mirror of
https://github.com/pigmonkey/spark.git
synced 2026-01-23 02:24:09 +00:00
jail pianobar
This commit is contained in:
Pig Monkey
parent
dd7d5cf206
commit
a8d303b5a5
7 changed files with 36 additions and 17 deletions
|
|
@ -22,6 +22,7 @@
|
|||
- { role: editors, tags: ['editors'] }
|
||||
- { role: browsers, tags: ['browsers'] }
|
||||
- { role: media, tags: ['media'] }
|
||||
- { role: pianobar, tags: ['pianobar'] }
|
||||
- { role: laptop, tags: ['laptop'] }
|
||||
- { role: thinkpad, tags: ['thinkpad'], when: "'ThinkPad' in ansible_product_version" }
|
||||
- { role: macbook, tags: ['macbook'], when: "'MacBook' in ansible_product_name" }
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
---
|
||||
- include: mpv.yml
|
||||
- include: mpd.yml
|
||||
- include: beets.yml
|
||||
- include: abcde.yml
|
||||
|
|
@ -9,7 +8,6 @@
|
|||
- include: gimp.yml
|
||||
- include: gthumb.yml
|
||||
- include: feh.yml
|
||||
- include: pianobar.yml
|
||||
- include: teiler.yml
|
||||
- include: flac2all.yml
|
||||
- include: darktable.yml
|
||||
|
|
@ -34,3 +32,6 @@
|
|||
- mat
|
||||
tags:
|
||||
- aur
|
||||
|
||||
- name: Install youtube-dl
|
||||
pacman: name=youtube-dl state=present
|
||||
|
|
|
|||
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
- name: Install youtube-dl
|
||||
pacman: name=youtube-dl state=present
|
||||
tags:
|
||||
- mpv
|
||||
|
||||
- name: Install mpv
|
||||
pacman: name=mpv state=present
|
||||
tags:
|
||||
- mpv
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
- name: Install pianobar
|
||||
pacman: name=pianobar state=present
|
||||
tags:
|
||||
- pianobar
|
||||
14
roles/pianobar/files/firejail/pianobar.profile
Normal file
14
roles/pianobar/files/firejail/pianobar.profile
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
include /etc/firejail/disable-mgmt.inc
|
||||
include /etc/firejail/disable-secret.inc
|
||||
include /etc/firejail/disable-common.inc
|
||||
include /etc/firejail/disable-devel.inc
|
||||
|
||||
caps.drop all
|
||||
seccomp
|
||||
protocol unix,inet,inet6
|
||||
netfilter
|
||||
noroot
|
||||
nogroups
|
||||
shell none
|
||||
private-etc group,hosts,nsswitch.conf,resolv.conf,asound.conf,pulse,ssl,ca-certificates
|
||||
whitelist ~/.config/pianobar
|
||||
3
roles/pianobar/meta/main.yml
Normal file
3
roles/pianobar/meta/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- { role: firejail }
|
||||
15
roles/pianobar/tasks/main.yml
Normal file
15
roles/pianobar/tasks/main.yml
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Install pianobar
|
||||
pacman: name=pianobar state=present
|
||||
|
||||
- name: Jail pianobar
|
||||
file: src=/usr/bin/firejail
|
||||
dest=/usr/local/bin/pianobar
|
||||
state=link
|
||||
tags:
|
||||
- firejail
|
||||
|
||||
- name: Push pianobar firejail profile
|
||||
copy: src=firejail/pianobar.profile dest=/usr/local/etc/firejail/pianobar.profile
|
||||
tags:
|
||||
- firejail
|
||||
Loading…
Add table
Add a link
Reference in a new issue