
+        - texlive-ucs
+        - texlive-uml
+        - texlive-uri
+        - texlive-url
+        - texlive-vpe
+        - texlive-base
+        - texlive-abbr
+        - texlive-acro
+        - texlive-bohr
+        - texlive-cals
+        - texlive-circ
+        - texlive-cite
+        - texlive-cmap
+        - texlive-cmll
+        - texlive-cmpj
+        - texlive-cmsd
+        - texlive-cool
+        - texlive-crop
+        - texlive-dhua
+        - texlive-epsf
+        - texlive-etoc
+        - texlive-euro
+        - texlive-exam
+        - texlive-feyn
+        - texlive-fink
+        - texlive-mycv
+        - texlive-nath
+        - texlive-pbox
+        - texlive-pdfx
+        - texlive-spot
         - texlive-tikz-palattice
-        - texlive-biblatex.noarch
-        - texlive-enumitem.noarch
-        - texlive-ctablestack.noarch
-        - texlive-gitinfo2.noarch
+        - texlive-biblatex
+        - texlive-enumitem
+        - texlive-ctablestack
+        - texlive-gitinfo2
         - texlive-fncychap  # e. g. Sphinx
         - latexmk  # sphinx
         - texlive-tabulary
@@ -253,3 +254,10 @@ texlivepackages:
         # to be continued
         - texlive-cleveref
         - texlive-fonttable
+        - texlive-tcolorbox
+        - texlive-appendixnumberbeamer
+        #
+        - texlive-textpos
+        # multi line table cells
+        - texlive-makecell
+        - texlive-svg

group_vars/opera.yml

-opera_path: /usr/local/share/Opera_18R2
+opera_path: /usr/local/share/Opera_2020

group_vars/python.yml

@@ -15,36 +15,16 @@ python3pkg:
   - python3-sphinx
   - python3-tox
   - python3-pip
-
-python3pip:
-  - brewer2mpl
-  - Cython
-  - flake8
-  - flake8-mypy
-  - flake8-pep257
-  - i18n
-  - mypy_extensions
   - pipenv
-  - pre-commit
-  - PyScaffold
-  - pytest-yapf
-  - tox
-  - yapf
-  - nbdime
-
-python2pkg:
-  - python2
-  - python2-setuptools
-  - python-pip
+  - llvm
+  - cmake
+  - python3-flake8
+  - python3-Cython
+  - nodejs
+  - nodejs-libs
+  - kf5-purpose-twitter
+  - npm
 
-python2pip:
-  - backports.shutil_get_terminal_size
-  - brewer2mpl
-  - Cython
-  - ipython
-  - mpld3
-  - notebook
-  - pandas
-  - sklearn
+python2pkg: ""
 
 pip3bin: /bin/pip3

host_vars/las118.las.kit.edu → host_vars/amnesix.las.kit.edu

 ansible_user: root
 user_account: richter
 ip_suffix: 118
-loc: 620
-os: Fedora 27
-computer_name: Amnesix
+loc: 622
+os: Fedora 32
+computer_name: amnesix

host_vars/asterix.las.kit.edu

+ansible_user: root
+user_account: gethmann
+ip_suffix: 73
+loc: 618
+os: Fedora 31
+computer_name: asterix
+
+extra_software:
+  - subversion  # for ANKA software
+  - borgbackup
+  - mosh  # ssh alternative
+    # keepass compatible console client
+  - kpcli
+  - perl-Clipboard
+  - perl-Capture-Tiny
+  - ctags  # vim tags
+  - zsh
+  - neovim
+  - ShellCheck
+  - inkscape-table
+    # - fd-find
+  - ripgrep
+  - fzf  # fuzzy finder
+  - fd-find
+  - gsl-devel  # Needed to compile Eva Burkhards code
+  - mupdf  # better alternative to pdftk than pdfseparate+pdfunite
+  - evince  # for fixing RIP errors when printing LaTeX posters
+  - screen
+    # PDL for undulator/wiggler Opera script
+  - perl-PDL
+    # Installing dependencies:
+  - perl-Devel-Peek
+  - perl-Inline
+  - perl-Inline-C
+  - perl-Pegex
+  - freeglut
+  - perl-B-Utils
+  - perl-Class-Load
+  - perl-Class-Tiny
+  - perl-Data-Dump-Streamer
+  - perl-Devel-OverloadInfo
+  - perl-Devel-PartialDump
+  - perl-Devel-REPL
+  - perl-Devel-REPL-Plugin-Completion
+  - perl-Devel-REPL-Plugin-DDS
+  - perl-Devel-REPL-Plugin-LexEnv
+  - perl-Devel-REPL-Plugin-MultiLine-PPI
+  - perl-File-HomeDir
+  - perl-File-Map
+  - perl-Filter-Simple
+  - perl-Getopt-Long-Descriptive
+  - perl-IPC-System-Simple
+  - perl-Lexical-Persistence
+  - perl-Module-Compile
+  - perl-Module-Pluggable
+  - perl-Moose
+  - perl-MooseX-Getopt
+  - perl-MooseX-Object-Pluggable
+  - perl-MooseX-Role-Parameterized
+  - perl-OpenGL
+  - perl-PPI
+  - perl-Parse-RecDescent
+  - perl-PerlIO-Layers
+  - perl-Pod-Parser
+  - perl-Prima
+  - perl-Text-Balanced
+  - perl-YAML-LibYAML
+  - perl-autodie
+    # Installing weak dependencies:
+  - perl-Text-Bidi
+    # End of PDL
+  - snapd

host_vars/falbala.las.kit.edu

+ansible_user: root
+user_account: gutknecht
+ip_suffix: 94
+loc: 620
+os: Fedora 31
+computer_name: falbala
+
+extra_software:
+  - zsh

host_vars/las112.las.kit.edu → host_vars/faulus.las.kit.edu

 ansible_user: root
-user_account: widmann
-ip_suffix: 112
-loc: 618
-os: Fedora 28
-computer_name: Gutemine
+user_account: blomley
+loc: -119
+os: Fedora 30
+computer_name: faulus
 
 extra_software:
   - subversion  # ANKA software
   - zsh
+ip_suffix: 83

host_vars/galantine.las.kit.edu

+ansible_user: root
+user_account: gethmann
+ip_suffix: 91
+loc: 618
+os: Fedora 32
+computer_name: galantine
+
+extra_software:
+  - zsh

host_vars/gutemine.las.kit.edu

+ansible_user: root
+user_account: blomley
+loc: -119
+os: Fedora 30
+computer_name: gutemine
+
+extra_software:
+  - subversion  # ANKA software
+  - zsh

host_vars/homoeopatix.las.kit.edu

+ansible_user: root
+user_account: gethmann
+ip_suffix: 92
+loc: 618
+os: Fedora 31
+computer_name: homoeopatix
+
+extra_software:
+  - zsh

host_vars/las117.las.kit.edu → host_vars/idefix.las.kit.edu

@@ -2,5 +2,8 @@ ansible_user: root
 user_account: damminsek
 ip_suffix: 117
 loc: 620
-os: Fedora 27
-computer_name: Idefix
+os: Fedora 31
+computer_name: idefix
+
+extra_software:
+  - mupdf

host_vars/kantine.las.kit.edu

+ansible_user: root
+ansible_ssh_user: root
+ansible_remote_user: gethmann
+remote_user: gethmann
+ip_suffix: 100
+loc: 612
+os: CentOS 7.4
+computer_name: kantine

host_vars/las101.las.kit.edu

@@ -5,3 +5,4 @@ remote_user: gethmann
 ip_suffix: 101
 loc: 612
 os: Fedora 28
+computer_name: Kneipix

host_vars/las113.las.kit.edu

-ansible_user: root
-user_account: gethmann
-ip_suffix: 113
-loc: 618
-os: Fedora 27
-computer_name: Asterix
-
-extra_software:
-  - subversion  # for ANKA software
-  - borgbackup
-  - mosh  # ssh alternative
-  # keepass compatible console client
-  - kpcli
-  - perl-Clipboard
-  - perl-Capture-Tiny
-  - ctags  # vim tags
-  - zsh
-  - neovim
-  - ShellCheck
-  - inkscape-table
-  # - fd-find
-  - ripgrep
-  - fzf  # fuzzy finder

host_vars/las122.las.kit.edu

-# ansible_connection: local
-ansible_user: root
-user_account: petri
-ip_suffix: 122
-loc: 621
-os: Fedora 26
-computer_name: Falbala
-extra_software:
-  - freecad

host_vars/las127.las.kit.edu

-ansible_user: bernhard
-user_account: bernhard
-ip_suffix: 127
-loc: 622
-os: Fedora 27
-computer_name: Majestix

host_vars/las93.las.kit.edu

-ansible_user: gethmann 
+ansible_user: root 
 user_account: bernhard
 ip_suffix: 93
-loc: -10.
+loc: -119
 os: ubuntu
+computer_name: Taubenus

host_vars/las-gethmann.las.kit.edu → host_vars/lysander.las.kit.edu

 ansible_user: root
 user_account: gethmann
 ip_suffix: -gethmann
+computer_name: lysander
 loc: 618
-os: Fedora 28
+os: Fedora 32
 extra_software:
   - subversion  # for ANKA software
   - borgbackup

host_vars/majestix.las.kit.edu

+ansible_user: root
+ansible_ssh_user: root
+user_account: bernhard
+ip_suffix: 70
+loc: 601
+os: Fedora 31
+computer_name: majestix

host_vars/methusalix.las.kit.edu

+ansible_user: root
+user_account: fatehi
+ip_suffix: 97
+loc: 620
+os: Fedora 31
+computer_name: methusalix

host_vars/las126.las.kit.edu → host_vars/obelix.las.kit.edu

@@ -2,5 +2,8 @@ ansible_user: root
 user_account: gethmann
 ip_suffix: 126
 loc: 618
-os: Fedora 27
-computer_name: Obelix
+os: Fedora 31
+computer_name: obelix
+
+extra_software:
+  - borgbackup

host_vars/las115.las.kit.edu → host_vars/pepe.las.kit.edu

@@ -2,5 +2,9 @@ ansible_user: root
 user_account: ning
 ip_suffix: 115
 loc: 619
-os: Fedora 26
-computer_name: Costa Y Bravo
+os: Fedora 31
+computer_name: pepe
+
+extra_software:
+  - python-qt5
+  - "qt5-qttools-devel"

host_vars/las116.las.kit.edu → host_vars/spuernix.las.kit.edu

@@ -3,5 +3,5 @@ ansible_user: root
 user_account: rossmanith
 ip_suffix: 116
 loc: 619
-os: Fedora 27
-computer_name: Spürnix
+os: Fedora 29
+computer_name: spuernix

host_vars/las120.las.kit.edu → host_vars/teefax.las.kit.edu

@@ -3,4 +3,4 @@ user_account: tong
 ip_suffix: 120
 loc: 621
 os: Fedora 28
-computer_name: Teefax
+computer_name: teefax

host_vars/titania.las.kit.edu

+ansible_user: root
+user_account: bernhard
+loc: -119
+os: Fedora 31
+computer_name: titania
+ip_suffix: 105
+
+extra_software:
+  - subversion  # ANKA software
+  - zsh

host_vars/troubadix.las.kit.edu

+ansible_user: root
+user_account: fatehi
+ip_suffix: 96
+loc: 619
+os: Fedora 31
+computer_name: troubadix

host_vars/ueberdrus.las.kit.edu

+ansible_user: root
+user_account: tong
+loc: -119
+os: Fedora 31
+computer_name: ueberdrus
+
+extra_software:
+  - subversion  # ANKA software
+ip_suffix: 74

hosts

 # stable
 [clients]
-las112.las.kit.edu
-las113.las.kit.edu
-las115.las.kit.edu
-las116.las.kit.edu
-las117.las.kit.edu
-las118.las.kit.edu
-las120.las.kit.edu
-las122.las.kit.edu
-las126.las.kit.edu
-las-gethmann.las.kit.edu
+amnesix.las.kit.edu
+asterix.las.kit.edu
+falbala.las.kit.edu
+faulus.las.kit.edu
+galantine.las.kit.edu
+gutemine.las.kit.edu
+homoeopatix.las.kit.edu
+idefix.las.kit.edu
+lysander.las.kit.edu
+majestix.las.kit.edu
+methusalix.las.kit.edu
+obelix.las.kit.edu
+pepe.las.kit.edu
+spuernix.las.kit.edu
+teefax.las.kit.edu
+troubadix.las.kit.edu
+titania.las.kit.edu
+ueberdrus.las.kit.edu
 
 [desktop]
-las112.las.kit.edu
-las113.las.kit.edu
-las115.las.kit.edu
-las116.las.kit.edu
-las117.las.kit.edu
-las118.las.kit.edu
-las120.las.kit.edu
-las122.las.kit.edu
-las-gethmann.las.kit.edu
+amnesix.las.kit.edu
+asterix.las.kit.edu
+falbala.las.kit.edu
+faulus.las.kit.edu
+galantine.las.kit.edu
+gutemine.las.kit.edu
+homoeopatix.las.kit.edu
+idefix.las.kit.edu
+lysander.las.kit.edu
+majestix.las.kit.edu
+methusalix.las.kit.edu
+pepe.las.kit.edu
+spuernix.las.kit.edu
+teefax.las.kit.edu
+troubadix.las.kit.edu
+titania.las.kit.edu
+ueberdrus.las.kit.edu
 
 [graphics]
-las113.las.kit.edu
-las-gethmann.las.kit.edu
-las118.las.kit.edu
+asterix.las.kit.edu
+lysander.las.kit.edu
+amnesix.las.kit.edu
+galantine.las.kit.edu
+homoeopatix.las.kit.edu
 
 [lasarchiv]
-las113.las.kit.edu
-las115.las.kit.edu
-las117.las.kit.edu
-las118.las.kit.edu
-las120.las.kit.edu
-las122.las.kit.edu
-las126.las.kit.edu
-las127.las.kit.edu
-las-gethmann.las.kit.edu
+amnesix.las.kit.edu
+asterix.las.kit.edu
+falbala.las.kit.edu
+faulus.las.kit.edu
+gutemine.las.kit.edu
+homoeopatix.las.kit.edu
+idefix.las.kit.edu
+lysander.las.kit.edu
+majestix.las.kit.edu
+methusalix.las.kit.edu
+obelix.las.kit.edu
+pepe.las.kit.edu
+teefax.las.kit.edu
+troubadix.las.kit.edu
+titania.las.kit.edu
+ueberdrus.las.kit.edu
 
 [python]
-las112.las.kit.edu
-las113.las.kit.edu
-las115.las.kit.edu
-las117.las.kit.edu
-las118.las.kit.edu
-las120.las.kit.edu
-las122.las.kit.edu
-las-gethmann.las.kit.edu
+amnesix.las.kit.edu
+asterix.las.kit.edu
+falbala.las.kit.edu
+faulus.las.kit.edu
+galantine.las.kit.edu
+gutemine.las.kit.edu
+homoeopatix.las.kit.edu
+idefix.las.kit.edu
+lysander.las.kit.edu
+methusalix.las.kit.edu
+pepe.las.kit.edu
+teefax.las.kit.edu
+troubadix.las.kit.edu
+titania.las.kit.edu
+ueberdrus.las.kit.edu
 
 [kdev]  # KDevelope
 
 [jabref]
-las113.las.kit.edu
-las117.las.kit.edu
-las-gethmann.las.kit.edu
+
+[zotero]
+idefix.las.kit.edu
 
 [pynaff]
-las-gethmann.las.kit.edu
-las113.las.kit.edu
-las126.las.kit.edu
+lysander.las.kit.edu
+asterix.las.kit.edu
+obelix.las.kit.edu
 
 [pycharm]
-las-gethmann.las.kit.edu
-las113.las.kit.edu
-las115.las.kit.edu
-las117.las.kit.edu
-las122.las.kit.edu
+lysander.las.kit.edu
+asterix.las.kit.edu
+pepe.las.kit.edu
+idefix.las.kit.edu
+ueberdrus.las.kit.edu
 
 [chrome]
-las-gethmann.las.kit.edu
+lysander.las.kit.edu
+
+[rdp]
+amnesix.las.kit.edu
+asterix.las.kit.edu
+faulus.las.kit.edu
+galantine.las.kit.edu
+gutemine.las.kit.edu
+homoeopatix.las.kit.edu
+methusalix.las.kit.edu
+troubadix.las.kit.edu
+ueberdrus.las.kit.edu
 
 [latex]
-las112.las.kit.edu
-las-gethmann.las.kit.edu
-las113.las.kit.edu
-las115.las.kit.edu
-las117.las.kit.edu
-las118.las.kit.edu
-las120.las.kit.edu
-las122.las.kit.edu
+amnesix.las.kit.edu
+asterix.las.kit.edu
+falbala.las.kit.edu
+faulus.las.kit.edu
+galantine.las.kit.edu
+gutemine.las.kit.edu
+homoeopatix.las.kit.edu
+idefix.las.kit.edu
+lysander.las.kit.edu
+methusalix.las.kit.edu
+pepe.las.kit.edu
+teefax.las.kit.edu
+troubadix.las.kit.edu
+titania.las.kit.edu
+ueberdrus.las.kit.edu
 
 [opera]
-las113.las.kit.edu
-las118.las.kit.edu
-las122.las.kit.edu
-las126.las.kit.edu
-las127.las.kit.edu
+amnesix.las.kit.edu
+asterix.las.kit.edu
+homoeopatix.las.kit.edu
+idefix.las.kit.edu
+majestix.las.kit.edu
+methusalix.las.kit.edu
+obelix.las.kit.edu
+pepe.las.kit.edu
+troubadix.las.kit.edu
+lysander.las.kit.edu ansible_python_interpreter=/usr/bin/python3
 
 [mad8]
 # depercated for Fedora >=26
 
-[nfs-server]
-las126.las.kit.edu
+[nfsserver]
+obelix.las.kit.edu
 
 # developement
 
-[dhcpd]
-las101.las.kit.edu
-las126.las.kit.edu
-
 [lab]
 # las93.las.kit.edu
+faulus.las.kit.edu ansible_python_interpreter=/usr/bin/python3
+gutemine.las.kit.edu ansible_python_interpreter=/usr/bin/python3
+titania.las.kit.edu ansible_python_interpreter=/usr/bin/python3
+ueberdrus.las.kit.edu ansible_python_interpreter=/usr/bin/python3
 
 [rpmbuild]
-las113.las.kit.edu
-las-gethmann.las.kit.edu
+asterix.las.kit.edu
+lysander.las.kit.edu
 
 [elegant]
-las113.las.kit.edu
-las117.las.kit.edu
-las120.las.kit.edu
-las126.las.kit.edu
-las-gethmann.las.kit.edu
+asterix.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+falbala.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+galantine.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+homoeopatix.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+idefix.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+lysander.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+majestix.las.kit.edu ansible_python_interpreter=/usr/bin/python3
+methusalix.las.kit.edu ansible_python_interpreter=/usr/bin/python3
+obelix.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+pepe.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
+spuernix.las.kit.edu  ansible_python_interpreter=/usr/bin/python3
 
 [epics]
-las112.las.kit.edu
-las113.las.kit.edu
-las115.las.kit.edu
-las117.las.kit.edu
-las-gethmann.las.kit.edu
+asterix.las.kit.edu
+faulus.las.kit.edu
+galantine.las.kit.edu
+gutemine.las.kit.edu
+homoeopatix.las.kit.edu
+idefix.las.kit.edu
+lysander.las.kit.edu
+majestix.las.kit.edu
+pepe.las.kit.edu
+titania.las.kit.edu
+ueberdrus.las.kit.edu
 
 [ripgrep]
-las101.las.kit.edu
-las113.las.kit.edu
-las-gethmann.las.kit.edu
+asterix.las.kit.edu
+lysander.las.kit.edu
 
 [inovesa]
-las113.las.kit.edu
+asterix.las.kit.edu
+obelix.las.kit.edu # ansible_connection=local
+galantine.las.kit.edu
+homoeopatix.las.kit.edu
+pepe.las.kit.edu
 
 [ipynb]  # Jupyter notebook
-las120.las.kit.edu
-las122.las.kit.edu
-las-gethmann.las.kit.edu
+idefix.las.kit.edu
+teefax.las.kit.edu
+lysander.las.kit.edu
 
 # semi stable
 [tgu]
-las115.las.kit.edu
+pepe.las.kit.edu
+faulus.las.kit.edu
+gutemine.las.kit.edu
 
 [local]
 # 127.0.0.1 ansible_connection=local
 
 [admin_pcs]
-las101.las.kit.edu
-las113.las.kit.edu
-las-gethmann.las.kit.edu
+asterix.las.kit.edu
+homoeopatix.las.kit.edu
+lysander.las.kit.edu
 
 [server]
-las101.las.kit.edu
-
-[cn]
-las-bernhard.anka.kit.edu

ipa_user.yml

+---
+- hosts: all
+  vars: 
+  vars_prompt:
+    - name: "ipa_admin_pass"
+      prompt: "What is IPA's admin password?"
+      private: yes
+
+  roles:
+    - ipa_users

jabref.yml

@@ -5,3 +5,8 @@
       dnf:
         name: jabref
         state: present
+      when: (ansible_distribution == "Fedora" and (ansible_distribution_major_version | int) <= 28)
+
+    - name: UNSUPPORTED
+      fail:
+        msg: Jabref is no longer maintained by Fedora! Use zotero instead.

lab.yml

+- hosts: lab
+  vars:
+    - dhcpd:
+        domain: maglab
+        subnet: 192.168.0.0
+        netmask: 255.255.255.0
+        range_start: 192.168.0.1
+        range_end: 192.168.0.100
+        routers: 192.168.0.10
+        broadcast: 192.168.0.255
+        host_list: host-list-maglab
+  roles:
+    - dhcpd
+    - lab

majestix.las.kit.edu.yml

+---
+- include: common.yml
+- include: clients.yml
+  tags: client
+- include: lasarchiv.yml
+- include: opera.yml
+- include: desktop.yml
+- include: elegant.yml
+- include: epics.yml

nfs.yml

-- hosts: nfs-server
+- hosts: nfsserver
   roles:
     - nfs-server
   tags: nfs-server

remmina.yml

+- hosts: rdp
+  roles:
+    - rdp

roles/clients/files/kit-vpn2vlan.ovpn

+client
+remote 141.52.8.19
+port 1194
+dev tap
+proto udp
+auth-user-pass
+nobind
+comp-lzo no
+tls-version-min 1.2
+ca /etc/ssl/certs/ca-bundle.crt
+verify-x509-name "C=DE, ST=Baden-Wuerttemberg, L=Karlsruhe, O=Karlsruhe Institute of Technology, OU=Steinbuch Centre for Computing, CN=ovpn.scc.kit.edu" subject
+cipher AES-256-CBC
+auth SHA384
+reneg-sec 43200
+verb 3
+script-security 2

roles/clients/files/printers.conf

@@ -41,7 +41,7 @@ ErrorPolicy stop-printer
 UUID urn:uuid:c20b481d-848e-30e6-5eab-8ba9fb397809
 Info Oki MC851(PS)
 Location Library
-DeviceURI socket://129.13.108.106/
+DeviceURI socket://oki.las.kit.edu/
 State Idle
 StateTime 1414591314
 Type 8433756

roles/clients/tasks/basic_software.yml

 ---
 - name: "Install basic client software"
   apt:
-    name: "{{ item }}"
+    name: "{{ client_software }}"
     state: present
-  with_items: "{{ client_software }}"
+    # with_items: "{{ client_software }}"
   when: ansible_distribution == 'Ubuntu'
   become: yes
 
 - name: "Install basic client software"
   dnf:
-    name: "{{ item }}"
+    name: "{{ client_software }}"
     state: present
-  with_items: "{{ client_software }}"
+    # with_items: "{{ client_software }}"
   when: ansible_distribution == 'Fedora'
   become: yes

roles/clients/tasks/cups.yml

@@ -9,11 +9,8 @@
 - name: install dependencies
   become: yes
   dnf:
-    name: "{{ item }}"
+    name: ["hplip-common", "hplip"]
     state: present
-  with_items:
-    - "hplip-common"
-    - "hplip"
   when: ansible_distribution == 'Fedora'
 
 - name: install CUPS

roles/clients/tasks/main.yml

@@ -3,4 +3,6 @@
   tags: printer
 - import_tasks: basic_software.yml
 - import_tasks: kill_x.yml
+- import_tasks: vpn.yml
 - import_tasks: ms_fonts.yml
+  tags: fonts

roles/clients/tasks/ms_fonts.yml

@@ -2,7 +2,7 @@
 - name: install fonts
   become: true
   dnf:
-    name: https://downloads.sourceforge.net/project/mscorefonts2/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm
+    name: "https://sourceforge.net/projects/mscorefonts2/files/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm/download?use_mirror=netcologne&ts=1566291689&use_mirror=netcologne"
     state: installed
   tags: fonts
   when: ansible_distribution == "Fedora"

roles/clients/tasks/vpn.yml

+---
+- name: install OpenVPN client
+  become: yes
+  dnf:
+    name: ["openvpn", "NetworkManager-openvpn"]
+    state: present
+
+    # - name: install network manager for ansible
+    #   become: yes
+    #   dnf:
+    #     name: ["NetworkManager-glib", "libnm-qt-devel", "nm-connection-editor", "libsemanage-python", "policycoreutils-python"]
+    #     state: present
+
+- name: get configuration file from SCC
+  # https://www.scc.kit.edu/dienste/10100.php
+  become: yes
+  copy:
+    src: kit-vpn2vlan.ovpn
+    dest: /etc/kit-vpn2vlan.ovpn
+    backup: yes
+  when: ansible_distribution == "Fedora"
+
+# unfortunately you have to install the VPN on your own using the GUI tool NetworkManager.

roles/common/files/NetworkManager.conf

+# Configuration file for NetworkManager.
+#
+# See "man 5 NetworkManager.conf" for details.
+#
+# The directories /usr/lib/NetworkManager/conf.d/ and /run/NetworkManager/conf.d/
+# can contain additional configuration snippets installed by packages. These files are
+# read before NetworkManager.conf and have thus lowest priority.
+# The directory /etc/NetworkManager/conf.d/ can contain additional configuration
+# snippets. Those snippets are merged last and overwrite the settings from this main
+# file.
+#
+# The files within one conf.d/ directory are read in asciibetical order.
+#
+# If /etc/NetworkManager/conf.d/ contains a file with the same name as
+# /usr/lib/NetworkManager/conf.d/, the latter file is shadowed and thus ignored.
+# Hence, to disable loading a file from /usr/lib/NetworkManager/conf.d/ you can
+# put an empty file to /etc with the same name. The same applies with respect
+# to the directory /run/NetworkManager/conf.d where files in /run shadow
+# /usr/lib and are themselves shadowed by files under /etc.
+#
+# If two files define the same key, the one that is read afterwards will overwrite
+# the previous one.
+
+[main]
+#plugins=ifcfg-rh,ibft
+dhcp=dhclient
+
+
+[logging]
+# When debugging NetworkManager, enabling debug logging is of great help.
+#
+# Logfiles contain no passwords and little sensitive information. But please
+# check before posting the file online. You can also personally hand over the
+# logfile to a NM developer to treat it confidential. Meet us on #nm on freenode.
+# Please post full logfiles except minimal modifications of private data.
+#
+# You can also change the log-level at runtime via
+#   $ nmcli general logging level TRACE domains ALL
+# However, usually it's cleaner to enable debug logging
+# in the configuration and restart NetworkManager so that
+# debug logging is enabled from the start.
+#
+# You will find the logfiles in syslog, for example via
+#   $ journalctl -u NetworkManager
+#
+# Note that debug logging of NetworkManager can be quite verbose. Some messages
+# might be rate-limited by the logging daemon (see RateLimitIntervalSec, RateLimitBurst
+# in man journald.conf). Please disable rate-limiting before collecting debug logs.
+#
+#level=TRACE
+#domains=ALL

roles/common/files/automatic.conf

+[commands]
+#  What kind of upgrade to perform:
+# default                            = all available upgrades
+# security                           = only the security upgrades
+upgrade_type = security
+random_sleep = 0
+
+# To just receive updates use dnf-automatic-notifyonly.timer
+
+# Whether updates should be downloaded when they are available, by
+# dnf-automatic.timer. notifyonly.timer, download.timer and
+# install.timer override this setting.
+download_updates = yes
+
+# Whether updates should be applied when they are available, by
+# dnf-automatic.timer. notifyonly.timer, download.timer and
+# install.timer override this setting.
+apply_updates = yes
+
+
+[emitters]
+# Name to use for this system in messages that are emitted.  Default is the
+# hostname.
+# system_name = my-host
+
+# How to send messages.  Valid options are stdio, email and motd.  If
+# emit_via includes stdio, messages will be sent to stdout; this is useful
+# to have cron send the messages.  If emit_via includes email, this
+# program will send email itself according to the configured options.
+# If emit_via includes motd, /etc/motd file will have the messages. if
+# emit_via includes command_email, then messages will be send via a shell
+# command compatible with sendmail.
+# Default is email,stdio.
+# If emit_via is None or left blank, no messages will be sent.
+emit_via = motd,stdio
+
+
+[email]
+# The address to send email messages from.
+email_from = root@localhost
+
+# List of addresses to send messages to.
+email_to = root
+
+# Name of the host to connect to to send email messages.
+email_host = localhost
+
+
+[command]
+# The shell command to execute. This is a Python format string, as used in
+# str.format(). The format function will pass a shell-quoted argument called
+# `body`.
+# command_format = "cat"
+
+# The contents of stdin to pass to the command. It is a format string with the
+# same arguments as `command_format`.
+# stdin_format = "{body}"
+
+
+[command_email]
+# The shell command to use to send email. This is a Python format string,
+# as used in str.format(). The format function will pass shell-quoted arguments
+# called body, subject, email_from, email_to.
+# command_format = "mail -s {subject} -r {email_from} {email_to}"
+
+# The contents of stdin to pass to the command. It is a format string with the
+# same arguments as `command_format`.
+# stdin_format = "{body}"
+
+# The address to send email messages from.
+email_from = root@localhost
+
+# List of addresses to send messages to.
+email_to = root
+
+
+[base]
+# This section overrides dnf.conf
+
+# Use this to filter DNF core messages
+debuglevel = 1

roles/common/files/web.las.pub

+-----BEGIN CERTIFICATE-----
+MIIKcjCCCVqgAwIBAgIMIKiiExs4FR9L2Kp4MA0GCSqGSIb3DQEBCwUAMHsxCzAJ
+BgNVBAYTAkRFMRswGQYDVQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxEjAQBgNVBAcM
+CUthcmxzcnVoZTEqMCgGA1UECgwhS2FybHNydWhlIEluc3RpdHV0ZSBvZiBUZWNo
+bm9sb2d5MQ8wDQYDVQQDDAZLSVQtQ0EwHhcNMTkwMzEzMTU0MDU0WhcNMjEwNjE0
+MTU0MDU0WjCBhDELMAkGA1UEBhMCREUxGzAZBgNVBAgMEkJhZGVuLVd1ZXJ0dGVt
+YmVyZzESMBAGA1UEBwwJS2FybHNydWhlMSowKAYDVQQKDCFLYXJsc3J1aGUgSW5z
+dGl0dXRlIG9mIFRlY2hub2xvZ3kxGDAWBgNVBAMMD3dlYi5sYXMua2l0LmVkdTCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKLgVunuUl0m3520OuAnewPw
+N+zG0A295N4wSIS5KYflOxfmGBKKnAwefSzNvUIIOnyr+rrD2GdVG4ZMjQXmATAm
+ibiQLVAYsPu+yTOfWUmwKDJCYLOCH1VkwPJbebSMTTuSGC3uRaKdtCucXX6TnHqY
+jB0LPs730+KVPDFIiKps6U/SqfOmoCTr5owDiZXM75rl4sPtHSvNpsfFC1Ls6RIm
+z2moISu0Q1wLdU6sPUMmvjRtv+pkPD6nMLfO0j9y6SL2z7AbOVJt+JcXZLteGW11
+nQnRDOkHwpldy8xrYczIHd6bMp0hllVHSE8LsXs9H16yOy7LNkUMS8SfGFVlam84
+yn5/h7jFUgHY1BCsORyfR2w5MznOWH+HIy2U+RKA3u1JlPQZtH1Q6hHR6oSRgx8O
+4cf4lqgUELM2TydxEBiEupcHhiIHwleGHfTXL3ChtxSu/VyJZQcIiZ8gSDVTDrG7
+bAX5rnXEoTeqvenLJAv8cAECl9J22wUCzSz3MzFpalDQY2+P7mpPxYKcRcQQxCpo
+wVuKiiRw+JjN51AKkmELtZ5a/SD5JOy9PvmfAN1OUqJguxO+MbhYfp2If47Gy0ht
+WuYZ47H8VFIPbVD7a8uVKX1VWKBaBvW5N4Cl7Wu/2yny3Zw+yw2XZFpPvmSNlq/T
+8CYw0kFOQynCDzhrKASnAgMBAAGjggXqMIIF5jAJBgNVHRMEAjAAMA4GA1UdDwEB
+/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQU/hB/iqc12SwT
+I7iIPJPSnPnKgLcwHwYDVR0jBBgwFoAUBBq/HJORPdPZPbDeEyPlmnD0LggwaAYD
+VR0RBGEwX4IPZG5mLmxhcy5raXQuZWR1ghFtdW5pbi5sYXMua2l0LmVkdYIQcHlw
+aS5sYXMua2l0LmVkdYIWc2hhcmVsYXRleC5sYXMua2l0LmVkdYIPd2ViLmxhcy5r
+aXQuZWR1MH0GA1UdHwR2MHQwOKA2oDSGMmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUv
+a2l0LWNhLWcyL3B1Yi9jcmwvY2FjcmwuY3JsMDigNqA0hjJodHRwOi8vY2RwMi5w
+Y2EuZGZuLmRlL2tpdC1jYS1nMi9wdWIvY3JsL2NhY3JsLmNybDCBzQYIKwYBBQUH
+AQEEgcAwgb0wMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NT
+UC1TZXJ2ZXIvT0NTUDBCBggrBgEFBQcwAoY2aHR0cDovL2NkcDEucGNhLmRmbi5k
+ZS9raXQtY2EtZzIvcHViL2NhY2VydC9jYWNlcnQuY3J0MEIGCCsGAQUFBzAChjZo
+dHRwOi8vY2RwMi5wY2EuZGZuLmRlL2tpdC1jYS1nMi9wdWIvY2FjZXJ0L2NhY2Vy
+dC5jcnQwWQYDVR0gBFIwUDAIBgZngQwBAgIwDQYLKwYBBAGBrSGCLB4wDwYNKwYB
+BAGBrSGCLAEBBDARBg8rBgEEAYGtIYIsAQEEAwkwEQYPKwYBBAGBrSGCLAIBBAMJ
+MIIDXgYKKwYBBAHWeQIEAgSCA04EggNKA0gAdwBvU3asMfAxGdiZAKRRFf93FRwR
+2QLBACkGjbIImjfZEwAAAWl3tsubAAAEAwBIMEYCIQDleY52tBqLOUlBzrb6Dz5M
+uWEXellG3NnTfBaN87g67AIhAPHCGa4Y2xNiGoTecdUngDbbj+xdQyBLFR1mFrQV
+m0V9AHcAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFpd7bMqAAA
+BAMASDBGAiEA/mfu1lL6ri+Ib4fRjPRkLiSzriZQgHOt+ew5UVI0YHoCIQDXtv2r
+HG6aNaa9YCunjpA7Bc3w/RBjkCWmwKKoRzKzlwB2AKrnC388uNVmyGwvFpecn0Rf
+aasOtFNVibL3egMBBPPNAAABaXe2y7QAAAQDAEcwRQIgOWYMd92nC6diBFP9EJk2
+rvjYZMq92BSuGBKjy8P+OQQCIQCq2c2bqSRqX8biZ/WrpUgUs3CxOiX+OnUkci49
+RXxCFwB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaXe2y+AA
+AAQDAEcwRQIhALRrZGVHHpPLjOWbrs6xb+DCeRnXDyfZR5ttNezHZirFAiA80IU7
+FTBq3H7kswcnSiK3RAs0WLd5h5NpV+CsmeNzmgB1AKS5CZC0GFgUh7sTosxncAo8
+NZgE+RvfuON3zQ7IDdwQAAABaXe2y+AAAAQDAEYwRAIgbb9xvS1vv31chFtfr/nl
+9GPzyx9Uo2vjIJKgk8KcTKkCIAtl6Zgda9Bnj47yTfVkbM3Tzc6ZvxOToqVVWO9v
+Z4a9AHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFpd7bL2wAA
+BAMARzBFAiBD2wzVFDMmTRHKnF0vZN4Yia4Z2xe11iBpYtQU5mZ3vQIhAOgfeMi9
+7x96dZRZLsTs8J00KGz4NJcHX9RHRXyjeXQlAHUARJRlLrDuzq/EQAfYqP4owNrm
+gr7YyzG1P9MzlrW2gagAAAFpd7bScAAABAMARjBEAh8PGD3UXg5AeqX1KK2rEZWY
+jDyVOKXiaNM5uyEzGPIgAiEAuSLcjMd8cDtFuRotM+Jn9aIXiJIIcRpexcoA26PL
+PJkwDQYJKoZIhvcNAQELBQADggEBAE5OhnWn7XdXaIbX16SpWHV/Qfb/4+Hzzf6F
+KVl6bUJJ/maIUkmrjUWVYxHSfkL0Kx6aYL/WEdjZD0S40rjCZkEETJo3Lqy+WDgT
+ChgWEGzRBvqoNDVkywevsE77K5w2HaGKogWvD8IeOu/YOfZYKqTYYFz4ej7/PUit
+8TNbY0pYyEhXoKmoXsBJUvY0Fc03GJZDTevC6iEqCQOlMLprQxT/KuYthIHc/lv/
+qCIlbzsml0poyglupVIwzhvarFsQUPyZGoSEHcMG82Ors9VJbTaBk28uvdtORX9m
+gCkCBwb7DRxZb5US49rygRGROHqRaqlC/ASoXSznJgxUj8jL7Lc=
+-----END CERTIFICATE-----
+subject= /C=DE/ST=Baden-Wuerttemberg/L=Karlsruhe/O=Karlsruhe Institute of Technology/CN=KIT-CA
+-----BEGIN CERTIFICATE-----
+MIIFnjCCBIagAwIBAgIMHDrUjCTtki6w9JCuMA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYxMTAzMTUyNTQ4WhcNMzEwMjIyMjM1OTU5WjB7MQswCQYDVQQGEwJE
+RTEbMBkGA1UECAwSQmFkZW4tV3VlcnR0ZW1iZXJnMRIwEAYDVQQHDAlLYXJsc3J1
+aGUxKjAoBgNVBAoMIUthcmxzcnVoZSBJbnN0aXR1dGUgb2YgVGVjaG5vbG9neTEP
+MA0GA1UEAwwGS0lULUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+1cwA90GCGWXXCQ+V4MkCc9CaPcYU0hrUc0mTyvbQ3DuOMey+w5aFI8JkmAD5CHsj
+jDWe/uuANc6OR828xLoN6EV4AsNMhD9HMelYZrGuBS2nsOVlGzIIf8t+RX7pDVQg
+Dc/UvczziO45HmLCoYeUDcqn9Qho8Jnuh4nXJdPCRB4UvcwtRCpYkgCeC+Llxfe4
+IpdnvABTX1kwYR4TVmnAg3Mel5tLoV+WcxTdwJMpsbjFz8P11qMta53Nactef4gx
+BWMSEpDlnGL+swzkUfd1s+3NQkFKBbAZ6ehZivOZc4ah4iRxB1T/5v2Tza+Hyao0
+4f5SbkkD2Y1p0Z5vdMVEPwIDAQABo4ICBTCCAgEwEgYDVR0TAQH/BAgwBgEB/wIB
+ATAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0gBCIwIDANBgsrBgEEAYGtIYIsHjAPBg0r
+BgEEAYGtIYIsAQEEMB0GA1UdDgQWBBQEGr8ck5E909k9sN4TI+WacPQuCDAfBgNV
+HSMEGDAWgBST49gyJtrV8UqlkUrg6kviogzP4TCBjwYDVR0fBIGHMIGEMECgPqA8
+hjpodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9j
+cmwvY2FjcmwuY3JsMECgPqA8hjpodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2Jh
+bC1yb290LWcyLWNhL3B1Yi9jcmwvY2FjcmwuY3JsMIHdBggrBgEFBQcBAQSB0DCB
+zTAzBggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZl
+ci9PQ1NQMEoGCCsGAQUFBzAChj5odHRwOi8vY2RwMS5wY2EuZGZuLmRlL2dsb2Jh
+bC1yb290LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDBKBggrBgEFBQcwAoY+
+aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY2Fj