Refactor run-once logic across multiple roles and integrate unified utils/run_once.yml

This commit standardizes all run-once implementations across the following roles: - desk-git - dev-fakeroot - dev-git - dev-python-yaml - sys-lock - sys-svc-certs (wildcard flavor) - update-apt - update-pacman - update-compose - user-root (moved logic to 01_core.yml + unified run-once handling) - web-app-matomo - web-svc-libretranslate All roles now: - Use a block guarded by 'run_once_<role>' facts - Trigger run-once state through utils/run_once.yml - Optionally disable handler flushing via 'flush_handlers: false' - Achieve consistent per-host one-time execution semantics Conversation reference: https://chatgpt.com/share/692c7fbb-ff68-800f-8cb4-4b132cffc8e4
2025-12-08 10:26:35 +00:00 · 2025-11-30 18:51:40 +01:00
parent e53abbec3b
commit fff7d261a2
14 changed files with 119 additions and 121 deletions
--- a/roles/user-root/tasks/01_core.yml
+++ b/roles/user-root/tasks/01_core.yml
@@ -0,0 +1,30 @@
+- name: Check if the SSH key for root already exists
+  ansible.builtin.stat:
+    path: "/root/.ssh/id_rsa.pub"
+  register: ssh_key
+
+- block:
+    - name: Generate a SSH key for root if it does not exist
+      community.crypto.openssh_keypair:
+        path: "/root/.ssh/id_rsa"
+        type: rsa
+        size: 4096
+
+    - name: Display the public SSH key
+      command: cat /root/.ssh/id_rsa.pub
+      register: public_key
+
+    - name: Output the public SSH key
+      debug:
+        msg: "{{ public_key.stdout }}"
+  when: not ssh_key.stat.exists
+
+- name: "embed user routines for {{ role_path | basename }}"
+  include_role:
+    name: user
+  vars:
+    user_name:  "root"
+
+- include_tasks: utils/run_once.yml
+  vars:
+    flush_handlers: false
--- a/roles/user-root/tasks/main.yml
+++ b/roles/user-root/tasks/main.yml
@@ -1,33 +1,3 @@
- name: Check if the SSH key for root already exists
-  ansible.builtin.stat:
-    path: "/root/.ssh/id_rsa.pub"
-  register: ssh_key
-
- name: Generate a SSH key for root if it does not exist
-  community.crypto.openssh_keypair:
-    path: "/root/.ssh/id_rsa"
-    type: rsa
-    size: 4096
-  when: not ssh_key.stat.exists and run_once_user_root is not defined
-
- name: Display the public SSH key
-  command: cat /root/.ssh/id_rsa.pub
-  register: public_key
-  when: not ssh_key.stat.exists and run_once_user_root is not defined
-
- name: Output the public SSH key
-  debug:
-    msg: "{{ public_key.stdout }}"
-  when: not ssh_key.stat.exists and run_once_user_root is not defined
-
- name: "embed user routines for {{ role_path | basename }}"
-  include_role:
-    name: user
-  vars:
-    user_name:  "root"
-  when: run_once_user_root is not defined
-
- name: run the user_root tasks once
-  set_fact:
-    run_once_user_root: true
+- name: "Execute Role (once)"
+  include_tasks: 01_core.yml 
  when: run_once_user_root is not defined