dotfiles/tasks/security.yml

42 lines
866 B
YAML
Raw Normal View History

2019-03-14 21:34:29 +00:00
- name: "Install security-related packages"
aur:
skip_installed: true
name: "{{ item }}"
become: true
become_user: aur_builder
when: "item not in installed_packages.stdout_lines"
with_items:
2019-05-27 15:30:48 +01:00
- 'enpass-bin'
2019-05-26 19:00:49 +01:00
- 'opensnitch-git'
2019-03-14 21:34:29 +00:00
- 'qomui'
- 'wireguard-arch'
- 'wireguard-tools'
2019-05-25 16:50:09 +01:00
- name: Install assh config
copy:
2019-03-14 21:34:29 +00:00
src: ./files/assh.yml
2019-05-25 00:21:47 +01:00
dest: "{{ home }}/.ssh/assh.yml"
mode: 0644
owner: "{{ user }}"
2019-05-26 19:00:49 +01:00
- name: "Create opensnitch config directory"
file:
path: '{{ home }}/.opensnitch/'
state: directory
owner: "{{ user }}"
mode: 0755
2019-05-25 16:50:09 +01:00
- name: Install opensnitch config
copy:
2019-05-25 00:21:47 +01:00
src: ./files/opensnitch.json
dest: "{{ home }}/.opensnitch/ui-config.json"
2019-03-14 21:34:29 +00:00
mode: 0644
owner: "{{ user }}"
2019-05-25 10:15:53 +01:00
2019-05-25 16:50:09 +01:00
- name: Enable opensnitch
2019-05-26 11:52:41 +01:00
systemd:
2019-05-25 10:15:53 +01:00
name: "opensnitchd"
enabled: true
2019-05-26 11:52:41 +01:00
state: started