mirror of
https://github.com/iiab/iiab.git
synced 2025-02-13 11:42:08 +00:00
115 lines
3 KiB
YAML
115 lines
3 KiB
YAML
# Preparations (Hardware Level)
|
|
|
|
- name: ...IS BEGINNING ============================================
|
|
command: echo
|
|
|
|
- name: Install uuid-runtime package (debuntu)
|
|
package:
|
|
name: uuid-runtime
|
|
state: present
|
|
when: is_debuntu
|
|
|
|
- name: Does /etc/iiab/uuid file exist?
|
|
stat:
|
|
path: /etc/iiab/uuid
|
|
register: uuid_file
|
|
|
|
- name: If not, create folder /etc/iiab
|
|
file:
|
|
path: /etc/iiab
|
|
state: directory
|
|
when: not uuid_file.stat.exists
|
|
|
|
- name: If no uuid exists, create one
|
|
shell: uuidgen
|
|
register: uuid_response
|
|
when: not uuid_file.stat.exists
|
|
|
|
- name: Put uuid in place at /etc/iiab/uuid
|
|
shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid
|
|
when: not uuid_file.stat.exists
|
|
|
|
- name: Grab the uuid from /etc/iiab/uuid, into register stored_uuid
|
|
command: cat /etc/iiab/uuid
|
|
register: stored_uuid
|
|
|
|
- name: Place the uuid from register into variable/fact "uuid"
|
|
set_fact:
|
|
uuid: "{{ stored_uuid.stdout_lines[0] }}"
|
|
|
|
- name: SSHD
|
|
include_role:
|
|
name: sshd
|
|
# has no "when: XXXXX_install" flag
|
|
tags: base, sshd
|
|
|
|
- name: IIAB-ADMIN
|
|
include_role:
|
|
name: iiab-admin
|
|
# has no "when: XXXXX_install" flag
|
|
tags: base, iiab-admin
|
|
|
|
- name: OPENVPN
|
|
include_role:
|
|
name: openvpn
|
|
when: openvpn_install
|
|
tags: openvpn
|
|
|
|
# for rpi, without rtc, we need time as soon as possible
|
|
- name: Install chrony (an NTP package) especially for RPi's lacking RTC
|
|
package:
|
|
name: chrony
|
|
state: present
|
|
tags:
|
|
- download
|
|
|
|
#TODO: Use regexp filter instead of hard-code ip
|
|
- name: Install /etc/chrony.conf from template
|
|
template:
|
|
src: chrony.conf.j2
|
|
dest: /etc/chrony.conf
|
|
backup: no
|
|
|
|
- name: Disable AppArmor -- override OS default (ubuntu)
|
|
service:
|
|
name: apparmor
|
|
enabled: False
|
|
state: stopped
|
|
when: is_ubuntu
|
|
ignore_errors: true
|
|
|
|
- name: Disable SELinux on next boot (OS's other than debuntu)
|
|
selinux:
|
|
state: disabled
|
|
register: selinux_disabled
|
|
when: not is_debuntu
|
|
|
|
- name: Disable SELinux for this session (OS's other than debuntu, if needed)
|
|
command: setenforce Permissive
|
|
when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
|
|
|
|
## DISCOVER PLATFORMS ######
|
|
# Put conditional actions for hardware platforms here
|
|
- include_tasks: raspberry_pi.yml
|
|
when: first_run and rpi_model != "none"
|
|
|
|
- name: Check if the identifier for Intel's NUC6 builtin WiFi is present
|
|
shell: "lsusb | grep 8087:0a2b | wc | awk '{print $1}'"
|
|
register: usb_NUC6
|
|
ignore_errors: true
|
|
|
|
- name: Download {{ iiab_download_url }}/iwlwifi-8000C-13.ucode to /lib/firmware for built-in WiFi on NUC6 # iiab_download_url is http://download.iiab.io/packages
|
|
get_url:
|
|
url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode"
|
|
dest: /lib/firmware
|
|
timeout: "{{ download_timeout }}"
|
|
when: internet_available and usb_NUC6.stdout|int > 0
|
|
|
|
# this script can be sourced to get IIAB location
|
|
- name: Recording STAGE 1 HAS COMPLETED ============================
|
|
template:
|
|
src: roles/1-prep/templates/iiab.env.j2
|
|
dest: "{{ iiab_env_file }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|