174 lines
5.0 KiB
YAML
174 lines
5.0 KiB
YAML
---
|
|
# tasks file for hass
|
|
|
|
- name: "Ensure database is present"
|
|
become: yes
|
|
mysql_db:
|
|
name: "{{ hass_db_name }}"
|
|
collation: utf8mb4_unicode_ci
|
|
encoding: utf8mb4
|
|
state: present
|
|
register: hass_database_creation
|
|
|
|
|
|
- name: import DATA in database in case of creation
|
|
become: yes
|
|
mysql_db:
|
|
name: "{{ hass_db_name }}"
|
|
state: import
|
|
target: "{{ hass_SQl_target_file }}"
|
|
when: hass_database_creation.changed == true and hass_SQl_target_file is defined
|
|
|
|
- name: "Ensure db user is present"
|
|
become: yes
|
|
mysql_user:
|
|
name: "{{ hass_db_user }}"
|
|
host: localhost
|
|
password: "{{ hass_db_password }}"
|
|
priv: "{{ hass_db_name }}.*:ALL"
|
|
state: present
|
|
|
|
- name: create hass user
|
|
become: yes
|
|
user:
|
|
name: "{{hass_username}}" # required. Name of the user to create, remove or modify.
|
|
create_home: yes
|
|
state: present # not required. choices: absent;present. Whether the account should exist or not, taking action if the state is different from what is stated.
|
|
shell: /usr/bin/nologin
|
|
home: "{{ hass_conf_folder }}"
|
|
comment: "Home Assistant daemon user"
|
|
|
|
|
|
- name: ensure venv folder exist
|
|
file:
|
|
name: "{{hass_venv_location}}"
|
|
state: directory
|
|
owner: "{{hass_username}}"
|
|
group: "{{hass_username}}"
|
|
mode: "0777"
|
|
become: yes
|
|
|
|
|
|
- name: create venv
|
|
pip:
|
|
name: "{{hass_python_package}}"
|
|
virtualenv: "{{hass_venv_location}}"
|
|
virtualenv_command: /usr/bin/python -m venv
|
|
become: true
|
|
become_user: "{{hass_username}}"
|
|
|
|
|
|
|
|
- name: add user to hass group
|
|
become: true
|
|
user:
|
|
name: "{{ item }}"
|
|
groups:
|
|
- "{{hass_username}}"
|
|
append: true
|
|
with_items: "{{ hass_users }}"
|
|
|
|
- name: check repo
|
|
become: yes
|
|
stat:
|
|
path: "{{hass_conf_folder}}/.git" # required. The full path of the file/object to get the facts of.
|
|
register: hass_repo_exist
|
|
|
|
- name: clean conf folder if repo not exist
|
|
become: yes
|
|
file:
|
|
path: "{{hass_conf_folder}}"
|
|
state: absent
|
|
when: hass_repo_exist.stat.exists == false
|
|
|
|
- name: recreate conf folder
|
|
become: yes
|
|
file:
|
|
path: "{{hass_conf_folder}}"
|
|
state: directory
|
|
owner: "{{user.name}}"
|
|
when: hass_repo_exist.stat.exists == false
|
|
|
|
|
|
- name: install conf file
|
|
git:
|
|
accept_hostkey: yes
|
|
dest: "{{hass_conf_folder}}" # required. The path of where the repository should be checked out. This parameter is required, unless C(clone) is set to C(no).
|
|
repo: "{{hass_repo}}" # required. git, SSH, or HTTP(S) protocol address of the git repository.
|
|
clone: yes # not required. If C(no), do not clone the repository if it does not exist locally
|
|
version: "{{hass_repo_branch}}"
|
|
notify: restart hass
|
|
become: true
|
|
when: hass_repo_exist.stat.exists == false
|
|
|
|
- name: change owner
|
|
become: yes
|
|
file:
|
|
state: directory
|
|
dest: "{{hass_conf_folder}}"
|
|
owner: hass
|
|
group: hass
|
|
mode: "0770"
|
|
recurse: yes
|
|
|
|
- name: create .ssh folder
|
|
file:
|
|
state: directory
|
|
dest: "{{hass_conf_folder}}/.ssh/"
|
|
owner: hass
|
|
group: hass
|
|
mode: "0700"
|
|
recurse: yes
|
|
become: yes
|
|
|
|
- name: create ssh key pair
|
|
openssh_keypair:
|
|
path: "{{hass_conf_folder}}/.ssh/id_rsa"
|
|
owner: "{{hass_username}}"
|
|
become: yes
|
|
register: hass_SSH_creation
|
|
|
|
- name: print ssh public key
|
|
debug:
|
|
msg: "{{ hass_SSH_creation }}"
|
|
|
|
- name: copy failtoban config
|
|
template:
|
|
src: fail2ban/hass.local.j2
|
|
dest: /etc/fail2ban/jail.d/hass.local
|
|
notify: restart fail2ban
|
|
become: yes
|
|
|
|
- name: create cron for hass
|
|
cron:
|
|
job: "sh {{hass_conf_folder}}/backup_git.sh"
|
|
user: root # not required. The specific user whose crontab should be modified.
|
|
minute: "0" # not required. Minute when the job should run ( 0-59, *, */2, etc )
|
|
hour: "3"
|
|
name: "auto commit HASS config" # not required. Description of a crontab entry or, if env is set, the name of environment variable. Required if state=absent. Note that if name is not set and state=present, then a new crontab entry will always be created, regardless of existing ones.
|
|
become: yes
|
|
|
|
- name: copy systemd file
|
|
template:
|
|
src: home-assistant.service.j2
|
|
dest: /etc/systemd/system/home-assistant.service
|
|
notify:
|
|
- restart hass
|
|
become: yes
|
|
register: hass_service_changed
|
|
|
|
- name: Reload systemd
|
|
systemd:
|
|
daemon_reload: yes
|
|
become: yes
|
|
when: hass_service_changed.changed
|
|
|
|
- name: enable HASS
|
|
service:
|
|
name: home-assistant # required. Name of the service.
|
|
enabled: true # not required. Whether the service should start on boot. B(At least one of state and enabled are required.)
|
|
state: started # not required. choices: reloaded;restarted;started;stopped. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service. C(reloaded) will always reload. B(At least one of state and enabled are required.) Note that reloaded will start the service if it is not already started, even if your chosen init system wouldn't normally.
|
|
become: yes
|
|
|
|
|