diff --git a/inventories/z9/host_vars/mqtt.yaml b/inventories/z9/host_vars/mqtt.yaml deleted file mode 100644 index 37ab3b9..0000000 --- a/inventories/z9/host_vars/mqtt.yaml +++ /dev/null @@ -1,4 +0,0 @@ -mosquitto__mosquitto_conf_content: "{{ lookup('ansible.builtin.file', 'z9/configs/automation/mosquitto/mosquitto.conf') }}" -mosquitto__configs: - - name: winkekatz - content: "{{ lookup('ansible.builtin.file', 'z9/configs/automation/mosquitto/winkekatz.conf') }}" diff --git a/inventories/z9/host_vars/uptime-kuma.yaml b/inventories/z9/host_vars/uptime-kuma.yaml deleted file mode 100644 index 625bd2b..0000000 --- a/inventories/z9/host_vars/uptime-kuma.yaml +++ /dev/null @@ -1,14 +0,0 @@ -certbot__version_spec: "" -certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz -certbot__certificate_domains: - - "status.ccchh.net" -certbot__new_cert_commands: - - "systemctl reload nginx.service" - -docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'z9/configs/uptime-kuma/compose.yaml') }}" -docker_compose__configuration_files: [ ] - -nginx__version_spec: "" -nginx__configurations: - - name: status.ccchh.net - content: "{{ lookup('ansible.builtin.file', 'z9/configs/uptime-kuma/nginx/status.ccchh.net.conf') }}" diff --git a/inventories/z9/host_vars/zigbee2mqtt.yaml b/inventories/z9/host_vars/zigbee2mqtt.yaml deleted file mode 100644 index 5d0f857..0000000 --- a/inventories/z9/host_vars/zigbee2mqtt.yaml +++ /dev/null @@ -1,15 +0,0 @@ -zigbee2mqtt__version: "1.37.1" -zigbee2mqtt__network_key: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/z9/zigbee2mqtt/network_key', create=false, missing='error') }}" -zigbee2mqtt__initial_config: "{{ lookup('ansible.builtin.template', 'z9/configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2') }}" - -certbot__version_spec: "" -certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz -certbot__certificate_domains: - - "zigbee2mqtt.ccchh.net" -certbot__new_cert_commands: - - "systemctl reload nginx.service" - -nginx__version_spec: "" -nginx__configurations: - - name: zigbee2mqtt - content: "{{ lookup('ansible.builtin.file', 'z9/configs/zigbee2mqtt/nginx/zigbee2mqtt.conf') }}" diff --git a/inventories/z9/hosts.yaml b/inventories/z9/hosts.yaml index db59ba4..f8a452d 100644 --- a/inventories/z9/hosts.yaml +++ b/inventories/z9/hosts.yaml @@ -8,43 +8,18 @@ all: authoritative-dns: ansible_host: authoritative-dns.z9.ccchh.net ansible_user: chaos - uptime-kuma: - ansible_host: uptime-kuma.z9.ccchh.net - ansible_user: chaos debian_12: hosts: nginx_hosts: hosts: light: - uptime-kuma: - public_reverse_proxy_hosts: - hosts: - cert_hosts: - hosts: - certbot_hosts: - hosts: - uptime-kuma: - zigbee2mqtt_hosts: - hosts: - mosquitto_hosts: - hosts: ola_hosts: hosts: light: foobazdmx_hosts: hosts: light: - hifiberry_hosts: - hosts: - bluetooth_audio_sink_hosts: - hosts: - shairport_sync_hosts: - hosts: - docker_compose_hosts: - hosts: - uptime-kuma: infrastructure_authorized_keys_hosts: hosts: light: authoritative-dns: - uptime-kuma: diff --git a/playbooks/deploy.yaml b/playbooks/deploy.yaml index 50e55dc..ba1bea6 100644 --- a/playbooks/deploy.yaml +++ b/playbooks/deploy.yaml @@ -1,7 +1,4 @@ --- -- name: engelsystem_specific_pre_tasks - ansible.builtin.import_playbook: engelsystem_specific_pre_tasks.yaml - - name: Ensure SSH server config deployment on ssh_server_config_hosts hosts: ssh_server_config_hosts roles: @@ -17,21 +14,6 @@ roles: - nextcloud -- name: Ensure HiFiBerry deployment on hifiberry_hosts - hosts: hifiberry_hosts - roles: - - hifiberry - -- name: Ensure bluetooth audio sink deployment on bluetooth_audio_sink_hosts - hosts: bluetooth_audio_sink_hosts - roles: - - bluetooth_audio_sink - -- name: Ensure shairport sync deployment on shairport_sync_hosts - hosts: shairport_sync_hosts - roles: - - shairport_sync - - name: Ensure ola deployment on ola_hosts hosts: ola_hosts roles: @@ -42,26 +24,11 @@ roles: - foobazdmx -- name: Ensure Mosquitto MQTT broker deployment on mosquitto_hosts - hosts: mosquitto_hosts - roles: - - mosquitto - -- name: Ensure Zigbee2MQTT deployment on zigbee2mqtt_hosts - hosts: zigbee2mqtt_hosts - roles: - - zigbee2mqtt - - name: Ensure Dokuwiki config hosts: wiki roles: - dokuwiki -- name: Ensure certificate deployment on cert_hosts - hosts: cert_hosts - roles: - - cert - - name: Ensure NGINX deployment on nginx_hosts, which are also public_reverse_proxy_hosts, before certbot role runs hosts: nginx_hosts:&public_reverse_proxy_hosts roles: diff --git a/playbooks/engelsystem_specific_pre_tasks.yaml b/playbooks/engelsystem_specific_pre_tasks.yaml deleted file mode 100644 index b7a57b1..0000000 --- a/playbooks/engelsystem_specific_pre_tasks.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: engelsystem on engelsystem.z9 specific pre tasks - hosts: engelsystem - pre_tasks: - - name: Install git - ansible.builtin.apt: - name: git - state: present - - name: Clone engelsystem repo - ansible.builtin.git: - repo: https://github.com/engelsystem/engelsystem.git - dest: "{{ ansible_user_dir }}/engelsystem" - version: main - force: true - update: false - - name: apply patch to code to add train drivers license - ansible.posix.patch: - src: patches/engelsystem/code_en.patch - dest: "{{ ansible_user_dir }}/engelsystem/includes/view/UserDriverLicenses_view.php" - - name: apply patch to german locale add train drivers license - ansible.posix.patch: - src: patches/engelsystem/lang_de.patch - dest: "{{ ansible_user_dir }}/engelsystem/resources/lang/de_DE/default.po" diff --git a/playbooks/files/chaosknoten/configs/engelsystem/nginx/aes.ccchh.net.conf b/playbooks/files/chaosknoten/configs/engelsystem/nginx/aes.ccchh.net.conf deleted file mode 100644 index 937bdb7..0000000 --- a/playbooks/files/chaosknoten/configs/engelsystem/nginx/aes.ccchh.net.conf +++ /dev/null @@ -1,42 +0,0 @@ -# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration -# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6 -server { - # Listen on a custom port for the proxy protocol. - listen 8443 ssl http2 proxy_protocol; - # Make use of the ngx_http_realip_module to set the $remote_addr and - # $remote_port to the client address and client port, when using proxy - # protocol. - # First set our proxy protocol proxy as trusted. - set_real_ip_from 172.31.17.140; - # Then tell the realip_module to get the addreses from the proxy protocol - # header. - real_ip_header proxy_protocol; - - server_name aes.ccchh.net; - - ssl_certificate /etc/letsencrypt/live/aes.ccchh.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/aes.ccchh.net/privkey.pem; - # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/aes.ccchh.net/chain.pem; - - # HSTS (ngx_http_headers_module is required) (63072000 seconds) - add_header Strict-Transport-Security "max-age=63072000" always; - - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Port 443; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; - # Hide the X-Forwarded header. - proxy_hide_header X-Forwarded; - # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that - # is transparent). - # Also provide "_hidden" for by, since it's not relevant. - proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden"; - - location / { - proxy_pass http://127.0.0.1:5080/; - } -} diff --git a/playbooks/files/patches/engelsystem/code_en.patch b/playbooks/files/patches/engelsystem/code_en.patch deleted file mode 100644 index cdb613e..0000000 --- a/playbooks/files/patches/engelsystem/code_en.patch +++ /dev/null @@ -1,8 +0,0 @@ -22c22 -< form_checkbox('wants_to_drive', __('I am willing to drive a car for the event'), $user_driver_license->wantsToDrive()), ---- -> form_checkbox('wants_to_drive', __('I am willing to drive a vehicle for the event'), $user_driver_license->wantsToDrive()), -48c48 -< __('Forklift'), ---- -> __('Train'), diff --git a/playbooks/files/patches/engelsystem/lang_de.patch b/playbooks/files/patches/engelsystem/lang_de.patch deleted file mode 100644 index 2983bfa..0000000 --- a/playbooks/files/patches/engelsystem/lang_de.patch +++ /dev/null @@ -1,12 +0,0 @@ -1390,1391c1390,1391 -< msgid "Forklift" -< msgstr "Gabelstapler" ---- -> msgid "Train" -> msgstr "Lok" -1643,1644c1643,1644 -< msgid "I am willing to drive a car for the event" -< msgstr "Ich möchte für das Event Auto fahren" ---- -> msgid "I am willing to drive a vehicle for the event" -> msgstr "Ich möchte für das Event Fahrzeuge fahren" diff --git a/playbooks/files/z9/configs/automation/mosquitto/mosquitto.conf b/playbooks/files/z9/configs/automation/mosquitto/mosquitto.conf deleted file mode 100644 index 05141ab..0000000 --- a/playbooks/files/z9/configs/automation/mosquitto/mosquitto.conf +++ /dev/null @@ -1,16 +0,0 @@ -# Place your local configuration in /etc/mosquitto/conf.d/ -# -# A full description of the configuration file is at -# /usr/share/doc/mosquitto/examples/mosquitto.conf.example - -per_listener_settings false -listener 1883 -allow_anonymous true -pid_file /run/mosquitto/mosquitto.pid - -persistence true -persistence_location /var/lib/mosquitto/ - -log_dest file /var/log/mosquitto/mosquitto.log - -include_dir /etc/mosquitto/conf.d diff --git a/playbooks/files/z9/configs/automation/mosquitto/winkekatz.conf b/playbooks/files/z9/configs/automation/mosquitto/winkekatz.conf deleted file mode 100644 index d728ecf..0000000 --- a/playbooks/files/z9/configs/automation/mosquitto/winkekatz.conf +++ /dev/null @@ -1,8 +0,0 @@ -connection winkekatz -address mqtt.winkekatze24.de -bridge_protocol_version mqttv311 - -topic winkekatze/allcats/eye/set in 2 -topic winkekatze/allcats in 2 -topic +/status out 2 winkekatze/ "" -topic +/connected out 2 winkekatze/ "" diff --git a/playbooks/files/z9/configs/uptime-kuma/compose.yaml b/playbooks/files/z9/configs/uptime-kuma/compose.yaml deleted file mode 100644 index 11482de..0000000 --- a/playbooks/files/z9/configs/uptime-kuma/compose.yaml +++ /dev/null @@ -1,17 +0,0 @@ -## Links & Rescources: -# -# https://github.com/louislam/uptime-kuma -# https://github.com/louislam/uptime-kuma/wiki/%F0%9F%94%A7-How-to-Install -# https://github.com/louislam/uptime-kuma/blob/master/docker/docker-compose.yml -# https://github.com/louislam/uptime-kuma/wiki/%F0%9F%86%99-How-to-Update -# https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy -# https://github.com/louislam/uptime-kuma/wiki/Environment-Variables - -services: - uptime-kuma: - image: louislam/uptime-kuma:1 - restart: unless-stopped - volumes: - - "./uptime-kuma-data:/app/data" - ports: - - 3001:3001 diff --git a/playbooks/files/z9/configs/uptime-kuma/nginx/status.ccchh.net.conf b/playbooks/files/z9/configs/uptime-kuma/nginx/status.ccchh.net.conf deleted file mode 100644 index 41e2925..0000000 --- a/playbooks/files/z9/configs/uptime-kuma/nginx/status.ccchh.net.conf +++ /dev/null @@ -1,40 +0,0 @@ -# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration -# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6 -# Also see: https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy -server { - # Listen on a custom port for the proxy protocol. - listen 8443 ssl http2 proxy_protocol; - # Make use of the ngx_http_realip_module to set the $remote_addr and - # $remote_port to the client address and client port, when using proxy - # protocol. - # First set our proxy protocol proxy as trusted. - set_real_ip_from 10.31.206.1; - # Then tell the realip_module to get the addreses from the proxy protocol - # header. - real_ip_header proxy_protocol; - - server_name status.ccchh.net; - - ssl_certificate /etc/letsencrypt/live/status.ccchh.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/status.ccchh.net/privkey.pem; - # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/status.ccchh.net/chain.pem; - - # HSTS (ngx_http_headers_module is required) (63072000 seconds) - add_header Strict-Transport-Security "max-age=63072000" always; - - # replace with the IP address of your resolver - resolver 10.31.206.1; - - location / { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; - proxy_pass http://127.0.0.1:3001/; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } -} diff --git a/playbooks/files/z9/configs/zigbee2mqtt/nginx/zigbee2mqtt.conf b/playbooks/files/z9/configs/zigbee2mqtt/nginx/zigbee2mqtt.conf deleted file mode 100644 index 9c35e87..0000000 --- a/playbooks/files/z9/configs/zigbee2mqtt/nginx/zigbee2mqtt.conf +++ /dev/null @@ -1,28 +0,0 @@ -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - - server_name zigbee2mqtt.ccchh.net; - - ssl_certificate /etc/letsencrypt/live/zigbee2mqtt.ccchh.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/zigbee2mqtt.ccchh.net/privkey.pem; - # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/zigbee2mqtt.ccchh.net/chain.pem; - - add_header Strict-Transport-Security "max-age=63072000" always; - - location / { - proxy_pass http://localhost:8080/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location /api { - proxy_pass http://localhost:8080/api; - proxy_set_header Host $host; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } -} diff --git a/playbooks/roles/bluetooth_audio_sink/files/override.conf b/playbooks/roles/bluetooth_audio_sink/files/override.conf deleted file mode 100644 index de07b82..0000000 --- a/playbooks/roles/bluetooth_audio_sink/files/override.conf +++ /dev/null @@ -1,3 +0,0 @@ -[Service] -ExecStart= -ExecStart=-/sbin/agetty --autologin audiosink --noclear %I 38400 linux diff --git a/playbooks/roles/bluetooth_audio_sink/files/speaker-agent.service b/playbooks/roles/bluetooth_audio_sink/files/speaker-agent.service deleted file mode 100644 index e665f19..0000000 --- a/playbooks/roles/bluetooth_audio_sink/files/speaker-agent.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Bluetooth speaker agent - -[Service] -ExecStart=python3 /opt/speaker-agent/speaker-agent.py - -[Install] -WantedBy=default.target diff --git a/playbooks/roles/bluetooth_audio_sink/handlers/main.yaml b/playbooks/roles/bluetooth_audio_sink/handlers/main.yaml deleted file mode 100644 index 5b734ad..0000000 --- a/playbooks/roles/bluetooth_audio_sink/handlers/main.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Restart bluetooth service - ansible.builtin.systemd: - service: bluetooth.service - state: restarted -- name: Restart speaker-agent service - become_user: audiosink - ansible.builtin.systemd: - service: speaker-agent.service - state: restarted - scope: user - daemon_reload: true -- name: Reboot host - ansible.builtin.reboot: diff --git a/playbooks/roles/bluetooth_audio_sink/meta/argument_specs.yaml b/playbooks/roles/bluetooth_audio_sink/meta/argument_specs.yaml deleted file mode 100644 index 3b66203..0000000 --- a/playbooks/roles/bluetooth_audio_sink/meta/argument_specs.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -argument_specs: - main: - options: - bluetooth_audio_sink__name: - description: Name the bluetooth device should have - type: str - required: true diff --git a/playbooks/roles/bluetooth_audio_sink/meta/main.yaml b/playbooks/roles/bluetooth_audio_sink/meta/main.yaml deleted file mode 100644 index 386685c..0000000 --- a/playbooks/roles/bluetooth_audio_sink/meta/main.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -dependencies: - - role: distribution_check - vars: - distribution_check__distribution_support_spec: - - name: Debian - major_versions: - - "11" diff --git a/playbooks/roles/bluetooth_audio_sink/tasks/main.yaml b/playbooks/roles/bluetooth_audio_sink/tasks/main.yaml deleted file mode 100644 index 76d6355..0000000 --- a/playbooks/roles/bluetooth_audio_sink/tasks/main.yaml +++ /dev/null @@ -1,182 +0,0 @@ ---- -- name: Ensure acl is installed - become: true - ansible.builtin.apt: - name: acl - -- name: Ensure machine-info file is deployed - become: true - ansible.builtin.template: - src: machine-info.j2 - dest: /etc/machine-info - mode: "644" - owner: root - group: root - notify: Restart bluetooth service - -- name: Ensure bluetooth config is deployed - become: true - ansible.builtin.template: - src: main.conf.j2 - dest: /etc/bluetooth/main.conf - mode: "644" - owner: root - group: root - notify: Restart bluetooth service - -- name: Ensure bluetooth service is enabled and started - become: true - ansible.builtin.systemd: - service: bluetooth.service - state: started - enabled: true - -- name: Ensure audiosink user exists - become: true - ansible.builtin.user: - name: audiosink - groups: - - audio - -- name: Ensure user services are started without needing to login - become: true - ansible.builtin.command: - cmd: loginctl enable-linger audiosink - changed_when: false - -- name: Detect if on Raspberry Pi # noqa ignore-errors - ansible.builtin.include_role: - name: raspberry_pi_check - ignore_errors: true - -- name: Ensure debian archive keyring is installed # noqa no-handler - become: true - when: raspberry_pi_check__cpuinfo.found - ansible.builtin.apt: - deb: https://ftp.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2021.1.1+deb11u1_all.deb - -- name: Ensure debian backports repository is enabled - ansible.builtin.include_role: - name: add_apt_repository - vars: - add_apt_repository__https_repo: false - add_apt_repository__repo: "deb http://deb.debian.org/debian {{ ansible_facts.lsb.codename }}-backports main contrib non-free" - add_apt_repository__filename: "{{ ansible_facts.lsb.codename }}-backports.list" - -- name: Ensure pipewire, wireplumber and libspa-0.2-bluetooth are installed - become: true - ansible.builtin.apt: - name: - - pipewire - - wireplumber - - libspa-0.2-bluetooth - default_release: "{{ ansible_facts.lsb.codename }}-backports" - -- name: Ensure pipewire user service is enabled and started - become: true - become_user: audiosink - ansible.builtin.systemd: - name: pipewire.service - state: started - enabled: true - scope: user - -- name: Ensure pipewire-pulse user service is enabled and started - become: true - become_user: audiosink - ansible.builtin.systemd: - name: pipewire-pulse.service - state: started - enabled: true - scope: user - -- name: Ensure wireplumber user service is enabled - become: true - become_user: audiosink - ansible.builtin.systemd: - name: wireplumber.service - enabled: true - scope: user - -- name: Ensure speaker-agent dependencies are installed - become: true - ansible.builtin.apt: - name: - - git - - python3-dbus - -- name: Ensure speaker-agent repository is cloned - become: true - ansible.builtin.git: - repo: https://github.com/fdanis-oss/pw_wp_bluetooth_rpi_speaker.git - dest: /opt/speaker-agent - version: 9a939a23865ea020816017e06fd2290f301c35f9 - -- name: Ensure .config directory exists - become: true - become_user: audiosink - ansible.builtin.file: - path: /home/audiosink/.config - state: directory - mode: "700" - owner: audiosink - group: audiosink - -- name: Ensure .config/systemd directory exists - become: true - become_user: audiosink - ansible.builtin.file: - path: /home/audiosink/.config/systemd - state: directory - mode: "755" - owner: audiosink - group: audiosink - -- name: Ensure .config/systemd/user directory exists - become: true - become_user: audiosink - ansible.builtin.file: - path: /home/audiosink/.config/systemd/user - state: directory - mode: "755" - owner: audiosink - group: audiosink - -- name: Ensure speaker-agent service file is deployed - become: true - become_user: audiosink - ansible.builtin.copy: - src: speaker-agent.service - dest: /home/audiosink/.config/systemd/user/speaker-agent.service - mode: "644" - owner: audiosink - group: audiosink - notify: Restart speaker-agent service - -- name: Ensure speaker-agent service is enabled and started - become: true - become_user: audiosink - ansible.builtin.systemd: - name: speaker-agent.service - state: started - enabled: true - scope: user - -# This part is janky, but I don't know how to make the bluetooth service, wireplumber and pipewire -# work with each other without being logged in. -- name: Ensure getty@tty1 override file is deployed - become: true - ansible.builtin.copy: - src: override.conf - dest: /etc/systemd/system/getty@tty1.service.d/override.conf - mode: "644" - owner: root - group: root - notify: Reboot host - -- name: Ensure autologin for audiosink user is enabled - become: true - ansible.builtin.systemd: - service: getty@tty1.service - enabled: true - notify: Reboot host diff --git a/playbooks/roles/bluetooth_audio_sink/templates/machine-info.j2 b/playbooks/roles/bluetooth_audio_sink/templates/machine-info.j2 deleted file mode 100644 index 88ebdfa..0000000 --- a/playbooks/roles/bluetooth_audio_sink/templates/machine-info.j2 +++ /dev/null @@ -1 +0,0 @@ -PRETTY_HOSTNAME=Audio Pi diff --git a/playbooks/roles/bluetooth_audio_sink/templates/main.conf.j2 b/playbooks/roles/bluetooth_audio_sink/templates/main.conf.j2 deleted file mode 100644 index 05cf708..0000000 --- a/playbooks/roles/bluetooth_audio_sink/templates/main.conf.j2 +++ /dev/null @@ -1,211 +0,0 @@ -[General] - -# Defaults to 'BlueZ X.YZ', if Name is not set here and plugin 'hostname' is not loaded. -# The plugin 'hostname' is loaded by default and overides the Name set here so -# consider modifying /etc/machine-info with variable PRETTY_HOSTNAME= instead. -Name = {{ bluetooth_audio_sink__name }} - -# Default device class. Only the major and minor device class bits are -# considered. Defaults to '0x000000'. -Class = 0x200414 # Audio (Major Service Class), Audio/Video (Major Device Class), Loudspeaker (Minor Device Class) - -# How long to stay in discoverable mode before going back to non-discoverable -# The value is in seconds. Default is 180, i.e. 3 minutes. -# 0 = disable timer, i.e. stay discoverable forever -#DiscoverableTimeout = 0 -DiscoverableTimeout = 0 - -# Always allow pairing even if there are no agent registered -# Possible values: true, false -# Default: false -#AlwaysPairable = false -AlwaysPairable = true - -# How long to stay in pairable mode before going back to non-discoverable -# The value is in seconds. Default is 0. -# 0 = disable timer, i.e. stay pairable forever -#PairableTimeout = 0 -PairableTimeout = 0 - -# Use vendor id source (assigner), vendor, product and version information for -# DID profile support. The values are separated by ":" and assigner, VID, PID -# and version. -# Possible vendor id source values: bluetooth, usb (defaults to usb) -#DeviceID = bluetooth:1234:5678:abcd - -# Do reverse service discovery for previously unknown devices that connect to -# us. For BR/EDR this option is really only needed for qualification since the -# BITE tester doesn't like us doing reverse SDP for some test cases, for LE -# this disables the GATT client functionally so it can be used in system which -# can only operate as peripheral. -# Defaults to 'true'. -#ReverseServiceDiscovery = true - -# Enable name resolving after inquiry. Set it to 'false' if you don't need -# remote devices name and want shorter discovery cycle. Defaults to 'true'. -#NameResolving = true - -# Enable runtime persistency of debug link keys. Default is false which -# makes debug link keys valid only for the duration of the connection -# that they were created for. -#DebugKeys = false - -# Restricts all controllers to the specified transport. Default value -# is "dual", i.e. both BR/EDR and LE enabled (when supported by the HW). -# Possible values: "dual", "bredr", "le" -#ControllerMode = dual - -# Enables Multi Profile Specification support. This allows to specify if -# system supports only Multiple Profiles Single Device (MPSD) configuration -# or both Multiple Profiles Single Device (MPSD) and Multiple Profiles Multiple -# Devices (MPMD) configurations. -# Possible values: "off", "single", "multiple" -#MultiProfile = off - -# Permanently enables the Fast Connectable setting for adapters that -# support it. When enabled other devices can connect faster to us, -# however the tradeoff is increased power consumptions. This feature -# will fully work only on kernel version 4.1 and newer. Defaults to -# 'false'. -#FastConnectable = false - -# Default privacy setting. -# Enables use of private address. -# Possible values: "off", "device", "network" -# "network" option not supported currently -# Defaults to "off" -# Privacy = off - -# Specify the policy to the JUST-WORKS repairing initiated by peer -# Possible values: "never", "confirm", "always" -# Defaults to "never" -#JustWorksRepairing = never -JustWorksRepairing = always - -# How long to keep temporary devices around -# The value is in seconds. Default is 30. -# 0 = disable timer, i.e. never keep temporary devices -#TemporaryTimeout = 30 - -# Enables the device to issue an SDP request to update known services when -# profile is connected. Defaults to true. -#RefreshDiscovery = true - -Enable=Sink - -[Controller] -# The following values are used to load default adapter parameters. BlueZ loads -# the values into the kernel before the adapter is powered if the kernel -# supports the MGMT_LOAD_DEFAULT_PARAMETERS command. If a value isn't provided, -# the kernel will be initialized to it's default value. The actual value will -# vary based on the kernel version and thus aren't provided here. -# The Bluetooth Core Specification should be consulted for the meaning and valid -# domain of each of these values. - -# BR/EDR Page scan activity configuration -#BRPageScanType= -#BRPageScanInterval= -#BRPageScanWindow= - -# BR/EDR Inquiry scan activity configuration -#BRInquiryScanType= -#BRInquiryScanInterval= -#BRInquiryScanWindow= - -# BR/EDR Link supervision timeout -#BRLinkSupervisionTimeout= - -# BR/EDR Page Timeout -#BRPageTimeout= - -# BR/EDR Sniff Intervals -#BRMinSniffInterval= -#BRMaxSniffInterval= - -# LE advertisement interval (used for legacy advertisement interface only) -#LEMinAdvertisementInterval= -#LEMaxAdvertisementInterval= -#LEMultiAdvertisementRotationInterval= - -# LE scanning parameters used for passive scanning supporting auto connect -# scenarios -#LEScanIntervalAutoConnect= -#LEScanWindowAutoConnect= - -# LE scanning parameters used for passive scanning supporting wake from suspend -# scenarios -#LEScanIntervalSuspend= -#LEScanWindowSuspend= - -# LE scanning parameters used for active scanning supporting discovery -# proceedure -#LEScanIntervalDiscovery= -#LEScanWindowDiscovery= - -# LE scanning parameters used for passive scanning supporting the advertisement -# monitor Apis -#LEScanIntervalAdvMonitor= -#LEScanWindowAdvMonitor= - -# LE scanning parameters used for connection establishment. -#LEScanIntervalConnect= -#LEScanWindowConnect= - -# LE default connection parameters. These values are superceeded by any -# specific values provided via the Load Connection Parameters interface -#LEMinConnectionInterval= -#LEMaxConnectionInterval= -#LEConnectionLatency= -#LEConnectionSupervisionTimeout= -#LEAutoconnecttimeout= - -[GATT] -# GATT attribute cache. -# Possible values: -# always: Always cache attributes even for devices not paired, this is -# recommended as it is best for interoperability, with more consistent -# reconnection times and enables proper tracking of notifications for all -# devices. -# yes: Only cache attributes of paired devices. -# no: Never cache attributes -# Default: always -#Cache = always - -# Minimum required Encryption Key Size for accessing secured characteristics. -# Possible values: 0 and 7-16. 0 means don't care. -# Defaults to 0 -#KeySize = 0 - -# Exchange MTU size. -# Possible values: 23-517 -# Defaults to 517 -#ExchangeMTU = 517 - -# Number of ATT channels -# Possible values: 1-5 (1 disables EATT) -# Default to 3 -#Channels = 3 - -[Policy] -# -# The ReconnectUUIDs defines the set of remote services that should try -# to be reconnected to in case of a link loss (link supervision -# timeout). The policy plugin should contain a sane set of values by -# default, but this list can be overridden here. By setting the list to -# empty the reconnection feature gets disabled. -#ReconnectUUIDs=00001112-0000-1000-8000-00805f9b34fb,0000111f-0000-1000-8000-00805f9b34fb,0000110a-0000-1000-8000-00805f9b34fb - -# ReconnectAttempts define the number of attempts to reconnect after a link -# lost. Setting the value to 0 disables reconnecting feature. -#ReconnectAttempts=7 - -# ReconnectIntervals define the set of intervals in seconds to use in between -# attempts. -# If the number of attempts defined in ReconnectAttempts is bigger than the -# set of intervals the last interval is repeated until the last attempt. -#ReconnectIntervals=1,2,4,8,16,32,64 - -# AutoEnable defines option to enable all controllers when they are found. -# This includes adapters present on start as well as adapters that are plugged -# in later on. Defaults to 'false'. -AutoEnable=true diff --git a/playbooks/roles/cert/README.md b/playbooks/roles/cert/README.md deleted file mode 100644 index a6ffc60..0000000 --- a/playbooks/roles/cert/README.md +++ /dev/null @@ -1,25 +0,0 @@ -# Role `cert` - -A role for ordering and renewing certificates from Lets Encrypt via ACME. -It uses the DNS challenge and fullfills it via a BIND 9 server given to the role. - -## Supported Distributions - -The following distributions are supported: - -- Debian 11 - -## Required Arguments - -For the required arguments look at the [`argument_specs.yaml`](./meta/argument_specs.yml) - -## `hosts` - -The `hosts` for this role need to be the machines on which you want to have the certificates. - -## Links & Resources - -- -- -- -- diff --git a/playbooks/roles/cert/defaults/main.yaml b/playbooks/roles/cert/defaults/main.yaml deleted file mode 100644 index f08b1e9..0000000 --- a/playbooks/roles/cert/defaults/main.yaml +++ /dev/null @@ -1,7 +0,0 @@ -cert__handlers: [] -cert__owner: root -cert__group: root -cert__fullchain_pem_permissions: "0660" -cert__chain_pem_permissions: "0660" -cert__cert_pem_permissions: "0660" -cert__privkey_pem_permissions: "0600" diff --git a/playbooks/roles/cert/meta/argument_specs.yaml b/playbooks/roles/cert/meta/argument_specs.yaml deleted file mode 100644 index cee160e..0000000 --- a/playbooks/roles/cert/meta/argument_specs.yaml +++ /dev/null @@ -1,52 +0,0 @@ ---- -argument_specs: - main: - short_description: Orders and renews certificates from Let's Encrypt - options: - cert__domains: - description: Domains for which to issue a certificate. Must be in the same DNS zone. - required: true - type: list - elements: str - cert__owner: - description: Owner of the certificate files. - required: false - type: str - default: root - cert__group: - description: Group of the certificate files. - required: false - type: str - default: root - cert__acme_account_email: - description: E-Mail address for ACME account - required: true - type: str - cert__bind_9_host: - description: The machine running BIND 9. - required: true - type: str - cert__bind_9_zone: - description: The zone to use for publishing the TXT record. - required: true - type: str - cert__fullchain_pem_permissions: - description: Permissons for the `fullchain.pem`. - type: str - required: false - default: "0660" - cert__chain_pem_permissions: - description: Permissons for the `chain.pem`. - type: str - required: false - default: "0660" - cert__cert_pem_permissions: - description: Permissons for the `cert.pem`. - type: str - required: false - default: "0660" - cert__privkey_pem_permissions: - description: Permissons for the `privkey.pem`. - type: str - required: false - default: "0600" diff --git a/playbooks/roles/cert/meta/main.yaml b/playbooks/roles/cert/meta/main.yaml deleted file mode 100644 index a8c1110..0000000 --- a/playbooks/roles/cert/meta/main.yaml +++ /dev/null @@ -1,8 +0,0 @@ -dependencies: # noqa meta-no-info - - role: distribution_check - vars: - distribution_check__distribution_support_spec: - - name: Debian - major_versions: - - "11" - - "12" diff --git a/playbooks/roles/cert/tasks/deploy_cert.yaml b/playbooks/roles/cert/tasks/deploy_cert.yaml deleted file mode 100644 index bd97ebe..0000000 --- a/playbooks/roles/cert/tasks/deploy_cert.yaml +++ /dev/null @@ -1,180 +0,0 @@ -- name: Ensure `ansible_certs` directory exists - ansible.builtin.file: - path: /etc/ansible_certs - state: directory - owner: root - group: root - mode: "755" - become: true - -- name: Ensure `certs` sub-directory exists - ansible.builtin.file: - path: /etc/ansible_certs/certs - state: directory - owner: root - group: root - mode: "755" - become: true - -- name: Ensure sub-directory for the certificate exists - ansible.builtin.file: - path: "/etc/ansible_certs/certs/{{ item }}" - state: directory - owner: "{{ cert__owner }}" - group: "{{ cert__group }}" - mode: "755" - become: true - -- name: Ensure private key for certificate exists - community.crypto.openssl_privatekey: - path: "/etc/ansible_certs/certs/{{ item }}/privkey.pem" - size: 4096 - type: RSA - owner: "{{ cert__owner }}" - group: "{{ cert__group }}" - mode: "{{ cert__privkey_pem_permissions }}" - become: true - -- name: Ensure certificate signing request is created - community.crypto.openssl_csr: - path: "/etc/ansible_certs/certs/{{ item }}/csr.pem" - privatekey_path: "/etc/ansible_certs/certs/{{ item }}/privkey.pem" - common_name: "{{ item }}" - owner: "{{ cert__owner }}" - group: "{{ cert__group }}" - mode: "0660" - become: true - register: cert__csr_result - -- name: Ensure private key for ACME account exists - community.crypto.openssl_privatekey: - path: "/etc/ansible_certs/account_key.pem" - size: 4096 - type: RSA - owner: root - group: root - mode: "0600" - become: true - -- name: Check certificate status and create ACME challenge if needed - community.crypto.acme_certificate: - account_email: "{{ cert__acme_account_email }}" - account_key_src: "/etc/ansible_certs/account_key.pem" - acme_directory: https://acme-v02.api.letsencrypt.org/directory - acme_version: 2 - remaining_days: 28 - terms_agreed: true - challenge: dns-01 - csr: "/etc/ansible_certs/certs/{{ item }}/csr.pem" - dest: "/etc/ansible_certs/certs/{{ item }}/cert.pem" - fullchain_dest: "/etc/ansible_certs/certs/{{ item }}/fullchain.pem" - become: true - register: cert__acme_challenge - -- name: Retrieve certificate and fulfill challenge if needed # noqa no-handler - when: cert__acme_challenge.changed # Can't be put in a handler, because then the block "always" tasks won't be executed for some reason - block: - - name: Add file containing nsupdate commands for adding TXT record for DNS-01 challenge - ansible.builtin.template: - src: nsupdate_add_txt_record.j2 - dest: /root/nsupdate_add_txt_record - owner: root - group: root - mode: "0600" - vars: - cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}" - cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}" - become: true - delegate_to: "{{ cert__bind_9_host }}" - - - name: Add DNS record to BIND 9 server via nsupdate # noqa: no-changed-when - ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_add_txt_record - become: true - delegate_to: "{{ cert__bind_9_host }}" - - - name: Retrieve certificate - community.crypto.acme_certificate: - account_email: "{{ cert__acme_account_email }}" - account_key_src: "/etc/ansible_certs/account_key.pem" - acme_directory: https://acme-v02.api.letsencrypt.org/directory - acme_version: 2 - terms_agreed: true - remaining_days: 28 - challenge: dns-01 - csr: "/etc/ansible_certs/certs/{{ item }}/csr.pem" - dest: "/etc/ansible_certs/certs/{{ item }}/cert.pem" - fullchain_dest: "/etc/ansible_certs/certs/{{ item }}/fullchain.pem" - data: "{{ cert__acme_challenge }}" - become: true - notify: "{{ cert__handlers }}" - always: - - name: Remove file containing nsupdate commands for adding TXT record again - ansible.builtin.file: - path: /root/nsupdate_add_txt_record - state: absent - become: true - delegate_to: "{{ cert__bind_9_host }}" - - - name: Remove TXT record again - block: - - name: Add file containing nsupdate commands for deleting TXT record for DNS-01 challenge - ansible.builtin.template: - src: nsupdate_delete_txt_record.j2 - dest: /root/nsupdate_delete_txt_record - owner: root - group: root - mode: "0600" - vars: - cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}" - cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}" - become: true - delegate_to: "{{ cert__bind_9_host }}" - - - name: Remove DNS record from BIND 9 server via nsupdate # noqa: no-changed-when - ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_delete_txt_record - become: true - delegate_to: "{{ cert__bind_9_host }}" - always: - - name: Remove file containing nsupdate commands for deleting TXT record again - ansible.builtin.file: - path: /root/nsupdate_delete_txt_record - state: absent - become: true - delegate_to: "{{ cert__bind_9_host }}" - -- name: Ensure correct permissions for certificate are set - ansible.builtin.file: - path: "/etc/ansible_certs/certs/{{ item }}/cert.pem" - owner: "{{ cert__owner }}" - group: "{{ cert__group }}" - mode: "{{ cert__cert_pem_permissions }}" - become: true - -- name: Ensure correct permissions for fullchain cert are set - ansible.builtin.file: - path: "/etc/ansible_certs/certs/{{ item }}/fullchain.pem" - owner: "{{ cert__owner }}" - group: "{{ cert__group }}" - mode: "{{ cert__fullchain_pem_permissions }}" - become: true - -- name: Get content of cert.pem - ansible.builtin.slurp: - src: "/etc/ansible_certs/certs/{{ item }}/cert.pem" - become: true - register: cert__cert_slurp - -- name: Get content of fullchain.pem - ansible.builtin.slurp: - src: "/etc/ansible_certs/certs/{{ item }}/fullchain.pem" - become: true - register: cert__fullchain_slurp - -- name: Ensure chain.pem is created - ansible.builtin.copy: - content: "{{ cert__fullchain_slurp.content | b64decode | replace(cert__cert_slurp.content | b64decode, '') }}" - dest: "/etc/ansible_certs/certs/{{ item }}/chain.pem" - owner: "{{ cert__owner }}" - group: "{{ cert__group }}" - mode: "{{ cert__chain_pem_permissions }}" - become: true diff --git a/playbooks/roles/cert/tasks/main.yaml b/playbooks/roles/cert/tasks/main.yaml deleted file mode 100644 index 5c9c0e8..0000000 --- a/playbooks/roles/cert/tasks/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ -- name: Deploy cert - ansible.builtin.include_tasks: deploy_cert.yaml - loop: "{{ cert__domains }}" diff --git a/playbooks/roles/cert/templates/nsupdate_add_txt_record.j2 b/playbooks/roles/cert/templates/nsupdate_add_txt_record.j2 deleted file mode 100644 index 1b0b9e7..0000000 --- a/playbooks/roles/cert/templates/nsupdate_add_txt_record.j2 +++ /dev/null @@ -1,4 +0,0 @@ -debug -zone {{ cert__bind_9_zone }} -update add {{ cert__nsupdate_domain }} 60 TXT {{ cert__nsupdate_txt_data }} -send diff --git a/playbooks/roles/cert/templates/nsupdate_delete_txt_record.j2 b/playbooks/roles/cert/templates/nsupdate_delete_txt_record.j2 deleted file mode 100644 index 274c76b..0000000 --- a/playbooks/roles/cert/templates/nsupdate_delete_txt_record.j2 +++ /dev/null @@ -1,4 +0,0 @@ -debug -zone {{ cert__bind_9_zone }} -update delete {{ cert__nsupdate_domain }} 60 TXT {{ cert__nsupdate_txt_data }} -send diff --git a/playbooks/roles/hifiberry/handlers/main.yaml b/playbooks/roles/hifiberry/handlers/main.yaml deleted file mode 100644 index 774b511..0000000 --- a/playbooks/roles/hifiberry/handlers/main.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- name: Restart system - become: true - ansible.builtin.reboot: diff --git a/playbooks/roles/hifiberry/meta/argument_specs.yaml b/playbooks/roles/hifiberry/meta/argument_specs.yaml deleted file mode 100644 index 5972bd6..0000000 --- a/playbooks/roles/hifiberry/meta/argument_specs.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -argument_specs: - main: - options: - hifiberry__device: - description: Which HiFiBerry board to enable - type: str - choices: - - hifiberry-dac - - hifiberry-dacplus - - hifiberry-dacplushd - - hifiberry-dacplusadc - - hifiberry-dacplusadcpro - - hifiberry-digi - - hifiberry-digi-pro - - hifiberry-amp - required: true diff --git a/playbooks/roles/hifiberry/meta/main.yaml b/playbooks/roles/hifiberry/meta/main.yaml deleted file mode 100644 index ff798a8..0000000 --- a/playbooks/roles/hifiberry/meta/main.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -dependencies: - - role: distribution_check - vars: - distribution_check__distribution_support_spec: - - name: Debian - major_versions: - - "11" - - role: raspberry_pi_check diff --git a/playbooks/roles/hifiberry/tasks/main.yaml b/playbooks/roles/hifiberry/tasks/main.yaml deleted file mode 100644 index 987def8..0000000 --- a/playbooks/roles/hifiberry/tasks/main.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Remove dtparam=audio=on - become: true - ansible.builtin.lineinfile: - line: dtparam=audio=on - dest: /boot/config.txt - state: absent - notify: Restart system - -- name: Set audio=off for dtoverlay=vc4-kms-v3d - become: true - ansible.builtin.lineinfile: - regexp: ^dtoverlay=vc4-kms-v3d - line: dtoverlay=vc4-kms-v3d,audio=off - dest: /boot/config.txt - notify: Restart system - -- name: Add hifiberry dtoverlay - become: true - ansible.builtin.lineinfile: - line: "dtoverlay={{ hifiberry__device }}" - dest: /boot/config.txt - notify: Restart system diff --git a/playbooks/roles/mosquitto/handlers/main.yaml b/playbooks/roles/mosquitto/handlers/main.yaml deleted file mode 100644 index efa0b7f..0000000 --- a/playbooks/roles/mosquitto/handlers/main.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Restart mosquitto - become: true - ansible.builtin.systemd: - service: mosquitto.service - state: restarted diff --git a/playbooks/roles/mosquitto/meta/argument_specs.yaml b/playbooks/roles/mosquitto/meta/argument_specs.yaml deleted file mode 100644 index 72f0bdd..0000000 --- a/playbooks/roles/mosquitto/meta/argument_specs.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -argument_specs: - main: - options: - mosquitto__mosquitto_conf_content: - description: The content of the main mosquitto configuration file. - type: str - required: true - mosquitto__configs: - description: A list of additional mosquitto configurations. - type: list - elements: dict - required: false - options: - name: - description: >- - The name of the configuration file, where the configuration should - be deployed to. The file will be placed under `/etc/mosquitto/conf.d` and - `.conf` will be appended to the given name. So in the end the path - will be like this: `/etc/mosquitto/conf.d/\{\ name \}\}.conf`. - type: str - required: true - content: - description: The content of the configuration. - type: str - required: true diff --git a/playbooks/roles/mosquitto/meta/main.yaml b/playbooks/roles/mosquitto/meta/main.yaml deleted file mode 100644 index 386685c..0000000 --- a/playbooks/roles/mosquitto/meta/main.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -dependencies: - - role: distribution_check - vars: - distribution_check__distribution_support_spec: - - name: Debian - major_versions: - - "11" diff --git a/playbooks/roles/mosquitto/tasks/main.yaml b/playbooks/roles/mosquitto/tasks/main.yaml deleted file mode 100644 index 5fb90be..0000000 --- a/playbooks/roles/mosquitto/tasks/main.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -- name: Ensure mosquitto is installed - become: true - ansible.builtin.apt: - name: mosquitto - -- name: Ensure main configuraton file is deployed - become: true - ansible.builtin.copy: - content: "{{ mosquitto__mosquitto_conf_content }}" - dest: /etc/mosquitto/mosquitto.conf - mode: "644" - owner: root - group: root - notify: Restart mosquitto - -- name: Ensure all additional configuraton files are deployed - become: true - ansible.builtin.copy: - content: "{{ item.content }}" - dest: /etc/mosquitto/conf.d/{{ item.name }}.conf - mode: "644" - owner: root - group: root - loop: "{{ mosquitto__configs }}" - notify: Restart mosquitto - -- name: Ensure mosquitto service is enabled and started - become: true - ansible.builtin.systemd: - service: mosquitto.service - enabled: true - state: started diff --git a/playbooks/roles/nodejs/meta/argument_specs.yaml b/playbooks/roles/nodejs/meta/argument_specs.yaml deleted file mode 100644 index e950b49..0000000 --- a/playbooks/roles/nodejs/meta/argument_specs.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -argument_specs: - main: - options: - nodejs__major_version: - description: Major version of nodejs to install - type: int - required: true diff --git a/playbooks/roles/nodejs/meta/main.yaml b/playbooks/roles/nodejs/meta/main.yaml deleted file mode 100644 index 15aceb3..0000000 --- a/playbooks/roles/nodejs/meta/main.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -dependencies: - - role: distribution_check - vars: - distribution_check__distribution_support_spec: - - name: Debian - major_versions: - - "11" - - "12" - - role: add_apt_repository - vars: - add_apt_repository__https_repo: true - add_apt_repository__keyring_url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key - add_apt_repository__keyring_path: /usr/share/keyrings/nodesource.gpg - add_apt_repository__repo: "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_\ - {{ nodejs__major_version }}.x {{ ansible_facts.lsb.codename }} main" - add_apt_repository__filename: nodesource.list diff --git a/playbooks/roles/nodejs/tasks/main.yaml b/playbooks/roles/nodejs/tasks/main.yaml deleted file mode 100644 index 84950f6..0000000 --- a/playbooks/roles/nodejs/tasks/main.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- name: Ensure nodejs is installed - ansible.builtin.apt: - name: nodejs diff --git a/playbooks/roles/raspberry_pi_check/tasks/main.yaml b/playbooks/roles/raspberry_pi_check/tasks/main.yaml deleted file mode 100644 index 925fc67..0000000 --- a/playbooks/roles/raspberry_pi_check/tasks/main.yaml +++ /dev/null @@ -1,12 +0,0 @@ -- name: Detect if on Raspberry Pi - ansible.builtin.lineinfile: - path: /proc/cpuinfo - regexp: ".*Raspberry Pi.*" - state: absent - check_mode: true - register: raspberry_pi_check__cpuinfo - changed_when: false -- name: Fail when not on Raspberry Pi # noqa no-handler - when: not raspberry_pi_check__cpuinfo.found - ansible.builtin.fail: - msg: You are not running on Raspberry Pi hardware! diff --git a/playbooks/roles/shairport_sync/handlers/main.yaml b/playbooks/roles/shairport_sync/handlers/main.yaml deleted file mode 100644 index eff4ae7..0000000 --- a/playbooks/roles/shairport_sync/handlers/main.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Restart shairport-sync service - become: true - ansible.builtin.systemd: - service: shairport-sync - state: restarted diff --git a/playbooks/roles/shairport_sync/meta/argument_specs.yaml b/playbooks/roles/shairport_sync/meta/argument_specs.yaml deleted file mode 100644 index 55570ac..0000000 --- a/playbooks/roles/shairport_sync/meta/argument_specs.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -argument_specs: - main: - options: - shairport_sync__config: - description: shairport-sync config content - type: str - required: true diff --git a/playbooks/roles/shairport_sync/meta/main.yaml b/playbooks/roles/shairport_sync/meta/main.yaml deleted file mode 100644 index 386685c..0000000 --- a/playbooks/roles/shairport_sync/meta/main.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -dependencies: - - role: distribution_check - vars: - distribution_check__distribution_support_spec: - - name: Debian - major_versions: - - "11" diff --git a/playbooks/roles/shairport_sync/tasks/main.yaml b/playbooks/roles/shairport_sync/tasks/main.yaml deleted file mode 100644 index 8406acc..0000000 --- a/playbooks/roles/shairport_sync/tasks/main.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: Ensure shairport-sync is installed - become: true - ansible.builtin.apt: - name: shairport-sync - -- name: Ensure shairport-sync config is deployed - become: true - ansible.builtin.copy: - content: "{{ shairport_sync__config }}" - dest: /etc/shairport-sync.conf - mode: "644" - owner: root - group: root - notify: Restart shairport-sync service - -- name: Ensure shairport-sync service is enabled and started - become: true - ansible.builtin.systemd: - service: shairport-sync - state: started - enabled: true diff --git a/playbooks/roles/zigbee2mqtt/files/zigbee2mqtt.service b/playbooks/roles/zigbee2mqtt/files/zigbee2mqtt.service deleted file mode 100644 index 389e7a0..0000000 --- a/playbooks/roles/zigbee2mqtt/files/zigbee2mqtt.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=zigbee2mqtt -After=network.target - -[Service] -Environment=ZIGBEE2MQTT_DATA=/home/zigbee2mqtt/zigbee2mqtt_data -Environment=NODE_ENV=production -ExecStart=/usr/bin/npm start -WorkingDirectory=/opt/zigbee2mqtt -StandardOutput=inherit -# Or use StandardOutput=null if you don't want Zigbee2MQTT messages filling syslog, for more options see systemd.exec(5) -StandardError=inherit -Restart=always -RestartSec=10s -User=zigbee2mqtt - -[Install] -WantedBy=multi-user.target diff --git a/playbooks/roles/zigbee2mqtt/handlers/main.yaml b/playbooks/roles/zigbee2mqtt/handlers/main.yaml deleted file mode 100644 index 6036e5f..0000000 --- a/playbooks/roles/zigbee2mqtt/handlers/main.yaml +++ /dev/null @@ -1,12 +0,0 @@ -- name: Restart zigbee2mqtt - become: true - ansible.builtin.systemd: - name: zigbee2mqtt - state: restarted - -- name: Reload systemd-daemon and restart zigbee2mqtt - become: true - ansible.builtin.systemd: - name: zigbee2mqtt - state: restarted - daemon_reload: true diff --git a/playbooks/roles/zigbee2mqtt/meta/argument_specs.yaml b/playbooks/roles/zigbee2mqtt/meta/argument_specs.yaml deleted file mode 100644 index 54ab016..0000000 --- a/playbooks/roles/zigbee2mqtt/meta/argument_specs.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -argument_specs: - main: - options: - zigbee2mqtt__version: - description: zigbee2mqtt version to install - type: str - required: true - zigbee2mqtt__initial_config: - description: Configuration file content for initial deployment. - It does not replace the configuration if it already exists. - type: str - required: true diff --git a/playbooks/roles/zigbee2mqtt/meta/main.yaml b/playbooks/roles/zigbee2mqtt/meta/main.yaml deleted file mode 100644 index dd0c5ed..0000000 --- a/playbooks/roles/zigbee2mqtt/meta/main.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -dependencies: - - role: distribution_check - vars: - distribution_check__distribution_support_spec: - - name: Debian - major_versions: - - "11" - - "12" - - role: nodejs - vars: - nodejs__major_version: 16 diff --git a/playbooks/roles/zigbee2mqtt/tasks/main.yaml b/playbooks/roles/zigbee2mqtt/tasks/main.yaml deleted file mode 100644 index e1e0c5c..0000000 --- a/playbooks/roles/zigbee2mqtt/tasks/main.yaml +++ /dev/null @@ -1,87 +0,0 @@ -- name: Ensure acl is installed - become: true - ansible.builtin.apt: - name: acl - -- name: Ensure git is installed - become: true - ansible.builtin.apt: - name: git - -- name: Ensure zigbee2mqtt user exists - become: true - ansible.builtin.user: - name: zigbee2mqtt - groups: - - zigbee2mqtt - - dialout - group: zigbee2mqtt - -- name: Ensure installation directory exists - become: true - ansible.builtin.file: - dest: /opt/zigbee2mqtt - state: directory - mode: "755" - owner: zigbee2mqtt - group: zigbee2mqtt - -- name: Ensure zigbee2mqtt repository is cloned - become: true - become_user: zigbee2mqtt - ansible.builtin.git: - repo: https://github.com/Koenkk/zigbee2mqtt.git - depth: 1 - dest: /opt/zigbee2mqtt - version: "{{ zigbee2mqtt__version }}" - notify: Restart zigbee2mqtt - -- name: Ensure npm dependencies are installed - become: true - become_user: zigbee2mqtt - community.general.npm: - path: /opt/zigbee2mqtt - ci: true - changed_when: false # installs packages according to package-lock.json, but always reports a change - -- name: Ensure custom zigbee2mqtt data directory exists - become: true - ansible.builtin.file: - dest: /home/zigbee2mqtt/zigbee2mqtt_data - state: directory - mode: "755" - owner: zigbee2mqtt - group: zigbee2mqtt - -- name: Check configuration file status - ansible.builtin.stat: - path: /home/zigbee2mqtt/zigbee2mqtt_data/configuration.yaml - register: zigbee2mqtt__conf_stat - -- name: Ensure configuration file is deployed when it doesn't exist - become: true - when: not zigbee2mqtt__conf_stat.stat.exists - ansible.builtin.copy: - content: "{{ zigbee2mqtt__initial_config }}" - dest: /home/zigbee2mqtt/zigbee2mqtt_data/configuration.yaml - mode: "640" - owner: zigbee2mqtt - group: zigbee2mqtt - notify: Restart zigbee2mqtt - -- name: Ensure zigbee2mqtt service file is deployed - become: true - ansible.builtin.copy: - src: zigbee2mqtt.service - dest: /etc/systemd/system/zigbee2mqtt.service - mode: "644" - owner: root - group: root - notify: Reload systemd-daemon and restart zigbee2mqtt - -- name: Ensure zigbee2mqtt is enabled and started - become: true - ansible.builtin.systemd: - service: zigbee2mqtt - enabled: true - state: started diff --git a/playbooks/templates/z9/configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2 b/playbooks/templates/z9/configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2 deleted file mode 100644 index 183543a..0000000 --- a/playbooks/templates/z9/configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2 +++ /dev/null @@ -1,21 +0,0 @@ -homeassistant: true - -permit_join: false - -mqtt: - base_topic: zigbee2mqtt - server: 'mqtt://mqtt.z9' - -serial: - port: /dev/serial/by-id/usb-Texas_Instruments_TI_CC2531_USB_CDC___0X00124B0014DBC72F-if00 - -advanced: - network_key: [{{ zigbee2mqtt__network_key }}] - pan_id: 32673 - ext_pan_id: [58, 76, 37, 2, 22, 198, 237, 124] - channel: 11 - -frontend: - port: 8080 - host: localhost - url: https://zigbee2mqtt.z9