From 64b1e95e8e9c76592974c0c6b79a2289cb441e60 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Fri, 26 May 2023 19:17:34 -0400 Subject: [PATCH] Install the doas config on Linux. --- ansible/roles/base/tasks/common.yaml | 3 +- ansible/roles/doas/tasks/freebsd.yaml | 2 +- ansible/roles/doas/tasks/linux.yaml | 40 ++++++++------------------- 3 files changed, 14 insertions(+), 31 deletions(-) diff --git a/ansible/roles/base/tasks/common.yaml b/ansible/roles/base/tasks/common.yaml index 80e47f3..6d0d709 100644 --- a/ansible/roles/base/tasks/common.yaml +++ b/ansible/roles/base/tasks/common.yaml @@ -27,7 +27,8 @@ src: "/usr/share/zoneinfo/{{ timezone|default('UTC') }}" dest: /etc/localtime owner: root - group: root + # TODO: Arch Linux is changing the group to root instead of wheel. Maybe make this a variable? + group: wheel state: link - name: Install scripts diff --git a/ansible/roles/doas/tasks/freebsd.yaml b/ansible/roles/doas/tasks/freebsd.yaml index 42cb6d9..70592be 100644 --- a/ansible/roles/doas/tasks/freebsd.yaml +++ b/ansible/roles/doas/tasks/freebsd.yaml @@ -2,7 +2,7 @@ copy: src: "files/{{ item.src }}" dest: "{{ item.dest }}" - mode: 0644 + mode: 0400 owner: root group: wheel validate: "doas -C %s" diff --git a/ansible/roles/doas/tasks/linux.yaml b/ansible/roles/doas/tasks/linux.yaml index 43ba876..8994956 100644 --- a/ansible/roles/doas/tasks/linux.yaml +++ b/ansible/roles/doas/tasks/linux.yaml @@ -1,29 +1,11 @@ -# - name: Build aur packages -# register: buildaur -# become_user: "{{ build_user.name }}" -# command: "aurutils-sync --no-view {{ item }}" -# args: -# creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*" -# loop: -# - foo - -# - name: Update cache -# when: buildaur.changed -# pacman: -# name: [] -# state: present -# update_cache: true - -# - name: Install packages -# package: -# name: -# - foo -# state: present - -# - name: Enable services -# systemd: -# enabled: yes -# name: "{{ item }}" -# daemon_reload: yes -# loop: -# - foo.service +- name: Install Configuration + copy: + src: "files/{{ item.src }}" + dest: "{{ item.dest }}" + mode: 0400 + owner: root + group: wheel + validate: "doas -C %s" + loop: + - src: doas.conf + dest: /etc/doas.conf