aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--playbooks/workstation.yml2
-rw-r--r--roles/_workstation/env/tasks/main.yml8
-rw-r--r--roles/_workstation/packages/defaults/main.yml2
-rw-r--r--roles/_workstation/sysconf/tasks/_void.yml3
-rw-r--r--roles/_workstation/sysconf/tasks/main.yml11
5 files changed, 16 insertions, 10 deletions
diff --git a/playbooks/workstation.yml b/playbooks/workstation.yml
index a2722db..6363a71 100644
--- a/playbooks/workstation.yml
+++ b/playbooks/workstation.yml
@@ -15,7 +15,7 @@
tags: sshdns
- role: _workstation/env
- tags: env
+ tags: env, always
- role: _workstation/packages
tags: packages
diff --git a/roles/_workstation/env/tasks/main.yml b/roles/_workstation/env/tasks/main.yml
index 35342df..3c54210 100644
--- a/roles/_workstation/env/tasks/main.yml
+++ b/roles/_workstation/env/tasks/main.yml
@@ -8,14 +8,6 @@
stat: path=/usr/bin/doas
register: _workstation_env_become
-- name: retrieve original user
- shell: logname
- register: _workstation_env_user
-
-- name: register username original user
- set_fact:
- _workstation_env_user: "{{ _workstation_env_user.stdout }}"
-
- name: retrieve host facts
set_fact:
#ansible_become_method: "{{ 'doas' if _workstation_env_become.stat.exists else 'sudo' }}"
diff --git a/roles/_workstation/packages/defaults/main.yml b/roles/_workstation/packages/defaults/main.yml
index e299c30..dc1f6c5 100644
--- a/roles/_workstation/packages/defaults/main.yml
+++ b/roles/_workstation/packages/defaults/main.yml
@@ -50,6 +50,7 @@ pkgs:
- docker-compose
- emacs
- opendoas
+ - openntpd
- pulseaudio
- wireguard-tools
@@ -92,6 +93,7 @@ pkgs:
- pcsc-tools
void:
+ - alsa-plugins-pulseaudio
- base-devel
- gnupg2
- seatd
diff --git a/roles/_workstation/sysconf/tasks/_void.yml b/roles/_workstation/sysconf/tasks/_void.yml
index 058f7c3..e05e2ef 100644
--- a/roles/_workstation/sysconf/tasks/_void.yml
+++ b/roles/_workstation/sysconf/tasks/_void.yml
@@ -13,9 +13,10 @@
- name: append current user to system groups
user:
name: "{{ _workstation_env_user }}"
- group: "{{ item }}"
+ groups: "{{ item }}"
append: true
loop:
- _seatd
- audio
- video
+ - wheel
diff --git a/roles/_workstation/sysconf/tasks/main.yml b/roles/_workstation/sysconf/tasks/main.yml
index 0f61550..253cacd 100644
--- a/roles/_workstation/sysconf/tasks/main.yml
+++ b/roles/_workstation/sysconf/tasks/main.yml
@@ -17,6 +17,17 @@
mode: 0644
create: true
+- name: allow reboot/shutdown/hibernate with doas
+ lineinfile:
+ path: /etc/doas.conf
+ regexp: "^permit nopass {{ _workstation_env_user }} as root cmd {{ item }}"
+ line: "permit nopass {{ _workstation_env_user }} as root cmd {{ item }}"
+ loop:
+ - zzz
+ - ZZZ
+ - reboot
+ - shutdown
+
- name: start and enable pcscd service
service:
name: pcscd
remember that computers suck.