Compare commits
1 Commits
Author | SHA1 | Date |
---|---|---|
fosslinux | 88aaa521c8 |
|
@ -3,7 +3,13 @@ name: default
|
|||
|
||||
steps:
|
||||
- name: syntax
|
||||
image: debian:11
|
||||
image: debian:10
|
||||
commands:
|
||||
- .drone/deps
|
||||
- ansible-playbook -i hosts site.yml --syntax
|
||||
- name: run
|
||||
image: debian:10
|
||||
commands:
|
||||
- .drone/deps
|
||||
- sed -i "s/thunix.net/127.0.0.1/g" hosts
|
||||
- ansible-playbook -i hosts site.yml
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/sh
|
||||
sed -i "s/thunix.net/127.0.0.1/g" hosts
|
||||
sed -i 's/- include: resolv.yml/#&/' roles/common/tasks/main.yml
|
|
@ -1 +0,0 @@
|
|||
*.swp
|
|
@ -1,7 +1,5 @@
|
|||
# Thunix Ansible Playbook
|
||||
|
||||
[![Build Status](https://drone.tildegit.org/api/badges/thunix/ansible/status.svg)](https://drone.tildegit.org/thunix/ansible)
|
||||
|
||||
Clone repo, then execute playbook as follows:
|
||||
|
||||
```/usr/local/bin/ansible-playbook -i /var/thunix/hosts /var/thunix/site.yml```
|
||||
|
@ -32,7 +30,6 @@ After that, run it again, without the syntax flag:
|
|||
|
||||
If it looks good, add all your files, then push to the repo.
|
||||
|
||||
If for whatever reason you **can't** do this, create a PR and let our CI (Drone) test it for you.
|
||||
|
||||
### Adding a Package
|
||||
To install a new package on a machine, just find the package name, and add it to the end of ./role/{which role}/tasks/packages.yml. Run ansible-playbook against thunix:
|
||||
|
|
11
hosts
11
hosts
|
@ -1,13 +1,8 @@
|
|||
[all:vars]
|
||||
ansible_connection=local
|
||||
ansible_python_interpreter=/usr/bin/python3
|
||||
|
||||
[common]
|
||||
localhost
|
||||
thunix.net ansible_connection=local
|
||||
|
||||
[shell]
|
||||
localhost
|
||||
thunix.net ansible_connection=local
|
||||
|
||||
[webserver]
|
||||
localhost
|
||||
|
||||
thunix.net ansible_connection=local
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#!/bin/bash
|
||||
export ANSIBLE_LOCAL_TEMP=/tmp/.ansible
|
||||
export ANSIBLE_LOCAL_TEMP = /tmp/.ansible
|
||||
cd /var/thunix/ansible
|
||||
git pull
|
||||
ansible-playbook -i ./hosts site.yml -u root
|
||||
|
|
|
@ -1,23 +1,15 @@
|
|||
#!/bin/bash
|
||||
export RUNNING="/dev/shm/ansible_is_running"
|
||||
export HOOK="/dev/shm/ansible-hook-last-run"
|
||||
export PATHMODIFIED="/dev/shm/run-ansible"
|
||||
export SCHED=1
|
||||
|
||||
if [ -f $RUNNING ]; then
|
||||
echo "Ansible is currently running."
|
||||
exit 1
|
||||
else
|
||||
touch $RUNNING
|
||||
cd /var/thunix/ansible
|
||||
while [ $SCHED = 1 ]
|
||||
do
|
||||
sleep 1
|
||||
touch $RUNNING
|
||||
/usr/bin/git pull
|
||||
/usr/local/bin/ansible-playbook -i /var/thunix/ansible/hosts /var/thunix/ansible/site.yml -u root
|
||||
touch $HOOK
|
||||
|
||||
[ "$PATHMODIFIED" -ot "$RUNNING" ] && SCHED=0
|
||||
! [ -f "$PATHMODIFIED" ] && SCHED=0
|
||||
done
|
||||
/usr/bin/git pull
|
||||
/usr/local/bin/ansible-playbook -i /var/thunix/ansible/hosts /var/thunix/ansible/site.yml -u root
|
||||
touch /dev/shm/ansible-hook-last-run
|
||||
rm $RUNNING
|
||||
exit 0
|
||||
fi
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
/bin/systemctl restart postfix
|
||||
/bin/systemctl restart dovecot
|
|
@ -1,23 +0,0 @@
|
|||
# This file describes the network interfaces available on your system
|
||||
# and how to activate them. For more information, see interfaces(5).
|
||||
|
||||
source /etc/network/interfaces.d/*
|
||||
|
||||
# The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug ens33
|
||||
iface ens33 inet static
|
||||
address 142.44.150.185/32
|
||||
gateway 66.70.181.254
|
||||
# dns-* options are implemented by the resolvconf package, if installed
|
||||
dns-nameservers 8.8.8.8 8.8.4.4
|
||||
dns-search net
|
||||
up ip route add default via 66.70.181.254
|
||||
|
||||
# The IPV6 network interface
|
||||
iface ens33 inet6 static
|
||||
address 2607:5300:0204:4340:0000:0000:0000:0185/64
|
||||
gateway 2607:5300:0204:43ff:00ff:00ff:00ff:00ff
|
|
@ -1,56 +0,0 @@
|
|||
# PAM configuration for the Secure Shell service
|
||||
|
||||
# Standard Un*x authentication.
|
||||
@include common-auth
|
||||
|
||||
# Disallow non-root logins when /etc/nologin exists.
|
||||
account required pam_nologin.so
|
||||
|
||||
# Uncomment and edit /etc/security/access.conf if you need to set complex
|
||||
# access limits that are hard to express in sshd_config.
|
||||
# account required pam_access.so
|
||||
|
||||
# Standard Un*x authorization.
|
||||
@include common-account
|
||||
|
||||
# SELinux needs to be the first session rule. This ensures that any
|
||||
# lingering context has been cleared. Without this it is possible that a
|
||||
# module could execute code in the wrong domain.
|
||||
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
|
||||
|
||||
# Set the loginuid process attribute.
|
||||
session required pam_loginuid.so
|
||||
|
||||
# Create a new session keyring.
|
||||
session optional pam_keyinit.so force revoke
|
||||
|
||||
# Standard Un*x session setup and teardown.
|
||||
@include common-session
|
||||
|
||||
# Print the message of the day upon successful login.
|
||||
# This includes a dynamically generated part from /run/motd.dynamic
|
||||
# and a static (admin-editable) part from /etc/motd.
|
||||
session optional pam_motd.so motd=/run/motd.dynamic
|
||||
session optional pam_motd.so noupdate
|
||||
|
||||
# Print the status of the user's mailbox upon successful login.
|
||||
session optional pam_mail.so standard noenv # [1]
|
||||
|
||||
# Set up user limits from /etc/security/limits.conf.
|
||||
session required pam_limits.so
|
||||
|
||||
# Read environment variables from /etc/environment and
|
||||
# /etc/security/pam_env.conf.
|
||||
session required pam_env.so # [1]
|
||||
# In Debian 4.0 (etch), locale-related environment variables were moved to
|
||||
# /etc/default/locale, so read that as well.
|
||||
session required pam_env.so user_readenv=1 envfile=/etc/default/locale
|
||||
|
||||
# SELinux needs to intervene at login time to ensure that the process starts
|
||||
# in the proper default security context. Only sessions which are intended
|
||||
# to run in the user's context should be run after this.
|
||||
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
|
||||
|
||||
# Standard Un*x password updating.
|
||||
@include common-password
|
||||
auth required pam_google_authenticator.so nullok
|
|
@ -8,9 +8,8 @@
|
|||
https://www.thunix.net EST DEC 2018
|
||||
-----------------------------------------------------------
|
||||
brought to you by:
|
||||
ubergeek fosslinux naglfar
|
||||
continued by:
|
||||
deepend
|
||||
amcclure naglfar
|
||||
ubergeek fosslinux
|
||||
-----------------------------------------------------------
|
||||
For system document type 'man thunix'.
|
||||
-----------------------------------------------------------
|
||||
|
@ -33,4 +32,5 @@ an issue here: https://tildegit.org/thunix/ansible/issues
|
|||
-----------------------------------------------------------
|
||||
Enjoy your stay!
|
||||
|
||||
*** END OF LINE.
|
||||
*** END OF LINE.
|
||||
|
||||
|
|
|
@ -1,4 +1,2 @@
|
|||
nameserver 127.0.0.1
|
||||
#nameserver 149.56.184.112
|
||||
#nameserver 95.179.226.37
|
||||
nameserver 8.8.8.8
|
||||
nameserver 149.56.184.112
|
||||
nameserver 66.42.77.29
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
|
||||
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
|
||||
|
||||
# This is the sshd server system-wide configuration file. See
|
||||
# sshd_config(5) for more information.
|
||||
|
@ -24,7 +24,7 @@ Port 2222
|
|||
#RekeyLimit default none
|
||||
|
||||
# Logging
|
||||
SyslogFacility AUTHPRIV
|
||||
#SyslogFacility AUTH
|
||||
#LogLevel INFO
|
||||
|
||||
# Authentication:
|
||||
|
@ -38,7 +38,7 @@ PermitRootLogin without-password
|
|||
PubkeyAuthentication yes
|
||||
|
||||
# Expect .ssh/authorized_keys2 to be disregarded by default in future.
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
|
||||
|
||||
#AuthorizedPrincipalsFile none
|
||||
|
||||
|
@ -55,11 +55,10 @@ AuthorizedKeysFile .ssh/authorized_keys
|
|||
|
||||
# To disable tunneled clear text passwords, change to no here!
|
||||
#PermitEmptyPasswords no
|
||||
PasswordAuthentication no
|
||||
|
||||
# Change to yes to enable challenge-response passwords (beware issues with
|
||||
# some PAM modules and threads)
|
||||
ChallengeResponseAuthentication yes
|
||||
ChallengeResponseAuthentication no
|
||||
|
||||
# Kerberos options
|
||||
#KerberosAuthentication no
|
||||
|
@ -68,8 +67,8 @@ ChallengeResponseAuthentication yes
|
|||
#KerberosGetAFSToken no
|
||||
|
||||
# GSSAPI options
|
||||
GSSAPIAuthentication yes
|
||||
GSSAPICleanupCredentials no
|
||||
#GSSAPIAuthentication no
|
||||
#GSSAPICleanupCredentials yes
|
||||
#GSSAPIStrictAcceptorCheck yes
|
||||
#GSSAPIKeyExchange no
|
||||
|
||||
|
@ -84,12 +83,10 @@ GSSAPICleanupCredentials no
|
|||
# and ChallengeResponseAuthentication to 'no'.
|
||||
UsePAM yes
|
||||
|
||||
# AuthenticationMethods publickey,password publickey,keyboard-interactive
|
||||
|
||||
#AllowAgentForwarding yes
|
||||
AllowTcpForwarding yes
|
||||
#GatewayPorts no
|
||||
X11Forwarding no
|
||||
X11Forwarding no
|
||||
#X11DisplayOffset 10
|
||||
#X11UseLocalhost yes
|
||||
#PermitTTY yes
|
||||
|
@ -98,7 +95,7 @@ PrintMotd no
|
|||
#TCPKeepAlive yes
|
||||
#UseLogin no
|
||||
#UsePrivilegeSeparation sandbox
|
||||
PermitUserEnvironment yes
|
||||
#PermitUserEnvironment no
|
||||
#Compression delayed
|
||||
#ClientAliveInterval 0
|
||||
#ClientAliveCountMax 3
|
||||
|
@ -116,13 +113,14 @@ PermitUserEnvironment yes
|
|||
AcceptEnv LANG LC_*
|
||||
|
||||
# override default of no subsystems
|
||||
Subsystem sftp /usr/lib/openssh/sftp-server
|
||||
Subsystem sftp /usr/lib/openssh/sftp-server
|
||||
|
||||
# Example of overriding settings on a per-user basis
|
||||
#Match User anoncvs
|
||||
# X11Forwarding no
|
||||
# AllowTcpForwarding no
|
||||
# PermitTTY no
|
||||
# ForceCommand cvs server
|
||||
# X11Forwarding no
|
||||
# AllowTcpForwarding no
|
||||
# PermitTTY no
|
||||
# ForceCommand cvs server
|
||||
|
||||
ClientAliveInterval 120
|
||||
ClientAliveInterval 120
|
||||
PasswordAuthentication no
|
||||
|
|
|
@ -1,34 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
################################################################################
|
||||
#
|
||||
# $0 is a tool that logs mod actions
|
||||
#
|
||||
# Arguments:
|
||||
# {action}
|
||||
#
|
||||
# Return codes:
|
||||
# 0 Exectuted without problem
|
||||
# 1 Incorrect usage pattern.
|
||||
#
|
||||
# This software is licensed under the AGPL 3.0 or later, by
|
||||
# ubergeek <ubergeek@thunix.net>
|
||||
#
|
||||
################################################################################
|
||||
|
||||
ACTION=$*
|
||||
|
||||
function usage() {
|
||||
|
||||
cat << _EOF
|
||||
$0 {action}
|
||||
{action} Free form text of what action was performed.
|
||||
_EOF
|
||||
}
|
||||
|
||||
if [ "$1" == "" ]; then
|
||||
usage
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo -e `date`"\t"`whoami`"\t"$ACTION | sudo tee -a /root/modlog
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
google-authenticator -t -d -f -r 3 -R 30 -W
|
|
@ -1,12 +0,0 @@
|
|||
# This will add script to run google-authenticator for users to set up 2FA
|
||||
---
|
||||
- name: Set 2FA
|
||||
copy:
|
||||
src: ../files/usr/local/bin/setup-2factor
|
||||
dest: /usr/local/bin/setup-2factor
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
# last line of ../files/etc/pam.d/sshd will need to be copied to /etc/pam.d/sshd.
|
||||
# Decided it to risky to automatically have ansible add that.
|
|
@ -9,5 +9,3 @@
|
|||
- include: ansible-pull.yml
|
||||
- include: manpage.yml
|
||||
- include: monitoring.yml
|
||||
- include: scripts.yml
|
||||
- include: 2fa.yml
|
|
@ -1,20 +1,9 @@
|
|||
# Install our baseline packages for all machines, irrespective of what role they might have
|
||||
---
|
||||
- name: Install bootstrap packages
|
||||
apt:
|
||||
name: "{{ packages }}"
|
||||
- name: Add Thunix Repo
|
||||
apt_key:
|
||||
url: http://deb.thunix.net/release.key
|
||||
state: present
|
||||
update_cache: yes
|
||||
vars:
|
||||
packages:
|
||||
- python3
|
||||
- python3-apt
|
||||
- gpg
|
||||
|
||||
#- name: Add Thunix Repo
|
||||
# apt_key:
|
||||
# url: http://deb.thunix.net/release.key
|
||||
# state: present
|
||||
|
||||
- name: Install baseline packages
|
||||
apt:
|
||||
|
@ -29,39 +18,30 @@
|
|||
- debhelper
|
||||
- dpkg-sig
|
||||
- git
|
||||
- libpam-google-authenticator
|
||||
- ieee-data
|
||||
- libboost-dev
|
||||
- letsencrypt
|
||||
- man
|
||||
- members
|
||||
- pflogsumm
|
||||
- python
|
||||
- python3-certbot-apache
|
||||
- python3-certbot-dns-cloudflare
|
||||
- python3-httplib2
|
||||
- python3-jinja2
|
||||
- python3-kerberos
|
||||
- python3-markupsafe
|
||||
# - python-netaddr
|
||||
- python3-paramiko
|
||||
# - python-pip
|
||||
- python3-pymysql
|
||||
- python3-selinux
|
||||
- python3-xmltodict
|
||||
- python3-yaml
|
||||
- python3-flask
|
||||
- python3-flask-restful
|
||||
- python3-flask-api
|
||||
- python3-pip
|
||||
- python3-psutil
|
||||
- python3-pymysql
|
||||
- sqlite3
|
||||
- python-certbot-apache
|
||||
- python-httplib2
|
||||
- python-jinja2
|
||||
- python-kerberos
|
||||
- python-markupsafe
|
||||
- python-netaddr
|
||||
- python-paramiko
|
||||
- python-pip
|
||||
- python-selinux
|
||||
- python-xmltodict
|
||||
- python-yaml
|
||||
- sqlite
|
||||
- sudo
|
||||
- systemd
|
||||
- ufw
|
||||
- libboost-dev
|
||||
- python-pymysql
|
||||
- python3-pymysql
|
||||
|
||||
# Install ansible python package, because it's the latest
|
||||
- name: Install ansible
|
||||
pip:
|
||||
name: ansible
|
||||
name: ansible
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
# This setup the letsencrypt stuff we have
|
||||
---
|
||||
- name: Set up post-deploy LE stuff
|
||||
copy:
|
||||
src: ../files/etc/letsencrypt/renewal-hooks/update-postfix
|
||||
dest: /etc/letsencrypt/renewal-hooks/update-postfix
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
# This deploys manually managed scripts
|
||||
---
|
||||
- name: Deploy modlog tool
|
||||
copy:
|
||||
src: ../files/usr/local/bin/modlog
|
||||
dest: /usr/local/bin/modlog
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
|
@ -1,2 +0,0 @@
|
|||
#!/bin/sh
|
||||
exec python3.9 /usr/share/bbj/clients/urwid/main.py --host bbj.tildeverse.org
|
|
@ -1,14 +0,0 @@
|
|||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
[Unit]
|
||||
Description=BZFlag Game Server
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/games/bzfs -conf /var/lib/bzflag/bzflag.conf
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
User=bzflag
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,7 +1,3 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [[ -f ~/.weechat/irc.conf ]]; then
|
||||
exec weechat
|
||||
else
|
||||
exec weechat-curses -r "/server add tilde irc.tilde.chat/6697 -ssl -autoconnect; /set irc.server.tilde.autojoin \"#meta,#thunix,#tildetel\"; /connect tilde"
|
||||
fi
|
||||
weechat-curses -r "/set irc.look.temporary_servers on; /connect irc://`whoami`@localhost:6667/#thunix"
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
#!/bin/bash
|
||||
/usr/sbin/pflogsumm -d today /var/log/mail.log | mail -s "Mail Report for `date +%Y/%m/%d`" postmaster@thunix.net
|
|
@ -1,6 +0,0 @@
|
|||
#!/bin/dash
|
||||
|
||||
PID=$(pgrep -u znc znc)
|
||||
|
||||
#Rewrite znc.conf
|
||||
[ $PID ] && kill -s USR1 $PID
|
|
@ -9,8 +9,8 @@ ssl = yes
|
|||
# dropping root privileges, so keep the key file unreadable by anyone but
|
||||
# root. Included doc/mkcert.sh can be used to easily generate self-signed
|
||||
# certificate, just make sure to update the domains in dovecot-openssl.cnf
|
||||
ssl_cert = </etc/letsencrypt/live/thunix.net/fullchain.pem
|
||||
ssl_key = </etc/letsencrypt/live/thunix.net/privkey.pem
|
||||
#ssl_cert = </etc/dovecot/dovecot.pem
|
||||
#ssl_key = </etc/dovecot/private/dovecot.pem
|
||||
|
||||
# If key file is password protected, give the password here. Alternatively
|
||||
# give it when starting dovecot with -p parameter. Since this file is often
|
||||
|
@ -44,11 +44,9 @@ ssl_key = </etc/letsencrypt/live/thunix.net/privkey.pem
|
|||
|
||||
# DH parameters length to use.
|
||||
#ssl_dh_parameters_length = 1024
|
||||
ssl_dh=</etc/dovecot/dh.pem
|
||||
|
||||
# SSL protocols to use
|
||||
#ssl_protocols = !SSLv3
|
||||
ssl_min_protocol = TLSv1.2
|
||||
|
||||
# SSL ciphers to use
|
||||
#ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
#to reload the configuration.
|
||||
/usr/bin/doveadm reload
|
|
@ -1,9 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
#https://wiki.znc.in/Signed_SSL_certificate
|
||||
DOMAIN="thunix.net"
|
||||
ZNCPEM=/var/lib/znc/znc.pem
|
||||
|
||||
echo "Updating znc.pem Before ZNC 1.7"
|
||||
cat /etc/letsencrypt/live/thunix.net/privkey.pem > $ZNCPEM
|
||||
cat /etc/letsencrypt/live/thunix.net/fullchain.pem >> $ZNCPEM
|
|
@ -0,0 +1,10 @@
|
|||
#!/bin/bash
|
||||
|
||||
#https://wiki.znc.in/Signed_SSL_certificate
|
||||
ZNCDOMAIN="thunix.net-0001"
|
||||
ZNCPEM=/var/lib/znc/znc.pem
|
||||
|
||||
#[[ $RENEWED_LINEAGE != "/etc/letsencrypt/live/$ZNCDOMAIN" ]] && exit 0
|
||||
echo "Updating znc.pem Before ZNC 1.7"
|
||||
cat /etc/letsencrypt/live/$ZNCDOMAIN/privkey.pem > $ZNCPEM
|
||||
cat /etc/letsencrypt/live/$ZNCDOMAIN/fullchain.pem >> $ZNCPEM
|
|
@ -1,61 +0,0 @@
|
|||
# This is a basic configuration for signing and verifying. It can easily be
|
||||
# adapted to suit a basic installation. See opendkim.conf(5) and
|
||||
# /usr/share/doc/opendkim/examples/opendkim.conf.sample for complete
|
||||
# documentation of available configuration parameters.
|
||||
|
||||
Syslog yes
|
||||
SyslogSuccess yes
|
||||
#LogWhy no
|
||||
|
||||
# Common signing and verification parameters. In Debian, the "From" header is
|
||||
# oversigned, because it is often the identity key used by reputation systems
|
||||
# and thus somewhat security sensitive.
|
||||
Canonicalization relaxed/simple
|
||||
Mode sv
|
||||
SubDomains no
|
||||
OversignHeaders From
|
||||
|
||||
# Signing domain, selector, and key (required). For example, perform signing
|
||||
# for domain "example.com" with selector "2020" (2020._domainkey.example.com),
|
||||
# using the private key stored in /etc/dkimkeys/example.private. More granular
|
||||
# setup options can be found in /usr/share/doc/opendkim/README.opendkim.
|
||||
#Domain example.com
|
||||
#Selector 2020
|
||||
#KeyFile /etc/dkimkeys/example.private
|
||||
|
||||
# In Debian, opendkim runs as user "opendkim". A umask of 007 is required when
|
||||
# using a local socket with MTAs that access the socket as a non-privileged
|
||||
# user (for example, Postfix). You may need to add user "postfix" to group
|
||||
# "opendkim" in that case.
|
||||
UserID opendkim
|
||||
UMask 007
|
||||
|
||||
# Socket for the MTA connection (required). If the MTA is inside a chroot jail,
|
||||
# it must be ensured that the socket is accessible. In Debian, Postfix runs in
|
||||
# a chroot in /var/spool/postfix, therefore a Unix socket would have to be
|
||||
# configured as shown on the last line below.
|
||||
Socket local:/var/spool/postfix/opendkim/opendkim.sock
|
||||
#Socket inet:8891@localhost
|
||||
#Socket inet:8891
|
||||
#Socket local:/var/spool/postfix/opendkim/opendkim.sock
|
||||
|
||||
PidFile /run/opendkim/opendkim.pid
|
||||
|
||||
# Hosts for which to sign rather than verify, default is 127.0.0.1. See the
|
||||
# OPERATION section of opendkim(8) for more information.
|
||||
#InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12
|
||||
|
||||
# The trust anchor enables DNSSEC. In Debian, the trust anchor file is provided
|
||||
# by the package dns-root-data.
|
||||
TrustAnchorFile /usr/share/dns/root.key
|
||||
Nameservers 8.8.8.8,1.1.1.1
|
||||
|
||||
# Map domains in From addresses to keys used to sign messages
|
||||
KeyTable refile:/etc/opendkim/key.table
|
||||
SigningTable refile:/etc/opendkim/signing.table
|
||||
|
||||
# Hosts to ignore when verifying signatures
|
||||
ExternalIgnoreList /etc/opendkim/trusted.hosts
|
||||
|
||||
# A set of internal hosts whose mail should be signed
|
||||
InternalHosts /etc/opendkim/trusted.hosts
|
|
@ -1,13 +0,0 @@
|
|||
# For a fully commented sample config file see policyd-spf.conf.commented
|
||||
|
||||
debugLevel = 0
|
||||
TestOnly = 1
|
||||
|
||||
HELO_reject = SPF_Not_Pass
|
||||
Mail_From_reject = Softfail
|
||||
|
||||
PermError_reject = False
|
||||
TempError_Defer = False
|
||||
|
||||
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1
|
||||
|
|
@ -11,12 +11,11 @@ readme_directory = no
|
|||
compatibility_level = 2
|
||||
|
||||
# TLS parameters
|
||||
smtpd_tls_cert_file=/etc/letsencrypt/live/thunix.net/fullchain.pem
|
||||
smtpd_tls_key_file=/etc/letsencrypt/live/thunix.net/privkey.pem
|
||||
smtpd_tls_cert_file=/etc/letsencrypt/live/thunix.net-0001/fullchain.pem
|
||||
smtpd_tls_key_file=/etc/letsencrypt/live/thunix.net-0001/privkey.pem
|
||||
smtpd_use_tls=yes
|
||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||
smtp_tls_security_level = may
|
||||
|
||||
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
|
||||
# information on enabling SSL in the smtp client.
|
||||
|
@ -38,8 +37,8 @@ mynetworks = 127.0.0.0/8
|
|||
mailbox_size_limit = 0
|
||||
recipient_delimiter = +
|
||||
inet_interfaces = all
|
||||
inet_protocols = all
|
||||
#inet_protocols = ipv4
|
||||
#inet_protocols = all
|
||||
inet_protocols = ipv4
|
||||
|
||||
home_mailbox = Maildir/
|
||||
|
||||
|
@ -49,45 +48,10 @@ smtpd_sasl_path = private/auth
|
|||
smtpd_sasl_auth_enable = yes
|
||||
smtpd_sasl_security_options = noanonymous
|
||||
smtpd_sasl_local_domain = $myhostname
|
||||
smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
|
||||
|
||||
# Enforce the requirement for a helo to be sent for each message
|
||||
smtpd_helo_required = yes
|
||||
|
||||
# Don't accept mail from domains that don't exist.
|
||||
smtpd_sender_restrictions = reject_unknown_sender_domain
|
||||
|
||||
#Allow ONLY authenticated users to send email
|
||||
smtpd_recipient_restrictions =
|
||||
permit_mynetworks,
|
||||
permit_sasl_authenticated,
|
||||
reject_unauth_destination,
|
||||
reject_invalid_hostname,
|
||||
reject_unauth_pipelining,
|
||||
reject_non_fqdn_sender,
|
||||
reject_non_fqdn_recipient,
|
||||
reject_unknown_sender_domain,
|
||||
reject_unknown_recipient_domain,
|
||||
reject_unknown_reverse_client_hostname,
|
||||
check_policy_service unix:private/policyd-spf,
|
||||
reject_rbl_client bl.fmb.la=127.0.1.[24;25;26;27;28],
|
||||
reject_rbl_client spam.dnsbl.anonmails.de,
|
||||
reject_rbl_client uribl.abuse.ro,
|
||||
reject_rbl_client all.spamrats.com,
|
||||
reject_rbl_client sbl.spamhaus.org,
|
||||
reject_rbl_client xbl.spamhaus.org,
|
||||
reject_rbl_client pbl.spamhaus.org,
|
||||
reject_rbl_client blackholes.tepucom.nl,
|
||||
reject_rbl_client hostkarma.junkemailfilter.com=127.0.0.2,
|
||||
reject_rbl_client truncate.gbudb.net,
|
||||
reject_rhsbl_sender dbl.spamhaus.org
|
||||
|
||||
policyd-spf_time_limit = 3600
|
||||
|
||||
milter_protocol = 2
|
||||
milter_default_action = accept
|
||||
milter_protocol = 6
|
||||
smtpd_milters = local:opendkim/opendkim.sock
|
||||
non_smtpd_milters = $smtpd_milters
|
||||
|
||||
# message delivery requests that any client is allowed (50/hr)
|
||||
smtpd_client_auth_rate_limit = 50
|
||||
anvil_rate_time_unit = 60m
|
||||
smtpd_milters = inet:localhost:12301
|
||||
non_smtpd_milters = inet:localhost:12301
|
||||
|
|
|
@ -1,125 +0,0 @@
|
|||
#
|
||||
# Postfix master process configuration file. For details on the format
|
||||
# of the file, see the master(5) manual page (command: "man 5 master" or
|
||||
# on-line: http://www.postfix.org/master.5.html).
|
||||
#
|
||||
# Do not forget to execute "postfix reload" after editing this file.
|
||||
#
|
||||
# ==========================================================================
|
||||
# service type private unpriv chroot wakeup maxproc command + args
|
||||
# (yes) (yes) (no) (never) (100)
|
||||
# ==========================================================================
|
||||
smtp inet n - y - - smtpd
|
||||
#smtp inet n - y - 1 postscreen
|
||||
#smtpd pass - - y - - smtpd
|
||||
#dnsblog unix - - y - 0 dnsblog
|
||||
#tlsproxy unix - - y - 0 tlsproxy
|
||||
submission inet n - y - - smtpd
|
||||
# -o syslog_name=postfix/submission
|
||||
# -o smtpd_tls_security_level=encrypt
|
||||
# -o smtpd_sasl_auth_enable=yes
|
||||
# -o smtpd_reject_unlisted_recipient=no
|
||||
# -o smtpd_client_restrictions=$mua_client_restrictions
|
||||
# -o smtpd_helo_restrictions=$mua_helo_restrictions
|
||||
# -o smtpd_sender_restrictions=$mua_sender_restrictions
|
||||
# -o smtpd_recipient_restrictions=
|
||||
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
|
||||
# -o milter_macro_daemon_name=ORIGINATING
|
||||
#smtps inet n - y - - smtpd
|
||||
# -o syslog_name=postfix/smtps
|
||||
# -o smtpd_tls_wrappermode=yes
|
||||
# -o smtpd_sasl_auth_enable=yes
|
||||
# -o smtpd_reject_unlisted_recipient=no
|
||||
# -o smtpd_client_restrictions=$mua_client_restrictions
|
||||
# -o smtpd_helo_restrictions=$mua_helo_restrictions
|
||||
# -o smtpd_sender_restrictions=$mua_sender_restrictions
|
||||
# -o smtpd_recipient_restrictions=
|
||||
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
|
||||
# -o milter_macro_daemon_name=ORIGINATING
|
||||
#628 inet n - y - - qmqpd
|
||||
pickup unix n - y 60 1 pickup
|
||||
cleanup unix n - y - 0 cleanup
|
||||
qmgr unix n - n 300 1 qmgr
|
||||
#qmgr unix n - n 300 1 oqmgr
|
||||
tlsmgr unix - - y 1000? 1 tlsmgr
|
||||
rewrite unix - - y - - trivial-rewrite
|
||||
bounce unix - - y - 0 bounce
|
||||
defer unix - - y - 0 bounce
|
||||
trace unix - - y - 0 bounce
|
||||
verify unix - - y - 1 verify
|
||||
flush unix n - y 1000? 0 flush
|
||||
proxymap unix - - n - - proxymap
|
||||
proxywrite unix - - n - 1 proxymap
|
||||
smtp unix - - y - - smtp
|
||||
relay unix - - y - - smtp
|
||||
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
|
||||
showq unix n - y - - showq
|
||||
error unix - - y - - error
|
||||
retry unix - - y - - error
|
||||
discard unix - - y - - discard
|
||||
local unix - n n - - local
|
||||
virtual unix - n n - - virtual
|
||||
lmtp unix - - y - - lmtp
|
||||
anvil unix - - y - 1 anvil
|
||||
scache unix - - y - 1 scache
|
||||
#
|
||||
# ====================================================================
|
||||
# Interfaces to non-Postfix software. Be sure to examine the manual
|
||||
# pages of the non-Postfix software to find out what options it wants.
|
||||
#
|
||||
# Many of the following services use the Postfix pipe(8) delivery
|
||||
# agent. See the pipe(8) man page for information about ${recipient}
|
||||
# and other message envelope options.
|
||||
# ====================================================================
|
||||
#
|
||||
# maildrop. See the Postfix MAILDROP_README file for details.
|
||||
# Also specify in main.cf: maildrop_destination_recipient_limit=1
|
||||
#
|
||||
maildrop unix - n n - - pipe
|
||||
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
|
||||
#
|
||||
# ====================================================================
|
||||
#
|
||||
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
|
||||
#
|
||||
# Specify in cyrus.conf:
|
||||
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
|
||||
#
|
||||
# Specify in main.cf one or more of the following:
|
||||
# mailbox_transport = lmtp:inet:localhost
|
||||
# virtual_transport = lmtp:inet:localhost
|
||||
#
|
||||
# ====================================================================
|
||||
#
|
||||
# Cyrus 2.1.5 (Amos Gouaux)
|
||||
# Also specify in main.cf: cyrus_destination_recipient_limit=1
|
||||
#
|
||||
#cyrus unix - n n - - pipe
|
||||
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
|
||||
#
|
||||
# ====================================================================
|
||||
# Old example of delivery via Cyrus.
|
||||
#
|
||||
#old-cyrus unix - n n - - pipe
|
||||
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
|
||||
#
|
||||
# ====================================================================
|
||||
#
|
||||
# See the Postfix UUCP_README file for configuration details.
|
||||
#
|
||||
uucp unix - n n - - pipe
|
||||
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
|
||||
#
|
||||
# Other external delivery methods.
|
||||
#
|
||||
ifmail unix - n n - - pipe
|
||||
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
|
||||
bsmtp unix - n n - - pipe
|
||||
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
|
||||
scalemail-backend unix - n n - 2 pipe
|
||||
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
|
||||
mailman unix - n n - - pipe
|
||||
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
|
||||
${nexthop} ${user}
|
||||
policyd-spf unix - n n - 0 spawn
|
||||
user=policyd-spf argv=/usr/bin/policyd-spf
|
|
@ -1,113 +0,0 @@
|
|||
# ~/.bashrc: executed by bash(1) for non-login shells.
|
||||
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
|
||||
# for examples
|
||||
|
||||
# If not running interactively, don't do anything
|
||||
case $- in
|
||||
*i*) ;;
|
||||
*) return;;
|
||||
esac
|
||||
|
||||
# don't put duplicate lines or lines starting with space in the history.
|
||||
# See bash(1) for more options
|
||||
HISTCONTROL=ignoreboth
|
||||
|
||||
# append to the history file, don't overwrite it
|
||||
shopt -s histappend
|
||||
|
||||
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
|
||||
HISTSIZE=1000
|
||||
HISTFILESIZE=2000
|
||||
|
||||
# check the window size after each command and, if necessary,
|
||||
# update the values of LINES and COLUMNS.
|
||||
shopt -s checkwinsize
|
||||
|
||||
# If set, the pattern "**" used in a pathname expansion context will
|
||||
# match all files and zero or more directories and subdirectories.
|
||||
#shopt -s globstar
|
||||
|
||||
# make less more friendly for non-text input files, see lesspipe(1)
|
||||
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
|
||||
|
||||
# set variable identifying the chroot you work in (used in the prompt below)
|
||||
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
|
||||
debian_chroot=$(cat /etc/debian_chroot)
|
||||
fi
|
||||
|
||||
# set a fancy prompt (non-color, unless we know we "want" color)
|
||||
case "$TERM" in
|
||||
xterm-color|*-256color) color_prompt=yes;;
|
||||
esac
|
||||
|
||||
# uncomment for a colored prompt, if the terminal has the capability; turned
|
||||
# off by default to not distract the user: the focus in a terminal window
|
||||
# should be on the output of commands, not on the prompt
|
||||
#force_color_prompt=yes
|
||||
|
||||
if [ -n "$force_color_prompt" ]; then
|
||||
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
|
||||
# We have color support; assume it's compliant with Ecma-48
|
||||
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
|
||||
# a case would tend to support setf rather than setaf.)
|
||||
color_prompt=yes
|
||||
else
|
||||
color_prompt=
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$color_prompt" = yes ]; then
|
||||
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
|
||||
else
|
||||
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
|
||||
fi
|
||||
unset color_prompt force_color_prompt
|
||||
|
||||
# If this is an xterm set the title to user@host:dir
|
||||
case "$TERM" in
|
||||
xterm*|rxvt*)
|
||||
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
# enable color support of ls and also add handy aliases
|
||||
if [ -x /usr/bin/dircolors ]; then
|
||||
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
|
||||
alias ls='ls --color=auto'
|
||||
#alias dir='dir --color=auto'
|
||||
#alias vdir='vdir --color=auto'
|
||||
|
||||
#alias grep='grep --color=auto'
|
||||
#alias fgrep='fgrep --color=auto'
|
||||
#alias egrep='egrep --color=auto'
|
||||
fi
|
||||
|
||||
# colored GCC warnings and errors
|
||||
#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
|
||||
|
||||
# some more ls aliases
|
||||
#alias ll='ls -l'
|
||||
#alias la='ls -A'
|
||||
#alias l='ls -CF'
|
||||
|
||||
# Alias definitions.
|
||||
# You may want to put all your additions into a separate file like
|
||||
# ~/.bash_aliases, instead of adding them here directly.
|
||||
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
|
||||
|
||||
if [ -f ~/.bash_aliases ]; then
|
||||
. ~/.bash_aliases
|
||||
fi
|
||||
|
||||
# enable programmable completion features (you don't need to enable
|
||||
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
|
||||
# sources /etc/bash.bashrc).
|
||||
if ! shopt -oq posix; then
|
||||
if [ -f /usr/share/bash-completion/bash_completion ]; then
|
||||
. /usr/share/bash-completion/bash_completion
|
||||
elif [ -f /etc/bash_completion ]; then
|
||||
. /etc/bash_completion
|
||||
fi
|
||||
fi
|
|
@ -1,28 +0,0 @@
|
|||
# ~/.profile: executed by the command interpreter for login shells.
|
||||
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
|
||||
# exists.
|
||||
# see /usr/share/doc/bash/examples/startup-files for examples.
|
||||
# the files are located in the bash-doc package.
|
||||
|
||||
# the default umask is set in /etc/profile; for setting the umask
|
||||
# for ssh logins, install and configure the libpam-umask package.
|
||||
#umask 022
|
||||
|
||||
# if running bash
|
||||
if [ -n "$BASH_VERSION" ]; then
|
||||
# include .bashrc if it exists
|
||||
if [ -f "$HOME/.bashrc" ]; then
|
||||
. "$HOME/.bashrc"
|
||||
fi
|
||||
alias sudo='echo "You do not have sudo privileges. Stop it."'
|
||||
fi
|
||||
|
||||
# set PATH so it includes user's private bin if it exists
|
||||
if [ -d "$HOME/bin" ] ; then
|
||||
PATH="$HOME/bin:$PATH"
|
||||
fi
|
||||
|
||||
# set PATH so it includes user's private bin if it exists
|
||||
if [ -d "$HOME/.local/bin" ] ; then
|
||||
PATH="$HOME/.local/bin:$PATH"
|
||||
fi
|
|
@ -1 +0,0 @@
|
|||
default._domainkey.thunix.net thunix.net:default:/etc/opendkim/keys/thunix.net/default.private
|
|
@ -1,14 +0,0 @@
|
|||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
[Unit]
|
||||
Description=Minecraft Game Server
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/var/lib/minecraft/paper/start.sh
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
User=minecraft
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,30 +0,0 @@
|
|||
# NOTE: This is a legacy configuration file. It is not used by the opendkim
|
||||
# systemd service. Please use the corresponding configuration parameters in
|
||||
# /etc/opendkim.conf instead.
|
||||
#
|
||||
# Previously, one would edit the default settings here, and then execute
|
||||
# /lib/opendkim/opendkim.service.generate to generate systemd override files at
|
||||
# /etc/systemd/system/opendkim.service.d/override.conf and
|
||||
# /etc/tmpfiles.d/opendkim.conf. While this is still possible, it is now
|
||||
# recommended to adjust the settings directly in /etc/opendkim.conf.
|
||||
#
|
||||
#DAEMON_OPTS=""
|
||||
# Change to /var/spool/postfix/run/opendkim to use a Unix socket with
|
||||
# postfix in a chroot:
|
||||
#RUNDIR=/var/spool/postfix/run/opendkim
|
||||
RUNDIR=/run/opendkim
|
||||
#
|
||||
# Uncomment to specify an alternate socket
|
||||
# Note that setting this will override any Socket value in opendkim.conf
|
||||
# default:
|
||||
SOCKET="local:/var/spool/postfix/opendkim/opendkim.sock"
|
||||
# listen on all interfaces on port 54321:
|
||||
#SOCKET=inet:54321
|
||||
# listen on loopback on port 12345:
|
||||
#SOCKET=inet:12345@localhost
|
||||
# listen on 192.0.2.1 on port 12345:
|
||||
#SOCKET=inet:12345@192.0.2.1
|
||||
USER=opendkim
|
||||
GROUP=opendkim
|
||||
PIDFILE=$RUNDIR/$NAME.pid
|
||||
EXTRAAFTER=
|
|
@ -1,2 +0,0 @@
|
|||
*@thunix.net default._domainkey.thunix.net
|
||||
*@*.thunix.net default._domainkey.thunix.net
|
|
@ -1,4 +0,0 @@
|
|||
127.0.0.1
|
||||
localhost
|
||||
|
||||
.thunix.net
|
|
@ -1,62 +0,0 @@
|
|||
#!/bin/bash
|
||||
# Please see the backup(8) man page for full documentation.
|
||||
|
||||
DATE=$(date +%Y%m%d)
|
||||
BACKUPS=/var/backups
|
||||
DUMPS=7
|
||||
|
||||
# Search for the last full backup.
|
||||
LASTF=$(find $BACKUPS -name "*full.tgz" | sort | tail -n1)
|
||||
# Search and count incremental dumps newer than the last full backup.
|
||||
INCR=$(find $BACKUPS -name "*incremental.tgz" -newer $LASTF | wc -l)
|
||||
|
||||
# If there is at least one full backup and less than specified incremental dumps
|
||||
if [ ! -z $LASTF ] && [ $INCR -le $DUMPS ]
|
||||
then
|
||||
TYPE=incremental
|
||||
else
|
||||
TYPE=full
|
||||
rm -f $BACKUPS/*.snapshot
|
||||
# Remove the first backup set (full and incremental dumps) if there is a second one.
|
||||
find $BACKUPS -name "*.tgz" ! -newer $LASTF ! -wholename $LASTF -exec rm {} \;
|
||||
fi
|
||||
|
||||
nice tar -cz \
|
||||
--exclude ".nobackup" \
|
||||
--exclude "nobackup" \
|
||||
--exclude="/home/irc/*" \
|
||||
--exclude='/home/slip/*' \
|
||||
--exclude='/home/angelok/*' \
|
||||
--exclude='/home/ubergeek/*' \
|
||||
--exclude='/home/amcclure/*' \
|
||||
--exclude='/home/fosslinux/*' \
|
||||
--exclude='/home/zszoke/*' \
|
||||
--exclude='/home/duitser/*' \
|
||||
--exclude='/home/fltk/*' \
|
||||
--exclude='/home/nirvana/*' \
|
||||
--exclude='/home/transfusion/*' \
|
||||
/home/ \
|
||||
/var/games/minetest-server/.minetest/ \
|
||||
/var/lib/minecraft/paper/ \
|
||||
/var/lib/bzflag/ \
|
||||
/var/lib/znc/configs/ /var/lib/znc/moddata/ \
|
||||
/var/spool/cron/ \
|
||||
/var/spool/anacron/ \
|
||||
/var/lib/botany/sqlite/ \
|
||||
-g $BACKUPS/$TYPE.snapshot \
|
||||
-f $BACKUPS/$DATE-$TYPE.tgz
|
||||
|
||||
chown root:sudo $BACKUPS/{$DATE*.tgz,$TYPE.snapshot}
|
||||
chmod 640 $BACKUPS/{*.tgz,$TYPE.snapshot}
|
||||
|
||||
if [ $TYPE = full ]
|
||||
then
|
||||
cp -p $BACKUPS/full.snapshot $BACKUPS/incremental.snapshot
|
||||
fi
|
||||
|
||||
# Database backup
|
||||
find $BACKUPS -name "*.sql.gz" -mtime +$DUMPS -exec rm {} \;
|
||||
mysqldump --all-databases | gzip > $BACKUPS/$DATE-all_databases.sql.gz
|
||||
|
||||
chown root:sudo $BACKUPS/$DATE*.sql.gz
|
||||
chmod 640 $BACKUPS/*.sql.gz
|
|
@ -1,61 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Get the current user running the script
|
||||
current_user=$(whoami)
|
||||
|
||||
echo "Resources used by user: $current_user"
|
||||
echo "------------------------------------"
|
||||
|
||||
# Show CPU and Memory usage for the user
|
||||
echo "CPU and Memory Usage:"
|
||||
top -b -n 1 -U $current_user | grep $current_user
|
||||
|
||||
# Show memory usage
|
||||
echo "Memory Usage:"
|
||||
free -h
|
||||
|
||||
# Show user's processes
|
||||
echo "User Processes:"
|
||||
ps -u $current_user -o pid,user,%cpu,%mem,vsz,rss,tty,stat,start,time,command
|
||||
|
||||
# Show disk usage for the user's home directory
|
||||
echo "Disk Usage in Home Directory:"
|
||||
du -sh /home/$current_user
|
||||
|
||||
echo "------------------------------------"
|
||||
|
||||
# Calculate and show summary of resources
|
||||
summary_cpu=$(ps -u $current_user -o %cpu | awk '{total+=$1}END{print int(total)}')
|
||||
summary_memory_kb=$(ps -u $current_user -o rss= | awk '{total+=$1}END{print total}')
|
||||
summary_disk_kb=$(du -s /home/$current_user | awk '{print $1}')
|
||||
|
||||
# Convert memory usage to MBs
|
||||
memory_in_mb=$(echo "scale=2; $summary_memory_kb / 1024" | bc)
|
||||
|
||||
# Convert disk usage to MBs
|
||||
disk_in_mb=$((summary_disk_kb / 1024))
|
||||
|
||||
echo "Summary of Used Resources:"
|
||||
echo "Total CPU Usage: ${summary_cpu}%"
|
||||
echo "Total Memory Usage: ${memory_in_mb} MB"
|
||||
echo "Total Disk Usage: ${disk_in_mb} MB"
|
||||
|
||||
# Set thresholds for Disk and Memory usage (1 GB and 1.5 GB in this example)
|
||||
disk_threshold_mb=1000
|
||||
memory_threshold_mb=1500
|
||||
cpu_threshold=1
|
||||
|
||||
# Check if Disk usage exceeds the threshold
|
||||
if ((disk_in_mb > disk_threshold_mb)); then
|
||||
echo -e "\e[31mWARNING: Disk usage exceeds ${disk_threshold_mb} MB! There is no hard limit. Be considerate of other users.\e[0m"
|
||||
fi
|
||||
|
||||
# Check if Memory usage exceeds the threshold
|
||||
if ((summary_memory_kb > memory_threshold_mb * 1024)); then
|
||||
echo -e "\e[31mWARNING: Memory usage exceeds ${memory_threshold_mb} MB! There is no hard limit. Be considerate of other users.\e[0m"
|
||||
fi
|
||||
|
||||
# Check if CPU usage exceeds the threshold
|
||||
if ((summary_cpu > cpu_threshold)); then
|
||||
echo -e "\e[31mWARNING: CPU usage exceeds ${cpu_threshold}%! There is no hard limit. Be considerate of other users.\e[0m"
|
||||
fi
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
/usr/bin/telnet telehack.com
|
|
@ -1,41 +0,0 @@
|
|||
#!/usr/bin/python3.9
|
||||
# Script created/contributed by ~jmjl
|
||||
|
||||
import socket, ssl, json, time, sys
|
||||
# Takes the first argument as a username and the second as the password.
|
||||
def loadconf(cfgfile):
|
||||
with open(cfgfile, 'r') as f:
|
||||
cfg = json.load(f)
|
||||
return cfg
|
||||
def send(msg):
|
||||
s.send(f"{msg}\n".encode('utf-8'))
|
||||
|
||||
cfg = loadconf("/root/.znc-conf/znc-config.json")
|
||||
|
||||
readbuffer=""
|
||||
s = socket.socket()
|
||||
if cfg['tls'] == 'yes':
|
||||
ctx = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
|
||||
s = ctx.wrap_socket(s)
|
||||
s.connect((cfg['srv'], int(cfg['port'])))
|
||||
send("NICK bot")
|
||||
send("USER bot 0 * :A bot to make users")
|
||||
|
||||
while True:
|
||||
readbuffer = readbuffer + s.recv(2048).decode('utf-8')
|
||||
temp = str.split(readbuffer, "\n")
|
||||
readbuffer = temp.pop()
|
||||
|
||||
for line in temp:
|
||||
line = str.rstrip(line)
|
||||
line = str.split(line)
|
||||
|
||||
#print(' '.join(line))
|
||||
if line[1] == '464':
|
||||
send(f"PASS {cfg['user']}:{cfg['password']}")
|
||||
if line[0][1:] == 'irc.znc.in' and line[1] == '001':
|
||||
user = sys.argv[1]
|
||||
pswd = sys.argv[2]
|
||||
send(f"PRIVMSG *controlpanel :AddUser {user} {pswd}")
|
||||
print(f"Maken znc user {user}")
|
||||
sys.exit(0)
|
|
@ -0,0 +1,44 @@
|
|||
#!/bin/bash
|
||||
|
||||
# ZNC account creation
|
||||
CONF="/var/lib/znc/.znc/configs/znc.conf"
|
||||
PID=$(pgrep -u znc znc)
|
||||
NEWCONF="/var/lib/znc/znc_account.newconf"
|
||||
|
||||
# $username and $password are retrieved from create-account script
|
||||
if [[ -z $1 || -z $2 ]]
|
||||
then
|
||||
echo -e "Usage: $(basename $0) [username] [password]"
|
||||
exit
|
||||
fi
|
||||
|
||||
# search if $username has been added previously
|
||||
if grep -iq $1 $CONF
|
||||
then
|
||||
echo -e "User: '$1' already exists"
|
||||
exit
|
||||
fi
|
||||
|
||||
username=$1
|
||||
password=$2
|
||||
|
||||
kill -s USR1 $PID # Rewrite znc.conf
|
||||
sleep 1
|
||||
|
||||
# set username and password
|
||||
sed s/newuser/$username/g $NEWCONF >> $CONF
|
||||
expect << EOF | grep -E 'Hash|Salt' | tr -d \\r >> $CONF
|
||||
spawn znc --makepass
|
||||
expect "*Enter password: "
|
||||
send "$password\r"
|
||||
expect "*Confirm password: "
|
||||
send "$password\r"
|
||||
expect eof
|
||||
EOF
|
||||
echo " </Pass>" >> $CONF
|
||||
echo "</User>" >> $CONF
|
||||
|
||||
sleep 1
|
||||
kill -s HUP $PID # Reload znc.conf
|
||||
sleep 1
|
||||
kill -s USR1 $PID # Rewrite znc.conf
|
|
@ -0,0 +1,25 @@
|
|||
<User newuser>
|
||||
Admin = false
|
||||
AltNick = newuser|znc
|
||||
AppendTimestamp = false
|
||||
AutoClearChanBuffer = true
|
||||
AutoClearQueryBuffer = true
|
||||
Buffer = 50
|
||||
DenyLoadMod = false
|
||||
DenySetBindHost = false
|
||||
Ident = newuser
|
||||
JoinTries = 10
|
||||
LoadModule = chansaver
|
||||
MaxJoins = 0
|
||||
MaxNetworks = 2
|
||||
MaxQueryBuffers = 50
|
||||
MultiClients = true
|
||||
Nick = newuser
|
||||
PrependTimestamp = true
|
||||
QuitMsg = bouncer provider thunix.net
|
||||
RealName = Got Thunix ?
|
||||
StatusPrefix = *
|
||||
TimestampFormat = [%H:%M:%S]
|
||||
|
||||
<Pass password>
|
||||
Method = SHA256
|
|
@ -1,7 +0,0 @@
|
|||
# install bbj
|
||||
---
|
||||
- name: install bbj
|
||||
make:
|
||||
chdir: /usr/share/bbj
|
||||
target: install
|
||||
become: yes
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
|
||||
- include: pb.yml
|
||||
# - include: vnc.yml
|
||||
- include: postfix.yml
|
||||
- include: tildelauncher.yml
|
|
@ -1,7 +0,0 @@
|
|||
# install pb
|
||||
---
|
||||
- name: install pb
|
||||
make:
|
||||
chdir: /usr/src/pb
|
||||
target: install
|
||||
become: yes
|
|
@ -1,4 +0,0 @@
|
|||
- name: restart Postfix
|
||||
service:
|
||||
name: postfix
|
||||
state: restarted
|
|
@ -1,7 +0,0 @@
|
|||
# install tilde-launcher
|
||||
---
|
||||
- name: install tilde-launcher
|
||||
make:
|
||||
chdir: /usr/src/tilde-launcher
|
||||
target: install
|
||||
become: yes
|
|
@ -1,7 +0,0 @@
|
|||
# install vnc
|
||||
---
|
||||
- name: install vnc
|
||||
make:
|
||||
chdir: /usr/src/pb
|
||||
target: install
|
||||
become: yes
|
|
@ -1,17 +1,14 @@
|
|||
# Enable or disable apache2 mods
|
||||
---
|
||||
|
||||
- name: Enable userdir apache module
|
||||
- name: userdir
|
||||
apache2_module:
|
||||
name: userdir
|
||||
state: present
|
||||
|
||||
- name: Enable ssl apache module
|
||||
- name: ssl
|
||||
apache2_module:
|
||||
name: ssl
|
||||
state: present
|
||||
|
||||
- name: Enable php7.4 apache module
|
||||
- name: php7.0
|
||||
apache2_module:
|
||||
name: php7.4
|
||||
name: php7.0
|
||||
state: present
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
# install bbj
|
||||
---
|
||||
- name: Install bbj client script
|
||||
copy:
|
||||
src: ../files/bbj
|
||||
dest: /usr/local/bin/bbj
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Clone bbj
|
||||
git:
|
||||
repo: https://tildegit.org/bbj/bbj
|
||||
dest: /usr/share/bbj
|
||||
force: yes
|
|
@ -13,18 +13,3 @@
|
|||
dest: /usr/local/bin/botany
|
||||
mode: 0755
|
||||
state: link
|
||||
|
||||
- name: Initalizes shared data folder group and mode
|
||||
file:
|
||||
path: /var/lib/botany/sqlite
|
||||
state: directory
|
||||
owner: root
|
||||
group: tilde
|
||||
mode: 0775
|
||||
|
||||
- name: Keep weekly visitors tidy
|
||||
file:
|
||||
src: /var/lib/botany/clear_weekly_users.py
|
||||
dest: /etc/cron.weekly/clear_weekly_users.py
|
||||
mode: 0755
|
||||
state: link
|
||||
|
|
|
@ -11,8 +11,19 @@
|
|||
|
||||
- name: Install bzflag target
|
||||
copy:
|
||||
src: ../files/bzflag.service
|
||||
dest: /etc/systemd/system/bzflag.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
content: |
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
[Unit]
|
||||
Description=BZFlag Game Server
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/games/bzfs -conf /var/lib/bzflag/bzflag.conf
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
User=bzflag
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
@ -31,11 +31,3 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Install LE hook
|
||||
copy:
|
||||
src: ../files/etc/letsencrypt/renewal-hooks/deploy/reload-dovecot.pem
|
||||
dest: /etc/letsencrypt/renewal-hooks/deploy/reload-dovecot.pem
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
|
|
@ -15,6 +15,3 @@
|
|||
- include: gopher.yml
|
||||
- include: pb.yml
|
||||
- include: botany.yml
|
||||
- include: opendkim.yml
|
||||
- include: bbj.yml
|
||||
- include: tildelauncher.yml
|
|
@ -10,11 +10,22 @@
|
|||
|
||||
- name: Install minecraft target
|
||||
copy:
|
||||
src: ../files/minecraft.service
|
||||
dest: /etc/systemd/system/minecraft.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
content: |
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
[Unit]
|
||||
Description=Minecraft Game Server
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/var/lib/minecraft/paper/start.sh
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
User=minecraft
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
- name: Install start.sh
|
||||
copy:
|
||||
|
|
|
@ -1,65 +0,0 @@
|
|||
# Configure opendkim
|
||||
---
|
||||
- name: Create opendkim directory
|
||||
file:
|
||||
path: /etc/opendkim
|
||||
state: directory
|
||||
owner: opendkim
|
||||
group: root
|
||||
mode: 0770
|
||||
|
||||
- name: Create opendkim keys directory
|
||||
file:
|
||||
path: /etc/opendkim/keys
|
||||
state: directory
|
||||
owner: opendkim
|
||||
group: root
|
||||
mode: 0770
|
||||
|
||||
- name: Create opendkim thunix.net keys directory
|
||||
file:
|
||||
path: /etc/opendkim/keys/thunix.net
|
||||
state: directory
|
||||
owner: opendkim
|
||||
group: root
|
||||
mode: 0700
|
||||
|
||||
- name: copy signing.table
|
||||
copy:
|
||||
src: ../files/opendkim
|
||||
dest: /etc/default/opendkim
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: copy signing.table
|
||||
copy:
|
||||
src: ../files/signing.table
|
||||
dest: /etc/opendkim/signing.table
|
||||
owner: opendkim
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: copy opendkim.conf
|
||||
copy:
|
||||
src: ../files/etc/opendkim.conf
|
||||
dest: /etc/opendkim.conf
|
||||
owner: opendkim
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: copy key.table
|
||||
copy:
|
||||
src: ../files/key.table
|
||||
dest: /etc/opendkim/key.table
|
||||
owner: opendkim
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: copy trusted.hosts
|
||||
copy:
|
||||
src: ../files/trusted.hosts
|
||||
dest: /etc/opendkim/trusted.hosts
|
||||
owner: opendkim
|
||||
group: root
|
||||
mode: 0644
|
|
@ -2,7 +2,7 @@
|
|||
---
|
||||
- name: Add apt key for weechat
|
||||
apt_key:
|
||||
keyserver: hkps://keys.openpgp.org
|
||||
keyserver: p80.pool.sks-keyservers.net
|
||||
id: 11E9DE8848F2B65222AA75B8D1820DB22A11534E
|
||||
state: present
|
||||
|
||||
|
@ -11,14 +11,10 @@
|
|||
url: https://keybase.io/ihabunek/pgp_keys.asc
|
||||
state: present
|
||||
|
||||
#- name: Add apt key for zandronum
|
||||
# apt_key:
|
||||
# url: http://debian.drdteam.org/drdteam.gpg
|
||||
# state: present
|
||||
- name: Add apt key for Amazon Corretto
|
||||
- name: Add apt key for zandronum
|
||||
apt_key:
|
||||
url: https://apt.corretto.aws/corretto.key
|
||||
state: present
|
||||
url: http://debian.drdteam.org/drdteam.gpg
|
||||
state: present
|
||||
|
||||
- name: Add apt key for mono-project
|
||||
apt_key:
|
||||
|
@ -28,40 +24,34 @@
|
|||
|
||||
- name: Add weechat repo
|
||||
apt_repository:
|
||||
repo: 'deb https://weechat.org/debian bullseye main'
|
||||
repo: 'deb https://weechat.org/debian stretch main'
|
||||
state: present
|
||||
filename: weechat
|
||||
update_cache: yes
|
||||
|
||||
- name: Add Corretto repo
|
||||
apt_repository:
|
||||
repo: 'deb https://apt.corretto.aws stable main'
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
||||
- name: Add toot repo
|
||||
apt_repository:
|
||||
repo: 'deb http://bezdomni.net/packages/ ./'
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
||||
#- name: Add zandronum repo
|
||||
# apt_repository:
|
||||
# repo: 'deb http://debian.drdteam.org/ stable multiverse'
|
||||
# state: present
|
||||
# update_cache: yes
|
||||
- name: Add zandronum repo
|
||||
apt_repository:
|
||||
repo: 'deb http://debian.drdteam.org/ stable multiverse'
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
||||
- name: Add debian contrib
|
||||
apt_repository:
|
||||
repo: 'deb http://ftp.de.debian.org/debian bullseye main contrib'
|
||||
repo: 'deb http://ftp.de.debian.org/debian stretch main contrib'
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
||||
#- name: Add mono-project repo
|
||||
# apt_repository:
|
||||
# repo: 'deb https://download.mono-project.com/repo/debian bullseye main'
|
||||
# state: present
|
||||
# update_cache: yes
|
||||
- name: Add mono-project repo
|
||||
apt_repository:
|
||||
repo: 'deb https://download.mono-project.com/repo/debian stable-stretch main'
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
||||
- name: Install baseline packages
|
||||
apt:
|
||||
|
@ -71,11 +61,7 @@
|
|||
vars:
|
||||
packages:
|
||||
- alpine
|
||||
# - adwaita-icon-theme
|
||||
- analog
|
||||
- autoconf2.13
|
||||
- bat
|
||||
- bison
|
||||
- bsdgames
|
||||
- build-essential
|
||||
- byobu
|
||||
|
@ -83,189 +69,104 @@
|
|||
- bzflag-server
|
||||
- ca-certificates-mono
|
||||
- caca-utils
|
||||
- clang
|
||||
- clisp
|
||||
- cloc
|
||||
- cmake
|
||||
# - cmake-curses-gui
|
||||
- cmark
|
||||
- cmatrix
|
||||
# - context
|
||||
- cowsay
|
||||
- devscripts
|
||||
- dialog
|
||||
- dopewars
|
||||
# - dos2unix
|
||||
# - dosemu
|
||||
- dovecot-pop3d
|
||||
- dovecot-core
|
||||
- dovecot-imapd
|
||||
- dtach
|
||||
- dos2unix
|
||||
- dosemu
|
||||
- eggdrop
|
||||
- exa
|
||||
- elinks
|
||||
- emacs
|
||||
# - ffmpeg
|
||||
- finch
|
||||
- finger
|
||||
- fingerd
|
||||
- fish
|
||||
# - fd
|
||||
- fd-find
|
||||
# - flatpak
|
||||
# - flatpak-builder
|
||||
- flex
|
||||
- fortune
|
||||
- frotz
|
||||
- git-email
|
||||
- gitweb
|
||||
- golang
|
||||
- gopher
|
||||
# - gnome-icon-theme
|
||||
# - gnome-icon-theme-extras
|
||||
- htop
|
||||
- hugo
|
||||
# - ident2
|
||||
# - inkscape
|
||||
- ident2
|
||||
- imagemagick
|
||||
- ircii
|
||||
- irssi
|
||||
- isync
|
||||
- java-17-amazon-corretto-jdk
|
||||
- libxi6
|
||||
- libxtst6
|
||||
- libxrender1
|
||||
- jekyll
|
||||
- ksh
|
||||
- jq
|
||||
- lbzip2
|
||||
- lftp
|
||||
- libapache2-mod-php
|
||||
- libapache2-mod-php7.0
|
||||
- libarchive-dev
|
||||
- libc-dev
|
||||
- libc++-dev
|
||||
- libconvert-binhex-perl
|
||||
- libffi-dev
|
||||
- libfreetype6
|
||||
- libfreetype6-dev
|
||||
- libjpeg62-turbo
|
||||
- libjpeg62-turbo-dev
|
||||
- libmime-tools-perl
|
||||
- libncurses-dev
|
||||
- libopencolorio1v5
|
||||
- opencolorio-tools
|
||||
- libopencolorio-dev
|
||||
# - libsdl1.2-dev
|
||||
# - libsdl2-dev
|
||||
- libncurses5-dev
|
||||
- libsdl1.2-dev
|
||||
- libsdl2-dev
|
||||
- libssl-dev
|
||||
- libtool
|
||||
- libtool-bin
|
||||
- linux-headers-amd64
|
||||
- lolcat
|
||||
- lua5.3
|
||||
- lynx
|
||||
- make
|
||||
- mercurial
|
||||
- mc
|
||||
- mc-data
|
||||
- micro
|
||||
# - midori
|
||||
- minetest-data
|
||||
# - minetest-mod-advspawning
|
||||
# - minetest-mod-animalmaterials
|
||||
# - minetest-mod-animals
|
||||
- minetest-mod-advspawning
|
||||
- minetest-mod-animalmaterials
|
||||
- minetest-mod-animals
|
||||
- minetest-mod-maidroid
|
||||
- minetest-mod-mesecons
|
||||
# - minetest-mod-mobf-core
|
||||
# - minetest-mod-mobf-trap
|
||||
- minetest-mod-mobf-core
|
||||
- minetest-mod-mobf-trap
|
||||
- minetest-mod-moreblocks
|
||||
- minetest-mod-moreores
|
||||
- minetest-mod-nether
|
||||
- minetest-mod-pipeworks
|
||||
# - minetest-mod-torches
|
||||
- minetest-mod-torches
|
||||
- minetest-server
|
||||
- mkdocs
|
||||
- mkdocs-doc
|
||||
- mkdocs-bootstrap
|
||||
# - mkdocs-bootswatch
|
||||
- mono-apache-server
|
||||
- mono-complete
|
||||
- mono-dbg
|
||||
- mono-devel
|
||||
- mono-xsp4
|
||||
- moon-buggy
|
||||
- mosh
|
||||
- mutt
|
||||
# - mysql-client
|
||||
- mysql-client
|
||||
- mysql-server
|
||||
- nasm
|
||||
# - nbsdgames
|
||||
- nbsdgames
|
||||
- neofetch
|
||||
- neomutt
|
||||
- neovim
|
||||
#- newsbeuter
|
||||
- newsboat
|
||||
- oidentd
|
||||
- openbsd-inetd
|
||||
- opendkim
|
||||
- openssl
|
||||
- p7zip-full
|
||||
- pandoc
|
||||
- pwgen
|
||||
- pelican
|
||||
- pelican-doc
|
||||
- php-imagick
|
||||
- php-memcache
|
||||
- php-pear
|
||||
- php
|
||||
- php-curl
|
||||
- php-gd
|
||||
- php-imap
|
||||
- php-intl
|
||||
- php-mysql
|
||||
- php-ps
|
||||
- php-pspell
|
||||
# - php-recode
|
||||
- php-sqlite3
|
||||
- php-tidy
|
||||
- php-xmlrpc
|
||||
- php-zip
|
||||
# - php7.3-xsl
|
||||
# - php7.3-curl
|
||||
# - php7.3-xml
|
||||
# - pngtools
|
||||
- postfix-policyd-spf-python
|
||||
- poezio
|
||||
- proot
|
||||
- profanity
|
||||
- php7.0
|
||||
- php7.0-curl
|
||||
- php7.0-gd
|
||||
- php7.0-imap
|
||||
- php7.0-intl
|
||||
- php7.0-mcrypt
|
||||
- php7.0-mysql
|
||||
- php7.0-pspell
|
||||
- php7.0-recode
|
||||
- php7.0-sqlite3
|
||||
- php7.0-tidy
|
||||
- php7.0-xmlrpc
|
||||
- php7.0-xsl
|
||||
- pngtools
|
||||
- python
|
||||
- python3-certbot-apache
|
||||
# - python-pip
|
||||
# - python-potr
|
||||
- python3
|
||||
- python3-django
|
||||
- python3-flask
|
||||
- python-certbot-apache
|
||||
- python-pip
|
||||
- python-twisted
|
||||
- python3-pip
|
||||
- python3-toot
|
||||
- python3-twisted
|
||||
- python3-potr
|
||||
- python3-venv
|
||||
# - qemu
|
||||
# - qemu-efi
|
||||
# - qemu-system
|
||||
- racket
|
||||
- ranger
|
||||
- ripgrep
|
||||
- ruby-paint
|
||||
- ruby-trollop
|
||||
- rustc
|
||||
- sat-xmpp-primitivus
|
||||
- scala
|
||||
- scala-doc
|
||||
- scala-library
|
||||
- screen
|
||||
- sipcalc
|
||||
- software-properties-common
|
||||
# - staticsite
|
||||
- staticsite
|
||||
- stow
|
||||
- talk
|
||||
- talkd
|
||||
|
@ -274,35 +175,20 @@
|
|||
- tcl-dev
|
||||
- tcl-tls
|
||||
- tcl8.6
|
||||
- tcl8.6-dev
|
||||
- tcllib
|
||||
- tcltls
|
||||
- texinfo
|
||||
- tdom
|
||||
- telnet
|
||||
- telegram-cli
|
||||
- todotxt-cli
|
||||
- unrar-free
|
||||
- urlscan
|
||||
- uuid
|
||||
- vim
|
||||
- vrms
|
||||
- w3m-img
|
||||
- weechat
|
||||
- weechat-lua
|
||||
- weechat-php
|
||||
- weechat-python
|
||||
- weechat-ruby
|
||||
- weechat-scripts
|
||||
- weechat-tcl
|
||||
- whois
|
||||
- wordgrinder-ncurses
|
||||
# - x11vnc
|
||||
# - xdm
|
||||
# - xfce4
|
||||
# - xfce4-goodies
|
||||
# - task-xfce-desktop
|
||||
# - zandronum-server
|
||||
- xfce4
|
||||
- xfce4-goodies
|
||||
- task-xfce-desktop
|
||||
- zandronum-server
|
||||
- znc
|
||||
- znc-dev
|
||||
- znc-perl
|
||||
|
@ -350,27 +236,3 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Install Telehack wrapper
|
||||
copy:
|
||||
src: ../files/usr/local/bin/telehack
|
||||
dest: /usr/local/bin/telehack
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Install resources-used command
|
||||
copy:
|
||||
src: ../files/usr/local/bin/resources-used
|
||||
dest: /usr/local/bin/resources-used
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Install Backup Job
|
||||
copy:
|
||||
src: ../files/usr/local/bin/backup
|
||||
dest: /usr/local/bin/backup
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0774
|
||||
|
|
|
@ -1,9 +1,13 @@
|
|||
# install pb
|
||||
---
|
||||
- name: Clone pb
|
||||
- name: clone pb
|
||||
git:
|
||||
repo: https://tildegit.org/tomasino/pb
|
||||
repo: 'https://tildegit.org/tomasino/pb'
|
||||
dest: /usr/src/pb
|
||||
force: yes
|
||||
notify:
|
||||
- install pb
|
||||
|
||||
- name: install pb
|
||||
make:
|
||||
chdir: /usr/src/pb
|
||||
target: install
|
||||
become: yes
|
||||
|
|
|
@ -1,13 +1,5 @@
|
|||
# Configure postfix
|
||||
---
|
||||
- name: Create opendkim socket directory
|
||||
file:
|
||||
path: /var/spool/postfix/opendkim
|
||||
state: directory
|
||||
owner: opendkim
|
||||
group: postfix
|
||||
mode: 0770
|
||||
|
||||
- name: Install postix main.cf
|
||||
copy:
|
||||
src: ../files/etc/postfix/main.cf
|
||||
|
@ -15,32 +7,3 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart Postfix
|
||||
|
||||
# Deploy master.cf
|
||||
- name: Deploy postfix conf
|
||||
copy:
|
||||
src: ../files/etc/postfix/master.cf
|
||||
dest: /etc/postfix/master.cf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart Postfix
|
||||
|
||||
# Deploy policyd-spf.conf
|
||||
- name: Deploy postfix spf
|
||||
copy:
|
||||
src: ../files/etc/postfix-policyd-spf-python/policyd-spf.conf
|
||||
dest: /etc/postfix-policyd-spf-python/policyd-spf.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
# Deploy cron for reports
|
||||
- name: Deploy cron reports
|
||||
copy:
|
||||
src: ../files/etc/cron.daily/postfix_stats
|
||||
dest: /etc/cron.daily/postfix_stats
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
|
|
@ -1,42 +0,0 @@
|
|||
# install tilde-launcher
|
||||
---
|
||||
- name: Clone tilde-launcher
|
||||
git:
|
||||
repo: https://tildegit.org/thunix/tilde-launcher.git
|
||||
dest: /usr/src/tilde-launcher
|
||||
force: yes
|
||||
notify:
|
||||
- install tilde-launcher
|
||||
|
||||
- name: Create tilde directory
|
||||
file:
|
||||
path: /tilde
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
|
||||
- name: Create /tilde/pending-submissions directory
|
||||
file:
|
||||
path: /tilde/pending-submissions
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0777
|
||||
|
||||
- name: Create /tilde/descriptions directory
|
||||
file:
|
||||
path: /tilde/descriptions
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Create /tilde/bin directory
|
||||
file:
|
||||
path: /tilde/bin
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
|
@ -6,17 +6,19 @@
|
|||
proto: tcp
|
||||
port: '{{ item }}'
|
||||
with_items:
|
||||
- '70'
|
||||
- '79'
|
||||
- '80'
|
||||
- '113'
|
||||
- '143'
|
||||
- '443'
|
||||
- '1356'
|
||||
- '5154'
|
||||
- '6697'
|
||||
- '7776'
|
||||
- '25565'
|
||||
- 25
|
||||
- 70
|
||||
- 79
|
||||
- 80
|
||||
- 113
|
||||
- 143
|
||||
- 443
|
||||
- 1326
|
||||
- 5154
|
||||
- 6697
|
||||
- 7776
|
||||
- 30000
|
||||
- 25565
|
||||
|
||||
- name: Create UFW udp rules
|
||||
ufw:
|
||||
|
@ -24,26 +26,17 @@
|
|||
proto: udp
|
||||
port: '{{ item }}'
|
||||
with_items:
|
||||
- '60000:61000'
|
||||
- '1356'
|
||||
- '5154'
|
||||
- "60000:61000"
|
||||
- 1326
|
||||
- 5154
|
||||
- 30000
|
||||
|
||||
- name: Create tcp limits
|
||||
- name: Create limits
|
||||
ufw:
|
||||
rule: limit
|
||||
proto: tcp
|
||||
port: '{{ item }}'
|
||||
with_items:
|
||||
- '22'
|
||||
- '25'
|
||||
- '587'
|
||||
- '2222'
|
||||
- '53'
|
||||
|
||||
- name: Create UDP limits
|
||||
ufw:
|
||||
rule: limit
|
||||
proto: udp
|
||||
port: '{{ item }}'
|
||||
with_items:
|
||||
- '53'
|
||||
- 22
|
||||
- 587
|
||||
- 2222
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
|
||||
---
|
||||
- group:
|
||||
name: tilde
|
||||
state: present
|
||||
|
@ -7,59 +7,120 @@
|
|||
- group:
|
||||
name: sudo
|
||||
state: present
|
||||
|
||||
# Service accounts
|
||||
- include: users/bzflag.yml
|
||||
#Service accounts
|
||||
- include: users/minecraft.yml
|
||||
- include: users/bzflag.yml
|
||||
- include: users/znc.yml
|
||||
|
||||
# Normal Users
|
||||
|
||||
- include: users/deepend.yml
|
||||
#Normal Users
|
||||
- include: users/amcclure.yml
|
||||
- include: users/ben.yml
|
||||
- include: users/ubergeek.yml
|
||||
- include: users/naglfar.yml
|
||||
- include: users/computertech.yml
|
||||
- include: users/haivets.yml
|
||||
- include: users/redhat.yml
|
||||
- include: users/voynich.yml
|
||||
- include: users/xhafa.yml
|
||||
- include: users/samsara.yml
|
||||
- include: users/mcornick.yml
|
||||
- include: users/fria.yml
|
||||
- include: users/mspe.yml
|
||||
- include: users/nbsp.yml
|
||||
- include: users/user.yml
|
||||
- include: users/anton.yml
|
||||
- include: users/fosslinux.yml
|
||||
- include: users/slip.yml
|
||||
- include: users/login.yml
|
||||
- include: users/riftwalkr.yml
|
||||
#- include: users/parik.yml
|
||||
- include: users/quetzalcoatl.yml
|
||||
- include: users/redhat.yml
|
||||
- include: users/gokce.yml
|
||||
- include: users/r.yml
|
||||
- include: users/brendantcc.yml
|
||||
#- include: users/dragon.yml
|
||||
- include: users/spanmer.yml
|
||||
#- include: users/panzer.yml
|
||||
- include: users/hawaii.yml
|
||||
- include: users/trip.yml
|
||||
- include: users/xenialito69.yml
|
||||
#- include: users/freuddy.yml
|
||||
- include: users/ringo.yml
|
||||
- include: users/hexhaxtron.yml
|
||||
- include: users/smtpsupplicant.yml
|
||||
- include: users/orliesaurus.yml
|
||||
- include: users/gooly.yml
|
||||
- include: users/slackjeff.yml
|
||||
- include: users/haras.yml
|
||||
- include: users/d34d.yml
|
||||
- include: users/olivier.yml
|
||||
- include: users/jimmy.yml
|
||||
- include: users/vt.yml
|
||||
- include: users/mahkno.yml
|
||||
- include: users/radhesh1.yml
|
||||
- include: users/laniku.yml
|
||||
- include: users/sebz.yml
|
||||
- include: users/lowusage.yml
|
||||
- include: users/diabla.yml
|
||||
- include: users/ml.yml
|
||||
- include: users/usernameak.yml
|
||||
- include: users/user.yml
|
||||
#- include: users/angelok.yml
|
||||
#- include: users/johnc.yml
|
||||
#- include: users/k4j.yml
|
||||
#- include: users/ultima.yml
|
||||
#- include: users/ragnarok.yml
|
||||
#- include: users/jundi.yml
|
||||
#- include: users/rado.yml
|
||||
- include: users/sata.yml
|
||||
- include: users/wesx.yml
|
||||
- include: users/arda.yml
|
||||
#- include: users/larasaty.yml
|
||||
- include: users/bercik.yml
|
||||
- include: users/amoghavarsha.yml
|
||||
- include: users/txtcat.yml
|
||||
- include: users/memo.yml
|
||||
- include: users/xev.yml
|
||||
- include: users/11kb.yml
|
||||
- include: users/brokenix.yml
|
||||
- include: users/gagrilli.yml
|
||||
- include: users/peshto.yml
|
||||
- include: users/cyberx9901.yml
|
||||
- include: users/seif.yml
|
||||
- include: users/tyy.yml
|
||||
- include: users/gigmx.yml
|
||||
- include: users/majidhameed.yml
|
||||
- include: users/h.yml
|
||||
- include: users/amelia.yml
|
||||
- include: users/angeliamodem.yml
|
||||
- include: users/rune.yml
|
||||
- include: users/alt.yml
|
||||
- include: users/georgi.yml
|
||||
- include: users/khuxkm.yml
|
||||
#- include: users/z00t.yml
|
||||
- include: users/swann.yml
|
||||
#- include: users/ukhuwah.yml
|
||||
#- include: users/mom.yml
|
||||
#- include: users/andro.yml
|
||||
#- include: users/hasbullah.yml
|
||||
- include: users/riska.yml
|
||||
#- include: users/naruto.yml
|
||||
#- include: users/pria.yml
|
||||
#- include: users/abimks.yml
|
||||
#- include: users/bullah.yml
|
||||
- include: users/dalist.yml
|
||||
- include: users/apple.yml
|
||||
#- include: users/logique.yml
|
||||
#- include: users/jumbajookiba.yml
|
||||
#- include: users/letamesis.yml
|
||||
- include: users/chuck.yml
|
||||
#- include: users/janda.yml
|
||||
- include: users/os.yml
|
||||
- include: users/akoeabi.yml
|
||||
#- include: users/mks.yml
|
||||
#- include: users/makmur.yml
|
||||
#- include: users/makassar.yml
|
||||
#- include: users/abah.yml
|
||||
#- include: users/derby.yml
|
||||
- include: users/usher.yml
|
||||
#- include: users/responsibleracoon.yml
|
||||
- include: users/transfusion.yml
|
||||
- include: users/adam.yml
|
||||
#- include: users/audiofile.yml
|
||||
- include: users/vgk.yml
|
||||
- include: users/cyphyx.yml
|
||||
#- include: users/krystianbajno.yml
|
||||
#- include: users/vigilant.yml
|
||||
- include: users/isaac.yml
|
||||
- include: users/moskrin.yml
|
||||
- include: users/southerntofu.yml
|
||||
- include: users/dariusz.yml
|
||||
- include: users/aniruddh.yml
|
||||
- include: users/growl.yml
|
||||
- include: users/rain.yml
|
||||
#- include: users/mspe.yml
|
||||
#- include: users/pidgeotto.yml
|
||||
- include: users/wie.yml
|
||||
- include: users/tomjerr.yml
|
||||
- include: users/yximdoa.yml
|
||||
- include: users/dovahkin.yml
|
||||
- include: users/philip.yml
|
||||
- include: users/sancho.yml
|
||||
- include: users/thekingofbandit.yml
|
||||
- include: users/golden.yml
|
||||
- include: users/marc.yml
|
||||
- include: users/stenli990801.yml
|
||||
- include: users/lytedev.yml
|
||||
- include: users/skirk.yml
|
||||
- include: users/serafeim.yml
|
||||
- include: users/dot.yml
|
||||
- include: users/virus.yml
|
||||
- include: users/mandelbroth.yml
|
||||
- include: users/victoralt.yml
|
||||
- include: users/arch3r.yml
|
||||
- include: users/linel.yml
|
||||
- include: users/haivets.yml
|
||||
- include: users/tux.yml
|
||||
- include: users/georges.yml
|
||||
- include: users/techemporium.yml
|
||||
- include: users/un4ckn0wl3z.yml
|
||||
- include: users/aewens.yml
|
||||
- include: users/dex.yml
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up abah
|
||||
user:
|
||||
name: abah
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/abah
|
||||
- authorized_key:
|
||||
user: abah
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAmSso4LOJ+dzYjNutHidoPSFXmVEjzkL/Vk34N6nrrzIOXE5ctND1JrrdhhVnQlzDZf3lO870LPE8Yh8GTj6OsDzN2qCUIwlkHbcaY/cVZjsh44JvqrGDCRGUp8PhUOn43FerJAZ4V6kUpIwjKsM1vLRUEOyRfZGiSYgq7ZNKnnGE5KCDRQ5c/PzZzwdd9zdGrMEV+xeH2ps8zNwaYaIHg78HcPZLHMac/yuqUHM3apxer2iYdUCWV7hlrvTE0XiyJAoX1vZbrOQFai0QGGMavWMpEDBgPjONG/81osbOoiauoIQwL55rmgLldeY9jLgZQr283U336aRSmfHnk4eAsw=="
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up abimks
|
||||
user:
|
||||
name: abimks
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/abimks
|
||||
- authorized_key:
|
||||
user: abimks
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAtoQruWK9k0LgwruljoEQgF55PVcal9VOliPmz2eM3t7RGRhas6gVWt40ndfpMUzTAQAjZt61cxvMdIgpAymwgHL7y/9lnmEkIEBQKTC3ALiEp/dyaDOdeVeNWZ9J6+heldB8K3ERyhNI5gcDe5GnwLC82XPwlc5NCIj/2sFSMyno9ZzGMv/ZuULL/G0wVBbUTiSFt+VjSDey0ixKHYty5CWjLFWGipcUwCKMO4HwQBJEEd4kiDTO6aO+16f9vk13AtJteHTMBPMWR1Nn/BqMcqmA16U9pxEFiTNr+EM63m9SQRMQn/TyKX7KCSCugtM17ngGVnYp+XMn6HUAfD30Dw=="
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
- name: Setting up adam
|
||||
user:
|
||||
name: adam
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/adam
|
||||
- authorized_key:
|
||||
user: adam
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxjKdiAqV5tGmzL+OdWJnhz3xBhKnKLDwAcsi7CH/kyvHsJqiog8rfw+A6J1whesJcCfY1PxIssz43jC6vfuwERL3qK/DboCjmPOc4/lCnxic7B/mcDZdhrs9bQ65NP8j9kksMOoSoAozQbg4FQdWL3nvkfF21AfTzum/6IxIAEZWgigyUldQjv+z7mVirjADGhBdvAAdtajkIwgG7jBVWKdCCPcASURlX/td1uym/kM6fIEf2NhYSjgfOkhhVJr4JtNv7rfDBKVmtjzM2A3Idqkh2cvExODmduvgR9lTBV//03eWW+ar033113crwrdwLgxUirZM1g/AWfhXBgCrT adam@DESKTOP-ECBQOHU"
|
||||
- authorized_key:
|
||||
user: adam
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvlQpKJKt8P+1p3RHKOBCq6vMaTvapkTOGQybZbka66nx7QRrR/FCebKhw+WSsOnI+yLRdGT2c5XAFqyL1Vpn+Hq9i5n31AqGc5WSlyHO0Hq5IyVV6Neuux5OxdhzI/f/VS/Pj6OSy2ihy/+mNG5CNFGZY7aqwO3QL2kxFW+vUrikBOn4pB3eLWRAm64nOffLkTFS/eN1I86AMuPcfvsTlzaz6SE2oXa0lvCNfi5Ym8r/MUjvhwkaaXR9O+9sKYv0TNx9K1YzJo+5SxUPc05wKxYbcIWC84KsMquy7ZnWTkL8zKLJG2zxlr0zZng5+1OWpjrEzwmirJ7HTOCgiZSj/ adammcclure@Adams-MBP"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up aewens
|
||||
user:
|
||||
name: aewens
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/aewens
|
||||
- authorized_key:
|
||||
user: aewens
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD4N3HnFyO1fmiaxoOhQ+WL0eMQyq0o9E9VlTup8+zM4lVvcJ5yWG2cTt68g8znRsN36ZmmQHLbcN+rHXbkzkVKKkA7ev35QqZHPrkWVE07ucgPdr/u93MOiK7fl+gBIGvzmILnNEn5YtpRuWUK8m/jQrmM88y+4KLE5RFgzUElS2TpLPLAAUK/9Bwbal+jGItgDvI3CE/ERy/VW3+YsOQOzG3OJ+IBUDWJ1nQ3GdyKsheRUPOFlwByMQTWpbGhtYJFC9BiEnnmEMadHMCPBgGiPGpGg698GveFk1ViEf3ezyPR3dFbSKYU+rS+hISCjauEG17rrn7dS8WFgIfgPwB"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up akoeabi
|
||||
user:
|
||||
name: akoeabi
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/akoeabi
|
||||
- authorized_key:
|
||||
user: akoeabi
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAhYVUfHifRQHt5g4jGEc5zn2bLZYQooU8wEBlQlfDGcLgJneS2aEeoLcaNGCZGT5tgVVj/waEVp0bdIJfq1dL62R1NQiNBkVLFXAICmBsk9GpKla6PimNOvSfRHJ2zhBB6F0LyUeStcxRE4BsJP1s+/r6e2ibAtCJHKPtSfSZVDiXWkmkAOadky2EBU88DKFyDR0tl0gnJHJzjS0U0CB/aMUZfjzacT2nCLpEypj0Z5CxIhvIL2kOdqwXJ/BMDXqxyOf/58nnawmMSi25rV6Nad2kqPPlRLq7aq08UZNfGM7+vRAjl8XyEvKp+q9WxB4zQ1CfOtvTfTarPBqXm9NJIw=="
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up alt
|
||||
user:
|
||||
name: alt
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/alt
|
||||
- authorized_key:
|
||||
user: alt
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOyRbb9L2bXzmMu13NewPzVWa7JYmvdCmnYrssc2ZY1k"
|
|
@ -0,0 +1,26 @@
|
|||
---
|
||||
- user:
|
||||
name: amcclure
|
||||
groups: tilde, sudo
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/amcclure
|
||||
- authorized_key:
|
||||
user: amcclure
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFheJihLfXJ4jg2bRKKAErB76fw8izDxpg4dFibaQage amcclure@Antons-MacBook-Pro.local"
|
||||
- authorized_key:
|
||||
user: amcclure
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqNf2mD3RiJY5ZQtRhgg5xRD4a6whdBdh+xiCnfZ7fw amcclure@solaris"
|
||||
- authorized_key:
|
||||
user: amcclure
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAb/LEff3etQLEEF6L61KyTkxXfsI6tJwV161oSoPkyb amcclure@gowinnt"
|
||||
- authorized_key:
|
||||
user: amcclure
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIMF+N1NxdN2SBb7Yyk+d4ThVoO87bRSYhEqgR2K9gA4 amcclure@lake"
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up amelia
|
||||
user:
|
||||
name: amelia
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/amelia
|
||||
- authorized_key:
|
||||
user: amelia
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIo5HjxFsw/HLBn3Qxmmg3zqoOcFyr60wmxA4AmomO7N amelia@ctrl-c.club"
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up amoghavarsha
|
||||
user:
|
||||
name: amoghavarsha
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/amoghavarsha
|
||||
- authorized_key:
|
||||
user: amoghavarsha
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpv1vK9rzCmvAKMdm/b48AiLxi1gQCmCT3d9LgCp/HeXz5sVjqsoHuZedx50cv6R5yjfPt2IsSM4teGpkxKC2Kp5nFOkAxmTskf76zD93Xi8yaB2GFq5XWICW0TGGg4WLMj18VV4965EuPUrpGShjXEnUBWWKiofLTikskRAoC5RL7GPw7dAY0p79C6yoZdB5lrLcfPmJc5ql9Lf58GLz9+GcxLtI29gwTnz8NsFS71Frtk27srpg3WwHNKU2t5DZ6ZN5ZbHWoB5yj0FD8RaudfgFMu7+kCggj3LoAI0aLMe6PLJq2romGQhRhxbvEw04tesREIfgmlRC3flDHtjZqj2wnFHO3NBBLapc22rHlyBWxZKLszmBfgjUXJ6QuCURnHShFzpAk9LM/a4bsOzj7EVqrRKnp0HzWxQzNWqEkXSLOEy1vrKI4jb9yxPeeh+D96Lk3ZW6jMH+/J4csrivGzirK9usG7XYMEyefmhx6toFgZRB2MtCK5WwlzMsrg6/jA4B7mUdGyVA7rC2M+/UUPtrsqohBhQat8lbErPSijNQ/g/l1ItLkGarYIhun4HG69SZjhUhTfWkgzHb5SguMNguZw1Uwrbxzg/wygM31uoi5JoGLJntDZFIA7M2jbXDBTHE6ESICa2re5i5/NO7DUHFYVcWyejlhnBshQ8YZWw== thunix"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up andro
|
||||
user:
|
||||
name: andro
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/andro
|
||||
- authorized_key:
|
||||
user: andro
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm+POCv4Y3bhkKZ4/uFiuN/d0VR2CQYhZlq6wV6QoDmaJ5shiRiexCUiOT2NqmQTc99/luc9BgUHwsW1n+wSf04mM+r4Q6yQ19fzQnN7vGdgnDwO2FliyuQcTJSjti2gtK17rctsAZ6o+8FEXq1hswsEO8j769k3BrP+CdTxxSd+JBtOAP4p3I2J9MPG6VafTxN48AIS2Mh71fatqxvq8UPVbHRVGoPHww9nfyOF3OyJrenzi7JytMXvFlFTiMLNs2H6APeqG+M2gu6vnUVDSs1VKYl8oxS1WA4Dafq2ihR/J4p9/2Q3DX2ulGfEITc2bRO8kTafLgJyCD2jyPospqQ=="
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up angeliamodem
|
||||
user:
|
||||
name: angeliamodem
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/angeliamodem
|
||||
- authorized_key:
|
||||
user: angeliamodem
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoMHAUnFvtwYaumIv9HrZuOG8JgfiK8+TjTcpkANPz3jgfHZ0GF9spyMabUJsMCRDkNrdPAjlco3+erW6vwrWvedk1vs+7AVMPrLNHEktbc+DOTCY43wTNaLXBMiHPx7TTM6Jvqp4z753R/wB6353KCSIj6QTEJ2E32KznwCtp0CgGOuel50rTgKmEfG4vUqOJWONpv/g7eIgwJ8CNlcWBaInkR02w1PEnDRYwuejhiyM6tVeeisT2GD8rTcPo0QJgon5uCiUQHoBrpIkG1i2E6DgtilwysBPXmXusbq+sdrLXzZi5A6AvJXtj9szL8pF2W9kxm+6h0K6BEfmB6kM7 rsa-key-20231108"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up angelok
|
||||
user:
|
||||
name: angelok
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/angelok
|
||||
- authorized_key:
|
||||
user: angelok
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm7hcvV4kpjt/pXXbm4Mdzdn3yWMdo/zS0HVJ81O0aqW2bbPzl01eUCjwQsl+x+AgXpGioMj8S/eGXWuzTSj93TbpUL5iEgun2TMOTak9524AEJ8thJiB31NBUe9fg1TdSovH3Cek7H8YI/Cqt5s7i6bIslOa2AiDmy1kaPDnP8HCR0+ri4JAKZsqUiWEMsMdB6fHK6LQ1LfE/w33+wrmegmyCSo0BjUqULnUPgLbvJao1LL4QWD10O64qokIMBsbJ27acBPCHvfIH3/rZ4w8eQCcQk1k19h32p3XukoPnqr/fVBSZPGFboJwU60SEa8qmOxbQnynx8UZ9KhwbHRHaQ=="
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up aniruddh
|
||||
user:
|
||||
name: aniruddh
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/aniruddh
|
||||
- authorized_key:
|
||||
user: aniruddh
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArCgKTNy3fKwmKalNatkMkQN9+W6pe9c7zHkgrxF+OCZaBJavbAuHSgzZiHPaSfETSo9Y9B+YWI18TCjomVohTi2aEJz1w4z7MjTISzv+xOUPc7RrI8nv7E+amwHXkN57ReFKW8dKj5/mYwcUXCOFoTfVIqQvp/MqEctbQN88NnF+RCQE5aLIPUsxoPRrrsN1lnLRm7TYMxeciEEvZ+i82gqZiSuwYXnmp7YxW9G7xp9PpsNiBfe9fMij4Fgct4zcKUKdy9bHzdN35LvyNJoJy0NZPekV71A/T8Km1I+tQ4Nc2apYgw9ZO3cAYoul/gfdWK5ZCdCWYZL8oeR5XFKgqQ== rsa-key-20190403"
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
- name: Setting up anton
|
||||
user:
|
||||
name: anton
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/anton
|
||||
- authorized_key:
|
||||
user: anton
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsGEzYmXXveq7aGosnJR0I3h9zwPZTOr+ytnOiwPam2KhR9GBzZsAGxtpwXXdvIUtvGFV0tlDWZ851wAYvJsRzwOu7t4OgrtrxkC/qkZ+p9FyjQ4kBX3oSKWJ08J0K59uv3GrNVrVOzyqQ6aGb8TFgCnLN9C9ElWmdmyrZ3evbiraCov9HM8EpxCJN68nPz/ugJvIL6xZe+9+uGRzBrMrtbTPxTFi5SLHg1itPGFVRFJr8ZjOZ4temoZ9IKOi/EYP+FUPk+Xbg+6iaOpS0wlq2eQ+DpMFpsP+kHHiY7X1Ln4pMA4C8ewfqnFi6kI8VJtDFmuZgXlaV/Uq5T54zRzZt amcclure@tilde"
|
||||
- authorized_key:
|
||||
user: anton
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhdNCqJ2+kTVRdf9R2g4Uv9TKuQzY4LbtJm5V1dx7uMfNI8HGHOa8gFopAaId8S9SY5WoIP4R0y+avZQzKRAVcqJNiKrKQDb5juLSWgL51CrOgZd6Y/nCUnvgmpAEUBzlxIBSDmiozDF4R6fk+8MqXsT8/HOaQgXX52v4qWBY9XWSOFwCeukywpnENvNm+H3vJhHddIYtcONWJB5m6msrBRo5NR7uo5RVt5GJpUpXfdI2IHLV4YZavLWiT/yBbBvxCODKWkNNXr9jBZ5RHPnqYcABoAKJ6hMaNzuJfAa9AvlV5aRDhRenOiS2/EQhC4rxPMHmnfn4TYng7vQRbVTvnGeLNGtsLqRDWuNQEmLYUZ8Q4JZfoSzZVmSyy2NeLvJRYxQRh7NTZlzoDkY+JBURINPcfVduVT2DD0buFSdhIq7/jreV1QZuSpOa5ABgvhTOf9bCIPaqbJ/zK7m+rqIPUhvrNZGgC7xkUpzdfl67W3xh+RyEIPdJX98dYZ9bZFFYvntW+plHizBBs+s7kGTV7BKm4rJ2oQfTby1M3++tSTZi/6QAkcOEb3VJ5n0rQiM+FMLuHfP2dPXh3AIVKYAiwZjdrJ3174g8JjSTXt3jJm6I1KW89oG2AcBbI/N3bgIVXcU+IRx846+zU7iZ49YtJK61Ml7u9aVQJDABQEMg6OQ== amcclure@triton"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up apple
|
||||
user:
|
||||
name: apple
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/apple
|
||||
- authorized_key:
|
||||
user: apple
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu19EpP0N/bmxuDfNooDwcEj8pQrbVYuQUrKONmluxeAKLzh+tqr1EzK2FV381a+LiUXtM6H5v7+PJGlp64WOeab3b+58XmijziicyS6K0CSCOGlqcT3vYmZq3K4I5FW0R4erTtp/l40ntTjhWKNxaK+mcxgMZA1jBlKhJGqEM9oMxn45zSqfjh3GumDHn34VCeCOQnz8EPqiO19+bSbQ+m3u4oHaECEBbXX5INpKDGh7i+PNM4ptdNKdLqS7l7xsFifxZvddEB97V0EYLxKwfiAj48k6UE8vad+jDGi0RvjYEIxig3GQBQ4osE2uRZZ0swn7JvVNmkBUU7TuaDoVV"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up arch3r
|
||||
user:
|
||||
name: arch3r
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/arch3r
|
||||
- authorized_key:
|
||||
user: arch3r
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6CWNG2VkA6NW4oEWyjdbTPlaC0VRiTGZ1VibvjWzS3LvoLT0mGLRwuI3ixSCMR4G+mjT9Tul9rZ/sk4zV0lUskTY4eVM2SPuhlgTzaV9TgTutML9DUIGHHwpIcdrsQlpj+2howoT1jOQcp0lN4gFn81qfry/qV2iAKxN50w+fFqHDZ6KNJwBr9pkvFc8uvRp495+HEEVAMz/Xg8zmow8Au6pRTWkQR2J1JseGRdhlfbuNNSwJB160P7TmivNZiQz/HH99jbwToCKEhh5Z1wekyWL0Fw5oCJucaN/r4+ov0A9hVJaCteRJEKZa2X2Rjy1NnypKAjhsYgihUA8FEPu9"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up arda
|
||||
user:
|
||||
name: arda
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/arda
|
||||
- authorized_key:
|
||||
user: arda
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAu7sYvX22y+sJbHICkVmIIaFltPFBiKMF6XeRI5FmSISafSdFtdrzLH7cvAHmvqatknnRN3/EKqO5LM1FiyBDFsjXdw8OfdllGFE6tD/EWYti+TCPRmYGUp0dSjPlukV1wC2WKhSAS/r/2SoXKSvQ3Tr4bqJU5C3uAk9PXMnpqVrL+uGaHcyHqBjDB+yl9UZLV6hd9oZJeyB280ICmZ7u/8cynuC86mishfjQY+fefyp0rpHnOHwcOqRlsU5YNT7lUKYGZUdhaXYEXdo7cA5VqLD1ENCFwvypXGf3Q+2xe8R1fAL5eCoFr9jRRdFkCxg0VwcRc4oimcDZRJeWNTbA+Q== rsa-key-20190126"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up audiofile
|
||||
user:
|
||||
name: audiofile
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/audiofile
|
||||
- authorized_key:
|
||||
user: audiofile
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZtC1bRB+qGqitcIS3PUSZrawKDx+klIHqvrekW68vOMrbPy+1p8fkdPW3oW8+qAc2jeSyGMUNMaN5eCIdJ43WjnmHCSfWFP9IeX/RF/P183ijmB7FfvkfoRAxvkNzIQuVTz4crjKoUSSxQqngsaKg4HE9WWZWYkW/c9/nRzsdWQGkFsnpRDx8k89Cd+1/nza0KvKfgXJ7wCFGbcEKzUlumJXr8UFDS9RwXmZGwr6Nav0Uc+xYdPoX/QOzn6MYiENO4tYvm5UF4v5TNDUtlWB0fvvvswbvvYq5HyXsKU3OMm5+IdaJjnYV3tDgTwmcKmLl8KP4YxxmwDRZotob1jfyeETntmSCKx4yho3ilT7mLxJLhBZ+wnjR3xXF7GaDxPJCiWi8VliOBjJ/yvY/t02MpoZimlLVf54iiDV3OpkxNdjr+zF4JBbxisBTLL/WA0dxW2dLol/lYYoyJyFL/VWKkor7qB68CxMT3ZpFFk2t/1JLLrVK6AbJDgZkjBS1j0TGeTx0/4Sy0PDkzA96ejHMH+S6SWjXakFbNQaLEs+746BbMKdijwIE+Z7SvhWcrjYkGtGZQFl+iosVmx6FRXH6MsXxOSLY9zBzp1xKXP5XLH3ADPYyuzz5o4zab6maX94MQcNmT5b6056WDmp19zO6f+XYMHUl/taKUI5vnzmJgw== david@untitled"
|
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
- name: Setting up ben
|
||||
user:
|
||||
name: ben
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /usr/bin/fish
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/ben
|
||||
|
||||
- authorized_key:
|
||||
user: ben
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0Sf4AJXVn1CKWLPTXoV+bi3LNTGrGDPjWNGnJsIC11frQxDH1D4MM72WBTTERjT2ZpV48sZaPrmeQj960n7RxQAwoE0sDBMO4aKs3TXtaAY+RJarVSRPP3beo6ELONYRvdymnNPOxInWAzsPPjunZ0ufQDUt6Iyy+hTb7FsNgq4A736CxMb4oGSP/AT2Yfb0jUX0vtCxvgQC2T0oYrj8OInv8Qu0/0I0YQErZlkUO92b47B39hMxAIeTX2+0M0g8M5nJAc05gK6eoq27amysXsSm8aM/5ikY1Z4mabfAFtXzxsdFNzQ2TYCqbEnXUr5tTLyjfGYkSd97pbJtaaDBC+NAfX5m8QmrgG/5Ad9dlQH6g5JLng7yeRJYfzTlVW2gvmMnrAplHjCEIwCO0LA4zotzs6XkVrxQDmj2VGDdyFu4Z8fv9Ruf0lCE8PG03TnX7yJiE9RtT6KX3m+12xr71rdfVONRuZVkQlPlGKllGLQ7ZM5QJ2aVPDI1s2ZHFF9bm8lzg8u49KEmAJZpZPm+wc1b43inuiN/ftcl7oe1ZIxilUmJXaG74xbhfLSZa+S93WryhZ9cjoSy9p3q0QmZZh2ePSNyc6R3xJQnPjDozpJ0D3CRVeGJomGHS2E8wrHtWs5L2q0A3CjlVaducD1M2MgnQNEDmiKVob1utOKwrLw== openpgp:0x2206A906"
|
||||
|
|
@ -12,4 +12,4 @@
|
|||
- authorized_key:
|
||||
user: bercik
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrcdk2gzXkA6/PeK4saksdTLAmLGOcUhfBgTL7aBodlQBnZrRw7aIO9M0Ea4LNxEWoJtC9il6/QT4TOqWMY/Y/NVfZWYM8jmYuksm93NO8bCgF86ebdUGNNB7WxczHcjh5gMa3prEVvuxrM0+cwMSYAzkCpl3QrklyDHFNpt86slWE88oTIxkcUmNAd22TZolKmKQtSJDBzqNfpXYzqqBRV2s6cF/wj4FqH1mwafkCPObfbuF0JwfQT2LPhSl9Nt361AndbrokXgiuxWppWUqlROBtRs00EEoQ10osFP+u6NJtnjUcCEN+VltUW4Kg9sgf6E9wUvP7GvLBjC9xd2bz bercik@hercules"
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+7sSazxu92Sdig7YZbtlw2w6rNKmp7madX+MnDDrn38zXKRCfUbJohmDSqyHqLlQ/zlUDqaABrbQX0bAwVdr8Bvsg5HHjOUsYfrH+iwgfe5k/jUmNSTUlwJ0flfLUCILK4Gi8yM81c22lTCD8pEQ5NmnScwK9dBRebtYn577LXgP8YpkeZJSMZt2r+pcHZ7FkRX0QJBFO/ggQqSN1/QpTIRTxRCoKO4E4t1lPJ9B4a6on9X1oekBZBYq1Xe/mSuoVLHVIv0pAtNzLNmPwy7a9f2wXUzK+7YujrnYFfzlxzQmN1EkLnWHCY1tJdkHn69+5W8wfShc7DeA93KbdkdmV bercik@pollux"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up blades
|
||||
user:
|
||||
name: blades
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/blades
|
||||
- authorized_key:
|
||||
user: blades
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs0xX4pTE5IkergDLdJb0G03Xw4QVXhgjMy9ePa7KD2d1zMlbGEUv7R8uAMMBE59VEk8ZUM9vSH0Y9pUX8y/Ay8G6ktC7KMSO2G8l+IAoVINzWSV/ng2/m/Z8GJvgUPeE31hQVfdNoMWcM9rdK/uerh+V42p/vE8vSZ1KQy4zqUU20b5gCWd9rfq0JVR8bHNSELGYNCpvIwyMTKoFCty0psCE20HIjXcABIgvruUv/HPKOuBQ8XMir6Qophx30LNAmzKpF4ZvAf1kqcgYhgBPdq8YtrX8LoZqSvgxZM/fzkLeG8UO8BJ1T8k8BPTYqKieeXXoObIHjvZCfRUwggdJz"
|
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
- name: Setting up brendantcc
|
||||
user:
|
||||
name: brendantcc
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/brendantcc
|
||||
- authorized_key:
|
||||
user: brendantcc
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwZ5nnwTjkAE4F2Fg6NiL6SI5BsPXipiVhmqyPFMqTAGJ6SJ7wbROCpRHC0yBVYTRRNwMy3mvPXApXF3Xp8XyDPxeqe+MRbyBPlvYHXaY46PlfqpuVSxqexNbmjsu1Evdh6GNPKTd0nj2To4rqO+yO/B9JuotQtF+hqtz87lKiX1MEYtZzFJlPWj1N5j/pfrUtZfTQ/FwA4A+KEIN+v2RsIB2HH+mDTbDyJ1xz9/155iaYkBisixVnyZ3CoQJYdzDQkU0v7nJ0ZUlrs25LvnIHEZ0AF3z2lvGipqC1meDqvgjK21JNMRw56szVAHlT/ByKeXRzAbcSuBjKLJiD9sDh"
|
||||
- authorized_key:
|
||||
user: brendantcc
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBXAKn0gfQNja+YUlXrwCMVI8WP5KigPDrOzbK5rRNobkjVQ5ix4edporfC4kw32mHcDavx0epFZjTf6Wz2NCchcSrT0e6F6Mo26u0Ji5On793McMWyXEu0d4qn2PZBDLqartFY39WB5fUzF7yA752gyf9dHE03p4BNWBdQvWtGQhNL9VS8jZ9+ejbxNwsvl89of7oLOMFs9L45FV2huWDKelJEmKqRNYiS8AK7eOKApgVtCiSrMtptqf4oKSWE5niP7UDQTcFOBt8/EgzPNaOj7FFulJl1K0zkp6wxFMgeD9Xfk5nw3xDXqfkyjKA4jVqzScG3F46XZUx6dZEGWAX"
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up brokenix
|
||||
user:
|
||||
name: brokenix
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/brokenix
|
||||
- authorized_key:
|
||||
user: brokenix
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+qGZt59RqOa08FpfiBygMJLfbR8wWYQ7OcPYJMTAmY jasitis@gmail.com"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up bullah
|
||||
user:
|
||||
name: bullah
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/bullah
|
||||
- authorized_key:
|
||||
user: bullah
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAlEL0FrvZjeep28ScoVk+PLfk1LpAtOjF7vB0lrI+YDme6jykHS32JOPWcEgd9eMxv9FbkrCUxcYCdrYc1ZDac64ayVaQ50nBS0d1humkOmQXJBqicL6WB7GPkcapnrhENArB9b4KZ6sOLVQserFHDBUdWJBoYLy54gYeIaMtnvFOhcCvaqW9Crp+lzP0o5vdQBoV86jBcUdU3K7jR1H24i7XOTjb/tHkpM2uwjduW9MdQ+o2KSieepbUmMSkURK40sOcitlc1BcfADIeWevL5tv6f10HXkigWqqM0S2aZcAbEzmJ5Trj7C02rZ+qLTSdsGn0/MF8rNDNTN2QeVD4lQ=="
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up campari
|
||||
user:
|
||||
name: campari
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/campari
|
||||
- authorized_key:
|
||||
user: campari
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+8OtQsAFaxMrpuyt489w3Tn2U/hj2UBk1PcocLRxRXXhX9KRmwXHa2mjZlJP5zjQh12sm9HWDpMYda/aTmrvm0Y21Jx3a2B8ddbdTYc2RVXvEzQ77Va8VxQNyR/ijvTeRqKK0xMRwzBe9X5BR1yIRSKoHjfsiwj1dvYmy8/oHvQI0nK05SyIBzNelLBXcrSkBKqWEGI/Vx9/ortFh/D2k2Qmq+ti+eT58Th76KoISDmYgWRSHM6MjHHBQONNfUQfvX5CWTy2wnm6k5iDVP0Z5AMQdfk6McJxfMZIKH0N/jF31GSw5b/Wo4riguujPd1y3qS29I4Iy3qeado2a4pqV campari@Alpha"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up chuck
|
||||
user:
|
||||
name: chuck
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/chuck
|
||||
- authorized_key:
|
||||
user: chuck
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwRk9WKR2Wk+JCPMT1GC90IGfgZqRlDXNaCHb3/+vdUMlc8HY/JhU/EXMz4enxHugMv6ZRmRfzVSvQ7Mx923VpHY2zqLuZI7fzc1+voffAY4Fq7/eIcZEhVReSWZ6DGmGhGQYmq/hiONoUDdld9UEzQhKhbJP03tj4KvFIgoXtSa6gx7AEvNz5jQc73RQcySeOwE3Sca3F3QPLVVkooFfk6U3vpz1PEluyrxvS6Yyy6LUwJ9UWzHXGslG/Ww4oQc6VeIVK8BtsDmkMOW+jGU3js9b+Y7ek/o964Pc19fb6FtilbBBoOB7d9wsp5/sf2ZnW/ZoxlSQwvn2MjlirypnIARJGOocG9Tmh5yT8p7AHZqN2ZJiGiN+/yM9jYsU5e34GFyKPglvcEw5BM8TSqOrhADA58oqUHYvbfg7OgHnETG5jpFwOnSq+KdU9ErhNZ7s89Xd8XOO4FJJSjduVkrxG1d0EIQ7CPX2AMoFrcuGUif2ImJSlV86lse2KUMzvjwC/vh5gpfmLu1opVID4XB4PCR8jPW0QGzjY0fMnU/pHPpssguOhfJbKLddDWJKFTl5iu5Uu0mm+Nd2dHNZgFoKfr/bZzgQmNBHDeoCgwc69sttZBuFiJ02IBGlyb5cFJ8am4FgllKV3ZA61yQAdq1jon8z1vAoz3S54mQ+l+iX8pw=="
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up computertech
|
||||
user:
|
||||
name: computertech
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/computertech
|
||||
- authorized_key:
|
||||
user: computertech
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFFqinkb5gqHT2qsNFX/Xr6hixF21hwisv3miMvPuNYU hp@LAPTOP-T7K831P0"
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up cyberx9901
|
||||
user:
|
||||
name: cyberx9901
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/cyberx9901
|
||||
- authorized_key:
|
||||
user: cyberx9901
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3x2eIKXWIxzElC1yNt8tOWEcJ/C/WZSa/sVXP2OigBa/wyQDH7omxRFayL6YInWcBcLcjcIDcOXA8t5B0mvxeACcFA8nxD5hotaewK3LGu/HHZ8BRstjHf98Hlmk9FhnN0pUuJvrS6Z3D7Q0tMgt1jI4bggeqj8wREUP4H3z0sdE5LTFczz9U9xFP93f8cfJhoVg7jeh+gwyKyJ0c0tmpNt2MDi1JzwBV6bm2NJnkL65OOiq7nHCyS5ppL2FxTI/q8JGcKO7e3X7Y/vs6CotWb+/RwOBdprpF4lC0Iep8PbMTXTOrchOM+HAhw27QKEt18SNc+YNeRjqJL0qekxzl"
|
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
- name: Setting up cyphyx
|
||||
user:
|
||||
name: cyphyx
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/cyphyx
|
||||
|
||||
- authorized_key:
|
||||
user: cyphyx
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDKqC9q9QPqGqOuOb9DimlrA/RxzzLPfnMwZyngQBRPROsCrDlgAD42y8UWvlpTPxEZOI+PVSOkts3IFyeH2b3r6PZd8rSyl/5PiEBX1fcyiza9XJDw6nsicKIG8RzfQ6wlxL3692qNVgtKAUT+W+Mv2u62AV/CUh4UERN/XuFpUlGGkGFPWBsNwv7Z70oC459bZJ7ZZSmfJkBLnyW/I/poEbEIkpevx/qjFu+1z+UuAAyY1OO/RodVhVIs5x7MSONKTn/3gwXsdH7E8ZoRfN9ur50mySmWMKMbssmnG1xoOVRKlAaK3DttG7vLxBBtrdoSzQVS01Bd+qi9P7vhzo2cSCZovcfA+E4zDdwb0ZCy9kLpzpbOIqu+4QyALFzEvBkbyQsMdBqutzM5muk/p5QCZU7Tfy6/R4kGhT3GrQ+3gEZX/OKtaFbj8a2plccBcizdmO3ArlViw78Rw2YgGuIslXOu0/BLHR/kLcP8QkzbBqoobVU2dqxriZUcZ4VFWS36YrN0NB3mOd6rpEp28a7vZRlmj0I3hZnMdl6knHZfre0ZrbyCL2t05aABh348Ny7cQOmsjlAkNqyeB5JIevfz5Bq/kRrGQH4xcEtvhjo6j/ifdu2AQfLG30MtrxZb8FkEQEOQxwkruipySm18cG9H4ssNSwPFH2SmOPizOdpLMQ=="
|
||||
- authorized_key:
|
||||
user: cyphyx
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgBKBkccRNu3wf5cbkvdrVJ79Sr043VBJJ0S/vZa+KG8fkjf0tQmZRzdq54djGLXASIvEiu7con0XBidtRu/s3GblFpIoTDEiEqzc7/oJFEGwk/G4sdIDz+8/9jwMIsYeO3TbKyRyWDTCNgp3h11xwJ+LMMKGL7tVQpAM08lhS/mHZtWct8Xwey2qb/prkUBPwMA5CSCSlj0UI3RAFC5j7UdiC/HOk5O7w5zFWt2CMz1SVbN4oxqmqmX1HxirkmiYLgykoi15vz0CLhUMN/xnqT5Ph45nk0uiqjgWqPk+zwA+8FEQUewfeqbvqT2dyjOIZ4gDBaY1oKgwx7U8ud2Icnj+nZlJf92w3Vnud0CiSWt6CCvh5nyDn1465hXK4NIIPav8XrNd03DAsQmi4BvDSVpN4ieRqo/HCE/iujyHx2cm3vJLavlYXSwQin3p5FIKzxS1D+yu6chD1eveNUg+i7+/TIxtnmv7nCbwEhw3JSRHHwSpFCpSGsZ0gb7/uCSVVFz5nmNlheIbYADGxezZDiPstJj1ITgnb5nq+hXCN9lAEjqrJW2gTjN+Gl/lYPGLUxtjKkxpWwhCdn7NORR95xlCzQzu0wWn9gIKr56LGmSf4+T8PoapqodEfevXAArKrXzO5sKJ/V2Wkz4vnVyx4ReaXQ7gWfYEoCXFpkZHkAQmw=="
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
- name: Setting up d34d
|
||||
user:
|
||||
name: d34d
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/d34d
|
||||
- authorized_key:
|
||||
user: d34d
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0SoDOSIkZSeflrDqb+QXOf7zs58SRYsPFkpUG61W6j2AlxqtbTuif4msprLP3SWsDnroTkeuOr2GMaBPhC4YybyQiddCZJUVo11Y8FDgqNscZRl3hd38XnULRVEDGZ40M/mkp2v/f+rIwxEENYT37e+YDAO2Y19oL97lKxUhFph1t1IHHWqG0LXwBzByXoBt/pDtIB8FdNvBAbhHuUVORjBKuH/g12TcjCYZhpmL8iJSMbTRFjCWXIyflHA1Q59DHt9ZbOzZlgUzXcVB+YfC0iZ7h8Ju1EN2tCgqmMnsB9MxKbaUR25u6dxxz66Edtu9zhxJWfl2axNw4dDltPQaVncTtqwvqGNLI15nsDKM0gpGDeyqEB8pO8FSEPv+xdpFH928vl32PljiinK09afwspiKlMAjigG0o1MTR2nnoR7Oxtlcv8+srPaklLgO2krNeRtapsZJBvrd8DmJ6WMmB/4tbm281vKwI91hiaxmSJAHiAnDvq+F1XrBtQz3PIcU= u0_a172@localhost"
|
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
- name: Setting up dalist
|
||||
user:
|
||||
name: dalist
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/dalist
|
||||
- authorized_key:
|
||||
user: dalist
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAo5E9L12w8kqRhm8jM44xVMEUNuEPt0GLc482G5g3GjWvur9kCsg48Ju53mSXtMyDT/Z+iRwrCyK6EXcIlzG0CrlV0uLXc/7RBA55PI6RPCFF2eBRlplscOiDaKykqB7tPPiPA6LoH1+W57sDGF1S48gF3AHKfRZ8N0n9vQsCW8uDFWq25m3KWFO8JZrAW4MOHMdzxq7JMpzOCC+iBYbbVL6XT+4nBPjN7PCxgj3JgQmBQGW8Xf1994aqPGaMP9DdbDGnDkHRs5SXcLh9tkq1kG3FzJ5680S77p1cZkck96UyoUkp2crgnnGfqp3Zn1m6u9pG81wQrZCfBjlWfW2Uzw==
|
||||
"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up dariusz
|
||||
user:
|
||||
name: dariusz
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/dariusz
|
||||
- authorized_key:
|
||||
user: dariusz
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6vXOyzz4nwf5NwC80iwlL48ekmvcSxxa+lHVb20AGg"
|
|
@ -1,16 +0,0 @@
|
|||
---
|
||||
- name: Setting up deepend
|
||||
user:
|
||||
name: deepend
|
||||
groups: tilde,sudo
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /usr/bin/fish
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/deepend
|
||||
|
||||
- authorized_key:
|
||||
user: deepend
|
||||
state: present
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEnnu2r9ZxedvrcDKvVAouXWNNj5+tdT9tYFMK/60u9"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Setting up derby
|
||||
user:
|
||||
name: derby
|
||||
groups: tilde
|
||||
state: present
|
||||
skeleton: /etc/skel
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /home/derby
|
||||
- authorized_key:
|
||||
user: derby
|
||||
state: present
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqLuq7VyUoP+ChhweSSObppG3VBANMvPYTKR1cLkMshMY/MBI6Kx6iuJpkpOg1ZWlUxKwyizB4yIvdB53UYj+cETApKHXGU0F3xA80RvkDcKEvTjKZ4lBJo9GU5eKKivrxHpxWiNBGDbLrw+2msA0QeKKF0Mj/ggHRcSUtin4Z1dzq6xe2bN4n4a8cZyD6Bi6wKvEb/hQTKHjjZTgvG7OXERxmlP0xiY8HTP9Bj1d9my4R+XvSXxuj8rVSwpTmc6CZ3Lt/H2/ULV5lIAfgCzfGC6by3UbJrQkcsjaH86cjJv7YhLFSNnlLFPiha1yIEzmtcQhnJMpJDbUBEBWc14njQ=="
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue