hannes/dotfiles
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: hannes:a34ab937e582e171f00361304cffb6ff6b0f8cb1
Branches Tags
hannes:master hannes:test2
...
compare: hannes:146cbf39b7b0b92e32a1178435ccf6aa5a144dec
Branches Tags
hannes:master hannes:test2

4 Commits
a34ab937e5 ... 146cbf39b7

Author SHA1 Message Date
Hannes Körber
146cbf39b7 Configure libvirt properly 2024-10-02 23:45:53 +02:00
Hannes Körber
59d9c95224 services: Make unit suffix explicit 2024-10-02 23:45:53 +02:00
Hannes Körber
9330040e00 dotfiles-directory: Rework permission assertion 2024-10-02 23:45:53 +02:00
Hannes Körber
34ad7579f1 Remove unused conditional 2024-10-02 23:18:18 +02:00
1 changed files with 78 additions and 11 deletions
Expand all files Collapse all files

89
playbook.yml
View File

@@ -136,17 +136,29 @@
become: true
become_user: root
- name: fix permissions for dotfiles directory
- name: fix group for dotfiles directory
shell: |
chown --changes --recursive dotfiles:dotfiles .
chmod --changes --recursive g+rwX .
chgrp --changes --recursive dotfiles . | grep -v "changed group of './.git/index'"
args:
executable: /bin/bash
chdir: /var/lib/dotfiles
register: dotfiles_group_change
become: true
become_user: root
failed_when: dotfiles_group_change.rc not in (0, 1)
changed_when: dotfiles_group_change.rc == 0 # == lines selected, i.e. some output
- name: fix group permissions for dotfiles directory
shell: |
chmod --changes --recursive g+rwX . | grep -v "mode of './.git/index'"
args:
executable: /bin/bash
chdir: /var/lib/dotfiles
register: dotfiles_permission_change
become: true
become_user: root
changed_when: dotfiles_permission_change.stdout_lines|length > 0
failed_when: dotfiles_permission_change.rc not in (0, 1)
changed_when: dotfiles_permission_change.rc == 0 # == lines selected, i.e. some output
- name: packages
tags:
@@ -514,28 +526,78 @@
notify:
- rebuild initrd
- name: libvirtd
tags:
- libvirtd
# Arch defaults to systemd socket activation. Hate that stuff, just run the
# damn daemon (so I notice early when something is wrong, not just when I
# want to use it).
block:
- name: mask sockets
service:
state: stopped
enabled: false
masked: true
name: "{{ item }}"
loop:
- libvirtd.socket
- libvirtd-tls.socket
- libvirtd-tcp.socket
- libvirtd-ro.socket
- libvirtd-admin.socket
become: true
# the libvirtd unit file contains the following setting:
#
# Environment=LIBVIRTD_ARGS="--timeout 120"
#
# This will make libvirtd stop after 120 seconds without connections or running
# domains. To convince the daemon to just keep being a daemon, this needs to be
# removed. Fortunately, the unit also contains the following:
#
# EnvironmentFile=-/etc/conf.d/libvirtd
#
# And `EnvironmentFile` trumps `Environment`. Otherwise we'd need to do some
# damn systemd override shenanigans.
- name: configure libvirtd env variable override
copy:
owner: root
group: root
mode: "0600"
dest: /etc/conf.d/libvirtd
content: |
LIBVIRTD_ARGS=
become: true
notify:
- restart libvirtd
- name: enable libvirtd
service:
state: started
enabled: true
name: libvirtd.service
become: true
- name: services
tags:
- services
block:
- set_fact:
disable_services:
- sshd.service
- sshd
- name: disable services
service:
state: stopped
enabled: false
name: "{{ item }}"
name: "{{ item }}.service"
with_items: "{{ disable_services }}"
become: true
when: manage_services|default(true)|bool
- set_fact:
enable_services:
- NetworkManager
- docker
- libvirtd
- systemd-timesyncd
- pcscd
@@ -543,10 +605,9 @@
service:
state: started
enabled: true
name: "{{ item }}"
name: "{{ item }}.service"
with_items: "{{ enable_services }}"
become: true
when: manage_services|default(true)|bool
- name: get systemd boot target
command: systemctl get-default
@@ -638,7 +699,7 @@
state: present
become: true
when: machine.cpu == 'intel'
when:
- machine.cpu is defined
@@ -758,3 +819,9 @@
name: systemd-journald
state: restarted
become: true
- name: restart libvirtd
service:
name: libvirtd
state: restarted
become: true