Ansible: Difference between revisions
From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs) |
Brian Wilson (talk | contribs) |
||
(6 intermediate revisions by the same user not shown) | |||
Line 21: | Line 21: | ||
== Goals for Repeater Linking project == | == Goals for Repeater Linking project == | ||
Starting point: Raspberry Pi 4 | Starting point: Raspberry Pi 4 | ||
# Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.) | |||
# Use the imager also to install a user account and ssh public key | |||
# Confirm that you can ssh in | |||
Ansible playbook | Ansible playbook | ||
# Set up credentials (adduser and copy in ssh credential files) | # Set locale, timezone, and language | ||
# Set up additional credentials (adduser and copy in ssh credential files) | |||
# Install WiFi credentials | # Install WiFi credentials | ||
# Configure ssh (change the port) | # Configure ssh (change the port and set for credential only (passwordless) access) | ||
# Install wireguard and configure it | # Install wireguard and configure it | ||
# Set up sound card settings for a Syba UAUD USB sound card | |||
# Install svxlink and configure it | # Install svxlink and configure it | ||
# Install and set up fail2ban | |||
# Install and set up Watchdog | |||
I need to pull config files from Mick's image. | I need to pull config files from Mick's image. | ||
Line 36: | Line 44: | ||
* link account | * link account | ||
== | cd Documents/Projects/TARRA/ | ||
conda activate ansible | |||
ansible tenrec -m ping | |||
ansible tenrec -a uptime | |||
tarra | CHANGED | rc=0 >> | |||
19:53:31 up 11 min, 2 users, load average: 0.08, 0.19, 0.17 | |||
ansible tenrec -b -m package -a name=wireguard | |||
ansible tenrec -b -m package -a name=fail2ban | |||
== Tidbits == | |||
Connect to remote server and dump out everything you know about it: | Connect to remote server and dump out everything you know about it: | ||
ansible -i inventory hostname -m setup | ansible -i inventory hostname -m setup | ||
[[Category: System Administration]] | [[Category: System Administration]] |
Latest revision as of 19:21, 6 May 2024
I learned Ansible in 2016 when engaged in configuring Linux computer to be phone systems. It feels like I have forgotten 100% of the skills I learned. Usually things come back to me quickly, and I hope this will be no different.
Now I will be using it to set up Raspberry Pi computers as svxlink repeater controllers.
Installation
Using Bellman as the test server, as usual. Ansible is just a Python thing so all you need do is create a conda environment and install it. Just two commands,
conda create -n ansible ansible conda activate ansible ansible --version ansible [core 2.16.6] config file = None configured module search path = ['/home/bwilson/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /home/bwilson/miniconda3/envs/ansible/lib/python3.12/site-packages/ansible ansible collection location = /home/bwilson/.ansible/collections:/usr/share/ansible/collections executable location = /home/bwilson/miniconda3/envs/ansible/bin/ansible python version = 3.12.3 | packaged by conda-forge | (main, Apr 15 2024, 18:38:13) [GCC 12.3.0] (/home/bwilson/miniconda3/envs/ansible/bin/python3.12) jinja version = 3.1.3 libyaml = True
Goals for Repeater Linking project
Starting point: Raspberry Pi 4
- Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.)
- Use the imager also to install a user account and ssh public key
- Confirm that you can ssh in
Ansible playbook
- Set locale, timezone, and language
- Set up additional credentials (adduser and copy in ssh credential files)
- Install WiFi credentials
- Configure ssh (change the port and set for credential only (passwordless) access)
- Install wireguard and configure it
- Set up sound card settings for a Syba UAUD USB sound card
- Install svxlink and configure it
- Install and set up fail2ban
- Install and set up Watchdog
I need to pull config files from Mick's image.
- /etc/svxlink
- SSID settings
- link account
cd Documents/Projects/TARRA/ conda activate ansible ansible tenrec -m ping ansible tenrec -a uptime tarra | CHANGED | rc=0 >> 19:53:31 up 11 min, 2 users, load average: 0.08, 0.19, 0.17 ansible tenrec -b -m package -a name=wireguard ansible tenrec -b -m package -a name=fail2ban
Tidbits
Connect to remote server and dump out everything you know about it:
ansible -i inventory hostname -m setup