From 5f0c1539c57e9dd5c70df98a64cdd82f38b907be Mon Sep 17 00:00:00 2001 From: Alpha Chen Date: Wed, 17 Jul 2019 21:16:28 -0700 Subject: [PATCH] [ansible] raspberry pi setup --- ansible/attitude-adjuster/README.md | 25 ++++++ ansible/attitude-adjuster/bootstrap.yml | 46 ++++++++++ ansible/attitude-adjuster/config.json | 17 ++++ ansible/attitude-adjuster/main.yml | 113 ++++++++++++++++++++++++ 4 files changed, 201 insertions(+) create mode 100644 ansible/attitude-adjuster/README.md create mode 100644 ansible/attitude-adjuster/bootstrap.yml create mode 100644 ansible/attitude-adjuster/config.json create mode 100644 ansible/attitude-adjuster/main.yml diff --git a/ansible/attitude-adjuster/README.md b/ansible/attitude-adjuster/README.md new file mode 100644 index 0000000..a29b876 --- /dev/null +++ b/ansible/attitude-adjuster/README.md @@ -0,0 +1,25 @@ +# Attitude Adjuster + +## Installation notes + +1. [Download Raspberian Stretch Lite](https://www.raspberrypi.org/downloads/raspbian/) +1. Install Etcher: `brew cask install balenaetcher` +1. [Flash the SD card](https://www.raspberrypi.org/documentation/installation/installing-images/README.md) + +1. [Enable SSH](https://www.raspberrypi.org/documentation/remote-access/ssh/) + +1. Run the Ansible playbooks + - `ansible-playbook --extra-vars "ansible_user=pi" --ask-pass attitude-adjuster/bootstrap.yml` + - `ansible-playbook attitude-adjuster/main.yml` + +1. Install Pi-hole + - `curl -sSL https://install.pi-hole.net | bash` + +## Optional + +1. Use `raspi-config` to set up the WiFi + - [Additional setup](https://www.raspberrypi.org/documentation/configuration/wireless/wireless-cli.md) + - Add `scan_ssid=1` to `/etc/wpa_supplicant/wpa_supplicant.conf` + - Restart WiFi: `wpa_cli -i wlan0 reconfigure` +1. Use `raspi-config` to set the keyboard layout + diff --git a/ansible/attitude-adjuster/bootstrap.yml b/ansible/attitude-adjuster/bootstrap.yml new file mode 100644 index 0000000..154c0dc --- /dev/null +++ b/ansible/attitude-adjuster/bootstrap.yml @@ -0,0 +1,46 @@ +- hosts: attitude-adjuster + become: yes + vars_files: + - vars.yml.private + tasks: + + - name: change hostname to {{ ansible_hostname }} + hostname: + name: "{{ ansible_hostname }}" + notify: reboot + + - name: update hostname in /etc/hosts + replace: + path: /etc/hosts + regexp: '(\s+)raspberrypi(\s+.*)?$' + replace: '\{{ ansible_hostname }}\2' + notify: reboot + + - name: disable wifi + lineinfile: + path: /boot/config.txt + insertafter: dtoverlay + line: dtoverlay=pi3-disable-wifi + notify: reboot + + - name: create user + user: + name: alpha + password: "{{ password | password_hash('sha512') }}" + shell: /bin/bash + + - name: give user sudo access + lineinfile: + path: /etc/sudoers.d/alpha + line: "alpha ALL=(ALL) NOPASSWD: ALL" + create: yes + validate: visudo -cf %s + + - name: add ssh keys + authorized_key: + user: alpha + key: https://github.com/kejadlen.keys + + handlers: + - name: reboot + reboot: diff --git a/ansible/attitude-adjuster/config.json b/ansible/attitude-adjuster/config.json new file mode 100644 index 0000000..e56d0cd --- /dev/null +++ b/ansible/attitude-adjuster/config.json @@ -0,0 +1,17 @@ +{ + "bridge": { + "name": "Homebridge", + "username": "67:9E:AC:02:F4:51", + "port": 59377, + "pin": "617-05-928" + }, + "platforms": [ + { + "platform": "SmartThings", + "name": "SmartThings", + "app_url": "https://graph-na04-useast2.api.smartthings.com:443/api/smartapps/installations/", + "access_token": "d03f2c6e-36e4-4069-8b7a-a2fcb30c1d68", + "app_id": "d0549bc7-23cc-4355-b261-6bfe9e5e48b6" + } + ] +} diff --git a/ansible/attitude-adjuster/main.yml b/ansible/attitude-adjuster/main.yml new file mode 100644 index 0000000..a7c263e --- /dev/null +++ b/ansible/attitude-adjuster/main.yml @@ -0,0 +1,113 @@ +- hosts: attitude-adjuster + tasks: + + - name: install dependencies + package: + name: "{{ item }}" + state: present + with_items: + - git + - vim + become: yes + +# ssh + +- hosts: attitude-adjuster + tasks: + + - name: disable ssh password logins + lineinfile: + path: /etc/ssh/sshd_config + regexp: '^(#\s*)?{{ item }} ' + line: "{{ item }} no" + notify: reload ssh + with_items: + - ChallengeResponseAuthentication + - PasswordAuthentication + - UsePAM + become: yes + + - name: disable pi user + user: + name: pi + password: ! + become: yes + + handlers: + - name: reload ssh + service: + name: ssh + state: reloaded + +# Pi-Hole + +- hosts: attitude-adjuster + tasks: + + - name: clone the pi-hole repo + git: + repo: https://github.com/pi-hole/pi-hole.git + dest: ~/src/pi-hole + depth: 1 + +# ddclient + +- hosts: attitude-adjuster + tasks: + + - name: install ddclient + package: + name: ddclient + state: present + become: yes + + - name: configure ddclient + copy: + src: ddclient.conf.private + dest: /etc/ddclient.conf + mode: go-r + become: yes + notify: restart ddclient + + - name: enable ddclient + service: + name: ddclient + enabled: yes + become: yes + + handlers: + - name: restart ddclient + service: + name: ddclient + state: restarted + become: yes + +# Homebridge + +- hosts: attitude-adjuster + tasks: + + - name: install npm + package: + name: npm + state: present + become: yes + + - name: install homebridge + npm: + name: "{{ item }}" + global: yes + with_items: + - homebridge + - homebridge-smartthings-tonesto7 + become: yes + + - name: create ~/.homebridge + file: + path: ~/.homebridge + state: directory + + - name: copy homebridge config + copy: + src: config.json + dest: ~/.homebridge/config.json