Loading templates/apt/sources.d/proxmox.list.j2deleted 100644 → 0 +0 −2 Original line number Diff line number Diff line # proxmox deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription templates/sshd/sshd_config.j2 +0 −13 Original line number Diff line number Diff line Loading @@ -6,22 +6,12 @@ ListenAddress 0.0.0.0 ListenAddress :: # hostkey {% if inventory_hostname in groups['proxmox'] %} HostKey /etc/ssh/ssh_host_rsa_key {% endif %} HostKey /etc/ssh/ssh_host_ed25519_key # Authentication {% if inventory_hostname in groups['proxmox'] %} PermitRootLogin yes {% else %} PermitRootLogin no {% endif %} # Hardening {% if inventory_hostname in groups['proxmox'] %} AcceptEnv LANG LC_* {% endif %} StrictModes yes MaxAuthTries 2 MaxStartups 10:50:20 Loading @@ -29,9 +19,6 @@ LoginGraceTime 15 MaxSessions 8 PasswordAuthentication no PubkeyAuthentication yes {% if inventory_hostname in groups['proxmox'] %} AllowUsers ansible drone hugo root simon {% else %} AllowUsers ansible drone hugo simon {% endif %} VersionAddendum "" Loading templates/usermanagement/sudoers.d/sudoers.j2 +0 −6 Original line number Diff line number Diff line Loading @@ -6,9 +6,6 @@ drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy * drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook * drone ansible.siempie.internal=(root) NOPASSWD:SETENV:/usr/bin/sh * {% endif %} {% if inventory_hostname in groups['proxmox'] %} drone {{ inventory_hostname }}=(root) NOPASSWD:/home/drone/scripts/fstrim.sh {% endif %} {% if inventory_hostname == 'mgmt01.siempie.internal' %} drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/kubectl * Loading @@ -19,9 +16,6 @@ drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/bin/git * drone packer.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /mnt/packer * drone packer.siempie.internal=(root) NOPASSWD:/usr/local/bin/packer * {% endif %} {% if inventory_hostname == 'registry.siempie.internal' %} drone registry.siempie.internal=(root) NOPASSWD:/usr/bin/docker * {% endif %} {% if inventory_hostname == 'wireguard.do.simoncor.net' %} drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/rclone * drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/systemctl reload nginx Loading Loading
templates/apt/sources.d/proxmox.list.j2deleted 100644 → 0 +0 −2 Original line number Diff line number Diff line # proxmox deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
templates/sshd/sshd_config.j2 +0 −13 Original line number Diff line number Diff line Loading @@ -6,22 +6,12 @@ ListenAddress 0.0.0.0 ListenAddress :: # hostkey {% if inventory_hostname in groups['proxmox'] %} HostKey /etc/ssh/ssh_host_rsa_key {% endif %} HostKey /etc/ssh/ssh_host_ed25519_key # Authentication {% if inventory_hostname in groups['proxmox'] %} PermitRootLogin yes {% else %} PermitRootLogin no {% endif %} # Hardening {% if inventory_hostname in groups['proxmox'] %} AcceptEnv LANG LC_* {% endif %} StrictModes yes MaxAuthTries 2 MaxStartups 10:50:20 Loading @@ -29,9 +19,6 @@ LoginGraceTime 15 MaxSessions 8 PasswordAuthentication no PubkeyAuthentication yes {% if inventory_hostname in groups['proxmox'] %} AllowUsers ansible drone hugo root simon {% else %} AllowUsers ansible drone hugo simon {% endif %} VersionAddendum "" Loading
templates/usermanagement/sudoers.d/sudoers.j2 +0 −6 Original line number Diff line number Diff line Loading @@ -6,9 +6,6 @@ drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy * drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook * drone ansible.siempie.internal=(root) NOPASSWD:SETENV:/usr/bin/sh * {% endif %} {% if inventory_hostname in groups['proxmox'] %} drone {{ inventory_hostname }}=(root) NOPASSWD:/home/drone/scripts/fstrim.sh {% endif %} {% if inventory_hostname == 'mgmt01.siempie.internal' %} drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl * drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/local/bin/kubectl * Loading @@ -19,9 +16,6 @@ drone mgmt01.siempie.internal=(root) NOPASSWD:/usr/bin/git * drone packer.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /mnt/packer * drone packer.siempie.internal=(root) NOPASSWD:/usr/local/bin/packer * {% endif %} {% if inventory_hostname == 'registry.siempie.internal' %} drone registry.siempie.internal=(root) NOPASSWD:/usr/bin/docker * {% endif %} {% if inventory_hostname == 'wireguard.do.simoncor.net' %} drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/rclone * drone wireguard.do.simoncor.net=(root) NOPASSWD:/usr/bin/systemctl reload nginx Loading
