Remove unused roles and variables

inventory/group_vars/all.yml

@@ -1,6 +1,5 @@
 ansible_python_interpreter: /usr/bin/python3
 
 basics_autoupdate_mail: backend@hamburg.freifunk.net
-basics_autoupdate_reboot_time: "04:00"
 
 nginx_error_log: "/dev/null error"

inventory/host_vars/cloud.yml

@@ -1,3 +0,0 @@
-nginx_ciphers: "ECDH+aRSA+CHACHA20:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384"
-nginx_resolver: "[2a03:2267:2::10] [2a03:2267:2::20] [2a03:2267:2::30]"
-openssl_ciphersuites: "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384"

inventory/host_vars/srv02.yml

@@ -3,9 +3,6 @@ basics_autoupdate_origins:
   - o=Prosody,n=${distro_codename}
   - o=TorProject,n=${distro_codename}
 
-hopglass_frontend_tls_crt: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/fullchain.pem
-hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem
-
 media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
 media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem
 

roles/hopglass-frontend/defaults/main.yml

@@ -1,3 +0,0 @@
----
-hopglass_frontend_path: /opt/hopglass-frontend
-nodejs_version: node_8.x

roles/hopglass-frontend/meta/main.yml

@@ -1,3 +0,0 @@
----
-dependencies:
-  - role: nginx

roles/hopglass-frontend/tasks/install-hopglass.yml

@@ -1,42 +0,0 @@
----
-- name: clone hopglass
-  git:
-    repo: "https://github.com/hopglass/hopglass"
-    dest: "{{ hopglass_frontend_path }}"
-    accept_hostkey: yes
-    update: no
-
-- name: create build directory
-  file:
-    path: "{{ hopglass_frontend_path }}/build"
-    state: directory
-
-- name: template config.json
-  template:
-    src: hopglass-config.j2
-    dest: "{{ hopglass_frontend_path }}/build/config.json"
-
-- name: template nginx site
-  template:
-    src: nginx-site.j2
-    dest: /etc/nginx/sites-available/hopglass
-  notify: reload nginx
-
-- name: enable site
-  file:
-    src: ../sites-available/hopglass
-    dest: /etc/nginx/sites-enabled/hopglass
-    state: link
-  notify: reload nginx
-
-- name: template make-hopglass-frontend
-  template:
-    src: make-hopglass-frontend.j2
-    dest: /usr/local/bin/make-hopglass-frontend
-    mode: 0755
-  register: make
-
-- name: show usage information
-  debug:
-    msg: ">>> Because Node.js is terrible, please run make-hopglass-frontend manually. <<<"
-  when: make.changed

roles/hopglass-frontend/tasks/install-nodejs.yml

@@ -1,33 +0,0 @@
----
-- name: check for npm
-  find:
-    paths: [/bin, /usr/bin, /usr/local/bin]
-    patterns: npm
-    file_type: any
-  register: npm
-
-- name: install APT HTTPS transport
-  apt:
-    name: apt-transport-https
-    cache_valid_time: 86400
-  when: npm.matched == 0
-
-- name: add NodeSource signing key
-  apt_key:
-    url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
-    id: 9FD3B784BC1C6FC31A8A0A1C1655A0AB68576280
-  when: npm.matched == 0
-
-- name: add NodeSource repository
-  apt_repository:
-    repo: "deb https://deb.nodesource.com/{{ nodejs_version }} {{ ansible_lsb.codename }} main"
-    filename: nodesource
-  when: npm.matched == 0
-
-- name: install Node.js
-  apt:
-    name:
-      - build-essential
-      - nodejs
-    cache_valid_time: 86400
-  when: npm.matched == 0

roles/hopglass-frontend/tasks/main.yml

@@ -1,5 +0,0 @@
----
-- include: install-nodejs.yml
-  tags: nodejs
-- include: install-hopglass.yml
-  tags: hopglass-frontend

roles/hopglass-frontend/templates/hopglass-config.j2

@@ -1,63 +0,0 @@
-{
-    "dataPath": "https://hopglass-backend.hamburg.freifunk.net/",
-    "siteName": "Freifunk Hamburg",
-    "mapSigmaScale": 1.1,
-    "showContact": false,
-    "maxAge": 2,
-    "mapLayers": [
-        {
-            "name": "OpenStreetMap",
-            "url": "https://{s}.tile.openstreetmap.de/tiles/osmde/{z}/{x}/{y}.png",
-            "config": {
-                "maxZoom": 18,
-                "attribution": "&copy; <a href=\"https://www.openstreetmap.org/copyright\">OpenStreetMap</a>"
-            }
-        },
-        {
-            "name": "Satellitenbild",
-            "url": "https://server.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer/tile/{z}/{y}/{x}",
-            "config": {
-                "attribution": "Tiles &copy; Esri &mdash; Source: Esri, i-cubed, USDA, USGS, AEX, GeoEye, Getmapping, Aerogrid, IGN, IGP, UPR-EGP, and the GIS User Community"
-            }
-        },
-        {
-            "name": "Stamen (TonerLite)",
-            "url": "https://stamen-tiles-{s}.a.ssl.fastly.net/toner-lite/{z}/{x}/{y}.png",
-            "config": {
-                "maxZoom": 20,
-                "attribution": "Map tiles by <a href=\"https://stamen.com\">Stamen Design</a>, <a href=\"https://creativecommons.org/licenses/by/3.0\">CC BY 3.0</a> &mdash; Map data &copy; <a href=\"https://www.openstreetmap.org/copyright\">OpenStreetMap</a>"
-            }
-        }
-    ],
-    "nodeInfos": [
-        {
-            "name": "Clientstatistik",
-            "href": "https://statistik.hamburg.freifunk.net/dashboard/db/freifunk-knoteninfo-knoten-id?var-region=ffhh&var-knoten={NODE_ID}",
-            "thumbnail": "https://statistik.hamburg.freifunk.net/render/dashboard-solo/db/freifunk-knoteninfo-knoten-id?panelId=1&var-region=ffhh&var-knoten={NODE_ID}&theme=light&width=530&height=332&from=now-3d",
-            "caption": "Verbundene Clients in den letzten 3 Tage an Knoten {NODE_ID}"
-        }
-    ],
-    "globalInfos": [
-        {
-            "name": "Clientstatistik (gesamt)",
-            "href": "https://statistik.hamburg.freifunk.net/dashboard/db/freifunk-ubersicht?var-region=ffhh",
-            "thumbnail": "https://statistik.hamburg.freifunk.net/render/dashboard-solo/db/freifunk-ubersicht?panelId=1&var-region=ffhh&theme=light&width=530&height=332&from=now-3d",
-            "caption": "Verbundene Clients in den letzten 3 Tagen"
-        }
-    ],
-    "linkInfos": [],
-    "siteNames": [
-        { "site": "ffhh", "name": "Hamburg" },
-        { "site": "ffhh-nowe", "name": "Hamburg-NordWest" },
-        { "site": "ffhh-ost", "name": "Hamburg-Ost" },
-        { "site": "ffhh-sued", "name": "Hamburg-Sued" },
-        { "site": "ffhh-west", "name": "Hamburg-West" }
-    ],
-    "domainNames": [
-        { "domain": "ffhh_nowe", "name": "Hamburg-NordWest" },
-        { "domain": "ffhh_ost", "name": "Hamburg-Ost" },
-        { "domain": "ffhh_sued", "name": "Hamburg-Sued" },
-        { "domain": "ffhh_west", "name": "Hamburg-West" }
-    ],
-    "hwImg": []
-}

roles/hopglass-frontend/templates/make-hopglass-frontend.j2

@@ -1,8 +0,0 @@
-#!/bin/bash
-
-PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-
-cd {{ hopglass_frontend_path }}
-npm install
-npm install grunt-cli
-node_modules/.bin/grunt

roles/hopglass-frontend/templates/nginx-site.j2

@@ -1,40 +0,0 @@
-{% if hopglass_frontend_tls_crt is defined %}
-server {
-    server_name map.hamburg.freifunk.net hopglass.hamburg.freifunk.net;
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    ssl_certificate {{ hopglass_frontend_tls_crt }};
-    ssl_certificate_key {{ hopglass_frontend_tls_key }};
-
-    include snippets/header-hsts.conf;
-    include snippets/no-unsafe-files.conf;
-
-    add_header Referrer-Policy same-origin;
-    add_header X-Content-Type-Options nosniff;
-    add_header X-XSS-Protection "1; mode=block";
-    proxy_hide_header Referrer-Policy;
-    proxy_hide_header X-Content-Type-Options;
-    proxy_hide_header X-XSS-Protection;
-
-    root {{ hopglass_frontend_path }}/build;
-}
-
-{% endif %}
-server {
-    server_name map.hamburg.freifunk.net hopglass.hamburg.freifunk.net;
-    listen 80;
-    listen [::]:80;
-
-{% if hopglass_frontend_tls_crt is defined %}
-    location / {
-        return 302 https://$host$request_uri;
-    }
-{% else %}
-    include snippets/header-security.conf;
-    include snippets/no-unsafe-files.conf;
-
-    root {{ hopglass_frontend_path }}/build;
-{% endif %}
-
-    include snippets/location-acme.conf;
-}

roles/ntp-server/handlers/main.yml

@@ -1,5 +0,0 @@
----
-- name: restart ntpd
-  service:
-    name: ntp
-    state: restarted

roles/ntp-server/tasks/main.yml

@@ -1,21 +0,0 @@
----
-- name: install ntpd
-  apt:
-    name: ntp
-    state: present
-  tags: ntp
-
-- name: template ntp.conf
-  template:
-    src: ntp.conf.j2
-    dest: /etc/ntp.conf
-    backup: yes
-  notify: restart ntpd
-  tags: ntp
-
-- name: start and enable ntpd
-  service:
-    name: ntp
-    state: started
-    enabled: yes
-  tags: ntp

roles/ntp-server/templates/ntp.conf.j2

@@ -1,36 +0,0 @@
-# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
-
-driftfile /var/lib/ntp/ntp.drift
-
-logfile /var/log/ntpstats/ntp.log
-
-statistics loopstats peerstats clockstats
-filegen loopstats file loopstats type day enable
-filegen peerstats file peerstats type day enable
-filegen clockstats file clockstats type day enable
-
-server 127.127.1.0
-fudge  127.127.1.0 stratum 10
-
-server ptbtime1.ptb.de
-server ptbtime2.ptb.de
-server ptbtime3.ptb.de
-
-# Restrict all incoming connection
-restrict -4 default ignore
-restrict -6 default ignore
-
-restrict 192.53.103.108 nomodify notrap nopeer noquery
-restrict 192.53.103.104 nomodify notrap nopeer noquery
-restrict 192.53.103.103 nomodify notrap nopeer noquery
- 
-# Local users may interrogate the ntp server more closely.
-restrict 127.0.0.1
-restrict -6 ::1
- 
-# Disable the monlist request as this is associated with ntp
-# amplification attacks
-disable monitor
-restrict {{ prefix4.split("/")[0] }} mask {{ prefix4 | ipaddr('netmask') }} nomodify notrap nopeer
-restrict {{ prefix6.split("/")[0] }} mask {{ prefix6 | ipaddr('netmask') }} nomodify notrap nopeer
-

services.yml

@@ -1,12 +1,4 @@
 ---
-- hosts: hopglass-frontend
-  roles:
-    - hopglass-frontend
-
-- hosts: services
-  roles:
-    - ntp-server
-
 - hosts: media
   roles:
     - website/media