roles/deadswitch: role is now idempotent

README.md

@@ -8,13 +8,18 @@ This is my failsafe (and also my helpful migration tool) for restoring the OpenP
     - cron job for grabbing the `HEAD` of https://github.com/CPunch/openpunk && building the hugo site
 - tor mirror
 - nginx (for the above mentioned)
+    - certbot's Let's Encrypt
 - my shell theme (zsh + powerlevel10k)
 - deadswitch (& the ssh + git config to allow pushes)
 
 This playbook assumes the target VPS is running the latest debian stable release.
 
 ## Notes to my future self
-The deadswitch has the deadtrigger setup every run, so you have a 14-day timer to add a one-liner to your crontab to keep that deadtrigger set.
+Add this to your local machine's crontab:
+
+```sh
+ssh openpunk 'touch /root/.deadtrigger'
+```
 
 Some DNS records also need to be set:
 - an A record with a `git.*` subdomain

roles/deadswitch/tasks/main.yml

@@ -22,11 +22,17 @@
     dest: /root/deadman/dead.patch
     mode: u+rw
 
-# TODO: make idempotent
+# TODO: deadtrigger path should be a variable, no?
+- name: Check deadtrigger
+  stat:
+    path: /root/.deadtrigger
+  register: deadstat
+
 - name: Install deadtrigger
   file:
-    name: /root/.deadtrigger
+    path: /root/.deadtrigger
     state: touch
+  when: deadstat.stat.exists == false
 
 # Run deadswitch daily at 1am
 - name: Install deadlock cronjob