20 changed files with 317 additions and 246 deletions
--- a/.gitignore
+++ b/.gitignore
@ -161,4 +161,3 @@ cython_debug/
 #.idea/
 ansible/credentials/
 terraform/mcaptcha/mcaptcha
 sec/
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -1,27 +0,0 @@
 steps:
  backend:
    image: python:3-bookworm
    environment:
      - ANSIBLE_HOST_KEY_CHECKING=False
    commands:
      - export PATH=$PATH:/root/.local/bin
      - eval "$(ssh-agent -s)"
      - make ci.init
      - cat terraform/mcaptcha/hosts.ini
      # db: mariadb cache: redis
      - . venv/bin/activate && ansible-playbook --become -i terraform/mcaptcha/hosts.ini --extra-vars "database_type=mariadb cache_type=redis" ./ansible/mcaptcha.yml
      - INVENTORY=terraform/mcaptcha/hosts.ini make test.cache
      - INVENTORY=terraform/mcaptcha/hosts.ini make test.mcaptcha
      # db: postgres cache: redis
      - . venv/bin/activate && ansible-playbook --become -i terraform/mcaptcha/hosts.ini --extra-vars "database_type=postgres cache_type=redis" ./ansible/mcaptcha.yml
      - INVENTORY=terraform/mcaptcha/hosts.ini make test.cache
      - INVENTORY=terraform/mcaptcha/hosts.ini make test.mcaptcha
      # embedded cache
      - . venv/bin/activate && ansible-playbook --become -i terraform/mcaptcha/hosts.ini --extra-vars "database_type=postgres cache_type=embedded" ./ansible/mcaptcha.yml
      - INVENTORY=terraform/mcaptcha/hosts.ini make test.mcaptcha
      # embedded cache
      - . venv/bin/activate && ansible-playbook --become -i terraform/mcaptcha/hosts.ini --extra-vars "database_type=mariadb cache_type=embedded" ./ansible/mcaptcha.yml
      - INVENTORY=terraform/mcaptcha/hosts.ini make test.mcaptcha
      - make ci.clean
    secrets: [TEST_NODE_SSH_KEY]
--- a/24
+++ b/24
@ -134,29 +134,5 @@ test.cache: ## Test cache configuration
 test.mcaptcha: ## Test mcaptcha configuration
 	$(call test_mcaptcha)
 ci.init:
 	apt-get update
 	apt-get install -y ca-certificates curl gnupg tar wget libssl-dev python3-pip cython3 pipx apt-transport-https coreutils iputils-ping openssh-client libvirt-clients genisoimage
 	./scripts/ci.sh --init "$$TEST_NODE_SSH_KEY"
 	ssh-add /tmp/ci-ssh-id
 	ssh -o StrictHostKeyChecking=accept-new mcaptcha-ci@192.168.0.102 "echo f"
 	install -m 0755 -d /etc/apt/keyrings
 	curl -fsSL https://packages.opentofu.org/opentofu/tofu/gpgkey | gpg --no-tty --batch --dearmor -o /etc/apt/keyrings/opentofu.gpg
 	chmod a+r /etc/apt/keyrings/opentofu.gpg
 	echo "deb [signed-by=/etc/apt/keyrings/opentofu.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main" > /etc/apt/sources.list.d/opentofu.list
 	echo "deb-src [signed-by=/etc/apt/keyrings/opentofu.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main" >> /etc/apt/sources.list.d/opentofu.list
 	apt-get update
 	apt-get install -y tofu
 	tofu -chdir=terraform/mcaptcha/ init
 	tofu -chdir=terraform/mcaptcha/ plan -var-file="ci.tfvars" -out="mcaptcha"
 	tofu -chdir=terraform/mcaptcha/ apply "mcaptcha"
 	pip install virtualenv && virtualenv venv
 	. venv/bin/activate && pip install -r requirements.txt
 	. venv/bin/activate && ansible-galaxy install -r ./ansible/requirements.yml
 ci.clean:
 	echo yes | tofu -chdir=terraform/mcaptcha/  destroy  -var-file="ci.tfvars"
 	./scripts/ci.sh --clean
 help: ## Prints help for targets with comments
 	@cat $(MAKEFILE_LIST) | grep -E '^[a-zA-Z_-].+:.*?## .*$$' | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
--- a/ansible/templates/mcaptcha/mcaptcha.service.j2
+++ b/ansible/templates/mcaptcha/mcaptcha.service.j2
@ -2,23 +2,18 @@
 Description=mCaptcha: PoW CAPTCHA system
 After=syslog.target
 After=network.target
-
+###
-{% if cache_type == 'redis' %}
+# Don't forget to add the database service dependencies
-Wants=redis.service
+###
-After=redis.service
+#
-{% endif %}
+#Wants=mariadb.service
-
+#After=mariadb.service
-{% if database_type == 'postgres' %}
+#
 Wants=postgresql.service
 After=postgresql.service
-{% endif %}
+#
-
+#Wants=redis.service
-{% if database_type == 'mariadb' %}
+#After=redis.service
 Wants=mariadb.service
 After=mariadb.service
 {% endif %}
 [Service]
 RestartSec=2s
--- a/ansible/base.yml
+++ b/ansible/base.yml
@ -8,6 +8,8 @@
  pre_tasks:
    - name: Ensure all VMs are reachable
      ansible.builtin.ping:
  roles:
    - ufw
  tasks:
    - name: Install git, zip, nginx, wget, curl & other utils
@ -25,3 +27,4 @@
          - python3-pip
          - virtualenv
          - python3-setuptools
          - ufw
--- a/ansible/cache.yml
+++ b/ansible/cache.yml
@ -6,7 +6,7 @@
  ansible.builtin.import_playbook: base.yml
 - name: Install redis cache
-  hosts: all
+  hosts: mcaptcha_hosts
  pre_tasks:
    - name: Ensure all VMs are reachable
      ansible.builtin.ping:
--- a/ansible/locust.yml
+++ b/ansible/locust.yml
@ -4,8 +4,6 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 - name: Base configuration
  ansible.builtin.import_playbook: base.yml
  roles:
    - ufw
 - name: Configure Locust instances
  hosts: [mcaptcha_dos]
--- a/ansible/mcaptcha.yml
+++ b/ansible/mcaptcha.yml
@ -6,7 +6,7 @@
  ansible.builtin.import_playbook: base.yml
 - name: Install and configure postgres
-  hosts: all
+  hosts: mcaptcha_hosts
  become: yes
  vars_files:
    - vars/mcaptcha/vars.yml
@ -18,11 +18,11 @@
        database_type == "postgres"
 - name: Install and configure mariadb
-  hosts: all
+  hosts: mcaptcha_hosts
  become: yes
  vars_files:
    - vars/mcaptcha/vars.yml
-    - vars/mcaptcha/mariadb.yml
+    - vars/mcaptcha/mariadb.yml.yml
  tasks:
    - ansible.builtin.include_role:
        name: geerlingguy.mysql
@ -30,7 +30,7 @@
        database_type == "mariadb"
 - name: Install and configure cache
-  hosts: all
+  hosts: mcaptcha_hosts
  become: yes
  vars_files:
    - vars/mcaptcha/vars.yml
@ -41,7 +41,7 @@
      when: cache_type == "redis"
 - name: Install mCaptcha binary
-  hosts: all
+  hosts: mcaptcha_hosts
  vars_files:
    - vars/mcaptcha/vars.yml
  roles:
@ -59,6 +59,7 @@
        cache_valid_time: 3600
        pkg:
          - nginx
          - ufw
    - name: Copy nginx vhost
      become: true
@ -82,3 +83,11 @@
      ansible.builtin.service:
        name: nginx
        state: restarted
    - name: Allow port 80 and enable UFW
      become: true
      community.general.ufw:
        state: enabled
        rule: allow
        proto: tcp
        port: "80"
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@ -1,3 +0,0 @@
 - src: geerlingguy.mysql
 - src: geerlingguy.postgresql
--- a/ansible/roles/mcaptcha/tasks/main.yml
+++ b/ansible/roles/mcaptcha/tasks/main.yml
@ -42,9 +42,9 @@
 - name: Copy mCaptcha systemd servicefile
  become: true
-  ansible.builtin.template:
+  ansible.builtin.copy:
-    src: ./templates/mcaptcha/mcaptcha.service.j2
+    src: ./artifacts/mcaptcha/mcaptcha.service
-    dest: /etc/systemd/system/mcaptcha.service
+    dest: /etc/systemd/system/
    owner: root
    group: root
    force: true
@ -57,7 +57,7 @@
    state: directory
    mode: "0755"
- name: Copy mCaptcha config file
+- name: Copy mCaptcha systemd servicefile
  become: true
  notify: restart mcaptcha
  ansible.builtin.template:
--- a/renovate.json
+++ b/renovate.json
@ -1,21 +0,0 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:recommended",
    ":dependencyDashboard"
  ],
  "labels": [
    "renovate-bot"
  ],
  "prHourlyLimit": 0,
  "timezone": "Asia/kolkata",
  "prCreation": "immediate",
  "vulnerabilityAlerts": {
    "enabled": true,
    "labels": [
      "renovate-bot",
      "renovate-security",
      "security"
    ]
  }
 }
--- a/requirements.txt
+++ b/requirements.txt
@ -1,31 +1,289 @@
-ansible==9.1.0
+ansible==8.1.0
-ansible-core==2.16.2
+ansible-core==2.15.1
-certifi==2023.11.17
+certifi==2023.5.7
-cffi==1.16.0
+cffi==1.15.1
-charset-normalizer==3.3.2
+charset-normalizer==3.2.0
 contextvars==2.4
-cryptography==41.0.7
+cryptography==41.0.2
 distro==1.8.0
 execnet==2.0.2
-idna==3.6
+idna==3.4
-immutables==0.20
+immutables==0.19
 iniconfig==2.0.0
 Jinja2==3.1.2
 jmespath==1.0.1
 looseversion==1.3.0
 MarkupSafe==2.1.3
-msgpack==1.0.7
+msgpack==1.0.5
-packaging==23.2
+packaging==23.1
-pluggy==1.3.0
+pluggy==1.2.0
-psutil==5.9.6
+psutil==5.9.5
 pycparser==2.21
-pycryptodomex==3.19.0
+pycryptodomex==3.18.0
-pytest==7.4.3
+pytest==7.4.0
-pytest-testinfra==10.0.0
+pytest-testinfra==8.1.0
-pytest-xdist==3.5.0
+pytest-xdist==3.3.1
-PyYAML==6.0.1
+PyYAML==6.0
-pyzmq==25.1.2
+pyzmq==25.0.2
 requests==2.31.0
 resolvelib==1.0.1
-salt==3006.4
+salt==3006.1
-urllib3==2.1.0
+urllib3==2.0.3
 airdrop-ng==1.1
 airgraph-ng==1.1
 apparmor==3.1.6
 appdirs==1.4.4
 argcomplete==2.0.0
 asttokens==2.2.1
 async-timeout==4.0.2
 attrs==22.2.0
 autocommand==2.2.2
 autopage==0.5.1
 Babel==2.12.1
 beautifulsoup4==4.12.2
 binwalk==2.3.3
 black==23.7.0
 borgbackup==1.2.4
 Brlapi==0.8.5
 btrfsutil==6.3.3
 certifi==2023.7.22
 cffi==1.15.1
 chardet==5.2.0
 charset-normalizer==3.2.0
 click==8.1.6
 cliff==4.3.0
 cmd2==2.4.3
 codespell==2.2.5
 colorama==0.4.6
 ConfigArgParse==1.5.3
 contourpy==1.1.0
 crit==3.18
 cryptography==41.0.3
 cupshelpers==1.0
 cycler==0.11.0
 Cython==3.0.0
 dbus-python==1.3.2
 debtcollector==2.5.0
 decorator==5.1.1
 defusedxml==0.7.1
 deprecation==2.1.0
 devtools==0.11.0
 distlib==0.3.7
 distro==1.8.0
 dnspython==2.3.0
 dogpile.cache==1.1.8
 executing==1.2.0
 fastjsonschema==2.18.0
 filelock==3.12.2
 fonttools==4.42.0
 gevent==22.10.2
 git-filter-repo==2.38.0
 gpg==1.21.0
 greenlet==2.0.2
 html5lib==1.1
 httpie==3.2.1
 idna==3.4
 importlib-metadata==5.0.0
 inflect==7.0.0
 iotop==0.6
 iso8601==2.0.0
 jaraco.context==4.3.0
 jaraco.functools==3.8.1
 jaraco.text==3.11.1
 jedi==0.18.2
 jmespath==1.0.1
 jsonpatch==1.33
 jsonpointer==2.4
 jsonschema==4.19.0
 jsonschema-specifications==2023.7.1
 keystoneauth1==5.2.1
 kiwisolver==1.4.4
 lensfun==0.3.4
 LibAppArmor==3.1.6
 libfdt==1.7.0
 libtorrent==2.0.9
 libvirt-python==9.6.0
 lit==15.0.7.dev0
 louis==3.26.0
 lxml==4.9.2
 Mako==1.2.4
 mallard-ducktype==1.0.2
 Markdown==3.4.4
 markdown-it-py==2.2.0
 MarkupSafe==2.1.3
 matplotlib==3.7.2
 mdurl==0.1.2
 MemoizeDB==2021.11.20.2.41.2
 meson==1.2.1
 more-itertools==10.1.0
 msgpack==1.0.5
 multidict==6.0.4
 mypy-extensions==1.0.0
 netaddr==0.8.0
 netifaces==0.11.0
 nftables==0.1
 numpy==1.25.1
 openshot-qt==3.1.1
 openstacksdk==1.0.1
 ordered-set==4.1.0
 os-service-types==1.7.0
 osc-lib==2.8.0
 oslo.config==9.1.1
 oslo.i18n==6.0.0
 oslo.serialization==5.1.1
 oslo.utils==6.1.0
 packaging==23.1
 parso==0.8.3
 pathspec==0.11.2
 pbr==5.11.1
 perf==0.1
 Pillow==10.0.0
 pipenv==2023.7.23
 pipx==1.2.0
 platformdirs==3.10.0
 ply==3.11
 pm2ml==2021.11.20.2.41.2
 pooch==1.7.0
 Powerpill==2021.11.20.2.41.2
 prettytable==3.6.0
 protobuf==4.23.4
 psutil==5.9.5
 pwquality==1.4.5
 pyalpm==0.10.6
 pyasn1==0.4.8
 pybind11==2.11.1
 pycairo==1.24.0
 pycparser==2.21
 pycups==2.0.1
 pycurl==7.45.2
 pydantic==1.10.9
 Pygments==2.16.1
 PyGObject==3.44.1
 pynvim==0.4.3
 pyOpenSSL==23.2.0
 pyparsing==3.0.9
 pyperclip==1.8.2
 PyQt5==5.15.9
 PyQt5-sip==12.12.2
 PyQtWebEngine==5.15.6
 pyrsistent==0.19.3
 pysequoia==0.1.20
 PySocks==1.7.1
 python-cinderclient==9.3.0
 python-dateutil==2.8.2
 python-glanceclient==4.1.0
 python-keystoneclient==5.1.0
 python-novaclient==18.3.0
 python-openstackclient==6.2.0
 pytz==2023.3
 pyxdg==0.28
 PyYAML==6.0.1
 pyzmq==25.1.1
 redis==4.6.0
 referencing==0.30.2
 Reflector==2023.6.28.0.36.1
 requests==2.28.2
 requests-toolbelt==1.0.0
 requestsexceptions==1.4.0
 rfc3986==2.0.0
 rich==13.5.2
 rpds-py==0.9.2
 rpm==4.18.1
 scipy==1.11.1
 simplejson==3.19.1
 six==1.16.0
 soupsieve==2.4.1
 stevedore==5.1.0
 TBB==0.2
 tomli==2.0.1
 torbrowser-launcher==0.3.6
 tqdm==4.65.0
 trash-cli==0.23.2.13.2
 trimage==1.0.6
 trove-classifiers==2023.8.8
 typing_extensions==4.7.1
 uc-micro-py==1.0.2
 ufw==0.36.2
 urllib3==1.26.15
 userpath==1.8.0
 validate-pyproject==0.13.post1.dev0+gb752273.d20230520
 vboxapi==1.0
 virtualenv==20.24.3
 virtualenv-clone==0.5.7
 warlock==2.0.1
 wcwidth==0.2.6
 webencodings==0.5.1
 wrapt==1.14.1
 XCGF==2021.11.20.2.41.3
 XCPF==2021.12.24.10.22.41
 youtube-dl==2021.12.17
 yt-dlp==2023.7.6
 zipp==3.16.2
 zope.event==5.0
 zope.interface==6.0
 ansible==8.1.0
 ansible-compat==4.1.6
 ansible-core==2.15.1
 ansible-lint==6.17.2
 astroid==2.15.6
 attrs==23.1.0
 black==23.7.0
 bracex==2.3.post1
 certifi==2023.5.7
 cffi==1.15.1
 charset-normalizer==3.2.0
 click==8.1.6
 contextvars==2.4
 cryptography==41.0.2
 dill==0.3.7
 distro==1.8.0
 execnet==2.0.2
 filelock==3.12.2
 gitdb==4.0.10
 GitPython==3.1.32
 idna==3.4
 immutables==0.19
 iniconfig==2.0.0
 isort==5.12.0
 Jinja2==3.1.2
 jmespath==1.0.1
 jsonschema==4.19.0
 jsonschema-specifications==2023.7.1
 lazy-object-proxy==1.9.0
 lint==1.2.1
 looseversion==1.3.0
 markdown-it-py==3.0.0
 MarkupSafe==2.1.3
 mccabe==0.7.0
 mdurl==0.1.2
 msgpack==1.0.5
 mypy-extensions==1.0.0
 packaging==23.1
 pathspec==0.11.2
 platformdirs==3.10.0
 pluggy==1.2.0
 psutil==5.9.5
 pycparser==2.21
 pycryptodomex==3.18.0
 Pygments==2.16.1
 pylint==2.17.5
 pytest==7.4.0
 pytest-testinfra==8.1.0
 pytest-xdist==3.3.1
 PyYAML==6.0
 pyzmq==25.0.2
 referencing==0.30.2
 requests==2.31.0
 resolvelib==1.0.1
 rich==13.5.2
 rpds-py==0.9.2
 ruamel.yaml==0.17.32
 ruamel.yaml.clib==0.2.7
 salt==3006.1
 smmap==5.0.0
 subprocess-tee==0.4.1
 tomlkit==0.12.1
 urllib3==2.0.3
 wcmatch==8.4.1
 wrapt==1.15.0
 yamllint==1.32.0
--- a/scripts/ci.sh
+++ b/scripts/ci.sh
@ -1,84 +0,0 @@
 #!/bin/bash
 # ci.sh: Helper script to automate deployment operations on CI/CD
 # Copyright © 2022 Aravinth Manivannan <realaravinth@batsense.net>
 # 
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as
 # published by the Free Software Foundation, either version 3 of the
 # License, or (at your option) any later version.
 # 
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 # 
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 set -xEeuo  pipefail
 #source $(pwd)/scripts/lib.sh
 readonly SSH_ID_FILE=/tmp/ci-ssh-id
 match_arg() {
    if [ $1 == $2 ] || [ $1 == $3 ]
    then
        return 0
    else
        return 1
    fi
 }
 help() {
 	cat << EOF
 USAGE: ci.sh [SUBCOMMAND]
 Helper script to automate deployment operations on CI/CD
 Subcommands
  -c  --clean	cleanup secrets, SSH key and other runtime data
  -i  --init <SSH_PRIVATE_KEY>	initialize environment, write SSH private to file
  -h  --help	print this help menu
 EOF
 }
 # $1: SSH private key
 write_ssh(){
 	truncate --size 0 $SSH_ID_FILE
 	echo "$1" > $SSH_ID_FILE
 	chmod 600 $SSH_ID_FILE
 }
 clean() {
 	if [ -f $SSH_ID_FILE ]
 	then
 		shred $SSH_ID_FILE
 		rm $SSH_ID_FILE
 	fi
 }
 if (( "$#" < 1 ))
 then
 	help
 	exit -1
 fi
 if match_arg $1 '-i' '--init'
 then
 	if (( "$#" < 2 ))
 	then
 		help
 		exit -1
 	fi
 	write_ssh "$2"
 elif match_arg $1 '-c' '--clean'
 then
 	clean
 elif match_arg $1 '-h' '--help'
 then
 	help
 else
 	help
 fi
--- a/terraform/mcaptcha/ci.tfvars
+++ b/terraform/mcaptcha/ci.tfvars
@ -1,5 +0,0 @@
 libvirt_uri                = "qemu+ssh://mcaptcha-ci@192.168.0.102/system?keyfile=/tmp/ci-ssh-id&sshauth=privkey&no_verify=1"
 libvirt_pool_path          = "/home/mcaptcha-ci/libvirt/pool/mcaptcha_basic"
 libvirt_debian_src         = "http://192.168.0.102/debian-12-generic-amd64.qcow2"
 macvtap_ethernet_interface = "enp2s0"
 ssh_public_key             = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBCYagT9/PXoeaUae7Z3BKOPKBiEvJsCTUIhPCcRp5fb mcaptcha-ci@hellbat.batsense.net"
--- a/terraform/mcaptcha/cloud_init.cfg
+++ b/terraform/mcaptcha/cloud_init.cfg
@ -1,17 +1,10 @@
 #cloud-config
 # vim: syntax=yaml
 packages:
  - sudo
  - qemu-guest-agent
 runcmd:
  - [ systemctl, daemon-reload ]
  - [ systemctl, enable, qemu-guest-agent.service ]
  - [ systemctl, start, --wait, qemu-guest-agent.service ]
 users:
 - name: root
  ssh_authorized_keys:
-    - ${ssh_public_key}
+    - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com
 - name: atm
  gecos: Aravinth Manivannan
  groups: users, admin
@ -20,7 +13,7 @@ users:
  lock_passwd: true
  plain_text_passwd: fooabr12
  ssh_authorized_keys: 
-    - ${ssh_public_key}
+    - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com
 ssh_pwauth: true
 chpasswd:
--- a/terraform/mcaptcha/main.tf
+++ b/terraform/mcaptcha/main.tf
@ -32,9 +32,6 @@ resource "libvirt_volume" "debian-mcaptcha-qcow2" {
 data "template_file" "user_data" {
  template = file("${path.module}/cloud_init.cfg")
  vars = {
    ssh_public_key = var.ssh_public_key
  }
 }
 data "template_file" "network_config" {
--- a/terraform/mcaptcha/mcaptcha.tf
+++ b/terraform/mcaptcha/mcaptcha.tf
@ -16,7 +16,6 @@ resource "libvirt_domain" "mcaptcha_mcaptcha" {
  name   = "mcaptcha_mcaptcha_${count.index}"
  memory = var.mcaptcha_vm_memory
  vcpu   = var.mcaptcha_vm_vcpu
  qemu_agent = true
  cloudinit = libvirt_cloudinit_disk.commoninit.id
@ -32,9 +31,8 @@ resource "libvirt_domain" "mcaptcha_mcaptcha" {
    target_port = "1"
  }
  network_interface {
-    macvtap        = var.macvtap_ethernet_interface
+    network_name   = "default"
    wait_for_lease = true
  }
@ -43,8 +41,6 @@ resource "libvirt_domain" "mcaptcha_mcaptcha" {
  }
 }
 locals {
  mcaptcha_vm_ips   = [for i in libvirt_domain.mcaptcha_mcaptcha : i.network_interface.0.addresses[0]]
  mcaptcha_vm_names = [for i in libvirt_domain.mcaptcha_mcaptcha : i.name]
--- a/terraform/mcaptcha/network_config.cfg
+++ b/terraform/mcaptcha/network_config.cfg
@ -2,4 +2,3 @@ version: 2
 ethernets:
  ens3:
    dhcp4: true
 #	ip: 192.168.0.115
--- a/terraform/mcaptcha/variables.tf
+++ b/terraform/mcaptcha/variables.tf
@ -44,15 +44,3 @@ variable "mcaptcha_vm_vcpu" {
  type        = number
  default     = 4
 }
 variable "macvtap_ethernet_interface" {
  description = "Ethernet interface on the host machine that can be used as macvtap"
  type        = string
  default     = "enp2s0"
 }
 variable "ssh_public_key" {
  description = "Set up SSH login for this public key"
  type        = string
  default     = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com"
 }
		`@ -1,3 +0,0 @@`
			`- src: geerlingguy.mysql`

			`- src: geerlingguy.postgresql`