Remove unused roles and variables

This commit is contained in:
Alexander Dietrich 2022-04-14 13:14:45 +02:00
parent a2baf0f1a7
commit 7e739c8c70
15 changed files with 0 additions and 274 deletions

View file

@ -1,6 +1,5 @@
ansible_python_interpreter: /usr/bin/python3 ansible_python_interpreter: /usr/bin/python3
basics_autoupdate_mail: backend@hamburg.freifunk.net basics_autoupdate_mail: backend@hamburg.freifunk.net
basics_autoupdate_reboot_time: "04:00"
nginx_error_log: "/dev/null error" nginx_error_log: "/dev/null error"

View file

@ -1,3 +0,0 @@
nginx_ciphers: "ECDH+aRSA+CHACHA20:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384"
nginx_resolver: "[2a03:2267:2::10] [2a03:2267:2::20] [2a03:2267:2::30]"
openssl_ciphersuites: "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384"

View file

@ -3,9 +3,6 @@ basics_autoupdate_origins:
- o=Prosody,n=${distro_codename} - o=Prosody,n=${distro_codename}
- o=TorProject,n=${distro_codename} - o=TorProject,n=${distro_codename}
hopglass_frontend_tls_crt: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/fullchain.pem
hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem

View file

@ -1,3 +0,0 @@
---
hopglass_frontend_path: /opt/hopglass-frontend
nodejs_version: node_8.x

View file

@ -1,3 +0,0 @@
---
dependencies:
- role: nginx

View file

@ -1,42 +0,0 @@
---
- name: clone hopglass
git:
repo: "https://github.com/hopglass/hopglass"
dest: "{{ hopglass_frontend_path }}"
accept_hostkey: yes
update: no
- name: create build directory
file:
path: "{{ hopglass_frontend_path }}/build"
state: directory
- name: template config.json
template:
src: hopglass-config.j2
dest: "{{ hopglass_frontend_path }}/build/config.json"
- name: template nginx site
template:
src: nginx-site.j2
dest: /etc/nginx/sites-available/hopglass
notify: reload nginx
- name: enable site
file:
src: ../sites-available/hopglass
dest: /etc/nginx/sites-enabled/hopglass
state: link
notify: reload nginx
- name: template make-hopglass-frontend
template:
src: make-hopglass-frontend.j2
dest: /usr/local/bin/make-hopglass-frontend
mode: 0755
register: make
- name: show usage information
debug:
msg: ">>> Because Node.js is terrible, please run make-hopglass-frontend manually. <<<"
when: make.changed

View file

@ -1,33 +0,0 @@
---
- name: check for npm
find:
paths: [/bin, /usr/bin, /usr/local/bin]
patterns: npm
file_type: any
register: npm
- name: install APT HTTPS transport
apt:
name: apt-transport-https
cache_valid_time: 86400
when: npm.matched == 0
- name: add NodeSource signing key
apt_key:
url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
id: 9FD3B784BC1C6FC31A8A0A1C1655A0AB68576280
when: npm.matched == 0
- name: add NodeSource repository
apt_repository:
repo: "deb https://deb.nodesource.com/{{ nodejs_version }} {{ ansible_lsb.codename }} main"
filename: nodesource
when: npm.matched == 0
- name: install Node.js
apt:
name:
- build-essential
- nodejs
cache_valid_time: 86400
when: npm.matched == 0

View file

@ -1,5 +0,0 @@
---
- include: install-nodejs.yml
tags: nodejs
- include: install-hopglass.yml
tags: hopglass-frontend

View file

@ -1,63 +0,0 @@
{
"dataPath": "https://hopglass-backend.hamburg.freifunk.net/",
"siteName": "Freifunk Hamburg",
"mapSigmaScale": 1.1,
"showContact": false,
"maxAge": 2,
"mapLayers": [
{
"name": "OpenStreetMap",
"url": "https://{s}.tile.openstreetmap.de/tiles/osmde/{z}/{x}/{y}.png",
"config": {
"maxZoom": 18,
"attribution": "&copy; <a href=\"https://www.openstreetmap.org/copyright\">OpenStreetMap</a>"
}
},
{
"name": "Satellitenbild",
"url": "https://server.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer/tile/{z}/{y}/{x}",
"config": {
"attribution": "Tiles &copy; Esri &mdash; Source: Esri, i-cubed, USDA, USGS, AEX, GeoEye, Getmapping, Aerogrid, IGN, IGP, UPR-EGP, and the GIS User Community"
}
},
{
"name": "Stamen (TonerLite)",
"url": "https://stamen-tiles-{s}.a.ssl.fastly.net/toner-lite/{z}/{x}/{y}.png",
"config": {
"maxZoom": 20,
"attribution": "Map tiles by <a href=\"https://stamen.com\">Stamen Design</a>, <a href=\"https://creativecommons.org/licenses/by/3.0\">CC BY 3.0</a> &mdash; Map data &copy; <a href=\"https://www.openstreetmap.org/copyright\">OpenStreetMap</a>"
}
}
],
"nodeInfos": [
{
"name": "Clientstatistik",
"href": "https://statistik.hamburg.freifunk.net/dashboard/db/freifunk-knoteninfo-knoten-id?var-region=ffhh&var-knoten={NODE_ID}",
"thumbnail": "https://statistik.hamburg.freifunk.net/render/dashboard-solo/db/freifunk-knoteninfo-knoten-id?panelId=1&var-region=ffhh&var-knoten={NODE_ID}&theme=light&width=530&height=332&from=now-3d",
"caption": "Verbundene Clients in den letzten 3 Tage an Knoten {NODE_ID}"
}
],
"globalInfos": [
{
"name": "Clientstatistik (gesamt)",
"href": "https://statistik.hamburg.freifunk.net/dashboard/db/freifunk-ubersicht?var-region=ffhh",
"thumbnail": "https://statistik.hamburg.freifunk.net/render/dashboard-solo/db/freifunk-ubersicht?panelId=1&var-region=ffhh&theme=light&width=530&height=332&from=now-3d",
"caption": "Verbundene Clients in den letzten 3 Tagen"
}
],
"linkInfos": [],
"siteNames": [
{ "site": "ffhh", "name": "Hamburg" },
{ "site": "ffhh-nowe", "name": "Hamburg-NordWest" },
{ "site": "ffhh-ost", "name": "Hamburg-Ost" },
{ "site": "ffhh-sued", "name": "Hamburg-Sued" },
{ "site": "ffhh-west", "name": "Hamburg-West" }
],
"domainNames": [
{ "domain": "ffhh_nowe", "name": "Hamburg-NordWest" },
{ "domain": "ffhh_ost", "name": "Hamburg-Ost" },
{ "domain": "ffhh_sued", "name": "Hamburg-Sued" },
{ "domain": "ffhh_west", "name": "Hamburg-West" }
],
"hwImg": []
}

View file

@ -1,8 +0,0 @@
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
cd {{ hopglass_frontend_path }}
npm install
npm install grunt-cli
node_modules/.bin/grunt

View file

@ -1,40 +0,0 @@
{% if hopglass_frontend_tls_crt is defined %}
server {
server_name map.hamburg.freifunk.net hopglass.hamburg.freifunk.net;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate {{ hopglass_frontend_tls_crt }};
ssl_certificate_key {{ hopglass_frontend_tls_key }};
include snippets/header-hsts.conf;
include snippets/no-unsafe-files.conf;
add_header Referrer-Policy same-origin;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
proxy_hide_header Referrer-Policy;
proxy_hide_header X-Content-Type-Options;
proxy_hide_header X-XSS-Protection;
root {{ hopglass_frontend_path }}/build;
}
{% endif %}
server {
server_name map.hamburg.freifunk.net hopglass.hamburg.freifunk.net;
listen 80;
listen [::]:80;
{% if hopglass_frontend_tls_crt is defined %}
location / {
return 302 https://$host$request_uri;
}
{% else %}
include snippets/header-security.conf;
include snippets/no-unsafe-files.conf;
root {{ hopglass_frontend_path }}/build;
{% endif %}
include snippets/location-acme.conf;
}

View file

@ -1,5 +0,0 @@
---
- name: restart ntpd
service:
name: ntp
state: restarted

View file

@ -1,21 +0,0 @@
---
- name: install ntpd
apt:
name: ntp
state: present
tags: ntp
- name: template ntp.conf
template:
src: ntp.conf.j2
dest: /etc/ntp.conf
backup: yes
notify: restart ntpd
tags: ntp
- name: start and enable ntpd
service:
name: ntp
state: started
enabled: yes
tags: ntp

View file

@ -1,36 +0,0 @@
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntpstats/ntp.log
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
server 127.127.1.0
fudge 127.127.1.0 stratum 10
server ptbtime1.ptb.de
server ptbtime2.ptb.de
server ptbtime3.ptb.de
# Restrict all incoming connection
restrict -4 default ignore
restrict -6 default ignore
restrict 192.53.103.108 nomodify notrap nopeer noquery
restrict 192.53.103.104 nomodify notrap nopeer noquery
restrict 192.53.103.103 nomodify notrap nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict -6 ::1
# Disable the monlist request as this is associated with ntp
# amplification attacks
disable monitor
restrict {{ prefix4.split("/")[0] }} mask {{ prefix4 | ipaddr('netmask') }} nomodify notrap nopeer
restrict {{ prefix6.split("/")[0] }} mask {{ prefix6 | ipaddr('netmask') }} nomodify notrap nopeer

View file

@ -1,12 +1,4 @@
--- ---
- hosts: hopglass-frontend
roles:
- hopglass-frontend
- hosts: services
roles:
- ntp-server
- hosts: media - hosts: media
roles: roles:
- website/media - website/media