Remove host "git.crypto-libertarian.com"

2020-10-09 16:53:14 +05:00 · 2020-10-09 16:53:14 +05:00 · b15e232c3d
parent 5f9a788354
commit b15e232c3d
9 changed files with 0 additions and 307 deletions
--- a/files/cgitrc
+++ b/files/cgitrc
@ -1,82 +0,0 @@
-# cgit config
-# see cgitrc(5) for details
-
-about-filter=/usr/lib/cgit/filters/html-converters/md2html
-#agefile=info/web/last-modified
-#auth-filter=none
-#branch-sort=name
-#cache-about-ttl=15
-#cache-dynamic-ttl=5
-#cache-repo-ttl=5
-#cache-root=/var/cache/cgit
-#cache-root-ttl=5
-#cache-scanrc-ttl=15
-#cache-size=0
-#cache-snapshot-ttl=5
-#cache-static-ttl=-1
-case-sensitive-sort=0
-#clone-prefix=none
-clone-url=https://git.crypto-libertarian.com/$CGIT_REPO_URL.git git@git.crypto-libertarian.com:$CGIT_REPO_URL.git
-#commit-filter=none
-#commit-sort=unset
-#css=/cgit.css
-#email-filter=none
-#embedded=none
-enable-blame=1
-enable-commit-graph=1
-#enable-filter-overrides=none
-enable-follow-links=1
-#enable-git-config=0
-enable-html-serving=1
-enable-http-clone=0
-enable-index-links=1
-#enable-index-owner=1
-enable-log-filecount=1
-enable-log-linecount=1
-enable-remote-branches=1
-enable-subject-links=1
-#enable-tree-linenumbers=1
-#favicon=/favicon.ico
-#footer=none
-#head-include=none
-#header=none
-#local-time=0
-#logo=/cgit.png
-#logo-link=none
-#max-atom-items=10
-#max-blob-size=0
-#max-commit-count=50
-#max-message-length=80
-#max-repo-count=50
-#max-repodesc-length=80
-max-stats=year
-#mimetype-file=
-#module-link=none
-#noheader=none
-noplainemail=1
-#owner-filter=none
-readme=:README.md
-remove-suffix=1
-#renamelimit=-1
-#repository-sort=name
-#robots=index, nofollow
-#root-desc=a fast webinterface for the git dscm
-#root-readme=none
-#root-title=Git Repository Browser
-#scan-hidden-path=0
-#section-sort=1
-section-from-path=1
-side-by-side-diffs=1
-snapshots=all
-source-filter=/usr/lib/cgit/filters/syntax-highlighting.py
-#strict-export=
-#summary-branches=10
-#summary-log=10
-#summary-tags=10
-#virtual-root=none
-
-#section=none
-
-#project-list=none
-
-scan-path=/home/git
--- a/files/git.crypto-libertarian.com.conf
+++ b/files/git.crypto-libertarian.com.conf
@ -1,49 +0,0 @@
-NameVirtualHost *:80
-
-<VirtualHost *:80>
-  ServerName git.crypto-libertarian.com
-
-  Redirect permanent / https://git.crypto-libertarian.com/
-</VirtualHost>
-
-<VirtualHost _default_:443>
-  ServerName git.crypto-libertarian.com
-
-  RewriteEngine on
-  SSLEngine     on
-
-  SSLCertificateFile      /etc/letsencrypt/live/git.crypto-libertarian.com/cert.pem
-  SSLCertificateKeyFile   /etc/letsencrypt/live/git.crypto-libertarian.com/privkey.pem
-  SSLCertificateChainFile /etc/letsencrypt/live/git.crypto-libertarian.com/chain.pem
-
-  SetEnv GIT_PROJECT_ROOT /home/git
-  SetEnv GIT_HTTP_EXPORT_ALL
-
-  Alias /cgit.css    /usr/share/cgit/cgit.css
-  Alias /cgit.png    /usr/share/cgit/cgit.png
-  Alias /favicon.ico /usr/share/cgit/favicon.ico
-  Alias /robots.txt  /usr/share/cgit/robots.txt
-
-  ScriptAliasMatch                                         \
-    "(?x)^/(.*/(HEAD |                                     \
-            info/refs |                                    \
-            objects/(info/[^/]+ |                          \
-                     [0-9a-f]{2}/[0-9a-f]{38} |            \
-                     pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
-            git-(upload|receive)-pack))$"                  \
-    /usr/lib/git-core/git-http-backend/$1
-
-  ScriptAlias / /usr/lib/cgit/cgit.cgi/
-
-  <Directory "/usr/lib/git-core/">
-    AllowOverride None
-    Options ExecCGI FollowSymlinks
-    Require all granted
-  </Directory>
-
-  <Directory "/usr/lib/cgit/">
-    AllowOverride None
-    Options ExecCGI FollowSymlinks
-    Require all granted
-  </Directory>
-</VirtualHost>
--- a/files/shells
+++ b/files/shells
@ -1,11 +0,0 @@
-# /etc/shells: valid login shells
-/bin/sh
-/bin/bash
-/usr/bin/bash
-/bin/rbash
-/usr/bin/rbash
-/bin/dash
-/usr/bin/dash
-/usr/bin/git-shell
-/usr/bin/tmux
-/usr/bin/screen
--- a/host_vars/git.crypto-libertarian.com.yml
+++ b/host_vars/git.crypto-libertarian.com.yml
@ -1,35 +0,0 @@
---
-ansible_become_pass_for:
-  kotovalexarian: !vault |
-    $ANSIBLE_VAULT;1.2;AES256;kotovalexarian
-    66653237663434333835653436376637653961656334336462313366336631643935636133373466
-    3830663364376231343335396631376133333332313466640a656135363061383136623038613334
-    37623132343764353561666465353263303266336136393663383366373036626163326637343861
-    3039303536646536300a313465363631633666653336386433613361333761636133376664393633
-    37303763616361653265663532316637663430666436366461313064656233313235383766633064
-    6334613838376431303330393165306533633261646335666234
-
-ansible_become_pass: "{{ ansible_become_pass_for[admin] }}"
-
-common__apache__state: install
-common__apache__listen: [80, 443]
-common__apache__modules: ['alias', 'cgid', 'env', 'rewrite', 'ssl']
-
-common__certbot__cert_name: 'git.crypto-libertarian.com'
-common__certbot__cert_domains:
-  - 'git.crypto-libertarian.com'
-common__certbot__post_hook: 'systemctl is-active apache2.service || systemctl start apache2.service'
-common__certbot__pre_hook: 'systemctl is-active apache2.service && systemctl stop apache2.service || true'
-
-common__iptables__drop_by_default: true
-
-common__iptables__v4_filter: |
-  # Allow incoming HTTP, HTTPS.
-  -A INPUT  -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
-  -A OUTPUT -p tcp -m multiport --sports 80,443 -m conntrack --ctstate ESTABLISHED     -j ACCEPT
-
-  # Deny other HTTP, HTTPS.
-  -A INPUT  -p tcp -m multiport --dports 80,443 -j REJECT
-  -A OUTPUT -p tcp -m multiport --sports 80,443 -j REJECT
-
-common__iptables__v6_filter: '{{ common__iptables__v4_filter }}'
--- a/1
+++ b/1
@ -1,4 +1,3 @@
-git.crypto-libertarian.com
 matrix.crypto-libertarian.com
 postgres.crypto-libertarian.com

--- a/playbooks/backup/git.yml
+++ b/playbooks/backup/git.yml
@ -1,21 +0,0 @@
---
- hosts: git.crypto-libertarian.com
-  tasks:
-    - name: Remove archive of "/home/git"
-      file:
-        dest: /tmp/git_repos.tar.gz
-        state: absent
-
-    - name: Archive "/home/git"
-      archive:
-        path: /home/git
-        dest: /tmp/git_repos.tar.gz
-        format: gz
-        owner: root
-        group: root
-        mode: 'u=rw,g=r,o='
-
-    - name: Fetch archive of "/home/git"
-      fetch:
-        src: /tmp/git_repos.tar.gz
-        dest: ../../backups
--- a/playbooks/backup/site.yml
+++ b/playbooks/backup/site.yml
@ -1,3 +1,2 @@
 ---
- import_playbook: git.yml
 - import_playbook: postgres.yml
--- a/playbooks/deploy/git.yml
+++ b/playbooks/deploy/git.yml
@ -1,106 +0,0 @@
---
- hosts: git.crypto-libertarian.com
-  module_defaults:
-    apt:
-      force_apt_get: true
-      update_cache: true
-      cache_valid_time: 86400
-  roles:
-    - name: kotovalexarian.common
-      tags: common
-  handlers:
-    - name: Restart Apache
-      systemd:
-        name: apache2.service
-        state: restarted
-  tasks:
-    - name: Install system packages
-      apt:
-        name:
-          - cgit
-          - finger
-          - git
-          - python3-markdown
-          - python3-pygments
-
-    - name: Create system group
-      group:
-        name: git
-
-    - name: Create system user
-      user:
-        name: git
-        group: git
-        create_home: true
-
-    - name: Create directory for SSH configuration
-      file:
-        state: directory
-        path: /home/git/.ssh
-        owner: git
-        group: git
-        mode: 'u=rwx,g=,o='
-
-    - name: Create SSH configuration of authorized keys
-      copy:
-        src: ../../files/authorized_keys
-        dest: /home/git/.ssh/authorized_keys
-        owner: git
-        group: git
-        mode: 'u=rw,g=,o='
-
-    - name: Disable system info message
-      copy:
-        content: ''
-        dest: /home/git/.hushlogin
-        owner: root
-        group: root
-        mode: 'u=rw,g=r,o=r'
-
-    - name: Add git shell
-      copy:
-        src: ../../files/shells
-        dest: /etc/shells
-        owner: root
-        group: root
-        mode: 'u=rw,g=r,o=r'
-
-    - name: Detect shell
-      shell: "/usr/bin/finger git | grep -oP 'Shell: \\K.*'"
-      register: detect_shell_result
-      changed_when: false
-
-    - name: Use git shell
-      command: '/usr/bin/chsh git -s /usr/bin/git-shell'
-      when: detect_shell_result.stdout != '/usr/bin/git-shell'
-
-    - name: Disable Apache configuration
-      command: '/usr/sbin/a2disconf cgit'
-      register: disable_apache_configuration_result
-      changed_when: >
-        disable_apache_configuration_result.stdout is search('Disabling conf')
-      notify: Restart Apache
-
-    - name: Add Apache site
-      copy:
-        src: ../../files/git.crypto-libertarian.com.conf
-        dest: /etc/apache2/sites-available/git.crypto-libertarian.com.conf
-        owner: root
-        group: root
-        mode: 'u=rw,g=r,o=r'
-      notify: Restart Apache
-
-    - name: Enable Apache site
-      command: '/usr/sbin/a2ensite git.crypto-libertarian.com.conf'
-      register: enable_apache_site_result
-      changed_when: >
-        enable_apache_site_result.stdout is search('Enabling site')
-      notify: Restart Apache
-
-    - name: Install cgit configuration
-      copy:
-        src: ../../files/cgitrc
-        dest: /etc/cgitrc
-        owner: root
-        group: root
-        mode: 'u=rw,g=r,o=r'
--- a/playbooks/deploy/site.yml
+++ b/playbooks/deploy/site.yml
@ -1,4 +1,3 @@
 ---
- import_playbook: git.yml
 - import_playbook: postgres.yml
 - import_playbook: matrix.yml