Ansible: Difference between revisions

From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs)
Brian Wilson (talk | contribs)
 
(6 intermediate revisions by the same user not shown)
Line 21: Line 21:


== Goals for Repeater Linking project ==
== Goals for Repeater Linking project ==
Starting point: Raspberry Pi 4 with standard "light" installation of Raspios 32-bit Debian Buster, needs to have SSH enabled
Starting point: Raspberry Pi 4  
 
# Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.)
# Use the imager also to install a user account and ssh public key
# Confirm that you can ssh in


Ansible playbook
Ansible playbook


# Set up credentials (adduser and copy in ssh credential files)
# Set locale, timezone, and language
# Set up additional credentials (adduser and copy in ssh credential files)
# Install WiFi credentials
# Install WiFi credentials
# Configure ssh (change the port)
# Configure ssh (change the port and set for credential only (passwordless) access)
# Install wireguard and configure it
# Install wireguard and configure it
# Set up sound card settings for a Syba UAUD USB sound card
# Install svxlink and configure it
# Install svxlink and configure it
# Install and set up fail2ban
# Install and set up Watchdog
I need to pull config files from Mick's image.
I need to pull config files from Mick's image.


Line 36: Line 44:
* link account
* link account


== Tid bits ==
cd Documents/Projects/TARRA/
conda activate ansible
ansible tenrec -m ping
ansible tenrec -a uptime
tarra | CHANGED | rc=0 >>
19:53:31 up 11 min,  2 users,  load average: 0.08, 0.19, 0.17
ansible tenrec -b -m package -a name=wireguard
ansible tenrec -b -m package -a name=fail2ban
 
== Tidbits ==
Connect to remote server and dump out everything you know about it:
Connect to remote server and dump out everything you know about it:


  ansible -i inventory hostname -m setup
  ansible -i inventory hostname -m setup
[[Category: System Administration]]
[[Category: System Administration]]

Latest revision as of 19:21, 6 May 2024

I learned Ansible in 2016 when engaged in configuring Linux computer to be phone systems. It feels like I have forgotten 100% of the skills I learned. Usually things come back to me quickly, and I hope this will be no different.

Now I will be using it to set up Raspberry Pi computers as svxlink repeater controllers.

Installation

Using Bellman as the test server, as usual. Ansible is just a Python thing so all you need do is create a conda environment and install it. Just two commands,

conda create -n ansible ansible
conda activate ansible
ansible --version
ansible [core 2.16.6]
 config file = None
 configured module search path = ['/home/bwilson/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
 ansible python module location = /home/bwilson/miniconda3/envs/ansible/lib/python3.12/site-packages/ansible
 ansible collection location = /home/bwilson/.ansible/collections:/usr/share/ansible/collections
 executable location = /home/bwilson/miniconda3/envs/ansible/bin/ansible
 python version = 3.12.3 | packaged by conda-forge | (main, Apr 15 2024, 18:38:13) [GCC 12.3.0] (/home/bwilson/miniconda3/envs/ansible/bin/python3.12)
 jinja version = 3.1.3
 libyaml = True

Goals for Repeater Linking project

Starting point: Raspberry Pi 4

  1. Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.)
  2. Use the imager also to install a user account and ssh public key
  3. Confirm that you can ssh in

Ansible playbook

  1. Set locale, timezone, and language
  2. Set up additional credentials (adduser and copy in ssh credential files)
  3. Install WiFi credentials
  4. Configure ssh (change the port and set for credential only (passwordless) access)
  5. Install wireguard and configure it
  6. Set up sound card settings for a Syba UAUD USB sound card
  7. Install svxlink and configure it
  8. Install and set up fail2ban
  9. Install and set up Watchdog

I need to pull config files from Mick's image.

  • /etc/svxlink
  • SSID settings
  • link account
cd Documents/Projects/TARRA/
conda activate ansible
ansible tenrec -m ping
ansible tenrec -a uptime
tarra | CHANGED | rc=0 >>
19:53:31 up 11 min,  2 users,  load average: 0.08, 0.19, 0.17
ansible tenrec -b -m package -a name=wireguard
ansible tenrec -b -m package -a name=fail2ban

Tidbits

Connect to remote server and dump out everything you know about it:

ansible -i inventory hostname -m setup