80 lines
2.7 KiB
YAML
80 lines
2.7 KiB
YAML
---
|
|
- name: Enable Systemd Services
|
|
when: os | lower not in ['alpine', 'void']
|
|
ansible.builtin.command: >
|
|
{{ chroot_command }} systemctl enable NetworkManager
|
|
{{ ' firewalld' if system_cfg.features.firewall.backend == 'firewalld' and system_cfg.features.firewall.enabled | bool else '' }}
|
|
{{ ' ufw' if system_cfg.features.firewall.backend == 'ufw' and system_cfg.features.firewall.enabled | bool else '' }}
|
|
{{
|
|
(' ssh' if is_debian | bool else ' sshd')
|
|
if system_cfg.features.ssh.enabled | bool else ''
|
|
}}
|
|
{{
|
|
'logrotate systemd-resolved systemd-timesyncd systemd-networkd'
|
|
if os | lower == 'archlinux' else ''
|
|
}}
|
|
register: configuration_enable_services_result
|
|
changed_when: configuration_enable_services_result.rc == 0
|
|
|
|
- name: Enable OpenRC services
|
|
when: os | lower == 'alpine'
|
|
vars:
|
|
configuration_openrc_services: >-
|
|
{{
|
|
['networking']
|
|
+ (['sshd'] if system_cfg.features.ssh.enabled | bool else [])
|
|
+ ([system_cfg.features.firewall.backend] if system_cfg.features.firewall.enabled | bool else [])
|
|
}}
|
|
block:
|
|
- name: Ensure OpenRC runlevel directory exists
|
|
ansible.builtin.file:
|
|
path: /mnt/etc/runlevels/default
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: Check OpenRC init scripts
|
|
ansible.builtin.stat:
|
|
path: "/mnt/etc/init.d/{{ item }}"
|
|
loop: "{{ configuration_openrc_services }}"
|
|
register: configuration_openrc_service_stats
|
|
changed_when: false
|
|
|
|
- name: Enable OpenRC services
|
|
ansible.builtin.file:
|
|
src: "/mnt/etc/init.d/{{ item.item }}"
|
|
dest: "/mnt/etc/runlevels/default/{{ item.item }}"
|
|
state: link
|
|
loop: "{{ configuration_openrc_service_stats.results }}"
|
|
when: item.stat.exists
|
|
|
|
- name: Enable runit services
|
|
when: os | lower == 'void'
|
|
vars:
|
|
configuration_runit_services: >-
|
|
{{
|
|
['dhcpcd']
|
|
+ (['sshd'] if system_cfg.features.ssh.enabled | bool else [])
|
|
+ ([system_cfg.features.firewall.backend] if system_cfg.features.firewall.enabled | bool else [])
|
|
}}
|
|
block:
|
|
- name: Ensure runit service directory exists
|
|
ansible.builtin.file:
|
|
path: /mnt/var/service
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: Check runit service definitions
|
|
ansible.builtin.stat:
|
|
path: "/mnt/etc/sv/{{ item }}"
|
|
loop: "{{ configuration_runit_services }}"
|
|
register: configuration_runit_service_stats
|
|
changed_when: false
|
|
|
|
- name: Enable runit services
|
|
ansible.builtin.file:
|
|
src: "/mnt/etc/sv/{{ item.item }}"
|
|
dest: "/mnt/var/service/{{ item.item }}"
|
|
state: link
|
|
loop: "{{ configuration_runit_service_stats.results }}"
|
|
when: item.stat.exists
|