Move become: true into esphome role
Move become: true into zigbee2mqtt role Remove become: true from deploy_public_reverse_proxy playbook Remove become: true from deploy_dokuwiki playbook Move become: true from deploy_audio_pi and deploy_light playbooks into roles Remove become: true from deploy_keycloak playbook Move become: true from deploy_automation playbook to mosquitto role
This commit is contained in:
parent
b56ca3899d
commit
33d1cfca1f
24 changed files with 119 additions and 20 deletions
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Configure audio.z9 as a bluetooth audio sink and AirPlay server
|
||||
become: true
|
||||
hosts: audio
|
||||
roles:
|
||||
- hifiberry
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Deploy mosquitto MQTT broker on automation.z9
|
||||
become: true
|
||||
hosts: automation
|
||||
roles:
|
||||
- mosquitto
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Configure wiki.z9 with dokuwiki
|
||||
become: true
|
||||
hosts: wiki
|
||||
roles:
|
||||
- nginx
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Deploy esphome on esphome.z9
|
||||
become: true
|
||||
hosts: esphome
|
||||
roles:
|
||||
- esphome
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Deploy nginx and keycloak using docker_compose on keyloak
|
||||
become: true
|
||||
hosts: keycloak
|
||||
roles:
|
||||
- cert
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Deploy ola and foobazdmx on light.z9
|
||||
become: true
|
||||
hosts: light
|
||||
roles:
|
||||
- ola
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Deploy the Public-Reverse-Proxy
|
||||
hosts: public-reverse-proxy
|
||||
become: true
|
||||
roles:
|
||||
- nginx
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- name: Deploy zigbee2mqtt on zigbee2mqtt.z9.ccchh.net
|
||||
become: true
|
||||
hosts: zigbee2mqtt
|
||||
roles:
|
||||
- zigbee2mqtt
|
||||
|
|
|
@ -3,22 +3,30 @@
|
|||
ansible.builtin.fail:
|
||||
msg: "Can only add apt repositories on Debian-based systems!"
|
||||
when: ansible_facts.os_family != "Debian"
|
||||
|
||||
- name: Install required apt packages for adding an apt repository
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- ca-certificates
|
||||
- gnupg
|
||||
|
||||
- name: Install apt-transport-https if https repository
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: apt-transport-https
|
||||
when: add_apt_repository__https_repo
|
||||
|
||||
- name: Add repository signing key to keychain
|
||||
become: true
|
||||
when: add_apt_repository__keyring_url is defined and add_apt_repository__keyring_path is defined
|
||||
ansible.builtin.apt_key:
|
||||
url: "{{ add_apt_repository__keyring_url }}"
|
||||
keyring: "{{ add_apt_repository__keyring_path }}"
|
||||
state: present
|
||||
|
||||
- name: Add repository and update cache
|
||||
become: true
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "{{ add_apt_repository__repo }}"
|
||||
filename: "{{ add_apt_repository__filename }}"
|
||||
|
|
|
@ -1,45 +1,60 @@
|
|||
---
|
||||
- name: Ensure acl is installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: acl
|
||||
|
||||
- name: Ensure machine-info file is deployed
|
||||
become: true
|
||||
ansible.builtin.template:
|
||||
src: machine-info.j2
|
||||
dest: /etc/machine-info
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: root
|
||||
group: root
|
||||
notify: Restart bluetooth service
|
||||
|
||||
- name: Ensure bluetooth config is deployed
|
||||
become: true
|
||||
ansible.builtin.template:
|
||||
src: main.conf.j2
|
||||
dest: /etc/bluetooth/main.conf
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: root
|
||||
group: root
|
||||
notify: Restart bluetooth service
|
||||
|
||||
- name: Ensure bluetooth service is enabled and started
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: bluetooth.service
|
||||
state: started
|
||||
enabled: true
|
||||
|
||||
- name: Ensure audiosink user exists
|
||||
become: true
|
||||
ansible.builtin.user:
|
||||
name: audiosink
|
||||
groups:
|
||||
- audio
|
||||
|
||||
- name: Ensure user services are started without needing to login
|
||||
become: true
|
||||
ansible.builtin.command:
|
||||
cmd: loginctl enable-linger audiosink
|
||||
changed_when: false
|
||||
|
||||
- name: Detect if on Raspberry Pi # noqa ignore-errors
|
||||
ansible.builtin.include_role:
|
||||
name: raspberry_pi_check
|
||||
ignore_errors: true
|
||||
|
||||
- name: Ensure debian archive keyring is installed # noqa no-handler
|
||||
become: true
|
||||
when: raspberry_pi_check__cpuinfo.found
|
||||
ansible.builtin.apt:
|
||||
deb: https://ftp.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2021.1.1_all.deb
|
||||
|
||||
- name: Ensure debian backports repository is enabled
|
||||
ansible.builtin.include_role:
|
||||
name: add_apt_repository
|
||||
|
@ -47,94 +62,120 @@
|
|||
add_apt_repository__https_repo: false
|
||||
add_apt_repository__repo: "deb http://deb.debian.org/debian {{ ansible_facts.lsb.codename }}-backports main contrib non-free"
|
||||
add_apt_repository__filename: "{{ ansible_facts.lsb.codename }}-backports.list"
|
||||
|
||||
- name: Ensure pipewire, wireplumber and libspa-0.2-bluetooth are installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- pipewire
|
||||
- wireplumber
|
||||
- libspa-0.2-bluetooth
|
||||
default_release: "{{ ansible_facts.lsb.codename }}-backports"
|
||||
|
||||
- name: Ensure pipewire user service is enabled and started
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.systemd:
|
||||
name: pipewire.service
|
||||
state: started
|
||||
enabled: true
|
||||
scope: user
|
||||
|
||||
- name: Ensure pipewire-pulse user service is enabled and started
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.systemd:
|
||||
name: pipewire-pulse.service
|
||||
state: started
|
||||
enabled: true
|
||||
scope: user
|
||||
|
||||
- name: Ensure wireplumber user service is enabled
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.systemd:
|
||||
name: wireplumber.service
|
||||
enabled: true
|
||||
scope: user
|
||||
|
||||
- name: Ensure speaker-agent dependencies are installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- git
|
||||
- python3-dbus
|
||||
|
||||
- name: Ensure speaker-agent repository is cloned
|
||||
become: true
|
||||
ansible.builtin.git:
|
||||
repo: https://github.com/fdanis-oss/pw_wp_bluetooth_rpi_speaker.git
|
||||
dest: /opt/speaker-agent
|
||||
version: 9a939a23865ea020816017e06fd2290f301c35f9
|
||||
|
||||
- name: Ensure .config directory exists
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.file:
|
||||
path: /home/audiosink/.config
|
||||
state: directory
|
||||
mode: 0700
|
||||
mode: "700"
|
||||
owner: audiosink
|
||||
group: audiosink
|
||||
|
||||
- name: Ensure .config/systemd directory exists
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.file:
|
||||
path: /home/audiosink/.config/systemd
|
||||
state: directory
|
||||
mode: 0755
|
||||
mode: "755"
|
||||
owner: audiosink
|
||||
group: audiosink
|
||||
|
||||
- name: Ensure .config/systemd/user directory exists
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.file:
|
||||
path: /home/audiosink/.config/systemd/user
|
||||
state: directory
|
||||
mode: 0755
|
||||
mode: "755"
|
||||
owner: audiosink
|
||||
group: audiosink
|
||||
|
||||
- name: Ensure speaker-agent service file is deployed
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.copy:
|
||||
src: speaker-agent.service
|
||||
dest: /home/audiosink/.config/systemd/user/speaker-agent.service
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: audiosink
|
||||
group: audiosink
|
||||
notify: Restart speaker-agent service
|
||||
|
||||
- name: Ensure speaker-agent service is enabled and started
|
||||
become: true
|
||||
become_user: audiosink
|
||||
ansible.builtin.systemd:
|
||||
name: speaker-agent.service
|
||||
state: started
|
||||
enabled: true
|
||||
scope: user
|
||||
|
||||
# This part is janky, but I don't know how to make the bluetooth service, wireplumber and pipewire
|
||||
# work with each other without being logged in.
|
||||
- name: Ensure getty@tty1 override file is deployed
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
src: override.conf
|
||||
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: root
|
||||
group: root
|
||||
notify: Reboot host
|
||||
|
||||
- name: Ensure autologin for audiosink user is enabled
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: getty@tty1.service
|
||||
enabled: true
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- name: Restart esphome
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: esphome.service
|
||||
state: restarted
|
||||
|
|
|
@ -1,33 +1,40 @@
|
|||
- name: Ensure acl is installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: acl
|
||||
- name: Ensure pip is installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: python3-pip
|
||||
- name: Ensure esphome user exists
|
||||
become: true
|
||||
ansible.builtin.user:
|
||||
name: esphome
|
||||
shell: /bin/bash
|
||||
- name: Ensure esphome dependencies are installed
|
||||
become: true
|
||||
become_user: esphome
|
||||
ansible.builtin.pip:
|
||||
name: tornado
|
||||
extra_args: --user
|
||||
- name: Ensure esphome is installed
|
||||
become: true
|
||||
become_user: esphome
|
||||
ansible.builtin.pip:
|
||||
name: "esphome=={{ esphome__version }}"
|
||||
extra_args: --user
|
||||
notify: Restart esphome
|
||||
- name: Ensure esphome systemd service file is deployed
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
src: esphome.service
|
||||
dest: /etc/systemd/system/esphome.service
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: root
|
||||
group: root
|
||||
notify: Restart esphome
|
||||
- name: Ensure esphome service is enabled and started
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: esphome.service
|
||||
enabled: true
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
- name: Restart foobazdmx
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: foobazdmx.service
|
||||
state: restarted
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
- name: Ensure apt dependencies are installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- acl
|
||||
|
@ -6,32 +7,41 @@
|
|||
- python3
|
||||
- python3-pip
|
||||
- python3-setuptools
|
||||
|
||||
- name: Ensure python peotry is installed
|
||||
become: true
|
||||
ansible.builtin.pip:
|
||||
name: poetry
|
||||
|
||||
- name: Ensure foobazdmx user exists
|
||||
become: true
|
||||
ansible.builtin.user:
|
||||
name: foobazdmx
|
||||
|
||||
- name: Install foobazdmx
|
||||
notify: Restart foobazdmx
|
||||
block:
|
||||
- name: Clone foobazdmx repository
|
||||
become: true
|
||||
ansible.builtin.git:
|
||||
repo: https://thinkcccentre-ansible:glpat-VegCzyjuDjB19SggAqm1@gitlab.hamburg.ccc.de/yuri/foobazdmx.git
|
||||
dest: /opt/foobazdmx
|
||||
version: bf6170aa12fa5de9b9667be9b744ad7ee6157dde
|
||||
- name: Install python dependencies
|
||||
become: true
|
||||
become_user: foobazdmx
|
||||
ansible.builtin.command:
|
||||
cmd: poetry install
|
||||
chdir: /opt/foobazdmx
|
||||
changed_when: false
|
||||
- name: Generate foobazdmx service file
|
||||
become: true
|
||||
ansible.builtin.template:
|
||||
src: foobazdmx.service.j2
|
||||
dest: /etc/systemd/system/foobazdmx.service
|
||||
mode: "0755"
|
||||
- name: Enable and start foobazdmx service
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: foobazdmx.service
|
||||
state: started
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
- name: Restart system
|
||||
become: true
|
||||
ansible.builtin.reboot:
|
||||
|
|
|
@ -1,17 +1,22 @@
|
|||
---
|
||||
- name: Remove dtparam=audio=on
|
||||
become: true
|
||||
ansible.builtin.lineinfile:
|
||||
line: dtparam=audio=on
|
||||
dest: /boot/config.txt
|
||||
state: absent
|
||||
notify: Restart system
|
||||
|
||||
- name: Set audio=off for dtoverlay=vc4-kms-v3d
|
||||
become: true
|
||||
ansible.builtin.lineinfile:
|
||||
regexp: ^dtoverlay=vc4-kms-v3d
|
||||
line: dtoverlay=vc4-kms-v3d,audio=off
|
||||
dest: /boot/config.txt
|
||||
notify: Restart system
|
||||
|
||||
- name: Add hifiberry dtoverlay
|
||||
become: true
|
||||
ansible.builtin.lineinfile:
|
||||
line: "dtoverlay={{ hifiberry__device }}"
|
||||
dest: /boot/config.txt
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- name: Restart mosquitto
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: mosquitto.service
|
||||
state: restarted
|
||||
|
|
|
@ -1,25 +1,32 @@
|
|||
---
|
||||
- name: Ensure mosquitto is installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: mosquitto
|
||||
|
||||
- name: Ensure main configuraton file is deployed
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
content: "{{ mosquitto__mosquitto_conf_content }}"
|
||||
dest: /etc/mosquitto/mosquitto.conf
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: root
|
||||
group: root
|
||||
notify: Restart mosquitto
|
||||
|
||||
- name: Ensure all additional configuraton files are deployed
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
content: "{{ item.content }}"
|
||||
dest: /etc/mosquitto/conf.d/{{ item.name }}.conf
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: root
|
||||
group: root
|
||||
loop: "{{ mosquitto__configs }}"
|
||||
notify: Restart mosquitto
|
||||
|
||||
- name: Ensure mosquitto service is enabled and started
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: mosquitto.service
|
||||
enabled: true
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
- name: Restart olad
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: olad.service
|
||||
state: restarted
|
||||
|
|
|
@ -1,16 +1,21 @@
|
|||
- name: Install ola
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: ola
|
||||
|
||||
- name: Ensure all given configuraton files are deployed
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
content: "{{ item.content }}"
|
||||
dest: /etc/ola/{{ item.name }}.conf
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: olad
|
||||
group: olad
|
||||
loop: "{{ ola__configs }}"
|
||||
notify: Restart olad
|
||||
|
||||
- name: Enable and start ola service
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
name: olad.service
|
||||
state: started
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
- name: Restart shairport-sync service
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: shairport-sync
|
||||
state: restarted
|
||||
|
|
|
@ -1,16 +1,21 @@
|
|||
---
|
||||
- name: Ensure shairport-sync is installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: shairport-sync
|
||||
|
||||
- name: Ensure shairport-sync config is deployed
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
content: "{{ shairport_sync__config }}"
|
||||
dest: /etc/shairport-sync.conf
|
||||
mode: 0644
|
||||
mode: "644"
|
||||
owner: root
|
||||
group: root
|
||||
notify: Restart shairport-sync service
|
||||
|
||||
- name: Ensure shairport-sync service is enabled and started
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: shairport-sync
|
||||
state: started
|
||||
|
|
|
@ -1,8 +1,11 @@
|
|||
- name: Restart zigbee2mqtt
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
name: zigbee2mqtt
|
||||
state: restarted
|
||||
|
||||
- name: Reload systemd-daemon and restart zigbee2mqtt
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
name: zigbee2mqtt
|
||||
state: restarted
|
||||
|
|
|
@ -1,12 +1,15 @@
|
|||
- name: Ensure acl is installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: acl
|
||||
|
||||
- name: Ensure git is installed
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name: git
|
||||
|
||||
- name: Ensure zigbee2mqtt user exists
|
||||
become: true
|
||||
ansible.builtin.user:
|
||||
name: zigbee2mqtt
|
||||
groups:
|
||||
|
@ -15,6 +18,7 @@
|
|||
group: zigbee2mqtt
|
||||
|
||||
- name: Ensure installation directory exists
|
||||
become: true
|
||||
ansible.builtin.file:
|
||||
dest: /opt/zigbee2mqtt
|
||||
state: directory
|
||||
|
@ -23,6 +27,7 @@
|
|||
group: zigbee2mqtt
|
||||
|
||||
- name: Ensure zigbee2mqtt repository is cloned
|
||||
become: true
|
||||
become_user: zigbee2mqtt
|
||||
ansible.builtin.git:
|
||||
repo: https://github.com/Koenkk/zigbee2mqtt.git
|
||||
|
@ -32,6 +37,7 @@
|
|||
notify: Restart zigbee2mqtt
|
||||
|
||||
- name: Ensure npm dependencies are installed
|
||||
become: true
|
||||
become_user: zigbee2mqtt
|
||||
community.general.npm:
|
||||
path: /opt/zigbee2mqtt
|
||||
|
@ -39,6 +45,7 @@
|
|||
changed_when: false # installs packages according to package-lock.json, but always reports a change
|
||||
|
||||
- name: Ensure custom zigbee2mqtt data directory exists
|
||||
become: true
|
||||
ansible.builtin.file:
|
||||
dest: /home/zigbee2mqtt/zigbee2mqtt_data
|
||||
state: directory
|
||||
|
@ -52,6 +59,7 @@
|
|||
register: zigbee2mqtt__conf_stat
|
||||
|
||||
- name: Ensure configuration file is deployed when it doesn't exist
|
||||
become: true
|
||||
when: not zigbee2mqtt__conf_stat.stat.exists
|
||||
ansible.builtin.copy:
|
||||
content: "{{ zigbee2mqtt__config }}"
|
||||
|
@ -62,6 +70,7 @@
|
|||
notify: Restart zigbee2mqtt
|
||||
|
||||
- name: Ensure zigbee2mqtt service file is deployed
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
src: zigbee2mqtt.service
|
||||
dest: /etc/systemd/system/zigbee2mqtt.service
|
||||
|
@ -71,6 +80,7 @@
|
|||
notify: Reload systemd-daemon and restart zigbee2mqtt
|
||||
|
||||
- name: Ensure zigbee2mqtt is enabled and started
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: zigbee2mqtt
|
||||
enabled: true
|
||||
|
|
Loading…
Reference in a new issue