Compare commits
3 commits
Author | SHA1 | Date | |
---|---|---|---|
a30d388422 | |||
77c1732623 | |||
d0cd352b4a |
110 changed files with 804 additions and 1362 deletions
14
.ansible-lint
Normal file
14
.ansible-lint
Normal file
|
@ -0,0 +1,14 @@
|
|||
#warn_list: # or 'skip_list' to silence them completely
|
||||
skip_list:
|
||||
- experimental
|
||||
- var-naming[no-role-prefix]
|
||||
- name
|
||||
warn_list:
|
||||
- '204' # Lines should be no longer than 160 chars
|
||||
- no-handler
|
||||
- ignore-errors
|
||||
- fqcn-builtins
|
||||
- fqcn
|
||||
- partial-become[task]
|
||||
- template-instead-of-copy
|
||||
offline: true
|
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
.password-store
|
||||
.gitignore
|
||||
.envrc
|
|
@ -15,3 +15,8 @@ rules:
|
|||
max-spaces-after: -1
|
||||
commas:
|
||||
max-spaces-after: -1
|
||||
comments:
|
||||
min-spaces-from-content: 1
|
||||
octal-values:
|
||||
forbid-implicit-octal: true
|
||||
forbid-explicit-octal: true
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICLZGbt/we3JQ482/NYcdOKGoKDOj1MgmYFP2GDmjLw/ kyan@flandre
|
53
bitlair.yaml
53
bitlair.yaml
|
@ -1,77 +1,80 @@
|
|||
---
|
||||
|
||||
- hosts: all
|
||||
- name: common
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
roles:
|
||||
- { role: "common", tags: ["common"] }
|
||||
- { role: "nft", tags: ["nft"] }
|
||||
|
||||
- hosts: bank
|
||||
- name: bank
|
||||
hosts: bank
|
||||
roles:
|
||||
- { role: "bank", tags: ["bank"] }
|
||||
|
||||
- hosts: homeassistant
|
||||
- name: homeassistant
|
||||
hosts: homeassistant
|
||||
roles:
|
||||
- { role: "acme", tags: ["acme"] }
|
||||
- { role: "nginx", tags: ["nginx"] }
|
||||
|
||||
- hosts: raspi
|
||||
- name: raspi
|
||||
hosts: raspi
|
||||
roles:
|
||||
- { role: "raspi", tags: ["raspi"] }
|
||||
- { role: "bank-terminal", tags: ["bank-terminal"] }
|
||||
|
||||
- hosts: fotos
|
||||
- name: fotos
|
||||
hosts: fotos
|
||||
roles:
|
||||
- { role: "photos", tags: ["photos"] }
|
||||
|
||||
- hosts: git-ci
|
||||
- name: CI
|
||||
hosts: git-ci
|
||||
roles:
|
||||
- { role: "git_ci", tags: ["git_ci"] }
|
||||
- { role: "git-ci", tags: ["git-ci"] }
|
||||
|
||||
- hosts: git
|
||||
- name: git
|
||||
hosts: git
|
||||
roles:
|
||||
- { role: "acme", tags: ["acme"] }
|
||||
- { role: "nginx", tags: ["nginx"] }
|
||||
- { role: "git-server", tags: ["git-server"] }
|
||||
|
||||
- hosts: monitoring
|
||||
- name: monitoring
|
||||
hosts: monitoring
|
||||
roles:
|
||||
- { role: "acme", tags: ["acme"] }
|
||||
- { role: "nginx", tags: ["nginx"] }
|
||||
- { role: "monitoring", tags: ["monitoring"] }
|
||||
|
||||
- hosts: mqtt
|
||||
- name: mqtt
|
||||
hosts: mqtt
|
||||
roles:
|
||||
- { role: "mqtt", tags: ["mqtt"] }
|
||||
|
||||
- hosts: music
|
||||
- name: music
|
||||
hosts: music
|
||||
roles:
|
||||
- { role: "acme", tags: ["acme"] }
|
||||
- { role: "go", tags: ["go"] }
|
||||
- { role: "music", tags: ["music"] }
|
||||
|
||||
- hosts: pad
|
||||
- name: pad
|
||||
hosts: pad
|
||||
roles:
|
||||
- { role: "acme", tags: ["acme"] }
|
||||
- { role: "nginx", tags: ["nginx"] }
|
||||
- { role: "etherpad", tags: ["etherpad"] }
|
||||
|
||||
- hosts: services
|
||||
- name: services
|
||||
hosts: services
|
||||
roles:
|
||||
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
|
||||
- { role: "services", tags: ["services"] }
|
||||
|
||||
- hosts: wiki
|
||||
- name: wiki
|
||||
hosts: wiki
|
||||
roles:
|
||||
- { role: "acme", tags: ["acme"] }
|
||||
- { role: "nginx", tags: ["nginx"] }
|
||||
- { role: "www", tags: ["www"] }
|
||||
|
||||
- hosts: chat
|
||||
roles:
|
||||
- { role: "acme", tags: [ "acme" ] }
|
||||
- { role: "nginx", tags: [ "nginx" ] }
|
||||
- { role: "chat", tags: [ "chat" ] }
|
||||
|
||||
- hosts: ldap
|
||||
roles:
|
||||
- { role: "common", tags: [ "common" ] }
|
||||
|
|
10
chat.yaml
10
chat.yaml
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
|
||||
- hosts: chat
|
||||
roles:
|
||||
- { role: "common", tags: [ "common" ] }
|
||||
- { role: "nft", tags: [ "nft" ] }
|
||||
- { role: "nginx", tags: [ "nginx" ] }
|
||||
- { role: "acme", tags: [ "acme" ] }
|
||||
- { role: "nodesource", tags: [ "nodesource" ] }
|
||||
- { role: "chat", tags: [ "chat" ] }
|
|
@ -3,4 +3,4 @@
|
|||
- hosts: git-ci
|
||||
roles:
|
||||
- { role: "common", tags: [ "common" ] }
|
||||
- { role: "git_ci", tags: [ "git_ci" ] }
|
||||
- { role: "git-ci", tags: [ "git-ci" ] }
|
||||
|
|
|
@ -36,8 +36,3 @@ mqtt_public_host: bitlair.nl
|
|||
debian_repourl: "http://deb.debian.org/debian/"
|
||||
debian_securityurl: "http://security.debian.org/debian-security"
|
||||
|
||||
deb_forgejo_repos:
|
||||
- host: git.bitlair.nl
|
||||
owner: bitlair
|
||||
- host: git.polyfloyd.net
|
||||
owner: polyfloyd
|
||||
|
|
|
@ -1,36 +0,0 @@
|
|||
---
|
||||
|
||||
root_access:
|
||||
- blackdragon
|
||||
- ak
|
||||
- foobar
|
||||
- polyfloyd
|
||||
|
||||
nodejs_version: 22.x
|
||||
thelounge_version: "4.4.3"
|
||||
thelounge_ldap_url: ldaps://ldap.bitlair.nl
|
||||
thelounge_ldap_filter: (objectClass=inetOrgPerson)
|
||||
thelounge_ldap_base: ou=Members,dc=bitlair,dc=nl
|
||||
chat_hostname: chat.bitlair.nl
|
||||
|
||||
acme_domains:
|
||||
- "{{ chat_hostname }}"
|
||||
|
||||
nginx_sites:
|
||||
- server_name: "{{ chat_hostname }}"
|
||||
config:
|
||||
- |-
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:9000/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# by default nginx times out connections in one minute
|
||||
proxy_read_timeout 1d;
|
||||
}
|
||||
|
||||
group_nft_input:
|
||||
- "tcp dport { http, https } accept # Allow web-traffic from world"
|
|
@ -6,18 +6,12 @@ nft: false
|
|||
root_access:
|
||||
- ak
|
||||
- bob
|
||||
- eightdot
|
||||
- foobar
|
||||
- polyfloyd
|
||||
|
||||
nginx_client_max_body_size: 512M
|
||||
nginx_sites:
|
||||
- server_name: "music.bitlair.nl"
|
||||
snippets:
|
||||
- "music-nginx.j2"
|
||||
|
||||
music_domain: music.bitlair.nl
|
||||
acme_san_domains:
|
||||
- [ music.bitlair.nl ]
|
||||
|
||||
music_bitpanel_host: bitpanel.bitlair.nl
|
||||
music_bitpanel_port: 1337
|
||||
|
|
|
@ -17,8 +17,7 @@ blockchain.bitlair.nl
|
|||
git.bitlair.nl
|
||||
|
||||
[git-ci]
|
||||
git-ci01.bitlair.nl
|
||||
git-ci02.bitlair.nl
|
||||
git-ci.bitlair.nl
|
||||
|
||||
[pad]
|
||||
pad.bitlair.nl
|
||||
|
@ -50,9 +49,6 @@ homeassistant.bitlair.nl
|
|||
[chat]
|
||||
chat.bitlair.nl
|
||||
|
||||
[ldap]
|
||||
ldap-new.bitlair.nl
|
||||
|
||||
[debian:children]
|
||||
bank
|
||||
fotos
|
||||
|
|
1
lint.sh
1
lint.sh
|
@ -1,5 +1,6 @@
|
|||
#!/bin/bash
|
||||
|
||||
j2lint `find ./ -type f -name '*.j2'`
|
||||
yamllint -c .yamllint.yaml .
|
||||
ansible-lint bitlair.yaml
|
||||
|
||||
|
|
|
@ -4,6 +4,5 @@
|
|||
roles:
|
||||
- { role: "common", tags: [ "common" ] }
|
||||
- { role: "acme", tags: [ "acme" ] }
|
||||
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
|
||||
- { role: "nginx", tags: [ "nginx" ] }
|
||||
- { role: "monitoring", tags: [ "monitoring" ] }
|
||||
|
|
|
@ -4,6 +4,6 @@
|
|||
roles:
|
||||
- { role: "common", tags: [ "common" ] }
|
||||
- { role: "acme", tags: [ "acme" ] }
|
||||
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
|
||||
- { role: "nginx", tags: [ "nginx" ] }
|
||||
- { role: "go", tags: [ "go" ] }
|
||||
# - { role: "nginx", tags: [ "nginx" ] }
|
||||
- { role: "music", tags: [ "music" ] }
|
||||
|
|
1
pad.yaml
1
pad.yaml
|
@ -9,5 +9,4 @@
|
|||
- { role: "nft", tags: [ "nft" ] }
|
||||
- { role: "acme", tags: [ "acme" ] }
|
||||
- { role: "nginx", tags: [ "nginx" ] }
|
||||
- { role: "nodesource", tags: [ "nodesource" ] }
|
||||
- { role: "etherpad", tags: [ "etherpad" ] }
|
||||
|
|
|
@ -1,9 +1,5 @@
|
|||
---
|
||||
|
||||
- name: update_contact_info
|
||||
ansible.builtin.command:
|
||||
cmd: dehydrated --account
|
||||
|
||||
- name: run dehydrated
|
||||
ansible.builtin.command:
|
||||
cmd: dehydrated --cron
|
||||
|
|
|
@ -4,11 +4,11 @@
|
|||
block:
|
||||
- name: Add user
|
||||
ansible.builtin.user:
|
||||
name: bank-terminal
|
||||
home: /home/{{ bank_terminal_user }}
|
||||
shell: /home/{{ bank_terminal_user }}/login
|
||||
name: "bank-terminal"
|
||||
home: "/home/{{ bank_terminal_user }}"
|
||||
shell: "/home/{{ bank_terminal_user }}/login"
|
||||
generate_ssh_key: yes
|
||||
ssh_key_type: ed25519
|
||||
ssh_key_type: "ed25519"
|
||||
|
||||
- name: Locate agetty
|
||||
ansible.builtin.command:
|
||||
|
@ -16,34 +16,35 @@
|
|||
register: agetty_location_cmd
|
||||
|
||||
- name: Set agetty var
|
||||
ansible.builtin.set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}"
|
||||
ansible.builtin.set_fact:
|
||||
agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}"
|
||||
|
||||
- name: Install login script
|
||||
ansible.builtin.template:
|
||||
src: login
|
||||
dest: /home/{{ bank_terminal_user }}/login
|
||||
owner: bank-terminal
|
||||
group: bank-terminal
|
||||
mode: 0755
|
||||
src: "login"
|
||||
dest: "/home/{{ bank_terminal_user }}/login"
|
||||
owner: "bank-terminal"
|
||||
group: "bank-terminal"
|
||||
mode: "0755"
|
||||
|
||||
- name: Autologin User
|
||||
ansible.builtin.template:
|
||||
src: tty_autologin.conf
|
||||
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
src: "tty_autologin.conf"
|
||||
dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: daemon_reload
|
||||
|
||||
- name: Clear MOTD
|
||||
ansible.builtin.copy:
|
||||
content: ""
|
||||
dest: /etc/motd
|
||||
dest: "/etc/motd"
|
||||
|
||||
# Set console font so the Revbank QR codes are rendered correctly.
|
||||
- name: Console setup
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/default/console-setup
|
||||
path: "/etc/default/console-setup"
|
||||
line: '{{ item.k }}="{{ item.v }}"'
|
||||
regexp: "^#?{{ item.k }}"
|
||||
with_items:
|
||||
|
@ -56,8 +57,8 @@
|
|||
|
||||
- name: Console Setup Management Note
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/default/console-setup
|
||||
line: '# Managed by Ansible'
|
||||
path: "/etc/default/console-setup"
|
||||
line: "# Managed by Ansible"
|
||||
insertafter: "CONFIGURATION FILE"
|
||||
|
||||
- name: Read pubkey
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
bank_user: bank
|
||||
bank_revbank_git: https://git.bitlair.nl/bitlair/revbank.git
|
||||
bank_local_tty: no
|
||||
bank_revbank_version: "10.5.1"
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
name: bank
|
||||
password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank"
|
||||
home: /home/{{ bank_user }}
|
||||
shell: /usr/local/share/revbank/revbank
|
||||
shell: /home/{{ bank_user }}/revbank.git/revbank
|
||||
update_password: always
|
||||
|
||||
- name: Allow password auth for bank user
|
||||
|
@ -13,7 +13,7 @@
|
|||
insertafter: EOF
|
||||
validate: "/usr/sbin/sshd -t -f %s"
|
||||
block: |-
|
||||
Match User {{ bank_user }}
|
||||
Match User bank
|
||||
PasswordAuthentication yes
|
||||
notify: reload sshd
|
||||
|
||||
|
@ -41,14 +41,14 @@
|
|||
|
||||
- name: Create getty dir
|
||||
ansible.builtin.file:
|
||||
path: /etc/systemd/system/getty@tty1.service.d
|
||||
path: "/etc/systemd/system/getty@tty1.service.d"
|
||||
state: directory
|
||||
|
||||
- name: Autologin User
|
||||
ansible.builtin.template:
|
||||
src: tty_autologin.conf
|
||||
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
src: "tty_autologin.conf"
|
||||
dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: daemon reload
|
||||
|
|
|
@ -23,18 +23,18 @@
|
|||
ansible.builtin.template:
|
||||
src: revbank-deposit.conf
|
||||
dest: /etc/revbank-deposit.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0600
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0600"
|
||||
notify: Restart revbank-deposit
|
||||
|
||||
- name: Install revbank-deposit service
|
||||
ansible.builtin.template:
|
||||
src: revbank-deposit.service
|
||||
dest: /etc/systemd/system/revbank-deposit.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart revbank-deposit
|
||||
|
||||
- name: Start revbank-deposit
|
||||
|
@ -44,4 +44,4 @@
|
|||
state: started
|
||||
enabled: true
|
||||
|
||||
- meta: flush_handlers
|
||||
- ansible.builtin.meta: flush_handlers
|
||||
|
|
|
@ -1,22 +1,50 @@
|
|||
---
|
||||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl ]
|
||||
name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl, qrencode ]
|
||||
state: present
|
||||
|
||||
- name: Clone revbank source
|
||||
ansible.builtin.git:
|
||||
repo: https://github.com/revspace/revbank.git
|
||||
version: "v{{ bank_revbank_version }}"
|
||||
dest: /usr/local/share/revbank
|
||||
repo: "{{ bank_revbank_git }}"
|
||||
version: master
|
||||
dest: /home/{{ bank_user }}/revbank.git
|
||||
accept_hostkey: yes
|
||||
|
||||
- name: Clone revbank-plugin source
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/revbank-plugins.git
|
||||
version: main
|
||||
dest: /usr/local/share/revbank-plugins
|
||||
accept_hostkey: yes
|
||||
- name: Create data files
|
||||
ansible.builtin.command: cp /home/{{ bank_user }}/revbank.git/{{ item }} /home/{{ bank_user }}/{{ item }}
|
||||
args:
|
||||
creates: /home/{{ bank_user }}/{{ item }}
|
||||
with_items:
|
||||
- revbank.accounts
|
||||
- revbank.market
|
||||
- revbank.products
|
||||
|
||||
- name: Ensure data file permissions
|
||||
ansible.builtin.file:
|
||||
path: /home/{{ bank_user }}/{{ item }}
|
||||
state: touch
|
||||
owner: "{{ bank_user }}"
|
||||
group: "{{ bank_user }}"
|
||||
mode: "0644"
|
||||
with_items:
|
||||
- revbank.accounts
|
||||
- revbank.market
|
||||
- revbank.products
|
||||
|
||||
- name: Link plugins
|
||||
ansible.builtin.file:
|
||||
state: link
|
||||
path: /home/{{ bank_user }}/{{ item }}
|
||||
src: /home/{{ bank_user }}/revbank.git/{{ item }}
|
||||
with_items:
|
||||
- plugins
|
||||
- revbank.plugins
|
||||
|
||||
- name: Create git data dir
|
||||
ansible.builtin.file:
|
||||
path: /home/{{ bank_user }}/data.git
|
||||
state: directory
|
||||
|
||||
- name: Install git cronjob
|
||||
ansible.builtin.template:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
SHELL=/bin/bash
|
||||
|
||||
#m h dom mon dow user command
|
||||
*/10 * * * * {{ bank_user }} git -C ~/.revbank pull -r && git -C ~/.revbank push && git -C ~/.revbank gc
|
||||
#m h dom mon dow user command
|
||||
0 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products)
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
|
||||
chat_user: thelounge
|
||||
chat_group: thelounge
|
||||
chat_configdir: "/etc/thelounge"
|
|
@ -1,11 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Reload systemd
|
||||
ansible.builtin.systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: Restart thelounge
|
||||
ansible.builtin.systemd:
|
||||
name: thelounge
|
||||
state: restarted
|
||||
enabled: true
|
|
@ -1,92 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
state: present
|
||||
pkg:
|
||||
- build-essential
|
||||
- nodejs
|
||||
|
||||
- name: Ensure directories are present
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
owner: "{{ chat_user }}"
|
||||
group: "{{ chat_group }}"
|
||||
state: "{{ item.state | default('directory') }}"
|
||||
mode: "{{ item.mode | default('0770') }}"
|
||||
with_items:
|
||||
- { path: "{{ chat_configdir }}" }
|
||||
- { path: "/var/local/thelounge/users" }
|
||||
- { path: "/var/local/thelounge/storage" }
|
||||
notify:
|
||||
- Restart thelounge
|
||||
|
||||
- name: Install nodejs
|
||||
ansible.builtin.apt:
|
||||
|
||||
- name: Install yarn
|
||||
ansible.builtin.shell:
|
||||
cmd: npm install --global yarn
|
||||
|
||||
- ansible.builtin.stat:
|
||||
path: /opt/thelounge
|
||||
register: src_path
|
||||
|
||||
- name: Retreive thelounge source
|
||||
block:
|
||||
- name: Checkout source
|
||||
ansible.builtin.git:
|
||||
repo: 'https://github.com/revspace/thelounge.git'
|
||||
dest: /opt/thelounge
|
||||
version: 9d6dc83
|
||||
force: true
|
||||
|
||||
- name: Copy patch
|
||||
ansible.builtin.template:
|
||||
src: thelounge-bitlair.patch
|
||||
dest: /tmp/thelounge-bitlair.patch
|
||||
|
||||
- name: Apply patch
|
||||
ansible.builtin.shell:
|
||||
chdir: /opt/thelounge
|
||||
cmd: git apply /tmp/thelounge-bitlair.patch
|
||||
when: not src_path.stat.exists
|
||||
|
||||
- name: Build and install thelounge
|
||||
ansible.builtin.shell:
|
||||
chdir: /opt/thelounge
|
||||
cmd: yarn add sharp --ignore-engines && yarn install --include-optional sharp && NODE_ENV=production yarn build && ln -sf $(pwd)/index.js /usr/local/bin/thelounge
|
||||
notify:
|
||||
- Restart thelounge
|
||||
|
||||
- name: Ensure user thelounge is present
|
||||
ansible.builtin.user:
|
||||
name: thelounge
|
||||
createhome: no
|
||||
comment: The Lounge (IRC client)
|
||||
system: yes
|
||||
state: present
|
||||
|
||||
- name: Ensure JS and JSON syntax checking packages are installed
|
||||
community.general.yarn:
|
||||
name: "{{ item }}"
|
||||
global: yes
|
||||
# state: latest # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in
|
||||
with_items:
|
||||
- esprima
|
||||
- jsonlint
|
||||
# changed_when: no # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in
|
||||
|
||||
- name: Configure templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
owner: "{{ item.owner | default( chat_user ) }}"
|
||||
group: "{{ item.group | default( chat_group ) }}"
|
||||
mode: "{{ item.mode | default('0640') }}"
|
||||
validate: "{{ item.validate | default([]) }}"
|
||||
with_items:
|
||||
- { src: "config.js.j2", dest: "/etc/thelounge/config.js", validate: 'esvalidate %s' }
|
||||
- { src: "thelounge.service", dest: "/etc/systemd/system/thelounge.service", owner: root, group: root, notify: "Reload systemd" }
|
||||
notify: "{{ item.notify | default('Restart thelounge') }}"
|
||||
|
|
@ -1,59 +0,0 @@
|
|||
"use strict";
|
||||
|
||||
module.exports = {
|
||||
public: false,
|
||||
port: 9000,
|
||||
bind: "0.0.0.0",
|
||||
host: "127.0.0.1",
|
||||
reverseProxy: true,
|
||||
lockNetwork: true,
|
||||
maxHistory: 10000,
|
||||
leaveMessage: "Doei!",
|
||||
defaults: {
|
||||
name: "Smurfnet",
|
||||
password: "",
|
||||
rejectUnauthorized: true,
|
||||
nick: "",
|
||||
username: "",
|
||||
realname: "",
|
||||
join: "#bitlair",
|
||||
},
|
||||
messageStorage: ["sqlite", "text"],
|
||||
fileUpload: {
|
||||
enable: true,
|
||||
},
|
||||
networks: {
|
||||
Smurfnet: {
|
||||
host: "irc.smurfnet.ch",
|
||||
port: 6697,
|
||||
tls: true,
|
||||
rejectUnauthorized: false,
|
||||
},
|
||||
"Libera.Chat": {
|
||||
host: "irc.libera.chat",
|
||||
port: 6697,
|
||||
tls: true,
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
OFTC: {
|
||||
host: "irc.oftc.net",
|
||||
port: 6697,
|
||||
tls: true,
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
},
|
||||
identd: {
|
||||
enable: false,
|
||||
},
|
||||
ldap: {
|
||||
enable: true,
|
||||
url: "{{ thelounge_ldap_url }}",
|
||||
primaryKey: "uid",
|
||||
searchDN: {
|
||||
rootDN: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN subkey=binddn') }}",
|
||||
rootPassword: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN') }}",
|
||||
filter: "{{ thelounge_ldap_filter }}",
|
||||
base: "{{ thelounge_ldap_base }}",
|
||||
},
|
||||
},
|
||||
};
|
|
@ -1,28 +0,0 @@
|
|||
diff --git a/package.json b/package.json
|
||||
index 2991a6ec..dac43f16 100644
|
||||
--- a/package.json
|
||||
+++ b/package.json
|
||||
@@ -84,9 +84,7 @@
|
||||
"ua-parser-js": "1.0.33",
|
||||
"uuid": "8.3.2",
|
||||
"web-push": "3.4.5",
|
||||
- "yarn": "1.22.17"
|
||||
- },
|
||||
- "optionalDependencies": {
|
||||
+ "yarn": "1.22.17",
|
||||
"sqlite3": "5.1.7"
|
||||
},
|
||||
"devDependencies": {
|
||||
diff --git a/server/plugins/auth/ldap.ts b/server/plugins/auth/ldap.ts
|
||||
index e6093b0f..d30b9a1c 100644
|
||||
--- a/server/plugins/auth/ldap.ts
|
||||
+++ b/server/plugins/auth/ldap.ts
|
||||
@@ -134,7 +134,7 @@ const ldapAuth: AuthHandler = (manager, client, user, password, callback) => {
|
||||
// auth plugin API
|
||||
function callbackWrapper(valid: boolean) {
|
||||
if (valid && !client) {
|
||||
- manager.addUser(user, null, false);
|
||||
+ manager.addUser(user, null, true);
|
||||
}
|
||||
|
||||
callback(valid);
|
|
@ -1,17 +0,0 @@
|
|||
[Unit]
|
||||
Description=The Lounge (IRC client)
|
||||
After=network-online.target
|
||||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
User={{ chat_user }}
|
||||
Group={{ chat_group }}
|
||||
Type=simple
|
||||
Environment=THELOUNGE_HOME=/var/local/thelounge
|
||||
ExecStart=/usr/local/bin/thelounge start
|
||||
ProtectSystem=yes
|
||||
ProtectHome=yes
|
||||
PrivateTmp=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -3,7 +3,7 @@
|
|||
ansible.builtin.command:
|
||||
cmd: update-grub
|
||||
|
||||
- name: apt update
|
||||
- name: Apt update
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
|
||||
|
|
|
@ -4,9 +4,9 @@
|
|||
ansible.builtin.template:
|
||||
src: stable-sources.list
|
||||
dest: /etc/apt/sources.list
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
|
||||
- name: Remove backports
|
||||
ansible.builtin.file:
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
ansible.builtin.template:
|
||||
src: authorized_keys.j2
|
||||
dest: /root/.ssh/authorized_keys
|
||||
mode: 0600
|
||||
mode: "0600"
|
||||
when: root_access is defined and root_access
|
||||
tags: authorized_keys
|
||||
|
||||
|
|
|
@ -28,9 +28,9 @@
|
|||
ansible.builtin.template:
|
||||
src: network-interfaces
|
||||
dest: /etc/network/interfaces
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
when: network_br or network_dhcp or network_static
|
||||
|
||||
- ansible.builtin.meta: flush_handlers
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
deb_private_host: git.polyfloyd.net
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- ansible.builtin.import_tasks:
|
||||
file: ../../common/handlers/main.yaml
|
|
@ -1,26 +0,0 @@
|
|||
---
|
||||
- tags: deb_forgejo
|
||||
block:
|
||||
- name: Install dependencies
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
|
||||
- name: Install packaging key
|
||||
get_url:
|
||||
url: https://{{ item.host }}/api/packages/{{ item.owner }}/debian/repository.key
|
||||
dest: /etc/apt/keyrings/{{ item.host }}-{{ item.owner }}.asc
|
||||
mode: "0644"
|
||||
with_items: "{{ deb_forgejo_repos }}"
|
||||
notify: apt update
|
||||
|
||||
- name: Install sources.list
|
||||
template:
|
||||
src: sources.list
|
||||
dest: /etc/apt/sources.list.d/deb-forgejo.list
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
notify: apt update
|
||||
|
||||
- meta: flush_handlers
|
|
@ -1,5 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
{% for repo in deb_forgejo_repos %}
|
||||
deb [signed-by=/etc/apt/keyrings/{{ repo.host }}-{{ repo.owner }}.asc] https://{{ repo.host }}/api/packages/{{ repo.owner }}/debian {{ repo.distro | default('stable') }} {{ repo.component | default('main') }}
|
||||
{% endfor %}
|
|
@ -1,3 +1,4 @@
|
|||
nodejs_version: 22.x
|
||||
etherpad_db_user: etherpad
|
||||
etherpad_db_password: "{{ lookup('password', '/tmp/etherpad_db_password length=32') }}"
|
||||
etherpad_db_name: etherpad
|
||||
|
|
|
@ -3,10 +3,36 @@
|
|||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
state: present
|
||||
pkg:
|
||||
- nodejs
|
||||
pkg:
|
||||
- gpg
|
||||
- postgresql
|
||||
- python3-psycopg2
|
||||
- apt-transport-https
|
||||
|
||||
- name: Import nodesource signing key
|
||||
ansible.builtin.shell:
|
||||
cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor
|
||||
-o /usr/share/keyrings/nodesource.gpg
|
||||
args:
|
||||
creates: /usr/share/keyrings/nodesource.gpg
|
||||
notify: Apt update
|
||||
|
||||
- name: Install nodesource source list
|
||||
ansible.builtin.template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
owner: "{{ item.owner | default('root') }}"
|
||||
group: "{{ item.group | default('root') }}"
|
||||
with_items:
|
||||
- { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list" }
|
||||
- { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs" }
|
||||
notify: Apt update
|
||||
|
||||
- ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: Install nodejs
|
||||
ansible.builtin.apt:
|
||||
name: nodejs
|
||||
|
||||
- name: Add database user
|
||||
become: true
|
||||
|
@ -34,17 +60,17 @@
|
|||
ansible.builtin.file:
|
||||
path: /var/log/etherpad.log
|
||||
state: touch
|
||||
owner: etherpad
|
||||
group: etherpad
|
||||
mode: 0644
|
||||
owner: "etherpad"
|
||||
group: "etherpad"
|
||||
mode: "0644"
|
||||
|
||||
- name: Create source directory
|
||||
ansible.builtin.file:
|
||||
path: /opt/etherpad
|
||||
state: directory
|
||||
owner: etherpad
|
||||
group: etherpad
|
||||
mode: 0755
|
||||
owner: "etherpad"
|
||||
group: "etherpad"
|
||||
mode: "0755"
|
||||
|
||||
- name: Clone etherpad source
|
||||
become: yes
|
||||
|
@ -61,18 +87,18 @@
|
|||
ansible.builtin.template:
|
||||
src: settings.json
|
||||
dest: /opt/etherpad/settings.json
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart etherpad
|
||||
|
||||
- name: Install etherpad service
|
||||
ansible.builtin.template:
|
||||
src: etherpad.service
|
||||
dest: /etc/systemd/system/etherpad.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart etherpad
|
||||
|
||||
- name: Start etherpad
|
||||
|
@ -86,8 +112,8 @@
|
|||
ansible.builtin.template:
|
||||
src: nginx-site.conf
|
||||
dest: /etc/nginx/sites-enabled/etherpad
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Reload nginx
|
||||
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
deb [arch=$arch signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodesource_version }} nodistro main
|
||||
deb [arch=$arch signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodejs_version }} nodistro main
|
2
roles/git-ci/defaults/main.yaml
Normal file
2
roles/git-ci/defaults/main.yaml
Normal file
|
@ -0,0 +1,2 @@
|
|||
runner_wd: /var/lib/forgejo-runner
|
||||
runner_version: 6.3.0
|
|
@ -3,6 +3,6 @@
|
|||
file: ../../common/handlers/main.yaml
|
||||
|
||||
- name: restart forgejo-runner
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: forgejo-runner
|
||||
state: restarted
|
50
roles/git-ci/tasks/main.yaml
Normal file
50
roles/git-ci/tasks/main.yaml
Normal file
|
@ -0,0 +1,50 @@
|
|||
---
|
||||
|
||||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
name: docker.io
|
||||
|
||||
- name: Download forgejo-runner
|
||||
ansible.builtin.get_url:
|
||||
url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ runner_version }}/forgejo-runner-{{ runner_version }}-linux-amd64"
|
||||
dest: /usr/local/bin/forgejo-runner
|
||||
mode: "0755"
|
||||
notify: restart forgejo-runner
|
||||
|
||||
- name: Create runner dir
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ runner_wd }}"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0755"
|
||||
|
||||
- name: Register runner
|
||||
ansible.builtin.command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}"
|
||||
args:
|
||||
chdir: "{{ runner_wd }}"
|
||||
creates: "{{ runner_wd }}/.runner"
|
||||
|
||||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: forgejo-runner.service
|
||||
dest: /etc/systemd/system/forgejo-runner.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart forgejo-runner
|
||||
|
||||
- name: Enable service
|
||||
ansible.builtin.systemd:
|
||||
name: forgejo-runner
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
- name: Start service
|
||||
ansible.builtin.systemd:
|
||||
name: forgejo-runner
|
||||
state: started
|
||||
daemon_reload: true
|
||||
|
||||
- name: Flush handlers
|
||||
ansible.builtin.meta: flush_handlers
|
|
@ -6,7 +6,7 @@ After=network.target
|
|||
|
||||
[Service]
|
||||
ExecStart=/usr/local/bin/forgejo-runner daemon
|
||||
WorkingDirectory={{ git_ci_runner_wd }}
|
||||
WorkingDirectory={{ runner_wd }}
|
||||
Restart=on-failure
|
||||
RestartSec=10s
|
||||
|
|
@ -11,9 +11,9 @@
|
|||
ansible.builtin.template:
|
||||
src: nginx-site.conf
|
||||
dest: /etc/nginx/sites-available/forgejo
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Reload nginx
|
||||
|
||||
- name: Enable nginx site
|
||||
|
@ -36,7 +36,7 @@
|
|||
path: /var/log/forgejo
|
||||
owner: "{{ git_server_user }}"
|
||||
group: "{{ git_server_user }}"
|
||||
mode: 0755
|
||||
mode: "0755"
|
||||
|
||||
# TODO: Install initial config
|
||||
|
||||
|
@ -44,9 +44,9 @@
|
|||
ansible.builtin.template:
|
||||
src: forgejo.service
|
||||
dest: /etc/systemd/system/forgejo.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Reload forgejo
|
||||
|
||||
- name: Install update script
|
||||
|
@ -55,7 +55,7 @@
|
|||
dest: "{{ git_server_working_dir }}/update.sh"
|
||||
owner: "{{ git_server_user }}"
|
||||
group: "{{ git_server_user }}"
|
||||
mode: 0755
|
||||
mode: "0755"
|
||||
|
||||
- name: Perform initial update
|
||||
ansible.builtin.command: "{{ git_server_working_dir }}/update.sh"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
#m h dom mon dow user command
|
||||
0 2 * * 1 root {{ git_server_working_dir }}/update.sh
|
||||
#m h dom mon dow user command
|
||||
0 2 * * 1 {{ git_server_user }} {{ git_server_working_dir }}/update.sh
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
---
|
||||
git_ci_runner_wd: /var/lib/forgejo-runner
|
|
@ -1,83 +0,0 @@
|
|||
---
|
||||
- tags: git_ci
|
||||
block:
|
||||
- name: Install dependencies
|
||||
apt:
|
||||
name: docker.io
|
||||
|
||||
- name: Query latest forgejo-runner version
|
||||
uri:
|
||||
url: https://code.forgejo.org/api/v1/repos/forgejo/runner/tags
|
||||
return_content: true
|
||||
register: response
|
||||
changed_when: false
|
||||
check_mode: false
|
||||
failed_when: "response is failed or 'json' not in response"
|
||||
|
||||
- name: Format forgejo-runner latest version
|
||||
set_fact:
|
||||
forgejo_runner_version: "{{ response['json'][0]['name'] | trim('v') }}"
|
||||
|
||||
- name: Detect installed forgejo-runner version
|
||||
shell:
|
||||
cmd: |
|
||||
set -o pipefail
|
||||
forgejo-runner --version | grep --color=never -Po '\d\.\d+(\.\d+)?' || echo none
|
||||
executable: /bin/bash
|
||||
register: forgejo_runner_installed_version_shell
|
||||
changed_when: false
|
||||
check_mode: false
|
||||
|
||||
- name: Format installed forgejo-runner version
|
||||
set_fact:
|
||||
forgejo_runner_installed_version: "{{ forgejo_runner_installed_version_shell.stdout }}"
|
||||
|
||||
- debug:
|
||||
msg:
|
||||
- "Forgejo Runner latest version: {{ forgejo_runner_version }}"
|
||||
- "Forgejo Runner installed version: {{ forgejo_runner_installed_version }}"
|
||||
|
||||
- name: Download forgejo-runner
|
||||
get_url:
|
||||
url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ forgejo_runner_version }}/forgejo-runner-{{ forgejo_runner_version }}-linux-amd64"
|
||||
dest: /usr/local/bin/forgejo-runner
|
||||
mode: "0755"
|
||||
notify: restart forgejo-runner
|
||||
when: forgejo_runner_installed_version != forgejo_runner_version
|
||||
|
||||
- name: Create runner dir
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ git_ci_runner_wd }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0755"
|
||||
|
||||
- name: Register runner
|
||||
command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}"
|
||||
args:
|
||||
chdir: "{{ git_ci_runner_wd }}"
|
||||
creates: "{{ git_ci_runner_wd }}/.runner"
|
||||
|
||||
- name: Install service file
|
||||
template:
|
||||
src: forgejo-runner.service
|
||||
dest: /etc/systemd/system/forgejo-runner.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
notify: restart forgejo-runner
|
||||
|
||||
- name: Enable service
|
||||
systemd:
|
||||
name: forgejo-runner
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
- name: Start service
|
||||
systemd:
|
||||
name: forgejo-runner
|
||||
state: started
|
||||
daemon_reload: true
|
||||
|
||||
- meta: flush_handlers
|
|
@ -48,17 +48,17 @@
|
|||
src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz
|
||||
dest: /usr/local
|
||||
remote_src: yes
|
||||
owner: root
|
||||
group: root
|
||||
owner: "root"
|
||||
group: "root"
|
||||
when: go_installed_version != go_latest_version
|
||||
|
||||
- name: Configure Go environment
|
||||
ansible.builtin.template:
|
||||
src: go.profile
|
||||
dest: /etc/profile.d/go.sh
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
|
||||
- name: Link go binary
|
||||
ansible.builtin.file:
|
||||
|
|
|
@ -21,9 +21,9 @@
|
|||
ansible.builtin.template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart grafana
|
||||
with_items:
|
||||
- { src: grafana.ini, dest: /etc/grafana/grafana.ini }
|
||||
|
@ -33,9 +33,9 @@
|
|||
ansible.builtin.template:
|
||||
src: grafana-data-source.yml
|
||||
dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart grafana
|
||||
with_items:
|
||||
- name: Prometheus
|
||||
|
|
|
@ -4,9 +4,9 @@
|
|||
ansible.builtin.template:
|
||||
src: nginx-site.conf
|
||||
dest: /etc/nginx/sites-available/monitoring
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Reload nginx
|
||||
|
||||
- name: Enable nginx site
|
||||
|
|
|
@ -1,22 +1,47 @@
|
|||
---
|
||||
- name: Clone source
|
||||
ansible.builtin.git:
|
||||
repo: https://github.com/polyfloyd/mqtt-exporter.git
|
||||
version: main
|
||||
dest: /opt/mqtt_exporter
|
||||
accept_hostkey: yes
|
||||
notify: restart mqtt_exporter
|
||||
|
||||
- name: Install apt dependencies
|
||||
ansible.builtin.apt:
|
||||
name: mqtt-exporter
|
||||
name:
|
||||
- jq
|
||||
- python3-paho-mqtt
|
||||
- python3-prometheus-client
|
||||
- python3-yaml
|
||||
state: present
|
||||
|
||||
- name: Install service
|
||||
ansible.builtin.template:
|
||||
src: mqtt_exporter.service
|
||||
dest: /etc/systemd/system/mqtt_exporter.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify:
|
||||
- Daemon reload
|
||||
- restart mqtt_exporter
|
||||
|
||||
- name: Install config file
|
||||
ansible.builtin.template:
|
||||
src: mqtt_exporter_config.yaml
|
||||
dest: /etc/mqtt-exporter.yaml
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart mqtt_exporter
|
||||
dest: /etc/mqtt_exporter.yaml
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify:
|
||||
- Daemon reload
|
||||
- restart mqtt_exporter
|
||||
|
||||
- ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: Start service
|
||||
ansible.builtin.systemd:
|
||||
name: mqtt-exporter
|
||||
name: mqtt_exporter
|
||||
state: started
|
||||
enabled: true
|
||||
|
|
|
@ -7,9 +7,9 @@
|
|||
ansible.builtin.template:
|
||||
src: prometheus.yml
|
||||
dest: "{{ prometheus_config_dir }}/prometheus.yml"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart prometheus
|
||||
|
||||
- name: Configure Prometheus args
|
||||
|
|
1
roles/mqtt/defaults/main.yaml
Normal file
1
roles/mqtt/defaults/main.yaml
Normal file
|
@ -0,0 +1 @@
|
|||
mqtt_bambulab_cafile: /etc/mosquitto/ca_certificates/bambulab.pem
|
|
@ -9,18 +9,16 @@
|
|||
- name: Install bambulab cafile
|
||||
# openssl s_client -showcerts -connect <ip>:8883 </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p'
|
||||
ansible.builtin.copy:
|
||||
dest: "/etc/mosquitto/ca_certificates/bambu_{{ item.name }}.pem"
|
||||
content: "{{ item.cafile }}"
|
||||
notify: restart mosquitto
|
||||
with_items: "{{ lookup('passwordstore', 'bambulab subkey=printers') }}"
|
||||
dest: "{{ mqtt_bambulab_cafile }}"
|
||||
content: "{{ lookup('passwordstore', 'bambulab subkey=cafile') }}"
|
||||
|
||||
- name: Configure Mosquitto
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "/etc/mosquitto/conf.d/{{ item }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart mosquitto
|
||||
with_items:
|
||||
- bambulab.conf
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
# {{ ansible_managed }}
|
||||
{% for bambu in lookup('passwordstore', 'bambulab subkey=printers') %}
|
||||
|
||||
connection bambulab_{{ bambu.name }}
|
||||
address {{ bambu.host }}:8883
|
||||
bridge_cafile /etc/mosquitto/ca_certificates/bambu_{{ bambu.name }}.pem
|
||||
connection bambulab
|
||||
address {{ lookup('passwordstore', 'bambulab subkey=host') }}:8883
|
||||
bridge_cafile {{ mqtt_bambulab_cafile }}
|
||||
bridge_insecure true
|
||||
remote_username bblp
|
||||
remote_password {{ bambu.key }}
|
||||
topic # in 2 bambulab/{{ bambu.name }}/ ""
|
||||
{% endfor %}
|
||||
remote_password {{ lookup('passwordstore', 'bambulab subkey=key') }}
|
||||
|
||||
topic # in 2 bambulab/ ""
|
||||
|
|
|
@ -1,10 +1,2 @@
|
|||
music_audio_user: audio
|
||||
music_audio_user_id: 998
|
||||
music_audio_group: audio
|
||||
music_bitvis_user: bitvis
|
||||
music_librespot_user: librespot
|
||||
music_trollibox_user: trollibox
|
||||
|
||||
music_pulse_server: /tmp/pipewire-pulse-socket
|
||||
|
||||
music_mqtt_mpd_volume: bitlair/music/space/volume
|
||||
|
|
|
@ -2,65 +2,27 @@
|
|||
- ansible.builtin.import_tasks:
|
||||
file: ../../common/handlers/main.yaml
|
||||
|
||||
- name: restart pipewire
|
||||
become: true
|
||||
become_user: "{{ music_audio_user }}"
|
||||
become_method: machinectl
|
||||
ansible.builtin.systemd:
|
||||
name: pipewire
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
scope: user
|
||||
|
||||
- name: restart filter-chain
|
||||
become: true
|
||||
become_user: "{{ music_audio_user }}"
|
||||
become_method: machinectl
|
||||
ansible.builtin.systemd:
|
||||
name: filter-chain
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
scope: user
|
||||
|
||||
- name: restart bitvis
|
||||
ansible.builtin.systemd:
|
||||
name: bitvis
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: restart bitvis-tee
|
||||
ansible.builtin.systemd:
|
||||
name: bitvis-tee
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: restart mpd
|
||||
ansible.builtin.systemd:
|
||||
name: mpd
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: restart trollibox
|
||||
- name: Restart trollibox
|
||||
ansible.builtin.systemd:
|
||||
name: trollibox
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: rebuild librespot
|
||||
- name: Rebuild librespot
|
||||
ansible.builtin.command:
|
||||
cmd: /root/.cargo/bin/cargo build --release --features pulseaudio-backend,jackaudio-backend
|
||||
cmd: /root/.cargo/bin/cargo build --release --features jackaudio-backend
|
||||
args:
|
||||
chdir: /opt/librespot
|
||||
|
||||
- name: restart librespot
|
||||
- name: Restart librespot
|
||||
ansible.builtin.systemd:
|
||||
name: librespot
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: restart mqtt-soundboard
|
||||
- name: Restart soundboard
|
||||
ansible.builtin.systemd:
|
||||
name: mqtt-soundboard
|
||||
name: soundboard
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
|
@ -75,12 +37,3 @@
|
|||
name: skipbutton
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: restart ampswitch
|
||||
ansible.builtin.systemd:
|
||||
name: "ampswitch-{{ item }}"
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
with_items:
|
||||
- librespot
|
||||
- mpd
|
||||
|
|
|
@ -1,31 +0,0 @@
|
|||
---
|
||||
- name: Install ampswitch
|
||||
apt:
|
||||
name: ampswitch
|
||||
|
||||
- name: Install ampswitch service file
|
||||
template:
|
||||
src: ampswitch.service
|
||||
dest: /etc/systemd/system/ampswitch-{{ item.instance }}.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
with_items:
|
||||
- instance: mpd
|
||||
pw_inputs:
|
||||
- "Music Player Daemon:output_FL"
|
||||
- "Music Player Daemon:output_FR"
|
||||
- instance: librespot
|
||||
pw_inputs:
|
||||
- "librespot:out_0"
|
||||
- "librespot:out_1"
|
||||
notify: restart ampswitch
|
||||
|
||||
- name: Enable ampswitch
|
||||
ansible.builtin.systemd:
|
||||
name: "ampswitch-{{ item }}"
|
||||
state: started
|
||||
enabled: true
|
||||
with_items:
|
||||
- librespot
|
||||
- mpd
|
|
@ -1,68 +0,0 @@
|
|||
---
|
||||
- name: Install pipewire
|
||||
apt:
|
||||
name:
|
||||
- systemd-container
|
||||
- pipewire
|
||||
- pipewire-jack
|
||||
- pipewire-pulse
|
||||
- pulseaudio-utils
|
||||
- pulsemixer
|
||||
- wireplumber
|
||||
state: present
|
||||
|
||||
- name: Add audio group
|
||||
group:
|
||||
name: audio
|
||||
system: true
|
||||
|
||||
- name: Add {{ music_audio_user }} user
|
||||
user:
|
||||
name: "{{ music_audio_user }}"
|
||||
uid: "{{ music_audio_user_id }}"
|
||||
system: true
|
||||
groups:
|
||||
- audio
|
||||
|
||||
- name: Enable linger for {{ music_audio_user }}
|
||||
copy:
|
||||
dest: "/var/lib/systemd/linger/{{ music_audio_user }}"
|
||||
content: ""
|
||||
|
||||
- name: Enable pipewire
|
||||
become: true
|
||||
become_user: "{{ music_audio_user }}"
|
||||
become_method: machinectl
|
||||
ansible.builtin.systemd:
|
||||
name: pipewire
|
||||
state: started
|
||||
enabled: true
|
||||
scope: user
|
||||
|
||||
- name: Set PULSE_SERVER env var for all shells
|
||||
copy:
|
||||
dest: /etc/profile.d/pulse-server.sh
|
||||
content: |+
|
||||
# Ansible managed
|
||||
export PULSE_SERVER={{ music_pulse_server }}
|
||||
|
||||
- name: Create pipewire-pulse config dir
|
||||
file:
|
||||
path: /etc/pipewire/pipewire-pulse.conf.d/
|
||||
state: directory
|
||||
|
||||
- name: Configure system socket
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/pipewire/pipewire-pulse.conf.d/system-socket.conf
|
||||
content: |+
|
||||
# Ansible managed
|
||||
context.exec = [
|
||||
{ path = "/bin/chgrp" args = "{{ music_audio_group }} {{ music_pulse_server }}" }
|
||||
{ path = "/bin/chmod" args = "g+rwx,o-rwx {{ music_pulse_server }}" }
|
||||
]
|
||||
pulse.properties = {
|
||||
server.address = [
|
||||
"unix:{{ music_pulse_server }}"
|
||||
]
|
||||
}
|
||||
notify: restart pipewire
|
|
@ -1,72 +0,0 @@
|
|||
---
|
||||
- name: Install bitvis dependencies
|
||||
apt:
|
||||
name:
|
||||
- bitvis
|
||||
- bitvis-http
|
||||
- swh-plugins
|
||||
|
||||
- name: Create bitvis user
|
||||
user:
|
||||
name: "{{ music_bitvis_user }}"
|
||||
system: true
|
||||
home: /var/lib/bitvis
|
||||
groups:
|
||||
- "{{ music_audio_group }}"
|
||||
|
||||
- name: Install bitvis-tee
|
||||
ansible.builtin.template:
|
||||
src: bitvis-tee.sh
|
||||
dest: /opt/bitvis-tee.sh
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
notify: restart {{ item }}
|
||||
with_items:
|
||||
- bitvis
|
||||
- bitvis-tee
|
||||
|
||||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}.service"
|
||||
dest: /etc/systemd/system/{{ item }}.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart {{ item }}
|
||||
with_items:
|
||||
- bitvis
|
||||
- bitvis-tee
|
||||
|
||||
- name: Enable service
|
||||
ansible.builtin.systemd:
|
||||
name: "{{ item }}"
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
with_items:
|
||||
- bitvis
|
||||
- bitvis-tee
|
||||
|
||||
- name: Install bitvis gain filter
|
||||
ansible.builtin.template:
|
||||
src: pw-bitvis-mixer.conf
|
||||
dest: /etc/pipewire/filter-chain.conf.d/bitvis-mixer.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify:
|
||||
- restart filter-chain
|
||||
- restart bitvis
|
||||
|
||||
- name: Enable filter-chain
|
||||
become: true
|
||||
become_user: "{{ music_audio_user }}"
|
||||
become_method: machinectl
|
||||
ansible.builtin.systemd:
|
||||
name: filter-chain
|
||||
state: started
|
||||
enabled: true
|
||||
scope: user
|
||||
|
||||
- meta: flush_handlers
|
|
@ -1,18 +1,8 @@
|
|||
---
|
||||
- name: Install apt dependencies
|
||||
apt:
|
||||
name:
|
||||
- libasound2-dev
|
||||
- libjack-dev
|
||||
- pkg-config
|
||||
|
||||
- name: Create librespot user
|
||||
user:
|
||||
name: "{{ music_librespot_user }}"
|
||||
system: true
|
||||
home: /var/lib/librespot
|
||||
groups:
|
||||
- "{{ music_audio_group }}"
|
||||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
name: libjack-jackd2-dev
|
||||
state: present
|
||||
|
||||
- name: Clone librespot source
|
||||
ansible.builtin.git:
|
||||
|
@ -21,17 +11,17 @@
|
|||
dest: /opt/librespot
|
||||
accept_hostkey: yes
|
||||
notify:
|
||||
- rebuild librespot
|
||||
- restart librespot
|
||||
- Rebuild librespot
|
||||
- Restart librespot
|
||||
|
||||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: librespot.service
|
||||
dest: /etc/systemd/system/librespot.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart librespot
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart librespot
|
||||
|
||||
- name: Enable Librespot
|
||||
ansible.builtin.systemd:
|
||||
|
@ -39,5 +29,3 @@
|
|||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
- meta: flush_handlers
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
---
|
||||
- name: Import base
|
||||
ansible.builtin.import_tasks:
|
||||
file: base.yaml
|
||||
tags:
|
||||
- music_base
|
||||
|
||||
- name: Import mpd
|
||||
ansible.builtin.import_tasks:
|
||||
|
@ -11,18 +6,6 @@
|
|||
tags:
|
||||
- music_mpd
|
||||
|
||||
- name: Bitvis
|
||||
ansible.builtin.import_tasks:
|
||||
file: bitvis.yaml
|
||||
tags:
|
||||
- music_bitvis
|
||||
|
||||
- name: Import airplay
|
||||
ansible.builtin.import_tasks:
|
||||
file: airplay.yaml
|
||||
tags:
|
||||
- music_airplay
|
||||
|
||||
- name: Import trollibox
|
||||
ansible.builtin.import_tasks:
|
||||
file: trollibox.yaml
|
||||
|
@ -41,8 +24,11 @@
|
|||
tags:
|
||||
- music_soundboard
|
||||
|
||||
- name: Ampswitch
|
||||
ansible.builtin.import_tasks:
|
||||
file: ampswitch.yaml
|
||||
tags:
|
||||
- music_ampswitch
|
||||
- name: Install nginx config
|
||||
ansible.builtin.template:
|
||||
src: nginx-site.conf
|
||||
dest: /etc/nginx/sites-enabled/trollibox
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Reload nginx
|
||||
|
|
|
@ -1,48 +1,30 @@
|
|||
---
|
||||
|
||||
- name: Install MPD
|
||||
ansible.builtin.apt:
|
||||
name: mpd
|
||||
name:
|
||||
- jackd
|
||||
- mpd
|
||||
- python3-mpd
|
||||
- python3-serial
|
||||
state: present
|
||||
|
||||
- name: Add mpd user to the {{ music_audio_group }} group
|
||||
user:
|
||||
name: mpd
|
||||
groups:
|
||||
- "{{ music_audio_group }}"
|
||||
notify: restart mpd
|
||||
|
||||
- name: Install mpd file
|
||||
ansible.builtin.template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart mpd
|
||||
with_items:
|
||||
- src: mpd.conf
|
||||
dest: /etc/mpd.conf
|
||||
- src: mpd.service
|
||||
dest: /etc/systemd/system/mpd.service
|
||||
- src: mpd_state
|
||||
dest: /var/lib/mpd/state.default
|
||||
|
||||
- name: Install mpd-volume-to-mqtt script
|
||||
ansible.builtin.template:
|
||||
src: mpd-volume-to-mqtt.sh
|
||||
dest: /opt/mpd-volume-to-mqtt.sh
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart mpd-volume-to-mqtt
|
||||
|
||||
- name: Install mpd-volume-to-mqtt service
|
||||
ansible.builtin.template:
|
||||
src: mpd-volume-to-mqtt.service
|
||||
dest: /etc/systemd/system/mpd-volume-to-mqtt.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart mpd-volume-to-mqtt
|
||||
|
||||
- name: Enable mpd-volume-to-mqtt
|
||||
|
@ -51,3 +33,27 @@
|
|||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
- name: Clone skipbutton source
|
||||
ansible.builtin.git:
|
||||
repo: https://github.com/bitlair/skipbutton.git
|
||||
version: master
|
||||
dest: /opt/skipbutton
|
||||
accept_hostkey: yes
|
||||
notify: Restart skipbutton
|
||||
|
||||
- name: Install skipbutton service
|
||||
ansible.builtin.template:
|
||||
src: skipbutton.service
|
||||
dest: /etc/systemd/system/skipbutton.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart skipbutton
|
||||
|
||||
- name: Enable skipbutton
|
||||
ansible.builtin.systemd:
|
||||
name: skipbutton
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
|
|
@ -1,28 +1,50 @@
|
|||
---
|
||||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- mqtt-soundboard
|
||||
- mplayer
|
||||
name: virtualenv
|
||||
state: present
|
||||
|
||||
- name: Clone soundboard source
|
||||
ansible.builtin.git:
|
||||
repo: https://github.com/polyfloyd/mqtt-soundboard.git
|
||||
version: main
|
||||
dest: /opt/soundboard
|
||||
accept_hostkey: yes
|
||||
notify: Restart soundboard
|
||||
|
||||
- name: Create virtualenv
|
||||
ansible.builtin.command:
|
||||
cmd: virtualenv /opt/soundboard/.venv
|
||||
args:
|
||||
creates: /opt/soundboard/.venv
|
||||
|
||||
- name: Install Python dependencies
|
||||
ansible.builtin.shell:
|
||||
cmd: . .venv/bin/activate && pip install -r requirements.txt
|
||||
args:
|
||||
chdir: /opt/soundboard
|
||||
|
||||
- name: Install soundboard config file
|
||||
ansible.builtin.template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart mqtt-soundboard
|
||||
with_items:
|
||||
- src: mqtt-soundboard.service
|
||||
dest: /etc/systemd/system/mqtt-soundboard.service
|
||||
- src: mqtt-soundboard.yaml
|
||||
dest: /etc/mqtt-soundboard.yaml
|
||||
src: soundboard.yaml
|
||||
dest: /etc/soundboard.yaml
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart soundboard
|
||||
|
||||
- name: Install soundboard service file
|
||||
ansible.builtin.template:
|
||||
src: soundboard.service
|
||||
dest: /etc/systemd/system/soundboard.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart soundboard
|
||||
|
||||
- name: Enable soundboard
|
||||
ansible.builtin.systemd:
|
||||
name: mqtt-soundboard
|
||||
name: soundboard
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
|
|
@ -1,49 +1,41 @@
|
|||
---
|
||||
- name: Create trollibox user
|
||||
user:
|
||||
name: "{{ music_trollibox_user }}"
|
||||
system: true
|
||||
home: /var/lib/trollibox
|
||||
|
||||
- name: Install Trollibox config
|
||||
ansible.builtin.template:
|
||||
src: trollibox.yaml
|
||||
dest: /etc/trollibox.yaml
|
||||
owner: root
|
||||
group: root
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart trollibox
|
||||
notify: Restart trollibox
|
||||
|
||||
- name: Get latest Trollibox version from Github API
|
||||
uri:
|
||||
ansible.builtin.get_url:
|
||||
url: "https://api.github.com/repos/polyfloyd/trollibox/releases/latest"
|
||||
return_content: true
|
||||
register: response
|
||||
changed_when: false
|
||||
check_mode: false
|
||||
failed_when: "response is failed or 'json' not in response"
|
||||
dest: "/tmp/_ansible_trollibox_latest_release.json"
|
||||
|
||||
- name: Format trollibox latest version
|
||||
set_fact:
|
||||
trollibox_version: "{{ response['json']['tag_name'] | trim('v') }}"
|
||||
- name: Get download url
|
||||
ansible.builtin.shell:
|
||||
cmd: cat /tmp/_ansible_trollibox_latest_release.json | jq .assets[] | select(.name
|
||||
| contains("linux-amd64")) | .browser_download_url -r
|
||||
register: "trollibox_download_url"
|
||||
|
||||
- name: Download Trollibox
|
||||
ansible.builtin.unarchive:
|
||||
src: "https://github.com/polyfloyd/trollibox/releases/download/v{{ trollibox_version }}/trollibox-x86_64-unknown-linux-gnu.tar.gz"
|
||||
src: "{{ trollibox_download_url.stdout }}"
|
||||
remote_src: yes
|
||||
dest: /usr/local/bin
|
||||
include: [ trollibox ]
|
||||
mode: "0755"
|
||||
notify: restart trollibox
|
||||
notify: Restart trollibox
|
||||
|
||||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: trollibox.service
|
||||
dest: /etc/systemd/system/trollibox.service
|
||||
owner: root
|
||||
group: root
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart trollibox
|
||||
notify: Restart trollibox
|
||||
|
||||
- name: Enable Trollibox
|
||||
ansible.builtin.systemd:
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
[Unit]
|
||||
Description=Script hook for {{ item }} playback
|
||||
After=network.target {{ item.instance }}.service
|
||||
Requires={{ item.instance }}.service
|
||||
StopPropagatedFrom={{ item.instance }}.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
ExecStart=/usr/bin/pw-jack ampswitch --jack-name ampswitch-{{ item.instance }} --on-command /opt/on-{{ item.instance }}-start.sh --switch-time 10 --trigger-level 0.001
|
||||
ExecStartPost=/usr/bin/sleep 4
|
||||
{% for pw_input in item.pw_inputs %}
|
||||
ExecStartPost=-/usr/bin/pw-link "{{ pw_input }}" ampswitch-{{ item.instance }}:Input
|
||||
{% endfor %}
|
||||
User=root
|
||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,15 +0,0 @@
|
|||
[Unit]
|
||||
Description=Multiplexer for bitvis
|
||||
Before=bitvis.service
|
||||
After=bitvis-http.service
|
||||
Requires=bitvis-http.service
|
||||
PropagatesStopTo=bitvis.service
|
||||
StopPropagatedFrom=bitvis.service
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
ExecStart=/usr/bin/screen -dmS bitvis-tee /opt/bitvis-tee.sh
|
||||
User={{ music_bitvis_user }}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,10 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# {{ ansible_managed }}
|
||||
|
||||
loop=`mktemp --suffix -bitvis`
|
||||
mkfifo -f "$loop"
|
||||
trap "rm -f $loop" EXIT TERM
|
||||
|
||||
cat "$loop" | while true; do nc -4 -w 2 localhost 1338; done &
|
||||
nc -klp 1337 | tee "$loop" | while true; do nc -w 2 {{ music_bitpanel_host }} {{ music_bitpanel_port }}; done
|
|
@ -1,19 +0,0 @@
|
|||
[Unit]
|
||||
Description=Audio visualizer for the bitpanel
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
ExecStart=/usr/bin/pw-jack bitvis -a localhost -p 1337 -m localhost -o 6600
|
||||
ExecStartPost=/usr/bin/sleep 4
|
||||
ExecStartPost=-/usr/bin/pw-link bitvis-mixer:output_FL bitvis:input
|
||||
ExecStartPost=-/usr/bin/pw-link alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:monitor_FL bitvis-mixer:playback_FL
|
||||
ExecStartPost=-/usr/bin/pw-link alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:monitor_FR bitvis-mixer:playback_FR
|
||||
|
||||
User={{ music_audio_user }}
|
||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -3,18 +3,16 @@
|
|||
[Unit]
|
||||
Description=Spotify through Librespot
|
||||
After=network.target
|
||||
Requires=jackd.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
ExecStart=/usr/bin/pw-jack -s 44100 /opt/librespot/target/release/librespot --name Trollibox --backend jackaudio
|
||||
ExecStartPost=/usr/bin/sleep 4
|
||||
ExecStartPost=-/usr/bin/pw-link librespot:out_0 alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:playback_FL
|
||||
ExecStartPost=-/usr/bin/pw-link librespot:out_1 alsa_output.usb-ASUS_Xonar_U7_MKII-00.analog-stereo:playback_FR
|
||||
# User={{ music_librespot_user }}
|
||||
User=root
|
||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
||||
RestartSec=2s
|
||||
ExecStart=/opt/librespot/target/release/librespot --name Trollibox --backend jackaudio
|
||||
User={{ music_audio_user }}
|
||||
Group={{ music_audio_user }}
|
||||
AmbientCapabilities=CAP_IPC_LOCK,CAP_SYS_NICE
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
@ -14,7 +14,7 @@ prev_volume=x
|
|||
if [ $event = "mixer" ]; then
|
||||
volume=`mpc volume | sed -nr 's/^volume: ([0-9]+)%$/\1/p'`
|
||||
if [ "$prev_volume" != "$volume" ]; then
|
||||
mqtt-simple -h {{ mqtt_internal_host }} -p '{{ music_mqtt_mpd_volume }}' -r -m "$volume"
|
||||
mqtt-simple -h {{ mqtt_internal_host }} -p '{{ music_mqtt_mpd_volume }} -r' -m "$volume"
|
||||
fi
|
||||
prev_volume=$volume
|
||||
fi
|
||||
|
|
|
@ -1,40 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
user "mpd"
|
||||
group "{{ music_audio_group }}"
|
||||
|
||||
bind_to_address "any"
|
||||
port "6600"
|
||||
max_connections "20"
|
||||
|
||||
zeroconf_enabled "yes"
|
||||
zeroconf_name "MPD @ %h"
|
||||
|
||||
music_directory "/srv/media/music"
|
||||
auto_update "yes"
|
||||
filesystem_charset "UTF-8"
|
||||
|
||||
playlist_directory "/var/lib/mpd/playlists"
|
||||
db_file "/var/lib/mpd/tag_cache"
|
||||
state_file "/var/lib/mpd/state"
|
||||
sticker_file "/var/lib/mpd/sticker.sql"
|
||||
|
||||
input {
|
||||
plugin "curl" # Required for web streams.
|
||||
}
|
||||
|
||||
decoder {
|
||||
plugin "hybrid_dsd"
|
||||
enabled "no"
|
||||
}
|
||||
|
||||
decoder {
|
||||
plugin "wildmidi"
|
||||
enabled "no"
|
||||
}
|
||||
|
||||
audio_output {
|
||||
type "pulse"
|
||||
name "Pulse"
|
||||
server "{{ music_pulse_server }}"
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
[Unit]
|
||||
Description=Music Player Daemon
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=/bin/mkdir -p /run/mpd
|
||||
ExecStartPre=/bin/chown -R mpd:nogroup /run/mpd
|
||||
ExecStartPre=/bin/touch /var/log/mpd.log
|
||||
ExecStartPre=/bin/chown mpd:nogroup /var/log/mpd.log
|
||||
ExecStartPre=/usr/bin/cp /var/lib/mpd/state.default /var/lib/mpd/state
|
||||
ExecStart=/usr/bin/mpd --no-daemon /etc/mpd.conf
|
||||
# MDP will fork itself to the user defined in its config
|
||||
User=root
|
||||
LimitMEMLOCK=infinity
|
||||
LimitRTPRIO=99
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,17 +0,0 @@
|
|||
sw_volume: 20
|
||||
audio_device_state:1:Pulse
|
||||
state: play
|
||||
current: 0
|
||||
time: 0
|
||||
random: 0
|
||||
repeat: 0
|
||||
single: 0
|
||||
consume: 0
|
||||
crossfade: 0
|
||||
mixrampdb: 0.000000
|
||||
mixrampdelay: -1.000000
|
||||
playlist_begin
|
||||
song_begin: http://ice4.somafm.com/groovesalad-256-mp3
|
||||
Name: SomaFM Groove Salad
|
||||
song_end
|
||||
playlist_end
|
70
roles/music/templates/nginx-site.conf
Normal file
70
roles/music/templates/nginx-site.conf
Normal file
|
@ -0,0 +1,70 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
listen 443 ssl default_server;
|
||||
listen [::]:443 ssl default_server;
|
||||
|
||||
server_name {{ music_domain }};
|
||||
|
||||
{% if acme_bootstrap_certs %}
|
||||
include "snippets/snakeoil.conf";
|
||||
{% else %}
|
||||
ssl_certificate "/var/lib/dehydrated/certs/{{ music_domain }}/fullchain.pem";
|
||||
ssl_certificate_key "/var/lib/dehydrated/certs/{{ music_domain }}/privkey.pem";
|
||||
{% endif %}
|
||||
|
||||
{% for range in trusted_ranges %}
|
||||
allow {{ range.cidr }};
|
||||
{% endfor %}
|
||||
deny all;
|
||||
|
||||
location / {
|
||||
rewrite ^/(.*) https://{{ music_domain }}/trollibox/player/space?;
|
||||
}
|
||||
|
||||
location /trollibox/ {
|
||||
proxy_pass http://[::1]:3000/;
|
||||
client_max_body_size 512M;
|
||||
include proxy_params;
|
||||
}
|
||||
|
||||
location ~ ^/trollibox/(.+/events)$ {
|
||||
proxy_pass http://[::1]:3000/$1;
|
||||
include proxy_params;
|
||||
proxy_http_version 1.1;
|
||||
chunked_transfer_encoding off;
|
||||
add_header X-Test "123";
|
||||
proxy_set_header Connection '';
|
||||
proxy_buffering off;
|
||||
proxy_read_timeout 7d;
|
||||
}
|
||||
|
||||
location ~ ^/trollibox/(.+/listen)$ {
|
||||
proxy_pass http://[::1]:3000/$1;
|
||||
include proxy_params;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_read_timeout 7d;
|
||||
}
|
||||
|
||||
location /bobdsp/ {
|
||||
proxy_pass http://[::1]:8081/;
|
||||
include proxy_params;
|
||||
}
|
||||
|
||||
location /vis/ {
|
||||
allow all;
|
||||
proxy_pass http://[::1]:13378/;
|
||||
include proxy_params;
|
||||
}
|
||||
|
||||
location = /vis/ {
|
||||
rewrite ^(.*)$ /vis/index.html;
|
||||
include proxy_params;
|
||||
}
|
||||
|
||||
include "snippets/acme.conf";
|
||||
}
|
|
@ -1,49 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
context.modules = [
|
||||
{
|
||||
name = libpipewire-module-filter-chain
|
||||
args = {
|
||||
node.description = "bitvis-mixer"
|
||||
media.name = "bitvis-mixer"
|
||||
filter.graph = {
|
||||
nodes = [
|
||||
{
|
||||
name = normalize
|
||||
type = ladspa
|
||||
plugin = fast_lookahead_limiter_1913
|
||||
label = fastLookaheadLimiter
|
||||
control = {
|
||||
"Input gain (dB)" = 40
|
||||
"Limit (dB)" = 0
|
||||
"Release time (s)" = 1
|
||||
}
|
||||
}
|
||||
{
|
||||
name = mono
|
||||
type = builtin
|
||||
label = mixer
|
||||
}
|
||||
]
|
||||
links = [
|
||||
{ output = "normalize:Output 1", input = "mono:In 1" }
|
||||
{ output = "normalize:Output 2", input = "mono:In 2" }
|
||||
]
|
||||
inputs = [ "normalize:Input 1" "normalize:Input 2" ]
|
||||
outputs = [ "mono:Out" ]
|
||||
}
|
||||
capture.props = {
|
||||
node.name = "mix_input.bitvis"
|
||||
audio.position = [ FL FR ]
|
||||
media.class = "Audio/Sink"
|
||||
}
|
||||
playback.props = {
|
||||
node.name = "mix_output.bitvis"
|
||||
audio.position = [ FL ]
|
||||
stream.dont-remix = true
|
||||
node.passive = true
|
||||
node.autoconnect = false
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
17
roles/music/templates/skipbutton.service
Normal file
17
roles/music/templates/skipbutton.service
Normal file
|
@ -0,0 +1,17 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
[Unit]
|
||||
Description=MPD Skipbutton
|
||||
After=network.target
|
||||
Requires=mpd.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
ExecStart=/opt/skipbutton/skipbutton.py /dev/ttyS0
|
||||
DynamicUser=true
|
||||
Group=dialout
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -6,11 +6,12 @@ After=network.target
|
|||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/lib/python3/dist-packages/mqtt-soundboard.py /etc/mqtt-soundboard.yaml
|
||||
ExecStart=/opt/soundboard/.venv/bin/python /opt/soundboard/soundboard.py /etc/soundboard.yaml
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
User=root
|
||||
Environment="XDG_RUNTIME_DIR=/run/user/{{ music_audio_user_id }}"
|
||||
User=audio
|
||||
LimitMEMLOCK=infinity
|
||||
LimitRTPRIO=99
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,13 +1,13 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
loglevel: DEBUG
|
||||
loglevel: INFO
|
||||
|
||||
mqtt:
|
||||
host: {{ mqtt_internal_host }}
|
||||
|
||||
sounds:
|
||||
directory: /opt/sounds
|
||||
play_cmd: "pw-jack mplayer -volume 20 -ao jack:name=MPlayer %s"
|
||||
play_cmd: "mplayer -volume 10 -ao jack:name=MPlayer %s"
|
||||
topic: bitlair/soundboard
|
||||
|
||||
aliases:
|
|
@ -10,7 +10,8 @@ Type=simple
|
|||
Restart=always
|
||||
RestartSec=2s
|
||||
ExecStart=/usr/local/bin/trollibox -conf /etc/trollibox.yaml
|
||||
User={{ music_trollibox_user }}
|
||||
User={{ music_audio_user }}
|
||||
Group={{ music_audio_user }}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
---
|
||||
nodesource_version: 22.x
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
- ansible.builtin.import_tasks:
|
||||
file: ../../common/handlers/main.yaml
|
|
@ -1,33 +0,0 @@
|
|||
---
|
||||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
state: present
|
||||
pkg:
|
||||
- apt-transport-https
|
||||
- gpg
|
||||
|
||||
- name: Import nodesource signing key
|
||||
ansible.builtin.shell:
|
||||
cmd: |
|
||||
set -o pipefail
|
||||
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /usr/share/keyrings/nodesource.gpg
|
||||
executable: /bin/bash
|
||||
args:
|
||||
creates: /usr/share/keyrings/nodesource.gpg
|
||||
notify: apt update
|
||||
|
||||
- name: Install nodesource apt files
|
||||
ansible.builtin.template:
|
||||
src: nodesource.list
|
||||
dest: /etc/apt/sources.list.d/nodesource.list
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: apt update
|
||||
with_items:
|
||||
- src: nodesource.list
|
||||
dest: /etc/apt/sources.list.d/nodesource.list
|
||||
- src: nodejs-apt-pref
|
||||
dest: /etc/apt/preferences.d/nodejs
|
||||
|
||||
- ansible.builtin.meta: flush_handlers
|
|
@ -5,28 +5,16 @@
|
|||
|
||||
- name: Install fetch script
|
||||
ansible.builtin.template:
|
||||
src: bambulab-fetch.sh
|
||||
dest: /opt/bambulab-fetch.sh
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Install service
|
||||
ansible.builtin.template:
|
||||
src: bambulab-fetch.service
|
||||
dest: /etc/systemd/system/bambulab-fetch.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: daemon reload
|
||||
|
||||
- name: Install timer
|
||||
ansible.builtin.template:
|
||||
src: bambulab-fetch.timer
|
||||
dest: /etc/systemd/system/bambulab-fetch.timer
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
owner: "{{ item.owner | default('root') }}"
|
||||
group: "{{ item.group | default('root') }}"
|
||||
mode: "{{ item.mode | default('0644') }}"
|
||||
force: "{{ item.force | default('yes') }}"
|
||||
with_items:
|
||||
- { src: "bambulab-fetch.sh", dest: "/opt/bambulab-fetch.sh", mode: "0755" }
|
||||
- { src: "bambulab-fetch.service", dest: "/etc/systemd/system/bambulab-fetch.service" }
|
||||
- { src: "bambulab-fetch.timer", dest: "/etc/systemd/system/bambulab-fetch.timer" }
|
||||
notify: daemon reload
|
||||
|
||||
- name: Enable timer
|
||||
|
|
|
@ -15,18 +15,18 @@
|
|||
ansible.builtin.template:
|
||||
src: photo-gallery-config.json
|
||||
dest: /opt/photo-gallery/config.json
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart photo-gallery
|
||||
|
||||
- name: Install photo-gallery service file
|
||||
ansible.builtin.template:
|
||||
src: photo-gallery.service
|
||||
dest: /etc/systemd/system/photo-gallery.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart photo-gallery
|
||||
|
||||
- name: Start photo-gallery
|
||||
|
|
|
@ -14,18 +14,18 @@
|
|||
ansible.builtin.template:
|
||||
src: photos2mqtt.pl
|
||||
dest: /opt/photos2mqtt.pl
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0755"
|
||||
notify: restart photos2mqtt
|
||||
|
||||
- name: Install photos2mqtt service file
|
||||
ansible.builtin.template:
|
||||
src: photos2mqtt.service
|
||||
dest: /etc/systemd/system/photos2mqtt.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart photos2mqtt
|
||||
|
||||
- name: Start photos2mqtt
|
||||
|
|
|
@ -2,24 +2,30 @@
|
|||
- ansible.builtin.import_tasks:
|
||||
file: ../../common/handlers/main.yaml
|
||||
|
||||
- name: Restart ircbot
|
||||
ansible.builtin.systemd:
|
||||
name: ircbot
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: restart discord-bot
|
||||
ansible.builtin.systemd:
|
||||
name: discord-bot
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: restart irc-bot
|
||||
- name: Restart irc-bot
|
||||
ansible.builtin.systemd:
|
||||
name: irc-bot
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: Restart irc-photos
|
||||
ansible.builtin.systemd:
|
||||
name: irc-photos
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: Restart irc-doorduino
|
||||
ansible.builtin.systemd:
|
||||
name: irc-doorduino
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: Restart discord-bot
|
||||
ansible.builtin.systemd:
|
||||
name: discord-bot
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
|
||||
- name: Restart siahsd
|
||||
ansible.builtin.systemd:
|
||||
name: siahsd
|
||||
|
|
|
@ -3,58 +3,39 @@
|
|||
- name: Install dependencies
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- openscad
|
||||
- python3-paho-mqtt
|
||||
- python3-tz
|
||||
- virtualenv
|
||||
|
||||
- name: Create virtualenv
|
||||
ansible.builtin.command:
|
||||
cmd: virtualenv /var/lib/discord-bot/.venv
|
||||
cmd: virtualenv /opt/miflora_exporter/.venv
|
||||
args:
|
||||
creates: /var/lib/discord-bot/.venv
|
||||
|
||||
- name: Clone bottleclip source
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/bottle-clip.git
|
||||
version: main
|
||||
dest: /var/lib/bottle-clip
|
||||
accept_hostkey: yes
|
||||
- name: Install Python dependencies
|
||||
ansible.builtin.shell:
|
||||
cmd: . .venv/bin/activate && pip install -r requirements.txt
|
||||
args:
|
||||
chdir: /var/lib/discord-bot
|
||||
|
||||
- name: Clone discord-bot source
|
||||
- name: Clone source
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/discord-bot.git
|
||||
repo: https://github.com/bitlair/discord-bot.git
|
||||
version: main
|
||||
dest: /var/lib/discord-bot
|
||||
accept_hostkey: yes
|
||||
notify:
|
||||
- restart discord-bot
|
||||
- restart irc-bot
|
||||
notify: Restart discord-bot
|
||||
ignore_errors: true
|
||||
|
||||
- name: Install Python dependencies
|
||||
ansible.builtin.shell:
|
||||
cmd: . .venv/bin/activate && pip install -e .
|
||||
args:
|
||||
chdir: /var/lib/discord-bot
|
||||
notify:
|
||||
- restart discord-bot
|
||||
- restart irc-bot
|
||||
|
||||
- name: Install discord-bot service file
|
||||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: discord-bot.service
|
||||
dest: /etc/systemd/system/discord-bot.service
|
||||
owner: root
|
||||
group: root
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: restart discord-bot
|
||||
|
||||
- name: Install irc-bot service file
|
||||
ansible.builtin.template:
|
||||
src: irc-bot.service
|
||||
dest: /etc/systemd/system/irc-bot.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
notify: restart irc-bot
|
||||
notify: Restart discord-bot
|
||||
|
||||
- name: Start discord-bot
|
||||
ansible.builtin.systemd:
|
||||
|
@ -62,10 +43,3 @@
|
|||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
- name: Start irc-bot
|
||||
ansible.builtin.systemd:
|
||||
name: irc-bot
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
---
|
||||
- name: Clone source
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/irc-bot.git
|
||||
version: main
|
||||
repo: https://github.com/bitlair/irc-bot.git
|
||||
version: master
|
||||
dest: /var/lib/irc-bot
|
||||
accept_hostkey: yes
|
||||
ignore_errors: true
|
||||
notify: Restart ircbot
|
||||
notify: Restart irc-bot
|
||||
|
||||
- name: Link irc-say
|
||||
ansible.builtin.file:
|
||||
|
@ -17,18 +17,81 @@
|
|||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: generic.service
|
||||
dest: /etc/systemd/system/ircbot.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
dest: /etc/systemd/system/irc-bot.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
vars:
|
||||
description: Bitlair IRC bot
|
||||
exec: /bin/bash /var/lib/irc-bot/irc-bot
|
||||
notify: Restart ircbot
|
||||
notify: Restart irc-bot
|
||||
|
||||
- name: Start ircbot
|
||||
- name: Start irc-bot
|
||||
ansible.builtin.systemd:
|
||||
name: ircbot
|
||||
name: irc-bot
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
- name: Create helpers dir
|
||||
ansible.builtin.file:
|
||||
path: /var/lib/irc-helpers
|
||||
state: directory
|
||||
|
||||
- name: Install photos notification
|
||||
ansible.builtin.template:
|
||||
src: irc-photos.sh
|
||||
dest: /var/lib/irc-helpers/photos.sh
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0755"
|
||||
notify: Restart irc-photos
|
||||
|
||||
- name: Install photos notification service
|
||||
ansible.builtin.template:
|
||||
src: generic.service
|
||||
dest: /etc/systemd/system/irc-photos.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
vars:
|
||||
description: Bitlair IRC photos notification
|
||||
requires: irc-bot.service
|
||||
exec: /bin/bash /var/lib/irc-helpers/photos.sh
|
||||
notify: Restart irc-photos
|
||||
|
||||
- name: Start irc-photos
|
||||
ansible.builtin.systemd:
|
||||
name: irc-photos
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
- name: Install doorduino notification
|
||||
ansible.builtin.template:
|
||||
src: irc-doorduino.sh
|
||||
dest: /var/lib/irc-helpers/doorduino.sh
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0755"
|
||||
notify: Restart irc-doorduino
|
||||
|
||||
- name: Install doorduino notification service
|
||||
ansible.builtin.template:
|
||||
src: generic.service
|
||||
dest: /etc/systemd/system/irc-doorduino.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
vars:
|
||||
description: Bitlair IRC doorduino notification
|
||||
requires: irc-bot.service
|
||||
exec: /bin/bash /var/lib/irc-helpers/doorduino.sh
|
||||
notify: Restart irc-doorduino
|
||||
|
||||
- name: Start irc-doorduino
|
||||
ansible.builtin.systemd:
|
||||
name: irc-doorduino
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
- name: Clone source
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/mastodon-spacestate.git
|
||||
repo: https://github.com/bitlair/mastodon-spacestate.git
|
||||
version: main
|
||||
dest: /var/lib/mastodon-spacestate
|
||||
accept_hostkey: yes
|
||||
|
@ -18,18 +18,18 @@
|
|||
ansible.builtin.template:
|
||||
src: mastodon-spacestate-config.py
|
||||
dest: /var/lib/mastodon-spacestate/config.py
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0655
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0655"
|
||||
notify: Restart mastodon-spacestate
|
||||
|
||||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: mastodon-spacestate.service
|
||||
dest: /etc/systemd/system/mastodon-spacestate.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart mastodon-spacestate
|
||||
|
||||
- name: Start mastodon-spacestate
|
||||
|
|
|
@ -7,9 +7,9 @@
|
|||
ansible.builtin.template:
|
||||
src: power-mqtt.py
|
||||
dest: /var/lib/power-mqtt.py
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0755"
|
||||
notify: Restart power-mqtt
|
||||
|
||||
- name: Remove old service
|
||||
|
@ -21,9 +21,9 @@
|
|||
ansible.builtin.template:
|
||||
src: generic.service
|
||||
dest: /etc/systemd/system/power-mqtt@.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
vars:
|
||||
description: "SMD630 to MQTT Probe"
|
||||
exec: "/var/lib/power-mqtt.py %i"
|
||||
|
|
|
@ -1,31 +1,32 @@
|
|||
---
|
||||
- name: Install siahsd
|
||||
apt:
|
||||
name:
|
||||
- debianutils
|
||||
- siahsd
|
||||
# TODO: Install and build
|
||||
|
||||
- name: Clone alarm-handlers
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/alarm-handlers.git
|
||||
version: main
|
||||
dest: /opt/alarm
|
||||
accept_hostkey: yes
|
||||
|
||||
- name: Create log directory
|
||||
- name: Create directories
|
||||
ansible.builtin.file:
|
||||
path: /var/log/siahsd
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: siahsd
|
||||
group: nogroup
|
||||
mode: "0750"
|
||||
with_items:
|
||||
- /var/log/siahsd
|
||||
- /var/lib/siahsd
|
||||
|
||||
- name: Install config file
|
||||
ansible.builtin.template:
|
||||
src: siahsd.conf
|
||||
dest: /etc/siahsd.conf
|
||||
owner: root
|
||||
group: root
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart siahsd
|
||||
|
||||
- name: Install service file
|
||||
ansible.builtin.template:
|
||||
src: siahsd.service
|
||||
dest: /etc/systemd/system/siahsd.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart siahsd
|
||||
|
||||
|
@ -35,3 +36,4 @@
|
|||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
|
||||
- name: Clone source
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/spacestated.git
|
||||
repo: https://github.com/bitlair/spacestated.git
|
||||
version: main
|
||||
dest: /var/lib/spacestated/spacestated
|
||||
accept_hostkey: yes
|
||||
|
@ -32,9 +32,9 @@
|
|||
ansible.builtin.template:
|
||||
src: spacestated.service
|
||||
dest: /etc/systemd/system/spacestated.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart spacestated
|
||||
|
||||
- name: Start spacestated
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
|
||||
- name: Clone source
|
||||
ansible.builtin.git:
|
||||
repo: https://git.bitlair.nl/bitlair/wifi-mqtt.git
|
||||
repo: https://github.com/bitlair/wifi-mqtt.git
|
||||
version: main
|
||||
dest: /var/lib/wifi-mqtt
|
||||
accept_hostkey: yes
|
||||
|
@ -19,8 +19,8 @@
|
|||
ansible.builtin.template:
|
||||
src: wifi-mqtt.service
|
||||
dest: /etc/systemd/system/wifi-mqtt.service
|
||||
owner: root
|
||||
group: root
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart wifi-mqtt
|
||||
|
||||
|
|
|
@ -1,17 +1,16 @@
|
|||
# {{ ansible_managed }}
|
||||
# Managed by Ansible
|
||||
|
||||
[Unit]
|
||||
Description=Bitlair Discord Bot
|
||||
Description=HobbyBot
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
Restart=on-failure
|
||||
RestartSec=10s
|
||||
ExecStart=/var/lib/discord-bot/.venv/bin/python /var/lib/discord-bot/discordbot.py
|
||||
ExecStart=/var/lib/discord-bot/.venv/bin/python /var/lib/discord-bot/main.py
|
||||
DynamicUser=true
|
||||
Environment="MQTT_HOST={{ mqtt_internal_host }}"
|
||||
Environment="BOTTLECLIP_RESOURCES=/var/lib/bottle-clip"
|
||||
Environment="DISCORD_WEBHOOK_URL={{ lookup('passwordstore', 'services/discord', subkey='webhook_url') }}"
|
||||
Environment="DISCORD_TOKEN={{ lookup('passwordstore', 'services/discord', subkey='token') }}"
|
||||
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
[Unit]
|
||||
Description=Bitlair IRC Bot
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
ExecStart=/var/lib/discord-bot/.venv/bin/python /var/lib/discord-bot/ircbot.py
|
||||
DynamicUser=true
|
||||
Environment="MQTT_HOST={{ mqtt_internal_host }}"
|
||||
Environment="BOTTLECLIP_RESOURCES=/var/lib/bottle-clip"
|
||||
Environment="IRC_SERVER=irc.smurfnet.ch"
|
||||
Environment="IRC_CHANNEL=#bitlair"
|
||||
Environment="IRC_NICK=bitlair"
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
24
roles/services/templates/irc-doorduino.sh
Normal file
24
roles/services/templates/irc-doorduino.sh
Normal file
|
@ -0,0 +1,24 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Managed by Ansible
|
||||
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
initial=1
|
||||
|
||||
mqtt-simple -h {{ mqtt_internal_host }} -t "bitlair/doorduino/+" |
|
||||
while read line; do
|
||||
topic=$(echo "$line" | cut -d' ' -f1 | sed "s/bitlair\/doorduino\///")
|
||||
value=$(echo "$line" | cut -s -d' ' -f2-)
|
||||
|
||||
if [ $initial == 0 ] && [ $value != 0 ]; then
|
||||
if [ $topic == "doorbell" ]; then
|
||||
irc-say "DEURBEL! Open de deur beneden!"
|
||||
elif [ $topic != "dooropen" ]; then
|
||||
irc-say "Doorduino: $topic $value"
|
||||
fi
|
||||
fi
|
||||
initial=0
|
||||
done
|
||||
|
13
roles/services/templates/irc-photos.sh
Normal file
13
roles/services/templates/irc-photos.sh
Normal file
|
@ -0,0 +1,13 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Managed by Ansible
|
||||
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
mqtt-simple -h {{ mqtt_internal_host }} -s "bitlair/photos" |
|
||||
while read event; do
|
||||
path=$(echo $event | cut -d ' ' -f 2)
|
||||
url="https://bitlair.nl/fotos/view/$path"
|
||||
irc-say "WIP: $url"
|
||||
done
|
|
@ -1,5 +1,3 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
[siahsd]
|
||||
pid file = /var/lib/siahsd/siahsd.pid
|
||||
log file = /var/log/siahsd/siahsd.log
|
||||
|
@ -7,6 +5,13 @@ log level = 3
|
|||
foreground = 0
|
||||
event handlers = script
|
||||
|
||||
#[database]
|
||||
#driver = mysql
|
||||
#host = localhost
|
||||
#name = siahsd
|
||||
#username = siahsd
|
||||
#password = MysbJxAaawmwKPqD
|
||||
|
||||
[siahs]
|
||||
port = 4000
|
||||
|
||||
|
@ -14,5 +19,21 @@ port = 4000
|
|||
port = 9000
|
||||
rsa key file = something.sexp
|
||||
|
||||
#[jsonbot]
|
||||
#address = 192.168.88.15
|
||||
#port = 5500
|
||||
#aes key = blablablablablaz
|
||||
#password = mekker
|
||||
#privmsg to = #bitlair
|
||||
|
||||
#[spacestate]
|
||||
#driver = mysql
|
||||
#host = localhost
|
||||
#name = bitwifi
|
||||
#username = bitwifi
|
||||
#password = aGWERQpLEQPUaXJV
|
||||
#open script = /opt/alarm/disarmed.sh
|
||||
#close script = /opt/alarm/armed.sh
|
||||
|
||||
[script]
|
||||
path = /opt/alarm/siahsd_handler.sh
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue