From dd28dcf3d620a4ac7d0a1532b812213cf094cd3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Wed, 12 Jan 2022 02:26:25 +0100
Subject: Revert "Move webdav into profiles."

It actually reverts the non-need for the nginx module webdav_ext. Since
Omnifocus requires PROPFIND.

This reverts commit edf6ffe8b399679ba28cc5e558a6838919dd1ee8.
---
 modules/profiles/files/firewall/rules.v4           |  15 ---
 modules/profiles/files/node-classifier.py          |  44 -------
 modules/profiles/files/passmenu                    |  29 -----
 modules/profiles/files/ssh-agent.service           |  13 --
 modules/profiles/lib/facter/pacman_version.rb      |   7 --
 modules/profiles/manifests/client.pp               |   9 --
 modules/profiles/manifests/common.pp               |  43 -------
 modules/profiles/manifests/dns_zones.pp            |  12 --
 modules/profiles/manifests/dolphin.pp              |  70 -----------
 modules/profiles/manifests/fcgiwrap.pp             |   8 --
 modules/profiles/manifests/firewall.pp             |  19 ---
 modules/profiles/manifests/group_profile.pp        |  16 ---
 modules/profiles/manifests/imagemagick.pp          |  17 ---
 modules/profiles/manifests/letsencrypt.pp          |  35 ------
 modules/profiles/manifests/mysql.pp                |   8 --
 modules/profiles/manifests/phpfpm.pp               |  21 ----
 modules/profiles/manifests/puppetboard.pp          |  57 ---------
 modules/profiles/manifests/puppetdb.pp             |  10 --
 modules/profiles/manifests/puppetserver.pp         |  46 -------
 modules/profiles/manifests/remarkable.pp           |  30 -----
 modules/profiles/manifests/shiori.pp               |  46 -------
 modules/profiles/manifests/ssh.pp                  |  18 ---
 modules/profiles/manifests/syncthing.pp            |  28 -----
 modules/profiles/manifests/synth.pp                |  33 -----
 modules/profiles/manifests/transmission.pp         |  71 -----------
 modules/profiles/manifests/webdav.pp               |  73 -----------
 modules/profiles/manifests/workstation.pp          | 137 ---------------------
 .../profiles/manifests/workstation/archlinux.pp    |  51 --------
 modules/profiles/manifests/xmonad.pp               |  29 -----
 modules/profiles/templates/aconnect.epp            |   8 --
 .../profiles/templates/imagemagick-policy.xml.epp  |  89 -------------
 modules/profiles/templates/keyvalue.epp            |   4 -
 modules/profiles/templates/transmission.json.epp   |  77 ------------
 33 files changed, 1173 deletions(-)
 delete mode 100644 modules/profiles/files/firewall/rules.v4
 delete mode 100644 modules/profiles/files/node-classifier.py
 delete mode 100755 modules/profiles/files/passmenu
 delete mode 100644 modules/profiles/files/ssh-agent.service
 delete mode 100644 modules/profiles/lib/facter/pacman_version.rb
 delete mode 100644 modules/profiles/manifests/client.pp
 delete mode 100644 modules/profiles/manifests/common.pp
 delete mode 100644 modules/profiles/manifests/dns_zones.pp
 delete mode 100644 modules/profiles/manifests/dolphin.pp
 delete mode 100644 modules/profiles/manifests/fcgiwrap.pp
 delete mode 100644 modules/profiles/manifests/firewall.pp
 delete mode 100644 modules/profiles/manifests/group_profile.pp
 delete mode 100644 modules/profiles/manifests/imagemagick.pp
 delete mode 100644 modules/profiles/manifests/letsencrypt.pp
 delete mode 100644 modules/profiles/manifests/mysql.pp
 delete mode 100644 modules/profiles/manifests/phpfpm.pp
 delete mode 100644 modules/profiles/manifests/puppetboard.pp
 delete mode 100644 modules/profiles/manifests/puppetdb.pp
 delete mode 100644 modules/profiles/manifests/puppetserver.pp
 delete mode 100644 modules/profiles/manifests/remarkable.pp
 delete mode 100644 modules/profiles/manifests/shiori.pp
 delete mode 100644 modules/profiles/manifests/ssh.pp
 delete mode 100644 modules/profiles/manifests/syncthing.pp
 delete mode 100644 modules/profiles/manifests/synth.pp
 delete mode 100644 modules/profiles/manifests/transmission.pp
 delete mode 100644 modules/profiles/manifests/webdav.pp
 delete mode 100644 modules/profiles/manifests/workstation.pp
 delete mode 100644 modules/profiles/manifests/workstation/archlinux.pp
 delete mode 100644 modules/profiles/manifests/xmonad.pp
 delete mode 100644 modules/profiles/templates/aconnect.epp
 delete mode 100644 modules/profiles/templates/imagemagick-policy.xml.epp
 delete mode 100644 modules/profiles/templates/keyvalue.epp
 delete mode 100644 modules/profiles/templates/transmission.json.epp

(limited to 'modules/profiles')

diff --git a/modules/profiles/files/firewall/rules.v4 b/modules/profiles/files/firewall/rules.v4
deleted file mode 100644
index bdc63cc..0000000
--- a/modules/profiles/files/firewall/rules.v4
+++ /dev/null
@@ -1,15 +0,0 @@
-# Generated by iptables-save v1.8.4 on Thu Jun  3 20:27:52 2021
-*filter
-:INPUT DROP [120:97784]
-:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [526:114637]
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -p udp -m udp --dport 67:68 -j ACCEPT
--A INPUT -p icmp -j ACCEPT
--A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
--A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
--A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
--A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
--A INPUT -p udp -m udp --dport 53 -j ACCEPT
-COMMIT
-# Completed on Thu Jun  3 20:27:52 2021
diff --git a/modules/profiles/files/node-classifier.py b/modules/profiles/files/node-classifier.py
deleted file mode 100644
index 7fc096f..0000000
--- a/modules/profiles/files/node-classifier.py
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/usr/bin/env python3
-
-import yaml
-import sys
-import configparser
-
-# https://puppet.com/docs/puppet/7/nodes_external.html
-
-
-def main(args):
-    if len(args) == 1:
-        print('usage ./node-classifier <node-name>')
-        return
-
-    parser = configparser.ConfigParser()
-    conf_file = '/etc/node-classifier.ini'
-    if parser.read(conf_file) != [conf_file]:
-        print(f'Configuration file missing, expected {conf_file}')
-        return 1
-
-    try:
-        fmt = parser.get('common', 'node_fmt')
-        if fmt != 'yaml':
-            print(f'Unknown format {fmt}')
-            return 1
-        filename = parser.get('common', 'nodes')
-    except configparser.NoSectionError as e:
-        print(e)
-        return 1
-    except NoOptionError as e:
-        print(e)
-        return 1
-
-    with open(filename) as f:
-        data = yaml.load(f)
-
-    nodename = sys.argv[1]
-    instance = data.get(nodename)
-    if not instance:
-        instance = data.get('default')
-    print(yaml.dump(instance))
-
-if __name__ == '__main__':
-    sys.exit(main(sys.argv))
diff --git a/modules/profiles/files/passmenu b/modules/profiles/files/passmenu
deleted file mode 100755
index 653ebda..0000000
--- a/modules/profiles/files/passmenu
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/usr/bin/env bash
-
-shopt -s nullglob globstar
-
-typeit=0
-if [[ $1 == "--type" ]]; then
-	typeit=1
-	shift
-fi
-
-prefix=${PASSWORD_STORE_DIR-~/.password-store}
-password_files=( "$prefix"/**/*.gpg )
-password_files=( "${password_files[@]#"$prefix"/}" )
-password_files=( "${password_files[@]%.gpg}" )
-
-password=$(printf '%s\n' "${password_files[@]}" | dmenu "$@")
-
-[[ -n $password ]] || exit
-
-if [[ "$password" == *-otp ]]; then
-	otp='otp'
-fi
-
-if [[ $typeit -eq 0 ]]; then
-	pass $otp show -c "$password" 2>/dev/null
-else
-	pass $otp show "$password" | { IFS= read -r pass; printf %s "$pass"; } |
-		xdotool type --clearmodifiers --file -
-fi
diff --git a/modules/profiles/files/ssh-agent.service b/modules/profiles/files/ssh-agent.service
deleted file mode 100644
index d49edc6..0000000
--- a/modules/profiles/files/ssh-agent.service
+++ /dev/null
@@ -1,13 +0,0 @@
-# https://unix.stackexchange.com/questions/339840/how-to-start-and-use-ssh-agent-as-systemd-service
-
-[Unit]
-Description=SSH key agent
-
-[Service]
-Type=simple
-Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket
-# ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK
-ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK
-
-[Install]
-WantedBy=default.target
diff --git a/modules/profiles/lib/facter/pacman_version.rb b/modules/profiles/lib/facter/pacman_version.rb
deleted file mode 100644
index 1d17b04..0000000
--- a/modules/profiles/lib/facter/pacman_version.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-Facter.add('pacman-version') do
-  if File.exists?('/bin/pacman') then
-    setcode do
-      `pacman -Qi pacman | awk -F' : ' '/^Version/ { print $2 }'`.strip()
-    end
-  end
-end
diff --git a/modules/profiles/manifests/client.pp b/modules/profiles/manifests/client.pp
deleted file mode 100644
index f0a9b93..0000000
--- a/modules/profiles/manifests/client.pp
+++ /dev/null
@@ -1,9 +0,0 @@
-class profiles::client {
-
-  class { 'puppet':
-    server       => false,
-    agent        => true,
-    puppetmaster => $facts['extlib__puppet_config']['main']['server'],
-  }
-
-}
diff --git a/modules/profiles/manifests/common.pp b/modules/profiles/manifests/common.pp
deleted file mode 100644
index 4cb5226..0000000
--- a/modules/profiles/manifests/common.pp
+++ /dev/null
@@ -1,43 +0,0 @@
-class profiles::common (
-  String $timezone,
-  Array[String] $locales = [ 'en_US.UTF-8', ],
-) {
-
-  file_line { 'hosts ourself':
-    ensure => present,
-    line   => "::1\t${facts['name']}\t${::fqdn}",
-    path   => '/etc/hosts',
-  }
-
-  file { '/etc/localtime':
-    ensure => link,
-    target => "/usr/share/zoneinfo/${timezone}",
-  }
-
-  # TODO possibly check in /usr/share/i18n/locales if file exists
-  # there
-
-  $fixed_locales = ($locales.map |$locale| {
-    if $locale =~ /^[^.]*\.(.*)$/ {
-      "${locale} ${1}"
-    } else {
-      "${locale} UTF-8"
-    }
-  } + [ '' ])
-
-  file { '/etc/locale.gen':
-    content => $fixed_locales.join("\n")
-  } ~> exec { 'locale-gen':
-    path        => [ '/bin', '/usr/bin', ],
-    refreshonly => true,
-  }
-
-  file { 'Default locales':
-    path    => '/etc/locale.conf',
-    content => @(EOF)
-      LANG=en_US.UTF-8
-      LC_TIME=sv_SE.UTF-8
-      | EOF
-  }
-
-}
diff --git a/modules/profiles/manifests/dns_zones.pp b/modules/profiles/manifests/dns_zones.pp
deleted file mode 100644
index 8e9edf8..0000000
--- a/modules/profiles/manifests/dns_zones.pp
+++ /dev/null
@@ -1,12 +0,0 @@
-class profiles::dns_zones (
-  Hash $zones,
-  Hash $default = {},
-) {
-  create_resources(dns::zone, $zones, $default)
-
-  $rev_zone = dns::reverse_dns($facts['networking']['network6'])[32,-1]
-  dns::zone { $rev_zone:
-    reverse => true,
-  }
-
-}
diff --git a/modules/profiles/manifests/dolphin.pp b/modules/profiles/manifests/dolphin.pp
deleted file mode 100644
index f1fdcf8..0000000
--- a/modules/profiles/manifests/dolphin.pp
+++ /dev/null
@@ -1,70 +0,0 @@
-# Configure the file manager dolphin
-class profiles::dolphin {
-  ensure_packages ([
-    'dolphin',
-    'kde-cli-tools',
-    'ffmpegthumbs',
-    'kdegraphics-thumbnailers',
-    'konsole',
-    'breeze-icons',
-  ], { ensure => installed })
-
-
-  $dolphin_settings = {
-    'General'                              => {
-      'BrowseThroughArchives'              => 'true',
-      'GlobalViewProps'                    => 'false',
-      'HomeUrl'                            => '/usr/net/video',
-      'OpenExternallyCalledFolderInNewTab' => 'false',
-      'RememberOpenedTabs'                 => 'false',
-      'ShowFullPath'                       => 'true',
-    },
-    'MainWindow'        => {
-      'MenuBar'         => 'Disabled',
-      'ToolBarsMovable' => 'Disabled',
-    },
-    'VersionControl'   => {
-      'enabledPlugins' => [
-        'Dropbox',
-        'Git',
-      ]
-    },
-    'PreviewSettings' => {
-      'Plugins'       => [
-        'appimagethumbnail',
-        'audiothumbnail',
-        'blenderthumbnail',
-        'comicbookthumbnail',
-        'djvuthumbnail',
-        'ebookthumbnail',
-        'exrthumbnail',
-        'directorythumbnail',
-        'fontthumbnail',
-        'imagethumbnail',
-        'jpegthumbnail',
-        'kraorathumbnail',
-        'windowsexethumbnail',
-        'windowsimagethumbnail',
-        'opendocumentthumbnail',
-        'gsthumbnail',
-        'svgthumbnail',
-        'textthumbnail',
-        'ffmpegthumbs',
-      ]
-    }
-  }
-
-  $dolphin_settings.map |$category, $group| {
-    $group.map |$setting, $value| {
-      ini_setting { "Dolphin [${category}].${setting}":
-        path    => '/etc/xdg/dolphinrc',
-        section => $category,
-        setting => $setting,
-        value   => $value ? {
-          Array  => $value.join(','),
-          String => $value,
-        }
-      }
-    }
-  }
-}
diff --git a/modules/profiles/manifests/fcgiwrap.pp b/modules/profiles/manifests/fcgiwrap.pp
deleted file mode 100644
index fa667d1..0000000
--- a/modules/profiles/manifests/fcgiwrap.pp
+++ /dev/null
@@ -1,8 +0,0 @@
-class profiles::fcgiwrap {
-  ensure_packages(['fcgiwrap'])
-
-  service { 'fcgiwrap.socket':
-    ensure => running,
-    enable => true,
-  }
-}
diff --git a/modules/profiles/manifests/firewall.pp b/modules/profiles/manifests/firewall.pp
deleted file mode 100644
index 6c9d7e6..0000000
--- a/modules/profiles/manifests/firewall.pp
+++ /dev/null
@@ -1,19 +0,0 @@
-class profiles::firewall {
-	ensure_packages ([
-		'iptables-persistent',
-		'fail2ban',
-	], { ensure => installed })
-
-	file { '/etc/iptables/rules.v4':
-		source => 'puppet:///modules/profiles/firewall/rules.v4',
-	} ~> exec { 'reload firewall':
-		command => '/usr/share/netfilter-persistent/plugins.d/15-ip4tables restart',
-		refreshonly => true,
-	}
-
-	service { 'fail2ban':
-		ensure => running,
-		enable => true,
-	}
-
-}
diff --git a/modules/profiles/manifests/group_profile.pp b/modules/profiles/manifests/group_profile.pp
deleted file mode 100644
index 2025a4b..0000000
--- a/modules/profiles/manifests/group_profile.pp
+++ /dev/null
@@ -1,16 +0,0 @@
-class profiles::group_profile {
-  file { '/etc/profile.d/group-env.sh':
-    ensure  => 'file',
-    content => @(EOF)
-    for group in $(groups $(id -nu))
-    do
-        f="/etc/profile.d/group.d/${group}"
-        test -f "$f" && . $f
-    done
-    | EOF
-  }
-
-  file { '/etc/profile.d/group.d':
-    ensure => 'directory',
-  }
-}
diff --git a/modules/profiles/manifests/imagemagick.pp b/modules/profiles/manifests/imagemagick.pp
deleted file mode 100644
index 7663cf8..0000000
--- a/modules/profiles/manifests/imagemagick.pp
+++ /dev/null
@@ -1,17 +0,0 @@
-class profiles::imagemagick {
-  package { 'imagemagick':
-    ensure => installed,
-  }
-
-  file { '/etc/ImageMagick-7/policy.xml':
-    content    => epp('profiles/imagemagick-policy.xml', {
-      policies => [
-        { 
-          domain  => 'coder',
-          rights  => 'read | write',
-          pattern => 'PDF'
-        },
-      ]
-      }),
-  }
-}
diff --git a/modules/profiles/manifests/letsencrypt.pp b/modules/profiles/manifests/letsencrypt.pp
deleted file mode 100644
index 48aa3a8..0000000
--- a/modules/profiles/manifests/letsencrypt.pp
+++ /dev/null
@@ -1,35 +0,0 @@
-class profiles::letsencrypt (
-  String $certname,
-  Array[String] $domains,
-  Enum['nginx','apache'] $provider,
-  Optional[String] $nginx_plugin = undef,
-  Optional[String] $apache_plugin = undef,
-) {
-
-  include ::letsencrypt
-
-  $plugin = $provider
-  $post_hook = $provider ? {
-    'nginx'  => 'systemctl restart nginx.service',
-    'apache' => 'systemctl restart apache2.service',
-  }
-
-  case $provider {
-    'apache': {
-      ensure_packages ([$apache_plugin])
-    }
-    'nginx': {
-      ensure_packages ([$nginx_plugin])
-    }
-  }
-
-  letsencrypt::certonly { $certname:
-    ensure             => present,
-    domains            => $domains,
-    manage_cron        => true,
-    plugin             => $plugin,
-    additional_args    => [ '--quiet', ],
-    # pre_hook_commands  => [ 'systemctl stop nginx.service', ],
-    post_hook_commands => [ $post_hook, ],
-  }
-}
diff --git a/modules/profiles/manifests/mysql.pp b/modules/profiles/manifests/mysql.pp
deleted file mode 100644
index 01372d0..0000000
--- a/modules/profiles/manifests/mysql.pp
+++ /dev/null
@@ -1,8 +0,0 @@
-class profiles::mysql {
-  require ::mysql::server
-
-  mysql_user { 'root@localhost':
-    ensure => present,
-    plugin => 'unix_socket',
-  }
-}
diff --git a/modules/profiles/manifests/phpfpm.pp b/modules/profiles/manifests/phpfpm.pp
deleted file mode 100644
index 2aaf0df..0000000
--- a/modules/profiles/manifests/phpfpm.pp
+++ /dev/null
@@ -1,21 +0,0 @@
-class profiles::phpfpm (
-  String $version = '7.4',
-) {
-
-  # The packageg php-fpm also exists, which simply pulls in php7.4-fpm
-
-  ensure_packages(["php${version}-fpm"])
-
-  service { "php${version}-fpm":
-    ensure => running,
-    enable => true,
-  }
-
-  systemd::dropin_file { 'runtime-dir.conf':
-    unit    => 'php${version}-fpm.service',
-    content =>  @(EOF)
-      [Service]
-      RuntimeDirectory=php
-      | EOF
-  }
-}
diff --git a/modules/profiles/manifests/puppetboard.pp b/modules/profiles/manifests/puppetboard.pp
deleted file mode 100644
index d477632..0000000
--- a/modules/profiles/manifests/puppetboard.pp
+++ /dev/null
@@ -1,57 +0,0 @@
-class profiles::puppetboard {
-  # https://forge.puppet.com/modules/puppet/puppetboard/readme
-  # Configure Apache
-  class { 'apache':
-    default_vhost => false,
-    purge_configs => true,
-  }
-
-  $wsgi = $facts['os']['family'] ? {
-    'Debian' => {
-      package_name => 'libapache2-mod-wsgi-py3',
-      mod_path     => '/usr/lib/apache2/modules/mod_wsgi.so',
-    },
-    default  => {}
-  }
-
-  class { 'apache::mod::wsgi':
-    * => $wsgi,
-  }
-
-  # Configure puppetboard
-
-  class { 'puppetboard':
-    manage_git        => true,
-    manage_virtualenv => true,
-    require           => Class['puppetdb'],
-    puppetdb_port     => 8080,
-    # Required for /metrics/ to work
-    puppetdb_host   => '127.0.0.1',
-    enable_catalog  => true,
-    python_loglevel => 'info',
-    offline_mode    => true,
-  }
-
-  class { '::profiles::letsencrypt':
-    provider => apache,
-  }
-
-  $certname = lookup('certname')
-  class { 'puppetboard::apache::vhost':
-    vhost_name => $::fqdn,
-    port       => 443,
-    ssl        => true,
-    ssl_cert   => "/etc/letsencrypt/live/${certname}/cert.pem",
-    ssl_key    => "/etc/letsencrypt/live/${certname}/privkey.pem",
-    ssl_chain  => "/etc/letsencrypt/live/${certname}/fullchain.pem",
-  }
-
-  apache::vhost { "http-redirect":
-    servername      => $::fqdn,
-    port            => 80,
-    redirect_source => ['/'],
-    redirect_dest   => ["https://${::fqdn}/"],
-    redirect_status => ['permanent'],
-    docroot         => false,
-  }
-}
diff --git a/modules/profiles/manifests/puppetdb.pp b/modules/profiles/manifests/puppetdb.pp
deleted file mode 100644
index ddfb73c..0000000
--- a/modules/profiles/manifests/puppetdb.pp
+++ /dev/null
@@ -1,10 +0,0 @@
-class profiles::puppetdb {
-  # exec { 'puppetdb ssl-setup':
-  #   creates => '/etc/puppetlabs/puppetdb/ssl/{ca,private,public}.pem'
-  # }
-
-  class { 'puppetdb':
-    listen_address => '::',
-    disable_ssl    => false,
-  }
-}
diff --git a/modules/profiles/manifests/puppetserver.pp b/modules/profiles/manifests/puppetserver.pp
deleted file mode 100644
index 82de2b5..0000000
--- a/modules/profiles/manifests/puppetserver.pp
+++ /dev/null
@@ -1,46 +0,0 @@
-class profiles::puppetserver (
-  Hash $hiera,
-) {
-  # required for the git hook
-  ensure_packages(['ruby'])
-
-  file { '/usr/libexec':
-    ensure => directory,
-  }
-
-  ensure_packages(['python3-yaml'])
-
-  inifile::create_ini_settings(
-    { common   => { 
-        node_fmt => yaml,
-        nodes    => '/puppet/nodes.yaml',
-      },
-    },
-    { 
-      path => '/etc/node-classifier.ini',
-    }
-  )
-
-  file { '/usr/libexec/external-node-classifier':
-    mode   => '0555',
-    source => 'puppet:///modules/profiles/node-classifier.py',
-  }
-
-  class { 'puppet':
-    server                  => true,
-    server_foreman          => false,
-    server_reports          => 'puppetdb',
-    server_storeconfigs     => true,
-    server_git_repo         => true,
-    server_git_repo_path    => '/var/lib/puppet.git',
-    server_external_nodes   => '/usr/libexec/external-node-classifier',
-    server_strict_variables => true,
-  }
-
-  file { "/etc/puppetlabs/puppet/hiera.yaml":
-    ensure     => file,
-    content    => hash2yaml($hiera, {
-      'header' => '# This file is managed by puppet',
-    }),
-  }
-}
diff --git a/modules/profiles/manifests/remarkable.pp b/modules/profiles/manifests/remarkable.pp
deleted file mode 100644
index d88486f..0000000
--- a/modules/profiles/manifests/remarkable.pp
+++ /dev/null
@@ -1,30 +0,0 @@
-define profiles::remarkable (
-  String $prefix = '10.11.99',
-  String $addr = '2',
-) {
-
-  file_line { 'remarkable usb':
-    ensure => present,
-    path   => '/etc/hosts',
-    line   => "${prefix}.1  remarkable.usb",
-  }
-
-  file_line { 'remarkable usb self':
-    ensure => present,
-    path   => '/etc/hosts',
-    line   => "${prefix}.${addr}  host.usb",
-  }
-
-  # TODO Shouldn't we just use DHCP as intended here?
-  networking::networkd_instance { 'remarkable-usb':
-    content    => {
-      'Match'  => {
-        'Name' => 'enp3s0f0u4',
-      },
-      'Network'       => {
-        'Description' => 'Remarkable USB connection',
-        'Address'     => "${prefix}.${addr}/29",
-      },
-    },
-  }
-}
diff --git a/modules/profiles/manifests/shiori.pp b/modules/profiles/manifests/shiori.pp
deleted file mode 100644
index df9b718..0000000
--- a/modules/profiles/manifests/shiori.pp
+++ /dev/null
@@ -1,46 +0,0 @@
-class profiles::shiori (
-  String $server_name,
-  Array[String] $group_members = [],
-  $port = 8080,
-) {
-
-  class { 'shiori':
-    port => $port,
-  }
-
-  group { 'shiori':
-    ensure  => present,
-    members => $group_members,
-  }
-
-  include ::profiles::group_profile
-
-  file { '/etc/profile.d/group.d/shiori':
-    ensure  => file,
-    content => "export SHIORI_DIR=${shiori::dir}\n",
-  }
-
-  include ::nginx
-
-  $certname = lookup('certname')
-
-  nginx::resource::server { $server_name:
-    ipv6_enable          => true,
-    ipv6_listen_options  => '',
-    ssl                  => true,
-    ssl_redirect         => true,
-    ssl_cert             => "/etc/letsencrypt/live/${certname}/fullchain.pem",
-    ssl_key              => "/etc/letsencrypt/live/${certname}/privkey.pem",
-    www_root             => $shiori::dir,
-    use_default_location => false,
-  }
-
-  nginx::resource::location { 'shiori /':
-    location    => '/',
-    proxy       => "http://[::]:$port",
-    index_files => [],
-    ssl         => true,
-    ssl_only    => true,
-    server      => $server_name,
-  }
-}
diff --git a/modules/profiles/manifests/ssh.pp b/modules/profiles/manifests/ssh.pp
deleted file mode 100644
index 1cf0fbf..0000000
--- a/modules/profiles/manifests/ssh.pp
+++ /dev/null
@@ -1,18 +0,0 @@
-class profiles::ssh {
-  include ::ssh
-
-  $authorized_keys = lookup('ssh_authorized_keys', Array[Hash], undef, [])
-
-  ssh::client::config::user { 'root':
-    user_home_dir => '/root'
-  }
-
-  $authorized_keys.each |$key| {
-    ssh_authorized_key { $key['name']:
-      user => $key['user'],
-      type => $key['type'],
-      key  => $key['key'],
-    }
-  }
-}
-
diff --git a/modules/profiles/manifests/syncthing.pp b/modules/profiles/manifests/syncthing.pp
deleted file mode 100644
index 7d8183e..0000000
--- a/modules/profiles/manifests/syncthing.pp
+++ /dev/null
@@ -1,28 +0,0 @@
-class profiles::syncthing (
-  Array[String] $enable_for = []
-) {
-
-  # TODO add repo for those systems that need it
-
-  package { 'syncthing':
-    ensure => installed
-  }
-
-  systemd::dropin_file { 'nospam.conf':
-    unit    => 'syncthing@.service',
-    content => @(EOF)
-      [Service]
-      ExecStart=
-      ExecStart=/bin/bash -c 'set -o pipefail; /usr/bin/syncthing -no-browser -no-restart -logflags=0 | grep -v "INFO: "'
-      | EOF
-  }
-
-  $enable_for.map |$user| {
-    service { "syncthing@${user}":
-      enable => true,
-    }
-  }
-
-  # TODO manage synced data
-
-}
diff --git a/modules/profiles/manifests/synth.pp b/modules/profiles/manifests/synth.pp
deleted file mode 100644
index eb01f8f..0000000
--- a/modules/profiles/manifests/synth.pp
+++ /dev/null
@@ -1,33 +0,0 @@
-class profiles::synth {
-
-  package { 'freepats-general-midi':
-    ensure => installed,
-  }
-
-  file { '/etc/conf.d/fluidsynth':
-    content => @(EOF)
-      SOUND_FONT=/usr/share/soundfonts/freepats-general-midi.sf2
-      OTHER_OPTS='-a alsa'
-      | EOF
-  }
-
-  # TODO pull in aur package from 
-  # https://git.hornquist.se/archpkg/aconnect-service/
-
-  # TODO setup the rest
-
-  # - template:
-  #     dest: ~/.config/aconnect/impact
-  #     source: aconnect
-  #     vars:
-  #       input_unit: Impact LX25
-  #       output_unit: FLUID Synth
-  # 
-  # - systemd:
-  #     name: aconnect@{{ impact }}
-  #     scope: user
-  #     enabled: yes
-  #     become: yes
-  #     become_user: hugo
-
-}
diff --git a/modules/profiles/manifests/transmission.pp b/modules/profiles/manifests/transmission.pp
deleted file mode 100644
index f79517b..0000000
--- a/modules/profiles/manifests/transmission.pp
+++ /dev/null
@@ -1,71 +0,0 @@
-class profiles::transmission (
-  Optional[String] $nginx_server = undef,
-  Enum['None', 'Error', 'Info', 'Debug'] $msg_level = 'Error',
-) {
-
-  $transmission_url = '/transmission'
-  $transmission_port = 9091
-
-  if ($nginx_server) {
-    require ::nginx
-
-    nginx::resource::location { $transmission_url:
-      proxy            => "http://localhost:${transmission_port}${transmission_url}",
-      proxy_set_header => [],
-      server           => $nginx_server,
-      ssl              => true,
-      ssl_only         => true,
-    }
-  }
-
-  ensure_packages(['transmission-cli'],
-    { ensure => installed })
-
-  systemd::dropin_file { 'transmission-after.conf':
-    unit    => 'transmission.service',
-    content => @(EOF)
-    [Unit]
-    After=network-online.target
-    | EOF
-  }
-
-  systemd::dropin_file { 'transmission-flags.conf':
-    unit    => 'transmission.service',
-    content => @(EOF)
-    [Service]
-    ExecStart=
-    ExecStart=/usr/bin/transmission-daemon -f
-    | EOF
-  }
-
-  # TODO whitelists are currently disabled, since they don't seem to
-  # work. Possibly turn them on again some day.
-
-  # https://github.com/transmission/transmission/wiki/Editing-Configuration-File
-  file { '/var/lib/transmission/.config/transmission-daemon/settings.json':
-    content         => epp('profiles/transmission.json.epp', {
-      rpc_username  => 'hugo',
-      # '{' + sha1(password + salt)
-      # But I don't know how I managed to generate it, since
-      # transmission rolls its own crypto
-      rpc_password  => '{eb43101d3b9aa02223466d7f98c5329c841c7967/Zr2tFpn',
-      download_dir  => '/usr/net/',
-      rpc_whitelist => ['127.0.0.1', '::1'],
-      rpc_port      => $transmission_port,
-      rpc_url       => "${transmission_url}/",
-      msg_level     => case $msg_level {
-                            'None':   { 0 }
-                            'Error':  { 1 }
-                            'Info':   { 2 }
-                            'Debug':  { 3 }
-                          },
-    }),
-  } ~> exec { '/bin/systemctl reload transmission':
-    refreshonly => true,
-  }
-
-  service { 'transmission':
-    ensure => 'running',
-    enable => true,
-  }
-}
diff --git a/modules/profiles/manifests/webdav.pp b/modules/profiles/manifests/webdav.pp
deleted file mode 100644
index bd586f6..0000000
--- a/modules/profiles/manifests/webdav.pp
+++ /dev/null
@@ -1,73 +0,0 @@
-class profiles::webdav (
-  String $nginx_server,
-  String $file_path,
-  String $location,
-  String $passwd_file = "${file_path}/.htpasswd",
-  String $owner  = 'http',
-  String $group = 'share',
-  Array[Array[String,2,2]] $users = [],
-  Array[String] $dav_methods = ['PUT', 'DELETE', 'MKCOL', 'COPY', 'MOVE'],
-  # Array[String] $dav_ext_methods = ['PROPFIND', 'OPTIONS'],
-  Hash[String,String] $dav_access = {
-    'user'  => 'rw',
-    'group' => 'rw',
-  }
-) {
-
-  # TODO install this module somehow
-  # AUR: nginx-mainline-mod-dav-ext
-
-  require ::nginx
-
-  # $modname = 'ngx_http_dav_ext_module'
-  # # This assumes that the directory exists, and that
-  # # nginx::include_modules_enabled => true
-  # file { "/etc/nginx/modules-enabled/${modname}.conf":
-  #   ensure  => file,
-  #   content => @("EOF")
-  #   load_module /usr/lib/nginx/modules/${modname}.so;
-  #   | EOF
-  # }
-
-  $lines = $users.map |$pair| { $pair.join(':') }.join("\n")
-
-  file {
-    default:
-      owner   => $owner,
-      group   => $group,
-      ;
-    $file_path:
-      ensure  => 'directory',
-      mode    => '0770',
-      recurse => 'false',
-      ;
-    $passwd_file:
-      ensure  => 'file',
-      mode    => '0660',
-      content => @("EOF")
-        # File managed by puppet
-        ${lines}
-        | EOF
-      ;
-  }
-
-  nginx::resource::location { $location:
-    server         => $nginx_server,
-    location_alias => $file_path,
-    ssl            => true,
-    ssl_only       => true,
-
-    auth_basic           => 'Enter password for dav access',
-    auth_basic_user_file => $passwd_file,
-
-    location_cfg_append       => {
-      'dav_methods'           => $dav_methods.join(' '),
-      # 'dav_ext_methods'       => $dav_ext_methods.join(' '),
-      'dav_access'            => $dav_access.map |$k, $v| { "${k}:${v}" }.join(' '),
-      'client_body_temp_path' => "${file_path}/tmp",
-      'create_full_put_path'  => 'on',
-      'autoindex'             => 'on',
-      'allow'                 => 'all',
-    }
-  }
-}
diff --git a/modules/profiles/manifests/workstation.pp b/modules/profiles/manifests/workstation.pp
deleted file mode 100644
index 167faef..0000000
--- a/modules/profiles/manifests/workstation.pp
+++ /dev/null
@@ -1,137 +0,0 @@
-class profiles::workstation (
-) {
-  $os = $facts['os']['name'].downcase()
-  include "::profiles::workstation::${os}"
-
-  include ::profiles::group_profile
-
-  if ($facts['systemd']) {
-    file { 'User ssh-agent service':
-      path   => '/etc/systemd/user/ssh-agent.service',
-      source => "puppet:///modules/profiles/ssh-agent.service",
-    }
-  }
-
-  # NOTE Hard coding checksums here kind of defeats the point of
-  # pulling in data from above (since we no longer get updates),
-  # but since GitHub doesn't send checksum headers the files gets
-  # updated every time otherwise, which creates noise.
-
-  file { 'Dvorak A6 TTY keyboard layout':
-    ensure         => file,
-    path           => '/usr/share/kbd/keymaps/i386/dvorak/dvorak-sv-a6.map',
-    checksum       => 'md5',
-    checksum_value => '96be6c1aa81522db46673c0f68e3336a',
-    source         => 'https://raw.githubusercontent.com/HugoNikanor/keymaps/master/linux-tty/dvorak-sv-a6.map',
-  }
-
-  file { 'Dvorak A6 X11 keyboard layout':
-    ensure         => file,
-    path           => '/usr/share/X11/xkb/symbols/planck',
-    checksum       => 'md5',
-    checksum_value => '1f1023f6958916de592695cedbc94e5c',
-    source         => 'https://raw.githubusercontent.com/HugoNikanor/keymaps/master/X11/planck',
-  }
-
-  $xkb_layout = 'planck'
-  $xkb_variant = 'dvorak_a6'
-  $xkb_options = 'compose:caps'
-
-  file { '/etc/X11/xorg.conf.d':
-    ensure  => directory,
-    recurse => false,
-  }
-
-  file { 'X11 Raise max clients':
-    ensure  => file,
-    path    => '/etc/X11/xorg.conf.d/99-maxclients.conf',
-    content => @(EOF)
-      Section "ServerFlags"
-        Option "MaxClients" "2048"
-      EndSection
-      | EOF
-  }
-
-  file { 'Default X11 keymap':
-    ensure  => file,
-    path    => '/etc/X11/xorg.conf.d/00-keyboard.conf',
-    content => @("EOF")
-      Section "InputClass"
-        Identifier "system-keyboard"
-        MatchIsKeyboard "on"
-        Option "XkbLayout" "${xkb_layout}"
-        Option "XkbModel" "pc105"
-        Option "XkbVariant" "${xkb_variant}"
-        Option "XkbOptions" "${xkb_options}"
-      EndSection
-      | EOF
-  }
-
-  file { 'Model M X11 keymap':
-    ensure  => file,
-    path    => '/etc/X11/xorg.conf.d/01-model-m.conf',
-    content => @(EOF)
-      Section "InputClass"
-        Identifier "Model M"
-        MatchUSBID "17f6:0822"
-        Option "XkbLayout" "us"
-        Option "XkbVariant" "dvorak"
-      EndSection
-      | EOF
-  }
-
-  file { 'Setup console':
-    ensure  => file,
-    path    => '/etc/vconsole.conf',
-    content =>  epp('profiles/keyvalue.epp', { 'values' => {
-      'KEYMAP' => 'dvorak-sv-a6',
-      'FONT'   => 'lat9v-12',
-    }}),
-  }
-
-  $cowpath = [
-    '/usr/share/cows',
-    '/usr/local/share/cows',
-  ]
-
-  file { '/etc/environment':
-    content =>  epp('profiles/keyvalue.epp', { values => {
-      'COWPATH'  => $cowpath.join(':'),
-      'MANWIDTH' => 80,
-      'MPD_HOST' => 'jukebox.lysator.liu.se',
-      'PAGER'    => 'less',
-      'EDITOR'   => '/usr/bin/vi',
-      'VISUAL'   => '/usr/bin/vim',
-    }})
-  }
-
-  service { 'systemd-resolved':
-    enable => mask,
-  }
-
-  file { 'Passmenu with OTP support':
-    path   => '/usr/local/bin/passmenu',
-    mode   => '0555',
-    source => 'puppet:///modules/profiles/passmenu',
-  }
-
-  file { '/etc/sudoers':
-    validate_cmd => '/usr/bin/visudo -cf %',
-    content      => @(EOF)
-      Defaults  insults
-      root   ALL=(ALL) ALL
-      %root  ALL=(ALL) ALL
-      %wheel ALL=(ALL) ALL
-
-      @includedir /etc/sudoers.d
-      | EOF
-  }
-
-
-  systemd_mount { '/usr/net':
-    what      => 'elrond:/files',
-    where     => '/usr/net',
-    wantedBy  => 'remote-fs.target',
-    automount => true,
-  }
-}
diff --git a/modules/profiles/manifests/workstation/archlinux.pp b/modules/profiles/manifests/workstation/archlinux.pp
deleted file mode 100644
index 0919efd..0000000
--- a/modules/profiles/manifests/workstation/archlinux.pp
+++ /dev/null
@@ -1,51 +0,0 @@
-class profiles::workstation::archlinux {
-
-  pacman::hook { 'systemd daemon-reload':
-    description => 'Reload systemd user daemon',
-    exec       => '/bin/sudo systemctl --machine=hugo@.host --user daemon-reload',
-    when       => 'PostTransaction',
-    trigger    => {
-      operation => 'Upgrade',
-      type      => 'Path',
-      target    => 'usr/lib/systemd/user/*',
-    },
-  }
-
-  package { 'kernel-modules-hook':
-    ensure => installed,
-  } -> service { 'linux-modules-cleanup':
-    enable => true,
-  }
-
-  $cpus = $facts['processors']['count'] - 1
-  file_line { 'Makepkg paralell':
-    path  => '/etc/makepkg.conf',
-    after => '^#-- Make flags',
-    line  => "MAKEFLAGS='-j${cpus}'"
-  }
-
-  pacman::repo { 'adrift-space':
-    ensure    => present,
-    server    => 'http://repo.gandalf.adrift.space/arch',
-    sig_level => 'Optional',
-  }
-
-  # remove
-  # - netctl
-
-  # aur-packages
-#     - pacaur
-#     - ansible-aur-git
-#     - cyrus-sasl-xoauth2-git
-#     - todotxt
-#     - effitask
-#     - getmail
-#     - mu
-#     # - pacaur
-#     - pandoc-bin
-#     - tlclient
-#     # backups old modules on kernel update
-#     - kernel-modules-hook
-
-
-}
diff --git a/modules/profiles/manifests/xmonad.pp b/modules/profiles/manifests/xmonad.pp
deleted file mode 100644
index be8d516..0000000
--- a/modules/profiles/manifests/xmonad.pp
+++ /dev/null
@@ -1,29 +0,0 @@
-# Setup xmonad, only tested on arch linux
-class profiles::xmonad {
-  ensure_packages ([
-    'xmonad',
-    'xmonad-contrib',
-    # apparently really needed by xmonad
-    'xorg-fonts-misc',
-    'ghc',
-    'xorg-xmessage',
-    'dzen2',
-    'dmenu',
-    'rofi',
-  ], { ensure => installed })
-
-  # Rebuilt my local xmonad config after an upgrade to xmonad.
-  # It's required, I think due to something with dynamic linking.
-  # It's actually pretty ugly that I'm hardcoded in here, but
-  # something had to be done.
-  pacman::hook { 'xmonad':
-    description => 'Rebuild local xmonad config.',
-    when        => 'PostTransaction',
-    exec        => '/bin/sudo -Hu hugo xmonad --recompile',
-    trigger       => {
-      type      => 'Package',
-      operation => ['Upgrade', 'Install'],
-      target    => 'xmonad*',
-    },
-  }
-}
diff --git a/modules/profiles/templates/aconnect.epp b/modules/profiles/templates/aconnect.epp
deleted file mode 100644
index 044ada6..0000000
--- a/modules/profiles/templates/aconnect.epp
+++ /dev/null
@@ -1,8 +0,0 @@
-<%- | String $input_unit,
-      String $output_unit
-| -%>
-# Where data comes from
-INPUT_UNIT='<%= $input_unit %>'
-# Where it should go
-OUTPUT_UNIT='<%= $output_unit %>'
-
diff --git a/modules/profiles/templates/imagemagick-policy.xml.epp b/modules/profiles/templates/imagemagick-policy.xml.epp
deleted file mode 100644
index cbea9e9..0000000
--- a/modules/profiles/templates/imagemagick-policy.xml.epp
+++ /dev/null
@@ -1,89 +0,0 @@
-<%- | Array[Hash] $policies | -%>
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE policymap [
-  <!ELEMENT policymap (policy)*>
-  <!ATTLIST policymap xmlns CDATA #FIXED ''>
-  <!ELEMENT policy EMPTY>
-  <!ATTLIST policy xmlns CDATA #FIXED '' domain NMTOKEN #REQUIRED
-    name NMTOKEN #IMPLIED pattern CDATA #IMPLIED rights NMTOKEN #IMPLIED
-    stealth NMTOKEN #IMPLIED value CDATA #IMPLIED>
-]>
-<!--
-  Configure ImageMagick policies.
-
-  Domains include system, delegate, coder, filter, path, or resource.
-
-  Rights include none, read, write, execute and all.  Use | to combine them,
-  for example: "read | write" to permit read from, or write to, a path.
-
-  Use a glob expression as a pattern.
-
-  Suppose we do not want users to process MPEG video images:
-
-    <policy domain="delegate" rights="none" pattern="mpeg:decode" />
-
-  Here we do not want users reading images from HTTP:
-
-    <policy domain="coder" rights="none" pattern="HTTP" />
-
-  The /repository file system is restricted to read only.  We use a glob
-  expression to match all paths that start with /repository:
-
-    <policy domain="path" rights="read" pattern="/repository/*" />
-
-  Lets prevent users from executing any image filters:
-
-    <policy domain="filter" rights="none" pattern="*" />
-
-  Any large image is cached to disk rather than memory:
-
-    <policy domain="resource" name="area" value="1GP"/>
-
-  Use the default system font unless overwridden by the application:
-
-    <policy domain="system" name="font" value="/usr/share/fonts/favorite.ttf"/>
-
-  Define arguments for the memory, map, area, width, height and disk resources
-  with SI prefixes (.e.g 100MB).  In addition, resource policies are maximums
-  for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
-  exceeds policy maximum so memory limit is 1GB).
-
-  Rules are processed in order.  Here we want to restrict ImageMagick to only
-  read or write a small subset of proven web-safe image types:
-
-    <policy domain="delegate" rights="none" pattern="*" />
-    <policy domain="filter" rights="none" pattern="*" />
-    <policy domain="coder" rights="none" pattern="*" />
-    <policy domain="coder" rights="read|write" pattern="{GIF,JPEG,PNG,WEBP}" />
--->
-<policymap>
-  <!-- Sample policies -->
-  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
-  <!-- <policy domain="resource" name="memory" value="2GiB"/> -->
-  <!-- <policy domain="resource" name="map" value="4GiB"/> -->
-  <!-- <policy domain="resource" name="width" value="10KP"/> -->
-  <!-- <policy domain="resource" name="height" value="10KP"/> -->
-  <!-- <policy domain="resource" name="list-length" value="128"/> -->
-  <!-- <policy domain="resource" name="area" value="100MP"/> -->
-  <!-- <policy domain="resource" name="disk" value="16EiB"/> -->
-  <!-- <policy domain="resource" name="file" value="768"/> -->
-  <!-- <policy domain="resource" name="thread" value="4"/> -->
-  <!-- <policy domain="resource" name="throttle" value="0"/> -->
-  <!-- <policy domain="resource" name="time" value="3600"/> -->
-  <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
-  <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
-  <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> -->
-  <!-- <policy domain="path" rights="none" pattern="@*" /> -->
-  <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
-  <!-- <policy domain="cache" name="synchronize" value="True"/> -->
-  <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
-  <!-- <policy domain="system" name="max-memory-request" value="256MiB"/> -->
-  <!-- <policy domain="system" name="shred" value="2"/> -->
-  <!-- <policy domain="system" name="precision" value="6"/> -->
-  <!-- <policy domain="system" name="font" value="/path/to/unicode-font.ttf"/> -->
-  <!-- Below policies generated from puppet -->
-  <% $policies.map |$policy| { %>
-  <policy domain="<%= $policy['domain'] %>" rights="<%= $policy['rights'] %>" pattern="<%= $policy['pattern'] %>" />
-  <%- } %>
-</policymap>
-<!-- NOTE File managed by puppet, any manual changes will be overwritten. -->
diff --git a/modules/profiles/templates/keyvalue.epp b/modules/profiles/templates/keyvalue.epp
deleted file mode 100644
index 694978a..0000000
--- a/modules/profiles/templates/keyvalue.epp
+++ /dev/null
@@ -1,4 +0,0 @@
-<%- | Hash $values | -%>
-<% $values.map |$key, $value| { -%>
-<%= $key %>=<%= $value %>
-<%- } %>
diff --git a/modules/profiles/templates/transmission.json.epp b/modules/profiles/templates/transmission.json.epp
deleted file mode 100644
index 885ad5e..0000000
--- a/modules/profiles/templates/transmission.json.epp
+++ /dev/null
@@ -1,77 +0,0 @@
-<%- | String $rpc_username,
-      String $rpc_password,
-      String $download_dir,
-      Integer $rpc_port,
-      String $rpc_url,
-      Integer $msg_level = 1,
-      Optional[String] $incomplete_dir = undef,
-      Optional[Array[String]] $rpc_whitelist = undef,
-| -%>
-{
-    "alt-speed-down": 50,
-    "alt-speed-enabled": false,
-    "alt-speed-time-begin": 540,
-    "alt-speed-time-day": 127,
-    "alt-speed-time-enabled": false,
-    "alt-speed-time-end": 1020,
-    "alt-speed-up": 50,
-    "bind-address-ipv4": "0.0.0.0",
-    "bind-address-ipv6": "::",
-    "blocklist-enabled": false,
-    "blocklist-url": "http://www.example.com/blocklist",
-    "cache-size-mb": 4,
-    "dht-enabled": true,
-    "download-dir": "<%= $download_dir -%>",
-    "download-queue-enabled": true,
-    "download-queue-size": 5,
-    "encryption": 1,
-    "idle-seeding-limit": 30,
-    "idle-seeding-limit-enabled": false,
-    "incomplete-dir": "<%= $incomplete_dir -%>",
-    "incomplete-dir-enabled": <%= if ($incomplete_dir) { 'true' } else { 'false' } -%>,
-    "lpd-enabled": false,
-    "message-level": <%= $msg_level -%>,
-    "peer-congestion-algorithm": "",
-    "peer-id-ttl-hours": 6,
-    "peer-limit-global": 200,
-    "peer-limit-per-torrent": 50,
-    "peer-port": 51413,
-    "peer-port-random-high": 65535,
-    "peer-port-random-low": 49152,
-    "peer-port-random-on-start": false,
-    "peer-socket-tos": "default",
-    "pex-enabled": true,
-    "port-forwarding-enabled": true,
-    "preallocation": 1,
-    "prefetch-enabled": true,
-    "queue-stalled-enabled": true,
-    "queue-stalled-minutes": 30,
-    "ratio-limit": 2,
-    "ratio-limit-enabled": false,
-    "rename-partial-files": true,
-    "rpc-authentication-required": true,
-    "rpc-bind-address": "::",
-    "rpc-enabled": true,
-    "rpc-host-whitelist": "",
-    "rpc-host-whitelist-enabled": false,
-    "rpc-password": "<%= $rpc_password -%>",
-    "rpc-port": <%= $rpc_port -%>,
-    "rpc-url": "<%= $rpc_url -%>",
-    "rpc-username": "<%= $rpc_username -%>",
-    "rpc-whitelist": "<%= $rpc_whitelist.join(',') -%>",
-    "rpc-whitelist-enabled": <%= if ($rpc_whitelist) { 'false' } else { 'false' }-%>,
-    "scrape-paused-torrents-enabled": true,
-    "script-torrent-done-enabled": false,
-    "script-torrent-done-filename": "",
-    "seed-queue-enabled": false,
-    "seed-queue-size": 10,
-    "speed-limit-down": 100,
-    "speed-limit-down-enabled": false,
-    "speed-limit-up": 100,
-    "speed-limit-up-enabled": false,
-    "start-added-torrents": true,
-    "trash-original-torrent-files": false,
-    "umask": 18,
-    "upload-slots-per-torrent": 14,
-    "utp-enabled": true
-}
-- 
cgit v1.2.3