initial commit of role

2025-04-03 14:44:21 +02:00
parent ac27a0c9db
commit e59fc5f9a8
3 changed files with 154 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,68 @@
+# SPDX-FileCopyrightText: 2025 Max Mehl <https://mehl.mx>
+#
+# SPDX-License-Identifier: Apache-2.0
+
+---
+- name: Set template file name
+  ansible.builtin.set_fact:
+    template: "{{ service }}.service.j2"
+  when: template is not defined
+
+- name: Install required dependencies
+  ansible.builtin.apt:
+    pkg:
+      - systemd-container # necessary to use machinectl become_method
+    install_recommends: false
+
+- name: Register user info of {{ user }}
+  ansible.builtin.user:
+    name: "{{ user }}"
+  check_mode: true
+  register: user_info
+
+- name: Ensure user systemd directory exists
+  ansible.builtin.file:
+    path: "{{ user_info.home }}/.config/systemd/user/"
+    state: directory
+    mode: "0755"
+    owner: "{{ user }}"
+    group: "{{ user }}"
+
+- name: Ensure systemd service file is present (template)
+  ansible.builtin.template:
+    src: "{{ template }}"
+    dest: "{{ user_info.home }}/.config/systemd/user/{{ service }}.service"
+    mode: "0644"
+    owner: "{{ user }}"
+    group: "{{ user }}"
+  when: copy_file is not defined
+
+- name: Ensure systemd service file is present (copy)
+  ansible.builtin.copy:
+    src: "{{ copy_file }}"
+    dest: "{{ user_info.home }}/.config/systemd/user/{{ service }}.service"
+    mode: "0644"
+    owner: "{{ user }}"
+    group: "{{ user }}"
+  when: copy_file is defined
+
+- name: "Check whether user is lingering: {{ user }}"
+  ansible.builtin.stat:
+    path: "/var/lib/systemd/linger/{{ user }}"
+  register: user_lingering
+
+- name: Ensure systemd lingering is enabled for user {{ user }}
+  ansible.builtin.command: loginctl enable-linger {{ user }}
+  changed_when: false
+  when: not user_lingering.stat.exists
+
+- name: Ensure systemd service is running and enabled
+  ansible.builtin.systemd_service:
+    name: "{{ service }}"
+    state: "{{ systemd_state }}"
+    enabled: "{{ systemd_enabled }}"
+    daemon_reload: "{{ systemd_daemon_reload }}"
+    scope: user
+  become: true
+  become_user: "{{ user }}"
+  become_method: community.general.machinectl # in order to get XDG_RUNTIME_DIR and user's DBUS session