From 31d7f0fd35121b52947dfa0e7db32f6dfb2cf0f9 Mon Sep 17 00:00:00 2001
From: dogeystamp <dogeystamp@disroot.org>
Date: Sun, 14 May 2023 12:28:58 -0400
Subject: [PATCH] sftp: removed service

---
 README.md                          |  1 -
 group_vars/all/vars.yml            |  6 ------
 roles/services/sftp/tasks/main.yml | 15 ---------------
 run.yml                            |  5 -----
 4 files changed, 27 deletions(-)
 delete mode 100644 roles/services/sftp/tasks/main.yml

diff --git a/README.md b/README.md
index 5f770a9..a3ef9f0 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,6 @@ This project was largely inspired by his own [infra](https://github.com/notthebe
 * Nginx webserver
 * MediaWiki farm
 * Navidrome music server
-* SFTP (not really a service, included in sshd)
 * Syncthing
 * Firewall (UFW)
 
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
index 7b65c5e..5bb0e90 100644
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@@ -20,9 +20,6 @@ admin_username: maestro
 # Username for unpriviledged user
 username: dogeystamp
 
-# Create an SFTP read-only user (leave blank to disable)
-sftp_ro_username: dogeystamp-mobile
-
 # Git repos (could be localhost if Gitea is installed)
 dots_repo: http://localhost:3000/dogeystamp/dots.git
 site_repo: http://localhost:3000/dogeystamp/wb4.git
@@ -270,9 +267,6 @@ enable_navidrome: yes
 # Personal website
 enable_website: yes
 
-# SFTP read-only user
-enable_sftpr: no
-
 # Syncthing
 enable_syncthing: yes
 
diff --git a/roles/services/sftp/tasks/main.yml b/roles/services/sftp/tasks/main.yml
deleted file mode 100644
index b2caab8..0000000
--- a/roles/services/sftp/tasks/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-- name: Create sftp read group
-  group:
-    name: sftpr
-
-- name: Create sftp read-only user
-  user:
-    name: "{{ sftp_ro_username }}"
-    groups:
-      - sftpr
-
-- name: Deploy SSH key to sftp user
-  ansible.posix.authorized_key:
-    user: "{{ sftp_ro_username }}"
-    state: present
-    key: "{{ lookup('file', '~/.ssh/keys/{{ ansible_hostname }}_sftp.pub')}}"
diff --git a/run.yml b/run.yml
index 39f8fd7..3bb25c8 100644
--- a/run.yml
+++ b/run.yml
@@ -55,11 +55,6 @@
         - nameserver
       when: enable_nameserver
 
-    - role: services/sftp
-      tags:
-        - sftp
-      when: enable_sftpr
-
     - role: services/mail
       tags:
         - mail