From 36a0a9996d0808bbc21c71a16d6569f72b680422 Mon Sep 17 00:00:00 2001 From: "Glenn K. Lockwood" Date: Mon, 27 Jul 2020 20:43:34 -0700 Subject: [PATCH] unify local and remote mode of operation --- README.md | 45 ++++++++++++++-------- host_vars/cloverdale | 25 ++++++++++++ host_vars/cloverleaf | 28 ++++++++++++++ host_vars/clovermine | 25 ++++++++++++ hosts.remote | 6 +-- local.yml | 6 +++ roles/common/tasks/main.yml | 36 +++++++++++++----- roles/common/vars/main.yml | 76 ------------------------------------- 8 files changed, 142 insertions(+), 105 deletions(-) create mode 100644 host_vars/cloverdale create mode 100644 host_vars/cloverleaf create mode 100644 host_vars/clovermine diff --git a/README.md b/README.md index 340aa57..7cb5351 100644 --- a/README.md +++ b/README.md @@ -34,10 +34,24 @@ which pollutes your login Python environment, but is better than nothing. ## Configuration -The `macaddrs` structure in _roles/common/vars/main.yml_ maps the MAC address of -a Raspberry Pi to its intended configuration state. Add your Raspberry Pi's MAC -address (specifically for `eth0` if your RPi has multiple NICs) to that -structure and set its configuration accordingly. +This playbook can be run on localhost or against one or more remote hosts. The +former is good for a bare Raspberry Pi that was freshly provisioned using NOOBS +or the like, as you don't need a second host to act as the provisioning host. +The latter is the conventional way in which ansible is typically run and makes +more sense if you want to configure a bunch of Raspberry Pis. + +### Local Mode + +Edit `local.yml` and add the mac address of `eth0` for the Raspberry Pi to +configure to the `macaddrs` variable. Its key should be a mac address (all +lower case) and the value should be the short hostname of that system. Each +such entry's short hostname must match a file in the `host_vars/` directory. + +### All modes + +The contents of each file in `host_vars/` is the intended configuration state +for each Raspberry Pi. Look at one of the examples included to get a feel for +the configurations available. To add local users, create and edit `roles/common/vars/users.yml`. Follow the structure in `roles/common/vars/users.yml.example`. You can/should @@ -45,13 +59,23 @@ structure in `roles/common/vars/users.yml.example`. You can/should ## Running the playbook +### Local Mode + Then run the playbook: - (ansible_env) $ ansible-playbook --ask-vault-pass --become --become-user root --ask-become-pass ./local.yml + (ansible_env) $ ansible-playbook --ask-vault-pass --become --become-user root --ask-become-pass --inventory hosts ./local.yml The playbook will self-discover its settings, then idempotently configure the Raspberry Pi. +### Remote Mode + +This is similar to local mode: + + (ansible_env) $ ansible-playbook --ask-vault-pass --inventory hosts.remote ./remote.yml + +The playbook follows the same code path. + ## After running the playbook This playbook purposely requires a few manual steps _after_ running the playbook @@ -90,17 +114,6 @@ The format expected in `roles/common/vars/main.yml` is something like - etc/ssh/ssh_host_ecdsa_key.cloverdale - etc/ssh/ssh_host_ed25519_key.cloverdale -### Remote mode - -The playbooks can also be run in a traditional remote mode: - - $ ansible-playbook --ask-become-pass --ask-vault-pass --inventory hosts.remote ./remote.yml - -At present this does _not_ make use of hostvars; this is because the playbook -started out designed to be run against localhost and the playbook -self-identifies the system and fetches configuration variables from -`roles/common/vars/main.yml` based on that. - ## Acknowledgment I stole a lot of knowledge from https://github.com/giuaig/ansible-raspi-config/. diff --git a/host_vars/cloverdale b/host_vars/cloverdale new file mode 100644 index 0000000..f4ddb6d --- /dev/null +++ b/host_vars/cloverdale @@ -0,0 +1,25 @@ +--- +macaddr: "dc:a6:32:8c:8a:53" +hostname: "cloverdale" +domain: "local" +locale: "en_US.UTF-8" +timezone: "America/Los_Angeles" +xkblayout: "us" +wifi_country: "US" +enable_gui: True +enable_autologin: False +enable_bootwait: False +enable_bootsplash: False +enable_camera: False +enable_vnc: False +enable_spi: False +enable_i2c: False +enable_serial: True +enable_serial_hw: True +enable_onewire: False +enable_rgpio: False +ssh_host_key_files: + - etc/ssh/ssh_host_rsa_key.cloverdale + - etc/ssh/ssh_host_dsa_key.cloverdale + - etc/ssh/ssh_host_ecdsa_key.cloverdale + - etc/ssh/ssh_host_ed25519_key.cloverdale diff --git a/host_vars/cloverleaf b/host_vars/cloverleaf new file mode 100644 index 0000000..3024532 --- /dev/null +++ b/host_vars/cloverleaf @@ -0,0 +1,28 @@ +--- +macaddr: "b8:27:eb:ff:35:c7" +hostname: "cloverleaf" +domain: "local" +locale: "en_US.UTF-8" +timezone: "America/Los_Angeles" +xkblayout: "us" +enable_gui: False +enable_autologin: False +enable_bootwait: True +enable_bootsplash: False +enable_camera: False +enable_vnc: False +enable_spi: False +enable_i2c: False +enable_serial: True +enable_serial_hw: True +enable_onewire: False +enable_rgpio: False +ssh_host_key_files: + - etc/ssh/ssh_host_rsa_key.cloverleaf + - etc/ssh/ssh_host_dsa_key.cloverleaf + - etc/ssh/ssh_host_ecdsa_key.cloverleaf + - etc/ssh/ssh_host_ed25519_key.cloverleaf +extra_software: + - "w3m" + - "irssi" + - "screen" diff --git a/host_vars/clovermine b/host_vars/clovermine new file mode 100644 index 0000000..c92ed17 --- /dev/null +++ b/host_vars/clovermine @@ -0,0 +1,25 @@ +--- +macaddr: "b8:27:eb:6c:82:02" +hostname: "clovermine" +domain: "local" +locale: "en_US.UTF-8" +timezone: "America/Los_Angeles" +xkblayout: "us" +wifi_country: "US" +enable_gui: True +enable_autologin: False +enable_bootwait: False +enable_bootsplash: False +enable_camera: False +enable_vnc: False +enable_spi: False +enable_i2c: False +enable_serial: True +enable_serial_hw: True +enable_onewire: False +enable_rgpio: False +darshan_dev: True +extra_software: + - "libglib2.0-dev" + - "libncurses-dev" + - "libperl-dev" diff --git a/hosts.remote b/hosts.remote index 97f5128..0597ab7 100644 --- a/hosts.remote +++ b/hosts.remote @@ -1,4 +1,4 @@ [raspberrypi] -cloverdale.local -cloverleaf.local -clovermine.local +cloverdale ansible_host=cloverdale.local +cloverleaf ansible_host=cloverleaf.local +clovermine ansible_host=clovermine.local diff --git a/local.yml b/local.yml index a44eb5e..30b2941 100644 --- a/local.yml +++ b/local.yml @@ -3,5 +3,11 @@ hosts: localhost user: root connection: local + vars: + macaddrs: + # mac address of eth0 -> hostname; used to identify self when run against localhost + dc:a6:32:8c:8a:53: "cloverdale" + b8:27:eb:6c:82:02: "clovermine" + b8:27:eb:ff:35:c7: "cloverleaf" roles: - common diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index e97bc3e..a07490b 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,22 +1,31 @@ --- -# Gather facts specific to the Raspberry Pi platform -- include: raspi-facts.yml -- include: linux-facts.yml +# Self identify and load config - this allows the playbook to run on either +# localhost or a remote host +- name: store MAC address for eth0 + set_fact: + my_macaddr: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}" + when: inventory_hostname == 'localhost' + tags: + - raspi + - sw + - sshd + - motd -# Basic hostname setup -- name: Get MAC address - debug: - msg: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}" +- name: self-identify based on mac address (local mode) + set_fact: + myhostname: "{{ macaddrs[my_macaddr] }}" + when: inventory_hostname_short == 'localhost' tags: - raspi - sw - sshd - motd -- name: store MAC address +- name: self-identify based on mac address (remote mode) set_fact: - my_macaddr: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}" + myhostname: "{{ inventory_hostname_short }}" + when: "inventory_hostname_short != 'localhost'" tags: - raspi - sw @@ -25,13 +34,20 @@ - name: store system configuration set_fact: - myconfig: "{{ macaddrs[my_macaddr] }}" + myconfig: "{{ hostvars[myhostname] }}" tags: - raspi - sw - sshd - motd +- debug: + var: myconfig + +# Gather facts specific to the Raspberry Pi platform +- include: raspi-facts.yml +- include: linux-facts.yml + - name: set hostname shell: "raspi-config nonint do_hostname {{ myconfig.hostname }}" when: raspi_hostname != myconfig.hostname diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml index fd7c03c..ed97d53 100644 --- a/roles/common/vars/main.yml +++ b/roles/common/vars/main.yml @@ -1,77 +1 @@ --- -macaddrs: - dc:a6:32:8c:8a:53: - hostname: "cloverdale" - domain: "local" - locale: "en_US.UTF-8" - timezone: "America/Los_Angeles" - xkblayout: "us" - wifi_country: "US" - enable_gui: True - enable_autologin: False - enable_bootwait: False - enable_bootsplash: False - enable_camera: False - enable_vnc: False - enable_spi: False - enable_i2c: False - enable_serial: True - enable_serial_hw: True - enable_onewire: False - enable_rgpio: False - ssh_host_key_files: - - etc/ssh/ssh_host_rsa_key.cloverdale - - etc/ssh/ssh_host_dsa_key.cloverdale - - etc/ssh/ssh_host_ecdsa_key.cloverdale - - etc/ssh/ssh_host_ed25519_key.cloverdale - b8:27:eb:6c:82:02: - hostname: "clovermine" - domain: "local" - locale: "en_US.UTF-8" - timezone: "America/Los_Angeles" - xkblayout: "us" - wifi_country: "US" - enable_gui: True - enable_autologin: False - enable_bootwait: False - enable_bootsplash: False - enable_camera: False - enable_vnc: False - enable_spi: False - enable_i2c: False - enable_serial: True - enable_serial_hw: True - enable_onewire: False - enable_rgpio: False - darshan_dev: True - extra_software: - - "libglib2.0-dev" - - "libncurses-dev" - - "libperl-dev" - b8:27:eb:ff:35:c7: - hostname: "cloverleaf" - domain: "local" - locale: "en_US.UTF-8" - timezone: "America/Los_Angeles" - xkblayout: "us" - enable_gui: False - enable_autologin: False - enable_bootwait: True - enable_bootsplash: False - enable_camera: False - enable_vnc: False - enable_spi: False - enable_i2c: False - enable_serial: True - enable_serial_hw: True - enable_onewire: False - enable_rgpio: False - ssh_host_key_files: - - etc/ssh/ssh_host_rsa_key.cloverleaf - - etc/ssh/ssh_host_dsa_key.cloverleaf - - etc/ssh/ssh_host_ecdsa_key.cloverleaf - - etc/ssh/ssh_host_ed25519_key.cloverleaf - extra_software: - - "w3m" - - "irssi" - - "screen"