server_automation

This repo is destined for my server automations and setup.

7.1 KB•YML

homeassistant.yml

7.1 KB • 177 lines • yaml

1---
2# ============================================================================
3# Home Assistant Supervised Complete Installation Playbook
4# ============================================================================
5#
6#
7# PREREQUISITES:
8# - Fresh Debian 11 or 12 installation
9# - SSH access with sudo privileges for ansible_user
10# - Internet connectivity for package downloads
11# - Static IP address recommended
12#
13# ============================================================================
14
15- name: "Complete Home Assistant Supervised Setup"
16  hosts: homeassistant_servers
17  become: true
18  gather_facts: true
19
20  pre_tasks:
21    - name: Verify homeassistant server requirements
22      assert:
23        that:
24          - ansible_distribution == "Debian"
25          - ansible_distribution_major_version | int >= 11
26          - ansible_memtotal_mb >= 1500  # Minimum 1.5GB RAM
27          - ansible_processor_vcpus >= 2  # Minimum 2 CPU cores
28        fail_msg: |
29          Home Assistant system requirements not met:
30          - Requires Debian 11 or 12
31          - Minimum 1.5GB RAM (found {{ ansible_memtotal_mb }}MB)
32          - Minimum 2 CPU cores (found {{ ansible_processor_vcpus }})
33        success_msg: "Home Assistant system requirements validated successfully"
34      tags: always
35
36    - name: Verify server is in homeassistant_servers group
37      fail:
38        msg: "This server must be in the [homeassistant_servers] inventory group. Check your inventory/hosts file."
39      when: "'homeassistant_servers' not in group_names"
40      tags: always
41
42    - name: Display homeassistant deployment information
43      debug:
44        msg: |
45          ============================================================================
46          Home Assistant Supervised Installation Starting
47          ============================================================================
48          Target Host: {{ inventory_hostname }}
49          Target IP: {{ ansible_default_ipv4.address }}
50          OS: {{ ansible_distribution }} {{ ansible_distribution_version }}
51          Architecture: {{ ansible_architecture }}
52          User: {{ my_user_username }}
53          Machine Type: {{ homeassistant_machine_type }}
54          ============================================================================
55      tags: always
56
57  # ============================================================================
58  # ROLE EXECUTION ORDER (CRITICAL FOR PROPER INSTALLATION)
59  # ============================================================================
60
61  roles:
62    # 1. USER MANAGEMENT - Create homeassistant user with proper groups
63    - role: user
64      tags: [user, setup]
65
66    # 2. SYSTEM SETUP - Basic system configuration and packages
67    - role: system
68      tags: [system, setup]
69
70    # 3. DOCKER INSTALLATION - Install Docker using geerlingguy.docker
71    - role: geerlingguy.docker
72      tags: [docker, setup]
73
74    # 4. DOCKER FRAMEWORK - Setup Docker directory structure
75    - role: docker-framework
76      tags: [docker, framework]
77
78    # 5. SECURITY HARDENING - Apply security settings
79    - role: geerlingguy.security
80      tags: [security, hardening]
81
82    # 6. HOME ASSISTANT SUPERVISED - Complete installation (Docker required)
83    - role: homeassistant
84      tags: [homeassistant, ha]
85
86    # 7. MONITORING - System monitoring
87    - role: monitoring
88      tags: [monitoring, glances]
89
90  # ============================================================================
91  # POST-INSTALLATION TASKS
92  # ============================================================================
93
94  post_tasks:
95    - name: Check if network transition is pending
96      stat:
97        path: /etc/systemd/system/ha-network-transition.service
98      register: network_transition_pending
99
100    - name: Display network transition requirement
101      debug:
102        msg: |
103          NETWORK TRANSITION PENDING
104
105          A reboot is required to complete the NetworkManager transition.
106          The transition script is ready at: /usr/local/bin/ha-network-transition.sh
107
108          After Home Assistant installation completes:
109          1. Reboot the server: sudo reboot
110          2. Check transition log: cat /var/log/ha-network-transition.log
111          3. Verify NetworkManager: systemctl status NetworkManager
112      when: network_transition_pending.stat.exists
113
114    - name: Verify core services are running
115      ansible.builtin.command: "systemctl is-active {{ item }}"
116      register: service_checks
117      changed_when: false
118      failed_when: false
119      check_mode: false
120      loop:
121        - docker
122        - NetworkManager
123        - os-agent
124        - hassio-supervisor
125      tags: ['verification']
126
127    - name: Verify Home Assistant Supervisor binary exists
128      stat:
129        path: /usr/sbin/hassio-supervisor
130      register: supervisor_binary
131      tags: ['verification', 'ha-validation']
132
133    - name: Display installation summary
134      debug:
135        msg: |
136          ============================================================================
137          Home Assistant Supervised Installation Complete!
138          ============================================================================
139
140          Home Assistant Access:
141             Web Interface: http://{{ ansible_default_ipv4.address }}:8123
142             NPM Admin: http://{{ ansible_default_ipv4.address }}:{{ homeassistant_npm_admin_port }}
143             SSH Access: ssh {{ my_user_username }}@{{ ansible_default_ipv4.address }}
144
145          System Information:
146             Host: {{ inventory_hostname }}
147             IP Address: {{ ansible_default_ipv4.address }}
148             OS: {{ ansible_distribution }} {{ ansible_distribution_version }}
149             Architecture: {{ ansible_architecture }}
150             Machine Type: {{ homeassistant_machine_type }}
151             User: {{ my_user_username }}
152
153          Services:
154             - Docker: {{ 'Running' if service_checks.results[0].rc == 0 else 'Not running' }}
155             - NetworkManager: {{ 'Running' if service_checks.results[1].rc == 0 else 'Not running' }}
156             - OS Agent: {{ 'Running' if service_checks.results[2].rc == 0 else 'Not running' }}
157             - Supervisor: {{ 'Running' if service_checks.results[3].rc == 0 else 'Not running' }}
158             - Supervisor Binary: {{ 'Present' if supervisor_binary.stat.exists else 'Missing' }}
159             - Reverse Proxy: {{ 'Enabled' if homeassistant_npm_enabled else 'Disabled' }}
160             - CrowdSec: {{ 'Enabled' if homeassistant_crowdsec_enabled else 'Disabled' }}
161
162          Useful Commands:
163             - Check supervisor status: sudo systemctl status hassio-supervisor
164             - View supervisor logs: sudo journalctl -fu hassio-supervisor
165             - Docker containers: docker ps
166             - OS Agent status: systemctl status os-agent
167
168          Important Notes:
169             - Initial startup may take 5-10 minutes
170             - Create backups before major updates
171             {% if network_transition_pending is defined and network_transition_pending.stat.exists %}
172             - Network transition pending - reboot required
173             {% endif %}
174
175          ============================================================================
176      tags: always
177

1--- 2# ============================================================================ 3# Home Assistant Supervised Complete Installation Playbook 4# ============================================================================ 5# 6# 7# PREREQUISITES: 8# - Fresh Debian 11 or 12 installation 9# - SSH access with sudo privileges for ansible_user 10# - Internet connectivity for package downloads 11# - Static IP address recommended 12# 13# ============================================================================ 14 15- name: "Complete Home Assistant Supervised Setup" 16 hosts: homeassistant_servers 17 become: true 18 gather_facts: true 19 20 pre_tasks: 21 - name: Verify homeassistant server requirements 22 assert: 23 that: 24 - ansible_distribution == "Debian" 25 - ansible_distribution_major_version | int >= 11 26 - ansible_memtotal_mb >= 1500 # Minimum 1.5GB RAM 27 - ansible_processor_vcpus >= 2 # Minimum 2 CPU cores 28 fail_msg: | 29 Home Assistant system requirements not met: 30 - Requires Debian 11 or 12 31 - Minimum 1.5GB RAM (found {{ ansible_memtotal_mb }}MB) 32 - Minimum 2 CPU cores (found {{ ansible_processor_vcpus }}) 33 success_msg: "Home Assistant system requirements validated successfully" 34 tags: always 35 36 - name: Verify server is in homeassistant_servers group 37 fail: 38 msg: "This server must be in the [homeassistant_servers] inventory group. Check your inventory/hosts file." 39 when: "'homeassistant_servers' not in group_names" 40 tags: always 41 42 - name: Display homeassistant deployment information 43 debug: 44 msg: | 45 ============================================================================ 46 Home Assistant Supervised Installation Starting 47 ============================================================================ 48 Target Host: {{ inventory_hostname }} 49 Target IP: {{ ansible_default_ipv4.address }} 50 OS: {{ ansible_distribution }} {{ ansible_distribution_version }} 51 Architecture: {{ ansible_architecture }} 52 User: {{ my_user_username }} 53 Machine Type: {{ homeassistant_machine_type }} 54 ============================================================================ 55 tags: always 56 57 # ============================================================================ 58 # ROLE EXECUTION ORDER (CRITICAL FOR PROPER INSTALLATION) 59 # ============================================================================ 60 61 roles: 62 # 1. USER MANAGEMENT - Create homeassistant user with proper groups 63 - role: user 64 tags: [user, setup] 65 66 # 2. SYSTEM SETUP - Basic system configuration and packages 67 - role: system 68 tags: [system, setup] 69 70 # 3. DOCKER INSTALLATION - Install Docker using geerlingguy.docker 71 - role: geerlingguy.docker 72 tags: [docker, setup] 73 74 # 4. DOCKER FRAMEWORK - Setup Docker directory structure 75 - role: docker-framework 76 tags: [docker, framework] 77 78 # 5. SECURITY HARDENING - Apply security settings 79 - role: geerlingguy.security 80 tags: [security, hardening] 81 82 # 6. HOME ASSISTANT SUPERVISED - Complete installation (Docker required) 83 - role: homeassistant 84 tags: [homeassistant, ha] 85 86 # 7. MONITORING - System monitoring 87 - role: monitoring 88 tags: [monitoring, glances] 89 90 # ============================================================================ 91 # POST-INSTALLATION TASKS 92 # ============================================================================ 93 94 post_tasks: 95 - name: Check if network transition is pending 96 stat: 97 path: /etc/systemd/system/ha-network-transition.service 98 register: network_transition_pending 99 100 - name: Display network transition requirement 101 debug: 102 msg: | 103 NETWORK TRANSITION PENDING 104 105 A reboot is required to complete the NetworkManager transition. 106 The transition script is ready at: /usr/local/bin/ha-network-transition.sh 107 108 After Home Assistant installation completes: 109 1. Reboot the server: sudo reboot 110 2. Check transition log: cat /var/log/ha-network-transition.log 111 3. Verify NetworkManager: systemctl status NetworkManager 112 when: network_transition_pending.stat.exists 113 114 - name: Verify core services are running 115 ansible.builtin.command: "systemctl is-active {{ item }}" 116 register: service_checks 117 changed_when: false 118 failed_when: false 119 check_mode: false 120 loop: 121 - docker 122 - NetworkManager 123 - os-agent 124 - hassio-supervisor 125 tags: ['verification'] 126 127 - name: Verify Home Assistant Supervisor binary exists 128 stat: 129 path: /usr/sbin/hassio-supervisor 130 register: supervisor_binary 131 tags: ['verification', 'ha-validation'] 132 133 - name: Display installation summary 134 debug: 135 msg: | 136 ============================================================================ 137 Home Assistant Supervised Installation Complete! 138 ============================================================================ 139 140 Home Assistant Access: 141 Web Interface: http://{{ ansible_default_ipv4.address }}:8123 142 NPM Admin: http://{{ ansible_default_ipv4.address }}:{{ homeassistant_npm_admin_port }} 143 SSH Access: ssh {{ my_user_username }}@{{ ansible_default_ipv4.address }} 144 145 System Information: 146 Host: {{ inventory_hostname }} 147 IP Address: {{ ansible_default_ipv4.address }} 148 OS: {{ ansible_distribution }} {{ ansible_distribution_version }} 149 Architecture: {{ ansible_architecture }} 150 Machine Type: {{ homeassistant_machine_type }} 151 User: {{ my_user_username }} 152 153 Services: 154 - Docker: {{ 'Running' if service_checks.results[0].rc == 0 else 'Not running' }} 155 - NetworkManager: {{ 'Running' if service_checks.results[1].rc == 0 else 'Not running' }} 156 - OS Agent: {{ 'Running' if service_checks.results[2].rc == 0 else 'Not running' }} 157 - Supervisor: {{ 'Running' if service_checks.results[3].rc == 0 else 'Not running' }} 158 - Supervisor Binary: {{ 'Present' if supervisor_binary.stat.exists else 'Missing' }} 159 - Reverse Proxy: {{ 'Enabled' if homeassistant_npm_enabled else 'Disabled' }} 160 - CrowdSec: {{ 'Enabled' if homeassistant_crowdsec_enabled else 'Disabled' }} 161 162 Useful Commands: 163 - Check supervisor status: sudo systemctl status hassio-supervisor 164 - View supervisor logs: sudo journalctl -fu hassio-supervisor 165 - Docker containers: docker ps 166 - OS Agent status: systemctl status os-agent 167 168 Important Notes: 169 - Initial startup may take 5-10 minutes 170 - Create backups before major updates 171 {% if network_transition_pending is defined and network_transition_pending.stat.exists %} 172 - Network transition pending - reboot required 173 {% endif %} 174 175 ============================================================================ 176 tags: always 177