aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorbinary <me@rgoncalves.se>2021-02-20 18:29:00 +0100
committerbinary <me@rgoncalves.se>2021-02-20 18:29:00 +0100
commit8913825485d687e6b07454d7bb226a8b5d909433 (patch)
treef3e783f1323d0280c2bcebd5d1cdcf4c29486219 /roles
parent2a0a4d8e2c97c1a3668c82a816dbd0b3129da3d2 (diff)
downloadinfrastructure-8913825485d687e6b07454d7bb226a8b5d909433.tar.gz
Deprecate sudo for doas/opendoas
Diffstat (limited to 'roles')
-rw-r--r--roles/workstation/tasks/main.yml24
-rw-r--r--roles/workstation/vars/main.yml9
2 files changed, 28 insertions, 5 deletions
diff --git a/roles/workstation/tasks/main.yml b/roles/workstation/tasks/main.yml
index 2789c9b..6b8d28f 100644
--- a/roles/workstation/tasks/main.yml
+++ b/roles/workstation/tasks/main.yml
@@ -16,11 +16,33 @@
set_fact:
ansible_become_method: "{{ 'doas' if ws_become.stat.exists else 'sudo' }}"
ansible_become_user: root
- ws_user: ws_user.results.stdout
+ ws_user: "{{ ws_user.stdout }}"
- name: include distribution specific task
include_tasks: "_{{ ansible_distribution | lower }}.yml"
ignore_errors: true
+- name: generate doas configuration
+ lineinfile:
+ path: /etc/doas.conf
+ regexp: "^permit persist keepenv {{ ws_user }} as root"
+ line: "permit persist keepenv {{ ws_user }} as root"
+ owner: root
+ mode: 0644
+ create: true
+
+- name: check sudo binary path
+ shell: which sudo
+ register: sudo
+ ignore_errors: true
+
+- name: uninstall sudo binary
+ package:
+ name: sudo
+ state: absent
+ when: sudo.rc == 0
+ register: sudo
+ ignore_errors: true
+
- name: setup dotfiles from upstream and user script
meta: end_host
diff --git a/roles/workstation/vars/main.yml b/roles/workstation/vars/main.yml
index c07c363..0c0fd33 100644
--- a/roles/workstation/vars/main.yml
+++ b/roles/workstation/vars/main.yml
@@ -7,7 +7,6 @@
pkgs_common:
# desktop (backup over dwm)
- bemenu
- - i3
- i3status
# editor
- neovim
@@ -38,12 +37,12 @@ pkgs_common:
- zsh
pkgs_archlinux:
- # devel
- - base-devel
+ # desktop
+ - i3-wm
# editor
- emacs
# sys
- - base
+ - opendoas
# python
- python-jedi
- python-neovim
@@ -53,6 +52,8 @@ pkgs_archlinux:
- wireguard-dkms
pkgs_openbsd:
+ # desktop
+ - i3
# devel
- automake--%1.16
- clang-tools-extra
remember that computers suck.