Merge branch 'main' of github.com:imp1sh/ansible_openwrt

README.md

@@ -7,3 +7,21 @@ OpenWrt typically is being used in small environments but this collection is a g
 Click the link for the [documentation.](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection)
 Here is a [Youtube video](https://youtu.be/f1qrP3AagLM) I made in order to introduce it.
 Currently the documentation is German only but when the basics in Ansible are done and the documentation approaches a finshed state, I will translate it into English.
+
+Sections:
+- [Ansible OpenWrt general usage](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection)
+- [Ansible OpenWrt Batman-adv](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleBatmanadv)
+- [Ansible OpenWrt DHCP](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleDHCP)
+- [Ansible OpenWrt Dropbear SSH](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleDropbear)
+- [Ansible OpenWrt Firewall](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleFirewall)
+- [Ansible OpenWrt Network](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleNetwork)
+- [Ansible OpenWrt Packages](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RollePackages)
+- [Ansible OpenWrt Restic Backup](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleRestic)
+- [Ansible OpenWrt SQM QoS](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleSqm)
+- [Ansible OpenWrt Service](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleServices)
+- [Ansible OpenWrt Syste](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleSystem)
+- [Ansible OpenWrt Wireguard](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleWireguard)
+- [Ansible OpenWrt Wireless](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleWireless)
+- [Ansible OpenWrt bmx7](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleBmx7)
+- [Ansible OpenWrt babeld](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleBabeld)
+- [Ansible OpenWrt Imagebuilder](https://wiki.junicast.de/de/junicast/docs/AnsibleOpenWrtCollection/RolleImagebuilder)

roles/ansible_openwrtacme/tasks/main.yml

@@ -1,5 +1,9 @@
 ---
 # tasks file for ansible_openwrtacme
+- name: make sure deploypath is present
+  ansible.builtin.file:
+    path: "{{ openwrt_acme_deploypath }}"
+    state: directory
 - name: Install packages
   opkg:
     name: "acme,acme-dnsapi,luci-app-acme"

roles/ansible_openwrtbabeld/tasks/main.yml

@@ -14,8 +14,6 @@
   ansible.builtin.template:
     src: getprefix.sh.jinja2
     dest: /root/getprefix.sh
-    owner: root
-    group: root
     mode: 0744
   when:
     not openwrt_babeld_runimagebuilder | default(false)

roles/ansible_openwrtbatmanadv/defaults/main.yml

@@ -1,2 +1,5 @@
 ---
-# defaults file for ansible_openwrtbatmanadv
+# defaults file for ansible_openwrtbatmanadv
+openwrt_batmanadv_deployroot: "/"
+openwrt_batmanadv_deploypath: "{{ openwrt_batmanadv_deployroot }}etc/config"
+openwrt_batmanadv_deployfile: "batman-adv"

roles/ansible_openwrtbatmanadv/tasks/main.yml

@@ -1,10 +1,16 @@
 ---
 # tasks file for ansible_openwrtbatmanadv
+- name: make sure deploypath is present
+  ansible.builtin.file:
+    path: "{{ openwrt_batmanadv_deploypath }}"
+    state: directory
 - name: Install batman-adv software
   package:
     name:
       - kmod-batman-adv
       - alfred
       - batctl-full
     state: present
+  when:
+    - not openwrt_batmanadv_runimagebuilder | default(false)
 

roles/ansible_openwrtbmx7/defaults/main.yml

@@ -1,2 +1,5 @@
 ---
-# defaults file for ansible_openwrtbmx7
+# defaults file for ansible_openwrtbmx7
+openwrt_bmx7_deployroot: "/"
+openwrt_bmx7_deploypath: "{{ openwrt_bmx7_deployroot }}etc/config"
+openwrt_bmx7_deployfile: "bmx7"

roles/ansible_openwrtbmx7/tasks/main.yml

@@ -1,55 +1,75 @@
 ---
 # tasks file for ansible_openwrtbmx7
+- name: make sure deploypath is present
+  ansible.builtin.file:
+    path: "{{ openwrt_bmx7_deploypath }}"
+    state: directory
 - name: Refresh opkg so packages will be found
   shell: opkg update
+  when:
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: Install json plugin
   package:
     name: bmx7-json
     state: present
-  when: openwrt_bmx7_plugin_json_enabled is defined
+  when:
+    - openwrt_bmx7_plugin_json_enabled is defined
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: Install topology plugin
   package:
     name: bmx7-topology
     state: present
-  when: openwrt_bmx7_plugin_topology_enabled is defined
+  when:
+    - openwrt_bmx7_plugin_topology_enabled is defined
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: Install sms plugin
   package:
     name: bmx7-sms
     state: present
-  when: openwrt_bmx7_plugin_sms_enabled is defined
+  when:
+    - openwrt_bmx7_plugin_sms_enabled is defined
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: Install tun plugin
   package:
     name: bmx7-tun
     state: present
-  when: openwrt_bmx7_plugin_tun_enabled is defined
+  when:
+    - openwrt_bmx7_plugin_tun_enabled is defined
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: Install jq in order to be able to parse ifstatus
   package:
     name: jq
     state: present
+  when:
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: Install getprefix script
   template:
     src: getprefix.sh.jinja2
     dest: /root/getprefix.sh
-    owner: root
-    group: root
     mode: 0744
+  when:
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: register dynamic prefixes
   shell: /root/getprefix.sh
   register: openwrt_bmx7_collectedprefixes
+  when:
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: register local ula
   shell: /sbin/uci get network.globals.ula_prefix
   register: openwrt_bmx7_ulaprefix
+  when:
+    - not openwrt_bmx7_runimagebuilder | default(false)
 - name: Provide bmx7 configuration
   template:
     src: bmx7.jinja2
-    dest: /etc/config/bmx7
-    owner: root
-    group: root
+    dest: "{{ openwrt_bmx7_deploypath }}/{{ openwrt_bmx7_deployfile }}"
     mode: 0600
   notify: restart bmx7
 - name: enable bmx7 service
   service:
     name: bmx7
     state: started
     enabled: yes
+  when:
+    - not openwrt_bmx7_runimagebuilder | default(false)
 

roles/ansible_openwrtdhcp/tasks/main.yml

@@ -1,14 +1,16 @@
 ---
 # tasks file for ansible_openwrtdhcp
+- name: make sure deploypath is present
+  ansible.builtin.file:
+    path: "{{ openwrt_dhcp_deploypath }}"
+    state: directory
 - name: merge dhcp group pools
   include_tasks: merge.yml
   when: openwrt_dhcp_poolsgroup is defined
 - name: Install dhcp config
   template:
     src: dhcp.jinja2
     dest: "{{ openwrt_dhcp_deployroot }}{{ openwrt_dhcp_deploypath }}/{{ openwrt_dhcp_deployfile }}"
-    owner: root
-    group: root
     mode: 0600
   notify: restart dnsmasq
 

roles/ansible_openwrtfirewall/tasks/main.yml

@@ -1,5 +1,9 @@
 ---
 # tasks file for ansible_openwrtfirewall
+- name: make sure deploypath config exists
+  ansible.builtin.file:
+    path: "{{ openwrt_firewall_deploypath }}"
+    state: directory
 - name: declare emtpy zone array
   set_fact:
     openwrt_firewall_zonesactive: []

roles/ansible_openwrtimagebuilder/README.md

@@ -0,0 +1 @@
+https://github.com/imp1sh/ansible_openwrt

roles/ansible_openwrtimagebuilder/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for ansible_openwrtimagebuilder

roles/ansible_openwrtimagebuilder/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for ansible_openwrtimagebuilder

roles/ansible_openwrtimagebuilder/meta/main.yml

@@ -0,0 +1,52 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.

roles/ansible_openwrtimagebuilder/tasks/main.yml

@@ -0,0 +1,57 @@
+---
+# tasks file for ansible_openwrtimagebuilder
+- name: make sure builddir exists
+  ansible.builtin.file:
+    path: "{{ openwrt_imagebuilder_builddir }}"
+    state: directory
+- name: make sure outputdir exists
+  ansible.builtin.file:
+    path: "{{ openwrt_imagebuilder_outputdir }}"
+    state: directory
+- name: download and extract imagebuilder
+  ansible.builtin.unarchive:
+    src: "{{ openwrt_imagebuilder_downloadurl }}"
+    list_files: yes
+    remote_src: yes
+    dest: "{{ openwrt_imagebuilder_builddir }}"
+  register: openwrt_imagebuilder_extraction
+- name: get extracted folder name
+  set_fact:
+    openwrt_imagebuilder_extractedfolder: "{{ openwrt_imagebuilder_extraction.files[0] }}"
+- name: remove old files dir if exist
+  ansible.builtin.file:
+    path: "{{ openwrt_imagebuilder_builddir }}/{{ openwrt_imagebuilder_extractedfolder }}{{ openwrt_imagebuilder_filesdir }}"
+    state: absent
+- name: create empty files dir
+  ansible.builtin.file:
+    path: "{{ openwrt_imagebuilder_builddir }}/{{ openwrt_imagebuilder_extractedfolder }}{{ openwrt_imagebuilder_filesdir }}"
+    state: directory
+- name: set this files directory to use as openwrt deployroot for all compatible roles
+  set_fact:
+    "{{ item }}": "{{ openwrt_imagebuilder_builddir }}/{{ openwrt_imagebuilder_extractedfolder }}{{ openwrt_imagebuilder_filesdir }}/"
+  loop:
+    - openwrt_acme_deployroot
+    - openwrt_batmanadv_deployroot
+    - openwrt_babeld_deployroot
+    - openwrt_bmx7_deployroot
+    - openwrt_dhcp_deployroot
+    - openwrt_dropbear_deployroot
+    - openwrt_firewall_deployroot
+    - openwrt_network_deployroot
+    - openwrt_restic_deployroot
+    - openwrt_services_deployroot
+    - openwrt_system_deployroot
+- name: run all openwrt roles that are compatible with imagebuilder
+  ansible.builtin.include_role:
+    name: "{{ item }}"
+  loop:
+    - imp1sh.ansible_openwrt.ansible_openwrtacme
+    - imp1sh.ansible_openwrt.ansible_openwrtbatmanadv
+    - imp1sh.ansible_openwrt.ansible_openwrtbabeld
+    - imp1sh.ansible_openwrt.ansible_openwrtdhcp
+    - imp1sh.ansible_openwrt.ansible_openwrtdropbear
+    - imp1sh.ansible_openwrt.ansible_openwrtfirewall
+    - imp1sh.ansible_openwrt.ansible_openwrtnetwork
+    - imp1sh.ansible_openwrt.ansible_openwrtrestic
+    - imp1sh.ansible_openwrt.ansible_openwrtsystem
+      #- imp1sh.ansible_openwrt.ansible_openwrtbmx7

roles/ansible_openwrtimagebuilder/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

roles/ansible_openwrtimagebuilder/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - ansible_openwrtimagebuilder

roles/ansible_openwrtimagebuilder/vars/main.yml

@@ -0,0 +1,6 @@
+---
+# vars file for ansible_openwrtimagebuilder
+openwrt_imagebuilder_builddir: "/tmp/openwrt_imagebuilder"
+openwrt_imagebuilder_outputdir: "/tmp/openwrt_imagebuilder_images"
+openwrt_imagebuilder_downloadurl: "https://downloads.openwrt.org/releases/22.03.0-rc6/targets/x86/64/openwrt-imagebuilder-22.03.0-rc6-x86-64.Linux-x86_64.tar.xz"
+openwrt_imagebuilder_filesdir: "files"

roles/ansible_openwrtnetwork/tasks/main.yml

@@ -27,7 +27,5 @@
   ansible.builtin.template:
     src: network.jinja2
     dest: "{{ openwrt_network_deploypath }}/{{ openwrt_network_deployfile }}"
-    owner: root
-    group: root
     mode: 0600
   notify: restart network

roles/ansible_openwrtrestic/defaults/main.yml

@@ -13,9 +13,10 @@ openwrt_restic_keepweekly: 3
 openwrt_restic_keepdaily: 9
 openwrt_restic_keepmonthly: 2
 openwrt_restic_deployroot: "/"
-openwrt_restic_deploypath: "{{ openwrt_restic_deployroot }}etc/restic"
+openwrt_restic_deploypath: "{{ openwrt_restic_deployroot }}etc"
+openwrt_restic_deployfile: "restic"
 openwrt_restic_deploypath_sysupgrade: "{{ openwrt_restic_deployroot }}etc"
-openwrt_restic_deployfilie_sysupgrade: "sysupgrade.conf"
+openwrt_restic_deployfile_sysupgrade: "sysupgrade.conf"
 openwrt_restic_deploypath_passwordfile: "{{ openwrt_restic_deployroot }}etc"
 openwrt_restic_deployfile_passwordfile: "resticpassword"
 openwrt_restic_deploypath_knownhosts: "{{ openwrt_restic_deployroot }}root/.ssh"

roles/ansible_openwrtrestic/tasks/1install.yml

@@ -5,6 +5,11 @@
     state: present
     update_cache: true
   when: not openwrt_restic_runimagebuilder | default(false)
+- name: make sure sysupgrade.conf file exists
+  ansible.builtin.file:
+    path: "{{ openwrt_restic_deploypath_sysupgrade }}/{{ openwrt_restic_deployfile_sysupgrade }}"
+    mode: '0644'
+    state: touch
 - name: add /etc/config/installed.packages to sysupgrade config
   lineinfile:
     path: "{{ openwrt_restic_deploypath_sysupgrade }}/{{ openwrt_restic_deployfile_sysupgrade }}"

roles/ansible_openwrtrestic/tasks/main.yml

@@ -1,5 +1,9 @@
 ---
 # tasks file for ansible_openwrtrestic
+- name: make sure deploypath config exists
+  ansible.builtin.file:
+    path: "{{ openwrt_restic_deploypath }}"
+    state: directory
 - name: Installation and preparation
   include_tasks: 1install.yml
 - name: SSH setup
@@ -15,6 +19,7 @@
     - not 'config file already exists' in restic_init.stderr
     - not 'config already initialized' in restic_init.stderr
     - not 'config already exists' in restic_init.stderr
+    - not openwrt_restic_runimagebuilder | default(false)
 - name: "setup cron jobs"
   include_tasks: 5cron.yml
   when: not openwrt_restic_runimagebuilder | default(false)

roles/ansible_openwrtservices/defaults/main.yml

@@ -1,3 +1,5 @@
 ---
 # defaults file for ansible_openwrtservices
-openwrt_services_deploypath: "/etc/rc.local"
+openwrt_services_deployroot: "/"
+openwrt_services_deploypath: "{{ openwrt_services_deployroot }}etc"
+openwrt_services_deployfile: "rc.local"