1 files changed, 16 insertions, 61 deletions
diff --git a/ansible/kea.yml b/ansible/kea.yml
index 8841b9b..6ff8225 100644
--- a/ansible/kea.yml
+++ b/ansible/kea.yml
@@ -1,76 +1,31 @@
 - hosts: kea
   remote_user: root
-  become: no
   roles:
     - role: sane_debian_system
-      tags: [sane]
-    - comfortable-debian-system
-    - gnome-system
-    - mail-client
-    - intel-wifi
-    - self-updating-system
-    - ssd
-    - unix_users
-  tasks:
-    - lineinfile:
-        path: /etc/gdm3/daemon.conf
-        regex: WaylandEnable
-        line: WaylandEnable=false
-    - apt:
-        name:
-          - flatpak
-          - gnome-software-plugin-flatpak
-          - cups
-          - nfs-common
-          - ufw
-    - apt:
-        deb: https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
-    - shell:
-         flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
-    - ufw:
-        state: enabled
-        policy: deny
-    - ufw:
-        port: ssh
-        rule: allow
+    - role: sshd
+    - role: ssd
+    - role: puomi
+      tags:
+        - puomi
   vars:
     ansible_python_interpreter: /usr/bin/python3
 
     sane_debian_system_version: 2
-    sane_debian_system_hostname: kea
-    sane_debian_system_codename: bullseye
+    sane_debian_system_hostname: "{{ inventory_hostname }}"
+    sane_debian_system_codename: bookworm
     sane_debian_system_timezone: Europe/Helsinki
     sane_debian_system_sources_lists:
       - repo: |
-          deb http://deb.debian.org/debian bullseye contrib non-free
+          deb http://deb.debian.org/debian bookworm contrib non-free
 
       - repo: |
-          deb-src http://deb.debian.org/debian bullseye main contrib non-free
+          deb http://security.debian.org/debian-security bookworm-security main contrib non-free
 
-      - repo: |
-          deb http://security.debian.org/debian-security bullseye-security main contrib non-free
-
-    unix_users_version: 2
-    unix_users:
-      - username: soile
-        comment: Soile Mottisenkangas
-        groups:
-          - audio
-          - bluetooth
-          - cdrom
-          - dialout
-          - dip
-          - floppy
-          - netdev
-          - plugdev
-          - scanner
-          - video
-        authorized_keys: |
-          {{ liw_personal_ssh_pub }}
+    sshd_version: 1
 
-    mailname: kea.liw.fi
-    hostname: "{{ sane_debian_system_hostname }}"
-    relayhost: pieni.net:587
-    smarthost: pieni.net
-    smarthost_user: pienirelay
-    smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}"
+    puomi_version: 1
+    puomi_lan_ip: 10.1.1.1
+    puomi_dhcp_start: 10.1.1.10
+    puomi_dhcp_end: 10.1.1.250
+    puomi_dhcp_netmask: 255.255.255.0
+    puomi_dhcp_lease: 1h