openhab 2.5 on raspi4

2026-01-12 00:48:46 +01:00 · 2020-01-01 20:34:53 +01:00
parent caf4dcd77a
commit 0c652dfbd2
30 changed files with 203 additions and 185 deletions
--- a/roles/openhab2/tasks/backup.yml
+++ b/roles/openhab2/tasks/backup.yml
@@ -7,5 +7,3 @@
     owner: root
     group: root
     mode: "u=rwx,g=r,o=r"
-  tags:
-    - backup
--- a/roles/openhab2/tasks/dynv6.yml
+++ b/roles/openhab2/tasks/dynv6.yml
@@ -7,8 +7,6 @@
     owner: root
     group: root
     mode: "u=rwx,g=r,o=r"
-  tags:
-    - dynv6

 - name: Cron file for dynv6
  cron:
@@ -16,6 +14,4 @@
    user: root
    job: "/root/dynv6.sh"
    cron_file: dynv6
-  tags:
-    - dynv6

--- a/roles/openhab2/tasks/letsencrypt.yml
+++ b/roles/openhab2/tasks/letsencrypt.yml
@@ -1,29 +1,24 @@
 ---

- name: download certbot
-  get_url:
-    url: https://dl.eff.org/certbot-auto
-    dest: /root/certbot-auto
-    mode: 0540
-  tags:
-    - letsencrypt
+- name: ensure packages are installed
+  apt: 
+    pkg:
+    - certbot
+    - python-certbot-nginx
+    - python3-certbot-nginx
+    update_cache: "{{apt_config.update_cache}}"
+    cache_valid_time: "{{apt_config.cache_valid_time}}"

 - name: get certificate
-  #shell: '/root/certbot-auto -n run --test-cert --nginx --agree-tos --email {{letsencrypt_email}} --cert-path /etc/nginx/ssl/cert.pem --key-path /etc/nginx/ssl/cert.key --fullchain-path /etc/nginx/ssl/chain.pem -d {{fqdn}}'
-  shell: '/root/certbot-auto -n run --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'
-  tags:
-    - letsencrypt
+  shell: 'certbot -n run --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'


- name: cron job
-  cron:
-    name: "get new certificate"
-    minute: "0"
-    hour: "5"
-    day: "11"
-    job: '/root/certbot-auto -n certonly --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'
-    cron_file: letsencrypt
-    user: root
-  tags:
-    - letsencrypt
-    - letsencrypt_cron
+# - name: cron job
+#   cron:
+#     name: "get new certificate"
+#     minute: "0"
+#     hour: "5"
+#     day: "11"
+#     job: 'certbot -n certonly --nginx --agree-tos --email {{letsencrypt_email}} -d {{fqdn}}'
+#     cron_file: letsencrypt
+#     user: root
--- a/roles/openhab2/tasks/main.yml
+++ b/roles/openhab2/tasks/main.yml
@@ -1,19 +1,50 @@
 ---

 - include: repo.yml
+  tags:
+  - repo
+  - openhab2
 - include: packages.yml
+  tags:
+  - packages
+  - openhab2
 - include: openhab.yml
+  tags:
+  - openhab
+  - openhab2
 #- include: habmin.yml
 - include: nfs.yml
+  tags:
+  - nfs
+  - openhab2
 - include: mysql.yml
+  tags:
+  - mysql
+  - openhab2
 - include: backup.yml
+  tags:
+  - backup
+  - openhab2
 - include: nginx.yml
+  tags:
+  - nginx
+  - openhab2
 - include: dynv6.yml
+  tags:
+  - dynv6
+  - openhab2
 - include: letsencrypt.yml
+  tags:
+  - letsencrypt
+  - openhab2
 - include: scripts.yml
+  tags:
+  - scripts
+  - openhab2
 - include: gardena.yml
  tags:
-    - gardena
+  - gardena
+  - openhab2



--- a/roles/openhab2/tasks/mysql.yml
+++ b/roles/openhab2/tasks/mysql.yml
@@ -2,15 +2,11 @@

 - name: install mysql packages
  apt: 
-    pkg: "{{item}}"
+    pkg:
+    - default-mysql-server
+    - python-mysqldb
    update_cache: "{{apt_config.update_cache}}"
    cache_valid_time: "{{apt_config.cache_valid_time}}"
-  with_items:
-     - mysql-server
-     - python-mysqldb
-  tags:
-     - mysql
-     - packages

 - name: Create openhab database
  mysql_db:
@@ -24,7 +20,5 @@
    password: openhab2
    priv: '*.*:ALL'
    state: present
-  tags:
-     - mysql


--- a/roles/openhab2/tasks/nfs.yml
+++ b/roles/openhab2/tasks/nfs.yml
@@ -2,30 +2,21 @@

 - name: ensure packages are installed
  apt: 
-    pkg: "{{item}}"
+    pkg:
+    - nfs-common
+    - nfs-kernel-server
    update_cache: "{{apt_config.update_cache}}"
    cache_valid_time: "{{apt_config.cache_valid_time}}"
-  with_items:
-     - nfs-common
-     - nfs-kernel-server
-  tags:
-     - packages
-     - nfs
-     - openhab2

 - name: update /etc/exports
  lineinfile:
-    dest=/etc/exports
-    regexp="^{{item.mount_point}}\s.*"
-    line="{{item.mount_point}} {{item.options}}"
+    dest: "/etc/exports"
+    regexp: '^{{item.mount_point}}\s.*'
+    line: "{{item.mount_point}} {{item.options}}"
  notify: update exportfs
  with_items:
    - { mount_point: "/etc/openhab2", options: "*(rw,sync,no_subtree_check,all_squash)" }
    - { mount_point: "/var/lib/openhab2", options: "*(rw,sync,no_subtree_check,all_squash)" }
-  tags:
-    - nfs
-    - nfsconfig
-    - openhab2



--- a/roles/openhab2/tasks/nginx.yml
+++ b/roles/openhab2/tasks/nginx.yml
@@ -8,15 +8,11 @@
     group: root
     mode: "u=rwx,g=r,o=r"
  notify: restart nginx
-  tags:
-    - nginx

 - stat: path=/etc/letsencrypt/live/schnidrig.dynv6.net/fullchain.pem
  register: letsencrypt_cert
-  tags:
-    - nginx
  
- name: overwrite nginx config for letsencrypt initialisation
+- name: overwrite nginx config for letsencrypt initialization
  template:
     src: nginx.init.conf.j2
     dest: "/etc/nginx/sites-available/openhab.conf"
@@ -25,8 +21,6 @@
     mode: "u=rwx,g=r,o=r"
  notify: restart nginx
  when: letsencrypt_cert.stat.exists == false
-  tags:
-    - nginx

 - name: create nginx passwd file
  htpasswd:
@@ -37,16 +31,12 @@
     group: root
     mode: "u=rw"
  notify: restart nginx
-  tags:
-    - nginx

 - name: remove default site
  file: 
    dest: /etc/nginx/sites-enabled/default
    state: absent
  notify: restart nginx
-  tags:
-    - nginx

 - name: enable openhab site
  file: 
@@ -54,30 +44,21 @@
    dest: /etc/nginx/sites-enabled/openhab.conf
    state: link
  notify: restart nginx
-  tags:
-    - nginx
-    

 - name: ssl dir
  file: 
    dest: /etc/nginx/ssl
    state: directory
-  tags:
-    - nginx

 - name: create self singed certificate
  command: 'openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=CH/ST=AG/L=Niederlenz/O=none/OU=none/CN=schnidrig.dynv6.net"'
  args: 
    creates: "/etc/nginx/ssl/nginx.crt"
-  tags:
-    - nginx

 - name: gen dhparam
  command: 'openssl dhparam -outform PEM -out /etc/nginx/ssl/dhparam2048.pem 2048'
  args: 
    creates: "/etc/nginx/ssl/dhparam2048.pem"
  notify: restart nginx
-  tags: 
-    - nginx


--- a/roles/openhab2/tasks/openhab.yml
+++ b/roles/openhab2/tasks/openhab.yml
@@ -3,11 +3,12 @@
 - name:
  user: 
    name: openhab
-    groups: "dialout"
+    groups: 
+        - dialout
+        - tty
+        - bluetooth
+        - audio
    append: yes
-  tags:
-    - openhab2
-    - user

 - name: "configure systemd"
  systemd:
@@ -15,19 +16,14 @@
    daemon_reload: yes
    enabled: true
    state: started 
-  tags:
-    - openhab2

 - name: Download Rollershutters dependencies
  get_url:
    url: "{{ item.src }}"
    dest: "/usr/share/openhab2/runtime/lib/boot/{{ item.name }}"
  loop:
-    #- { name: "jython-standalone-2.7.0.jar", src: 'http://search.maven.org/remotecontent?filepath=org/python/jython-standalone/2.7.0/jython-standalone-2.7.0.jar' }
-    - { name: "snakeyaml-1.18.jar", src: "http://central.maven.org/maven2/org/yaml/snakeyaml/1.18/snakeyaml-1.18.jar" }
-  tags:
-    - openhab2
-    - jython
+    - { name: "jython-standalone-2.7.1.jar", src: 'http://search.maven.org/remotecontent?filepath=org/python/jython-standalone/2.7.1/jython-standalone-2.7.1.jar' }
+    - { name: "snakeyaml-1.25.jar", src: "http://central.maven.org/maven2/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar" }

 - name: cron job
  cron:
@@ -36,11 +32,8 @@
    hour: "5"
    weekday: "0"
    job: 'systemctl restart nginx.service'
-    cron_file: openhab
+    cron_file: openhab2
    user: root
-  tags:
-    - openhab2
-    - openhab_cron

 - name: cron job
  cron:
@@ -49,12 +42,8 @@
    hour: "5"
    weekday: "0"
    job: 'touch /etc/openhab2/automation/jsr223/shutters.py'
-    cron_file: openhab
+    cron_file: openhab2
    user: root
-  tags:
-    - openhab2
-    - openhab_cron
-

 - name: install python modules for jython
  pip: 
@@ -62,16 +51,12 @@
    virtualenv_command: "/usr/bin/virtualenv"
    virtualenv_python: "/usr/bin/python2.7"
    name: jsonmerge
-  tags:
-    - openhab2

- name: enable virtual env from above in jython
+- name: set EXTRA_JAVA_OPTS
  lineinfile:
    path: "/etc/default/openhab2"
    regexp: '^EXTRA_JAVA_OPTS='
-    line: 'EXTRA_JAVA_OPTS="-Dpython.path=/etc/openhab2/automation/lib/python/lib/python2.7/site-packages/"'
-  tags:
-    - openhab2
+    line: 'EXTRA_JAVA_OPTS="-Dpython.path=/etc/openhab2/automation/lib/python/lib/python2.7/site-packages/ -Dgnu.io.rxtx.SerialPorts=/dev/ttyACM0:/dev/ttyACM1:/dev/ttyUSB0:/dev/ttyUSB1:/dev/ttyS0:/dev/ttyS2:/dev/ttyAMA0"'



--- a/roles/openhab2/tasks/packages.yml
+++ b/roles/openhab2/tasks/packages.yml
@@ -2,21 +2,17 @@

 - name: install openhab packages
  apt: 
-    pkg: "{{item}}"
+    pkg:
+    - zulu-embedded-8 # java 8
+    - openhab2
+    - openhab2-addons
+    - openhab2-addons-legacy
+    - sysstat
+    - nginx
+    - python-pip # jython only supports 2.7
+    - virtualenv
+    - python-passlib
    update_cache: "{{apt_config.update_cache}}"
    cache_valid_time: "{{apt_config.cache_valid_time}}"
-  with_items:
-     - "{{jdk}}"
-     - openhab2
-     - openhab2-addons
-     - openhab2-addons-legacy
-     - sysstat
-     - nginx
-     - python-passlib
-     #- jython
-     #- jython-doc
-  tags:
-     - packages
-     - openhab2


--- a/roles/openhab2/tasks/repo.yml
+++ b/roles/openhab2/tasks/repo.yml
@@ -6,18 +6,26 @@
  apt_key: 
    url: "https://bintray.com/user/downloadSubjectPublicKey?username=openhab"
    state: present
-  tags:
-     - repo
-     - openhab2

 - name: install openhab2 repo
  apt_repository:
    repo: 'deb https://dl.bintray.com/openhab/apt-repo2 stable main'
-    #repo: 'deb http://openhab.jfrog.io/openhab/openhab-linuxpkg unstable main'
    state: present
    update_cache: yes
    filename: openhab2
-  tags:
-     - repo
-     - openhab2

+# Zulu
+# https://docs.azul.com/zulu/zuludocs/ZuluUserGuide/PrepareZuluPlatform/AttachAPTRepositoryUbuntuOrDebianSys.htm
+
+- name: install zulu key
+  apt_key:
+    keyserver: hkp://keyserver.ubuntu.com:80
+    id: B1998361219BD9C9
+    state: present
+
+- name: install zulu repo
+  apt_repository:
+    repo: 'deb http://repos.azulsystems.com/debian stable main'
+    state: present
+    update_cache: yes
+    filename: zulu
--- a/roles/openhab2/tasks/scripts.yml
+++ b/roles/openhab2/tasks/scripts.yml
@@ -4,8 +4,6 @@
  file: 
    dest: /root/bin
    state: directory
-  tags:
-    - scripts

 - name: create scripts
  template:
@@ -16,5 +14,3 @@
     mode: "u=rwx,g=r,o=r"
  loop:
    - karaf.sh
-  tags:
-    - scripts
--- a/roles/openhab2/templates/nginx.conf.j2
+++ b/roles/openhab2/templates/nginx.conf.j2
@@ -1,11 +1,10 @@
 server {
-    listen                          [::]:80;
+    listen                          [::]:80 ipv6only=off;
    server_name                     {{fqdn}};
    return 301                      https://$server_name$request_uri;
 }
 server {
-    #listen                          [::]:80;
-    listen                          [::]:443 ssl;
+    listen                          [::]:443 ipv6only=off ssl;
    server_name                     {{fqdn}};

    ssl_certificate                 /etc/letsencrypt/live/schnidrig.dynv6.net/fullchain.pem;
--- a/roles/openhab2/templates/nginx.init.conf.j2
+++ b/roles/openhab2/templates/nginx.init.conf.j2
@@ -1,6 +1,6 @@
 server {
-    listen                          [::]:80;
-    listen                          [::]:443 ssl;
+    listen                          [::]:80 ipv6only=off;
+    listen                          [::]:443 ipv6only=off ssl;
    server_name                     schnidrig.dynv6.net;

    ssl_certificate                 /etc/nginx/ssl/nginx.crt;