diff options
Diffstat (limited to 'ansible/roles')
30 files changed, 318 insertions, 144 deletions
diff --git a/ansible/roles/apt-repository/files/process-incoming b/ansible/roles/apt-repository/files/process-incoming new file mode 100644 index 0000000..b668c88 --- /dev/null +++ b/ansible/roles/apt-repository/files/process-incoming @@ -0,0 +1,13 @@ +#!/bin/bash + +( + # sleep for a few seconds so that dput has time to chmod the uploaded + # file. + sleep 10 + date + echo "Processing incoming" + reprepro -v -b /srv/apt processincoming default + reprepro -v -b /srv/apt export + rm -f incoming/*.buildinfo + echo "Finished processing incoming" +) 2>&1 >>/home/apt/reprepro.log diff --git a/ansible/roles/apt-repository/handlers/main.yml b/ansible/roles/apt-repository/handlers/main.yml new file mode 100644 index 0000000..a7ec2ee --- /dev/null +++ b/ansible/roles/apt-repository/handlers/main.yml @@ -0,0 +1,4 @@ +- name: restart apache2 + service: + name: apache2 + state: restarted diff --git a/ansible/roles/apt-repository/tasks/main.yml b/ansible/roles/apt-repository/tasks/main.yml new file mode 100644 index 0000000..6bf8412 --- /dev/null +++ b/ansible/roles/apt-repository/tasks/main.yml @@ -0,0 +1,133 @@ +- name: "install software needed for APT repository management" + apt: + name: + - apache2 + - incron + - reprepro + +- name: "create root directory for APT repository" + file: + state: directory + path: /srv/apt + owner: apt + group: apt + mode: 0755 + +- name: "create incoming directory for APT repository" + file: + state: directory + path: /srv/apt/incoming + owner: apt + group: incoming + mode: 0775 + +- name: "create .gnupg for apt user" + file: + state: directory + dest: /home/apt/.gnupg + owner: apt + group: apt + mode: 0700 + +- name: "install temporary copies of gpg keys for repository signing" + copy: + content: "{{ item.content }}" + dest: "/home/apt/{{ item.name }}" + owner: apt + group: apt + mode: 0600 + with_items: + - content: "{{ apt_signing_key }}" + name: key + - content: "{{ apt_signing_key_pub }}" + name: key.pub + +- name: "import gpg keys for apt" + shell: | + cd /home/apt + sudo -u apt gpg --import key key.pub + +- name: "delete temporary copies of keys" + file: + dest: "/home/apt/{{ item }}" + state: absent + with_items: + - key + - key.pub + +- name: "allow apt user to use incron" + lineinfile: + dest: /etc/incron.allow + line: apt + +- name: "crate reprepro configuration directory" + file: + path: /srv/apt/conf + state: directory + +- name: "create reprepro temp directory" + file: + state: directory + dest: /srv/apt/tmp + owner: apt + group: apt + mode: 0755 + +- name: "configure reprepro distributions" + template: + src: distributions.j2 + dest: /srv/apt/conf/distributions + +- name: "configure reprepro uploaders" + template: + src: uploaders.j2 + dest: /srv/apt/conf/uploaders + +- name: "configure reprepro incoming" + template: + src: incoming.j2 + dest: /srv/apt/conf/incoming + owner: apt + group: incoming + mode: 01777 + +- name: "create web root directory" + file: + state: directory + path: /srv/http + +- name: "install an index page in the web root directory" + copy: + content: | + {{ apt_index_content }} + dest: /srv/http/index.html + +- name: "configure apache to server APT repository over http" + template: + src: 000-default.conf + dest: /etc/apache2/sites-enabled/000-default.conf + owner: root + group: root + mode: 0644 + notify: restart apache2 + +- name: "install script to process uploads to APT" + copy: + src: process-incoming + dest: /home/apt/process-incoming + owner: apt + group: apt + mode: 0755 + +- name: "create incrontab for apt" + copy: + content: | + /srv/apt/incoming IN_CLOSE_WRITE /home/apt/process-incoming + dest: /home/apt/incrontab + owner: apt + group: apt + mode: 0644 + +- name: "set up incrontab for processing incoming uploads" + shell: | + sudo -u apt incrontab /home/apt/incrontab diff --git a/ansible/roles/apt-repository/templates/000-default.conf b/ansible/roles/apt-repository/templates/000-default.conf new file mode 100644 index 0000000..b62e1fd --- /dev/null +++ b/ansible/roles/apt-repository/templates/000-default.conf @@ -0,0 +1,18 @@ +<VirtualHost _default_> + ServerAdmin {{ apt_admin_email }} + + DocumentRoot /srv/http + Alias "/debian" "/srv/apt" + + <Directory /srv/http> + Require all granted + </Directory> + + <Directory /srv/apt> + Options +Indexes + Require all granted + </Directory> + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined +</VirtualHost> diff --git a/ansible/roles/apt-repository/templates/distributions.j2 b/ansible/roles/apt-repository/templates/distributions.j2 new file mode 100644 index 0000000..ab3f861 --- /dev/null +++ b/ansible/roles/apt-repository/templates/distributions.j2 @@ -0,0 +1,12 @@ +{% for dist in apt_distributions %} + +Codename: {{ dist.codename }} +Suite: {{ dist.codename }} +Origin: {{ apt_domain }} +Description: {{ dist.description }} +Architectures: source {{ dist.architectures|default('amd64') }} +Components: {{ dist.components|default('main') }} +Uploaders: uploaders +Tracking: keep +SignWith: {{ apt_signing_key_fingerprint }} +{% endfor %} diff --git a/ansible/roles/apt-repository/templates/incoming.j2 b/ansible/roles/apt-repository/templates/incoming.j2 new file mode 100644 index 0000000..548c44b --- /dev/null +++ b/ansible/roles/apt-repository/templates/incoming.j2 @@ -0,0 +1,5 @@ +Name: default +IncomingDir: incoming +TempDir: tmp +Cleanup: on_error +Allow: {% for dist in apt_distributions %} {{ dist.codename }} {% endfor %} diff --git a/ansible/roles/apt-repository/templates/uploaders.j2 b/ansible/roles/apt-repository/templates/uploaders.j2 new file mode 100644 index 0000000..0891e6d --- /dev/null +++ b/ansible/roles/apt-repository/templates/uploaders.j2 @@ -0,0 +1 @@ +allow * by unsigned diff --git a/ansible/roles/debian-mirror/files/mirror-debian b/ansible/roles/debian-mirror/files/mirror-debian index 93eca56..29ff019 100644 --- a/ansible/roles/debian-mirror/files/mirror-debian +++ b/ansible/roles/debian-mirror/files/mirror-debian @@ -11,7 +11,7 @@ debmirror \ --rsync-extra=trace \ --arch=amd64 \ --getcontents \ - --dist=bullseye \ + --dist=stable \ -v \ "$mirror_root" diff --git a/ansible/roles/debian-mirror/tasks/main.yml b/ansible/roles/debian-mirror/tasks/main.yml index 71b7e0c..0c68110 100644 --- a/ansible/roles/debian-mirror/tasks/main.yml +++ b/ansible/roles/debian-mirror/tasks/main.yml @@ -2,6 +2,7 @@ apt: name: - debmirror + - screen - name: "install mirror-debian script" copy: @@ -9,12 +10,19 @@ dest: /usr/local/bin mode: 0755 +- name: "create directory for mirror" + file: + state: directory + path: /srv/http/debmirror/debian + owner: debmirror + group: debmirror + - name: "install cronjob for mirroring Debian" cron: name: "mirror Debian" user: debmirror minute: "0" - hour: "5,19" + hour: "12" job: "/usr/local/bin/mirror-debian /srv/http/debmirror/debian" - name: "set MAILTO in crontab" @@ -23,4 +31,3 @@ env: yes name: MAILTO value: root - diff --git a/ansible/roles/emacs/tasks/main.yml b/ansible/roles/emacs/tasks/main.yml index 81962f4..e21ab48 100644 --- a/ansible/roles/emacs/tasks/main.yml +++ b/ansible/roles/emacs/tasks/main.yml @@ -2,9 +2,4 @@ apt: name: - emacs - - emacs-goodies-el - debian-el - - elpa-markdown-mode - - elpa-magit - - yaml-mode - - elpa-go-mode diff --git a/ansible/roles/gnome-system/tasks/main.yml b/ansible/roles/gnome-system/tasks/main.yml index 4c4c587..2b51946 100644 --- a/ansible/roles/gnome-system/tasks/main.yml +++ b/ansible/roles/gnome-system/tasks/main.yml @@ -3,20 +3,14 @@ state: present name: - gnome - - liferea -# - desktop-cronish - handbrake - handbrake-cli - - devhelp - gnumeric - keepass2 -# - revelation -# - mumble - - gnome-shell-timer + - fonts-freefont-ttf - fonts-symbola - fonts-inconsolata - - fonts-arabeyes - fonts-cabinsketch - fonts-cantarell @@ -47,21 +41,34 @@ - fonts-texgyre - fonts-tomsontalks - fonts-hack - + - calibre - cups - system-config-printer - darktable - - flatpak - gnome-software-plugin-flatpak - libreoffice + - gnome-shell-extension-manager + # This seems to be wanted by something in the GNOME app stack. # Installing it will stop a lot of apps from whinging at startup. - libcanberra-gtk-module +- name: "add flatpak from backports" + shell: | + DEBIAN_FRONTEND=noninteractive \ + apt-get install -y flatpak + - name: Add flathub shell: | - flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo + flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.Flatpak + +- name: install flatpaks from flathub + shell: | + flatpak install --system --app --noninteractive flathub org.mozilla.firefox + flatpak install --system --app --noninteractive flathub org.gnome.Fractal + flatpak install --system --app --noninteractive flathub org.telegram.desktop + flatpak install --system --app --noninteractive flathub org.signal.Signal diff --git a/ansible/roles/gnupg-workstation/tasks/main.yml b/ansible/roles/gnupg-workstation/tasks/main.yml index 935970c..9c0f52c 100644 --- a/ansible/roles/gnupg-workstation/tasks/main.yml +++ b/ansible/roles/gnupg-workstation/tasks/main.yml @@ -4,5 +4,5 @@ - gnupg - scdaemon - pass -# - extrautils + - extrautils - oathtool diff --git a/ansible/roles/holywood2/files/exports b/ansible/roles/holywood2/files/exports index 92dc38d..f90ff7c 100644 --- a/ansible/roles/holywood2/files/exports +++ b/ansible/roles/holywood2/files/exports @@ -1,6 +1,8 @@ /mnt/soile/pupu 10.0.0.0/24(rw,nohide,async,no_subtree_check,insecure) /mnt/soile/pupu 10.1.1.0/24(rw,nohide,async,no_subtree_check,insecure) /mnt/soile/pupu 10.2.2.0/24(rw,nohide,async,no_subtree_check,insecure) +/mnt/soile/pupu 10.3.1.0/24(rw,nohide,async,no_subtree_check,insecure) /mnt/media 10.0.0.0/24(ro,nohide,async,no_subtree_check,insecure) /mnt/media 10.1.1.0/24(ro,nohide,async,no_subtree_check,insecure) /mnt/media 10.2.2.0/24(ro,nohide,async,no_subtree_check,insecure) +/mnt/media 10.3.1.0/24(ro,nohide,async,no_subtree_check,insecure) diff --git a/ansible/roles/holywood2/tasks/main.yml b/ansible/roles/holywood2/tasks/main.yml index 1da48db..b67ae16 100644 --- a/ansible/roles/holywood2/tasks/main.yml +++ b/ansible/roles/holywood2/tasks/main.yml @@ -8,11 +8,11 @@ src: ssh-config dest: /home/root/.ssh/config -- name: symlink /root/.ssh to /home/root/.ssh - file: - state: link - src: /home/root/.ssh - path: /root/.ssh +# - name: symlink /root/.ssh to /home/root/.ssh +# file: +# state: link +# src: /home/root/.ssh +# path: /root/.ssh - name: create soile group group: @@ -65,3 +65,12 @@ owner: root group: root mode: 0755 + +- name: install SSH client config + copy: + content: | + Host nalanda + hostname nalanda.liw.fi + ProxyJump exolobe2 + dest: /root/.ssh/config + mode: 0644 diff --git a/ansible/roles/liw/tasks/main.yml b/ansible/roles/liw/tasks/main.yml index 99f1b47..916d140 100644 --- a/ansible/roles/liw/tasks/main.yml +++ b/ansible/roles/liw/tasks/main.yml @@ -8,6 +8,21 @@ sudo -u liw -i bash -c "pwd && ./liw-dot-files/make-symlinks" sudo -u liw -i bash -c "ln -nsf liw-dot-files/gitconfig-exolobe1 .gitconfig" +- name: "make sure ~liw/.ssh/known_hosts exists" + shell: | + dir=/home/liw/.ssh + k="$dir/known_hosts" + if ! [ -e "$dir" ]; then install -d -o liw -g liw -m 0755 "$dir"; fi + if ! [ -e "$k" ]; then touch "$k"; fi + +- name: "configure liw SSH known hosts" + lineinfile: + line: "@cert-authority * ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIW1QmBC3OLsjpUv1gIYBHSN5tWhPOHHzDIXgj8d1Hg1" + path: /home/liw/.ssh/known_hosts + owner: liw + group: liw + mode: 0644 + - name: "create ~liw/src and ~liw/cargo" file: state: directory diff --git a/ansible/roles/smarthost-client/files/aliases b/ansible/roles/mail-client/files/aliases index 040d695..040d695 100644 --- a/ansible/roles/smarthost-client/files/aliases +++ b/ansible/roles/mail-client/files/aliases diff --git a/ansible/roles/mail-client/tasks/main.yml b/ansible/roles/mail-client/tasks/main.yml index 63df37e..ba40678 100644 --- a/ansible/roles/mail-client/tasks/main.yml +++ b/ansible/roles/mail-client/tasks/main.yml @@ -1,9 +1,45 @@ -- name: "install email stuff" +- name: "install mail client packages" apt: name: - - mutt - - notmuch - - notmuch-mutt - - offlineimap - - procmail - - clab + - isync + - libsasl2-modules + - mailutils + - mutt + - notmuch + - notmuch-mutt + - postfix + +- name: "configure postfix" + template: + src: main.cf + dest: /etc/postfix/main.cf + notify: restart postfix + +- name: "set mailname" + copy: + content: "{{ mailname }}\n" + dest: /etc/mailname + owner: root + group: root + mode: 0644 + +- name: "set smarthost relay credentials" + template: + src: sasl_passwd + dest: /etc/postfix/sasl_passwd + mode: 0600 + +- name: "postmap relay credentials" + shell: | + postmap /etc/postfix/sasl_passwd + +- name: "install aliases" + copy: + src: aliases + dest: /etc/aliases + owner: root + group: root + mode: 0644 + +- name: "run newaliases" + shell: newaliases diff --git a/ansible/roles/mail-client/templates/main.cf b/ansible/roles/mail-client/templates/main.cf index 2c026ad..af8e058 100644 --- a/ansible/roles/mail-client/templates/main.cf +++ b/ansible/roles/mail-client/templates/main.cf @@ -10,7 +10,7 @@ smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. -append_dot_mydomain = no +append_dot_mydomain = yes # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h @@ -32,7 +32,7 @@ myhostname = {{ mailname }} alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname -mydestination = {{ mailname }}, {{ hostname }}, localhost.localdomain, localhost +mydestination = {{ mailname }}, {{ sane_debian_system_hostname }}, localhost.localdomain, localhost relayhost = {{ relayhost }} mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION" diff --git a/ansible/roles/mail-server/files/aliases b/ansible/roles/mail-server/files/aliases index 0aa8635..e5197fa 100644 --- a/ansible/roles/mail-server/files/aliases +++ b/ansible/roles/mail-server/files/aliases @@ -7,3 +7,5 @@ soilar: liw, soile hbo: liw, soile ick-conduct: liw atuin: liw, dkscully@geah.org, rjek@rjek.com, dsilvers@digital-scurf.org, greg@grossmeier.net +remy: liw +sateenvarjo: soilar diff --git a/ansible/roles/mail-server/files/virtual b/ansible/roles/mail-server/files/virtual index d822be3..54b5ff0 100644 --- a/ansible/roles/mail-server/files/virtual +++ b/ansible/roles/mail-server/files/virtual @@ -6,7 +6,12 @@ liw@liw.fi liw liw-passthrough@liw.fi liw ivana@liw.fi liw tele@liw.fi liw -rust.fossdev@liw.fi liw + +exolobe1.liw.fi - +@exolobe1.liw.fi liw + +tursas.liw.fi - +@exolobe1.liw.fi liw docstory.fi - postmaster@docstory.fi soile diff --git a/ansible/roles/mail-server/tasks/main.yml b/ansible/roles/mail-server/tasks/main.yml index 9b38dc5..f0c1fd1 100644 --- a/ansible/roles/mail-server/tasks/main.yml +++ b/ansible/roles/mail-server/tasks/main.yml @@ -1,3 +1,8 @@ -- include: postfix.yml -- include: dovecot.yml -- include: usertools.yml +- ansible.builtin.import_tasks: + file: postfix.yml + +- ansible.builtin.import_tasks: + file: dovecot.yml + +- ansible.builtin.import_tasks: + file: usertools.yml diff --git a/ansible/roles/riot-host/files/element-io-archive-keyring.gpg b/ansible/roles/riot-host/files/element-io-archive-keyring.gpg Binary files differnew file mode 100644 index 0000000..6fbeecc --- /dev/null +++ b/ansible/roles/riot-host/files/element-io-archive-keyring.gpg diff --git a/ansible/roles/riot-host/tasks/main.yml b/ansible/roles/riot-host/tasks/main.yml index 402da88..84c8ad3 100644 --- a/ansible/roles/riot-host/tasks/main.yml +++ b/ansible/roles/riot-host/tasks/main.yml @@ -1,10 +1,10 @@ - name: "install riot.im keyring" copy: - src: riot-im-archive-keyring.gpg + src: element-io-archive-keyring.gpg dest: /etc/apt/trusted.gpg.d/ - apt_repository: - repo: "deb [signed-by=/etc/apt/trusted.gpg.d/riot-im-archive-keyring.gpg] https://packages.riot.im/debian/ {{ sane_debian_system_codename }} main" + repo: "deb [signed-by=/etc/apt/trusted.gpg.d/element-io-archive-keyring.gpg] https://packages.element.io/debian/ default main" update_cache: no # Use shell to run apt-get, rather than the Ansible apt module, so @@ -12,8 +12,6 @@ - name: update package lists shell: | apt-get update --allow-releaseinfo-change - args: - warn: false - apt: name: element-desktop diff --git a/ansible/roles/rust-rustup/defaults/main.yml b/ansible/roles/rust-rustup/defaults/main.yml new file mode 100644 index 0000000..e1c0df8 --- /dev/null +++ b/ansible/roles/rust-rustup/defaults/main.yml @@ -0,0 +1 @@ +rust_rustup_user: liw diff --git a/ansible/roles/rust-rustup/tasks/main.yml b/ansible/roles/rust-rustup/tasks/main.yml index 9597975..a24cf37 100644 --- a/ansible/roles/rust-rustup/tasks/main.yml +++ b/ansible/roles/rust-rustup/tasks/main.yml @@ -4,21 +4,23 @@ - build-essential - cmake - curl + - libssl-dev + - pkg-config - name: "install Rust toolchain using rustup" shell: | set -eu if command -v rustup > /dev/null then - sudo -u liw rustup update + sudo -u {{ rust_rustup_user }} rustup update else curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /tmp/rustup.sh - sudo -u liw -i sh /tmp/rustup.sh -y --no-modify-path + sudo -u {{ rust_rustup_user }} -i sh /tmp/rustup.sh -y --no-modify-path fi - sudo -u liw -i /home/liw/.cargo/bin/rustup self update - sudo -u liw -i /home/liw/.cargo/bin/rustup component add clippy rust-src + sudo -u {{ rust_rustup_user }} -i /home/{{ rust_rustup_user }}/.cargo/bin/rustup self update + sudo -u {{ rust_rustup_user }} -i /home/{{ rust_rustup_user }}/.cargo/bin/rustup component add clippy \ + rust-src rust-analyzer + - name: "cargo install applications" when: rustup_cargo_install is defined - args: - warn: no shell: | - sudo -i -u liw sh -c '. $HOME/.cargo/env && cargo install {{ rustup_cargo_install }}' + sudo -i -u {{ rust_rustup_user }} sh -c '. $HOME/.cargo/env && cargo install {{ rustup_cargo_install }}' diff --git a/ansible/roles/smarthost-client/handlers/main.yml b/ansible/roles/smarthost-client/handlers/main.yml deleted file mode 100644 index 6cdc4d4..0000000 --- a/ansible/roles/smarthost-client/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -- name: restart postfix - service: name=postfix state=restarted diff --git a/ansible/roles/smarthost-client/tasks/main.yml b/ansible/roles/smarthost-client/tasks/main.yml deleted file mode 100644 index 61830c9..0000000 --- a/ansible/roles/smarthost-client/tasks/main.yml +++ /dev/null @@ -1,46 +0,0 @@ -# A mail client needs to send mail. I prefer to send via a local MTA, -# which routes things out via a smarthost. - -- name: install postfix and related packages - apt: - name: - - postfix - - libsasl2-modules - - mailutils - -- name: configure postfix - template: - src: main.cf - dest: /etc/postfix/main.cf - notify: restart postfix - -- name: set mailname - copy: - content: "{{ mailname }}\n" - dest: /etc/mailname - owner: root - group: root - mode: 0644 - -# Set up the smarthost relay credentials. - -- name: set smarthost relay credentials - template: - src: sasl_passwd - dest: /etc/postfix/sasl_passwd - mode: 0600 - -- name: postmap relay credentials - shell: | - postmap /etc/postfix/sasl_passwd - -- name: install aliases - copy: - src: aliases - dest: /etc/aliases - owner: root - group: root - mode: 0644 - -- name: run newaliases - shell: newaliases diff --git a/ansible/roles/smarthost-client/templates/main.cf b/ansible/roles/smarthost-client/templates/main.cf deleted file mode 100644 index d9deaaf..0000000 --- a/ansible/roles/smarthost-client/templates/main.cf +++ /dev/null @@ -1,46 +0,0 @@ -# See /usr/share/postfix/main.cf.dist for a commented, more complete version - - -# Debian specific: Specifying a file name will cause the first -# line of that file to be used as the name. The Debian default -# is /etc/mailname. -#myorigin = /etc/mailname - -smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) -biff = no - -# appending .domain is the MUA's job. -append_dot_mydomain = no - -# Uncomment the next line to generate "delayed mail" warnings -#delay_warning_time = 4h - -readme_directory = no - -# TLS parameters -smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key -smtpd_use_tls=yes -smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache -smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache - -# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for -# information on enabling SSL in the smtp client. - -smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination -myhostname = {{ mailname }} -alias_maps = hash:/etc/aliases -alias_database = hash:/etc/aliases -myorigin = /etc/mailname -mydestination = {{ mailname }}, {{ sane_debian_system_hostname }}, localhost.localdomain, localhost -relayhost = {{ relayhost }} -mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 -mailbox_command = procmail -a "$EXTENSION" -mailbox_size_limit = 0 -recipient_delimiter = + -inet_interfaces = 127.0.0.1 -smtp_sasl_auth_enable = yes -smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd -smtp_sasl_security_options = noanonymous -smtp_use_tls = yes -smtp_tls_note_starttls_offer = yes diff --git a/ansible/roles/smarthost-client/templates/sasl_passwd b/ansible/roles/smarthost-client/templates/sasl_passwd deleted file mode 100644 index da722f6..0000000 --- a/ansible/roles/smarthost-client/templates/sasl_passwd +++ /dev/null @@ -1 +0,0 @@ -{{ smarthost }} {{ smarthost_user }}:{{ smarthost_password }} diff --git a/ansible/roles/subplot-dev-env/tasks/main.yml b/ansible/roles/subplot-dev-env/tasks/main.yml index 5c99cfa..22fddb9 100644 --- a/ansible/roles/subplot-dev-env/tasks/main.yml +++ b/ansible/roles/subplot-dev-env/tasks/main.yml @@ -2,7 +2,6 @@ apt: name: - debhelper - - dh-cargo - python3 - pandoc - pandoc-citeproc |