unify local and remote mode of operation

4 years ago · 36a0a9996d
parent 621dd3feb4
commit 36a0a9996d
8 changed files with 142 additions and 105 deletions
--- a/README.md
+++ b/README.md
@ -34,10 +34,24 @@ which pollutes your login Python environment, but is better than nothing.
 ## Configuration
-The `macaddrs` structure in _roles/common/vars/main.yml_ maps the MAC address of
+This playbook can be run on localhost or against one or more remote hosts.  The
-a Raspberry Pi to its intended configuration state.  Add your Raspberry Pi's MAC
+former is good for a bare Raspberry Pi that was freshly provisioned using NOOBS
-address (specifically for `eth0` if your RPi has multiple NICs) to that
+or the like, as you don't need a second host to act as the provisioning host.
-structure and set its configuration accordingly.
+The latter is the conventional way in which ansible is typically run and makes
 more sense if you want to configure a bunch of Raspberry Pis.
 ### Local Mode
 Edit `local.yml` and add the mac address of `eth0` for the Raspberry Pi to
 configure to the `macaddrs` variable.  Its key should be a mac address (all
 lower case) and the value should be the short hostname of that system.  Each
 such entry's short hostname must match a file in the `host_vars/` directory.
 ### All modes
 The contents of each file in `host_vars/` is the intended configuration state
 for each Raspberry Pi.  Look at one of the examples included to get a feel for
 the configurations available.
 To add local users, create and edit `roles/common/vars/users.yml`.  Follow the
 structure in `roles/common/vars/users.yml.example`.  You can/should
@ -45,13 +59,23 @@ structure in `roles/common/vars/users.yml.example`.  You can/should
 ## Running the playbook
 ### Local Mode
 Then run the playbook:
-    (ansible_env) $ ansible-playbook --ask-vault-pass --become --become-user root --ask-become-pass ./local.yml
+    (ansible_env) $ ansible-playbook --ask-vault-pass --become --become-user root --ask-become-pass --inventory hosts ./local.yml
 The playbook will self-discover its settings, then idempotently configure the
 Raspberry Pi.
 ### Remote Mode
 This is similar to local mode:
    (ansible_env) $ ansible-playbook --ask-vault-pass --inventory hosts.remote ./remote.yml
 The playbook follows the same code path.
 ## After running the playbook
 This playbook purposely requires a few manual steps _after_ running the playbook
@ -90,17 +114,6 @@ The format expected in `roles/common/vars/main.yml` is something like
              - etc/ssh/ssh_host_ecdsa_key.cloverdale
              - etc/ssh/ssh_host_ed25519_key.cloverdale
 ### Remote mode
 The playbooks can also be run in a traditional remote mode:
    $ ansible-playbook --ask-become-pass --ask-vault-pass --inventory hosts.remote ./remote.yml
 At present this does _not_ make use of hostvars; this is because the playbook
 started out designed to be run against localhost and the playbook
 self-identifies the system and fetches configuration variables from
 `roles/common/vars/main.yml` based on that.
 ## Acknowledgment
 I stole a lot of knowledge from https://github.com/giuaig/ansible-raspi-config/.
--- a/host_vars/cloverdale
+++ b/host_vars/cloverdale
@ -0,0 +1,25 @@
 ---
 macaddr: "dc:a6:32:8c:8a:53"
 hostname: "cloverdale"
 domain: "local"
 locale: "en_US.UTF-8"
 timezone: "America/Los_Angeles"
 xkblayout: "us"
 wifi_country: "US"
 enable_gui: True
 enable_autologin: False
 enable_bootwait: False
 enable_bootsplash: False
 enable_camera: False
 enable_vnc: False
 enable_spi: False
 enable_i2c: False
 enable_serial: True
 enable_serial_hw: True
 enable_onewire: False
 enable_rgpio: False
 ssh_host_key_files:
  - etc/ssh/ssh_host_rsa_key.cloverdale
  - etc/ssh/ssh_host_dsa_key.cloverdale
  - etc/ssh/ssh_host_ecdsa_key.cloverdale
  - etc/ssh/ssh_host_ed25519_key.cloverdale
--- a/host_vars/cloverleaf
+++ b/host_vars/cloverleaf
@ -0,0 +1,28 @@
 ---
 macaddr: "b8:27:eb:ff:35:c7"
 hostname: "cloverleaf"
 domain: "local"
 locale: "en_US.UTF-8"
 timezone: "America/Los_Angeles"
 xkblayout: "us"
 enable_gui: False
 enable_autologin: False
 enable_bootwait: True
 enable_bootsplash: False
 enable_camera: False
 enable_vnc: False
 enable_spi: False
 enable_i2c: False
 enable_serial: True
 enable_serial_hw: True
 enable_onewire: False
 enable_rgpio: False
 ssh_host_key_files:
  - etc/ssh/ssh_host_rsa_key.cloverleaf
  - etc/ssh/ssh_host_dsa_key.cloverleaf
  - etc/ssh/ssh_host_ecdsa_key.cloverleaf
  - etc/ssh/ssh_host_ed25519_key.cloverleaf
 extra_software:
  - "w3m"
  - "irssi"
  - "screen"
--- a/host_vars/clovermine
+++ b/host_vars/clovermine
@ -0,0 +1,25 @@
 ---
 macaddr: "b8:27:eb:6c:82:02"
 hostname: "clovermine"
 domain: "local"
 locale: "en_US.UTF-8"
 timezone: "America/Los_Angeles"
 xkblayout: "us"
 wifi_country: "US"
 enable_gui: True
 enable_autologin: False
 enable_bootwait: False
 enable_bootsplash: False
 enable_camera: False
 enable_vnc: False
 enable_spi: False
 enable_i2c: False
 enable_serial: True
 enable_serial_hw: True
 enable_onewire: False
 enable_rgpio: False
 darshan_dev: True
 extra_software:
  - "libglib2.0-dev"
  - "libncurses-dev"
  - "libperl-dev"
--- a/hosts.remote
+++ b/hosts.remote
@ -1,4 +1,4 @@
 [raspberrypi]
-cloverdale.local
+cloverdale ansible_host=cloverdale.local
-cloverleaf.local
+cloverleaf ansible_host=cloverleaf.local
-clovermine.local
+clovermine ansible_host=clovermine.local
--- a/local.yml
+++ b/local.yml
@ -3,5 +3,11 @@
  hosts: localhost
  user: root
  connection: local
  vars:
    macaddrs:
        # mac address of eth0 -> hostname; used to identify self when run against localhost
        dc:a6:32:8c:8a:53: "cloverdale"
        b8:27:eb:6c:82:02: "clovermine"
        b8:27:eb:ff:35:c7: "cloverleaf"
  roles:
    - common
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -1,22 +1,31 @@
 ---
-# Gather facts specific to the Raspberry Pi platform
+# Self identify and load config - this allows the playbook to run on either
- include: raspi-facts.yml
+# localhost or a remote host
- include: linux-facts.yml
+- name: store MAC address for eth0
  set_fact:
    my_macaddr: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}"
  when: inventory_hostname == 'localhost'
  tags:
    - raspi
    - sw
    - sshd
    - motd
-# Basic hostname setup
+- name: self-identify based on mac address (local mode)
- name: Get MAC address
+  set_fact:
-  debug: 
+    myhostname: "{{ macaddrs[my_macaddr] }}"
-    msg: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}"
+  when: inventory_hostname_short == 'localhost'
  tags:
    - raspi
    - sw
    - sshd
    - motd
- name: store MAC address
+- name: self-identify based on mac address (remote mode)
  set_fact:
-    my_macaddr: "{{ hostvars[inventory_hostname].ansible_eth0.macaddress }}"
+    myhostname: "{{ inventory_hostname_short }}"
  when: "inventory_hostname_short != 'localhost'"
  tags:
    - raspi
    - sw
@ -25,13 +34,20 @@
 - name: store system configuration
  set_fact:
-    myconfig: "{{ macaddrs[my_macaddr] }}"
+    myconfig: "{{ hostvars[myhostname] }}"
  tags:
    - raspi
    - sw
    - sshd
    - motd
 - debug:
    var: myconfig
 # Gather facts specific to the Raspberry Pi platform
 - include: raspi-facts.yml
 - include: linux-facts.yml
 - name: set hostname
  shell: "raspi-config nonint do_hostname {{ myconfig.hostname }}"
  when: raspi_hostname != myconfig.hostname
--- a/roles/common/vars/main.yml
+++ b/roles/common/vars/main.yml
@ -1,77 +1 @@
 ---
 macaddrs:
    dc:a6:32:8c:8a:53:
        hostname: "cloverdale"
        domain: "local"
        locale: "en_US.UTF-8"
        timezone: "America/Los_Angeles"
        xkblayout: "us"
        wifi_country: "US"
        enable_gui: True
        enable_autologin: False
        enable_bootwait: False
        enable_bootsplash: False
        enable_camera: False
        enable_vnc: False
        enable_spi: False
        enable_i2c: False
        enable_serial: True
        enable_serial_hw: True
        enable_onewire: False
        enable_rgpio: False
        ssh_host_key_files:
          - etc/ssh/ssh_host_rsa_key.cloverdale
          - etc/ssh/ssh_host_dsa_key.cloverdale
          - etc/ssh/ssh_host_ecdsa_key.cloverdale
          - etc/ssh/ssh_host_ed25519_key.cloverdale
    b8:27:eb:6c:82:02:
        hostname: "clovermine"
        domain: "local"
        locale: "en_US.UTF-8"
        timezone: "America/Los_Angeles"
        xkblayout: "us"
        wifi_country: "US"
        enable_gui: True
        enable_autologin: False
        enable_bootwait: False
        enable_bootsplash: False
        enable_camera: False
        enable_vnc: False
        enable_spi: False
        enable_i2c: False
        enable_serial: True
        enable_serial_hw: True
        enable_onewire: False
        enable_rgpio: False
        darshan_dev: True
        extra_software:
          - "libglib2.0-dev"
          - "libncurses-dev"
          - "libperl-dev"
    b8:27:eb:ff:35:c7:
        hostname: "cloverleaf"
        domain: "local"
        locale: "en_US.UTF-8"
        timezone: "America/Los_Angeles"
        xkblayout: "us"
        enable_gui: False
        enable_autologin: False
        enable_bootwait: True
        enable_bootsplash: False
        enable_camera: False
        enable_vnc: False
        enable_spi: False
        enable_i2c: False
        enable_serial: True
        enable_serial_hw: True
        enable_onewire: False
        enable_rgpio: False
        ssh_host_key_files:
          - etc/ssh/ssh_host_rsa_key.cloverleaf
          - etc/ssh/ssh_host_dsa_key.cloverleaf
          - etc/ssh/ssh_host_ecdsa_key.cloverleaf
          - etc/ssh/ssh_host_ed25519_key.cloverleaf
        extra_software:
          - "w3m"
          - "irssi"
          - "screen"