Break workstation role in sub-roles

1 files changed, 54 insertions, 0 deletions

diff --git a/roles/_workstation/sysconf/tasks/main.yml b/roles/_workstation/sysconf/tasks/main.yml
new file mode 100644
index 0000000..2a6f4a4
--- /dev/null
+++ b/roles/_workstation/sysconf/tasks/main.yml
@@ -0,0 +1,54 @@
+
+# workstation ~~ roles/workstation/tasks/main.yml
+# init workstation
+
+---
+
+- name: retrieve BECOME method
+  stat: path=/usr/bin/doas 
+  register: ws_become
+
+- name: retrieve original user
+  shell: logname
+  register: ws_user
+
+- name: retrieve host facts
+  set_fact:
+    ansible_become_method: "{{ 'doas' if ws_become.stat.exists else 'sudo' }}"
+    ansible_become_user: root
+    ws_user: "{{ ws_user.stdout }}"
+
+- name: include distribution specific task
+  include_tasks: "_{{ ansible_distribution | lower }}.yml"
+  ignore_errors: true
+
+- name: generate doas configuration
+  lineinfile:
+    path: /etc/doas.conf
+    regexp: "^permit persist keepenv {{ ws_user }} as root"
+    line: "permit persist keepenv {{ ws_user }} as root"
+    owner: root
+    mode: 0644
+    create: true
+
+- name: start and enable pcscd service
+  service:
+    name: pcscd
+    state: started
+    enabled: true
+
+- name: check sudo binary path
+  shell: which sudo
+  register: sudo
+  ignore_errors: true
+
+- name: uninstall sudo binary
+  package:
+    name: sudo
+    state: absent
+  when: sudo.rc == 0
+  register: sudo
+  ignore_errors: true
+
+- name: setup dotfiles from upstream and user script
+  meta: end_host