1 files changed, 30 insertions, 85 deletions

diff --git a/dan/ele-telesto.yml b/dan/ele-telesto.yml
index 41ae9151..2370fdc2 100644
--- a/dan/ele-telesto.yml
+++ b/dan/ele-telesto.yml
@@ -7,90 +7,35 @@
   - role: core/sshd/base
   - role: core/zsh
   - role: core/cpu-microcode
-  - role: storage/zfs/pools
+  - role: core/ntp
+  - role: core/admin-users
   - role: apt-repo/spreadspace
-  - role: storage/zfs/sanoid
   - role: monitoring/prometheus/exporter
-  - role: vm/host/base
-  - role: vm/host/network
-  - role: installer/debian/base
-  - role: installer/openbsd/base
-  post_tasks:
-  - name: install smstools
-    apt:
-      name: smstools
-      state: present
-
-  - name: add user for sachet
-    user:
-      name: sachet
-      system: yes
-      home: /nonexistent
-      create_home: no
-      groups: smsd
-      append: yes
-
-  - name: create sachet config directory
-    file:
-      path: /etc/sachet
-      state: directory
-
-  - name: install sachet config file
-    copy:
-      dest: /etc/sachet/config.yml
-      content: |
-        providers:
-          smstools:
-            outgoing_dir: /var/spool/sms/outgoing
-
-        receivers:
-        - name: equinox
-          provider: smstools
-          to:
-          - '+436644800222'
-
-  - name: install systemd service unit for sachet
-    copy:
-      dest: /etc/systemd/system/sachet.service
-      content: |
-        [Unit]
-        Description=Sachet SMS Daemon for Prometheus Alertmanager
-
-        [Service]
-        Restart=on-failure
-        User=sachet
-        ExecStart=/usr/local/bin/sachet -config /etc/sachet/config.yml
-
-        # systemd hardening-options
-        AmbientCapabilities=
-        CapabilityBoundingSet=
-        DeviceAllow=/dev/null rw
-        DevicePolicy=strict
-        LimitMEMLOCK=0
-        LimitNOFILE=8192
-        LockPersonality=true
-        MemoryDenyWriteExecute=true
-        NoNewPrivileges=true
-        PrivateDevices=true
-        PrivateTmp=true
-        PrivateUsers=true
-        ProtectControlGroups=true
-        ProtectHome=true
-        ProtectKernelModules=true
-        ProtectKernelTunables=true
-        ProtectSystem=full
-        ReadWritePaths=/var/spool/sms/outgoing
-        RemoveIPC=true
-        RestrictNamespaces=true
-        RestrictRealtime=true
-        SystemCallArchitectures=native
-
-        [Install]
-        WantedBy=multi-user.target
-
-  ## TODO:
-  ##   - configure smstools
-  ##   - build sachet using this branch: https://github.com/spreadspace/sachet/tree/topic/add-smstools
-  ##   - copy binary to /usr/local/bin/sachet
-  ##   - $ systemctl daemon-reload
-  ##   - $ systemctl enable --now sachet
+  - role: streaming/blackmagic/desktopvideo
+#  post_tasks:
+#  - name: install lm-sensors and i7z
+#    apt:
+#      name:
+#      - lm-sensors
+#      - i7z
+#
+#  - name: load modules for lm-sensors
+#    vars:
+#      sensors_modules:
+#      - coretemp
+#    block:
+#    - name: load special modules for lm-sensors
+#      loop: "{{ sensors_modules }}"
+#      modprobe:
+#        name: "{{ item }}"
+#        state: present
+#
+#    - name: make sure sensor modules are loaded on reboot
+#      copy:
+#        content: |
+#          # Ansible managed
+#
+#          {% for module in sensors_modules %}
+#          {{ module }}
+#          {% endfor %}
+#        dest: /etc/modules-load.d/sensors.conf