From 2140a1428c99dffa2b984025daad59dd003922e2 Mon Sep 17 00:00:00 2001
From: Fritz Grimpen <grimpen@uni-bremen.de>
Date: Tue, 17 Sep 2024 16:30:44 +0200
Subject: [PATCH] debian: Do not change shell and use debian-owned facilities
 for networking

---
 roles/debian/tasks/main.yml          | 64 +---------------------------
 roles/debian/templates/interfaces.j2 | 16 +++++++
 2 files changed, 18 insertions(+), 62 deletions(-)
 create mode 100644 roles/debian/templates/interfaces.j2

diff --git a/roles/debian/tasks/main.yml b/roles/debian/tasks/main.yml
index 76ea1c9..2f3512e 100644
--- a/roles/debian/tasks/main.yml
+++ b/roles/debian/tasks/main.yml
@@ -1,39 +1,4 @@
 ---
-- name: Install defaults
-  package:
-    name:
-    - zsh
-
-- name: Download .zshrc from grml
-  get_url:
-    url: https://raw.githubusercontent.com/grml/grml-etc-core/v0.12.5/etc/zsh/zshrc
-    dest: /etc/zsh/zshrc
-    checksum: sha256:ad88c76951693c2f9c38773ed2602a9fd5c74431615c4a23aaff679b295919ce
-    validate_certs: false
-
-- name: Update SSH configuration
-  notify: reload sshd
-  replace:
-    dest: /etc/ssh/sshd_config
-    regexp: '^([\#\s]*)?{{ item.key }}\s+([\w_-]+)'
-    replace: "{{item.key}} {{item.value}}"
-  with_items:
-  - key: PermitRootLogin
-    value: without-password
-  - key: PasswordAuthentication
-    value: 'no'
-  - key: ChallengeResponseAuthentication
-    value: 'no'
-  - key: PrintLastLog
-    value: 'yes'
-  - key: UseDNS
-    value: 'no'
-
-- name: Change shell of user root
-  user:
-    name: root
-    shell: /usr/bin/zsh
-
 - name: Enable sshd
   systemd:
     name: sshd
@@ -44,32 +9,7 @@
   notify: restart network
   when: ipv4 is defined or ipv6 is defined
   template:
-    src: systemd.network
-    dest: /etc/systemd/network/main.network
+    src: interfaces.j2
+    dest: /etc/network/interfaces
     owner: root
     mode: 644
-
-- name: enable systemd-networkd
-  notify: restart network
-  systemd:
-    name: systemd-networkd
-    state: started
-    enabled: yes
-
-- name: disable networking
-  systemd:
-    name: networking
-    enabled: no
-
-- name: start systemd-resolved
-  systemd:
-    name: systemd-resolved
-    state: started
-    enabled: yes
-
-- name: symling /etc/resolve
-  file:
-    src: /run/systemd/resolve/stub-resolv.conf
-    dest: /etc/resolv.conf
-    state: link
-    force: yes
diff --git a/roles/debian/templates/interfaces.j2 b/roles/debian/templates/interfaces.j2
new file mode 100644
index 0000000..57cb9eb
--- /dev/null
+++ b/roles/debian/templates/interfaces.j2
@@ -0,0 +1,16 @@
+# The primary network interface
+allow-hotplug enp0s3
+{% if ipv4 is defined %}
+iface enp0s3 inet static
+	address {{ipv4}}/31
+	gateway {{ipv4route}}
+	# dns-* options are implemented by the resolvconf package, if installed
+	dns-nameservers {{ipv4route}}
+	dns-search emma.ccchb.de
+{% endif %}
+
+{% if ipv6 is defined %}
+iface enp0s3 inet6 static
+	address {{ipv6}}/127
+	gateway {{ipv6route}}
+{% endif %}