--- # The home-server project produces a multi-purpose setup using Ansible. # Copyright © 2018 Y. Gablin, under the GPL-3.0-or-later license. # Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing. ### UPSTREAM BEGIN ⇒ ### - name: pull prerequisites from upstream include_role: name=etckeeper.inc allow_duplicates=true tasks_from=upstream.yml vars: msg: motion ### ⇐ UPSTREAM BEGIN ### - name: install software package: name: "{{item}}" state: present with_items: - curl - motion - 's-nail' - socat ### UPSTREAM END ⇒ ### - name: merge upstream include_role: name=etckeeper.inc allow_duplicates=true tasks_from=merge.yml vars: msg: motion ### ⇐ UPSTREAM END ### - name: send the script for Motion to send emails template: src: templates/email.sh.j2 dest: /etc/motion/email.sh owner: root group: motion mode: 0750 notify: - restart motion.service - name: send the script for Motion to upload files template: src: templates/upload.sh.j2 dest: /etc/motion/upload.sh owner: root group: motion mode: 0750 notify: - restart motion.service - name: send main Motion configuration copy: content: | target_dir {{motion_data}} on_event_end /etc/motion/email.sh %$ %v %Y-%m-%d %H:%M:%S on_picture_save /etc/motion/upload.sh "%f" minimum_motion_frames 5 event_gap 10 picture_output on picture_quality 50 picture_filename %$-%v-%Y%m%d%H%M%S-%q@%K_%L movie_output off webcontrol_port 1080 webcontrol_localhost on webcontrol_interface 1 webcontrol_parms 1 stream_port 1081 stream_localhost on stream_preview_method 4 stream_quality 20 camera_dir /etc/motion/camera.d dest: /etc/motion/motion.conf owner: root group: motion mode: 0640 notify: - restart motion.service - name: create the directory for Motion cameras file: name: /etc/motion/camera.d state: directory owner: root group: motion mode: 0750 - name: send mask-files for Motion cameras copy: src: files/{{item.mask_file}} dest: /etc/motion/camera.d/{{item.mask_file}} owner: root group: motion mode: 0640 with_items: "{{motion_cameras}}" when: - (item.mask_file != None) notify: - restart motion.service - name: send Motion cameras configuration copy: content: | camera_id {{item.id}} camera_name {{item.name}} netcam_url {{item.url}} {{ ('mask_file /etc/motion/camera.d/' + item.mask_file) if item.mask_file != None else '' }} width {{item.width}} height {{item.height}} framerate {{item.framerate}} text_right %q (%ix%J+%K+%L) auto_brightness 0 noise_tune on lightswitch_percent 40 lightswitch_frames 15 dest: /etc/motion/camera.d/camera_{{item.id}}.conf owner: root group: motion mode: 0640 with_items: "{{motion_cameras}}" notify: - restart motion.service - name: identify all Motion cameras configured on the server find: paths: [ '/etc/motion/camera.d' ] patterns: [ 'camera_*.conf' ] register: existing_cameras changed_when: false - name: only keep basenames of configured Motion cameras set_fact: existing_cameras: "{{ existing_cameras.files | map(attribute='path') | map('basename') | list }}" changed_when: false - name: filter out up-to-date Motion cameras set_fact: existing_cameras: "{{ existing_cameras | reject('contains', 'camera_' + (item.id | string) + '.conf') | list }}" with_items: "{{ motion_cameras }}" changed_when: false - name: delete old Motion cameras file: path: /etc/motion/camera.d/{{item}} state: absent with_items: "{{ existing_cameras }}" notify: - restart motion.service - name: ensure ownership of the Motion data directory file: path: "{{motion_data}}" state: directory owner: motion recurse: true - name: prepare override of Motion launch parameters file: name: /etc/systemd/system/motion.service.d state: directory - name: override Motion launch parameters copy: content: | [Unit] Description=Motion daemon, paused [Service] ExecStart= ExecStart=/usr/bin/motion -n -m dest: /etc/systemd/system/motion.service.d/paused-mode.conf mode: 0644 notify: - restart motion.service - name: create a generic service for socat-based port-forwarding copy: content: | [Unit] Description=socat-based Unix domain socket to IPv4/TCP forwarding After=network-online.target Wants=network-online.target [Service] ExecStartPre=/usr/bin/sh -c 'rm -f "$${0%%%%:*}"' "%I" ExecStart=/usr/bin/sh -c 'exec /usr/bin/socat -d UNIX-LISTEN:"$${0%%%%:*}",fork,mode=0666 TCP4:$${0#*:}' "%I" PrivateDevices=yes ProtectSystem=full NoNewPrivileges=yes ReadWritePaths=/run /tmp dest: /etc/systemd/system/socat-unix-to-tcp4@.service mode: 0644 notify: - restart socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service - restart socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service - name: prepare instanciation of socat-based port-forwarding for Motion control file: name: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service.d state: directory - name: instanciate socat-based port-forwarding for Motion control copy: content: | [Unit] Description=socat-based Unix–TCP forwarding of Motion control After=motion.service Wants=motion.service dest: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service.d/dependency.conf mode: 0644 notify: - restart socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service - name: prepare instanciation of socat-based port-forwarding for Motion stream file: name: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service.d state: directory - name: instanciate socat-based port-forwarding for Motion stream copy: content: | [Unit] Description=socat-based Unix–TCP forwarding of Motion stream After=motion.service Wants=motion.service dest: /etc/systemd/system/socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service.d/dependency.conf mode: 0644 notify: - restart socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service - name: enable Motion systemd: daemon_reload: true name: motion.service enabled: true - name: enable unix-to-tcp forwarding for Motion control systemd: daemon_reload: true name: socat-unix-to-tcp4@-run-shared_sockets-motion_control.socket\x3alocalhost\x3a1080.service enabled: true - name: enable unix-to-tcp forwarding for Motion stream systemd: daemon_reload: true name: socat-unix-to-tcp4@-run-shared_sockets-motion_stream.socket\x3alocalhost\x3a1081.service enabled: true ### LOCAL COMMIT ⇒ ### - name: commit local changes include_role: name=etckeeper.inc allow_duplicates=true tasks_from=local.yml vars: msg: motion ### ⇐ LOCAL COMMIT ### - meta: flush_handlers