124 lines
3.1 KiB
YAML
124 lines
3.1 KiB
YAML
---
|
|
- block:
|
|
|
|
- name: install homeassistant dependencies
|
|
apt:
|
|
name:
|
|
- autoconf
|
|
- build-essential
|
|
- libffi-dev
|
|
- libopenjp2-7
|
|
- libssl-dev
|
|
- libtiff5
|
|
- python3
|
|
- python3-dev
|
|
- python3-pip
|
|
- virtualenv
|
|
update_cache: true
|
|
cache_valid_time: 3600
|
|
|
|
- name: ensure homeassistant group exits
|
|
group:
|
|
name: homeassistant
|
|
system: true
|
|
|
|
- name: ensure homeassistant user exists and has restrictive settings
|
|
user:
|
|
name: homeassistant
|
|
groups: homeassistant
|
|
password: "*"
|
|
home: "{{ homeassistant_dir }}"
|
|
system: true
|
|
shell: /usr/sbin/nologin
|
|
|
|
- name: get available groups
|
|
getent:
|
|
database: group
|
|
|
|
- name: ensure that {{ homeassistant_config_dir }} exists
|
|
file:
|
|
path: "{{ homeassistant_config_dir }}"
|
|
state: directory
|
|
owner: homeassistant
|
|
group: root
|
|
mode: "0750"
|
|
|
|
- name: add homeassistant user to ssl-cert group
|
|
user:
|
|
name: homeassistant
|
|
groups: ssl-cert
|
|
append: true
|
|
become: true
|
|
when:
|
|
- homeassistant_add_to_ssl_cert_group
|
|
- ssl-cert in ansible_facts.getent_group
|
|
|
|
- name: add homeassistant user to dialout, gpio and i2c groups
|
|
user:
|
|
name: homeassistant
|
|
groups: dialout,gpio,i2c
|
|
append: true
|
|
when: is_a_raspberrypi
|
|
|
|
- name: install wheel and homeassistant inside a virtualenv
|
|
pip:
|
|
name:
|
|
- wheel
|
|
- homeassistant
|
|
virtualenv: "{{ homeassistant_dir }}"
|
|
|
|
- name: ensure homeassistant owns "{{ homeassistant_dir }}"
|
|
file:
|
|
path: "{{ homeassistant_dir }}"
|
|
state: directory
|
|
recurse: true
|
|
owner: homeassistant
|
|
group: homeassistant
|
|
|
|
- name: install homeassistant systemd unit file
|
|
template:
|
|
src: etc/systemd/system/homeassistant.service.j2
|
|
dest: /etc/systemd/system/homeassistant.service
|
|
notify:
|
|
- systemctl daemon-reload
|
|
|
|
- name: ensure homeassistant is enabled and started
|
|
systemd:
|
|
name: homeassistant
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Wait for port 8123
|
|
wait_for:
|
|
port: 8123
|
|
delay: 10
|
|
|
|
- name: add influxdb settings in configuration.yaml
|
|
blockinfile:
|
|
path: "{{ homeassistant_config_dir }}/configuration.yaml"
|
|
marker: "# {mark} ANSIBLE INFLUXDB SETTINGS"
|
|
block: |
|
|
influxdb:
|
|
host: {{ homeassistant_influxdb_host }}
|
|
port: {{ homeassistant_influxdb_port }}
|
|
when:
|
|
- homeassistant_influxdb_host
|
|
notify: systemctl restart homeassistant
|
|
|
|
- name: add custom TLS settings in configuration.yaml
|
|
blockinfile:
|
|
path: "{{ homeassistant_config_dir }}/configuration.yaml"
|
|
marker: "# {mark} ANSIBLE TLS SETTINGS"
|
|
block: |
|
|
http:
|
|
ssl_certificate: {{ homeassistant_ssl_certificate }}
|
|
ssl_key: {{ homeassistant_ssl_key }}
|
|
when:
|
|
- homeassistant_add_to_ssl_cert_group
|
|
- ssl-cert in ansible_facts.getent_group
|
|
- homeassistant_ssl_certificate and homeassistant_ssl_key
|
|
notify: systemctl restart homeassistant
|
|
|
|
become: "{{ homeassistant_become }}"
|
|
become_user: "{{ homeassistant_become_user }}"
|