diff options
| author | Romain Gonçalves <me@rgoncalves.se> | 2021-04-04 10:59:09 +0000 |
|---|---|---|
| committer | Romain Gonçalves <me@rgoncalves.se> | 2021-04-04 10:59:09 +0000 |
| commit | 254138315446a186a14080353eec3ca0748eb9e4 (patch) | |
| tree | e9a357394771d85a9615761a58b9775f692a0b97 /roles/_workstation | |
| parent | 1ba9c51c8c8e349ebe5e7b6dd7b48e7d1a2aa396 (diff) | |
| download | infrastructure-254138315446a186a14080353eec3ca0748eb9e4.tar.gz | |
Tinker doas and user for musl systems
Diffstat (limited to 'roles/_workstation')
| -rw-r--r-- | roles/_workstation/env/tasks/main.yml | 8 | ||||
| -rw-r--r-- | roles/_workstation/packages/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/_workstation/sysconf/tasks/_void.yml | 3 | ||||
| -rw-r--r-- | roles/_workstation/sysconf/tasks/main.yml | 11 |
4 files changed, 15 insertions, 9 deletions
diff --git a/roles/_workstation/env/tasks/main.yml b/roles/_workstation/env/tasks/main.yml index 35342df..3c54210 100644 --- a/roles/_workstation/env/tasks/main.yml +++ b/roles/_workstation/env/tasks/main.yml @@ -8,14 +8,6 @@ stat: path=/usr/bin/doas register: _workstation_env_become -- name: retrieve original user - shell: logname - register: _workstation_env_user - -- name: register username original user - set_fact: - _workstation_env_user: "{{ _workstation_env_user.stdout }}" - - name: retrieve host facts set_fact: #ansible_become_method: "{{ 'doas' if _workstation_env_become.stat.exists else 'sudo' }}" diff --git a/roles/_workstation/packages/defaults/main.yml b/roles/_workstation/packages/defaults/main.yml index e299c30..dc1f6c5 100644 --- a/roles/_workstation/packages/defaults/main.yml +++ b/roles/_workstation/packages/defaults/main.yml @@ -50,6 +50,7 @@ pkgs: - docker-compose - emacs - opendoas + - openntpd - pulseaudio - wireguard-tools @@ -92,6 +93,7 @@ pkgs: - pcsc-tools void: + - alsa-plugins-pulseaudio - base-devel - gnupg2 - seatd diff --git a/roles/_workstation/sysconf/tasks/_void.yml b/roles/_workstation/sysconf/tasks/_void.yml index 058f7c3..e05e2ef 100644 --- a/roles/_workstation/sysconf/tasks/_void.yml +++ b/roles/_workstation/sysconf/tasks/_void.yml @@ -13,9 +13,10 @@ - name: append current user to system groups user: name: "{{ _workstation_env_user }}" - group: "{{ item }}" + groups: "{{ item }}" append: true loop: - _seatd - audio - video + - wheel diff --git a/roles/_workstation/sysconf/tasks/main.yml b/roles/_workstation/sysconf/tasks/main.yml index 0f61550..253cacd 100644 --- a/roles/_workstation/sysconf/tasks/main.yml +++ b/roles/_workstation/sysconf/tasks/main.yml @@ -17,6 +17,17 @@ mode: 0644 create: true +- name: allow reboot/shutdown/hibernate with doas + lineinfile: + path: /etc/doas.conf + regexp: "^permit nopass {{ _workstation_env_user }} as root cmd {{ item }}" + line: "permit nopass {{ _workstation_env_user }} as root cmd {{ item }}" + loop: + - zzz + - ZZZ + - reboot + - shutdown + - name: start and enable pcscd service service: name: pcscd |