roles/deadswitch: role is now idempotent

2024-11-21 23:10:05 +00:00 · 2023-01-18 01:10:40 -06:00 · 2023-01-18 01:10:40 -06:00 · 5cdc63e35a
commit 5cdc63e35a
parent 1747125b67
2 changed files with 14 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -8,13 +8,18 @@ This is my failsafe (and also my helpful migration tool) for restoring the OpenP
    - cron job for grabbing the `HEAD` of https://github.com/CPunch/openpunk && building the hugo site
 - tor mirror
 - nginx (for the above mentioned)
+    - certbot's Let's Encrypt
 - my shell theme (zsh + powerlevel10k)
 - deadswitch (& the ssh + git config to allow pushes)

 This playbook assumes the target VPS is running the latest debian stable release.

 ## Notes to my future self
-The deadswitch has the deadtrigger setup every run, so you have a 14-day timer to add a one-liner to your crontab to keep that deadtrigger set.
+Add this to your local machine's crontab:
+
+```sh
+ssh openpunk 'touch /root/.deadtrigger'
+```

 Some DNS records also need to be set:
 - an A record with a `git.*` subdomain
--- a/roles/deadswitch/tasks/main.yml
+++ b/roles/deadswitch/tasks/main.yml
@ -22,11 +22,17 @@
    dest: /root/deadman/dead.patch
    mode: u+rw

-# TODO: make idempotent
+# TODO: deadtrigger path should be a variable, no?
+- name: Check deadtrigger
+  stat:
+    path: /root/.deadtrigger
+  register: deadstat
+
 - name: Install deadtrigger
  file:
-    name: /root/.deadtrigger
+    path: /root/.deadtrigger
    state: touch
+  when: deadstat.stat.exists == false

 # Run deadswitch daily at 1am
 - name: Install deadlock cronjob