dotfiles/tasks/security.yml
2019-05-26 11:52:41 +01:00

32 lines
696 B
YAML

- name: "Install security-related packages"
aur:
skip_installed: true
name: "{{ item }}"
become: true
become_user: aur_builder
when: "item not in installed_packages.stdout_lines"
with_items:
- 'qomui'
- 'wireguard-arch'
- 'wireguard-tools'
- 'opensnitch-git'
- name: Install assh config
copy:
src: ./files/assh.yml
dest: "{{ home }}/.ssh/assh.yml"
mode: 0644
owner: "{{ user }}"
- name: Install opensnitch config
copy:
src: ./files/opensnitch.json
dest: "{{ home }}/.opensnitch/ui-config.json"
mode: 0644
owner: "{{ user }}"
- name: Enable opensnitch
systemd:
name: "opensnitchd"
enabled: true
state: started