5 - name: Create go directories
7 path: .cache/openwrt/tuer/{{ item }}
9 with_items: [ gopath, gocache ]
11 - name: Clone necessary git repositories
13 repo: https://github.com/realraum/{{ item }}.git
14 dest: .cache/openwrt/tuer/{{ item }}
16 with_items: [ door_and_sensors ]
18 - name: Download dependencies
19 command: go get -d ./...
21 chdir: .cache/openwrt/tuer/door_and_sensors/{{ item }}
23 GOCACHE: "{{ playbook_dir }}/.cache/openwrt/tuer/gocache"
24 GOPATH: "{{ playbook_dir }}/.cache/openwrt/tuer/gopath"
25 with_items: [ door_client, door_daemon, update-keys ]
27 - name: Cross-compile Go binaries
28 command: go build -ldflags "-s"
30 chdir: .cache/openwrt/tuer/door_and_sensors/{{ item }}
32 GOCACHE: "{{ playbook_dir }}/.cache/openwrt/tuer/gocache"
33 GOPATH: "{{ playbook_dir }}/.cache/openwrt/tuer/gopath"
38 with_items: [ door_client, door_daemon, update-keys ]
42 delegate_to: localhost
46 openwrt_output_image_suffixes:
47 - combined-ext4.img.gz
48 - combined-squashfs.img
49 openwrt_packages_remove:
64 openwrt_packages_extra:
76 /usr/local/bin/door_client:
78 file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/door_client/door_client"
79 /usr/local/bin/door_daemon:
81 file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/door_daemon/door_daemon"
82 /usr/local/bin/update-keys:
84 file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/update-keys/update-keys"
86 /usr/local/bin/authorized_keys.sh:
88 file: "{{ playbook_dir }}/files/tuer/authorized_keys.sh"
90 /usr/local/bin/update-keys-from-stdin.sh:
92 file: "{{ playbook_dir }}/files/tuer/update-keys-from-stdin.sh"
98 AllowUsers root tuerctl tuergit
99 AuthenticationMethods publickey
100 AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
102 AllowAgentForwarding no
103 AllowTcpForwarding no
105 UsePrivilegeSeparation sandbox
107 Subsystem sftp /usr/libexec/sftp-server
110 AuthorizedKeysFile /dev/null
111 AuthorizedKeysCommand /usr/local/bin/authorized_keys.sh
112 AuthorizedKeysCommandUser tuergit
115 /etc/ssh/authorized_keys.d/root:
117 {% for key in noc_ssh_keys %}
121 /etc/ssh/authorized_keys.d/tuergit:
123 {% for key in noc_ssh_keys %}
131 hostname: '{{ inventory_hostname }}'
132 timezone: 'CET-1CEST,M3.5.0,M10.5.0/3'
137 - name: timeserver 'ntp'
142 - '0.lede.pool.ntp.org'
143 - '1.lede.pool.ntp.org'
144 - '2.lede.pool.ntp.org'
145 - '3.lede.pool.ntp.org'
148 - name: globals 'globals'
150 ula_prefix: fdc9:e01f:83db::/48
152 - name: interface 'loopback'
159 - name: interface 'lan'
165 netmask: 255.255.255.0
166 gateway: 192.168.33.1
168 dns_search: realraum.at
175 opts: nosuid,nodev,noexec,noatime
181 shell: /usr/bin/git-shell
183 shell: /bin/false # TODO fixme