# HG changeset patch # User Luke Hoersten # Date 1581271537 21600 # Node ID 2556522a2a45a987f0b5bb08d04c2320e25e039f # Parent fd351734f0078513ebe534dc9c143a9a45b499bf Moved roles to top level diff -r fd351734f007 -r 2556522a2a45 apt-cacher/client/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/apt-cacher/client/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,3 @@ +--- + +apt_cacher_port: "3142" diff -r fd351734f007 -r 2556522a2a45 apt-cacher/client/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/apt-cacher/client/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,7 @@ +--- + +- name: configure apt-cacher proxy + become: yes + template: + src: "02proxy.j2" + dest: "/etc/apt/apt.conf.d/02proxy" diff -r fd351734f007 -r 2556522a2a45 apt-cacher/client/templates/02proxy.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/apt-cacher/client/templates/02proxy.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,1 @@ +Acquire::http::proxy "http://{{apt_cacher_host}}:{{apt_cacher_port}}"; diff -r fd351734f007 -r 2556522a2a45 apt-cacher/server/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/apt-cacher/server/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,5 @@ +--- + +apt_cacher_cache_dir: "/var/cache/apt-cacher-ng" +apt_cacher_log_dir: "/var/log/apt-cacher-ng" +apt_cacher_port: "3142" diff -r fd351734f007 -r 2556522a2a45 apt-cacher/server/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/apt-cacher/server/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,17 @@ +--- + +- name: install apt packages + become: yes + apt: name="apt-cacher-ng" + +- name: configure apt-cacher dirs + become: yes + lineinfile: + path: "/etc/apt-cacher-ng/acng.conf" + regexp: "^{{item.key}}:" + insertafter: "^# {{item.key}}:" + line: "{{item.key}}: {{item.val}}" + with_items: + - { key: "CacheDir", val: "{{apt_cacher_cache_dir}}" } + - { key: "LogDir", val: "{{apt_cacher_log_dir}}" } + - { key: "Port", val: "{{apt_cacher_port}}" } diff -r fd351734f007 -r 2556522a2a45 aws-s3-backup/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/aws-s3-backup/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,6 @@ +--- + +aws_s3_backup_region: "us-east-1" +aws_s3_backup_pip_packages: + - "awscli" + - "boto3" diff -r fd351734f007 -r 2556522a2a45 aws-s3-backup/files/aws-s3-backup.target --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/aws-s3-backup/files/aws-s3-backup.target Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,3 @@ +[Unit] +Description=AWS S3 backup target +StopWhenUnneeded=yes diff -r fd351734f007 -r 2556522a2a45 aws-s3-backup/files/aws-s3-backup.timer --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/aws-s3-backup/files/aws-s3-backup.timer Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,10 @@ +[Unit] +Description=Daily AWS S3 backup + +[Timer] +OnCalendar=daily +Persistent=true +Unit=aws-s3-backup.target + +[Install] +WantedBy=timers.target diff -r fd351734f007 -r 2556522a2a45 aws-s3-backup/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/aws-s3-backup/handlers/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,9 @@ +--- + +- name: reload timer + systemd: name="aws-s3-backup.timer" enabled="yes" daemon_reload="yes" + become: yes + +- name: reload target + systemd: name="aws-s3-backup.target" enabled="yes" daemon_reload="yes" + become: yes diff -r fd351734f007 -r 2556522a2a45 aws-s3-backup/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/aws-s3-backup/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,38 @@ +--- + +- name: apt install pip + become: yes + apt: name="python-pip" + +- name: pip install aws cli packages + become: yes + pip: name="{{aws_s3_backup_pip_packages}}" + +- name: create aws config dir for root + become: yes + file: path="/root/.aws/" state="directory" mode="0755" + +- name: configure aws credentials for root + become: yes + template: src="aws-{{item}}.j2" dest="/root/.aws/{{item}}" mode="0600" + with_items: + - "credentials" + - "config" + +- name: create systemd target + become: yes + copy: + src: "aws-s3-backup.target" + dest: "/lib/systemd/system/aws-s3-backup.target" + notify: reload target + +- name: create systemd timer + become: yes + copy: + src: "aws-s3-backup.timer" + dest: "/lib/systemd/system/aws-s3-backup.timer" + notify: reload timer + +- name: ensure timer is started + become: yes + systemd: name="aws-s3-backup.timer" enabled="yes" state="started" diff -r fd351734f007 -r 2556522a2a45 aws-s3-backup/templates/aws-config.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/aws-s3-backup/templates/aws-config.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,5 @@ +# {{ansible_managed}} + +[default] +region={{aws_s3_backup_region}} +output=json diff -r fd351734f007 -r 2556522a2a45 aws-s3-backup/templates/aws-credentials.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/aws-s3-backup/templates/aws-credentials.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,5 @@ +# {{ansible_managed}} + +[default] +aws_access_key_id={{aws_access_key}} +aws_secret_access_key={{aws_secret_key}} diff -r fd351734f007 -r 2556522a2a45 base/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/base/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,13 @@ +--- + +rpi_base_enable_wifi: True +rpi_base_timezone: "America/Chicago" +rpi_base_apt_packages: + - "log2ram" + - "fail2ban" + - "unattended-upgrades" + - "emacs-nox" + - "htop" + - "jq" + - "tree" + - "iperf3" diff -r fd351734f007 -r 2556522a2a45 base/files/jail.local --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/base/files/jail.local Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,10 @@ +[ssh] + +enabled = true +port = ssh +filter = sshd +logpath = /var/log/auth.log +bantime = 900 +banaction = iptables-allports +findtime = 900 +maxretry = 3 diff -r fd351734f007 -r 2556522a2a45 base/tasks/main.yml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/base/tasks/main.yml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,42 @@ +--- + +- name: turn swap off + become: yes + command: "swapoff -a" + changed_when: false + +- name: remove swap apt package + become: yes + apt: state="absent" name="dphys-swapfile" + +- name: add log2ram apt key + become: yes + apt_key: url="https://azlux.fr/repo.gpg.key" + +- name: add log2ram apt repo + become: yes + apt_repository: repo="deb http://packages.azlux.fr/debian/ buster main" + +- name: set timezone + become: yes + timezone: name="{{rpi_base_timezone}}" + +- name: setup wifi + become: yes + template: src="wpa_supplicant.conf.j2" dest="/etc/wpa_supplicant/wpa_supplicant.conf" mode="0644" + +- name: update apt package cache + become: yes + apt: upgrade="dist" autoremove="yes" autoclean="yes" update_cache="yes" cache_valid_time="3600" + +- name: install extra apt packages + become: yes + apt: name="{{rpi_base_apt_packages}}" state="latest" + +- name: install fail2ban config + become: yes + copy: src="jail.local" dest="/etc/fail2ban/jail.local" + +- name: authorize admin ssh keys + become: yes + authorized_key: user="{{ansible_user}}" key="https://github.com/{{github_user}}.keys" diff -r fd351734f007 -r 2556522a2a45 base/templates/wpa_supplicant.conf.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/base/templates/wpa_supplicant.conf.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,14 @@ +# {{ansible_managed}} + +country=US +ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev +update_config=1 +{% for network in wpa_networks %} + +network={ + ssid="{{network.ssid}}" + psk="{{network.psk}}" + disabled={% if rpi_base_enable_wifi %}0{% else %}1{% endif %} + +} +{% endfor %} diff -r fd351734f007 -r 2556522a2a45 block-device/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/block-device/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,7 @@ +--- + +block_device_user: "{{ansible_user}}" +block_device_group: "{{ansible_group}}" +block_device_mode: "0755" +block_device_umask: "0022" +block_device_opts: "defaults" diff -r fd351734f007 -r 2556522a2a45 block-device/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/block-device/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,17 @@ +--- + +- name: create mount point + become: yes + file: + path: "{{block_device_mount_point}}" + mode: "{{block_device_mode}}" + state: "directory" + +- name: mount block device + become: yes + mount: + path: "{{block_device_mount_point}}" + src: "{{block_device_uuid}}" + fstype: "{{block_device_fstype}}" + opts: "{{block_device_opts}}" + state: "mounted" diff -r fd351734f007 -r 2556522a2a45 homebridge/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/homebridge/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,24 @@ +--- + +homebridge_user: "homebridge" +homebridge_dir: "/home/{{homebridge_user}}" +homebridge_restart_sec: "10" + +homebridge_pin: "031-45-154" +homebridge_port: "51900" + +homebridge_apt_packages: + - "libavahi-compat-libdnssd-dev" + - "ffmpeg" + +homebridge_npm_packages: + - "homebridge-camera-ffmpeg" + - "homebridge-roomba-stv" + +homebridge_rtsp_vcodec: "h264_omx" +homebridge_rtsp_debug: "false" +homebridge_rtsp_max_streams: 5 + +homebridge_roomba_auto_refresh: "true" +homebridge_roomba_keep_alive: "true" +homebridge_roomba_cache_TTL: "30" diff -r fd351734f007 -r 2556522a2a45 homebridge/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/homebridge/handlers/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,5 @@ +--- + +- name: restart homebridge service + systemd: name="homebridge" state="restarted" daemon_reload="yes" + become: yes diff -r fd351734f007 -r 2556522a2a45 homebridge/meta/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/homebridge/meta/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,4 @@ +--- + +dependencies: + - nodejs diff -r fd351734f007 -r 2556522a2a45 homebridge/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/homebridge/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,56 @@ +--- + +- name: create homebridge user + become: yes + user: + name: "{{homebridge_user}}" + comment: "Homebridge" + shell: "/bin/false" + home: "{{homebridge_dir}}" + groups: "video,spi,i2c,gpio" + move_home: yes + notify: restart homebridge service + +- name: create homebridge directory + become: yes + file: + path: "{{homebridge_dir}}" + state: "directory" + owner: "{{homebridge_user}}" + group: "{{homebridge_user}}" + mode: "0755" + +- name: install homebridge apt deps + become: yes + apt: name="{{homebridge_apt_packages}}" + +- name: install homebridge + become: yes + become_user: "{{homebridge_user}}" + npm: name="homebridge" global="yes" + notify: restart homebridge service + +- name: install platform accessories + become: yes + become_user: "{{homebridge_user}}" + npm: name="{{item}}" global="yes" + notify: restart homebridge service + with_items: "{{homebridge_npm_packages}}" + +- name: configure homebridge + become: yes + template: + src: "config.json.j2" + dest: "{{homebridge_dir}}/config.json" + notify: restart homebridge service + +- name: configure systemd service + become: yes + template: + src: "homebridge.service.j2" + dest: "/lib/systemd/system/homebridge.service" + notify: restart homebridge service + +- name: ensure homebridge is started + become: yes + systemd: name="homebridge.service" enabled="yes" state="started" diff -r fd351734f007 -r 2556522a2a45 homebridge/templates/config.json.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/homebridge/templates/config.json.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,48 @@ +{ + "bridge": { + "name": "Homebridge", + "username": "{{ansible_default_ipv4.macaddress | upper}}", + "port": {{homebridge_port}}, + "pin": "{{homebridge_pin}}" + }, + + "description": "Homebridge", + + "platforms": [ + + {"platform": "Camera-ffmpeg", + "cameras": [ + + {% for cam in homebridge_rtsp_cams %} + {"name": "{{cam.name}}", "videoConfig": { + "source": "-i {{cam.rtsp_url}}", + "stillImageSource": "-i {{cam.rtsp_url}} -vframes 1 -r 1", + "vcodec": "{{homebridge_rtsp_vcodec}}", + "maxStreams": {{homebridge_rtsp_max_streams}}, + "debug": {{homebridge_rtsp_debug}} + } + {% if not loop.last %} + }, + {% else %} + } + {% endif %} + {% endfor %} + ]} + + ], + + "accessories": [ + { + "accessory": "Roomba", + "name": "Roomba", + "model": "{{homebridge_roomba_model}}", + "blid": "{{homebridge_roomba_blid}}", + "robotpwd": "{{homebridge_roomba_passwd}}", + "ipaddress": "{{homebridge_roomba_ip}}", + "autoRefreshEnabled": {{homebridge_roomba_auto_refresh}}, + "keepAliveEnabled": {{homebridge_roomba_keep_alive}}, + "cacheTTL": {{homebridge_roomba_cache_TTL}} + } + ] + +} diff -r fd351734f007 -r 2556522a2a45 homebridge/templates/homebridge.service.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/homebridge/templates/homebridge.service.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,16 @@ +# {{ansible_managed}} + +[Unit] +Description=Homebridge + +[Service] +User={{homebridge_user}} +Group={{homebridge_user}} +Restart=always +RestartSec={{homebridge_restart_sec}} + +WorkingDirectory={{homebridge_dir}} +ExecStart=/usr/bin/node /opt/{{nodejs_dir}}/bin/homebridge -U {{homebridge_dir}} + +[Install] +WantedBy=default.target diff -r fd351734f007 -r 2556522a2a45 mercurial/files/mercurial-s3-backup.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mercurial/files/mercurial-s3-backup.sh Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,10 @@ +#!/bin/bash + +BUCKET=$1 +DATE=`date --iso-8601` +BACKUP_DIR=$2 +BACKUP_TAR="/tmp/$BUCKET-$DATE.tgz" + +tar -zc -f $BACKUP_TAR $BACKUP_DIR +aws s3 mb "s3://$BUCKET/" +aws s3 cp $BACKUP_TAR "s3://$BUCKET/" diff -r fd351734f007 -r 2556522a2a45 mercurial/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mercurial/handlers/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,5 @@ +--- + +- name: reload s3 backup service + systemd: name="mercurial-s3-backup@{{mercurial_s3_backup_bucket}}.service" enabled="yes" daemon_reload="yes" + become: yes diff -r fd351734f007 -r 2556522a2a45 mercurial/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mercurial/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,23 @@ +--- + +- name: install mercurial + become: yes + apt: name="mercurial" + +- name: create mercurial s3 backup shell script + become: yes + copy: + src: "mercurial-s3-backup.sh" + dest: "/usr/local/bin/mercurial-s3-backup.sh" + mode: "0755" + +- name: configure mercurial s3 backup systemd service + become: yes + template: + src: "mercurial-s3-backup@.service.j2" + dest: "/lib/systemd/system/mercurial-s3-backup@{{mercurial_s3_backup_bucket}}.service" + notify: reload s3 backup service + +- name: ensure mercurial s3 backup service is started + become: yes + systemd: name="mercurial-s3-backup@{{mercurial_s3_backup_bucket}}.service" enabled="yes" diff -r fd351734f007 -r 2556522a2a45 mercurial/templates/mercurial-s3-backup@.service.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mercurial/templates/mercurial-s3-backup@.service.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,9 @@ +[Unit] +Description=Mercurial s3 backup for "%I" + +[Service] +Type=oneshot +ExecStart=/usr/local/bin/mercurial-s3-backup.sh %i "{{mercurial_s3_backup_dir}}" + +[Install] +WantedBy=aws-s3-backup.target diff -r fd351734f007 -r 2556522a2a45 nodejs/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nodejs/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,7 @@ +--- + +nodejs_tag: "latest-v11.x" +nodejs_version: "11.15.0" +nodejs_arch: "{{ansible_architecture}}" +nodejs_dir: "node-v{{nodejs_version}}-{{ansible_system | lower}}-{{nodejs_arch}}" +nodejs_src: "https://nodejs.org/dist/{{nodejs_tag}}/{{nodejs_dir}}.tar.gz" diff -r fd351734f007 -r 2556522a2a45 nodejs/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nodejs/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,21 @@ +--- + +- name: download and unarchive nodejs + become: yes + unarchive: + src: "https://nodejs.org/dist/{{nodejs_tag}}/{{nodejs_dir}}.tar.xz" + dest: "/opt/" + remote_src: yes + creates: "/opt/{{nodejs_dir}}" + +# sudo update-alternatives --install "/usr/bin/node" "node" "/opt/node/bin/node" 1 +- name: update node alterantives + become: yes + alternatives: + link: "/usr/bin/{{item}}" + name: "{{item}}" + path: "/opt/{{nodejs_dir}}/bin/{{item}}" + priority: "1" + with_items: + - "node" + - "npm" diff -r fd351734f007 -r 2556522a2a45 plex/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/plex/handlers/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,5 @@ +--- + +- name: restart plex service + systemd: name="plexmediaserver" state="restarted" daemon_reload="yes" + become: yes diff -r fd351734f007 -r 2556522a2a45 plex/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/plex/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,21 @@ +--- + +# https://forums.plex.tv/t/read-me-first-about-server-armv7-and-armv8-ubuntu-debian/226567 + +- name: add plex apt key + become: yes + apt_key: url="https://downloads.plex.tv/plex-keys/PlexSign.key" + +- name: add plex apt repo + become: yes + apt_repository: repo="deb http://downloads.plex.tv/repo/deb public main" + notify: restart plex service + +- name: update apt package cache + become: yes + apt: upgrade="dist" update_cache="yes" cache_valid_time="3600" + +- name: install plex server + become: yes + apt: name="plexmediaserver" + notify: restart plex service diff -r fd351734f007 -r 2556522a2a45 prometheus/client/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prometheus/client/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,4 @@ +--- + +- name: install prometheus node exporter + apt: name="prometheus-node-exportery" diff -r fd351734f007 -r 2556522a2a45 prometheus/server/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prometheus/server/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,19 @@ +--- + +- name: add grafana apt key + become: yes + apt_key: url="https://packages.grafana.com/gpg.key" + +- name: add grafana apt repo + become: yes + apt_repository: repo="deb https://packages.grafana.com/oss/deb stable main" + +- name: install prometheus and grafana + become: yes + apt: name="{{item}}" state="latest" + with_items: + - "prometheus" + - "grafana" + +# /etc/prometheus/prometheus.yml +# /etc/grafana/grafana.ini diff -r fd351734f007 -r 2556522a2a45 roles/apt-cacher/client/defaults/main.yaml --- a/roles/apt-cacher/client/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,3 +0,0 @@ ---- - -apt_cacher_port: "3142" diff -r fd351734f007 -r 2556522a2a45 roles/apt-cacher/client/tasks/main.yaml --- a/roles/apt-cacher/client/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,7 +0,0 @@ ---- - -- name: configure apt-cacher proxy - become: yes - template: - src: "02proxy.j2" - dest: "/etc/apt/apt.conf.d/02proxy" diff -r fd351734f007 -r 2556522a2a45 roles/apt-cacher/client/templates/02proxy.j2 --- a/roles/apt-cacher/client/templates/02proxy.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -Acquire::http::proxy "http://{{apt_cacher_host}}:{{apt_cacher_port}}"; diff -r fd351734f007 -r 2556522a2a45 roles/apt-cacher/server/defaults/main.yaml --- a/roles/apt-cacher/server/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ ---- - -apt_cacher_cache_dir: "/var/cache/apt-cacher-ng" -apt_cacher_log_dir: "/var/log/apt-cacher-ng" -apt_cacher_port: "3142" diff -r fd351734f007 -r 2556522a2a45 roles/apt-cacher/server/tasks/main.yaml --- a/roles/apt-cacher/server/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,17 +0,0 @@ ---- - -- name: install apt packages - become: yes - apt: name="apt-cacher-ng" - -- name: configure apt-cacher dirs - become: yes - lineinfile: - path: "/etc/apt-cacher-ng/acng.conf" - regexp: "^{{item.key}}:" - insertafter: "^# {{item.key}}:" - line: "{{item.key}}: {{item.val}}" - with_items: - - { key: "CacheDir", val: "{{apt_cacher_cache_dir}}" } - - { key: "LogDir", val: "{{apt_cacher_log_dir}}" } - - { key: "Port", val: "{{apt_cacher_port}}" } diff -r fd351734f007 -r 2556522a2a45 roles/aws-s3-backup/defaults/main.yaml --- a/roles/aws-s3-backup/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,6 +0,0 @@ ---- - -aws_s3_backup_region: "us-east-1" -aws_s3_backup_pip_packages: - - "awscli" - - "boto3" diff -r fd351734f007 -r 2556522a2a45 roles/aws-s3-backup/files/aws-s3-backup.target --- a/roles/aws-s3-backup/files/aws-s3-backup.target Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,3 +0,0 @@ -[Unit] -Description=AWS S3 backup target -StopWhenUnneeded=yes diff -r fd351734f007 -r 2556522a2a45 roles/aws-s3-backup/files/aws-s3-backup.timer --- a/roles/aws-s3-backup/files/aws-s3-backup.timer Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,10 +0,0 @@ -[Unit] -Description=Daily AWS S3 backup - -[Timer] -OnCalendar=daily -Persistent=true -Unit=aws-s3-backup.target - -[Install] -WantedBy=timers.target diff -r fd351734f007 -r 2556522a2a45 roles/aws-s3-backup/handlers/main.yaml --- a/roles/aws-s3-backup/handlers/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,9 +0,0 @@ ---- - -- name: reload timer - systemd: name="aws-s3-backup.timer" enabled="yes" daemon_reload="yes" - become: yes - -- name: reload target - systemd: name="aws-s3-backup.target" enabled="yes" daemon_reload="yes" - become: yes diff -r fd351734f007 -r 2556522a2a45 roles/aws-s3-backup/tasks/main.yaml --- a/roles/aws-s3-backup/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,38 +0,0 @@ ---- - -- name: apt install pip - become: yes - apt: name="python-pip" - -- name: pip install aws cli packages - become: yes - pip: name="{{aws_s3_backup_pip_packages}}" - -- name: create aws config dir for root - become: yes - file: path="/root/.aws/" state="directory" mode="0755" - -- name: configure aws credentials for root - become: yes - template: src="aws-{{item}}.j2" dest="/root/.aws/{{item}}" mode="0600" - with_items: - - "credentials" - - "config" - -- name: create systemd target - become: yes - copy: - src: "aws-s3-backup.target" - dest: "/lib/systemd/system/aws-s3-backup.target" - notify: reload target - -- name: create systemd timer - become: yes - copy: - src: "aws-s3-backup.timer" - dest: "/lib/systemd/system/aws-s3-backup.timer" - notify: reload timer - -- name: ensure timer is started - become: yes - systemd: name="aws-s3-backup.timer" enabled="yes" state="started" diff -r fd351734f007 -r 2556522a2a45 roles/aws-s3-backup/templates/aws-config.j2 --- a/roles/aws-s3-backup/templates/aws-config.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ -# {{ansible_managed}} - -[default] -region={{aws_s3_backup_region}} -output=json diff -r fd351734f007 -r 2556522a2a45 roles/aws-s3-backup/templates/aws-credentials.j2 --- a/roles/aws-s3-backup/templates/aws-credentials.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ -# {{ansible_managed}} - -[default] -aws_access_key_id={{aws_access_key}} -aws_secret_access_key={{aws_secret_key}} diff -r fd351734f007 -r 2556522a2a45 roles/base/defaults/main.yaml --- a/roles/base/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,13 +0,0 @@ ---- - -rpi_base_enable_wifi: True -rpi_base_timezone: "America/Chicago" -rpi_base_apt_packages: - - "log2ram" - - "fail2ban" - - "unattended-upgrades" - - "emacs-nox" - - "htop" - - "jq" - - "tree" - - "iperf3" diff -r fd351734f007 -r 2556522a2a45 roles/base/files/jail.local --- a/roles/base/files/jail.local Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,10 +0,0 @@ -[ssh] - -enabled = true -port = ssh -filter = sshd -logpath = /var/log/auth.log -bantime = 900 -banaction = iptables-allports -findtime = 900 -maxretry = 3 diff -r fd351734f007 -r 2556522a2a45 roles/base/tasks/main.yml --- a/roles/base/tasks/main.yml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,42 +0,0 @@ ---- - -- name: turn swap off - become: yes - command: "swapoff -a" - changed_when: false - -- name: remove swap apt package - become: yes - apt: state="absent" name="dphys-swapfile" - -- name: add log2ram apt key - become: yes - apt_key: url="https://azlux.fr/repo.gpg.key" - -- name: add log2ram apt repo - become: yes - apt_repository: repo="deb http://packages.azlux.fr/debian/ buster main" - -- name: set timezone - become: yes - timezone: name="{{rpi_base_timezone}}" - -- name: setup wifi - become: yes - template: src="wpa_supplicant.conf.j2" dest="/etc/wpa_supplicant/wpa_supplicant.conf" mode="0644" - -- name: update apt package cache - become: yes - apt: upgrade="dist" autoremove="yes" autoclean="yes" update_cache="yes" cache_valid_time="3600" - -- name: install extra apt packages - become: yes - apt: name="{{rpi_base_apt_packages}}" state="latest" - -- name: install fail2ban config - become: yes - copy: src="jail.local" dest="/etc/fail2ban/jail.local" - -- name: authorize admin ssh keys - become: yes - authorized_key: user="{{ansible_user}}" key="https://github.com/{{github_user}}.keys" diff -r fd351734f007 -r 2556522a2a45 roles/base/templates/wpa_supplicant.conf.j2 --- a/roles/base/templates/wpa_supplicant.conf.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,14 +0,0 @@ -# {{ansible_managed}} - -country=US -ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev -update_config=1 -{% for network in wpa_networks %} - -network={ - ssid="{{network.ssid}}" - psk="{{network.psk}}" - disabled={% if rpi_base_enable_wifi %}0{% else %}1{% endif %} - -} -{% endfor %} diff -r fd351734f007 -r 2556522a2a45 roles/block-device/defaults/main.yaml --- a/roles/block-device/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,7 +0,0 @@ ---- - -block_device_user: "{{ansible_user}}" -block_device_group: "{{ansible_group}}" -block_device_mode: "0755" -block_device_umask: "0022" -block_device_opts: "defaults" diff -r fd351734f007 -r 2556522a2a45 roles/block-device/tasks/main.yaml --- a/roles/block-device/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,17 +0,0 @@ ---- - -- name: create mount point - become: yes - file: - path: "{{block_device_mount_point}}" - mode: "{{block_device_mode}}" - state: "directory" - -- name: mount block device - become: yes - mount: - path: "{{block_device_mount_point}}" - src: "{{block_device_uuid}}" - fstype: "{{block_device_fstype}}" - opts: "{{block_device_opts}}" - state: "mounted" diff -r fd351734f007 -r 2556522a2a45 roles/homebridge/defaults/main.yaml --- a/roles/homebridge/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,24 +0,0 @@ ---- - -homebridge_user: "homebridge" -homebridge_dir: "/home/{{homebridge_user}}" -homebridge_restart_sec: "10" - -homebridge_pin: "031-45-154" -homebridge_port: "51900" - -homebridge_apt_packages: - - "libavahi-compat-libdnssd-dev" - - "ffmpeg" - -homebridge_npm_packages: - - "homebridge-camera-ffmpeg" - - "homebridge-roomba-stv" - -homebridge_rtsp_vcodec: "h264_omx" -homebridge_rtsp_debug: "false" -homebridge_rtsp_max_streams: 5 - -homebridge_roomba_auto_refresh: "true" -homebridge_roomba_keep_alive: "true" -homebridge_roomba_cache_TTL: "30" diff -r fd351734f007 -r 2556522a2a45 roles/homebridge/handlers/main.yaml --- a/roles/homebridge/handlers/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ ---- - -- name: restart homebridge service - systemd: name="homebridge" state="restarted" daemon_reload="yes" - become: yes diff -r fd351734f007 -r 2556522a2a45 roles/homebridge/meta/main.yaml --- a/roles/homebridge/meta/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,4 +0,0 @@ ---- - -dependencies: - - nodejs diff -r fd351734f007 -r 2556522a2a45 roles/homebridge/tasks/main.yaml --- a/roles/homebridge/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,56 +0,0 @@ ---- - -- name: create homebridge user - become: yes - user: - name: "{{homebridge_user}}" - comment: "Homebridge" - shell: "/bin/false" - home: "{{homebridge_dir}}" - groups: "video,spi,i2c,gpio" - move_home: yes - notify: restart homebridge service - -- name: create homebridge directory - become: yes - file: - path: "{{homebridge_dir}}" - state: "directory" - owner: "{{homebridge_user}}" - group: "{{homebridge_user}}" - mode: "0755" - -- name: install homebridge apt deps - become: yes - apt: name="{{homebridge_apt_packages}}" - -- name: install homebridge - become: yes - become_user: "{{homebridge_user}}" - npm: name="homebridge" global="yes" - notify: restart homebridge service - -- name: install platform accessories - become: yes - become_user: "{{homebridge_user}}" - npm: name="{{item}}" global="yes" - notify: restart homebridge service - with_items: "{{homebridge_npm_packages}}" - -- name: configure homebridge - become: yes - template: - src: "config.json.j2" - dest: "{{homebridge_dir}}/config.json" - notify: restart homebridge service - -- name: configure systemd service - become: yes - template: - src: "homebridge.service.j2" - dest: "/lib/systemd/system/homebridge.service" - notify: restart homebridge service - -- name: ensure homebridge is started - become: yes - systemd: name="homebridge.service" enabled="yes" state="started" diff -r fd351734f007 -r 2556522a2a45 roles/homebridge/templates/config.json.j2 --- a/roles/homebridge/templates/config.json.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,48 +0,0 @@ -{ - "bridge": { - "name": "Homebridge", - "username": "{{ansible_default_ipv4.macaddress | upper}}", - "port": {{homebridge_port}}, - "pin": "{{homebridge_pin}}" - }, - - "description": "Homebridge", - - "platforms": [ - - {"platform": "Camera-ffmpeg", - "cameras": [ - - {% for cam in homebridge_rtsp_cams %} - {"name": "{{cam.name}}", "videoConfig": { - "source": "-i {{cam.rtsp_url}}", - "stillImageSource": "-i {{cam.rtsp_url}} -vframes 1 -r 1", - "vcodec": "{{homebridge_rtsp_vcodec}}", - "maxStreams": {{homebridge_rtsp_max_streams}}, - "debug": {{homebridge_rtsp_debug}} - } - {% if not loop.last %} - }, - {% else %} - } - {% endif %} - {% endfor %} - ]} - - ], - - "accessories": [ - { - "accessory": "Roomba", - "name": "Roomba", - "model": "{{homebridge_roomba_model}}", - "blid": "{{homebridge_roomba_blid}}", - "robotpwd": "{{homebridge_roomba_passwd}}", - "ipaddress": "{{homebridge_roomba_ip}}", - "autoRefreshEnabled": {{homebridge_roomba_auto_refresh}}, - "keepAliveEnabled": {{homebridge_roomba_keep_alive}}, - "cacheTTL": {{homebridge_roomba_cache_TTL}} - } - ] - -} diff -r fd351734f007 -r 2556522a2a45 roles/homebridge/templates/homebridge.service.j2 --- a/roles/homebridge/templates/homebridge.service.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -# {{ansible_managed}} - -[Unit] -Description=Homebridge - -[Service] -User={{homebridge_user}} -Group={{homebridge_user}} -Restart=always -RestartSec={{homebridge_restart_sec}} - -WorkingDirectory={{homebridge_dir}} -ExecStart=/usr/bin/node /opt/{{nodejs_dir}}/bin/homebridge -U {{homebridge_dir}} - -[Install] -WantedBy=default.target diff -r fd351734f007 -r 2556522a2a45 roles/mercurial/files/mercurial-s3-backup.sh --- a/roles/mercurial/files/mercurial-s3-backup.sh Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,10 +0,0 @@ -#!/bin/bash - -BUCKET=$1 -DATE=`date --iso-8601` -BACKUP_DIR=$2 -BACKUP_TAR="/tmp/$BUCKET-$DATE.tgz" - -tar -zc -f $BACKUP_TAR $BACKUP_DIR -aws s3 mb "s3://$BUCKET/" -aws s3 cp $BACKUP_TAR "s3://$BUCKET/" diff -r fd351734f007 -r 2556522a2a45 roles/mercurial/handlers/main.yaml --- a/roles/mercurial/handlers/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ ---- - -- name: reload s3 backup service - systemd: name="mercurial-s3-backup@{{mercurial_s3_backup_bucket}}.service" enabled="yes" daemon_reload="yes" - become: yes diff -r fd351734f007 -r 2556522a2a45 roles/mercurial/tasks/main.yaml --- a/roles/mercurial/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,23 +0,0 @@ ---- - -- name: install mercurial - become: yes - apt: name="mercurial" - -- name: create mercurial s3 backup shell script - become: yes - copy: - src: "mercurial-s3-backup.sh" - dest: "/usr/local/bin/mercurial-s3-backup.sh" - mode: "0755" - -- name: configure mercurial s3 backup systemd service - become: yes - template: - src: "mercurial-s3-backup@.service.j2" - dest: "/lib/systemd/system/mercurial-s3-backup@{{mercurial_s3_backup_bucket}}.service" - notify: reload s3 backup service - -- name: ensure mercurial s3 backup service is started - become: yes - systemd: name="mercurial-s3-backup@{{mercurial_s3_backup_bucket}}.service" enabled="yes" diff -r fd351734f007 -r 2556522a2a45 roles/mercurial/templates/mercurial-s3-backup@.service.j2 --- a/roles/mercurial/templates/mercurial-s3-backup@.service.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,9 +0,0 @@ -[Unit] -Description=Mercurial s3 backup for "%I" - -[Service] -Type=oneshot -ExecStart=/usr/local/bin/mercurial-s3-backup.sh %i "{{mercurial_s3_backup_dir}}" - -[Install] -WantedBy=aws-s3-backup.target diff -r fd351734f007 -r 2556522a2a45 roles/nodejs/defaults/main.yaml --- a/roles/nodejs/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,7 +0,0 @@ ---- - -nodejs_tag: "latest-v11.x" -nodejs_version: "11.15.0" -nodejs_arch: "{{ansible_architecture}}" -nodejs_dir: "node-v{{nodejs_version}}-{{ansible_system | lower}}-{{nodejs_arch}}" -nodejs_src: "https://nodejs.org/dist/{{nodejs_tag}}/{{nodejs_dir}}.tar.gz" diff -r fd351734f007 -r 2556522a2a45 roles/nodejs/tasks/main.yaml --- a/roles/nodejs/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ ---- - -- name: download and unarchive nodejs - become: yes - unarchive: - src: "https://nodejs.org/dist/{{nodejs_tag}}/{{nodejs_dir}}.tar.xz" - dest: "/opt/" - remote_src: yes - creates: "/opt/{{nodejs_dir}}" - -# sudo update-alternatives --install "/usr/bin/node" "node" "/opt/node/bin/node" 1 -- name: update node alterantives - become: yes - alternatives: - link: "/usr/bin/{{item}}" - name: "{{item}}" - path: "/opt/{{nodejs_dir}}/bin/{{item}}" - priority: "1" - with_items: - - "node" - - "npm" diff -r fd351734f007 -r 2556522a2a45 roles/plex/handlers/main.yaml --- a/roles/plex/handlers/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ ---- - -- name: restart plex service - systemd: name="plexmediaserver" state="restarted" daemon_reload="yes" - become: yes diff -r fd351734f007 -r 2556522a2a45 roles/plex/tasks/main.yaml --- a/roles/plex/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ ---- - -# https://forums.plex.tv/t/read-me-first-about-server-armv7-and-armv8-ubuntu-debian/226567 - -- name: add plex apt key - become: yes - apt_key: url="https://downloads.plex.tv/plex-keys/PlexSign.key" - -- name: add plex apt repo - become: yes - apt_repository: repo="deb http://downloads.plex.tv/repo/deb public main" - notify: restart plex service - -- name: update apt package cache - become: yes - apt: upgrade="dist" update_cache="yes" cache_valid_time="3600" - -- name: install plex server - become: yes - apt: name="plexmediaserver" - notify: restart plex service diff -r fd351734f007 -r 2556522a2a45 roles/prometheus/client/tasks/main.yaml --- a/roles/prometheus/client/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,4 +0,0 @@ ---- - -- name: install prometheus node exporter - apt: name="prometheus-node-exportery" diff -r fd351734f007 -r 2556522a2a45 roles/prometheus/server/tasks/main.yaml --- a/roles/prometheus/server/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,19 +0,0 @@ ---- - -- name: add grafana apt key - become: yes - apt_key: url="https://packages.grafana.com/gpg.key" - -- name: add grafana apt repo - become: yes - apt_repository: repo="deb https://packages.grafana.com/oss/deb stable main" - -- name: install prometheus and grafana - become: yes - apt: name="{{item}}" state="latest" - with_items: - - "prometheus" - - "grafana" - -# /etc/prometheus/prometheus.yml -# /etc/grafana/grafana.ini diff -r fd351734f007 -r 2556522a2a45 roles/transmission/defaults/main.yaml --- a/roles/transmission/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,6 +0,0 @@ ---- - -transmission_config: "/var/lib/transmission-daemon/info/settings.json" -transmission_port: "9091" -transmission_passwd: "transmission" -transmission_download_dir: "/var/lib/transmission-daemon/downloads" diff -r fd351734f007 -r 2556522a2a45 roles/transmission/handlers/main.yaml --- a/roles/transmission/handlers/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ ---- - -- name: restart transmission service - systemd: name="transmission-daemon" state="restarted" daemon_reload="yes" - become: yes diff -r fd351734f007 -r 2556522a2a45 roles/transmission/tasks/main.yaml --- a/roles/transmission/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,70 +0,0 @@ ---- - -- name: install transmission - become: yes - apt: name="transmission-daemon" - notify: restart transmission service - -- name: stop transmission service - systemd: name="transmission-daemon" state="stopped" daemon_reload="yes" - become: yes - -- name: config ip whitelist - become: yes - lineinfile: - path: "{{transmission_config}}" - regexp: '^ "rpc-whitelist":' - line: ' "rpc-whitelist": "127.0.0.1,192.168.*.*",' - notify: restart transmission service - -- name: config umask - become: yes - lineinfile: - path: "{{transmission_config}}" - regexp: '^ "umask":' - line: ' "umask": 2,' - notify: restart transmission service - -- name: config port - become: yes - lineinfile: - path: "{{transmission_config}}" - regexp: '^ "rpc-port":' - line: " \"rpc-port\": {{transmission_port}}," - notify: restart transmission service - -- name: config password - become: yes - lineinfile: - path: "{{transmission_config}}" - regexp: '^ "rpc-password":' - line: " \"rpc-password\": \"{{transmission_passwd}}\"," - notify: restart transmission service - -- name: config download dir - become: yes - lineinfile: - path: "{{transmission_config}}" - regexp: '^ "download-dir":' - line: " \"download-dir\": \"{{transmission_download_dir}}\"," - notify: restart transmission service - -- name: config disable seeding - become: yes - lineinfile: - path: "{{transmission_config}}" - regexp: '^ "idle-seeding-limit":' - line: " \"idle-seeding-limit\": 0," - notify: restart transmission service - -- name: config disable seeding - become: yes - lineinfile: - path: "{{transmission_config}}" - regexp: '^ "idle-seeding-limit-enabled":' - line: " \"idle-seeding-limit-enabled\": true," - notify: restart transmission service - -- name: start transmission service - systemd: name="transmission-daemon" state="started" daemon_reload="yes" - become: yes diff -r fd351734f007 -r 2556522a2a45 roles/writefreely/defaults/main.yaml --- a/roles/writefreely/defaults/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,9 +0,0 @@ ---- - -writefreely_version: "0.11.2" -writefreely_release: "https://github.com/writeas/writefreely/releases/download/v{{writefreely_version}}/writefreely_{{writefreely_version}}_linux_arm7.tar.gz" - -writefreely_install_path: "/opt/writefreely" - -writefreely_apt_packages: - - "mysql" diff -r fd351734f007 -r 2556522a2a45 roles/writefreely/tasks/main.yaml --- a/roles/writefreely/tasks/main.yaml Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,8 +0,0 @@ ---- - -- name: install apt packages - apt: name="{{writefreely_apt_packages}}" - -- name: download writefreely - archive: - src: "{{writefreely_release}}" diff -r fd351734f007 -r 2556522a2a45 roles/writefreely/templates/config.ini.j2 --- a/roles/writefreely/templates/config.ini.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,44 +0,0 @@ -[server] -hidden_host = -port = {{writefreely_server_port}} -bind = localhost -tls_cert_path = -tls_key_path = -autocert = true -templates_parent_dir = -static_parent_dir = -pages_parent_dir = -keys_parent_dir = - -[database] -type = sqlite3 -filename = {{writefreely_db_name}}.db -username = -password = -database = -host = localhost -port = 3306 - -[app] -site_name = {{writefreely_site_name}} -site_description = {{writefreely_site_desc}} -host = {{writefreely_site_host}} -theme = write -editor = -disable_js = false -webfonts = true -landing = -simple_nav = false -wf_modesty = false -chorus = false -disable_drafts = false -single_user = true -open_registration = false -min_username_len = 3 -max_blogs = 1 -federation = true -public_stats = true -private = false -local_timeline = false -user_invites = -default_visibility = diff -r fd351734f007 -r 2556522a2a45 roles/writefreely/templates/writefreely.service.j2 --- a/roles/writefreely/templates/writefreely.service.j2 Sun Feb 09 11:59:05 2020 -0600 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,11 +0,0 @@ -[Unit] -Description=WriteFreely %I Instance -After=syslog.target network.target - -[Service] -WorkingDirectory=/run/writefreely/%i -ExecStart=/usr/local/bin/writefreely -c /etc/writefreely/%i.conf -Restart=always - -[Install] -WantedBy=multi-user.target diff -r fd351734f007 -r 2556522a2a45 transmission/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/transmission/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,6 @@ +--- + +transmission_config: "/var/lib/transmission-daemon/info/settings.json" +transmission_port: "9091" +transmission_passwd: "transmission" +transmission_download_dir: "/var/lib/transmission-daemon/downloads" diff -r fd351734f007 -r 2556522a2a45 transmission/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/transmission/handlers/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,5 @@ +--- + +- name: restart transmission service + systemd: name="transmission-daemon" state="restarted" daemon_reload="yes" + become: yes diff -r fd351734f007 -r 2556522a2a45 transmission/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/transmission/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,70 @@ +--- + +- name: install transmission + become: yes + apt: name="transmission-daemon" + notify: restart transmission service + +- name: stop transmission service + systemd: name="transmission-daemon" state="stopped" daemon_reload="yes" + become: yes + +- name: config ip whitelist + become: yes + lineinfile: + path: "{{transmission_config}}" + regexp: '^ "rpc-whitelist":' + line: ' "rpc-whitelist": "127.0.0.1,192.168.*.*",' + notify: restart transmission service + +- name: config umask + become: yes + lineinfile: + path: "{{transmission_config}}" + regexp: '^ "umask":' + line: ' "umask": 2,' + notify: restart transmission service + +- name: config port + become: yes + lineinfile: + path: "{{transmission_config}}" + regexp: '^ "rpc-port":' + line: " \"rpc-port\": {{transmission_port}}," + notify: restart transmission service + +- name: config password + become: yes + lineinfile: + path: "{{transmission_config}}" + regexp: '^ "rpc-password":' + line: " \"rpc-password\": \"{{transmission_passwd}}\"," + notify: restart transmission service + +- name: config download dir + become: yes + lineinfile: + path: "{{transmission_config}}" + regexp: '^ "download-dir":' + line: " \"download-dir\": \"{{transmission_download_dir}}\"," + notify: restart transmission service + +- name: config disable seeding + become: yes + lineinfile: + path: "{{transmission_config}}" + regexp: '^ "idle-seeding-limit":' + line: " \"idle-seeding-limit\": 0," + notify: restart transmission service + +- name: config disable seeding + become: yes + lineinfile: + path: "{{transmission_config}}" + regexp: '^ "idle-seeding-limit-enabled":' + line: " \"idle-seeding-limit-enabled\": true," + notify: restart transmission service + +- name: start transmission service + systemd: name="transmission-daemon" state="started" daemon_reload="yes" + become: yes diff -r fd351734f007 -r 2556522a2a45 writefreely/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/writefreely/defaults/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,9 @@ +--- + +writefreely_version: "0.11.2" +writefreely_release: "https://github.com/writeas/writefreely/releases/download/v{{writefreely_version}}/writefreely_{{writefreely_version}}_linux_arm7.tar.gz" + +writefreely_install_path: "/opt/writefreely" + +writefreely_apt_packages: + - "mysql" diff -r fd351734f007 -r 2556522a2a45 writefreely/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/writefreely/tasks/main.yaml Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,8 @@ +--- + +- name: install apt packages + apt: name="{{writefreely_apt_packages}}" + +- name: download writefreely + archive: + src: "{{writefreely_release}}" diff -r fd351734f007 -r 2556522a2a45 writefreely/templates/config.ini.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/writefreely/templates/config.ini.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,44 @@ +[server] +hidden_host = +port = {{writefreely_server_port}} +bind = localhost +tls_cert_path = +tls_key_path = +autocert = true +templates_parent_dir = +static_parent_dir = +pages_parent_dir = +keys_parent_dir = + +[database] +type = sqlite3 +filename = {{writefreely_db_name}}.db +username = +password = +database = +host = localhost +port = 3306 + +[app] +site_name = {{writefreely_site_name}} +site_description = {{writefreely_site_desc}} +host = {{writefreely_site_host}} +theme = write +editor = +disable_js = false +webfonts = true +landing = +simple_nav = false +wf_modesty = false +chorus = false +disable_drafts = false +single_user = true +open_registration = false +min_username_len = 3 +max_blogs = 1 +federation = true +public_stats = true +private = false +local_timeline = false +user_invites = +default_visibility = diff -r fd351734f007 -r 2556522a2a45 writefreely/templates/writefreely.service.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/writefreely/templates/writefreely.service.j2 Sun Feb 09 12:05:37 2020 -0600 @@ -0,0 +1,11 @@ +[Unit] +Description=WriteFreely %I Instance +After=syslog.target network.target + +[Service] +WorkingDirectory=/run/writefreely/%i +ExecStart=/usr/local/bin/writefreely -c /etc/writefreely/%i.conf +Restart=always + +[Install] +WantedBy=multi-user.target