diff --git a/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml b/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml index 5c6730d..5dc71a0 100644 --- a/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml +++ b/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml @@ -22,7 +22,7 @@ become: true changed_when: false ansible.builtin.reboot: - reboot_timeout: 30 + reboot_timeout: 10 tasks: - include_vars: ../../../../../../inventory/group_vars/all/vars.yml - include_vars: ../../../../../../inventory/group_vars/all/vault.yml @@ -78,7 +78,3 @@ ansible.builtin.include_role: name: nullified.infrastructure.gaming tasks_from: main.yml - - name: Testing deluge role - ansible.builtin.include_role: - name: nullified.infrastructure.deluge - tasks_from: main.yml diff --git a/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml b/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml index 92b6b17..33bedcd 100644 --- a/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml +++ b/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml @@ -1,6 +1,5 @@ custom_base_user_account: 'vagrant' security_firewall_mangle_drop_privatenets: false -security_firewall_filter_policy_output: accept security_configure_resolve_conf: true global_ip_dualstack: false external_provisioner_source_ips: diff --git a/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml b/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml index 20eee26..860ac45 100644 --- a/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml +++ b/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml @@ -126,18 +126,6 @@ cache_valid_time: 3600 pkg: "{{ common_apt_packages }}" -- name: setup default directories - become: true - ansible.builtin.file: - path: '{{ item.path }}' - owner: '{{ item.owner | default("root", true) }}' - group: '{{ item.group | default("root", true) }}' - mode: '{{ item.mode | default("u=rwX,g=rX,o=", true) }}' - state: directory - loop: - - path: /srv/git - mode: "u=rwx,g=rx,o=rx" - - include_tasks: home_setup.yml - include_tasks: shell_customization.yml diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/README.md b/ansible_collections/nullified/infrastructure/roles/deluge/README.md deleted file mode 100644 index edb3eca..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/README.md +++ /dev/null @@ -1,29 +0,0 @@ -Role Name -========= - -@todo - -Requirements ------------- - -@todo - -Role Variables --------------- - -@todo - -Dependencies ------------- - -@todo - -Example Playbook ----------------- - -@todo - -License -------- - -[MIT](https://opensource.org/license/mit) diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/defaults/main.yml b/ansible_collections/nullified/infrastructure/roles/deluge/defaults/main.yml deleted file mode 100644 index a436aa1..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/defaults/main.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -deluge_git_branch: "develop" -deluge_git_dir: "/srv/git/deluge.git" -deluge_install_dir: "/opt/deluge" -deluge_git_version: "HEAD" -deluge_user: "deluge" -deluge_group: "deluge" -deluge_download_dir: "/opt/deluge/Downloads" -deluge_completed_dir: "/opt/deluge/Completed" -deluge_plugins_dir: "/opt/deluge/.config/deluge/plugins" -deluge_torrentfiles_dir: "/opt/deluge/Torrents" -deluge_web_port: 8112 -deluge_web_password: deluge -deluge_web_password_salt: -deluge_daemon_control_port: 58846 -deluge_daemon_incoming_port: 6881 -deluge_daemon_outgoing_port_lo: 6889 -deluge_daemon_outgoing_port_hi: 6899 -deluge_web_expose_client: false diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/handlers/main.yml b/ansible_collections/nullified/infrastructure/roles/deluge/handlers/main.yml deleted file mode 100644 index d279630..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/handlers/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: restart deluged service - become: true - ansible.builtin.systemd: - name: deluged.service - enabled: true - state: restarted - daemon_reload: true - -- name: restart deluge-web service - become: true - ansible.builtin.systemd: - name: deluge-web.service - enabled: true - state: restarted - daemon_reload: true - -- name: restart firewall - become: true - ansible.builtin.systemd: - name: nftables.service - enabled: true - state: restarted diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/meta/main.yml b/ansible_collections/nullified/infrastructure/roles/deluge/meta/main.yml deleted file mode 100644 index b87b2a1..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/meta/main.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -galaxy_info: - author: Florian L. - namespace: nullified - description: - license: MIT - min_ansible_version: 2.15 - platforms: - - name: Debian - versions: - - bookworm - galaxy_tags: [] -dependencies: [] diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/tasks/gather_facts.yml b/ansible_collections/nullified/infrastructure/roles/deluge/tasks/gather_facts.yml deleted file mode 100644 index d724c51..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/tasks/gather_facts.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -- name: find systemd unit directory - become: true - ansible.builtin.command: pkg-config systemd --variable=systemdsystemunitdir - changed_when: false - register: systemd_unit_directory_cmd -- name: find systemd version - become: true - ansible.builtin.shell: > - systemctl --version | awk '{if($1=="systemd" && $2~"^[0-9]+$"){print $2}}' - changed_when: false - register: systemd_version_cmd -- name: set facts - ansible.builtin.set_fact: - systemd_unit_directory: "{{ systemd_unit_directory_cmd.stdout }}" - systemd_version: "{{ systemd_version_cmd.stdout | int }}" - deluge_web_password_salt: "{{ deluge_web_password_salt | default(lookup('ansible.builtin.password', '/dev/null', chars=['ascii_letters', 'digits'], length=40), true) }}" -- name: compute sha1 digest - ansible.builtin.shell: > - echo -n "${DELUGED_PASSWD_SALT}${DELUGED_PASSWD}" | openssl dgst -sha1 -r | cut -d ' ' -f 1 - register: deluge_pwd_sha1 - changed_when: false - environment: - DELUGED_PASSWD: '{{ deluge_web_password }}' - DELUGED_PASSWD_SALT: '{{ deluge_web_password_salt }}' -- name: set facts - ansible.builtin.set_fact: - deluge_web_password_hash: "{{ deluge_pwd_sha1.stdout }}" diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/tasks/main.yml b/ansible_collections/nullified/infrastructure/roles/deluge/tasks/main.yml deleted file mode 100644 index 67e4247..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/tasks/main.yml +++ /dev/null @@ -1,160 +0,0 @@ ---- -- name: install dependencies - become: true - ansible.builtin.apt: - update_cache: yes - force_apt_get: true - state: present - cache_valid_time: 3600 - pkg: - - closure-compiler - - git - - intltool - - openssl - - pkg-config - - python3-dbus - - python3-geoip - - python3-libtorrent - - python3-pip - - python3-virtualenv -- name: gather facts - ansible.builtin.include_tasks: gather_facts.yml -- name: create service group - become: true - ansible.builtin.group: - name: '{{ deluge_group }}' - system: true - state: present -- name: create service user - become: true - ansible.builtin.user: - name: '{{ deluge_user }}' - group: '{{ deluge_group }}' - shell: '/usr/sbin/nologin' - home: '{{ deluge_install_dir }}' - create_home: true - system: true - state: present -- name: mark repository as safe - become: true - ansible.builtin.shell: > - git config --global --get safe.directory {{ deluge_git_dir }} || - git config --global --add safe.directory {{ deluge_git_dir }} -- name: clone repository - become: true - ansible.builtin.git: - repo: '{{ deluge_git_repository }}' - dest: '{{ deluge_git_dir }}' - single_branch: true - version: '{{ deluge_git_version }}' -- name: setup virtualenv - become: true - ansible.builtin.pip: - requirements: '{{ deluge_git_dir }}/requirements.txt' - virtualenv: '{{ deluge_git_dir }}/.venv' - virtualenv_site_packages: true -- name: build project - become: true - command: >- - .venv/bin/python setup.py bdist_wheel - args: - chdir: '{{ deluge_git_dir }}' -- name: install generated wheel - become: true - ansible.builtin.shell: >- - .venv/bin/pip install dist/*.whl --no-index --find-links=. - args: - chdir: '{{ deluge_git_dir }}' -- name: set ownership - become: true - ansible.builtin.file: - path: '{{ deluge_git_dir }}' - owner: '{{ deluge_user }}' - group: '{{ deluge_group }}' - mode: 'u=rwX,g=rX,o=' - recurse: yes - follow: false -- name: install man page - become: true - ansible.builtin.copy: - src: '{{ deluge_git_dir }}/docs/man/deluged.1' - remote_src: true - dest: '/usr/local/share/man/man1/' - owner: root - group: root - mode: 'u=rwX,g=rX,o=' -- name: install deluged unit files - become: true - ansible.builtin.template: - src: ../templates/systemd/deluged.service.j2 - dest: '{{ systemd_unit_directory }}/deluged.service' - owner: root - group: root - mode: 'u=rwX,g=rX,o=' - notify: - - 'deluge : restart deluged service' -- name: install systemd unit files - become: true - ansible.builtin.template: - src: ../templates/systemd/deluge-web.service.j2 - dest: '{{ systemd_unit_directory }}/deluge-web.service' - owner: root - group: root - mode: 'u=rwX,g=rX,o=' - notify: - - 'deluge : restart deluge-web service' -- name: create directories - become: true - ansible.builtin.file: - path: '{{ item }}' - owner: '{{ deluge_user }}' - group: '{{ deluge_group }}' - mode: 'u=rwX,g=rX,o=' - state: directory - loop: - - '{{ deluge_download_dir }}' - - '{{ deluge_install_dir }}/.config/deluge' - - '{{ deluge_completed_dir }}' - - '{{ deluge_plugins_dir }}' - - '{{ deluge_torrentfiles_dir }}' -- name: 'install firewall ruleset' - become: true - ansible.builtin.template: - src: ../templates/nftables.d/deluge.nft.j2 - dest: '/etc/nftables.d/deluge.nft' - owner: root - group: root - mode: 'u=rw,g=r,o=' - notify: - - 'deluge : restart firewall' -- name: stop services - become: true - ansible.builtin.systemd: - name: '{{ item }}.service' - enabled: true - state: stopped - daemon_reload: true - loop: - - deluged - - deluge-web -- name: create basic configuration - become: true - ansible.builtin.template: - src: '../templates/{{ item }}.j2' - dest: '{{ deluge_install_dir }}/.config/deluge/{{ item }}' - owner: '{{ deluge_user }}' - group: '{{ deluge_group }}' - mode: 'u=rw,g=r,o=' - loop: - - core.conf - - web.conf -- name: start services - become: true - ansible.builtin.systemd: - name: '{{ item }}.service' - enabled: true - state: started - daemon_reload: true - loop: - - deluged - - deluge-web diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/templates/.gitkeep b/ansible_collections/nullified/infrastructure/roles/deluge/templates/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/templates/core.conf.j2 b/ansible_collections/nullified/infrastructure/roles/deluge/templates/core.conf.j2 deleted file mode 100644 index 8cd4e87..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/templates/core.conf.j2 +++ /dev/null @@ -1,95 +0,0 @@ -{ -"file": 1, -"format": 1 -}{ -"add_paused": false, -"allow_remote": false, -"auto_manage_prefer_seeds": false, -"auto_managed": true, -"cache_expiry": 60, -"cache_size": 512, -"copy_torrent_file": false, -"daemon_port": {{ deluge_daemon_control_port }}, -"del_copy_torrent_file": false, -"dht": false, -"dont_count_slow_torrents": false, -"download_location": "{{ deluge_download_dir }}", -"download_location_paths_list": [], -"enabled_plugins": [], -"enc_in_policy": 1, -"enc_level": 2, -"enc_out_policy": 1, -"geoip_db_location": "/usr/share/GeoIP/GeoIP.dat", -"ignore_limits_on_local_network": true, -"info_sent": 0.0, -"listen_interface": "", -"listen_ports": [ -{{ deluge_daemon_incoming_port }}, -{{ deluge_daemon_incoming_port }} -], -"listen_random_port": null, -"listen_reuse_port": true, -"listen_use_sys_port": false, -"lsd": false, -"max_active_downloading": 20, -"max_active_limit": 50, -"max_active_seeding": 50, -"max_connections_global": 200, -"max_connections_per_second": 20, -"max_connections_per_torrent": -1, -"max_download_speed": -1.0, -"max_download_speed_per_torrent": -1, -"max_half_open_connections": 50, -"max_upload_slots_global": 20, -"max_upload_slots_per_torrent": -1, -"max_upload_speed": -1.0, -"max_upload_speed_per_torrent": -1, -"move_completed": true, -"move_completed_path": "{{ deluge_completed_dir }}", -"move_completed_paths_list": [], -"natpmp": true, -"new_release_check": true, -"outgoing_interface": "", -"outgoing_ports": [ -{{ deluge_daemon_outgoing_port_lo }}, -{{ deluge_daemon_outgoing_port_hi }} -], -"path_chooser_accelerator_string": "Tab", -"path_chooser_auto_complete_enabled": true, -"path_chooser_max_popup_rows": 20, -"path_chooser_show_chooser_button_on_localhost": true, -"path_chooser_show_hidden_files": false, -"peer_tos": "0x00", -"plugins_location": "{{ deluge_plugins_dir }}", -"pre_allocate_storage": true, -"prioritize_first_last_pieces": false, -"proxy": { -"anonymous_mode": false, -"force_proxy": false, -"hostname": "", -"password": "", -"port": 8080, -"proxy_hostnames": true, -"proxy_peer_connections": true, -"proxy_tracker_connections": true, -"type": 0, -"username": "" -}, -"queue_new_to_top": false, -"random_outgoing_ports": false, -"random_port": false, -"rate_limit_ip_overhead": true, -"remove_seed_at_ratio": false, -"seed_time_limit": -1, -"seed_time_ratio_limit": -1.0, -"send_info": false, -"sequential_download": false, -"share_ratio_limit": -1.0, -"shared": false, -"stop_seed_at_ratio": false, -"stop_seed_ratio": 2.0, -"super_seeding": false, -"torrentfiles_location": "{{ deluge_torrentfiles_dir }}", -"upnp": true, -"utpex": false -} diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/templates/nftables.d/deluge.nft.j2 b/ansible_collections/nullified/infrastructure/roles/deluge/templates/nftables.d/deluge.nft.j2 deleted file mode 100644 index 231ec0d..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/templates/nftables.d/deluge.nft.j2 +++ /dev/null @@ -1,24 +0,0 @@ -table inet filter { - chain input { -{% if deluge_web_expose_client %} - meta nfproto { ipv4, ipv6 } tcp dport {{ deluge_web_port }} accept -{% else %} - meta nfproto { ipv4, ipv6 } iifname "lo" tcp dport {{ deluge_web_port }} accept -{% endif %} - iifname "lo" tcp dport {{ deluge_daemon_control_port }} accept - meta l4proto { tcp, udp } th dport {{ deluge_daemon_incoming_port }} accept - meta l4proto { tcp, udp } th dport { {{ deluge_daemon_outgoing_port_lo }}-{{ deluge_daemon_outgoing_port_hi }} } accept - } - - chain output { -{% if deluge_web_expose_client %} - meta nfproto { ipv4, ipv6 } tcp sport {{ deluge_web_port }} accept -{% else %} - meta nfproto { ipv4, ipv6 } oifname "lo" tcp sport {{ deluge_web_port }} accept -{% endif %} - meta l4proto { tcp, udp } th sport { {{ deluge_daemon_outgoing_port_lo }}-{{ deluge_daemon_outgoing_port_hi }} } accept - oifname "lo" tcp sport {{ deluge_daemon_control_port }} accept - udp dport { 1900, 5351 } accept - tcp dport 6969 accept - } -} diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/templates/systemd/deluge-web.service.j2 b/ansible_collections/nullified/infrastructure/roles/deluge/templates/systemd/deluge-web.service.j2 deleted file mode 100644 index d354881..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/templates/systemd/deluge-web.service.j2 +++ /dev/null @@ -1,53 +0,0 @@ -[Unit] -Description=Deluge Bittorrent Client Web Interface -Documentation=man:deluge-web -After=deluged.service -Wants=deluged.service - -[Service] -User=deluge -Group=deluge -Type=simple -UMask=027 -ExecStart={{ deluge_git_dir }}/.venv/bin/deluge-web -d -Restart=on-failure -RestartSec=3 - -# Security Hardening -PrivateTmp=true -CapabilityBoundingSet=CAP_NET_BIND_SERVICE -{% if systemd_version | int >= 187 %} -NoNewPrivileges=true -SystemCallFilter=@system-service -{% endif %} -{%+ if systemd_version | int >= 209 %}SystemCallArchitectures=native{%- endif +%} -{% if systemd_version | int >= 214 %} -ProtectHome=true -ProtectSystem=true -{% endif %} -{% if systemd_version | int >= 231 %} -ReadOnlyPaths=/ -ReadWritePaths={{ deluge_git_dir }} {{ deluge_install_dir }} -RestrictRealtime=true -{% endif %} -{% if systemd_version | int >= 232 %} -ProtectControlGroups=true -ProtectKernelModules=true -ProtectKernelTunables=true -RemoveIPC=true -{% endif %} -{% if systemd_version | int >= 233 %} -MountAPIVFS=true -RestrictNamespaces=ipc net mnt pid -{% endif %} -{%+ if systemd_version | int >= 235 %}LockPersonality=true{%- endif +%} -{% if systemd_version | int >= 242 %} -ProtectHostname=true -RestrictSUIDSGID=true -{% endif %} -{%+ if systemd_version | int >= 244 %}ProtectKernelLogs=true{%- endif +%} -{%+ if systemd_version | int >= 245 %}ProtectClock=true{%- endif +%} -{%+ if systemd_version | int >= 247 %}ProtectProc=invisible{%- endif +%} - -[Install] -WantedBy=multi-user.target diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/templates/systemd/deluged.service.j2 b/ansible_collections/nullified/infrastructure/roles/deluge/templates/systemd/deluged.service.j2 deleted file mode 100644 index b410007..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/templates/systemd/deluged.service.j2 +++ /dev/null @@ -1,54 +0,0 @@ -[Unit] -Description=Deluge Bittorrent Client Daemon -Documentation=man:deluged -After=network-online.target - -[Service] -User=deluge -Group=deluge -Type=simple -UMask=007 -ExecStart={{ deluge_git_dir }}/.venv/bin/deluged -d -L warning -Restart=on-failure -RestartSec=3 -TimeoutStopSec=300 -WorkingDirectory=~ - -# Security Hardening -PrivateTmp=true -CapabilityBoundingSet=CAP_SYS_RESOURCE -{% if systemd_version | int >= 187 %} -NoNewPrivileges=true -SystemCallFilter=@system-service -{% endif %} -{%+ if systemd_version | int >= 209 %}SystemCallArchitectures=native{%- endif +%} -{% if systemd_version | int >= 214 %} -ProtectHome=true -ProtectSystem=true -{% endif %} -{% if systemd_version | int >= 231 %} -ReadOnlyPaths=/ -ReadWritePaths={{ deluge_git_dir }} {{ deluge_install_dir }} -RestrictRealtime=true -{% endif %} -{% if systemd_version | int >= 232 %} -ProtectControlGroups=true -ProtectKernelModules=true -ProtectKernelTunables=true -RemoveIPC=true -{% endif %} -{% if systemd_version | int >= 233 %} -MountAPIVFS=true -RestrictNamespaces=ipc net mnt pid -{% endif %} -{%+ if systemd_version | int >= 235 %}LockPersonality=true{%- endif +%} -{% if systemd_version | int >= 242 %} -ProtectHostname=true -RestrictSUIDSGID=true -{% endif %} -{%+ if systemd_version | int >= 244 %}ProtectKernelLogs=true{%- endif +%} -{%+ if systemd_version | int >= 245 %}ProtectClock=true{%- endif +%} -{%+ if systemd_version | int >= 247 %}ProtectProc=invisible{%- endif +%} - -[Install] -WantedBy=multi-user.target diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/templates/web.conf.j2 b/ansible_collections/nullified/infrastructure/roles/deluge/templates/web.conf.j2 deleted file mode 100644 index 859bd07..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/templates/web.conf.j2 +++ /dev/null @@ -1,26 +0,0 @@ -{ - "file": 2, - "format": 1 -}{ - "base": "/", - "cert": "ssl/daemon.cert", - "default_daemon": "", - "enabled_plugins": [ - ], - "first_login": false, - "https": false, - "interface": "{{ '0.0.0.0' if deluge_web_expose_client is truthy else '127.0.0.1' }}", - "language": "", - "pkey": "ssl/daemon.pkey", - "port": {{ deluge_web_port }}, - "pwd_salt": "{{ deluge_web_password_salt }}", - "pwd_sha1": "{{ deluge_web_password_hash }}", - "session_timeout": 3600, - "sessions": { - }, - "show_session_speed": true, - "show_sidebar": true, - "sidebar_multiple_filters": true, - "sidebar_show_zero": false, - "theme": "gray" -} diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/tests/inventory b/ansible_collections/nullified/infrastructure/roles/deluge/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/tests/test.yml b/ansible_collections/nullified/infrastructure/roles/deluge/tests/test.yml deleted file mode 100644 index ec10bb2..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - test diff --git a/ansible_collections/nullified/infrastructure/roles/deluge/vars/main.yml b/ansible_collections/nullified/infrastructure/roles/deluge/vars/main.yml deleted file mode 100644 index ce70d6f..0000000 --- a/ansible_collections/nullified/infrastructure/roles/deluge/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -deluge_git_repository: 'git://deluge-torrent.org/deluge.git' diff --git a/ansible_collections/nullified/infrastructure/roles/security/templates/system/nftables.d/egress_git.nft.j2 b/ansible_collections/nullified/infrastructure/roles/security/templates/system/nftables.d/egress_git.nft.j2 deleted file mode 100644 index 83cad84..0000000 --- a/ansible_collections/nullified/infrastructure/roles/security/templates/system/nftables.d/egress_git.nft.j2 +++ /dev/null @@ -1,5 +0,0 @@ -table inet filter { - chain output { - tcp dport 9418 accept - } -} diff --git a/inventory/host_vars/lithium/vars.yml b/inventory/host_vars/lithium/vars.yml index f1491a3..54b86be 100644 --- a/inventory/host_vars/lithium/vars.yml +++ b/inventory/host_vars/lithium/vars.yml @@ -4,7 +4,3 @@ ansible_user: "{{ vault_ssh_user }}" nginx_extra_packages: [nginx-module-geoip, nginx-module-otel] nginx_sites: "{{ vault_nginx_sites }}" nginx_streams: "{{ vault_nginx_streams }}" -deluge_web_password: '{{ vault_deluge_web_password }}' -deluge_web_password_salt: '{{ vault_deluge_web_password_salt }}' -global_dns_udp_dns4: "{{ vault_global_dns_udp_dns4 }}" -global_dns_udp_dns6: "{{ vault_global_dns_udp_dns6 }}" diff --git a/playbooks/external.yml b/playbooks/external.yml index 07103a0..d29c1ab 100644 --- a/playbooks/external.yml +++ b/playbooks/external.yml @@ -47,13 +47,3 @@ apply: tags: [webserver] tags: [webserver, webserver-config, webserver-sites, webserver-streams] - -- name: setup deluge instances - hosts: external:&deluge - tasks: - - name: include deluge role - ansible.builtin.include_role: - name: nullified.infrastructure.deluge - apply: - tags: [deluge] - tags: [deluge]