Remove Share Drives (#28)

* Add another requirement for Debian to download key.

* Add setup script instead of using scm.hyperling.com.

* Fix setup permissions.

* Starting effort to remove share drives from script. Downsizing homelab.

* Remove files which are no longer useful without mounts.

* Allow initializing on alternate branches.

* Fix Lynis and NMap log locations.

* Remove deleted files from main.

* Fix nmap filename.

* Remove _name from report variables.

facts/general/service.yml

@@ -7,7 +7,6 @@
     cups_pattern: cupsd
     cups_browse: cups-browsed
     cups_browse_pattern: cups-browsed
-    sshfs_leet_cmd: "sshfs {{ leet_ssh }}: /mnt/leet -o allow_other,_netdev"
     sshd: sshd
     sshd_pattern: sshd
     sshd_config: /etc/ssh/sshd_config
@@ -25,14 +24,3 @@
     crond: cronie
     crond_pattern: cronie
   when: ansible_distribution == "Archlinux"
-
-
-- name: General | Facts | Service | Non-FreeBSD
-  set_fact:
-    load_fusefs: "echo ''"
-  when: ansible_system != "FreeBSD"
-
-- name: General | Facts | Service | FreeBSD
-  set_fact:
-    load_fusefs: "kldload fusefs"
-  when: ansible_system == "FreeBSD"

facts/general/system.yml

@@ -3,8 +3,6 @@
 
 - name: General | Facts | System | Global
   set_fact:
-    leet_ssh: '{{ user }}@leet'
-    leet_drive: /mnt/leet
     lynis_install_dir: /usr/local/src/lynis
     dwm_install_dir: /usr/local/src/dwm
     st_install_dir: /usr/local/src/st
@@ -39,53 +37,10 @@
   when: ansible_system == "FreeBSD"
 
 
-- name: General | Facts | System | 1337 Drive Mounted?
-  stat:
-    path: "{{ leet_drive }}/Temp/ansible"
-  register: leet_drive_details
-
-
-- name: General | Facts | System | Report Location = 1337
-  set_fact:
-    report_location: "{{ leet_drive }}/Temp/ansible"
-  when: leet_drive_details.stat.exists
-
-- name: General | Facts | System | Report Location = /root
-  set_fact:
-    report_location: "/root"
-    report_scp_location: "Temp/ansible"
-  when: not leet_drive_details.stat.exists
-
 - name: General | Facts | System | Report File Names
   set_fact:
-    heartbeat_report_name: "{{ ansible_hostname }}.txt"
+    lynis_report: "{{ lynis_install_dir }}/run.txt"
-    ansible_pull_report_name: "{{ ansible_hostname }}_last_pull_times.txt"
+    nmap_report: "{{ lynis_install_dir }}/nmap.txt"
-    lynis_report_name: "{{ ansible_hostname }}_lynis.txt"
-    nmap_report_name: "{{ ansible_hostname }}_nmap.txt"
-
-- name: General | Facts | System | Report Locations (SSHFS)
-  set_fact:
-    heartbeat_report: "{{ report_location }}/{{ heartbeat_report_name }}"
-    ansible_pull_report: "{{ report_location }}/pull/{{ ansible_pull_report_name }}"
-    lynis_report: "{{ report_location }}/lynis/{{ lynis_report_name }}"
-    nmap_report: "{{ report_location }}/nmap/{{ nmap_report_name }}"
-  when: leet_drive_details.stat.exists
-
-- name: General | Facts | System | Report Locations (Local)
-  set_fact:
-    heartbeat_report: "{{ report_location }}/{{ heartbeat_report_name }}"
-    ansible_pull_report: "{{ report_location }}/{{ ansible_pull_report_name }}"
-    lynis_report: "{{ report_location }}/{{ lynis_report_name }}"
-    nmap_report: "{{ report_location }}/{{ nmap_report_name }}"
-  when: not leet_drive_details.stat.exists
-
-- name: General | Facts | System | Report Destinations (SCP)
-  set_fact:
-    heartbeat_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/{{ heartbeat_report_name }}"
-    ansible_pull_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/pull/{{ ansible_pull_report_name }}"
-    lynis_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/lynis/{{ lynis_report_name }}"
-    nmap_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/nmap/{{ nmap_report_name }}"
-  when: not leet_drive_details.stat.exists
 
 
 - name: General | Facts | System | Ansible Branch

local.yml

@@ -16,8 +16,6 @@
     - include: facts/general/service.yml
     - include: facts/general/user.yml
 
-    - include: tasks/general/start.yml
-
     - include: tasks/general/software/packages.yml
     - include: tasks/general/software/services.yml
       ignore_errors: yes
@@ -30,14 +28,11 @@
     - include: tasks/general/acct_mgmt/groups.yml
     - include: tasks/general/acct_mgmt/users.yml
     - include: tasks/general/acct_mgmt/sudo.yml
-    - include: tasks/general/acct_mgmt/keys.yml
-    - include: tasks/general/acct_mgmt/mounts.yml
 
     - include: tasks/general/scripts/root.yml
     - include: tasks/general/scripts/user.yml
 
     - include: tasks/general/cron/ansible.yml
-    - include: tasks/general/cron/root.yml
     
     # TODO Need to refactor. Maybe tasks/general/cron/freebsd.yml
     - include: tasks/workstation/freebsd/cron/ansible.yml
@@ -73,9 +68,6 @@
       - include: tasks/workstation/linux/software/flatpaks.yml
         when: ansible_system == "Linux" and flatpak_distro
 
-      - include: tasks/workstation/linux/software/debs.yml
-        when: ansible_pkg_mgr == "apt"
-
       - include: tasks/workstation/linux/software/brave.yml
         when: ansible_pkg_mgr in ("apt", "dnf")
 
@@ -85,9 +77,6 @@
       - include: tasks/workstation/mac-os/software/brew.yml
         when: ansible_system == "Darwin"
 
-      - include: tasks/workstation/mac-os/software/dmg.yml
-        when: ansible_system == "Darwin"
-
       # Configuration Tasks #
       - include: tasks/workstation/shared/settings/gnome.yml
 
@@ -192,5 +181,3 @@
 
     - include: tasks/general/tests/nmap.yml
     - include: tasks/general/tests/lynis.yml
-
-    - include: tasks/general/finish.yml

setup.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+# Script to initialize a system into Ansible collection.
+
+branch="main"
+if [[ $1 != "" ]]; then
+  branch="$1"
+fi
+
+os="$(cat /etc/os-release)"
+os="$os $(uname -a)"
+
+echo "Making sure all necessary packages are installed..."
+if [[ `which ansible > /dev/null; echo $?` != 0 ]]; then
+  if [[ $os == *Debian* || $os == *Ubuntu* || $os == *"Pop!_OS"* || $os == *Mint* || $os == *Parrot* ]]; then
+    sudo apt update
+    sudo apt install -y ansible git <<< N
+    sudo mkdir -p /etc/ansible
+    sudo sh -c 'echo "localhost ansible_connection=local" > /etc/ansible/hosts'
+  elif [[ $os == *FreeBSD* ]]; then
+    sudo pkg install -y py38-ansible git
+    sudo mkdir -p /usr/local/etc/ansible
+    sudo sh -c 'echo "localhost ansible_connection=local" > /usr/local/etc/ansible/hosts'
+  elif [[ $os == *Arch* || $os == *Manjaro* || $os == *Artix* ]]; then
+    sudo pacman -Sy --noconfirm ansible git
+    sudo mkdir -p /etc/ansible
+    sudo sh -c 'echo "localhost ansible_connection=local" > /etc/ansible/hosts'
+  elif [[ $os == *Darwin* ]]; then
+    bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+    echo "TESTING - EXIT!"
+    exit 0
+    brew install ansible git
+  elif [[ $os == *Fedora* ]]; then
+    sudo dnf install -y ansible git python3-libselinux
+    sudo mkdir -p /etc/ansible
+    sudo sh -c 'echo "localhost ansible_connection=local" > /etc/ansible/hosts'
+  else
+    echo -e "ERROR: OS not detected."
+    echo -e "$os"
+    exit 1
+  fi
+fi
+echo "Installed!"
+
+#echo "Adding Ansible Collections..."
+#ansible-galaxy collection install community.general
+#echo "Added!"
+
+echo "Running ansible-pull..."
+sudo ansible-pull -U https://github.com/Hyperling/ansible.git --checkout $branch
+echo "Pulled!"
+
+echo "Mounting all drives..."
+mount -a
+echo "Mounted!"
+
+echo "Don't forget to set any new users' passwords!"
+
+echo "We're done!"
+
+exit 0

tasks/general/acct_mgmt/keys.yml

@@ -1,16 +0,0 @@
----
-# SSH keys for day-to-day system usage.
-
-# Debian's ansible is too old to use this.
-#- name: Create Root's SSH Key
-#  openssh_keypair:
-#    path: /root/.ssh/id_rsa
-
-- name: General | Account Management | Keys | Root | Create SSH
-  shell: ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa <<< n
-  args:
-    executable: "{{ bash_exec.stdout }}"
-  ignore_errors: yes
-
-- name: General | Account Management | Keys | Root | Copy SSH to 1337
-  shell: ssh-copy-id -i /root/.ssh/id_rsa {{ leet_ssh }}

tasks/general/acct_mgmt/mounts.yml

@@ -1,69 +0,0 @@
----
-# Mount shares that all systems should have.
-
-# Test if this machine can use SSHFS
-- name: General | Account Management | Mounts | Create Test Folder
-  file: 
-    path: "/mnt/test"
-    state: directory
-    mode: '0755'
-
-- name: General | Account Management | Mounts | Enable SSHFS (FreeBSD)
-  shell: "{{ load_fusefs }}"
-  ignore_errors: yes 
-  when: ansible_system == "FreeBSD"
-
-- name: General | Account Management | Mounts | Test SSHFS
-  shell: "sshfs {{ leet_ssh }}: /mnt/test -o allow_other"
-  register: sshfs_test
-  ignore_errors: yes 
-  
-
-# Begin setting up 1337
-- name: General | Account Management | Mounts | Create 1337 Folder
-  file: 
-    path: "{{ leet_drive }}"
-    state: directory
-    mode: '0755'
-
-  
-# Linux uses fstab
-- name: General | Account Management | Mounts | Create 1337 fstab Entry
-  blockinfile:
-    path: /etc/fstab
-    block: |
-      {{ leet_ssh }}: /mnt/leet fuse.sshfs defaults,_netdev,allow_other 0 0
-    marker: '# {mark} MANAGED BY ANSIBLE | 1337 Share'
-    state: present
-    backup: yes
-  when: ansible_system == "Linux" and 
-        (not sshfs_test.failed or leet_drive_details.stat.exists)
-
-- name: General | Account Management | Mounts | Mount All (Linux)
-  shell: mount -a
-  args:
-    warn: false
-  when: ansible_system == "Linux" and 
-        (not sshfs_test.failed or leet_drive_details.stat.exists)
-
-
-# FreeBSD has to do this via root cron job, fstab is unhappy
-- name: General | Account Management | Mounts | Unmount 1337 (FreeBSD)
-  shell: umount -f /mnt/leet
-  args:
-    warn: false
-  when: ansible_system == "FreeBSD" and 
-        (not sshfs_test.failed or leet_drive_details.stat.exists)
-  ignore_errors: yes
-
-- name: General | Account Management | Mounts | Remount 1337 (FreeBSD)
-  shell: "{{ sshfs_leet_cmd }}"
-  when: ansible_system == "FreeBSD" and 
-        (not sshfs_test.failed or leet_drive_details.stat.exists)
-
-
-# Ensure correct cron jobs and other downstream dependencies are done properly.
-- name: General | Account Management | Mounts | Refresh Variable leet_drive_details
-  stat:
-    path: "{{ leet_drive }}/Temp/ansible"
-  register: leet_drive_details

tasks/general/cron/ansible.yml

@@ -18,41 +18,3 @@
     job: "{{ user_root.home }}/bin/scm.sh"
     state: present
     disabled: no
-
-- name: General | Cron | Ansible | Create Heartbeat Job
-  cron:
-    user: ansible
-    name: "Create Heartbeat Report"
-    minute: "*/15"
-    job: "neofetch --stdout | sudo tee {{ heartbeat_report }}; sudo chmod 777 {{ heartbeat_report }}"
-    state: present
-    disabled: no
-
-- name: General | Cron | Ansible | Enable Secure Copy Reports
-  cron: 
-    user: ansible
-    name: "{{ item.name }}"
-    minute: "05,20,35,50"
-    job: "ls {{ item.src }} 2>/dev/null 1>&2 && sudo scp {{ item.src }} {{ item.dest }} && sudo sh -c 'rm -rfv {{ item.src }}'"
-    state: present
-    disabled: no
-  loop:
-    - { name: 'Ansible Pull Report', src: '{{ ansible_pull_report }}', dest: '{{ ansible_pull_report_scp }}' }
-    - { name: 'Heartbeat Report', src: '{{ heartbeat_report }}', dest: '{{ heartbeat_report_scp }}' }
-    - { name: 'Lynis Report', src: '{{ lynis_report }}', dest: '{{ lynis_report_scp }}' }
-    - { name: 'NMap Report', src: '{{ nmap_report }}', dest: '{{ nmap_report_scp }}' }
-  when: not leet_drive_details.stat.exists
-
-- name: General | Cron | Ansible | Disable Secure Copy Reports
-  cron: 
-    user: ansible
-    name: "{{ item.name }}"
-    job: "As a wise man once said, I'm disabled."
-    state: absent
-    #disabled: yes
-  loop:
-    - { name: 'Ansible Pull Report' }
-    - { name: 'Heartbeat Report' }
-    - { name: 'Lynis Report' }
-    - { name: 'NMap Report' }
-  when: leet_drive_details.stat.exists

tasks/general/cron/root.yml

@@ -1,31 +0,0 @@
----
-# Jobs relating to the root user.
-
-- name: General | Cron | Root | Enable SSHFS Job (FreeBSD)
-  cron:
-    user: root
-    name: "1337 SSHFS"
-    special_time: reboot
-    job: "{{ load_fusefs }} && {{ sshfs_leet_cmd }}"
-    state: present
-    disabled: no
-  when: ansible_system == "FreeBSD"
-
-- name: General | Cron | Root | Enable Secure Copy Reports
-  cron: 
-    user: root
-    name: "Copy Reports"
-    minute: "05,20,35,50"
-    job: "scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} {{ leet_ssh }}:{{ report_scp_location }}"
-    state: absent
-    disabled: no
-  when: not leet_drive_details.stat.exists
-
-- name: General | Cron | Root | Disable Secure Copy Reports
-  cron: 
-    user: root
-    name: "Copy Reports"
-    job: "As a wise man once said, I'm disabled."
-    state: absent
-    disabled: yes
-  when: leet_drive_details.stat.exists

tasks/general/finish.yml

@@ -1,11 +0,0 @@
----
-# Tasks related to finishing ansible-pull
-# EG: End timer, start conflicting jobs, etc
-
-- name: General | Finish | Ansible Pull Report | Finish File
-  shell: "echo 'FINISH' >> {{ ansible_pull_report }}"
-  when: leet_drive_details.stat.exists
-  
-- name: General | Finish | Ansible Pull Report | Add Date Entry
-  shell: "date >> {{ ansible_pull_report }}"
-  when: leet_drive_details.stat.exists

tasks/general/scripts/root.yml

@@ -20,24 +20,6 @@
     mode: '0755'
 
 
-- name: General | Scripts | Root | push.sh
-  blockinfile:
-    path: "{{ user_root.home }}/bin/push.sh"
-    block: |
-      # 20210215 - Make life even easier!
-      ssh {{ user }}@leet "cd Code/Ansible/ansible-pull; git push"
-    marker: '{mark}'
-    marker_begin: "#!{{ bash_exec.stdout }}"
-    marker_end: "exit 0"
-    state: present
-    create: yes
-
-- name: General | Scripts | Root | push.sh Permissions
-  file: 
-    path: "{{ user_root.home }}/bin/push.sh"
-    mode: '0755'
-
-
 - name: General | Scripts | Root | scm-dev.sh
   blockinfile:
     path: "{{ user_root.home }}/bin/scm-dev.sh"
@@ -68,28 +50,3 @@
   file: 
     path: "{{ user_root.home }}/bin/scm-dev.sh"
     mode: '0755'
-
-
-- name: General | Scripts | Root | scm-local.sh
-  blockinfile:
-    path: "{{ user_root.home }}/bin/scm-local.sh"
-    block: |
-      # 20220312 - Make life easier for development! Especially when Github can't be reached.
-      
-      ## Variables ##
-
-
-      ## Main ##
-
-      time ansible-playbook /mnt/leet/Code/Ansible/ansible-pull/local.yml
-
-    marker: '{mark}'
-    marker_begin: "#!{{ bash_exec.stdout }}"
-    marker_end: "exit 0"
-    state: present
-    create: yes
-
-- name: General | Scripts | Root | scm-local.sh Permissions
-  file: 
-    path: "{{ user_root.home }}/bin/scm-local.sh"
-    mode: '0755'

tasks/general/scripts/user.yml

@@ -20,24 +20,6 @@
     mode: '0755'
 
 
-- name: General | Scripts | User | push.sh
-  blockinfile:
-    path: "{{ user_user.home }}/bin/push.sh"
-    block: |
-      # 20210215 - Make life even easier!
-      ssh {{ user }}@leet "cd Code/Ansible/ansible-pull; git push"
-    marker: '{mark}'
-    marker_begin: "#!{{ bash_exec.stdout }}"
-    marker_end: "exit 0"
-    state: present
-    create: yes
-
-- name: General | Scripts | User | push.sh Permissions
-  file: 
-    path: "{{ user_user.home }}/bin/push.sh"
-    mode: '0755'
-
-
 - name: General | Scripts | User | scm-dev.sh
   blockinfile:
     path: "{{ user_user.home }}/bin/scm-dev.sh"
@@ -68,28 +50,3 @@
   file: 
     path: "{{ user_user.home }}/bin/scm-dev.sh"
     mode: '0755'
-
-
-- name: General | Scripts | User | scm-local.sh
-  blockinfile:
-    path: "{{ user_user.home }}/bin/scm-local.sh"
-    block: |
-      # 20220312 - Make life easier for development! Especially when Github can't be reached.
-      
-      ## Variables ##
-
-
-      ## Main ##
-
-      time sudo ansible-playbook /mnt/leet/Code/Ansible/ansible-pull/local.yml
-
-    marker: '{mark}'
-    marker_begin: "#!{{ bash_exec.stdout }}"
-    marker_end: "exit 0"
-    state: present
-    create: yes
-
-- name: General | Scripts | User | scm-local.sh Permissions
-  file: 
-    path: "{{ user_user.home }}/bin/scm-local.sh"
-    mode: '0755'

tasks/general/software/services.yml

@@ -11,27 +11,6 @@
     enabled: yes
 
 
-## SSHFS ##
-
-- name: General | Software | Services | SSHFS | Enable FuseFS (FreeBSD rc.conf)
-  lineinfile:
-    path: "{{ rc_conf }}"
-    regexp: 'fusefs_enable='
-    line: 'fusefs_enable="YES" # MANAGED BY ANSIBLE'
-    state: present
-    create: yes
-    backup: yes
-  when: ansible_system == "FreeBSD"
-
-- name: General | Software | Services | SSHFS | Enable SSHFS (FreeBSD service)
-  service:
-    name: fusefs
-    pattern: fusefs
-    state: started
-    enabled: yes
-  when: ansible_system == "FreeBSD"
-
-
 ## CUPS ##
 
 - name: General | Software | Services | CUPS | Disable

tasks/general/start.yml

@@ -1,21 +0,0 @@
----
-# Tasks related to starting ansible-pull
-# EG: Start timer, kill conflicting jobs, etc
-
-- name: General | Start | Ansible Pull Report | Start File
-  shell: "echo 'START' > {{ ansible_pull_report }}"
-  when: leet_drive_details.stat.exists
-
-- name: General | Start | Ansible Pull Report | Add Provision Variables
-  shell: "echo '{{ provision_variables }}' >> {{ ansible_pull_report }}"
-  when: leet_drive_details.stat.exists
-
-- name: General | Start | Ansible Pull Report | Make Viewable (SSHFS)
-  file:
-    path: "{{ ansible_pull_report }}"
-    mode: '0777'
-  when: leet_drive_details.stat.exists
-
-- name: General | Start | Ansible Pull Report | Add Date Entry
-  shell: "date >> {{ ansible_pull_report }}"
-  when: leet_drive_details.stat.exists

tasks/server/software/grafana.yml

@@ -10,6 +10,7 @@
       - apt-transport-https
       - software-properties-common
       - wget
+      - gnupg
     state: present
 
 ## Install ##

tasks/workstation/linux/software/debs.yml

@@ -1,10 +0,0 @@
----
-# Install .deb packages on Debian and Ubuntu machines.
-
-- name: Workstattion | Linux | Software | Apt Distro | .deb Files
-  apt: 
-    deb: '{{ leet_drive }}/InstallFiles/Programs/{{ item }}.deb'
-    state: present
-  loop:
-    - atomicwallet
-  ignore_errors: yes

tasks/workstation/mac-os/software/dmg.yml

@@ -1,7 +0,0 @@
----
-# Download and install DMG files that are not yet in Homebrew.
-
-# macFUSE, sshfs, balena-etcher
-
-- name: Workstation | Mac OS | Software | DMGs | TBD
-  shell: echo TBD

tasks/workstation/shared/settings/nfs.yml

@@ -1,11 +1,6 @@
 ---
 # Mount network shares.
 
-- name: Workstation | Settings | NFS | Facts
-  set_fact:
-    media_folder: /mnt/media
-    mount_number: 0
-
 - name: Workstation | Settings | NFS | Facts (Linux)
   set_fact:
     mount_options: defaults,_netdev
@@ -42,21 +37,3 @@
     create: yes
     backup: yes
   when: ansible_system == "FreeBSD"
-
-
-- name: Workstation | Settings | NFS | Create Folders
-  file: 
-    path: "{{ item }}"
-    state: directory
-    mode: '0777'
-  loop:
-    - "{{ media_folder }}"
-
-
-- name: Workstation | Settings | NFS | Create Mount Instructions
-  blockinfile:
-    path: /etc/fstab
-    marker: "# {mark} MANAGED BY ANSIBLE | Media"
-    block: |
-      htpc:/mnt/hdd_unsafe/media {{ media_folder }} nfs {{ mount_options }} {{ mount_number }} {{ mount_number }}
-    backup: yes