From 1e4cbb8f446fbc923fd2961e2924f783c266c789 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 16:15:20 +0200 Subject: [PATCH 01/18] Remove user setting (pi) for platon Default admin users are now installed (as Raspbian continues to discurage the user pi anyways) and administrators can use their own accounts for Ansible. --- inventory.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/inventory.yml b/inventory.yml index c849471..3307e16 100644 --- a/inventory.yml +++ b/inventory.yml @@ -76,7 +76,6 @@ all: server_admin: "admin+unicorn@netz39.de" platon.n39.eu: server_admin: "admin+platon@netz39.de" - ansible_ssh_user: pi radon.n39.eu: server_admin: "admin+radon@netz39.de" krypton.n39.eu: From dabf3f6b5f3e94c7af6b01594eb7df9052fe8ccc Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 16:16:33 +0200 Subject: [PATCH 02/18] platon: Setup package installation and install pip3 --- platon.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/platon.yml b/platon.yml index 6f7155c..4d817f2 100644 --- a/platon.yml +++ b/platon.yml @@ -7,3 +7,14 @@ ble_keykeeper_dir: '/home/pi/netz39_ble_keykeeper' roles: - role: ble-keykeeper-role + + tasks: + - name: Install packages needed for the system + # This is a list of all packages, + # unless they are installed by a specific role + ansible.builtin.apt: + state: present + name: + # Should come from ble-keeper-role + # see https://github.com/netz39/ble-keykeeper-role/issues/4 + - python3-pip From cf1fed21cbf7e29427ec5238514d489c76c199f8 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 16:17:13 +0200 Subject: [PATCH 03/18] platon: Set the MAC address that is registered in the router --- inventory.yml | 1 + platon.yml | 10 ++++++++++ templates/network-interfaces-dhcp-mac.j2 | 6 ++++++ 3 files changed, 17 insertions(+) create mode 100644 templates/network-interfaces-dhcp-mac.j2 diff --git a/inventory.yml b/inventory.yml index 3307e16..cc44353 100644 --- a/inventory.yml +++ b/inventory.yml @@ -76,6 +76,7 @@ all: server_admin: "admin+unicorn@netz39.de" platon.n39.eu: server_admin: "admin+platon@netz39.de" + mac: "b8:27:eb:8f:98:2f" radon.n39.eu: server_admin: "admin+radon@netz39.de" krypton.n39.eu: diff --git a/platon.yml b/platon.yml index 4d817f2..22d6f83 100644 --- a/platon.yml +++ b/platon.yml @@ -18,3 +18,13 @@ # Should come from ble-keeper-role # see https://github.com/netz39/ble-keykeeper-role/issues/4 - python3-pip + + + - name: Set MAC address for proper DHCP recognition + # Uses mac variable from inventory + ansible.builtin.template: + src: templates/network-interfaces-dhcp-mac.j2 + dest: /etc/network/interfaces.d/platon-mac + owner: root + group: root + mode: '0644' diff --git a/templates/network-interfaces-dhcp-mac.j2 b/templates/network-interfaces-dhcp-mac.j2 new file mode 100644 index 0000000..a254bfa --- /dev/null +++ b/templates/network-interfaces-dhcp-mac.j2 @@ -0,0 +1,6 @@ +# Set a specific MAC address to enable DHCP recognition +allow-hotplug eth0 +iface eth0 inet dhcp + hwaddress ether {{ mac }} + +# THIS FILE IS MANAGED VIA ANSIBLE! From 2b800e247cbb5b5e0ce2bbc8037b3b1107f83f68 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 16:34:13 +0200 Subject: [PATCH 04/18] Set up sesam user for SSH entry --- files/platon/sesam-door-open.sh | 7 +++++++ platon.yml | 17 +++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100755 files/platon/sesam-door-open.sh diff --git a/files/platon/sesam-door-open.sh b/files/platon/sesam-door-open.sh new file mode 100755 index 0000000..5a3c18c --- /dev/null +++ b/files/platon/sesam-door-open.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +echo "`date` : $SSH_KEY_OWNER" >> /home/sesam/door_open.log +ssh pi@localhost -i /home/sesam/.ssh/id_rsa \ + -t /home/pi/sesame-open.sh + + diff --git a/platon.yml b/platon.yml index 22d6f83..c22c3c3 100644 --- a/platon.yml +++ b/platon.yml @@ -28,3 +28,20 @@ owner: root group: root mode: '0644' + + + ### Sesam for SSH access + # + # Make sure to provide the .ssh/authorized_keys from backup, if needed + + - name: Ensure sesam user is there + ansible.builtin.user: + name: sesam + shell: /home/sesam/door-open.sh + groups: i2c + append: yes + + - name: Copy door-open.ssh for sesam + ansible.builtin.copy: + src: files/platon/sesam-door-open.sh + dest: /home/sesam/door-open.sh From fbde9090a92a3c32e60705d2c37bd556d3b85192 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 17:35:08 +0200 Subject: [PATCH 05/18] Set up gatekeeper user (pi) This is the user that will manage door and shutters --- inventory.yml | 1 + platon.yml | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/inventory.yml b/inventory.yml index cc44353..beed07b 100644 --- a/inventory.yml +++ b/inventory.yml @@ -77,6 +77,7 @@ all: platon.n39.eu: server_admin: "admin+platon@netz39.de" mac: "b8:27:eb:8f:98:2f" + gatekeeper_user: pi radon.n39.eu: server_admin: "admin+radon@netz39.de" krypton.n39.eu: diff --git a/platon.yml b/platon.yml index c22c3c3..8ea6ea5 100644 --- a/platon.yml +++ b/platon.yml @@ -45,3 +45,14 @@ ansible.builtin.copy: src: files/platon/sesam-door-open.sh dest: /home/sesam/door-open.sh + + + ### Gatekeeper user (pi for now) + # + # All the gatekeeping / door control stuff is here! + + - name: Ensure gatekeeper user is there + ansible.builtin.user: + name: "{{ gatekeeper_user }}" + groups: dialout,audio,plugdev,input,netdev,i2c,gpio + append: yes From f1e8d527191b022eb34b2145dcf7473c291c91db Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 17:37:45 +0200 Subject: [PATCH 06/18] Copy service scripts for the gatekeeper user --- files/platon/i2cspeed.sh | 7 +++++++ files/platon/reboot.sh | 37 +++++++++++++++++++++++++++++++++++++ files/platon/sesame-open.sh | 5 +++++ files/platon/unstuck.sh | 13 +++++++++++++ platon.yml | 19 +++++++++++++++++++ 5 files changed, 81 insertions(+) create mode 100755 files/platon/i2cspeed.sh create mode 100755 files/platon/reboot.sh create mode 100755 files/platon/sesame-open.sh create mode 100755 files/platon/unstuck.sh diff --git a/files/platon/i2cspeed.sh b/files/platon/i2cspeed.sh new file mode 100755 index 0000000..5ae50b4 --- /dev/null +++ b/files/platon/i2cspeed.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# https://gist.github.com/ribasco/c22ab6b791e681800df47dd0a46c7c3a + +var="$(xxd -ps /sys/class/i2c-adapter/i2c-1/of_node/clock-frequency)" +var=${var//[[:blank:].\}]/} +printf "%d\n" 0x$var diff --git a/files/platon/reboot.sh b/files/platon/reboot.sh new file mode 100755 index 0000000..f05d0c6 --- /dev/null +++ b/files/platon/reboot.sh @@ -0,0 +1,37 @@ +#!/bin/sh +PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games' +echo 'start i2c-foo' +sudo modprobe i2c_dev +sudo modprobe i2c_bcm2708 +echo 'starting log' +tmux new-session -s status -d 'sudo less /var/log/shuttercontrol.log' +cd /home/pi/netz39_rollladensteuerung/raspberry/shuttercontrol +echo 'switch-on.sh' +../switch-on.sh +cd /home/pi +echo 'start shuttercontrol' +tmux new-window -t status:1 'cd /home/pi/netz39_rollladensteuerung/raspberry/shuttercontrol && ./shuttercontrol.sh' +echo 'start watchdog' +tmux new-window -t status:2 'cd /home/pi/netz39_rollladensteuerung/raspberry/doorcontrol && ./door-with-spacestatus.sh' +#tmux new-window -t status:2 'cd /home/pi/netz39_rollladensteuerung/raspberry/door-watchdog && python3 ./door-watchdog.py' + +echo 'start door-sound.sh' +tmux new-window -t status:3 'cd /home/pi/netz39_rollladensteuerung/raspberry/doorcontrol && ./door-sound.sh' +echo 'start ic3-client' +tmux new-window -t status:4 'cd /home/pi/netz39_xmpp_space_control/i3c_client && build/i3c_client --foreground' +echo 'start asterisk abuse check' +tmux new-window -t status:5 'cd /home/pi/netz39_rollladensteuerung/raspberry/asterisk && sudo ./check-abuse.sh' +echo 'start asterisk console' +tmux new-window -t status:6 'sudo asterisk -vvvr' +echo 'start door service' +tmux new-window -t status:7 'cd /home/pi/netz39_rollladensteuerung/raspberry/door-service && python3 door-service.py' +echo 'start mqtt-clock' +tmux new-window -t status:8 'cd /home/pi/mqtt-tools/agents && ./mqtt-clock' + +#echo 'start ampel controller' +# This does not work as intended xD +#tmux new-window -t status:9 'cd /home/pi/netz39_space_notification/raspberry/ledcontrol && ./ledcontrol' + + +#echo 'start shuttercontrol-service (experimental)' +#tmux new-window -t status:9 'cd /home/pi && python3 ./shuttercontrol-service.py' diff --git a/files/platon/sesame-open.sh b/files/platon/sesame-open.sh new file mode 100755 index 0000000..575af40 --- /dev/null +++ b/files/platon/sesame-open.sh @@ -0,0 +1,5 @@ +#/bin/bash + +/home/pi/netz39_rollladensteuerung/raspberry/doorcontrol/door-open.sh +/home/pi/netz39_rollladensteuerung/raspberry/shuttercontrol/doorshutter-open.sh + diff --git a/files/platon/unstuck.sh b/files/platon/unstuck.sh new file mode 100755 index 0000000..c35bc22 --- /dev/null +++ b/files/platon/unstuck.sh @@ -0,0 +1,13 @@ +#!/bin/bash +logger -t unstuck "unstuck $(date)" + +killall tmux +gpio mode 2 output +gpio mode 3 output +gpio write 2 0 +gpio write 3 0 +sudo modprobe -r i2c_dev +sudo modprobe -r i2c_bcm2708 + +sleep 1 +~/reboot.sh diff --git a/platon.yml b/platon.yml index 8ea6ea5..64381d6 100644 --- a/platon.yml +++ b/platon.yml @@ -18,6 +18,8 @@ # Should come from ble-keeper-role # see https://github.com/netz39/ble-keykeeper-role/issues/4 - python3-pip + # Regular packages + - tmux - name: Set MAC address for proper DHCP recognition @@ -56,3 +58,20 @@ name: "{{ gatekeeper_user }}" groups: dialout,audio,plugdev,input,netdev,i2c,gpio append: yes + + - name: Copy management scripts + ansible.builtin.copy: + src: "files/platon/{{ item }}" + dest: "/home/{{ gatekeeper_user }}/{{ item }}" + owner: "{{ gatekeeper_user }}" + group: "{{ gatekeeper_user }}" + mode: "0755" + loop: + - i2cspeed.sh + - reboot.sh + - unstuck.sh + - sesame-open.sh + + # WiringPi needs to be installed, but that library seems to be + # obsolete, so not automating. + # Follow the instructions on http://wiringpi.com/download-and-install/ From f105584fbae892b6103e15d9269174292198e6e1 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 17:51:31 +0200 Subject: [PATCH 07/18] Disable IPv6 --- files/sysctl-no-ipv6.conf | 3 +++ platon.yml | 9 +++++++++ 2 files changed, 12 insertions(+) create mode 100644 files/sysctl-no-ipv6.conf diff --git a/files/sysctl-no-ipv6.conf b/files/sysctl-no-ipv6.conf new file mode 100644 index 0000000..8c41d94 --- /dev/null +++ b/files/sysctl-no-ipv6.conf @@ -0,0 +1,3 @@ +net.ipv6.conf.all.disable_ipv6 = 1 +net.ipv6.conf.default.disable_ipv6 = 1 +net.ipv6.conf.lo.disable_ipv6 = 1 diff --git a/platon.yml b/platon.yml index 64381d6..2b5b484 100644 --- a/platon.yml +++ b/platon.yml @@ -31,6 +31,15 @@ group: root mode: '0644' + - name: Disable IPv6 + # Because it is not working.... + ansible.builtin.copy: + src: files/sysctl-no-ipv6.conf + dest: /etc/sysctl.d/99-systcl-no-ipv6.conf + owner: root + group: root + mode: '0644' + ### Sesam for SSH access # From ea2dde451a758a6443c25a8800c727f213d6716f Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 18:02:05 +0200 Subject: [PATCH 08/18] Install the wiringPi library This library is very hard to get ... --- platon.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/platon.yml b/platon.yml index 2b5b484..83fc9d9 100644 --- a/platon.yml +++ b/platon.yml @@ -81,6 +81,18 @@ - unstuck.sh - sesame-open.sh + - name: Download wiringPi library # WiringPi needs to be installed, but that library seems to be - # obsolete, so not automating. - # Follow the instructions on http://wiringpi.com/download-and-install/ + # obsolete. We download something and hope it works... + ansible.builtin.get_url: + url: https://project-downloads.drogon.net/wiringpi-latest.deb + dest: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb" + mode: "0644" + force: no + register: wiringPi_download + + - name: Install wiringPi library + ansible.builtin.apt: + state: present + deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb" + when: wiringPi_download.changed From 69cac8f01104b7197ec7a36b8ade95a93aa0221a Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 18:22:04 +0200 Subject: [PATCH 09/18] Install repo rollladensteuerung and compile agents --- platon.yml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/platon.yml b/platon.yml index 83fc9d9..d066bf3 100644 --- a/platon.yml +++ b/platon.yml @@ -20,6 +20,8 @@ - python3-pip # Regular packages - tmux + - git-core + - libmosquitto-dev - name: Set MAC address for proper DHCP recognition @@ -96,3 +98,34 @@ state: present deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb" when: wiringPi_download.changed + + + ### Rollladensteuerung + + - name: Clone netz39_rollladensteuerung initial checkout + # Do this as the gatekeeper user! + become: yes + become_user: "{{ gatekeeper_user }}" + ansible.builtin.git: + repo: https://github.com/netz39/rollladensteuerung.git + dest: "/home/{{ gatekeeper_user }}/netz39_rollladensteuerung" + clone: yes + update: no + + - name: Compile dootstate agent + # Do this as the gatekeeper user! + become: yes + become_user: "{{ gatekeeper_user }}" + ansible.builtin.shell: + chdir: "/home/{{ gatekeeper_user }}/netz39_rollladensteuerung/raspberry/doorstate" + cmd: make + creates: "/home/{{ gatekeeper_user }}/netz39_rollladensteuerung/raspberry/doorstate/doorstate" + + - name: Compile shuttercontrol + # Do this as the gatekeeper user! + become: yes + become_user: "{{ gatekeeper_user }}" + ansible.builtin.shell: + chdir: "/home/{{ gatekeeper_user }}/netz39_rollladensteuerung/raspberry/shuttercontrol" + cmd: make + creates: "/home/{{ gatekeeper_user }}/netz39_rollladensteuerung/raspberry/shuttercontrol/shuttercontrol" From 547e6bf251980772642e174733c2b8f0f17d0616 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 18:29:50 +0200 Subject: [PATCH 10/18] Add tyr sounds and mpg123 --- platon.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/platon.yml b/platon.yml index d066bf3..aa9ec7c 100644 --- a/platon.yml +++ b/platon.yml @@ -22,6 +22,7 @@ - tmux - git-core - libmosquitto-dev + - mpg123 - name: Set MAC address for proper DHCP recognition @@ -129,3 +130,11 @@ chdir: "/home/{{ gatekeeper_user }}/netz39_rollladensteuerung/raspberry/shuttercontrol" cmd: make creates: "/home/{{ gatekeeper_user }}/netz39_rollladensteuerung/raspberry/shuttercontrol/shuttercontrol" + + - name: Create directory for tyr sounds + ansible.builtin.file: + path: "/home/{{ gatekeeper_user }}/tyr/sounds" + state: directory + owner: "{{ gatekeeper_user }}" + group: "{{ gatekeeper_user }}" + mode: "0755" From b9da1273ec648a2bacd7bcfbb982e2790e2d5272 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 18:41:38 +0200 Subject: [PATCH 11/18] Add MQTT tools --- platon.yml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/platon.yml b/platon.yml index aa9ec7c..0f8713a 100644 --- a/platon.yml +++ b/platon.yml @@ -21,7 +21,9 @@ # Regular packages - tmux - git-core + - cmake - libmosquitto-dev + - libconfig-dev - mpg123 @@ -138,3 +140,31 @@ owner: "{{ gatekeeper_user }}" group: "{{ gatekeeper_user }}" mode: "0755" + + + ### MQTT Tools + + - name: Clone MQTT tools (initial checkout) + # Do this as the gatekeeper user! + become: yes + become_user: "{{ gatekeeper_user }}" + ansible.builtin.git: + repo: https://github.com/penguineer/mqtt-tools.git + dest: "/home/{{ gatekeeper_user }}/mqtt-tools" + clone: yes + update: no + + - name: Compile MQTT clock + # Do this as the gatekeeper user! + become: yes + become_user: "{{ gatekeeper_user }}" + ansible.builtin.shell: + warn: false + chdir: "/home/{{ gatekeeper_user }}/mqtt-tools" + cmd: | + mkdir build + cd build + cmake .. + make + cp agents/mqtt-clock ../agents/mqtt-clock + creates: "/home/{{ gatekeeper_user }}/mqtt-tools/agents/mqtt-clock" From 4915a5e16d93956cde35f86446caf31c78ead1f4 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 18:49:46 +0200 Subject: [PATCH 12/18] Add local mosquitto broker --- files/platon/mosquitto-local.conf | 2 ++ platon.yml | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 files/platon/mosquitto-local.conf diff --git a/files/platon/mosquitto-local.conf b/files/platon/mosquitto-local.conf new file mode 100644 index 0000000..c8348ac --- /dev/null +++ b/files/platon/mosquitto-local.conf @@ -0,0 +1,2 @@ +listener 1883 +allow_anonymous true diff --git a/platon.yml b/platon.yml index 0f8713a..be57d50 100644 --- a/platon.yml +++ b/platon.yml @@ -25,6 +25,7 @@ - libmosquitto-dev - libconfig-dev - mpg123 + - mosquitto - name: Set MAC address for proper DHCP recognition @@ -46,6 +47,18 @@ mode: '0644' + ### Mosquitto for local MQTT + + - name: Local configuration for Mosquitto + ansible.builtin.copy: + src: files/platon/mosquitto-local.conf + dest: /etc/mosquitto/conf.d/platon-local.conf + owner: root + group: root + mode: '0644' + notify: restart mosquitto + + ### Sesam for SSH access # # Make sure to provide the .ssh/authorized_keys from backup, if needed @@ -168,3 +181,11 @@ make cp agents/mqtt-clock ../agents/mqtt-clock creates: "/home/{{ gatekeeper_user }}/mqtt-tools/agents/mqtt-clock" + + + handlers: + - name: restart mosquitto + service: + name: mosquitto + state: restarted + enabled: yes From 574831e9551696a37e97e8f041e084bab02ee065 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 19:26:37 +0200 Subject: [PATCH 13/18] Add cron entry for reboot script --- platon.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/platon.yml b/platon.yml index be57d50..5e1eeb1 100644 --- a/platon.yml +++ b/platon.yml @@ -99,6 +99,13 @@ - unstuck.sh - sesame-open.sh + - name: Install start-up cron + ansible.builtin.cron: + name: Start the gatekeeper services + job: "/home/{{ gatekeeper_user }}/reboot.sh" + user: "{{ gatekeeper_user }}" + special_time: reboot + - name: Download wiringPi library # WiringPi needs to be installed, but that library seems to be # obsolete. We download something and hope it works... From 5495c93ed99fd147842c09fc38a87683c5f9bd2b Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 19:42:06 +0200 Subject: [PATCH 14/18] Install i2c-tools --- platon.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/platon.yml b/platon.yml index 5e1eeb1..8f607be 100644 --- a/platon.yml +++ b/platon.yml @@ -26,6 +26,7 @@ - libconfig-dev - mpg123 - mosquitto + - i2c-tools - name: Set MAC address for proper DHCP recognition From bd99ebe6849edd193a56bbcddcaeeb81baa200c1 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 20:10:37 +0200 Subject: [PATCH 15/18] Transfer sesam access key to pi authorized keys --- platon.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/platon.yml b/platon.yml index 8f607be..19448a3 100644 --- a/platon.yml +++ b/platon.yml @@ -70,11 +70,27 @@ shell: /home/sesam/door-open.sh groups: i2c append: yes + generate_ssh_key: yes + + - name: Get the SSH public key for sesam + ansible.builtin.slurp: + src: /home/sesam/.ssh/id_rsa.pub + register: sesam_key + + - name: Add SSH public identity as authorized key to pi + ansible.posix.authorized_key: + user: "{{ gatekeeper_user }}" + state: present + key: "{{ sesam_key['content'] | b64decode }}" + comment: "Sesam access" - name: Copy door-open.ssh for sesam ansible.builtin.copy: src: files/platon/sesam-door-open.sh dest: /home/sesam/door-open.sh + owner: sesam + group: sesam + mode: "0755" ### Gatekeeper user (pi for now) From ca31f218c0a1d234ff634d47348d3e5b9baa9393 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 20:29:48 +0200 Subject: [PATCH 16/18] Install acl package for become-user tasks All the pain with world-readable temp files and Ansible deprecation warnings goes away witih this package. :) --- platon.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/platon.yml b/platon.yml index 19448a3..3b0265c 100644 --- a/platon.yml +++ b/platon.yml @@ -18,6 +18,8 @@ # Should come from ble-keeper-role # see https://github.com/netz39/ble-keykeeper-role/issues/4 - python3-pip + # This is needed for the user-executed tasks + - acl # Regular packages - tmux - git-core From f257396bc2f7abeecedfcef77728e3d84f54d99f Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sat, 23 Jul 2022 20:47:16 +0200 Subject: [PATCH 17/18] Add syslog setup for shuttercontrol.log --- files/platon/syslog-shuttercontrol.conf | 4 ++++ platon.yml | 22 ++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 files/platon/syslog-shuttercontrol.conf diff --git a/files/platon/syslog-shuttercontrol.conf b/files/platon/syslog-shuttercontrol.conf new file mode 100644 index 0000000..c35ff71 --- /dev/null +++ b/files/platon/syslog-shuttercontrol.conf @@ -0,0 +1,4 @@ +if $programname == 'lockfailsafe' then /var/log/shuttercontrol.log +if $programname == 'shuttercontrol' then /var/log/shuttercontrol.log +if $programname == 'doorservice' then /var/log/shuttercontrol.log +& ~ diff --git a/platon.yml b/platon.yml index 3b0265c..8900299 100644 --- a/platon.yml +++ b/platon.yml @@ -209,9 +209,31 @@ creates: "/home/{{ gatekeeper_user }}/mqtt-tools/agents/mqtt-clock" + ### Syslog setup for shuttercontrol.log + + - name: Make sure shuttercontrol.log exists + ansible.builtin.file: + path: /var/log/shuttercontrol.log + state: touch + + - name: Copy syslog setting for shuttercontrol + ansible.builtin.copy: + src: files/platon/syslog-shuttercontrol.conf + dest: /etc/rsyslog.d/20-shuttercontrol.conf + owner: root + group: root + mode: "0644" + notify: restart rsyslog + handlers: - name: restart mosquitto service: name: mosquitto state: restarted enabled: yes + + - name: restart rsyslog + service: + name: rsyslog + state: restarted + enabled: yes From 768f6521ee6060f7333d9f72d7df37184d1b5ca8 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Sun, 24 Jul 2022 18:28:08 +0200 Subject: [PATCH 18/18] Make sure package build-essential is installed --- platon.yml | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/platon.yml b/platon.yml index 8900299..164b571 100644 --- a/platon.yml +++ b/platon.yml @@ -24,6 +24,7 @@ - tmux - git-core - cmake + - build-essential - libmosquitto-dev - libconfig-dev - mpg123 @@ -211,10 +212,27 @@ ### Syslog setup for shuttercontrol.log + - name: Check if rsyslog is actually installed + ansible.builtin.package: + name: rsyslog + state: present + check_mode: true + register: rsyslog_check + + - name: Fail if rsyslog is missing + ansible.builtin.fail: + msg: "Please make sure that rsyslog is installed!" + when: rsyslog_check is not succeeded + - name: Make sure shuttercontrol.log exists - ansible.builtin.file: - path: /var/log/shuttercontrol.log - state: touch + ansible.builtin.copy: + content: "" + dest: /var/log/shuttercontrol.log + # force=no ensures the file is created only if it does not exist + force: no + owner: root + group: root + mode: "0644" - name: Copy syslog setting for shuttercontrol ansible.builtin.copy: