mirror of
https://github.com/auricom/home-cluster.git
synced 2025-10-01 07:55:06 +02:00
44 lines
1.3 KiB
YAML
44 lines
1.3 KiB
YAML
---
|
|
- name: boot | grub | check for existence of grub
|
|
ansible.builtin.stat:
|
|
path: /etc/default/grub
|
|
register: grub_result
|
|
|
|
- name: boot | grub | set apparmor=0
|
|
ansible.builtin.replace:
|
|
path: /etc/default/grub
|
|
regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=(?:(?![" ]{{ option | regex_escape }}=).)*)(?:[" ]{{ option | regex_escape }}=\S+)?(.*")$'
|
|
replace: '\1 {{ option }}={{ value }}\2'
|
|
vars:
|
|
option: apparmor
|
|
value: "0"
|
|
when:
|
|
- grub_result.stat.exists
|
|
|
|
- name: boot | grub | set mitigations=off
|
|
ansible.builtin.replace:
|
|
path: /etc/default/grub
|
|
regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=(?:(?![" ]{{ option | regex_escape }}=).)*)(?:[" ]{{ option | regex_escape }}=\S+)?(.*")$'
|
|
replace: '\1 {{ option }}={{ value }}\2'
|
|
vars:
|
|
option: mitigations
|
|
value: "off"
|
|
when:
|
|
- grub_result.stat.exists
|
|
|
|
- name: boot | grub | set pti=off
|
|
ansible.builtin.replace:
|
|
path: /etc/default/grub
|
|
regexp: '^(GRUB_CMDLINE_LINUX_DEFAULT=(?:(?![" ]{{ option | regex_escape }}=).)*)(?:[" ]{{ option | regex_escape }}=\S+)?(.*")$'
|
|
replace: '\1 {{ option }}={{ value }}\2'
|
|
vars:
|
|
option: pti
|
|
value: "off"
|
|
when:
|
|
- grub_result.stat.exists
|
|
|
|
- name: boot | grub | run grub-mkconfig
|
|
ansible.builtin.command: grub-mkconfig -o /boot/grub/grub.cfg
|
|
when:
|
|
- grub_result.stat.exists
|