chore: move commands to the proper stage

samrose · samrose · commit e7d6b35042da · 2024-05-21T10:57:04.000-04:00
diff --git a/ansible-nix/playbook.yml b/ansible-nix/playbook.yml
@@ -118,30 +118,3 @@
       debug:
         msg: "The postgres user is {{ 'not ' if check_user_group.rc != 0 else '' }}part of the users group"
     
-    - name: Install osquery from nixpkgs binary cache
-      become: yes
-      shell: |
-        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install nixpkgs#osquery"
-
-    - name: Install osquery permission check script
-      become: yes
-      copy:
-        src: files/permission_check.py
-        dest: /home/ubuntu/permission_check.py
-        mode: "0755"
-
-    - name: Run osquery permission checks
-      become: yes
-      shell: |
-        sudo -u ubuntu bash -c "python3 /home/ubuntu/permission_check.py"
-
-    - name: Remove osquery permission check script
-      become: yes
-      file:
-        path: /home/ubuntu/permission_check.py
-        state: absent
-
-    - name: Remove osquery    
-      become: yes
-      shell: |
-        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile osquery"
diff --git a/ansible-nix/tasks/stage2/playbook.yml b/ansible-nix/tasks/stage2/playbook.yml
@@ -62,3 +62,31 @@
     - name: Print result to Ansible log output
       debug:
         msg: "The postgres user is {{ 'not ' if check_user_group.rc != 0 else '' }}part of the users group"
+
+    - name: Install osquery from nixpkgs binary cache
+      become: yes
+      shell: |
+        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install nixpkgs#osquery"
+
+    - name: Install osquery permission check script
+      become: yes
+      copy:
+        src: files/permission_check.py
+        dest: /home/ubuntu/permission_check.py
+        mode: "0755"
+
+    - name: Run osquery permission checks
+      become: yes
+      shell: |
+        sudo -u ubuntu bash -c "python3 /home/ubuntu/permission_check.py"
+
+    - name: Remove osquery permission check script
+      become: yes
+      file:
+        path: /home/ubuntu/permission_check.py
+        state: absent
+
+    - name: Remove osquery    
+      become: yes
+      shell: |
+        sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile osquery"
diff --git a/common-nix.vars.pkr.hcl b/common-nix.vars.pkr.hcl
@@ -1 +1 @@
-postgres-version = "15.6.1.46-nix-staged"
+postgres-version = "15.6.1.47-nix-staged"

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-postgres-version = "15.6.1.46-nix-staged"`
	`1`	`+postgres-version = "15.6.1.47-nix-staged"`