blob: 6b8d28ffe6ad8c05c6dd15204bb5a90c6197dadd (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
# workstation ~~ roles/workstation/tasks/main.yml
# init workstation
---
- name: retrieve BECOME method
stat: path=/usr/bin/doas
register: ws_become
- name: retrieve original user
shell: logname
register: ws_user
- name: retrieve host facts
set_fact:
ansible_become_method: "{{ 'doas' if ws_become.stat.exists else 'sudo' }}"
ansible_become_user: root
ws_user: "{{ ws_user.stdout }}"
- name: include distribution specific task
include_tasks: "_{{ ansible_distribution | lower }}.yml"
ignore_errors: true
- name: generate doas configuration
lineinfile:
path: /etc/doas.conf
regexp: "^permit persist keepenv {{ ws_user }} as root"
line: "permit persist keepenv {{ ws_user }} as root"
owner: root
mode: 0644
create: true
- name: check sudo binary path
shell: which sudo
register: sudo
ignore_errors: true
- name: uninstall sudo binary
package:
name: sudo
state: absent
when: sudo.rc == 0
register: sudo
ignore_errors: true
- name: setup dotfiles from upstream and user script
meta: end_host
|
