diff --git a/pis/inventory.yml b/inventory.yml similarity index 68% rename from pis/inventory.yml rename to inventory.yml index d9e63a7..3cb9b9b 100644 --- a/pis/inventory.yml +++ b/inventory.yml @@ -23,4 +23,6 @@ all: sensor_room_name: Küche vars: ansible_python_interpreter: /usr/bin/python3 - + squeezeserver: 192.168.178.80 + home_assistant_url: https://ha.bauer.tech + home_assistant_token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIxNjkxMWIzZmQ4ZWU0NDI0OTg0MjA0ZDllMDhkNGRlMCIsImlhdCI6MTU3ODE3MDU5MSwiZXhwIjoxODkzNTMwNTkxfQ.i7CdXEZy9DV9KPHAl-msK0rOfIUlPYo4zwwJ4UGhXuc diff --git a/newrpi-provisioning.yml b/newrpi-provisioning.yml new file mode 100644 index 0000000..e69de29 diff --git a/pis/01-download-and-prepare-raspi-image.yml b/pis/01-download-and-prepare-raspi-image.yml deleted file mode 100644 index 5c14501..0000000 --- a/pis/01-download-and-prepare-raspi-image.yml +++ /dev/null @@ -1,96 +0,0 @@ -# Run with -# ansible-playbook 01-download-and-prepare-raspi-image.yml ---- - -- hosts: 127.0.0.1 - connection: local - gather_facts: false - vars: - target_folder: "/media/martin/data_linux/tmp/" - vars_prompt: - - name: "ansible_become_pass" - prompt: "Sudo password to mount raspi image" - - name: "new_hostname" - prompt: "New hostname for the PI" - private: no - tasks: - # --- Preparation --- - - name: Download Raspian image - get_url: - url: "https://downloads.raspberrypi.org/raspbian_lite_latest" - dest: "{{target_folder}}/raspian_lite_latest.zip" - - name: Unpack Image - unarchive: - src: "{{target_folder}}/raspian_lite_latest.zip" - dest: "{{target_folder}}" - creates: "{{target_folder}}/*raspbian*.img" - - name: Make Folders to mount to - file: - path: "{{item}}" - state: directory - with_items: - - "{{target_folder}}/mounted_raspi_image" - - "{{target_folder}}/mounted_raspi_image/boot" - - "{{target_folder}}/mounted_raspi_image/system" - - name: Setup Loopback - become: true - shell: - cmd: "losetup -P /dev/loop42 {{target_folder}}/*raspbian*.img" - creates: "/dev/loop42p1" - - name: Mount Boot Partition - become: true - shell: - warn: false - cmd: "mount /dev/loop42p1 {{target_folder}}/mounted_raspi_image/boot" - creates: "{{target_folder}}/mounted_raspi_image/boot/kernel.img" - - name: Mount System Partition - become: true - shell: - warn: false - cmd: "mount /dev/loop42p2 {{target_folder}}/mounted_raspi_image/system" - creates: "{{target_folder}}/mounted_raspi_image/system/bin" - # --- Actual work --- - - name: "Add SSH File to boot partition to allow for first remote login" - become: true - file: - path: "{{target_folder}}/mounted_raspi_image/boot/ssh" - state: touch - - name: "Writing new hostname to /etc/hostname" - become: true - copy: - content: "{{new_hostname}}" - dest: "{{target_folder}}/mounted_raspi_image/system/etc/hostname" - # --- Wind-down - - name: Unmount System Partition - become: true - shell: - warn: false - cmd: "umount /dev/loop42p2" - removes: "{{target_folder}}/mounted_raspi_image/system/bin" - - name: Unmount Boot Partition - become: true - shell: - warn: false - cmd: "umount /dev/loop42p1" - removes: "{{target_folder}}/mounted_raspi_image/boot/kernel.img" - - name: Tear down loop device - become: true - shell: - cmd: "losetup -d /dev/loop42" - removes: "/dev/loop42p1" - - name: Remove folders - file: - path: "{{item}}" - state: absent - with_items: - - "{{target_folder}}/mounted_raspi_image" - - "{{target_folder}}/mounted_raspi_image/boot" - - "{{target_folder}}/mounted_raspi_image/system" - - "{{target_folder}}/raspian_lite_latest.zip" - - name: Final Image - debug: - msg: | - The prepared image is ready at {{target_folder}}. - Copy it to sdcard with - dd bs=4M status=progress if=the_image of=/dev/your/sdcard - use e.g. /dev/sdb not /dev/sdb1 ! diff --git a/pis/02-provision_new_pi.yml b/pis/02-provision_new_pi.yml deleted file mode 100644 index 233e757..0000000 --- a/pis/02-provision_new_pi.yml +++ /dev/null @@ -1,109 +0,0 @@ -# Run with -# ansible-playbook -i raspberrypi, 02-provision_new_pi.yml -# where "raspberrypi" is the hostname of the pi ---- - -- hosts: kitchenpi - gather_facts: false - vars: - timezone: "Europe/Berlin" - wifi_country: "DE" - wifi_ssid: "" # put SSID here to configure wifi - wifi_pass_url: "bauer_wifi" # has to be in keepass with url "wifi_pass_url" - ansible_ssh_pass: raspberry - ansible_become: yes - ansible_become_password: raspberry - new_hostname: "" # set this to change the hostname - vars_prompt: - - name: ansible_user - prompt: "User to connect with, put in 'pi' here if you connect the first time, else leave empty" - default: root - tasks: - - name: Do apt update/upgrade - apt: upgrade=yes update_cache=yes cache_valid_time=7200 - - name: Detect Raspi Model - slurp: src=/sys/firmware/devicetree/base/model - register: raspberry_model - - name: Show Raspi Model - debug: msg={{ raspberry_model.content | b64decode }} - - name: Add authorized SSH key to root account - authorized_key: - user: root - key: "{{ lookup('file', '../public_keys/martin_laptop.pub') }}" - state: present - - name: Activate root login with key - lineinfile: - path: /etc/ssh/sshd_config - regexp: "^#?PermitRootLogin" - line: "PermitRootLogin prohibit-password" - notify: restart sshd - - name: Deactive SSH accepting locale vars (leads to warnings) - lineinfile: - path: /etc/ssh/sshd_config - regexp: "^#?AcceptEnv LANG LC_*" - line: "#AcceptEnv LANG LC_*" - notify: restart sshd - - name: Get hostname - command: "raspi-config nonint get_hostname" - register: pi_hostname - changed_when: False - - name: Change hostname to {{ new_hostname }} - command: "raspi-config nonint do_hostname {{ new_hostname }}" - when: new_hostname | bool and pi_hostname.stdout != new_hostname - - name: set boot mode to CLI - command: "raspi-config nonint do_boot_behaviour B1" - #I2 Change Timezone - - name: Change timezone - command: "raspi-config nonint do_change_timezone {{ timezone }}" - - name: Change locale - command: "raspi-config nonint do_change_locale en_US.UTF-8" - - name: Change password of default pi account - user: - name: pi - update_password: always - password: "{{ lookup('keepass', 'default_rpi_password') | password_hash('sha512') }}" - - name: Install Packages (vim, git, basic python stuff) - apt: - name: - - vim - - git - - python3 - - python3-pip - - python3-wheel - cache_valid_time: 7200 - state: present - - name: Copy vim config - copy: src=../configs/vimrc dest=/root/.vimrc - - name: Copy git config - copy: src=../configs/gitconfig dest=/root/.gitconfig - # Wifi - - name: Get WiFi country - command: "raspi-config nonint get_wifi_country" - register: wifi_country - changed_when: False - ignore_errors: yes #to avoid error when WiFi is not present - - name: Change WiFi country - command: "raspi-config nonint do_wifi_country {{ wifi_country }}" - - name: Set WiFi credentials - command: "raspi-config nonint do_wifi_ssid_passphrase {{ wifi_ssid }} {{ lookup('keepass', wifi_pass_url) }}" - when: wifi_ssid | bool - # Message of the day - - name: Set Message of the day - copy: src=configs/motd/{{ inventory_hostname }} dest=/etc/motd - #- name: Remove motd tail - # copy: dest=/etc/motd. - # LED off script - - name: Copy led off script - copy: src=configs/raspi-leds-off.sh dest=/usr/sbin/raspi-leds-off.sh mode="u+rwx" - - name: Copy led off service - copy: src=configs/raspi-leds-off.service dest=/lib/systemd/system/ - - name: Activate led off servic - systemd: name=raspi-leds-off state=restarted enabled=yes daemon_reload=yes - - handlers: - - name: restart sshd - service: - name: sshd - state: restarted - - diff --git a/pis/03-shairport-install.yml b/pis/03-shairport-install.yml deleted file mode 100644 index df4bdf0..0000000 --- a/pis/03-shairport-install.yml +++ /dev/null @@ -1,44 +0,0 @@ -# Install instructions taken from -# https://github.com/mikebrady/shairport-sync/blob/master/INSTALL.md - ---- - -- hosts: kitchenpi - gather_facts: false - vars: - shairport_sync_version: "3.3.5" - remote_user: root - tasks: - - name: Apt install dependencies - apt: - cache_valid_time: 7200 - state: present - name: - - build-essential - - git - - xmltoman - - autoconf - - automake - - libtool - - libpopt-dev - - libconfig-dev - - libasound2-dev - - avahi-daemon - - libavahi-client-dev - - libssl-dev - - libsoxr-dev - - name: Build and Install Shairport sync (may take a while) - script: "scripts/build-shairport-sync.sh ${shairport_sync_version}" - args: - creates: /usr/local/bin/shairport-sync - - name: Copy config - template: src=configs/shairport-sync.conf dest=/etc/shairport-sync.conf - - name: Sync alsa config - template: src=configs/asound.conf dest=/etc/asound.conf - - name: Modify service file to run as root - lineinfile: - path: /lib/systemd/system/shairport-sync.service - regexp: "^#?User=" - line: "User=root" - - name: Restart shairport-sync - systemd: name=shairport-sync state=restarted enabled=yes daemon_reload=yes diff --git a/pis/04-squeezelite.yml b/pis/04-squeezelite.yml deleted file mode 100644 index c67f896..0000000 --- a/pis/04-squeezelite.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- hosts: kitchenpi - gather_facts: false - remote_user: root - tasks: - - name: Apt install squeezelite package - apt: name=squeezelite cache_valid_time=7200 state=present - - name: Install config file - template: src=configs/squeezelite.cfg dest=/etc/default/squeezelite - - name: Sync alsa config - template: src=configs/asound.conf dest=/etc/asound.conf - - name: Restart squeezelite - systemd: name=squeezelite state=restarted enabled=yes daemon_reload=yes diff --git a/pis/05-lirc.yml b/pis/05-lirc.yml deleted file mode 100644 index 7b8c404..0000000 --- a/pis/05-lirc.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -# lirc needs to be custom compiled on this kernel -# https://gist.github.com/billpatrianakos/cb72e984d4730043fe79cbe5fc8f7941 -- hosts: kitchenpi - gather_facts: false - remote_user: root - tasks: - #- name: Apt install lirc package - # apt: name=lirc cache_valid_time=7200 state=present - # ignore_errors: yes - - name: Install config file lirc_options.conf - copy: src=configs/lirc/lirc_options.conf dest=/etc/lirc/lirc_options.conf - - name: Install config file lircd.conf - copy: src=configs/lirc/lircd.conf dest=/etc/lirc/lircd.conf - - name: Install remote file - copy: src=configs/lirc/hauppauge.conf dest=/etc/lirc/hauppauge.conf - - name: create temporary directory - tempfile: - state: directory - suffix: temp - register: tempdir - - name: Copy over lirc customly compiled lirc packages - copy: - src: configs/lirc/debs/ - dest: "{{ tempdir.path }}" - when: tempdir.path is defined - - name: Install custom lirc package 1 - apt: - deb: "{{ tempdir.path }}/liblirc0_0.10.1-5.2_armhf.deb" - when: tempdir.path is defined - - name: Install custom lirc package 2 - apt: - deb: "{{ tempdir.path }}/liblircclient0_0.10.1-5.2_armhf.deb" - when: tempdir.path is defined - - name: Install custom lirc package 3 - apt: - deb: "{{ tempdir.path }}/lirc_0.10.1-5.2_armhf.deb" - when: tempdir.path is defined - - name: Activate overlay in boot config - lineinfile: - path: /boot/config.txt - regexp: "^#?dtoverlay=gpio-ir" - line: "dtoverlay=gpio-ir,gpio_pin=17" - register: boot_overlay - - name: Restart lircd - systemd: name=lircd state=restarted enabled=yes daemon_reload=yes - - name: Reboot if boot overlay changed - reboot: - when: boot_overlay.changed diff --git a/pis/06-hifiberry.yml b/pis/06-hifiberry.yml deleted file mode 100644 index 2d9cc4d..0000000 --- a/pis/06-hifiberry.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -- hosts: newrpi - gather_facts: false - remote_user: root - tasks: - - name: Deactivate normal audio - lineinfile: - path: /boot/config.txt - regexp: "^#?dtparam=audio=on" - line: "#dtparam=audio=on" - register: boot_overlay1 - - name: Activate Hifiberry - lineinfile: - path: /boot/config.txt - regexp: "^#?dtoverlay=hifiberry-amp" - line: "dtoverlay=hifiberry-amp" - register: boot_overlay2 - #- name: Reboot if boot overlay changed - # reboot: - # when: boot_overlay1.changed or boot_overlay2.changed - - -## State in /boot/config.txt -# dtoverlay=hifiberry-amp -# # remove old: -# #dtparam=audio=on \ No newline at end of file diff --git a/pis/07-dhtsensor.yml b/pis/07-dhtsensor.yml deleted file mode 100644 index 97c9dcb..0000000 --- a/pis/07-dhtsensor.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- - -- hosts: kitchenpi - gather_facts: false - remote_user: root - tasks: - - name: apt install libgpiod2 - apt: name=libgpiod2 cache_valid_time=7200 state=present - - name: pip install adafruit-circuitpython-dht - pip: - name: adafruit-circuitpython-dht - executable: pip3 - - name: Install script config - template: src=configs/dht22_sensing.json dest=/etc/dht22_sensing.json - - name: Install script - copy: src=configs/dht22_sensing.py dest=/usr/bin/dht22_sensing owner=root mode=u+rwx - - name: Install systemd service file - copy: src=configs/dht22_sensing.service dest=/lib/systemd/system/ - - name: Add script to autostart and start now - systemd: name=dht22_sensing state=restarted enabled=yes daemon_reload=yes diff --git a/pis/notes.md b/pis/notes.md deleted file mode 100644 index 05f93a7..0000000 --- a/pis/notes.md +++ /dev/null @@ -1,2 +0,0 @@ -/etc/modules - -> bedroompi: snd-bcm2835 \ No newline at end of file diff --git a/pis/sensor.py b/pis/sensor.py deleted file mode 100644 index 9ba6bbc..0000000 --- a/pis/sensor.py +++ /dev/null @@ -1,24 +0,0 @@ -# -*- coding: utf-8 -*- -import requests - -key = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIxNjkxMWIzZmQ4ZWU0NDI0OTg0MjA0ZDllMDhkNGRlMCIsImlhdCI6MTU3ODE3MDU5MSwiZXhwIjoxODkzNTMwNTkxfQ.i7CdXEZy9DV9KPHAl-msK0rOfIUlPYo4zwwJ4UGhXuc" -url = "https://ha.bauer.tech" - -headers = { - 'x-ha-access': key, - 'Authorization': "Bearer {}".format(key) -} - -apiurl = url + "/api/states/sensor.schlafzimmer_temperatur" - -data = { - "state": "19", - "attributes": { - "device_class": "temperature", - "friendly_name": "Schlafzimmer Temperatur", - "unit_of_measurement": "°C" - } -} -r = requests.post(apiurl, json=data, headers=headers) - -print(r) diff --git a/roles/pi-alsasetup/tasks/main.yml b/roles/pi-alsasetup/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/pis/configs/asound.conf b/roles/pi-alsasetup/templates/asound.conf similarity index 100% rename from pis/configs/asound.conf rename to roles/pi-alsasetup/templates/asound.conf diff --git a/roles/pi-dhtsensor/defaults/main.yml b/roles/pi-dhtsensor/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/pis/configs/dht22_sensing.py b/roles/pi-dhtsensor/files/dht22_sensing.py similarity index 100% rename from pis/configs/dht22_sensing.py rename to roles/pi-dhtsensor/files/dht22_sensing.py diff --git a/pis/configs/dht22_sensing.service b/roles/pi-dhtsensor/files/dht22_sensing.service similarity index 100% rename from pis/configs/dht22_sensing.service rename to roles/pi-dhtsensor/files/dht22_sensing.service diff --git a/roles/pi-dhtsensor/tasks/main.yml b/roles/pi-dhtsensor/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/pis/configs/dht22_sensing.json b/roles/pi-dhtsensor/templates/dht22_sensing.json similarity index 100% rename from pis/configs/dht22_sensing.json rename to roles/pi-dhtsensor/templates/dht22_sensing.json diff --git a/roles/pi-hifiberry-amp/handlers/main.yml b/roles/pi-hifiberry-amp/handlers/main.yml new file mode 100644 index 0000000..df6adcf --- /dev/null +++ b/roles/pi-hifiberry-amp/handlers/main.yml @@ -0,0 +1,7 @@ +- name: restart sshd + service: + name: sshd + state: restarted +- name: reboot + reboot: + diff --git a/roles/pi-hifiberry-amp/meta/main.yml b/roles/pi-hifiberry-amp/meta/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/pi-hifiberry-amp/tasks/main.yml b/roles/pi-hifiberry-amp/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/pi-knxd/flash-firmware.sh b/roles/pi-knxd/flash-firmware.sh new file mode 100644 index 0000000..e69de29 diff --git a/pis/configs/lirc/71-lirc.rules b/roles/pi-lirc/files/71-lirc.rules similarity index 100% rename from pis/configs/lirc/71-lirc.rules rename to roles/pi-lirc/files/71-lirc.rules diff --git a/pis/configs/lirc/debs/liblirc0_0.10.1-5.2_armhf.deb b/roles/pi-lirc/files/debs/liblirc0_0.10.1-5.2_armhf.deb similarity index 100% rename from pis/configs/lirc/debs/liblirc0_0.10.1-5.2_armhf.deb rename to roles/pi-lirc/files/debs/liblirc0_0.10.1-5.2_armhf.deb diff --git a/pis/configs/lirc/debs/liblircclient0_0.10.1-5.2_armhf.deb b/roles/pi-lirc/files/debs/liblircclient0_0.10.1-5.2_armhf.deb similarity index 100% rename from pis/configs/lirc/debs/liblircclient0_0.10.1-5.2_armhf.deb rename to roles/pi-lirc/files/debs/liblircclient0_0.10.1-5.2_armhf.deb diff --git a/pis/configs/lirc/debs/lirc_0.10.1-5.2_armhf.deb b/roles/pi-lirc/files/debs/lirc_0.10.1-5.2_armhf.deb similarity index 100% rename from pis/configs/lirc/debs/lirc_0.10.1-5.2_armhf.deb rename to roles/pi-lirc/files/debs/lirc_0.10.1-5.2_armhf.deb diff --git a/pis/configs/lirc/hauppauge.conf b/roles/pi-lirc/files/hauppauge.conf similarity index 100% rename from pis/configs/lirc/hauppauge.conf rename to roles/pi-lirc/files/hauppauge.conf diff --git a/pis/configs/lirc/lirc_options.conf b/roles/pi-lirc/files/lirc_options.conf similarity index 100% rename from pis/configs/lirc/lirc_options.conf rename to roles/pi-lirc/files/lirc_options.conf diff --git a/pis/configs/lirc/lircd.conf b/roles/pi-lirc/files/lircd.conf similarity index 100% rename from pis/configs/lirc/lircd.conf rename to roles/pi-lirc/files/lircd.conf diff --git a/roles/pi-lirc/tasks/main.yml b/roles/pi-lirc/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/pi-shairport/defaults/main.yml b/roles/pi-shairport/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/pis/scripts/build-shairport-sync.sh b/roles/pi-shairport/files/build-shairport-sync.sh similarity index 100% rename from pis/scripts/build-shairport-sync.sh rename to roles/pi-shairport/files/build-shairport-sync.sh diff --git a/roles/pi-shairport/meta/main.yml b/roles/pi-shairport/meta/main.yml new file mode 100644 index 0000000..d73d575 --- /dev/null +++ b/roles/pi-shairport/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - role: pi-alsasetup \ No newline at end of file diff --git a/roles/pi-shairport/tasks/main.yml b/roles/pi-shairport/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/pis/configs/shairport-sync.conf b/roles/pi-shairport/templates/shairport-sync.conf similarity index 100% rename from pis/configs/shairport-sync.conf rename to roles/pi-shairport/templates/shairport-sync.conf diff --git a/roles/pi-squeezelite/defaults/main.yml b/roles/pi-squeezelite/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/pi-squeezelite/handlers/main.yml b/roles/pi-squeezelite/handlers/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/pi-squeezelite/meta/main.yml b/roles/pi-squeezelite/meta/main.yml new file mode 100644 index 0000000..d73d575 --- /dev/null +++ b/roles/pi-squeezelite/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - role: pi-alsasetup \ No newline at end of file diff --git a/roles/pi-squeezelite/tasks/main.yml b/roles/pi-squeezelite/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/pis/configs/squeezelite.cfg b/roles/pi-squeezelite/templates/squeezelite.cfg similarity index 100% rename from pis/configs/squeezelite.cfg rename to roles/pi-squeezelite/templates/squeezelite.cfg diff --git a/roles/pi-standard-setup/defaults/main.yml b/roles/pi-standard-setup/defaults/main.yml new file mode 100644 index 0000000..837d414 --- /dev/null +++ b/roles/pi-standard-setup/defaults/main.yml @@ -0,0 +1,13 @@ +--- +wifi_ssid: "" # put SSID here to configure wifi +ansible_user: "root" # "User to connect with, put in 'pi' here if you connect the first time, else leave empty" +new_hostname: "" # set this to change the hostname + + +timezone: "Europe/Berlin" +wifi_country: "DE" +wifi_pass_url: "bauer_wifi" # has to be in keepass with url "wifi_pass_url" +ansible_ssh_pass: "raspberry" +ansible_become_password: "raspberry" +ansible_become: yes + diff --git a/configs/gitconfig b/roles/pi-standard-setup/files/gitconfig similarity index 100% rename from configs/gitconfig rename to roles/pi-standard-setup/files/gitconfig diff --git a/pis/configs/motd/bedroompi b/roles/pi-standard-setup/files/motd/bedroompi similarity index 100% rename from pis/configs/motd/bedroompi rename to roles/pi-standard-setup/files/motd/bedroompi diff --git a/pis/configs/motd/kitchenpi b/roles/pi-standard-setup/files/motd/kitchenpi similarity index 100% rename from pis/configs/motd/kitchenpi rename to roles/pi-standard-setup/files/motd/kitchenpi diff --git a/pis/configs/motd/newrpi b/roles/pi-standard-setup/files/motd/newrpi similarity index 100% rename from pis/configs/motd/newrpi rename to roles/pi-standard-setup/files/motd/newrpi diff --git a/pis/configs/raspi-leds-off.service b/roles/pi-standard-setup/files/raspi-leds-off.service similarity index 100% rename from pis/configs/raspi-leds-off.service rename to roles/pi-standard-setup/files/raspi-leds-off.service diff --git a/pis/configs/raspi-leds-off.sh b/roles/pi-standard-setup/files/raspi-leds-off.sh similarity index 100% rename from pis/configs/raspi-leds-off.sh rename to roles/pi-standard-setup/files/raspi-leds-off.sh diff --git a/public_keys/martin_laptop.pub b/roles/pi-standard-setup/files/sshkey.pub similarity index 100% rename from public_keys/martin_laptop.pub rename to roles/pi-standard-setup/files/sshkey.pub diff --git a/configs/vimrc b/roles/pi-standard-setup/files/vimrc similarity index 100% rename from configs/vimrc rename to roles/pi-standard-setup/files/vimrc diff --git a/roles/pi-standard-setup/handlers/main.yml b/roles/pi-standard-setup/handlers/main.yml new file mode 100644 index 0000000..df6adcf --- /dev/null +++ b/roles/pi-standard-setup/handlers/main.yml @@ -0,0 +1,7 @@ +- name: restart sshd + service: + name: sshd + state: restarted +- name: reboot + reboot: + diff --git a/roles/pi-standard-setup/tasks/main.yml b/roles/pi-standard-setup/tasks/main.yml new file mode 100644 index 0000000..9e90f83 --- /dev/null +++ b/roles/pi-standard-setup/tasks/main.yml @@ -0,0 +1,86 @@ +--- +- name: Do apt update/upgrade + apt: upgrade=yes update_cache=yes cache_valid_time=7200 +- name: Detect Raspi Model + slurp: src=/sys/firmware/devicetree/base/model + register: raspberry_model +- name: Show Raspi Model + debug: msg={{ raspberry_model.content | b64decode }} +- name: Add authorized SSH key to root account + authorized_key: + user: root + key: "{{ lookup('file', 'sshkey.pub') }}" + state: present +- name: Activate root login with key + lineinfile: + path: /etc/ssh/sshd_config + regexp: "^#?PermitRootLogin" + line: "PermitRootLogin prohibit-password" + notify: restart sshd +- name: Deactive SSH accepting locale vars (leads to warnings) + lineinfile: + path: /etc/ssh/sshd_config + regexp: "^#?AcceptEnv LANG LC_*" + line: "#AcceptEnv LANG LC_*" + notify: restart sshd +- name: Get hostname + command: "raspi-config nonint get_hostname" + register: pi_hostname + changed_when: False +- name: Change hostname to {{ new_hostname }} + command: "raspi-config nonint do_hostname {{ new_hostname }}" + when: new_hostname | bool and pi_hostname.stdout != new_hostname + register: set_hostname + notify: reboot +- name: Get hostname + command: "raspi-config nonint get_hostname" + when: set_hostname.changed + register: pi_hostname + changed_when: False +- name: set boot mode to CLI + command: "raspi-config nonint do_boot_behaviour B1" +#I2 Change Timezone +- name: Change timezone + command: "raspi-config nonint do_change_timezone {{ timezone }}" +- name: Change locale + command: "raspi-config nonint do_change_locale en_US.UTF-8" +- name: Change password of default pi account + user: + name: pi + update_password: always + password: "{{ lookup('keepass', 'default_rpi_password') | password_hash('sha512') }}" +- name: Install Packages (vim, git, basic python stuff) + apt: + name: + - vim + - git + - python3 + - python3-pip + - python3-wheel + cache_valid_time: 7200 + state: present +- name: Copy vim config + copy: src=vimrc dest=/root/.vimrc +- name: Copy git config + copy: src=gitconfig dest=/root/.gitconfig +# Wifi +- name: Get WiFi country + command: "raspi-config nonint get_wifi_country" + register: wifi_country + changed_when: False + ignore_errors: yes #to avoid error when WiFi is not present +- name: Change WiFi country + command: "raspi-config nonint do_wifi_country {{ wifi_country }}" +- name: Set WiFi credentials + command: "raspi-config nonint do_wifi_ssid_passphrase {{ wifi_ssid }} {{ lookup('keepass', wifi_pass_url) }}" + when: wifi_ssid | bool +# Message of the day +- name: Set Message of the day + copy: src=motd/{{ pi_hostname.stdout }} dest=/etc/motd +# LED off script +- name: Copy led off script + copy: src=configs/raspi-leds-off.sh dest=/usr/sbin/raspi-leds-off.sh mode="u+rwx" +- name: Copy led off service + copy: src=raspi-leds-off.service dest=/lib/systemd/system/ +- name: Activate led off servic + systemd: name=raspi-leds-off state=restarted enabled=yes daemon_reload=yes diff --git a/roles/pi-sysdweb/files/sysdweb-system.service b/roles/pi-sysdweb/files/sysdweb-system.service new file mode 100644 index 0000000..64a7d3d --- /dev/null +++ b/roles/pi-sysdweb/files/sysdweb-system.service @@ -0,0 +1,12 @@ +[Unit] +Description=Control systemd services through Web or REST API +Documentation=https://github.com/ogarcia/sysdweb +After=network.target +Requires=dbus.socket + +[Service] +ExecStart=/usr/local/bin/sysdweb -p 10080 -l 0.0.0.0 +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/roles/pi-sysdweb/tasks/main.yml b/roles/pi-sysdweb/tasks/main.yml new file mode 100644 index 0000000..880106e --- /dev/null +++ b/roles/pi-sysdweb/tasks/main.yml @@ -0,0 +1,38 @@ +--- + +- name: Apt install python3-pip + apt: + name: python3-pip + cache_valid_time: 7200 + state: present +- name: Install sysdweb + pip: + name: sysdweb + executable: pip3 +- name: sysdweb user + user: + name: sysdweb + shell: /usr/bin/nologin + password: "$6$TcTD23xOXln$RxN3Kd0vJRaxffoyKqjoBJM0Q5Va6REBVZ6BOgmGXs3fTAWc7voSW5QcN35t9pfro2do0LeSaeGsrMLbArZ.2." + update_password: always +- name: Configure sysdweb user + blockinfile: + path: /etc/sysdweb.conf + create: true + marker: "# {mark} ansible user" + block : | + [DEFAULT] + users = sysdweb +- name: Configure sysdweb + blockinfile: + path: /etc/sysdweb.conf + create: true + marker: "# {mark} ansible managed for {{sysdweb_name}}" + block: | + [{{sysdweb_name}}] + title = {{sysdweb_name}} + unit = {{sysdweb_name}}.service +- name: Install systemd service file + copy: src=sysdweb-system.service dest=/lib/systemd/system/ +- name: Enable sysdweb autostart + systemd: name=sysdweb-system state=restarted enabled=yes daemon_reload=yes diff --git a/scripts/create-raspian-image/create-raspian-image.sh b/scripts/create-raspian-image/create-raspian-image.sh new file mode 100644 index 0000000..b9fe446 --- /dev/null +++ b/scripts/create-raspian-image/create-raspian-image.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +set -e # exit on error + +TARGET_FOLDER="./rpi_image" +VERSION="2020-02-13" + +echo "This script downloads raspian lite, and modifies the image to enable SSH and set hostname" + +if [[ $EUID -ne 0 ]]; then + echo "This script must be run as root" + exit 1 +fi + +echo -n Hostname of new pi +read -p "Hostname of new pi [newrpi]: " RPI_HOSTNAME +RPI_HOSTNAME=${HOSTNAME:-newrpi} +SCRIPT_DIR=`pwd` +mkdir -p $TARGET_FOLDER +cd $TARGET_FOLDER + + +echo "Downloading image" +IMG_FILE_BASENAME=${VERSION}-raspbian-buster-lite.zip +wget http://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-${VERSION}/${IMG_FILE_BASENAME}.zip +wget http://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-${VERSION}/${IMG_FILE_BASENAME}.zip.sha256 + + +echo "Checksum verification" +sha256sum -c ${IMG_FILE_BASENAME}.zip.sha256 + + +echo "Unpack image" +unzip ${IMG_FILE_BASENAME}.zip +rm ${IMG_FILE_BASENAME}.zip + + +echo "Mounting image" +mkdir mounted_image +mkdir mounted_image/boot +mkdir mounted_image/system +losetup -P /dev/loop42 ${IMG_FILE_BASENAME}.img +mount /dev/loop42p1 mounted_image/boot +mount /dev/loop42p2 mounted_image/system + + +echo "Enabling SSH and writing hostname" +echo $RPI_HOSTNAME > mounted_image/system/etc/hostname +touch mounted_image/boot/ssh # startup ssh +sed -i "/^#PermitRootLogin/ cPermitRootLogin prohibit-password" mounted_image/system/etc/ssh/sshd_config +mkdir -p mounted_image/system/root/.ssh +cat $SCRIPT_DIR/public_keys/*.pub > mounted_image/system/root/.ssh/authorized_keys +chmod 700 mounted_image/system/root/.ssh +chmod 600 mounted_image/system/root/.ssh/authorized_keys + +echo "Unmounting image" +umount /dev/loop42p1 +umount /dev/loop42p2 +losetup -d /dev/loop42 +rmdir mounted_image/boot +rmdir mounted_image/system + + +echo "" +echo "" +echo "The image is ready in folder ${TARGET_FOLDER}" +echo "copy to SD card with" +echo " dd bs=4M status=progress if=the_image of=/dev/your/sdcard" +echo " use e.g. /dev/sdb not /dev/sdb1" diff --git a/scripts/create-raspian-image/sshkey.pub b/scripts/create-raspian-image/sshkey.pub new file mode 100644 index 0000000..4edd8fc --- /dev/null +++ b/scripts/create-raspian-image/sshkey.pub @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu66CgHoF+v1z5ydpu0SJzPuAa0eARLLggMAJY4vWcLfLTTlFjwPpO9kjkr4acUL5uLHZkAFqXQZC91io80bIfyBiM1i1yBq290x8sETgoNHrNzvcCQUBAeCxhcogi68F14BbpwBbejDTPKKybpuuAnVPj9YiHVFEDbqjLwoEY+HH7SkCsrK8qTyp9rHzwPGk0xPBwTnCPXqzvUCr/4H+m/5lamVIOW6XYoqnvAp5jP0mbadrmB0PwvK8cfgwPJWQeLJcqwl87mwHjjlrCinkpQbd2D8mR798bGmW/iTZ7GLCkyBNE34qKg24CzE0scWjqyWICXOrTYUXLORDt99/F martin@Laptop + diff --git a/scripts/hassio_rpi4 installation.md b/scripts/hassio_rpi4 installation.md new file mode 100644 index 0000000..e69de29