[WIP] Perform installation of HomeAssistant host #71

Draft
noby wants to merge 19 commits from noby/ansible:homeassistant into master
5 changed files with 69 additions and 1 deletions
Showing only changes of commit bd4850d4b9 - Show all commits

View File

@ -37,3 +37,5 @@ mosquitto_bridges:
topics: topics:
- topic: "# out 0" - topic: "# out 0"
- topic: "# in 0" - topic: "# in 0"
ha_pg_db_pass: "{{ vault_ha_pg_db_pass }}"

View File

@ -11,3 +11,8 @@ ha_venv_dir: "/opt/homeassistant"
# The default user # The default user
ha_user: homeassistant ha_user: homeassistant
ha_pg_db_version: 15
ha_pg_db_name: homeassistant
ha_pg_db_user: homeassistant
ha_pg_db_pass: xxxxx

View File

@ -0,0 +1,6 @@
---
- name: Restart postgresql
ansible.builtin.service:
name: postgresql
state: restarted

View File

@ -8,3 +8,4 @@
ansible.builtin.include_tasks: '{{ item }}' ansible.builtin.include_tasks: '{{ item }}'
loop: loop:
- preparation.yml - preparation.yml
- postgres.yml

View File

@ -0,0 +1,54 @@
---
- name: Postgres | establish dependencies
ansible.builtin.package:
name: "{{ item }}"
state: present
loop:
- postgresql-{{ ha_pg_db_version }}
- libpq-dev
- python3-psycopg2
- name: Postgres | Configure PostgreSQL database
community.general.postgresql_db:
name: "{{ ha_pg_db_name }}"
template: template0
encoding: utf8
become: true
become_user: postgres
- name: Postgres | Configure PostgreSQL user
community.general.postgresql_user:
db: "{{ ha_pg_db_name }}"
name: "{{ ha_pg_db_user }}"
password: "{{ ha_pg_db_pass }}"
become: true
become_user: postgres
- name: Postgres | GRANT ALL PRIVILEGES ON SCHEMA public TO {{ ha_pg_db_user }}
community.postgresql.postgresql_privs:
db: "{{ ha_pg_db_user }}"
privs: ALL
type: schema
objs: public
role: "{{ ha_pg_db_user }}"
become: true
become_user: postgres
- name: Postgres | Grant all users access to all dbs
community.general.postgresql_pg_hba:
dest: /etc/postgresql/{{ ha_pg_db_version }}/main/pg_hba.conf
contype: host
users: all
databases: all
method: scram-sha-256
source: 0.0.0.0/0
notify: Restart postgresql
- name: Postgres | Listen to external interfaces
community.general.postgresql_set:
name: listen_addresses
value: "*"
become: true
become_user: postgres
notify: Restart postgresql