7 changed files with 6 additions and 107 deletions
--- a/TODO.md
+++ b/TODO.md
@ -23,4 +23,8 @@
 ## Add quota config and enable/configure rctl
-## Add MOTD
+## Add ssh chat jail
 Admin id: 82f6872383933e913b31dbb906e4c44ea2937bea9531ac11429f16cee2e5a975
 https://github.com/quackduck/devzat
--- a/group_vars/all/all.yaml
+++ b/group_vars/all/all.yaml
@ -9,11 +9,9 @@ packages:
  - bash
  - doas
  - knot-resolver
  - go122
  - git
 # used by bastille to build a base
-release: 14.2-RELEASE
+release: 14.1-RELEASE
 # snapshot to install in new vps
 snapshot: FreeBSD-14.2-RELEASE-p0-0-hcloud-init
--- a/roles/chat/files/devzat
+++ b/roles/chat/files/devzat
@ -1,20 +0,0 @@
 #!/bin/sh
 . /etc/rc.subr
 name=devzat
 rcvar=devzat_enable 
 start_cmd="${name}_start"
 stop_cmd=":"
 load_rc_config $name 
 : ${devzat_enable:=no} 
 : ${devzat_config="/usr/local/etc/devzat.yml"}
 : ${devzat_daemon="/usr/local/sbin/devzat"}
 devzat_start() {
    DEVZAT_CONFIG="${devzat_config}" ${devzat_daemon}
 }
 run_rc_command "$1"
--- a/roles/chat/files/devzat.yml
+++ b/roles/chat/files/devzat.yml
@ -1,18 +0,0 @@
 # what port to host a server on ($PORT overrides this)
 port: 22
 # what port to host profiling on (unimportant)
 profile_port: 5555
 # where to store data such as bans and logs
 data_dir: /var/run/devzat-data
 # where the SSH private key is stored
 key_file: /var/run/devzat-sshkey
 # whether to censor messages (optional)
 censor: false
 # a list of admin IDs and notes about them
 admins:
  82f6872383933e913b31dbb906e4c44ea2937bea9531ac11429f16cee2e5a975: 'Seher Taak: github.com/tlinden'
--- a/roles/chat/tasks/main.yaml
+++ b/roles/chat/tasks/main.yaml
@ -1,52 +0,0 @@
 ---
 - name: build devzat
  shell: |
    cd /tmp
    git clone https://github.com/quackduck/devzat
    cd /tmp/devzat
    go build
 - name: create services template dir
  file:
    path: "/usr/local/bastille/templates/services/{{ role_name }}"
    state: directory
    recurse: yes
 - name: copy template config files
  template:
    src: Bastillefile.j2
    dest: "/usr/local/bastille/templates/services/{{ role_name }}/Bastillefile"
 - name: create config paths
  file:
    path: "/usr/local/bastille/templates/services/{{ role_name }}/{{ item }}/"
    state: directory
    recurse: yes
  loop:
    - usr/local/etc
    - usr/local/etc/rc.d
    - usr/local/sbin
 - name: copy devzat binary
  shell: install -m 755 /tmp/devzat/devzat /usr/local/bastille/templates/services/{{ role_name }}/usr/local/sbin/devzat
 - name: copy devzat config file
  copy:
    src: devzat.yml
    dest: "/usr/local/bastille/templates/services/{{ role_name }}/usr/local/etc/"
 - name: copy devzat rc file
  copy:
    src: devzat
    dest: "/usr/local/bastille/templates/services/{{ role_name }}/usr/local/etc/rc.d/"
 - name: create jail
  shell: "bastille create -B {{ role_name }} {{ release }} {{ chatip.stdout }}/64 bridge0"
  args:
    creates: /usr/local/bastille/jails/{{ role_name }}
 - name: start jail
  shell: bastille start {{ role_name }} || true
 - name: template jail
  shell: "bastille template {{ role_name }} services/{{ role_name }}"
--- a/roles/chat/templates/Bastillefile.j2
+++ b/roles/chat/templates/Bastillefile.j2
@ -1,9 +0,0 @@
 CP usr /
 SYSRC sendmail_enable=NONE
 SYSRC tmpsize=500m
 SYSRC tmpmfs=AUTO
 SYSRC clear_tmp_enable=YES
 SYSRC devzat_enable=YES
 SERVICE devzat start
--- a/roles/network/tasks/main.yaml
+++ b/roles/network/tasks/main.yaml
@ -3,10 +3,6 @@
  shell: echo {{ server_ipv6 }} | sed 's/::1/::2/'
  register: jailip
 - name: determine ipv6 jail address
  shell: echo {{ server_ipv6 }} | sed 's/::1/::3/'
  register: chatip
 - name: determine ipv6 net
  shell: echo '{{ ipv6_network }}/64'
  register: jailnet