update trusted_unit location in roles

README.md

@@ -180,7 +180,7 @@ timer is set to sync every 5 minutes (configurable through the `mail.sync_time`
 variable).
 
 The timer is not started or enabled by default. Instead, the timer is added to
-`/usr/local/etc/trusted_units`, causing the NetworkManager trusted unit
+`/etc/nmtrust/trusted_units`, causing the NetworkManager trusted unit
 dispatcher to activate the timer whenever a connection is established to a
 trusted network. The timer is stopped whenever the network goes down or a
 connection is established to an untrusted network.
@@ -223,10 +223,10 @@ Tarsnapper when it detects the machine ison AC power. To allow Tarsnapper to
 run when on battery, set the `tarsnapper.ac_only` variable to `False`.
 
 As with `mailsync`, the timer is not started or enabled by default. Instead,
-the timer is added to `/usr/local/etc/trusted_units`, causing the
-NetworkManager trusted unit dispatcher to activate the timer whenever a
-connection is established to a trusted network. The timer is stopped whenever
-the network goes down or a connection is established to an untrusted network.
+the timer is added to `/etc/nmtrust/trusted_units`, causing the NetworkManager
+trusted unit dispatcher to activate the timer whenever a connection is
+established to a trusted network. The timer is stopped whenever the network
+goes down or a connection is established to an untrusted network.
 
 To have the timer activated at boot, change the `tarsnapper.run_on` variable
 from `trusted` to `all`.
@@ -239,7 +239,7 @@ If the `tarsnapper.run_on` variable is set to anything other than `trusted` or
 
 [Tor][23] is installed by default. A systemd service unit for Tor is installed,
 but not enabled or started. instead, the service is added to
-`/usr/local/etc/trusted_units`, causing the NetworkManager trusted unit
+`/etc/nmtrust/trusted_units`, causing the NetworkManager trusted unit
 dispatcher to activate the service whenever a connection is established to a
 trusted network. The service is stopped whenever the network goes down or a
 connection is established to an untrusted network.
@@ -254,14 +254,14 @@ configuration.
 
 [parcimonie.sh][24] is provided to periodically refresh entries in the user's
 GnuPG keyring over the Tor network. The service is added to
-`/usr/local/etc/trusted_units` and respects the `tor.run_on` variable.
+`/etc/nmtrust/trusted_units` and respects the `tor.run_on` variable.
 
 
 ## BitlBee
 
 [BitlBee][25] and [WeeChat][26] are used to provide chat services. A systemd
 service unit for BitlBee is installed, but not enabled or started by default.
-Instead, the service is added to `/usr/local/etc/trusted_units`, causing the
+Instead, the service is added to `/etc/nmtrust/trusted_units`, causing the
 NetworkManager trusted unit dispatcher to activate the service whenever a
 connection is established to a trusted network. The service is stopped whenever
 the network goes down or a connection is established to an untrusted network.
@@ -282,7 +282,7 @@ remove the `bitlebee.torify` variable or disable Tor entirely by removing the
 git-annex assistant is enabled and started by default. To prevent this, remove
 the `gitannex` variable from the config.
 
-Additionally, the git-annex unit is added to `/usr/local/etc/trusted_units`,
+Additionally, the git-annex unit is added to `/etc/nmtrust/trusted_units`,
 causing the NetworkManager trusted unit dispatcher to activate the service
 whenever a connection is established to a trusted network. The service is
 stopped whenever a connection is established to an untrusted network. Unlike
@@ -305,7 +305,7 @@ defined, the service will not be started or enabled.
 This is intended for local development. PostgreSQL is configured to only listen
 on localhost and no additional ports are opened in the default firewall. This
 configuration means that PostgreSQL is not a network service. As such, the
-PostgreSQL service is not added to `/usr/local/etc/trusted_units`.
+PostgreSQL service is not added to `/etc/nmtrust/trusted_units`.
 
 Additional configuration options are set which improve performance but make the
 database service inappropriate for production use.
@@ -318,11 +318,10 @@ background via feh. This should provide early warning of the presence of any
 Vogon constructor fleets appearing over the Eastern Hemisphere.
 
 A systemd service unit and timer is installed, but not enabled or started by
-default. Instead, the service is added to `/usr/local/etc/trusted_units`,
-causing the NetworkManager trusted unit dispatcher to activate the service
-whenever a connection is established to a trusted network. The service is
-stopped whenever the network goes down or a connection is established to an
-untrusted network.
+default. Instead, the service is added to `/etc/nmtrust/trusted_units`, causing
+the NetworkManager trusted unit dispatcher to activate the service whenever a
+connection is established to a trusted network. The service is stopped whenever
+the network goes down or a connection is established to an untrusted network.
 
 To have the service activated at boot, change the `himawaripy.run_on` variable
 from `trusted` to `all`.

roles/bitlbee/tasks/main.yml

@@ -29,7 +29,7 @@
   when: bitlbee.run_on == "all"
 
 - name: Remove Bitlbee from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line=bitlbee.service
   when: bitlbee.run_on == "all"
@@ -39,7 +39,7 @@
   when: bitlbee.run_on == "trusted"
 
 - name: Add Bitlbee to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line=bitlbee.service
   when: bitlbee.run_on == "trusted"

roles/git-annex/tasks/main.yml

@@ -26,13 +26,13 @@
   when: autostart.stat is defined and autostart.stat.exists
 
 - name: Add git-annex to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line="git-annex.service,user:{{ user.name }},allow_offline"
   when: gitannex.stop_on_untrusted is defined and gitannex.stop_on_untrusted == True
 
 - name: Remove git-annex from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line="git-annex.service,user:{{ user.name }},allow_offline"
   when: gitannex.stop_on_untrusted is not defined or gitannex.stop_on_untrusted != True

roles/himawaripy/tasks/main.yml

@@ -29,7 +29,7 @@
   when: himawaripy.run_on == "all"
 
 - name: Remove himawaripy from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line="himawaripy.timer,user:{{ user.name }}"
   when: himawaripy.run_on == "all"
@@ -43,7 +43,7 @@
   when: himawaripy.run_on == "trusted"
 
 - name: Add himawaripy to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line="himawaripy.timer,user:{{ user.name }}"
   when: himawaripy.run_on == "trusted"

roles/localtime/tasks/main.yml

@@ -9,7 +9,7 @@
   when: localtime.run_on == "all"
 
 - name: Remove localtime from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line=localtime.service
   when: localtime.run_on == "all"
@@ -19,7 +19,7 @@
   when: localtime.run_on == "trusted"
 
 - name: Add localtime to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line=localtime.service
   when: localtime.run_on == "trusted"

roles/mail/tasks/mailsync.yml

@@ -30,7 +30,7 @@
     - mailsync
 
 - name: Remove mailsync from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line="mailsync.timer,user:{{ user.name }}"
   when: mail.sync_on == "all"
@@ -48,7 +48,7 @@
     - mailsync
 
 - name: Add mailsync to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line="mailsync.timer,user:{{ user.name }}"
   when: mail.sync_on == "trusted"

roles/mirrorlist/tasks/main.yml

@@ -39,7 +39,7 @@
 
 - name: Remove reflector from trusted unit list
   lineinfile:
-      dest: /usr/local/etc/trusted_units
+      dest: /etc/nmtrust/trusted_units
       state: absent
       line: reflector-update.timer
   when: mirrorlist.run_on == "all"
@@ -52,7 +52,7 @@
 
 - name: Add reflector to trusted unit list
   lineinfile:
-      dest: /usr/local/etc/trusted_units
+      dest: /etc/nmtrust/trusted_units
       state: present
       line: reflector-update.timer
   when: mirrorlist.run_on == "trusted"

roles/parcimonie/tasks/main.yml

@@ -12,7 +12,7 @@
   when: tor.run_on == "all"
 
 - name: Remove parcimione.sh from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line="parcimonie.sh@{{ user.name }}.service"
   when: tor.run_on == "all"
@@ -22,7 +22,7 @@
   when: tor.run_on == "trusted"
 
 - name: Add parcimione.sh to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line="parcimonie.sh@{{ user.name }}.service"
   when: tor.run_on == "trusted"

roles/syncthing/tasks/main.yml

@@ -11,7 +11,7 @@
   when: syncthing.run_on == "all"
 
 - name: Remove syncthing from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line="syncthing.service,user:{{ user.name }}"
   when: syncthing.run_on == "all"
@@ -25,7 +25,7 @@
   when: syncthing.run_on == "trusted"
 
 - name: Add syncthing to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line="syncthing.service,user:{{ user.name }}"
   when: syncthing.run_on == "trusted"

roles/tarsnap/tasks/main.yml

@@ -45,7 +45,7 @@
   when: tarsnapper.run_on == "all"
 
 - name: Remove Tarsnapper from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line=tarsnapper.timer
   when: tarsnapper.run_on == "all"
@@ -55,7 +55,7 @@
   when: tarsnapper.run_on == "trusted"
 
 - name: Add Tarsnapper to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line=tarsnapper.timer
   when: tarsnapper.run_on == "trusted"

roles/tor/tasks/main.yml

@@ -40,7 +40,7 @@
   when: tor.run_on == "all"
 
 - name: Remove Tor from trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=absent
               line=tor.service
   when: tor.run_on == "all"
@@ -50,7 +50,7 @@
   when: tor.run_on == "trusted"
 
 - name: Add Tor to trusted unit list
-  lineinfile: dest=/usr/local/etc/trusted_units
+  lineinfile: dest=/etc/nmtrust/trusted_units
               state=present
               line=tor.service
   when: tor.run_on == "trusted"