aboutsummaryrefslogblamecommitdiffstats
path: root/roles/_workstation/sysconf/tasks/main.yml
blob: 253cacdd13242c83656f726bb4623ec3c3e06780 (plain) (tree)
1
2
3
4
5
6
7
8
9

                                                 
                  


   
                                          

                                                          
 


                                   

                                                                         



                










                                                                               





                                      

                              

                                             




                             
                      

                     

# workstation ~~ roles/workstation/tasks/main.yml
# init workstation

---

- name: include distribution specific task
  include_tasks: "_{{ ansible_distribution | lower }}.yml"
  ignore_errors: true

- name: generate doas configuration
  lineinfile:
    path: /etc/doas.conf
    regexp: "^permit persist keepenv {{ _workstation_env_user }} as root"
    line: "permit persist keepenv {{ _workstation_env_user }} as root"
    owner: root
    mode: 0644
    create: true

- name: allow reboot/shutdown/hibernate with doas
  lineinfile:
    path: /etc/doas.conf
    regexp: "^permit nopass {{ _workstation_env_user }} as root cmd {{ item }}"
    line: "permit nopass {{ _workstation_env_user }} as root cmd {{ item }}"
  loop:
    - zzz
    - ZZZ
    - reboot
    - shutdown

- name: start and enable pcscd service
  service:
    name: pcscd
    state: started
    enabled: true

- name: check sudo binary path
  shell: which sudo
  register: result
  failed_when: result.rc | string not in "02"

- name: uninstall sudo binary
  package:
    name: sudo
    state: absent
  when: result.rc == 0
  register: sudo
  ignore_errors: true
remember that computers suck.