Ansible roles that I wrote for my own use.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

103 lines
2.6 KiB

---
- block:
- name: install homeassistant dependencies
apt:
name:
- autoconf
- build-essential
- libffi-dev
- libopenjp2-7
- libssl-dev
- libtiff5
- python3
- python3-dev
- python3-pip
- virtualenv
update_cache: true
cache_valid_time: 3600
- name: ensure homeassistant group exits
group:
name: homeassistant
system: true
- name: ensure homeassistant user exists and has restrictive settings
user:
name: homeassistant
groups: homeassistant
password: "*"
home: "{{ homeassistant_dir }}"
system: true
shell: /usr/sbin/nologin
- name: get available groups
getent:
database: group
- name: add homeassistant user to ssl-cert group
user:
name: homeassistant
groups: ssl-cert
append: true
become: true
when:
- homeassistant_add_to_ssl_cert_group
- ssl-cert in ansible_facts.getent_group
- name: add homeassistant user to dialout, gpio and i2c groups
user:
name: homeassistant
groups: dialout,gpio,i2c
append: true
when: is_a_raspberrypi
- name: install wheel and homeassistant inside a virtualenv
pip:
name:
- wheel
- homeassistant
virtualenv: "{{ homeassistant_dir }}"
- name: ensure homeassistant owns "{{ homeassistant_dir }}"
file:
path: "{{ homeassistant_dir }}"
state: directory
recurse: true
owner: homeassistant
group: homeassistant
- name: install homeassistant systemd unit file
template:
src: etc/systemd/system/homeassistant.service.j2
dest: /etc/systemd/system/homeassistant.service
notify:
- systemctl daemon-reload
- name: ensure homeassistant is enabled and started
systemd:
name: homeassistant
state: started
enabled: true
- name: Wait for port 8123
wait_for:
port: 8123
delay: 10
- name: add custom TLS settings in configuration.yaml
blockinfile:
path: "{{ homeassistant_dir }}/.homeassistant/configuration.yaml"
marker: "# {mark} ANSIBLE TLS SETTINGS"
block: |
http:
ssl_certificate: {{ homeassistant_ssl_certificate }}
ssl_key: {{ homeassistant_ssl_key }}
when:
- homeassistant_add_to_ssl_cert_group
- ssl-cert in ansible_facts.getent_group
- homeassistant_ssl_certificate and homeassistant_ssl_key
notify: systemctl restart homeassistant
become: "{{ homeassistant_become }}"
become_user: "{{ homeassistant_become_user }}"