Existing users should first run tasks with tagged with `sudo` to apply
these changes, and then install the latest `/etc/sudoers` file from the
sudo package (probably already on your system as `/etc/sudoers.pacnew`).
Reversing those two steps probably prevents you from sudoing.
This reduces the chance of a timer executing a time consuming service
close to boot, potentially speeding up boot (or at least making
`systemd-analyze blame` look better).
Note that this is only supported for grub. That is the only bootloader I
use. Patches for other bootloaders will be accepted.
The default params:
* quiet the boot process
* cause all virtual terminals to blank (ie, screen power off) after 60 seconds
* enable panel self refresh v2
Blanking the screen is useful with physlock. Physlock does not run in X,
so DPMS settings have no effect on it.
PSR can potentially improve battery life on some machines, but cause
screen flicker on others. I have happily been using v2 on a ThinkPad
X260 for 6 months, but users should experiment between 1/2/3/4 to find
the best setting for their machine, or disable it entirely with 0. See:
* https://hansdegoede.livejournal.com/18653.html
* https://patchwork.kernel.org/patch/8182841/
Ansible `copy` module has `validation` parameter that allows to validate the file prior to replacing it on remote:
> The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
Here we use `visudo` to validate the file before writing it in place, so the user won't lock himself out in case of incorrect changes to `sudoers.j2` template.
I'm assuming this won't break anything because most users will already
be 1000. Existing users whose primary accounts have a different UID
should set the var appropriately.
Since cron is not installed by default, we shouldn't depend on it. Users
should have the choice of running a cron-free system without any
decrease in functionality.
paccache service and timer units stolen from:
https://github.com/kylemanna/systemd-utils
Setting the hostname is part of the pre-ansible install instructions, so
it is really only useful here to change the hostname. Changing the
hostname probably doesn't happen often and is simple enough without
ansible, so meh.
