mirror of
https://github.com/pigmonkey/spark.git
synced 2026-01-23 02:24:09 +00:00
move trusted network framework to submodule
This commit is contained in:
Pig Monkey
parent
7a6d602dcb
commit
70e0d28703
5 changed files with 11 additions and 52 deletions
3
.gitmodules
vendored
3
.gitmodules
vendored
|
|
@ -7,3 +7,6 @@
|
|||
[submodule "roles/firejail/files/disposable"]
|
||||
path = roles/firejail/files/disposable
|
||||
url = https://github.com/pigmonkey/disposable.git
|
||||
[submodule "roles/networkmanager/files/nmtrust"]
|
||||
path = roles/networkmanager/files/nmtrust
|
||||
url = https://github.com/pigmonkey/nmtrust.git
|
||||
|
|
|
|||
1
roles/networkmanager/files/nmtrust
Submodule
1
roles/networkmanager/files/nmtrust
Submodule
|
|
@ -0,0 +1 @@
|
|||
Subproject commit bf39fd12592001c739897ffd41f7391fd5940689
|
||||
|
|
@ -1,34 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
start() {
|
||||
echo "starting all the things"
|
||||
systemctl start $(cat /usr/local/etc/trusted_units)
|
||||
exit $?
|
||||
}
|
||||
|
||||
stop() {
|
||||
echo "stopping all the things"
|
||||
systemctl stop $(cat /usr/local/etc/trusted_units)
|
||||
exit $?
|
||||
}
|
||||
|
||||
# Get all active connections.
|
||||
connections=($(nmcli --terse -f uuid conn show --active))
|
||||
|
||||
# If there are no active connections, the trusted units should be stopped.
|
||||
if [ ${#connections[@]} -eq 0 ]; then
|
||||
echo "there are no active connections"
|
||||
stop
|
||||
# If there are active connections, and any of them are untrusted, the
|
||||
# trusted units should be stopped.
|
||||
else
|
||||
for uuid in "${connections[@]}"; do
|
||||
grep -q \^"$uuid"\$ /usr/local/etc/trusted_networks
|
||||
if [ "$?" -ne 0 ]; then
|
||||
echo "$uuid is untrusted"
|
||||
stop
|
||||
fi
|
||||
done
|
||||
fi
|
||||
# If we're still here, the trusted units should be started
|
||||
start
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
action="$2"
|
||||
|
||||
case $action in
|
||||
up)
|
||||
/usr/local/bin/toggle_units
|
||||
;;
|
||||
down)
|
||||
/usr/local/bin/toggle_units
|
||||
;;
|
||||
esac
|
||||
|
||||
exit $?
|
||||
|
|
@ -14,11 +14,14 @@
|
|||
- name: Verify trusted unit list exists
|
||||
file: path=/usr/local/etc/trusted_units state=touch
|
||||
|
||||
- name: Push trusted unit toggler
|
||||
copy: src=toggle_units.sh dest=/usr/local/bin/toggle_units mode=0755
|
||||
- name: Push trusted network checker
|
||||
copy: src=nmtrust/nmtrust dest=/usr/local/bin/nmtrust mode=0755
|
||||
|
||||
- name: Push network trust dispatcher
|
||||
copy: src=trust_dispatcher.sh dest=/etc/NetworkManager/dispatcher.d/10trust mode=0755
|
||||
- name: Push trusted unit toggler
|
||||
copy: src=nmtrust/ttoggle dest=/usr/local/bin/ttoggle mode=0755
|
||||
|
||||
- name: Push trusted network dispatcher
|
||||
copy: src=nmtrust/dispatcher/10trust dest=/etc/NetworkManager/dispatcher.d/10trust mode=0755
|
||||
|
||||
- name: Enable and start NetworkManager
|
||||
service: name=NetworkManager.service enabled=yes state=started
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue