From 14584986da9452314784f3d85eca2711680d14c4 Mon Sep 17 00:00:00 2001 From: Scott Wallace Date: Sun, 13 Jan 2019 17:59:56 +0000 Subject: [PATCH] Harden Firefox --- .../roles/linux_desktop/tasks/firefox.yaml | 34 +++++++++++++++++++ .ansible/roles/linux_desktop/tasks/main.yaml | 1 + 2 files changed, 35 insertions(+) create mode 100644 .ansible/roles/linux_desktop/tasks/firefox.yaml diff --git a/.ansible/roles/linux_desktop/tasks/firefox.yaml b/.ansible/roles/linux_desktop/tasks/firefox.yaml new file mode 100644 index 0000000..ff182ca --- /dev/null +++ b/.ansible/roles/linux_desktop/tasks/firefox.yaml @@ -0,0 +1,34 @@ +- name: 'Firefox: Set base path' + tags: + - config + - firefox + set_fact: + firefox_path: '~/.mozilla/firefox' + +- name: 'Firefox: Discover profile path' + tags: + - config + - firefox + set_fact: + profile_path: "{{ firefox_path }}/{{ lookup('ini', 'Path section=Profile0 file=' + firefox_path + '/profiles.ini') }}" + +- name: 'Firefox: Lockdown config (relaxed)' + tags: + - config + - firefox + block: + - name: 'Firefox: Download config' + get_url: + url: 'https://raw.githubusercontent.com/pyllyukko/user.js/relaxed/user.js' + dest: "{{ profile_path }}/user.js-lockdown" + mode: '0600' + force: yes + backup: yes + + - name: 'Firefox: Replace user.js' + copy: + src: "{{ profile_path }}/user.js-lockdown" + dest: "{{ profile_path }}/user.js" + mode: '0600' + force: yes + backup: yes diff --git a/.ansible/roles/linux_desktop/tasks/main.yaml b/.ansible/roles/linux_desktop/tasks/main.yaml index bcdf3f7..e43fe9c 100644 --- a/.ansible/roles/linux_desktop/tasks/main.yaml +++ b/.ansible/roles/linux_desktop/tasks/main.yaml @@ -1,3 +1,4 @@ - name: Linux desktop tasks import_tasks: software.yaml - import_tasks: config.yaml +- import_tasks: firefox.yaml