mirrors/openhab-ansible
2
0
Fork 0
mirror of https://github.com/schnidrig/openhab-ansible synced 2026-01-11 16:38:47 +01:00
Code Issues Releases Wiki Activity

openhab 2.5 on raspi4

Browse Source
This commit is contained in:
Christian Schnidrig
2020-01-01 20:34:53 +01:00
parent caf4dcd77a
commit 0c652dfbd2
30 changed files with 203 additions and 185 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible.cfg
View File

@@ -1,4 +1,6 @@
[defaults]
interpreter_python = auto_silent
#interpreter_python = /usr/bin/python3
retry_files_enabled = False
vault_password_file = vault_password

9
group_vars/all/defaults
View File

@@ -7,17 +7,8 @@ apt_config:
update_cache: yes
cache_valid_time: 7200
jdk:
- oracle-java8-jdk
#- oracle-java7-installer
#- oracle-java7-set-default
ntp:
- "ntp.bluewin.ch"
#- "0.ch.pool.ntp.org"
#- "1.ch.pool.ntp.org"
#- "2.ch.pool.ntp.org"
#- "3.ch.pool.ntp.org"
letsencrypt_email: christian.schnidrig@gmail.com

2
group_vars/controller
View File

@@ -19,7 +19,9 @@ nginx_user: "{{ vault_nginx_user }}"
nginx_password: "{{ vault_nginx_password }}"
dynv6_name: "schnidrig.dynv6.net"
#dynv6_name: "raspi4.dynv6.net"
dynv6_device: "{{ vault_dynv6_device }}"
dynv6_token: "{{ vault_dynv6_token }}"
fqdn: "schnidrig.dynv6.net"
#fqdn: "raspi4.dynv6.net"

1
inventory
View File

@@ -1,6 +1,7 @@
[controller]
192.168.1.7 ansible_ssh_user=pi
192.168.1.12 ansible_ssh_user=pi
192.168.1.9 ansible_ssh_user=pi
[raspis]
#192.168.1.5 ansible_ssh_user=pi

4
roles/mqttwarn/tasks/main.yml
View File

@@ -1,4 +1,8 @@
---
- include: mosquitto.yml
tags:
- mosquitto
- include: mqttwarn.yml
tags:
- mqttwarn

12
roles/mqttwarn/tasks/mosquitto.yml
View File

@@ -1,16 +1,12 @@
---
- name: install main packages
- name: install mosquitto packages
apt:
pkg: "{{item}}"
pkg:
- mosquitto
- mosquitto-clients
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
with_items:
- mosquitto
- mosquitto-clients
tags:
- packages
- mosquitto

50
roles/mqttwarn/tasks/mqttwarn.apt.yml Normal file
View File

@@ -0,0 +1,50 @@
---
- name: install packages
apt:
pkg:
- python3-paho-mqtt
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
- name: install mqttwarn
vars:
ansible_python_interpreter: /usr/bin/python3
pip:
name: mqttwarn
- name: install config file
template:
src: mqttwarn.ini
dest: "/etc/mqttwarn.ini"
owner: root
group: root
mode: "u=rw,g=r,o=r"
notify: restart mqttwarn
tags:
- mqttwarnconfig
- name: create log dir
file:
dest: "/var/log/mqttwarn"
state: directory
owner: pi
group: pi
- name: install service file
template:
src: mqttwarn.service
dest: "/etc/systemd/system/mqttwarn.service"
owner: root
group: root
mode: "u=rw,g=r,o=r"
notify: restart mqttwarn
- name: "configure systemd"
systemd:
name: mqttwarn
daemon_reload: yes
enabled: true
state: started

12
roles/mqttwarn/tasks/mqttwarn.yml
View File

@@ -1,10 +1,12 @@
---
- pip:
name: "paho-mqtt"
tags:
- mqttwarn
- name: install packages
apt:
pkg:
- python-paho-mqtt
- python3-paho-mqtt
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
- git:
repo: "https://github.com/jpmens/mqttwarn.git"

3
roles/mqttwarn/templates/mqttwarn.service
View File

@@ -6,7 +6,10 @@ After=mosquitto.service
Type=simple
User=pi
Group=pi
#WorkingDirectory=/home/pi
WorkingDirectory=/opt/mqttwarn
#Environment="MQTTWARNINI=/etc/mqttwarn.ini"
#ExecStart=/usr/local/bin/mqttwarn
ExecStart=/opt/mqttwarn/mqttwarn.py
[Install]

2
roles/openhab2/tasks/backup.yml
View File

@@ -7,5 +7,3 @@
owner: root
group: root
mode: "u=rwx,g=r,o=r"
tags:
- backup

4
roles/openhab2/tasks/dynv6.yml
View File

@@ -7,8 +7,6 @@
owner: root
group: root
mode: "u=rwx,g=r,o=r"
tags:
- dynv6
- name: Cron file for dynv6
cron:
@@ -16,6 +14,4 @@
user: root
job: "/root/dynv6.sh"
cron_file: dynv6
tags:
- dynv6

41
roles/openhab2/tasks/letsencrypt.yml
View File

@@ -1,29 +1,24 @@
---
- name: download certbot
get_url:
url: https://dl.eff.org/certbot-auto
dest: /root/certbot-auto
mode: 0540
tags:
- letsencrypt
- name: ensure packages are installed
apt:
pkg:
- certbot
- python-certbot-nginx
- python3-certbot-nginx
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
- name: get certificate
#shell: '/root/certbot-auto -n run --test-cert --nginx --agree-tos --email {{letsencrypt_email}} --cert-path /etc/nginx/ssl/cert.pem --key-path /etc/nginx/ssl/cert.key --fullchain-path /etc/nginx/ssl/chain.pem -d {{fqdn}}'
shell: '/root/certbot-auto -n run --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'
tags:
- letsencrypt
shell: 'certbot -n run --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'
- name: cron job
cron:
name: "get new certificate"
minute: "0"
hour: "5"
day: "11"
job: '/root/certbot-auto -n certonly --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'
cron_file: letsencrypt
user: root
tags:
- letsencrypt
- letsencrypt_cron
# - name: cron job
# cron:
# name: "get new certificate"
# minute: "0"
# hour: "5"
# day: "11"
# job: 'certbot -n certonly --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'
# cron_file: letsencrypt
# user: root

33
roles/openhab2/tasks/main.yml
View File

@@ -1,19 +1,50 @@
---
- include: repo.yml
tags:
- repo
- openhab2
- include: packages.yml
tags:
- packages
- openhab2
- include: openhab.yml
tags:
- openhab
- openhab2
#- include: habmin.yml
- include: nfs.yml
tags:
- nfs
- openhab2
- include: mysql.yml
tags:
- mysql
- openhab2
- include: backup.yml
tags:
- backup
- openhab2
- include: nginx.yml
tags:
- nginx
- openhab2
- include: dynv6.yml
tags:
- dynv6
- openhab2
- include: letsencrypt.yml
tags:
- letsencrypt
- openhab2
- include: scripts.yml
tags:
- scripts
- openhab2
- include: gardena.yml
tags:
- gardena
- gardena
- openhab2

12
roles/openhab2/tasks/mysql.yml
View File

@@ -2,15 +2,11 @@
- name: install mysql packages
apt:
pkg: "{{item}}"
pkg:
- default-mysql-server
- python-mysqldb
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
with_items:
- mysql-server
- python-mysqldb
tags:
- mysql
- packages
- name: Create openhab database
mysql_db:
@@ -24,7 +20,5 @@
password: openhab2
priv: '*.*:ALL'
state: present
tags:
- mysql

21
roles/openhab2/tasks/nfs.yml
View File

@@ -2,30 +2,21 @@
- name: ensure packages are installed
apt:
pkg: "{{item}}"
pkg:
- nfs-common
- nfs-kernel-server
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
with_items:
- nfs-common
- nfs-kernel-server
tags:
- packages
- nfs
- openhab2
- name: update /etc/exports
lineinfile:
dest=/etc/exports
regexp="^{{item.mount_point}}\s.*"
line="{{item.mount_point}} {{item.options}}"
dest: "/etc/exports"
regexp: '^{{item.mount_point}}\s.*'
line: "{{item.mount_point}} {{item.options}}"
notify: update exportfs
with_items:
- { mount_point: "/etc/openhab2", options: "*(rw,sync,no_subtree_check,all_squash)" }
- { mount_point: "/var/lib/openhab2", options: "*(rw,sync,no_subtree_check,all_squash)" }
tags:
- nfs
- nfsconfig
- openhab2

21
roles/openhab2/tasks/nginx.yml
View File

@@ -8,15 +8,11 @@
group: root
mode: "u=rwx,g=r,o=r"
notify: restart nginx
tags:
- nginx
- stat: path=/etc/letsencrypt/live/schnidrig.dynv6.net/fullchain.pem
register: letsencrypt_cert
tags:
- nginx
- name: overwrite nginx config for letsencrypt initialisation
- name: overwrite nginx config for letsencrypt initialization
template:
src: nginx.init.conf.j2
dest: "/etc/nginx/sites-available/openhab.conf"
@@ -25,8 +21,6 @@
mode: "u=rwx,g=r,o=r"
notify: restart nginx
when: letsencrypt_cert.stat.exists == false
tags:
- nginx
- name: create nginx passwd file
htpasswd:
@@ -37,16 +31,12 @@
group: root
mode: "u=rw"
notify: restart nginx
tags:
- nginx
- name: remove default site
file:
dest: /etc/nginx/sites-enabled/default
state: absent
notify: restart nginx
tags:
- nginx
- name: enable openhab site
file:
@@ -54,30 +44,21 @@
dest: /etc/nginx/sites-enabled/openhab.conf
state: link
notify: restart nginx
tags:
- nginx
- name: ssl dir
file:
dest: /etc/nginx/ssl
state: directory
tags:
- nginx
- name: create self singed certificate
command: 'openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=CH/ST=AG/L=Niederlenz/O=none/OU=none/CN=schnidrig.dynv6.net"'
args:
creates: "/etc/nginx/ssl/nginx.crt"
tags:
- nginx
- name: gen dhparam
command: 'openssl dhparam -outform PEM -out /etc/nginx/ssl/dhparam2048.pem 2048'
args:
creates: "/etc/nginx/ssl/dhparam2048.pem"
notify: restart nginx
tags:
- nginx

37
roles/openhab2/tasks/openhab.yml
View File

@@ -3,11 +3,12 @@
- name:
user:
name: openhab
groups: "dialout"
groups:
- dialout
- tty
- bluetooth
- audio
append: yes
tags:
- openhab2
- user
- name: "configure systemd"
systemd:
@@ -15,19 +16,14 @@
daemon_reload: yes
enabled: true
state: started
tags:
- openhab2
- name: Download Rollershutters dependencies
get_url:
url: "{{ item.src }}"
dest: "/usr/share/openhab2/runtime/lib/boot/{{ item.name }}"
loop:
#- { name: "jython-standalone-2.7.0.jar", src: 'http://search.maven.org/remotecontent?filepath=org/python/jython-standalone/2.7.0/jython-standalone-2.7.0.jar' }
- { name: "snakeyaml-1.18.jar", src: "http://central.maven.org/maven2/org/yaml/snakeyaml/1.18/snakeyaml-1.18.jar" }
tags:
- openhab2
- jython
- { name: "jython-standalone-2.7.1.jar", src: 'http://search.maven.org/remotecontent?filepath=org/python/jython-standalone/2.7.1/jython-standalone-2.7.1.jar' }
- { name: "snakeyaml-1.25.jar", src: "http://central.maven.org/maven2/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar" }
- name: cron job
cron:
@@ -36,11 +32,8 @@
hour: "5"
weekday: "0"
job: 'systemctl restart nginx.service'
cron_file: openhab
cron_file: openhab2
user: root
tags:
- openhab2
- openhab_cron
- name: cron job
cron:
@@ -49,12 +42,8 @@
hour: "5"
weekday: "0"
job: 'touch /etc/openhab2/automation/jsr223/shutters.py'
cron_file: openhab
cron_file: openhab2
user: root
tags:
- openhab2
- openhab_cron
- name: install python modules for jython
pip:
@@ -62,16 +51,12 @@
virtualenv_command: "/usr/bin/virtualenv"
virtualenv_python: "/usr/bin/python2.7"
name: jsonmerge
tags:
- openhab2
- name: enable virtual env from above in jython
- name: set EXTRA_JAVA_OPTS
lineinfile:
path: "/etc/default/openhab2"
regexp: '^EXTRA_JAVA_OPTS='
line: 'EXTRA_JAVA_OPTS="-Dpython.path=/etc/openhab2/automation/lib/python/lib/python2.7/site-packages/"'
tags:
- openhab2
line: 'EXTRA_JAVA_OPTS="-Dpython.path=/etc/openhab2/automation/lib/python/lib/python2.7/site-packages/ -Dgnu.io.rxtx.SerialPorts=/dev/ttyACM0:/dev/ttyACM1:/dev/ttyUSB0:/dev/ttyUSB1:/dev/ttyS0:/dev/ttyS2:/dev/ttyAMA0"'

24
roles/openhab2/tasks/packages.yml
View File

@@ -2,21 +2,17 @@
- name: install openhab packages
apt:
pkg: "{{item}}"
pkg:
- zulu-embedded-8 # java 8
- openhab2
- openhab2-addons
- openhab2-addons-legacy
- sysstat
- nginx
- python-pip # jython only supports 2.7
- virtualenv
- python-passlib
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
with_items:
- "{{jdk}}"
- openhab2
- openhab2-addons
- openhab2-addons-legacy
- sysstat
- nginx
- python-passlib
#- jython
#- jython-doc
tags:
- packages
- openhab2

22
roles/openhab2/tasks/repo.yml
View File

@@ -6,18 +6,26 @@
apt_key:
url: "https://bintray.com/user/downloadSubjectPublicKey?username=openhab"
state: present
tags:
- repo
- openhab2
- name: install openhab2 repo
apt_repository:
repo: 'deb https://dl.bintray.com/openhab/apt-repo2 stable main'
#repo: 'deb http://openhab.jfrog.io/openhab/openhab-linuxpkg unstable main'
state: present
update_cache: yes
filename: openhab2
tags:
- repo
- openhab2
# Zulu
# https://docs.azul.com/zulu/zuludocs/ZuluUserGuide/PrepareZuluPlatform/AttachAPTRepositoryUbuntuOrDebianSys.htm
- name: install zulu key
apt_key:
keyserver: hkp://keyserver.ubuntu.com:80
id: B1998361219BD9C9
state: present
- name: install zulu repo
apt_repository:
repo: 'deb http://repos.azulsystems.com/debian stable main'
state: present
update_cache: yes
filename: zulu

4
roles/openhab2/tasks/scripts.yml
View File

@@ -4,8 +4,6 @@
file:
dest: /root/bin
state: directory
tags:
- scripts
- name: create scripts
template:
@@ -16,5 +14,3 @@
mode: "u=rwx,g=r,o=r"
loop:
- karaf.sh
tags:
- scripts

5
roles/openhab2/templates/nginx.conf.j2
View File

@@ -1,11 +1,10 @@
server {
listen [::]:80;
listen [::]:80 ipv6only=off;
server_name {{fqdn}};
return 301 https://$server_name$request_uri;
}
server {
#listen [::]:80;
listen [::]:443 ssl;
listen [::]:443 ipv6only=off ssl;
server_name {{fqdn}};
ssl_certificate /etc/letsencrypt/live/schnidrig.dynv6.net/fullchain.pem;

4
roles/openhab2/templates/nginx.init.conf.j2
View File

@@ -1,6 +1,6 @@
server {
listen [::]:80;
listen [::]:443 ssl;
listen [::]:80 ipv6only=off;
listen [::]:443 ipv6only=off ssl;
server_name schnidrig.dynv6.net;
ssl_certificate /etc/nginx/ssl/nginx.crt;

6
roles/raspberry/handlers/main.yml
View File

@@ -1,9 +1,7 @@
---
- name: restart ntp
service: name=ntp state=restarted
- name: timedatectl
command: timedatectl set-ntp true
- name: update exportfs
shell: exportfs -rav

0
roles/raspberry/tasks/ntp.yml → roles/raspberry/tasks/_attic/ntp.yml
View File

0
roles/raspberry/tasks/timezone.yml → roles/raspberry/tasks/_attic/timezone.yml
View File

2
roles/raspberry/tasks/locale.yml
View File

@@ -13,8 +13,6 @@
- name: generate locale
locale_gen: name="{{locale}}" state=present
tags:
- locale
- name: set environment file
template:

13
roles/raspberry/tasks/main.yml
View File

@@ -1,10 +1,17 @@
---
- include: packages.yml
- include: ntp.yml
- include: timezone.yml
- include: locale.yml
tags:
- packages
- include: timedate.yml
tags:
- ntp
# - include: locale.yml
# tags:
# - locale
- include: skeleton.yml
tags:
- skeleton

18
roles/raspberry/tasks/packages.yml
View File

@@ -2,25 +2,15 @@
- name: ensure packages are installed
apt:
pkg: "{{item}}"
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
with_items:
pkg:
- apt-transport-https
- ntp
- tmux
- python-pip
- python3-pip
- git
- multitail
- python3-requests
tags:
- packages
- python3-websocket
update_cache: "{{apt_config.update_cache}}"
cache_valid_time: "{{apt_config.cache_valid_time}}"
- name: install python 3 modules with pip
pip:
name: websocket-client
executable: pip3
tags:
- packages

11
roles/raspberry/tasks/skeleton.yml
View File

@@ -3,17 +3,8 @@
- name: alias
copy:
src: alias
dest: "/home/pi/.alias"
dest: "/home/pi/.bash_aliases"
owner: pi
group: pi
mode: "u=rw,g=r,o=r"
tags:
- alias
- name: update bashrc
lineinfile:
dest=/home/pi/.bashrc
line="test -s ~/.alias && . ~/.alias"
tags:
- alias

13
roles/raspberry/tasks/timedate.yml Normal file
View File

@@ -0,0 +1,13 @@
---
- name: update ntp.conf
lineinfile:
dest: "/etc/systemd/timesyncd.conf"
regexp: '^#*\s*NTP='
line: "NTP={{ ntp | join(' ') }}"
notify: timedatectl
- name: "set Timezone"
timezone:
name: "{{ timezone }}"
notify: timedatectl