From bf5374dd9724ca511567941dff8d472ebda51420 Mon Sep 17 00:00:00 2001 From: Emil Renner Berthing Date: Thu, 27 Feb 2020 14:12:46 +0100 Subject: raspbian: update for hash_behaviour = replace --- roles/doorputer/tasks/lockserver.yml | 3 + roles/doorputer/vars/main.yml | 22 +++---- roles/jumbotron/vars/main.yml | 6 +- roles/raspbian-template/vars/main.yml | 2 +- roles/raspbian/defaults/main.yml | 107 ------------------------------ roles/raspbian/vars/main.yml | 118 ++++++++++++++++++++++++++++++++++ 6 files changed, 136 insertions(+), 122 deletions(-) delete mode 100644 roles/raspbian/defaults/main.yml create mode 100644 roles/raspbian/vars/main.yml diff --git a/roles/doorputer/tasks/lockserver.yml b/roles/doorputer/tasks/lockserver.yml index 033e80d..a9122d1 100644 --- a/roles/doorputer/tasks/lockserver.yml +++ b/roles/doorputer/tasks/lockserver.yml @@ -46,6 +46,8 @@ mode: 0700 - name: Create lockserver.ini + vars: + lockserver_conf: '{{ lockserver_conf_role|combine(lockserver_conf_secrets) }}' ini_file: path: '~doorman/.config/lockserver.ini' section: "{{ item.key.split('.',1)[0] }}" @@ -56,6 +58,7 @@ group: users mode: 0600 with_dict: '{{ lockserver_conf }}' + when: lockserver_conf_secrets|length > 0 - name: Install lockserver service copy: diff --git a/roles/doorputer/vars/main.yml b/roles/doorputer/vars/main.yml index e2fb021..4d7f336 100644 --- a/roles/doorputer/vars/main.yml +++ b/roles/doorputer/vars/main.yml @@ -1,15 +1,7 @@ --- hostname: 'doorputer' -users: - 'esmil': sudo - 'ast': sudo - 'flummer': sudo - 'riiiis': sudo - 'knielsen': sudo - 'signout': sudo - -apt_sources: +apt_sources_role: raspbian: components: - main @@ -17,14 +9,22 @@ apt_sources: - non-free - rpi -apt_packages: +apt_packages_role: 'git': present # to check out lockserver repo # lockserver dependencies 'python3-serial': present 'sqlite3': present -lockserver_conf: +users: + 'esmil': sudo + 'ast': sudo + 'flummer': sudo + 'riiiis': sudo + 'knielsen': sudo + 'signout': sudo + +lockserver_conf_role: 'Database.Path': '/home/doorman/users.db' 'Serial.Device': '/dev/ttyUSB0' 'Daymode.GPIONumber': '2' diff --git a/roles/jumbotron/vars/main.yml b/roles/jumbotron/vars/main.yml index 1adadb0..9f357cc 100644 --- a/roles/jumbotron/vars/main.yml +++ b/roles/jumbotron/vars/main.yml @@ -1,10 +1,10 @@ --- hostname: 'jumbotron' -resolved_conf: +resolved_conf_role: 'Resolve.DNSSEC': 'yes' -apt_sources: +apt_sources_role: raspbian: components: - main @@ -12,7 +12,7 @@ apt_sources: - non-free - rpi -apt_packages: +apt_packages_role: 'logrotate': absent 'cron': absent diff --git a/roles/raspbian-template/vars/main.yml b/roles/raspbian-template/vars/main.yml index 27cf894..1232f79 100644 --- a/roles/raspbian-template/vars/main.yml +++ b/roles/raspbian-template/vars/main.yml @@ -1,7 +1,7 @@ --- hostname: 'raspbian-template' -apt_sources: +apt_sources_role: raspbian: components: - main diff --git a/roles/raspbian/defaults/main.yml b/roles/raspbian/defaults/main.yml deleted file mode 100644 index 0bb24bc..0000000 --- a/roles/raspbian/defaults/main.yml +++ /dev/null @@ -1,107 +0,0 @@ ---- -journald_conf: - # don't write journal to sd-card, - 'Journal.Storage': 'volatile' - # just keep the last 16M in memory - 'Journal.RuntimeMaxUse': '16M' - 'Journal.ForwardToSyslog': 'no' - -apt_repos: - raspbian: - # doesn't support https, psh - uri: 'http://raspbian.raspberrypi.org/raspbian' - suite: '{{ ansible_distribution_release }}' - -apt_packages: - # remove all this crap - 'vim-tiny': absent - 'mountall': absent - 'libmnl-dev': absent - 'cifs-utils': absent - 'samba-common': absent - 'nfs-common': absent - 'blends-tasks': absent - 'info': absent - 'geoip-database': absent - 'iso-codes': absent - 'dmidecode': absent - 'debconf-i18n': absent - 'rename': absent - 'libpng-tools': absent - 'v4l-utils': absent - 'hardlink': absent - 'libpam-chksshpwd': absent - 'libsysfs2': absent - 'ed': absent - 'ncdu': absent - 'libpng-dev': absent - 'fakeroot': absent - 'libusb-0.1-4': absent - 'libpng16-16': absent - 'libfakeroot': absent - 'libboost-iostreams1.60.0': absent - 'libboost-iostreams1.58.0': absent - 'tcpd': absent - 'libmtp-runtime': absent - 'libglib2.0-data': absent - 'libfreetype6-dev': absent - 'dphys-swapfile': absent - 'luajit': absent - 'libsasl2-modules': absent - 'libestr0': absent - 'libfastjson4': absent - 'net-tools': absent - 'gdb': absent - 'gdbm-l10n': absent - 'xdg-user-dirs': absent - 'raspberrypi-net-mods': absent - 'libdns-export1104': absent - 'liblogging-stdlog0': absent - 'liblognorm5': absent - 'libudev0': absent - 'libnih-dbus1': absent - 'libnih1': absent - 'plymouth': absent - 'libplymouth4': absent - 'apt-listchanges': absent - 'xml-core': absent - 'rsyslog': absent - 'libident': absent - 'libsigc++-1.2-5c2': absent - 'paxctl': absent - 'paxctld': absent - 'libfile-fcntllock-perl': absent - 'libalgorithm-merge-perl': absent - 'libalgorithm-diff-xs-perl': absent - 'libtext-iconv-perl': absent - 'libtext-wrapi18n-perl': absent - 'libtext-charwidth-perl': absent - 'xauth': absent - 'shared-mime-info': absent - 'libdrm2': absent - 'isc-dhcp-common': absent - 'libdns-export162': absent - 'libisc-export160': absent - 'policykit-1': absent - 'build-essential': absent - 'libc6-dbg': absent - 'libc6-dev': absent - 'pkg-config': absent - 'libraspberrypi-dev': absent - 'gcc': absent - 'cpp': absent - 'gcc-7-base': absent - 'gcc-6': absent - 'gcc-5-base': absent - 'gcc-4.9-base': absent - 'gcc-4.8-base': absent - 'gcc-4.7-base': absent - 'gcc-4.6-base': absent - 'isc-dhcp-client': absent - 'dpkg-dev': absent - 'libdpkg-perl': absent - 'apt-utils': absent - 'avahi-daemon': absent - 'dhcpcd5': absent - -# vim: set ts=2 sw=2 et: diff --git a/roles/raspbian/vars/main.yml b/roles/raspbian/vars/main.yml new file mode 100644 index 0000000..fb95833 --- /dev/null +++ b/roles/raspbian/vars/main.yml @@ -0,0 +1,118 @@ +--- +journald_conf_default: + # don't write journal to sd-card, + 'Journal.Storage': 'volatile' + # just keep the last 16M in memory + 'Journal.RuntimeMaxUse': '16M' + 'Journal.ForwardToSyslog': 'no' + +apt_repos_default: + raspbian: + # doesn't support https, psh + uri: 'http://raspbian.raspberrypi.org/raspbian' + suite: '{{ ansible_distribution_release }}' + +apt_packages_default: + # copied from debian role + 'netbase': present + 'apt-transport-https': present + 'dialog': present + 'libpam-systemd': present + 'libnss-myhostname': present + 'vim': present + 'deborphan': present + 'openssh-server': present + 'sudo': present + + # remove all this crap + 'vim-tiny': absent + 'mountall': absent + 'libmnl-dev': absent + 'cifs-utils': absent + 'samba-common': absent + 'nfs-common': absent + 'blends-tasks': absent + 'info': absent + 'geoip-database': absent + 'iso-codes': absent + 'dmidecode': absent + 'debconf-i18n': absent + 'rename': absent + 'libpng-tools': absent + 'v4l-utils': absent + 'hardlink': absent + 'libpam-chksshpwd': absent + 'libsysfs2': absent + 'ed': absent + 'ncdu': absent + 'libpng-dev': absent + 'fakeroot': absent + 'libusb-0.1-4': absent + 'libpng16-16': absent + 'libfakeroot': absent + 'libboost-iostreams1.60.0': absent + 'libboost-iostreams1.58.0': absent + 'tcpd': absent + 'libmtp-runtime': absent + 'libglib2.0-data': absent + 'libfreetype6-dev': absent + 'dphys-swapfile': absent + 'luajit': absent + 'libsasl2-modules': absent + 'libestr0': absent + 'libfastjson4': absent + 'net-tools': absent + 'gdb': absent + 'gdbm-l10n': absent + 'xdg-user-dirs': absent + 'raspberrypi-net-mods': absent + 'libdns-export1104': absent + 'liblogging-stdlog0': absent + 'liblognorm5': absent + 'libudev0': absent + 'libnih-dbus1': absent + 'libnih1': absent + 'plymouth': absent + 'libplymouth4': absent + 'apt-listchanges': absent + 'xml-core': absent + 'rsyslog': absent + 'libident': absent + 'libsigc++-1.2-5c2': absent + 'paxctl': absent + 'paxctld': absent + 'libfile-fcntllock-perl': absent + 'libalgorithm-merge-perl': absent + 'libalgorithm-diff-xs-perl': absent + 'libtext-iconv-perl': absent + 'libtext-wrapi18n-perl': absent + 'libtext-charwidth-perl': absent + 'xauth': absent + 'shared-mime-info': absent + 'libdrm2': absent + 'isc-dhcp-common': absent + 'libdns-export162': absent + 'libisc-export160': absent + 'policykit-1': absent + 'build-essential': absent + 'libc6-dbg': absent + 'libc6-dev': absent + 'pkg-config': absent + 'libraspberrypi-dev': absent + 'gcc': absent + 'cpp': absent + 'gcc-7-base': absent + 'gcc-6': absent + 'gcc-5-base': absent + 'gcc-4.9-base': absent + 'gcc-4.8-base': absent + 'gcc-4.7-base': absent + 'gcc-4.6-base': absent + 'isc-dhcp-client': absent + 'dpkg-dev': absent + 'libdpkg-perl': absent + 'apt-utils': absent + 'avahi-daemon': absent + 'dhcpcd5': absent + +# vim: set ts=2 sw=2 et: -- cgit v1.2.1