path: root/roles/workstation/tasks/_openbsd.yml

# workstation ~~ roles/workstation/tasks/main.yml
# init openbsd based workstation

---

- name: install packages
  shell: pkg_add -z {{ item | join(" ") }}
  loop:
    - "{{ pkgs_common }}"
    - "{{ pkgs_openbsd }}"
  register: out
  tags: pkgs

- name: packages installation output
  debug:
    msg: |
      {% for item in out.results %}
      - {{ item.cmd }}
      {% for type in ["stdout_lines", "stderr_lines"] if item[type] %}
      -- {{ type }}
      {% for line in item[type] %}
      --- {{ line }}
      {% endfor %}
      {% endfor %}
      {% endfor %}
  when: out is defined

- name: ensure wsconsctl config file exists
  file:
    path: /etc/wsconsctl.conf
    owner: root
    group: wheel
    mode: 0644
    state: touch

- name: append configuration to wsconsctl
  lineinfile:
    path: /etc/wsconsctl.conf
    regexp: "^{{ item[0] }}"
    line: "{{ item[0] }}={{ item[1] }}"
  loop:
    - [screen.brightness, 80]
    - [keyboard.repeat.del1, 180]
    - [keyboard.repeat.deln, 50]
    - [keyboard.bell.volume, 0]
    - [mouse.tp.tapping, 1]

- name: ensure Xorg subdirectory for configuration exists
  file:
    path: /etc/X11/xorg.conf.d
    owner: root
    mode: 0644
    state: directory

- name: generate system wide configurations
  template:
    src: "{{ item }}"
    dest: "/{{ item | regex_replace('-', '/') }}"
  loop:
    - etc-X11-xorg.conf.d-intel.conf
    - etc-apm-hibernate
    - etc-apm-suspend

- name: ensure sysctl configuration file exists
  file:
    path: /etc/sysctl.conf
    owner: root
    mode: 0644

- name: ensure sysctl memory optimizations
  blockinfile:
    path: /etc/sysctl.conf
    block: |
      kern.shminfo.shmall=3145728
      kern.shminfo.shmmax=1073741823
      kern.shminfo.shmmni=1024
      kern.shminfo.shmseg=1024
      kern.seminfo.semmns=4096
      kern.seminfo.semmni=1024
    marker: "# memory {mark} - managed by Ansible"

- name: ensure sysctl process optimizations
  blockinfile:
    path: /etc/sysctl.conf
    block: |
      kern.maxfiles=102400
      kern.maxproc=32768
      kern.maxfiles=65535
      kern.bufcachepercent=90
      kern.maxvnodes=262144
      kern.somaxconn=2048
    marker: "# process - {mark} managed by Ansible"

- name: start and enable pcscd service
  service:
    name: pcscd
    state: started
    enabled: true