2022-02-13 00:10:01 +01:00
|
|
|
---
|
|
|
|
- hosts: platon.n39.eu
|
|
|
|
become: true
|
|
|
|
vars:
|
|
|
|
ansible_python_interpreter: /usr/bin/python3
|
2022-02-19 16:30:40 +01:00
|
|
|
door_open_command: '/home/pi/sesame-open.sh'
|
2022-02-13 00:10:01 +01:00
|
|
|
ble_keykeeper_dir: '/home/pi/netz39_ble_keykeeper'
|
|
|
|
roles:
|
2022-02-19 16:30:40 +01:00
|
|
|
- role: ble-keykeeper-role
|
2022-07-23 16:16:33 +02:00
|
|
|
|
|
|
|
tasks:
|
|
|
|
- name: Install packages needed for the system
|
|
|
|
# This is a list of all packages,
|
|
|
|
# unless they are installed by a specific role
|
|
|
|
ansible.builtin.apt:
|
|
|
|
state: present
|
|
|
|
name:
|
|
|
|
# Should come from ble-keeper-role
|
|
|
|
# see https://github.com/netz39/ble-keykeeper-role/issues/4
|
|
|
|
- python3-pip
|
2022-07-23 17:37:45 +02:00
|
|
|
# Regular packages
|
|
|
|
- tmux
|
2022-07-23 16:17:13 +02:00
|
|
|
|
|
|
|
|
|
|
|
- name: Set MAC address for proper DHCP recognition
|
|
|
|
# Uses mac variable from inventory
|
|
|
|
ansible.builtin.template:
|
|
|
|
src: templates/network-interfaces-dhcp-mac.j2
|
|
|
|
dest: /etc/network/interfaces.d/platon-mac
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: '0644'
|
2022-07-23 16:34:13 +02:00
|
|
|
|
2022-07-23 17:51:31 +02:00
|
|
|
- name: Disable IPv6
|
|
|
|
# Because it is not working....
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: files/sysctl-no-ipv6.conf
|
|
|
|
dest: /etc/sysctl.d/99-systcl-no-ipv6.conf
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: '0644'
|
|
|
|
|
2022-07-23 16:34:13 +02:00
|
|
|
|
|
|
|
### Sesam for SSH access
|
|
|
|
#
|
|
|
|
# Make sure to provide the .ssh/authorized_keys from backup, if needed
|
|
|
|
|
|
|
|
- name: Ensure sesam user is there
|
|
|
|
ansible.builtin.user:
|
|
|
|
name: sesam
|
|
|
|
shell: /home/sesam/door-open.sh
|
|
|
|
groups: i2c
|
|
|
|
append: yes
|
|
|
|
|
|
|
|
- name: Copy door-open.ssh for sesam
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: files/platon/sesam-door-open.sh
|
|
|
|
dest: /home/sesam/door-open.sh
|
2022-07-23 17:35:08 +02:00
|
|
|
|
|
|
|
|
|
|
|
### Gatekeeper user (pi for now)
|
|
|
|
#
|
|
|
|
# All the gatekeeping / door control stuff is here!
|
|
|
|
|
|
|
|
- name: Ensure gatekeeper user is there
|
|
|
|
ansible.builtin.user:
|
|
|
|
name: "{{ gatekeeper_user }}"
|
|
|
|
groups: dialout,audio,plugdev,input,netdev,i2c,gpio
|
|
|
|
append: yes
|
2022-07-23 17:37:45 +02:00
|
|
|
|
|
|
|
- name: Copy management scripts
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: "files/platon/{{ item }}"
|
|
|
|
dest: "/home/{{ gatekeeper_user }}/{{ item }}"
|
|
|
|
owner: "{{ gatekeeper_user }}"
|
|
|
|
group: "{{ gatekeeper_user }}"
|
|
|
|
mode: "0755"
|
|
|
|
loop:
|
|
|
|
- i2cspeed.sh
|
|
|
|
- reboot.sh
|
|
|
|
- unstuck.sh
|
|
|
|
- sesame-open.sh
|
|
|
|
|
|
|
|
# WiringPi needs to be installed, but that library seems to be
|
|
|
|
# obsolete, so not automating.
|
|
|
|
# Follow the instructions on http://wiringpi.com/download-and-install/
|