thunix
/
ansible
Archived
6
7
Fork 19
Code Issues 8 Pull Requests 1 Releases Wiki Activity

Compare commits

base: thunix:master
Branches Tags
thunix:master
thunix:Debian12
fosslinux:master
..
compare: fosslinux:master
Branches Tags
fosslinux:master
thunix:master
thunix:Debian12

1 Commits
master ... master

Author SHA1 Message Date
fosslinux 88aaa521c8 add drone ci
continuous-integration/drone/push Build is failing Details
2020-01-01 10:33:41 +11:00
258 changed files with 2579 additions and 2391 deletions
Show Stats Expand all files Collapse all files

8
.drone.yml
View File

@ -3,7 +3,13 @@ name: default
steps:
- name: syntax
image: debian:11
image: debian:10
commands:
- .drone/deps
- ansible-playbook -i hosts site.yml --syntax
- name: run
image: debian:10
commands:
- .drone/deps
- sed -i "s/thunix.net/127.0.0.1/g" hosts
- ansible-playbook -i hosts site.yml

3
.drone/seds
View File

@ -1,3 +0,0 @@
#!/bin/sh
sed -i "s/thunix.net/127.0.0.1/g" hosts
sed -i 's/- include: resolv.yml/#&/' roles/common/tasks/main.yml

1
.gitignore vendored
View File

@ -1 +0,0 @@
*.swp

3
README.md
View File

@ -1,7 +1,5 @@
# Thunix Ansible Playbook
[![Build Status](https://drone.tildegit.org/api/badges/thunix/ansible/status.svg)](https://drone.tildegit.org/thunix/ansible)
Clone repo, then execute playbook as follows:
```/usr/local/bin/ansible-playbook -i /var/thunix/hosts /var/thunix/site.yml```
@ -32,7 +30,6 @@ After that, run it again, without the syntax flag:
If it looks good, add all your files, then push to the repo.
If for whatever reason you **can't** do this, create a PR and let our CI (Drone) test it for you.
### Adding a Package
To install a new package on a machine, just find the package name, and add it to the end of ./role/{which role}/tasks/packages.yml. Run ansible-playbook against thunix:

11
hosts
View File

@ -1,13 +1,8 @@
[all:vars]
ansible_connection=local
ansible_python_interpreter=/usr/bin/python3
[common]
localhost
thunix.net ansible_connection=local
[shell]
localhost
thunix.net ansible_connection=local
[webserver]
localhost
thunix.net ansible_connection=local

2
roles/common/files/ansible-pull
View File

@ -1,5 +1,5 @@
#!/bin/bash
export ANSIBLE_LOCAL_TEMP=/tmp/.ansible
export ANSIBLE_LOCAL_TEMP = /tmp/.ansible
cd /var/thunix/ansible
git pull
ansible-playbook -i ./hosts site.yml -u root

20
roles/common/files/ansible-run
View File

@ -1,23 +1,15 @@
#!/bin/bash
export RUNNING="/dev/shm/ansible_is_running"
export HOOK="/dev/shm/ansible-hook-last-run"
export PATHMODIFIED="/dev/shm/run-ansible"
export SCHED=1
if [ -f $RUNNING ]; then
echo "Ansible is currently running."
exit 1
else
touch $RUNNING
cd /var/thunix/ansible
while [ $SCHED = 1 ]
do
sleep 1
touch $RUNNING
/usr/bin/git pull
/usr/local/bin/ansible-playbook -i /var/thunix/ansible/hosts /var/thunix/ansible/site.yml -u root
touch $HOOK
[ "$PATHMODIFIED" -ot "$RUNNING" ] && SCHED=0
! [ -f "$PATHMODIFIED" ] && SCHED=0
done
/usr/bin/git pull
/usr/local/bin/ansible-playbook -i /var/thunix/ansible/hosts /var/thunix/ansible/site.yml -u root
touch /dev/shm/ansible-hook-last-run
rm $RUNNING
exit 0
fi

4
roles/common/files/etc/letsencrypt/renewal-hooks/update-postfix
View File

@ -1,4 +0,0 @@
#!/bin/bash
/bin/systemctl restart postfix
/bin/systemctl restart dovecot

23
roles/common/files/etc/network/interfaces
View File

@ -1,23 +0,0 @@
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug ens33
iface ens33 inet static
address 142.44.150.185/32
gateway 66.70.181.254
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 8.8.8.8 8.8.4.4
dns-search net
up ip route add default via 66.70.181.254
# The IPV6 network interface
iface ens33 inet6 static
address 2607:5300:0204:4340:0000:0000:0000:0185/64
gateway 2607:5300:0204:43ff:00ff:00ff:00ff:00ff

56
roles/common/files/etc/pam.d/sshd
View File

@ -1,56 +0,0 @@
# PAM configuration for the Secure Shell service
# Standard Un*x authentication.
@include common-auth
# Disallow non-root logins when /etc/nologin exists.
account required pam_nologin.so
# Uncomment and edit /etc/security/access.conf if you need to set complex
# access limits that are hard to express in sshd_config.
# account required pam_access.so
# Standard Un*x authorization.
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible that a
# module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
# Set the loginuid process attribute.
session required pam_loginuid.so
# Create a new session keyring.
session optional pam_keyinit.so force revoke
# Standard Un*x session setup and teardown.
@include common-session
# Print the message of the day upon successful login.
# This includes a dynamically generated part from /run/motd.dynamic
# and a static (admin-editable) part from /etc/motd.
session optional pam_motd.so motd=/run/motd.dynamic
session optional pam_motd.so noupdate
# Print the status of the user's mailbox upon successful login.
session optional pam_mail.so standard noenv # [1]
# Set up user limits from /etc/security/limits.conf.
session required pam_limits.so
# Read environment variables from /etc/environment and
# /etc/security/pam_env.conf.
session required pam_env.so # [1]
# In Debian 4.0 (etch), locale-related environment variables were moved to
# /etc/default/locale, so read that as well.
session required pam_env.so user_readenv=1 envfile=/etc/default/locale
# SELinux needs to intervene at login time to ensure that the process starts
# in the proper default security context. Only sessions which are intended
# to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
# Standard Un*x password updating.
@include common-password
auth required pam_google_authenticator.so nullok

8
roles/common/files/motd
View File

@ -8,9 +8,8 @@
https://www.thunix.net EST DEC 2018
-----------------------------------------------------------
brought to you by:
ubergeek fosslinux naglfar
continued by:
deepend
amcclure naglfar
ubergeek fosslinux
-----------------------------------------------------------
For system document type 'man thunix'.
-----------------------------------------------------------
@ -33,4 +32,5 @@ an issue here: https://tildegit.org/thunix/ansible/issues
-----------------------------------------------------------
Enjoy your stay!
*** END OF LINE.
*** END OF LINE.

6
roles/common/files/resolv.conf
View File

@ -1,4 +1,2 @@
nameserver 127.0.0.1
#nameserver 149.56.184.112
#nameserver 95.179.226.37
nameserver 8.8.8.8
nameserver 149.56.184.112
nameserver 66.42.77.29

32
roles/common/files/sshd_config
View File

@ -1,4 +1,4 @@
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
@ -24,7 +24,7 @@ Port 2222
#RekeyLimit default none
# Logging
SyslogFacility AUTHPRIV
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
@ -38,7 +38,7 @@ PermitRootLogin without-password
PubkeyAuthentication yes
# Expect .ssh/authorized_keys2 to be disregarded by default in future.
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
#AuthorizedPrincipalsFile none
@ -55,11 +55,10 @@ AuthorizedKeysFile .ssh/authorized_keys
# To disable tunneled clear text passwords, change to no here!
#PermitEmptyPasswords no
PasswordAuthentication no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
@ -68,8 +67,8 @@ ChallengeResponseAuthentication yes
#KerberosGetAFSToken no
# GSSAPI options
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
@ -84,12 +83,10 @@ GSSAPICleanupCredentials no
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
# AuthenticationMethods publickey,password publickey,keyboard-interactive
#AllowAgentForwarding yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding no
X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
@ -98,7 +95,7 @@ PrintMotd no
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation sandbox
PermitUserEnvironment yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
@ -116,13 +113,14 @@ PermitUserEnvironment yes
AcceptEnv LANG LC_*
# override default of no subsystems
Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp /usr/lib/openssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
ClientAliveInterval 120
ClientAliveInterval 120
PasswordAuthentication no

34
roles/common/files/usr/local/bin/modlog
View File

@ -1,34 +0,0 @@
#!/bin/bash
################################################################################
#
# $0 is a tool that logs mod actions
#
# Arguments:
# {action}
#
# Return codes:
# 0 Exectuted without problem
# 1 Incorrect usage pattern.
#
# This software is licensed under the AGPL 3.0 or later, by
# ubergeek <ubergeek@thunix.net>
#
################################################################################
ACTION=$*
function usage() {
cat << _EOF
$0 {action}
{action} Free form text of what action was performed.
_EOF
}
if [ "$1" == "" ]; then
usage
exit 0
fi
echo -e `date`"\t"`whoami`"\t"$ACTION | sudo tee -a /root/modlog

3
roles/common/files/usr/local/bin/setup-2factor
View File

@ -1,3 +0,0 @@
#!/bin/bash
google-authenticator -t -d -f -r 3 -R 30 -W

12
roles/common/tasks/2fa.yml
View File

@ -1,12 +0,0 @@
# This will add script to run google-authenticator for users to set up 2FA
---
- name: Set 2FA
copy:
src: ../files/usr/local/bin/setup-2factor
dest: /usr/local/bin/setup-2factor
owner: root
group: root
mode: 0755
# last line of ../files/etc/pam.d/sshd will need to be copied to /etc/pam.d/sshd.
# Decided it to risky to automatically have ansible add that.

2
roles/common/tasks/main.yml
View File

@ -9,5 +9,3 @@
- include: ansible-pull.yml
- include: manpage.yml
- include: monitoring.yml
- include: scripts.yml
- include: 2fa.yml

58
roles/common/tasks/packages.yml
View File

@ -1,20 +1,9 @@
# Install our baseline packages for all machines, irrespective of what role they might have
---
- name: Install bootstrap packages
apt:
name: "{{ packages }}"
- name: Add Thunix Repo
apt_key:
url: http://deb.thunix.net/release.key
state: present
update_cache: yes
vars:
packages:
- python3
- python3-apt
- gpg
#- name: Add Thunix Repo
# apt_key:
# url: http://deb.thunix.net/release.key
# state: present
- name: Install baseline packages
apt:
@ -29,39 +18,30 @@
- debhelper
- dpkg-sig
- git
- libpam-google-authenticator
- ieee-data
- libboost-dev
- letsencrypt
- man
- members
- pflogsumm
- python
- python3-certbot-apache
- python3-certbot-dns-cloudflare
- python3-httplib2
- python3-jinja2
- python3-kerberos
- python3-markupsafe
# - python-netaddr
- python3-paramiko
# - python-pip
- python3-pymysql
- python3-selinux
- python3-xmltodict
- python3-yaml
- python3-flask
- python3-flask-restful
- python3-flask-api
- python3-pip
- python3-psutil
- python3-pymysql
- sqlite3
- python-certbot-apache
- python-httplib2
- python-jinja2
- python-kerberos
- python-markupsafe
- python-netaddr
- python-paramiko
- python-pip
- python-selinux
- python-xmltodict
- python-yaml
- sqlite
- sudo
- systemd
- ufw
- libboost-dev
- python-pymysql
- python3-pymysql
# Install ansible python package, because it's the latest
- name: Install ansible
pip:
name: ansible
name: ansible

10
roles/common/tasks/postfix.yml
View File

@ -1,10 +0,0 @@
# This setup the letsencrypt stuff we have
---
- name: Set up post-deploy LE stuff
copy:
src: ../files/etc/letsencrypt/renewal-hooks/update-postfix
dest: /etc/letsencrypt/renewal-hooks/update-postfix
owner: root
group: root
mode: 0644

9
roles/common/tasks/scripts.yml
View File

@ -1,9 +0,0 @@
# This deploys manually managed scripts
---
- name: Deploy modlog tool
copy:
src: ../files/usr/local/bin/modlog
dest: /usr/local/bin/modlog
owner: root
group: root
mode: 0755

2
roles/shell/files/bbj
View File

@ -1,2 +0,0 @@
#!/bin/sh
exec python3.9 /usr/share/bbj/clients/urwid/main.py --host bbj.tildeverse.org

14
roles/shell/files/bzflag.service
View File

@ -1,14 +0,0 @@
[Install]
WantedBy=multi-user.target
[Unit]
Description=BZFlag Game Server
After=network-online.target
[Service]
ExecStart=/usr/games/bzfs -conf /var/lib/bzflag/bzflag.conf
ExecReload=/bin/kill -HUP $MAINPID
User=bzflag
[Install]
WantedBy=multi-user.target

6
roles/shell/files/chat
View File

@ -1,7 +1,3 @@
#!/bin/bash
if [[ -f ~/.weechat/irc.conf ]]; then
exec weechat
else
exec weechat-curses -r "/server add tilde irc.tilde.chat/6697 -ssl -autoconnect; /set irc.server.tilde.autojoin \"#meta,#thunix,#tildetel\"; /connect tilde"
fi
weechat-curses -r "/set irc.look.temporary_servers on; /connect irc://`whoami`@localhost:6667/#thunix"

2
roles/shell/files/etc/cron.daily/postfix_stats
View File

@ -1,2 +0,0 @@
#!/bin/bash
/usr/sbin/pflogsumm -d today /var/log/mail.log | mail -s "Mail Report for `date +%Y/%m/%d`" postmaster@thunix.net

6
roles/shell/files/etc/cron.hourly/znc_saveconfig.sh
View File

@ -1,6 +0,0 @@
#!/bin/dash
PID=$(pgrep -u znc znc)
#Rewrite znc.conf
[ $PID ] && kill -s USR1 $PID

6
roles/shell/files/etc/dovecot/conf.d/10-ssl.conf
View File

@ -9,8 +9,8 @@ ssl = yes
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
ssl_cert = </etc/letsencrypt/live/thunix.net/fullchain.pem
ssl_key = </etc/letsencrypt/live/thunix.net/privkey.pem
#ssl_cert = </etc/dovecot/dovecot.pem
#ssl_key = </etc/dovecot/private/dovecot.pem
# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter. Since this file is often
@ -44,11 +44,9 @@ ssl_key = </etc/letsencrypt/live/thunix.net/privkey.pem
# DH parameters length to use.
#ssl_dh_parameters_length = 1024
ssl_dh=</etc/dovecot/dh.pem
# SSL protocols to use
#ssl_protocols = !SSLv3
ssl_min_protocol = TLSv1.2
# SSL ciphers to use
#ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL

4
roles/shell/files/etc/letsencrypt/renewal-hooks/deploy/reload-dovecot.pem
View File

@ -1,4 +0,0 @@
#!/bin/bash
#to reload the configuration.
/usr/bin/doveadm reload

9
roles/shell/files/etc/letsencrypt/renewal-hooks/deploy/update-znc.pem
View File

@ -1,9 +0,0 @@
#!/bin/bash
#https://wiki.znc.in/Signed_SSL_certificate
DOMAIN="thunix.net"
ZNCPEM=/var/lib/znc/znc.pem
echo "Updating znc.pem Before ZNC 1.7"
cat /etc/letsencrypt/live/thunix.net/privkey.pem > $ZNCPEM
cat /etc/letsencrypt/live/thunix.net/fullchain.pem >> $ZNCPEM

10
roles/shell/files/etc/letsencrypt/renewal-hooks/update-znc.pem Executable file
View File

@ -0,0 +1,10 @@
#!/bin/bash
#https://wiki.znc.in/Signed_SSL_certificate
ZNCDOMAIN="thunix.net-0001"
ZNCPEM=/var/lib/znc/znc.pem
#[[ $RENEWED_LINEAGE != "/etc/letsencrypt/live/$ZNCDOMAIN" ]] && exit 0
echo "Updating znc.pem Before ZNC 1.7"
cat /etc/letsencrypt/live/$ZNCDOMAIN/privkey.pem > $ZNCPEM
cat /etc/letsencrypt/live/$ZNCDOMAIN/fullchain.pem >> $ZNCPEM

61
roles/shell/files/etc/opendkim.conf
View File

@ -1,61 +0,0 @@
# This is a basic configuration for signing and verifying. It can easily be
# adapted to suit a basic installation. See opendkim.conf(5) and
# /usr/share/doc/opendkim/examples/opendkim.conf.sample for complete
# documentation of available configuration parameters.
Syslog yes
SyslogSuccess yes
#LogWhy no
# Common signing and verification parameters. In Debian, the "From" header is
# oversigned, because it is often the identity key used by reputation systems
# and thus somewhat security sensitive.
Canonicalization relaxed/simple
Mode sv
SubDomains no
OversignHeaders From
# Signing domain, selector, and key (required). For example, perform signing
# for domain "example.com" with selector "2020" (2020._domainkey.example.com),
# using the private key stored in /etc/dkimkeys/example.private. More granular
# setup options can be found in /usr/share/doc/opendkim/README.opendkim.
#Domain example.com
#Selector 2020
#KeyFile /etc/dkimkeys/example.private
# In Debian, opendkim runs as user "opendkim". A umask of 007 is required when
# using a local socket with MTAs that access the socket as a non-privileged
# user (for example, Postfix). You may need to add user "postfix" to group
# "opendkim" in that case.
UserID opendkim
UMask 007
# Socket for the MTA connection (required). If the MTA is inside a chroot jail,
# it must be ensured that the socket is accessible. In Debian, Postfix runs in
# a chroot in /var/spool/postfix, therefore a Unix socket would have to be
# configured as shown on the last line below.
Socket local:/var/spool/postfix/opendkim/opendkim.sock
#Socket inet:8891@localhost
#Socket inet:8891
#Socket local:/var/spool/postfix/opendkim/opendkim.sock
PidFile /run/opendkim/opendkim.pid
# Hosts for which to sign rather than verify, default is 127.0.0.1. See the
# OPERATION section of opendkim(8) for more information.
#InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12
# The trust anchor enables DNSSEC. In Debian, the trust anchor file is provided
# by the package dns-root-data.
TrustAnchorFile /usr/share/dns/root.key
Nameservers 8.8.8.8,1.1.1.1
# Map domains in From addresses to keys used to sign messages
KeyTable refile:/etc/opendkim/key.table
SigningTable refile:/etc/opendkim/signing.table
# Hosts to ignore when verifying signatures
ExternalIgnoreList /etc/opendkim/trusted.hosts
# A set of internal hosts whose mail should be signed
InternalHosts /etc/opendkim/trusted.hosts

13
roles/shell/files/etc/postfix-policyd-spf-python/policyd-spf.conf
View File

@ -1,13 +0,0 @@
# For a fully commented sample config file see policyd-spf.conf.commented
debugLevel = 0
TestOnly = 1
HELO_reject = SPF_Not_Pass
Mail_From_reject = Softfail
PermError_reject = False
TempError_Defer = False
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1

52
roles/shell/files/etc/postfix/main.cf
View File

@ -11,12 +11,11 @@ readme_directory = no
compatibility_level = 2
# TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/thunix.net/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/thunix.net/privkey.pem
smtpd_tls_cert_file=/etc/letsencrypt/live/thunix.net-0001/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/thunix.net-0001/privkey.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_security_level = may
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
@ -38,8 +37,8 @@ mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
#inet_protocols = ipv4
#inet_protocols = all
inet_protocols = ipv4
home_mailbox = Maildir/
@ -49,45 +48,10 @@ smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
# Enforce the requirement for a helo to be sent for each message
smtpd_helo_required = yes
# Don't accept mail from domains that don't exist.
smtpd_sender_restrictions = reject_unknown_sender_domain
#Allow ONLY authenticated users to send email
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unauth_pipelining,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unknown_reverse_client_hostname,
check_policy_service unix:private/policyd-spf,
reject_rbl_client bl.fmb.la=127.0.1.[24;25;26;27;28],
reject_rbl_client spam.dnsbl.anonmails.de,
reject_rbl_client uribl.abuse.ro,
reject_rbl_client all.spamrats.com,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client xbl.spamhaus.org,
reject_rbl_client pbl.spamhaus.org,
reject_rbl_client blackholes.tepucom.nl,
reject_rbl_client hostkarma.junkemailfilter.com=127.0.0.2,
reject_rbl_client truncate.gbudb.net,
reject_rhsbl_sender dbl.spamhaus.org
policyd-spf_time_limit = 3600
milter_protocol = 2
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:opendkim/opendkim.sock
non_smtpd_milters = $smtpd_milters
# message delivery requests that any client is allowed (50/hr)
smtpd_client_auth_rate_limit = 50
anvil_rate_time_unit = 60m
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301

125
roles/shell/files/etc/postfix/master.cf
View File

@ -1,125 +0,0 @@
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
submission inet n - y - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - y - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/bin/policyd-spf

113
roles/shell/files/etc/skel/.bashrc
View File

@ -1,113 +0,0 @@
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
*i*) ;;
*) return;;
esac
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth
# append to the history file, don't overwrite it
shopt -s histappend
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000
# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize
# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar
# make less more friendly for non-text input files, see lesspipe(1)
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
debian_chroot=$(cat /etc/debian_chroot)
fi
# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
xterm-color|*-256color) color_prompt=yes;;
esac
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
#force_color_prompt=yes
if [ -n "$force_color_prompt" ]; then
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
# We have color support; assume it's compliant with Ecma-48
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
# a case would tend to support setf rather than setaf.)
color_prompt=yes
else
color_prompt=
fi
fi
if [ "$color_prompt" = yes ]; then
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
else
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt
# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
;;
*)
;;
esac
# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
alias ls='ls --color=auto'
#alias dir='dir --color=auto'
#alias vdir='vdir --color=auto'
#alias grep='grep --color=auto'
#alias fgrep='fgrep --color=auto'
#alias egrep='egrep --color=auto'
fi
# colored GCC warnings and errors
#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
# some more ls aliases
#alias ll='ls -l'
#alias la='ls -A'
#alias l='ls -CF'
# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi
# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi

28
roles/shell/files/etc/skel/.profile
View File

@ -1,28 +0,0 @@
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
alias sudo='echo "You do not have sudo privileges. Stop it."'
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

1
roles/shell/files/key.table
View File

@ -1 +0,0 @@
default._domainkey.thunix.net thunix.net:default:/etc/opendkim/keys/thunix.net/default.private

14
roles/shell/files/minecraft.service
View File

@ -1,14 +0,0 @@
[Install]
WantedBy=multi-user.target
[Unit]
Description=Minecraft Game Server
After=network-online.target
[Service]
ExecStart=/var/lib/minecraft/paper/start.sh
ExecReload=/bin/kill -HUP $MAINPID
User=minecraft
[Install]
WantedBy=multi-user.target

30
roles/shell/files/opendkim
View File

@ -1,30 +0,0 @@
# NOTE: This is a legacy configuration file. It is not used by the opendkim
# systemd service. Please use the corresponding configuration parameters in
# /etc/opendkim.conf instead.
#
# Previously, one would edit the default settings here, and then execute
# /lib/opendkim/opendkim.service.generate to generate systemd override files at
# /etc/systemd/system/opendkim.service.d/override.conf and
# /etc/tmpfiles.d/opendkim.conf. While this is still possible, it is now
# recommended to adjust the settings directly in /etc/opendkim.conf.
#
#DAEMON_OPTS=""
# Change to /var/spool/postfix/run/opendkim to use a Unix socket with
# postfix in a chroot:
#RUNDIR=/var/spool/postfix/run/opendkim
RUNDIR=/run/opendkim
#
# Uncomment to specify an alternate socket
# Note that setting this will override any Socket value in opendkim.conf
# default:
SOCKET="local:/var/spool/postfix/opendkim/opendkim.sock"
# listen on all interfaces on port 54321:
#SOCKET=inet:54321
# listen on loopback on port 12345:
#SOCKET=inet:12345@localhost
# listen on 192.0.2.1 on port 12345:
#SOCKET=inet:12345@192.0.2.1
USER=opendkim
GROUP=opendkim
PIDFILE=$RUNDIR/$NAME.pid
EXTRAAFTER=

2
roles/shell/files/signing.table
View File

@ -1,2 +0,0 @@
*@thunix.net default._domainkey.thunix.net
*@*.thunix.net default._domainkey.thunix.net

4
roles/shell/files/trusted.hosts
View File

@ -1,4 +0,0 @@
127.0.0.1
localhost
.thunix.net

62
roles/shell/files/usr/local/bin/backup
View File

@ -1,62 +0,0 @@
#!/bin/bash
# Please see the backup(8) man page for full documentation.
DATE=$(date +%Y%m%d)
BACKUPS=/var/backups
DUMPS=7
# Search for the last full backup.
LASTF=$(find $BACKUPS -name "*full.tgz" | sort | tail -n1)
# Search and count incremental dumps newer than the last full backup.
INCR=$(find $BACKUPS -name "*incremental.tgz" -newer $LASTF | wc -l)
# If there is at least one full backup and less than specified incremental dumps
if [ ! -z $LASTF ] && [ $INCR -le $DUMPS ]
then
TYPE=incremental
else
TYPE=full
rm -f $BACKUPS/*.snapshot
# Remove the first backup set (full and incremental dumps) if there is a second one.
find $BACKUPS -name "*.tgz" ! -newer $LASTF ! -wholename $LASTF -exec rm {} \;
fi
nice tar -cz \
--exclude ".nobackup" \
--exclude "nobackup" \
--exclude="/home/irc/*" \
--exclude='/home/slip/*' \
--exclude='/home/angelok/*' \
--exclude='/home/ubergeek/*' \
--exclude='/home/amcclure/*' \
--exclude='/home/fosslinux/*' \
--exclude='/home/zszoke/*' \
--exclude='/home/duitser/*' \
--exclude='/home/fltk/*' \
--exclude='/home/nirvana/*' \
--exclude='/home/transfusion/*' \
/home/ \
/var/games/minetest-server/.minetest/ \
/var/lib/minecraft/paper/ \
/var/lib/bzflag/ \
/var/lib/znc/configs/ /var/lib/znc/moddata/ \
/var/spool/cron/ \
/var/spool/anacron/ \
/var/lib/botany/sqlite/ \
-g $BACKUPS/$TYPE.snapshot \
-f $BACKUPS/$DATE-$TYPE.tgz
chown root:sudo $BACKUPS/{$DATE*.tgz,$TYPE.snapshot}
chmod 640 $BACKUPS/{*.tgz,$TYPE.snapshot}
if [ $TYPE = full ]
then
cp -p $BACKUPS/full.snapshot $BACKUPS/incremental.snapshot
fi
# Database backup
find $BACKUPS -name "*.sql.gz" -mtime +$DUMPS -exec rm {} \;
mysqldump --all-databases | gzip > $BACKUPS/$DATE-all_databases.sql.gz
chown root:sudo $BACKUPS/$DATE*.sql.gz
chmod 640 $BACKUPS/*.sql.gz

61
roles/shell/files/usr/local/bin/resources-used
View File

@ -1,61 +0,0 @@
#!/bin/bash
# Get the current user running the script
current_user=$(whoami)
echo "Resources used by user: $current_user"
echo "------------------------------------"
# Show CPU and Memory usage for the user
echo "CPU and Memory Usage:"
top -b -n 1 -U $current_user | grep $current_user
# Show memory usage
echo "Memory Usage:"
free -h
# Show user's processes
echo "User Processes:"
ps -u $current_user -o pid,user,%cpu,%mem,vsz,rss,tty,stat,start,time,command
# Show disk usage for the user's home directory
echo "Disk Usage in Home Directory:"
du -sh /home/$current_user
echo "------------------------------------"
# Calculate and show summary of resources
summary_cpu=$(ps -u $current_user -o %cpu | awk '{total+=$1}END{print int(total)}')
summary_memory_kb=$(ps -u $current_user -o rss= | awk '{total+=$1}END{print total}')
summary_disk_kb=$(du -s /home/$current_user | awk '{print $1}')
# Convert memory usage to MBs
memory_in_mb=$(echo "scale=2; $summary_memory_kb / 1024" | bc)
# Convert disk usage to MBs
disk_in_mb=$((summary_disk_kb / 1024))
echo "Summary of Used Resources:"
echo "Total CPU Usage: ${summary_cpu}%"
echo "Total Memory Usage: ${memory_in_mb} MB"
echo "Total Disk Usage: ${disk_in_mb} MB"
# Set thresholds for Disk and Memory usage (1 GB and 1.5 GB in this example)
disk_threshold_mb=1000
memory_threshold_mb=1500
cpu_threshold=1
# Check if Disk usage exceeds the threshold
if ((disk_in_mb > disk_threshold_mb)); then
echo -e "\e[31mWARNING: Disk usage exceeds ${disk_threshold_mb} MB! There is no hard limit. Be considerate of other users.\e[0m"
fi
# Check if Memory usage exceeds the threshold
if ((summary_memory_kb > memory_threshold_mb * 1024)); then
echo -e "\e[31mWARNING: Memory usage exceeds ${memory_threshold_mb} MB! There is no hard limit. Be considerate of other users.\e[0m"
fi
# Check if CPU usage exceeds the threshold
if ((summary_cpu > cpu_threshold)); then
echo -e "\e[31mWARNING: CPU usage exceeds ${cpu_threshold}%! There is no hard limit. Be considerate of other users.\e[0m"
fi

3
roles/shell/files/usr/local/bin/telehack
View File

@ -1,3 +0,0 @@
#!/bin/sh
/usr/bin/telnet telehack.com

41
roles/shell/files/usr/local/bin/znccreate.py
View File

@ -1,41 +0,0 @@
#!/usr/bin/python3.9
# Script created/contributed by ~jmjl
import socket, ssl, json, time, sys
# Takes the first argument as a username and the second as the password.
def loadconf(cfgfile):
with open(cfgfile, 'r') as f:
cfg = json.load(f)
return cfg
def send(msg):
s.send(f"{msg}\n".encode('utf-8'))
cfg = loadconf("/root/.znc-conf/znc-config.json")
readbuffer=""
s = socket.socket()
if cfg['tls'] == 'yes':
ctx = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
s = ctx.wrap_socket(s)
s.connect((cfg['srv'], int(cfg['port'])))
send("NICK bot")
send("USER bot 0 * :A bot to make users")
while True:
readbuffer = readbuffer + s.recv(2048).decode('utf-8')
temp = str.split(readbuffer, "\n")
readbuffer = temp.pop()
for line in temp:
line = str.rstrip(line)
line = str.split(line)
#print(' '.join(line))
if line[1] == '464':
send(f"PASS {cfg['user']}:{cfg['password']}")
if line[0][1:] == 'irc.znc.in' and line[1] == '001':
user = sys.argv[1]
pswd = sys.argv[2]
send(f"PRIVMSG *controlpanel :AddUser {user} {pswd}")
print(f"Maken znc user {user}")
sys.exit(0)

44
roles/shell/files/var/lib/znc/create-znc_account.sh Executable file
View File

@ -0,0 +1,44 @@
#!/bin/bash
# ZNC account creation
CONF="/var/lib/znc/.znc/configs/znc.conf"
PID=$(pgrep -u znc znc)
NEWCONF="/var/lib/znc/znc_account.newconf"
# $username and $password are retrieved from create-account script
if [[ -z $1 || -z $2 ]]
then
echo -e "Usage: $(basename $0) [username] [password]"
exit
fi
# search if $username has been added previously
if grep -iq $1 $CONF
then
echo -e "User: '$1' already exists"
exit
fi
username=$1
password=$2
kill -s USR1 $PID # Rewrite znc.conf
sleep 1
# set username and password
sed s/newuser/$username/g $NEWCONF >> $CONF
expect << EOF | grep -E 'Hash|Salt' | tr -d \\r >> $CONF
spawn znc --makepass
expect "*Enter password: "
send "$password\r"
expect "*Confirm password: "
send "$password\r"
expect eof
EOF
echo " </Pass>" >> $CONF
echo "</User>" >> $CONF
sleep 1
kill -s HUP $PID # Reload znc.conf
sleep 1
kill -s USR1 $PID # Rewrite znc.conf

25
roles/shell/files/var/lib/znc/znc_account.newconf Normal file
View File

@ -0,0 +1,25 @@
<User newuser>
Admin = false
AltNick = newuser|znc
AppendTimestamp = false
AutoClearChanBuffer = true
AutoClearQueryBuffer = true
Buffer = 50
DenyLoadMod = false
DenySetBindHost = false
Ident = newuser
JoinTries = 10
LoadModule = chansaver
MaxJoins = 0
MaxNetworks = 2
MaxQueryBuffers = 50
MultiClients = true
Nick = newuser
PrependTimestamp = true
QuitMsg = bouncer provider thunix.net
RealName = Got Thunix ?
StatusPrefix = *
TimestampFormat = [%H:%M:%S]
<Pass password>
Method = SHA256

7
roles/shell/handlers/bbj.yml
View File

@ -1,7 +0,0 @@
# install bbj
---
- name: install bbj
make:
chdir: /usr/share/bbj
target: install
become: yes

6
roles/shell/handlers/main.yml
View File

@ -1,6 +0,0 @@
---
- include: pb.yml
# - include: vnc.yml
- include: postfix.yml
- include: tildelauncher.yml

7
roles/shell/handlers/pb.yml
View File

@ -1,7 +0,0 @@
# install pb
---
- name: install pb
make:
chdir: /usr/src/pb
target: install
become: yes

4
roles/shell/handlers/postfix.yml
View File

@ -1,4 +0,0 @@
- name: restart Postfix
service:
name: postfix
state: restarted

7
roles/shell/handlers/tildelauncher.yml
View File

@ -1,7 +0,0 @@
# install tilde-launcher
---
- name: install tilde-launcher
make:
chdir: /usr/src/tilde-launcher
target: install
become: yes

7
roles/shell/handlers/vnc.yml
View File

@ -1,7 +0,0 @@
# install vnc
---
- name: install vnc
make:
chdir: /usr/src/pb
target: install
become: yes

11
roles/shell/tasks/apache2-mods.yml
View File

@ -1,17 +1,14 @@
# Enable or disable apache2 mods
---
- name: Enable userdir apache module
- name: userdir
apache2_module:
name: userdir
state: present
- name: Enable ssl apache module
- name: ssl
apache2_module:
name: ssl
state: present
- name: Enable php7.4 apache module
- name: php7.0
apache2_module:
name: php7.4
name: php7.0
state: present

15
roles/shell/tasks/bbj.yml
View File

@ -1,15 +0,0 @@
# install bbj
---
- name: Install bbj client script
copy:
src: ../files/bbj
dest: /usr/local/bin/bbj
owner: root
group: root
mode: 0755
- name: Clone bbj
git:
repo: https://tildegit.org/bbj/bbj
dest: /usr/share/bbj
force: yes

15
roles/shell/tasks/botany.yml
View File

@ -13,18 +13,3 @@
dest: /usr/local/bin/botany
mode: 0755
state: link
- name: Initalizes shared data folder group and mode
file:
path: /var/lib/botany/sqlite
state: directory
owner: root
group: tilde
mode: 0775
- name: Keep weekly visitors tidy
file:
src: /var/lib/botany/clear_weekly_users.py
dest: /etc/cron.weekly/clear_weekly_users.py
mode: 0755
state: link

19
roles/shell/tasks/bzflag.yml
View File

@ -11,8 +11,19 @@
- name: Install bzflag target
copy:
src: ../files/bzflag.service
dest: /etc/systemd/system/bzflag.service
owner: root
group: root
mode: 0644
content: |
[Install]
WantedBy=multi-user.target
[Unit]
Description=BZFlag Game Server
After=network-online.target
[Service]
ExecStart=/usr/games/bzfs -conf /var/lib/bzflag/bzflag.conf
ExecReload=/bin/kill -HUP $MAINPID
User=bzflag
[Install]
WantedBy=multi-user.target

8
roles/shell/tasks/dovecot.yml
View File

@ -31,11 +31,3 @@
owner: root
group: root
mode: 0644
- name: Install LE hook
copy:
src: ../files/etc/letsencrypt/renewal-hooks/deploy/reload-dovecot.pem
dest: /etc/letsencrypt/renewal-hooks/deploy/reload-dovecot.pem
owner: root
group: root
mode: 0755

3
roles/shell/tasks/main.yml
View File

@ -15,6 +15,3 @@
- include: gopher.yml
- include: pb.yml
- include: botany.yml
- include: opendkim.yml
- include: bbj.yml
- include: tildelauncher.yml

19
roles/shell/tasks/minecraft.yml
View File

@ -10,11 +10,22 @@
- name: Install minecraft target
copy:
src: ../files/minecraft.service
dest: /etc/systemd/system/minecraft.service
owner: root
group: root
mode: 0644
content: |
[Install]
WantedBy=multi-user.target
[Unit]
Description=Minecraft Game Server
After=network-online.target
[Service]
ExecStart=/var/lib/minecraft/paper/start.sh
ExecReload=/bin/kill -HUP $MAINPID
User=minecraft
[Install]
WantedBy=multi-user.target
- name: Install start.sh
copy:

65
roles/shell/tasks/opendkim.yml
View File

@ -1,65 +0,0 @@
# Configure opendkim
---
- name: Create opendkim directory
file:
path: /etc/opendkim
state: directory
owner: opendkim
group: root
mode: 0770
- name: Create opendkim keys directory
file:
path: /etc/opendkim/keys
state: directory
owner: opendkim
group: root
mode: 0770
- name: Create opendkim thunix.net keys directory
file:
path: /etc/opendkim/keys/thunix.net
state: directory
owner: opendkim
group: root
mode: 0700
- name: copy signing.table
copy:
src: ../files/opendkim
dest: /etc/default/opendkim
owner: root
group: root
mode: 0644
- name: copy signing.table
copy:
src: ../files/signing.table
dest: /etc/opendkim/signing.table
owner: opendkim
group: root
mode: 0644
- name: copy opendkim.conf
copy:
src: ../files/etc/opendkim.conf
dest: /etc/opendkim.conf
owner: opendkim
group: root
mode: 0644
- name: copy key.table
copy:
src: ../files/key.table
dest: /etc/opendkim/key.table
owner: opendkim
group: root
mode: 0644
- name: copy trusted.hosts
copy:
src: ../files/trusted.hosts
dest: /etc/opendkim/trusted.hosts
owner: opendkim
group: root
mode: 0644

246
roles/shell/tasks/packages.yml
View File

@ -2,7 +2,7 @@
---
- name: Add apt key for weechat
apt_key:
keyserver: hkps://keys.openpgp.org
keyserver: p80.pool.sks-keyservers.net
id: 11E9DE8848F2B65222AA75B8D1820DB22A11534E
state: present
@ -11,14 +11,10 @@
url: https://keybase.io/ihabunek/pgp_keys.asc
state: present
#- name: Add apt key for zandronum
# apt_key:
# url: http://debian.drdteam.org/drdteam.gpg
# state: present
- name: Add apt key for Amazon Corretto
- name: Add apt key for zandronum
apt_key:
url: https://apt.corretto.aws/corretto.key
state: present
url: http://debian.drdteam.org/drdteam.gpg
state: present
- name: Add apt key for mono-project
apt_key:
@ -28,40 +24,34 @@
- name: Add weechat repo
apt_repository:
repo: 'deb https://weechat.org/debian bullseye main'
repo: 'deb https://weechat.org/debian stretch main'
state: present
filename: weechat
update_cache: yes
- name: Add Corretto repo
apt_repository:
repo: 'deb https://apt.corretto.aws stable main'
state: present
update_cache: yes
- name: Add toot repo
apt_repository:
repo: 'deb http://bezdomni.net/packages/ ./'
state: present
update_cache: yes
#- name: Add zandronum repo
# apt_repository:
# repo: 'deb http://debian.drdteam.org/ stable multiverse'
# state: present
# update_cache: yes
- name: Add zandronum repo
apt_repository:
repo: 'deb http://debian.drdteam.org/ stable multiverse'
state: present
update_cache: yes
- name: Add debian contrib
apt_repository:
repo: 'deb http://ftp.de.debian.org/debian bullseye main contrib'
repo: 'deb http://ftp.de.debian.org/debian stretch main contrib'
state: present
update_cache: yes
#- name: Add mono-project repo
# apt_repository:
# repo: 'deb https://download.mono-project.com/repo/debian bullseye main'
# state: present
# update_cache: yes
- name: Add mono-project repo
apt_repository:
repo: 'deb https://download.mono-project.com/repo/debian stable-stretch main'
state: present
update_cache: yes
- name: Install baseline packages
apt:
@ -71,11 +61,7 @@
vars:
packages:
- alpine
# - adwaita-icon-theme
- analog
- autoconf2.13
- bat
- bison
- bsdgames
- build-essential
- byobu
@ -83,189 +69,104 @@
- bzflag-server
- ca-certificates-mono
- caca-utils
- clang
- clisp
- cloc
- cmake
# - cmake-curses-gui
- cmark
- cmatrix
# - context
- cowsay
- devscripts
- dialog
- dopewars
# - dos2unix
# - dosemu
- dovecot-pop3d
- dovecot-core
- dovecot-imapd
- dtach
- dos2unix
- dosemu
- eggdrop
- exa
- elinks
- emacs
# - ffmpeg
- finch
- finger
- fingerd
- fish
# - fd
- fd-find
# - flatpak
# - flatpak-builder
- flex
- fortune
- frotz
- git-email
- gitweb
- golang
- gopher
# - gnome-icon-theme
# - gnome-icon-theme-extras
- htop
- hugo
# - ident2
# - inkscape
- ident2
- imagemagick
- ircii
- irssi
- isync
- java-17-amazon-corretto-jdk
- libxi6
- libxtst6
- libxrender1
- jekyll
- ksh
- jq
- lbzip2
- lftp
- libapache2-mod-php
- libapache2-mod-php7.0
- libarchive-dev
- libc-dev
- libc++-dev
- libconvert-binhex-perl
- libffi-dev
- libfreetype6
- libfreetype6-dev
- libjpeg62-turbo
- libjpeg62-turbo-dev
- libmime-tools-perl
- libncurses-dev
- libopencolorio1v5
- opencolorio-tools
- libopencolorio-dev
# - libsdl1.2-dev
# - libsdl2-dev
- libncurses5-dev
- libsdl1.2-dev
- libsdl2-dev
- libssl-dev
- libtool
- libtool-bin
- linux-headers-amd64
- lolcat
- lua5.3
- lynx
- make
- mercurial
- mc
- mc-data
- micro
# - midori
- minetest-data
# - minetest-mod-advspawning
# - minetest-mod-animalmaterials
# - minetest-mod-animals
- minetest-mod-advspawning
- minetest-mod-animalmaterials
- minetest-mod-animals
- minetest-mod-maidroid
- minetest-mod-mesecons
# - minetest-mod-mobf-core
# - minetest-mod-mobf-trap
- minetest-mod-mobf-core
- minetest-mod-mobf-trap
- minetest-mod-moreblocks
- minetest-mod-moreores
- minetest-mod-nether
- minetest-mod-pipeworks
# - minetest-mod-torches
- minetest-mod-torches
- minetest-server
- mkdocs
- mkdocs-doc
- mkdocs-bootstrap
# - mkdocs-bootswatch
- mono-apache-server
- mono-complete
- mono-dbg
- mono-devel
- mono-xsp4
- moon-buggy
- mosh
- mutt
# - mysql-client
- mysql-client
- mysql-server
- nasm
# - nbsdgames
- nbsdgames
- neofetch
- neomutt
- neovim
#- newsbeuter
- newsboat
- oidentd
- openbsd-inetd
- opendkim
- openssl
- p7zip-full
- pandoc
- pwgen
- pelican
- pelican-doc
- php-imagick
- php-memcache
- php-pear
- php
- php-curl
- php-gd
- php-imap
- php-intl
- php-mysql
- php-ps
- php-pspell
# - php-recode
- php-sqlite3
- php-tidy
- php-xmlrpc
- php-zip
# - php7.3-xsl
# - php7.3-curl
# - php7.3-xml
# - pngtools
- postfix-policyd-spf-python
- poezio
- proot
- profanity
- php7.0
- php7.0-curl
- php7.0-gd
- php7.0-imap
- php7.0-intl
- php7.0-mcrypt
- php7.0-mysql
- php7.0-pspell
- php7.0-recode
- php7.0-sqlite3
- php7.0-tidy
- php7.0-xmlrpc
- php7.0-xsl
- pngtools
- python
- python3-certbot-apache
# - python-pip
# - python-potr
- python3
- python3-django
- python3-flask
- python-certbot-apache
- python-pip
- python-twisted
- python3-pip
- python3-toot
- python3-twisted
- python3-potr
- python3-venv
# - qemu
# - qemu-efi
# - qemu-system
- racket
- ranger
- ripgrep
- ruby-paint
- ruby-trollop
- rustc
- sat-xmpp-primitivus
- scala
- scala-doc
- scala-library
- screen
- sipcalc
- software-properties-common
# - staticsite
- staticsite
- stow
- talk
- talkd
@ -274,35 +175,20 @@
- tcl-dev
- tcl-tls
- tcl8.6
- tcl8.6-dev
- tcllib
- tcltls
- texinfo
- tdom
- telnet
- telegram-cli
- todotxt-cli
- unrar-free
- urlscan
- uuid
- vim
- vrms
- w3m-img
- weechat
- weechat-lua
- weechat-php
- weechat-python
- weechat-ruby
- weechat-scripts
- weechat-tcl
- whois
- wordgrinder-ncurses
# - x11vnc
# - xdm
# - xfce4
# - xfce4-goodies
# - task-xfce-desktop
# - zandronum-server
- xfce4
- xfce4-goodies
- task-xfce-desktop
- zandronum-server
- znc
- znc-dev
- znc-perl
@ -350,27 +236,3 @@
owner: root
group: root
mode: 0755
- name: Install Telehack wrapper
copy:
src: ../files/usr/local/bin/telehack
dest: /usr/local/bin/telehack
owner: root
group: root
mode: 0755
- name: Install resources-used command
copy:
src: ../files/usr/local/bin/resources-used
dest: /usr/local/bin/resources-used
owner: root
group: root
mode: 0755
- name: Install Backup Job
copy:
src: ../files/usr/local/bin/backup
dest: /usr/local/bin/backup
owner: root
group: root
mode: 0774

12
roles/shell/tasks/pb.yml
View File

@ -1,9 +1,13 @@
# install pb
---
- name: Clone pb
- name: clone pb
git:
repo: https://tildegit.org/tomasino/pb
repo: 'https://tildegit.org/tomasino/pb'
dest: /usr/src/pb
force: yes
notify:
- install pb
- name: install pb
make:
chdir: /usr/src/pb
target: install
become: yes

37
roles/shell/tasks/postfix.yml
View File

@ -1,13 +1,5 @@
# Configure postfix
---
- name: Create opendkim socket directory
file:
path: /var/spool/postfix/opendkim
state: directory
owner: opendkim
group: postfix
mode: 0770
- name: Install postix main.cf
copy:
src: ../files/etc/postfix/main.cf
@ -15,32 +7,3 @@
owner: root
group: root
mode: 0644
notify: restart Postfix
# Deploy master.cf
- name: Deploy postfix conf
copy:
src: ../files/etc/postfix/master.cf
dest: /etc/postfix/master.cf
owner: root
group: root
mode: 0644
notify: restart Postfix
# Deploy policyd-spf.conf
- name: Deploy postfix spf
copy:
src: ../files/etc/postfix-policyd-spf-python/policyd-spf.conf
dest: /etc/postfix-policyd-spf-python/policyd-spf.conf
owner: root
group: root
mode: 0644
# Deploy cron for reports
- name: Deploy cron reports
copy:
src: ../files/etc/cron.daily/postfix_stats
dest: /etc/cron.daily/postfix_stats
owner: root
group: root
mode: 0755

42
roles/shell/tasks/tildelauncher.yml
View File

@ -1,42 +0,0 @@
# install tilde-launcher
---
- name: Clone tilde-launcher
git:
repo: https://tildegit.org/thunix/tilde-launcher.git
dest: /usr/src/tilde-launcher
force: yes
notify:
- install tilde-launcher
- name: Create tilde directory
file:
path: /tilde
state: directory
owner: root
group: root
mode: 0755
- name: Create /tilde/pending-submissions directory
file:
path: /tilde/pending-submissions
state: directory
owner: root
group: root
mode: 0777
- name: Create /tilde/descriptions directory
file:
path: /tilde/descriptions
state: directory
owner: root
group: root
mode: 0755
- name: Create /tilde/bin directory
file:
path: /tilde/bin
state: directory
owner: root
group: root
mode: 0755

49
roles/shell/tasks/ufw.yml
View File

@ -6,17 +6,19 @@
proto: tcp
port: '{{ item }}'
with_items:
- '70'
- '79'
- '80'
- '113'
- '143'
- '443'
- '1356'
- '5154'
- '6697'
- '7776'
- '25565'
- 25
- 70
- 79
- 80
- 113
- 143
- 443
- 1326
- 5154
- 6697
- 7776
- 30000
- 25565
- name: Create UFW udp rules
ufw:
@ -24,26 +26,17 @@
proto: udp
port: '{{ item }}'
with_items:
- '60000:61000'
- '1356'
- '5154'
- "60000:61000"
- 1326
- 5154
- 30000
- name: Create tcp limits
- name: Create limits
ufw:
rule: limit
proto: tcp
port: '{{ item }}'
with_items:
- '22'
- '25'
- '587'
- '2222'
- '53'
- name: Create UDP limits
ufw:
rule: limit
proto: udp
port: '{{ item }}'
with_items:
- '53'
- 22
- 587
- 2222

161
roles/shell/tasks/users.yml
View File

@ -1,5 +1,5 @@
---
---
- group:
name: tilde
state: present
@ -7,59 +7,120 @@
- group:
name: sudo
state: present
# Service accounts
- include: users/bzflag.yml
#Service accounts
- include: users/minecraft.yml
- include: users/bzflag.yml
- include: users/znc.yml
# Normal Users
- include: users/deepend.yml
#Normal Users
- include: users/amcclure.yml
- include: users/ben.yml
- include: users/ubergeek.yml
- include: users/naglfar.yml
- include: users/computertech.yml
- include: users/haivets.yml
- include: users/redhat.yml
- include: users/voynich.yml
- include: users/xhafa.yml
- include: users/samsara.yml
- include: users/mcornick.yml
- include: users/fria.yml
- include: users/mspe.yml
- include: users/nbsp.yml
- include: users/user.yml
- include: users/anton.yml
- include: users/fosslinux.yml
- include: users/slip.yml
- include: users/login.yml
- include: users/riftwalkr.yml
#- include: users/parik.yml
- include: users/quetzalcoatl.yml
- include: users/redhat.yml
- include: users/gokce.yml
- include: users/r.yml
- include: users/brendantcc.yml
#- include: users/dragon.yml
- include: users/spanmer.yml
#- include: users/panzer.yml
- include: users/hawaii.yml
- include: users/trip.yml
- include: users/xenialito69.yml
#- include: users/freuddy.yml
- include: users/ringo.yml
- include: users/hexhaxtron.yml
- include: users/smtpsupplicant.yml
- include: users/orliesaurus.yml
- include: users/gooly.yml
- include: users/slackjeff.yml
- include: users/haras.yml
- include: users/d34d.yml
- include: users/olivier.yml
- include: users/jimmy.yml
- include: users/vt.yml
- include: users/mahkno.yml
- include: users/radhesh1.yml
- include: users/laniku.yml
- include: users/sebz.yml
- include: users/lowusage.yml
- include: users/diabla.yml
- include: users/ml.yml
- include: users/usernameak.yml
- include: users/user.yml
#- include: users/angelok.yml
#- include: users/johnc.yml
#- include: users/k4j.yml
#- include: users/ultima.yml
#- include: users/ragnarok.yml
#- include: users/jundi.yml
#- include: users/rado.yml
- include: users/sata.yml
- include: users/wesx.yml
- include: users/arda.yml
#- include: users/larasaty.yml
- include: users/bercik.yml
- include: users/amoghavarsha.yml
- include: users/txtcat.yml
- include: users/memo.yml
- include: users/xev.yml
- include: users/11kb.yml
- include: users/brokenix.yml
- include: users/gagrilli.yml
- include: users/peshto.yml
- include: users/cyberx9901.yml
- include: users/seif.yml
- include: users/tyy.yml
- include: users/gigmx.yml
- include: users/majidhameed.yml
- include: users/h.yml
- include: users/amelia.yml
- include: users/angeliamodem.yml
- include: users/rune.yml
- include: users/alt.yml
- include: users/georgi.yml
- include: users/khuxkm.yml
#- include: users/z00t.yml
- include: users/swann.yml
#- include: users/ukhuwah.yml
#- include: users/mom.yml
#- include: users/andro.yml
#- include: users/hasbullah.yml
- include: users/riska.yml
#- include: users/naruto.yml
#- include: users/pria.yml
#- include: users/abimks.yml
#- include: users/bullah.yml
- include: users/dalist.yml
- include: users/apple.yml
#- include: users/logique.yml
#- include: users/jumbajookiba.yml
#- include: users/letamesis.yml
- include: users/chuck.yml
#- include: users/janda.yml
- include: users/os.yml
- include: users/akoeabi.yml
#- include: users/mks.yml
#- include: users/makmur.yml
#- include: users/makassar.yml
#- include: users/abah.yml
#- include: users/derby.yml
- include: users/usher.yml
#- include: users/responsibleracoon.yml
- include: users/transfusion.yml
- include: users/adam.yml
#- include: users/audiofile.yml
- include: users/vgk.yml
- include: users/cyphyx.yml
#- include: users/krystianbajno.yml
#- include: users/vigilant.yml
- include: users/isaac.yml
- include: users/moskrin.yml
- include: users/southerntofu.yml
- include: users/dariusz.yml
- include: users/aniruddh.yml
- include: users/growl.yml
- include: users/rain.yml
#- include: users/mspe.yml
#- include: users/pidgeotto.yml
- include: users/wie.yml
- include: users/tomjerr.yml
- include: users/yximdoa.yml
- include: users/dovahkin.yml
- include: users/philip.yml
- include: users/sancho.yml
- include: users/thekingofbandit.yml
- include: users/golden.yml
- include: users/marc.yml
- include: users/stenli990801.yml
- include: users/lytedev.yml
- include: users/skirk.yml
- include: users/serafeim.yml
- include: users/dot.yml
- include: users/virus.yml
- include: users/mandelbroth.yml
- include: users/victoralt.yml
- include: users/arch3r.yml
- include: users/linel.yml
- include: users/haivets.yml
- include: users/tux.yml
- include: users/georges.yml
- include: users/techemporium.yml
- include: users/un4ckn0wl3z.yml
- include: users/aewens.yml
- include: users/dex.yml

15
roles/shell/tasks/users/abah.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up abah
user:
name: abah
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/abah
- authorized_key:
user: abah
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAmSso4LOJ+dzYjNutHidoPSFXmVEjzkL/Vk34N6nrrzIOXE5ctND1JrrdhhVnQlzDZf3lO870LPE8Yh8GTj6OsDzN2qCUIwlkHbcaY/cVZjsh44JvqrGDCRGUp8PhUOn43FerJAZ4V6kUpIwjKsM1vLRUEOyRfZGiSYgq7ZNKnnGE5KCDRQ5c/PzZzwdd9zdGrMEV+xeH2ps8zNwaYaIHg78HcPZLHMac/yuqUHM3apxer2iYdUCWV7hlrvTE0XiyJAoX1vZbrOQFai0QGGMavWMpEDBgPjONG/81osbOoiauoIQwL55rmgLldeY9jLgZQr283U336aRSmfHnk4eAsw=="

15
roles/shell/tasks/users/abimks.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up abimks
user:
name: abimks
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/abimks
- authorized_key:
user: abimks
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAtoQruWK9k0LgwruljoEQgF55PVcal9VOliPmz2eM3t7RGRhas6gVWt40ndfpMUzTAQAjZt61cxvMdIgpAymwgHL7y/9lnmEkIEBQKTC3ALiEp/dyaDOdeVeNWZ9J6+heldB8K3ERyhNI5gcDe5GnwLC82XPwlc5NCIj/2sFSMyno9ZzGMv/ZuULL/G0wVBbUTiSFt+VjSDey0ixKHYty5CWjLFWGipcUwCKMO4HwQBJEEd4kiDTO6aO+16f9vk13AtJteHTMBPMWR1Nn/BqMcqmA16U9pxEFiTNr+EM63m9SQRMQn/TyKX7KCSCugtM17ngGVnYp+XMn6HUAfD30Dw=="

19
roles/shell/tasks/users/adam.yml Normal file
View File

@ -0,0 +1,19 @@
---
- name: Setting up adam
user:
name: adam
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/adam
- authorized_key:
user: adam
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxjKdiAqV5tGmzL+OdWJnhz3xBhKnKLDwAcsi7CH/kyvHsJqiog8rfw+A6J1whesJcCfY1PxIssz43jC6vfuwERL3qK/DboCjmPOc4/lCnxic7B/mcDZdhrs9bQ65NP8j9kksMOoSoAozQbg4FQdWL3nvkfF21AfTzum/6IxIAEZWgigyUldQjv+z7mVirjADGhBdvAAdtajkIwgG7jBVWKdCCPcASURlX/td1uym/kM6fIEf2NhYSjgfOkhhVJr4JtNv7rfDBKVmtjzM2A3Idqkh2cvExODmduvgR9lTBV//03eWW+ar033113crwrdwLgxUirZM1g/AWfhXBgCrT adam@DESKTOP-ECBQOHU"
- authorized_key:
user: adam
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvlQpKJKt8P+1p3RHKOBCq6vMaTvapkTOGQybZbka66nx7QRrR/FCebKhw+WSsOnI+yLRdGT2c5XAFqyL1Vpn+Hq9i5n31AqGc5WSlyHO0Hq5IyVV6Neuux5OxdhzI/f/VS/Pj6OSy2ihy/+mNG5CNFGZY7aqwO3QL2kxFW+vUrikBOn4pB3eLWRAm64nOffLkTFS/eN1I86AMuPcfvsTlzaz6SE2oXa0lvCNfi5Ym8r/MUjvhwkaaXR9O+9sKYv0TNx9K1YzJo+5SxUPc05wKxYbcIWC84KsMquy7ZnWTkL8zKLJG2zxlr0zZng5+1OWpjrEzwmirJ7HTOCgiZSj/ adammcclure@Adams-MBP"

15
roles/shell/tasks/users/aewens.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up aewens
user:
name: aewens
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/aewens
- authorized_key:
user: aewens
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD4N3HnFyO1fmiaxoOhQ+WL0eMQyq0o9E9VlTup8+zM4lVvcJ5yWG2cTt68g8znRsN36ZmmQHLbcN+rHXbkzkVKKkA7ev35QqZHPrkWVE07ucgPdr/u93MOiK7fl+gBIGvzmILnNEn5YtpRuWUK8m/jQrmM88y+4KLE5RFgzUElS2TpLPLAAUK/9Bwbal+jGItgDvI3CE/ERy/VW3+YsOQOzG3OJ+IBUDWJ1nQ3GdyKsheRUPOFlwByMQTWpbGhtYJFC9BiEnnmEMadHMCPBgGiPGpGg698GveFk1ViEf3ezyPR3dFbSKYU+rS+hISCjauEG17rrn7dS8WFgIfgPwB"

15
roles/shell/tasks/users/akoeabi.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up akoeabi
user:
name: akoeabi
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/akoeabi
- authorized_key:
user: akoeabi
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAhYVUfHifRQHt5g4jGEc5zn2bLZYQooU8wEBlQlfDGcLgJneS2aEeoLcaNGCZGT5tgVVj/waEVp0bdIJfq1dL62R1NQiNBkVLFXAICmBsk9GpKla6PimNOvSfRHJ2zhBB6F0LyUeStcxRE4BsJP1s+/r6e2ibAtCJHKPtSfSZVDiXWkmkAOadky2EBU88DKFyDR0tl0gnJHJzjS0U0CB/aMUZfjzacT2nCLpEypj0Z5CxIhvIL2kOdqwXJ/BMDXqxyOf/58nnawmMSi25rV6Nad2kqPPlRLq7aq08UZNfGM7+vRAjl8XyEvKp+q9WxB4zQ1CfOtvTfTarPBqXm9NJIw=="

15
roles/shell/tasks/users/alt.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up alt
user:
name: alt
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/alt
- authorized_key:
user: alt
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOyRbb9L2bXzmMu13NewPzVWa7JYmvdCmnYrssc2ZY1k"

26
roles/shell/tasks/users/amcclure.yml Normal file
View File

@ -0,0 +1,26 @@
---
- user:
name: amcclure
groups: tilde, sudo
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/amcclure
- authorized_key:
user: amcclure
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFheJihLfXJ4jg2bRKKAErB76fw8izDxpg4dFibaQage amcclure@Antons-MacBook-Pro.local"
- authorized_key:
user: amcclure
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqNf2mD3RiJY5ZQtRhgg5xRD4a6whdBdh+xiCnfZ7fw amcclure@solaris"
- authorized_key:
user: amcclure
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAb/LEff3etQLEEF6L61KyTkxXfsI6tJwV161oSoPkyb amcclure@gowinnt"
- authorized_key:
user: amcclure
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIMF+N1NxdN2SBb7Yyk+d4ThVoO87bRSYhEqgR2K9gA4 amcclure@lake"

15
roles/shell/tasks/users/amelia.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up amelia
user:
name: amelia
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/amelia
- authorized_key:
user: amelia
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIo5HjxFsw/HLBn3Qxmmg3zqoOcFyr60wmxA4AmomO7N amelia@ctrl-c.club"

15
roles/shell/tasks/users/amoghavarsha.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up amoghavarsha
user:
name: amoghavarsha
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/amoghavarsha
- authorized_key:
user: amoghavarsha
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpv1vK9rzCmvAKMdm/b48AiLxi1gQCmCT3d9LgCp/HeXz5sVjqsoHuZedx50cv6R5yjfPt2IsSM4teGpkxKC2Kp5nFOkAxmTskf76zD93Xi8yaB2GFq5XWICW0TGGg4WLMj18VV4965EuPUrpGShjXEnUBWWKiofLTikskRAoC5RL7GPw7dAY0p79C6yoZdB5lrLcfPmJc5ql9Lf58GLz9+GcxLtI29gwTnz8NsFS71Frtk27srpg3WwHNKU2t5DZ6ZN5ZbHWoB5yj0FD8RaudfgFMu7+kCggj3LoAI0aLMe6PLJq2romGQhRhxbvEw04tesREIfgmlRC3flDHtjZqj2wnFHO3NBBLapc22rHlyBWxZKLszmBfgjUXJ6QuCURnHShFzpAk9LM/a4bsOzj7EVqrRKnp0HzWxQzNWqEkXSLOEy1vrKI4jb9yxPeeh+D96Lk3ZW6jMH+/J4csrivGzirK9usG7XYMEyefmhx6toFgZRB2MtCK5WwlzMsrg6/jA4B7mUdGyVA7rC2M+/UUPtrsqohBhQat8lbErPSijNQ/g/l1ItLkGarYIhun4HG69SZjhUhTfWkgzHb5SguMNguZw1Uwrbxzg/wygM31uoi5JoGLJntDZFIA7M2jbXDBTHE6ESICa2re5i5/NO7DUHFYVcWyejlhnBshQ8YZWw== thunix"

15
roles/shell/tasks/users/andro.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up andro
user:
name: andro
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/andro
- authorized_key:
user: andro
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm+POCv4Y3bhkKZ4/uFiuN/d0VR2CQYhZlq6wV6QoDmaJ5shiRiexCUiOT2NqmQTc99/luc9BgUHwsW1n+wSf04mM+r4Q6yQ19fzQnN7vGdgnDwO2FliyuQcTJSjti2gtK17rctsAZ6o+8FEXq1hswsEO8j769k3BrP+CdTxxSd+JBtOAP4p3I2J9MPG6VafTxN48AIS2Mh71fatqxvq8UPVbHRVGoPHww9nfyOF3OyJrenzi7JytMXvFlFTiMLNs2H6APeqG+M2gu6vnUVDSs1VKYl8oxS1WA4Dafq2ihR/J4p9/2Q3DX2ulGfEITc2bRO8kTafLgJyCD2jyPospqQ=="

15
roles/shell/tasks/users/angeliamodem.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up angeliamodem
user:
name: angeliamodem
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/angeliamodem
- authorized_key:
user: angeliamodem
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoMHAUnFvtwYaumIv9HrZuOG8JgfiK8+TjTcpkANPz3jgfHZ0GF9spyMabUJsMCRDkNrdPAjlco3+erW6vwrWvedk1vs+7AVMPrLNHEktbc+DOTCY43wTNaLXBMiHPx7TTM6Jvqp4z753R/wB6353KCSIj6QTEJ2E32KznwCtp0CgGOuel50rTgKmEfG4vUqOJWONpv/g7eIgwJ8CNlcWBaInkR02w1PEnDRYwuejhiyM6tVeeisT2GD8rTcPo0QJgon5uCiUQHoBrpIkG1i2E6DgtilwysBPXmXusbq+sdrLXzZi5A6AvJXtj9szL8pF2W9kxm+6h0K6BEfmB6kM7 rsa-key-20231108"

15
roles/shell/tasks/users/angelok.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up angelok
user:
name: angelok
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/angelok
- authorized_key:
user: angelok
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm7hcvV4kpjt/pXXbm4Mdzdn3yWMdo/zS0HVJ81O0aqW2bbPzl01eUCjwQsl+x+AgXpGioMj8S/eGXWuzTSj93TbpUL5iEgun2TMOTak9524AEJ8thJiB31NBUe9fg1TdSovH3Cek7H8YI/Cqt5s7i6bIslOa2AiDmy1kaPDnP8HCR0+ri4JAKZsqUiWEMsMdB6fHK6LQ1LfE/w33+wrmegmyCSo0BjUqULnUPgLbvJao1LL4QWD10O64qokIMBsbJ27acBPCHvfIH3/rZ4w8eQCcQk1k19h32p3XukoPnqr/fVBSZPGFboJwU60SEa8qmOxbQnynx8UZ9KhwbHRHaQ=="

15
roles/shell/tasks/users/aniruddh.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up aniruddh
user:
name: aniruddh
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/aniruddh
- authorized_key:
user: aniruddh
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArCgKTNy3fKwmKalNatkMkQN9+W6pe9c7zHkgrxF+OCZaBJavbAuHSgzZiHPaSfETSo9Y9B+YWI18TCjomVohTi2aEJz1w4z7MjTISzv+xOUPc7RrI8nv7E+amwHXkN57ReFKW8dKj5/mYwcUXCOFoTfVIqQvp/MqEctbQN88NnF+RCQE5aLIPUsxoPRrrsN1lnLRm7TYMxeciEEvZ+i82gqZiSuwYXnmp7YxW9G7xp9PpsNiBfe9fMij4Fgct4zcKUKdy9bHzdN35LvyNJoJy0NZPekV71A/T8Km1I+tQ4Nc2apYgw9ZO3cAYoul/gfdWK5ZCdCWYZL8oeR5XFKgqQ== rsa-key-20190403"

19
roles/shell/tasks/users/anton.yml Normal file
View File

@ -0,0 +1,19 @@
---
- name: Setting up anton
user:
name: anton
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/anton
- authorized_key:
user: anton
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsGEzYmXXveq7aGosnJR0I3h9zwPZTOr+ytnOiwPam2KhR9GBzZsAGxtpwXXdvIUtvGFV0tlDWZ851wAYvJsRzwOu7t4OgrtrxkC/qkZ+p9FyjQ4kBX3oSKWJ08J0K59uv3GrNVrVOzyqQ6aGb8TFgCnLN9C9ElWmdmyrZ3evbiraCov9HM8EpxCJN68nPz/ugJvIL6xZe+9+uGRzBrMrtbTPxTFi5SLHg1itPGFVRFJr8ZjOZ4temoZ9IKOi/EYP+FUPk+Xbg+6iaOpS0wlq2eQ+DpMFpsP+kHHiY7X1Ln4pMA4C8ewfqnFi6kI8VJtDFmuZgXlaV/Uq5T54zRzZt amcclure@tilde"
- authorized_key:
user: anton
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhdNCqJ2+kTVRdf9R2g4Uv9TKuQzY4LbtJm5V1dx7uMfNI8HGHOa8gFopAaId8S9SY5WoIP4R0y+avZQzKRAVcqJNiKrKQDb5juLSWgL51CrOgZd6Y/nCUnvgmpAEUBzlxIBSDmiozDF4R6fk+8MqXsT8/HOaQgXX52v4qWBY9XWSOFwCeukywpnENvNm+H3vJhHddIYtcONWJB5m6msrBRo5NR7uo5RVt5GJpUpXfdI2IHLV4YZavLWiT/yBbBvxCODKWkNNXr9jBZ5RHPnqYcABoAKJ6hMaNzuJfAa9AvlV5aRDhRenOiS2/EQhC4rxPMHmnfn4TYng7vQRbVTvnGeLNGtsLqRDWuNQEmLYUZ8Q4JZfoSzZVmSyy2NeLvJRYxQRh7NTZlzoDkY+JBURINPcfVduVT2DD0buFSdhIq7/jreV1QZuSpOa5ABgvhTOf9bCIPaqbJ/zK7m+rqIPUhvrNZGgC7xkUpzdfl67W3xh+RyEIPdJX98dYZ9bZFFYvntW+plHizBBs+s7kGTV7BKm4rJ2oQfTby1M3++tSTZi/6QAkcOEb3VJ5n0rQiM+FMLuHfP2dPXh3AIVKYAiwZjdrJ3174g8JjSTXt3jJm6I1KW89oG2AcBbI/N3bgIVXcU+IRx846+zU7iZ49YtJK61Ml7u9aVQJDABQEMg6OQ== amcclure@triton"

15
roles/shell/tasks/users/apple.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up apple
user:
name: apple
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/apple
- authorized_key:
user: apple
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu19EpP0N/bmxuDfNooDwcEj8pQrbVYuQUrKONmluxeAKLzh+tqr1EzK2FV381a+LiUXtM6H5v7+PJGlp64WOeab3b+58XmijziicyS6K0CSCOGlqcT3vYmZq3K4I5FW0R4erTtp/l40ntTjhWKNxaK+mcxgMZA1jBlKhJGqEM9oMxn45zSqfjh3GumDHn34VCeCOQnz8EPqiO19+bSbQ+m3u4oHaECEBbXX5INpKDGh7i+PNM4ptdNKdLqS7l7xsFifxZvddEB97V0EYLxKwfiAj48k6UE8vad+jDGi0RvjYEIxig3GQBQ4osE2uRZZ0swn7JvVNmkBUU7TuaDoVV"

15
roles/shell/tasks/users/arch3r.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up arch3r
user:
name: arch3r
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/arch3r
- authorized_key:
user: arch3r
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6CWNG2VkA6NW4oEWyjdbTPlaC0VRiTGZ1VibvjWzS3LvoLT0mGLRwuI3ixSCMR4G+mjT9Tul9rZ/sk4zV0lUskTY4eVM2SPuhlgTzaV9TgTutML9DUIGHHwpIcdrsQlpj+2howoT1jOQcp0lN4gFn81qfry/qV2iAKxN50w+fFqHDZ6KNJwBr9pkvFc8uvRp495+HEEVAMz/Xg8zmow8Au6pRTWkQR2J1JseGRdhlfbuNNSwJB160P7TmivNZiQz/HH99jbwToCKEhh5Z1wekyWL0Fw5oCJucaN/r4+ov0A9hVJaCteRJEKZa2X2Rjy1NnypKAjhsYgihUA8FEPu9"

15
roles/shell/tasks/users/arda.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up arda
user:
name: arda
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/arda
- authorized_key:
user: arda
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAu7sYvX22y+sJbHICkVmIIaFltPFBiKMF6XeRI5FmSISafSdFtdrzLH7cvAHmvqatknnRN3/EKqO5LM1FiyBDFsjXdw8OfdllGFE6tD/EWYti+TCPRmYGUp0dSjPlukV1wC2WKhSAS/r/2SoXKSvQ3Tr4bqJU5C3uAk9PXMnpqVrL+uGaHcyHqBjDB+yl9UZLV6hd9oZJeyB280ICmZ7u/8cynuC86mishfjQY+fefyp0rpHnOHwcOqRlsU5YNT7lUKYGZUdhaXYEXdo7cA5VqLD1ENCFwvypXGf3Q+2xe8R1fAL5eCoFr9jRRdFkCxg0VwcRc4oimcDZRJeWNTbA+Q== rsa-key-20190126"

15
roles/shell/tasks/users/audiofile.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up audiofile
user:
name: audiofile
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/audiofile
- authorized_key:
user: audiofile
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZtC1bRB+qGqitcIS3PUSZrawKDx+klIHqvrekW68vOMrbPy+1p8fkdPW3oW8+qAc2jeSyGMUNMaN5eCIdJ43WjnmHCSfWFP9IeX/RF/P183ijmB7FfvkfoRAxvkNzIQuVTz4crjKoUSSxQqngsaKg4HE9WWZWYkW/c9/nRzsdWQGkFsnpRDx8k89Cd+1/nza0KvKfgXJ7wCFGbcEKzUlumJXr8UFDS9RwXmZGwr6Nav0Uc+xYdPoX/QOzn6MYiENO4tYvm5UF4v5TNDUtlWB0fvvvswbvvYq5HyXsKU3OMm5+IdaJjnYV3tDgTwmcKmLl8KP4YxxmwDRZotob1jfyeETntmSCKx4yho3ilT7mLxJLhBZ+wnjR3xXF7GaDxPJCiWi8VliOBjJ/yvY/t02MpoZimlLVf54iiDV3OpkxNdjr+zF4JBbxisBTLL/WA0dxW2dLol/lYYoyJyFL/VWKkor7qB68CxMT3ZpFFk2t/1JLLrVK6AbJDgZkjBS1j0TGeTx0/4Sy0PDkzA96ejHMH+S6SWjXakFbNQaLEs+746BbMKdijwIE+Z7SvhWcrjYkGtGZQFl+iosVmx6FRXH6MsXxOSLY9zBzp1xKXP5XLH3ADPYyuzz5o4zab6maX94MQcNmT5b6056WDmp19zO6f+XYMHUl/taKUI5vnzmJgw== david@untitled"

17
roles/shell/tasks/users/ben.yml Normal file
View File

@ -0,0 +1,17 @@
---
- name: Setting up ben
user:
name: ben
groups: tilde
state: present
skeleton: /etc/skel
shell: /usr/bin/fish
system: no
createhome: yes
home: /home/ben
- authorized_key:
user: ben
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0Sf4AJXVn1CKWLPTXoV+bi3LNTGrGDPjWNGnJsIC11frQxDH1D4MM72WBTTERjT2ZpV48sZaPrmeQj960n7RxQAwoE0sDBMO4aKs3TXtaAY+RJarVSRPP3beo6ELONYRvdymnNPOxInWAzsPPjunZ0ufQDUt6Iyy+hTb7FsNgq4A736CxMb4oGSP/AT2Yfb0jUX0vtCxvgQC2T0oYrj8OInv8Qu0/0I0YQErZlkUO92b47B39hMxAIeTX2+0M0g8M5nJAc05gK6eoq27amysXsSm8aM/5ikY1Z4mabfAFtXzxsdFNzQ2TYCqbEnXUr5tTLyjfGYkSd97pbJtaaDBC+NAfX5m8QmrgG/5Ad9dlQH6g5JLng7yeRJYfzTlVW2gvmMnrAplHjCEIwCO0LA4zotzs6XkVrxQDmj2VGDdyFu4Z8fv9Ruf0lCE8PG03TnX7yJiE9RtT6KX3m+12xr71rdfVONRuZVkQlPlGKllGLQ7ZM5QJ2aVPDI1s2ZHFF9bm8lzg8u49KEmAJZpZPm+wc1b43inuiN/ftcl7oe1ZIxilUmJXaG74xbhfLSZa+S93WryhZ9cjoSy9p3q0QmZZh2ePSNyc6R3xJQnPjDozpJ0D3CRVeGJomGHS2E8wrHtWs5L2q0A3CjlVaducD1M2MgnQNEDmiKVob1utOKwrLw== openpgp:0x2206A906"

2
roles/shell/tasks/users/bercik.yml
View File

@ -12,4 +12,4 @@
- authorized_key:
user: bercik
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrcdk2gzXkA6/PeK4saksdTLAmLGOcUhfBgTL7aBodlQBnZrRw7aIO9M0Ea4LNxEWoJtC9il6/QT4TOqWMY/Y/NVfZWYM8jmYuksm93NO8bCgF86ebdUGNNB7WxczHcjh5gMa3prEVvuxrM0+cwMSYAzkCpl3QrklyDHFNpt86slWE88oTIxkcUmNAd22TZolKmKQtSJDBzqNfpXYzqqBRV2s6cF/wj4FqH1mwafkCPObfbuF0JwfQT2LPhSl9Nt361AndbrokXgiuxWppWUqlROBtRs00EEoQ10osFP+u6NJtnjUcCEN+VltUW4Kg9sgf6E9wUvP7GvLBjC9xd2bz bercik@hercules"
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+7sSazxu92Sdig7YZbtlw2w6rNKmp7madX+MnDDrn38zXKRCfUbJohmDSqyHqLlQ/zlUDqaABrbQX0bAwVdr8Bvsg5HHjOUsYfrH+iwgfe5k/jUmNSTUlwJ0flfLUCILK4Gi8yM81c22lTCD8pEQ5NmnScwK9dBRebtYn577LXgP8YpkeZJSMZt2r+pcHZ7FkRX0QJBFO/ggQqSN1/QpTIRTxRCoKO4E4t1lPJ9B4a6on9X1oekBZBYq1Xe/mSuoVLHVIv0pAtNzLNmPwy7a9f2wXUzK+7YujrnYFfzlxzQmN1EkLnWHCY1tJdkHn69+5W8wfShc7DeA93KbdkdmV bercik@pollux"

15
roles/shell/tasks/users/blades.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up blades
user:
name: blades
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/blades
- authorized_key:
user: blades
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs0xX4pTE5IkergDLdJb0G03Xw4QVXhgjMy9ePa7KD2d1zMlbGEUv7R8uAMMBE59VEk8ZUM9vSH0Y9pUX8y/Ay8G6ktC7KMSO2G8l+IAoVINzWSV/ng2/m/Z8GJvgUPeE31hQVfdNoMWcM9rdK/uerh+V42p/vE8vSZ1KQy4zqUU20b5gCWd9rfq0JVR8bHNSELGYNCpvIwyMTKoFCty0psCE20HIjXcABIgvruUv/HPKOuBQ8XMir6Qophx30LNAmzKpF4ZvAf1kqcgYhgBPdq8YtrX8LoZqSvgxZM/fzkLeG8UO8BJ1T8k8BPTYqKieeXXoObIHjvZCfRUwggdJz"

20
roles/shell/tasks/users/brendantcc.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Setting up brendantcc
user:
name: brendantcc
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/brendantcc
- authorized_key:
user: brendantcc
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwZ5nnwTjkAE4F2Fg6NiL6SI5BsPXipiVhmqyPFMqTAGJ6SJ7wbROCpRHC0yBVYTRRNwMy3mvPXApXF3Xp8XyDPxeqe+MRbyBPlvYHXaY46PlfqpuVSxqexNbmjsu1Evdh6GNPKTd0nj2To4rqO+yO/B9JuotQtF+hqtz87lKiX1MEYtZzFJlPWj1N5j/pfrUtZfTQ/FwA4A+KEIN+v2RsIB2HH+mDTbDyJ1xz9/155iaYkBisixVnyZ3CoQJYdzDQkU0v7nJ0ZUlrs25LvnIHEZ0AF3z2lvGipqC1meDqvgjK21JNMRw56szVAHlT/ByKeXRzAbcSuBjKLJiD9sDh"
- authorized_key:
user: brendantcc
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBXAKn0gfQNja+YUlXrwCMVI8WP5KigPDrOzbK5rRNobkjVQ5ix4edporfC4kw32mHcDavx0epFZjTf6Wz2NCchcSrT0e6F6Mo26u0Ji5On793McMWyXEu0d4qn2PZBDLqartFY39WB5fUzF7yA752gyf9dHE03p4BNWBdQvWtGQhNL9VS8jZ9+ejbxNwsvl89of7oLOMFs9L45FV2huWDKelJEmKqRNYiS8AK7eOKApgVtCiSrMtptqf4oKSWE5niP7UDQTcFOBt8/EgzPNaOj7FFulJl1K0zkp6wxFMgeD9Xfk5nw3xDXqfkyjKA4jVqzScG3F46XZUx6dZEGWAX"

15
roles/shell/tasks/users/brokenix.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up brokenix
user:
name: brokenix
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/brokenix
- authorized_key:
user: brokenix
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+qGZt59RqOa08FpfiBygMJLfbR8wWYQ7OcPYJMTAmY jasitis@gmail.com"

15
roles/shell/tasks/users/bullah.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up bullah
user:
name: bullah
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/bullah
- authorized_key:
user: bullah
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAlEL0FrvZjeep28ScoVk+PLfk1LpAtOjF7vB0lrI+YDme6jykHS32JOPWcEgd9eMxv9FbkrCUxcYCdrYc1ZDac64ayVaQ50nBS0d1humkOmQXJBqicL6WB7GPkcapnrhENArB9b4KZ6sOLVQserFHDBUdWJBoYLy54gYeIaMtnvFOhcCvaqW9Crp+lzP0o5vdQBoV86jBcUdU3K7jR1H24i7XOTjb/tHkpM2uwjduW9MdQ+o2KSieepbUmMSkURK40sOcitlc1BcfADIeWevL5tv6f10HXkigWqqM0S2aZcAbEzmJ5Trj7C02rZ+qLTSdsGn0/MF8rNDNTN2QeVD4lQ=="

15
roles/shell/tasks/users/campari.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up campari
user:
name: campari
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/campari
- authorized_key:
user: campari
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+8OtQsAFaxMrpuyt489w3Tn2U/hj2UBk1PcocLRxRXXhX9KRmwXHa2mjZlJP5zjQh12sm9HWDpMYda/aTmrvm0Y21Jx3a2B8ddbdTYc2RVXvEzQ77Va8VxQNyR/ijvTeRqKK0xMRwzBe9X5BR1yIRSKoHjfsiwj1dvYmy8/oHvQI0nK05SyIBzNelLBXcrSkBKqWEGI/Vx9/ortFh/D2k2Qmq+ti+eT58Th76KoISDmYgWRSHM6MjHHBQONNfUQfvX5CWTy2wnm6k5iDVP0Z5AMQdfk6McJxfMZIKH0N/jF31GSw5b/Wo4riguujPd1y3qS29I4Iy3qeado2a4pqV campari@Alpha"

15
roles/shell/tasks/users/chuck.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up chuck
user:
name: chuck
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/chuck
- authorized_key:
user: chuck
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwRk9WKR2Wk+JCPMT1GC90IGfgZqRlDXNaCHb3/+vdUMlc8HY/JhU/EXMz4enxHugMv6ZRmRfzVSvQ7Mx923VpHY2zqLuZI7fzc1+voffAY4Fq7/eIcZEhVReSWZ6DGmGhGQYmq/hiONoUDdld9UEzQhKhbJP03tj4KvFIgoXtSa6gx7AEvNz5jQc73RQcySeOwE3Sca3F3QPLVVkooFfk6U3vpz1PEluyrxvS6Yyy6LUwJ9UWzHXGslG/Ww4oQc6VeIVK8BtsDmkMOW+jGU3js9b+Y7ek/o964Pc19fb6FtilbBBoOB7d9wsp5/sf2ZnW/ZoxlSQwvn2MjlirypnIARJGOocG9Tmh5yT8p7AHZqN2ZJiGiN+/yM9jYsU5e34GFyKPglvcEw5BM8TSqOrhADA58oqUHYvbfg7OgHnETG5jpFwOnSq+KdU9ErhNZ7s89Xd8XOO4FJJSjduVkrxG1d0EIQ7CPX2AMoFrcuGUif2ImJSlV86lse2KUMzvjwC/vh5gpfmLu1opVID4XB4PCR8jPW0QGzjY0fMnU/pHPpssguOhfJbKLddDWJKFTl5iu5Uu0mm+Nd2dHNZgFoKfr/bZzgQmNBHDeoCgwc69sttZBuFiJ02IBGlyb5cFJ8am4FgllKV3ZA61yQAdq1jon8z1vAoz3S54mQ+l+iX8pw=="

15
roles/shell/tasks/users/computertech.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up computertech
user:
name: computertech
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/computertech
- authorized_key:
user: computertech
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFFqinkb5gqHT2qsNFX/Xr6hixF21hwisv3miMvPuNYU hp@LAPTOP-T7K831P0"

15
roles/shell/tasks/users/cyberx9901.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up cyberx9901
user:
name: cyberx9901
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/cyberx9901
- authorized_key:
user: cyberx9901
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3x2eIKXWIxzElC1yNt8tOWEcJ/C/WZSa/sVXP2OigBa/wyQDH7omxRFayL6YInWcBcLcjcIDcOXA8t5B0mvxeACcFA8nxD5hotaewK3LGu/HHZ8BRstjHf98Hlmk9FhnN0pUuJvrS6Z3D7Q0tMgt1jI4bggeqj8wREUP4H3z0sdE5LTFczz9U9xFP93f8cfJhoVg7jeh+gwyKyJ0c0tmpNt2MDi1JzwBV6bm2NJnkL65OOiq7nHCyS5ppL2FxTI/q8JGcKO7e3X7Y/vs6CotWb+/RwOBdprpF4lC0Iep8PbMTXTOrchOM+HAhw27QKEt18SNc+YNeRjqJL0qekxzl"

20
roles/shell/tasks/users/cyphyx.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Setting up cyphyx
user:
name: cyphyx
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/cyphyx
- authorized_key:
user: cyphyx
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDKqC9q9QPqGqOuOb9DimlrA/RxzzLPfnMwZyngQBRPROsCrDlgAD42y8UWvlpTPxEZOI+PVSOkts3IFyeH2b3r6PZd8rSyl/5PiEBX1fcyiza9XJDw6nsicKIG8RzfQ6wlxL3692qNVgtKAUT+W+Mv2u62AV/CUh4UERN/XuFpUlGGkGFPWBsNwv7Z70oC459bZJ7ZZSmfJkBLnyW/I/poEbEIkpevx/qjFu+1z+UuAAyY1OO/RodVhVIs5x7MSONKTn/3gwXsdH7E8ZoRfN9ur50mySmWMKMbssmnG1xoOVRKlAaK3DttG7vLxBBtrdoSzQVS01Bd+qi9P7vhzo2cSCZovcfA+E4zDdwb0ZCy9kLpzpbOIqu+4QyALFzEvBkbyQsMdBqutzM5muk/p5QCZU7Tfy6/R4kGhT3GrQ+3gEZX/OKtaFbj8a2plccBcizdmO3ArlViw78Rw2YgGuIslXOu0/BLHR/kLcP8QkzbBqoobVU2dqxriZUcZ4VFWS36YrN0NB3mOd6rpEp28a7vZRlmj0I3hZnMdl6knHZfre0ZrbyCL2t05aABh348Ny7cQOmsjlAkNqyeB5JIevfz5Bq/kRrGQH4xcEtvhjo6j/ifdu2AQfLG30MtrxZb8FkEQEOQxwkruipySm18cG9H4ssNSwPFH2SmOPizOdpLMQ=="
- authorized_key:
user: cyphyx
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgBKBkccRNu3wf5cbkvdrVJ79Sr043VBJJ0S/vZa+KG8fkjf0tQmZRzdq54djGLXASIvEiu7con0XBidtRu/s3GblFpIoTDEiEqzc7/oJFEGwk/G4sdIDz+8/9jwMIsYeO3TbKyRyWDTCNgp3h11xwJ+LMMKGL7tVQpAM08lhS/mHZtWct8Xwey2qb/prkUBPwMA5CSCSlj0UI3RAFC5j7UdiC/HOk5O7w5zFWt2CMz1SVbN4oxqmqmX1HxirkmiYLgykoi15vz0CLhUMN/xnqT5Ph45nk0uiqjgWqPk+zwA+8FEQUewfeqbvqT2dyjOIZ4gDBaY1oKgwx7U8ud2Icnj+nZlJf92w3Vnud0CiSWt6CCvh5nyDn1465hXK4NIIPav8XrNd03DAsQmi4BvDSVpN4ieRqo/HCE/iujyHx2cm3vJLavlYXSwQin3p5FIKzxS1D+yu6chD1eveNUg+i7+/TIxtnmv7nCbwEhw3JSRHHwSpFCpSGsZ0gb7/uCSVVFz5nmNlheIbYADGxezZDiPstJj1ITgnb5nq+hXCN9lAEjqrJW2gTjN+Gl/lYPGLUxtjKkxpWwhCdn7NORR95xlCzQzu0wWn9gIKr56LGmSf4+T8PoapqodEfevXAArKrXzO5sKJ/V2Wkz4vnVyx4ReaXQ7gWfYEoCXFpkZHkAQmw=="

15
roles/shell/tasks/users/d34d.yml
View File

@ -1,15 +0,0 @@
---
- name: Setting up d34d
user:
name: d34d
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/d34d
- authorized_key:
user: d34d
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0SoDOSIkZSeflrDqb+QXOf7zs58SRYsPFkpUG61W6j2AlxqtbTuif4msprLP3SWsDnroTkeuOr2GMaBPhC4YybyQiddCZJUVo11Y8FDgqNscZRl3hd38XnULRVEDGZ40M/mkp2v/f+rIwxEENYT37e+YDAO2Y19oL97lKxUhFph1t1IHHWqG0LXwBzByXoBt/pDtIB8FdNvBAbhHuUVORjBKuH/g12TcjCYZhpmL8iJSMbTRFjCWXIyflHA1Q59DHt9ZbOzZlgUzXcVB+YfC0iZ7h8Ju1EN2tCgqmMnsB9MxKbaUR25u6dxxz66Edtu9zhxJWfl2axNw4dDltPQaVncTtqwvqGNLI15nsDKM0gpGDeyqEB8pO8FSEPv+xdpFH928vl32PljiinK09afwspiKlMAjigG0o1MTR2nnoR7Oxtlcv8+srPaklLgO2krNeRtapsZJBvrd8DmJ6WMmB/4tbm281vKwI91hiaxmSJAHiAnDvq+F1XrBtQz3PIcU= u0_a172@localhost"

16
roles/shell/tasks/users/dalist.yml Normal file
View File

@ -0,0 +1,16 @@
---
- name: Setting up dalist
user:
name: dalist
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/dalist
- authorized_key:
user: dalist
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAo5E9L12w8kqRhm8jM44xVMEUNuEPt0GLc482G5g3GjWvur9kCsg48Ju53mSXtMyDT/Z+iRwrCyK6EXcIlzG0CrlV0uLXc/7RBA55PI6RPCFF2eBRlplscOiDaKykqB7tPPiPA6LoH1+W57sDGF1S48gF3AHKfRZ8N0n9vQsCW8uDFWq25m3KWFO8JZrAW4MOHMdzxq7JMpzOCC+iBYbbVL6XT+4nBPjN7PCxgj3JgQmBQGW8Xf1994aqPGaMP9DdbDGnDkHRs5SXcLh9tkq1kG3FzJ5680S77p1cZkck96UyoUkp2crgnnGfqp3Zn1m6u9pG81wQrZCfBjlWfW2Uzw==
"

15
roles/shell/tasks/users/dariusz.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up dariusz
user:
name: dariusz
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/dariusz
- authorized_key:
user: dariusz
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6vXOyzz4nwf5NwC80iwlL48ekmvcSxxa+lHVb20AGg"

16
roles/shell/tasks/users/deepend.yml
View File

@ -1,16 +0,0 @@
---
- name: Setting up deepend
user:
name: deepend
groups: tilde,sudo
state: present
skeleton: /etc/skel
shell: /usr/bin/fish
system: no
createhome: yes
home: /home/deepend
- authorized_key:
user: deepend
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEnnu2r9ZxedvrcDKvVAouXWNNj5+tdT9tYFMK/60u9"

15
roles/shell/tasks/users/derby.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Setting up derby
user:
name: derby
groups: tilde
state: present
skeleton: /etc/skel
shell: /bin/bash
system: no
createhome: yes
home: /home/derby
- authorized_key:
user: derby
state: present
key: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqLuq7VyUoP+ChhweSSObppG3VBANMvPYTKR1cLkMshMY/MBI6Kx6iuJpkpOg1ZWlUxKwyizB4yIvdB53UYj+cETApKHXGU0F3xA80RvkDcKEvTjKZ4lBJo9GU5eKKivrxHpxWiNBGDbLrw+2msA0QeKKF0Mj/ggHRcSUtin4Z1dzq6xe2bN4n4a8cZyD6Bi6wKvEb/hQTKHjjZTgvG7OXERxmlP0xiY8HTP9Bj1d9my4R+XvSXxuj8rVSwpTmc6CZ3Lt/H2/ULV5lIAfgCzfGC6by3UbJrQkcsjaH86cjJv7YhLFSNnlLFPiha1yIEzmtcQhnJMpJDbUBEBWc14njQ=="

Some files were not shown because too many files have changed in this diff Show More