X-Git-Url: https://git.realraum.at/?a=blobdiff_plain;f=ansible%2Fhost_vars%2Ftorwaechter%2Fmain.yml;h=f6d4ec1120609fae9c8f53919aaedfb9dbcb4ffa;hb=f84240aa411f7ab798b7f518f363f64ee2691b9f;hp=86575c9108dcc04fa317b8d14982682c932e2387;hpb=47fbe911e347274a0522c1cdb8e5d0d5a2f695f4;p=noc.git diff --git a/ansible/host_vars/torwaechter/main.yml b/ansible/host_vars/torwaechter/main.yml index 86575c9..f6d4ec1 100644 --- a/ansible/host_vars/torwaechter/main.yml +++ b/ansible/host_vars/torwaechter/main.yml @@ -1,12 +1,17 @@ --- +ssh_users_tuergit: "{{ user_groups.noc | union(['fgenesis']) }}" + +openwrt_variant: openwrt +openwrt_release: 18.06.4 openwrt_arch: x86 openwrt_target: geode openwrt_output_image_suffixes: - combined-ext4.img.gz - - combined-squashfs.img + - combined-squashfs.img.gz openwrt_packages_extra: - "-dropbear" + - hwclock - flashrom - git - kmod-usb-acm @@ -15,26 +20,54 @@ openwrt_packages_extra: - screen - sudo - usbutils + - rsync + - lsblk openwrt_mixin: + ## this file will not be created because there is no file, link or content field below it + ## but it will force the creation of /home + /home/.placeholder: {} + /run: + link: "/var/run" + # Go binaries /usr/local/bin/door_client: mode: '0755' - file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/door_client/door_client" + file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_client/door_client" /usr/local/bin/door_daemon: mode: '0755' - file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/door_daemon/door_daemon" + file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_daemon/door_daemon" /usr/local/bin/update-keys: mode: '0755' - file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/update-keys/update-keys" + file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/update-keys/update-keys" + + # door daemon init scripts and configs + /etc/init.d/doord: + mode: '0755' + file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/initscripts/doord.openwrt" + /etc/default/door: + mode: '0755' + file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/initscripts/door.default" + /etc/default/tuer: + link: "./door" + /etc/rc.d/S50doord: + link: "../init.d/doord" + + # hotplug files + /etc/hotplug.d/tty/door.tty: + mode: '0755' + file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/scripts/door.tty" + /etc/hotplug.d/usb/door.usb: + mode: '0755' + file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/scripts/door.usb" /usr/local/bin/authorized_keys.sh: mode: '0755' - file: "{{ playbook_dir }}/files/tuer/authorized_keys.sh" + file: "{{ global_files_dir }}/{{ inventory_hostname }}/authorized_keys.sh" /usr/local/bin/update-keys-from-stdin.sh: mode: '0755' - file: "{{ playbook_dir }}/files/tuer/update-keys-from-stdin.sh" + file: "{{ global_files_dir }}/{{ inventory_hostname }}/update-keys-from-stdin.sh" /etc/ssh/sshd_config: content: | @@ -57,16 +90,10 @@ openwrt_mixin: AuthorizedKeysCommandUser tuergit /etc/ssh/authorized_keys.d/root: - content: |- - {% for key in noc_ssh_keys %} - {{ key }} - {% endfor %} + content: "{{ ssh_users_root | user_ssh_keys(users) | join('\n') }}\n" /etc/ssh/authorized_keys.d/tuergit: - content: |- - {% for key in noc_ssh_keys %} - {{ key }} - {% endfor %} + content: "{{ ssh_users_tuergit | user_ssh_keys(users) | join('\n') }}\n" openwrt_uci: system: @@ -100,18 +127,19 @@ openwrt_uci: ipaddr: 127.0.0.1 netmask: 255.0.0.0 - - name: interface 'lan' + - name: interface 'mgmt' options: ifname: eth0 accept_ra: 0 proto: static - ipaddr: 192.168.33.7 - netmask: 255.255.255.0 - gateway: 192.168.33.1 - dns: 192.168.33.1 + ipaddr: "{{ net.mgmt.prefix | ipaddr(100) | ipaddr('address') }}" + netmask: "{{ net.mgmt.prefix | ipaddr('netmask') }}" + gateway: "{{ net.mgmt.gw }}" + dns: "{{ net.mgmt.dns | join(' ') }}" dns_search: realraum.at +# does not work, using symlink to /var/run instead for now openwrt_mounts: - path: /run src: none