From 8a14ae547448e0930c74a50b2894843cd2463dd8 Mon Sep 17 00:00:00 2001 From: Pig Monkey Date: Fri, 14 Oct 2022 17:27:17 -0700 Subject: [PATCH] add KDE Connect --- group_vars/all | 4 ++++ playbook.yml | 1 + roles/iptables/templates/ip6tables.rules.j2 | 4 ++++ roles/iptables/templates/iptables.rules.j2 | 4 ++++ roles/kdeconnect/meta/main.yml | 3 +++ roles/kdeconnect/tasks/main.yml | 16 ++++++++++++++++ roles/kdeconnect/templates/kdeconnect.service.j2 | 14 ++++++++++++++ 7 files changed, 46 insertions(+) create mode 100644 roles/kdeconnect/meta/main.yml create mode 100644 roles/kdeconnect/tasks/main.yml create mode 100644 roles/kdeconnect/templates/kdeconnect.service.j2 diff --git a/group_vars/all b/group_vars/all index f26957d..f10374d 100644 --- a/group_vars/all +++ b/group_vars/all @@ -319,6 +319,10 @@ syncthing: run_on: trusted open_ports: true +kdeconnect: + run_on: trusted + open_ports: true + mirrorlist: run_on: trusted diff --git a/playbook.yml b/playbook.yml index 167492b..04ed40f 100644 --- a/playbook.yml +++ b/playbook.yml @@ -92,6 +92,7 @@ - { role: android, tags: ['android'] } - { role: ripgrep, tags: ['ripgrep'] } - { role: zeal, tags: ['zeal'] } + - { role: kdeconnect, tags: ['kdeconnect'] } vars_prompt: - name: user_password prompt: "Enter desired user password" diff --git a/roles/iptables/templates/ip6tables.rules.j2 b/roles/iptables/templates/ip6tables.rules.j2 index 595237d..9ac672a 100644 --- a/roles/iptables/templates/ip6tables.rules.j2 +++ b/roles/iptables/templates/ip6tables.rules.j2 @@ -28,4 +28,8 @@ COMMIT -A INPUT -p tcp -m tcp --dport 22000 -j ACCEPT -A INPUT -p udp -m udp --dport 21027 -j ACCEPT {% endif %} +{% if kdeconnect.open_ports is defined and kdeconnect.open_ports == True %} +-A INPUT -p tcp -m tcp --dport 1714:1764 -j ACCEPT +-A INPUT -p udp -m udp --dport 1714:1764 -j ACCEPT +{% endif %} COMMIT diff --git a/roles/iptables/templates/iptables.rules.j2 b/roles/iptables/templates/iptables.rules.j2 index 9ad3ac4..20ee261 100644 --- a/roles/iptables/templates/iptables.rules.j2 +++ b/roles/iptables/templates/iptables.rules.j2 @@ -11,6 +11,10 @@ -A INPUT -p icmp -m icmp --icmp-type 8 -m conntrack --ctstate NEW -j ACCEPT -A INPUT -p udp -m conntrack --ctstate NEW -j UDP -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j TCP +{% if kdeconnect.open_ports is defined and kdeconnect.open_ports == True %} +-A INPUT -p tcp -m tcp --dport 1714:1764 -m state --state NEW,ESTABLISHED -j ACCEPT +-A INPUT -p udp -m udp --dport 1714:1764 -m state --state NEW,ESTABLISHED -j ACCEPT +{% endif %} -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable -A INPUT -p tcp -j REJECT --reject-with tcp-reset -A INPUT -j REJECT --reject-with icmp-proto-unreachable diff --git a/roles/kdeconnect/meta/main.yml b/roles/kdeconnect/meta/main.yml new file mode 100644 index 0000000..a0729fb --- /dev/null +++ b/roles/kdeconnect/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: systemd } diff --git a/roles/kdeconnect/tasks/main.yml b/roles/kdeconnect/tasks/main.yml new file mode 100644 index 0000000..42dd373 --- /dev/null +++ b/roles/kdeconnect/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- name: Install KDE Connect + pacman: name=kdeconnect state=present + +- name: Push KDE Connect service file + template: + src: kdeconnect.service.j2 + dest: /etc/systemd/user/kdeconnect.service + notify: + - reload systemd config + +- include_tasks: roles/nmtrust/tasks/unit.yml + vars: + unit: kdeconnect.service + run_on: "{{ syncthing.run_on }}" + user_unit: true diff --git a/roles/kdeconnect/templates/kdeconnect.service.j2 b/roles/kdeconnect/templates/kdeconnect.service.j2 new file mode 100644 index 0000000..44b5c84 --- /dev/null +++ b/roles/kdeconnect/templates/kdeconnect.service.j2 @@ -0,0 +1,14 @@ +# {{ ansible_managed }} +[Unit] +Description=KDE Connect +After=graphical.target + +[Service] +Environment=DISPLAY=:0 +ExecStart=/usr/lib/kdeconnectd +ExecStop=/usr/bin/kquitapp5 kdeconnectd +Restart=on-failure +BusName=org.kde.kdeconnect + +[Install] +WantedBy=default.target