From c4d0a9d83b661def3833988183d5cd30a5cb8672 Mon Sep 17 00:00:00 2001 From: vincent Date: Wed, 29 Jan 2020 21:56:37 +0100 Subject: [PATCH] add hass role --- README.md | 32 +++++++++ defaults/main.yml | 12 ++++ handlers/main.yml | 9 +++ meta/main.yml | 55 ++++++++++++++++ tasks/main.yml | 107 +++++++++++++++++++++++++++++++ templates/fail2ban/hass.local.j2 | 9 +++ vars/main.yml | 2 + 7 files changed, 226 insertions(+) create mode 100644 README.md create mode 100644 defaults/main.yml create mode 100644 handlers/main.yml create mode 100644 meta/main.yml create mode 100644 tasks/main.yml create mode 100644 templates/fail2ban/hass.local.j2 create mode 100644 vars/main.yml diff --git a/README.md b/README.md new file mode 100644 index 0000000..0dbc65f --- /dev/null +++ b/README.md @@ -0,0 +1,32 @@ +Role Name +========= + +Home assistant Instalation role + +Requirements +------------ +- compatible with ArchlinuX + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +- maraiadb + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +Author Information +------------------ + +VDU diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..b8a8ae6 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,12 @@ +--- +# defaults file for hass + +hass_conf_folder: /var/lib/hass +hass_pacman_name: home-assistant +hass_db_name: hass +hass_db_user: hass +hass_SQl_target_file: / +hass_db_password: toto +hass_repo: git +hass_repo_branch: master +hass_user: [] \ No newline at end of file diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..03dac54 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,9 @@ +--- +# handlers file for hass + +- name: "restart hass" + service: + name: home-assistant + state: restarted + when: ansible_service_mgr == "systemd" + become: yes \ No newline at end of file diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..5a09887 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,55 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: + - mariadb + - fail2ban + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..ab966ae --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,107 @@ +--- +# tasks file for hass + +- name: "Ensure database is present" + become: yes + mysql_db: + name: "{{ hass_db_name }}" + collation: utf8mb4_unicode_ci + encoding: utf8mb4 + state: present + register: hass_database_creation + + +- name: import DATA in database in case of creation + become: yes + mysql_db: + name: "{{ hass_db_name }}" + state: import + target: "{{ hass_SQl_target_file }}" + when: hass_database_creation.changed == true and hass_SQl_target_file is defined + +- name: "Ensure db user is present" + become: yes + mysql_user: + name: "{{ hass_db_user }}" + host: localhost + password: "{{ hass_db_password }}" + priv: "{{ hass_db_name }}.*:ALL" + state: present + +- name: install HASS + pacman: + state: present # not required. choices: absent;latest;present. Desired state of the package. + name: "{{hass_pacman_name}}" # not required. Name or list of names of the packages to install, upgrade, or remove. + become: yes + +#- name: add {{user.name}} to hass group +# user: +# name: "{{ item }}" +# groups: docker +# append: true +# with_items: "{{ hass_user }}" + +- name: check repo + + git: + repo: "{{hass_repo}}" + dest: "{{hass_conf_folder}}" + clone: no + update: no + register: hass_repo_exist + +- name: clean conf folder if repo not exist + become: yes + file: + path: "{{hass_conf_folder}}" + state: absent + +- name: recreate conf folder + become: yes + file: + path: "{{hass_conf_folder}}" + state: directory + owner: "{{user.name}}" + + +- name: install conf file + git: + dest: "{{hass_conf_folder}}" # required. The path of where the repository should be checked out. This parameter is required, unless C(clone) is set to C(no). + repo: "{{hass_repo}}" # required. git, SSH, or HTTP(S) protocol address of the git repository. + clone: yes # not required. If C(no), do not clone the repository if it does not exist locally + version: "{{hass_repo_branch}}" + notify: restart hass + +- name: change owner + become: yes + file: + state: directory + dest: "{{hass_conf_folder}}" + owner: hass + group: hass + recurse: yes + + +- name: copy failtoban config + template: + src: fail2ban/hass.local.j2 + dest: /etc/fail2ban/jail.d/hass.local + notify: restart fail2ban + become: yes + +- name: create cron for dyndns + cron: + job: "sh {{{{hass_conf_folder}}/backup_git.sh" + user: root # not required. The specific user whose crontab should be modified. + minute: 00 03 * * * # not required. Minute when the job should run ( 0-59, *, */2, etc ) + name: "auto commit HASS config" # not required. Description of a crontab entry or, if env is set, the name of environment variable. Required if state=absent. Note that if name is not set and state=present, then a new crontab entry will always be created, regardless of existing ones. + become: yes + +- name: enable HASS + service: + name: home-assistant # required. Name of the service. + enabled: true # not required. Whether the service should start on boot. B(At least one of state and enabled are required.) + state: started # not required. choices: reloaded;restarted;started;stopped. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service. C(reloaded) will always reload. B(At least one of state and enabled are required.) Note that reloaded will start the service if it is not already started, even if your chosen init system wouldn't normally. + become: yes + + diff --git a/templates/fail2ban/hass.local.j2 b/templates/fail2ban/hass.local.j2 new file mode 100644 index 0000000..907e498 --- /dev/null +++ b/templates/fail2ban/hass.local.j2 @@ -0,0 +1,9 @@ + +[hass] +enabled = true +port = http,https +filter = hass +logpath = {{hass_conf_folder}}/home-assistant.log +findtime = 3600 +# Maximum amount of login attempts before IP is blocked +maxretry = 3 \ No newline at end of file diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..72d11d0 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for hass \ No newline at end of file