From 5cdc63e35a6e9b1f3f405c6670401ff6e89d919b Mon Sep 17 00:00:00 2001 From: CPunch Date: Wed, 18 Jan 2023 01:10:40 -0600 Subject: [PATCH] roles/deadswitch: role is now idempotent --- README.md | 7 ++++++- roles/deadswitch/tasks/main.yml | 10 ++++++++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b020225..686cf0a 100644 --- a/README.md +++ b/README.md @@ -8,13 +8,18 @@ This is my failsafe (and also my helpful migration tool) for restoring the OpenP - cron job for grabbing the `HEAD` of https://github.com/CPunch/openpunk && building the hugo site - tor mirror - nginx (for the above mentioned) + - certbot's Let's Encrypt - my shell theme (zsh + powerlevel10k) - deadswitch (& the ssh + git config to allow pushes) This playbook assumes the target VPS is running the latest debian stable release. ## Notes to my future self -The deadswitch has the deadtrigger setup every run, so you have a 14-day timer to add a one-liner to your crontab to keep that deadtrigger set. +Add this to your local machine's crontab: + +```sh +ssh openpunk 'touch /root/.deadtrigger' +``` Some DNS records also need to be set: - an A record with a `git.*` subdomain diff --git a/roles/deadswitch/tasks/main.yml b/roles/deadswitch/tasks/main.yml index 19f145b..9e900be 100644 --- a/roles/deadswitch/tasks/main.yml +++ b/roles/deadswitch/tasks/main.yml @@ -22,11 +22,17 @@ dest: /root/deadman/dead.patch mode: u+rw -# TODO: make idempotent +# TODO: deadtrigger path should be a variable, no? +- name: Check deadtrigger + stat: + path: /root/.deadtrigger + register: deadstat + - name: Install deadtrigger file: - name: /root/.deadtrigger + path: /root/.deadtrigger state: touch + when: deadstat.stat.exists == false # Run deadswitch daily at 1am - name: Install deadlock cronjob