Adding Arch support (#36)

* Setting up Arch, once the image is built

* New commit to trigger the workflow

* Adding arch tasks, but Molecule cannot create tun device for tailscale service

* Pointing CI to the new main branch

* Fix idempotence due to change in tailscale up behavior

Author: artis3n

.github/workflows/ci.yml

@@ -4,10 +4,10 @@ name: CI Tests
 on:
   pull_request:
     branches:
-     - master
+     - main
   push:
     branches:
-      - master
+      - main
 
 jobs:
   molecule:
@@ -25,6 +25,7 @@ jobs:
           - geerlingguy/docker-debian10-ansible:latest
           - geerlingguy/docker-debian9-ansible:latest
           - geerlingguy/docker-fedora31-ansible:latest
+          - artis3n/docker-arch-ansible:latest
       fail-fast: false
 
     steps:

Pipfile.lock

@@ -1 +1,12 @@
 ---
+
+- name: Tailscale Status
+  listen: Confirm Tailscale is Connected
+  command: tailscale status
+  register: handlers_tailscale_status
+
+- name: Assert Tailscale is Connected
+  listen: Confirm Tailscale is Connected
+  assert:
+    that:
+      - handlers_tailscale_status.stdout | length != 0

handlers/main.yml

@@ -14,6 +14,7 @@ galaxy_info:
         - eoan
         - bionic
         - xenial
+        - focal
     - name: EL
       versions:
         - 7
@@ -28,6 +29,9 @@ galaxy_info:
     - name: Fedora
       versions:
         - 31
+    - name: ArchLinux
+      versions:
+        - any
 
   galaxy_tags:
     - tailscale

meta/main.yml

@@ -4,11 +4,11 @@
   tasks:
   - name: Get Tailscale status
     become: yes
-    command: tailscale up
+    command: tailscale status
     changed_when: false
     register: tailscale_status
 
   - name: Assertions
     assert:
       that:
-        - tailscale_status.stderr == "\ntailscaled is authenticated, nothing more to do."
+        - tailscale_status.stdout | length != 0

molecule/default/verify.yml

@@ -0,0 +1,31 @@
+---
+
+- name: Ensure non-root user
+  become: yes
+  user:
+    name: tailscale
+    home: /home/tailscale
+    system: yes
+
+- name: Add tailscale user to sudoers
+  become: yes
+  lineinfile:
+    path: /etc/sudoers
+    regexp: '^tailscale'
+    line: 'tailscale ALL=(ALL) NOPASSWD: ALL'
+
+- name: Download Tailscale AUR
+  become: yes
+  become_user: tailscale
+  git:
+    repo: https://aur.archlinux.org/tailscale.git
+    dest: /home/tailscale/tailscale
+    version: master
+
+- name: Install Tailscale
+  become: yes
+  become_user: tailscale
+  command: makepkg -si --noconfirm
+  args:
+    chdir: /home/tailscale/tailscale
+    creates: /usr/sbin/tailscale

tasks/arch.yml

@@ -27,13 +27,22 @@
   when: ansible_distribution == 'Fedora'
   include_tasks: fedora.yml
 
+- name: Arch
+  when: ansible_distribution == 'Archlinux'
+  include_tasks: arch.yml
+
 - name: Enable Service
   become: yes
   service:
     name: "{{ tailscale_service }}"
     state: started
     enabled: yes
 
+- name: Check if Tailscale is connected
+  command: tailscale status
+  changed_when: false
+  register: tailscale_status
+
 - name: Bring Tailscale Up
   become: yes
   # The command module cannot use | ; &
@@ -42,4 +51,5 @@
   # Since the auth key is included in this task, we do not want to log output
   no_log: true
   register: tailscale_start
-  changed_when: tailscale_start.stderr != "\ntailscaled is authenticated, nothing more to do."
+  when: tailscale_status.stdout | length == 0
+  notify: Confirm Tailscale is Connected