From 9faf348aa77e825b29a76e31fb2254a1f4e8c827 Mon Sep 17 00:00:00 2001 From: NaeiKinDus Date: Tue, 21 Nov 2023 16:53:13 +0000 Subject: [PATCH] feat(workstation): improved installation for authenticator and added the... --- .../roles/workstation/tasks/main.yml | 56 +++++++++++++++---- .../workstation/templates/desktop_app.j2 | 8 +++ 2 files changed, 54 insertions(+), 10 deletions(-) create mode 100644 collections/ansible_collections/nullified/infrastructure/roles/workstation/templates/desktop_app.j2 diff --git a/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml b/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml index 448c0ea..e804ad7 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml @@ -142,31 +142,54 @@ - { src: "../templates/.config/terminator", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" } - { src: "../templates/.config/vlc", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" } +- name: '[authenticator] find if binary is already installed' + ansible.builtin.file: + path: /opt/yubico-authenticator/authenticator + register: authenticator_stat + changed_when: false + failed_when: false + - name: '[yubico] install authenticator' become: true + when: authenticator_stat.state is match("absent") block: - - name: '[yubico] fetch latest authenticator source' - ansible.builtin.get_url: - url: https://developers.yubico.com/yubioath-flutter/Releases/yubico-authenticator-latest-linux.tar.gz - dest: /tmp/yubico-authenticator-latest-linux.tar.gz - mode: '0640' - - name: '[yubico] prepare target directory' - file: - path: /opt/yubico-authenticator + ansible.builtin.file: + path: "{{ item }}" owner: "{{ workstation_user_account }}" group: "{{ workstation_user_account }}" mode: '0750' state: directory + loop: + - /tmp/yubico-unarchive + - /opt/yubico-authenticator - name: '[yubico] extract data' ansible.builtin.unarchive: - src: /tmp/yubico-authenticator-latest-linux.tar.gz + src: https://developers.yubico.com/yubioath-flutter/Releases/yubico-authenticator-latest-linux.tar.gz remote_src: true + dest: /tmp/yubico-unarchive + owner: "{{ workstation_user_account }}" + group: "{{ workstation_user_account }}" + + - name: '[yubico] find extracted directory' + ansible.builtin.command: + cmd: find /tmp/yubico-unarchive -mindepth 1 -maxdepth 1 + register: yubico_extract_path + changed_when: false + + - name: '[yubico] move extracted data to final dir' + copy: + remote_src: true + src: "{{ yubico_extract_path.stdout }}/" dest: /opt/yubico-authenticator owner: "{{ workstation_user_account }}" group: "{{ workstation_user_account }}" - creates: /opt/yubico-authenticator/authenticator + + - name: '[yubico] cleanup' + ansible.builtin.file: + path: /tmp/yubico-unarchive + state: absent - name: '[yubico] create shell wrapper' ansible.builtin.template: @@ -178,4 +201,17 @@ vars: application: "/opt/yubico-authenticator/authenticator" + - name: '[yubico] create desktop entry' + template: + src: ../templates/desktop_app.j2 + dest: "{{ getent_passwd[workstation_user_account][4] }}/.local/share/applications/authenticator.desktop" + mode: '0600' + owner: "{{ workstation_user_account }}" + group: "{{ workstation_user_account }}" + vars: + application: + nodisplay: false + exec_cmd: "{{ getent_passwd[workstation_user_account][4] }}/.local/bin/authenticator" + name: "Authenticator" + - include_tasks: window_manager.yml diff --git a/collections/ansible_collections/nullified/infrastructure/roles/workstation/templates/desktop_app.j2 b/collections/ansible_collections/nullified/infrastructure/roles/workstation/templates/desktop_app.j2 new file mode 100644 index 0000000..1e970f5 --- /dev/null +++ b/collections/ansible_collections/nullified/infrastructure/roles/workstation/templates/desktop_app.j2 @@ -0,0 +1,8 @@ +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +NoDisplay={{ application.nodisplay }} +Exec={{ application.exec_cmd }} +Name={{ application.name }} +Comment={{ application.comment | default(application.name) }}