Refactor to make more general

Initial commit
Refactor to be a bit more modular
2026-03-19 23:57:36 -04:00 · 2026-03-19 23:56:54 -04:00 · 2026-03-11 14:15:40 -04:00 · 2026-03-11 14:15:04 -04:00
5 changed files with 79 additions and 20 deletions
--- a/arch_upgrade.yml
+++ b/arch_upgrade.yml
@@ -19,7 +19,7 @@
        use:  pikaur
        upgrade:  true
        aur_only:  true
-    - import_tasks:  ../tasks/aur_rebuild.yml
+    - import_tasks:  aur_rebuild.yml
      vars:
        package_pattern:  python
      when:
--- a/build_needs_reboot.yml
+++ b/build_needs_reboot.yml
@@ -1,5 +1,5 @@
 - name:  Create test script to determine if reboot is necessary
-  hosts:  all
+  hosts:  arch debian firewall
  tasks:
    - name: Create ~/bin if it doesn't already exist
      ansible.builtin.shell:
@@ -12,11 +12,11 @@
          print '#!/usr/bin/env zsh' > needs_reboot
          source ~/.zsh_functions
          declare -f kernel_func >> needs_reboot
-          perl -pi -e 'if (/OK/) { $_ = "false\n" }' needs_reboot
-          perl -pi -e 'if (/needs reboot/) { $_ = "true\n" }' needs_reboot
+          perl -pi -e 'if (/OK/) { $_ = "\t\techo no\n" }' needs_reboot
+          perl -pi -e 'if (/needs reboot/) { $_ = "\t\techo yes\n" }' needs_reboot
          printf "\n\n\nkernel_func\n" >> needs_reboot
          chmod +x needs_reboot
      args:
-        creates:  needs_reboot
+        #creates:  needs_reboot
        executable:  /usr/bin/zsh
        chdir:  ~/bin/
--- a/32
+++ b/32
@@ -1,13 +1,39 @@
 kernel_func () {
-	machine_id=$(cat /etc/machine-id) 
+	distro="$(awk -F= '/^ID/ {print $NF}' /etc/os-release)" 
+	if [[ "${distro}" == arch ]]
+	then
+		package="$(pacman -Q \
+            | grep -vE -- '-(firmware|api|keyring|linux|docs|headers)' \
+            | grep linux | awk '{print $1}')" 
 		current_kernel=$(uname -r) 
+		next_kernel="$(pacman -Q | grep "${package}" \
+            | awk '{print $NF}' | tail -1 | tr -d '\n')" 
 		current_ucode=$(awk -F'[[:space:]]*:[[:space:]]*' '/microcode/ {print $2}' /proc/cpuinfo | uniq) 
-	[[ -f /run/next_kernel ]] && next_kernel="$(sudo cat /run/next_kernel)" 
+		if whence iucode_tool &> /dev/null
+		then
 			next_ucode=$(iucode_tool -lqS /lib/firmware/intel-ucode/ | grep -Po 'rev 0x\d+' | tr -d '[rev ]' | tail -1) 
-	if [[ "${current_kernel}" == ${next_kernel} ]] && [[ "${current_ucode}" == ${next_ucode} ]] || [[ -z "${next_kernel}" ]]
+		fi
+		if [[ "${current_kernel}" =~ ${next_kernel} ]]
+		then
+			if [[ -n "${next_ucode}" ]] && [[ "${current_ucode}" == ${next_ucode} ]] || [[ -z ${intel_ucode} ]];
 			then
 				print -P "[%F{#00ff00}OK%f]"
 			else
 				print -P "[%F{yellow}needs reboot%f]"
 			fi
+		else
+			print -P "[%F{yellow}needs reboot%f]"
+		fi
+	elif [[ "${distro}" == debian ]]
+	then
+		current_kernel="$(uname -v | awk '{print $5}')" 
+		next_kernel="$(dpkg -l | grep -P '^ii\s+linux-image' | awk '{print $3}' \
+            | sort -Vu | tail -1)" 
+		if [[ "${current_kernel}" == ${next_kernel} ]]
+		then
+			print -P "[%F{#00ff00}OK%f]"
+		else
+			print -P "[%F{yellow}needs reboot%f]"
+		fi
+	fi
 }
--- a/reboot.yml
+++ b/reboot.yml
@@ -1,13 +1,19 @@
- name:  Stop mollyguard if active
-  ansible.builtin.script:  stop_mollyguard
-  register:  mg
 - name:  Determine if a reboot is necessary
  ansible.builtin.command:
    cmd:  ~/bin/needs_reboot
  register:  needs_reboot
+- name:  Stop mollyguard if active
+  become:  true
+  ansible.builtin.script:  stop_mollyguard
+  register:  mg
+- name:  Print mg dict
+  ansible.builtin.debug:
+    var: mg
+  when:  needs_reboot.stdout == "yes"
 - name:  Conditionally reboot
+  become:  true
  ansible.builtin.reboot:
  when:
-    - inventory_hostname not in group['controller']
-    - mgc succeeded
-    - needs_reboot succeeded
+    - inventory_hostname not in groups['control']
+    - mg.failed is false
+    - needs_reboot.stdout == "yes"
--- a/systemd-creds.yaml
+++ b/systemd-creds.yaml
@@ -0,0 +1,27 @@
+- name:  Establish systemd-creds for use with multiple services
+  hosts:  arch debian
+  become:  true
+
+  vars_prompt:
+    - name:  passphrase
+      prompt:  "Enter password manager passphrase"
+      private:  true
+      confirm:  true
+    - name:  creds_var
+      prompt:  "Enter the environment variable where systemd will store the credential PATH"
+      private:  false
+    - name:  creds_name
+      prompt:  "Enter the credential name"
+      private:  false
+
+  tasks:
+    - name:  Create shared systemd runtime override directory
+      ansible.builtin.command:
+        cmd:  mkdir /etc/systemd/system/shared.d
+        creates:  /etc/systemd/system/shared.d
+    - name:  Create override
+      ansible.builtin.shell:
+        cmd: |
+          printf {{ passphrase }} | (echo "[Service]"; systemd-creds encrypt --name={{ creds_name }} --pretty - -) >> /etc/systemd/system/shared.d/00-systemd-creds.conf
+          printf "Environment=%s=%%d/%s\n" {{ creds_var }} {{ creds_name }} >> /etc/systemd/system/shared.d/00-systemd-creds.conf
+        #creates:  /etc/systemd/system/shared.d/00-systemd-creds.conf
Author	SHA1	Message	Date
Trey Blancher	b693daec8b	Refactor to make more general	2026-03-19 23:57:36 -04:00
Trey Blancher	2523ab8a28	Initial commit	2026-03-19 23:56:54 -04:00
Trey Blancher	f5c6d28095	Refactor to be a bit more modular	2026-03-11 14:15:40 -04:00
Trey Blancher	601954fe7c	Refactor to be a bit more modular	2026-03-11 14:15:04 -04:00