blob: 89498dd9bbafdf871e886154a9c1eef99b053dfc (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
- name: ship setup
hosts: all
gather_facts: no
vars:
user: "{{ '$USER' | expandvars }}"
data: "{{ '$HOME/services' | expandvars }}"
# podman-rootless
#
# * using native overflay fs support (no fuse)
# - at least kernel version 5.13
# - podman info -f '{{.Store.GraphDriverName}}'
# -> "overlay"
# - podman info -f '{{index .Store.GraphStatus "Native Overlay Diff"}}'
# -> true
# - if configured with different storage driver before may need to run
# podman system reset # deletes every image/container/.. with old driver
# - cat .local/share/containers/storage/overlay/.has-mount-program
# -> false
#
# * configure storage driver
# > cat .config/containers/storage.conf
# [storage]
# driver = "overlay"
tasks:
# -- LINGER ----------------------------------------------------------------
# Enable lingering for user, such that processes are not killed if
# there is no login session.
- name: enable-linger
become: true
command: loginctl enable-linger {{ user }}
args:
# Command is not re-run if following file exits.
# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/command_module.html#parameter-creates
creates: "/var/lib/systemd/linger/{{ user }}"
# -- PACKAGES --------------------------------------------------------------
- name: install-packages
become: true
ansible.builtin.package:
name: "{{ item }}"
state: latest
loop:
- vim
- podman
- tmux
- git
- ncdu
- restic
# For restic mount.
- fuse
# -- COPY FILES ------------------------------------------------------------
- name: copy-files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ data }}"
mode: preserve
loop:
- ftp
- mosquitto
# -- FTP SERVER ------------------------------------------------------------
- name: build-podman-ftp
containers.podman.podman_image:
name: ftp
path: "{{ data }}/ftp"
force: true
register: ftp_build
- name: run-podman-ftp
containers.podman.podman_container:
name: ftp
image: ftp
network: host
volumes:
- "{{ data }}/ftp/inbox:/inbox"
command: python3 -m pyftpdlib --write -d /inbox -u pleb -P moose
recreate: "{{ ftp_build.changed }}"
# -- MOSQUITTO SERVER ------------------------------------------------------
# Use `mosquitto_sub -t '#'` to subscribe to all topics.
- name: run-podman-mosquitto
containers.podman.podman_container:
name: mosquitto
image: docker.io/eclipse-mosquitto
ports:
- "1883:1883/tcp"
volumes:
- "{{ data }}/mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf"
# -- HOME ASSISTANT --------------------------------------------------------
- name: add-user-to-group
become: true
user:
name: "{{ user }}"
group: dialout
append: yes
- name: run-podman-home-assistant
containers.podman.podman_container:
name: homeassistant
image: ghcr.io/home-assistant/home-assistant:stable
#privileged: true
network: host
volumes:
- "{{ data }}/home-assistant/config:/config"
- "/etc/localtime:/etc/localtime:ro"
device:
# Podman somehow stores the device file all lower-case.
# Writing it as /dev/ttyUSB0 is treated as a change.
- "/dev/ttyusb0:/dev/ttyusb0"
|
