From 9aa0e6a87118c9220c984dcd13a404de9cfb72cb Mon Sep 17 00:00:00 2001
From: Stefan Haun <tux@netz39.de>
Date: Wed, 2 Nov 2022 20:59:17 +0100
Subject: [PATCH] :construction: :sparkles: Add Ansible setup for wittgenstein

---
 host-wittgenstein.yml                   | 133 ++++++++++++++++++++++++
 host_vars/wittgenstein2.n39.eu/vars.yml |   4 +
 2 files changed, 137 insertions(+)
 create mode 100644 host-wittgenstein.yml
 create mode 100644 host_vars/wittgenstein2.n39.eu/vars.yml

diff --git a/host-wittgenstein.yml b/host-wittgenstein.yml
new file mode 100644
index 0000000..fbd22b6
--- /dev/null
+++ b/host-wittgenstein.yml
@@ -0,0 +1,133 @@
+---
+- hosts: wittgenstein2.n39.eu
+  become: true
+
+  roles:
+    - role: docker_setup
+      vars:
+        docker_data_root: "/srv/docker"
+    - role: apache
+    - role: apache_letsencrypt  # Uses configuration from dehydrated setup
+    - role: ansible-role-dehydrated
+      vars:
+        dehydrated_contact_email: "{{ server_admin }}"
+    - role: penguineer.dehydrated_cron
+
+  tasks:
+    - name: Install packages needed for the system
+      # This is a list of all packages,
+      # unless they are installed by a specific role
+      ansible.builtin.apt:
+        state: present
+        name:
+          # This is needed for the user-executed tasks
+          - acl
+          # Regular packages
+          - tmux
+          - git-core
+          - cmake
+          - build-essential
+          - libmosquitto-dev
+          - libconfig-dev
+          - mosquitto-clients
+          - i2c-tools
+
+
+#    - name: Set MAC address for proper DHCP recognition
+#      # Uses mac variable from inventory
+#      ansible.builtin.template:
+#        src: templates/network-interfaces-dhcp-mac.j2
+#        dest: /etc/network/interfaces.d/wittgenstein-mac
+#        owner: root
+#        group: root
+#        mode: '0644'
+
+    - name: Disable IPv6
+      # Because it is not working....
+      ansible.builtin.copy:
+        src: files/sysctl-no-ipv6.conf
+        dest: /etc/sysctl.d/99-systcl-no-ipv6.conf
+        owner: root
+        group: root
+        mode: '0644'
+
+
+    ### Gatekeeper user (pi for now)
+    #
+    # All the gatekeeping / door control stuff is here!
+
+    - name: Ensure gatekeeper user is there
+      ansible.builtin.user:
+        name: "{{ gatekeeper_user }}"
+        groups: dialout,audio,plugdev,input,netdev,i2c,gpio
+        append: yes
+
+    - name: Copy management scripts
+      ansible.builtin.copy:
+        src: "files/wittgenstein/{{ item }}"
+        dest: "/home/{{ gatekeeper_user }}/{{ item }}"
+        owner: "{{ gatekeeper_user }}"
+        group: "{{ gatekeeper_user }}"
+        mode: "0755"
+      loop:
+        - reboot.sh
+        - unstuck.sh
+
+    - name: Install start-up cron
+      ansible.builtin.cron:
+        name: Start the gatekeeper services
+        job: "/home/{{ gatekeeper_user }}/reboot.sh"
+        user: "{{ gatekeeper_user }}"
+        special_time: reboot
+
+
+    - name: Copy wiringPi library deb
+      # WiringPi needs to be installed, but that library seems to be
+      # obsolete. Download seems to be obsolete, too, so we keep it in
+      # the Ansible repo for now.
+      ansible.builtin.copy:
+        src: files/wiringpi-latest.deb
+        dest: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
+        owner: "{{ gatekeeper_user }}"
+        group: "{{ gatekeeper_user }}"
+        mode: "0644"
+      register: wiringPi_copy
+
+    - name: Install wiringPi library  # noqa 503
+      ansible.builtin.apt:
+        state: present
+        deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
+      when: wiringPi_copy.changed
+
+
+
+    ### Ampelsteuerung
+    - name: Clone netz39_space_notification initial checkout
+      # Do this as the gatekeeper user!
+      become: yes
+      become_user: "{{ gatekeeper_user }}"
+      ansible.builtin.git:
+        repo: https://github.com/netz39/space_notification.git
+        dest: "/home/{{ gatekeeper_user }}/netz39_space_notification"
+        clone: yes
+        update: no
+
+    - name: Compile ledcontrol agent
+      # Do this as the gatekeeper user!
+      become: yes
+      become_user: "{{ gatekeeper_user }}"
+      ansible.builtin.shell:
+        chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol"
+        cmd: make
+        creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol/ledcontrol"
+
+    - name: Compile statusswitch agent
+      # Do this as the gatekeeper user!
+      become: yes
+      become_user: "{{ gatekeeper_user }}"
+      ansible.builtin.shell:
+        chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch"
+        cmd: make
+        creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch/statusswitch"
+
+  handlers:
diff --git a/host_vars/wittgenstein2.n39.eu/vars.yml b/host_vars/wittgenstein2.n39.eu/vars.yml
new file mode 100644
index 0000000..2474184
--- /dev/null
+++ b/host_vars/wittgenstein2.n39.eu/vars.yml
@@ -0,0 +1,4 @@
+server_admin: "admin+wittgenstein@netz39.de"
+ansible_python_interpreter: /usr/bin/python3
+gatekeeper_user: pi
+data_dir: "/srv/data"