elasticsearch

10 files changed, 0 insertions, 156 deletions

diff --git a/ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der b/ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der
deleted file mode 100644
index 73e9b45..0000000
--- a/ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der
+++ /dev/null
diff --git a/ansible/strongswan-experiment/files/swanctl/CA/ca-key.der b/ansible/strongswan-experiment/files/swanctl/CA/ca-key.der
deleted file mode 100644
index 740545a..0000000
--- a/ansible/strongswan-experiment/files/swanctl/CA/ca-key.der
+++ /dev/null
diff --git a/ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der b/ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der
deleted file mode 100644
index 5c988d9..0000000
--- a/ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der
+++ /dev/null
diff --git a/ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der b/ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der
deleted file mode 100644
index 562c76b..0000000
--- a/ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der
+++ /dev/null
diff --git a/ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml b/ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml
deleted file mode 100644
index fb09476..0000000
--- a/ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-- name: packages
-  apt:
-    name: "{{ item }}"
-    install_recommends: no
-  with_items:
-    - strongswan-swanctl
-- name: Install CA certificate
-  copy:
-    src=swanctl/CA/ca-cert.der
-    dest=/etc/swanctl/x509ca/ca-cert.der
-- name: Install key
-  copy:
-    src=swanctl/{{ inventory_hostname }}/rsa/{{ inventory_hostname }}-key.der
-    dest=/etc/swanctl/rsa/{{ inventory_hostname }}-key.der
-- name: Install certificate
-  copy:
-    src=swanctl/{{ inventory_hostname }}/x509/{{ inventory_hostname }}-cert.der
-    dest=/etc/swanctl/x509/{{ inventory_hostname }}-cert.der
-- template:
-    src: swanctl.conf
-    dest: /etc/swanctl/conf.d/trygvis.io.conf
diff --git a/ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf b/ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf
deleted file mode 100644
index 90d212b..0000000
--- a/ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf
+++ /dev/null
@@ -1,34 +0,0 @@
-connections {
-
-   home {
-      local_addrs  = {{ strongswan_rw[inventory_hostname].local_addrs }}
-      remote_addrs = {{ strongswan_home_addrs }}
-
-      local {
-         auth = pubkey
-         certs = {{ inventory_hostname }}-cert.der
-         id = {{ inventory_hostname }}.trygvis.io
-      }
-      remote {
-         auth = pubkey
-         id = {{ strongswan_remote_id }}
-      }
-      children {
-         home {
-            remote_ts = {{ strongswan_ts }}
-
-#            updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128-sha256-x25519
-         }
-      }
-      version = 2
-      proposals = aes128-sha256-x25519
-   }
-}
-
-authorities {
-   strongswan {
-      cacert = ca-cert.der
-      crl_uris = http://ip6-winnetou.strongswan.org/strongswan.crl
-   }
-}
diff --git a/ansible/strongswan-experiment/strongswan-rw.yml b/ansible/strongswan-experiment/strongswan-rw.yml
deleted file mode 100644
index 136e9ad..0000000
--- a/ansible/strongswan-experiment/strongswan-rw.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-- hosts:
-  - arius
-  vars_files:
-    - strongswan-vars.yml
-  tasks:
-    - name: strongswan-rw
-      import_role: name=strongswan-rw
-      tags: strongswan-rw
-      become: yes
diff --git a/ansible/strongswan-experiment/strongswan-server.yml b/ansible/strongswan-experiment/strongswan-server.yml
deleted file mode 100644
index e555b90..0000000
--- a/ansible/strongswan-experiment/strongswan-server.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-- hosts:
-  - knot
-  vars_files:
-    - strongswan-vars.yml
-  vars:
-    peers:
-      - arius
-  handlers:
-    - name: systemctl restart strongswan
-      become: true
-      systemd:
-        name: strongswan
-        state: restarted
-  tasks:
-    - become: true
-      block:
-        - name: packages
-          apt:
-            name: "{{ item }}"
-            install_recommends: no
-          with_items:
-            - strongswan-swanctl
-        - name: install certs
-          with_items: "{{ peers }}"
-          copy:
-            src=swanctl/{{ item }}/rsa/{{ item }}-key.der
-            dest=/etc/swanctl/rsa/{{ item }}-key.der
-        - name: install swanctl.conf
-          notify: systemctl restart strongswan
-          copy:
-            dest: /etc/swanctl/conf.d/trygvis.io.conf
-            content: |
-              connections {
-
-                 rw {
-                    local_addrs  = fec0::1
-
-                    local {
-                       auth = pubkey
-                       certs = moonCert.pem
-                       id = moon.strongswan.org
-                    }
-                    remote {
-                       auth = pubkey
-                    }
-                    children {
-                       net {
-                          local_ts  = {{ strongswan_ts }}
-
-                          updown = /usr/local/libexec/ipsec/_updown iptables
-                          esp_proposals = aes128-sha256-x25519
-                       }
-                    }
-                    version = 2
-                    proposals = aes128-sha256-x25519
-                 }
-              }
-
-              authorities {
-                 strongswan {
-                    #cacert = caCert.pem
-                    #crl_uris = http://ip6-winnetou.strongswan.org/strongswan.crl
-                    cacert = ca-cert.der
-                    crl_uris =
-                 }
-              }
-
diff --git a/ansible/strongswan-experiment/strongswan-vars.yml b/ansible/strongswan-experiment/strongswan-vars.yml
deleted file mode 100644
index e72b040..0000000
--- a/ansible/strongswan-experiment/strongswan-vars.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-strongswan_rw:
-  arius:
-    local_addrs: fc00:0002::2
-
-strongswan_home_addrs: fc00:0001::1
-strongswan_ts: fc00:0001::0/32
-strongswan_remote_id: knot.trygvis.io
diff --git a/ansible/strongswan-experiment/strongswan.md b/ansible/strongswan-experiment/strongswan.md
deleted file mode 100644
index 4258037..0000000
--- a/ansible/strongswan-experiment/strongswan.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# CA certificate
-
-    mkdir -p files/swanctl/CA
-    pki --gen > files/swanctl/CA/ca-key.der
-    pki --self \
-        --in files/swanctl/CA/ca-key.der \
-        --dn "C=NO, O=Trygvis IO AS, CN=Trygvis IO CA" \
-        --ca > files/swanctl/CA/ca-cert.der
-
-# Peer certificate
-
-    mkdir -p files/swanctl/$host/{rsa,x509}
-    pki --gen > files/swanctl/$host/rsa/$host-key.der
-    pki --pub --in files/swanctl/$host/rsa/$host-key.der | \
-      pki --issue \
-        --cakey files/swanctl/CA/ca-key.der \
-        --cacert files/swanctl/CA/ca-cert.der \
-        --dn "C=NO, O=Trygvis IO AS, CN=$host.trygvis.io" > files/swanctl/$host/x509/$host-cert.der