totpcgi / 2fa: remove old totpci and files and roles.

Note: there are still some calls here in old fas in openshift, but we
will remove those when we remove old fas (likely as soon as zodbot is
ported over to noggin).

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

files/2fa/pam_url.conf.cloud

@@ -1,21 +0,0 @@
-pam_url:
-{
-	settings:
-	{
-		url = "https://fas-all.phx2.fedoraproject.org:8443/";	# URI to fetch
-		returncode = "OK";				# The remote script/cgi should return a 200 http code and this string as its only results
-		userfield = "user";				# userfield name to send
-		passwdfield = "token";				# passwdfield name to send
-		extradata = "&do=login";			# extradata to send
-		prompt = "Password+Token: ";			# password prompt
-	};
-
-	ssl:
-	{
-		verify_peer = true;				# Should we verify SSL ?
-		verify_host = true;				# Should we verify the CN in the SSL cert?
-		client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
-		client_key  = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
-                ca_cert     = "/etc/pki/tls/private/totpcgi-ca.cert";
-	};
-};

files/2fa/pam_url.conf.j2

@@ -1,27 +0,0 @@
-pam_url:
-{
-	settings:
-	{
-                {% if env == 'staging' %}
-		url = "https://fas-all.stg.phx2.fedoraproject.org:8443/";	# URI to fetch
-                {% elif datacenter == 'iad2' %}
-		url = "https://fas-all.iad2.fedoraproject.org:8443/";	# URI to fetch
-                {% else %}
-		url = "https://fas-all.vpn.fedoraproject.org:8443/";	# URI to fetch   
-                {% endif %}
-		returncode = "OK";				# The remote script/cgi should return a 200 http code and this string as its only results
-		userfield = "user";				# userfield name to send
-		passwdfield = "token";				# passwdfield name to send
-		extradata = "&do=login";			# extradata to send
-		prompt = "Password+Token: ";			# password prompt
-	};
-
-	ssl:
-	{
-		verify_peer = true;				# Should we verify SSL ?
-		verify_host = true;				# Should we verify the CN in the SSL cert?
-		client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
-		client_key  = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
-                ca_cert     = "/etc/pki/tls/private/totpcgi-ca.cert";
-	};
-};

files/2fa/pam_url.conf.stg.fedoraproject.org

@@ -1,21 +0,0 @@
-pam_url:
-{
-	settings:
-	{
-		url = "https://fas-all.stg.phx2.fedoraproject.org:8443/";	# URI to fetch
-		returncode = "OK";				# The remote script/cgi should return a 200 http code and this string as its only results
-		userfield = "user";				# userfield name to send
-		passwdfield = "token";				# passwdfield name to send
-		extradata = "&do=login";			# extradata to send
-		prompt = "Password+Token: ";			# password prompt
-	};
-
-	ssl:
-	{
-		verify_peer = true;				# Should we verify SSL ?
-		verify_host = true;				# Should we verify the CN in the SSL cert?
-		client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
-		client_key  = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
-                ca_cert     = "/etc/pki/tls/private/totpcgi-ca.cert";
-	};
-};

files/2fa/pam_url.conf.vpn.fedoraproject.org

@@ -1,21 +0,0 @@
-pam_url:
-{
-	settings:
-	{
-		url = "https://fas-all.vpn.fedoraproject.org:8443/";	# URI to fetch
-		returncode = "OK";				# The remote script/cgi should return a 200 http code and this string as its only results
-		userfield = "user";				# userfield name to send
-		passwdfield = "token";				# passwdfield name to send
-		extradata = "&do=login";			# extradata to send
-		prompt = "Password+Token: ";			# password prompt
-	};
-
-	ssl:
-	{
-		verify_peer = true;				# Should we verify SSL ?
-		verify_host = true;				# Should we verify the CN in the SSL cert?
-		client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
-		client_key  = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
-                ca_cert     = "/etc/pki/tls/private/totpcgi-ca.cert";
-	};
-};

files/2fa/sudo.pam

@@ -1,9 +0,0 @@
-#%PAM-1.0
-auth       required     pam_env.so
-auth       sufficient   pam_url.so config=/etc/pam_url.conf
-auth       requisite    pam_succeed_if.so uid >= 500 quiet
-auth       required     pam_deny.so
-account    include      system-auth
-password   include      system-auth
-session    optional     pam_keyinit.so revoke
-session    required     pam_limits.so

files/2fa/sudo.pam.dev.fedoraproject.org

@@ -1,6 +0,0 @@
-#%PAM-1.0
-auth       include      system-auth
-account    include      system-auth
-password   include      system-auth
-session    optional     pam_keyinit.so revoke
-session    required     pam_limits.so