cron: add other implementations of crond

Supports cronie, fcron and busybox's crond.

README.md

@@ -63,6 +63,8 @@ $ sudo ansible-playbook -v setup.yml
 
 - This playbook assumes that the person running it is me 😃. It might do specific tasks that you don't like. Use with your own risks.
 
+- The playbook assumes it's only run once, so it doesn't take into account conflicted services when switching options in later runs.
+
 - The playbook is intended to be run as **root**. It is separated from [dotfiles-ansible](/FollieHiyuki/dotfiles-ansible), which should only be run as a normal user.
 
 ## 📄 License

requirements/accepted_variables.yml

@@ -50,7 +50,6 @@ audit_daemon:
 crond_provider:
   - busybox
   - cronie
-  - dcron
   - fcron
 
 syslog_provider:
@@ -66,7 +65,3 @@ ntp_client:
 dns_resolver:
   - dnscrypt-proxy
   - unbound
-
-rootless_container_cli:
-  - podman
-  - nerdctl

roles/cron/tasks/busybox.yml

@@ -0,0 +1,7 @@
+---
+- name: crond | Add crond service to runlevel 'default'
+  service:
+    name: crond
+    runlevel: default
+    enabled: true
+    state: started

roles/cron/tasks/cronie.yml

@@ -0,0 +1,32 @@
+---
+- name: cronie | Install cronie package
+  community.general.packaging.os.apk:
+    name: cronie
+    state: present
+
+- name: cronie | Allow only {{ username }} and root to access crontabs
+  copy:
+    content: |
+      {{ username }}
+    dest: /etc/cron.allow
+    owner: root
+    group: root
+    mode: 0644
+
+# btrbk runs btrfs command directly (without specifying /sbin prefix),
+# hence we need to inherit PATH here
+- name: cronie | Configure command options for cronie service
+  copy:
+    content: |
+      CRON_OPTS="-s -P"
+    dest: /etc/conf.d/cronie
+    owner: root
+    group: root
+    mode: 0644
+
+- name: cronie | Start cronie service in runlevel default
+  service:
+    name: cronie
+    runlevel: default
+    state: started
+    enabled: true

roles/cron/tasks/fcron.yml

@@ -0,0 +1,30 @@
+---
+- name: fcron | Install fcron package
+  community.general.packaging.os.apk:
+    name: fcron
+    state: present
+
+- name: fcron | Deny all users except root to access crontabs
+  copy:
+    content: |
+      all
+    dest: /etc/fcron/fcron.deny
+    owner: root
+    group: root
+    mode: 0644
+
+- name: fcron | Allow {{ username }} to access crontabs
+  copy:
+    content: |
+      {{ username }}
+    dest: /etc/fcron/fcron.allow
+    owner: root
+    group: root
+    mode: 0644
+
+- name: fcron | Start fcron service on runlevel default
+  service:
+    name: fcron
+    runlevel: default
+    state: started
+    enabled: true

roles/cron/tasks/main.yml

@@ -30,9 +30,5 @@
     name: logrotate, cpulimit
     state: present
 
-- name: cron | Add crond service to runlevel 'default'
-  service:
-    name: crond
-    runlevel: default
-    enabled: true
-    state: started
+- name: cron | Import tasks specific to {{ crond_provider }}
+  include_tasks: '{{ crond_provider }}.yml'