Installing Ansible tutorial (French)
You can install the role in your project in two ways:
1. With ansible-galaxy:
ansible-galaxy install -p roles themaire.raspberry_pi_configurator2. With git clone:
git clone https://github.com/themaire/ansible-role-raspberry_pi_configurator.git roles/raspberry_pi_configuratorBoth methods will make the role available as raspberry_pi_configurator in your playbooks.
Before flashing, set a custom password for the Pi, configure Wi-Fi (if needed), and enable SSH.
On the computer where you will use Ansible, create an SSH key for your future Raspberry Pi user (e.g. nico, change as needed):
ssh-keygen -f ~/.ssh/nico.keyImportant: Replace the file ./roles/raspberry_pi/files/nico.key.pub with your own public key, named after your future username (e.g. nico.key.pub).
After running the playbook, you will be able to connect via SSH without a password.
The vault file is stored in the group_vars/new folder (vault.yml). It only affects the new node group.
Vault usage:
ansible-vault rekey ./group_vars/new/vault.yml
3 Edit the vault file
ansible-vault edit ./group_vars/new/vault.ymlIt is recommended to declare one admin user first, and no regular users.
Edit the inventory.yml file. Several boards are present as examples.
- Connect to your fresh Raspberry Pi OS via SSH and disconnect immediately.
- (Best option) View or run the file
demo_role_raspberrypi.sh. - Enjoy!
raspbian_configurator/
├── inventory.yml
├── play_configrasp.yml
├── roles/
│ └── raspberry_pi_configurator/
│ ├── defaults/
│ │ └── main.yml
│ ├── files/
│ ├── handlers/
│ ├── meta/
│ ├── tasks/
│ ├── templates/
│ └── tests/
├── group_vars/
│ └── new/
│ ├── new.yml
│ └── vault.yml
└── README.md
- Updates and upgrades each node.
- Installs specified packages (and Log2Ram).
- Creates admin group and users listed in
users_admin. - Changes hostnames using prefix and index from inventory.
- Sets GPU memory split.
- Changes timezone and locale.
- Disables HDMI to save power.
- Disables IPv6 on specified interfaces.
- Changes SSH port.
- Disallows SSH root login and empty passwords.
- Disallows SSH password authentication if an SSH key is provided.
- Allows SSH password authentication within an IP range, if specified.
- Updates and upgrades each node.
- Installs Log2Ram with 128MB RAM size for the log folder.
- Sets GPU memory to 16MB.
- Disables HDMI.
- Disables IPv6 on
wlan0andeth0.
# All uncommented lines are default settings
locale: 'fr_FR.UTF-8'
timezone: 'Europe/Paris'
# Example: 'node' will result in node0, node1, node2...
#hostname_prefix: 'rpi_'
# Additional packages to install
packages:
- git
- tmux
- vim
- nmon
- neofetch
# Changes SSH port
#ssh_port: 22
# RAM size for log2ram folder in megabytes
log2ram_size: '128'
# GPU memory split in megabytes
gpu_mem: '16' # 16, 64, 128 or 256
# Disable HDMI to save power
disable_hdmi: true
# Disable IPv6 on specified interfaces
disable_ipv6_interfaces:
- wlan0
- eth0
# Samba configuration
samba_packages:
- samba-common
- samba
- samba-client
samba_services:
- smbd
# - nmbd
#samba_netbios_name: monserveur
samba_configuration_dir: /etc/samba
samba_configuration: "{{ samba_configuration_dir }}/smb.conf"This is the playbook who use the role. You can see the vars array of 3 tasks familly you can turn on/off.
- name: Configure some new group of one Raspberry Pi
# Hostname or group name from the inventory file
hosts: new
# hosts: new # if you want to run the playbook on all hosts in the inventory, use 'all' instead of 'new'
# hosts: un nom de machine ou un groupe de machines
become: true
gather_facts: true
vars:
do_mandatory: true
do_optional: true
do_experimental: false
roles:
- raspberry_piThis role is inspired by and based on the excellent work of zjael/raspberry_pi (GitHub repo). Many ideas, structure and best practices come from this original project—thanks to the author for sharing his work with the community!