server_automation

This repo is destined for my server automations and setup.

9.7 KB•YML

homeassistant.yml

9.7 KB • 243 lines • yaml

1---
2# ============================================================================
3# Home Assistant Supervised Complete Installation Playbook
4# ============================================================================
5#
6#
7# PREREQUISITES:
8# - Fresh Debian 11 or 12 installation
9# - SSH access with sudo privileges for ansible_user
10# - Internet connectivity for package downloads
11# - Static IP address recommended
12#
13# ============================================================================
14
15- name: "Complete Home Assistant Supervised Setup"
16  hosts: homeassistant_servers
17  become: true
18  gather_facts: true
19  
20  pre_tasks:
21    - name: Verify homeassistant server requirements
22      assert:
23        that:
24          - ansible_distribution == "Debian"
25          - ansible_distribution_major_version | int >= 11
26          - ansible_memtotal_mb >= 1500  # Minimum 1.5GB RAM
27          - ansible_processor_vcpus >= 2  # Minimum 2 CPU cores
28        fail_msg: |
29          Home Assistant system requirements not met:
30          - Requires Debian 11 or 12
31          - Minimum 1.5GB RAM (found {{ ansible_memtotal_mb }}MB)  
32          - Minimum 2 CPU cores (found {{ ansible_processor_vcpus }})
33        success_msg: "Home Assistant system requirements validated successfully"
34      tags: always
35
36    - name: Verify server is in homeassistant_servers group
37      fail:
38        msg: "This server must be in the [homeassistant_servers] inventory group. Check your inventory/hosts file."
39      when: "'homeassistant_servers' not in group_names"
40      tags: always
41
42    - name: Display homeassistant deployment information
43      debug:
44        msg: |
45          ============================================================================
46          Home Assistant Supervised Installation Starting
47          ============================================================================
48          Target Host: {{ inventory_hostname }}
49          Target IP: {{ ansible_default_ipv4.address }}
50          OS: {{ ansible_distribution }} {{ ansible_distribution_version }}
51          Architecture: {{ ansible_architecture }}
52          User: {{ my_user_username }}
53          Machine Type: {{ homeassistant_machine_type }}
54          ============================================================================
55      tags: always
56
57  # ============================================================================
58  # ROLE EXECUTION ORDER (CRITICAL FOR PROPER INSTALLATION)
59  # ============================================================================
60  
61  roles:
62    # 1. USER MANAGEMENT - Create homeassistant user with proper groups
63    - role: user
64      tags: [user, setup]
65
66    # 2. SYSTEM SETUP - Basic system configuration and packages  
67    - role: system
68      tags: [system, setup]
69
70    # 3. DOCKER INSTALLATION - Install Docker using geerlingguy.docker
71    - role: geerlingguy.docker
72      tags: [docker, setup]
73
74    # 4. SECURITY HARDENING - Apply security settings
75    - role: geerlingguy.security  
76      tags: [security, hardening]
77
78    # 5. HOME ASSISTANT SUPERVISED - Complete installation (Docker required)
79    - role: homeassistant
80      tags: [homeassistant, ha]
81
82  # ============================================================================
83  # POST-INSTALLATION TASKS
84  # ============================================================================
85
86  post_tasks:
87    - name: Check if network transition is pending
88      stat:
89        path: /etc/systemd/system/ha-network-transition.service
90      register: network_transition_pending
91
92    - name: Display network transition requirement
93      debug:
94        msg: |
95          â ï¸  NETWORK TRANSITION PENDING â ï¸
96          
97          A reboot is required to complete the NetworkManager transition.
98          The transition script is ready at: /usr/local/bin/ha-network-transition.sh
99          
100          After Home Assistant installation completes:
101          1. Reboot the server: sudo reboot
102          2. Check transition log: cat /var/log/ha-network-transition.log
103          3. Verify NetworkManager: systemctl status NetworkManager
104      when: network_transition_pending.stat.exists
105
106    - name: Verify core services are running
107      systemd:
108        name: "{{ item }}"
109        state: started
110        enabled: yes
111      loop:
112        - docker
113        - NetworkManager
114      tags: ['verification']
115
116    - name: Verify OS-Agent is installed and running
117      systemd:
118        name: os-agent
119        state: started
120        enabled: yes
121      register: os_agent_status
122      tags: ['verification', 'ha-validation']
123
124    - name: Verify Home Assistant Supervisor is installed
125      stat:
126        path: /usr/sbin/hassio-supervisor
127      register: supervisor_installed
128      tags: ['verification', 'ha-validation']
129
130    - name: Wait for Home Assistant to become available
131      uri:
132        url: "http://{{ ansible_default_ipv4.address }}:8123"
133        method: GET
134        status_code: 200
135        timeout: 10
136      register: ha_check
137      until: ha_check.status == 200
138      retries: 30
139      delay: 10
140      ignore_errors: yes
141      tags: [homeassistant, validation]
142
143    - name: Display installation summary
144      debug:
145        msg: |
146          ============================================================================
147          Home Assistant Supervised Installation Complete!
148          ============================================================================
149          
150          ð  Home Assistant Access:
151             Web Interface: http://{{ ansible_default_ipv4.address }}:8123
152             SSH Access: ssh {{ my_user_username }}@{{ ansible_default_ipv4.address }}
153          
154          ð System Information:
155             Host: {{ inventory_hostname }}
156             IP Address: {{ ansible_default_ipv4.address }}
157             OS: {{ ansible_distribution }} {{ ansible_distribution_version }}
158             Architecture: {{ ansible_architecture }}
159             Machine Type: {{ homeassistant_machine_type }}
160             User: {{ my_user_username }}
161             Docker Version: {{ docker_version.stdout | default('Unknown') }}
162          
163          ð§ Services Status:
164             - Home Assistant Supervisor: {{ 'Running' if ha_check.status == 200 else 'Starting (may take 5-10 minutes)' }}
165             - Docker: Running
166             - OS Agent: {{ 'Running' if os_agent_status is defined and os_agent_status.state == 'started' else 'Installed' }}
167             - NetworkManager: Configured
168             - Supervisor Installed: {{ 'Yes' if supervisor_installed.stat.exists else 'No' }}
169          
170          ð Next Steps:
171             1. Open http://{{ ansible_default_ipv4.address }}:8123 in your browser
172             2. Complete Home Assistant onboarding process
173             3. Install HACS (Home Assistant Community Store)  
174             4. Configure integrations and add-ons
175             5. Set up backups and monitoring
176          
177          ð¡ Useful Commands:
178             - Check supervisor status: sudo systemctl status hassio-supervisor
179             - View supervisor logs: sudo journalctl -fu hassio-supervisor  
180             - Restart supervisor: sudo systemctl restart hassio-supervisor
181             - Docker containers: docker ps
182             - OS Agent status: systemctl status os-agent
183          
184          â ï¸  Important Notes:
185             - Initial startup may take 5-10 minutes
186             - Create backups before major updates
187             - Monitor system resources (RAM usage can grow over time)
188             - Use SSH access for system maintenance
189             {% if network_transition_pending.stat.exists %}
190             - Network transition pending - reboot required
191             {% endif %}
192          
193          ============================================================================
194      tags: always
195
196    - name: Save installation details to file
197      copy:
198        content: |
199          Home Assistant Supervised Installation Details
200          =============================================
201          
202          Installation Date: {{ ansible_date_time.iso8601 }}
203          Host: {{ inventory_hostname }}
204          IP Address: {{ ansible_default_ipv4.address }}
205          OS: {{ ansible_distribution }} {{ ansible_distribution_version }}
206          Architecture: {{ ansible_architecture }}
207          Machine Type: {{ homeassistant_machine_type }}
208          
209          User Configuration:
210          - Username: {{ my_user_username }}
211          - Groups: {{ my_user_groups | join(', ') }}
212          - Sudo Access: Passwordless
213          
214          Home Assistant:
215          - Web Interface: http://{{ ansible_default_ipv4.address }}:8123
216          - Data Directory: {{ homeassistant_data_share | default('/usr/share/hassio') }}
217          - Supervisor Status: {{ 'Running' if ha_check.status == 200 else 'Starting' }}
218          - OS Agent Status: {{ 'Running' if os_agent_status is defined and os_agent_status.state == 'started' else 'Installed' }}
219          
220          Docker Configuration:
221          - Compose Installed: {{ docker_install_compose }}
222          - Users with Access: {{ docker_users | join(', ') }}
223          - Log Rotation: 50MB max, 3 files
224          
225          Security:
226          - SSH Port: {{ security_ssh_port }}
227          - Root Login: Disabled  
228          - Password Authentication: Disabled
229          - Fail2ban: {{ security_fail2ban_enabled | default('Enabled') }}
230          - Auto Updates: {{ security_autoupdate_enabled }}
231          
232          Useful Commands:
233          - Check HA status: sudo systemctl status hassio-supervisor
234          - View HA logs: sudo journalctl -fu hassio-supervisor
235          - Docker containers: docker ps
236          - System resources: htop
237          
238        dest: "/home/{{ my_user_username }}/homeassistant-installation-details.txt"
239        owner: "{{ my_user_username }}"
240        group: "{{ my_user_username }}"
241        mode: "0644"
242      tags: [homeassistant, documentation]
243

1--- 2# ============================================================================ 3# Home Assistant Supervised Complete Installation Playbook 4# ============================================================================ 5# 6# 7# PREREQUISITES: 8# - Fresh Debian 11 or 12 installation 9# - SSH access with sudo privileges for ansible_user 10# - Internet connectivity for package downloads 11# - Static IP address recommended 12# 13# ============================================================================ 14 15- name: "Complete Home Assistant Supervised Setup" 16 hosts: homeassistant_servers 17 become: true 18 gather_facts: true 19 20 pre_tasks: 21 - name: Verify homeassistant server requirements 22 assert: 23 that: 24 - ansible_distribution == "Debian" 25 - ansible_distribution_major_version | int >= 11 26 - ansible_memtotal_mb >= 1500 # Minimum 1.5GB RAM 27 - ansible_processor_vcpus >= 2 # Minimum 2 CPU cores 28 fail_msg: | 29 Home Assistant system requirements not met: 30 - Requires Debian 11 or 12 31 - Minimum 1.5GB RAM (found {{ ansible_memtotal_mb }}MB) 32 - Minimum 2 CPU cores (found {{ ansible_processor_vcpus }}) 33 success_msg: "Home Assistant system requirements validated successfully" 34 tags: always 35 36 - name: Verify server is in homeassistant_servers group 37 fail: 38 msg: "This server must be in the [homeassistant_servers] inventory group. Check your inventory/hosts file." 39 when: "'homeassistant_servers' not in group_names" 40 tags: always 41 42 - name: Display homeassistant deployment information 43 debug: 44 msg: | 45 ============================================================================ 46 Home Assistant Supervised Installation Starting 47 ============================================================================ 48 Target Host: {{ inventory_hostname }} 49 Target IP: {{ ansible_default_ipv4.address }} 50 OS: {{ ansible_distribution }} {{ ansible_distribution_version }} 51 Architecture: {{ ansible_architecture }} 52 User: {{ my_user_username }} 53 Machine Type: {{ homeassistant_machine_type }} 54 ============================================================================ 55 tags: always 56 57 # ============================================================================ 58 # ROLE EXECUTION ORDER (CRITICAL FOR PROPER INSTALLATION) 59 # ============================================================================ 60 61 roles: 62 # 1. USER MANAGEMENT - Create homeassistant user with proper groups 63 - role: user 64 tags: [user, setup] 65 66 # 2. SYSTEM SETUP - Basic system configuration and packages 67 - role: system 68 tags: [system, setup] 69 70 # 3. DOCKER INSTALLATION - Install Docker using geerlingguy.docker 71 - role: geerlingguy.docker 72 tags: [docker, setup] 73 74 # 4. SECURITY HARDENING - Apply security settings 75 - role: geerlingguy.security 76 tags: [security, hardening] 77 78 # 5. HOME ASSISTANT SUPERVISED - Complete installation (Docker required) 79 - role: homeassistant 80 tags: [homeassistant, ha] 81 82 # ============================================================================ 83 # POST-INSTALLATION TASKS 84 # ============================================================================ 85 86 post_tasks: 87 - name: Check if network transition is pending 88 stat: 89 path: /etc/systemd/system/ha-network-transition.service 90 register: network_transition_pending 91 92 - name: Display network transition requirement 93 debug: 94 msg: | 95 â ï¸ NETWORK TRANSITION PENDING â ï¸ 96 97 A reboot is required to complete the NetworkManager transition. 98 The transition script is ready at: /usr/local/bin/ha-network-transition.sh 99 100 After Home Assistant installation completes: 101 1. Reboot the server: sudo reboot 102 2. Check transition log: cat /var/log/ha-network-transition.log 103 3. Verify NetworkManager: systemctl status NetworkManager 104 when: network_transition_pending.stat.exists 105 106 - name: Verify core services are running 107 systemd: 108 name: "{{ item }}" 109 state: started 110 enabled: yes 111 loop: 112 - docker 113 - NetworkManager 114 tags: ['verification'] 115 116 - name: Verify OS-Agent is installed and running 117 systemd: 118 name: os-agent 119 state: started 120 enabled: yes 121 register: os_agent_status 122 tags: ['verification', 'ha-validation'] 123 124 - name: Verify Home Assistant Supervisor is installed 125 stat: 126 path: /usr/sbin/hassio-supervisor 127 register: supervisor_installed 128 tags: ['verification', 'ha-validation'] 129 130 - name: Wait for Home Assistant to become available 131 uri: 132 url: "http://{{ ansible_default_ipv4.address }}:8123" 133 method: GET 134 status_code: 200 135 timeout: 10 136 register: ha_check 137 until: ha_check.status == 200 138 retries: 30 139 delay: 10 140 ignore_errors: yes 141 tags: [homeassistant, validation] 142 143 - name: Display installation summary 144 debug: 145 msg: | 146 ============================================================================ 147 Home Assistant Supervised Installation Complete! 148 ============================================================================ 149 150 ð Home Assistant Access: 151 Web Interface: http://{{ ansible_default_ipv4.address }}:8123 152 SSH Access: ssh {{ my_user_username }}@{{ ansible_default_ipv4.address }} 153 154 ð System Information: 155 Host: {{ inventory_hostname }} 156 IP Address: {{ ansible_default_ipv4.address }} 157 OS: {{ ansible_distribution }} {{ ansible_distribution_version }} 158 Architecture: {{ ansible_architecture }} 159 Machine Type: {{ homeassistant_machine_type }} 160 User: {{ my_user_username }} 161 Docker Version: {{ docker_version.stdout | default('Unknown') }} 162 163 ð§ Services Status: 164 - Home Assistant Supervisor: {{ 'Running' if ha_check.status == 200 else 'Starting (may take 5-10 minutes)' }} 165 - Docker: Running 166 - OS Agent: {{ 'Running' if os_agent_status is defined and os_agent_status.state == 'started' else 'Installed' }} 167 - NetworkManager: Configured 168 - Supervisor Installed: {{ 'Yes' if supervisor_installed.stat.exists else 'No' }} 169 170 ð Next Steps: 171 1. Open http://{{ ansible_default_ipv4.address }}:8123 in your browser 172 2. Complete Home Assistant onboarding process 173 3. Install HACS (Home Assistant Community Store) 174 4. Configure integrations and add-ons 175 5. Set up backups and monitoring 176 177 ð¡ Useful Commands: 178 - Check supervisor status: sudo systemctl status hassio-supervisor 179 - View supervisor logs: sudo journalctl -fu hassio-supervisor 180 - Restart supervisor: sudo systemctl restart hassio-supervisor 181 - Docker containers: docker ps 182 - OS Agent status: systemctl status os-agent 183 184 â ï¸ Important Notes: 185 - Initial startup may take 5-10 minutes 186 - Create backups before major updates 187 - Monitor system resources (RAM usage can grow over time) 188 - Use SSH access for system maintenance 189 {% if network_transition_pending.stat.exists %} 190 - Network transition pending - reboot required 191 {% endif %} 192 193 ============================================================================ 194 tags: always 195 196 - name: Save installation details to file 197 copy: 198 content: | 199 Home Assistant Supervised Installation Details 200 ============================================= 201 202 Installation Date: {{ ansible_date_time.iso8601 }} 203 Host: {{ inventory_hostname }} 204 IP Address: {{ ansible_default_ipv4.address }} 205 OS: {{ ansible_distribution }} {{ ansible_distribution_version }} 206 Architecture: {{ ansible_architecture }} 207 Machine Type: {{ homeassistant_machine_type }} 208 209 User Configuration: 210 - Username: {{ my_user_username }} 211 - Groups: {{ my_user_groups | join(', ') }} 212 - Sudo Access: Passwordless 213 214 Home Assistant: 215 - Web Interface: http://{{ ansible_default_ipv4.address }}:8123 216 - Data Directory: {{ homeassistant_data_share | default('/usr/share/hassio') }} 217 - Supervisor Status: {{ 'Running' if ha_check.status == 200 else 'Starting' }} 218 - OS Agent Status: {{ 'Running' if os_agent_status is defined and os_agent_status.state == 'started' else 'Installed' }} 219 220 Docker Configuration: 221 - Compose Installed: {{ docker_install_compose }} 222 - Users with Access: {{ docker_users | join(', ') }} 223 - Log Rotation: 50MB max, 3 files 224 225 Security: 226 - SSH Port: {{ security_ssh_port }} 227 - Root Login: Disabled 228 - Password Authentication: Disabled 229 - Fail2ban: {{ security_fail2ban_enabled | default('Enabled') }} 230 - Auto Updates: {{ security_autoupdate_enabled }} 231 232 Useful Commands: 233 - Check HA status: sudo systemctl status hassio-supervisor 234 - View HA logs: sudo journalctl -fu hassio-supervisor 235 - Docker containers: docker ps 236 - System resources: htop 237 238 dest: "/home/{{ my_user_username }}/homeassistant-installation-details.txt" 239 owner: "{{ my_user_username }}" 240 group: "{{ my_user_username }}" 241 mode: "0644" 242 tags: [homeassistant, documentation] 243