🚧 Add Ansible setup for wittgenstein

This commit is contained in:
Stefan Haun 2022-11-02 20:59:17 +01:00
parent 6c5260e5c1
commit 9aa0e6a871
2 changed files with 137 additions and 0 deletions

133
host-wittgenstein.yml Normal file
View file

@ -0,0 +1,133 @@
---
- hosts: wittgenstein2.n39.eu
become: true
roles:
- role: docker_setup
vars:
docker_data_root: "/srv/docker"
- role: apache
- role: apache_letsencrypt # Uses configuration from dehydrated setup
- role: ansible-role-dehydrated
vars:
dehydrated_contact_email: "{{ server_admin }}"
- role: penguineer.dehydrated_cron
tasks:
- name: Install packages needed for the system
# This is a list of all packages,
# unless they are installed by a specific role
ansible.builtin.apt:
state: present
name:
# This is needed for the user-executed tasks
- acl
# Regular packages
- tmux
- git-core
- cmake
- build-essential
- libmosquitto-dev
- libconfig-dev
- mosquitto-clients
- i2c-tools
# - name: Set MAC address for proper DHCP recognition
# # Uses mac variable from inventory
# ansible.builtin.template:
# src: templates/network-interfaces-dhcp-mac.j2
# dest: /etc/network/interfaces.d/wittgenstein-mac
# owner: root
# group: root
# mode: '0644'
- name: Disable IPv6
# Because it is not working....
ansible.builtin.copy:
src: files/sysctl-no-ipv6.conf
dest: /etc/sysctl.d/99-systcl-no-ipv6.conf
owner: root
group: root
mode: '0644'
### Gatekeeper user (pi for now)
#
# All the gatekeeping / door control stuff is here!
- name: Ensure gatekeeper user is there
ansible.builtin.user:
name: "{{ gatekeeper_user }}"
groups: dialout,audio,plugdev,input,netdev,i2c,gpio
append: yes
- name: Copy management scripts
ansible.builtin.copy:
src: "files/wittgenstein/{{ item }}"
dest: "/home/{{ gatekeeper_user }}/{{ item }}"
owner: "{{ gatekeeper_user }}"
group: "{{ gatekeeper_user }}"
mode: "0755"
loop:
- reboot.sh
- unstuck.sh
- name: Install start-up cron
ansible.builtin.cron:
name: Start the gatekeeper services
job: "/home/{{ gatekeeper_user }}/reboot.sh"
user: "{{ gatekeeper_user }}"
special_time: reboot
- name: Copy wiringPi library deb
# WiringPi needs to be installed, but that library seems to be
# obsolete. Download seems to be obsolete, too, so we keep it in
# the Ansible repo for now.
ansible.builtin.copy:
src: files/wiringpi-latest.deb
dest: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
owner: "{{ gatekeeper_user }}"
group: "{{ gatekeeper_user }}"
mode: "0644"
register: wiringPi_copy
- name: Install wiringPi library # noqa 503
ansible.builtin.apt:
state: present
deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
when: wiringPi_copy.changed
### Ampelsteuerung
- name: Clone netz39_space_notification initial checkout
# Do this as the gatekeeper user!
become: yes
become_user: "{{ gatekeeper_user }}"
ansible.builtin.git:
repo: https://github.com/netz39/space_notification.git
dest: "/home/{{ gatekeeper_user }}/netz39_space_notification"
clone: yes
update: no
- name: Compile ledcontrol agent
# Do this as the gatekeeper user!
become: yes
become_user: "{{ gatekeeper_user }}"
ansible.builtin.shell:
chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol"
cmd: make
creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol/ledcontrol"
- name: Compile statusswitch agent
# Do this as the gatekeeper user!
become: yes
become_user: "{{ gatekeeper_user }}"
ansible.builtin.shell:
chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch"
cmd: make
creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch/statusswitch"
handlers:

View file

@ -0,0 +1,4 @@
server_admin: "admin+wittgenstein@netz39.de"
ansible_python_interpreter: /usr/bin/python3
gatekeeper_user: pi
data_dir: "/srv/data"