Cleaning up to fit AniNIX/Uniglot hooks; catching up with testing

2023-02-20 16:50:10 -06:00 · 2023-02-20 16:50:10 -06:00 · d92ab6acda
commit d92ab6acda
parent a2fecf9d64
39 changed files with 310 additions and 39 deletions
--- a/.gitignore
+++ b/.gitignore
@ -6,6 +6,7 @@ roles/ShadowArch/files/mirrorlist
 roles/Foundation/files/custom/public/img/**
 venv/**
 **/pkg/**
 **/src/**
 **pkg.tar.zst
 # ---> Python
--- a/precommit-hooks/find-large-files
+++ b/precommit-hooks/find-large-files
@ -1,7 +1,9 @@
 #!/bin/bash
 # Limit files in git to 1M.
-find . -type f -exec du -k {} \; | egrep -v '^[[:digit:]]?[[:digit:]]?[[:digit:]][[:space:]]|venv|\s./.git/'
+IFS="
 "
 git ls-files | xargs -n1 du -k {} \; | egrep -v '^[[:digit:]]?[[:digit:]]?[[:digit:]][[:space:]]|venv|\s./.git/'
 if [ $? -ne 1 ]; then
    echo
--- a/roles/Foundation/files/custom/bin/gen-aninix-custom
+++ b/roles/Foundation/files/custom/bin/gen-aninix-custom
@ -55,8 +55,8 @@ a {
    | sed "s/$BGCOLOR/$ANINIXBG/gI" > /var/lib/gitea/custom/public/css/theme-aninix.css
 cd /var/lib/gitea/web-snippets
-head="$(curl -ks https://aninix.net/ | egrep -B 99999 '^<div class="home"')"
+head="$(curl -ks https://aninix.net/ | grep -B 99999 -E '^<div class="home"')"
-foot="$(curl -ks https://aninix.net/ | egrep -A 99999 '<footer>')"
+foot="$(curl -ks https://aninix.net/ | grep -A 99999 -E '<footer>')"
 for i in `find . -type f`; do
    (echo "$head"
    cat "$i"
--- a/roles/Foundation/files/custom/bin/sitemap.php
+++ b/roles/Foundation/files/custom/bin/sitemap.php
@ -14,7 +14,7 @@ echo '<?xml version="1.0" encoding="UTF-8"?>
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
 ';
-exec("(echo /srv/http/aninix.net/index.php; find /srv/http/aninix.net/pages -type f; find /srv/http/aninix.net/martialarts/ -type f) | egrep \.php\$ | egrep -v ^./unlisted\|^./errors/\|head.php\|foot.php\|test\|Template\|darknet", $output);
+exec("(echo /srv/http/aninix.net/index.php; find /srv/http/aninix.net/pages -type f; find /srv/http/aninix.net/martialarts/ -type f) | grep -E \.php\$ | grep -vE ^./unlisted\|^./errors/\|head.php\|foot.php\|test\|Template\|darknet", $output);
 foreach ($output as &$file) {
    echo '    <url>
 ';
--- a/roles/IRC/templates/inspircd/inspircd.conf.j2
+++ b/roles/IRC/templates/inspircd/inspircd.conf.j2
@ -56,7 +56,7 @@
 <bind
      address=""
      port="6697"
-      ssl="openssl"
+      sslprofile="clients"
      type="clients">
 <bind address="" port="6667" type="clients">
@ -66,7 +66,7 @@
 <openssl onrehash="yes">
 <sslprofile
-      name="Clients"
+      name="clients"
      provider="openssl"
      cafile="/etc/letsencrypt/live/{{ ssl['identity'] }}/fullchain.pem"
      certfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/cert.pem"
@ -75,10 +75,11 @@
      hash="sha256"
      renegotiation="no"
      requestclientcert="no"
-      sslv3="false"
+      sslv3="no"
      tlsv1="no"
      tlsv11="no"
-      tlsv12="yes">
+      tlsv12="yes"
      tlsv13="yes">
--- a/roles/IRC/templates/inspircd/modules.conf.j2
+++ b/roles/IRC/templates/inspircd/modules.conf.j2
@ -1453,7 +1453,7 @@
 #<module name="m_regex_stdlib.so">
 #
 # Specify the regular expression engine to use here. Valid settings are
-# bre, ere, awk, grep, egrep, ecmascript (default if not specified).
+# bre, ere, awk, grep, ecmascript (default if not specified).
 #<stdregex type="ecmascript">
 #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
--- a/roles/IRC/templates/inspircd/opers.conf.j2
+++ b/roles/IRC/templates/inspircd/opers.conf.j2
@ -89,7 +89,7 @@
 #      type="NetAdmin">
 #
 {% for oper in secrets['IRC']['opers'] %}
-<oper name="{{ oper }}" password="{{ secrets['IRC']['opers'][oper] }}" hash="sha256" host="*@127.0.0.1 *@10.0.1.* *@localhost *@aninix.net" type="Helper">
+<oper name="{{ oper }}" password="{{ secrets['IRC']['opers'][oper] }}" hash="sha256" host="*@127.0.0.1 *@10.0.1.* *@localhost *@aninix.net" type="NetAdmin">
 {% endfor %}
 #-#-#-#-#-#-#-#-#-#-  DIE/RESTART CONFIGURATION   -#-#-#-#-#-#-#-#-#-#-
--- a/roles/SSH/files/sshd_config
+++ b/roles/SSH/files/sshd_config
@ -1,6 +1,6 @@
-### AniNIX::SSH \\ Basic configuration for listening daemon ###
+### AniNIX/SSH | Basic configuration for listening daemon ###
-# Daemon spec #
+# Daemon spec
 Port 22
 ListenAddress 0.0.0.0
 PrintMotd yes
@ -8,17 +8,18 @@ PrintLastLog yes
 StrictModes yes
 Protocol 2
 ChrootDirectory none
 # DSA and ECDSA are untrusted for vulnerabilites and backdoors. https://wiki.archlinux.org/index.php/SSH_keys
 # RSA and ED25519 are stable.
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_ed25519_key
-# Network Performance #
+# Network Performance
 Compression yes
 ClientAliveInterval 5
 ClientAliveCountMax 3
-# Forwarding options # 
+# Forwarding options
 AllowTcpForwarding no
 PermitTunnel no
 AllowAgentForwarding no
@ -27,10 +28,10 @@ X11DisplayOffset 10
 X11UseLocalhost no
 GatewayPorts no
-# Override default of no subsystems to allow SFTP #
+# Override default of no subsystems to allow SFTP
-Subsystem	sftp	/usr/lib/ssh/sftp-server
+Subsystem	sftp	internal-sftp
-# Authentication #
+# Authentication
 PubkeyAuthentication yes
 AuthorizedKeysFile	.ssh/authorized_keys
 PasswordAuthentication yes
@ -44,7 +45,7 @@ AllowGroups ssh-allow
 PermitRootLogin no
 PermitEmptyPasswords no
-## Access Controls ###
+## Access Controls
 Match Group ssh-forward
    AllowTcpForwarding yes
    PermitTunnel yes
@ -52,8 +53,8 @@ Match Group ssh-forward
    X11Forwarding yes
 Match Group sftp-home-jail
-    ForceCommand internal-sftp #/usr/lib/ssh/sftp-server
+    ForceCommand internal-sftp
-    ChrootDirectory /home # Lock the user in their home directory
+    ChrootDirectory /home
-Match User crypto
+# Allow other packages to ship snippets
-    ForceCommand /usr/local/bin/captivecrypto
+Include /etc/ssh/includes/*
--- a/roles/SSH/tasks/main.yml
+++ b/roles/SSH/tasks/main.yml
@ -64,6 +64,15 @@
       src: sshd_config
       dest: /etc/ssh/sshd_config
 - name: Allow SSHD Includes
   become: yes
   file:
     path: /etc/ssh/includes
     state: directory
     user: root
     group: root
     mode: 0755
 - name: Restart SSHD (ArchLinux)
   become: yes
   when: ansible_os_family == "Archlinux" and sshd_config.changed
--- a/roles/Sharingan/files/rkhunter/rkhunter.conf
+++ b/roles/Sharingan/files/rkhunter/rkhunter.conf
@ -1333,8 +1333,6 @@ DBDIR=/var/lib/rkhunter/db
 SCRIPTDIR=/usr/lib/rkhunter/scripts
 TMPDIR=/var/lib/rkhunter/tmp
 USER_FILEPROP_FILES_DIRS=/etc/rkhunter.conf
 SCRIPTWHITELIST=/usr/bin/egrep
 SCRIPTWHITELIST=/usr/bin/fgrep
 SCRIPTWHITELIST=/usr/bin/ldd
 SCRIPTWHITELIST=/usr/bin/vendor_perl/GET
 BINDIR=/bin /usr/bin /sbin /usr/sbin
--- a/roles/Sharingan/tasks/ids.yml
+++ b/roles/Sharingan/tasks/ids.yml
@ -31,6 +31,24 @@
     group: root
     mode: 0600
 - name: suricata config files
   become: yes
   copy:
     src: suricata/
     dest: /etc/suricata/
     owner: root
     group: root
     mode: 0600
 - name: suricata config template
   become: yes
   template:
     src: suricata.yaml.j2
     dest: /etc/suricata/suricata.yaml
     owner: root
     group: root
     mode: 0600
 # Host IDS
 - name: Copy rkhunter service
   register: rkhunter_conf
--- a/roles/Sharingan/templates/monitrc.j2
+++ b/roles/Sharingan/templates/monitrc.j2
@ -154,7 +154,7 @@ set httpd port 2812 and
    use address localhost  # only accept connection from localhost (drop if you use M/Monit)
    allow localhost        # allow localhost to connect to the server and
    # require user 'admin' with password
-    allow admin:"{{ secrets[Sharingan][monit] | default('monit') }}"
+    allow admin:"{{ secrets['Sharingan']['monit'] | default('monit') }}"
    #with ssl {            # enable SSL/TLS and set path to server certificate
    #    pemfile: /etc/ssl/certs/monit.pem
    #}
--- a/roles/Sharingan/templates/suricata.yaml.j2
+++ b/roles/Sharingan/templates/suricata.yaml.j2
@ -16,7 +16,7 @@
 #max-pending-packets: 1024
 # Runmode the engine should use. Please check --list-runmodes to get the available
-# runmodes for each packet acquisition menp1s0fod. Defaults to "autofp" (auto flow pinned
+# runmodes for each packet acquisition method. Defaults to "autofp" (auto flow pinned
 # load balancing).
 #runmode: autofp
@ -143,7 +143,7 @@ outputs:
      append: yes
      #extended: yes     # enable this for extended logging information
      #custom: yes       # enabled the custom logging format (defined by customformat)
-      #customformat: "%{%D-%H:%M:%S}t.%z %{X-Forwarded-For}i %H %m %h %u %s %B %a:%p -> %A:%P"
+      #customformat:
      #filetype: regular # 'regular', 'unix_stream' or 'unix_dgram'
  # a line based log of TLS handshake parameters (no alerts)
@ -310,7 +310,7 @@ nflog:
 # af-packet support
 # Set threads to > 1 to use PACKET_FANOUT support
 af-packet:
-  - interface: enp1s0f0
+  - interface: {{ ipinterface }}
    # Number of receive threads (>1 will enable experimental flow pinned
    # runmode)
    threads: 1
@ -363,10 +363,10 @@ af-packet:
    # will not be copied.
    #copy-mode: ips
    #copy-iface: enp1s0f1
-  - interface: enp1s0f1
+    #   - interface: enp1s0f1
-    threads: 1
+    #     threads: 1
-    cluster-id: 98
+    #     cluster-id: 98
-    cluster-type: cluster_flow
+    #     cluster-type: cluster_flow
    defrag: yes
    # buffer-size: 32768
    # disable-promisc: no
--- a/roles/Sora/files/ldap-adduser
+++ b/roles/Sora/files/ldap-adduser
@ -0,0 +1,62 @@
 #!/bin/bash
 nameRegEx='^[A-Z,a-z,0-9,\.,-]+$'
 lockfile="/tmp/""$(echo $0 | rev | cut -f 1 -d '/' | rev)"
 function helptext {
    echo "$0 username [ userid ]"
 }
 # match email against regex and create shortname from email ID.
 if [ ! -z "$1" ] && [[ "$1" =~ $nameRegEx ]]; then
    username="$(echo $1)"
    if getent passwd "$username"; then
        echo User already exists!
        exit 1;
    fi
 elif [ "$1" == "-h" ] || [ "$1" == "--help" ]; then
    helptext;
    exit 0;
 else
    echo Need an username.
    helptext
    exit 1;
 fi
 # Create a new user ID.
 if [ -z "$2" ]; then
    newuserid="$(($(getent passwd | sort -k 3 -n -t ':' | tail -n 1 | cut -f 3 -d ':') + 1))"
 else
    if id "$newuserid" &>/dev/null; then
        echo "User id $newuserid already exist!"
        exit 2
    else
        newuserid="$2"
    fi
 fi
 printf "Username: %s\nID: %s\n\nReady to add? [YES/no]   " "$username" "$newuserid"
 mkdir "$lockfile" 2>/dev/null
 if [ "$?" -eq 0 ]; then
    read answer
    if [ "$answer" == "YES" ]; then
        file="/etc/openldap/users.d/$username.ldif"
        cp /usr/local/src/ConfigPackages/Sora/sample-user.ldif "$file"
        line="$(grep -E '^uid: ' "$file")"; sed -i "s/$line/uid: $username/" "$file"
        line="$(grep -E '^dn: ' "$file" | cut -f 2 -d ' ' | cut -f 1 -d ',')"; sed -i "s/$line/uid=$username/" "$file"
        line="$(grep -E '^homeDirectory: ' "$file")"; sed -i "s#$line#homeDirectory: /home/$username/#" "$file"
        line="$(grep -E '^cn: ' "$file")"; sed -i "s/$line/cn: $username/" "$file"
        line="$(grep -E '^mail: ' "$file")"; sed -i "s#$line#mail: ircs://aninix.net:6697/$username#" "$file"
        line="$(grep -E '^uidNumber: ' "$file")"; sed -i "s/$line/uidNumber: $newuserid/" "$file"
        ldapadd -D 'cn=root,dc=aninix,dc=net' -y /root/.ldappass -f "$file"
        ldap-resetpass "$username"
        # usermod -a -G ssh-allow,passwdchange "$username"
    fi
    rmdir "$lockfile"
    exit 0;
 else
    echo "Cannot add -- locked."
    exit 1;
 fi
--- a/roles/Sora/files/ldap-resetpass
+++ b/roles/Sora/files/ldap-resetpass
@ -0,0 +1,17 @@
 #!/bin/bash
 uid="$1"
 if [ -z "$uid" ]; then
    echo "Need a user ID (uid)!"
    exit 1
 fi
 ldappasswd -D 'cn=root,dc=aninix,dc=net' -y /root/.ldappass "uid=$uid,ou=People,dc=aninix,dc=net"
 if [ `ldapsearch -x "(uid=$uid)" + \* | grep -c shadowLastChange\:` -ne 0 ]; then
    (printf "dn: uid=$uid,ou=People,dc=aninix,dc=net\nchangetype: modify\ndelete: shadowLastChange\n\n") | ldapmodify -D 'cn=root,dc=aninix,dc=net' -y /root/.ldappass &>/dev/null;
 fi
 (printf "dn: uid=$uid,ou=People,dc=aninix,dc=net\nchangetype: modify\nadd: shadowLastChange\nshadowLastChange: 0\n\ndn: uid=$uid,ou=People,dc=aninix,dc=net\nchangetype: modify\nadd: pwdReset\npwdReset: TRUE\n\n") | ldapmodify -D 'cn=root,dc=aninix,dc=net' -y /root/.ldappass &>/dev/null;
 exit $?
--- a/roles/Sora/files/ldap-userreport
+++ b/roles/Sora/files/ldap-userreport
@ -0,0 +1,67 @@
 #!/bin/bash
 hostname=`hostname`
 errortext="ERROR:NEVER"
 arg="$1"
 function shortshow() {
    echo ${user}": "$email
 }
 function queryLDAPAttribute() {
    ldapsearch -x "$1" "$2" | grep -E "${2}: " | sed "s/^${2}: //"
 }
 basedn=`ldapsearch -x '(cn=root)' dn | grep -E ^dn:\  | sed 's/dn: cn=root,//'`
 maxAge="$(queryLDAPAttribute '(cn=default)' pwdMaxAge)"
 changeAge=$(( $maxAge - 2592000 ))
 deleteAge=$(( 2 * $maxAge ))
 for user in `queryLDAPAttribute '(uid=*)' uid`; do
    # Pull changed stats
    lastChanged=`/usr/sbin/ldapsearch -x "(uid=$user)" + | grep pwdChangedTime | cut -f 2 -d ' '`
    created=`/usr/sbin/ldapsearch -x "(uid=$user)" + | grep createTimestamp | cut -f 2 -d ' '`
    email=`/usr/sbin/ldapsearch -x "(uid=$user)" | grep mail | cut -f 2 -d ' '`
    if [ -z "$lastChanged" ]; then
        lastChanged="$errortext";
    else
        delta="$(( `date +%s` - `date -d $(echo $lastChanged | head -c 8)  +%s`))"
    fi
    lastlog=`lastlog -u $user | tail -n 1`
    if [ `echo $lastlog | grep -c 'Never logged in'` -gt 0 ]; then
        lastlog=$errortext
    else
        lastlog=`echo $lastlog | awk '{$1="";$2="";$3="";print $0 }'`
    fi
    printf "User $user (email: $email, created: $created) last changed their password on $lastChanged. They last logged in to SSH on $hostname on $lastlog\n" | (
    case "$arg" in
        "--inactive")
            if grep -E $errortext'$' &> /dev/null; then shortshow; fi
            ;;
        "--needschange")
            if [ "$lastChanged" == "$errortext" ]; then
                shortshow
            else
                if [ $delta -gt "$changeAge" ] && [ $delta -lt "$maxAge" ]; then shortshow; fi
            fi
            ;;
        "--expired")
            if [ "$lastChanged" != "$errortext" ] && [ "$delta" -ge 31536000 ]; then
                shortshow;
            fi
            ;;
        "--removeable")
            if [ "$lastChanged" != "$errortext" ] && [ "$delta" -ge "$deleteAge" ]; then
                shortshow;
            fi
            ;;
        *)
            cat
            ;;
    esac
    )
 done
--- a/roles/TheRaven/templates/raven.conf.j2
+++ b/roles/TheRaven/templates/raven.conf.j2
@ -29,6 +29,8 @@ martialarts
 maworkouts
 dromundkaas
 inn
 cic
 masignups
 [ Searches ]
 r.google|http://google.com/search?q=|+|Google
--- a/roles/WolfPack/files/Core/aninix-searches.pup
+++ b/roles/WolfPack/files/Core/aninix-searches.pup
@ -0,0 +1,3 @@
 search
 /srv/wolfpack/search-results
 aninix.net
--- a/roles/WolfPack/files/Core/archlinux.pup
+++ b/roles/WolfPack/files/Core/archlinux.pup
@ -0,0 +1,4 @@
 download
 /usr/local/src/isos/
 wget -q -O - 'https://www.archlinux.org/download/' | grep rackspace | cut -f 2 -d \" | head -n 1
 echo PREVRESULT/$(wget -q -O - PREVRESULT | grep x86_64.iso | head -n 1 | cut -f 2 -d \")
--- a/roles/WolfPack/files/Core/centos.pup
+++ b/roles/WolfPack/files/Core/centos.pup
@ -0,0 +1,3 @@
 download
 /usr/local/src/isos
 curl -s https://centos.org/download/ | grep Minimal | grep 'a href' | cut -f 2 -d '"'
--- a/roles/WolfPack/files/Core/chrome.pup
+++ b/roles/WolfPack/files/Core/chrome.pup
@ -0,0 +1,5 @@
 download
 /srv/wolfpack/
 curl -s https://portableapps.com/apps/internet/google_chrome_portable | tr '<' '\n' | tr '>' '\n' | tr \" '\n' | grep online.paf.exe | sed 's/ /\%20/g' | sed 's/\&/\\\&/g'
 curl -s https://portableapps.comPREVRESULT | tr '"' '\n' | grep redirect | tail -n 1
 echo https://portableapps.comPREVRESULT
--- a/roles/WolfPack/files/Core/cnews.pup
+++ b/roles/WolfPack/files/Core/cnews.pup
@ -0,0 +1,3 @@
 search
 /srv/wolfpack/
 Riffle
--- a/roles/WolfPack/files/Core/cshows.DarkNet
+++ b/roles/WolfPack/files/Core/cshows.DarkNet
@ -0,0 +1,11 @@
 shows
 /srv/yggdrasil/new_acquisition
 S06E11#Game of Thrones
 S04E21#Vikings#
 S02E13#Mr Robot#HDTV
 S02E12#Marco Polo
 S02E12#Criminal Minds Beyond Borders#
 S02E14#Dark Matter#ettv
 S03E22#Star Wars Rebels#
 S02E11#Shadowhunters#
 S03E18#Gotham#
--- a/roles/WolfPack/files/Core/eminem.pup
+++ b/roles/WolfPack/files/Core/eminem.pup
@ -0,0 +1,4 @@
 search
 /srv/wolfpack/search-results
 Eminem Shows
 Eminem Concerts
--- a/roles/WolfPack/files/Core/ftor.DarkNet
+++ b/roles/WolfPack/files/Core/ftor.DarkNet
@ -0,0 +1,8 @@
 torrent
 /srv/yggdrasil/new_acquisition
 King Arthur 2017 BRrip
 The Great Wall 2017 BRrip
 Edge of 17 2016 BRrip
 Bilal: A New Breed of Hero 2015
 John Wick Chapter 2 2017 HDrip
 Fast 8 HDRip 2017
--- a/roles/WolfPack/files/Core/kali-arm.pup
+++ b/roles/WolfPack/files/Core/kali-arm.pup
@ -0,0 +1,3 @@
 download
 /usr/local/src/isos/
 elinks --dump https://www.offensive-security.com/kali-linux-arm-images/ | grep rpi | head -n 1 | sed 's/^\s\+//'
--- a/roles/WolfPack/files/Core/kali-linux.pup
+++ b/roles/WolfPack/files/Core/kali-linux.pup
@ -0,0 +1,4 @@
 download
 /usr/local/src/isos/
 wget -q -O - http://cdimage.kali.org/current/ | grep amd64.iso | head -n 1 | cut -f 8 -d '"'
 echo http://cdimage.kali.org/current/PREVRESULT
--- a/roles/WolfPack/files/Core/lshows.DarkNet
+++ b/roles/WolfPack/files/Core/lshows.DarkNet
@ -0,0 +1,12 @@
 shows
 /srv/yggdrasil/new_acquisition
 S06E23#2 Broke Girls#
 S10E25#Big Bang Theory#
 S04E21#The Fosters#
 S18E19#Law Order SVU#
 S08E23#The Middle#
 S08E22#Modern Family#
 S07E13#Shameless US
 S07E17#The Walking Dead#
 S03E25#Scorpion#
 S05E05#Prison Break#ettv
--- a/roles/WolfPack/files/Core/mediawiki.pup
+++ b/roles/WolfPack/files/Core/mediawiki.pup
@ -0,0 +1,4 @@
 download
 /var/cache/localpkg/
 wget -q -O - https://www.mediawiki.org/wiki/Download | grep 'Download MediaWiki' | cut -f 6 -d \"
 echo https:PREVRESULT
--- a/roles/WolfPack/files/Core/plpbt.pup
+++ b/roles/WolfPack/files/Core/plpbt.pup
@ -0,0 +1,3 @@
 download
 /usr/local/src/isos/
 wget -q -O - https://www.plop.at/en/bootmanager/download.html | grep 'plpbt-' | head -n 2 | tail -n 1 | cut -f 3 -d '=' | cut -f 1 -d ' '
--- a/roles/WolfPack/files/Core/putty.pup
+++ b/roles/WolfPack/files/Core/putty.pup
@ -0,0 +1,3 @@
 download
 /srv/wolfpack/
 echo http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
--- a/roles/WolfPack/files/Core/raspbian.pup
+++ b/roles/WolfPack/files/Core/raspbian.pup
@ -0,0 +1,4 @@
 download
 /usr/local/src/isos/
 wget -q -O - 'https://www.raspberrypi.org/downloads/raspbian/' | grep 'btn dl-zip' | grep -i lite | cut -f 2 -d \"
 curl -sI PREVRESULT | grep Location: | cut -f 2 -d ' ' | sed 's/\r//g'
--- a/roles/WolfPack/files/Core/torrentengine
+++ b/roles/WolfPack/files/Core/torrentengine
@ -0,0 +1,6 @@
 torrentengine="https://1337x.to/search/%s/1/"
 torrentterms='printf https://1337x.to; grep "/torrent/" | head -n 1 | cut -f 2 -d \"'
 magnetposition='4'
 torrentdebugging='true'
 searchunifier='+'
 magnetseparator=\"
--- a/roles/WolfPack/files/Core/winscp.pup
+++ b/roles/WolfPack/files/Core/winscp.pup
@ -0,0 +1,3 @@
 download
 /srv/wolfpack/
 wget -q -O - http://portableapps.com/apps/internet/winscp_portable | grep 'sf-download' | cut -f 4 -d \" | head -n 1
--- a/roles/patching/tasks/main.yml
+++ b/roles/patching/tasks/main.yml
@ -9,8 +9,17 @@
          - 90 > {{ df_output.stdout }}
        fail_msg: "Not enough free space"
    - name: Update Archlinux Keyring
      when: ansible_os_family == "Archlinux"
      become: yes
      package:
        name: archlinux-keyring
        state: latest
        update_cache: yes
    - name: Patching all packages
      ignore_errors: yes
      become: yes
      register: updates
      package:
        upgrade: yes
@ -18,6 +27,7 @@
    - name: Reboot
      ignore_errors: yes
      become: yes
      when: '"linux" in updates.stdout or "kernel" in updates.stdout'
      reboot:
          reboot_timeout: 2