/
/
/
This repo is destined for my server automations and setup.
1---
2# ============================================================================
3# Home Assistant
4# ============================================================================
5#
6# ============================================================================
7# USER CONFIGURATION
8# ============================================================================
9
10# User management role variables (standardized naming)
11my_user_primary_group: "{{ my_user_username }}"
12my_user_groups:
13 - docker
14 - sudo
15 - dialout # For serial device access (Z-Wave, Zigbee, etc.)
16 - users
17my_user_passwordless_sudo: true
18my_user_ssh_public_key: "{{ homeassistant_ssh_key | default('') }}"
19my_user_github_username: "{{ homeassistant_github_username | default('') }}"
20ensure_acl: true
21home_mode: "0755"
22
23# ============================================================================
24# DOCKER CONFIGURATION
25# ============================================================================
26# Note: Docker is installed by geerlingguy.docker role, not by homeassistant role
27
28# Docker configuration is handled by geerlingguy.docker role via group_vars/all.yml
29# The homeassistant role only validates Docker is installed and running
30
31# ============================================================================
32# SECURITY CONFIGURATION
33# ============================================================================
34
35# Security settings specific to Home Assistant server
36security_sudoers_passwordless:
37 - "{{ my_user_username }}" # Allow passwordless sudo for HA user
38security_autoupdate_enabled: true # Re-enabled - will coordinate with system role
39security_autoupdate_reboot: "false" # Don't auto-reboot HA server
40security_fail2ban_enabled: true
41
42# ============================================================================
43# SYSTEM CONFIGURATION
44# ============================================================================
45
46# System settings specific to Home Assistant server
47system_auto_upgrades: true # Override group default for HA server
48system_unattended_upgrades: true
49system_packages_extra:
50 - curl
51 - wget
52 - vim
53 - htop
54 - tree
55 - git
56 - rsync
57 - unzip
58 - network-manager
59 - dbus
60 - apparmor
61 - jq
62 - socat
63
64# System role variables
65system_packages: "{{ system_packages_extra | default([]) }}"
66system_remove_unattended_upgrades: false # Don't remove - security role will manage it
67
68# ============================================================================
69# HOME ASSISTANT CONFIGURATION
70# ============================================================================
71
72# Home Assistant Supervised installation options
73homeassistant_install_supervisor: true
74homeassistant_configure_network: true
75homeassistant_install_os_agent: true
76homeassistant_machine_type: "{{ 'qemux86-64' if ansible_architecture == 'x86_64' else 'qemuarm-64' }}"
77homeassistant_validate_installation: true
78
79# Home Assistant data and configuration
80homeassistant_data_share: "/usr/share/hassio"
81homeassistant_config_dir: "/usr/share/hassio/homeassistant"
82homeassistant_supervisor_version: "latest"
83
84# Network configuration
85homeassistant_network_interface: "{{ ansible_default_ipv4.interface }}"
86homeassistant_network_manager_required: true
87
88