From 0b6010e3a6d1ba027fc7bc0f88cf02cf4ac53c4f Mon Sep 17 00:00:00 2001 From: Christian Schnidrig Date: Sun, 26 Feb 2017 22:22:25 +0100 Subject: [PATCH] Upgrade to openhab 2 letsencrypt --- .gitignore | 1 + .project | 11 +++ fix_nfs.yml | 4 +- group_vars/all/defaults | 4 +- group_vars/all/vault.sample | 10 ++- group_vars/controller | 25 ++++--- inventory | 6 +- manual.txt | 16 ++++ raspi.yml | 3 +- roles/openhab2/handlers/main.yml | 5 ++ roles/openhab2/tasks/backup.yml | 11 +++ roles/openhab2/tasks/dynv6.yml | 11 +++ roles/openhab2/tasks/habmin.yml | 32 ++++++++ roles/openhab2/tasks/letsencrypt.yml | 27 +++++++ roles/openhab2/tasks/main.yml | 15 ++++ roles/openhab2/tasks/mysql.yml | 29 +++++++ roles/openhab2/tasks/nfs.yml | 31 ++++++++ roles/openhab2/tasks/nginx.yml | 83 +++++++++++++++++++++ roles/openhab2/tasks/openhab.yml | 20 +++++ roles/openhab2/tasks/packages.yml | 20 +++++ roles/openhab2/tasks/repo.old.yml | 22 ++++++ roles/openhab2/tasks/repo.yml | 22 ++++++ roles/openhab2/templates/backup.sh.j2 | 11 +++ roles/openhab2/templates/dynv6.sh.j2 | 49 ++++++++++++ roles/openhab2/templates/nginx.conf.j2 | 30 ++++++++ roles/openhab2/templates/nginx.init.conf.j2 | 24 ++++++ roles/raspberry/files/alias | 5 ++ roles/raspberry/tasks/main.yml | 2 + roles/raspberry/tasks/packages.yml | 1 + roles/raspberry/tasks/skeleton.yml | 19 +++++ 30 files changed, 533 insertions(+), 16 deletions(-) create mode 100644 .gitignore create mode 100644 .project create mode 100644 manual.txt create mode 100644 roles/openhab2/handlers/main.yml create mode 100644 roles/openhab2/tasks/backup.yml create mode 100644 roles/openhab2/tasks/dynv6.yml create mode 100644 roles/openhab2/tasks/habmin.yml create mode 100644 roles/openhab2/tasks/letsencrypt.yml create mode 100644 roles/openhab2/tasks/main.yml create mode 100644 roles/openhab2/tasks/mysql.yml create mode 100644 roles/openhab2/tasks/nfs.yml create mode 100644 roles/openhab2/tasks/nginx.yml create mode 100644 roles/openhab2/tasks/openhab.yml create mode 100644 roles/openhab2/tasks/packages.yml create mode 100644 roles/openhab2/tasks/repo.old.yml create mode 100644 roles/openhab2/tasks/repo.yml create mode 100644 roles/openhab2/templates/backup.sh.j2 create mode 100644 roles/openhab2/templates/dynv6.sh.j2 create mode 100644 roles/openhab2/templates/nginx.conf.j2 create mode 100644 roles/openhab2/templates/nginx.init.conf.j2 create mode 100644 roles/raspberry/files/alias create mode 100644 roles/raspberry/tasks/skeleton.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b692fd1 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +vault_password diff --git a/.project b/.project new file mode 100644 index 0000000..c011fc5 --- /dev/null +++ b/.project @@ -0,0 +1,11 @@ + + + openhab-ansible + + + + + + + + diff --git a/fix_nfs.yml b/fix_nfs.yml index e28ad26..92d15c4 100644 --- a/fix_nfs.yml +++ b/fix_nfs.yml @@ -1,8 +1,8 @@ --- -- hosts: controller +- hosts: raspis become: true tasks: - service: name=rpcbind state=restarted - service: name=nfs-kernel-server state=restarted - - shell: chmod -R ugo+w /etc/openhab + - shell: chmod -R ugo+w /etc/openhab* diff --git a/group_vars/all/defaults b/group_vars/all/defaults index 6207a3d..336aa52 100644 --- a/group_vars/all/defaults +++ b/group_vars/all/defaults @@ -8,7 +8,7 @@ apt_config: cache_valid_time: 7200 jdk: - - oracle-java7-jdk + - oracle-java8-jdk #- oracle-java7-installer #- oracle-java7-set-default @@ -20,5 +20,5 @@ ntp: #- "3.ch.pool.ntp.org" - +letsencrypt_email: "{{vault_letsencrypt_email}}" diff --git a/group_vars/all/vault.sample b/group_vars/all/vault.sample index a016085..7c92c33 100644 --- a/group_vars/all/vault.sample +++ b/group_vars/all/vault.sample @@ -5,6 +5,14 @@ #vault_graphite_server: #vault_openhab_config_repo: - +#vault_nginx_user: user +#vault_nginx_password: passwd + +#vault_dynv6_name: "myhost.dynv6.net" +#vault_dynv6_device: "" +#vault_dynv6_token: 'mytoken' + +#vault_letsencrypt_email: myname@domain.com +#vault_fqdn: "example.com" diff --git a/group_vars/controller b/group_vars/controller index b0fba12..ad69920 100644 --- a/group_vars/controller +++ b/group_vars/controller @@ -1,17 +1,24 @@ --- -bindings: - - astro - - ntp - - rfxcom - - weather - - mqtt +#bindings: +# - astro +# - ntp +# - rfxcom +# - weather +# - mqtt +# - zwave -persistence: - - mqtt +#persistence: +# - mqtt +# - mysql graphite_server: "{{vault_graphite_server}}" +nginx_user: "{{vault_nginx_user}}" +nginx_password: "{{vault_nginx_password}}" +dynv6_name: "{{vault_dynv6_name}}" +dynv6_device: "{{vault_dynv6_device}}" +dynv6_token: "{{vault_dynv6_token}}" - +fqdn: "{{vault_fqdn}}" diff --git a/inventory b/inventory index dfe490b..a40b247 100644 --- a/inventory +++ b/inventory @@ -1,3 +1,7 @@ [controller] -192.168.1.5 ansible_ssh_user=pi +192.168.1.7 ansible_ssh_user=pi + +[raspis] +192.168.1.5 ansible_ssh_user=pi +192.168.1.7 ansible_ssh_user=pi diff --git a/manual.txt b/manual.txt new file mode 100644 index 0000000..a700873 --- /dev/null +++ b/manual.txt @@ -0,0 +1,16 @@ +http://192.168.1.7:8080/ + -> select standard (recommeded) + +-> paper UI + -> extensions + + bindings: + - astro + - ntp + - rfxcom + - weather + - mqtt + - zwave + persistence: + - mqtt + - mysql diff --git a/raspi.yml b/raspi.yml index 458e62c..92d74f9 100644 --- a/raspi.yml +++ b/raspi.yml @@ -2,9 +2,10 @@ - hosts: controller become: true + gather_facts: no roles: - raspberry - mqttwarn - - openhab + - openhab2 diff --git a/roles/openhab2/handlers/main.yml b/roles/openhab2/handlers/main.yml new file mode 100644 index 0000000..2ccf689 --- /dev/null +++ b/roles/openhab2/handlers/main.yml @@ -0,0 +1,5 @@ +--- + +- name: restart nginx + service: name=nginx state=restarted + diff --git a/roles/openhab2/tasks/backup.yml b/roles/openhab2/tasks/backup.yml new file mode 100644 index 0000000..2492830 --- /dev/null +++ b/roles/openhab2/tasks/backup.yml @@ -0,0 +1,11 @@ +--- + +- name: create backup script + template: + src: backup.sh.j2 + dest: "/root/backup" + owner: root + group: root + mode: "u=rwx,g=r,o=r" + tags: + - backup diff --git a/roles/openhab2/tasks/dynv6.yml b/roles/openhab2/tasks/dynv6.yml new file mode 100644 index 0000000..dc25382 --- /dev/null +++ b/roles/openhab2/tasks/dynv6.yml @@ -0,0 +1,11 @@ +--- + +- name: install dynv6 update script + template: + src: dynv6.sh.j2 + dest: "/root/dynv6.sh" + owner: root + group: root + mode: "u=rwx,g=r,o=r" + tags: + - dynv6 diff --git a/roles/openhab2/tasks/habmin.yml b/roles/openhab2/tasks/habmin.yml new file mode 100644 index 0000000..a88dfd1 --- /dev/null +++ b/roles/openhab2/tasks/habmin.yml @@ -0,0 +1,32 @@ +--- + + +- name: download HABmin + get_url: + url: https://github.com/cdjackson/HABmin/archive/master.zip + dest: /root/habmin_master.zip + mode: 0444 + tags: + - habmin + + +- name: unzip + unarchive: + remote_src: yes + src: /root/habmin_master.zip + dest: /usr/share/openhab/webapps/ + creates: "/usr/share/openhab/webapps/habmin" + tags: + - habmin + +- name: rename + command: creates="/usr/share/openhab/webapps/habmin" mv "/usr/share/openhab/webapps/HABmin-master" "/usr/share/openhab/webapps/habmin" + tags: + - habmin + +- name: install addon + command: creates="/usr/share/openhab/addons/org.openhab.io.habmin-1.8.0.jar" mv "/usr/share/openhab/webapps/habmin/addons/org.openhab.io.habmin-1.7.0-SNAPSHOT.jar" "/usr/share/openhab/addons/org.openhab.io.habmin-1.8.0.jar" + tags: + - habmin + + diff --git a/roles/openhab2/tasks/letsencrypt.yml b/roles/openhab2/tasks/letsencrypt.yml new file mode 100644 index 0000000..ffb508c --- /dev/null +++ b/roles/openhab2/tasks/letsencrypt.yml @@ -0,0 +1,27 @@ +--- + +- name: download certbot + get_url: + url: https://dl.eff.org/certbot-auto + dest: /root/certbot-auto + mode: 0540 + tags: + - letsencrypt + +- name: get certificate + #shell: '/root/certbot-auto -n run --test-cert --nginx --agree-tos --email {{letsencrypt_email}} --cert-path /etc/nginx/ssl/cert.pem --key-path /etc/nginx/ssl/cert.key --fullchain-path /etc/nginx/ssl/chain.pem -d {{fqdn}}' + shell: '/root/certbot-auto -n run --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}' + tags: + - letsencrypt + + +- name: cron job + cron: + name: "get new certificate" + minute: "0" + hour: "5" + day: "11" + job: '/root/certbot-auto -n certonly --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}' + tags: + - letsencrypt + diff --git a/roles/openhab2/tasks/main.yml b/roles/openhab2/tasks/main.yml new file mode 100644 index 0000000..bd86c90 --- /dev/null +++ b/roles/openhab2/tasks/main.yml @@ -0,0 +1,15 @@ +--- + +- include: repo.yml +- include: packages.yml +- include: openhab.yml +#- include: habmin.yml +- include: nfs.yml +- include: mysql.yml +- include: backup.yml +- include: nginx.yml +- include: dynv6.yml +- include: letsencrypt.yml + + + diff --git a/roles/openhab2/tasks/mysql.yml b/roles/openhab2/tasks/mysql.yml new file mode 100644 index 0000000..7ba81f2 --- /dev/null +++ b/roles/openhab2/tasks/mysql.yml @@ -0,0 +1,29 @@ +--- + +- name: install mysql packages + apt: + pkg: "{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: + - mysql-server + - python-mysqldb + tags: + - mysql + +- name: Create openhab database + mysql_db: + name: openhab2 + state: present + tags: + - mysql + +- mysql_user: + name: openhab2 + password: openhab2 + priv: '*.*:ALL' + state: present + tags: + - mysql + + diff --git a/roles/openhab2/tasks/nfs.yml b/roles/openhab2/tasks/nfs.yml new file mode 100644 index 0000000..44bda95 --- /dev/null +++ b/roles/openhab2/tasks/nfs.yml @@ -0,0 +1,31 @@ +--- + +- name: ensure packages are installed + apt: + pkg: "{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: + - nfs-common + - nfs-kernel-server + tags: + - packages + - nfs + - openhab2 + +- name: update /etc/exports + lineinfile: + dest=/etc/exports + regexp="^{{item.mount_point}}\s.*" + line="{{item.mount_point}} {{item.options}}" + notify: update exportfs + with_items: + - { mount_point: "/etc/openhab2", options: "*(rw,sync,no_subtree_check,all_squash)" } + - { mount_point: "/var/lib/openhab2", options: "*(rw,sync,no_subtree_check,all_squash)" } + tags: + - nfs + - nfsconfig + - openhab2 + + + diff --git a/roles/openhab2/tasks/nginx.yml b/roles/openhab2/tasks/nginx.yml new file mode 100644 index 0000000..8e4e4a4 --- /dev/null +++ b/roles/openhab2/tasks/nginx.yml @@ -0,0 +1,83 @@ +--- + +- name: create nginx config + template: + src: nginx.conf.j2 + dest: "/etc/nginx/sites-available/openhab.conf" + owner: root + group: root + mode: "u=rwx,g=r,o=r" + notify: restart nginx + tags: + - nginx + +- stat: path=/etc/letsencrypt/live/schnidrig.dynv6.net/fullchain.pem + register: letsencrypt_cert + tags: + - nginx + +- name: overwrite nginx config for letsencrypt initialisation + template: + src: nginx.init.conf.j2 + dest: "/etc/nginx/sites-available/openhab.conf" + owner: root + group: root + mode: "u=rwx,g=r,o=r" + notify: restart nginx + when: letsencrypt_cert.stat.exists == false + tags: + - nginx + +- name: create nginx passwd file + htpasswd: + name: "{{nginx_user}}" + password: "{{nginx_password}}" + path: "/etc/nginx/htpasswd" + owner: root + group: root + mode: "u=rw" + notify: restart nginx + tags: + - nginx + +- name: remove default site + file: + dest: /etc/nginx/sites-enabled/default + state: absent + notify: restart nginx + tags: + - nginx + +- name: enable openhab site + file: + src: /etc/nginx/sites-available/openhab.conf + dest: /etc/nginx/sites-enabled/openhab.conf + state: link + notify: restart nginx + tags: + - nginx + + +- name: ssl dir + file: + dest: /etc/nginx/ssl + state: directory + tags: + - nginx + +- name: create self singed certificate + command: 'openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=CH/ST=AG/L=Niederlenz/O=none/OU=none/CN=schnidrig.dynv6.net"' + args: + creates: "/etc/nginx/ssl/nginx.crt" + tags: + - nginx + +- name: gen dhparam + command: 'openssl dhparam -outform PEM -out /etc/nginx/ssl/dhparam2048.pem 2048' + args: + creates: "/etc/nginx/ssl/dhparam2048.pem" + notify: restart nginx + tags: + - nginx + + diff --git a/roles/openhab2/tasks/openhab.yml b/roles/openhab2/tasks/openhab.yml new file mode 100644 index 0000000..af2eb17 --- /dev/null +++ b/roles/openhab2/tasks/openhab.yml @@ -0,0 +1,20 @@ +--- + +- name: + user: + name: openhab + groups: "dialout" + append: yes + tags: + - openhab2 + - user + +- name: "configure systemd" + systemd: + name: openhab2 + daemon_reload: yes + enabled: true + state: started + tags: + - openhab2 + diff --git a/roles/openhab2/tasks/packages.yml b/roles/openhab2/tasks/packages.yml new file mode 100644 index 0000000..bc4ef80 --- /dev/null +++ b/roles/openhab2/tasks/packages.yml @@ -0,0 +1,20 @@ +--- + +- name: install openhab packages + apt: + pkg: "{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: + - "{{jdk}}" + - openhab2 + - openhab2-addons + - openhab2-addons-legacy + - sysstat + - nginx + - python-passlib + tags: + - packages + - openhab2 + + diff --git a/roles/openhab2/tasks/repo.old.yml b/roles/openhab2/tasks/repo.old.yml new file mode 100644 index 0000000..c4da271 --- /dev/null +++ b/roles/openhab2/tasks/repo.old.yml @@ -0,0 +1,22 @@ +--- + +# http://docs.openhab.org/installation/linux.html#package-repository-installation + +- name: install ppa key + apt_key: + url: "http://www.openhab.org/keys/public-key-snapshots.asc" + state: present + tags: + - repo + - openhab2 + +- name: install openhab2 repo + apt_repository: + repo: 'deb https://openhab.ci.cloudbees.com/job/openHAB-Distribution/ws/distributions/openhab-offline/target/apt-repo/ /' + state: present + update_cache: yes + filename: openhab2 + tags: + - repo + - openhab2 + diff --git a/roles/openhab2/tasks/repo.yml b/roles/openhab2/tasks/repo.yml new file mode 100644 index 0000000..c9fcb0e --- /dev/null +++ b/roles/openhab2/tasks/repo.yml @@ -0,0 +1,22 @@ +--- + +# http://docs.openhab.org/installation/linux.html#package-repository-installation + +- name: install ppa key + apt_key: + url: "https://bintray.com/user/downloadSubjectPublicKey?username=openhab" + state: present + tags: + - repo + - openhab2 + +- name: install openhab2 repo + apt_repository: + repo: 'deb http://dl.bintray.com/openhab/apt-repo2 testing main' + state: present + update_cache: yes + filename: openhab2 + tags: + - repo + - openhab2 + diff --git a/roles/openhab2/templates/backup.sh.j2 b/roles/openhab2/templates/backup.sh.j2 new file mode 100644 index 0000000..98ca0ab --- /dev/null +++ b/roles/openhab2/templates/backup.sh.j2 @@ -0,0 +1,11 @@ +# stop openhab instance (here: systemd service) +sudo systemctl stop openhab2.service + +# backup current installation with settings +TIMESTAMP=`date +%Y%m%d_%H%M%S`; +mkdir ~/openhab2-backup-$TIMESTAMP +cp -arv /etc/openhab2 ~/openhab2-backup-$TIMESTAMP/conf +cp -arv /var/lib/openhab2 ~/openhab2-backup-$TIMESTAMP/userdata + +# restart openhab instance +sudo systemctl start openhab2.service diff --git a/roles/openhab2/templates/dynv6.sh.j2 b/roles/openhab2/templates/dynv6.sh.j2 new file mode 100644 index 0000000..7c173da --- /dev/null +++ b/roles/openhab2/templates/dynv6.sh.j2 @@ -0,0 +1,49 @@ +#!/bin/sh -e +hostname="{{dynv6_name}}" +device="{{dynv6_device}}" +token="{{dynv6_token}}" +file=$HOME/.dynv6.addr6 +[ -e $file ] && old=`cat $file` + +if [ -z "$hostname" -o -z "$token" ]; then + echo "Usage: token= [netmask=64] $0 your-name.dynv6.net [device]" + exit 1 +fi + +if [ -z "$netmask" ]; then + netmask=128 +fi + +if [ -n "$device" ]; then + device="dev $device" +fi +address=$(ip -6 addr list scope global $device | grep -v " fd" | sed -n 's/.*inet6 \([0-9a-f:]\+\).*/\1/p' | head -n 1) + +if [ -e /usr/bin/curl ]; then + bin="curl -fsS" +elif [ -e /usr/bin/wget ]; then + bin="wget -O-" +else + echo "neither curl nor wget found" + exit 1 +fi + +if [ -z "$address" ]; then + echo "no IPv6 address found" + exit 1 +fi + +# address with netmask +current=$address/$netmask + +if [ "$old" = "$current" ]; then + echo "IPv6 address unchanged" + exit +fi + +# send addresses to dynv6 +$bin "http://dynv6.com/api/update?hostname=$hostname&ipv6=$current&token=$token" +#$bin "http://ipv4.dynv6.com/api/update?hostname=$hostname&ipv4=auto&token=$token" + +# save current address +echo $current > $file diff --git a/roles/openhab2/templates/nginx.conf.j2 b/roles/openhab2/templates/nginx.conf.j2 new file mode 100644 index 0000000..1998a51 --- /dev/null +++ b/roles/openhab2/templates/nginx.conf.j2 @@ -0,0 +1,30 @@ +server { + listen 80; + listen [::]:443 ssl; + server_name {{fqdn}}; + + ssl_certificate /etc/letsencrypt/live/schnidrig.dynv6.net/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/schnidrig.dynv6.net/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers EECDH+AESGCM:EDH+AESGCM:EECDH:EDH:!MD5:!RC4:!LOW:!MEDIUM:!CAMELLIA:!ECDSA:!DES:!DSS:!3DES:!NULL; + ssl_prefer_server_ciphers on; + ssl_dhparam /etc/nginx/ssl/dhparam2048.pem; + ssl_ecdh_curve secp384r1; + # check settings with: https://www.ssllabs.com/ssltest/analyze.html?d={{fqdn}} + + location / { + proxy_pass http://localhost:8080/; + proxy_buffering off; # openHAB supports non-buffering specifically for SSEs now + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + auth_basic "Openhab"; + auth_basic_user_file /etc/nginx/htpasswd; + } + location /.well-known/acme-challenge/ { + root /var/www/html; + } + +} diff --git a/roles/openhab2/templates/nginx.init.conf.j2 b/roles/openhab2/templates/nginx.init.conf.j2 new file mode 100644 index 0000000..9b819c4 --- /dev/null +++ b/roles/openhab2/templates/nginx.init.conf.j2 @@ -0,0 +1,24 @@ +server { + listen [::]:80; + listen [::]:443 ssl; + server_name schnidrig.dynv6.net; + + ssl_certificate /etc/nginx/ssl/nginx.crt; + ssl_certificate_key /etc/nginx/ssl/nginx.key; + + location / { + proxy_pass http://localhost:8080/; + proxy_buffering off; # openHAB supports non-buffering specifically for SSEs now + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + auth_basic "Openhab"; + auth_basic_user_file /etc/nginx/htpasswd; + } + location /.well-known/acme-challenge/ { + root /var/www/html; + } + +} diff --git a/roles/raspberry/files/alias b/roles/raspberry/files/alias new file mode 100644 index 0000000..8f3831d --- /dev/null +++ b/roles/raspberry/files/alias @@ -0,0 +1,5 @@ +alias openhablog='tail -n 100 -f /var/log/openhab2/openhab.log -f /var/log/openhab2/events.log' +alias openhablog2='multitail /var/log/openhab2/openhab.log /var/log/openhab2/events.log' +alias openhablog3='multitail /var/log/openhab2/openhab.log -ci yellow -I /var/log/openhab2/events.log' +alias ls='/bin/ls -aF --color=auto' +alias karafshell="sudo su -s /bin/bash -c '/usr/share/openhab2/runtime/bin/client' openhab" diff --git a/roles/raspberry/tasks/main.yml b/roles/raspberry/tasks/main.yml index 6b69f86..f70b500 100644 --- a/roles/raspberry/tasks/main.yml +++ b/roles/raspberry/tasks/main.yml @@ -4,6 +4,8 @@ - include: ntp.yml - include: timezone.yml - include: locale.yml +- include: skeleton.yml + diff --git a/roles/raspberry/tasks/packages.yml b/roles/raspberry/tasks/packages.yml index bf2ceac..c644a6d 100644 --- a/roles/raspberry/tasks/packages.yml +++ b/roles/raspberry/tasks/packages.yml @@ -11,6 +11,7 @@ - tmux - python-pip - git + - multitail tags: - packages diff --git a/roles/raspberry/tasks/skeleton.yml b/roles/raspberry/tasks/skeleton.yml new file mode 100644 index 0000000..bc89bb0 --- /dev/null +++ b/roles/raspberry/tasks/skeleton.yml @@ -0,0 +1,19 @@ +--- + +- name: alias + copy: + src: alias + dest: "/home/pi/.alias" + owner: pi + group: pi + mode: "u=rw,g=r,o=r" + tags: + - alias + +- name: update bashrc + lineinfile: + dest=/home/pi/.bashrc + line="test -s ~/.alias && . ~/.alias" + tags: + - alias +