playbooks

ansible config management
git clone git://git.pyratebeard.net/playbooks.git
Log | Files | Refs | README
commit c677792fdc286714bab91d67e2680f059023617a
parent 254ec09d736dff0cc24ef04420d2fd2c9fede1ea
Author: pyratebeard <root@pyratebeard.net>
Date:   Tue, 16 Apr 2024 17:24:57 +0100

motd play

Diffstat:

Amotd.yml | 179+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Atemplates/motd.j2 | 145+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Atemplates/profile-pyratenet.sh.j2 | 52++++++++++++++++++++++++++++++++++++++++++++++++++++


3 files changed, 376 insertions(+), 0 deletions(-)

diff --git a/motd.yml b/motd.yml
@@ -0,0 +1,179 @@
+---
+#                 __     .___
+#   _____   _____/  |_ __| _/
+#  /     \ /  _ \   __/ __ |
+# |  Y Y  (  <_> |  |/ /_/ |
+# |__|_|  /\____/|__|\____ |
+#       \/                \/
+#
+#  author ▓▒ pyratebeard
+#    code ▓▒ https://git.pyratebeard.net/playbooks
+
+- hosts: tildeservers,tildedevices,pigspleen
+  gather_facts: false
+  tasks:
+    - block:
+      - wait_for_connection:
+          timeout: 5
+      - group_by:
+          key: "reachable"
+        changed_when: false
+      tags: always
+      check_mode: false
+      rescue:
+      - debug:
+          msg: "unable to connect to {{ inventory_hostname }}"
+
+# deploy issue and hostname banners
+- hosts: reachable
+  become: true
+  gather_facts: true
+  vars:
+    sudo_group: 'wheel'
+    ssh_service: 'sshd'
+  tasks:
+    - name: "setup block"
+      block:
+      - name: check for sudo group
+        ansible.builtin.group:
+          name: 'sudo'
+        check_mode: true
+        register: sudo_grp_chk
+
+      - name: change to sudo group
+        ansible.builtin.set_fact:
+          sudo_group: 'sudo'
+        when: sudo_grp_chk.changed == false
+
+      - name: change ssh service name
+        ansible.builtin.set_fact:
+          ssh_service: 'ssh'
+        when: ansible_facts['distribution'] == "Devuan"
+      tags: always
+
+    - name: disable banner in sshd_config
+      ansible.builtin.lineinfile:
+        path: '/etc/ssh/sshd_config'
+        regexp: '^Banner'
+        line: '#Banner /etc/issue.net'
+      notify: reload sshd
+      tags: disable_banner
+
+    - name: deploy motd
+      ansible.builtin.template:
+        src: 'motd.j2'
+        dest: '/etc/motd'
+        mode: 0644
+      tags: motd
+
+    - name: set motd in sshd_config
+      ansible.builtin.lineinfile:
+        path: '/etc/ssh/sshd_config'
+        regexp: 'PrintMotd'
+        line: 'PrintMotd yes'
+      notify: reload sshd
+      tags: motd
+
+    - name: create profile.d dir
+      ansible.builtin.file:
+        path: '/etc/profile.d/'
+        state: directory
+        owner: root
+        group: "{{ sudo_group }}"
+        mode: 0755
+      tags: script
+
+    - name: deploy profile script
+      ansible.builtin.template:
+        src: 'templates/profile-pyratenet.sh.j2'
+        dest: '/etc/profile.d/profile-pyratenet.sh'
+        owner: root
+        group: "{{ sudo_group }}"
+        mode: 0755
+      tags: script
+
+    - name: add sourcing of /etc/profile to /etc/zsh/zprofile
+      ansible.builtin.lineinfile:
+        path: "/etc/zsh/zprofile"
+        line: "emulate sh -c 'source /etc/profile'"
+        create: true
+      when: not ansible_distribution == "OpenBSD"
+      tags: script
+
+    - name: add /etc/profile
+      ansible.builtin.lineinfile:
+        path: "/etc/profile"
+        line: ". /etc/profile.d/profile-pyratenet.sh"
+        create: true
+      when: ansible_distribution == "OpenBSD"
+      tags: script
+
+    - name: disable lastlog in sshd_config
+      ansible.builtin.lineinfile:
+        path: '/etc/ssh/sshd_config'
+        regexp: 'PrintLastLog'
+        line: 'PrintLastLog no'
+      notify: reload sshd
+      tags: script
+
+    - name: remove motd from pam.d
+      ansible.builtin.lineinfile:
+        path: '/etc/pam.d/{{ item }}'
+        regexp: 'session.*optional.*pam_motd.so.*'
+        state: absent
+      loop:
+        - login
+        - sshd
+        - system-login
+      tags: motd
+
+    - name: replace motd in pam.d
+      ansible.builtin.lineinfile:
+        path: '/etc/pam.d/{{ item }}'
+        line: 'session    optional     pam_motd.so  motd=/run/motd.dynamic'
+        insertafter: "# and a static (admin-editable) part from /etc/motd."
+        state: present
+      loop:
+        - login
+        - sshd
+      tags:
+        - never
+        - pamd
+
+    - name: replace motd in pam.d
+      ansible.builtin.lineinfile:
+        path: '/etc/pam.d/{{ item }}'
+        line: "session    optional     pam_motd.so  noupdate"
+        insertafter: "session    optional     pam_motd.so  motd=/run/motd.dynamic"
+        state: present
+      loop:
+        - login
+        - sshd
+      tags:
+        - never
+        - pamd
+
+    - name: replace motd in pam.d
+      ansible.builtin.lineinfile:
+        path: '/etc/pam.d/system-login'
+        line: "session    optional     pam_motd.so  motd=/run/motd.dynamic"
+        state: present
+      tags:
+        - never
+        - pamd
+
+    - name: replace motd in pam.d
+      ansible.builtin.lineinfile:
+        path: '/etc/pam.d/system-login'
+        line: "session    optional     pam_motd.so  noupdate"
+        insertafter: "session    optional     pam_motd.so  motd=/run/motd.dynamic"
+        state: present
+      tags:
+        - never
+        - pamd
+
+  handlers:
+    - name: reload sshd
+      ansible.builtin.service:
+        name: "{{ ssh_service }}"
+        state: reloaded
diff --git a/templates/motd.j2 b/templates/motd.j2
@@ -0,0 +1,145 @@
+{% if inventory_hostname == "laundry" %}
+
+.__                          .___
+|  | _____   __ __  ____   __| ________ ___.__.
+|  | \__  \ |  |  \/    \ / __ |\_  __ <   |  |
+|  |__/ __ \|  |  |   |  / /_/ | |  | \/\___  |
+|____(____  |____/|___|  \____ | |__|   / ____|
+          \/           \/     \/        \/
+{% elif inventory_hostname == "kinakuta" %}
+
+ __   .__               __           __
+|  | _|__| ____ _____  |  | ____ ___/  |______
+|  |/ |  |/    \\__  \ |  |/ |  |  \   __\__  \
+|    <|  |   |  \/ __ \|    <|  |  /|  |  / __ \_
+|__|_ |__|___|  (____  |__|_ |____/ |__| (____  /
+     \/       \/     \/     \/                \/
+{% elif inventory_hostname == "fortkickass" %}
+
+  _____             __   __   .__        __                         
+_/ ________________/  |_|  | _|__| ____ |  | ______    ______ ______
+\   __/  _ \_  __ \   __|  |/ |  _/ ___\|  |/ \__  \  /  ___//  ___/
+ |  |(  <_> |  | \/|  | |    <|  \  \___|    < / __ \_\___ \ \___ \ 
+ |__| \____/|__|   |__| |__|_ |__|\___  |__|_ (____  /____  /____  >
+                             \/       \/     \/    \/     \/     \/ 
+{% elif inventory_hostname == "bulette" %}
+
+___.         .__          __    __
+\_ |__  __ __|  |   _____/  |__/  |_  ____
+ | __ \|  |  |  | _/ __ \   __\   ___/ __ \
+ | \_\ |  |  |  |_\  ___/|  |  |  | \  ___/
+ |___  |____/|____/\___  |__|  |__|  \___  >
+     \/                \/                \/
+{% elif inventory_hostname == "artoo" %}
+
+               __
+_____ ________/  |_ ____   ____
+\__  \\_  __ \   __/  _ \ /  _ \
+ / __ \|  | \/|  |(  <_> (  <_> )
+(____  |__|   |__| \____/ \____/
+     \/
+{% elif inventory_hostname == "threeepio" %}
+
+  __  .__                                    .__        
+_/  |_|  |_________  ____  ____  ____ ______ |__| ____  
+\   __|  |  \_  __ _/ __ _/ __ _/ __ \\____ \|  |/  _ \ 
+ |  | |   Y  |  | \\  ___\  ___\  ___/|  |_> |  (  <_> )
+ |__| |___|  |__|   \___  \___  \___  |   __/|__|\____/ 
+           \/           \/    \/    \/|__|              
+{% elif inventory_hostname == "severnaya" %}
+
+  ______ _______  __ ___________  ____ _____  ___._______
+ /  ____/ __ \  \/ _/ __ \_  __ \/    \\__  \<   |  \__  \
+ \___ \\  ___/\   /\  ___/|  | \|   |  \/ __ \\___  |/ __ \_
+/____  >\___  >\_/  \___  |__|  |___|  (____  / ____(____  /
+     \/     \/          \/           \/     \/\/         \/
+{% elif inventory_hostname == "pigley" %}
+
+       .__       .__
+______ |__| ____ |  |   ____ ___.__.
+\____ \|  |/ ___\|  | _/ __ <   |  |
+|  |_> |  / /_/  |  |_\  ___/\___  |
+|   __/|__\___  /|____/\___  / ____|
+|__|     /_____/           \/\/
+{% elif inventory_hostname == "goatley" %}
+
+                      __  .__
+   ____   _________ _/  |_|  |   ____ ___.__.
+  / ___\ /  _ \__  \\   __|  | _/ __ <   |  |
+ / /_/  (  <_> / __ \|  | |  |_\  ___/\___  |
+ \___  / \____(____  |__| |____/\___  / ____|
+/_____/            \/               \/\/
+{% elif inventory_hostname == "cyberdelia" %}
+
+             ___.                    .___     .__  .__
+  ____ ___.__\_ |__   ___________  __| _/____ |  | |_______
+_/ ___<   |  || __ \_/ __ \_  __ \/ __ _/ __ \|  | |  \__  \
+\  \___\___  || \_\ \  ___/|  | \/ /_/ \  ___/|  |_|  |/ __ \_
+ \___  / ____||___  /\___  |__|  \____ |\___  |____|__(____  /
+     \/\/         \/     \/           \/    \/             \/
+{% elif inventory_hostname == "gentlemanloser" %}
+
+                       __  .__                               .__
+   ____   ____   _____/  |_|  |   ____   _____ _____    ____ |  |   ____  ______ ___________
+  / ___\_/ __ \ /    \   __|  | _/ __ \ /     \\__  \  /    \|  |  /  _ \/  ____/ __ \_  __ \
+ / /_/  \  ___/|   |  |  | |  |_\  ___/|  Y Y  \/ __ \|   |  |  |_(  <_> \___ \\  ___/|  | \/
+ \___  / \___  |___|  |__| |____/\___  |__|_|  (____  |___|  |____/\____/____  >\___  |__|
+/_____/      \/     \/               \/      \/     \/     \/                \/     \/
+{% elif inventory_hostname == "blacksun" %}
+
+___.   .__                 __
+\_ |__ |  | _____    ____ |  | __ ________ __  ____
+ | __ \|  | \__  \ _/ ___\|  |/ //  ___|  |  \/    \
+ | \_\ |  |__/ __ \\  \___|    < \___ \|  |  |   |  \
+ |___  |____(____  /\___  |__|_ /____  |____/|___|  /
+     \/          \/     \/     \/    \/           \/
+{% elif inventory_hostname == "greyskull" %}
+
+                                   __         .__  .__
+   ___________  ____ ___.__. _____|  | ____ __|  | |  |
+  / ___\_  __ _/ __ <   |  |/  ___|  |/ |  |  |  | |  |
+ / /_/  |  | \\  ___/\___  |\___ \|    <|  |  |  |_|  |__
+ \___  /|__|   \___  / ____/____  |__|_ |____/|____|____/
+/_____/            \/\/         \/     \/
+{% elif inventory_hostname == "tombstone" %}
+
+  __               ___.            __
+_/  |_ ____   _____\_ |__   ______/  |_ ____   ____   ____
+\   __/  _ \ /     \| __ \ /  ___\   __/  _ \ /    \_/ __ \
+ |  |(  <_> |  Y Y  | \_\ \\___ \ |  |(  <_> |   |  \  ___/
+ |__| \____/|__|_|  |___  /____  >|__| \____/|___|  /\___  >
+                  \/    \/     \/                 \/     \/
+{% elif inventory_hostname == "nublar" %}
+
+            ___.   .__
+  ____  __ _\_ |__ |  | _____ _______
+ /    \|  |  | __ \|  | \__  \\_  __ \
+|   |  |  |  | \_\ |  |__/ __ \|  | \/
+|___|  |____/|___  |____(____  |__|
+     \/          \/          \/
+{% elif inventory_hostname == "sorna" %}
+
+  _________________  ____ _____
+ /  ___/  _ \_  __ \/    \\__  \
+ \___ (  <_> |  | \|   |  \/ __ \_
+/____  \____/|__|  |___|  (____  /
+     \/                 \/     \/
+{% elif inventory_hostname == "harbourcafe" %}
+
+.__                ___.                                      _____
+|  |__ _____ ______\_ |__   ____  __ _________  ____ _____ _/ ____\____
+|  |  \\__  \\_  __ | __ \ /  _ \|  |  \_  __ _/ ___\\__  \\   ___/ __ \
+|   Y  \/ __ \|  | \| \_\ (  <_> |  |  /|  | \\  \___ / __ \|  | \  ___/
+|___|  (____  |__|  |___  /\____/|____/ |__ /\ \___  (____  |__|  \___  >
+     \/     \/          \/                  \/     \/     \/          \/
+{% elif inventory_hostname == "locker" %}
+
+.__                 __
+|  |   ____   ____ |  | __ ___________
+|  |  /  _ \_/ ___\|  |/ _/ __ \_  __ \
+|  |_(  <_> \  \___|    <\  ___/|  | \/
+|____/\____/ \___  |__|_ \\___  |__|
+                 \/     \/    \/
+{% else %}
+{% endif %}
+
diff --git a/templates/profile-pyratenet.sh.j2 b/templates/profile-pyratenet.sh.j2
@@ -0,0 +1,52 @@
+#!/usr/bin/env sh
+c00=''
+c01=''
+c02=''
+c03=''
+c04=''
+c05=''
+c06=''
+c07=''
+c08=''
+c09=''
+c10=''
+c11=''
+c12=''
+c13=''
+c14=''
+c15=''
+
+f0=''
+f1=''
+f2=''
+
+{% if ansible_distribution == "OpenBSD" %}
+host=$(hostname)
+up=$(uptime | awk -F"up " '{print $NF}' | awk -F"user" '{print $1}' | sed 's/.\ $//' | tr -d ',')
+birthd=$(stat -f "%Sm %N" -t "%Y%m%d" /bin | awk '{print $1}')
+system=$(uname)
+load=$(uptime | awk -F"load averages: " '{print $NF}')
+{% else %}
+host=$(hostname -f)
+up=$(uptime -p | cut -b4- | tr -d ',|eeks|ay|our|inute')
+birthd=$(stat -c %w / | awk '{print $1}' | tr -d '-')
+system=$(awk -F= '/^NAME=/ {print $NF}' /etc/os-release | tr -d '"' | tr 'A-Z' 'a-z')
+load=$(awk '{print $1" "$2" "$3}' /proc/loadavg)
+{% endif %}
+kernel=$(uname -r | tr '[:upper:]' '[:lower:]')
+lastlog_date=$(last | head -2 | tail -1 | awk '{print $4" "$5" "$6" "$7}' | date +%Y%m%d@%H%M)
+lastlog_ip=$(last | head -2 | tail -1 | awk '{print $3}')
+
+if [ -t 1 ] && [ ! -f ~/.hushlogin ] && [ -n "$SSH_TTY" ] ; then
+	cat << EOF
+	${f1}host ${f0}...... $f2$host
+	${f1}up ${f0}........ $f2$up
+	${f1}birth ${f0}..... $f2$birthd
+	${f1}sys ${f0}....... $f2$system
+	${f1}shell ${f0}..... $f2$SHELL
+	${f1}kernel ${f0}.... $f2$kernel
+	${f1}load ${f0}...... $f2$load
+	${f1}lastlog ${f0}... $f2$lastlog_date from $lastlog_ip
+
+EOF
+fi