fedora-infra_ansible/roles/bkernel/tasks/main.yml

---
- name: add pkgs for bkernel boxes
  package:
    state: present
    name:
    - pesign
    - ccid
    - pcsc-lite
    - pcsc-lite-libs
    - opensc
    - nss-tools
  tags:
  - bkernel

- name: enable pcscd
  service: name=pcscd state=started enabled=true
  tags:
  - bkernel

- name: setup opensc in pcscd
  shell: modutil -dbdir /etc/pki/pesign -list | grep -q OpenSC ||  modutil -force -dbdir /etc/pki/pesign -add opensc -libfile /usr/lib64/pkcs11/opensc-pkcs11.so
  check_mode: no
  changed_when: "1 != 1"
  tags:
  - bkernel

- name: setup pesign users config
  copy: src=pesign-users dest=/etc/pesign/users mode=0600 owner=root group=root
  tags:
  - bkernel

- name: enable pesign
  service: name=pesign state=started enabled=true
  tags:
  - bkernel

- name: /var/run/pesign directory perms (kojibuilder)
  acl: path=/var/run/pesign entity=kojibuilder etype=user permissions=rwx recursive=true state=present
  tags:
  - bkernel

- name: /var/run/pesign directory perms (pesign)
  acl: path=/var/run/pesign default=true entity=pesign etype=group permissions=rwx recursive=true state=present
  tags:
  - bkernel

- name: /var/run/pesign socket perms (kojibuilder)
  acl: path=/var/run/pesign/socket entity=kojibuilder etype=user permissions=rwx recursive=true state=present
  tags:
  - bkernel

- name: /var/run/pesign socket perms (pesign)
  acl: path=/var/run/pesign/socket default=true entity=pesign etype=group permissions=rwx recursive=true state=present
  tags:
  - bkernel

- name: when you awake you will remember nothing
  copy: src=history_off.sh dest=/etc/profile.d/history_off.sh mode=0644
  tags:
  - bkernel

- name: mock site-defaults.cfg
  template:
    src: bkernel-site-defaults.cfg
    dest: /etc/mock/site-defaults.cfg
    mode: "0644"
    owner: root
    group: mock
  tags:
  - bkernel