From 3a665afb54e93f24e7febf197a3badff1b513515 Mon Sep 17 00:00:00 2001 From: Christian Schnidrig Date: Tue, 29 Nov 2016 00:08:10 +0100 Subject: [PATCH] initial commit --- README.md | 42 ++++++++++++++++- ansible.cfg | 5 ++ edit_vault | 1 + fix_nfs.yml | 8 ++++ group_vars/all/defaults | 24 ++++++++++ group_vars/all/vault | 12 +++++ group_vars/all/vault.sample | 10 ++++ group_vars/controller | 17 +++++++ inventory | 3 ++ raspi.yml | 10 ++++ replace_default_config_with_git_repo.yml | 28 ++++++++++++ roles/mqttwarn/handlers/main.yml | 5 ++ roles/mqttwarn/tasks/main.yml | 4 ++ roles/mqttwarn/tasks/mosquitto.yml | 16 +++++++ roles/mqttwarn/tasks/mqttwarn.yml | 56 +++++++++++++++++++++++ roles/mqttwarn/templates/mqttwarn.ini | 51 +++++++++++++++++++++ roles/mqttwarn/templates/mqttwarn.service | 13 ++++++ roles/openhab/tasks/main.yml | 8 ++++ roles/openhab/tasks/nfs.yml | 30 ++++++++++++ roles/openhab/tasks/openhab.yml | 20 ++++++++ roles/openhab/tasks/packages.yml | 38 +++++++++++++++ roles/openhab/tasks/repo.yml | 18 ++++++++ roles/raspberry/handlers/main.yml | 9 ++++ roles/raspberry/tasks/locale.yml | 28 ++++++++++++ roles/raspberry/tasks/main.yml | 9 ++++ roles/raspberry/tasks/ntp.yml | 28 ++++++++++++ roles/raspberry/tasks/packages.yml | 16 +++++++ roles/raspberry/tasks/timezone.yml | 22 +++++++++ roles/raspberry/templates/environment | 2 + vault_password.sample | 1 + 30 files changed, 533 insertions(+), 1 deletion(-) create mode 100644 ansible.cfg create mode 100755 edit_vault create mode 100644 fix_nfs.yml create mode 100644 group_vars/all/defaults create mode 100644 group_vars/all/vault create mode 100644 group_vars/all/vault.sample create mode 100644 group_vars/controller create mode 100644 inventory create mode 100644 raspi.yml create mode 100644 replace_default_config_with_git_repo.yml create mode 100644 roles/mqttwarn/handlers/main.yml create mode 100644 roles/mqttwarn/tasks/main.yml create mode 100644 roles/mqttwarn/tasks/mosquitto.yml create mode 100644 roles/mqttwarn/tasks/mqttwarn.yml create mode 100644 roles/mqttwarn/templates/mqttwarn.ini create mode 100644 roles/mqttwarn/templates/mqttwarn.service create mode 100644 roles/openhab/tasks/main.yml create mode 100644 roles/openhab/tasks/nfs.yml create mode 100644 roles/openhab/tasks/openhab.yml create mode 100644 roles/openhab/tasks/packages.yml create mode 100644 roles/openhab/tasks/repo.yml create mode 100644 roles/raspberry/handlers/main.yml create mode 100644 roles/raspberry/tasks/locale.yml create mode 100644 roles/raspberry/tasks/main.yml create mode 100644 roles/raspberry/tasks/ntp.yml create mode 100644 roles/raspberry/tasks/packages.yml create mode 100644 roles/raspberry/tasks/timezone.yml create mode 100644 roles/raspberry/templates/environment create mode 100644 vault_password.sample diff --git a/README.md b/README.md index a46fe69..d0e83e5 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,42 @@ # openhab-ansible -ansible roles and playbooks to setup openhab on a raspberry pi +Ansible playbooks to setup openhab on a raspberry pi. It'll install mosquitto and mqttwarn as well. Mqttwarn is configured to send data to graphite. + +## Prepare Raspberry Pi + +### Install raspian + +Download it from [https://www.raspberrypi.org/downloads/raspbian/](https://www.raspberrypi.org/downloads/raspbian/) + +Unzip and copy it onto an sdcard + +e.g on a mac with sdcard reader that would be: + + sudo dd bs=1m if=2016-09-23-raspbian-jessie-lite.img of=/dev/rdiskXYZ + +Insert sdcard into rasberry pi and boot. + + +### Configure fixed ip address + +Edit the file `/etc/dhcpcd.conf` and add the following lines (according to your network) and reboot. + + interface eth0 + static ip_address=192.168.1.5/24 + static routers=192.168.1.1 + static domain_name_servers=192.168.1.1 + +### User setup + +- Change password of user pi. +- Install ssh public key for user pi + + +## Run ansible playbook + +Edit group_vars/all/vault. +Check/change other values in group_vars + +ansible-playbook -i inventory raspi.yml + + + diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..cb8fecd --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,5 @@ +[ssh_connection] +ssh_args = -o ForwardAgent=yes +#ssh_args = -A + + diff --git a/edit_vault b/edit_vault new file mode 100755 index 0000000..daf4aec --- /dev/null +++ b/edit_vault @@ -0,0 +1 @@ +ansible-vault --vault-password-file=vault_password edit group_vars/all/vault diff --git a/fix_nfs.yml b/fix_nfs.yml new file mode 100644 index 0000000..e28ad26 --- /dev/null +++ b/fix_nfs.yml @@ -0,0 +1,8 @@ +--- + +- hosts: controller + become: true + tasks: + - service: name=rpcbind state=restarted + - service: name=nfs-kernel-server state=restarted + - shell: chmod -R ugo+w /etc/openhab diff --git a/group_vars/all/defaults b/group_vars/all/defaults new file mode 100644 index 0000000..6207a3d --- /dev/null +++ b/group_vars/all/defaults @@ -0,0 +1,24 @@ +--- + +timezone: "Europe/Zurich" +locale: "en_US.UTF-8" + +apt_config: + update_cache: yes + cache_valid_time: 7200 + +jdk: + - oracle-java7-jdk + #- oracle-java7-installer + #- oracle-java7-set-default + +ntp: + - "ntp.bluewin.ch" + #- "0.ch.pool.ntp.org" + #- "1.ch.pool.ntp.org" + #- "2.ch.pool.ntp.org" + #- "3.ch.pool.ntp.org" + + + + diff --git a/group_vars/all/vault b/group_vars/all/vault new file mode 100644 index 0000000..1a087b5 --- /dev/null +++ b/group_vars/all/vault @@ -0,0 +1,12 @@ +$ANSIBLE_VAULT;1.1;AES256 +62333264653736616131393032383830363035333337313565366365383838323936396162656337 +3832306133323864303638643536363466343464353263370a303939633634376461613036646565 +31326162326464626430323238363535366562366639383737386465376638613033643866376136 +6139326336613063360a303134353063333465356532393930323165663362323164313635386433 +34653363626664393739643838653361626530306331333536393536393262316435316639653034 +63666263323834346631663334333133383535383336613261646661343231393731366363383264 +66663661363366363263616532396231313966353530313432623265383362613664373166333131 +37353037653831366562396530646366343936643039623934356233663334653966663533373037 +34626336646563633838386434653031343063656230323438353062336436393361336430326136 +63623462656132356234386665326266323061313566633139616130386565356662326334373264 +396534323739353733386538303539353430 diff --git a/group_vars/all/vault.sample b/group_vars/all/vault.sample new file mode 100644 index 0000000..a016085 --- /dev/null +++ b/group_vars/all/vault.sample @@ -0,0 +1,10 @@ +--- + +# uncomment the variables and add info + +#vault_graphite_server: +#vault_openhab_config_repo: + + + + diff --git a/group_vars/controller b/group_vars/controller new file mode 100644 index 0000000..b0fba12 --- /dev/null +++ b/group_vars/controller @@ -0,0 +1,17 @@ +--- + +bindings: + - astro + - ntp + - rfxcom + - weather + - mqtt + +persistence: + - mqtt + +graphite_server: "{{vault_graphite_server}}" + + + + diff --git a/inventory b/inventory new file mode 100644 index 0000000..dfe490b --- /dev/null +++ b/inventory @@ -0,0 +1,3 @@ +[controller] +192.168.1.5 ansible_ssh_user=pi + diff --git a/raspi.yml b/raspi.yml new file mode 100644 index 0000000..458e62c --- /dev/null +++ b/raspi.yml @@ -0,0 +1,10 @@ +--- + +- hosts: controller + become: true + roles: + - raspberry + - mqttwarn + - openhab + + diff --git a/replace_default_config_with_git_repo.yml b/replace_default_config_with_git_repo.yml new file mode 100644 index 0000000..3c76a16 --- /dev/null +++ b/replace_default_config_with_git_repo.yml @@ -0,0 +1,28 @@ +--- + +- hosts: controller + become: true + tasks: + - name: stop openhab + service: name=openhab state=stopped + - name: delete default config + file: + path: "/etc/openhab" + state: absent + - name: create config dir + file: + path: "/etc/openhab" + owner: pi + group: pi + state: directory + - name: clone config repo + git: + repo: "{{vault_openhab_config_repo}}" + dest: "/etc/openhab" + accept_hostkey: true + update: no + clone: yes + become: false + - name: start openhab + service: name=openhab state=started + diff --git a/roles/mqttwarn/handlers/main.yml b/roles/mqttwarn/handlers/main.yml new file mode 100644 index 0000000..e0c8363 --- /dev/null +++ b/roles/mqttwarn/handlers/main.yml @@ -0,0 +1,5 @@ +--- + +- name: restart mqttwarn + service: name=mqttwarn state=restarted + diff --git a/roles/mqttwarn/tasks/main.yml b/roles/mqttwarn/tasks/main.yml new file mode 100644 index 0000000..a4ae8eb --- /dev/null +++ b/roles/mqttwarn/tasks/main.yml @@ -0,0 +1,4 @@ +--- + +- include: mosquitto.yml +- include: mqttwarn.yml diff --git a/roles/mqttwarn/tasks/mosquitto.yml b/roles/mqttwarn/tasks/mosquitto.yml new file mode 100644 index 0000000..ab98677 --- /dev/null +++ b/roles/mqttwarn/tasks/mosquitto.yml @@ -0,0 +1,16 @@ +--- + +- name: install main packages + apt: + pkg: "{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: + - mosquitto + - mosquitto-clients + tags: + - packages + - mosquitto + + + diff --git a/roles/mqttwarn/tasks/mqttwarn.yml b/roles/mqttwarn/tasks/mqttwarn.yml new file mode 100644 index 0000000..c1c7e1d --- /dev/null +++ b/roles/mqttwarn/tasks/mqttwarn.yml @@ -0,0 +1,56 @@ +--- + +- pip: + name: "paho-mqtt" + tags: + - mqttwarn + + +- git: + repo: "https://github.com/jpmens/mqttwarn.git" + dest: "/opt/mqttwarn" + version: "0c030a94a7e3590ea3485f460be555cee027d8a8" + tags: + - mqttwarn + +- name: install config file + template: + src: mqttwarn.ini + dest: "/opt/mqttwarn/mqttwarn.ini" + owner: root + group: root + mode: "u=rw,g=r,o=r" + notify: restart mqttwarn + tags: + - mqttwarn + - mqttwarnconfig + +- name: create log file + file: + state: touch + path: "/opt/mqttwarn/mqttwarn.log" + owner: pi + group: pi + tags: + - mqttwarn + +- name: install service file + template: + src: mqttwarn.service + dest: "/etc/systemd/system/mqttwarn.service" + owner: root + group: root + mode: "u=rw,g=r,o=r" + tags: + - mqttwarn + +- name: "configure systemd" + systemd: + name: mqttwarn + daemon_reload: yes + enabled: true + state: started + tags: + - mqttwarn + + diff --git a/roles/mqttwarn/templates/mqttwarn.ini b/roles/mqttwarn/templates/mqttwarn.ini new file mode 100644 index 0000000..d3a4ff8 --- /dev/null +++ b/roles/mqttwarn/templates/mqttwarn.ini @@ -0,0 +1,51 @@ +[defaults] +hostname = 'localhost' +port = 1883 +clientid = 'mqttwarn' + + +; logging +logformat = '%(asctime)-15s %(levelname)-5s [%(module)s] %(message)s' +logfile = 'mqttwarn.log' + +; one of: CRITICAL, DEBUG, ERROR, INFO, WARN +;loglevel = DEBUG +loglevel = ERROR + +; name the service providers you will be using. +launch = file, log, carbon + +[config:file] +append_newline = True +targets = { + 'f01' : ['/tmp/f.01'], + 'log-me' : ['/tmp/log.me'], + 'mqttwarn' : ['/tmp/mqttwarn.err'], + } + +[config:log] +targets = { + 'debug' : [ 'debug' ], + 'info' : [ 'info' ], + 'warn' : [ 'warn' ], + 'crit' : [ 'crit' ], + 'error' : [ 'error' ] + } + + +; special config for 'failover' events +[failover] +targets = log:error, file:mqttwarn + + +[config:carbon] +targets = { + 'openhab' : [ '{{graphite_server}}',2003 ], + } + + +[/openhab/graphite/#] +targets = carbon:openhab +;targets = log:info, file:f01, carbon:openhab + +# instead of logging run `mosquitto_sub -t openhab/graphite/#` diff --git a/roles/mqttwarn/templates/mqttwarn.service b/roles/mqttwarn/templates/mqttwarn.service new file mode 100644 index 0000000..20e01df --- /dev/null +++ b/roles/mqttwarn/templates/mqttwarn.service @@ -0,0 +1,13 @@ +[Unit] +Description=MQTTwarn + +[Service] +Type=simple +User=pi +Group=pi +WorkingDirectory=/opt/mqttwarn +ExecStart=/opt/mqttwarn/mqttwarn.py + +[Install] +WantedBy=default.target + diff --git a/roles/openhab/tasks/main.yml b/roles/openhab/tasks/main.yml new file mode 100644 index 0000000..3ab6813 --- /dev/null +++ b/roles/openhab/tasks/main.yml @@ -0,0 +1,8 @@ +--- + +- include: repo.yml +- include: packages.yml +- include: openhab.yml +- include: nfs.yml + + diff --git a/roles/openhab/tasks/nfs.yml b/roles/openhab/tasks/nfs.yml new file mode 100644 index 0000000..79ba0a4 --- /dev/null +++ b/roles/openhab/tasks/nfs.yml @@ -0,0 +1,30 @@ +--- + +- name: ensure packages are installed + apt: + pkg: "{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: + - nfs-common + - nfs-kernel-server + tags: + - packages + - nfs + - openhab + +- name: update /etc/exports + lineinfile: + dest=/etc/exports + regexp="^{{item.mount_point}}\s.*" + line="{{item.mount_point}} {{item.options}}" + notify: update exportfs + with_items: + - { mount_point: "/etc/openhab", options: "*(rw,sync,no_subtree_check,all_squash)" } + tags: + - nfs + - nfsconfig + - openhab + + + diff --git a/roles/openhab/tasks/openhab.yml b/roles/openhab/tasks/openhab.yml new file mode 100644 index 0000000..5539709 --- /dev/null +++ b/roles/openhab/tasks/openhab.yml @@ -0,0 +1,20 @@ +--- + +- name: + user: + name: openhab + groups: "dialout" + append: yes + tags: + - openhab + - user + +- name: "configure systemd" + systemd: + name: openhab + daemon_reload: yes + enabled: true + state: started + tags: + - openhab + diff --git a/roles/openhab/tasks/packages.yml b/roles/openhab/tasks/packages.yml new file mode 100644 index 0000000..01041c3 --- /dev/null +++ b/roles/openhab/tasks/packages.yml @@ -0,0 +1,38 @@ +--- + +- name: install main packages + apt: + pkg: "{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: + - "{{jdk}}" + - openhab-runtime + tags: + - packages + - openhab + +- name: install bindings + apt: + pkg: "openhab-addon-binding-{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: "{{bindings}}" + tags: + - packages + - bindings + - openhab + +- name: install persistence add ons + apt: + pkg: "openhab-addon-persistence-{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: "{{persistence}}" + tags: + - packages + - persistence + - openhab + + + diff --git a/roles/openhab/tasks/repo.yml b/roles/openhab/tasks/repo.yml new file mode 100644 index 0000000..4384504 --- /dev/null +++ b/roles/openhab/tasks/repo.yml @@ -0,0 +1,18 @@ +--- + +- name: install ppa key + apt_key: url=https://bintray.com/user/downloadSubjectPublicKey?username=openhab state=present + tags: + - repo + - openhab + +- name: install openhab repo + apt_repository: + repo='deb http://dl.bintray.com/openhab/apt-repo stable main' + state=present + update_cache=yes + filename=openhab + tags: + - repo + - openhab + diff --git a/roles/raspberry/handlers/main.yml b/roles/raspberry/handlers/main.yml new file mode 100644 index 0000000..313b59a --- /dev/null +++ b/roles/raspberry/handlers/main.yml @@ -0,0 +1,9 @@ +--- + +- name: restart ntp + service: name=ntp state=restarted + +- name: update exportfs + shell: exportfs -rav + + diff --git a/roles/raspberry/tasks/locale.yml b/roles/raspberry/tasks/locale.yml new file mode 100644 index 0000000..06854f0 --- /dev/null +++ b/roles/raspberry/tasks/locale.yml @@ -0,0 +1,28 @@ +--- + + +- name: setup /etc/locale.gen + lineinfile: + dest: "/etc/locale.gen" + regexp: '\s*#\s*({{locale}}.*)' + line: '\1' + backrefs: yes + tags: + - locale + + +- name: generate locale + locale_gen: name="{{locale}}" state=present + tags: + - locale + +- name: set environment file + template: + src: environment + dest: "/etc/environment" + owner: root + group: root + mode: "u=rw,g=r,o=r" + tags: + - locale + diff --git a/roles/raspberry/tasks/main.yml b/roles/raspberry/tasks/main.yml new file mode 100644 index 0000000..6b69f86 --- /dev/null +++ b/roles/raspberry/tasks/main.yml @@ -0,0 +1,9 @@ +--- + +- include: packages.yml +- include: ntp.yml +- include: timezone.yml +- include: locale.yml + + + diff --git a/roles/raspberry/tasks/ntp.yml b/roles/raspberry/tasks/ntp.yml new file mode 100644 index 0000000..ba9e516 --- /dev/null +++ b/roles/raspberry/tasks/ntp.yml @@ -0,0 +1,28 @@ +--- + +- name: update ntp.conf + lineinfile: + dest=/etc/ntp.conf + regexp="^server\s+.*debian.pool.ntp.org.*" + insertafter="^server\s.*" + state=absent + notify: restart ntp + tags: + - ntp + - ntpconfig + +- name: update ntp.conf + lineinfile: + dest=/etc/ntp.conf + insertafter="# pool:" + line="server {{item}} iburst" + with_items: "{{ntp}}" + notify: restart ntp + tags: + - ntp + - ntpconfig + +- name: Start the ntp service + service: name=ntp state=started enabled=true + tags: ntp + diff --git a/roles/raspberry/tasks/packages.yml b/roles/raspberry/tasks/packages.yml new file mode 100644 index 0000000..bf2ceac --- /dev/null +++ b/roles/raspberry/tasks/packages.yml @@ -0,0 +1,16 @@ +--- + +- name: ensure packages are installed + apt: + pkg: "{{item}}" + update_cache: "{{apt_config.update_cache}}" + cache_valid_time: "{{apt_config.cache_valid_time}}" + with_items: + - apt-transport-https + - ntp + - tmux + - python-pip + - git + tags: + - packages + diff --git a/roles/raspberry/tasks/timezone.yml b/roles/raspberry/tasks/timezone.yml new file mode 100644 index 0000000..b2535d7 --- /dev/null +++ b/roles/raspberry/tasks/timezone.yml @@ -0,0 +1,22 @@ +--- + +- name: fix /etc/localtime + file: + state: link + path: "/etc/localtime" + src: "/usr/share/zoneinfo/{{timezone}}" + owner: root + group: root + force: true + tags: + - timezone + +- name: fix /etc/timezone + copy: + dest: "/etc/timezone" + content: "{{timezone}}" + owner: root + group: root + mode: "u=rw,g=r,o=r" + tags: + - timezone diff --git a/roles/raspberry/templates/environment b/roles/raspberry/templates/environment new file mode 100644 index 0000000..0d620fb --- /dev/null +++ b/roles/raspberry/templates/environment @@ -0,0 +1,2 @@ +LANG={{locale}} +LC_ALL={{locale}} diff --git a/vault_password.sample b/vault_password.sample new file mode 100644 index 0000000..bcc9c3f --- /dev/null +++ b/vault_password.sample @@ -0,0 +1 @@ +