From 86e1881090388bd88750e7b5c3c352f8ad39e9aa Mon Sep 17 00:00:00 2001
From: Hyperling <me@hyperling.com>
Date: Wed, 3 Feb 2021 21:17:48 -0600
Subject: [PATCH] General FreeBSD and account improvements.

---
 facts/general/gather.yml           |  8 ++++++--
 facts/general/package.yml          | 17 +++++------------
 facts/general/service.yml          | 16 ++++------------
 facts/general/system.yml           |  3 ---
 local.yml                          |  1 +
 tasks/general/acct_mgmt/mounts.yml | 11 ++++++++++-
 tasks/general/acct_mgmt/users.yml  |  8 ++++++++
 tasks/general/cron/ansible.yml     |  5 +++--
 tasks/general/cron/root.yml        | 12 ++++++++++++
 tasks/general/tests/lynis.yml      |  1 +
 tasks/general/tests/nmap.yml       |  3 +++
 11 files changed, 53 insertions(+), 32 deletions(-)
 create mode 100644 tasks/general/cron/root.yml
 create mode 100644 tasks/general/tests/nmap.yml

diff --git a/facts/general/gather.yml b/facts/general/gather.yml
index 99c872b..1c2a074 100644
--- a/facts/general/gather.yml
+++ b/facts/general/gather.yml
@@ -1,6 +1,10 @@
 ---
 # Facts that must be gathered after running tasks.
 
-- name: Facts | General | Gather | Locate BASH
+- name: Facts | General | Gather | Locate bash
   shell: which bash
-  register: bash_exec
\ No newline at end of file
+  register: bash_exec
+
+- name: Facts | General | Gather | Locate ansible-pull
+  shell: which ansible-pull
+  register: ansible_pull_exec
diff --git a/facts/general/package.yml b/facts/general/package.yml
index e2dc262..34775eb 100644
--- a/facts/general/package.yml
+++ b/facts/general/package.yml
@@ -1,23 +1,16 @@
 ---
-# Define program names per OS for package builtin.
+# Define program names for package builtin.
 # This file is for ALL systems and should not include UI components.
 
-- name: Facts | Workstation | Package | Pop OS
+- name: Facts | Workstation | Package | apt
   set_fact:
     sshfs: sshfs
     locate: locate
-  when: ansible_distribution == "Pop!_OS"
-
-
-- name: Facts | Workstation | Package | Debian and Ubuntu
-  set_fact:
-    sshfs: sshfs
-    locate: locate
-  when: ansible_distribution in ("Debian","Ubuntu")
-
+  when: ansible_pkg_mgr == "apt"
+  
 
 - name: Facts | Workstation | Package | FreeBSD
   set_fact:
     sshfs: fusefs-sshfs
-    locate: htop # This is just a placeholder to prevent errors
+    locate: htop # Placeholder to prevent errors. locate builtin FreeBSD.
   when: ansible_system == "FreeBSD"
\ No newline at end of file
diff --git a/facts/general/service.yml b/facts/general/service.yml
index 34cbb27..6db4786 100644
--- a/facts/general/service.yml
+++ b/facts/general/service.yml
@@ -1,22 +1,13 @@
 ---
-# Define program names per OS for service builtin.
+# Define program names for service builtin.
 
-- name: Facts | Workstation | Service | Pop OS
+- name: Facts | Workstation | Service | Linux
   set_fact:
     cups: cups
     cups_pattern: cupsd
     cups_browse: cups-browsed
     cups_browse_pattern: cups-browsed
-  when: ansible_distribution == "Pop!_OS"
-
-
-- name: Facts | Workstation | Service | Debian and Ubuntu
-  set_fact:
-    cups: cups
-    cups_pattern: cupsd
-    cups_browse: cups-browsed
-    cups_browse_pattern: cups-browsed
-  when: ansible_distribution in ("Debian","Ubuntu")
+  when: ansible_system == "Linux"
 
 
 - name: Facts | Workstation | Service | FreeBSD
@@ -25,4 +16,5 @@
     cups_pattern: cupsd
     cups_browse: cups-browsed
     cups_browse_pattern: cups-browsed
+    sshfs_leet_cmd: "sshfs ling@leet: /mnt/leet -o defaults.allow_othher,_netdev"
   when: ansible_system == "FreeBSD"
\ No newline at end of file
diff --git a/facts/general/system.yml b/facts/general/system.yml
index 5e0b945..968121e 100644
--- a/facts/general/system.yml
+++ b/facts/general/system.yml
@@ -6,7 +6,6 @@
     lynis_install_dir: /usr/local/lynis
     lynis_report: /home/ling/lynis.log
     sudoers_install_dir: /etc/sudoers.d/ansible
-    ansible_pull_exec: /usr/bin/ansible-pull
   when: ansible_distribution == "Pop!_OS"
 
 
@@ -15,7 +14,6 @@
     lynis_install_dir: /usr/local/lynis
     lynis_report: /root/lynis.log
     sudoers_install_dir: /etc/sudoers.d/ansible
-    ansible_pull_exec: /usr/bin/ansible-pull
   when: ansible_distribution in ("Debian","Ubuntu")
 
 
@@ -24,5 +22,4 @@
     lynis_install_dir: /usr/local/lynis
     lynis_report: /root/lynis.log
     sudoers_install_dir: /usr/local/etc/sudoers.d/ansible
-    ansible_pull_exec: /usr/local/bin/ansible-pull
   when: ansible_system == "FreeBSD"
\ No newline at end of file
diff --git a/local.yml b/local.yml
index 7f33bcb..1228458 100644
--- a/local.yml
+++ b/local.yml
@@ -27,6 +27,7 @@
     - include: tasks/general/acct_mgmt/mounts.yml
 
     - include: tasks/general/cron/ansible.yml
+    - include: tasks/general/cron/root.yml
 
 
 # Additional setup for systems with GUI.
diff --git a/tasks/general/acct_mgmt/mounts.yml b/tasks/general/acct_mgmt/mounts.yml
index 186829f..b67f259 100644
--- a/tasks/general/acct_mgmt/mounts.yml
+++ b/tasks/general/acct_mgmt/mounts.yml
@@ -32,4 +32,13 @@
     warn: false
   when: ansible_system == "Linux"
 
-# Add @reboot cron job for FreeBSD, fstab does not like fuse or sshfs as mount type
+# FreeBSD also has root cron job for this @reboot
+- name: General | Cron | Root | Create SSHFS Job
+  cron:
+    user: root
+    name: "1337 SSHFS"
+    special_time: reboot
+    job: "{{ sshfs_leet_cmd }}"
+    state: present
+    disabled: no
+  when: ansible_system == "FreeBSD"
\ No newline at end of file
diff --git a/tasks/general/acct_mgmt/users.yml b/tasks/general/acct_mgmt/users.yml
index 6a6b8a0..f0e7287 100644
--- a/tasks/general/acct_mgmt/users.yml
+++ b/tasks/general/acct_mgmt/users.yml
@@ -21,3 +21,11 @@
     create_home: yes
     generate_ssh_key: yes
     #password: "{{ ling_passwd }}"
+  register: user_ling
+
+- name: General | Account Management | User | Hyperling TRASH Folder
+  file: 
+    path: "{{ user_ling.home }}/TRASH"
+    state: directory
+    mode: '0755'
+  when: user_ling.home != ""
\ No newline at end of file
diff --git a/tasks/general/cron/ansible.yml b/tasks/general/cron/ansible.yml
index 2d51f98..a98905f 100644
--- a/tasks/general/cron/ansible.yml
+++ b/tasks/general/cron/ansible.yml
@@ -1,10 +1,11 @@
 ---
+# Jobs relating to the ansible user.
 
-- name: General | Cron | Ansible | Create Main Job
+- name: General | Cron | Ansible | Create Subscriber Job
   cron:
     user: ansible
     name: "Ansible Sync"
     minute: "*/15"
-    job: "{{ ansible_pull_exec }} -o -U https://github.com/Hyperling/ansible.git"
+    job: "sudo {{ ansible_pull_exec }} -o -U https://github.com/Hyperling/ansible.git"
     state: present
     disabled: no
diff --git a/tasks/general/cron/root.yml b/tasks/general/cron/root.yml
new file mode 100644
index 0000000..4807a7e
--- /dev/null
+++ b/tasks/general/cron/root.yml
@@ -0,0 +1,12 @@
+---
+# Jobs relating to the root user.
+
+- name: General | Cron | Root | Create SSHFS Job
+  cron:
+    user: root
+    name: "1337 SSHFS"
+    special_time: reboot
+    job: "{{ sshfs_leet_cmd }}"
+    state: present
+    disabled: no
+  when: ansible_system == "FreeBSD"
\ No newline at end of file
diff --git a/tasks/general/tests/lynis.yml b/tasks/general/tests/lynis.yml
index 19724dd..c9e5beb 100644
--- a/tasks/general/tests/lynis.yml
+++ b/tasks/general/tests/lynis.yml
@@ -1,4 +1,5 @@
 ---
+# Lynis hardness check.
 
 - name: General | Tests | Lynis | Install
   git: 
diff --git a/tasks/general/tests/nmap.yml b/tasks/general/tests/nmap.yml
new file mode 100644
index 0000000..ab8e6e1
--- /dev/null
+++ b/tasks/general/tests/nmap.yml
@@ -0,0 +1,3 @@
+---
+# Nmap port test
+