This is an example Ansible configuration for provisioning Raspberry Pi OS. It's based on my own Ansible setup for my Raspberry Pi 4 with Raspberry Pi OS Lite 64 bit. It should work for other Debian based distros as well.
Over six years ago I purchased my Pi 4 and setupped it. At that time the OS for it was 32 bit Raspbian which was based on Debian 10 IIRC. Years went by, 64 bit support arrived and support for Raspbian ended. Bit by bit my setup became like spilt milk. I knew I should update the OS but was frustrated how to setup everything I had in my current setup. So I went through all I had, got rid off some unnecessary stuff and tidied the rest a lot. I decided to solve the setup and configuration for good and created Ansible playbook for provisioning my little server.
The Ansible configuration is structuded as such:
group_vars/:main.yml: Global role independent variablesvault.yml: Global role independent vault
inventory/:hosts.yml: Hosts configuration
roles/:assetupnp/: Configuration for Asset UPnP DLNA compatible media serverfiles/:.dBpoweramp/: Place here your instance / media library filesbin/: Place here binaries
tasks/main.yml: Tasks for setuppingvars/main.yml: Variables used by this role
code/: Configuration for custom code to be executed in the hosthandlers/main.yml: Handlers for restarting services setupped with this roletasks/:dy-fi-ip-updater.yml: Tasks for setupping Dy.fi IP updaterheos-scrobbler.yml: Tasks for setupping HEOS Scrobblermain.yml: Other custom code related tasks, also imports Dy.fi IP updater and HEOS Scrobbler tasks
templates/:scripts/: Various bash and Python scripts for backup and suchsystemd/: Systemd service unit files for Dy.fi IP updater and HEOS Scrobblertoml/heos-scrobbler.secrets.toml.j2: Secret file for HEOS Scrobbler
cron/: Configuration for cron taskstasks/main.yml: Tasks for creating the cronjobsvars/main.yml: Cronjob definitions
dependencies/: Configuration for installing required dependencies to the hostfiles/: Shell scripts for installing uv and rootless Docker, Docker daemon config as jsonhandlers/main.yml: Handler for restarting rootless Dockertasks/:docker.yml: Tasks for setupping rootless Dockermain.yml: Tasks for setupping other dependencies, also imports Docker tasks
homeassistant/: Configuration for initializing Homeassistant as a Docker containertasks/main.yml: Tasks for setuppingtemplates/docker-compose.yml.j2: Docker Compose configuration for the containernetwork_mode: hostdoesn't work with rootless Docker so mDNS unfortunately doesn't work for me
vars/main.yml: Variables for this role
mail/: Tasks for adding mail sending capabilities to the hosttasks/main.yml: Tasks for setupping mail configurationtemplates/: msmtp and mail aliases configuration
minidlna/: Tasks for setupping minidlna media servertasks/main.yml: Tasks for setuppingtemplates/minidlna.conf.j2: minidlna configuration file
mounts/: Configuration for additional mounts to place to/etc/fstabtasks/main.yml: Tasks for setuppingvars/main.yml: Configuration for/etc/fstabmounts (items)
rclone/: Configuration for rclonetasks/main.yml: Tasks for setuppingtemplates/rclone.conf.j2: Configuration file for rclonevars/main.yml: Variables used in rclone configuration file
samba: Tasks for setupping Samba/SMB network sharestasks/main.yml: Tasks for setuppingtemplates/smb.conf.j2: Configuration file for Samba server
ssh/: Tasks for setupping SSH-ing ability to the hostfiles/:authorized_keysandknown_hostsfilestasks/main.yml: Tasks for setupping
system/: Tasks for various system configuration tasks like increasing inotify and configuring logrotate for logs of unprivileged user (pi)tasks/main.yml: Tasks for setuppingtemplates/logrotate.pi.j2: Configuration file for logrotate
update/tasks/main.yml: Tasks for updating system dependenciessite.yml: The playbook. Roles are tagged so you can choose what to execute.
You need Python 3 installed in a Linux OS (WSL works as well).
Create Python virtual environment and install Ansible with pip install -r requirements.txt.
DISCLAIMER: This playbook doesn't work out of box as-is. You need to create the vault and populate it with required variables.
You also need to check group_vars\all\main.yml and inventory\hosts.yml and tune configuration files of roles to suit your setup.
- If you are going to use rclone, you may need to tune its setup, I copied the token from my previous setup
- If you are going to use a Gmail account for sending email, see https://arnaudr.io/2020/08/24/send-emails-from-your-terminal-with-msmtp/ for instructions how to setup app password for an account
- If you are going to use Dy.fi IP updater or/and HEOS Scrobbler, see https://github.com/maszaa/dy-fi-ip-updater or/and https://github.com/maszaa/heos-scrobbler for instructions
- If you are going to use Healthchecks.io for monitoring cronjobs, see https://healthchecks.io/docs/