diff --git a/playbooks/deploy_audio_pi.yaml b/playbooks/deploy_audio_pi.yaml index 4d6e22d..5c6c02f 100644 --- a/playbooks/deploy_audio_pi.yaml +++ b/playbooks/deploy_audio_pi.yaml @@ -1,6 +1,5 @@ --- - name: Configure audio.z9 as a bluetooth audio sink and AirPlay server - become: true hosts: audio roles: - hifiberry diff --git a/playbooks/deploy_automation.yaml b/playbooks/deploy_automation.yaml index d858029..48e6de2 100644 --- a/playbooks/deploy_automation.yaml +++ b/playbooks/deploy_automation.yaml @@ -1,6 +1,5 @@ --- - name: Deploy mosquitto MQTT broker on automation.z9 - become: true hosts: automation roles: - mosquitto diff --git a/playbooks/deploy_dokuwiki.yaml b/playbooks/deploy_dokuwiki.yaml index 55c9f6a..f328015 100644 --- a/playbooks/deploy_dokuwiki.yaml +++ b/playbooks/deploy_dokuwiki.yaml @@ -1,6 +1,5 @@ --- - name: Configure wiki.z9 with dokuwiki - become: true hosts: wiki roles: - nginx diff --git a/playbooks/deploy_esphome.yaml b/playbooks/deploy_esphome.yaml index 92a579b..87d9663 100644 --- a/playbooks/deploy_esphome.yaml +++ b/playbooks/deploy_esphome.yaml @@ -1,6 +1,5 @@ --- - name: Deploy esphome on esphome.z9 - become: true hosts: esphome roles: - esphome diff --git a/playbooks/deploy_keycloak.yaml b/playbooks/deploy_keycloak.yaml index bf04fae..f568793 100644 --- a/playbooks/deploy_keycloak.yaml +++ b/playbooks/deploy_keycloak.yaml @@ -1,6 +1,5 @@ --- - name: Deploy nginx and keycloak using docker_compose on keyloak - become: true hosts: keycloak roles: - cert diff --git a/playbooks/deploy_light.yaml b/playbooks/deploy_light.yaml index 80f827c..2f6efe6 100644 --- a/playbooks/deploy_light.yaml +++ b/playbooks/deploy_light.yaml @@ -1,6 +1,5 @@ --- - name: Deploy ola and foobazdmx on light.z9 - become: true hosts: light roles: - ola diff --git a/playbooks/deploy_public_reverse_proxy.yaml b/playbooks/deploy_public_reverse_proxy.yaml index a56f18d..e0bf99f 100644 --- a/playbooks/deploy_public_reverse_proxy.yaml +++ b/playbooks/deploy_public_reverse_proxy.yaml @@ -1,6 +1,5 @@ --- - name: Deploy the Public-Reverse-Proxy hosts: public-reverse-proxy - become: true roles: - nginx diff --git a/playbooks/deploy_zigbee2mqtt.yaml b/playbooks/deploy_zigbee2mqtt.yaml index ca8d5d4..bcdb377 100644 --- a/playbooks/deploy_zigbee2mqtt.yaml +++ b/playbooks/deploy_zigbee2mqtt.yaml @@ -1,6 +1,5 @@ --- - name: Deploy zigbee2mqtt on zigbee2mqtt.z9.ccchh.net - become: true hosts: zigbee2mqtt roles: - zigbee2mqtt diff --git a/playbooks/roles/add_apt_repository/tasks/main.yaml b/playbooks/roles/add_apt_repository/tasks/main.yaml index abd2e46..99acc3b 100644 --- a/playbooks/roles/add_apt_repository/tasks/main.yaml +++ b/playbooks/roles/add_apt_repository/tasks/main.yaml @@ -3,22 +3,30 @@ ansible.builtin.fail: msg: "Can only add apt repositories on Debian-based systems!" when: ansible_facts.os_family != "Debian" + - name: Install required apt packages for adding an apt repository + become: true ansible.builtin.apt: name: - ca-certificates - gnupg + - name: Install apt-transport-https if https repository + become: true ansible.builtin.apt: name: apt-transport-https when: add_apt_repository__https_repo + - name: Add repository signing key to keychain + become: true when: add_apt_repository__keyring_url is defined and add_apt_repository__keyring_path is defined ansible.builtin.apt_key: url: "{{ add_apt_repository__keyring_url }}" keyring: "{{ add_apt_repository__keyring_path }}" state: present + - name: Add repository and update cache + become: true ansible.builtin.apt_repository: repo: "{{ add_apt_repository__repo }}" filename: "{{ add_apt_repository__filename }}" diff --git a/playbooks/roles/bluetooth_audio_sink/tasks/main.yaml b/playbooks/roles/bluetooth_audio_sink/tasks/main.yaml index ed5b792..8696a0c 100644 --- a/playbooks/roles/bluetooth_audio_sink/tasks/main.yaml +++ b/playbooks/roles/bluetooth_audio_sink/tasks/main.yaml @@ -1,45 +1,60 @@ --- - name: Ensure acl is installed + become: true ansible.builtin.apt: name: acl + - name: Ensure machine-info file is deployed + become: true ansible.builtin.template: src: machine-info.j2 dest: /etc/machine-info - mode: 0644 + mode: "644" owner: root group: root notify: Restart bluetooth service + - name: Ensure bluetooth config is deployed + become: true ansible.builtin.template: src: main.conf.j2 dest: /etc/bluetooth/main.conf - mode: 0644 + mode: "644" owner: root group: root notify: Restart bluetooth service + - name: Ensure bluetooth service is enabled and started + become: true ansible.builtin.systemd: service: bluetooth.service state: started enabled: true + - name: Ensure audiosink user exists + become: true ansible.builtin.user: name: audiosink groups: - audio + - name: Ensure user services are started without needing to login + become: true ansible.builtin.command: cmd: loginctl enable-linger audiosink changed_when: false + - name: Detect if on Raspberry Pi # noqa ignore-errors ansible.builtin.include_role: name: raspberry_pi_check ignore_errors: true + - name: Ensure debian archive keyring is installed # noqa no-handler + become: true when: raspberry_pi_check__cpuinfo.found ansible.builtin.apt: deb: https://ftp.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2021.1.1_all.deb + - name: Ensure debian backports repository is enabled ansible.builtin.include_role: name: add_apt_repository @@ -47,94 +62,120 @@ add_apt_repository__https_repo: false add_apt_repository__repo: "deb http://deb.debian.org/debian {{ ansible_facts.lsb.codename }}-backports main contrib non-free" add_apt_repository__filename: "{{ ansible_facts.lsb.codename }}-backports.list" + - name: Ensure pipewire, wireplumber and libspa-0.2-bluetooth are installed + become: true ansible.builtin.apt: name: - pipewire - wireplumber - libspa-0.2-bluetooth default_release: "{{ ansible_facts.lsb.codename }}-backports" + - name: Ensure pipewire user service is enabled and started + become: true become_user: audiosink ansible.builtin.systemd: name: pipewire.service state: started enabled: true scope: user + - name: Ensure pipewire-pulse user service is enabled and started + become: true become_user: audiosink ansible.builtin.systemd: name: pipewire-pulse.service state: started enabled: true scope: user + - name: Ensure wireplumber user service is enabled + become: true become_user: audiosink ansible.builtin.systemd: name: wireplumber.service enabled: true scope: user + - name: Ensure speaker-agent dependencies are installed + become: true ansible.builtin.apt: name: - git - python3-dbus + - name: Ensure speaker-agent repository is cloned + become: true ansible.builtin.git: repo: https://github.com/fdanis-oss/pw_wp_bluetooth_rpi_speaker.git dest: /opt/speaker-agent version: 9a939a23865ea020816017e06fd2290f301c35f9 + - name: Ensure .config directory exists + become: true become_user: audiosink ansible.builtin.file: path: /home/audiosink/.config state: directory - mode: 0700 + mode: "700" owner: audiosink group: audiosink + - name: Ensure .config/systemd directory exists + become: true become_user: audiosink ansible.builtin.file: path: /home/audiosink/.config/systemd state: directory - mode: 0755 + mode: "755" owner: audiosink group: audiosink + - name: Ensure .config/systemd/user directory exists + become: true become_user: audiosink ansible.builtin.file: path: /home/audiosink/.config/systemd/user state: directory - mode: 0755 + mode: "755" owner: audiosink group: audiosink + - name: Ensure speaker-agent service file is deployed + become: true become_user: audiosink ansible.builtin.copy: src: speaker-agent.service dest: /home/audiosink/.config/systemd/user/speaker-agent.service - mode: 0644 + mode: "644" owner: audiosink group: audiosink notify: Restart speaker-agent service + - name: Ensure speaker-agent service is enabled and started + become: true become_user: audiosink ansible.builtin.systemd: name: speaker-agent.service state: started enabled: true scope: user + # This part is janky, but I don't know how to make the bluetooth service, wireplumber and pipewire # work with each other without being logged in. - name: Ensure getty@tty1 override file is deployed + become: true ansible.builtin.copy: src: override.conf dest: /etc/systemd/system/getty@tty1.service.d/override.conf - mode: 0644 + mode: "644" owner: root group: root notify: Reboot host + - name: Ensure autologin for audiosink user is enabled + become: true ansible.builtin.systemd: service: getty@tty1.service enabled: true diff --git a/playbooks/roles/esphome/handlers/main.yaml b/playbooks/roles/esphome/handlers/main.yaml index 10e13dd..fc22920 100644 --- a/playbooks/roles/esphome/handlers/main.yaml +++ b/playbooks/roles/esphome/handlers/main.yaml @@ -1,5 +1,6 @@ --- - name: Restart esphome + become: true ansible.builtin.systemd: service: esphome.service state: restarted diff --git a/playbooks/roles/esphome/tasks/main.yaml b/playbooks/roles/esphome/tasks/main.yaml index dc0f4e3..f3e90f7 100644 --- a/playbooks/roles/esphome/tasks/main.yaml +++ b/playbooks/roles/esphome/tasks/main.yaml @@ -1,33 +1,40 @@ - name: Ensure acl is installed + become: true ansible.builtin.apt: name: acl - name: Ensure pip is installed + become: true ansible.builtin.apt: name: python3-pip - name: Ensure esphome user exists + become: true ansible.builtin.user: name: esphome shell: /bin/bash - name: Ensure esphome dependencies are installed + become: true become_user: esphome ansible.builtin.pip: name: tornado extra_args: --user - name: Ensure esphome is installed + become: true become_user: esphome ansible.builtin.pip: name: "esphome=={{ esphome__version }}" extra_args: --user notify: Restart esphome - name: Ensure esphome systemd service file is deployed + become: true ansible.builtin.copy: src: esphome.service dest: /etc/systemd/system/esphome.service - mode: 0644 + mode: "644" owner: root group: root notify: Restart esphome - name: Ensure esphome service is enabled and started + become: true ansible.builtin.systemd: service: esphome.service enabled: true diff --git a/playbooks/roles/foobazdmx/handlers/main.yaml b/playbooks/roles/foobazdmx/handlers/main.yaml index 321abd6..ccdc04b 100644 --- a/playbooks/roles/foobazdmx/handlers/main.yaml +++ b/playbooks/roles/foobazdmx/handlers/main.yaml @@ -1,4 +1,5 @@ - name: Restart foobazdmx + become: true ansible.builtin.systemd: service: foobazdmx.service state: restarted diff --git a/playbooks/roles/foobazdmx/tasks/main.yaml b/playbooks/roles/foobazdmx/tasks/main.yaml index 108b97a..304cc30 100644 --- a/playbooks/roles/foobazdmx/tasks/main.yaml +++ b/playbooks/roles/foobazdmx/tasks/main.yaml @@ -1,4 +1,5 @@ - name: Ensure apt dependencies are installed + become: true ansible.builtin.apt: name: - acl @@ -6,32 +7,41 @@ - python3 - python3-pip - python3-setuptools + - name: Ensure python peotry is installed + become: true ansible.builtin.pip: name: poetry + - name: Ensure foobazdmx user exists + become: true ansible.builtin.user: name: foobazdmx + - name: Install foobazdmx notify: Restart foobazdmx block: - name: Clone foobazdmx repository + become: true ansible.builtin.git: repo: https://thinkcccentre-ansible:glpat-VegCzyjuDjB19SggAqm1@gitlab.hamburg.ccc.de/yuri/foobazdmx.git dest: /opt/foobazdmx version: bf6170aa12fa5de9b9667be9b744ad7ee6157dde - name: Install python dependencies + become: true become_user: foobazdmx ansible.builtin.command: cmd: poetry install chdir: /opt/foobazdmx changed_when: false - name: Generate foobazdmx service file + become: true ansible.builtin.template: src: foobazdmx.service.j2 dest: /etc/systemd/system/foobazdmx.service mode: "0755" - name: Enable and start foobazdmx service + become: true ansible.builtin.systemd: service: foobazdmx.service state: started diff --git a/playbooks/roles/hifiberry/handlers/main.yaml b/playbooks/roles/hifiberry/handlers/main.yaml index 427a90a..774b511 100644 --- a/playbooks/roles/hifiberry/handlers/main.yaml +++ b/playbooks/roles/hifiberry/handlers/main.yaml @@ -1,3 +1,4 @@ --- - name: Restart system + become: true ansible.builtin.reboot: diff --git a/playbooks/roles/hifiberry/tasks/main.yaml b/playbooks/roles/hifiberry/tasks/main.yaml index 42128a4..987def8 100644 --- a/playbooks/roles/hifiberry/tasks/main.yaml +++ b/playbooks/roles/hifiberry/tasks/main.yaml @@ -1,17 +1,22 @@ --- - name: Remove dtparam=audio=on + become: true ansible.builtin.lineinfile: line: dtparam=audio=on dest: /boot/config.txt state: absent notify: Restart system + - name: Set audio=off for dtoverlay=vc4-kms-v3d + become: true ansible.builtin.lineinfile: regexp: ^dtoverlay=vc4-kms-v3d line: dtoverlay=vc4-kms-v3d,audio=off dest: /boot/config.txt notify: Restart system + - name: Add hifiberry dtoverlay + become: true ansible.builtin.lineinfile: line: "dtoverlay={{ hifiberry__device }}" dest: /boot/config.txt diff --git a/playbooks/roles/mosquitto/handlers/main.yaml b/playbooks/roles/mosquitto/handlers/main.yaml index 94fba82..efa0b7f 100644 --- a/playbooks/roles/mosquitto/handlers/main.yaml +++ b/playbooks/roles/mosquitto/handlers/main.yaml @@ -1,5 +1,6 @@ --- - name: Restart mosquitto + become: true ansible.builtin.systemd: service: mosquitto.service state: restarted diff --git a/playbooks/roles/mosquitto/tasks/main.yaml b/playbooks/roles/mosquitto/tasks/main.yaml index 5d8e145..5fb90be 100644 --- a/playbooks/roles/mosquitto/tasks/main.yaml +++ b/playbooks/roles/mosquitto/tasks/main.yaml @@ -1,25 +1,32 @@ --- - name: Ensure mosquitto is installed + become: true ansible.builtin.apt: name: mosquitto + - name: Ensure main configuraton file is deployed + become: true ansible.builtin.copy: content: "{{ mosquitto__mosquitto_conf_content }}" dest: /etc/mosquitto/mosquitto.conf - mode: 0644 + mode: "644" owner: root group: root notify: Restart mosquitto + - name: Ensure all additional configuraton files are deployed + become: true ansible.builtin.copy: content: "{{ item.content }}" dest: /etc/mosquitto/conf.d/{{ item.name }}.conf - mode: 0644 + mode: "644" owner: root group: root loop: "{{ mosquitto__configs }}" notify: Restart mosquitto + - name: Ensure mosquitto service is enabled and started + become: true ansible.builtin.systemd: service: mosquitto.service enabled: true diff --git a/playbooks/roles/ola/handlers/main.yaml b/playbooks/roles/ola/handlers/main.yaml index 0ab975d..eb2d87e 100644 --- a/playbooks/roles/ola/handlers/main.yaml +++ b/playbooks/roles/ola/handlers/main.yaml @@ -1,4 +1,5 @@ - name: Restart olad + become: true ansible.builtin.systemd: service: olad.service state: restarted diff --git a/playbooks/roles/ola/tasks/main.yaml b/playbooks/roles/ola/tasks/main.yaml index 66ed389..f64739c 100644 --- a/playbooks/roles/ola/tasks/main.yaml +++ b/playbooks/roles/ola/tasks/main.yaml @@ -1,16 +1,21 @@ - name: Install ola + become: true ansible.builtin.apt: name: ola + - name: Ensure all given configuraton files are deployed + become: true ansible.builtin.copy: content: "{{ item.content }}" dest: /etc/ola/{{ item.name }}.conf - mode: 0644 + mode: "644" owner: olad group: olad loop: "{{ ola__configs }}" notify: Restart olad + - name: Enable and start ola service + become: true ansible.builtin.systemd: name: olad.service state: started diff --git a/playbooks/roles/shairport_sync/handlers/main.yaml b/playbooks/roles/shairport_sync/handlers/main.yaml index b908074..eff4ae7 100644 --- a/playbooks/roles/shairport_sync/handlers/main.yaml +++ b/playbooks/roles/shairport_sync/handlers/main.yaml @@ -1,5 +1,6 @@ --- - name: Restart shairport-sync service + become: true ansible.builtin.systemd: service: shairport-sync state: restarted diff --git a/playbooks/roles/shairport_sync/tasks/main.yaml b/playbooks/roles/shairport_sync/tasks/main.yaml index 8aa9906..8406acc 100644 --- a/playbooks/roles/shairport_sync/tasks/main.yaml +++ b/playbooks/roles/shairport_sync/tasks/main.yaml @@ -1,16 +1,21 @@ --- - name: Ensure shairport-sync is installed + become: true ansible.builtin.apt: name: shairport-sync + - name: Ensure shairport-sync config is deployed + become: true ansible.builtin.copy: content: "{{ shairport_sync__config }}" dest: /etc/shairport-sync.conf - mode: 0644 + mode: "644" owner: root group: root notify: Restart shairport-sync service + - name: Ensure shairport-sync service is enabled and started + become: true ansible.builtin.systemd: service: shairport-sync state: started diff --git a/playbooks/roles/zigbee2mqtt/handlers/main.yaml b/playbooks/roles/zigbee2mqtt/handlers/main.yaml index db98544..6036e5f 100644 --- a/playbooks/roles/zigbee2mqtt/handlers/main.yaml +++ b/playbooks/roles/zigbee2mqtt/handlers/main.yaml @@ -1,8 +1,11 @@ - name: Restart zigbee2mqtt + become: true ansible.builtin.systemd: name: zigbee2mqtt state: restarted + - name: Reload systemd-daemon and restart zigbee2mqtt + become: true ansible.builtin.systemd: name: zigbee2mqtt state: restarted diff --git a/playbooks/roles/zigbee2mqtt/tasks/main.yaml b/playbooks/roles/zigbee2mqtt/tasks/main.yaml index f647f03..0ae3914 100644 --- a/playbooks/roles/zigbee2mqtt/tasks/main.yaml +++ b/playbooks/roles/zigbee2mqtt/tasks/main.yaml @@ -1,12 +1,15 @@ - name: Ensure acl is installed + become: true ansible.builtin.apt: name: acl - name: Ensure git is installed + become: true ansible.builtin.apt: name: git - name: Ensure zigbee2mqtt user exists + become: true ansible.builtin.user: name: zigbee2mqtt groups: @@ -15,6 +18,7 @@ group: zigbee2mqtt - name: Ensure installation directory exists + become: true ansible.builtin.file: dest: /opt/zigbee2mqtt state: directory @@ -23,6 +27,7 @@ group: zigbee2mqtt - name: Ensure zigbee2mqtt repository is cloned + become: true become_user: zigbee2mqtt ansible.builtin.git: repo: https://github.com/Koenkk/zigbee2mqtt.git @@ -32,6 +37,7 @@ notify: Restart zigbee2mqtt - name: Ensure npm dependencies are installed + become: true become_user: zigbee2mqtt community.general.npm: path: /opt/zigbee2mqtt @@ -39,6 +45,7 @@ changed_when: false # installs packages according to package-lock.json, but always reports a change - name: Ensure custom zigbee2mqtt data directory exists + become: true ansible.builtin.file: dest: /home/zigbee2mqtt/zigbee2mqtt_data state: directory @@ -52,6 +59,7 @@ register: zigbee2mqtt__conf_stat - name: Ensure configuration file is deployed when it doesn't exist + become: true when: not zigbee2mqtt__conf_stat.stat.exists ansible.builtin.copy: content: "{{ zigbee2mqtt__config }}" @@ -62,6 +70,7 @@ notify: Restart zigbee2mqtt - name: Ensure zigbee2mqtt service file is deployed + become: true ansible.builtin.copy: src: zigbee2mqtt.service dest: /etc/systemd/system/zigbee2mqtt.service @@ -71,6 +80,7 @@ notify: Reload systemd-daemon and restart zigbee2mqtt - name: Ensure zigbee2mqtt is enabled and started + become: true ansible.builtin.systemd: service: zigbee2mqtt enabled: true