unify local and remote mode of operation

master
Glenn K. Lockwood 4 years ago
parent 621dd3feb4
commit 36a0a9996d
  1. 45
      README.md
  2. 25
      host_vars/cloverdale
  3. 28
      host_vars/cloverleaf
  4. 25
      host_vars/clovermine
  5. 6
      hosts.remote
  6. 6
      local.yml
  7. 36
      roles/common/tasks/main.yml
  8. 76
      roles/common/vars/main.yml

@ -34,10 +34,24 @@ which pollutes your login Python environment, but is better than nothing.
## Configuration ## Configuration
The `macaddrs` structure in _roles/common/vars/main.yml_ maps the MAC address of This playbook can be run on localhost or against one or more remote hosts. The
a Raspberry Pi to its intended configuration state. Add your Raspberry Pi's MAC former is good for a bare Raspberry Pi that was freshly provisioned using NOOBS
address (specifically for `eth0` if your RPi has multiple NICs) to that or the like, as you don't need a second host to act as the provisioning host.
structure and set its configuration accordingly. The latter is the conventional way in which ansible is typically run and makes
more sense if you want to configure a bunch of Raspberry Pis.
### Local Mode
Edit `local.yml` and add the mac address of `eth0` for the Raspberry Pi to
configure to the `macaddrs` variable. Its key should be a mac address (all
lower case) and the value should be the short hostname of that system. Each
such entry's short hostname must match a file in the `host_vars/` directory.
### All modes
The contents of each file in `host_vars/` is the intended configuration state
for each Raspberry Pi. Look at one of the examples included to get a feel for
the configurations available.
To add local users, create and edit `roles/common/vars/users.yml`. Follow the To add local users, create and edit `roles/common/vars/users.yml`. Follow the
structure in `roles/common/vars/users.yml.example`. You can/should structure in `roles/common/vars/users.yml.example`. You can/should
@ -45,13 +59,23 @@ structure in `roles/common/vars/users.yml.example`. You can/should
## Running the playbook ## Running the playbook
### Local Mode
Then run the playbook: Then run the playbook:
(ansible_env) $ ansible-playbook --ask-vault-pass --become --become-user root --ask-become-pass ./local.yml (ansible_env) $ ansible-playbook --ask-vault-pass --become --become-user root --ask-become-pass --inventory hosts ./local.yml
The playbook will self-discover its settings, then idempotently configure the The playbook will self-discover its settings, then idempotently configure the
Raspberry Pi. Raspberry Pi.
### Remote Mode
This is similar to local mode:
(ansible_env) $ ansible-playbook --ask-vault-pass --inventory hosts.remote ./remote.yml
The playbook follows the same code path.
## After running the playbook ## After running the playbook
This playbook purposely requires a few manual steps _after_ running the playbook This playbook purposely requires a few manual steps _after_ running the playbook
@ -90,17 +114,6 @@ The format expected in `roles/common/vars/main.yml` is something like
- etc/ssh/ssh_host_ecdsa_key.cloverdale - etc/ssh/ssh_host_ecdsa_key.cloverdale
- etc/ssh/ssh_host_ed25519_key.cloverdale - etc/ssh/ssh_host_ed25519_key.cloverdale
### Remote mode
The playbooks can also be run in a traditional remote mode:
$ ansible-playbook --ask-become-pass --ask-vault-pass --inventory hosts.remote ./remote.yml
At present this does _not_ make use of hostvars; this is because the playbook
started out designed to be run against localhost and the playbook
self-identifies the system and fetches configuration variables from
`roles/common/vars/main.yml` based on that.
## Acknowledgment ## Acknowledgment
I stole a lot of knowledge from https://github.com/giuaig/ansible-raspi-config/. I stole a lot of knowledge from https://github.com/giuaig/ansible-raspi-config/.

@ -0,0 +1,25 @@
---
macaddr: "dc:a6:32:8c:8a:53"
hostname: "cloverdale"
domain: "local"
locale: "en_US.UTF-8"
timezone: "America/Los_Angeles"
xkblayout: "us"
wifi_country: "US"
enable_gui: True
enable_autologin: False
enable_bootwait: False
enable_bootsplash: False
enable_camera: False
enable_vnc: False
enable_spi: False
enable_i2c: False
enable_serial: True
enable_serial_hw: True
enable_onewire: False
enable_rgpio: False
ssh_host_key_files:
- etc/ssh/ssh_host_rsa_key.cloverdale
- etc/ssh/ssh_host_dsa_key.cloverdale
- etc/ssh/ssh_host_ecdsa_key.cloverdale
- etc/ssh/ssh_host_ed25519_key.cloverdale

@ -0,0 +1,28 @@
---
macaddr: "b8:27:eb:ff:35:c7"
hostname: "cloverleaf"
domain: "local"
locale: "en_US.UTF-8"
timezone: "America/Los_Angeles"
xkblayout: "us"
enable_gui: False
enable_autologin: False
enable_bootwait: True
enable_bootsplash: False
enable_camera: False
enable_vnc: False
enable_spi: False
enable_i2c: False
enable_serial: True
enable_serial_hw: True
enable_onewire: False
enable_rgpio: False
ssh_host_key_files:
- etc/ssh/ssh_host_rsa_key.cloverleaf
- etc/ssh/ssh_host_dsa_key.cloverleaf
- etc/ssh/ssh_host_ecdsa_key.cloverleaf
- etc/ssh/ssh_host_ed25519_key.cloverleaf
extra_software:
- "w3m"
- "irssi"
- "screen"

@ -0,0 +1,25 @@
---
macaddr: "b8:27:eb:6c:82:02"
hostname: "clovermine"
domain: "local"
locale: "en_US.UTF-8"
timezone: "America/Los_Angeles"
xkblayout: "us"
wifi_country: "US"
enable_gui: True
enable_autologin: False
enable_bootwait: False
enable_bootsplash: False
enable_camera: False
enable_vnc: False
enable_spi: False
enable_i2c: False
enable_serial: True
enable_serial_hw: True
enable_onewire: False
enable_rgpio: False
darshan_dev: True
extra_software:
- "libglib2.0-dev"
- "libncurses-dev"
- "libperl-dev"

@ -1,4 +1,4 @@
[raspberrypi] [raspberrypi]
cloverdale.local cloverdale ansible_host=cloverdale.local
cloverleaf.local cloverleaf ansible_host=cloverleaf.local
clovermine.local clovermine ansible_host=clovermine.local

@ -3,5 +3,11 @@
hosts: localhost hosts: localhost
user: root user: root
connection: local connection: local
vars:
macaddrs:
# mac address of eth0 -> hostname; used to identify self when run against localhost
dc:a6:32:8c:8a:53: "cloverdale"
b8:27:eb:6c:82:02: "clovermine"
b8:27:eb:ff:35:c7: "cloverleaf"
roles: roles:
- common - common

@ -1,22 +1,31 @@
--- ---
# Gather facts specific to the Raspberry Pi platform # Self identify and load config - this allows the playbook to run on either
- include: raspi-facts.yml # localhost or a remote host
- include: linux-facts.yml - name: store MAC address for eth0
set_fact:
my_macaddr: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}"
when: inventory_hostname == 'localhost'
tags:
- raspi
- sw
- sshd
- motd
# Basic hostname setup - name: self-identify based on mac address (local mode)
- name: Get MAC address set_fact:
debug: myhostname: "{{ macaddrs[my_macaddr] }}"
msg: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}" when: inventory_hostname_short == 'localhost'
tags: tags:
- raspi - raspi
- sw - sw
- sshd - sshd
- motd - motd
- name: store MAC address - name: self-identify based on mac address (remote mode)
set_fact: set_fact:
my_macaddr: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}" myhostname: "{{ inventory_hostname_short }}"
when: "inventory_hostname_short != 'localhost'"
tags: tags:
- raspi - raspi
- sw - sw
@ -25,13 +34,20 @@
- name: store system configuration - name: store system configuration
set_fact: set_fact:
myconfig: "{{ macaddrs[my_macaddr] }}" myconfig: "{{ hostvars[myhostname] }}"
tags: tags:
- raspi - raspi
- sw - sw
- sshd - sshd
- motd - motd
- debug:
var: myconfig
# Gather facts specific to the Raspberry Pi platform
- include: raspi-facts.yml
- include: linux-facts.yml
- name: set hostname - name: set hostname
shell: "raspi-config nonint do_hostname {{ myconfig.hostname }}" shell: "raspi-config nonint do_hostname {{ myconfig.hostname }}"
when: raspi_hostname != myconfig.hostname when: raspi_hostname != myconfig.hostname

@ -1,77 +1 @@
--- ---
macaddrs:
dc:a6:32:8c:8a:53:
hostname: "cloverdale"
domain: "local"
locale: "en_US.UTF-8"
timezone: "America/Los_Angeles"
xkblayout: "us"
wifi_country: "US"
enable_gui: True
enable_autologin: False
enable_bootwait: False
enable_bootsplash: False
enable_camera: False
enable_vnc: False
enable_spi: False
enable_i2c: False
enable_serial: True
enable_serial_hw: True
enable_onewire: False
enable_rgpio: False
ssh_host_key_files:
- etc/ssh/ssh_host_rsa_key.cloverdale
- etc/ssh/ssh_host_dsa_key.cloverdale
- etc/ssh/ssh_host_ecdsa_key.cloverdale
- etc/ssh/ssh_host_ed25519_key.cloverdale
b8:27:eb:6c:82:02:
hostname: "clovermine"
domain: "local"
locale: "en_US.UTF-8"
timezone: "America/Los_Angeles"
xkblayout: "us"
wifi_country: "US"
enable_gui: True
enable_autologin: False
enable_bootwait: False
enable_bootsplash: False
enable_camera: False
enable_vnc: False
enable_spi: False
enable_i2c: False
enable_serial: True
enable_serial_hw: True
enable_onewire: False
enable_rgpio: False
darshan_dev: True
extra_software:
- "libglib2.0-dev"
- "libncurses-dev"
- "libperl-dev"
b8:27:eb:ff:35:c7:
hostname: "cloverleaf"
domain: "local"
locale: "en_US.UTF-8"
timezone: "America/Los_Angeles"
xkblayout: "us"
enable_gui: False
enable_autologin: False
enable_bootwait: True
enable_bootsplash: False
enable_camera: False
enable_vnc: False
enable_spi: False
enable_i2c: False
enable_serial: True
enable_serial_hw: True
enable_onewire: False
enable_rgpio: False
ssh_host_key_files:
- etc/ssh/ssh_host_rsa_key.cloverleaf
- etc/ssh/ssh_host_dsa_key.cloverleaf
- etc/ssh/ssh_host_ecdsa_key.cloverleaf
- etc/ssh/ssh_host_ed25519_key.cloverleaf
extra_software:
- "w3m"
- "irssi"
- "screen"

Loading…
Cancel
Save