From ef8bfeaf842e7d4e216ab38044c6dcb2ef38ea8a Mon Sep 17 00:00:00 2001 From: Sandwich Date: Fri, 20 Feb 2026 21:16:37 +0100 Subject: [PATCH] refactor(configuration): convert services.yml to list-based loop --- roles/configuration/tasks/services.yml | 30 ++++++++++++-------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/roles/configuration/tasks/services.yml b/roles/configuration/tasks/services.yml index 1f60bca..1c9753a 100644 --- a/roles/configuration/tasks/services.yml +++ b/roles/configuration/tasks/services.yml @@ -1,21 +1,19 @@ --- -# Single systemctl enable — atomic; individual failures abort the command -- name: Enable Systemd Services +- name: Enable systemd services when: os not in ['alpine', 'void'] - ansible.builtin.command: > - {{ chroot_command }} systemctl enable NetworkManager - {{ ' firewalld' if system_cfg.features.firewall.backend == 'firewalld' and system_cfg.features.firewall.enabled | bool else '' }} - {{ ' ufw' if system_cfg.features.firewall.backend == 'ufw' and system_cfg.features.firewall.enabled | bool else '' }} - {{ - (' ssh' if is_debian | bool else ' sshd') - if system_cfg.features.ssh.enabled | bool else '' - }} - {{ - ' logrotate systemd-timesyncd' - if os == 'archlinux' else '' - }} - register: configuration_enable_services_result - changed_when: configuration_enable_services_result.rc == 0 + vars: + configuration_systemd_services: >- + {{ + ['NetworkManager'] + + (['firewalld'] if system_cfg.features.firewall.backend == 'firewalld' and system_cfg.features.firewall.enabled | bool else []) + + (['ufw'] if system_cfg.features.firewall.backend == 'ufw' and system_cfg.features.firewall.enabled | bool else []) + + ([('ssh' if is_debian | bool else 'sshd')] if system_cfg.features.ssh.enabled | bool else []) + + (['logrotate', 'systemd-timesyncd'] if os == 'archlinux' else []) + }} + ansible.builtin.command: "{{ chroot_command }} systemctl enable {{ item }}" + loop: "{{ configuration_systemd_services }}" + register: configuration_enable_service_result + changed_when: configuration_enable_service_result.rc == 0 - name: Enable OpenRC services when: os == 'alpine'