From edea682e5443ab3dbb3bd5858b9487f21982eceb Mon Sep 17 00:00:00 2001 From: Markus Katharina Brechtel Date: Sun, 2 Jan 2022 13:27:41 +0100 Subject: [PATCH] barrier config --- tasks/barrier.yaml | 64 ++++++++++++++++++++++++++ tasks/main.yaml | 3 ++ templates/barrier/barrier.conf.j2 | 40 ++++++++++++++++ templates/barrier/barrierc@.service.j2 | 12 +++++ templates/barrier/barriers.service.j2 | 12 +++++ 5 files changed, 131 insertions(+) create mode 100644 tasks/barrier.yaml create mode 100644 templates/barrier/barrier.conf.j2 create mode 100644 templates/barrier/barrierc@.service.j2 create mode 100644 templates/barrier/barriers.service.j2 diff --git a/tasks/barrier.yaml b/tasks/barrier.yaml new file mode 100644 index 0000000..949bcb3 --- /dev/null +++ b/tasks/barrier.yaml @@ -0,0 +1,64 @@ +--- + +- name: barrier directory + file: + path: ~/.local/share/barrier + state: directory + +- name: barrier SSL directory + file: + path: ~/.local/share/barrier/SSL + state: directory + +- name: barrier SSL Fingerprints directory + file: + path: ~/.local/share/barrier/SSL/Fingerprints + state: directory + +- name: Generate an OpenSSL private key with the default values (4096 bits, RSA) + community.crypto.openssl_privatekey: + path: ~/.local/share/barrier/SSL/Barrier.key + return_content: true + register: barrier_openssl_privatekey + +- name: Generate an OpenSSL Certificate Signing Request + community.crypto.openssl_csr: + common_name: Barrier + privatekey_path: ~/.local/share/barrier/SSL/Barrier.key + path: ~/.local/share/barrier/SSL/Barrier.csr + +- name: barrier x509 certificate + community.crypto.x509_certificate: + provider: selfsigned + privatekey_path: ~/.local/share/barrier/SSL/Barrier.key + csr_path: ~/.local/share/barrier/SSL/Barrier.csr + path: ~/.local/share/barrier/SSL/Barrier.crt + return_content: true + register: barrier_x509_certificate + +- name: barrier certificate key file + copy: + content: "{{barrier_openssl_privatekey.privatekey}}{{barrier_x509_certificate.certificate}}" + dest: ~/.local/share/barrier/SSL/Barrier.pem + +- name: bacreate fingerprint file + shell: openssl x509 -fingerprint -sha1 -noout -in ~/.local/share/barrier/SSL/Barrier.pem | sed -e "s/.*=//" > ~/.local/share/barrier/SSL/Fingerprints/Local.txt + args: + creates: ~/.local/share/barrier/SSL/Fingerprints/Local.txt + +- name: barrier server config + template: + src: barrier/barrier.conf.j2 + dest: ~/.local/share/barrier/.barrier.conf + +- name: barrier server user service + template: + src: barrier/barriers.service.j2 + dest: ~/.config/systemd/user/barriers.service + notify: systemd daemon-reload + +- name: barrier client user service + template: + src: barrier/barrierc@.service.j2 + dest: ~/.config/systemd/user/barrierc@.service + notify: systemd daemon-reload diff --git a/tasks/main.yaml b/tasks/main.yaml index d40cf83..f7a266e 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -25,6 +25,9 @@ tags: - xfce4-terminal - import_tasks: rofi.yaml + - import_tasks: barrier.yaml + tags: + - barrier - import_tasks: screenlayout.yaml - import_tasks: x11.yaml - import_tasks: vnc.yaml diff --git a/templates/barrier/barrier.conf.j2 b/templates/barrier/barrier.conf.j2 new file mode 100644 index 0000000..8080d21 --- /dev/null +++ b/templates/barrier/barrier.conf.j2 @@ -0,0 +1,40 @@ +section: screens + left-screen: + halfDuplexCapsLock = false + halfDuplexNumLock = false + halfDuplexScrollLock = false + xtestIsXineramaUnaware = false + preserveFocus = false + switchCorners = none + switchCornerSize = 0 + viny: + halfDuplexCapsLock = false + halfDuplexNumLock = false + halfDuplexScrollLock = false + xtestIsXineramaUnaware = false + preserveFocus = false + switchCorners = none + switchCornerSize = 0 +end + +section: aliases + left-screen: + lixy +end + +section: links + left-screen: + right = viny + viny: + left = left-screen +end + +section: options + relativeMouseMoves = false + screenSaverSync = true + win32KeepForeground = false + clipboardSharing = true + switchCorners = none + switchCornerSize = 0 + keystroke(Alt+d) = keystroke(Control+d,*) +end diff --git a/templates/barrier/barrierc@.service.j2 b/templates/barrier/barrierc@.service.j2 new file mode 100644 index 0000000..d1933bb --- /dev/null +++ b/templates/barrier/barrierc@.service.j2 @@ -0,0 +1,12 @@ +{{ ansible_managed | comment }} + +[Unit] +Description=barrier server app +PartOf=graphical-session.target +After=xsession-reload.service + +[Service] +ExecStart=barrierc --no-daemon --enable-crypto --log %h/.local/share/barrier/barrierc@%i.log %i + +[Install] +WantedBy=graphical-session.target diff --git a/templates/barrier/barriers.service.j2 b/templates/barrier/barriers.service.j2 new file mode 100644 index 0000000..c2500e5 --- /dev/null +++ b/templates/barrier/barriers.service.j2 @@ -0,0 +1,12 @@ +{{ ansible_managed | comment }} + +[Unit] +Description=barrier server app +PartOf=graphical-session.target +After=xsession-reload.service + +[Service] +ExecStart=barriers --no-daemon --enable-crypto --address :24800 --log %h/.local/share/barrier/barriers.log + +[Install] +WantedBy=graphical-session.target