From f090b5ee404553135fd2a11d9615ba5a6b0106d7 Mon Sep 17 00:00:00 2001 From: Bernhard Tittelbach Date: Tue, 12 May 2026 02:39:47 +0200 Subject: [PATCH] mqtt.mgmt.realraum.at --- ansible/host_playbooks/mqtt.yml | 6 ++++ ansible/host_vars/mqtt/main.yaml | 7 +++++ ansible/hosts.ini | 1 + ansible/roles/base/tasks/main.yml | 5 +++- ansible/roles/mosquitto/defaults/main.yml | 16 +++++++++++ ansible/roles/mosquitto/handlers/main.yaml | 5 ++++ ansible/roles/mosquitto/tasks/main.yml | 30 ++++++++++++++++++++ ansible/roles/mosquitto/templates/limits.conf.j2 | 4 +++ ansible/roles/mosquitto/templates/listen.conf.j2 | 2 ++ .../mosquitto/templates/nosdcardwrites.conf.j2 | 4 +++ 10 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 ansible/host_playbooks/mqtt.yml create mode 100644 ansible/host_vars/mqtt/main.yaml create mode 100644 ansible/roles/mosquitto/defaults/main.yml create mode 100644 ansible/roles/mosquitto/handlers/main.yaml create mode 100644 ansible/roles/mosquitto/tasks/main.yml create mode 100644 ansible/roles/mosquitto/templates/limits.conf.j2 create mode 100644 ansible/roles/mosquitto/templates/listen.conf.j2 create mode 100644 ansible/roles/mosquitto/templates/nosdcardwrites.conf.j2 diff --git a/ansible/host_playbooks/mqtt.yml b/ansible/host_playbooks/mqtt.yml new file mode 100644 index 0000000..50f93ee --- /dev/null +++ b/ansible/host_playbooks/mqtt.yml @@ -0,0 +1,6 @@ +--- +- name: Basic Setup for mqtt.mgmt.realraum.at + hosts: mqtt + roles: + - role: base + - role: mosquitto diff --git a/ansible/host_vars/mqtt/main.yaml b/ansible/host_vars/mqtt/main.yaml new file mode 100644 index 0000000..895085d --- /dev/null +++ b/ansible/host_vars/mqtt/main.yaml @@ -0,0 +1,7 @@ +--- +is_lxc_container: true +base_managed_ntpd: false +mosquitto_persistence: false +mosquitto_port: 1883 +mosquitto_bind_address: "0.0.0.0" +mosquitto_allow_anonymous: true diff --git a/ansible/hosts.ini b/ansible/hosts.ini index 5ac7c24..e15441e 100644 --- a/ansible/hosts.ini +++ b/ansible/hosts.ini @@ -11,6 +11,7 @@ alfred galley hacksch r3home +mqtt ansible_port=22 gnocchi[0:1] ## TODO: remove the variable once https://github.com/ansible/ansible/issues/39119 is fixed diff --git a/ansible/roles/base/tasks/main.yml b/ansible/roles/base/tasks/main.yml index 124fa74..e806a56 100644 --- a/ansible/roles/base/tasks/main.yml +++ b/ansible/roles/base/tasks/main.yml @@ -1,9 +1,12 @@ --- - import_tasks: 01ssh.yml + when: not (is_lxc_container | default(false)) - import_tasks: 02debian.yml + when: not (is_lxc_container | default(false)) - import_tasks: 03ntp.yml -- when: ansible_service_mgr == "systemd" +- when: ansible_service_mgr == "systemd" and not (is_lxc_container | default(false)) import_tasks: 04systemd.yml - import_tasks: 05tools.yml - import_tasks: 06net.yml + when: not (is_lxc_container | default(false)) - import_tasks: 07grub.yml diff --git a/ansible/roles/mosquitto/defaults/main.yml b/ansible/roles/mosquitto/defaults/main.yml new file mode 100644 index 0000000..af053a0 --- /dev/null +++ b/ansible/roles/mosquitto/defaults/main.yml @@ -0,0 +1,16 @@ +--- +mosquitto_packages: + - mosquitto + - mosquitto-clients +mosquitto_conf_dir: /etc/mosquitto +mosquitto_conf_file: /etc/mosquitto/mosquitto.conf +mosquitto_confd_dir: /etc/mosquitto/conf.d/ +mosquitto_port: 1883 +mosquitto_bind_address: "0.0.0.0" +mosquitto_allow_anonymous: true +mosquitto_persistence: true +mosquitto_log_target: stdout +mosquitto_max_inflight_messages: 20 +mosquitto_max_queued_messages: 10 +mosquitto_message_size_limit: 102400 +mosquitto_queue_qos0_messages: false \ No newline at end of file diff --git a/ansible/roles/mosquitto/handlers/main.yaml b/ansible/roles/mosquitto/handlers/main.yaml new file mode 100644 index 0000000..fba1266 --- /dev/null +++ b/ansible/roles/mosquitto/handlers/main.yaml @@ -0,0 +1,5 @@ +--- +- name: Restart mosquitto + ansible.builtin.service: + name: mosquitto + state: restarted \ No newline at end of file diff --git a/ansible/roles/mosquitto/tasks/main.yml b/ansible/roles/mosquitto/tasks/main.yml new file mode 100644 index 0000000..9c02dda --- /dev/null +++ b/ansible/roles/mosquitto/tasks/main.yml @@ -0,0 +1,30 @@ +--- + +- name: Update apt cache + ansible.builtin.apt: + update_cache: true + cache_valid_time: 3600 + +- name: Install Mosquitto packages + ansible.builtin.apt: + name: "{{ mosquitto_packages }}" + state: present + +- name: Deploy Mosquitto conf.d + ansible.builtin.template: + src: "{{ item }}.j2" + dest: "{{ mosquitto_confd_dir }}/{{ item }}" + owner: root + group: root + mode: "0644" + notify: Restart mosquitto + with_items: + - limits.conf + - nosdcardwrites.conf + - listen.conf + +- name: Ensure Mosquitto service is enabled and started + ansible.builtin.service: + name: mosquitto + state: started + enabled: true diff --git a/ansible/roles/mosquitto/templates/limits.conf.j2 b/ansible/roles/mosquitto/templates/limits.conf.j2 new file mode 100644 index 0000000..4cccbe9 --- /dev/null +++ b/ansible/roles/mosquitto/templates/limits.conf.j2 @@ -0,0 +1,4 @@ +max_inflight_messages {{ mosquitto_max_inflight_messages }} +max_queued_messages {{ mosquitto_max_queued_messages }} +message_size_limit {{ mosquitto_message_size_limit }} +queue_qos0_messages {{ mosquitto_queue_qos0_messages | lower }} diff --git a/ansible/roles/mosquitto/templates/listen.conf.j2 b/ansible/roles/mosquitto/templates/listen.conf.j2 new file mode 100644 index 0000000..5211d4a --- /dev/null +++ b/ansible/roles/mosquitto/templates/listen.conf.j2 @@ -0,0 +1,2 @@ +listener {{ mosquitto_port }} {{ mosquitto_bind_address }} +allow_anonymous {{ mosquitto_allow_anonymous | lower }} \ No newline at end of file diff --git a/ansible/roles/mosquitto/templates/nosdcardwrites.conf.j2 b/ansible/roles/mosquitto/templates/nosdcardwrites.conf.j2 new file mode 100644 index 0000000..a5fb198 --- /dev/null +++ b/ansible/roles/mosquitto/templates/nosdcardwrites.conf.j2 @@ -0,0 +1,4 @@ +persistence {{ mosquitto_persistence | lower }} + +log_dest {{ mosquitto_log_target }} + -- 1.7.10.4