tudattr
/
ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added zoneminder to aya01 (if I hadn't before) 

Added backblaze (todo documentation)

Signed-off-by: TuDatTr <tuan-dat.tran@tudattr.dev>
pull/1/head
TuDatTr 2022-12-06 16:36:21 +01:00
parent 70083f2974
commit b371e246a9
16 changed files with 150 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -25,7 +25,7 @@
``` ```
- copy public key to remote system - copy public key to remote system
`ssh-copy-id -i /mnt/veracrypt1/genesis.pub aya01` `ssh-copy-id -i /mnt/veracrypt1/genesis.pub aya01`
- Adjust ansible inventory - Add this host to ansible inventory
- Install sudo on remote - Install sudo on remote
- add user to sudo group (with `su --login` without login the path will not be loaded correctly see [here](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918754)) and `usermod -a -G sudo tudattr` - add user to sudo group (with `su --login` without login the path will not be loaded correctly see [here](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918754)) and `usermod -a -G sudo tudattr`
- set time correctly when getting the following error - set time correctly when getting the following error
@ -38,6 +38,16 @@ sudo systemctl stop ntp.service
sudo ntpd -gq sudo ntpd -gq
sudo systemctl start ntp.service sudo systemctl start ntp.service
``` ```
### zoneminder
- Enable authentification in (Option->System)
- Create new Camera:
- General>Name: BirdCam
- General>Function: Ffmpeg
- General>Function: Modect
- Source>Source Path: `rtsp://user:pw@ip:554/cam/mpeg4`
- Change default admin password
- Create users
## RaspberryPi ## RaspberryPi

1
aya01.yml
View File

@ -4,5 +4,6 @@
gather_facts: yes gather_facts: yes
roles: roles:
- role: common - role: common
- role: backblaze
- role: power_management - role: power_management
- role: docker - role: docker

40
group_vars/all/vars.yml
View File

@ -4,6 +4,22 @@
user: tudattr user: tudattr
timezone: Europe/Berlin timezone: Europe/Berlin
local_domain: borg.land local_domain: borg.land
rclone_config: "/root/.config/rclone/"
#
# aya01 - Disks
#
fstab_entries:
- name: "config"
uuid: "4942deb8-707e-48b5-81e3-555ae3cda9ba"
type: "ext4"
path: "/opt/"
- name: "media"
uuid: "c4c724ec-4fe3-4665-adf4-acd31d6b7f95"
type: "ext4"
path: "/media/"
# #
# Packages # Packages
@ -17,6 +33,7 @@ common_packages:
- smartmontools - smartmontools
- curl - curl
- tree - tree
- rsync
# #
# Docker # Docker
@ -29,5 +46,28 @@ docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{
docker_compose_dir: /opt/docker/compose docker_compose_dir: /opt/docker/compose
docker_dir: /opt/docker/config docker_dir: /opt/docker/config
docker_data_dir: /media/docker/data # only available on aya01
mysql_user: user mysql_user: user
#
# aya01
#
zoneminder_config: "{{ docker_dir }}/zm/"
zoneminder_data: "{{ docker_data_dir }}/zm/data"
#
# pi
#
#
# backblaze
#
backblaze_paths:
aya01:
- "{{ docker_compose_dir }}"
- "{{ docker_dir }}"
pi:
- "{{ docker_compose_dir }}"
- "{{ docker_dir }}"

2
pi.yml
View File

@ -4,4 +4,6 @@
gather_facts: yes gather_facts: yes
roles: roles:
- common - common
- backblaze
- docker - docker

6
roles/backblaze/tasks/backup.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Loop over subelements of the dictionary
shell:
cmd: "rclone -vv sync {{ item.1 }} secret:{{ item.1 }}"
when: item.0.key == inventory_hostname
loop: "{{ backblaze_paths | dict2items | subelements('value') }}"

18
roles/backblaze/tasks/config.yml Normal file
View File

@ -0,0 +1,18 @@
---
- name: Create rclone config folder at "{{ rclone_config }}"
file:
path: "{{ rclone_config }}"
owner: '0'
group: '0'
mode: '700'
state: directory
become: true
- name: Copy rclone config to "{{ inventory_hostname }}"
template:
src: "templates/{{ inventory_hostname }}/rclone.conf"
dest: "{{ rclone_config }}/rclone.conf"
owner: '0'
group: '0'
mode: '400'
become: true

13
roles/backblaze/tasks/install.yml Normal file
View File

@ -0,0 +1,13 @@
---
- name: Update and upgrade packages
apt:
update_cache: yes
upgrade: yes
autoremove: yes
become: yes
- name: Install rclone
apt:
name: "rclone"
state: present
become: yes

5
roles/backblaze/tasks/main.yml Normal file
View File

@ -0,0 +1,5 @@
---
- include_tasks: install.yml
- include_tasks: config.yml
- include_tasks: backup.yml

10
roles/backblaze/templates/aya01/rclone.conf Normal file
View File

@ -0,0 +1,10 @@
[remote]
type = b2
account = {{ vault_backblaze_aya01_account }}
key = {{ vault_backblaze_aya01_key }}
[secret]
type = crypt
remote = remote:aya01-tudattr-dev
password = {{ vault_rclone_aya01_password }}
password2 = {{ vault_rclone_aya01_password2 }}

10
roles/backblaze/templates/pi/rclone.conf Normal file
View File

@ -0,0 +1,10 @@
[remote]
type = b2
account = {{ vault_backblaze_pi_account }}
key = {{ vault_backblaze_pi_key }}
[secret]
type = crypt
remote = remote:pi-tudattr-dev
password = {{ vault_rclone_pi_password }}
password2 = {{ vault_rclone_pi_password2 }}

21
roles/common/tasks/aya01_fstab.yml
View File

@ -0,0 +1,21 @@
---
- name: Create folders to mount to
file:
path: "{{ item.path }}"
state: directory
loop: "{{ fstab_entries }}"
become: true
- name: Create fstab entries
mount:
src: "UUID={{ item.uuid }}"
path: "{{ item.path }}"
fstype: "{{ item.type }}"
state: present
backup: true
loop: "{{ fstab_entries }}"
become: true
- name: Mount all disks
command: mount -a
become: true

2
roles/common/tasks/main.yml
View File

@ -2,4 +2,4 @@
- include_tasks: time.yml - include_tasks: time.yml
- include_tasks: essential.yml - include_tasks: essential.yml
- include_tasks: aya01_fstab.yml - include_tasks: aya01_fstab.yml
when: ansible_hostname == "aya01" when: inventory_hostname == "aya01"

4
roles/docker/tasks/aya01_compose.yml
View File

@ -6,7 +6,9 @@
mode: '700' mode: '700'
state: directory state: directory
loop: loop:
- "{{ docker_dir }}/zm/" - "{{ zoneminder_data }}"
- "{{ zoneminder_config }}"
become: true
# Todo, check if docker compose is running # Todo, check if docker compose is running
# - name: Shut down docker # - name: Shut down docker

4
roles/docker/tasks/main.yml
View File

@ -2,6 +2,6 @@
- include_tasks: install.yml - include_tasks: install.yml
- include_tasks: user_group_setup.yml - include_tasks: user_group_setup.yml
- include_tasks: pi_compose.yml - include_tasks: pi_compose.yml
when: ansible_hostname == "pi" when: inventory_hostname == "pi"
- include_tasks: aya01_compose.yml - include_tasks: aya01_compose.yml
when: ansible_hostname == "aya01" when: inventory_hostname == "aya01"

11
roles/docker/templates/aya01/compose.yaml
View File

@ -7,7 +7,7 @@ services:
- zoneminder - zoneminder
volumes: volumes:
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"
- "{{ docker_dir }}/zm/db:/var/lib/mysql" - "{{ zoneminder_config}}/db:/var/lib/mysql"
environment: environment:
- "MYSQL_DATABASE=zm" - "MYSQL_DATABASE=zm"
- "MYSQL_ROOT_PASSWORD={{ vault_mysql_root_password }}" - "MYSQL_ROOT_PASSWORD={{ vault_mysql_root_password }}"
@ -30,9 +30,9 @@ services:
- net - net
volumes: volumes:
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"
- "{{ docker_dir }}/zm/data:/data" - "{{ zoneminder_data }}:/data"
- "{{ docker_dir }}/zm/config:/config" - "{{ zoneminder_config }}/config:/config"
- "{{ docker_dir }}/zm/log:/log" - "{{ zoneminder_config }}/log:/log"
- type: tmpfs - type: tmpfs
target: /dev/shm target: /dev/shm
tmpfs: tmpfs:
@ -51,7 +51,8 @@ networks:
net: net:
driver: bridge driver: bridge
ipam: ipam:
driver: default # driver: default
config: config:
- subnet: 172.16.69.0/24 - subnet: 172.16.69.0/24
ip_range: 172.28.69.0/24
gateway: 172.16.69.1 gateway: 172.16.69.1

2
roles/docker/templates/pi/compose.yaml
View File

@ -80,7 +80,7 @@ networks:
net: net:
driver: bridge driver: bridge
ipam: ipam:
driver: default # driver: default
config: config:
- subnet: 172.16.69.0/24 - subnet: 172.16.69.0/24
gateway: 172.16.69.1 gateway: 172.16.69.1