77 lines
2.7 KiB
YAML
77 lines
2.7 KiB
YAML
---
|
|
- name: Enable systemd services
|
|
when: os not in ['alpine', 'void']
|
|
vars:
|
|
configuration_systemd_services: >-
|
|
{{
|
|
['NetworkManager']
|
|
+ (['firewalld'] if system_cfg.features.firewall.backend == 'firewalld' and system_cfg.features.firewall.enabled | bool else [])
|
|
+ (['ufw'] if system_cfg.features.firewall.backend == 'ufw' and system_cfg.features.firewall.enabled | bool else [])
|
|
+ ([('ssh' if is_debian | bool else 'sshd')] if system_cfg.features.ssh.enabled | bool else [])
|
|
+ (['logrotate', 'systemd-timesyncd'] if os == 'archlinux' else [])
|
|
}}
|
|
ansible.builtin.command: "{{ chroot_command }} systemctl enable {{ item }}"
|
|
loop: "{{ configuration_systemd_services }}"
|
|
register: configuration_enable_service_result
|
|
changed_when: configuration_enable_service_result.rc == 0
|
|
|
|
- name: Enable OpenRC services
|
|
when: os == 'alpine'
|
|
vars:
|
|
configuration_openrc_services: >-
|
|
{{
|
|
['networking']
|
|
+ (['sshd'] if system_cfg.features.ssh.enabled | bool else [])
|
|
+ ([system_cfg.features.firewall.backend] if system_cfg.features.firewall.enabled | bool else [])
|
|
}}
|
|
block:
|
|
- name: Ensure OpenRC runlevel directory exists
|
|
ansible.builtin.file:
|
|
path: /mnt/etc/runlevels/default
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: Check OpenRC init scripts
|
|
ansible.builtin.stat:
|
|
path: "/mnt/etc/init.d/{{ item }}"
|
|
loop: "{{ configuration_openrc_services }}"
|
|
register: configuration_openrc_service_stats
|
|
|
|
- name: Enable OpenRC services
|
|
ansible.builtin.file:
|
|
src: "/mnt/etc/init.d/{{ item.item }}"
|
|
dest: "/mnt/etc/runlevels/default/{{ item.item }}"
|
|
state: link
|
|
loop: "{{ configuration_openrc_service_stats.results }}"
|
|
when: item.stat.exists
|
|
|
|
- name: Enable runit services
|
|
when: os == 'void'
|
|
vars:
|
|
configuration_runit_services: >-
|
|
{{
|
|
['dhcpcd']
|
|
+ (['sshd'] if system_cfg.features.ssh.enabled | bool else [])
|
|
+ ([system_cfg.features.firewall.backend] if system_cfg.features.firewall.enabled | bool else [])
|
|
}}
|
|
block:
|
|
- name: Ensure runit service directory exists
|
|
ansible.builtin.file:
|
|
path: /mnt/var/service
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: Check runit service definitions
|
|
ansible.builtin.stat:
|
|
path: "/mnt/etc/sv/{{ item }}"
|
|
loop: "{{ configuration_runit_services }}"
|
|
register: configuration_runit_service_stats
|
|
|
|
- name: Enable runit services
|
|
ansible.builtin.file:
|
|
src: "/mnt/etc/sv/{{ item.item }}"
|
|
dest: "/mnt/var/service/{{ item.item }}"
|
|
state: link
|
|
loop: "{{ configuration_runit_service_stats.results }}"
|
|
when: item.stat.exists
|