From a384be1c818dee0474f950955ed7fce1b438ff6c Mon Sep 17 00:00:00 2001
From: Naglfar <naglfar@tilde.team>
Date: Sat, 30 Mar 2019 14:01:39 +0000
Subject: [PATCH 1/6] znc user creation script doesn't require password since
 using imapauth

---
 .../files/var/lib/znc/create-znc_account.sh     | 17 +++--------------
 .../shell/files/var/lib/znc/znc_account.newconf |  4 +---
 2 files changed, 4 insertions(+), 17 deletions(-)

diff --git a/roles/shell/files/var/lib/znc/create-znc_account.sh b/roles/shell/files/var/lib/znc/create-znc_account.sh
index 2d818f6..bcf61cc 100755
--- a/roles/shell/files/var/lib/znc/create-znc_account.sh
+++ b/roles/shell/files/var/lib/znc/create-znc_account.sh
@@ -5,9 +5,9 @@ CONF="/var/lib/znc/.znc/configs/znc.conf"
 PID=$(pgrep -u znc znc)
 
 # $username and $password are retrieved from create-account script
-if [[ -z $1 || -z $2 ]]
+if [ -z $1 ]
 then    
-        echo -e "Usage: $(basename $0) [username] [password]"
+        echo -e "Usage: $(basename $0) [username]"
         exit
 fi
 
@@ -19,23 +19,12 @@ then
 fi
 
 username=$1
-password=$2
 
 kill -s USR1 $PID # Rewrite znc.conf
 sleep 1
 
-# set username and password
+# set username
 sed s/newuser/$username/g znc_account.newconf >> $CONF
-expect << EOF | grep -E 'Hash|Salt' | tr -d \\r >> $CONF
-spawn znc --makepass
-expect "*Enter password: "
-send "$password\r"
-expect "*Confirm password: "
-send "$password\r"
-expect eof
-EOF
-echo "  </Pass>" >> $CONF
-echo "</User>" >> $CONF
 
 sleep 1
 kill -s HUP $PID # Reload znc.conf
diff --git a/roles/shell/files/var/lib/znc/znc_account.newconf b/roles/shell/files/var/lib/znc/znc_account.newconf
index 0c49eb0..aa38722 100644
--- a/roles/shell/files/var/lib/znc/znc_account.newconf
+++ b/roles/shell/files/var/lib/znc/znc_account.newconf
@@ -20,6 +20,4 @@
 	RealName = Got Thunix ?
 	StatusPrefix = *
 	TimestampFormat = [%H:%M:%S]
-
-	<Pass password>
-	Method = SHA256
+</User>

From 6ca7186a72e35f90f0ac63ba975b2e22fd22ee14 Mon Sep 17 00:00:00 2001
From: Anton McClure <amcclure@thunix.net>
Date: Sat, 30 Mar 2019 11:52:35 -0400
Subject: [PATCH 2/6] fixed statucadventures.netlib.re ssl

---
 .../staticadventures.netlib.re.conf           | 32 +++++++++----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf b/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf
index e1e24c8..9d1d2dc 100644
--- a/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf
+++ b/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf
@@ -10,19 +10,19 @@
         </Directorymatch>
 </VirtualHost>
 
-#<IfModule mod_ssl.c>
-#    <VirtualHost *:443>
-#    ServerAdmin webmaster@thunix.net
-#    ServerName staticadventures.netlib.re
-#    DocumentRoot /var/www/staticadventures.netlib.re
-#    ErrorLog ${APACHE_LOG_DIR}/error.log
-#    CustomLog ${APACHE_LOG_DIR}/access.log combined
-#    <Directorymatch "^/.*/\.git/">
-#                Order deny,allow
-#                Deny from all
-#        </Directorymatch>
-#    SSLCertificateFile /etc/letsencrypt/live/staticadventures.netlib.re/fullchain.pem
-#    SSLCertificateKeyFile /etc/letsencrypt/live/staticadventures.netlib.re/privkey.pem
-#    Include /etc/letsencrypt/options-ssl-apache.conf
-#</VirtualHost>
-#</IfModule>
+<IfModule mod_ssl.c>
+    <VirtualHost *:443>
+    ServerAdmin webmaster@thunix.net
+    ServerName staticadventures.netlib.re
+    DocumentRoot /var/www/staticadventures.netlib.re
+    ErrorLog ${APACHE_LOG_DIR}/error.log
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
+    <Directorymatch "^/.*/\.git/">
+                Order deny,allow
+                Deny from all
+        </Directorymatch>
+    SSLCertificateFile /etc/letsencrypt/live/staticadventures.netlib.re/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/staticadventures.netlib.re/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+</VirtualHost>
+</IfModule>

From 1d71f02a07aa9fa69cd3f6245bd5f54109869838 Mon Sep 17 00:00:00 2001
From: Anton McClure <amcclure@thunix.net>
Date: Sat, 30 Mar 2019 11:55:17 -0400
Subject: [PATCH 3/6] fixed staticadventures.netlib.re ssl

---
 .../apache2/sites-available/staticadventures.netlib.re.conf   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf b/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf
index 9d1d2dc..f3580e0 100644
--- a/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf
+++ b/roles/webserver/files/etc/apache2/sites-available/staticadventures.netlib.re.conf
@@ -1,5 +1,5 @@
 <VirtualHost *:80>
-    ServerAdmin webmaster@thunix.net
+    ServerAdmin staticadventures@riseup.net
     ServerName staticadventures.netlib.re
     DocumentRoot /var/www/staticadventures.netlib.re
     ErrorLog ${APACHE_LOG_DIR}/error.log
@@ -12,7 +12,7 @@
 
 <IfModule mod_ssl.c>
     <VirtualHost *:443>
-    ServerAdmin webmaster@thunix.net
+    ServerAdmin staticadventures@riseup.net
     ServerName staticadventures.netlib.re
     DocumentRoot /var/www/staticadventures.netlib.re
     ErrorLog ${APACHE_LOG_DIR}/error.log

From 4b2fb41a81753b36af0891c780204579f8ee53ad Mon Sep 17 00:00:00 2001
From: Anton McClure <amcclure@thunix.net>
Date: Sun, 31 Mar 2019 19:45:45 -0400
Subject: [PATCH 4/6] Update 'roles/shell/tasks/users/amcclure.yml'

---
 roles/shell/tasks/users/amcclure.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/roles/shell/tasks/users/amcclure.yml b/roles/shell/tasks/users/amcclure.yml
index 178fbac..ef0a8af 100644
--- a/roles/shell/tasks/users/amcclure.yml
+++ b/roles/shell/tasks/users/amcclure.yml
@@ -35,4 +35,8 @@
 - authorized_key:
     user: amcclure
     state: present
-    key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEP7Od12kcJrQ8Du+zDBGX9Z1RlX18wbZACXAfApl3fI"
\ No newline at end of file
+    key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEP7Od12kcJrQ8Du+zDBGX9Z1RlX18wbZACXAfApl3fI"
+- authorized_key:
+    user: amcclure
+    state: present
+    key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAIAQC0SVkZtxZQvRlKb2sfUBp4sahpoJzSJccn6WRM3gzUv+j6tIAcENkjwhA9OAOmunpzfbOBY9adKTkE0M1VT5R5c86Mad0/eloHOYNxzz7Xh6EzYq4orzRMUGqLyTqVPyABsQlMU1YQWHoWb62TdxtVVsS/oHhN3Hc6RAhZ6dfXS4MItW4VqQxzADyViyWyLAzdETa3Wtrhznqwef3qxfTKxG6S+M/fdBlzx3nshlyKZ9PcJVBBnsFibc/Aa8teCO2elunKWmlrZjEw1537m3+X32cJHAXFb4FgHlg0ZLsD0Ho+52i94GPz1cre7ghQxIrtsLCD4tKbx4MI7Da05ltGivTLTKNK5yyup+6XfwasQBy5/m1TnqLzU0QKNaFanIPbL6z2QU2OV04Z0D3KbS3VFXAeUFr7Rl/RiTpflQ7tU/cfofHWbM7KNQHeP9A9Oqgxp5aUkruGyoRxK2so9fv/h/k8u/1jE2DF7n/36sxhfp1PqOHv+dc4rkAmraj/HUP9fRplJ1RP/oyLBCUFXT7Hq9NlUwrYoZjIxXPi3375ZNgYq4HjwVcFuajqwmEgFHd5a/IJBfIj9CGtl7LIJoOjcXK7CZQYmDv7i6sHYDhTUnWuHXiiWZg7QguV6damW/QVoXbpbghzfv1+iIzgtUavESC/h+QrwvGcbAt1wG7LIBMi04SkCCySBD4HQ+vzh69n/XVp9AaIMvlmemJoSr6F1MXxeGny3Shq7r+uhwRgRZLTU1mdExMaYXcVtQiHytvMsb7gRsHLNsFBWENnLNE3VBAks/PfIP0dfb+Gpz8T/6O0xKCIlvpGKvxkm5n+wRdcXylr9EQ6Xoe74tiG2DkpVb2kHzlPQkf4TVr/nnKk3by0FtkLjfDc35ohBlr9JM1L9G1tNC5iw0e7iSQTvM6J+ufYR5BChzNVT7o3TS54tabYYrK96ioOg+FS+osiOV4cOVe8wfHliRme3r1KZXAxoxWkEQLeBc1bezoWNhlNaFNKp3QRxcJP2KeWqRmWVOYj3++jArAdrGSEBfT9tJQMnpoAXtA65gg6NEjpnAmsrz5fSWmatpePMgrtNJxQ31GLO4lm+hAKM7Q365knmA+4xZV0z3WBzuXa9SAh0xltc1HMIpi9+hutjhOS+NugSY3c28pRNMwo73k2KvH+olAX6G+8iyHRzgG3GYl3SGSImXATSKeQ4jDC8O6XOTcwxImGMdPOP8X4dBsZ+R857WJqxag/UB0d6py+UtLM2UkYBldWZ6biN7Lx/wAcvOD99ECx89J3K/Z1FAFKfM9AXR53Hl/JCmeekyYooAqD9hA5To9cGd73u6k0w8J5Ocb6byJZgm5v4D4NrQrFT7TYDqDGNa3G2RrBLGh9ssDLfMDJK5bX7+d3IO/3YfFjSHeIxi8ynGmk/FKuSBL2FK4UOj1rc5dJmXkY8U0CuU/xdzuos6rSYu2G01vzqksPeT/uyqXCZW/0Tmq94Ij6bmWl4bSfsxTGNrImK58Co/qOJd77CZahwvZnC6VGgcG0AQQ74lSEjvn3lInkWqZfyanPEIineiG9EnRcITDsFUKVDPaNCWhrpPi7wBkq6z6yeuuKcheFatNR52UVi/76ce5tBk+edbcsHUTy+QrfcdpU6X4GiuXp4GZ+VurRL6/uIoxNvRjQ+YucLmG6qWV96fOAEatQYf01nFwDwJkpLmVynFkbAEIjwU0+HihuuYdVqz2bysCdKkgS2DLDeDBumdTRJW16FbKFIWDBdyVaI6Ag1WrQD0YvSIjlJEbd/UIRIxrya8sPXq4imPoG3UYvUV95fUTGe4RjlK0C/7L/T/K3sVrBXJo+kKll9xeOqAeSNrCBZyYp3vGTV8KhFR4W3qcMuIhhW+k21ftcZoZRnFRwaQgbRgsT10WuAYe6AhvI1ofI3DSB1RuEDBLyAZq6u0CvxiWjQFkat7YdH14AHmPbX9PDt5Hp5/FZrcxzlhht+XIl3Qrq/EAmzNySoEq7tmMsubpITTdNjfUhsI5er0qmExhp1M7UMiqEWoxO6nJBHK55EUZD2CQkCr/yTjCfNtwh5Uv/fkaSSC9btpMTaU78uPqnBAnFCEA4HvsgWHe5eP/YzE6eaB/RgxrWWvuS2Kw9AWd4C12I2EDwo++cQ1anjotqGtCyD97txbUjT60ENKo+xvN/VUFtkmpMNwUqUyISsJ8srVuVsPKf6G2/RW+sJjdlFPxlnRuk6uuTmOYyjg6Mk3Qnk2cNetD2bszJNBLNDPZWTwmVVLImio4ox4nNUlwFOsTGUXTKRlQQBsJXQNsbXcb+n+wldRJLZ06b3NKVTv/+rJ4OfmLdpxTiS9P12tzMv5gNsqs1WcmeckC895xS8XOG2kUOs/YPocNEKdx48ypcqBSCulZ98aL5phGw0jINsOrpZZFUcVE5uiUJI8sxwoexPBLG8mlBu4DmGWqXt3ySx1n4kwJJZQ4A2krpUUoW9pYftMaw00KDYGlihjR7v4zewoSH2LLAz9HAtv3mW1ZRYYOgYCJwbULA0PxS7UvY5UMyv0Jq5j8F5Pp/mdMc9Q9qHT+wxxxTubIKsz9BQUoLGBmIj3gB9xFtwxgey8pl3o5xdjAo6+XX5RZiXk3QMK7Vx/QWsXSSo//WQnD4NyAkE2de4y1xxNkK7uWQDksEeNjcxnxVG30svmZ5QQGmIsdTb4vOjkc6RKDngVq3AeL+DFiOtLP4e8UJyWIyS/1ZPQ== amcclure@MacBook-Pro"
\ No newline at end of file

From 61a196ebc9ad10560700681872aad97a85b5e003 Mon Sep 17 00:00:00 2001
From: ubergeek <ubergeek@yourtilde.com>
Date: Mon, 1 Apr 2019 18:02:54 -0400
Subject: [PATCH 5/6] Update 'roles/common/tasks/packages.yml'

---
 roles/common/tasks/packages.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/common/tasks/packages.yml b/roles/common/tasks/packages.yml
index d11da30..f70a04a 100644
--- a/roles/common/tasks/packages.yml
+++ b/roles/common/tasks/packages.yml
@@ -29,6 +29,8 @@
       - python-yaml
       - members
       - sqlite
+      - sudo
+      - ufw
 
 # Install ansible python package, because it's the latest
 - name: Install ansible

From f197bf58b2a18acfebefb2b02149c57eebc2cd3a Mon Sep 17 00:00:00 2001
From: ubergeek <ubergeek@yourtilde.com>
Date: Mon, 1 Apr 2019 18:05:40 -0400
Subject: [PATCH 6/6] Update 'roles/shell/tasks/users/ubergeek.yml'

---
 roles/shell/tasks/users/ubergeek.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/roles/shell/tasks/users/ubergeek.yml b/roles/shell/tasks/users/ubergeek.yml
index 462c2c5..a388438 100644
--- a/roles/shell/tasks/users/ubergeek.yml
+++ b/roles/shell/tasks/users/ubergeek.yml
@@ -29,4 +29,9 @@
 - authorized_key:
     user: ubergeek
     state: present
-    key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrZ1A4dkJlP3gXaZto6ct6xTs5o1nhCFIflP+OXBbTlOQCgeCGoiPelpRhe+1x3TD99u50/k4JF/NCA4xRaeYnWFDkWx1P0NHv4nAdwAACIH8SrUiSbeZrogPApVpfuMkVvU5y7DthMgTAJbF13EaKsqVTmD9eVSlSStYgWU+Y+9Ip22BdANcJuCtpd+99DSPSRA14bFndMN3or980O9DA5oSk36uwrNSHhAObRHRQdcFVYwEHtrffI4ZYuuFo6qQzLHI1yFcIlJ8Xyaru+MqILfT2eSetBZwnHwrZSlIKwCw2tYclDmnH3W2nytQ7hAHJIsrB67++Usd6OlF2N/5tMu6c9YGPXu3AAgNos1R6kvlL22e+OVXaLOBqXSBNZjBjnrvuO+0PvRNEBoSeqALmjkgQkTPbzXgeAYFNDJtgydAuJwcGKq6QD0f94KibpoKP7NXbZPtJDax/MStoQzDImUz84b1H6NgPX9ddDcH8emhf+v6SB1OHZMPgO9dGGRjEIanj2v2bgGDO3zzv+emOaWrq/KVFFMFL+TKuneujCwKrAsCwrjomPNGtRd92FU65KTpwzN91Y3g2fkMTg2iYqXhHnVHgaf8nBwRoyK0TCDrUdcxHJHGafO3EoY+HiHhOyMV/CDvppL8e4nIGR5CZazDfKuEdEeiSsnCdzD0Anw== u0_a313@localhost"
\ No newline at end of file
+    key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrZ1A4dkJlP3gXaZto6ct6xTs5o1nhCFIflP+OXBbTlOQCgeCGoiPelpRhe+1x3TD99u50/k4JF/NCA4xRaeYnWFDkWx1P0NHv4nAdwAACIH8SrUiSbeZrogPApVpfuMkVvU5y7DthMgTAJbF13EaKsqVTmD9eVSlSStYgWU+Y+9Ip22BdANcJuCtpd+99DSPSRA14bFndMN3or980O9DA5oSk36uwrNSHhAObRHRQdcFVYwEHtrffI4ZYuuFo6qQzLHI1yFcIlJ8Xyaru+MqILfT2eSetBZwnHwrZSlIKwCw2tYclDmnH3W2nytQ7hAHJIsrB67++Usd6OlF2N/5tMu6c9YGPXu3AAgNos1R6kvlL22e+OVXaLOBqXSBNZjBjnrvuO+0PvRNEBoSeqALmjkgQkTPbzXgeAYFNDJtgydAuJwcGKq6QD0f94KibpoKP7NXbZPtJDax/MStoQzDImUz84b1H6NgPX9ddDcH8emhf+v6SB1OHZMPgO9dGGRjEIanj2v2bgGDO3zzv+emOaWrq/KVFFMFL+TKuneujCwKrAsCwrjomPNGtRd92FU65KTpwzN91Y3g2fkMTg2iYqXhHnVHgaf8nBwRoyK0TCDrUdcxHJHGafO3EoY+HiHhOyMV/CDvppL8e4nIGR5CZazDfKuEdEeiSsnCdzD0Anw== u0_a313@localhost"
+- authorized_key:
+    user: ubergeek
+    state: present
+    key: "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAA0NYVVAp4bcJlPCXU9HRHAwJHoyfI4IN0H6Tx/fdf56dzB6hR7SCKFLdmhaFkCZnlGWd4rLN1Phrem26ncsiOsBwEjzPFdlyOVCXfvheK17RsNT/D8zHXI6P06Soz0WzNCYD5NUVwtQJvs6ptA6fMUCOlmZapxyUW4pjMLkCbRKhuxQw=="
+    
\ No newline at end of file