diff --git a/roles/common/tasks/hardware.yml b/roles/common/tasks/hardware.yml deleted file mode 100644 index badf0b0..0000000 --- a/roles/common/tasks/hardware.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- - -- name: enable uart on boot - lineinfile: - dest=/boot/config.txt - regexp="^enable_uart=" - line="enable_uart=1" - state=present diff --git a/roles/common/tasks/linux-facts.yml b/roles/common/tasks/linux-facts.yml index 413720d..71754e0 100644 --- a/roles/common/tasks/linux-facts.yml +++ b/roles/common/tasks/linux-facts.yml @@ -3,14 +3,16 @@ shell: "timedatectl | grep 'Time zone' | cut -d':' -f2 | cut -d'(' -f1 | sed -Ee 's/(^ *| *$)//g'" register: linux_tz changed_when: False + check_mode: no - name: get locale shell: "locale | grep ^LANG | cut -d= -f2" register: linux_locale changed_when: False - + check_mode: no - name: set linux-config facts set_fact: linux_tz: "{{ linux_tz.stdout }}" linux_locale: "{{ linux_locale.stdout }}" + check_mode: no diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 5877197..5e83b60 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -8,14 +8,14 @@ - name: Get MAC address debug: msg: "{{ hostvars[inventory_hostname].ansible_default_ipv4.macaddress }}" + tags: + - raspi - name: store MAC address set_fact: my_macaddr: "{{ hostvars[inventory_hostname].ansible_default_ipv4.macaddress }}" - -- name: print configured hostname - debug: - msg: "raspi-config hostname: {{ raspi_hostname }} vs. intended: {{ macaddrs[my_macaddr].hostname }}" + tags: + - raspi - name: set hostname shell: "raspi-config nonint do_hostname {{ macaddrs[my_macaddr].hostname }}" @@ -46,17 +46,21 @@ when: linux_locale != macaddrs[my_macaddr].locale # Enable sshd -- name: forbid login via 'pi' user via ssh +- name: disable ssh login for user pi lineinfile: dest=/etc/ssh/sshd_config line="DenyUsers pi" state=present + tags: + - raspi -- name: enable SSH +- name: enable SSH via raspi-config shell: "raspi-config nonint do_ssh 0" - when: raspi_ssh_disabled != '0' + when: not raspi_ssh_enabled + tags: + - raspi # Other tasks - include: software.yml - include: users.yml -- include: hardware.yml +- include: raspi-config.yml diff --git a/roles/common/tasks/raspi-config.yml b/roles/common/tasks/raspi-config.yml index 2963cba..f5eeb67 100644 --- a/roles/common/tasks/raspi-config.yml +++ b/roles/common/tasks/raspi-config.yml @@ -4,19 +4,35 @@ - name: enable cli only command: "raspi-config nonint do_boot_behaviour B1" when: not macaddrs[my_macaddr].enable_gui and not macaddrs[my_macaddr].enable_autologin and (raspi_gui_enabled or raspi_autologin_enabled) + tags: + - raspi - name: enable cli with autologin command: "raspi-config nonint do_boot_behaviour B2" when: not macaddrs[my_macaddr].enable_gui and macaddrs[my_macaddr].enable_autologin and (raspi_gui_enabled or not raspi_autologin_enabled) + tags: + - raspi - name: enable desktop gui command: "raspi-config nonint do_boot_behaviour B3" when: macaddrs[my_macaddr].enable_gui and not macaddrs[my_macaddr].enable_autologin and (not raspi_gui_enabled or raspi_autologin_enabled) + tags: + - raspi - name: enable desktop gui with autologin command: "raspi-config nonint do_boot_behaviour B4" when: macaddrs[my_macaddr].enable_gui and macaddrs[my_macaddr].enable_autologin and (not raspi_gui_enabled or raspi_autologin_enabled) + tags: + - raspi -#- name: set bootwait option -# command: "raspi-config nonint do_boot_wait {{ not macaddrs[my_macaddr].raspi_bootwait }}" -#when: macaddrs[my_macaddr].raspi_boot_nowait +- name: set bootwait option + command: "raspi-config nonint do_boot_wait {{ 1 if not macaddrs[my_macaddr].enable_bootwait else 0 }}" + when: macaddrs[my_macaddr].enable_bootwait != raspi_bootwait_enabled + tags: + - raspi + +- name: expand file system + command: "raspi-config nonint do_expand_rootfs" + when: raspi_fs_expandable + tags: + - raspi diff --git a/roles/common/tasks/raspi-facts.yml b/roles/common/tasks/raspi-facts.yml index ba13716..3c7d213 100644 --- a/roles/common/tasks/raspi-facts.yml +++ b/roles/common/tasks/raspi-facts.yml @@ -3,111 +3,177 @@ shell: "raspi-config nonint get_pi_type" register: raspi_type changed_when: False + check_mode: no + tags: + - raspi - name: get hostname via raspi-config shell: "raspi-config nonint get_hostname" register: raspi_hostname changed_when: False + check_mode: no + tags: + - raspi - name: get boot-to-gui setting shell: "raspi-config nonint get_boot_cli" # 0 == "boot to cli"; 1 == "boot to gui" register: raspi_boot_gui changed_when: False + check_mode: no + tags: + - raspi - name: get autologin setting shell: "raspi-config nonint get_autologin" # 0 == "enable autologin"; 1 == "disable autologin" register: raspi_noautologin changed_when: False + check_mode: no + tags: + - raspi - name: get wait-for-network-on-boot setting shell: "raspi-config nonint get_boot_wait" # 0 == "wait"; 1 == "don't wait" register: raspi_boot_nowait changed_when: False + check_mode: no + tags: + - raspi - name: get wifi country shell: "raspi-config nonint get_wifi_country" register: raspi_wifi_country changed_when: False + check_mode: no + tags: + - raspi - name: get camera status shell: "raspi-config nonint get_camera" # 0 == "camera enabled"; 1 == "camera disabled" register: raspi_camera_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get ssh enabled status shell: "raspi-config nonint get_ssh" register: raspi_ssh_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get VNC enabled status shell: "raspi-config nonint get_vnc" register: raspi_vnc_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get SPI enabled status shell: "raspi-config nonint get_spi" register: raspi_spi_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get I2C enabled status shell: "raspi-config nonint get_i2c" register: raspi_i2c_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get serial enabled status shell: "raspi-config nonint get_serial" register: raspi_serial_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get hardware serial enabled status shell: "raspi-config nonint get_serial_hw" register: raspi_serial_hw_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get onewire enabled status shell: "raspi-config nonint get_onewire" register: raspi_onewire_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get remote gpio enabled status shell: "raspi-config nonint get_rgpio" register: raspi_rgpio_disabled changed_when: False + check_mode: no + tags: + - raspi - name: get overclock state shell: "raspi-config nonint get_config_var arm_freq /boot/config.txt" register: raspi_overclock changed_when: False + check_mode: no + tags: + - raspi - name: get fs expandability shell: "raspi-config nonint get_can_expand" register: raspi_fs_unexpandable changed_when: False + check_mode: no + tags: + - raspi - name: get overscan setting shell: "raspi-config nonint get_overscan" register: raspi_overscan changed_when: False + check_mode: no + tags: + - raspi - name: get GPU memory split shell: "raspi-config nonint get_config_var gpu_mem /boot/config.txt" register: raspi_gpu_mem changed_when: False + check_mode: no + tags: + - raspi - name: get GPU memory split 256 shell: "raspi-config nonint get_config_var gpu_mem_256 /boot/config.txt" register: raspi_gpu_mem_256 changed_when: False + check_mode: no + tags: + - raspi - name: get GPU memory split 512 shell: "raspi-config nonint get_config_var gpu_mem_512 /boot/config.txt" register: raspi_gpu_mem_512 changed_when: False + check_mode: no + tags: + - raspi - name: get GPU memory split 1024 shell: "raspi-config nonint get_config_var gpu_mem_1024 /boot/config.txt" register: raspi_gpu_mem_1024 changed_when: False + check_mode: no + tags: + - raspi - name: set raspi-config facts set_fact: @@ -127,9 +193,12 @@ raspi_onewire_enabled: "{{ raspi_onewire_disabled.stdout == '0' }}" raspi_rgpio_enabled: "{{ raspi_rgpio_disabled.stdout == '0' }}" raspi_overclock: "{{ raspi_overclock.stdout }}" - raspi_fs_unexpandable: "{{ raspi_fs_unexpandable.stdout }}" + raspi_fs_expandable: "{{ raspi_fs_unexpandable.stdout == '0' }}" raspi_overscan: "{{ raspi_overscan.stdout }}" raspi_gpu_mem: "{{ raspi_gpu_mem.stdout }}" raspi_gpu_mem_256: "{{ raspi_gpu_mem_256.stdout }}" raspi_gpu_mem_512: "{{ raspi_gpu_mem_512.stdout }}" raspi_gpu_mem_1024: "{{ raspi_gpu_mem_1024.stdout }}" + check_mode: no + tags: + - raspi diff --git a/roles/common/tasks/software.yml b/roles/common/tasks/software.yml index 193ad11..816ec2b 100644 --- a/roles/common/tasks/software.yml +++ b/roles/common/tasks/software.yml @@ -17,6 +17,8 @@ - dillo - gpiciew - penguinspuzzle + tags: + - sw ### Install required software - name: install basic software environment @@ -29,3 +31,5 @@ - vim - git - python-pip + tags: + - sw diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml index ef9b8ed..681068f 100644 --- a/roles/common/vars/main.yml +++ b/roles/common/vars/main.yml @@ -7,7 +7,7 @@ macaddrs: timezone: "America/Los_Angeles" enable_gui: True enable_autologin: False - enable_bootwait: True + enable_bootwait: False enable_camera: False enable_vnc: False enable_spi: False @@ -16,12 +16,22 @@ macaddrs: enable_serial_hw: True enable_onewire: False enable_rgpio: False - expand_fs: True b8:27:eb:ff:35:c7: hostname: "cloverleaf" domain: "local" locale: "en_US.UTF-8" timezone: "America/Los_Angeles" + enable_gui: False + enable_autologin: False + enable_bootwait: True + enable_camera: False + enable_vnc: False + enable_spi: False + enable_i2c: False + enable_serial: True + enable_serial_hw: True + enable_onewire: False + enable_rgpio: False ### Users that must be present on the system create_users: