From a515d956250470f77b14aef3911b94bb158d46cf Mon Sep 17 00:00:00 2001 From: Sonny Bakker Date: Fri, 29 Jan 2021 21:00:39 +0100 Subject: [PATCH] Remove roles dir from git --- roles/common/.ansible-lint | 5 - roles/common/.gitignore | 14 --- roles/common/.gitlab-ci.yml | 33 ------- roles/common/.prettier.json | 9 -- roles/common/defaults/main.yml | 3 - roles/common/handlers/main.yml | 81 ---------------- roles/common/handlers/user.yml | 19 ---- roles/common/meta/.galaxy_install_info | 2 - roles/common/meta/main.yml | 15 --- roles/common/tasks/host.yml | 15 --- roles/common/tasks/known_hosts.yml | 39 -------- roles/common/tasks/main.yml | 2 - roles/common/tasks/network.yml | 27 ------ roles/common/tasks/nginx.yml | 18 ---- roles/common/tasks/poetry.yml | 73 --------------- roles/common/tasks/setup.yml | 51 ---------- roles/common/tasks/ssl.yml | 39 -------- roles/common/tasks/sudoers.yml | 7 -- roles/common/templates/hostname.j2 | 3 - roles/common/templates/hosts.j2 | 9 -- roles/common/templates/network.j2 | 9 -- roles/common/templates/nftables.j2 | 19 ---- roles/common/templates/nginx.conf.j2 | 51 ---------- roles/common/templates/sshd_config.j2 | 123 ------------------------- roles/common/templates/sudoers.j2 | 3 - roles/common/vars/archlinux.yml | 2 - roles/common/vars/debian-buster.yml | 1 - roles/common/vars/ubuntu-focal.yml | 1 - 28 files changed, 673 deletions(-) delete mode 100644 roles/common/.ansible-lint delete mode 100644 roles/common/.gitignore delete mode 100644 roles/common/.gitlab-ci.yml delete mode 100644 roles/common/.prettier.json delete mode 100644 roles/common/defaults/main.yml delete mode 100644 roles/common/handlers/main.yml delete mode 100644 roles/common/handlers/user.yml delete mode 100644 roles/common/meta/.galaxy_install_info delete mode 100644 roles/common/meta/main.yml delete mode 100644 roles/common/tasks/host.yml delete mode 100644 roles/common/tasks/known_hosts.yml delete mode 100644 roles/common/tasks/main.yml delete mode 100644 roles/common/tasks/network.yml delete mode 100644 roles/common/tasks/nginx.yml delete mode 100644 roles/common/tasks/poetry.yml delete mode 100644 roles/common/tasks/setup.yml delete mode 100644 roles/common/tasks/ssl.yml delete mode 100644 roles/common/tasks/sudoers.yml delete mode 100644 roles/common/templates/hostname.j2 delete mode 100644 roles/common/templates/hosts.j2 delete mode 100644 roles/common/templates/network.j2 delete mode 100644 roles/common/templates/nftables.j2 delete mode 100644 roles/common/templates/nginx.conf.j2 delete mode 100644 roles/common/templates/sshd_config.j2 delete mode 100644 roles/common/templates/sudoers.j2 delete mode 100644 roles/common/vars/archlinux.yml delete mode 100644 roles/common/vars/debian-buster.yml delete mode 100644 roles/common/vars/ubuntu-focal.yml diff --git a/roles/common/.ansible-lint b/roles/common/.ansible-lint deleted file mode 100644 index e99d805..0000000 --- a/roles/common/.ansible-lint +++ /dev/null @@ -1,5 +0,0 @@ -parseable: true -quiet: true -skip_list: - - '501' -use_default_rules: true diff --git a/roles/common/.gitignore b/roles/common/.gitignore deleted file mode 100644 index c17815f..0000000 --- a/roles/common/.gitignore +++ /dev/null @@ -1,14 +0,0 @@ -*.retry -*.swp - -.venv -.env -env -venv - -node_modules/ - -.vault -.vaults/ -vault -vaults/ diff --git a/roles/common/.gitlab-ci.yml b/roles/common/.gitlab-ci.yml deleted file mode 100644 index a629be7..0000000 --- a/roles/common/.gitlab-ci.yml +++ /dev/null @@ -1,33 +0,0 @@ -stages: - - lint - - test - -cache: - key: "$CI_COMMIT_REF_SLUG" - paths: - - .cache/pip - - node_modules/ - -lint: - stage: lint - image: python:3.7 - before_script: - - pip install ansible ansible-lint --quiet - script: - - ansible-lint playbook.yml - only: - refs: - - development - - merge_requests - -pretty-lint: - stage: lint - image: node:12 - before_script: - - npm install - script: - - npx prettier "**/*.yml" --check - only: - refs: - - development - - merge_requests diff --git a/roles/common/.prettier.json b/roles/common/.prettier.json deleted file mode 100644 index 9c76f6b..0000000 --- a/roles/common/.prettier.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "singleQuote": true, - "printWidth": 90, - "tabWidth": 2, - "useTabs": false, - "bracketSpacing": true, - "parser": "yaml" -} - diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml deleted file mode 100644 index d2d3c30..0000000 --- a/roles/common/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -poetry_url: "https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py" -poetry_user: "{{ ansible_user | default(lookup('env', 'USER'), True) }}" -poetry_dir: "{{ ansible_env.HOME }}/.poetry" diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml deleted file mode 100644 index 2ed56a7..0000000 --- a/roles/common/handlers/main.yml +++ /dev/null @@ -1,81 +0,0 @@ -- name: reload ssh - become: yes - systemd: - name: ssh - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart nftables - become: yes - systemd: - name: nftables - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart nginx - become: yes - systemd: - name: nginx - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart docker - become: yes - systemd: - name: docker - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart rabbitmq - become: yes - systemd: - name: rabbitmq-server - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart memcached - become: yes - systemd: - name: memcached - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart postfix - become: yes - systemd: - name: postfix - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart postgres - become: yes - systemd: - name: postgresql@11-main - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart systemd-networkd - become: yes - systemd: - name: systemd-networkd - state: restarted - enabled: yes - daemon-reload: yes - -- name: restart systemd-resolved - become: yes - systemd: - name: systemd-resolved - state: restarted - enabled: yes - daemon-reload: yes - -- include: user.yml diff --git a/roles/common/handlers/user.yml b/roles/common/handlers/user.yml deleted file mode 100644 index 8cf4b1a..0000000 --- a/roles/common/handlers/user.yml +++ /dev/null @@ -1,19 +0,0 @@ -- name: start user tmux service - become_user: "{{ default_user }}" - become: yes - systemd: - daemon-reload: yes - name: tmux - state: started - enabled: yes - scope: user - -- name: restart user tmux service - become_user: "{{ default_user }}" - become: yes - systemd: - daemon-reload: yes - name: tmux - state: restarted - enabled: yes - scope: user diff --git a/roles/common/meta/.galaxy_install_info b/roles/common/meta/.galaxy_install_info deleted file mode 100644 index 9bc5b1c..0000000 --- a/roles/common/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Fri Jan 29 19:51:44 2021 -version: master diff --git a/roles/common/meta/main.yml b/roles/common/meta/main.yml deleted file mode 100644 index 1e19aa6..0000000 --- a/roles/common/meta/main.yml +++ /dev/null @@ -1,15 +0,0 @@ -dependencies: [] - -galaxy_info: - author: sonny - description: "Common tasks" - license: "license GPLv3" - min_ansible_version: 2.7 - issue_tracker_url: "https://git.fudiggity.nl/ansible/common/-/issues" - platforms: - - name: Debian - versions: - - buster - galaxy_tags: - - development - - system diff --git a/roles/common/tasks/host.yml b/roles/common/tasks/host.yml deleted file mode 100644 index 818e7c2..0000000 --- a/roles/common/tasks/host.yml +++ /dev/null @@ -1,15 +0,0 @@ -- name: copy hostname - template: - src: "hostname.j2" - dest: "/etc/hostname" - owner: root - group: root - mode: "0644" - -- name: copy hosts - template: - src: "hosts.j2" - dest: "/etc/hosts" - owner: root - group: root - mode: "0644" diff --git a/roles/common/tasks/known_hosts.yml b/roles/common/tasks/known_hosts.yml deleted file mode 100644 index d8abe99..0000000 --- a/roles/common/tasks/known_hosts.yml +++ /dev/null @@ -1,39 +0,0 @@ -- name: load OS specific vars - include_vars: "{{ item }}" - with_first_found: - - files: - - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}.yml" - - "{{ ansible_distribution|lower }}.yml" - - "{{ ansible_os_family|lower }}.yml" - paths: - - "{{ role_path }}/vars" - -- name: install packages - become: yes - package: - name: "{{ item }}" - state: present - loop: "{{ known_hosts_packages }}" - -- name: retrieve user $HOME - shell: "echo $HOME" # noqa 301 - become_user: "{{ user }}" - register: home_stats - -- name: set user $HOME - set_fact: - user_home: "{{ home_stats.stdout }}" - -- name: create local ssh directory - become_user: "{{ user }}" - file: - path: "{{ user_home }}/.ssh" - state: directory - mode: "0755" - -- name: add items to known hosts - become_user: "{{ user }}" - known_hosts: - name: "{{ item.domain }}" - key: "{{ item.key }}" - loop: "{{ items }}" diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml deleted file mode 100644 index 9079cfa..0000000 --- a/roles/common/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -- include_tasks: "setup.yml" - when: skip_common_setup is not defined or not skip_common_setup diff --git a/roles/common/tasks/network.yml b/roles/common/tasks/network.yml deleted file mode 100644 index f9ff775..0000000 --- a/roles/common/tasks/network.yml +++ /dev/null @@ -1,27 +0,0 @@ -- name: check old network configuration - stat: path=/etc/network/interfaces - register: old_config - -- name: move old network configuration - command: mv /etc/network/interfaces /etc/network/interfaces.save - when: old_config.stat.exists - -- name: copy network configuration - template: - src: "network.j2" - dest: "/etc/systemd/network/50-default.network" - owner: root - group: root - mode: "0644" - notify: restart systemd-networkd - -- name: copy dns configuration - file: - src: "/run/systemd/resolve/resolv.conf" - dest: "/etc/resolv.conf" - owner: root - group: root - state: link - force: yes - mode: "0644" - notify: restart systemd-resolved diff --git a/roles/common/tasks/nginx.yml b/roles/common/tasks/nginx.yml deleted file mode 100644 index 965ef2a..0000000 --- a/roles/common/tasks/nginx.yml +++ /dev/null @@ -1,18 +0,0 @@ -- name: install nginx - apt: - name: nginx - state: present - -- name: copy nginx config - template: - src: "nginx.conf.j2" - dest: "/etc/nginx/nginx.conf" - owner: root - group: root - mode: "0644" - -- name: remove default site - file: - path: "/etc/nginx/sites-enabled/default" - state: absent - notify: restart nginx diff --git a/roles/common/tasks/poetry.yml b/roles/common/tasks/poetry.yml deleted file mode 100644 index 8649337..0000000 --- a/roles/common/tasks/poetry.yml +++ /dev/null @@ -1,73 +0,0 @@ -- name: retrieve user $HOME # noqa 301 - shell: "echo $HOME" - become_user: "{{ poetry_user }}" - register: home_stats - -- name: retrieve user $PATH # noqa 301 - shell: "echo $PATH" - become_user: "{{ poetry_user }}" - register: path_stats - -- name: set poetry user variables - set_fact: - poetry_user_home: "{{ home_stats.stdout }}" - poetry_user_path: "{{ path_stats.stdout }}" - -- name: create user folder for binaries - become_user: "{{ poetry_user }}" - file: - state: directory - mode: "0755" - path: "{{ poetry_user_home }}/.local/bin" - -- name: set default python binary # noqa 208 - become: true - file: - state: link - src: "/usr/bin/python3" - dest: "/usr/bin/python" - when: ansible_distribution == "Ubuntu" - -- name: setup poetry for Ubuntu/Debian derived distro's - block: - - name: check poetry existence - become_user: "{{ poetry_user }}" - stat: - path: "{{ poetry_dir }}" - register: poetry_stats - - - name: download poetry installer - become_user: "{{ poetry_user }}" - get_url: - url: "{{ poetry_url }}" - dest: /tmp/ - mode: "0750" - when: poetry_stats.stat.isdir is not defined - - - name: install poetry - become_user: "{{ poetry_user }}" - command: "python /tmp/get-poetry.py --yes" # noqa 305 - environment: - POETRY_HOME: "{{ poetry_dir }}" - when: poetry_stats.stat.isdir is not defined - - - name: add poetry to user binaries # noqa 208 - become_user: "{{ poetry_user }}" - file: - state: link - src: "{{ poetry_dir }}/bin/poetry" - dest: "{{ poetry_user_home }}/.local/bin/poetry" - when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu" - -- name: setup poetry for Archlinux - become: true - pacman: - name: poetry - state: present - when: ansible_facts['os_family'] == "Archlinux" - -- name: update poetry config - become_user: "{{ poetry_user }}" - command: "poetry config virtualenvs.in-project true" # noqa 301 - environment: - PATH: "{{ poetry_user_home }}/.local/bin:{{ poetry_user_path }}" diff --git a/roles/common/tasks/setup.yml b/roles/common/tasks/setup.yml deleted file mode 100644 index 2811ac4..0000000 --- a/roles/common/tasks/setup.yml +++ /dev/null @@ -1,51 +0,0 @@ -- include_tasks: "sudoers.yml" - loop: - - { src: "sudoers.j2", dest: "/etc/sudoers.d/20-ansible-extra" } - -- name: copy ssh template - template: - src: "sshd_config.j2" - dest: "/etc/ssh/sshd_config" - owner: root - group: root - mode: "0644" - notify: reload ssh - -- name: viva la hollande - locale_gen: - name: nl_NL.UTF-8 - state: present - -- name: ensure basic tooling is installed - apt: - name: - - acl - - man - - apt-transport-https - - ca-certificates - - software-properties-common - - policykit-1 - - libpolkit-agent-1-0 - - nftables - - openssh-client - - bash-completion - - git - - vim - - curl - - tree - - haveged - - rsync - state: present - -- name: copy firewall template - template: - src: "nftables.j2" - dest: "/etc/nftables.conf" - owner: root - group: root - mode: "0600" - notify: restart nftables - -# see https://wiki.debian.org/systemd#Orphaned_processes -- name: enable loginctl user-linger - command: "loginctl enable-linger {{ default_user|quote }}" # noqa 301 diff --git a/roles/common/tasks/ssl.yml b/roles/common/tasks/ssl.yml deleted file mode 100644 index a1cb905..0000000 --- a/roles/common/tasks/ssl.yml +++ /dev/null @@ -1,39 +0,0 @@ -- name: install SSL packages - apt: - name: - - python3-openssl - - python3-crypto - - python3-cryptography - - python-openssl - - python-crypto - - python-cryptography - state: present - -- name: create ssl directory - file: - path: "/etc/ssl/{{ app_name }}" - state: directory - owner: "{{ app_user }}" - group: "{{ app_user }}" - mode: 0750 - -- name: generate an OpenSSL private key with the default values (4096 bits, RSA) - become_user: "{{ app_user }}" - openssl_privatekey: - path: "/etc/ssl/{{ app_name }}/local.pem" - -- name: generate an OpenSSL certificate signing request - become_user: "{{ app_user }}" - openssl_csr: - path: "/etc/ssl/{{ app_name }}/local.csr" - privatekey_path: "/etc/ssl/{{ app_name }}/local.pem" - common_name: fudiggity.nl - -- name: generate a self signed OpenSSL certificate - become_user: "{{ app_user }}" - openssl_certificate: - force: yes - path: "/etc/ssl/{{ app_name }}/{{ app_name }}.crt" - privatekey_path: "/etc/ssl/{{ app_name }}/local.pem" - csr_path: "/etc/ssl/{{ app_name }}/local.csr" - provider: selfsigned diff --git a/roles/common/tasks/sudoers.yml b/roles/common/tasks/sudoers.yml deleted file mode 100644 index c3c3bec..0000000 --- a/roles/common/tasks/sudoers.yml +++ /dev/null @@ -1,7 +0,0 @@ -- name: copy extra sudoers file - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: "0644" diff --git a/roles/common/templates/hostname.j2 b/roles/common/templates/hostname.j2 deleted file mode 100644 index 5154983..0000000 --- a/roles/common/templates/hostname.j2 +++ /dev/null @@ -1,3 +0,0 @@ -# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }} -# -{{ hostname }} diff --git a/roles/common/templates/hosts.j2 b/roles/common/templates/hosts.j2 deleted file mode 100644 index 7f5beb2..0000000 --- a/roles/common/templates/hosts.j2 +++ /dev/null @@ -1,9 +0,0 @@ -# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }} -# -127.0.0.1 localhost -127.0.1.1 {{ hostname }} - -# The following lines are desirable for IPv6 capable hosts -# ::1 localhost ip6-localhost ip6-loopback -ff02::1 ip6-allnodes -ff02::2 ip6-allrouters diff --git a/roles/common/templates/network.j2 b/roles/common/templates/network.j2 deleted file mode 100644 index 526a790..0000000 --- a/roles/common/templates/network.j2 +++ /dev/null @@ -1,9 +0,0 @@ -# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }} -# -[Match] -Name={{ host_interface }} - -[Network] -Address={{ host_ip }}/{{ host_subnet }} -Gateway={{ host_gateway }} -DNS={{ host_dns }} diff --git a/roles/common/templates/nftables.j2 b/roles/common/templates/nftables.j2 deleted file mode 100644 index c755ea9..0000000 --- a/roles/common/templates/nftables.j2 +++ /dev/null @@ -1,19 +0,0 @@ -# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }} -# -# vim:set ts=2 sw=2 et: - -flush ruleset - -table inet filter { - chain input { - type filter hook input priority 0; policy drop; - - # accept any localhost traffic - iif lo accept - - # accept traffic originated from us - ct state { established, related } accept - - tcp dport 22 accept - } -} diff --git a/roles/common/templates/nginx.conf.j2 b/roles/common/templates/nginx.conf.j2 deleted file mode 100644 index ecac8dd..0000000 --- a/roles/common/templates/nginx.conf.j2 +++ /dev/null @@ -1,51 +0,0 @@ -# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }} -# -user www-data; -worker_processes auto; -pid /run/nginx.pid; -include /etc/nginx/modules-enabled/*.conf; - -events { - worker_connections 768; -} - -http { - ## - # Basic Settings - ## - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # SSL Settings - ## - ssl_protocols TLSv1.2; - ssl_prefer_server_ciphers on; - ssl_ciphers HIGH:!aNULL:!MD5; - - ssl_session_cache shared:SSL:20m; - ssl_session_timeout 1d; - - ## - # Logging Settings - ## - access_log /var/log/nginx/access.log; - error_log /var/log/nginx/error.log; - - ## - # Gzip Settings - ## - gzip off; - - ## - # Virtual Host Configs - ## - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; -} diff --git a/roles/common/templates/sshd_config.j2 b/roles/common/templates/sshd_config.j2 deleted file mode 100644 index cd03e07..0000000 --- a/roles/common/templates/sshd_config.j2 +++ /dev/null @@ -1,123 +0,0 @@ -# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }} -# -# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -HostKey /etc/ssh/ssh_host_rsa_key -HostKey /etc/ssh/ssh_host_ecdsa_key -HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -PermitRootLogin no -#StrictModes yes -MaxAuthTries 6 -#MaxSessions 10 - -PubkeyAuthentication yes - -# Expect .ssh/authorized_keys2 to be disregarded by default in future. -AuthorizedKeysFile .ssh/authorized_keys - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -PasswordAuthentication no -#PermitEmptyPasswords no - -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -ChallengeResponseAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes -#GSSAPIStrictAcceptorCheck yes -#GSSAPIKeyExchange no - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding yes -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS no -#PidFile /var/run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# Allow client to pass locale environment variables -AcceptEnv LANG LC_* - -# override default of no subsystems -Subsystem sftp /usr/lib/openssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server diff --git a/roles/common/templates/sudoers.j2 b/roles/common/templates/sudoers.j2 deleted file mode 100644 index ac3bc08..0000000 --- a/roles/common/templates/sudoers.j2 +++ /dev/null @@ -1,3 +0,0 @@ -# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }} -# -ansible ALL = ({{ default_user }}:{{ default_user }}) NOPASSWD: ALL diff --git a/roles/common/vars/archlinux.yml b/roles/common/vars/archlinux.yml deleted file mode 100644 index acad597..0000000 --- a/roles/common/vars/archlinux.yml +++ /dev/null @@ -1,2 +0,0 @@ -known_hosts_packages: - - openssh diff --git a/roles/common/vars/debian-buster.yml b/roles/common/vars/debian-buster.yml deleted file mode 100644 index 64df6d3..0000000 --- a/roles/common/vars/debian-buster.yml +++ /dev/null @@ -1 +0,0 @@ -known_hosts_packages: [] diff --git a/roles/common/vars/ubuntu-focal.yml b/roles/common/vars/ubuntu-focal.yml deleted file mode 100644 index 64df6d3..0000000 --- a/roles/common/vars/ubuntu-focal.yml +++ /dev/null @@ -1 +0,0 @@ -known_hosts_packages: []