scott/dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
dotfiles/.ansible/roles/linux_desktop/tasks/config.yaml
Scott Wallace b684bd25ea Remove the management of Wireguard service. 
The local OS can take care of it.
2019-10-15 07:59:37 +01:00

126 lines
3.3 KiB
YAML
Raw Blame History

- name: 'DNS: Enable DNSSEC'
tags:
- config
- dns
block:
- name: 'DNS: Enable DNSSEC configuration'
lineinfile:
path: '/etc/systemd/resolved.conf'
state: present
regexp: 'DNSSEC='
line: '#DNSSEC=allow-downgrade'
become: true
- name: 'DNS: Restart resolver'
systemd:
name: systemd-resolved
state: restarted
become: true
# - name: 'IPv6: Privacy'
# tags:
# - config
# - ipv6
# block:
# - name: 'IPv6: Privacy: Temporary addressing defaults'
# lineinfile:
# path: '/etc/ufw/sysctl.conf'
# state: present
# regexp: "net/ipv6/conf/{{ item }}/use_tempaddr"
# line: "net/ipv6/conf/{{ item }}/use_tempaddr=2"
# loop: ['default', 'all']
# become: true
# - name: 'IPv6: Privacy: Detect interfaces'
# shell: 'nmcli -t connection show | cut -f2 -d:'
# register: nmcli_connections
# - name: 'IPv6: Privacy: Network Manager enforcement'
# command: "nmcli connection modify uuid {{ item }} ipv6.ip6-privacy 2"
# loop: "{{ nmcli_connections.stdout_lines }}"
- name: 'Wireguard'
tags:
- config
- wireguard
block:
- set_fact:
wgconfig_path: /etc/wireguard/wg0.conf
- name: 'Wireguard: Check for existing configuration'
stat:
path: "{{ wgconfig_path }}"
register: wgconfig
- name: 'Wireguard: Create configuration template'
copy:
dest: "{{ wgconfig_path }}"
src: files/wireguard.conf
mode: '0400'
when: not wgconfig.stat.exists
become: true
- name: 'Wireguard: Fix configuration permissions'
file:
state: file
path: "{{ wgconfig_path }}"
mode: '0400'
owner: 'root'
group: 'root'
become: true
- name: 'Config: Checkout some repositories for local config'
tags:
- config
- repos
git:
repo: "{{ item.repo }}"
dest: "{{ item.dest }}"
loop: "{{ config_repos }}"
- name: 'Conky: Configuration'
tags:
- config
- conky
template:
src: 'templates/conkyrc.j2'
dest: '~/.conkyrc'
mode: '0400'
- name: 'Gnome: Custom key bindings: Add'
tags:
- config
- keybindings
block:
- name: 'Gnome: Custom key bindings: Set facts'
set_fact:
customkbpath: '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings'
kblist: []
- name: 'Gnome: Custom key bindings: Build list'
set_fact:
kblist: "{{ kblist + [ ( customkbpath + '/custom' + index | string + '/' ) | to_json ] }}"
loop: "{{ gnome_custom_keybindings }}"
loop_control:
index_var: index
label: "{{ item.name }}"
- name: 'Gnome: Custom key bindings: Configure list'
command: "dconf write {{ customkbpath }} [{{ kblist | join(',') | quote }}]"
- include: includes/keybindings.yaml
loop: "{{ gnome_custom_keybindings }}"
loop_control:
index_var: index
- name: 'Shell: Clipboard aliases'
tags:
- config
- shell
copy:
content: |
[[ -x /usr/bin/copyq ]] && function pbpaste() { /usr/bin/copyq clipboard; } && export -f pbpaste
[[ -x /usr/bin/copyq ]] && function pbcopy() { /usr/bin/copyq add -; } && export -f pbcopy
dest: '~/.bashrc.d/alias.clipboard'
mode: '0400'
Reference in a new issue View git blame Copy permalink