From 254138315446a186a14080353eec3ca0748eb9e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Romain=20Gon=C3=A7alves?= <me@rgoncalves.se>
Date: Sun, 4 Apr 2021 10:59:09 +0000
Subject: Tinker doas and user for musl systems

---
 roles/_workstation/sysconf/tasks/_void.yml |  3 ++-
 roles/_workstation/sysconf/tasks/main.yml  | 11 +++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

(limited to 'roles/_workstation/sysconf/tasks')

diff --git a/roles/_workstation/sysconf/tasks/_void.yml b/roles/_workstation/sysconf/tasks/_void.yml
index 058f7c3..e05e2ef 100644
--- a/roles/_workstation/sysconf/tasks/_void.yml
+++ b/roles/_workstation/sysconf/tasks/_void.yml
@@ -13,9 +13,10 @@
 - name: append current user to system groups
   user:
     name: "{{ _workstation_env_user }}"
-    group: "{{ item }}"
+    groups: "{{ item }}"
     append: true
   loop:
     - _seatd
     - audio
     - video
+    - wheel
diff --git a/roles/_workstation/sysconf/tasks/main.yml b/roles/_workstation/sysconf/tasks/main.yml
index 0f61550..253cacd 100644
--- a/roles/_workstation/sysconf/tasks/main.yml
+++ b/roles/_workstation/sysconf/tasks/main.yml
@@ -17,6 +17,17 @@
     mode: 0644
     create: true
 
+- name: allow reboot/shutdown/hibernate with doas
+  lineinfile:
+    path: /etc/doas.conf
+    regexp: "^permit nopass {{ _workstation_env_user }} as root cmd {{ item }}"
+    line: "permit nopass {{ _workstation_env_user }} as root cmd {{ item }}"
+  loop:
+    - zzz
+    - ZZZ
+    - reboot
+    - shutdown
+
 - name: start and enable pcscd service
   service:
     name: pcscd
-- 
cgit v1.2.3