# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*- --- - name: "DEBUG: Including proxy Devuan.yml" debug: verbosity: 1 msg: "DEBUG: Including proxy Devuan.yml BASE_ARE_CONNECTED={{BASE_ARE_CONNECTED}}" # Perf h4x: Force dpkg to not to call sync() after package extraction, turn off # the apt-cache (not needed in a container) and disable translation fetching... - name: "/etc/dpkg/dpkg.cfg.d/02-force-unsafe-io" blockinfile: dest: /etc/dpkg/dpkg.cfg.d/02-force-unsafe-io create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK proxy Devuan.yml" block: | force-unsafe-io - name: "/etc/apt/apt.conf.d/no-cache" blockinfile: dest: /etc/apt/apt.conf.d/no-redirect create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK proxy Devuan.yml" block: | # https://lists.debian.org/debian-security-announce/2019/msg00010.html Acquire::http::AllowRedirect=false update; Acquire::http::AllowRedirect=false upgrade; - name: "/etc/apt/apt.conf.d/no-cache" blockinfile: dest: /etc/apt/apt.conf.d/no-cache create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK proxy Devuan.yml" block: | Acquire::http {No-Cache=True;}; when: - ansible_virtualization_role|replace('NA', 'host') == 'guest' - name: "/etc/apt/apt.conf.d/no-cache" blockinfile: dest: /etc/apt/apt.conf.d/no-cache create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK proxy Devuan.yml" block: | Acquire::http {No-Cache=False;}; when: - ansible_virtualization_role|replace('NA', 'host') != 'guest' - name: "/etc/apt/apt.conf.d/no-lang" blockinfile: dest: /etc/apt/apt.conf.d/no-lang create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK proxy Devuan.yml" block: | Acquire::Languages "none"; - name: disable /etc/apt/apt.conf.d/50unattended-upgrades shell: | [ -f /etc/apt/apt.conf.d/50unattended-upgrades ] || exit 0 grep -q '^[^/]' /etc/apt/apt.conf.d/50unattended-upgrades || exit 0 sed -e 's@^\([^/]\)@//\1@' -i /etc/apt/apt.conf.d/50unattended-upgrades exit 0 - name: /etc/apt/apt.conf.d/70insecure.conf blockinfile: dest: /etc/apt/apt.conf.d/70insecure.conf create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK proxy Devuan.yml" block: | Acquire::AllowInsecureRepositories false; - name: install proxy_debs_inst packages environment: - "RUNLEVEL": 1 apt: force_apt_get: true name: "{{ item }}" state: latest update_cache: no ignore_errors: "{{ BASE_PKG_IGNORE_ERRORS }}" when: - item != '' and item != [] - not ansible_check_mode - BASE_ARE_CONNECTED|default('') != '' with_items: - "{{proxy_debs_inst}}" - "{{ proxy_libvirt_debs_inst if BOX_WHONIX_PROXY_HOST != '' else [] }}" - "{{ proxy_qemu_guest_debs_inst if PROXY_MODE in ['gateway','ws', 'vda'] else [] }}" - "{{ proxy_gateway_debs_inst if BOX_OS_FLAVOR in ['WhonixGateway'] else [] }}" - "{{ proxy_xfce_debs_inst if BOX_OS_FLAVOR in ['KickSecure', 'WhonixWorkstation'] else [] }}" - name: install cntlm packages environment: - "RUNLEVEL": 1 apt: force_apt_get: true name: "cntlm" state: latest update_cache: no ignore_errors: "{{ BASE_PKG_IGNORE_ERRORS }}" when: - false - not ansible_check_mode - BASE_ARE_CONNECTED|default('') != '' - name: "/etc/default/console-setup" lineinfile: dest: /etc/default/console-setup create: yes regexp: "^#* *{{item.name}}.*" line: '{{ item.name }}="{{ item.val }}"' state: present with_items: - { name: CODESET, val: "Uni2" } - { name: FONTFACE, val: "TerminusBold" } - { name: FONTSIZE, val: "28x14" } - name: /etc/apt/apt.conf.d/70testforge.conf blockinfile: dest: /etc/apt/apt.conf.d/70testforge.conf create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK proxy Debian_post.yml" block: | APT::Install-Recommends false; APT::Install-Suggests false; #APT::AutoRemove::RecommendsImportant false; #APT::AutoRemove::SuggestsImportant false; APT::Periodic::Enable 0; - name: //usr/share/tor/tor-service-defaults-torrc shell: | [ -f /usr/share/tor/tor-service-defaults-torrc ] && [ -h /usr/share/tor/tor-service-defaults-torrc ] && return 0 [ -f /usr/share/tor/tor-service-defaults-torrc ] || return 0 mv /usr/share/tor/tor-service-defaults-torrc \ /usr/share/tor/tor-service-defaults-torrc.bak ln -s /etc/tor/torrc-defaults /usr/share/tor/tor-service-defaults-torrc