home-server/roles/motion_back/tasks/main.yml

---
# The home-server project produces a multi-purpose setup using Ansible.
# Copyright © 2018 Y. Gablin, under the GPL-3.0-or-later license.
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.

### UPSTREAM BEGIN ⇒ ###
- name: pull prerequisites from upstream
  include_role: name=etckeeper.inc allow_duplicates=true tasks_from=upstream.yml
  vars:
    msg: motion
### ⇐ UPSTREAM BEGIN ###

- name: install software
  package:
    name: "{{item}}"
    state: present
  with_items:
    - curl
    - motion
    - 's-nail'
    - socat

### UPSTREAM END ⇒ ###
- name: merge upstream
  include_role: name=etckeeper.inc allow_duplicates=true tasks_from=merge.yml
  vars:
    msg: motion
### ⇐ UPSTREAM END ###

- name: send the script for Motion to send emails
  template:
    src: templates/email.sh.j2
    dest: /etc/motion/email.sh
    owner: root
    group: motion
    mode: 0750
  notify:
    - restart motion.service

- name: send the script for Motion to upload files
  template:
    src: templates/upload.sh.j2
    dest: /etc/motion/upload.sh
    owner: root
    group: motion
    mode: 0750
  notify:
    - restart motion.service

- name: send main Motion configuration
  copy:
    content: |
      target_dir {{motion_data}}
      on_event_end /etc/motion/email.sh %$ %v %Y-%m-%d %H:%M:%S
      on_picture_save /etc/motion/upload.sh "%f"
      minimum_motion_frames 5
      event_gap 10
      picture_output on
      picture_quality 50
      picture_filename %$-%v-%Y%m%d%H%M%S-%q@%K_%L
      movie_output off
      webcontrol_port 1080
      webcontrol_localhost on
      webcontrol_interface 1
      webcontrol_parms 1
      stream_port 1081
      stream_localhost on
      stream_preview_method 4
      stream_quality 20
      camera_dir /etc/motion/camera.d
    dest: /etc/motion/motion.conf
    owner: root
    group: motion
    mode: 0640
  notify:
    - restart motion.service

- name: create the directory for Motion cameras
  file:
    name: /etc/motion/camera.d
    state: directory
    owner: root
    group: motion
    mode: 0750

- name: send mask-files for Motion cameras
  copy:
    src: files/{{item.mask_file}}
    dest: /etc/motion/camera.d/{{item.mask_file}}
    owner: root
    group: motion
    mode: 0640
  with_items: "{{motion_cameras}}"
  when:
    - (item.mask_file != None)
  notify:
    - restart motion.service

- name: send Motion cameras configuration
  copy:
    content: |
      camera_id {{item.id}}
      camera_name {{item.name}}
      netcam_url {{item.url}}
      {{ ('mask_file /etc/motion/camera.d/' + item.mask_file) if item.mask_file != None else '' }}
      width {{item.width}}
      height {{item.height}}
      framerate {{item.framerate}}
      text_right %q (%ix%J+%K+%L)
      auto_brightness 0
      noise_tune on
      lightswitch_percent 40
      lightswitch_frames 15
    dest: /etc/motion/camera.d/camera_{{item.id}}.conf
    owner: root
    group: motion
    mode: 0640
  with_items: "{{motion_cameras}}"
  notify:
    - restart motion.service

- name: identify all Motion cameras configured on the server
  find:
    paths: [ '/etc/motion/camera.d' ]
    patterns: [ 'camera_*.conf' ]
  register: existing_cameras
  changed_when: false

- name: only keep basenames of configured Motion cameras
  set_fact:
    existing_cameras: "{{ existing_cameras.files | map(attribute='path') | map('basename') | list }}"
  changed_when: false

- name: filter out up-to-date Motion cameras
  set_fact:
    existing_cameras: "{{ existing_cameras | reject('contains', 'camera_' + (item.id | string) + '.conf') | list }}"
  with_items: "{{ motion_cameras }}"
  changed_when: false

- name: delete old Motion cameras
  file:
    path: /etc/motion/camera.d/{{item}}
    state: absent
  with_items: "{{ existing_cameras }}"
  notify:
    - restart motion.service

- name: ensure ownership of the Motion data directory
  file:
    path: "{{motion_data}}"
    state: directory
    owner: motion
    recurse: true

- name: prepare override of Motion launch parameters
  file:
    name: /etc/systemd/system/motion.service.d
    state: directory

- name: override Motion launch parameters
  copy:
    content: |
      [Unit]
      Description=Motion daemon, paused
      [Service]
      ExecStart=
      ExecStart=/usr/bin/motion -n -m
    dest: /etc/systemd/system/motion.service.d/paused-mode.conf
    mode: 0644
  notify:
    - restart motion.service

- name: create a generic service for socat-based port-forwarding
  copy:
    content: |
      [Unit]
      Description=socat-based Unix domain socket to IPv4/TCP forwarding
      After=network-online.target
      Wants=network-online.target
      [Service]
      ExecStartPre=/usr/bin/sh -c 'rm -f "$${0%%%%:*}"' "%I"
      ExecStart=/usr/bin/sh -c 'exec /usr/bin/socat -d UNIX-LISTEN:"$${0%%%%:*}",fork,mode=0666 TCP4:$${0#*:}' "%I"
      PrivateDevices=yes
      ProtectSystem=full
      NoNewPrivileges=yes
      ReadWritePaths=/run /tmp
    dest: /etc/systemd/system/socat-unix-to-tcp4@.service
    mode: 0644
  notify:
    - restart socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service
    - restart socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service

- name: prepare instanciation of socat-based port-forwarding for Motion control
  file:
    name: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service.d
    state: directory

- name: instanciate socat-based port-forwarding for Motion control
  copy:
    content: |
      [Unit]
      Description=socat-based Unix–TCP forwarding of Motion control
      After=motion.service
      Wants=motion.service
    dest: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service.d/dependency.conf
    mode: 0644
  notify:
    - restart socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service

- name: prepare instanciation of socat-based port-forwarding for Motion stream
  file:
    name: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service.d
    state: directory

- name: instanciate socat-based port-forwarding for Motion stream
  copy:
    content: |
      [Unit]
      Description=socat-based Unix–TCP forwarding of Motion stream
      After=motion.service
      Wants=motion.service
    dest: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service.d/dependency.conf
    mode: 0644
  notify:
    - restart socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service

- name: enable Motion
  systemd:
    daemon_reload: true
    name: motion.service
    enabled: true

- name: enable unix-to-tcp forwarding for Motion control
  systemd:
    daemon_reload: true
    name: socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service
    enabled: true

- name: enable unix-to-tcp forwarding for Motion stream
  systemd:
    daemon_reload: true
    name: socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service
    enabled: true

### LOCAL COMMIT ⇒ ###
- name: commit local changes
  include_role: name=etckeeper.inc allow_duplicates=true tasks_from=local.yml
  vars:
    msg: motion
### ⇐ LOCAL COMMIT ###
- meta: flush_handlers