Remove legacy content from remote

_legacy/groups/all.yml

@@ -1,8 +0,0 @@
----
-ansible_user: ansible
-
-protected_users:
-  - root
-  - ansible
-
-domain: net.enp.one

_legacy/groups/cloud.yml

@@ -1,12 +0,0 @@
----
-enable_gui: False
-
-enable_ssh: True
-
-enable_ssh_password_auth: False
-
-disable_sudo_password: True
-
-enable_networkd: True
-
-generate_keys: False

_legacy/groups/servers.yml

@@ -1,12 +0,0 @@
----
-enable_gui: False
-
-enable_ssh: True
-
-enable_ssh_password_auth: False
-
-disable_sudo_password: False
-
-enable_networkd: True
-
-generate_keys: False

_legacy/groups/vms.yml

@@ -1,12 +0,0 @@
----
-enable_gui: False
-
-enable_ssh: True
-
-enable_ssh_password_auth: False
-
-disable_sudo_password: True
-
-enable_networkd: True
-
-generate_keys: False

_legacy/groups/workstations.yml

@@ -1,12 +0,0 @@
----
-enable_gui: True
-
-enable_ssh: False
-
-enable_ssh_password_auth: False
-
-disable_sudo_password: False
-
-enable_networkd: False
-
-generate_keys: False

_legacy/hosts/apex.yml

@@ -1,6 +0,0 @@
----
-description: "EN1 Reverse Proxy / EN1 VPN Server"
-
-targets:
-  - admin
-  - vpn

_legacy/hosts/inerro.tre2.local.yml

@@ -1,8 +0,0 @@
----
-description: "Wandering excursion"
-
-targets:
-  - admin
-  - workstations
-
-ansible_python_interpreter: /usr/bin/python3

_legacy/hosts/jupiter.net.enp.one.yml

@@ -1,20 +0,0 @@
----
-description: "EN1 System Control Node"
-
-targets:
-  - admin
-  - network
-
-networking:
-  eno1:
-    dhcp: Yes
-  eno2:
-    addresses: ["192.168.255.10/24"]
-
-  # demo:
-  #   addresses: ["192.168.1.10/24", "192.168.100.10/24"]
-  #   dhcp: true
-  #   dhcp6: true
-  #   gateway: 192.168.1.1
-  #   dns: ["8.8.8.8", "8.8.4.4"]
-  #   vlans: ["101", "200"]

_legacy/hosts/nimbus-1.net.enp.one.yml

@@ -1,6 +0,0 @@
----
-description: "EN2 Digitial Ocean Cloud Server"
-
-targets:
-  - admin
-  - web

_legacy/hosts/novis.tre2.local.yml

@@ -1,5 +0,0 @@
----
-description: "EN1 Secondary Datastore"
-targets:
-  - admin
-  - datastore

_legacy/hosts/omega.tre2.local.yml

@@ -1,6 +0,0 @@
----
-description: "And the Last"
-
-targets:
-  - admin
-  - workstations

_legacy/hosts/remus.net.enp.one.yml

@@ -1,9 +0,0 @@
----
-description: "EN1 Primary Datastore / EN1 Secondary Hypervisor"
-
-targets:
-  - admin
-  - datastore
-
-networking:
-  ovirtmgt:

_legacy/hosts/romulus.net.enp.one.yml

@@ -1,10 +0,0 @@
----
-description: "EN1 Primary Hypervisor"
-
-targets:
-  - admin
-  - datastore
-  - hypervisor
-
-networking:
-  ovirtmgt:

_legacy/hosts/router.net.enp.one.yml

@@ -1,33 +0,0 @@
----
-description: EN1 Core Router
-
-ansible_network_os: edgeos
-
-targets:
-  - admin
-  - network
-
-network:
-  ethernet_eth0:
-    address: dhcp
-    description: UPLINK
-    extra:
-      - duplex auto
-      - speed auto
-  ethernet_eth1:
-    address: 10.42.100.1/24
-    description: PUBLIC
-    extra:
-      - duplex auto
-      - speed auto
-  ethernet_eth2:
-    address: 10.42.101.1/24
-    description: PRIVATE
-    extra:
-      - duplex auto
-      - speed auto
-  ethernet_eth2_vif_10:
-    address: 10.42.102.1/24
-    description: SECURE
-    extra:
-      - mtu 1500

_legacy/hosts/serico-nox.tre2.local.yml

@@ -1,8 +0,0 @@
----
-description: "Smooth as Silk"
-
-targets:
-  - admin
-  - workstations
-
-ansible_python_interpreter: /usr/bin/python3

_legacy/hosts/vigil-nox.tre2.local.yml

@@ -1,8 +0,0 @@
----
-description: "Watcher who Watches the Watchmen"
-
-targets:
-  - admin
-  - workstations
-
-ansible_python_interpreter: /usr/bin/python3

_legacy/hosts/vm-db-maria.net.enp.one.yml

@@ -1,5 +0,0 @@
----
-description: "Database Host: MariaDB"
-
-targets:
-  - admin

_legacy/hosts/vm-db-mysql.net.enp.one.yml

@@ -1,5 +0,0 @@
----
-description: "Database Host: MySQL"
-
-targets:
-  - admin

_legacy/hosts/vm-db-prometheus.net.enp.one.yml

@@ -1,5 +0,0 @@
----
-description: "Database Host: PrometheusDB"
-
-targets:
-  - admin

_legacy/hosts/vm-dev-nginx.net.enp.one.yml

@@ -1,6 +0,0 @@
----
-description: "Development Host: Nginx Web Server"
-
-targets:
-  - admin
-  - web

_legacy/hosts/vm-host-bitwarden.net.enp.one.yml

@@ -1,9 +0,0 @@
----
-description: "Application Host: Bitwarden"
-
-targets:
-  - admin
-  - bitwarden
-
-networking:
-  eth0:

_legacy/hosts/vm-host-gitea.net.enp.one.yml

@@ -1,9 +0,0 @@
----
-description: "Application Host: Gitea"
-
-targets:
-  - admin
-  - gitea
-
-networking:
-  eth0:

_legacy/hosts/vm-host-minecraft.net.enp.one.yml

@@ -1,9 +0,0 @@
----
-description: "Application Host: Minecraft"
-
-targets:
-  - admin
-  - minecraft
-
-networking:
-  eth0:

_legacy/hosts/vm-host-nextcloud.net.enp.one.yml

@@ -1,9 +0,0 @@
----
-description: "Application Host: Nextcloud"
-
-targets:
-  - admin
-  - nextcloud
-
-networking:
-  eth0:

_legacy/hosts/vm-host-plex.net.enp.one.yml

@@ -1,6 +0,0 @@
----
-description: "Application Host: Plex Media Server"
-
-targets:
-  - admin
-  - plex

_legacy/playbooks/initialize.yml

@@ -1,32 +0,0 @@
----
-- import_playbook: dependencies.yml
-
-- name: Setup environment
-  hosts: all:!network
-  tags:
-    - initialize
-  vars:
-    restart_services: true
-  roles:
-    - role: packages
-      vars:
-        update: true
-        exclude: [] # Override the default kernel exclusion
-        clean: true
-    - role: sshd
-    - role: networkd
-  tasks:
-    - name: Set hostname
-      become: true
-      hostname:
-        name: "{{ inventory_hostname }}"
-    - name: Install global bashrc
-      become: true
-      copy:
-        src: bashrc.sh
-        dest: /etc/profile.d/ZA-enpn-bashrc.sh
-        mode: 0644
-
-- import_playbook: deploy-local-auth.yml
-
-- import_playbook: deploy-sshkeys.yml

_legacy/playbooks/provision-virtual-machine.yml

@@ -1,26 +0,0 @@
----
-- hosts: vms
-  name: Replace NetworkManager with systemd-networkd
-  tasks:
-    - name: Install systemd-networkd
-      when: enable_networkd == true
-      block:
-        - import_tasks: tasks/centos/networkd.yml
-          when: ansible_distribution == "CentOS"
-        - import_tasks: tasks/fedora/networkd.yml
-          when: ansible_distribution == "Fedora"
-        # - import_tasks: common/debian/networkd.yml
-        #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
-
-    - import_tasks: tasks/networkd/config.yml
-    - import_tasks: tasks/networkd/services.yml
-
-
-- hosts: vms
-  name: Install ovirt agent
-  tasks:
-    - name: Install ovirt-agent
-      become: true
-      yum:
-        name: ovirt-guest-agent
-        state: latest

_legacy/playbooks/templates/motd.j2

@@ -1,7 +0,0 @@
-
-     ////////////   ////     ////   ///////////
-    ////           //////   ////   ////    ////
-   ////////       //// /// ////   ///////////
-  ////           ////   //////   ////
- ////////////   ////     ////   {{ omni_description | default('Omni Network System') }}
- _______________________________{{ omni_description | default('Omni Network System') | length * '\\' }}\

_legacy/playbooks/templates/network.j2

@@ -1,8 +0,0 @@
-# ANSIBLE MANAGED FILE - DO NOT EDIT
-[Match]
-Name={{ item.key }}
-
-[Network]
-DHCP=Yes
-
-# EOF

_legacy/playbooks/update-system.yml

@@ -1,26 +0,0 @@
----
-- hosts: all
-  name: Upgrade packages
-  tasks:
-
-
-    - name: Upgrade YUM packages
-      when: ansible_distribution == "CentOS"
-      become: true
-      yum:
-        state: latest
-        name: "*"
-        exclude: kernel*{{ ',' + exclude_upgrade | default('') }}
-
-    - name: Upgrade DNF packages
-      when: ansible_distribution == "Fedora"
-      become: true
-      dnf:
-        state: latest
-        name: "*"
-        exclude: kernel*{{ ',' + exclude_upgrade | default('') }}
-
-    # - name: Upgrade APT packages
-    #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
-    #   become: true
-    #   apt:

_legacy/playbooks/update-users-local.yml

@@ -1,132 +0,0 @@
----
-- import_playbook: dependencies.yml
-
-- hosts: all:!network
-  name: Update local user accounts and access controls
-  tasks:
-    - import_tasks: tasks/users-preprocessing.yml
-
-    - name: Create local user accounts
-      tags: users_create
-      become: true
-      block:
-        - name: Create groups
-          group:
-            name: "{{ item }}"
-            state: present
-          loop: "{{ targets + ['omni'] }}"
-
-        - name: Create users
-          user:
-            name: "{{ item.name }}"
-            comment: "{{ item.fullname | default('') }}"
-            shell: /bin/bash
-            groups: "{{ item.targets | intersect(targets) + ['omni'] }}"
-            system: "{{ item.svc | default(False) }}"
-            state: present
-            generate_ssh_key: "{{ True if generate_keys | bool == true else False }}"
-            ssh_key_comment: "{{ item.name }}@{{ inventory_hostname }}"
-            ssh_key_bits: 4096
-            ssh_key_type: ed25519
-            password: "{{ item.password }}"
-          loop: "{{ local_users }}"
-
-    - name: Delete removed user accounts
-      become: true
-      user:
-        name: "{{ item }}"
-        state: absent
-      loop: "{{ local_removed_users | difference(protected_users) }}"
-
-    - name: Grant sudo permissions to admin user accounts
-      become: true
-      user:
-        name: "{{ item.name }}"
-        groups: "{{ 'wheel' if ansible_os_family | lower == 'redhat' else 'sudo' }}"
-        state: present
-      loop: "{{ local_admin_users }}"
-
-    - name: Disable sudo password for ansible
-      become: true
-      lineinfile:
-        create: true
-        path: /etc/sudoers.d/30-ansible
-        line: "ansible ALL=(ALL) NOPASSWD:ALL"
-        mode: 0644
-
-    - name: Disable sudo password for admin users
-      become: true
-      lineinfile:
-        create: true
-        path: /etc/sudoers.d/40-admin
-        line: "{{ item.name }} ALL=(ALL) NOPASSWD:ALL"
-        mode: 0644
-        state: "{{ 'absent' if disable_sudo_password | bool == false else 'present' }}"
-      loop: "{{ local_admin_users }}"
-
-    - name: Configure GNOME
-      tags: users_gnome
-      when: ansible_distribution == "Fedora" and disable_gnome_user_list | bool == true
-      become: true
-      block:
-        - name: Configure GDM profile
-          blockinfile:
-            create: true
-            path: /etc/dconf/profile/gdm
-            block: |
-              user-db:user
-              system-db:gdm
-              file-db:/usr/share/gdm/greeter-dconf-defaults
-        - name: Configure GDM keyfile
-          blockinfile:
-            create: true
-            path: /etc/dconf/db/gdm.d/00-login-screen
-            block: |
-              [org/gnome/login-screen]
-              # Do not show the user list
-              disable-user-list=true
-        - name: Delete existing user database
-          file:
-            path: /var/lib/gdm/.config/dconf/user
-            state: absent
-        - name: Restart dconf database
-          shell: dconf update
-
-    - name: Ensure proper ownership of user home directories
-      become: true
-      file:
-        group: "{{ item.name }}"
-        owner: "{{ item.name }}"
-        path: /home/{{ item.name }}
-        recurse: true
-        state: directory
-      loop: "{{ local_users }}"
-
-# - hosts: router.net.enp.one
-#   name: Configure users on router
-#   connection: network_cli
-#   vars:
-#     ansible_network_os: edgeos
-#   tasks:
-#     - import_tasks: tasks/users-preprocessing.yml
-#
-#     - name: Create users
-#       edgeos_config:
-#         lines:
-#           - set system login user {{ item.name }} authentication encrypted-password "{{ item.password }}"
-#           - set system login user {{ item.name }} full-name "{{ item.fullname if item.fullname is defined else "" }}"
-#           - set system login user {{ item.name }} level {{ 'operator' if item.name != 'ansible' else 'admin' }}
-#       loop: "{{ local_users | difference([None]) }}"
-#
-#     - name: Grant administrative access to admin users
-#       edgeos_config:
-#         lines:
-#           - set system login user {{ item.name }} level admin
-#       loop: "{{ local_admin_users | difference([None]) }}"
-#
-#     - name: Assemble key files for loadkey usage
-#       edgeos_command:
-#         commands: sudo tee /tmp/{{ item.name }}.keys<<<"{{ item.sshkeys | join('\n') }}"
-#       loop: "{{ local_admin_users | difference([None]) }}"
-#
-# - import_playbook: deploy-sshkeys.yml

_legacy/playbooks/update-users-network.yml

@@ -1,59 +0,0 @@
----
-- hosts: router.net.enp.one
-  name: Configure users on router
-  connection: network_cli
-<<<<<<< Updated upstream
-  gather_facts: false
-=======
-  vars:
-    ansible_network_os: edgeos
->>>>>>> Stashed changes
-  tasks:
-    - import_tasks: tasks/users-preprocessing.yml
-
-    - name: Create users
-      edgeos_config:
-        lines:
-          - set system login user {{ item.name }} authentication encrypted-password "{{ item.password }}"
-          - set system login user {{ item.name }} full-name "{{ item.fullname if item.fullname is defined else "" }}"
-          - set system login user {{ item.name }} level {{ 'operator' if item.name != 'ansible' else 'admin' }}
-      loop: "{{ local_users | difference([None]) }}"
-
-    - name: Grant administrative access to admin users
-      edgeos_config:
-        lines:
-          - set system login user {{ item.name }} level admin
-      loop: "{{ local_admin_users | difference([None]) }}"
-
-<<<<<<< Updated upstream
-    - name: Assemble loadkey files
-      edgeos_command:
-        commands:
-          - sudo tee "{{ item.sshkeys | join('\n') }}"<<</tmp/{{ item.name }}.keys
-      loop: "{{ local_admin_users | difference([None]) }}"
-
-    - name: Load keys
-      edgeos_config:
-        lines:
-          - loadkey {{ item }} /tmp/{{ item }}.keys
-      loop: "{{ local_admin_users | difference([None]) }}"
-=======
-    - name: Assemble key files for loadkey usage
-      edgeos_command:
-        commands: sudo tee /tmp/{{ item.name }}.keys<<<"{{ item.sshkeys | join('\n') }}"
-      loop: "{{ local_admin_users | difference([None]) }}"
-
-    # - name: Assemble loadkey files
-    #   copy:
-    #     src: keys/{{ item }}
-    #     dest: /tmp
-    #   with_items:
-    #     - "{{ local_admin_users | difference([None]) }}"
-
-    # - name: Load keys
-    #   edgeos_config:
-    #     lines:
-    #       - loadkey {{ item }} /tmp/{{ item }}/*.pub
-    #   with_items:
-    #     - "{{ local_admin_users | difference([None]) }}"
->>>>>>> Stashed changes

_legacy/playbooks/update.yml

@@ -1,5 +0,0 @@
----
-- import_playbook: dependencies.yml
-
-- import_playbook: update-system.yml
-- import_playbook: update-users-local.yml

_legacy/roles/ldap_host/tasks/main.yml

@@ -1,12 +0,0 @@
----
-- name: Install required packages
-  when: ansible_distribution == "Fedora" or (ansible_distribution == "CentOS" and ansible_distribution_major_version == "8")
-  become: true
-  dnf:
-    state: latest
-    name:
-      - openldap-servers
-      - openldap-clients
-      - nss-pam-ldapd
-
-- name: Configure 

_legacy/roles/ovirt/tasks/install.yml

@@ -1,36 +0,0 @@
----
-- name: Install Ovirt on CentOS 8
-  become: true
-  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
-  block:
-    - name: Install Ovirt repository
-      dnf:
-        state: latest
-        name: http://resources.ovirt.org/pub/yum-repo/ovirt-release43.rpm
-    - name: Update using the new repository
-      dnf:
-        state: latest
-        name: "*"
-        exclude: kernel*
-    - name: Install Ovirt
-      dnf:
-        state: latest
-        name: ovirt-engine
-
-- name: Install Ovrit on CentOS 7
-  become: true
-  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
-  block:
-    - name: Install Ovirt repository
-      yum:
-        state: latest
-        name: http://resources.ovirt.org/pub/yum-repo/ovirt-release43.rpm
-    - name: Update using the new repository
-      yum:
-        state: latest
-        name: "*"
-        exclude: kernel*
-    - name: Install Ovirt
-      yum:
-        state: latest
-        name: ovirt-engine

_legacy/tasks/centos/bindings.yml

@@ -1,20 +0,0 @@
----
-- name: Install CentOS 8 python bindings
-  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
-  become: true
-  dnf:
-    state: latest
-    name:
-      - python3-libselinux
-      - python3-policycoreutils
-      - python3-firewall
-
-- name: Install CentoOS 7 python bindings
-  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
-  become: true
-  yum:
-    state: latest
-    name:
-      - libselinux-python
-      - policycoreutils-python
-      - python-firewall

_legacy/tasks/centos/networkd.yml

@@ -1,8 +0,0 @@
----
-- name: Install systemd-networkd
-  become: true
-  yum:
-    state: latest
-    name:
-      - systemd-resolved
-      - systemd-networkd

_legacy/tasks/centos/packages.yml

@@ -1,9 +0,0 @@
----
-- name: Install global packages using YUM
-  become: true
-  yum:
-    state: latest
-    name: "{{ item }}"
-  with_items:
-    - "{{ packages_global }}"
-    - "{{ packages_yum }}"

_legacy/tasks/centos/repositories.yml

@@ -1,31 +0,0 @@
----
-- name: Enable Extra Packages for Enterprise Linux
-  become: true
-  dnf_repository:
-    name: epel
-    description: Extra Packages for Enterprise Linux
-    baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/
-
-- name: Install Extra Packages for Enterprise Linux GPG key
-  become: true
-  rpm_key:
-    state: present
-    key: https://archive.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
-
-- name: Disable yum subscription-manager
-  become: true
-  lineinfile:
-    regex: enabled=1
-    line: enabled=0
-    path: /etc/yum/pluginconf.d/subscription-manager.conf
-    create: yes
-    state: present
-
-- name: Disable yum repo report upload
-  become: true
-  lineinfile:
-    regex: enabled=1
-    line: enabled=0
-    path: /etc/yum/pluginconf.d/enabled_repos_upload.conf
-    create: yes
-    state: present

_legacy/tasks/fedora/bindings.yml

@@ -1,10 +0,0 @@
----
-- name: Install Fedora python bindings
-  when: ansible_distribution == "Fedora"
-  become: true
-  dnf:
-    state: latest
-    name:
-      - libselinux-python
-      - policycoreutils-python
-      - python3-firewall

_legacy/tasks/fedora/networkd.yml

@@ -1,8 +0,0 @@
----
-- name: Install systemd-networkd
-  become: true
-  dnf:
-    state: latest
-    name:
-      - systemd-resolved
-      - systemd-networkd

_legacy/tasks/fedora/packages.yml

@@ -1,9 +0,0 @@
----
-- name: Install global packages using DNF
-  become: true
-  dnf:
-    state: latest
-    name: "{{ item }}"
-  with_items:
-    - "{{ packages_global }}"
-    - "{{ packages_dnf }}"

_legacy/tasks/networkd.yml

@@ -1,55 +0,0 @@
----
-# The directory is deleted ahead of creation to ensure that no old configs
-# remain after runnign ansible
-- name: Delete networkd config directory
-  become: true
-  file:
-    path: /etc/systemd/network
-    state: absent
-
-- name: Create the networkd config directory
-  become: true
-  file:
-    path: /etc/systemd/network
-    state: directory
-
-- name: Make .network files
-  become: true
-  template:
-    src: network.j2
-    dest: "/etc/systemd/network/{{ item.key }}.network"
-  with_dict: "{{ networking }}"
-
-- name: Configure systemd services
-  become: true
-  block:
-    - name: Disable network scripts and NetworkManager
-      service:
-        name: "{{ item }}"
-        enabled: false
-      with_items:
-        - network
-        - NetworkManager
-        - NetworkManager-wait-online
-    - name: Enable systemd-networkd and systemd-resolved
-      service:
-        name: "{{ item }}"
-        enabled: true
-        state: started
-      with_items:
-        - systemd-networkd
-        - systemd-resolved
-        - systemd-networkd-wait-online
-    - name: Symlink so systemd-resolved uses /etc/resolv.conf
-      file:
-        dest: /etc/resolv.conf
-        src: /run/systemd/resolve/resolv.conf
-        state: link
-        force: true
-        setype: net_conf_t
-    - name: Symlink so /etc/resolv.conf uses systemd
-      file:
-        dest: /etc/systemd/system/multi-user.target.wants/systemd-resolved.service
-        src: /usr/lib/systemd/system/systemd-resolved.service
-        state: link
-        force: true

_legacy/tasks/networkd/config.yml

@@ -1,22 +0,0 @@
----
-# The directory is deleted ahead of creation to ensure that no old configs
-# remain after runnign ansible
-- name: Delete networkd config directory
-  become: true
-  file:
-    path: /etc/systemd/network
-    state: absent
-
-- name: Create the networkd config directory
-  become: true
-  file:
-    path: /etc/systemd/network
-    state: directory
-
-- name: Make .network files
-  when: networking is defined
-  become: true
-  template:
-    src: network.j2
-    dest: "/etc/systemd/network/{{ item.key }}.network"
-  with_dict: "{{ networking }}"

_legacy/tasks/networkd/services.yml

@@ -1,38 +0,0 @@
----
-- name: Disable network scripts and NetworkManager
-  become: true
-  service:
-    name: "{{ item }}"
-    enabled: false
-  with_items:
-    - network
-    - NetworkManager
-    - NetworkManager-wait-online
-
-- name: Enable systemd-networkd and systemd-resolved
-  become: true
-  service:
-    name: "{{ item }}"
-    enabled: true
-    state: started
-  with_items:
-    - systemd-networkd
-    - systemd-resolved
-    - systemd-networkd-wait-online
-
-- name: Symlink so systemd-resolved uses /etc/resolv.conf
-  become: true
-  file:
-    dest: /etc/resolv.conf
-    src: /run/systemd/resolve/resolv.conf
-    state: link
-    force: true
-    setype: net_conf_t
-
-- name: Symlink so /etc/resolv.conf uses systemd
-  become: true
-  file:
-    dest: /etc/systemd/system/multi-user.target.wants/systemd-resolved.service
-    src: /usr/lib/systemd/system/systemd-resolved.service
-    state: link
-    force: true

_legacy/tasks/preprocess-local-users.yml

@@ -1,39 +0,0 @@
----
-- name: Load users variables
-  include_vars:
-    file: users.yml
-
-- name: Reconcile user targets with host targets to get host users
-  set_fact:
-    users_local: >-
-      {{
-      users_local | default([]) + ([item] if item.targets | intersect(local_targets) else [])
-      }}
-  loop: "{{ users }}"
-
-- name: Determine local user names
-  set_fact:
-    users_local_names: "{{ users_local_names | default([]) + [item.name] }}"
-  loop: "{{ users_local }}"
-
-- name: Determine administrative users
-  set_fact:
-    users_local_admin: >-
-      {{
-      users_local_admin | default([]) + ([item] if item.admin | default(False) else [])
-      }}
-  loop: "{{ users_local }}"
-
-- name: Determine existing users
-  shell: 'grep omni /etc/group | cut -d: -f4 | tr "," "\n"'
-  changed_when: false
-  register: users_local_existing
-
-- name: Determine removed users
-  set_fact:
-    users_local_removed: >-
-      {{
-      users_local_removed | default([]) +
-      ([item] if item not in users_local_names else [])
-      }}
-  loop: "{{ users_local_existing.stdout_lines }}"

_legacy/tasks/sshd/banner.yml

@@ -1,14 +0,0 @@
----
-- name: Install SSH Banner
-  become: true
-  template:
-    src: motd.j2
-    dest: /etc/issue.net
-    mode: 0644
-
-- name: Configure SSH banner
-  become: true
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: '#Banner none'
-    line: 'Banner /etc/issue.net'

_legacy/tasks/sshd/disable-password-auth.yml

@@ -1,21 +0,0 @@
-- name: Turn off password authentication
-  become: true
-  replace:
-    path: /etc/ssh/sshd_config
-    regexp: "PasswordAuthentication yes"
-    replace: "PasswordAuthentication no"
-
-- name: Turn off challenge response authentication
-  become: true
-  replace:
-    path: /etc/ssh/sshd_config
-    regexp: "ChallengeResponseAuthentication yes"
-    replace: "ChallengeResponseAuthentication no"
-
-- name: Turn off GSSAPI authentication
-  become: true
-  replace:
-    path: /etc/ssh/sshd_config
-    regexp: "GSSAPIAuthentication yes"
-    replace: "GSSAPIAuthentication no"
-

_legacy/tasks/tasks

@@ -1 +0,0 @@
-tasks

_legacy/vars/global.yml

@@ -1,2 +0,0 @@
----
-ansible_user: ansible

_legacy/vars/network.yml

@@ -1,27 +0,0 @@
----
-gateway: router.net.enp.one
-
-dhcp:
-  - name: PUBLIC
-    subnet: 10.42.100.1/24
-    dns: 10.42.100.1
-    domain: tre2.local
-    lease: 21600
-    start: 10.42.100.26
-    stop: 10.42.100.254
-
-  - name: DOMAIN
-    subnet: 10.42.101.0/24
-    dns: 10.42.101.1
-    domain: net.enp.one
-    lease: 21600
-    start: 10.42.101.100
-    stop: 10.42.101.254
-
-  - name: SECURE
-    subnet: 10.42.102.0/24
-    dns: 10.42.102.1
-    domain: net.enp.one
-    lease: 3600
-    start: 10.42.102.50
-    stop: 10.42.102.254

_legacy/vars/packages.yml

@@ -1,28 +0,0 @@
----
-packages_global:
-  - cmake
-  - curl
-  - gcc
-  - gcc-c++
-  - git
-  - libselinux-python
-  - make
-  - nano
-  - openssl-devel
-  - policycoreutils-python
-  - python-devel
-  - python-virtualenv
-  - systemd-devel
-  - unzip
-  - vim
-  - vim-minimal
-
-packages_dnf:
-  - python3-devel
-
-packages_yum:
-  - bash-completion
-  - bash-completion-extras
-  - nc
-  - nfs-utils
-  - wget