diff --git a/.gitignore b/.gitignore index d939922..c192331 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -site.retry +local.retry diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml deleted file mode 100644 index 7d98a99..0000000 --- a/roles/common/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: changed timezone - command: dpkg-reconfigure --frontend noninteractive tzdata diff --git a/roles/common/tasks/linux-facts.yml b/roles/common/tasks/linux-facts.yml new file mode 100644 index 0000000..43c4712 --- /dev/null +++ b/roles/common/tasks/linux-facts.yml @@ -0,0 +1,9 @@ +--- +- name: get timezone via timedatectl + shell: timedatectl | grep "Time zone" | cut -d: -f2 | cut -d'(' -f1 | sed -Ee 's/(^ *| *$)//g' + register: linux_tz + changed_when: False + +- name: set linux-config facts + set_fact: + linux_tz: linux_tz.stdout diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 6a5a111..37a6296 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,7 +1,10 @@ --- -# Basic hostname setup +# Gather facts specific to the Raspberry Pi platform +- include: raspi-facts.yml +- include: linux-facts.yml +# Basic hostname setup - name: Get MAC address debug: msg="{{ hostvars[inventory_hostname].ansible_default_ipv4.macaddress }}" @@ -10,14 +13,14 @@ my_macaddr: "{{ hostvars[inventory_hostname].ansible_default_ipv4.macaddress }}" - name: set hostname - hostname: name={{ macaddrs[my_macaddr].hostname }} - when: my_macaddr in macaddrs + shell: "raspi-config nonint do_hostname {{ macaddrs[my_macaddr].hostname }}" + when: raspi_hostname != macaddrs[my_macaddr].hostname - name: update /etc/hosts with new hostname lineinfile: dest=/etc/hosts regexp="^{{ ansible_default_ipv4.address }}" - line="{{ ansible_default_ipv4.address }}{{'\t'}}{{ macaddrs[my_macaddr].hostname }}.local{{'\t'}}{{ macaddrs[my_macaddr].hostname }}" + line="{{ ansible_default_ipv4.address }}{{'\t'}}{{ macaddrs[my_macaddr].hostname }}.{{ macaddrs[my_macaddr].domain }}{{'\t'}}{{ macaddrs[my_macaddr].hostname }}" state=present when: my_macaddr in macaddrs @@ -28,15 +31,25 @@ state=absent # Set timezone -- name: set /etc/timezone - copy: src=etc/timezone - dest=/etc/timezone - owner=root - group=root - mode=0644 - backup=yes - notify: - - changed timezone +- name: set timezone + shell: "timedatectl set-timezone {{ macaddrs[my_macaddr].timezone }}" + when: linux_tz != macaddrs[my_macaddr].timezone + +# Set locale +- name: set locale + shell: "raspi-config nonint do_change_locale {{ macaddrs[my_macaddr].locale }}" + when: raspi_locale != macaddrs[my_macaddr].locale + +# Enable sshd +- name: forbid login via 'pi' user via ssh + lineinfile: + dest=/etc/ssh/sshd_config + line="DenyUsers pi" + state=present + +- name: enable SSH + shell: "raspi-config nonint do_ssh 0" + when: raspi_ssh_disabled != '0' # Other tasks - include: software.yml diff --git a/roles/common/tasks/raspi-facts.yml b/roles/common/tasks/raspi-facts.yml new file mode 100644 index 0000000..074601a --- /dev/null +++ b/roles/common/tasks/raspi-facts.yml @@ -0,0 +1,135 @@ +--- +- name: get Raspberry Pi model type + shell: "raspi-config nonint get_pi_type" + register: raspi_type + changed_when: False + +- name: get hostname via raspi-config + shell: "raspi-config nonint get_hostname" + register: raspi_hostname + changed_when: False + +- name: get boot-to-gui setting + shell: "raspi-config nonint get_boot_cli" # 0 == "boot to cli"; 1 == "boot to gui" + register: raspi_boot_gui + changed_when: False + +- name: get autologin setting + shell: "raspi-config nonint get_autologin" # 0 == "enable autologin"; 1 == "disable autologin" + register: raspi_noautologin + changed_when: False + +- name: get wait-for-network-on-boot setting + shell: "raspi-config nonint get_boot_wait" # 0 == "wait"; 1 == "don't wait" + register: raspi_boot_nowait + changed_when: False + +- name: get wifi country + shell: "raspi-config nonint get_wifi_country" + register: raspi_wifi_country + changed_when: False + +- name: get camera status + shell: "raspi-config nonint get_camera" # 0 == "camera enabled"; 1 == "camera disabled" + register: raspi_camera_disabled + changed_when: False + +- name: get ssh enabled status + shell: "raspi-config nonint get_ssh" + register: raspi_ssh_disabled + changed_when: False + +- name: get VNC enabled status + shell: "raspi-config nonint get_vnc" + register: raspi_vnc_disabled + changed_when: False + +- name: get SPI enabled status + shell: "raspi-config nonint get_spi" + register: raspi_spi_disabled + changed_when: False + +- name: get I2C enabled status + shell: "raspi-config nonint get_i2c" + register: raspi_i2c_disabled + changed_when: False + +- name: get serial enabled status + shell: "raspi-config nonint get_serial" + register: raspi_serial_disabled + changed_when: False + +- name: get hardware serial enabled status + shell: "raspi-config nonint get_serial_hw" + register: raspi_serial_hw_disabled + changed_when: False + +- name: get onewire enabled status + shell: "raspi-config nonint get_onewire" + register: raspi_onewire_disabled + changed_when: False + +- name: get remote gpio enabled status + shell: "raspi-config nonint get_rgpio" + register: raspi_rgpio_disabled + changed_when: False + +- name: get overclock state + shell: "raspi-config nonint get_config_var arm_freq /boot/config.txt" + register: raspi_overclock + changed_when: False + +- name: get fs expandability + shell: "raspi-config nonint get_can_expand" + register: raspi_fs_unexpandable + changed_when: False + +- name: get overscan setting + shell: "raspi-config nonint get_overscan" + register: raspi_overscan + changed_when: False + +- name: get GPU memory split + shell: "raspi-config nonint get_config_var gpu_mem /boot/config.txt" + register: raspi_gpu_mem + changed_when: False + +- name: get GPU memory split 256 + shell: "raspi-config nonint get_config_var gpu_mem_256 /boot/config.txt" + register: raspi_gpu_mem_256 + changed_when: False + +- name: get GPU memory split 512 + shell: "raspi-config nonint get_config_var gpu_mem_512 /boot/config.txt" + register: raspi_gpu_mem_512 + changed_when: False + +- name: get GPU memory split 1024 + shell: "raspi-config nonint get_config_var gpu_mem_1024 /boot/config.txt" + register: raspi_gpu_mem_1024 + changed_when: False + +- name: set raspi-config facts + set_fact: + raspi_type: raspi_type.stdout + raspi_hostname: raspi_hostname.stdout + raspi_boot_gui: raspi_boot_gui.stdout + raspi_noautologin: raspi_noautologin.stdout + raspi_boot_nowait: raspi_boot_nowait.stdout + raspi_wifi_country: raspi_wifi_country.stdout + raspi_camera_disabled: raspi_camera_disabled.stdout + raspi_ssh_disabled: raspi_ssh_disabled.stdout + raspi_vnc_disabled: raspi_vnc_disabled.stdout + raspi_spi_disabled: raspi_spi_disabled.stdout + raspi_i2c_disabled: raspi_i2c_disabled.stdout + raspi_serial_disabled: raspi_serial_disabled.stdout + raspi_serial_hw_disabled: raspi_serial_hw_disabled.stdout + raspi_onewire_disabled: raspi_onewire_disabled.stdout + raspi_rpgio_disabled: raspi_rpgio_disabled.stdout + raspi_overclock: raspi_overclock.stdout + raspi_fs_unexpandable: raspi_fs_unexpandable.stdout + raspi_overscan: raspi_overscan.stdout + raspi_gpu_mem: raspi_gpu_mem.stdout + raspi_gpu_mem_256: raspi_gpu_mem_256.stdout + raspi_gpu_mem_512: raspi_gpu_mem_512.stdout + raspi_gpu_mem_1024: raspi_gpu_mem_1024.stdout diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml index a671efd..1b70667 100644 --- a/roles/common/vars/main.yml +++ b/roles/common/vars/main.yml @@ -2,9 +2,14 @@ macaddrs: b8:27:eb:39:d7:57: hostname: "clovermine" - ip: "192.168.1.154" + domain: "local" + locale: "en_US.UTF-8" + timezone: "America/Los_Angeles" b8:27:eb:ff:35:c7: hostname: "cloverleaf" + domain: "local" + locale: "en_US.UTF-8" + timezone: "America/Los_Angeles" ### Users that must be present on the system create_users: