1 files changed, 0 insertions, 91 deletions
diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/server.pp b/global/overlay/etc/puppet/modules/sunet/manifests/server.pp
deleted file mode 100644
index d89302f..0000000
--- a/global/overlay/etc/puppet/modules/sunet/manifests/server.pp
+++ /dev/null
@@ -1,91 +0,0 @@
-define sunet::server() {
-
-  # fail2ban
-  class { 'sunet::fail2ban': }
-
-  # Set up encrypted swap
-  sunet::encrypted_swap { 'sunet_encrypted_swap': }
-
-  # Add prerequisites for ethernet bonding, if physical server
-  sunet::ethernet_bonding { 'sunet_ethernet_bonding': }
-
-# Removed until SWAMID hosts can have their ufw module updated  / ft
-#  # Ignore IPv6 multicast
-#  ufw::deny { 'ignore_v6_multicast':
-#    ip    => 'ff02::1',
-#    proto => 'any'  # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :(
-#  }
-
-#  # Ignore IPv6 multicast PIM router talk
-#  ufw::deny { 'ignore_v6_multicast_PIM':
-#    ip    => 'ff02::d',
-#    proto => 'any'  # 'ufw' has a hard-coded list of protocols, which does not include 'ipv6-icmp' :(
-#  }
-
-  include augeas
-  augeas { "sshd_config":
-    context => "/files/etc/ssh/sshd_config",
-    changes => [
-      "set PasswordAuthentication no",
-      "set X11Forwarding no",
-      "set LogLevel VERBOSE",  # log pubkey used for root login
-    ],
-    notify => Service['ssh'],
-  } ->
-    file_line {
-      'no_sftp_subsystem':
-        path        => '/etc/ssh/sshd_config',
-        match       => 'Subsystem sftp /usr/lib/openssh/sftp-server',
-        line        => '#Subsystem sftp /usr/lib/openssh/sftp-server',
-    notify => Service['ssh'],
-  }
-
-  # already declared in puppet-cosmos/manifests/ntp.pp
-  #service { 'ntp':
-  #  ensure    => 'running',
-  #}
-
-  # Don't use pool.ntp.org servers, but rather DHCP provided NTP servers
-  line { 'no_pool_ntp_org_servers':
-      file        => '/etc/ntp.conf',
-      line        => '^server .*\.pool\.ntp\.org',
-      ensure      => 'comment',
-      notify      => Service['ntp'],
-  }
-
-  file { '/var/cache/scriptherder':
-    ensure  => 'directory',
-    path    => '/var/cache/scriptherder',
-    mode    => '1777',    # like /tmp, so user-cronjobs can also use scriptherder
-  }
-
-
-}
-
-# from http://projects.puppetlabs.com/projects/puppet/wiki/Simple_Text_Patterns/5
-define line($file, $line, $ensure = 'present') {
-  case $ensure {
-    default : { err ( "unknown ensure value ${ensure}" ) }
-    present: {
-      exec { "/bin/echo '${line}' >> '${file}'":
-        unless => "/bin/grep -qFx '${line}' '${file}'"
-      }
-    }
-    absent: {
-      exec { "/usr/bin/perl -ni -e 'print unless /^\\Q${line}\\E\$/' '${file}'":
-        onlyif => "/bin/grep -qFx '${line}' '${file}'"
-      }
-    }
-    uncomment: {
-      exec { "/bin/sed -i -e'/${line}/s/^#\\+//' '${file}'":
-        onlyif => "/bin/grep '${line}' '${file}' | /bin/grep '^#' | /usr/bin/wc -l"
-      }
-    }
-    comment: {
-      exec { "/bin/sed -i -e'/${line}/s/^\\(.\\+\\)$/#\\1/' '${file}'":
-        onlyif => "/usr/bin/test `/bin/grep '${line}' '${file}' | /bin/grep -v '^#' | /usr/bin/wc -l` -ne 0"
-      }
-    }
-  }
-
-}