Compare commits
3 commits
Author | SHA1 | Date | |
---|---|---|---|
a30d388422 | |||
77c1732623 | |||
d0cd352b4a |
110 changed files with 804 additions and 1362 deletions
14
.ansible-lint
Normal file
14
.ansible-lint
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
#warn_list: # or 'skip_list' to silence them completely
|
||||||
|
skip_list:
|
||||||
|
- experimental
|
||||||
|
- var-naming[no-role-prefix]
|
||||||
|
- name
|
||||||
|
warn_list:
|
||||||
|
- '204' # Lines should be no longer than 160 chars
|
||||||
|
- no-handler
|
||||||
|
- ignore-errors
|
||||||
|
- fqcn-builtins
|
||||||
|
- fqcn
|
||||||
|
- partial-become[task]
|
||||||
|
- template-instead-of-copy
|
||||||
|
offline: true
|
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
.password-store
|
||||||
|
.gitignore
|
||||||
|
.envrc
|
|
@ -15,3 +15,8 @@ rules:
|
||||||
max-spaces-after: -1
|
max-spaces-after: -1
|
||||||
commas:
|
commas:
|
||||||
max-spaces-after: -1
|
max-spaces-after: -1
|
||||||
|
comments:
|
||||||
|
min-spaces-from-content: 1
|
||||||
|
octal-values:
|
||||||
|
forbid-implicit-octal: true
|
||||||
|
forbid-explicit-octal: true
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICLZGbt/we3JQ482/NYcdOKGoKDOj1MgmYFP2GDmjLw/ kyan@flandre
|
|
53
bitlair.yaml
53
bitlair.yaml
|
@ -1,77 +1,80 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- hosts: all
|
- name: common
|
||||||
|
hosts: all
|
||||||
gather_facts: true
|
gather_facts: true
|
||||||
roles:
|
roles:
|
||||||
- { role: "common", tags: ["common"] }
|
- { role: "common", tags: ["common"] }
|
||||||
- { role: "nft", tags: ["nft"] }
|
- { role: "nft", tags: ["nft"] }
|
||||||
|
|
||||||
- hosts: bank
|
- name: bank
|
||||||
|
hosts: bank
|
||||||
roles:
|
roles:
|
||||||
- { role: "bank", tags: ["bank"] }
|
- { role: "bank", tags: ["bank"] }
|
||||||
|
|
||||||
- hosts: homeassistant
|
- name: homeassistant
|
||||||
|
hosts: homeassistant
|
||||||
roles:
|
roles:
|
||||||
- { role: "acme", tags: ["acme"] }
|
- { role: "acme", tags: ["acme"] }
|
||||||
- { role: "nginx", tags: ["nginx"] }
|
- { role: "nginx", tags: ["nginx"] }
|
||||||
|
|
||||||
- hosts: raspi
|
- name: raspi
|
||||||
|
hosts: raspi
|
||||||
roles:
|
roles:
|
||||||
- { role: "raspi", tags: ["raspi"] }
|
- { role: "raspi", tags: ["raspi"] }
|
||||||
- { role: "bank-terminal", tags: ["bank-terminal"] }
|
- { role: "bank-terminal", tags: ["bank-terminal"] }
|
||||||
|
|
||||||
- hosts: fotos
|
- name: fotos
|
||||||
|
hosts: fotos
|
||||||
roles:
|
roles:
|
||||||
- { role: "photos", tags: ["photos"] }
|
- { role: "photos", tags: ["photos"] }
|
||||||
|
|
||||||
- hosts: git-ci
|
- name: CI
|
||||||
|
hosts: git-ci
|
||||||
roles:
|
roles:
|
||||||
- { role: "git_ci", tags: ["git_ci"] }
|
- { role: "git-ci", tags: ["git-ci"] }
|
||||||
|
|
||||||
- hosts: git
|
- name: git
|
||||||
|
hosts: git
|
||||||
roles:
|
roles:
|
||||||
- { role: "acme", tags: ["acme"] }
|
- { role: "acme", tags: ["acme"] }
|
||||||
- { role: "nginx", tags: ["nginx"] }
|
- { role: "nginx", tags: ["nginx"] }
|
||||||
- { role: "git-server", tags: ["git-server"] }
|
- { role: "git-server", tags: ["git-server"] }
|
||||||
|
|
||||||
- hosts: monitoring
|
- name: monitoring
|
||||||
|
hosts: monitoring
|
||||||
roles:
|
roles:
|
||||||
- { role: "acme", tags: ["acme"] }
|
- { role: "acme", tags: ["acme"] }
|
||||||
- { role: "nginx", tags: ["nginx"] }
|
- { role: "nginx", tags: ["nginx"] }
|
||||||
- { role: "monitoring", tags: ["monitoring"] }
|
- { role: "monitoring", tags: ["monitoring"] }
|
||||||
|
|
||||||
- hosts: mqtt
|
- name: mqtt
|
||||||
|
hosts: mqtt
|
||||||
roles:
|
roles:
|
||||||
- { role: "mqtt", tags: ["mqtt"] }
|
- { role: "mqtt", tags: ["mqtt"] }
|
||||||
|
|
||||||
- hosts: music
|
- name: music
|
||||||
|
hosts: music
|
||||||
roles:
|
roles:
|
||||||
- { role: "acme", tags: ["acme"] }
|
- { role: "acme", tags: ["acme"] }
|
||||||
|
- { role: "go", tags: ["go"] }
|
||||||
- { role: "music", tags: ["music"] }
|
- { role: "music", tags: ["music"] }
|
||||||
|
|
||||||
- hosts: pad
|
- name: pad
|
||||||
|
hosts: pad
|
||||||
roles:
|
roles:
|
||||||
- { role: "acme", tags: ["acme"] }
|
- { role: "acme", tags: ["acme"] }
|
||||||
- { role: "nginx", tags: ["nginx"] }
|
- { role: "nginx", tags: ["nginx"] }
|
||||||
- { role: "etherpad", tags: ["etherpad"] }
|
- { role: "etherpad", tags: ["etherpad"] }
|
||||||
|
|
||||||
- hosts: services
|
- name: services
|
||||||
|
hosts: services
|
||||||
roles:
|
roles:
|
||||||
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
|
|
||||||
- { role: "services", tags: ["services"] }
|
- { role: "services", tags: ["services"] }
|
||||||
|
|
||||||
- hosts: wiki
|
- name: wiki
|
||||||
|
hosts: wiki
|
||||||
roles:
|
roles:
|
||||||
- { role: "acme", tags: ["acme"] }
|
- { role: "acme", tags: ["acme"] }
|
||||||
- { role: "nginx", tags: ["nginx"] }
|
- { role: "nginx", tags: ["nginx"] }
|
||||||
- { role: "www", tags: ["www"] }
|
- { role: "www", tags: ["www"] }
|
||||||
|
|
||||||
- hosts: chat
|
|
||||||
roles:
|
|
||||||
- { role: "acme", tags: [ "acme" ] }
|
|
||||||
- { role: "nginx", tags: [ "nginx" ] }
|
|
||||||
- { role: "chat", tags: [ "chat" ] }
|
|
||||||
|
|
||||||
- hosts: ldap
|
|
||||||
roles:
|
|
||||||
- { role: "common", tags: [ "common" ] }
|
|
||||||
|
|
10
chat.yaml
10
chat.yaml
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: chat
|
|
||||||
roles:
|
|
||||||
- { role: "common", tags: [ "common" ] }
|
|
||||||
- { role: "nft", tags: [ "nft" ] }
|
|
||||||
- { role: "nginx", tags: [ "nginx" ] }
|
|
||||||
- { role: "acme", tags: [ "acme" ] }
|
|
||||||
- { role: "nodesource", tags: [ "nodesource" ] }
|
|
||||||
- { role: "chat", tags: [ "chat" ] }
|
|
|
@ -3,4 +3,4 @@
|
||||||
- hosts: git-ci
|
- hosts: git-ci
|
||||||
roles:
|
roles:
|
||||||
- { role: "common", tags: [ "common" ] }
|
- { role: "common", tags: [ "common" ] }
|
||||||
- { role: "git_ci", tags: [ "git_ci" ] }
|
- { role: "git-ci", tags: [ "git-ci" ] }
|
||||||
|
|
|
@ -36,8 +36,3 @@ mqtt_public_host: bitlair.nl
|
||||||
debian_repourl: "http://deb.debian.org/debian/"
|
debian_repourl: "http://deb.debian.org/debian/"
|
||||||
debian_securityurl: "http://security.debian.org/debian-security"
|
debian_securityurl: "http://security.debian.org/debian-security"
|
||||||
|
|
||||||
deb_forgejo_repos:
|
|
||||||
- host: git.bitlair.nl
|
|
||||||
owner: bitlair
|
|
||||||
- host: git.polyfloyd.net
|
|
||||||
owner: polyfloyd
|
|
||||||
|
|
|
@ -1,36 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
root_access:
|
|
||||||
- blackdragon
|
|
||||||
- ak
|
|
||||||
- foobar
|
|
||||||
- polyfloyd
|
|
||||||
|
|
||||||
nodejs_version: 22.x
|
|
||||||
thelounge_version: "4.4.3"
|
|
||||||
thelounge_ldap_url: ldaps://ldap.bitlair.nl
|
|
||||||
thelounge_ldap_filter: (objectClass=inetOrgPerson)
|
|
||||||
thelounge_ldap_base: ou=Members,dc=bitlair,dc=nl
|
|
||||||
chat_hostname: chat.bitlair.nl
|
|
||||||
|
|
||||||
acme_domains:
|
|
||||||
- "{{ chat_hostname }}"
|
|
||||||
|
|
||||||
nginx_sites:
|
|
||||||
- server_name: "{{ chat_hostname }}"
|
|
||||||
config:
|
|
||||||
- |-
|
|
||||||
location / {
|
|
||||||
proxy_pass http://127.0.0.1:9000/;
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_set_header Connection "upgrade";
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header X-Forwarded-For $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
|
|
||||||
# by default nginx times out connections in one minute
|
|
||||||
proxy_read_timeout 1d;
|
|
||||||
}
|
|
||||||
|
|
||||||
group_nft_input:
|
|
||||||
- "tcp dport { http, https } accept # Allow web-traffic from world"
|
|
|
@ -6,18 +6,12 @@ nft: false
|
||||||
root_access:
|
root_access:
|
||||||
- ak
|
- ak
|
||||||
- bob
|
- bob
|
||||||
|
- eightdot
|
||||||
- foobar
|
- foobar
|
||||||
- polyfloyd
|
- polyfloyd
|
||||||
|
|
||||||
nginx_client_max_body_size: 512M
|
nginx_client_max_body_size: 512M
|
||||||
nginx_sites:
|
|
||||||
- server_name: "music.bitlair.nl"
|
|
||||||
snippets:
|
|
||||||
- "music-nginx.j2"
|
|
||||||
|
|
||||||
music_domain: music.bitlair.nl
|
music_domain: music.bitlair.nl
|
||||||
acme_san_domains:
|
acme_san_domains:
|
||||||
- [ music.bitlair.nl ]
|
- [ music.bitlair.nl ]
|
||||||
|
|
||||||
music_bitpanel_host: bitpanel.bitlair.nl
|
|
||||||
music_bitpanel_port: 1337
|
|
||||||
|
|
|
@ -17,8 +17,7 @@ blockchain.bitlair.nl
|
||||||
git.bitlair.nl
|
git.bitlair.nl
|
||||||
|
|
||||||
[git-ci]
|
[git-ci]
|
||||||
git-ci01.bitlair.nl
|
git-ci.bitlair.nl
|
||||||
git-ci02.bitlair.nl
|
|
||||||
|
|
||||||
[pad]
|
[pad]
|
||||||
pad.bitlair.nl
|
pad.bitlair.nl
|
||||||
|
@ -50,9 +49,6 @@ homeassistant.bitlair.nl
|
||||||
[chat]
|
[chat]
|
||||||
chat.bitlair.nl
|
chat.bitlair.nl
|
||||||
|
|
||||||
[ldap]
|
|
||||||
ldap-new.bitlair.nl
|
|
||||||
|
|
||||||
[debian:children]
|
[debian:children]
|
||||||
bank
|
bank
|
||||||
fotos
|
fotos
|
||||||
|
|
1
lint.sh
1
lint.sh
|
@ -1,5 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
j2lint `find ./ -type f -name '*.j2'`
|
j2lint `find ./ -type f -name '*.j2'`
|
||||||
|
yamllint -c .yamllint.yaml .
|
||||||
ansible-lint bitlair.yaml
|
ansible-lint bitlair.yaml
|
||||||
|
|
||||||
|
|
|
@ -4,6 +4,5 @@
|
||||||
roles:
|
roles:
|
||||||
- { role: "common", tags: [ "common" ] }
|
- { role: "common", tags: [ "common" ] }
|
||||||
- { role: "acme", tags: [ "acme" ] }
|
- { role: "acme", tags: [ "acme" ] }
|
||||||
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
|
|
||||||
- { role: "nginx", tags: [ "nginx" ] }
|
- { role: "nginx", tags: [ "nginx" ] }
|
||||||
- { role: "monitoring", tags: [ "monitoring" ] }
|
- { role: "monitoring", tags: [ "monitoring" ] }
|
||||||
|
|
|
@ -4,6 +4,6 @@
|
||||||
roles:
|
roles:
|
||||||
- { role: "common", tags: [ "common" ] }
|
- { role: "common", tags: [ "common" ] }
|
||||||
- { role: "acme", tags: [ "acme" ] }
|
- { role: "acme", tags: [ "acme" ] }
|
||||||
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
|
- { role: "go", tags: [ "go" ] }
|
||||||
- { role: "nginx", tags: [ "nginx" ] }
|
# - { role: "nginx", tags: [ "nginx" ] }
|
||||||
- { role: "music", tags: [ "music" ] }
|
- { role: "music", tags: [ "music" ] }
|
||||||
|
|
1
pad.yaml
1
pad.yaml
|
@ -9,5 +9,4 @@
|
||||||
- { role: "nft", tags: [ "nft" ] }
|
- { role: "nft", tags: [ "nft" ] }
|
||||||
- { role: "acme", tags: [ "acme" ] }
|
- { role: "acme", tags: [ "acme" ] }
|
||||||
- { role: "nginx", tags: [ "nginx" ] }
|
- { role: "nginx", tags: [ "nginx" ] }
|
||||||
- { role: "nodesource", tags: [ "nodesource" ] }
|
|
||||||
- { role: "etherpad", tags: [ "etherpad" ] }
|
- { role: "etherpad", tags: [ "etherpad" ] }
|
||||||
|
|
|
@ -1,9 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: update_contact_info
|
|
||||||
ansible.builtin.command:
|
|
||||||
cmd: dehydrated --account
|
|
||||||
|
|
||||||
- name: run dehydrated
|
- name: run dehydrated
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: dehydrated --cron
|
cmd: dehydrated --cron
|
||||||
|
|
|
@ -4,11 +4,11 @@
|
||||||
block:
|
block:
|
||||||
- name: Add user
|
- name: Add user
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: bank-terminal
|
name: "bank-terminal"
|
||||||
home: /home/{{ bank_terminal_user }}
|
home: "/home/{{ bank_terminal_user }}"
|
||||||
shell: /home/{{ bank_terminal_user }}/login
|
shell: "/home/{{ bank_terminal_user }}/login"
|
||||||
generate_ssh_key: yes
|
generate_ssh_key: yes
|
||||||
ssh_key_type: ed25519
|
ssh_key_type: "ed25519"
|
||||||
|
|
||||||
- name: Locate agetty
|
- name: Locate agetty
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
|
@ -16,34 +16,35 @@
|
||||||
register: agetty_location_cmd
|
register: agetty_location_cmd
|
||||||
|
|
||||||
- name: Set agetty var
|
- name: Set agetty var
|
||||||
ansible.builtin.set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}"
|
ansible.builtin.set_fact:
|
||||||
|
agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}"
|
||||||
|
|
||||||
- name: Install login script
|
- name: Install login script
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: login
|
src: "login"
|
||||||
dest: /home/{{ bank_terminal_user }}/login
|
dest: "/home/{{ bank_terminal_user }}/login"
|
||||||
owner: bank-terminal
|
owner: "bank-terminal"
|
||||||
group: bank-terminal
|
group: "bank-terminal"
|
||||||
mode: 0755
|
mode: "0755"
|
||||||
|
|
||||||
- name: Autologin User
|
- name: Autologin User
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: tty_autologin.conf
|
src: "tty_autologin.conf"
|
||||||
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
|
dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: daemon_reload
|
notify: daemon_reload
|
||||||
|
|
||||||
- name: Clear MOTD
|
- name: Clear MOTD
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: ""
|
content: ""
|
||||||
dest: /etc/motd
|
dest: "/etc/motd"
|
||||||
|
|
||||||
# Set console font so the Revbank QR codes are rendered correctly.
|
# Set console font so the Revbank QR codes are rendered correctly.
|
||||||
- name: Console setup
|
- name: Console setup
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: /etc/default/console-setup
|
path: "/etc/default/console-setup"
|
||||||
line: '{{ item.k }}="{{ item.v }}"'
|
line: '{{ item.k }}="{{ item.v }}"'
|
||||||
regexp: "^#?{{ item.k }}"
|
regexp: "^#?{{ item.k }}"
|
||||||
with_items:
|
with_items:
|
||||||
|
@ -56,8 +57,8 @@
|
||||||
|
|
||||||
- name: Console Setup Management Note
|
- name: Console Setup Management Note
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: /etc/default/console-setup
|
path: "/etc/default/console-setup"
|
||||||
line: '# Managed by Ansible'
|
line: "# Managed by Ansible"
|
||||||
insertafter: "CONFIGURATION FILE"
|
insertafter: "CONFIGURATION FILE"
|
||||||
|
|
||||||
- name: Read pubkey
|
- name: Read pubkey
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
bank_user: bank
|
bank_user: bank
|
||||||
|
bank_revbank_git: https://git.bitlair.nl/bitlair/revbank.git
|
||||||
bank_local_tty: no
|
bank_local_tty: no
|
||||||
bank_revbank_version: "10.5.1"
|
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
name: bank
|
name: bank
|
||||||
password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank"
|
password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank"
|
||||||
home: /home/{{ bank_user }}
|
home: /home/{{ bank_user }}
|
||||||
shell: /usr/local/share/revbank/revbank
|
shell: /home/{{ bank_user }}/revbank.git/revbank
|
||||||
update_password: always
|
update_password: always
|
||||||
|
|
||||||
- name: Allow password auth for bank user
|
- name: Allow password auth for bank user
|
||||||
|
@ -13,7 +13,7 @@
|
||||||
insertafter: EOF
|
insertafter: EOF
|
||||||
validate: "/usr/sbin/sshd -t -f %s"
|
validate: "/usr/sbin/sshd -t -f %s"
|
||||||
block: |-
|
block: |-
|
||||||
Match User {{ bank_user }}
|
Match User bank
|
||||||
PasswordAuthentication yes
|
PasswordAuthentication yes
|
||||||
notify: reload sshd
|
notify: reload sshd
|
||||||
|
|
||||||
|
@ -41,14 +41,14 @@
|
||||||
|
|
||||||
- name: Create getty dir
|
- name: Create getty dir
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /etc/systemd/system/getty@tty1.service.d
|
path: "/etc/systemd/system/getty@tty1.service.d"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Autologin User
|
- name: Autologin User
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: tty_autologin.conf
|
src: "tty_autologin.conf"
|
||||||
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
|
dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: daemon reload
|
notify: daemon reload
|
||||||
|
|
|
@ -23,18 +23,18 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: revbank-deposit.conf
|
src: revbank-deposit.conf
|
||||||
dest: /etc/revbank-deposit.conf
|
dest: /etc/revbank-deposit.conf
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0600
|
mode: "0600"
|
||||||
notify: Restart revbank-deposit
|
notify: Restart revbank-deposit
|
||||||
|
|
||||||
- name: Install revbank-deposit service
|
- name: Install revbank-deposit service
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: revbank-deposit.service
|
src: revbank-deposit.service
|
||||||
dest: /etc/systemd/system/revbank-deposit.service
|
dest: /etc/systemd/system/revbank-deposit.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Restart revbank-deposit
|
notify: Restart revbank-deposit
|
||||||
|
|
||||||
- name: Start revbank-deposit
|
- name: Start revbank-deposit
|
||||||
|
@ -44,4 +44,4 @@
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
- meta: flush_handlers
|
- ansible.builtin.meta: flush_handlers
|
||||||
|
|
|
@ -1,22 +1,50 @@
|
||||||
---
|
---
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl ]
|
name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl, qrencode ]
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Clone revbank source
|
- name: Clone revbank source
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: https://github.com/revspace/revbank.git
|
repo: "{{ bank_revbank_git }}"
|
||||||
version: "v{{ bank_revbank_version }}"
|
version: master
|
||||||
dest: /usr/local/share/revbank
|
dest: /home/{{ bank_user }}/revbank.git
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
|
|
||||||
- name: Clone revbank-plugin source
|
- name: Create data files
|
||||||
ansible.builtin.git:
|
ansible.builtin.command: cp /home/{{ bank_user }}/revbank.git/{{ item }} /home/{{ bank_user }}/{{ item }}
|
||||||
repo: https://git.bitlair.nl/bitlair/revbank-plugins.git
|
args:
|
||||||
version: main
|
creates: /home/{{ bank_user }}/{{ item }}
|
||||||
dest: /usr/local/share/revbank-plugins
|
with_items:
|
||||||
accept_hostkey: yes
|
- revbank.accounts
|
||||||
|
- revbank.market
|
||||||
|
- revbank.products
|
||||||
|
|
||||||
|
- name: Ensure data file permissions
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /home/{{ bank_user }}/{{ item }}
|
||||||
|
state: touch
|
||||||
|
owner: "{{ bank_user }}"
|
||||||
|
group: "{{ bank_user }}"
|
||||||
|
mode: "0644"
|
||||||
|
with_items:
|
||||||
|
- revbank.accounts
|
||||||
|
- revbank.market
|
||||||
|
- revbank.products
|
||||||
|
|
||||||
|
- name: Link plugins
|
||||||
|
ansible.builtin.file:
|
||||||
|
state: link
|
||||||
|
path: /home/{{ bank_user }}/{{ item }}
|
||||||
|
src: /home/{{ bank_user }}/revbank.git/{{ item }}
|
||||||
|
with_items:
|
||||||
|
- plugins
|
||||||
|
- revbank.plugins
|
||||||
|
|
||||||
|
- name: Create git data dir
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /home/{{ bank_user }}/data.git
|
||||||
|
state: directory
|
||||||
|
|
||||||
- name: Install git cronjob
|
- name: Install git cronjob
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
SHELL=/bin/bash
|
SHELL=/bin/bash
|
||||||
|
|
||||||
#m h dom mon dow user command
|
#m h dom mon dow user command
|
||||||
*/10 * * * * {{ bank_user }} git -C ~/.revbank pull -r && git -C ~/.revbank push && git -C ~/.revbank gc
|
0 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products)
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
chat_user: thelounge
|
|
||||||
chat_group: thelounge
|
|
||||||
chat_configdir: "/etc/thelounge"
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Reload systemd
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
daemon_reload: yes
|
|
||||||
|
|
||||||
- name: Restart thelounge
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: thelounge
|
|
||||||
state: restarted
|
|
||||||
enabled: true
|
|
|
@ -1,92 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Install dependencies
|
|
||||||
ansible.builtin.apt:
|
|
||||||
state: present
|
|
||||||
pkg:
|
|
||||||
- build-essential
|
|
||||||
- nodejs
|
|
||||||
|
|
||||||
- name: Ensure directories are present
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
owner: "{{ chat_user }}"
|
|
||||||
group: "{{ chat_group }}"
|
|
||||||
state: "{{ item.state | default('directory') }}"
|
|
||||||
mode: "{{ item.mode | default('0770') }}"
|
|
||||||
with_items:
|
|
||||||
- { path: "{{ chat_configdir }}" }
|
|
||||||
- { path: "/var/local/thelounge/users" }
|
|
||||||
- { path: "/var/local/thelounge/storage" }
|
|
||||||
notify:
|
|
||||||
- Restart thelounge
|
|
||||||
|
|
||||||
- name: Install nodejs
|
|
||||||
ansible.builtin.apt:
|
|
||||||
|
|
||||||
- name: Install yarn
|
|
||||||
ansible.builtin.shell:
|
|
||||||
cmd: npm install --global yarn
|
|
||||||
|
|
||||||
- ansible.builtin.stat:
|
|
||||||
path: /opt/thelounge
|
|
||||||
register: src_path
|
|
||||||
|
|
||||||
- name: Retreive thelounge source
|
|
||||||
block:
|
|
||||||
- name: Checkout source
|
|
||||||
ansible.builtin.git:
|
|
||||||
repo: 'https://github.com/revspace/thelounge.git'
|
|
||||||
dest: /opt/thelounge
|
|
||||||
version: 9d6dc83
|
|
||||||
force: true
|
|
||||||
|
|
||||||
- name: Copy patch
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: thelounge-bitlair.patch
|
|
||||||
dest: /tmp/thelounge-bitlair.patch
|
|
||||||
|
|
||||||
- name: Apply patch
|
|
||||||
ansible.builtin.shell:
|
|
||||||
chdir: /opt/thelounge
|
|
||||||
cmd: git apply /tmp/thelounge-bitlair.patch
|
|
||||||
when: not src_path.stat.exists
|
|
||||||
|
|
||||||
- name: Build and install thelounge
|
|
||||||
ansible.builtin.shell:
|
|
||||||
chdir: /opt/thelounge
|
|
||||||
cmd: yarn add sharp --ignore-engines && yarn install --include-optional sharp && NODE_ENV=production yarn build && ln -sf $(pwd)/index.js /usr/local/bin/thelounge
|
|
||||||
notify:
|
|
||||||
- Restart thelounge
|
|
||||||
|
|
||||||
- name: Ensure user thelounge is present
|
|
||||||
ansible.builtin.user:
|
|
||||||
name: thelounge
|
|
||||||
createhome: no
|
|
||||||
comment: The Lounge (IRC client)
|
|
||||||
system: yes
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Ensure JS and JSON syntax checking packages are installed
|
|
||||||
community.general.yarn:
|
|
||||||
name: "{{ item }}"
|
|
||||||
global: yes
|
|
||||||
# state: latest # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in
|
|
||||||
with_items:
|
|
||||||
- esprima
|
|
||||||
- jsonlint
|
|
||||||
# changed_when: no # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in
|
|
||||||
|
|
||||||
- name: Configure templates
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
owner: "{{ item.owner | default( chat_user ) }}"
|
|
||||||
group: "{{ item.group | default( chat_group ) }}"
|
|
||||||
mode: "{{ item.mode | default('0640') }}"
|
|
||||||
validate: "{{ item.validate | default([]) }}"
|
|
||||||
with_items:
|
|
||||||
- { src: "config.js.j2", dest: "/etc/thelounge/config.js", validate: 'esvalidate %s' }
|
|
||||||
- { src: "thelounge.service", dest: "/etc/systemd/system/thelounge.service", owner: root, group: root, notify: "Reload systemd" }
|
|
||||||
notify: "{{ item.notify | default('Restart thelounge') }}"
|
|
||||||
|
|
|
@ -1,59 +0,0 @@
|
||||||
"use strict";
|
|
||||||
|
|
||||||
module.exports = {
|
|
||||||
public: false,
|
|
||||||
port: 9000,
|
|
||||||
bind: "0.0.0.0",
|
|
||||||
host: "127.0.0.1",
|
|
||||||
reverseProxy: true,
|
|
||||||
lockNetwork: true,
|
|
||||||
maxHistory: 10000,
|
|
||||||
leaveMessage: "Doei!",
|
|
||||||
defaults: {
|
|
||||||
name: "Smurfnet",
|
|
||||||
password: "",
|
|
||||||
rejectUnauthorized: true,
|
|
||||||
nick: "",
|
|
||||||
username: "",
|
|
||||||
realname: "",
|
|
||||||
join: "#bitlair",
|
|
||||||
},
|
|
||||||
messageStorage: ["sqlite", "text"],
|
|
||||||
fileUpload: {
|
|
||||||
enable: true,
|
|
||||||
},
|
|
||||||
networks: {
|
|
||||||
Smurfnet: {
|
|
||||||
host: "irc.smurfnet.ch",
|
|
||||||
port: 6697,
|
|
||||||
tls: true,
|
|
||||||
rejectUnauthorized: false,
|
|
||||||
},
|
|
||||||
"Libera.Chat": {
|
|
||||||
host: "irc.libera.chat",
|
|
||||||
port: 6697,
|
|
||||||
tls: true,
|
|
||||||
rejectUnauthorized: true,
|
|
||||||
},
|
|
||||||
OFTC: {
|
|
||||||
host: "irc.oftc.net",
|
|
||||||
port: 6697,
|
|
||||||
tls: true,
|
|
||||||
rejectUnauthorized: true,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
identd: {
|
|
||||||
enable: false,
|
|
||||||
},
|
|
||||||
ldap: {
|
|
||||||
enable: true,
|
|
||||||
url: "{{ thelounge_ldap_url }}",
|
|
||||||
primaryKey: "uid",
|
|
||||||
searchDN: {
|
|
||||||
rootDN: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN subkey=binddn') }}",
|
|
||||||
rootPassword: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN') }}",
|
|
||||||
filter: "{{ thelounge_ldap_filter }}",
|
|
||||||
base: "{{ thelounge_ldap_base }}",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
};
|
|
|
@ -1,28 +0,0 @@
|
||||||
diff --git a/package.json b/package.json
|
|
||||||
index 2991a6ec..dac43f16 100644
|
|
||||||
--- a/package.json
|
|
||||||
+++ b/package.json
|
|
||||||
@@ -84,9 +84,7 @@
|
|
||||||
"ua-parser-js": "1.0.33",
|
|
||||||
"uuid": "8.3.2",
|
|
||||||
"web-push": "3.4.5",
|
|
||||||
- "yarn": "1.22.17"
|
|
||||||
- },
|
|
||||||
- "optionalDependencies": {
|
|
||||||
+ "yarn": "1.22.17",
|
|
||||||
"sqlite3": "5.1.7"
|
|
||||||
},
|
|
||||||
"devDependencies": {
|
|
||||||
diff --git a/server/plugins/auth/ldap.ts b/server/plugins/auth/ldap.ts
|
|
||||||
index e6093b0f..d30b9a1c 100644
|
|
||||||
--- a/server/plugins/auth/ldap.ts
|
|
||||||
+++ b/server/plugins/auth/ldap.ts
|
|
||||||
@@ -134,7 +134,7 @@ const ldapAuth: AuthHandler = (manager, client, user, password, callback) => {
|
|
||||||
// auth plugin API
|
|
||||||
function callbackWrapper(valid: boolean) {
|
|
||||||
if (valid && !client) {
|
|
||||||
- manager.addUser(user, null, false);
|
|
||||||
+ manager.addUser(user, null, true);
|
|
||||||
}
|
|
||||||
|
|
||||||
callback(valid);
|
|
|
@ -1,17 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=The Lounge (IRC client)
|
|
||||||
After=network-online.target
|
|
||||||
Wants=network-online.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
User={{ chat_user }}
|
|
||||||
Group={{ chat_group }}
|
|
||||||
Type=simple
|
|
||||||
Environment=THELOUNGE_HOME=/var/local/thelounge
|
|
||||||
ExecStart=/usr/local/bin/thelounge start
|
|
||||||
ProtectSystem=yes
|
|
||||||
ProtectHome=yes
|
|
||||||
PrivateTmp=yes
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
|
@ -3,7 +3,7 @@
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: update-grub
|
cmd: update-grub
|
||||||
|
|
||||||
- name: apt update
|
- name: Apt update
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
|
|
|
@ -4,9 +4,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: stable-sources.list
|
src: stable-sources.list
|
||||||
dest: /etc/apt/sources.list
|
dest: /etc/apt/sources.list
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
|
|
||||||
- name: Remove backports
|
- name: Remove backports
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
|
|
|
@ -30,7 +30,7 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: authorized_keys.j2
|
src: authorized_keys.j2
|
||||||
dest: /root/.ssh/authorized_keys
|
dest: /root/.ssh/authorized_keys
|
||||||
mode: 0600
|
mode: "0600"
|
||||||
when: root_access is defined and root_access
|
when: root_access is defined and root_access
|
||||||
tags: authorized_keys
|
tags: authorized_keys
|
||||||
|
|
||||||
|
|
|
@ -28,9 +28,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: network-interfaces
|
src: network-interfaces
|
||||||
dest: /etc/network/interfaces
|
dest: /etc/network/interfaces
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
when: network_br or network_dhcp or network_static
|
when: network_br or network_dhcp or network_static
|
||||||
|
|
||||||
- ansible.builtin.meta: flush_handlers
|
- ansible.builtin.meta: flush_handlers
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
deb_private_host: git.polyfloyd.net
|
|
|
@ -1,3 +0,0 @@
|
||||||
---
|
|
||||||
- ansible.builtin.import_tasks:
|
|
||||||
file: ../../common/handlers/main.yaml
|
|
|
@ -1,26 +0,0 @@
|
||||||
---
|
|
||||||
- tags: deb_forgejo
|
|
||||||
block:
|
|
||||||
- name: Install dependencies
|
|
||||||
apt:
|
|
||||||
name: apt-transport-https
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Install packaging key
|
|
||||||
get_url:
|
|
||||||
url: https://{{ item.host }}/api/packages/{{ item.owner }}/debian/repository.key
|
|
||||||
dest: /etc/apt/keyrings/{{ item.host }}-{{ item.owner }}.asc
|
|
||||||
mode: "0644"
|
|
||||||
with_items: "{{ deb_forgejo_repos }}"
|
|
||||||
notify: apt update
|
|
||||||
|
|
||||||
- name: Install sources.list
|
|
||||||
template:
|
|
||||||
src: sources.list
|
|
||||||
dest: /etc/apt/sources.list.d/deb-forgejo.list
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: "0644"
|
|
||||||
notify: apt update
|
|
||||||
|
|
||||||
- meta: flush_handlers
|
|
|
@ -1,5 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
{% for repo in deb_forgejo_repos %}
|
|
||||||
deb [signed-by=/etc/apt/keyrings/{{ repo.host }}-{{ repo.owner }}.asc] https://{{ repo.host }}/api/packages/{{ repo.owner }}/debian {{ repo.distro | default('stable') }} {{ repo.component | default('main') }}
|
|
||||||
{% endfor %}
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
nodejs_version: 22.x
|
||||||
etherpad_db_user: etherpad
|
etherpad_db_user: etherpad
|
||||||
etherpad_db_password: "{{ lookup('password', '/tmp/etherpad_db_password length=32') }}"
|
etherpad_db_password: "{{ lookup('password', '/tmp/etherpad_db_password length=32') }}"
|
||||||
etherpad_db_name: etherpad
|
etherpad_db_name: etherpad
|
||||||
|
|
|
@ -3,10 +3,36 @@
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
state: present
|
state: present
|
||||||
pkg:
|
pkg:
|
||||||
- nodejs
|
- gpg
|
||||||
- postgresql
|
- postgresql
|
||||||
- python3-psycopg2
|
- python3-psycopg2
|
||||||
|
- apt-transport-https
|
||||||
|
|
||||||
|
- name: Import nodesource signing key
|
||||||
|
ansible.builtin.shell:
|
||||||
|
cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor
|
||||||
|
-o /usr/share/keyrings/nodesource.gpg
|
||||||
|
args:
|
||||||
|
creates: /usr/share/keyrings/nodesource.gpg
|
||||||
|
notify: Apt update
|
||||||
|
|
||||||
|
- name: Install nodesource source list
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ item.dest }}"
|
||||||
|
owner: "{{ item.owner | default('root') }}"
|
||||||
|
group: "{{ item.group | default('root') }}"
|
||||||
|
with_items:
|
||||||
|
- { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list" }
|
||||||
|
- { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs" }
|
||||||
|
notify: Apt update
|
||||||
|
|
||||||
|
- ansible.builtin.meta: flush_handlers
|
||||||
|
|
||||||
|
- name: Install nodejs
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: nodejs
|
||||||
|
|
||||||
- name: Add database user
|
- name: Add database user
|
||||||
become: true
|
become: true
|
||||||
|
@ -34,17 +60,17 @@
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /var/log/etherpad.log
|
path: /var/log/etherpad.log
|
||||||
state: touch
|
state: touch
|
||||||
owner: etherpad
|
owner: "etherpad"
|
||||||
group: etherpad
|
group: "etherpad"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
|
|
||||||
- name: Create source directory
|
- name: Create source directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /opt/etherpad
|
path: /opt/etherpad
|
||||||
state: directory
|
state: directory
|
||||||
owner: etherpad
|
owner: "etherpad"
|
||||||
group: etherpad
|
group: "etherpad"
|
||||||
mode: 0755
|
mode: "0755"
|
||||||
|
|
||||||
- name: Clone etherpad source
|
- name: Clone etherpad source
|
||||||
become: yes
|
become: yes
|
||||||
|
@ -61,18 +87,18 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: settings.json
|
src: settings.json
|
||||||
dest: /opt/etherpad/settings.json
|
dest: /opt/etherpad/settings.json
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Restart etherpad
|
notify: Restart etherpad
|
||||||
|
|
||||||
- name: Install etherpad service
|
- name: Install etherpad service
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: etherpad.service
|
src: etherpad.service
|
||||||
dest: /etc/systemd/system/etherpad.service
|
dest: /etc/systemd/system/etherpad.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Restart etherpad
|
notify: Restart etherpad
|
||||||
|
|
||||||
- name: Start etherpad
|
- name: Start etherpad
|
||||||
|
@ -86,8 +112,8 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: nginx-site.conf
|
src: nginx-site.conf
|
||||||
dest: /etc/nginx/sites-enabled/etherpad
|
dest: /etc/nginx/sites-enabled/etherpad
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Reload nginx
|
notify: Reload nginx
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
deb [arch=$arch signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodesource_version }} nodistro main
|
deb [arch=$arch signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodejs_version }} nodistro main
|
2
roles/git-ci/defaults/main.yaml
Normal file
2
roles/git-ci/defaults/main.yaml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
runner_wd: /var/lib/forgejo-runner
|
||||||
|
runner_version: 6.3.0
|
|
@ -3,6 +3,6 @@
|
||||||
file: ../../common/handlers/main.yaml
|
file: ../../common/handlers/main.yaml
|
||||||
|
|
||||||
- name: restart forgejo-runner
|
- name: restart forgejo-runner
|
||||||
systemd:
|
ansible.builtin.systemd:
|
||||||
name: forgejo-runner
|
name: forgejo-runner
|
||||||
state: restarted
|
state: restarted
|
50
roles/git-ci/tasks/main.yaml
Normal file
50
roles/git-ci/tasks/main.yaml
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Install dependencies
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: docker.io
|
||||||
|
|
||||||
|
- name: Download forgejo-runner
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ runner_version }}/forgejo-runner-{{ runner_version }}-linux-amd64"
|
||||||
|
dest: /usr/local/bin/forgejo-runner
|
||||||
|
mode: "0755"
|
||||||
|
notify: restart forgejo-runner
|
||||||
|
|
||||||
|
- name: Create runner dir
|
||||||
|
ansible.builtin.file:
|
||||||
|
state: directory
|
||||||
|
path: "{{ runner_wd }}"
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0755"
|
||||||
|
|
||||||
|
- name: Register runner
|
||||||
|
ansible.builtin.command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}"
|
||||||
|
args:
|
||||||
|
chdir: "{{ runner_wd }}"
|
||||||
|
creates: "{{ runner_wd }}/.runner"
|
||||||
|
|
||||||
|
- name: Install service file
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: forgejo-runner.service
|
||||||
|
dest: /etc/systemd/system/forgejo-runner.service
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
notify: restart forgejo-runner
|
||||||
|
|
||||||
|
- name: Enable service
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: forgejo-runner
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Start service
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: forgejo-runner
|
||||||
|
state: started
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
ansible.builtin.meta: flush_handlers
|
|
@ -6,7 +6,7 @@ After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
ExecStart=/usr/local/bin/forgejo-runner daemon
|
ExecStart=/usr/local/bin/forgejo-runner daemon
|
||||||
WorkingDirectory={{ git_ci_runner_wd }}
|
WorkingDirectory={{ runner_wd }}
|
||||||
Restart=on-failure
|
Restart=on-failure
|
||||||
RestartSec=10s
|
RestartSec=10s
|
||||||
|
|
|
@ -11,9 +11,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: nginx-site.conf
|
src: nginx-site.conf
|
||||||
dest: /etc/nginx/sites-available/forgejo
|
dest: /etc/nginx/sites-available/forgejo
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Reload nginx
|
notify: Reload nginx
|
||||||
|
|
||||||
- name: Enable nginx site
|
- name: Enable nginx site
|
||||||
|
@ -36,7 +36,7 @@
|
||||||
path: /var/log/forgejo
|
path: /var/log/forgejo
|
||||||
owner: "{{ git_server_user }}"
|
owner: "{{ git_server_user }}"
|
||||||
group: "{{ git_server_user }}"
|
group: "{{ git_server_user }}"
|
||||||
mode: 0755
|
mode: "0755"
|
||||||
|
|
||||||
# TODO: Install initial config
|
# TODO: Install initial config
|
||||||
|
|
||||||
|
@ -44,9 +44,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: forgejo.service
|
src: forgejo.service
|
||||||
dest: /etc/systemd/system/forgejo.service
|
dest: /etc/systemd/system/forgejo.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Reload forgejo
|
notify: Reload forgejo
|
||||||
|
|
||||||
- name: Install update script
|
- name: Install update script
|
||||||
|
@ -55,7 +55,7 @@
|
||||||
dest: "{{ git_server_working_dir }}/update.sh"
|
dest: "{{ git_server_working_dir }}/update.sh"
|
||||||
owner: "{{ git_server_user }}"
|
owner: "{{ git_server_user }}"
|
||||||
group: "{{ git_server_user }}"
|
group: "{{ git_server_user }}"
|
||||||
mode: 0755
|
mode: "0755"
|
||||||
|
|
||||||
- name: Perform initial update
|
- name: Perform initial update
|
||||||
ansible.builtin.command: "{{ git_server_working_dir }}/update.sh"
|
ansible.builtin.command: "{{ git_server_working_dir }}/update.sh"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
#m h dom mon dow user command
|
#m h dom mon dow user command
|
||||||
0 2 * * 1 root {{ git_server_working_dir }}/update.sh
|
0 2 * * 1 {{ git_server_user }} {{ git_server_working_dir }}/update.sh
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
---
|
|
||||||
git_ci_runner_wd: /var/lib/forgejo-runner
|
|
|
@ -1,83 +0,0 @@
|
||||||
---
|
|
||||||
- tags: git_ci
|
|
||||||
block:
|
|
||||||
- name: Install dependencies
|
|
||||||
apt:
|
|
||||||
name: docker.io
|
|
||||||
|
|
||||||
- name: Query latest forgejo-runner version
|
|
||||||
uri:
|
|
||||||
url: https://code.forgejo.org/api/v1/repos/forgejo/runner/tags
|
|
||||||
return_content: true
|
|
||||||
register: response
|
|
||||||
changed_when: false
|
|
||||||
check_mode: false
|
|
||||||
failed_when: "response is failed or 'json' not in response"
|
|
||||||
|
|
||||||
- name: Format forgejo-runner latest version
|
|
||||||
set_fact:
|
|
||||||
forgejo_runner_version: "{{ response['json'][0]['name'] | trim('v') }}"
|
|
||||||
|
|
||||||
- name: Detect installed forgejo-runner version
|
|
||||||
shell:
|
|
||||||
cmd: |
|
|
||||||
set -o pipefail
|
|
||||||
forgejo-runner --version | grep --color=never -Po '\d\.\d+(\.\d+)?' || echo none
|
|
||||||
executable: /bin/bash
|
|
||||||
register: forgejo_runner_installed_version_shell
|
|
||||||
changed_when: false
|
|
||||||
check_mode: false
|
|
||||||
|
|
||||||
- name: Format installed forgejo-runner version
|
|
||||||
set_fact:
|
|
||||||
forgejo_runner_installed_version: "{{ forgejo_runner_installed_version_shell.stdout }}"
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg:
|
|
||||||
- "Forgejo Runner latest version: {{ forgejo_runner_version }}"
|
|
||||||
- "Forgejo Runner installed version: {{ forgejo_runner_installed_version }}"
|
|
||||||
|
|
||||||
- name: Download forgejo-runner
|
|
||||||
get_url:
|
|
||||||
url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ forgejo_runner_version }}/forgejo-runner-{{ forgejo_runner_version }}-linux-amd64"
|
|
||||||
dest: /usr/local/bin/forgejo-runner
|
|
||||||
mode: "0755"
|
|
||||||
notify: restart forgejo-runner
|
|
||||||
when: forgejo_runner_installed_version != forgejo_runner_version
|
|
||||||
|
|
||||||
- name: Create runner dir
|
|
||||||
file:
|
|
||||||
state: directory
|
|
||||||
path: "{{ git_ci_runner_wd }}"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: "0755"
|
|
||||||
|
|
||||||
- name: Register runner
|
|
||||||
command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}"
|
|
||||||
args:
|
|
||||||
chdir: "{{ git_ci_runner_wd }}"
|
|
||||||
creates: "{{ git_ci_runner_wd }}/.runner"
|
|
||||||
|
|
||||||
- name: Install service file
|
|
||||||
template:
|
|
||||||
src: forgejo-runner.service
|
|
||||||
dest: /etc/systemd/system/forgejo-runner.service
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: "0644"
|
|
||||||
notify: restart forgejo-runner
|
|
||||||
|
|
||||||
- name: Enable service
|
|
||||||
systemd:
|
|
||||||
name: forgejo-runner
|
|
||||||
enabled: true
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Start service
|
|
||||||
systemd:
|
|
||||||
name: forgejo-runner
|
|
||||||
state: started
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- meta: flush_handlers
|
|
|
@ -48,17 +48,17 @@
|
||||||
src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz
|
src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz
|
||||||
dest: /usr/local
|
dest: /usr/local
|
||||||
remote_src: yes
|
remote_src: yes
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
when: go_installed_version != go_latest_version
|
when: go_installed_version != go_latest_version
|
||||||
|
|
||||||
- name: Configure Go environment
|
- name: Configure Go environment
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: go.profile
|
src: go.profile
|
||||||
dest: /etc/profile.d/go.sh
|
dest: /etc/profile.d/go.sh
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
|
|
||||||
- name: Link go binary
|
- name: Link go binary
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
|
|
|
@ -21,9 +21,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ item.dest }}"
|
dest: "{{ item.dest }}"
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart grafana
|
notify: restart grafana
|
||||||
with_items:
|
with_items:
|
||||||
- { src: grafana.ini, dest: /etc/grafana/grafana.ini }
|
- { src: grafana.ini, dest: /etc/grafana/grafana.ini }
|
||||||
|
@ -33,9 +33,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: grafana-data-source.yml
|
src: grafana-data-source.yml
|
||||||
dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml"
|
dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml"
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart grafana
|
notify: restart grafana
|
||||||
with_items:
|
with_items:
|
||||||
- name: Prometheus
|
- name: Prometheus
|
||||||
|
|
|
@ -4,9 +4,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: nginx-site.conf
|
src: nginx-site.conf
|
||||||
dest: /etc/nginx/sites-available/monitoring
|
dest: /etc/nginx/sites-available/monitoring
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Reload nginx
|
notify: Reload nginx
|
||||||
|
|
||||||
- name: Enable nginx site
|
- name: Enable nginx site
|
||||||
|
|
|
@ -1,22 +1,47 @@
|
||||||
---
|
---
|
||||||
|
- name: Clone source
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: https://github.com/polyfloyd/mqtt-exporter.git
|
||||||
|
version: main
|
||||||
|
dest: /opt/mqtt_exporter
|
||||||
|
accept_hostkey: yes
|
||||||
|
notify: restart mqtt_exporter
|
||||||
|
|
||||||
- name: Install apt dependencies
|
- name: Install apt dependencies
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: mqtt-exporter
|
name:
|
||||||
|
- jq
|
||||||
|
- python3-paho-mqtt
|
||||||
|
- python3-prometheus-client
|
||||||
|
- python3-yaml
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
- name: Install service
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: mqtt_exporter.service
|
||||||
|
dest: /etc/systemd/system/mqtt_exporter.service
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
notify:
|
||||||
|
- Daemon reload
|
||||||
|
- restart mqtt_exporter
|
||||||
|
|
||||||
- name: Install config file
|
- name: Install config file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: mqtt_exporter_config.yaml
|
src: mqtt_exporter_config.yaml
|
||||||
dest: /etc/mqtt-exporter.yaml
|
dest: /etc/mqtt_exporter.yaml
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart mqtt_exporter
|
notify:
|
||||||
|
- Daemon reload
|
||||||
|
- restart mqtt_exporter
|
||||||
|
|
||||||
- ansible.builtin.meta: flush_handlers
|
- ansible.builtin.meta: flush_handlers
|
||||||
|
|
||||||
- name: Start service
|
- name: Start service
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: mqtt-exporter
|
name: mqtt_exporter
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
|
@ -7,9 +7,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: prometheus.yml
|
src: prometheus.yml
|
||||||
dest: "{{ prometheus_config_dir }}/prometheus.yml"
|
dest: "{{ prometheus_config_dir }}/prometheus.yml"
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart prometheus
|
notify: restart prometheus
|
||||||
|
|
||||||
- name: Configure Prometheus args
|
- name: Configure Prometheus args
|
||||||
|
|
1
roles/mqtt/defaults/main.yaml
Normal file
1
roles/mqtt/defaults/main.yaml
Normal file
|
@ -0,0 +1 @@
|
||||||
|
mqtt_bambulab_cafile: /etc/mosquitto/ca_certificates/bambulab.pem
|
|
@ -9,18 +9,16 @@
|
||||||
- name: Install bambulab cafile
|
- name: Install bambulab cafile
|
||||||
# openssl s_client -showcerts -connect <ip>:8883 </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p'
|
# openssl s_client -showcerts -connect <ip>:8883 </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p'
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: "/etc/mosquitto/ca_certificates/bambu_{{ item.name }}.pem"
|
dest: "{{ mqtt_bambulab_cafile }}"
|
||||||
content: "{{ item.cafile }}"
|
content: "{{ lookup('passwordstore', 'bambulab subkey=cafile') }}"
|
||||||
notify: restart mosquitto
|
|
||||||
with_items: "{{ lookup('passwordstore', 'bambulab subkey=printers') }}"
|
|
||||||
|
|
||||||
- name: Configure Mosquitto
|
- name: Configure Mosquitto
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "/etc/mosquitto/conf.d/{{ item }}"
|
dest: "/etc/mosquitto/conf.d/{{ item }}"
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart mosquitto
|
notify: restart mosquitto
|
||||||
with_items:
|
with_items:
|
||||||
- bambulab.conf
|
- bambulab.conf
|
||||||
|
|
|
@ -1,11 +1,10 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
{% for bambu in lookup('passwordstore', 'bambulab subkey=printers') %}
|
|
||||||
|
|
||||||
connection bambulab_{{ bambu.name }}
|
connection bambulab
|
||||||
address {{ bambu.host }}:8883
|
address {{ lookup('passwordstore', 'bambulab subkey=host') }}:8883
|
||||||
bridge_cafile /etc/mosquitto/ca_certificates/bambu_{{ bambu.name }}.pem
|
bridge_cafile {{ mqtt_bambulab_cafile }}
|
||||||
bridge_insecure true
|
bridge_insecure true
|
||||||
remote_username bblp
|
remote_username bblp
|
||||||
remote_password {{ bambu.key }}
|
remote_password {{ lookup('passwordstore', 'bambulab subkey=key') }}
|
||||||
topic # in 2 bambulab/{{ bambu.name }}/ ""
|
|
||||||
{% endfor %}
|
topic # in 2 bambulab/ ""
|
||||||
|
|
|
@ -1,10 +1,2 @@
|
||||||
music_audio_user: audio
|
music_audio_user: audio
|
||||||
music_audio_user_id: 998
|
|
||||||
music_audio_group: audio
|
|
||||||
music_bitvis_user: bitvis
|
|
||||||
music_librespot_user: librespot
|
|
||||||
music_trollibox_user: trollibox
|
|
||||||
|
|
||||||
music_pulse_server: /tmp/pipewire-pulse-socket
|
|
||||||
|
|
||||||
music_mqtt_mpd_volume: bitlair/music/space/volume
|
music_mqtt_mpd_volume: bitlair/music/space/volume
|
||||||
|
|
|
@ -2,65 +2,27 @@
|
||||||
- ansible.builtin.import_tasks:
|
- ansible.builtin.import_tasks:
|
||||||
file: ../../common/handlers/main.yaml
|
file: ../../common/handlers/main.yaml
|
||||||
|
|
||||||
- name: restart pipewire
|
- name: Restart trollibox
|
||||||
become: true
|
|
||||||
become_user: "{{ music_audio_user }}"
|
|
||||||
become_method: machinectl
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: pipewire
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
scope: user
|
|
||||||
|
|
||||||
- name: restart filter-chain
|
|
||||||
become: true
|
|
||||||
become_user: "{{ music_audio_user }}"
|
|
||||||
become_method: machinectl
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: filter-chain
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
scope: user
|
|
||||||
|
|
||||||
- name: restart bitvis
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: bitvis
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: restart bitvis-tee
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: bitvis-tee
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: restart mpd
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: mpd
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: restart trollibox
|
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: trollibox
|
name: trollibox
|
||||||
state: restarted
|
state: restarted
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
- name: rebuild librespot
|
- name: Rebuild librespot
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: /root/.cargo/bin/cargo build --release --features pulseaudio-backend,jackaudio-backend
|
cmd: /root/.cargo/bin/cargo build --release --features jackaudio-backend
|
||||||
args:
|
args:
|
||||||
chdir: /opt/librespot
|
chdir: /opt/librespot
|
||||||
|
|
||||||
- name: restart librespot
|
- name: Restart librespot
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: librespot
|
name: librespot
|
||||||
state: restarted
|
state: restarted
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
- name: restart mqtt-soundboard
|
- name: Restart soundboard
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: mqtt-soundboard
|
name: soundboard
|
||||||
state: restarted
|
state: restarted
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
|
@ -75,12 +37,3 @@
|
||||||
name: skipbutton
|
name: skipbutton
|
||||||
state: restarted
|
state: restarted
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
- name: restart ampswitch
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: "ampswitch-{{ item }}"
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
with_items:
|
|
||||||
- librespot
|
|
||||||
- mpd
|
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
---
|
|
||||||
- name: Install ampswitch
|
|
||||||
apt:
|
|
||||||
name: ampswitch
|
|
||||||
|
|
||||||
- name: Install ampswitch service file
|
|
||||||
template:
|
|
||||||
src: ampswitch.service
|
|
||||||
dest: /etc/systemd/system/ampswitch-{{ item.instance }}.service
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0755
|
|
||||||
with_items:
|
|
||||||
- instance: mpd
|
|
||||||
pw_inputs:
|
|
||||||
- "Music Player Daemon:output_FL"
|
|
||||||
- "Music Player Daemon:output_FR"
|
|
||||||
- instance: librespot
|
|
||||||
pw_inputs:
|
|
||||||
- "librespot:out_0"
|
|
||||||
- "librespot:out_1"
|
|
||||||
notify: restart ampswitch
|
|
||||||
|
|
||||||
- name: Enable ampswitch
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: "ampswitch-{{ item }}"
|
|
||||||
state: started
|
|
||||||
enabled: true
|
|
||||||
with_items:
|
|
||||||
- librespot
|
|
||||||
- mpd
|
|
|
@ -1,68 +0,0 @@
|
||||||
---
|
|
||||||
- name: Install pipewire
|
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- systemd-container
|
|
||||||
- pipewire
|
|
||||||
- pipewire-jack
|
|
||||||
- pipewire-pulse
|
|
||||||
- pulseaudio-utils
|
|
||||||
- pulsemixer
|
|
||||||
- wireplumber
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Add audio group
|
|
||||||
group:
|
|
||||||
name: audio
|
|
||||||
system: true
|
|
||||||
|
|
||||||
- name: Add {{ music_audio_user }} user
|
|
||||||
user:
|
|
||||||
name: "{{ music_audio_user }}"
|
|
||||||
uid: "{{ music_audio_user_id }}"
|
|
||||||
system: true
|
|
||||||
groups:
|
|
||||||
- audio
|
|
||||||
|
|
||||||
- name: Enable linger for {{ music_audio_user }}
|
|
||||||
copy:
|
|
||||||
dest: "/var/lib/systemd/linger/{{ music_audio_user }}"
|
|
||||||
content: ""
|
|
||||||
|
|
||||||
- name: Enable pipewire
|
|
||||||
become: true
|
|
||||||
become_user: "{{ music_audio_user }}"
|
|
||||||
become_method: machinectl
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: pipewire
|
|
||||||
state: started
|
|
||||||
enabled: true
|
|
||||||
scope: user
|
|
||||||
|
|
||||||
- name: Set PULSE_SERVER env var for all shells
|
|
||||||
copy:
|
|
||||||
dest: /etc/profile.d/pulse-server.sh
|
|
||||||
content: |+
|
|
||||||
# Ansible managed
|
|
||||||
export PULSE_SERVER={{ music_pulse_server }}
|
|
||||||
|
|
||||||
- name: Create pipewire-pulse config dir
|
|
||||||
file:
|
|
||||||
path: /etc/pipewire/pipewire-pulse.conf.d/
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: Configure system socket
|
|
||||||
ansible.builtin.copy:
|
|
||||||
dest: /etc/pipewire/pipewire-pulse.conf.d/system-socket.conf
|
|
||||||
content: |+
|
|
||||||
# Ansible managed
|
|
||||||
context.exec = [
|
|
||||||
{ path = "/bin/chgrp" args = "{{ music_audio_group }} {{ music_pulse_server }}" }
|
|
||||||
{ path = "/bin/chmod" args = "g+rwx,o-rwx {{ music_pulse_server }}" }
|
|
||||||
]
|
|
||||||
pulse.properties = {
|
|
||||||
server.address = [
|
|
||||||
"unix:{{ music_pulse_server }}"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
notify: restart pipewire
|
|
|
@ -1,72 +0,0 @@
|
||||||
---
|
|
||||||
- name: Install bitvis dependencies
|
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- bitvis
|
|
||||||
- bitvis-http
|
|
||||||
- swh-plugins
|
|
||||||
|
|
||||||
- name: Create bitvis user
|
|
||||||
user:
|
|
||||||
name: "{{ music_bitvis_user }}"
|
|
||||||
system: true
|
|
||||||
home: /var/lib/bitvis
|
|
||||||
groups:
|
|
||||||
- "{{ music_audio_group }}"
|
|
||||||
|
|
||||||
- name: Install bitvis-tee
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: bitvis-tee.sh
|
|
||||||
dest: /opt/bitvis-tee.sh
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0755
|
|
||||||
notify: restart {{ item }}
|
|
||||||
with_items:
|
|
||||||
- bitvis
|
|
||||||
- bitvis-tee
|
|
||||||
|
|
||||||
- name: Install service file
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ item }}.service"
|
|
||||||
dest: /etc/systemd/system/{{ item }}.service
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: restart {{ item }}
|
|
||||||
with_items:
|
|
||||||
- bitvis
|
|
||||||
- bitvis-tee
|
|
||||||
|
|
||||||
- name: Enable service
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: "{{ item }}"
|
|
||||||
state: started
|
|
||||||
enabled: true
|
|
||||||
daemon_reload: true
|
|
||||||
with_items:
|
|
||||||
- bitvis
|
|
||||||
- bitvis-tee
|
|
||||||
|
|
||||||
- name: Install bitvis gain filter
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: pw-bitvis-mixer.conf
|
|
||||||
dest: /etc/pipewire/filter-chain.conf.d/bitvis-mixer.conf
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify:
|
|
||||||
- restart filter-chain
|
|
||||||
- restart bitvis
|
|
||||||
|
|
||||||
- name: Enable filter-chain
|
|
||||||
become: true
|
|
||||||
become_user: "{{ music_audio_user }}"
|
|
||||||
become_method: machinectl
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: filter-chain
|
|
||||||
state: started
|
|
||||||
enabled: true
|
|
||||||
scope: user
|
|
||||||
|
|
||||||
- meta: flush_handlers
|
|
|
@ -1,18 +1,8 @@
|
||||||
---
|
---
|
||||||
- name: Install apt dependencies
|
- name: Install dependencies
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name: libjack-jackd2-dev
|
||||||
- libasound2-dev
|
state: present
|
||||||
- libjack-dev
|
|
||||||
- pkg-config
|
|
||||||
|
|
||||||
- name: Create librespot user
|
|
||||||
user:
|
|
||||||
name: "{{ music_librespot_user }}"
|
|
||||||
system: true
|
|
||||||
home: /var/lib/librespot
|
|
||||||
groups:
|
|
||||||
- "{{ music_audio_group }}"
|
|
||||||
|
|
||||||
- name: Clone librespot source
|
- name: Clone librespot source
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
|
@ -21,17 +11,17 @@
|
||||||
dest: /opt/librespot
|
dest: /opt/librespot
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
notify:
|
notify:
|
||||||
- rebuild librespot
|
- Rebuild librespot
|
||||||
- restart librespot
|
- Restart librespot
|
||||||
|
|
||||||
- name: Install service file
|
- name: Install service file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: librespot.service
|
src: librespot.service
|
||||||
dest: /etc/systemd/system/librespot.service
|
dest: /etc/systemd/system/librespot.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart librespot
|
notify: Restart librespot
|
||||||
|
|
||||||
- name: Enable Librespot
|
- name: Enable Librespot
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
|
@ -39,5 +29,3 @@
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
- meta: flush_handlers
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: Import base
|
|
||||||
ansible.builtin.import_tasks:
|
|
||||||
file: base.yaml
|
|
||||||
tags:
|
|
||||||
- music_base
|
|
||||||
|
|
||||||
- name: Import mpd
|
- name: Import mpd
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.import_tasks:
|
||||||
|
@ -11,18 +6,6 @@
|
||||||
tags:
|
tags:
|
||||||
- music_mpd
|
- music_mpd
|
||||||
|
|
||||||
- name: Bitvis
|
|
||||||
ansible.builtin.import_tasks:
|
|
||||||
file: bitvis.yaml
|
|
||||||
tags:
|
|
||||||
- music_bitvis
|
|
||||||
|
|
||||||
- name: Import airplay
|
|
||||||
ansible.builtin.import_tasks:
|
|
||||||
file: airplay.yaml
|
|
||||||
tags:
|
|
||||||
- music_airplay
|
|
||||||
|
|
||||||
- name: Import trollibox
|
- name: Import trollibox
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.import_tasks:
|
||||||
file: trollibox.yaml
|
file: trollibox.yaml
|
||||||
|
@ -41,8 +24,11 @@
|
||||||
tags:
|
tags:
|
||||||
- music_soundboard
|
- music_soundboard
|
||||||
|
|
||||||
- name: Ampswitch
|
- name: Install nginx config
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.template:
|
||||||
file: ampswitch.yaml
|
src: nginx-site.conf
|
||||||
tags:
|
dest: /etc/nginx/sites-enabled/trollibox
|
||||||
- music_ampswitch
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
notify: Reload nginx
|
||||||
|
|
|
@ -1,48 +1,30 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Install MPD
|
- name: Install MPD
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: mpd
|
name:
|
||||||
|
- jackd
|
||||||
|
- mpd
|
||||||
|
- python3-mpd
|
||||||
|
- python3-serial
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Add mpd user to the {{ music_audio_group }} group
|
|
||||||
user:
|
|
||||||
name: mpd
|
|
||||||
groups:
|
|
||||||
- "{{ music_audio_group }}"
|
|
||||||
notify: restart mpd
|
|
||||||
|
|
||||||
- name: Install mpd file
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: restart mpd
|
|
||||||
with_items:
|
|
||||||
- src: mpd.conf
|
|
||||||
dest: /etc/mpd.conf
|
|
||||||
- src: mpd.service
|
|
||||||
dest: /etc/systemd/system/mpd.service
|
|
||||||
- src: mpd_state
|
|
||||||
dest: /var/lib/mpd/state.default
|
|
||||||
|
|
||||||
- name: Install mpd-volume-to-mqtt script
|
- name: Install mpd-volume-to-mqtt script
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: mpd-volume-to-mqtt.sh
|
src: mpd-volume-to-mqtt.sh
|
||||||
dest: /opt/mpd-volume-to-mqtt.sh
|
dest: /opt/mpd-volume-to-mqtt.sh
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Restart mpd-volume-to-mqtt
|
notify: Restart mpd-volume-to-mqtt
|
||||||
|
|
||||||
- name: Install mpd-volume-to-mqtt service
|
- name: Install mpd-volume-to-mqtt service
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: mpd-volume-to-mqtt.service
|
src: mpd-volume-to-mqtt.service
|
||||||
dest: /etc/systemd/system/mpd-volume-to-mqtt.service
|
dest: /etc/systemd/system/mpd-volume-to-mqtt.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Restart mpd-volume-to-mqtt
|
notify: Restart mpd-volume-to-mqtt
|
||||||
|
|
||||||
- name: Enable mpd-volume-to-mqtt
|
- name: Enable mpd-volume-to-mqtt
|
||||||
|
@ -51,3 +33,27 @@
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Clone skipbutton source
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: https://github.com/bitlair/skipbutton.git
|
||||||
|
version: master
|
||||||
|
dest: /opt/skipbutton
|
||||||
|
accept_hostkey: yes
|
||||||
|
notify: Restart skipbutton
|
||||||
|
|
||||||
|
- name: Install skipbutton service
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: skipbutton.service
|
||||||
|
dest: /etc/systemd/system/skipbutton.service
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
notify: Restart skipbutton
|
||||||
|
|
||||||
|
- name: Enable skipbutton
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: skipbutton
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
|
|
@ -1,28 +1,50 @@
|
||||||
---
|
---
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name: virtualenv
|
||||||
- mqtt-soundboard
|
|
||||||
- mplayer
|
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
- name: Clone soundboard source
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: https://github.com/polyfloyd/mqtt-soundboard.git
|
||||||
|
version: main
|
||||||
|
dest: /opt/soundboard
|
||||||
|
accept_hostkey: yes
|
||||||
|
notify: Restart soundboard
|
||||||
|
|
||||||
|
- name: Create virtualenv
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: virtualenv /opt/soundboard/.venv
|
||||||
|
args:
|
||||||
|
creates: /opt/soundboard/.venv
|
||||||
|
|
||||||
|
- name: Install Python dependencies
|
||||||
|
ansible.builtin.shell:
|
||||||
|
cmd: . .venv/bin/activate && pip install -r requirements.txt
|
||||||
|
args:
|
||||||
|
chdir: /opt/soundboard
|
||||||
|
|
||||||
- name: Install soundboard config file
|
- name: Install soundboard config file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ item.src }}"
|
src: soundboard.yaml
|
||||||
dest: "{{ item.dest }}"
|
dest: /etc/soundboard.yaml
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart mqtt-soundboard
|
notify: Restart soundboard
|
||||||
with_items:
|
|
||||||
- src: mqtt-soundboard.service
|
- name: Install soundboard service file
|
||||||
dest: /etc/systemd/system/mqtt-soundboard.service
|
ansible.builtin.template:
|
||||||
- src: mqtt-soundboard.yaml
|
src: soundboard.service
|
||||||
dest: /etc/mqtt-soundboard.yaml
|
dest: /etc/systemd/system/soundboard.service
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
notify: Restart soundboard
|
||||||
|
|
||||||
- name: Enable soundboard
|
- name: Enable soundboard
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: mqtt-soundboard
|
name: soundboard
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
|
@ -1,49 +1,41 @@
|
||||||
---
|
---
|
||||||
- name: Create trollibox user
|
|
||||||
user:
|
|
||||||
name: "{{ music_trollibox_user }}"
|
|
||||||
system: true
|
|
||||||
home: /var/lib/trollibox
|
|
||||||
|
|
||||||
- name: Install Trollibox config
|
- name: Install Trollibox config
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: trollibox.yaml
|
src: trollibox.yaml
|
||||||
dest: /etc/trollibox.yaml
|
dest: /etc/trollibox.yaml
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: restart trollibox
|
notify: Restart trollibox
|
||||||
|
|
||||||
- name: Get latest Trollibox version from Github API
|
- name: Get latest Trollibox version from Github API
|
||||||
uri:
|
ansible.builtin.get_url:
|
||||||
url: "https://api.github.com/repos/polyfloyd/trollibox/releases/latest"
|
url: "https://api.github.com/repos/polyfloyd/trollibox/releases/latest"
|
||||||
return_content: true
|
dest: "/tmp/_ansible_trollibox_latest_release.json"
|
||||||
register: response
|
|
||||||
changed_when: false
|
|
||||||
check_mode: false
|
|
||||||
failed_when: "response is failed or 'json' not in response"
|
|
||||||
|
|
||||||
- name: Format trollibox latest version
|
- name: Get download url
|
||||||
set_fact:
|
ansible.builtin.shell:
|
||||||
trollibox_version: "{{ response['json']['tag_name'] | trim('v') }}"
|
cmd: cat /tmp/_ansible_trollibox_latest_release.json | jq .assets[] | select(.name
|
||||||
|
| contains("linux-amd64")) | .browser_download_url -r
|
||||||
|
register: "trollibox_download_url"
|
||||||
|
|
||||||
- name: Download Trollibox
|
- name: Download Trollibox
|
||||||
ansible.builtin.unarchive:
|
ansible.builtin.unarchive:
|
||||||
src: "https://github.com/polyfloyd/trollibox/releases/download/v{{ trollibox_version }}/trollibox-x86_64-unknown-linux-gnu.tar.gz"
|
src: "{{ trollibox_download_url.stdout }}"
|
||||||
remote_src: yes
|
remote_src: yes
|
||||||
dest: /usr/local/bin
|
dest: /usr/local/bin
|
||||||
include: [ trollibox ]
|
include: [ trollibox ]
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
notify: restart trollibox
|
notify: Restart trollibox
|
||||||
|
|
||||||
- name: Install service file
|
- name: Install service file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: trollibox.service
|
src: trollibox.service
|
||||||
dest: /etc/systemd/system/trollibox.service
|
dest: /etc/systemd/system/trollibox.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: restart trollibox
|
notify: Restart trollibox
|
||||||
|
|
||||||
- name: Enable Trollibox
|
- name: Enable Trollibox
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
|
|
|
@ -1,20 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=Script hook for {{ item }} playback
|
|
||||||
After=network.target {{ item.instance }}.service
|
|
||||||
Requires={{ item.instance }}.service
|
|
||||||
StopPropagatedFrom={{ item.instance }}.service
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Restart=always
|
|
||||||
RestartSec=10s
|
|
||||||
ExecStart=/usr/bin/pw-jack ampswitch --jack-name ampswitch-{{ item.instance }} --on-command /opt/on-{{ item.instance }}-start.sh --switch-time 10 --trigger-level 0.001
|
|
||||||
ExecStartPost=/usr/bin/sleep 4
|
|
||||||
{% for pw_input in item.pw_inputs %}
|
|
||||||
ExecStartPost=-/usr/bin/pw-link "{{ pw_input }}" ampswitch-{{ item.instance }}:Input
|
|
||||||
{% endfor %}
|
|
||||||
User=root
|
|
||||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
|
@ -1,15 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=Multiplexer for bitvis
|
|
||||||
Before=bitvis.service
|
|
||||||
After=bitvis-http.service
|
|
||||||
Requires=bitvis-http.service
|
|
||||||
PropagatesStopTo=bitvis.service
|
|
||||||
StopPropagatedFrom=bitvis.service
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=forking
|
|
||||||
ExecStart=/usr/bin/screen -dmS bitvis-tee /opt/bitvis-tee.sh
|
|
||||||
User={{ music_bitvis_user }}
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
|
@ -1,10 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
loop=`mktemp --suffix -bitvis`
|
|
||||||
mkfifo -f "$loop"
|
|
||||||
trap "rm -f $loop" EXIT TERM
|
|
||||||
|
|
||||||
cat "$loop" | while true; do nc -4 -w 2 localhost 1338; done &
|
|
||||||
nc -klp 1337 | tee "$loop" | while true; do nc -w 2 {{ music_bitpanel_host }} {{ music_bitpanel_port }}; done
|
|
|
@ -1,19 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=Audio visualizer for the bitpanel
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Restart=always
|
|
||||||
RestartSec=10s
|
|
||||||
ExecStart=/usr/bin/pw-jack bitvis -a localhost -p 1337 -m localhost -o 6600
|
|
||||||
ExecStartPost=/usr/bin/sleep 4
|
|
||||||
ExecStartPost=-/usr/bin/pw-link bitvis-mixer:output_FL bitvis:input
|
|
||||||
ExecStartPost=-/usr/bin/pw-link alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:monitor_FL bitvis-mixer:playback_FL
|
|
||||||
ExecStartPost=-/usr/bin/pw-link alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:monitor_FR bitvis-mixer:playback_FR
|
|
||||||
|
|
||||||
User={{ music_audio_user }}
|
|
||||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
|
@ -3,18 +3,16 @@
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Spotify through Librespot
|
Description=Spotify through Librespot
|
||||||
After=network.target
|
After=network.target
|
||||||
|
Requires=jackd.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=10s
|
RestartSec=2s
|
||||||
ExecStart=/usr/bin/pw-jack -s 44100 /opt/librespot/target/release/librespot --name Trollibox --backend jackaudio
|
ExecStart=/opt/librespot/target/release/librespot --name Trollibox --backend jackaudio
|
||||||
ExecStartPost=/usr/bin/sleep 4
|
User={{ music_audio_user }}
|
||||||
ExecStartPost=-/usr/bin/pw-link librespot:out_0 alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:playback_FL
|
Group={{ music_audio_user }}
|
||||||
ExecStartPost=-/usr/bin/pw-link librespot:out_1 alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:playback_FR
|
AmbientCapabilities=CAP_IPC_LOCK,CAP_SYS_NICE
|
||||||
# User={{ music_librespot_user }}
|
|
||||||
User=root
|
|
||||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -14,7 +14,7 @@ prev_volume=x
|
||||||
if [ $event = "mixer" ]; then
|
if [ $event = "mixer" ]; then
|
||||||
volume=`mpc volume | sed -nr 's/^volume: ([0-9]+)%$/\1/p'`
|
volume=`mpc volume | sed -nr 's/^volume: ([0-9]+)%$/\1/p'`
|
||||||
if [ "$prev_volume" != "$volume" ]; then
|
if [ "$prev_volume" != "$volume" ]; then
|
||||||
mqtt-simple -h {{ mqtt_internal_host }} -p '{{ music_mqtt_mpd_volume }}' -r -m "$volume"
|
mqtt-simple -h {{ mqtt_internal_host }} -p '{{ music_mqtt_mpd_volume }} -r' -m "$volume"
|
||||||
fi
|
fi
|
||||||
prev_volume=$volume
|
prev_volume=$volume
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
user "mpd"
|
|
||||||
group "{{ music_audio_group }}"
|
|
||||||
|
|
||||||
bind_to_address "any"
|
|
||||||
port "6600"
|
|
||||||
max_connections "20"
|
|
||||||
|
|
||||||
zeroconf_enabled "yes"
|
|
||||||
zeroconf_name "MPD @ %h"
|
|
||||||
|
|
||||||
music_directory "/srv/media/music"
|
|
||||||
auto_update "yes"
|
|
||||||
filesystem_charset "UTF-8"
|
|
||||||
|
|
||||||
playlist_directory "/var/lib/mpd/playlists"
|
|
||||||
db_file "/var/lib/mpd/tag_cache"
|
|
||||||
state_file "/var/lib/mpd/state"
|
|
||||||
sticker_file "/var/lib/mpd/sticker.sql"
|
|
||||||
|
|
||||||
input {
|
|
||||||
plugin "curl" # Required for web streams.
|
|
||||||
}
|
|
||||||
|
|
||||||
decoder {
|
|
||||||
plugin "hybrid_dsd"
|
|
||||||
enabled "no"
|
|
||||||
}
|
|
||||||
|
|
||||||
decoder {
|
|
||||||
plugin "wildmidi"
|
|
||||||
enabled "no"
|
|
||||||
}
|
|
||||||
|
|
||||||
audio_output {
|
|
||||||
type "pulse"
|
|
||||||
name "Pulse"
|
|
||||||
server "{{ music_pulse_server }}"
|
|
||||||
}
|
|
|
@ -1,21 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=Music Player Daemon
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
ExecStartPre=/bin/mkdir -p /run/mpd
|
|
||||||
ExecStartPre=/bin/chown -R mpd:nogroup /run/mpd
|
|
||||||
ExecStartPre=/bin/touch /var/log/mpd.log
|
|
||||||
ExecStartPre=/bin/chown mpd:nogroup /var/log/mpd.log
|
|
||||||
ExecStartPre=/usr/bin/cp /var/lib/mpd/state.default /var/lib/mpd/state
|
|
||||||
ExecStart=/usr/bin/mpd --no-daemon /etc/mpd.conf
|
|
||||||
# MDP will fork itself to the user defined in its config
|
|
||||||
User=root
|
|
||||||
LimitMEMLOCK=infinity
|
|
||||||
LimitRTPRIO=99
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
|
@ -1,17 +0,0 @@
|
||||||
sw_volume: 20
|
|
||||||
audio_device_state:1:Pulse
|
|
||||||
state: play
|
|
||||||
current: 0
|
|
||||||
time: 0
|
|
||||||
random: 0
|
|
||||||
repeat: 0
|
|
||||||
single: 0
|
|
||||||
consume: 0
|
|
||||||
crossfade: 0
|
|
||||||
mixrampdb: 0.000000
|
|
||||||
mixrampdelay: -1.000000
|
|
||||||
playlist_begin
|
|
||||||
song_begin: http://ice4.somafm.com/groovesalad-256-mp3
|
|
||||||
Name: SomaFM Groove Salad
|
|
||||||
song_end
|
|
||||||
playlist_end
|
|
70
roles/music/templates/nginx-site.conf
Normal file
70
roles/music/templates/nginx-site.conf
Normal file
|
@ -0,0 +1,70 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80 default_server;
|
||||||
|
listen [::]:80 default_server;
|
||||||
|
listen 443 ssl default_server;
|
||||||
|
listen [::]:443 ssl default_server;
|
||||||
|
|
||||||
|
server_name {{ music_domain }};
|
||||||
|
|
||||||
|
{% if acme_bootstrap_certs %}
|
||||||
|
include "snippets/snakeoil.conf";
|
||||||
|
{% else %}
|
||||||
|
ssl_certificate "/var/lib/dehydrated/certs/{{ music_domain }}/fullchain.pem";
|
||||||
|
ssl_certificate_key "/var/lib/dehydrated/certs/{{ music_domain }}/privkey.pem";
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% for range in trusted_ranges %}
|
||||||
|
allow {{ range.cidr }};
|
||||||
|
{% endfor %}
|
||||||
|
deny all;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
rewrite ^/(.*) https://{{ music_domain }}/trollibox/player/space?;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /trollibox/ {
|
||||||
|
proxy_pass http://[::1]:3000/;
|
||||||
|
client_max_body_size 512M;
|
||||||
|
include proxy_params;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/trollibox/(.+/events)$ {
|
||||||
|
proxy_pass http://[::1]:3000/$1;
|
||||||
|
include proxy_params;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
chunked_transfer_encoding off;
|
||||||
|
add_header X-Test "123";
|
||||||
|
proxy_set_header Connection '';
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_read_timeout 7d;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/trollibox/(.+/listen)$ {
|
||||||
|
proxy_pass http://[::1]:3000/$1;
|
||||||
|
include proxy_params;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
proxy_read_timeout 7d;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /bobdsp/ {
|
||||||
|
proxy_pass http://[::1]:8081/;
|
||||||
|
include proxy_params;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /vis/ {
|
||||||
|
allow all;
|
||||||
|
proxy_pass http://[::1]:13378/;
|
||||||
|
include proxy_params;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /vis/ {
|
||||||
|
rewrite ^(.*)$ /vis/index.html;
|
||||||
|
include proxy_params;
|
||||||
|
}
|
||||||
|
|
||||||
|
include "snippets/acme.conf";
|
||||||
|
}
|
|
@ -1,49 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
context.modules = [
|
|
||||||
{
|
|
||||||
name = libpipewire-module-filter-chain
|
|
||||||
args = {
|
|
||||||
node.description = "bitvis-mixer"
|
|
||||||
media.name = "bitvis-mixer"
|
|
||||||
filter.graph = {
|
|
||||||
nodes = [
|
|
||||||
{
|
|
||||||
name = normalize
|
|
||||||
type = ladspa
|
|
||||||
plugin = fast_lookahead_limiter_1913
|
|
||||||
label = fastLookaheadLimiter
|
|
||||||
control = {
|
|
||||||
"Input gain (dB)" = 40
|
|
||||||
"Limit (dB)" = 0
|
|
||||||
"Release time (s)" = 1
|
|
||||||
}
|
|
||||||
}
|
|
||||||
{
|
|
||||||
name = mono
|
|
||||||
type = builtin
|
|
||||||
label = mixer
|
|
||||||
}
|
|
||||||
]
|
|
||||||
links = [
|
|
||||||
{ output = "normalize:Output 1", input = "mono:In 1" }
|
|
||||||
{ output = "normalize:Output 2", input = "mono:In 2" }
|
|
||||||
]
|
|
||||||
inputs = [ "normalize:Input 1" "normalize:Input 2" ]
|
|
||||||
outputs = [ "mono:Out" ]
|
|
||||||
}
|
|
||||||
capture.props = {
|
|
||||||
node.name = "mix_input.bitvis"
|
|
||||||
audio.position = [ FL FR ]
|
|
||||||
media.class = "Audio/Sink"
|
|
||||||
}
|
|
||||||
playback.props = {
|
|
||||||
node.name = "mix_output.bitvis"
|
|
||||||
audio.position = [ FL ]
|
|
||||||
stream.dont-remix = true
|
|
||||||
node.passive = true
|
|
||||||
node.autoconnect = false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
17
roles/music/templates/skipbutton.service
Normal file
17
roles/music/templates/skipbutton.service
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
[Unit]
|
||||||
|
Description=MPD Skipbutton
|
||||||
|
After=network.target
|
||||||
|
Requires=mpd.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
Restart=always
|
||||||
|
RestartSec=10s
|
||||||
|
ExecStart=/opt/skipbutton/skipbutton.py /dev/ttyS0
|
||||||
|
DynamicUser=true
|
||||||
|
Group=dialout
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -6,11 +6,12 @@ After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
ExecStart=/lib/python3/dist-packages/mqtt-soundboard.py /etc/mqtt-soundboard.yaml
|
ExecStart=/opt/soundboard/.venv/bin/python /opt/soundboard/soundboard.py /etc/soundboard.yaml
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=10
|
RestartSec=10
|
||||||
User=root
|
User=audio
|
||||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
LimitMEMLOCK=infinity
|
||||||
|
LimitRTPRIO=99
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
|
@ -1,13 +1,13 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
loglevel: DEBUG
|
loglevel: INFO
|
||||||
|
|
||||||
mqtt:
|
mqtt:
|
||||||
host: {{ mqtt_internal_host }}
|
host: {{ mqtt_internal_host }}
|
||||||
|
|
||||||
sounds:
|
sounds:
|
||||||
directory: /opt/sounds
|
directory: /opt/sounds
|
||||||
play_cmd: "pw-jack mplayer -volume 20 -ao jack:name=MPlayer %s"
|
play_cmd: "mplayer -volume 10 -ao jack:name=MPlayer %s"
|
||||||
topic: bitlair/soundboard
|
topic: bitlair/soundboard
|
||||||
|
|
||||||
aliases:
|
aliases:
|
|
@ -10,7 +10,8 @@ Type=simple
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=2s
|
RestartSec=2s
|
||||||
ExecStart=/usr/local/bin/trollibox -conf /etc/trollibox.yaml
|
ExecStart=/usr/local/bin/trollibox -conf /etc/trollibox.yaml
|
||||||
User={{ music_trollibox_user }}
|
User={{ music_audio_user }}
|
||||||
|
Group={{ music_audio_user }}
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
---
|
|
||||||
nodesource_version: 22.x
|
|
|
@ -1,3 +0,0 @@
|
||||||
---
|
|
||||||
- ansible.builtin.import_tasks:
|
|
||||||
file: ../../common/handlers/main.yaml
|
|
|
@ -1,33 +0,0 @@
|
||||||
---
|
|
||||||
- name: Install dependencies
|
|
||||||
ansible.builtin.apt:
|
|
||||||
state: present
|
|
||||||
pkg:
|
|
||||||
- apt-transport-https
|
|
||||||
- gpg
|
|
||||||
|
|
||||||
- name: Import nodesource signing key
|
|
||||||
ansible.builtin.shell:
|
|
||||||
cmd: |
|
|
||||||
set -o pipefail
|
|
||||||
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /usr/share/keyrings/nodesource.gpg
|
|
||||||
executable: /bin/bash
|
|
||||||
args:
|
|
||||||
creates: /usr/share/keyrings/nodesource.gpg
|
|
||||||
notify: apt update
|
|
||||||
|
|
||||||
- name: Install nodesource apt files
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: nodesource.list
|
|
||||||
dest: /etc/apt/sources.list.d/nodesource.list
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: apt update
|
|
||||||
with_items:
|
|
||||||
- src: nodesource.list
|
|
||||||
dest: /etc/apt/sources.list.d/nodesource.list
|
|
||||||
- src: nodejs-apt-pref
|
|
||||||
dest: /etc/apt/preferences.d/nodejs
|
|
||||||
|
|
||||||
- ansible.builtin.meta: flush_handlers
|
|
|
@ -5,28 +5,16 @@
|
||||||
|
|
||||||
- name: Install fetch script
|
- name: Install fetch script
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: bambulab-fetch.sh
|
src: "{{ item.src }}"
|
||||||
dest: /opt/bambulab-fetch.sh
|
dest: "{{ item.dest }}"
|
||||||
owner: root
|
owner: "{{ item.owner | default('root') }}"
|
||||||
group: root
|
group: "{{ item.group | default('root') }}"
|
||||||
mode: 0755
|
mode: "{{ item.mode | default('0644') }}"
|
||||||
|
force: "{{ item.force | default('yes') }}"
|
||||||
- name: Install service
|
with_items:
|
||||||
ansible.builtin.template:
|
- { src: "bambulab-fetch.sh", dest: "/opt/bambulab-fetch.sh", mode: "0755" }
|
||||||
src: bambulab-fetch.service
|
- { src: "bambulab-fetch.service", dest: "/etc/systemd/system/bambulab-fetch.service" }
|
||||||
dest: /etc/systemd/system/bambulab-fetch.service
|
- { src: "bambulab-fetch.timer", dest: "/etc/systemd/system/bambulab-fetch.timer" }
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: daemon reload
|
|
||||||
|
|
||||||
- name: Install timer
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: bambulab-fetch.timer
|
|
||||||
dest: /etc/systemd/system/bambulab-fetch.timer
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: daemon reload
|
notify: daemon reload
|
||||||
|
|
||||||
- name: Enable timer
|
- name: Enable timer
|
||||||
|
|
|
@ -15,18 +15,18 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: photo-gallery-config.json
|
src: photo-gallery-config.json
|
||||||
dest: /opt/photo-gallery/config.json
|
dest: /opt/photo-gallery/config.json
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart photo-gallery
|
notify: restart photo-gallery
|
||||||
|
|
||||||
- name: Install photo-gallery service file
|
- name: Install photo-gallery service file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: photo-gallery.service
|
src: photo-gallery.service
|
||||||
dest: /etc/systemd/system/photo-gallery.service
|
dest: /etc/systemd/system/photo-gallery.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart photo-gallery
|
notify: restart photo-gallery
|
||||||
|
|
||||||
- name: Start photo-gallery
|
- name: Start photo-gallery
|
||||||
|
|
|
@ -14,18 +14,18 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: photos2mqtt.pl
|
src: photos2mqtt.pl
|
||||||
dest: /opt/photos2mqtt.pl
|
dest: /opt/photos2mqtt.pl
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0755
|
mode: "0755"
|
||||||
notify: restart photos2mqtt
|
notify: restart photos2mqtt
|
||||||
|
|
||||||
- name: Install photos2mqtt service file
|
- name: Install photos2mqtt service file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: photos2mqtt.service
|
src: photos2mqtt.service
|
||||||
dest: /etc/systemd/system/photos2mqtt.service
|
dest: /etc/systemd/system/photos2mqtt.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: restart photos2mqtt
|
notify: restart photos2mqtt
|
||||||
|
|
||||||
- name: Start photos2mqtt
|
- name: Start photos2mqtt
|
||||||
|
|
|
@ -2,24 +2,30 @@
|
||||||
- ansible.builtin.import_tasks:
|
- ansible.builtin.import_tasks:
|
||||||
file: ../../common/handlers/main.yaml
|
file: ../../common/handlers/main.yaml
|
||||||
|
|
||||||
- name: Restart ircbot
|
- name: Restart irc-bot
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: ircbot
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: restart discord-bot
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: discord-bot
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: restart irc-bot
|
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: irc-bot
|
name: irc-bot
|
||||||
state: restarted
|
state: restarted
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Restart irc-photos
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: irc-photos
|
||||||
|
state: restarted
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Restart irc-doorduino
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: irc-doorduino
|
||||||
|
state: restarted
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Restart discord-bot
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: discord-bot
|
||||||
|
state: restarted
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
- name: Restart siahsd
|
- name: Restart siahsd
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: siahsd
|
name: siahsd
|
||||||
|
|
|
@ -3,58 +3,39 @@
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- openscad
|
- python3-paho-mqtt
|
||||||
|
- python3-tz
|
||||||
- virtualenv
|
- virtualenv
|
||||||
|
|
||||||
- name: Create virtualenv
|
- name: Create virtualenv
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: virtualenv /var/lib/discord-bot/.venv
|
cmd: virtualenv /opt/miflora_exporter/.venv
|
||||||
args:
|
args:
|
||||||
creates: /var/lib/discord-bot/.venv
|
creates: /var/lib/discord-bot/.venv
|
||||||
|
|
||||||
- name: Clone bottleclip source
|
- name: Install Python dependencies
|
||||||
ansible.builtin.git:
|
ansible.builtin.shell:
|
||||||
repo: https://git.bitlair.nl/bitlair/bottle-clip.git
|
cmd: . .venv/bin/activate && pip install -r requirements.txt
|
||||||
version: main
|
args:
|
||||||
dest: /var/lib/bottle-clip
|
chdir: /var/lib/discord-bot
|
||||||
accept_hostkey: yes
|
|
||||||
|
|
||||||
- name: Clone discord-bot source
|
- name: Clone source
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: https://git.bitlair.nl/bitlair/discord-bot.git
|
repo: https://github.com/bitlair/discord-bot.git
|
||||||
version: main
|
version: main
|
||||||
dest: /var/lib/discord-bot
|
dest: /var/lib/discord-bot
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
notify:
|
notify: Restart discord-bot
|
||||||
- restart discord-bot
|
ignore_errors: true
|
||||||
- restart irc-bot
|
|
||||||
|
|
||||||
- name: Install Python dependencies
|
- name: Install service file
|
||||||
ansible.builtin.shell:
|
|
||||||
cmd: . .venv/bin/activate && pip install -e .
|
|
||||||
args:
|
|
||||||
chdir: /var/lib/discord-bot
|
|
||||||
notify:
|
|
||||||
- restart discord-bot
|
|
||||||
- restart irc-bot
|
|
||||||
|
|
||||||
- name: Install discord-bot service file
|
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: discord-bot.service
|
src: discord-bot.service
|
||||||
dest: /etc/systemd/system/discord-bot.service
|
dest: /etc/systemd/system/discord-bot.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: restart discord-bot
|
notify: Restart discord-bot
|
||||||
|
|
||||||
- name: Install irc-bot service file
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: irc-bot.service
|
|
||||||
dest: /etc/systemd/system/irc-bot.service
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: "0644"
|
|
||||||
notify: restart irc-bot
|
|
||||||
|
|
||||||
- name: Start discord-bot
|
- name: Start discord-bot
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
|
@ -62,10 +43,3 @@
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
- name: Start irc-bot
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: irc-bot
|
|
||||||
state: started
|
|
||||||
enabled: true
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
---
|
---
|
||||||
- name: Clone source
|
- name: Clone source
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: https://git.bitlair.nl/bitlair/irc-bot.git
|
repo: https://github.com/bitlair/irc-bot.git
|
||||||
version: main
|
version: master
|
||||||
dest: /var/lib/irc-bot
|
dest: /var/lib/irc-bot
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
notify: Restart ircbot
|
notify: Restart irc-bot
|
||||||
|
|
||||||
- name: Link irc-say
|
- name: Link irc-say
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
|
@ -17,18 +17,81 @@
|
||||||
- name: Install service file
|
- name: Install service file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: generic.service
|
src: generic.service
|
||||||
dest: /etc/systemd/system/ircbot.service
|
dest: /etc/systemd/system/irc-bot.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
vars:
|
vars:
|
||||||
description: Bitlair IRC bot
|
description: Bitlair IRC bot
|
||||||
exec: /bin/bash /var/lib/irc-bot/irc-bot
|
exec: /bin/bash /var/lib/irc-bot/irc-bot
|
||||||
notify: Restart ircbot
|
notify: Restart irc-bot
|
||||||
|
|
||||||
- name: Start ircbot
|
- name: Start irc-bot
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: ircbot
|
name: irc-bot
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Create helpers dir
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /var/lib/irc-helpers
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Install photos notification
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: irc-photos.sh
|
||||||
|
dest: /var/lib/irc-helpers/photos.sh
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0755"
|
||||||
|
notify: Restart irc-photos
|
||||||
|
|
||||||
|
- name: Install photos notification service
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: generic.service
|
||||||
|
dest: /etc/systemd/system/irc-photos.service
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
vars:
|
||||||
|
description: Bitlair IRC photos notification
|
||||||
|
requires: irc-bot.service
|
||||||
|
exec: /bin/bash /var/lib/irc-helpers/photos.sh
|
||||||
|
notify: Restart irc-photos
|
||||||
|
|
||||||
|
- name: Start irc-photos
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: irc-photos
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Install doorduino notification
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: irc-doorduino.sh
|
||||||
|
dest: /var/lib/irc-helpers/doorduino.sh
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0755"
|
||||||
|
notify: Restart irc-doorduino
|
||||||
|
|
||||||
|
- name: Install doorduino notification service
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: generic.service
|
||||||
|
dest: /etc/systemd/system/irc-doorduino.service
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
vars:
|
||||||
|
description: Bitlair IRC doorduino notification
|
||||||
|
requires: irc-bot.service
|
||||||
|
exec: /bin/bash /var/lib/irc-helpers/doorduino.sh
|
||||||
|
notify: Restart irc-doorduino
|
||||||
|
|
||||||
|
- name: Start irc-doorduino
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: irc-doorduino
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
|
|
||||||
- name: Clone source
|
- name: Clone source
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: https://git.bitlair.nl/bitlair/mastodon-spacestate.git
|
repo: https://github.com/bitlair/mastodon-spacestate.git
|
||||||
version: main
|
version: main
|
||||||
dest: /var/lib/mastodon-spacestate
|
dest: /var/lib/mastodon-spacestate
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
|
@ -18,18 +18,18 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: mastodon-spacestate-config.py
|
src: mastodon-spacestate-config.py
|
||||||
dest: /var/lib/mastodon-spacestate/config.py
|
dest: /var/lib/mastodon-spacestate/config.py
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0655
|
mode: "0655"
|
||||||
notify: Restart mastodon-spacestate
|
notify: Restart mastodon-spacestate
|
||||||
|
|
||||||
- name: Install service file
|
- name: Install service file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: mastodon-spacestate.service
|
src: mastodon-spacestate.service
|
||||||
dest: /etc/systemd/system/mastodon-spacestate.service
|
dest: /etc/systemd/system/mastodon-spacestate.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Restart mastodon-spacestate
|
notify: Restart mastodon-spacestate
|
||||||
|
|
||||||
- name: Start mastodon-spacestate
|
- name: Start mastodon-spacestate
|
||||||
|
|
|
@ -7,9 +7,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: power-mqtt.py
|
src: power-mqtt.py
|
||||||
dest: /var/lib/power-mqtt.py
|
dest: /var/lib/power-mqtt.py
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0755
|
mode: "0755"
|
||||||
notify: Restart power-mqtt
|
notify: Restart power-mqtt
|
||||||
|
|
||||||
- name: Remove old service
|
- name: Remove old service
|
||||||
|
@ -21,9 +21,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: generic.service
|
src: generic.service
|
||||||
dest: /etc/systemd/system/power-mqtt@.service
|
dest: /etc/systemd/system/power-mqtt@.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
vars:
|
vars:
|
||||||
description: "SMD630 to MQTT Probe"
|
description: "SMD630 to MQTT Probe"
|
||||||
exec: "/var/lib/power-mqtt.py %i"
|
exec: "/var/lib/power-mqtt.py %i"
|
||||||
|
|
|
@ -1,31 +1,32 @@
|
||||||
---
|
---
|
||||||
- name: Install siahsd
|
# TODO: Install and build
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- debianutils
|
|
||||||
- siahsd
|
|
||||||
|
|
||||||
- name: Clone alarm-handlers
|
- name: Create directories
|
||||||
ansible.builtin.git:
|
|
||||||
repo: https://git.bitlair.nl/bitlair/alarm-handlers.git
|
|
||||||
version: main
|
|
||||||
dest: /opt/alarm
|
|
||||||
accept_hostkey: yes
|
|
||||||
|
|
||||||
- name: Create log directory
|
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /var/log/siahsd
|
path: "{{ item }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: siahsd
|
owner: siahsd
|
||||||
group: nogroup
|
group: nogroup
|
||||||
mode: "0750"
|
mode: "0750"
|
||||||
|
with_items:
|
||||||
|
- /var/log/siahsd
|
||||||
|
- /var/lib/siahsd
|
||||||
|
|
||||||
- name: Install config file
|
- name: Install config file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: siahsd.conf
|
src: siahsd.conf
|
||||||
dest: /etc/siahsd.conf
|
dest: /etc/siahsd.conf
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
|
mode: "0644"
|
||||||
|
notify: Restart siahsd
|
||||||
|
|
||||||
|
- name: Install service file
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: siahsd.service
|
||||||
|
dest: /etc/systemd/system/siahsd.service
|
||||||
|
owner: "root"
|
||||||
|
group: "root"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: Restart siahsd
|
notify: Restart siahsd
|
||||||
|
|
||||||
|
@ -35,3 +36,4 @@
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
|
|
||||||
- name: Clone source
|
- name: Clone source
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: https://git.bitlair.nl/bitlair/spacestated.git
|
repo: https://github.com/bitlair/spacestated.git
|
||||||
version: main
|
version: main
|
||||||
dest: /var/lib/spacestated/spacestated
|
dest: /var/lib/spacestated/spacestated
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
|
@ -32,9 +32,9 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: spacestated.service
|
src: spacestated.service
|
||||||
dest: /etc/systemd/system/spacestated.service
|
dest: /etc/systemd/system/spacestated.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
notify: Restart spacestated
|
notify: Restart spacestated
|
||||||
|
|
||||||
- name: Start spacestated
|
- name: Start spacestated
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
|
|
||||||
- name: Clone source
|
- name: Clone source
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: https://git.bitlair.nl/bitlair/wifi-mqtt.git
|
repo: https://github.com/bitlair/wifi-mqtt.git
|
||||||
version: main
|
version: main
|
||||||
dest: /var/lib/wifi-mqtt
|
dest: /var/lib/wifi-mqtt
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
|
@ -19,8 +19,8 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: wifi-mqtt.service
|
src: wifi-mqtt.service
|
||||||
dest: /etc/systemd/system/wifi-mqtt.service
|
dest: /etc/systemd/system/wifi-mqtt.service
|
||||||
owner: root
|
owner: "root"
|
||||||
group: root
|
group: "root"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: Restart wifi-mqtt
|
notify: Restart wifi-mqtt
|
||||||
|
|
||||||
|
|
|
@ -1,17 +1,16 @@
|
||||||
# {{ ansible_managed }}
|
# Managed by Ansible
|
||||||
|
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Bitlair Discord Bot
|
Description=HobbyBot
|
||||||
After=network.target
|
After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Restart=always
|
Restart=on-failure
|
||||||
RestartSec=10s
|
RestartSec=10s
|
||||||
ExecStart=/var/lib/discord-bot/.venv/bin/python /var/lib/discord-bot/discordbot.py
|
ExecStart=/var/lib/discord-bot/.venv/bin/python /var/lib/discord-bot/main.py
|
||||||
DynamicUser=true
|
DynamicUser=true
|
||||||
Environment="MQTT_HOST={{ mqtt_internal_host }}"
|
Environment="MQTT_HOST={{ mqtt_internal_host }}"
|
||||||
Environment="BOTTLECLIP_RESOURCES=/var/lib/bottle-clip"
|
|
||||||
Environment="DISCORD_WEBHOOK_URL={{ lookup('passwordstore', 'services/discord', subkey='webhook_url') }}"
|
Environment="DISCORD_WEBHOOK_URL={{ lookup('passwordstore', 'services/discord', subkey='webhook_url') }}"
|
||||||
Environment="DISCORD_TOKEN={{ lookup('passwordstore', 'services/discord', subkey='token') }}"
|
Environment="DISCORD_TOKEN={{ lookup('passwordstore', 'services/discord', subkey='token') }}"
|
||||||
|
|
||||||
|
|
|
@ -1,20 +0,0 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=Bitlair IRC Bot
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Restart=always
|
|
||||||
RestartSec=10s
|
|
||||||
ExecStart=/var/lib/discord-bot/.venv/bin/python /var/lib/discord-bot/ircbot.py
|
|
||||||
DynamicUser=true
|
|
||||||
Environment="MQTT_HOST={{ mqtt_internal_host }}"
|
|
||||||
Environment="BOTTLECLIP_RESOURCES=/var/lib/bottle-clip"
|
|
||||||
Environment="IRC_SERVER=irc.smurfnet.ch"
|
|
||||||
Environment="IRC_CHANNEL=#bitlair"
|
|
||||||
Environment="IRC_NICK=bitlair"
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
24
roles/services/templates/irc-doorduino.sh
Normal file
24
roles/services/templates/irc-doorduino.sh
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Managed by Ansible
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
set -o pipefail
|
||||||
|
|
||||||
|
initial=1
|
||||||
|
|
||||||
|
mqtt-simple -h {{ mqtt_internal_host }} -t "bitlair/doorduino/+" |
|
||||||
|
while read line; do
|
||||||
|
topic=$(echo "$line" | cut -d' ' -f1 | sed "s/bitlair\/doorduino\///")
|
||||||
|
value=$(echo "$line" | cut -s -d' ' -f2-)
|
||||||
|
|
||||||
|
if [ $initial == 0 ] && [ $value != 0 ]; then
|
||||||
|
if [ $topic == "doorbell" ]; then
|
||||||
|
irc-say "DEURBEL! Open de deur beneden!"
|
||||||
|
elif [ $topic != "dooropen" ]; then
|
||||||
|
irc-say "Doorduino: $topic $value"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
initial=0
|
||||||
|
done
|
||||||
|
|
13
roles/services/templates/irc-photos.sh
Normal file
13
roles/services/templates/irc-photos.sh
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Managed by Ansible
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
set -o pipefail
|
||||||
|
|
||||||
|
mqtt-simple -h {{ mqtt_internal_host }} -s "bitlair/photos" |
|
||||||
|
while read event; do
|
||||||
|
path=$(echo $event | cut -d ' ' -f 2)
|
||||||
|
url="https://bitlair.nl/fotos/view/$path"
|
||||||
|
irc-say "WIP: $url"
|
||||||
|
done
|
|
@ -1,5 +1,3 @@
|
||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
[siahsd]
|
[siahsd]
|
||||||
pid file = /var/lib/siahsd/siahsd.pid
|
pid file = /var/lib/siahsd/siahsd.pid
|
||||||
log file = /var/log/siahsd/siahsd.log
|
log file = /var/log/siahsd/siahsd.log
|
||||||
|
@ -7,6 +5,13 @@ log level = 3
|
||||||
foreground = 0
|
foreground = 0
|
||||||
event handlers = script
|
event handlers = script
|
||||||
|
|
||||||
|
#[database]
|
||||||
|
#driver = mysql
|
||||||
|
#host = localhost
|
||||||
|
#name = siahsd
|
||||||
|
#username = siahsd
|
||||||
|
#password = MysbJxAaawmwKPqD
|
||||||
|
|
||||||
[siahs]
|
[siahs]
|
||||||
port = 4000
|
port = 4000
|
||||||
|
|
||||||
|
@ -14,5 +19,21 @@ port = 4000
|
||||||
port = 9000
|
port = 9000
|
||||||
rsa key file = something.sexp
|
rsa key file = something.sexp
|
||||||
|
|
||||||
|
#[jsonbot]
|
||||||
|
#address = 192.168.88.15
|
||||||
|
#port = 5500
|
||||||
|
#aes key = blablablablablaz
|
||||||
|
#password = mekker
|
||||||
|
#privmsg to = #bitlair
|
||||||
|
|
||||||
|
#[spacestate]
|
||||||
|
#driver = mysql
|
||||||
|
#host = localhost
|
||||||
|
#name = bitwifi
|
||||||
|
#username = bitwifi
|
||||||
|
#password = aGWERQpLEQPUaXJV
|
||||||
|
#open script = /opt/alarm/disarmed.sh
|
||||||
|
#close script = /opt/alarm/armed.sh
|
||||||
|
|
||||||
[script]
|
[script]
|
||||||
path = /opt/alarm/siahsd_handler.sh
|
path = /opt/alarm/siahsd_handler.sh
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue