--- - name: Do apt update/upgrade apt: upgrade=yes update_cache=yes cache_valid_time=7200 - name: Detect Raspi Model slurp: src=/sys/firmware/devicetree/base/model register: raspberry_model - name: Show Raspi Model debug: msg={{ raspberry_model.content | b64decode }} - name: Add authorized SSH key to root account authorized_key: user: root key: "{{ lookup('file', 'sshkey.pub') }}" state: present - name: Activate root login with key lineinfile: path: /etc/ssh/sshd_config regexp: "^#?PermitRootLogin" line: "PermitRootLogin prohibit-password" notify: restart sshd - name: Deactive SSH accepting locale vars (leads to warnings) lineinfile: path: /etc/ssh/sshd_config regexp: "^#?AcceptEnv LANG LC_*" line: "#AcceptEnv LANG LC_*" notify: restart sshd - name: Get hostname command: "raspi-config nonint get_hostname" register: pi_hostname changed_when: False - name: Change hostname {{ new_hostname }} command: "raspi-config nonint do_hostname {{ new_hostname }}" when: new_hostname | bool and pi_hostname.stdout != new_hostname register: set_hostname notify: reboot - name: Get hostname command: "raspi-config nonint get_hostname" register: pi_hostname changed_when: False - name: set boot mode to CLI command: "raspi-config nonint do_boot_behaviour B1" #I2 Change Timezone - name: Change timezone command: "raspi-config nonint do_change_timezone {{ timezone }}" - name: Change locale command: "raspi-config nonint do_change_locale en_US.UTF-8" - name: Change password of default pi account user: name: pi update_password: always password: "{{ lookup('keepass', 'default_rpi_password') | password_hash('sha512') }}" - name: Install Packages (vim, git, basic python stuff) apt: name: - vim - git - python3 - python3-pip - python3-wheel cache_valid_time: 7200 state: present - name: Copy vim config copy: src=vimrc dest=/root/.vimrc - name: Copy git config copy: src=gitconfig dest=/root/.gitconfig # Wifi - name: Get WiFi country command: "raspi-config nonint get_wifi_country" register: wifi_country changed_when: False ignore_errors: yes #to avoid error when WiFi is not present - name: Change WiFi country command: "raspi-config nonint do_wifi_country {{ wifi_country }}" when: configure_wifi - name: Set WiFi credentials command: "raspi-config nonint do_wifi_ssid_passphrase {{ wifi_ssid }} {{ lookup('keepass', 'bauer_wifi') }}" when: configure_wifi - name: Install watchdog apt: name=watchdog cache_valid_time=7200 state=present when: not wifi_ssid is defined - name: Configure watchdog blockinfile: path: /etc/watchdog.conf block: | interface = wlan0 retry-timeout = 90 ping = {{router_ip}} interval = 15 when: configure_wifi - name: Start watchdog systemd: name=watchdog state=restarted enabled=yes daemon_reload=yes when: configure_wifi # Message of the day - name: Set Message of the day copy: src=motd/{{ pi_hostname.stdout }} dest=/etc/motd # LED off script - name: Copy led off script copy: src=raspi-leds-off.sh dest=/usr/sbin/raspi-leds-off.sh mode="u+rwx" - name: Copy led off service copy: src=raspi-leds-off.service dest=/lib/systemd/system/ - name: Activate led off servic systemd: name=raspi-leds-off state=restarted enabled=yes daemon_reload=yes