Whitespace cleanup to get in sync with AniNIX/Uniglot hooks

.gitignore

@@ -3,7 +3,9 @@ roles/Nazara/files/dns
 roles/Nazara/files/dhcp
 roles/Node/files/vm-definitions/**
 roles/ShadowArch/files/mirrorlist
-venv/
+roles/Foundation/files/custom/public/img/**
+venv/**
+**/pkg/**
 **pkg.tar.zst
 
 # ---> Python

examples/msn0.yml

@@ -38,7 +38,7 @@ all:
                             static: true
                             sslidentity: aninix.net-0001
                             secdetection: true
-                            iptv_location: Milwaukee
+                            iptv_location: "Milwaukee|Madison"
                         Node0:
                             ipinterface: enp1s0f0
                             ip: 10.0.1.4
@@ -147,7 +147,7 @@ all:
                             cores: 2
                             memory: 2
                             bridge: br0
-                            vnc: 6
+                            vnc: 10
                             disks:
                               - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test1.qcow2'
                         test2:
@@ -157,7 +157,7 @@ all:
                             cores: 2
                             memory: 2
                             bridge: br0
-                            vnc: 5
+                            vnc: 11
                             disks:
                               - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test2.qcow2'
                         test3:
@@ -167,7 +167,7 @@ all:
                             cores: 2
                             memory: 2
                             bridge: br0
-                            vnc: 4
+                            vnc: 12
                             disks:
                               - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test3.qcow2'
                 appliances:
@@ -183,7 +183,7 @@ all:
                             mac: 70:74:14:4F:8E:42
                         Games:
                             ip: 10.0.1.66
-                            mac: 00:1F:BC:10:1C:F8
+                            mac: E0:BE:03:77:0E:88
                         Print:
                             ip: 10.0.1.67
                             mac: 00:80:92:77:CE:E4
@@ -201,7 +201,7 @@ all:
                             mac: 80:D2:1D:17:63:10
                         Tachikoma:
                             ip: 10.0.1.72
-                            mac: B8:76:3F:70:DB:C1
+                            mac: 90:0f:0c:1a:d3:23
                         Dedsec:
                             ip: 10.0.1.73
                             mac: 34:F6:4B:36:12:8F

playbooks/vars-debugging.yml

@@ -12,7 +12,7 @@
 # Expects ANSIBLE_VAULT_FILE to be set in the environment to path the vault
 # Also set ANSIBLE_VAULT_PASSWORD_FILE to your password file location if you want it.
 #
-- hosts: "{{ targets | default('all') }}"
+- hosts: "{{ targets | default('managed') }}"
   order: sorted
   serial: "{{ threads | default('8') }}"
   gather_facts: true

precommit-hooks/find-incomplete-roles

@@ -1,19 +0,0 @@
-#!/bin/bash
-
-cd ~/src/Ubiqtorate/roles
-
-if [ -n "$(git status | grep roles &>/dev/null)" ]; then
-    echo There are roles that are not committed yet.
-    exit 1;
-fi
-
-unset bad
-for i in `ls -1`; do
-    if ! grep "$i" ../playbooks/deploy.yml &>/dev/null; then
-        echo "$i is not used in playbooks/deploy.yml"
-        bad="1"
-    fi
-done
-if [ -n "$bad" ]; then
-    exit 1;
-fi

precommit-hooks/find-large-files

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# Limit files in git to 1M.
+find . -type f -exec du -k {} \; | egrep -v '^[[:digit:]]?[[:digit:]]?[[:digit:]][[:space:]]|\s./.git/'
+
+if [ $? -ne 1 ]; then
+    echo
+    echo "These files are probably larger than you want to commit to Git. Please try to find an alternate delivery path, such as a CDN or Git-LFS."
+    exit 1;
+fi

precommit-hooks/find-missing-customizations

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+retcode=0
+for host in `ansible -i "examples/msn0.yml" --list-hosts managed | grep -v ' hosts '`; do
+    if [ ! -f roles/ShadowArch/files/motd/"$host" ]; then
+        echo "Need MOTD for $host"
+        retcode=1;
+    fi
+    if [ ! -f roles/Sharingan/files/monit/hostdefs/"$host" ]; then
+        echo "Need Sharingan-Data file for $host"
+        retcode=1;
+    fi
+done
+exit $retcode

precommit-hooks/find-passwords-in-files

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# Ignore Ansibilized templates.
+saferegex='\s+}}"?\s*$'
+# Ignore comments
+saferegex="$saferegex"'|^[a-z,A-Z,0-9,_,-,/,.]+:\s*;|^[a-z,A-Z,0-9,_,-,/,.]+:\s*#|^[a-z,A-Z,0-9,_,-,/,.]+:\s*//'
+# Ignore binary file matches.
+saferegex="$saferegex"'|binary\ file\ matches'
+# AniNIX Constructs
+saferegex="$saferegex"'|password.aninix.net|aur.list'
+# Web constructs
+saferegex="$saferegex"'|.css:|.html:|.md:|htdocs|htpasswd'
+# Ignore template text to set policy
+saferegex="$saferegex"'|_LENGTH|Set new|attempt|pwdchange'
+# haveibeenpwned is referenced in comments
+saferegex="$saferegex"'|haveibeenpwned'
+# Unset variables.
+saferegex="$saferegex"'|\s+=\s*$|\s+yes$|\s+no$'
+# Ignore LDAP attributes
+saferegex="$saferegex"'|pwpolicies|pwdLastSuccess|pwdAttribute|pwdMaxAge|pwdExpireWarning|pwdInHistory|pwdCheckQuality|pwdMaxFailure|pwdLockout|pwdLockoutDuration|pwdGraceAuthNLimit|pwdFailureCountInterval|pwdMustChange|pwdMinLength|pwdAllowUserChange|pwdSafeModify|pwdChangedTime|pwdPolicy|last changed their password on|/root/.ldappass'
+
+egrep -ir 'secret|password|pw|passphrase' roles/*/{files,templates} 2>&1 | egrep -v "$saferegex"
+if [ $? -ne 1 ]; then
+    echo
+    echo If these are false positives, you need to add the signature to the whitelist in $0.
+    echo Otherwise, convert any files above to templates and encode the passphrase into your vault.
+    exit 1;
+fi

roles/DarkNet/tasks/main.yml

@@ -26,3 +26,9 @@
   - debug:
       msg: "Remember to use the nordvpn-bin command to set up your account."
 
+
+        # TODO Add yaml for OVPN file, user, pass to Vault
+        # TODO Enforce vpn.service on server instead of nordvpnd.
+        # TODO Add /etc/bashrc.d file for `alias torlynx='torsocks elinks https://check.torproject.org/'`
+        # TODO Add monit checks for tor and openvpn services
+        # TODO Shift deluged to WolfPack

roles/DedSec/tasks/main.yml

@@ -0,0 +1,8 @@
+---
+ # Consider https://blackarch.org/blackarch-guide-en.pdf
+ - name: Install DedSec packages
+   become: yes
+   package:
+     name:
+       - tcpdump
+       - wireshark

roles/Foundation/files/custom/bin/gen-aninix-custom

@@ -1,7 +1,5 @@
 #!/bin/bash
 
-set -x
-
 URI=https://aninix.net/assets/css/theme-arc-green.css
 
 # Gitea arc-green palette

roles/Foundation/files/custom/public/img/favicon.png

@@ -1 +0,0 @@
-AniNIX.png

roles/Foundation/files/custom/public/img/gitea-lg.png

@@ -1 +0,0 @@
-AniNIX.png

roles/Foundation/files/custom/public/img/gitea-safari.svg

@@ -1 +0,0 @@
-AniNIX.png

roles/Foundation/files/custom/public/img/gitea-sm.png

@@ -1 +0,0 @@
-AniNIX.png

roles/Foundation/files/custom/public/img/icons

@@ -1 +0,0 @@
-/srv/yggdrasil/Pictures/AniNIX/Icons/

roles/Foundation/files/web-snippets/martialarts/index

@@ -17,7 +17,7 @@
                     <div class="eight wide center column">
                         <h1 class="hero ui icon header">
                             <img width=20px height=20px src='/assets/img/icons/FoundationIcon.png'/>
-                            <a href="/user/login?redirect_to=%2fAniNIX_Martial_Arts">Open-source</a>
+                            <a href="/mawiki">Open-source</a>
                         </h1>
                         <p class="large">
                         We want your training with our system to become a part of your life. This means that we provide access to a revision-controlled copy of our notes that all our students can download, keep, and contribute to. We're tired of the old era where how the system works is kept hidden from students and piecemealed out as a marketing ploy -- we want to be as trasparent as possible in how our program and our martial art function. Transparency keeps our instructors honest and our students engaged -- this means a better martial arts experience for everyone.

roles/Foundation/files/web-snippets/pay/index

@@ -13,7 +13,7 @@
                 <div class="ui stackable middle very relaxed page grid">
                     <div class="sixteen wide center column" >
                         <h1 class="hero ui icon header">
-                            <img width=20px height=20px src='/img/icons/CoreIcon.png'/>
+                            <img width=20px height=20px src='/assets/img/icons/CoreIcon.png'/>
                             Cybersecurity Consulting
                         </h1>
                         <p class="large">The AniNIX offers cybersecurity consulting and advice services on a limited basis. We bill at $20 an hour -- please select your need below after negotiating with an admin.</p>
@@ -91,5 +91,17 @@
                         <! -- END STRIPE CODE -->
                         </p>
                     </div>
-                <hr style="margin-top: 50px;" />
+                </div>
+                <div class="ui stackable middle very relaxed page grid">
+                <div class="sixteen wide center column" >
+                <hr style="margin-top: 50px;" />
+                <h2>Donate</h2>
+                <p>If you like what we do, you can also donate on one of these platforms:</p>
+                <ul style="width:500px;text-align: left;margin:auto;">
+                <li><a href="https://store.steampowered.com/wishlist/id/darkfeather664/#sort=order">Steam (games)</a></li>
+                <li><a href="https://www.amazon.com/hz/wishlist/ls/3CORZU03RNWST?ref_=wl_share">Amazon (hardware)</a></li>
+                <li>BTC 38Nd3SgytdvSmcX3gfHeNAE2B6aPyYbS7s</li>
+                <li>Coinbase USDC 0x21a05e628Ed622F7594f62Ea3C764bAEF7fE3Bf3</li>
+                </ul>
+                </div>
                 </div>

roles/Foundation/files/web-snippets/pay/thank-you

@@ -1,7 +1,7 @@
                 <div class="ui stackable middle very relaxed page grid">
                     <div class="sixteen wide center aligned centered column">
                         <div>
-                            <img class="logo" src="/img/icons/CoreIcon.png" />
+                            <img class="logo" src="/assets/img/icons/CoreIcon.png" />
                         </div>
                         <div class="hero">
                             <h2 class="ui icon header title">

roles/Games/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+
+ - name: Install Games packages
+   become: yes
+   package:
+     name:
+       - mgba-qt
+       - steam
+       - steam-native-runtime
+       - discord

roles/IRC-Bots/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+
+ - user:
+     name: "{{ item }}"
+     state: present
+     shell: "{{ daemon_shell | default('/sbin/nologin') }}"
+     local: yes
+     groups: ircd
+   loop:
+     - bitbot
+     - dsbridge
+     - theraven
+     - werewolf
+
+   # Install TheRaven package
+ - package:
+     name:
+       - TheRaven
+
+ - git:
+     repo: 'https://github.com/jesopo/bitbot.git'
+     dest: /usr/local/src/bitbot/
+     clone: yes
+     update: yes
+
+ - git:
+     repo:
+
+ -

roles/Maat/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+ - name: Sharingan packages
+   become: yes
+   package:
+     name:
+       - openvas
+       - greenbone-security-assistant
+       - elasticsearch6
+       - mongodb
+       - graylog

roles/SSH/tasks/main.yml

@@ -1,23 +1,21 @@
 ---
 
- - name: SSH
+ - name: SSH (ArchLinux)
    become: yes
+   when: ansible_os_family == "Archlinux"
    package:
+     state: present
      name:
-       - bash
-       - sudo
+       - openssh
 
- - name: SSH Config
+ - name: SSH (Raspbian)
    become: yes
-   copy: 
-       src: ssh_config
-       dest: /etc/ssh/ssh_config
-
- - name: SSHD Config
-   become: yes
-   copy: 
-       src: sshd_config
-       dest: /etc/ssh/sshd_config
+   when: ansible_os_family == "Debian"
+   package:
+     state: present
+     name:
+       - openssh-server
+       - openssh-client
 
  - name: Mark SSH keys as immutable
    become: yes
@@ -46,3 +44,38 @@
        name: "{{ ansible_user_id }}"
        groups: ssh-allow
        append: yes
+
+ - name: Copy the SSH key
+   authorized_key:
+     user: "{{ ansible_user_id }}"
+     state: present
+     key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/deploy.pub') }}"
+
+ - name: SSH Config
+   become: yes
+   copy:
+       src: ssh_config
+       dest: /etc/ssh/ssh_config
+
+ - name: SSHD Config
+   become: yes
+   register: sshd_config
+   copy:
+       src: sshd_config
+       dest: /etc/ssh/sshd_config
+
+ - name: Restart SSHD (ArchLinux)
+   become: yes
+   when: ansible_os_family == "Archlinux" and sshd_config.changed
+   service:
+     name: sshd
+     state: restarted
+     enabled: yes
+
+ - name: Restart SSHD (Raspbian)
+   become: yes
+   when: ansible_os_family == "Debian" and sshd_config.changed
+   service:
+     name: ssh
+     state: restarted
+     enabled: yes

roles/ShadowArch/files/bashrc

@@ -0,0 +1,10 @@
+#
+# /etc/bash.bashrc
+#
+
+# If not running interactively, don't do anything
+[[ $- != *i* ]] && return
+
+[[ $DISPLAY ]] && shopt -s checkwinsize
+
+[ -r /usr/share/bash-completion/bash_completion ] && . /usr/share/bash-completion/bash_completion

roles/ShadowArch/files/vimrc

@@ -0,0 +1,32 @@
+" All system-wide defaults are set in $VIMRUNTIME/archlinux.vim (usually just
+" /usr/share/vim/vimfiles/archlinux.vim) and sourced by the call to :runtime
+" you can find below.  If you wish to change any of those settings, you should
+" do it in this file (/etc/vimrc), since archlinux.vim will be overwritten
+" everytime an upgrade of the vim packages is performed.  It is recommended to
+" make changes after sourcing archlinux.vim since it alters the value of the
+" 'compatible' option.
+
+" This line should not be removed as it ensures that various options are
+" properly set to work with the Vim-related packages.
+runtime! archlinux.vim
+
+" If you prefer the old-style vim functionalty, add 'runtime! vimrc_example.vim'
+" Or better yet, read /usr/share/vim/vim74/vimrc_example.vim or the vim manual
+" and configure vim to your own liking!
+syntax on
+filetype on
+" Support CSharp files like Java
+au BufNewFile,BufRead *.csharp set filetype=java
+au BufNewFile,BufRead *.cs set filetype=java
+set number
+set mouse-=a
+colorscheme desert
+
+" This establishes the indenting policy.
+filetype plugin indent on
+" show existing tab with 4 spaces width
+set tabstop=4
+" when indenting with '>', use 4 spaces width
+set shiftwidth=4
+" On pressing tab, insert 4 spaces
+set expandtab

roles/ShadowArch/tasks/bash.yml

@@ -0,0 +1,37 @@
+
+
+   - name: Set Bash MOTD
+    become: yes
+    copy:
+      src: "motd/{{ inventory_hostname }}"
+      dest: /etc/bash.motd
+      owner: root
+      group: root
+      mode: 0644
+
+  - name: Nullify overall MOTD
+    become: yes
+    copy:
+      src: /dev/null
+      dest: /etc/motd
+      owner: root
+      group: root
+      mode: 0644
+
+  - name: Bashrc
+    become: yes
+    copy:
+      src: bashrc
+      dest: /etc/bashrc
+      owner: root
+      group: root
+      mode: 0644
+
+  - name: vimrc
+    become: yes
+    copy:
+      src: vimrc
+      dest: /etc/vimrc
+      owner: root
+      group: root
+      mode: 0644

roles/ShadowArch/tasks/main.yml

@@ -58,10 +58,14 @@
     ignore_errors: yes
     register: root_password_test
     vars:
+      ansible_become_user: "{{ item }}"
       ansible_become_method: su
       ansible_become_password: "{{ passwords[inventory_hostname] }}"
     become: yes
     command: id
+    loop:
+      - root
+      - "{{ ansible_user_id }}"
 
   - name: Define passwords
     vars:
@@ -70,7 +74,7 @@
     become: yes
     when: root_password_test.rc is not defined or root_password_test.rc != 0
     command:
-      cmd: /bin/bash -l -c "printf '%s\n%s\n' '{{ passwords[inventory_hostname] }}' '{{ passwords[inventory_hostname] }}' | passwd {{ item }}"
+      cmd: /bin/bash -l -c "echo '{{item}}:{{ passwords[inventory_hostname] }}' | chpasswd {{ item }}"
     loop:
       - root
       - "{{ ansible_user_id }}"
@@ -163,24 +167,6 @@
     hostname:
       name: "{{ inventory_hostname }}.{{ replica_domain }}"
 
-  - name: Set Bash MOTD
-    become: yes
-    copy:
-      src: "motd/{{ inventory_hostname }}"
-      dest: /etc/bash.motd
-      owner: root
-      group: root
-      mode: 0644
-
-  - name: Nullify overall MOTD
-    become: yes
-    copy:
-      src: /dev/null
-      dest: /etc/motd
-      owner: root
-      group: root
-      mode: 0644
-
   - include: archlinux-network.yml
     when: ansible_os_family == "Archlinux"
 
@@ -190,3 +176,5 @@
   - include: dns.yml
 
   - include: ntp.yml
+
+  - include: bash.yml

roles/Sharingan/files/monit/checks/system

@@ -7,7 +7,7 @@
 ## performed should a test fail.
 check system $HOST
   if loadavg (1min) per core > 2 for 25 times within 30 cycles then exec "/etc/monit.d/scripts/critical Load average is high"
-  if memory usage > 75% for 8 times within 10 cycles then exec "/etc/monit.d/scripts/critical Memory is overused."
+  if memory usage > 90% for 8 times within 10 cycles then exec "/etc/monit.d/scripts/critical Memory is overused."
   if swap usage > 25% for 8 times within 10 cycles then exec "/etc/monit.d/scripts/critical Swap is overused."
   group system
 #

roles/Sharingan/files/monit/checks/warrant-canary

@@ -0,0 +1,2 @@
+check program warrant_canary with path "/etc/monit.d/scripts/check-warrant-canary"
+    if status != 0 then exec "/etc/monit.d/scripts/critical Warrant Canary needs to be updated"

roles/Sharingan/files/monit/hostdefs/Core

@@ -1 +1,2 @@
 include "/etc/monit.d/checks/system"
+include "/etc/monit.d/checks/warrant-canary"

roles/Sharingan/files/monit/scripts/check-warrant-canary

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+daysinadvance=14
+url=https://aninix.net/AniNIX/WarrantCanary/raw/branch/main/canary
+
+# ID the update expected date
+canarydate="$(curl -s "$url" | grep -A 1 'next two updates' | tail -n 1 | sed 's/^..//' )"
+if [ -z "$canarydate" ]; then
+    echo "Cannot identify the canary's next time."
+    exit 2
+fi
+epochcanarydate="$(date -d "$canarydate" +%s)"
+
+# Remove a one-month padding
+updatecanarydate=$(( $epochcanarydate - 2592000 ))
+
+# ID today
+today="$(date +%s)"
+
+
+if [[ $today -gt $updatecanarydate ]]; then
+    echo Time to reseed the warrant canary.
+    exit 2
+else
+    echo Warrant canary seems to have the right time.
+    exit 0
+fi

roles/Sharingan/templates/monitrc.j2

@@ -153,7 +153,8 @@ set log syslog
 set httpd port 2812 and
     use address localhost  # only accept connection from localhost (drop if you use M/Monit)
     allow localhost        # allow localhost to connect to the server and
-    allow admin:"{{ monitcli | default('monit') }}"      # require user 'admin' with password 'monit'
+    # require user 'admin' with password
+    allow admin:"{{ secrets[Sharingan][monit] | default('monit') }}"
     #with ssl {            # enable SSL/TLS and set path to server certificate
     #    pemfile: /etc/ssl/certs/monit.pem
     #}

roles/Tachikoma/tasks/main.yml

@@ -0,0 +1,47 @@
+---
+
+ - name: Install Tachikoma packages
+   become: yes
+   package:
+     name:
+       - wifi-menu
+       - weechat
+       - elinks
+       - conky
+       - xfce4
+       - xfce4-goodies
+       - xfce4-screenshooter
+       - xscreensaver
+       - libreoffice-still
+       - hunspell
+       - hunspell-en_us
+       - google-chrome
+       - keepassxc
+       - sshfs
+       - vlc
+       - cups
+       - brother-mfc-j430w
+       - brscan4
+       - xsane
+       - mtpfs
+       - libmtp
+       - alsamixer
+
+ - name: Remove deprecated packages
+   become: yes
+   package:
+     name:
+       - chromium
+       - keepassx
+       - kpcli
+       - irssi
+       - lynx
+
+ - name: Enable services
+   become: yes
+   service:
+     name: "{{ item }}"
+     state: running
+     enabled: yes
+   with:
+     - cups.service

roles/WebServer/files/conf.d/Core/aaa_default.conf

@@ -1,25 +1,25 @@
 server {
     listen      443 ssl http2;
     server_name default_server;
+    include sec.conf;
+    include letsencrypt.conf;
+    include default.csp.conf;
+    rewrite ^/(.*)$ https://aninix.net/$1 permanent;
+
+}
+
+server {
+    listen      443 ssl http2;
+    server_name aninix.net;
 
     include sec.conf;
+    include letsencrypt.conf;
     include default.csp.conf;
 
-    location /
-    {
-      rewrite ^/martialarts(\/*)$ /assets/martialarts/index.html;
-      rewrite /shadowarch /AniNIX/ShadowArch/raw/branch/main/EtcFiles/shadowarch
+    location / {
+
+      rewrite ^/martialarts(\/)*(\/index.html)*$ /assets/martialarts/index.html;
 
-      location /aninix.xml { 
-          proxy_hide_header Content-Type;
-          add_header content-type "application/atom+xml";
-          rewrite /aninix.xml /AniNIX/Wiki/raw/branch/main/rss/aninix.xml;
-      }
-      location /martialarts/maqotw.xml { 
-          proxy_hide_header Content-Type;
-          add_header content-type "application/atom+xml";
-          rewrite /martialarts/maqotw.xml /AniNIX/Wiki/raw/branch/main/rss/maqotw.xml;
-      }
       proxy_set_header Host $http_host;
       proxy_set_header X-Forwarded-Host $host;
       proxy_set_header X-Forwarded-Server $host;
@@ -27,8 +27,19 @@ server {
       proxy_pass       http://127.0.0.1:3000;
     }
 
-    location /whatismyip
-    {
+    location /aninix.xml {
+        proxy_hide_header Content-Type;
+        add_header content-type "application/atom+xml";
+        rewrite /aninix.xml /AniNIX/Wiki/raw/branch/main/rss/aninix.xml;
+    }
+
+    location /martialarts/maqotw.xml {
+        proxy_hide_header Content-Type;
+        add_header content-type "application/atom+xml";
+        rewrite /martialarts/maqotw.xml /AniNIX/Wiki/raw/branch/main/rss/maqotw.xml;
+    }
+
+    location /whatismyip {
         include ../conf.d/fastcgi.config;
         root /usr/share/webapps/aninix/;
         location ~* whatismyip {
@@ -36,12 +47,10 @@ server {
             expires max;
         }
     }
-    location /blackpage
-    {
+
+    location /blackpage {
         root /usr/share/webapps/aninix/;
         try_files $uri /blackpage.html;
     }
 
-    include letsencrypt.conf;
-
 }

roles/WolfPack/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+
+ - name: Packages
+   become: yes
+   package:
+     name:
+       - wolfpack
+
+ - name: Config
+   become: yes
+   copy:
+       src: "{{ inventory_hostname }}"
+       dest: /usr/local/etc/WolfPack
+
+ - name: Timer
+   become: yes
+   systemd:
+     name: "{{ wolfpack_service | default('wolfpack.timer') }}"
+     state: started
+     enabled: yes
+     daemon_reload: yes
+
+       # TODO Add sshfs and mountpoint for Darknet
+       # TODO Add config folders and restart daemon on change
+       # TODO Deprecate offload-wolfpack for Deluge move to sshfs

roles/Yggdrasil/tasks/main.yml

@@ -24,7 +24,7 @@
      - /srv/yggdrasil/Software
 
  - name: LiveTV channels
-   command: /bin/bash -c "curl -s https://raw.githubusercontent.com/iptv-org/iptv/master/streams/us.m3u | egrep -A 1 {{ iptv_location }} 2>&1 | egrep -v '^--$'"
+   command: /bin/bash -c "curl -s https://raw.githubusercontent.com/iptv-org/iptv/master/streams/us.m3u | egrep -A 1 '{{ iptv_location }}' 2>&1 | egrep -v '^--$'"
    register: livetv_channels
 
  - name: Write to file

roles/common/tasks/main.yml

@@ -0,0 +1,5 @@
+---
+ - debug:
+      msg: Importing common handlers.
+
+        ### DO NOT CHANGE THIS FILE

tests/test_net-detect.py

@@ -1,7 +0,0 @@
-import os
-import re
-import pytest
-from modules import netdetect
-
-def test_netdetect_usage():
-    assert True