├── .gitignore
├── LICENSE
├── README.md
├── ansible.cfg
├── hosts
├── roles
├── nginxphp
│ ├── handlers
│ │ └── main.yml
│ ├── tasks
│ │ └── main.yml
│ └── templates
│ │ ├── default.tpl
│ │ └── index.php.tpl
└── piconfig
│ ├── handlers
│ └── main.yml
│ └── tasks
│ └── main.yml
├── setup.yml
└── webserver.yml
/.gitignore:
--------------------------------------------------------------------------------
1 | .idea
2 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2018 codingmama labs
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # raspi-ansible
2 | This is a simple Ansible setup to configure a Raspberry Pi Zero W as web server.
3 |
4 | This repository contains two roles, one to configure the SSH access for easier access and another role to set up a PHP 7 web server running Nginx + PHP7-FPM.
5 |
6 | ## Step 1: Set Up Connectivity
7 | The first thing we need to do is to test connectivity and prepare for the first Ansible run. Since this is a new Raspbian install,
8 | it has the default user and password ( u:**pi** / p:**raspberry** ) that comes with all fresh installs. We will use these for the SSH setup in the next step.
9 |
10 | But first of all, you'll need to edit the *inventory file* (a file named `hosts` in the project's root directory) and change the IP address there to reflect your
11 | Raspberry Pi Zero W IP address. The *inventory file* contains, as the name suggests, the inventory of servers to be controlled by Ansible. This is how our inventory file looks like:
12 |
13 | ```ini
14 | [raspi01]
15 | 192.168.0.27
16 |
17 | [webservers:children]
18 | raspi01
19 | ```
20 |
21 | Change `192.168.0.27` to the IP address of your Raspberry Pi Zero W.
22 | After changing that, let's just run a command to test connectivity and show information about your Raspberry Pi Zero:
23 |
24 | ```
25 | ansible webservers -k -m setup
26 | ```
27 | This command will ask for the SSH password - use **raspberry**. After a few seconds it should print a big json containing all the facts collected by Ansible. Example output (excerpt):
28 |
29 | ```json
30 | SSH password:
31 | 192.168.0.27 | SUCCESS => {
32 | "ansible_facts": {
33 | "ansible_all_ipv4_addresses": [
34 | "192.168.0.27"
35 | ],
36 | "ansible_all_ipv6_addresses": [
37 | "fd00:f0f2:4990:a2:3d6e:857e:cafe:681",
38 | "fe80::f745:81d2:91a6:55a2"
39 | ],
40 | "ansible_architecture": "armv6l",
41 | "ansible_bios_date": "NA",
42 | "ansible_bios_version": "NA",
43 | "ansible_cmdline": {
44 | "8250.nr_uarts": "0",
45 | "bcm2708_fb.fbheight": "984",
46 | "bcm2708_fb.fbswap": "1",
47 | "bcm2708_fb.fbwidth": "1824",
48 | "console": "tty1",
49 | "dwc_otg.lpm_enable": "0",
50 | "elevator": "deadline",
51 | "fsck.repair": "yes",
52 | "plymouth.ignore-serial-consoles": true,
53 | "quiet": true,
54 | "root": "PARTUUID=5ffcb831-02",
55 | "rootfstype": "ext4",
56 | "rootwait": true,
57 | "smsc95xx.macaddr": "B8:27:EB:7F:A1:46",
58 | "splash": true,
59 | "vc_mem.mem_base": "0x1ec00000",
60 | "vc_mem.mem_size": "0x20000000"
61 | ```
62 |
63 | If you got an error, maybe you need to install `sshpass` in order to be able to provide a password for Ansible. Check the error message to see if that's the case.
64 | If you already have `sshpass` installed and the error is something else, try adding -vvvv to make the command extra verbose.
65 |
66 | If you got the output, it means connectivity is fine, and Ansible is capable of running commands on your Raspberry system. You can go ahead to the next step.
67 |
68 | ## Step 2: Set Up SSH Access
69 |
70 | We are going to run a playbook this time. It has a few tasks to configure the server and it will copy your current user key to the user **pi** inside the Raspberry, so you can log in simply
71 | by running `ssh pi@your-pi-address` , no need for passwords. This will also facilitate running Ansible in the future, to avoid having to provide the password all the time!
72 |
73 | ```
74 | ansible-playbook -k setup.yml
75 | ```
76 |
77 | After this playbook is executed, you should be able to connect via SSH to the Raspberry Pi without the need to provide a password.
78 |
79 | ## Step 3: Run the webserver Playbook
80 | Now, finally for the web server playbook.
81 |
82 | ```
83 | ansible-playbook webserver.yml
84 | ```
85 |
86 | After this playbook run is finished, you should have a working PHP 7 web server running on your Raspberry Pi Zero W. Go to your browser and point it to the Rasp Pi address, you should see something like this:
87 |
88 |
89 | ### Troubleshooting
90 |
91 | If you get any Ansible errors, add `-vvvv` to the command to increase verbosity. This will help a lot!
92 |
--------------------------------------------------------------------------------
/ansible.cfg:
--------------------------------------------------------------------------------
1 | [defaults]
2 |
3 | inventory = hosts
4 | remote_user = pi
--------------------------------------------------------------------------------
/hosts:
--------------------------------------------------------------------------------
1 | [raspi01]
2 | 192.168.0.27
3 |
4 | [webservers:children]
5 | raspi01
6 |
--------------------------------------------------------------------------------
/roles/nginxphp/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart nginx
3 | service: name=nginx state=restarted
4 |
5 | - name: restart php7.0-fpm
6 | service: name=php7.0-fpm state=restarted
--------------------------------------------------------------------------------
/roles/nginxphp/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install Nginx
3 | apt: name=nginx state=latest
4 |
5 | - name: Install php7.0-fpm
6 | apt: name=php7.0-fpm state=latest
7 |
8 | - name: Change default nginx site
9 | template: src=default.tpl dest=/etc/nginx/sites-available/default
10 | notify: restart nginx
11 |
12 | - name: Install DEV Packages
13 | apt: name={{ item }} state=latest
14 | with_items: dev_packages
15 |
16 | - name: Set up Demo Page
17 | template: src=index.php.tpl dest="{{ doc_root }}/index.php"
18 |
--------------------------------------------------------------------------------
/roles/nginxphp/templates/default.tpl:
--------------------------------------------------------------------------------
1 | server {
2 | listen 80;
3 |
4 | root {{ doc_root }};
5 | index index.html index.php;
6 |
7 | server_name {{ server_name }};
8 |
9 | location / {
10 | try_files $uri $uri/ /index.php;
11 | }
12 |
13 | error_page 404 /404.html;
14 |
15 | error_page 500 502 503 504 /50x.html;
16 | location = /50x.html {
17 | root /usr/share/nginx/html;
18 | }
19 |
20 | location ~ \.php$ {
21 | fastcgi_split_path_info ^(.+\.php)(/.+)$;
22 | fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
23 | fastcgi_index index.php;
24 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
25 | include fastcgi_params;
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/roles/nginxphp/templates/index.php.tpl:
--------------------------------------------------------------------------------
1 | Hello World!
2 | This is the web server running at {{ server_name }} . Here's some info:
3 |
--------------------------------------------------------------------------------
/roles/piconfig/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: stop lightdm
3 | service: name=lightdm state=stopped
--------------------------------------------------------------------------------
/roles/piconfig/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # this role is used to make the initial setup of the Raspberry, setting up the SSH key and disabling the GUI
2 | ---
3 | - name: Update apt
4 | apt: update_cache=yes
5 |
6 | - name: Install System Packages
7 | apt: pkg={{ item }} state=latest
8 | with_items: "{{ sys_packages }}"
9 |
10 | - name: Set authorized key took from file
11 | authorized_key:
12 | user: pi
13 | state: present
14 | key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"
15 |
16 | - name: Disable GUI
17 | command: "/usr/sbin/update-rc.d lightdm disable"
18 | notify:
19 | - stop lightdm
--------------------------------------------------------------------------------
/setup.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: all
3 | become: true
4 | vars:
5 | sys_packages: [ 'wget', 'vim', 'git']
6 | roles:
7 | - piconfig
8 |
--------------------------------------------------------------------------------
/webserver.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: webservers
3 | become: true
4 | vars:
5 | doc_root: /var/www
6 | server_name: "{{ ansible_wlan0.ipv4.address }}"
7 | dev_packages: [ 'curl','php7.0-curl', 'php7.0-cli' ]
8 | roles:
9 | - nginxphp
--------------------------------------------------------------------------------