281 lines
No EOL
5.7 KiB
YAML
281 lines
No EOL
5.7 KiB
YAML
---
|
|
- hosts: pi
|
|
gather_facts: no
|
|
tags: pihw
|
|
tasks:
|
|
## LCD STUFF
|
|
- name: Enable i2c on boot/config.txt
|
|
lineinfile:
|
|
dest: /boot/config.txt
|
|
regexp: "^#?dtparam=i2c_arm="
|
|
line: "dtparam=i2c_arm=on"
|
|
insertafter: EOF
|
|
state: present
|
|
|
|
- name: Enable i2c module
|
|
lineinfile:
|
|
dest: /etc/modules-load.d/raspberrypi.conf
|
|
regexp: "^#?i2c"
|
|
line: "i2c-dev"
|
|
insertafter: EOF
|
|
state: present
|
|
|
|
- name: Copy systemd unit files
|
|
ansible.builtin.copy:
|
|
src: files/display.service
|
|
dest: /etc/systemd/system/
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
register: display_service
|
|
tags: display
|
|
|
|
- name: Reload systemd
|
|
ansible.builtin.systemd:
|
|
daemon_reload: yes
|
|
when: display_service.changed
|
|
tags: display
|
|
|
|
- name: Enable display service
|
|
ansible.builtin.systemd:
|
|
name: display
|
|
enabled: yes
|
|
state: started
|
|
tags: display
|
|
|
|
## Now the most important part: PPS
|
|
- name: Add PPS tools
|
|
package:
|
|
name: pps-tools
|
|
state: present
|
|
|
|
- name: PPS on GPIO
|
|
lineinfile:
|
|
dest: /boot/config.txt
|
|
regexp: "^dtoverlay=pps-gpio"
|
|
line: "dtoverlay=pps-gpio,gpiopin=18"
|
|
state: present
|
|
|
|
|
|
## Lower ethernet latency of smsc95xx
|
|
- name: Configure options in /boot/cmdline.txt
|
|
replace:
|
|
path: /boot/cmdline.txt
|
|
regexp: '^([\w](?!.*\b{{ item }}\b).*)$'
|
|
replace: '\1 {{ item }}'
|
|
with_items:
|
|
- smsc95xx.turbo_mode=N
|
|
tags: smsc95xx
|
|
|
|
## Enable UART for the GPS module
|
|
- name: Enable UART
|
|
lineinfile:
|
|
dest: /boot/config.txt
|
|
regexp: "^#?enable_uart="
|
|
line: "enable_uart=1"
|
|
insertafter: EOF
|
|
state: present
|
|
|
|
# - name: Disable bluetooth XXX makes it really laggy
|
|
# lineinfile:
|
|
# dest: /boot/config.txt
|
|
# regexp: "^dtoverlay=pi3-disable-bt"
|
|
# line: "dtoverlay=pi3-disable-bt"
|
|
# state: present
|
|
|
|
- name: Disable serial-getty@ttyS0
|
|
systemd:
|
|
name: serial-getty@ttyS0
|
|
enabled: no
|
|
state: stopped
|
|
|
|
- name: copy gpsd config files
|
|
ansible.builtin.copy:
|
|
src: files/gpsd
|
|
dest: /etc/default/gpsd
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
tags: gpsd
|
|
|
|
- name: start and enable gpsd
|
|
systemd:
|
|
name: gpsd
|
|
enabled: yes
|
|
state: started
|
|
tags: gpsd
|
|
|
|
|
|
|
|
|
|
- hosts: all
|
|
tags: ntp
|
|
tasks:
|
|
- name: Disable systemd LLMNR
|
|
lineinfile:
|
|
dest: /etc/systemd/resolved.conf
|
|
regexp: "^#?LLMNR="
|
|
line: "LLMNR=no"
|
|
insertafter: EOF
|
|
state: present
|
|
register: resolved_conf
|
|
|
|
- name: Restart systemd-resolved
|
|
systemd:
|
|
name: systemd-resolved
|
|
state: restarted
|
|
when: resolved_conf.changed
|
|
|
|
- name: Install chrony
|
|
package:
|
|
name: chrony
|
|
state: present
|
|
notify: restart chrony
|
|
|
|
- name: Configure chrony
|
|
template:
|
|
src: files/chrony.conf.j2
|
|
dest: "{{ '/etc/chrony/chrony.conf' if ansible_facts['distribution'] == 'Ubuntu' else '/etc/chrony.conf' }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: restart chrony
|
|
tags: chrony
|
|
|
|
- name: Enable chrony
|
|
service:
|
|
name: chronyd
|
|
enabled: yes
|
|
state: started
|
|
|
|
handlers:
|
|
- name: restart chrony
|
|
service:
|
|
name: chronyd
|
|
state: restarted
|
|
|
|
## BGP STUFF
|
|
- hosts: all
|
|
tags: bgp
|
|
tasks:
|
|
- name: gather facts
|
|
setup:
|
|
tags: check
|
|
- name: install FRR
|
|
package:
|
|
name: frr
|
|
state: present
|
|
when: ansible_facts['distribution'] == 'Ubuntu'
|
|
#XXX for arch install it manually with yay
|
|
|
|
- name: Enable FRR bgp daemon
|
|
lineinfile:
|
|
dest: /etc/frr/daemons
|
|
regexp: "^bgpd=no"
|
|
line: "bgpd=yes"
|
|
state: present
|
|
|
|
- name: Copy frr config
|
|
ansible.builtin.template:
|
|
src: files/frr.conf.j2
|
|
dest: /etc/frr/frr.conf
|
|
owner: frr
|
|
group: frr
|
|
mode: 0640
|
|
notify: restart frr
|
|
|
|
- name: Copy systemd netdevs
|
|
ansible.builtin.template:
|
|
src: files/{{item}}.netdev
|
|
dest: /etc/systemd/network/
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
with_items:
|
|
- bgp
|
|
- bgp-backup
|
|
register: netdevs
|
|
|
|
- name: Copy systemd bgp network
|
|
ansible.builtin.template:
|
|
src: files/{{item}}.network
|
|
dest: /etc/systemd/network/
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
with_items:
|
|
- bgp
|
|
- bgp-backup
|
|
register: bgpnetworks
|
|
|
|
- name: Copy systemd bgp-backup network
|
|
ansible.builtin.template:
|
|
src: files/bgp-backup.network
|
|
dest: /etc/systemd/network/
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
register: networks
|
|
|
|
- name: Reload systemd-networkd
|
|
shell: networkctl reload
|
|
when: netdevs.changed or networks.changed or bgpnetworks.changed
|
|
|
|
|
|
- name: Enable FRR
|
|
service:
|
|
name: frr
|
|
enabled: yes
|
|
state: started
|
|
|
|
|
|
- name: Check that announces are okay
|
|
delegate_to: ikvps.k3s.fr
|
|
shell: "curl http://[{{bgp_ipv6}}] | grep 'NTP server {{ansible_hostname}}'"
|
|
tags: check
|
|
|
|
handlers:
|
|
- name: restart frr
|
|
systemd:
|
|
name: frr
|
|
state: restarted
|
|
|
|
- hosts: all
|
|
tags: web
|
|
tasks:
|
|
- name: Install nginx
|
|
package:
|
|
name: nginx
|
|
state: present
|
|
|
|
- name: Copy nginx config
|
|
ansible.builtin.template:
|
|
src: files/nginx.conf.j2
|
|
dest: /etc/nginx/nginx.conf
|
|
register: nginx_conf
|
|
|
|
- name: Enable nginx
|
|
service:
|
|
name: nginx
|
|
enabled: yes
|
|
state: started
|
|
|
|
- name: Restart nginx
|
|
systemd:
|
|
name: nginx
|
|
state: restarted
|
|
when: nginx_conf.changed
|
|
|
|
|
|
- name: ensure /var/www/html exists
|
|
file:
|
|
path: /var/www/html
|
|
state: directory
|
|
|
|
- name: Copy index page
|
|
ansible.builtin.template:
|
|
src: files/index.html
|
|
dest: /var/www/html/
|
|
owner: root
|
|
group: root
|
|
mode: 0644 |