Ansible: Difference between revisions
From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs) Created page with "== Vagrant == Repository vastra-ansible contains a separate role for each configuration set. (Documented elsewhere.) A main setup.yml pulls in each role when I run "vagrant..." |
Brian Wilson (talk | contribs) |
||
| (12 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
I learned Ansible in 2016 when engaged in configuring Linux computer to be phone systems. It feels like I have forgotten 100% of the skills I learned. Usually things come back to me quickly, and I hope this will be no different. | |||
Now I will be using it to set up Raspberry Pi computers as svxlink repeater controllers. | |||
== Installation == | |||
Using [[Bellman]] as the test server, as usual. Ansible is just a Python thing so all you need do is create a conda environment and install it. Just two commands, | |||
'''conda create -n ansible ansible | |||
'''conda activate ansible''' | |||
'''ansible --version''' | |||
ansible [core 2.16.6] | |||
config file = None | |||
configured module search path = ['/home/bwilson/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] | |||
ansible python module location = /home/bwilson/miniconda3/envs/ansible/lib/python3.12/site-packages/ansible | |||
ansible collection location = /home/bwilson/.ansible/collections:/usr/share/ansible/collections | |||
executable location = /home/bwilson/miniconda3/envs/ansible/bin/ansible | |||
python version = 3.12.3 | packaged by conda-forge | (main, Apr 15 2024, 18:38:13) [GCC 12.3.0] (/home/bwilson/miniconda3/envs/ansible/bin/python3.12) | |||
jinja version = 3.1.3 | |||
libyaml = True | |||
== Goals for Repeater Linking project == | |||
Starting point: Raspberry Pi 4 | |||
# Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.) | |||
# Use the imager also to install a user account and ssh public key | |||
# Confirm that you can ssh in | |||
Ansible playbook | |||
# Set locale, timezone, and language | |||
# Set up additional credentials (adduser and copy in ssh credential files) | |||
# Install WiFi credentials | |||
# Configure ssh (change the port and set for credential only (passwordless) access) | |||
# Install wireguard and configure it | |||
# Set up sound card settings for a Syba UAUD USB sound card | |||
# Install svxlink and configure it | |||
# Install and set up fail2ban | |||
# Install and set up Watchdog | |||
I need to pull config files from Mick's image. | |||
* /etc/svxlink | |||
* SSID settings | |||
* link account | |||
cd Documents/Projects/TARRA/ | |||
conda activate ansible | |||
ansible tenrec -m ping | |||
ansible tenrec -a uptime | |||
tarra | CHANGED | rc=0 >> | |||
19:53:31 up 11 min, 2 users, load average: 0.08, 0.19, 0.17 | |||
ansible tenrec -b -m package -a name=wireguard | |||
ansible tenrec -b -m package -a name=fail2ban | |||
== Tidbits == | |||
Connect to remote server and dump out everything you know about it: | |||
ansible -i inventory hostname -m setup | |||
[[Category: System Administration]] | [[Category: System Administration]] | ||
Latest revision as of 19:21, 6 May 2024
I learned Ansible in 2016 when engaged in configuring Linux computer to be phone systems. It feels like I have forgotten 100% of the skills I learned. Usually things come back to me quickly, and I hope this will be no different.
Now I will be using it to set up Raspberry Pi computers as svxlink repeater controllers.
Installation
Using Bellman as the test server, as usual. Ansible is just a Python thing so all you need do is create a conda environment and install it. Just two commands,
conda create -n ansible ansible conda activate ansible ansible --version ansible [core 2.16.6] config file = None configured module search path = ['/home/bwilson/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /home/bwilson/miniconda3/envs/ansible/lib/python3.12/site-packages/ansible ansible collection location = /home/bwilson/.ansible/collections:/usr/share/ansible/collections executable location = /home/bwilson/miniconda3/envs/ansible/bin/ansible python version = 3.12.3 | packaged by conda-forge | (main, Apr 15 2024, 18:38:13) [GCC 12.3.0] (/home/bwilson/miniconda3/envs/ansible/bin/python3.12) jinja version = 3.1.3 libyaml = True
Goals for Repeater Linking project
Starting point: Raspberry Pi 4
- Install Raspian 32-bit legacy version "Bullseye" (download the IMG first and install from it instead of downloading on the fly.)
- Use the imager also to install a user account and ssh public key
- Confirm that you can ssh in
Ansible playbook
- Set locale, timezone, and language
- Set up additional credentials (adduser and copy in ssh credential files)
- Install WiFi credentials
- Configure ssh (change the port and set for credential only (passwordless) access)
- Install wireguard and configure it
- Set up sound card settings for a Syba UAUD USB sound card
- Install svxlink and configure it
- Install and set up fail2ban
- Install and set up Watchdog
I need to pull config files from Mick's image.
- /etc/svxlink
- SSID settings
- link account
cd Documents/Projects/TARRA/ conda activate ansible ansible tenrec -m ping ansible tenrec -a uptime tarra | CHANGED | rc=0 >> 19:53:31 up 11 min, 2 users, load average: 0.08, 0.19, 0.17 ansible tenrec -b -m package -a name=wireguard ansible tenrec -b -m package -a name=fail2ban
Tidbits
Connect to remote server and dump out everything you know about it:
ansible -i inventory hostname -m setup
