diff --git a/deploy-tws-motd b/deploy-tws-motd index 9acd8ae..ada29e8 100644 --- a/deploy-tws-motd +++ b/deploy-tws-motd @@ -1,5 +1,5 @@ --- -- name: Deploy TWS MOTD +- name: Deploy TWS MOTD (authoritative) hosts: all become: true @@ -8,7 +8,11 @@ tws_short: "TWS" tasks: - - name: Remove static MOTD file (Debian default) + # ---------------------------- + # MOTD PIPELINE SANITIZATION + # ---------------------------- + + - name: Remove static Debian MOTD file: path: /etc/motd state: absent @@ -19,20 +23,42 @@ dest: /etc/motd state: link - - name: Check for default Ubuntu MOTD scripts - stat: - path: "/etc/update-motd.d/{{ item }}" - loop: - - 10-help-text - - 50-motd-news - register: motd_scripts - - - name: Disable default Ubuntu MOTD noise + - name: Disable Proxmox profile banner file: - path: "{{ item.stat.path }}" + path: /etc/profile.d/pve.sh + state: absent + ignore_errors: true + + # Debian runs pam_motd twice — we disable the login path + - name: Disable pam_motd in login (prevents duplicate MOTD) + replace: + path: /etc/pam.d/login + regexp: '^(session\s+optional\s+pam_motd.so.*)$' + replace: '# \1' + ignore_errors: true + + # ---------------------------- + # DISABLE DEFAULT MOTD SCRIPTS + # ---------------------------- + + - name: Find default MOTD scripts + find: + paths: /etc/update-motd.d + file_type: file + patterns: + - "10-help-text" + - "50-motd-news" + register: motd_noise + + - name: Disable default MOTD noise + file: + path: "{{ item.path }}" mode: "0644" - loop: "{{ motd_scripts.results }}" - when: item.stat.exists + loop: "{{ motd_noise.files }}" + + # ---------------------------- + # DEPLOY TWS MOTD + # ---------------------------- - name: Deploy TWS MOTD script copy: @@ -43,7 +69,6 @@ ORG="{{ tws_org }}" SHORT="{{ tws_short }}" - WIDTH=58 line() {