Skip to content

Commit

Permalink
Enable the service that creates the file share symlink
Browse files Browse the repository at this point in the history
This service is a systemd user-mode service for the vnc user.  Note
that we have to enable linger for the vnc user before enabling the
service, and we disable it afterwards.  This is just a trick to get
the vnc user's user-specific systemd session to start without actually
logging in as that user.
  • Loading branch information
jsf9k committed Jul 30, 2021
1 parent c17f90c commit 718f5bd
Showing 1 changed file with 44 additions and 0 deletions.
44 changes: 44 additions & 0 deletions src/vnc.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,50 @@
groups:
- wheel
name: "{{ username }}"
- name: >-
Enable and start the user-mode systemd service that creates
the file share symlink for the vnc user
block:
- name: Start and enable systemd-logind
service:
enabled: yes
name: systemd-logind
state: started
# This causes the vnc user's user-specific systemd session to
# start on boot instead of only when that user logs in. We
# need the vnc user's session to be active so we can enable
# the user-mode systemd service, so we use the trick of
# enabling linger for the user, enabling the user-mode
# service, then disabling linger for the user.
- name: Enable linger for vnc user
ansible.builtin.command:
argv:
- /bin/loginctl
- enable-linger
- "{{ username }}"
- name: >-
Enable the user-mode systemd service that creates the file
share symlink for the vnc user
ansible.builtin.systemd:
daemon_reload: yes
enabled: yes
name: create-fileshare-symlink
scope: user
become_user: "{{ username }}"
vars:
# This is necessary to get around the difficult case where
# you ssh into a machine as an unprivileged user _and_
# become an unprivileged user:
# https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user
ansible_ssh_pipelining: yes
# Now that the user-mode service has been enabled we can
# disable linger for the vnc user.
- name: Disable linger for vnc user
ansible.builtin.command:
argv:
- /bin/loginctl
- disable-linger
- "{{ username }}"
vars:
# The username, password, and ssh keys for the VNC user
username: "{{ lookup('aws_ssm', '/vnc/username') }}"
Expand Down

0 comments on commit 718f5bd

Please sign in to comment.