aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEmil Renner Berthing <esmil@labitat.dk>2018-10-04 18:45:52 +0200
committerEmil Renner Berthing <esmil@labitat.dk>2019-07-06 22:31:31 +0200
commit18629c52f8d3d411cc52208e74bfbfc5862996d4 (patch)
tree07a9d3249497d2ce8e905db78b5a3858db93c56c
parentb0c93e842df6aecf1e07adcda3a8771e3f1e9e1e (diff)
downloadlabitat-ansible-18629c52f8d3d411cc52208e74bfbfc5862996d4.tar.gz
labitat-ansible-18629c52f8d3d411cc52208e74bfbfc5862996d4.tar.xz
labitat-ansible-18629c52f8d3d411cc52208e74bfbfc5862996d4.zip
doorputer: add role to set up doorputer rpi
-rw-r--r--doorputer.yml15
-rw-r--r--inventory3
-rw-r--r--roles/doorputer/files/eth0.network7
-rw-r--r--roles/doorputer/files/lockserver.service15
-rw-r--r--roles/doorputer/files/motd13
-rw-r--r--roles/doorputer/meta/main.yml6
-rw-r--r--roles/doorputer/tasks/bluetooth.yml16
-rw-r--r--roles/doorputer/tasks/lockserver.yml69
-rw-r--r--roles/doorputer/tasks/main.yml27
-rw-r--r--roles/doorputer/vars/main.yml27
10 files changed, 198 insertions, 0 deletions
diff --git a/doorputer.yml b/doorputer.yml
new file mode 100644
index 0000000..b444e30
--- /dev/null
+++ b/doorputer.yml
@@ -0,0 +1,15 @@
+---
+- hosts: doorputer.s
+ pre_tasks:
+ - name: Detect chroot
+ set_fact:
+ chroot: "{{ ansible_connection == 'chroot' or 'container' in ansible_env }}"
+ tags: always
+ - name: Load secrets
+ include_vars: 'secrets.yml'
+ ignore_errors: yes
+ tags: always
+ roles:
+ - doorputer
+
+# vim: set ts=2 sw=2 et:
diff --git a/inventory b/inventory
index 445f1ce..e5b8fd3 100644
--- a/inventory
+++ b/inventory
@@ -1,2 +1,5 @@
space.labitat.dk
+
+[rpis]
jumbotron.s
+doorputer.s
diff --git a/roles/doorputer/files/eth0.network b/roles/doorputer/files/eth0.network
new file mode 100644
index 0000000..601e041
--- /dev/null
+++ b/roles/doorputer/files/eth0.network
@@ -0,0 +1,7 @@
+[Match]
+Name=eth0
+
+[Network]
+DHCP=yes
+IPv6AcceptRA=yes
+LLMNR=yes
diff --git a/roles/doorputer/files/lockserver.service b/roles/doorputer/files/lockserver.service
new file mode 100644
index 0000000..a09666d
--- /dev/null
+++ b/roles/doorputer/files/lockserver.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Lockserver
+
+[Service]
+Type=simple
+User=doorman
+WorkingDirectory=/home/doorman
+ExecStartPre=/home/doorman/lockserver/init.sh
+ExecStart=/home/doorman/lockserver/lockd.py
+StandardOutput=syslog
+StandardError=inherit
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/doorputer/files/motd b/roles/doorputer/files/motd
new file mode 100644
index 0000000..5c83520
--- /dev/null
+++ b/roles/doorputer/files/motd
@@ -0,0 +1,13 @@
+
+ _ _
+ | | | |
+ __| | ___ ___ _ __ _ __ _ _| |_ ___ _ __
+ / _` |/ _ \ / _ \| '__| '_ \| | | | __/ _ \ '__|
+| (_| | (_) | (_) | | | |_) | |_| | || __/ |
+ \__,_|\___/ \___/|_| | .__/ \__,_|\__\___|_|
+ | |
+ |_|
+
+Open da door:
+$ sudo -i
+# echo O > /dev/ttyUSB0
diff --git a/roles/doorputer/meta/main.yml b/roles/doorputer/meta/main.yml
new file mode 100644
index 0000000..731a8f2
--- /dev/null
+++ b/roles/doorputer/meta/main.yml
@@ -0,0 +1,6 @@
+---
+dependencies:
+- role: raspbian
+- role: users
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/doorputer/tasks/bluetooth.yml b/roles/doorputer/tasks/bluetooth.yml
new file mode 100644
index 0000000..ef64f35
--- /dev/null
+++ b/roles/doorputer/tasks/bluetooth.yml
@@ -0,0 +1,16 @@
+---
+- name: Disable hciuart service
+ systemd:
+ name: hciuart.service
+ enabled: no
+ masked: no
+ state: stopped
+
+- name: Disable bluetooth service
+ systemd:
+ name: bluetooth.service
+ enabled: no
+ masked: no
+ state: stopped
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/doorputer/tasks/lockserver.yml b/roles/doorputer/tasks/lockserver.yml
new file mode 100644
index 0000000..57b9e2b
--- /dev/null
+++ b/roles/doorputer/tasks/lockserver.yml
@@ -0,0 +1,69 @@
+---
+- name: Create doorman user
+ user:
+ comment: 'Doorman Doris'
+ name: doorman
+ shell: '/bin/bash'
+ uid: 3000
+ group: users
+ groups:
+ - dialout
+ - gpio
+
+- name: Check out lockserver repo
+ git:
+ dest: '~doorman/lockserver'
+ repo: 'https://github.com/labitat/lockserver.git'
+ accept_hostkey: yes
+ clone: yes
+ update: yes
+ remote: origin
+
+- name: Make sure doorman owns git repo
+ file:
+ dest: '~doorman/lockserver'
+ owner: doorman
+ group: users
+ recurse: yes
+
+- name: Initialize database
+ command:
+ argv:
+ - '/usr/bin/sqlite3'
+ - 'users.db'
+ - '.read lockserver/structure.sql'
+ become_user: doorman
+ args:
+ chdir: '/home/doorman'
+ creates: '/home/doorman/users.db'
+
+- name: Create pasword file
+ copy:
+ dest: '~doorman/lockserver.password'
+ content: "{{ doorputer_webpassword }}\n"
+ owner: doorman
+ group: users
+ mode: 0600
+ when: doorputer_webpassword is defined
+
+- name: Install lockserver service
+ copy:
+ dest: '/etc/systemd/system/lockserver.service'
+ src: lockserver.service
+ owner: root
+ group: root
+ mode: 0644
+ register: lockserver_service
+
+- name: Reload systemd
+ command: systemctl daemon-reload
+ when: lockserver_service is changed
+
+- name: Enable lockserver service
+ systemd:
+ name: lockserver.service
+ enabled: yes
+ masked: no
+ state: started
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/doorputer/tasks/main.yml b/roles/doorputer/tasks/main.yml
new file mode 100644
index 0000000..62a693a
--- /dev/null
+++ b/roles/doorputer/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+- name: Install network configuration
+ copy:
+ dest: '/etc/systemd/network/10-eth0.network'
+ src: eth0.network
+ owner: root
+ group: root
+ mode: 0644
+ tags:
+ - networkd-config
+
+- name: Set message of the day
+ copy:
+ dest: '/etc/motd'
+ src: motd
+ owner: root
+ group: root
+ mode: 0644
+ tags:
+ - motd
+
+- import_tasks: bluetooth.yml
+ tags: bluetooth
+- import_tasks: lockserver.yml
+ tags: lockserver
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/doorputer/vars/main.yml b/roles/doorputer/vars/main.yml
new file mode 100644
index 0000000..f07df60
--- /dev/null
+++ b/roles/doorputer/vars/main.yml
@@ -0,0 +1,27 @@
+---
+hostname: 'doorputer'
+
+users:
+ 'esmil': sudo
+ 'ast': sudo
+ 'flummer': sudo
+ 'riiiis': sudo
+ 'knielsen': sudo
+ 'signout': sudo
+
+apt_sources:
+ raspbian:
+ components:
+ - main
+ - contrib
+ - non-free
+ - rpi
+
+apt_packages:
+ 'git': present # to check out lockserver repo
+
+ # lockserver dependencies
+ 'python3-serial': present
+ 'sqlite3': present
+
+# vim: set ts=2 sw=2 et: