6 changed files with 14 additions and 75 deletions
--- a/README.md
+++ b/README.md
@ -30,8 +30,6 @@ ensure_ansible_version: 2.10.3
 enable_sudo: yes
 # Allow passwordless sudo (applied to group wheel)
 enable_passwordless_sudo: yes
-# Skip provisioning of the firewall
-skip_firewall: no
 ```

 Dependencies
@ -43,8 +41,7 @@ Example Playbook
 License
 -------

- BSD-3-Clause
- MIT
+MIT

 Author Information
 ------------------
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -17,11 +17,4 @@ ensure_ansible_version: 2.10.3
 # Allow sudo with a password (applied to group sudo)
 enable_sudo: yes
 # Allow passwordless sudo (applied to group wheel)
-enable_passwordless_sudo: yes
-# Allow root to connect through SSH
-enable_ssh_for_root: yes
-# Allow root to connect only using public key authentication, no password
-enable_ssh_for_root_prohibit_password: no
-# Skip provisioning of the firewall
-skip_firewall: no
-authorized_keys_are_exclusive: false # Be careful, this will delete non-Ansible-managed authorized keys from the target!
+enable_passwordless_sudo: yes
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -1,7 +1,2 @@
 ---
-# handlers file for common
- name: Restart SSH
-  ansible.builtin.service:
-    name: ssh
-    state: restarted
-  become: true
+# handlers file for common
--- a/meta/main.yml
+++ b/meta/main.yml
@ -1,7 +1,7 @@
 galaxy_info:
-  author: jotbe
-  description: Common packages and configuration
-  company: ""
+  author: your name
+  description: your description
+  company: your company (optional)

  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
@ -14,9 +14,7 @@ galaxy_info:
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
-  license:
-    - BSD-3-Clause
-    - MIT
+  license: license (GPL-2.0-or-later, MIT, etc)

  min_ansible_version: 2.4

--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -12,13 +12,10 @@
  import_role:
    name: geerlingguy.firewall
  tags: firewall
-  when: not skip_firewall

 - include: locales-debian.yml
  become: true
-  when:
-    - ansible_facts['os_family'] == 'Debian'
-    - not ansible_is_chroot
+  when: ansible_facts['os_family'] == 'Debian'

 - include: users.yml
  become: true
@ -49,9 +46,9 @@
    #update_cache: yes
  vars:
    packages:
-      - python3-pip
-      - python3-setuptools
-      - python3-virtualenv
+      - python-pip
+      - python-setuptools
+      - python-virtualenv
      - apt-transport-https
      - htop
      - tmux
@ -67,4 +64,4 @@
  pip:
    name:
      - tmuxp
-    state: present
+    state: present
--- a/tasks/users.yml
+++ b/tasks/users.yml
@ -11,14 +11,6 @@
    groups: users
  with_items: "{{ users }}"

- name: 'Add docker users'
-  user:
-    name: "{{ item }}"
-    groups: docker
-    append: yes
-  with_items: "{{ docker_users }}"
-  when: docker_users | count
-
 - block:
    - name: 'Ensure that sudo group is existing'
      group:
@ -52,9 +44,8 @@
    user: "{{ item }}"
    state: present
    key: "{{ lookup('file', 'public_keys/id_{{ item }}.pub') }}"
-    exclusive: "{{ authorized_keys_are_exclusive | bool }}"
  with_items: "{{ users }}"
-  ignore_errors: true
+  ignore_errors: yes

 - block:
    - name: 'Ensure that wheel group is existing'
@ -80,38 +71,6 @@
        files:
          - /etc/sudoers
          - /usr/local/etc/sudoers # e.g. FreeBSD
-
-    - name: 'Disable SSH for root'
-      lineinfile:
-        dest: "/etc/ssh/sshd_config"
-        state: present
-        regexp: '^#?\s*PermitRootLogin'
-        line: 'PermitRootLogin No'
-      notify: Restart SSH
-      when:
-        - enable_ssh_for_root | bool == false
-    
-    - name: 'Enable SSH for root through password or key'
-      lineinfile:
-        dest: "/etc/ssh/sshd_config"
-        state: present
-        regexp: '^#?\s*PermitRootLogin'
-        line: 'PermitRootLogin Yes'
-      notify: Restart SSH
-      when:
-        - enable_ssh_for_root | bool == true
-        - enable_ssh_for_root_prohibit_password | bool == false
-    
-    - name: 'Enable SSH for root through key only'
-      lineinfile:
-        dest: "/etc/ssh/sshd_config"
-        state: present
-        regexp: '^#?\s*PermitRootLogin'
-        line: 'PermitRootLogin prohibit-password'
-      notify: Restart SSH
-      when:
-        - enable_ssh_for_root | bool == true
-        - enable_ssh_for_root_prohibit_password | bool == true
  when:
    - enable_sudo
    - enable_passwordless_sudo
@ -123,4 +82,4 @@
    mode: 0644
    owner: "{{ item }}"
    group: "{{ item }}"
-  with_items: "{{ users }}"
+  with_items: "{{ users }}"