A whole bunch of random playbooks I put together / used
authorZachary Seguin <ztseguin@csclub.uwaterloo.ca>
Mon, 29 Feb 2016 22:22:42 +0000 (17:22 -0500)
committerZachary Seguin <ztseguin@csclub.uwaterloo.ca>
Mon, 29 Feb 2016 22:22:45 +0000 (17:22 -0500)
59 files changed:
.gitmodules [new file with mode: 0644]
disable-login.yml [new file with mode: 0644]
distribute-ssh-config.yml [new file with mode: 0644]
enable-login.yml [new file with mode: 0644]
files/nologin [new file with mode: 0644]
files/ssh_config [new file with mode: 0644]
files/sshd_config [new file with mode: 0644]
fingerprints/aspartame_rsa.pub [new file with mode: 0644]
fingerprints/auth1_ed25519.pub [new file with mode: 0644]
fingerprints/auth1_rsa.pub [new file with mode: 0644]
fingerprints/auth2_ed25519.pub [new file with mode: 0644]
fingerprints/auth2_rsa.pub [new file with mode: 0644]
fingerprints/bit-shifter_ed25519.pub [new file with mode: 0644]
fingerprints/bit-shifter_rsa.pub [new file with mode: 0644]
fingerprints/caffeine_ed25519.pub [new file with mode: 0644]
fingerprints/caffeine_rsa.pub [new file with mode: 0644]
fingerprints/cobalamin_ed25519.pub [new file with mode: 0644]
fingerprints/cobalamin_rsa.pub [new file with mode: 0644]
fingerprints/corn-syrup_ed25519.pub [new file with mode: 0644]
fingerprints/corn-syrup_rsa.pub [new file with mode: 0644]
fingerprints/dextrose_ed25519.pub [new file with mode: 0644]
fingerprints/dextrose_rsa.pub [new file with mode: 0644]
fingerprints/glomag_ed25519.pub [new file with mode: 0644]
fingerprints/glomag_rsa.pub [new file with mode: 0644]
fingerprints/gwem_ed25519.pub [new file with mode: 0644]
fingerprints/gwem_rsa.pub [new file with mode: 0644]
fingerprints/high-fructose-corn-syrup_ed25519.pub [new file with mode: 0644]
fingerprints/high-fructose-corn-syrup_rsa.pub [new file with mode: 0644]
fingerprints/mail_ed25519.pub [new file with mode: 0644]
fingerprints/mail_rsa.pub [new file with mode: 0644]
fingerprints/maltodextrin_ed25519.pub [new file with mode: 0644]
fingerprints/maltodextrin_rsa.pub [new file with mode: 0644]
fingerprints/munin_ed25519.pub [new file with mode: 0644]
fingerprints/munin_rsa.pub [new file with mode: 0644]
fingerprints/natural-flavours_ed25519.pub [new file with mode: 0644]
fingerprints/natural-flavours_rsa.pub [new file with mode: 0644]
fingerprints/nullsleep_ed25519.pub [new file with mode: 0644]
fingerprints/nullsleep_rsa.pub [new file with mode: 0644]
fingerprints/potassium-benzoate_ed25519.pub [new file with mode: 0644]
fingerprints/potassium-benzoate_rsa.pub [new file with mode: 0644]
fingerprints/rt_ed25519.pub [new file with mode: 0644]
fingerprints/rt_rsa.pub [new file with mode: 0644]
fingerprints/sodium-benzoate_ed25519.pub [new file with mode: 0644]
fingerprints/sodium-benzoate_rsa.pub [new file with mode: 0644]
fingerprints/strombola_ed25519.pub [new file with mode: 0644]
fingerprints/strombola_rsa.pub [new file with mode: 0644]
fingerprints/sucrose_ed25519.pub [new file with mode: 0644]
fingerprints/sucrose_rsa.pub [new file with mode: 0644]
fingerprints/taurine_ed25519.pub [new file with mode: 0644]
fingerprints/taurine_rsa.pub [new file with mode: 0644]
gather-ssh-fingerprints.yml [new file with mode: 0644]
generate-fingerprints [new file with mode: 0755]
generate-hosts [new submodule]
hosts
install-csc-packages.yml [new file with mode: 0644]
mount-scratch.yml [new file with mode: 0644]
mount-users.yml [new file with mode: 0644]
unmount-nfs.yml [new file with mode: 0644]
update-hosts.yml [new file with mode: 0644]

diff --git a/.gitmodules b/.gitmodules
new file mode 100644 (file)
index 0000000..51a62a9
--- /dev/null
@@ -0,0 +1,3 @@
+[submodule "generate-hosts"]
+       path = generate-hosts
+       url = /users/git/public/hosts.git
diff --git a/disable-login.yml b/disable-login.yml
new file mode 100644 (file)
index 0000000..d224fcd
--- /dev/null
@@ -0,0 +1,8 @@
+---
+- hosts: office general-use
+  remote_user: root
+  tasks:
+     - name: copy nologin
+       copy: src={{ item.src }} dest={{ item.dest }} backup=no
+       with_items:
+         - { src: 'files/nologin', dest: '/etc/nologin' }
diff --git a/distribute-ssh-config.yml b/distribute-ssh-config.yml
new file mode 100644 (file)
index 0000000..47fca4a
--- /dev/null
@@ -0,0 +1,16 @@
+---
+- hosts: all
+  gather_facts: no
+  remote_user: root
+  tasks:
+     - name: generate ed25519 key
+       shell: ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' < /dev/null
+       args:
+         creates: /etc/ssh/ssh_host_ed25519_key
+     - name: copy ssh config
+       copy: src={{ item.src }} dest={{ item.dest }} backup=yes
+       with_items:
+         - { src: 'files/ssh_config', dest: '/etc/ssh/ssh_config' }
+         - { src: 'files/sshd_config', dest: '/etc/ssh/sshd_config' }
+     - name: restart sshd
+       service: name=ssh state=restarted
diff --git a/enable-login.yml b/enable-login.yml
new file mode 100644 (file)
index 0000000..b19e49a
--- /dev/null
@@ -0,0 +1,8 @@
+---
+- hosts: office general-use
+  remote_user: root
+  tasks:
+     - name: delete nologin
+       file: path={{ item }} state=absent
+       with_items:
+         -  '/etc/nologin'
diff --git a/files/nologin b/files/nologin
new file mode 100644 (file)
index 0000000..050faf7
--- /dev/null
@@ -0,0 +1,4 @@
+***** ATTENTION *****
+
+This machine is temporarily unavailable for system maintence.
+See https://csclub.uwaterloo.ca/newsgroup/article.php?id=12268&group=uw.csc for more information.
diff --git a/files/ssh_config b/files/ssh_config
new file mode 100644 (file)
index 0000000..29c3e3a
--- /dev/null
@@ -0,0 +1,25 @@
+# This is the ssh client system-wide configuration file.  See
+# ssh_config(5) for more information.  This file provides defaults for
+# users, and the values can be changed in per-user configuration files
+# or on the command line.
+
+# Configuration data is parsed as follows:
+#  1. command line options
+#  2. user-specific file
+#  3. system-wide file
+# Any configuration value is only changed the first time it is set.
+# Thus, host-specific definitions should be at the beginning of the
+# configuration file, and defaults at the end.
+
+# Site-wide defaults for some commonly used options.  For a comprehensive
+# list of available options, their meanings and defaults, please see the
+# ssh_config(5) man page.
+
+Host *
+    SendEnv LANG LC_*
+    GSSAPITrustDns yes
+    GSSAPIKeyExchange yes
+
+    GSSAPIAuthentication yes
+    GSSAPIDelegateCredentials yes
+    UseRoaming no
diff --git a/files/sshd_config b/files/sshd_config
new file mode 100644 (file)
index 0000000..ac165f7
--- /dev/null
@@ -0,0 +1,64 @@
+# Package generated configuration file
+# See the sshd(8) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 22
+
+# Use only protocol version 2
+Protocol 2
+
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_ed25519_key
+HostKey /etc/ssh/ssh_host_rsa_key
+KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
+Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
+
+# Privilege Separation is turned on for security
+UsePrivilegeSeparation yes
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication
+UsePAM yes
+StrictModes yes
+PermitRootLogin yes
+LoginGraceTime 120
+MaxStartups 25:30:100
+
+# password authentication via PAM (single sign-on initial case)
+PasswordAuthentication yes
+PermitEmptyPasswords no
+
+# keyboard-interactive authentication (like password, works with +needchange)
+ChallengeResponseAuthentication yes
+
+# kerberos (single sign-on already authenticated case)
+GSSAPIAuthentication yes
+GSSAPIKeyExchange yes
+GSSAPICleanupCredentials yes
+
+# public key authentication with authorized_keys
+PubkeyAuthentication yes
+
+# no single sign-on via hosts.equiv; we use kerberos
+HostbasedAuthentication no
+IgnoreRhosts yes
+
+# no builtin kerberos auth with password, we do the same via pam_krb5
+KerberosAuthentication no
+
+# allow X forwarding
+X11Forwarding yes
+X11DisplayOffset 10
+
+# PAM prints these already
+PrintMotd no
+PrintLastLog no
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
diff --git a/fingerprints/aspartame_rsa.pub b/fingerprints/aspartame_rsa.pub
new file mode 100644 (file)
index 0000000..6b3c64b
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4TzqMpguUFMIly6HKTHpKKJrvJmIBWrS7FZSH0JCDsUrwzlYZQSTG1d0uCqO0NG0SV6GsdxcrucLRJajkidoB1RMgaZ/PPOK2a4o94aR09p9lBoE/MX9capCuybLg0EVc1/YTdRxM1wjP9f4Mjp6t5snTZ89RTAdPOg3MjFbveHHQceg0tYbOu3VlNMoove1gh0GBftmLobPnPzUgtMCJ3I2KcXpqTMUJSC01k23DG+M6sRQ7XjuG9P5Q0ly49qtt3p/NSeR6B/kETN3QiI8FQo5VoW2OP1Mpa4sNoBoBs55Wq4XYC1m1vyH3SqU8ExcrZqjI+LbJtYQGpH5BWySv root@aspartame
diff --git a/fingerprints/auth1_ed25519.pub b/fingerprints/auth1_ed25519.pub
new file mode 100644 (file)
index 0000000..572423f
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAvLvnQ6Ocf/QjojRW5fPrROrsQvSr/8pRVQCNXphs4W root@auth1
diff --git a/fingerprints/auth1_rsa.pub b/fingerprints/auth1_rsa.pub
new file mode 100644 (file)
index 0000000..e9a5f12
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmdYsXyf24OrBn3ZTo1rWZt55ZnE6L5DGYgmvRqwTFlrr0GyqNKSUDu+QL4NlxVRMB8IMe4inpuRb7JZuO47IRqf/KCIgWLfpsd1CMflqc2rYRVYmra2JSQ10DHJb4VGbOqABhkeB4YeTPwImr/BG4FBOm7QCqIu16RzjANXjYtGZq/s72hUhnm4yV36BHtXXaI4Ji7i4IeT2onyxfZyFcC9DcP83GUFOGtjAMumDRpJ5ftek+147gfF3dSvaYj8esFZW4geMoKXBe3B9vYAgH8z4iNbMqDc7NAVOWsvf5dSKiegrIrovNWm6rVWqYAXluJ6nkt1i5wkkM776cUUCn root@aspartame
diff --git a/fingerprints/auth2_ed25519.pub b/fingerprints/auth2_ed25519.pub
new file mode 100644 (file)
index 0000000..4baaafa
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJcYRda4/NglHpJDn9CadzN6gkO4ziUI1CZ4KZ6T76G root@auth2
diff --git a/fingerprints/auth2_rsa.pub b/fingerprints/auth2_rsa.pub
new file mode 100644 (file)
index 0000000..c7dbc47
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyXarBOhnkPR2cpeXPrSzBBFY5Wth7SRTuPtY0DLRsIVqAfJ/92pY79AWcvpM0DtoguMscc3iOWKhLpz5gxA3zPUOjloNMvGMHjUzC8Mwi0URJB9nbfpuE5+sHSLIcl26PbvHTTgL4WbsSypAxHNEe3Cc2uZ7JmGgccicXm6r7rQBICWmwQHjkB7rlXYNuY8Kni0lRDWNV45QUpab553wbBw0PZWmnjA1/ft8gN7ppXzBfvdPZy/OBal+7dUsCdBSsiCUu4Fowkqa5wzQP5JrfExmO3fp5mTTKWA1+ige2FJQoLhTtT6WuZ1MiMig2h/5itguxADP9X9/EFxVUsj05 root@auth2
diff --git a/fingerprints/bit-shifter_ed25519.pub b/fingerprints/bit-shifter_ed25519.pub
new file mode 100644 (file)
index 0000000..50b6d15
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIODyyKCLjh71NswLcYdjjHkGgvUXnru5wvoojQYR2kwH root@bit-shifter
diff --git a/fingerprints/bit-shifter_rsa.pub b/fingerprints/bit-shifter_rsa.pub
new file mode 100644 (file)
index 0000000..0134287
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDzH2lcDDp7S3b42mbpdcO1FySgY0dZQjxn9+90RN9x7HPKIhmuppJ1dkbmUFiDix1NzhO8ea3q2/b7XTjtN19zQP4+sV7eNpLw6O4UjTGAhTc7rWFrDrcQ7i7UAh9iM+DfnQa4BkQHr9j2cjgbvemDaRKSvzJvZXAMYLCu4kIEc+K6Qeer/pj4fcv5bvPuq+/kSsrLLEN/QfShFeKhfpO7e8dGicMuOnvruXUs0pqUXQtmQ2Wyjzouo+al0LnEWkA+7Atm1pg/VHnYIyAtYO615oSd3ExeOrLhZc68klWx3SXzkgywNItOENsq32gVgExyl0yTfVLd3CKwn+3D8Vf root@bit-shifter
diff --git a/fingerprints/caffeine_ed25519.pub b/fingerprints/caffeine_ed25519.pub
new file mode 100644 (file)
index 0000000..ec72bc0
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEl/7srK3RCWen+dBNiO1WfWQQqx4yVs+X6M/XRYPjml root@caffeine
diff --git a/fingerprints/caffeine_rsa.pub b/fingerprints/caffeine_rsa.pub
new file mode 100644 (file)
index 0000000..b4f2a88
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzLf726SMtgFQODIFN0G2WhwMPW6A6zDvd+hLUZWsx5in1rdCAVgtBAnqSlIZQzG+VV6b7VF/vUFg0g8Iku4txwQzE2o0Edln6RWFcEgYgczCY/QdtQ358NyZQ75M/fzM3HyX62cTzkX/nXOLIxGs8O8lmCSRs0D2I5JW4XciFvH4tarlstCflfkiTitqOicpaU+bEKfnXlfbR6tWsm5dp0gFcowtabJnWkuMNxyFSURWfglTrIn/XsEbA9rMdPzSHkpbuibrP9TaRQt+hwph+0fOtb2TlQlH1wu4O8Xi0R/XqlWASjRrXHrU6bMSOqq9Ym4a6oBUDrZMdKdlH48xsQ== root@caffeine
diff --git a/fingerprints/cobalamin_ed25519.pub b/fingerprints/cobalamin_ed25519.pub
new file mode 100644 (file)
index 0000000..da19ebc
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJT/8C2QZ5eRyIA6Q9ZdDS6naCf9raqEo7hZUhTm+Sm root@cobalamin
diff --git a/fingerprints/cobalamin_rsa.pub b/fingerprints/cobalamin_rsa.pub
new file mode 100644 (file)
index 0000000..7e19de4
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDo5+jPDT0ak6Ox4vk+EPmxNsVgQuLK82IyKvvuPHZ2qJ27ZJ6a1YxE+WiwpmKkF4BfLC0bwMIY5PZ3IUZ+gfVxiA19kddEWa97kmntsOB2oirpv/Ewvv83KflVWwjIiMCS9BlbVwtzhfzaOUec0f7jsqQ1x/J2mvAEt81vgjFeWOqmxGhLQs8sZZzeqQBZyOHral5GvcIfvBbBMAhV8E7KuyjqQsGWqOdrEThEM7a/sNmmawI130PGlOIz6FKcnBZJWxpo0L26cGIEI92lvWRs/NWPaPDtyWuaamkP3PFedAc6kX6pnU+MqZldsbH6bDsPq1iOryU3y8WebdTBGVh9 root@cobalamin
diff --git a/fingerprints/corn-syrup_ed25519.pub b/fingerprints/corn-syrup_ed25519.pub
new file mode 100644 (file)
index 0000000..e33e820
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJQYiN9/mUUBcJx4lOCnm9W9n91iKvAY5cfcnoRzNqKU root@corn-syrup
diff --git a/fingerprints/corn-syrup_rsa.pub b/fingerprints/corn-syrup_rsa.pub
new file mode 100644 (file)
index 0000000..d9a4f91
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1Y3qdNiwgOQzHXoDnRozSJ31eGoVYldmG3R2Rwa2rXNUwKVeVx612GxANjPaWrMyJ7bYEI1x7xtfdxKRcz94uumeqnR8cBTNKhxd1vtx0J64TcmezZqZdTAJZ11NVLRp+cuYPNDY62PNRtfjlkXMZ1BX1QFgNQdpARkXkLlDqAkkhaDVMhtXg2/3Z+xe5cizcwAjyeVjWlEpYrg+g2CKnpL6/hF9WZT3OLYsUDqVGZS0tDrS9nOuPuNQFdHZPUdaaNx7Lv+k8D4Yxeauc8EGGD2qEJ3xTh2P7FmaYbDc7s8GIYHa1lKh87ZULNyD6G5ieLYjSCjyHjVrmFVJM8woyw== root@corn-syrup
diff --git a/fingerprints/dextrose_ed25519.pub b/fingerprints/dextrose_ed25519.pub
new file mode 100644 (file)
index 0000000..b0ac69f
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJakT99tON1ug7OGL8nAoelggn5kVIkU5ZJcgcYYQeDf root@dextrose
diff --git a/fingerprints/dextrose_rsa.pub b/fingerprints/dextrose_rsa.pub
new file mode 100644 (file)
index 0000000..31471bf
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDkn3oIB0ubCLlriCIYFNR7z7i5wOm/GmPnt94eOjVk21RKzo4jJeczYX/OjvqNPTqeYgsOknoSjNPZ9EwkARe9XmhjIhRYsSrQeQH2i59WQTzg9EqnrdwuxHfEkO2X3CBBp6clftjONK8Wm7IwlfrUHssbTNczCuxyNrVP8hapXJuv69GQCqi4DTHEnswynjrh47iEgp0m/q7Q8leb98vfJd6a1fQrTqP7/+XJ6/h4cT5+tnwIC3BlnzzJYqzvK0FePYNZEf1TGFTZ2f5PzHAQo8IQQOLH2/Qiv43FgUSWanm3DO94C2IOO7vvHyZFXtktfmxoAGnm8E5ppEP6UR/3 root@dextrose
diff --git a/fingerprints/glomag_ed25519.pub b/fingerprints/glomag_ed25519.pub
new file mode 100644 (file)
index 0000000..21491a7
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxpuwKe9wYy992ulrBbTS8Ag0Y9YsBuFItwipix3mAA root@glomag
diff --git a/fingerprints/glomag_rsa.pub b/fingerprints/glomag_rsa.pub
new file mode 100644 (file)
index 0000000..48f552f
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdFFZ8VdVK0rtWAfTZdM5MoI6P+Lqpo8FPqeXK9crwxutbaTgyj8JHBayCCEVrPciuddJ181ysvEae1d/0kNykhvJBUPwWIi66s1yCU93TNYvjfpxYrMLuDrQa0dh6cjavdjRbbzoi96I1DCt90X7TbDQHKGglf1Kg3a+3QyDk9b1T4+goC5uiHHJaI7wpdSZp5v7a9F9cnMPAdHSeoKtzKf4M0umzEd+XEXJQQT/ZlxGaL0SGPBN/7Lz+7ddpI8r2ApOgSaiBLZD+64wJHks/BtXD3nzfn4V8a+JnMIJ0pNc4vPMJU4/kdIrW00jAHv5UG+q7Ke6p03EETtIUaHab root@glomag
diff --git a/fingerprints/gwem_ed25519.pub b/fingerprints/gwem_ed25519.pub
new file mode 100644 (file)
index 0000000..0d095c5
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDzFSHEDNnprhxJ9IvjtHvud65CEP28tTObEGMewGhg root@gwem
diff --git a/fingerprints/gwem_rsa.pub b/fingerprints/gwem_rsa.pub
new file mode 100644 (file)
index 0000000..518bdcd
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEMf5K0/8T88rXxBZeTh1qkdR/QxpShJsSHeh2KbEyHLyhJn26tudtzZojD93xt+LeZvL+Hi0bEkWgfVEX3WWbmetrePjd9Mcz+E7ND38n2oGYl/ddcNlUcVm1J4R+YI6G9pPfOa66yHeYeWFXGZEJRsJbZjI1r64GOjsm2cLP0+V7xlwPPe7lQFOcCRbfyKBEVaeipn4MUzXS0bRra1hxxB745FrvauJtM6HUQcaey+NKOczt+9ZiXGuklj3/qrGsiMg5K3rmRYbQWAbA2OELPwthgX3uP4FzH6XWjo6qYSRZBhytQcgRS8vqdlux1kcL19QCiv5aP/FlwDl4qqf9 root@gwem
diff --git a/fingerprints/high-fructose-corn-syrup_ed25519.pub b/fingerprints/high-fructose-corn-syrup_ed25519.pub
new file mode 100644 (file)
index 0000000..0520041
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINx6o3+z5wJxIs9zYSvf/bwzsWI5Nm27Sf/F3kvp0aYs root@high-fructose-corn-syrup
diff --git a/fingerprints/high-fructose-corn-syrup_rsa.pub b/fingerprints/high-fructose-corn-syrup_rsa.pub
new file mode 100644 (file)
index 0000000..5efbadb
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/XkcWvw/JAagtCFymBySJpnPjx0Uk0KTDDtdwNqeHH4/GvN0R8KWQNLg/2eJpGNIt8geTyake7Hg879rrHEh4RZrDkz9Zu8yTrV8nGGf2tZ58NmEo0CQn7I3wziNcJHpl1MQUXmtua8buvUNL+l7F+yag3u+ElPeQd7KAUparF2n9pz06kK4U3XEvimgOnTqbJaqP39ki/EjmUhi0I6LvzpoOdA6/06IM+EkVi58l5mu1vBffUpzKQXIOSJf3j4y/zEYqEkO7rHWdZJn0CVMG+cfYxry+GC3CRonw5MdemzU3wd+e4KI/zsdvfXBJwqnhAIN6Jq1hbtodLZYODp/v root@high-fructose-corn-syrup
diff --git a/fingerprints/mail_ed25519.pub b/fingerprints/mail_ed25519.pub
new file mode 100644 (file)
index 0000000..7674c96
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICyt77ru/ViAIvaw9Nca9zL8Gqv5VwNGZnW7LCQu+9WP root@mail
diff --git a/fingerprints/mail_rsa.pub b/fingerprints/mail_rsa.pub
new file mode 100644 (file)
index 0000000..6d782ee
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTas45BY/7HZjNUgwJtBSOMNVK+/eMM3r3EJyXMaNbnsSa0SrZgXmu0oA39uYHZD++ejn8tYsGqTtTHgIIcCAgrFWJykzGS35lq/t4YcqWqJLbTO2UiNwbi+VBEHWSRF5+vmYgO8ApuksULLsTy2PwfV6OoAqWtLiKcS2nmTRYuRqJlBNPkEVDjgREseRS+uFPK42cEhL3NNvHaHOxd5s9iamWFPVyH4s55MIASNMFzy3O3FD0Ewg60sTqBt1i4bqZcEC+ONYkm8/QFEJNcldIyn2XPN2FhfQ6QhCHnC/X1Z7ok2LFDsYo4rNd0eQrwIiK4KhwlwQg5/eJhTgbcig/ root@glomag
diff --git a/fingerprints/maltodextrin_ed25519.pub b/fingerprints/maltodextrin_ed25519.pub
new file mode 100644 (file)
index 0000000..893bdbd
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINpo9EqfEkFPRj6AVsk2XwGT9eM6OtnSRxfOrV/cdrOJ root@maltodextrin
diff --git a/fingerprints/maltodextrin_rsa.pub b/fingerprints/maltodextrin_rsa.pub
new file mode 100644 (file)
index 0000000..0b31b49
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDINydeWNmqn3PAtvR4mJwI1equy5a5QYmWLqbbU4g2BxMt/t231bP0/MSgjk2hDslu96aYUREZjx0bgx0M9dlcaiy7UqXESXL1wROPAGqH35F4ZLH1HRkxI6b2vfysh3F2bfh+6A30ItstyFh3N5BsJufE+S1iSyTVxdJ9SLLi/0mC7pOymV3HEVG/B4EgSqk4MDBYVPO+jI5iKwDbcitvnXq7MxGQT/Svr9QHfK5o8Drl3gD46ZhF7JtKQ0ewivcfPnulhQkraVo6CaqnXerUPXGZn2JSURh8IRL/xLj8mHuZ75/rpQZnsUdOXIGYMqEOIthL5j3HGXR6pg3lHKlf root@maltodextrin
diff --git a/fingerprints/munin_ed25519.pub b/fingerprints/munin_ed25519.pub
new file mode 100644 (file)
index 0000000..a55e540
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIc2OFHM1FI9SLnd94+H8eExdmwRnQQO5axNZBdPR0Xk root@munin
diff --git a/fingerprints/munin_rsa.pub b/fingerprints/munin_rsa.pub
new file mode 100644 (file)
index 0000000..97e4358
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGasfjpaAvGwIFaDUd7MVs+hlnXKbFuzz07lUkAH7LvtqQdfNi6ytBLar+xy52O2e8Dx1Id+zQIgy+69+mDY3ewJZ528CIlKTOutJIDQq9gr9NngZwVnz1Jhn5otFgRMcGRDjVcvU7Y+/krP1Tlty12Udi9Bxe0d3gbysMsQTmLqo/JgfjQ1TlfQqJbUQNFUESTX9lgxvRN+IZpI+924EphJ5dz5Yt9IP9D60BnLOPgG0Lo0QEUom6S32gE9aKSFp6Zd6bSTgMYM+zGRaLX36uwFF+SW36QxvhJOjoOXsTRJd0ASwcresqj1fIPhohYkwhpeBgR6O1uLSuhfklFY/z root@glomag
diff --git a/fingerprints/natural-flavours_ed25519.pub b/fingerprints/natural-flavours_ed25519.pub
new file mode 100644 (file)
index 0000000..ff949bc
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM8aYjlkPSts9u/HHwG3MPWPqvYx1eQ8EyfsHdQZvQmH root@natural-flavours
diff --git a/fingerprints/natural-flavours_rsa.pub b/fingerprints/natural-flavours_rsa.pub
new file mode 100644 (file)
index 0000000..10b7cce
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxB8N1u+o/74IImggUHbW3l5TL6DhU2woDXxBS5h1e/tNlWpPWiAZUym8WQEARfPFwgKuz/lpGEPXHB4RjxBUO3XD06MqIltqAok231GB5JkjUxIV+0+prqNYn+69ddWGigNMHngy2x2K/hyb4nk2TmvqtYFPJAZvhv8YcVwQ6KZytWlOT0RtkLWr4NG+JpcUqFRbaAfD9Bb5xUTBmeEPTV2tE/XDOttA6unSl2bwZUhy6E5A5znk0/FashGCr/tpDeq2Sm7Fg4TGf/LX3TQU8myXL7aJxjOZlQ09LF/r4k8Vx7lQjZ6OF3UxIs52yrv5RaiIkCOb+FW6AlPSJZL9Jw==
diff --git a/fingerprints/nullsleep_ed25519.pub b/fingerprints/nullsleep_ed25519.pub
new file mode 100644 (file)
index 0000000..9aaee26
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGEBbBWfDxURsUChomUCxt0cTXGt0tfLzcVDJrg50oK6 root@nullsleep
diff --git a/fingerprints/nullsleep_rsa.pub b/fingerprints/nullsleep_rsa.pub
new file mode 100644 (file)
index 0000000..3cdc9c1
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzJXI0yFebeqYl1tZICq8+B4WVyO9d9BvegKFxHaABeITyRfGpx/fO9gO7RgVKlpvOPI3fPWM7OiMwi471QNZcsEUxXshYgNfdiNCaMHcEBFYOx12moKhE1mo/KKyCdfhxel6Lt2Nq2sE2HpMo59vfM768RUCBlAIQWvfMUusnD47TO+sH5fE+MycKxDRg55kjGBB/K3+y+EO8mJ1ZV5CISlMCh8EL5HeOf8zh/ZX5B7v5PYlbKcyGBef0YjOulAoEal3XuqVnEF99bdgFCMdd/rOa/Cgq/44lubMBgwux770K/pgPz5OktOTFreH19P1lVmnOLQi2nGVue3Ljw8A4w== root@nullsleep
diff --git a/fingerprints/potassium-benzoate_ed25519.pub b/fingerprints/potassium-benzoate_ed25519.pub
new file mode 100644 (file)
index 0000000..75e190e
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHQTR2Zui8kaLLiQeBFDkkvdVEJ6+rL9Ez2QIMWJgu0Z root@potassium-benzoate
diff --git a/fingerprints/potassium-benzoate_rsa.pub b/fingerprints/potassium-benzoate_rsa.pub
new file mode 100644 (file)
index 0000000..8b250d1
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDO4ZqQ8XG7fmM1o6v6g3Ac+ljP6j4HnyrPA9dNjVWMxjM0KhxOtKWQZufAFcLBvmh/myK13cJnnrHYjq+ZIc4SH2LRTW/nu9Tdsj/BPbCiNQrAk8JLv4fJJVhysT3XWRlvJaN7xTwUdQ+EEPSHFj0KB5OevONwlNqQ+2GKGrkDRnslxY1Twgj+6WxGvY+mFBpid+v2K8ypb96zNOI2azwUvRMrFpgntRrqCiWbvsy4KZEikhSv/VumTb9YlyyjqMhqJgv7zKAbYf/VrlSHvO1pb9lbEGZmaS1P27m7sr5dfHMy5YeAG4NCwtsXXz8vz9zl9LzS08/Eb93rk7NiX17r root@potassium-benzoate
diff --git a/fingerprints/rt_ed25519.pub b/fingerprints/rt_ed25519.pub
new file mode 100644 (file)
index 0000000..64106e9
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhh51yhgdLUI9bq69aqtw1rrPo/y8O5339gaBFEH2am root@rt
diff --git a/fingerprints/rt_rsa.pub b/fingerprints/rt_rsa.pub
new file mode 100644 (file)
index 0000000..0809b3d
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvHWacOC003Qkp9hzBOBeH52MvYJkvSSbRgKdmaUVR5HB/MlqPNnp3tfw1kF3gdtM0PUU1NbZ94c7rRWRWYIOavkNr6hXzDFHACX7VGub8Hg6024IuoVRnmvgDcm6rnRxedvhN4OLpXlePXcmbtXQ302861cyKXTAzup0O5hAbuEqGvUhtR8bt3ATW5ucYmU+JinlV6gMcCz6UH69X3dj037mu5IxLJoSaknT6v9Zm5tsK2EfFe6/CqLN6tKyBuBWegdcXTJ1hNVCAIL5Ayz3wqcuPcRV25hTFddcNXUYGSnwUUk2rO1sSb0X9/RQ/OiH5bdVtSel0gi28Ap5+d0jd root@rt
diff --git a/fingerprints/sodium-benzoate_ed25519.pub b/fingerprints/sodium-benzoate_ed25519.pub
new file mode 100644 (file)
index 0000000..6e2f755
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqTJmG62zeZGMmHOD+caw0XvGznpfhPaAJEJnWrMdRr root@sodium-benzoate
diff --git a/fingerprints/sodium-benzoate_rsa.pub b/fingerprints/sodium-benzoate_rsa.pub
new file mode 100644 (file)
index 0000000..3922ad7
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6rKVV1vf0TEM+80e2uCcsoTvoLQMNJHBvRnBIlrSBTZRctVFAydGLa4UhPdNIE/n/83DuVytZ4c0VS3ASi+7O+AA+NlW+KayKYnD6afzqxRrbMQPdOhFu4GN0q0MXJs3xIl1g0+OmI7RUdesvbZYJBY0uCsjH2Y6u/paqmTkMyr11Tk12iVEBvwnaH1HBdsN4ZnHGQWA58mUYZHBz1TxoGCp4o7vMStoOlJb5a2xS39RhPHp67lA5H0/51uwG6Lj5NHxr8w2OBst6722cxF2/fxl03LmEQM17uy9muiAi7igggO0Iu2IHMpNlanMRnkzypuGqKN1LHWJ1rJNr1MZlQ== root@sodium-benzoate
diff --git a/fingerprints/strombola_ed25519.pub b/fingerprints/strombola_ed25519.pub
new file mode 100644 (file)
index 0000000..0f45162
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINio3ZVd5liEjRwoKZLG5vJ71U1lxhNp+9ef1UOZU1mk root@strombola
diff --git a/fingerprints/strombola_rsa.pub b/fingerprints/strombola_rsa.pub
new file mode 100644 (file)
index 0000000..e274ba0
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdMCT4oBL0p+ddF9oj0USvFfB7a5K05mFtJTGolw/UjlwjT3fPXkRSSiEGIDJ2JeIz6hJ8Zwx9lR08hsYKjL9PyTP28lq3x3xAGua5NUtPdabP2uilqp19w+j3soO8yayl7CYVg3WQ25y5yOMzthiIdsusoW7RK85FL91vbWhuMjThiYJ4m4kWJh4jr1k5bzPUISj860ZoNC93+jpABAH5eT+PV+Hp/1+AhifXAtaqKO+HrajeH70WdQehXr6KYrTmEMikOLeg8mjXhr63g7MlAH9mFhQfuOfTlGJIWyH5tMukBx+YX8RiCVCMizJcjcUYvxhuWh//MIwNtq3vFVFd root@strombola
diff --git a/fingerprints/sucrose_ed25519.pub b/fingerprints/sucrose_ed25519.pub
new file mode 100644 (file)
index 0000000..7441b37
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBxM7kOFiqijhaYQyXADyXk0ktjp4OvZTk/auOSuYltw root@sucrose
diff --git a/fingerprints/sucrose_rsa.pub b/fingerprints/sucrose_rsa.pub
new file mode 100644 (file)
index 0000000..98c6104
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPDNlOisklAHEpwXuw+HhHK8WzNRX+unks07c5JPOwDHKdwNj/q0H3Jp1avsfGwwVM3P+mALxi0gk2GBCT4MvOuv0GLiNoKJWz4mwADZcCb7FEdKqlRdpckVcHRNJSIA5lRrkb6IlegF0o8f+y5c+zTZE/4Pa61bIIUvU0hS4rtdvIaCd9x066Rutgl3taQ2tW8btmK7F+pWoTKiaz9KTt0hUcr/SGSrMtI9VNdD1Dt7sAyTqYz6v2OLRlTTF1Q5u2eYlNy9s7dlwHrHrwNgGildU2S/WvIZ0hLBLfU5yCuOocJUGoQdjCA/IbHVnl5jFhDiEJ6eD6jo23nVFWwnNL root@sucrose
diff --git a/fingerprints/taurine_ed25519.pub b/fingerprints/taurine_ed25519.pub
new file mode 100644 (file)
index 0000000..d913424
--- /dev/null
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFu35kh6YDpTfwmtFpdB8ZUl5hAy4l3q9QGCYL50JFD root@taurine
diff --git a/fingerprints/taurine_rsa.pub b/fingerprints/taurine_rsa.pub
new file mode 100644 (file)
index 0000000..bc0bdf3
--- /dev/null
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAx69z3QCtSccheSYSqpMHeJUuoco3rfNZfCNuopQDc87RRO9vhqMg1K8cE0RiViY8/ksQ0VDT3LC2WyBCa2p1NJ+TU+ZB4bKpcR0SAH1/pagZvaI+wXq4jYeGzZSHnh2Uh0n5Tt2AycU8sOGs2OyPP3/uYuXOa3DW52ooZsvV61pSJwB7Kne3P/MpXTsOC6zcENVnXypv5dWeWY/0jOYO2WMBkjIsYdqj/4sPx0IIIqR9OKGuxaDVbcXhkC7Uqz5NOQ8r/lfueojWePo2ExuJUsyzv5FFD9Lls3U+gjekTQvNZtyqcx1hCfEFn3Hz87wZvhV6F9394zEU9A0z8X8nMQ== root@taurine
diff --git a/gather-ssh-fingerprints.yml b/gather-ssh-fingerprints.yml
new file mode 100644 (file)
index 0000000..de60f88
--- /dev/null
@@ -0,0 +1,8 @@
+---
+- hosts: all
+  tasks:
+     - name: get fingerprints
+       fetch: src={{ item.src }} dest={{ item.dest }} flat=yes
+       with_items:
+         - { src: '/etc/ssh/ssh_host_rsa_key.pub', dest: 'fingerprints/{{ ansible_hostname }}_rsa.pub' }
+         - { src: '/etc/ssh/ssh_host_ed25519_key.pub', dest: 'fingerprints/{{ ansible_hostname }}_ed25519.pub' }
diff --git a/generate-fingerprints b/generate-fingerprints
new file mode 100755 (executable)
index 0000000..25e700e
--- /dev/null
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+echo '<?xml version="1.0"?>'
+echo '<!DOCTYPE cscpage SYSTEM "../csc.dtd">'
+echo '<cscpage title="SSH Key Fingerprints">'
+echo '<header />'
+echo '<section title="Machine SSH Key Fingerprints">'
+
+echo '<table>'
+echo '<tr>'
+echo '<th>Machine Name</th>'
+echo '<th>Key Type</th>'
+echo '<th>Fingerprint</th>'
+echo '</tr>'
+
+for host in $(ls fingerprints | egrep -oh '[^_]+' | egrep -v '.pub' | sort -u )
+do
+   for ktype in rsa ed25519
+   do
+      none=0
+      sha256=$(ssh-keygen -lE sha256 -f fingerprints/${host}_${ktype}.pub)
+      md5=$(ssh-keygen -lE md5 -f fingerprints/${host}_${ktype}.pub)
+
+      if [ ! $? -eq 0 ]
+      then
+         none=1
+      fi
+
+      echo '<tr>'
+      echo '<td>' ${host} '</td>'
+      echo '<td>' ${ktype} '</td>'
+
+      if [ ${none} -eq 0 ]
+      then
+         echo '<td><pre>'
+         echo $(echo ${sha256} | awk '{print $2}')
+         echo $(echo ${md5} | awk '{print $2}')
+         echo '</pre></td>'
+      else
+         echo '<td><pre>(none)</pre></td>'
+      fi
+
+      echo '</tr>'
+   done
+done
+echo '</table>'
+
+echo '</section>'
+echo '<footer />'
+echo '</cscpage>'
diff --git a/generate-hosts b/generate-hosts
new file mode 160000 (submodule)
index 0000000..a0615c3
--- /dev/null
@@ -0,0 +1 @@
+Subproject commit a0615c328ce0e82ee6f775edda45f1ffe30514cd
diff --git a/hosts b/hosts
index 9dc79f0..0458a9f 100644 (file)
--- a/hosts
+++ b/hosts
@@ -12,3 +12,16 @@ maltodextrin.csclub.uwaterloo.ca
 natural-flavours.csclub.uwaterloo.ca
 nullsleep.csclub.uwaterloo.ca
 strombola.csclub.uwaterloo.ca
+
+[syscom]
+aspartame.csclub.uwaterloo.ca
+dextrose.csclub.uwaterloo.ca
+auth1.csclub.uwaterloo.ca
+auth2.csclub.uwaterloo.ca
+cobalamin.csclub.uwaterloo.ca
+glomag.csclub.uwaterloo.ca
+mail.csclub.uwaterloo.ca
+sodium-benzoate.csclub.uwaterloo.ca
+potassium-benzoate.csclub.uwaterloo.ca
+munin.csclub.uwaterloo.ca
+rt.csclub.uwaterloo.ca
diff --git a/install-csc-packages.yml b/install-csc-packages.yml
new file mode 100644 (file)
index 0000000..5eb52a2
--- /dev/null
@@ -0,0 +1,12 @@
+---
+   - hosts: office general-use
+     remote_user: root
+     gather_facts: no
+     tasks:
+        - name: Update apt cache
+          apt: update_cache=yes
+        - name: Install CSC packages
+          apt: name={{ item }} state=latest
+          with_items:
+            - ceo-python
+            - library
diff --git a/mount-scratch.yml b/mount-scratch.yml
new file mode 100644 (file)
index 0000000..0f662f2
--- /dev/null
@@ -0,0 +1,8 @@
+---
+- hosts: all
+  remote_user: root
+  tasks:
+     - name: mount NFS
+       command: mount {{ item }}
+       with_items:
+         - /scratch
diff --git a/mount-users.yml b/mount-users.yml
new file mode 100644 (file)
index 0000000..4ffad19
--- /dev/null
@@ -0,0 +1,9 @@
+---
+- hosts: all
+  remote_user: root
+  tasks:
+     - name: mount NFS
+       command: mount {{ item }}
+       with_items:
+         - /users
+         - /music
diff --git a/unmount-nfs.yml b/unmount-nfs.yml
new file mode 100644 (file)
index 0000000..c856e66
--- /dev/null
@@ -0,0 +1,12 @@
+---
+- hosts: all
+  remote_user: root
+  tasks:
+     - name: unmount NFS
+       command: umount -f {{ item }}
+       with_items:
+         - /scratch
+         - /users
+         - /music
+         - /video
+         - /backup
diff --git a/update-hosts.yml b/update-hosts.yml
new file mode 100644 (file)
index 0000000..ffbb156
--- /dev/null
@@ -0,0 +1,14 @@
+---
+#- hosts: high-fructose-corn-syrup.csclub.uwaterloo.ca
+- hosts: all
+  remote_user: root
+  gather_facts: no
+  tasks:
+     #- name: update hosts
+     #  connection: local
+     #  git: repo=~git/public/hosts.git dest=generate-hosts
+     #- name: generate hosts file
+     #  connection: local
+     #  shell: generate-hosts/generate-hosts.py < generate-hosts/hosts.in > generate-hosts/hosts
+     - name: copy hosts file
+       copy: src=generate-hosts/hosts dest=/etc/hosts backup=yes