From f4db6fa39564090b8c3dda967d3ad9ef94cb6c55 Mon Sep 17 00:00:00 2001
From: Stefan Haun <tux@netz39.de>
Date: Wed, 2 Nov 2022 20:59:17 +0100
Subject: [PATCH] Add Ansible setup for wittgenstein

---
 host-wittgenstein.yml                  | 136 +++++++++++++++++++++++++
 host_vars/wittgenstein.n39.eu/vars.yml |   4 +
 2 files changed, 140 insertions(+)
 create mode 100644 host-wittgenstein.yml
 create mode 100644 host_vars/wittgenstein.n39.eu/vars.yml

diff --git a/host-wittgenstein.yml b/host-wittgenstein.yml
new file mode 100644
index 0000000..50d992f
--- /dev/null
+++ b/host-wittgenstein.yml
@@ -0,0 +1,136 @@
+---
+- hosts: wittgenstein.n39.eu
+  become: true
+
+  roles:
+    - role: docker_setup
+      vars:
+        docker_data_root: "/srv/docker"
+    - role: apache
+    - role: apache_letsencrypt  # Uses configuration from dehydrated setup
+    - role: ansible-role-dehydrated
+      vars:
+        dehydrated_contact_email: "{{ server_admin }}"
+    - role: penguineer.dehydrated_cron
+
+  tasks:
+    - name: Install packages needed for the system
+      # This is a list of all packages,
+      # unless they are installed by a specific role
+      ansible.builtin.apt:
+        state: present
+        name:
+          # This is needed for the user-executed tasks
+          - acl
+          # Regular packages
+          - tmux
+          - git-core
+          - cmake
+          - build-essential
+          - libmosquitto-dev
+          - libconfig-dev
+          - mosquitto-clients
+          - i2c-tools
+
+
+#    - name: Set MAC address for proper DHCP recognition
+#      # Uses mac variable from inventory
+#      ansible.builtin.template:
+#        src: templates/network-interfaces-dhcp-mac.j2
+#        dest: /etc/network/interfaces.d/wittgenstein-mac
+#        owner: root
+#        group: root
+#        mode: '0644'
+
+    - name: Disable IPv6
+      # Because it is not working....
+      ansible.builtin.copy:
+        src: files/sysctl-no-ipv6.conf
+        dest: /etc/sysctl.d/99-systcl-no-ipv6.conf
+        owner: root
+        group: root
+        mode: '0644'
+
+
+    ### Gatekeeper user (pi for now)
+    #
+    # All the gatekeeping / door control stuff is here!
+
+    - name: Ensure gatekeeper user is there
+      ansible.builtin.user:
+        name: "{{ gatekeeper_user }}"
+        groups: dialout,audio,plugdev,input,netdev,i2c,gpio
+        append: yes
+
+    - name: Copy management scripts
+      ansible.builtin.copy:
+        src: "files/wittgenstein/{{ item }}"
+        dest: "/home/{{ gatekeeper_user }}/{{ item }}"
+        owner: "{{ gatekeeper_user }}"
+        group: "{{ gatekeeper_user }}"
+        mode: "0750"
+      loop:
+        - reboot.sh
+        - unstuck.sh
+        - switch-on.sh
+        - switch-off.sh
+
+    - name: Install start-up cron
+      ansible.builtin.cron:
+        name: Start the gatekeeper services
+        job: "/home/{{ gatekeeper_user }}/reboot.sh"
+        user: "{{ gatekeeper_user }}"
+        special_time: reboot
+
+
+    - name: Download wiringPi library
+      # WiringPi needs to be installed, but that library seems to be
+      # obsolete. We download something and hope it works...
+      ansible.builtin.get_url:
+        url: https://project-downloads.drogon.net/wiringpi-latest.deb
+        dest: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
+        mode: "0644"
+        force: no
+      register: wiringPi_download
+
+    - name: Install wiringPi library  # noqa 503
+      ansible.builtin.apt:
+        state: present
+        deb: "/home/{{ gatekeeper_user }}/wiringpi-latest.deb"
+      when: wiringPi_download.changed
+
+
+    ### Ampelsteuerung
+    - name: Clone netz39_space_notification initial checkout
+      # Do this as the gatekeeper user!
+      become: yes
+      become_user: "{{ gatekeeper_user }}"
+      ansible.builtin.git:
+        repo: https://github.com/netz39/space_notification.git
+        dest: "/home/{{ gatekeeper_user }}/netz39_space_notification"
+        clone: yes
+        update: no
+
+    - name: Compile ledcontrol agent
+      # Do this as the gatekeeper user!
+      become: yes
+      become_user: "{{ gatekeeper_user }}"
+      ansible.builtin.shell:
+        chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol"
+        cmd: make
+        creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/ledcontrol/ledcontrol"
+
+    - name: Compile statusswitch agent
+      # Do this as the gatekeeper user!
+      become: yes
+      become_user: "{{ gatekeeper_user }}"
+      ansible.builtin.shell:
+        chdir: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch"
+        cmd: make
+        creates: "/home/{{ gatekeeper_user }}/netz39_space_notification/raspberry/statusswitch/statusswitch"
+
+    ### Space API
+    - name: Setup the SpaceAPI Docker container
+
+
+  handlers:
diff --git a/host_vars/wittgenstein.n39.eu/vars.yml b/host_vars/wittgenstein.n39.eu/vars.yml
new file mode 100644
index 0000000..2474184
--- /dev/null
+++ b/host_vars/wittgenstein.n39.eu/vars.yml
@@ -0,0 +1,4 @@
+server_admin: "admin+wittgenstein@netz39.de"
+ansible_python_interpreter: /usr/bin/python3
+gatekeeper_user: pi
+data_dir: "/srv/data"