nginx_pg_subdomain.yml

@@ -1,64 +0,0 @@
----
-- name: Configure Nginx for Subdomain
-  hosts: servers
-  become: true
-
-  tasks:
-    - name: Create Nginx sites-available directory if it doesn't exist
-      file:
-        path: /etc/nginx/sites-available
-        state: directory
-        mode: '0755'
-      become: yes
-
-    - name: Create Nginx sites-enabled directory if it doesn't exist
-      file:
-        path: /etc/nginx/sites-enabled
-        state: directory
-        mode: '0755'
-      become: yes
-
-    - name: Create empty pg.usmidsap02 file if it doesn't exist
-      file:
-        path: /etc/nginx/sites-available/pg.usmidsap02
-        state: touch
-        mode: '0644'
-      become: yes
-
-    - name: Create Nginx configuration for the subdomain
-      become: yes
-      blockinfile:
-        path: /etc/nginx/sites-available/pg.usmidsap02
-        block: |
-          server {
-            listen 5432;
-            server_name pg.usmidsap02;
-            location / {
-              proxy_pass http://127.0.0.1:5432;
-              proxy_set_header Host $host;
-              proxy_set_header X-Real-IP $remote_addr;
-              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            }
-          }
-        marker: "# {mark} ANSIBLE MANAGED BLOCK - pg.usmidsap02"
-
-    - name: Create a symbolic link to enable the site
-      become: yes
-      file:
-        src: /etc/nginx/sites-available/pg.usmidsap02
-        dest: /etc/nginx/sites-enabled/pg.usmidsap02
-        state: link
-
-    - name: Check Nginx configuration
-      become: yes
-      command: nginx -t
-      register: nginx_test
-      ignore_errors: true
-
-    - name: Reload Nginx if configuration is valid
-      become: yes
-      systemd:
-        name: nginx
-        state: reloaded
-      when: nginx_test.rc == 0
-

use_tps_add.yml

@@ -1,57 +0,0 @@
----
-- name: Add user 'tps' with sudo ability and SSH key
-  hosts: servers
-  become: true
-
-  vars_prompt:
-    - name: tps_password
-      prompt: "Enter the password for 'tps' user:"
-      private: yes
-
-  tasks:
-    - name: Create the 'tps' user
-      user:
-        name: tps
-        state: present
-        shell: /bin/bash
-        createhome: yes
-
-    - name: Set password for 'tps' user
-      ansible.builtin.shell: echo "tps:{{ tps_password | password_hash('sha512', 'mysecretsalt') }}" | chpasswd
-
-    - name: Generate RSA SSH key pair for 'tps' user (if not already generated)
-      ansible.builtin.shell: ssh-keygen -t rsa -b 4096 -C "tps@{{ ansible_hostname }}" -f "/home/tps/.ssh/id_rsa" creates="/home/tps/.ssh/id_rsa"
-
-    - name: Set appropriate permissions for 'tps' user's SSH directory
-      ansible.builtin.file:
-        path: /home/tps/.ssh
-        state: directory
-        mode: "0700"
-        owner: tps
-        group: tps
-
-    - name: Read the public key content
-      ansible.builtin.slurp:
-        src: /home/tps/.ssh/id_rsa.pub
-      register: public_key_file
-
-    - name: Add 'tps' user to sudoers
-      ansible.builtin.lineinfile:
-        path: /etc/sudoers
-        line: 'tps ALL=(ALL:ALL) ALL'
-        validate: 'visudo -cf %s'
-
-    - name: Add the public key to Gitea using the API with the access token
-      ansible.builtin.uri:
-        url: "https://gitea.hptrow.me/api/v1/user/keys"
-        method: POST
-        headers:
-          Authorization: "a3b03005781823a4fc0c4b435269408d94e0e2f8"
-          Content-Type: "application/json"
-        body_format: json
-        body:
-          title: "tps-{{ ansible_hostname }}"
-          key: "{{ public_key_file.content | b64decode }}"
-        status_code: 201
-      delegate_to: localhost
-