Add role for services

hosts.yaml

@@ -20,6 +20,9 @@ all:
         music:
           hosts:
             music.bitlair.nl:
+        services:
+          hosts:
+            service.bitlair.nl:
         www:
           hosts:
             cyber.bitlair.nl:

roles/services/handlers/main.yaml

@@ -0,0 +1,20 @@
+---
+- import_tasks: ../../common/handlers/main.yaml
+
+- name: restart irc-bot
+  systemd:
+    name: irc-bot
+    state: restarted
+    daemon_reload: true
+
+- name: restart siahsd
+  systemd:
+    name: siahsd
+    state: restarted
+    daemon_reload: true
+
+- name: restart spacestated
+  systemd:
+    name: spacestated
+    state: restarted
+    daemon_reload: true

roles/services/tasks/main.yaml

@@ -0,0 +1,6 @@
+---
+- tags: services_siahsd
+  import_tasks: siahsd.yaml
+
+- tags: services_spacestated
+  import_tasks: spacestated.yaml

roles/services/tasks/siahsd.yaml

@@ -0,0 +1,36 @@
+---
+# TODO: Install and build
+
+- name: Create log dir
+  file:
+    path: /var/log/siahsd
+    state: directory
+    owner: siahsd
+    group: nogroup
+
+- name: Install service file
+  template:
+    src: siahsd.service
+    dest: /etc/systemd/system/siahsd.service
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart siahsd
+
+- name: Start siahsd
+  systemd:
+    name: siahsd
+    state: started
+    enabled: yes
+    daemon_reload: true
+
+- name: Allow siahsd traffic
+  iptables:
+    chain: INPUT
+    protocol: udp
+    destination_port: "4000"
+    jump: ACCEPT
+    ip_version: "{{ item }}"
+    action: insert
+  with_items: [ ipv4, ipv6 ]
+  notify: persist iptables

roles/services/tasks/spacestated.yaml

@@ -0,0 +1,30 @@
+---
+- name: Install mqtt-simple
+  command: cpan Net::MQTT::Simple
+
+- name: Install dependencies
+  apt:
+    name: [ php-cli, php-snmp ]
+
+- name: Add user
+  user:
+    name: spacestated
+    home: /var/lib/spacestated
+    generate_ssh_key: yes
+    ssh_key_type: ed25519
+
+- name: Clone source
+  git:
+    repo: https://github.com/bitlair/spacestated.git
+    version: main
+    dest: /var/lib/spacestated/spacestated
+    accept_hostkey: yes
+
+- name: Install service file
+  template:
+    src: spacestated.service
+    dest: /etc/systemd/system/spacestated.service
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart spacestated

roles/services/templates/siahsd.conf

@@ -0,0 +1,39 @@
+[siahsd]
+pid file = /run/siahsd.pid
+log file = /var/log/siahsd/siahsd.log
+log level = 3
+foreground = 0
+event handlers = script
+
+#[database]
+#driver = mysql
+#host = localhost
+#name = siahsd
+#username = siahsd
+#password = MysbJxAaawmwKPqD
+
+[siahs]
+port = 4000
+
+[secip]
+port = 9000
+rsa key file = something.sexp
+
+#[jsonbot]
+#address = 192.168.88.15
+#port = 5500
+#aes key = blablablablablaz
+#password = mekker
+#privmsg to = #bitlair
+
+#[spacestate]
+#driver = mysql
+#host = localhost
+#name = bitwifi
+#username = bitwifi
+#password = aGWERQpLEQPUaXJV
+#open script = /opt/alarm/disarmed.sh
+#close script = /opt/alarm/armed.sh
+
+[script]
+path = /opt/alarm/siahsd_handler.sh

roles/services/templates/siahsd.service

@@ -0,0 +1,17 @@
+# Managed by Ansible
+
+[Unit]
+Description=Siahsd
+After=network.target
+
+[Service]
+Type=forking
+PIDFile=/run/siahsd.pid
+Restart=always
+RestartSec=2s
+ExecStart=/usr/local/src/siahsd/build/siahsd
+User=siahsd
+
+[Install]
+WantedBy=multi-user.target
+

roles/services/templates/spacestated.service

@@ -0,0 +1,15 @@
+# Managed by Ansible
+
+[Unit]
+Description=Bitlair Spacestate
+After=network.target
+
+[Service]
+Type=simple
+Restart=on-failure
+RestartSec=2s
+ExecStart=/var/lib/spacestated/spacestated/spacestated
+User=spacestated
+
+[Install]
+WantedBy=multi-user.target

services.yaml

@@ -0,0 +1,5 @@
+---
+- hosts: services
+  roles:
+    - common
+    - services