Skip to content

Instantly share code, notes, and snippets.

@MTecknology

MTecknology/ansible_handlers_main.yml

Last active January 22, 2025 03:55
Show Gist options
  • Save MTecknology/84e6528d4b3f91ec2df99361389621ff to your computer and use it in GitHub Desktop.
Save MTecknology/84e6528d4b3f91ec2df99361389621ff to your computer and use it in GitHub Desktop.
Download ZIP
Salt vs. Ansible
Raw
ansible_handlers_main.yml
- name: Restart polkit service
listen: restart-polkit
ansible.builtin.service:
name: polkit
state: restarted
when: "'container' not in ansible_virtualization_tech_guest"
Raw
ansible_tasks_main.yml
- name: Ensure polkit is installed
ansible.builtin.package:
name: policykit-1
state: present
- name: Manage polkit configuration files
ansible.posix.synchronize:
src: localauthority
dest: /etc/polkit-1/
rsync_opts:
- "--exclude=.gitkeep"
archive: false
recursive: true
delete: true
notify: restart-polkit
- name: Configure permissions on synchronized polkit files
ansible.builtin.file:
path: /etc/polkit-1/localauthority
recurse: true
owner: root
group: root
mode: "0640"
notify: restart-polkit
- name: Ensure /etc/polkit-1/rules.d is absent
ansible.builtin.file:
path: /etc/polkit-1/rules.d
state: absent
notify: restart-polkit
- name: Ensure polkit service is running
ansible.builtin.service:
name: polkit
state: started
enabled: true
when: "'container' not in ansible_virtualization_tech_guest"
Raw
salt.sls
polkit:
pkg.installed:
- name: policykit-1
file.recurse:
- name: /etc/polkit-1/localauthority
- source: salt://polkit/localauthority
- exclude_pat: "*/.gitkeep"
- include_empty: True
- file_mode: "0640"
- dir_mode: "0750"
- clean: True
- require:
- pkg: polkit
{% if not salt.chroot.in_chroot() %}
service.running:
- name: polkit
- enable: True
- require:
- pkg: polkit
- watch:
- file: polkit
- file: /etc/polkit-1/rules.d
{% endif %}
/etc/polkit-1/rules.d:
file.absent:
- require:
- pkg: polkit
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment