Ansible: Difference between revisions

From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs)
Brian Wilson (talk | contribs)
 
(11 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Vagrant ==
I learned Ansible in 2016 when engaged in configuring Linux computer to be phone systems. It feels like I have forgotten 100% of the skills I learned. Usually things come back to me quickly, and I hope this will be no different.


Repository vastra-ansible
Now I will be using it to set up Raspberry Pi computers as svxlink repeater controllers.
contains a separate role for each configuration set. (Documented elsewhere.)


A main setup.yml pulls in each role when I run "vagrant up" or "vagrant provision".
== Installation ==


== Ansible Control ==
Using [[Bellman]] as the test server, as usual. Ansible is just a Python thing so all you need do is create a conda environment and install it. Just two commands,


http://everythingshouldbevirtual.com/ansible-setting-up-an-ansible-control-machine-part-1
'''conda create -n ansible ansible
'''conda activate ansible'''
'''ansible --version'''
ansible [core 2.16.6]
  config file = None
  configured module search path = ['/home/bwilson/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/bwilson/miniconda3/envs/ansible/lib/python3.12/site-packages/ansible
  ansible collection location = /home/bwilson/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/bwilson/miniconda3/envs/ansible/bin/ansible
  python version = 3.12.3 | packaged by conda-forge | (main, Apr 15 2024, 18:38:13) [GCC 12.3.0] (/home/bwilson/miniconda3/envs/ansible/bin/python3.12)
  jinja version = 3.1.3
  libyaml = True


The Ansible Control Machine will be the central control for all Vastra machines.
== Goals for Repeater Linking project ==
Starting point: Raspberry Pi 4


# Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.)
# Use the imager also to install a user account and ssh public key
# Confirm that you can ssh in


== Tid bits ==
Ansible playbook


Connect to remote server and dump out everything you know about it:
# Set locale, timezone, and language
# Set up additional credentials (adduser and copy in ssh credential files)
# Install WiFi credentials
# Configure ssh (change the port and set for credential only (passwordless) access)
# Install wireguard and configure it
# Set up sound card settings for a Syba UAUD USB sound card
# Install svxlink and configure it
# Install and set up fail2ban
# Install and set up Watchdog
I need to pull config files from Mick's image.


ansible -i inventory hostname -m setup
* /etc/svxlink
* SSID settings
* link account


cd Documents/Projects/TARRA/
conda activate ansible
ansible tenrec -m ping
ansible tenrec -a uptime
tarra | CHANGED | rc=0 >>
19:53:31 up 11 min,  2 users,  load average: 0.08, 0.19, 0.17
ansible tenrec -b -m package -a name=wireguard
ansible tenrec -b -m package -a name=fail2ban


== Tidbits ==
Connect to remote server and dump out everything you know about it:


ansible -i inventory hostname -m setup
[[Category: System Administration]]
[[Category: System Administration]]

Latest revision as of 19:21, 6 May 2024

I learned Ansible in 2016 when engaged in configuring Linux computer to be phone systems. It feels like I have forgotten 100% of the skills I learned. Usually things come back to me quickly, and I hope this will be no different.

Now I will be using it to set up Raspberry Pi computers as svxlink repeater controllers.

Installation

Using Bellman as the test server, as usual. Ansible is just a Python thing so all you need do is create a conda environment and install it. Just two commands,

conda create -n ansible ansible
conda activate ansible
ansible --version
ansible [core 2.16.6]
 config file = None
 configured module search path = ['/home/bwilson/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
 ansible python module location = /home/bwilson/miniconda3/envs/ansible/lib/python3.12/site-packages/ansible
 ansible collection location = /home/bwilson/.ansible/collections:/usr/share/ansible/collections
 executable location = /home/bwilson/miniconda3/envs/ansible/bin/ansible
 python version = 3.12.3 | packaged by conda-forge | (main, Apr 15 2024, 18:38:13) [GCC 12.3.0] (/home/bwilson/miniconda3/envs/ansible/bin/python3.12)
 jinja version = 3.1.3
 libyaml = True

Goals for Repeater Linking project

Starting point: Raspberry Pi 4

  1. Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.)
  2. Use the imager also to install a user account and ssh public key
  3. Confirm that you can ssh in

Ansible playbook

  1. Set locale, timezone, and language
  2. Set up additional credentials (adduser and copy in ssh credential files)
  3. Install WiFi credentials
  4. Configure ssh (change the port and set for credential only (passwordless) access)
  5. Install wireguard and configure it
  6. Set up sound card settings for a Syba UAUD USB sound card
  7. Install svxlink and configure it
  8. Install and set up fail2ban
  9. Install and set up Watchdog

I need to pull config files from Mick's image.

  • /etc/svxlink
  • SSID settings
  • link account
cd Documents/Projects/TARRA/
conda activate ansible
ansible tenrec -m ping
ansible tenrec -a uptime
tarra | CHANGED | rc=0 >>
19:53:31 up 11 min,  2 users,  load average: 0.08, 0.19, 0.17
ansible tenrec -b -m package -a name=wireguard
ansible tenrec -b -m package -a name=fail2ban

Tidbits

Connect to remote server and dump out everything you know about it:

ansible -i inventory hostname -m setup