AniNIX/Kapisi
AniNIX
/
Kapisi
2
0
Fork 0
Code Issues 26 Pull Requests 1 Projects 1 Releases Wiki Activity

Syncing current state.

This commit is contained in:
DarkFeather 2021-12-19 21:32:19 -06:00
parent eb39acaa06
commit 94a4736839
Signed by: DarkFeather
GPG Key ID: 1CC1E3F4ED06F296
20 changed files with 1599 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -20,9 +20,16 @@ ansible-playbook -i your-inventory.yml playbooks/sshkey.yml
ansible-playbook -i your-inventory.yml playbooks/deploy.yml
```
For convenience, we recommend adding the following alias to your .bashrc or .bashrc.local.
```
alias deploy="cd ~/src/Ubiqtorate; ansible-playbook -i examples/msn0.yml playbooks/deploy.yml; cd -"
```
Happy hacking!
# Exceptions
Some services, such as AniNIX/Sharingan and AniNIX/Geth, store their configuration in internal datastructures and databases such that we cannot easily export our build for others to use. We will document what we have done for each of these as best we can in the README.md files for others to replicate. Backups of these services into AniNIX/Aether are therefore dumps of these databases and not available to share.

19
bin/find-incomplete-roles Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
cd ~/src/Ubiqtorate/roles
if [ -n "$(git status | grep roles &>/dev/null)" ]; then
echo There are roles that are not committed yet.
exit 1;
fi
unset bad
for i in `ls -1`; do
if ! grep "$i" ../playbooks/deploy.yml &>/dev/null; then
echo "$i is not used in playbooks/deploy.yml"
bad="1"
fi
done
if [ -n "$bad" ]; then
exit 1;
fi

79
bin/generate-pihole-dns-dhcp.py Executable file
View File

@ -0,0 +1,79 @@
#!/usr/bin/env python3
# File: generate-pihole-dns-dhcp.py
#
# Description: This file generates the DNS and DHCP files for pihole.
#
# Package: AniNIX/Ubiqtorate
# Copyright: WTFPL
#
# Author: DarkFeather <darkfeather@aninix.net>
import os
import sys
import yaml
dnsfilepath="roles/Nazara/files/dns"
dhcpfilepath="roles/Nazara/files/dhcp"
def WriteDHCPEntry(content,hosttype,hostclass):
### Create the DHCP entry
# param content: the yaml content to parse
# param hosttype: managed or unmanaged
# param hostclass: the type of host as classified in the yaml
global dhcpfile
with open(dhcpfilepath,'a') as dhcpfile:
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
try:
dhcpfile.write('dhcp-host=' + content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['vars']['mac'] + ',' + content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['vars']['ip'] + '\n')
except:
print(host + ' is not complete for DHCP.')
def WriteDNSEntry(content,hosttype,hostclass):
### Create the DNS entry
# param content: the yaml content to parse
# param hosttype: managed or unmanaged
# param hostclass: the type of host as classified in the yaml
global dnsfile
with open(dnsfilepath,'a') as dnsfile:
for host in content['all']['children'][hosttype]['children'][hostclass]['hosts']:
try:
dnsfile.write(content['all']['children'][hosttype]['children'][hostclass]['hosts'][host]['vars']['ip'] + ' ' + host + '.' + content['all']['vars']['replica_domain'] + ' ' + host + '\n')
except:
print(host + ' is not complete for DNS.')
def GenerateFiles(file):
### Open the file and parse it
# param file: the file to work on
global dnsfile
# Parse the yaml
with open(file, 'r') as stream:
content = yaml.safe_load(stream)
# Clear the DNS file
with open(dhcpfilepath,'w') as dhcpfile:
dhcpfile.write('dhcp-range='+content['all']['vars']['dhcprange']+'\n')
dhcpfile.write('dhcp-option=option:router,'+content['all']['vars']['router']+'\n')
dhcpfile.write('dhcp-option=option:dns-server,'+content['all']['vars']['dns']+'\n\n')
dhcpfile.write('dhcp-range='+content['all']['vars']['staticrange']+'\n')
with open(dnsfilepath,'w') as dnsfile:
dnsfile.write('')
# Add DNS entries for each host
hosttype = 'managed'
for hostclass in ['physical','virtual','geth-hubs']:
WriteDNSEntry(content,hosttype,hostclass)
WriteDHCPEntry(content,hosttype,hostclass)
hosttype = 'unmanaged'
for hostclass in ['ovas','hardware','iot']:
WriteDNSEntry(content,hosttype,hostclass)
WriteDHCPEntry(content,hosttype,hostclass)
if __name__ == '__main__':
if len(sys.argv) != 2:
print("You need to supply an inventory file.")
sys.exit(1)
GenerateFiles(sys.argv[1])
sys.exit(0)

221
examples/msn0.yml
View File

@ -1,83 +1,202 @@
all:
vars:
# Environment-wide data
replica_domain: MSN0.AniNIX.net
dns: 10.0.1.7
logserver: 10.0.1.5
time_zone: "America/Chicago"
# Services used by all
router: 10.0.1.1
dns: 10.0.1.7 # TODO will change once IPs are resegmented.
dhcprange: '10.0.1.224,10.0.1.254,255.255.255.0,12h'
staticrange: '10.0.1.1,10.0.1.223,255.255.255.0,12h'
logserver: "Sharingan.{{ replica_domain }}"
ldapserver: "Core.{{ replica_domain }}"
# Standards
daemon_shell: /sbin/nologin
user_shell: /bin/bash
children:
managed:
children:
prod:
physical: # 10.0.1.0/29
vars:
depriv_user: pi
hosts:
Core:
depriv_user: DarkFeather
interface: enp1s0f0
Nazara:
vars:
ipinterface: eth0
ip: 10.0.1.2
mac: B8:27:EB:B6:AA:0C
Node-1:
vars:
ipinterface: eth0
ip: 10.0.1.3
mac: 00:25:90:0d:6e:86
type: wired
dev:
mac: B8:27:EB:B6:AA:0C
Node-2:
vars:
ipinterface: eth0
ip: 10.0.1.4
mac: B8:27:EB:B6:AA:0C
Node-3:
vars:
ipinterface: eth0
ip: 10.0.1.5
mac: B8:27:EB:B6:AA:0C
Node-4:
vars:
ipinterface: eth0
ip: 10.0.1.6
mac: B8:27:EB:B6:AA:0C
Node-5:
vars:
ipinterface: eth0
ip: 10.0.1.7
mac: B8:27:EB:B6:AA:0C
virtual: # 10.0.1.8/29
vars:
depriv_user: depriv
hosts:
DarkNet:
ip: 10.0.1.4
mac: 00:15:5D:01:02:05
type: wired
MaatBuilder:
ip: 10.0.1.13
mac: 00:15:5d:01:02:07
type: wired
Maat:
ip: 10.0.1.14
mac: DE:8B:9E:19:55:1D
type: wired
Sharingan:
ip: 10.0.1.5
mac: 00:15:5D:01:02:10
type: wired
geth:
vars:
ip: 10.0.1.8
mac: 00:15:5D:01:02:05
cores: 4
memory: 4
bridge: br0
disks:
- '-drive file=/srv/maat/vm/Sharingan.qcow2,format=qcow2,l2-cache-size=1M'
DarkNet:
vars:
ip: 10.0.1.9
mac: 00:15:5D:01:02:04
cores: 2
memory: 2
bridge: br0
disks:
- '-hda /dev/sdb'
Maat:
vars:
ip: 10.0.1.10
mac: 00:15:5d:01:02:06
cores: 2
memory: 2
bridge: br0
disks:
- '-drive file=/srv/maat/vm/MaatBuilder.qcow2,format=qcow2,l2-cache-size=1M'
Aether:
vars:
ip: 10.0.1.11
mac: 00:15:5d:01:02:07
cores: 2
memory: 2
bridge: br0
disks:
- '-hda /dev/sdd'
- '-cdrom /srv/maat/iso/archlinux.iso -boot order=d'
Core:
vars:
depriv_user: DarkFeather
ipinterface: enp1s0f0
ip: 10.0.1.12
mac: 00:25:90:0d:6e:86
geth-hubs: # 10.0.1.16/29
vars:
depriv_user: pi
hosts:
Geth-Hub-1:
ip: 10.0.1.10
mac: 84:16:F9:14:15:C5
vars:
ip: 10.0.1.16
mac: 84:16:F9:14:15:C5
Geth-Hub-2:
ip: 10.0.1.11
mac: 84:16:F9:13:B6:E6
Geth-Hub-3:
ip: 10.0.1.12
mac: b8:27:eb:60:73:68
Nazara:
ip: 10.0.1.7
mac: B8:27:EB:B6:AA:0C
type: wired
vars:
ip: 10.0.1.17
mac: 84:16:F9:13:B6:E6
# Geth-Hub-3:
# vars:
# ip: 10.0.1.18
# mac: b8:27:eb:60:73:68
unmanaged:
children:
tachikoma:
ovas: # 10.0.1.24/29
hosts:
DedNet:
vars:
ip: 10.0.1.24
mac: 00:15:5d:01:02:08
cores: 2
memory: 2
bridge: br0
disks:
- '-drive file=/srv/maat/vm/DedNet.qcow2,format=qcow2'
- '-cdrom /srv/maat/iso/kali-linux.iso -boot order=d'
Geth:
vars:
ip: 10.0.1.25
mac: 00:15:5d:01:02:09
cores: 2
memory: 2
bridge: br0
disks:
- '-drive file=/srv/maat/vm/DedNet.qcow2,format=qcow2'
- '-cdrom /srv/maat/iso/kali-linux.iso -boot order=d'
hardware:
hosts: # 10.0.1.32/28
Tachikoma:
vars:
ip: 10.0.1.32
mac: aa:aa:aa:aa:aa:aa
Dedsec:
tricorder:
hosts:
vars:
ip: 10.0.1.33
mac: 34:f6:4b:36:12:8f
DarkFeather:
vars:
ip: 10.0.1.34
mac: 64:C2:DE:78:BB:40
Lykos:
windows:
hosts:
vars:
ip: 10.0.1.35
mac: 64:C2:DE:0C:AB:0D
Games:
ip: 10.0.1.2
mac: 00:1F:BC:10:1C:F8
console:
hosts:
vars:
ip: 10.0.1.36
mac: 00:1F:BC:10:1C:F7
Shadowfeed:
vars:
ip: 10.0.1.1
mac: 2c:30:33:64:f4:03
Print:
vars:
ip: 10.0.1.37
mac: 00:80:92:77:CE:E4
Core-Console:
ip: 10.0.1.8
vars:
ip: 10.0.1.38
mac: 00:25:90:0D:82:5B
Maat-Console:
ip: 10.0.1.9
vars:
ip: 10.0.1.39
mac: 00:25:90:3E:C6:8C
Geth-Eyes:
ip: 10.0.1.106
vars:
ip: 10.0.1.40
mac: 9c:a3:aa:33:a3:99
Print:
ip: 10.0.1.6
mac: 00:80:92:77:CE:E4
# dhcp build space: 10.0.1.224/27
iot: # 10.0.2.0/24
hosts:
LinKeuei:
vars:
ip: 10.0.2.2
mac: 64:16:66:08:57:F5
Canary:
vars:
ip: 10.0.2.3
mac: 18:B4:30:2F:F1:37
Charon:
vars:
ip: 10.0.2.4
mac: 64:52:99:14:28:2B
Skitarii-1:
vars:
ip: 10.0.2.5
mac: 40:9F:38:95:06:34

88
playbooks/deploy.yml
View File

@ -2,11 +2,11 @@
# deploy.yml
#
# This playbook details how an entire datacenter should be deployed
#
#
# Parameters:
# threads: Number of threads to use; default is 8.
- hosts: all
- hosts: managed
order: sorted
serial: "{{ threads | default('8') }}"
gather_facts: true
@ -14,87 +14,31 @@
vars_files:
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
vars:
roles:
- basics
- networking
- SSH
- Sharingan-Data
- hosts: DarkNet
- hosts: geth-hubs
order: sorted
serial: "{{ threads | default('8') }}"
gather_facts: true
ignore_unreachable: true
vars_files:
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
vars:
roles:
- DarkNet
- SSH
- Geth-Hub
- hosts: Core
order: sorted
serial: "{{ threads | default('8') }}"
gather_facts: true
ignore_unreachable: true
vars_files:
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
vars:
roles:
- SSL
- Yggdrasil
- WebServer
- Foundation
- IRC
- Sharingan-IDS
- hosts: Maat
order: sorted
serial: "{{ threads | default('8') }}"
gather_facts: true
ignore_unreachable: true
vars_files:
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
vars:
roles:
- Maat
- hosts: Sharingan
order: sorted
serial: "{{ threads | default('8') }}"
gather_facts: true
ignore_unreachable: true
vars_files:
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
vars:
roles:
- Sharingan
- hosts: MaatBuilder
order: sorted
serial: "{{ threads | default('8') }}"
gather_facts: true
ignore_unreachable: true
vars_files:
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
vars:
roles:
- MaatBuilder
- hosts: Nazara
order: sorted
serial: "{{ threads | default('8') }}"
gather_facts: true
ignore_unreachable: true
vars_files:
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
vars:
roles:
- MaatBuilder
# - hosts: Core
# order: sorted
# serial: "{{ threads | default('8') }}"
# gather_facts: true
# ignore_unreachable: true
# vars_files:
# - "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
# vars:
# roles:
# - Yggdrasil
# - WebServer
# - TheRaven

38
playbooks/patching.yml
View File

@ -1,15 +1,13 @@
---
# patching.yml
#
# This playbook can be used to patch all the servers in an inventory to the latest on the repo servers
# This playbook can be used to patch all the servers in an inventory to the latest software available.
# Because we typically encrypt our disk storage, we don't wait for the connection to become available again.
# Variables:
# - hosts: the host grouper in the inventory -- default: all
# - action: update or upgrade -- default: update
# - delay: minutes to wait after a reboot -- default 5
#
# - target: the host grouper in the inventory -- default: all
#
# Patch then restart a node
- hosts: "{{ hosts | default('all') }}"
- hosts: "{{ target | default('all') }}"
order: sorted
ignore_unreachable: true
serial: 1
@ -18,7 +16,7 @@
ansible_become_user: root
ansible_become_method: sudo
vars_files:
- "{{ playbook_dir }}/../.vault"
- "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
tasks:
- name: Check /var free percentage
command: /bin/bash -c "df -m /var | tail -n 1 | awk '{ print $5; }' | sed 's/%//' "
@ -31,22 +29,22 @@
- 90 > {{ df_output.stdout }}
fail_msg: "Not enough free space"
- name: Patching
- name: Patching all packages (ArchLinux)
ignore_errors: yes
yum:
name: '*'
state: latest
when: ansible_os_family == "Archlinux"
pacman:
upgrade: yes
update_cache: yes
# disablerepo: '*'
enablerepo: rhel-7-server-rpms-nist
register: patching_output
- debug:
msg: "{{ patching_output }}"
- name: Patching all packages (Debian)
ignore_errors: yes
when: ansible_os_family == "Debian"
apt:
upgrade: yes
update_cache: yes
- name: Reboot
ignore_errors: yes
reboot:
- name: Wait for reboot
wait_for_connection:
reboot_timeout: 2

10
roles/Geth-Hub/README.md Normal file
View File

@ -0,0 +1,10 @@
These hubs are self-made IoT devices using [Raspberry Pi's](https://www.raspberrypi.com/products/raspberry-pi-4-model-b/) on [Raspbian](https://www.raspberrypi.com/software). They provide cameras and IR remotes to control televisions, which can be used with Chromecasts to project [AniNIX/Yggdrasil](../Yggdrasil/) media for users to view. Usually, they'll be wrapped in a maker case with a cellphone 5A charger on a wall mount.
# Relevant Files and Configuration
For the camera, we use the [motion](https://motion-project.github.io/motion_config.html) service to control the Raspberry Pi [camera module](https://www.raspberrypi.com/products/camera-module-v2/). This is reflected in the motion config.
For the IR control we use an [IR shield](https://www.amazon.com/s?k=Raspberry+pi+infrared+expansion+board+IR+transmitter&ref=nb_sb_noss) controlled by the [lircd](https://www.lirc.org/) service. As a note, in order for this to work, you have to set the pinout in the `/boot/config.txt` -- we try to default this in, but you may need to set `gpio_in_pin` and `gpio_out_pin` attributes for your particular board and shield.
We also pass in an SSH key to integrate with the [Geth](../Geth/) command service, so that users don't have to connect to the boards directly.

23
roles/Geth-Hub/files/hardware.conf Normal file
View File

@ -0,0 +1,23 @@
# /etc/lirc/hardware.conf
#
# Arguments which will be used when launching lircd
LIRCD_ARGS="--uinput --listen"
#Don't start lircmd even if there seems to be a good config file
#START_LIRCMD=false
#Don't start irexec, even if a good config file seems to exist.
#START_IREXEC=false
#Try to load appropriate kernel modules
LOAD_MODULES=true
# Run "lircd --driver=help" for a list of supported drivers.
DRIVER="default"
# usually /dev/lirc0 is the correct setting for systems using udev
DEVICE="/dev/lirc0"
MODULES="lirc_rpi"
# Default configuration files for your hardware if any
LIRCD_CONF=""
LIRCMD_CONF=""

100
roles/Geth-Hub/files/lircd.conf.Geth-Hub-1 Normal file
View File

@ -0,0 +1,100 @@
# Please make this file available to others
# by sending it to <lirc@bartelmus.de>
#
# this config file was automatically generated
# using lirc-0.9.0-pre1(default) on Thu Feb 9 18:06:50 2017
#
# contributed by
#
# brand: Insignia
# model no. of remote control: NS-RC4NA-14
# devices being controlled by this remote: TV
#
begin remote
name NS-RC4NA-14
bits 16
flags SPACE_ENC|CONST_LENGTH
eps 30
aeps 100
header 9102 4441
one 640 1623
zero 640 496
ptrail 639
repeat 9103 2189
pre_data_bits 16
pre_data 0x61A0
gap 108350
toggle_bit_mask 0x0
begin codes
KEY_POWER 0xF00F
KEY_CONFIG 0xB847
KEY_VOLUMEUP 0x30CF
KEY_VOLUMEDOWN 0xB04F
KEY_MUTE 0x708F
KEY_ENTER 0x18E7
end codes
end remote
begin remote
name iRobot_Roomba
flags RAW_CODES|CONST_LENGTH
eps 30
aeps 100
ptrail 0
repeat 0 0
gap 91790
begin raw_codes
name clean
2831 886 972 2709 944 2711
943 2710 2743 893 958 2723
931 2722 927 19304 2811 897
954 2726 927 2726 927 2726
2747 889 966 2714 942 2710
941
name spot
2855 858 961 2720 935 2718
934 2718 937 2716 2744 893
960 2721 931 19526 2829 882
968 2711 943 2711 942 2710
942 2710 2744 893 960 2720
934
name max
2818 898 957 2725 931 2723
933 2720 936 2718 2749 890
966 2714 2748 17722 2831 882
961 2720 925 2729 927 2726
926 2728 2753 886 968 2713
2749
name power
2837 883 970 2711 943 2712
942 2711 2747 893 963 2718
2755 886 965 19522 2816 895
955 2727 928 2726 930 2724
2758 883 970 2712 2748 891
962
name pause
2823 897 956 2729 933 2723
936 2721 2751 889 965 2722
937 2721 2748 17726 2828 886
970 2713 942 2713 939 2716
2753 888 970 2714 942 2713
2754
end raw_codes
end remote

157
roles/Geth-Hub/files/lircd.conf.Geth-Hub-2 Normal file
View File

@ -0,0 +1,157 @@
# Please make this file available to others
# by sending it to <lirc@bartelmus.de>
#
# this config file was automatically generated
# using lirc-0.9.0-pre1(default) on Thu Jun 29 00:24:26 2017
#
# contributed by darkfeather@aninix.net
#
# brand: LG.conf
# model no. of remote control: AKB73715608
# devices being controlled by this remote: TV
#
begin remote
name LASKO
bits 16
flags SPACE_ENC|CONST_LENGTH
eps 30
aeps 100
header 9063 4496
one 579 1673
zero 579 546
ptrail 580
repeat 9066 2248
pre_data_bits 16
pre_data 0x20DF
gap 108528
toggle_bit_mask 0x0
begin codes
KEY_POWER 0x10EF
KEY_VOLUMEUP 0x40BF
KEY_VOLUMEDOWN 0xC03F
KEY_CONFIG 0xD02F
KEY_ENTER 0x22DD
KEY_MUTE 0x906F
end codes
end remote
# Please make this file available to others
# by sending it to <lirc@bartelmus.de>
#
# this config file was automatically generated
# using lirc-0.9.0-pre1(default) on Tue May 1 06:40:29 2018
#
# contributed by
#
# brand: ./lasko.conf
# model no. of remote control:
# devices being controlled by this remote:
#
begin remote
name ./lasko.conf
flags RAW_CODES|CONST_LENGTH
eps 30
aeps 100
ptrail 413
gap 53152
begin raw_codes
name KEY_POWER
1253 391 1256 391 428 1258
1258 424 1226 428 400 1294
397 1307 386 1291 398 1295
396 1264 429 1289 1230 6912
1265 383 1264 427 388 1314
1199 425 1230 428 396 1324
375 1259 420 1264 423 1312
379 1293 397 1261 1259
name KEY_MUTE
1266 374 1256 394 426 1256
1259 447 1202 431 397 1294
393 1306 388 1292 397 1318
373 1261 1258 411 414 7771
1261 392 1257 421 395 1268
1247 424 1225 431 398 1292
398 1294 397 1292 396 1307
385 1288 1229 430 397
name KEY_VOLUMEDOWN
1252 395 1258 392 426 1256
1258 393 1257 398 430 1293
395 1296 395 1267 424 1292
1226 432 397 1265 424 7772
1260 392 1257 391 426 1258
1267 386 1256 400 425 1267
427 1300 391 1315 368 1269
1262 487 334 1297 387
name KEY_MOVE
1256 394 1253 420 399 1293
1224 391 1255 403 424 1265
427 1282 411 1294 1224 429
396 1292 399 1290 408 7767
1256 391 1257 422 396 1268
1279 393 1232 393 426 1294
396 1263 428 1315 1226 411
425 1235 430 1259 427
end raw_codes
end remote
# Please make this file available to others
# by sending it to <lirc@bartelmus.de>
#
# this config file was automatically generated
# using lirc-0.9.0-pre1(default) on Thu Feb 9 18:06:50 2017
#
# contributed by
#
# brand: Insignia
# model no. of remote control: NS-RC4NA-14
# devices being controlled by this remote: TV
#
begin remote
name NS-RC4NA-14
bits 16
flags SPACE_ENC|CONST_LENGTH
eps 30
aeps 100
header 9102 4441
one 640 1623
zero 640 496
ptrail 639
repeat 9103 2189
pre_data_bits 16
pre_data 0x61A0
gap 108350
toggle_bit_mask 0x0
begin codes
KEY_POWER 0xF00F
KEY_CONFIG 0xB847
KEY_VOLUMEUP 0x30CF
KEY_VOLUMEDOWN 0xB04F
KEY_MUTE 0x708F
KEY_ENTER 0x18E7
end codes
end remote

770
roles/Geth-Hub/files/motion.conf Normal file
View File

@ -0,0 +1,770 @@
# Rename this distribution example file to motion.conf
#
# This config file was generated by motion 4.0.1
############################################################
# Daemon
############################################################
# Start in daemon (background) mode and release terminal (default: off)
daemon on
# File to store the process ID, also called pid file. (default: not defined)
process_id_file /var/run/motion/motion.pid
############################################################
# Basic Setup Mode
############################################################
# Start in Setup-Mode, daemon disabled. (default: off)
setup_mode off
# Use a file to save logs messages, if not defined stderr and syslog is used. (default: not defined)
;logfile /tmp/motion.log
# Level of log messages [1..9] (EMG, ALR, CRT, ERR, WRN, NTC, INF, DBG, ALL). (default: 6 / NTC)
log_level 6
# Filter to log messages by type (COR, STR, ENC, NET, DBL, EVT, TRK, VID, ALL). (default: ALL)
log_type all
###########################################################
# Capture device options
############################################################
# Videodevice to be used for capturing (default /dev/video0)
# for FreeBSD default is /dev/bktr0
videodevice /dev/video0
# v4l2_palette allows one to choose preferable palette to be use by motion
# to capture from those supported by your videodevice. (default: 17)
# E.g. if your videodevice supports both V4L2_PIX_FMT_SBGGR8 and
# V4L2_PIX_FMT_MJPEG then motion will by default use V4L2_PIX_FMT_MJPEG.
# Setting v4l2_palette to 2 forces motion to use V4L2_PIX_FMT_SBGGR8
# instead.
#
# Values :
# V4L2_PIX_FMT_SN9C10X : 0 'S910'
# V4L2_PIX_FMT_SBGGR16 : 1 'BYR2'
# V4L2_PIX_FMT_SBGGR8 : 2 'BA81'
# V4L2_PIX_FMT_SPCA561 : 3 'S561'
# V4L2_PIX_FMT_SGBRG8 : 4 'GBRG'
# V4L2_PIX_FMT_SGRBG8 : 5 'GRBG'
# V4L2_PIX_FMT_PAC207 : 6 'P207'
# V4L2_PIX_FMT_PJPG : 7 'PJPG'
# V4L2_PIX_FMT_MJPEG : 8 'MJPEG'
# V4L2_PIX_FMT_JPEG : 9 'JPEG'
# V4L2_PIX_FMT_RGB24 : 10 'RGB3'
# V4L2_PIX_FMT_SPCA501 : 11 'S501'
# V4L2_PIX_FMT_SPCA505 : 12 'S505'
# V4L2_PIX_FMT_SPCA508 : 13 'S508'
# V4L2_PIX_FMT_UYVY : 14 'UYVY'
# V4L2_PIX_FMT_YUYV : 15 'YUYV'
# V4L2_PIX_FMT_YUV422P : 16 '422P'
# V4L2_PIX_FMT_YUV420 : 17 'YU12'
#
v4l2_palette 17
# Tuner device to be used for capturing using tuner as source (default /dev/tuner0)
# This is ONLY used for FreeBSD. Leave it commented out for Linux
; tunerdevice /dev/tuner0
# The video input to be used (default: -1)
# Should normally be set to 0 or 1 for video/TV cards, and -1 for USB cameras
# Set to 0 for uvideo(4) on OpenBSD
input -1
# The video norm to use (only for video capture and TV tuner cards)
# Values: 0 (PAL), 1 (NTSC), 2 (SECAM), 3 (PAL NC no colour). Default: 0 (PAL)
norm 0
# The frequency to set the tuner to (kHz) (only for TV tuner cards) (default: 0)
frequency 0
# Override the power line frequency for the webcam. (normally not necessary)
# Values:
# -1 : Do not modify device setting
# 0 : Power line frequency Disabled
# 1 : 50hz
# 2 : 60hz
# 3 : Auto
power_line_frequency -1
# Rotate image this number of degrees. The rotation affects all saved images as
# well as movies. Valid values: 0 (default = no rotation), 90, 180 and 270.
rotate 0
# Image width (pixels). Valid range: Camera dependent, default: 352
width 640
# Image height (pixels). Valid range: Camera dependent, default: 288
height 480
# Maximum number of frames to be captured per second.
# Valid range: 2-100. Default: 100 (almost no limit).
framerate 100
# Minimum time in seconds between capturing picture frames from the camera.
# Default: 0 = disabled - the capture rate is given by the camera framerate.
# This option is used when you want to capture images at a rate lower than 2 per second.
minimum_frame_time 0
# URL to use if you are using a network camera, size will be autodetected (incl http:// ftp:// mjpg:// rtsp:// mjpeg:// or file:///)
# Must be a URL that returns single jpeg pictures or a raw mjpeg stream. A trailing slash may be required for some cameras.
# Default: Not defined
; netcam_url value
# Username and password for network camera (only if required). Default: not defined
# Syntax is user:password
; netcam_userpass value
# The setting for keep-alive of network socket, should improve performance on compatible net cameras.
# off: The historical implementation using HTTP/1.0, closing the socket after each http request.
# force: Use HTTP/1.0 requests with keep alive header to reuse the same connection.
# on: Use HTTP/1.1 requests that support keep alive as default.
# Default: off
netcam_keepalive off
# URL to use for a netcam proxy server, if required, e.g. "http://myproxy".
# If a port number other than 80 is needed, use "http://myproxy:1234".
# Default: not defined
; netcam_proxy value
# Set less strict jpeg checks for network cameras with a poor/buggy firmware.
# Default: off
netcam_tolerant_check off
# RTSP connection uses TCP to communicate to the camera. Can prevent image corruption.
# Default: on
rtsp_uses_tcp on
# Name of camera to use if you are using a camera accessed through OpenMax/MMAL
# Default: Not defined
; mmalcam_name vc.ril.camera
# Camera control parameters (see raspivid/raspistill tool documentation)
# Default: Not defined
; mmalcam_control_params -hf
# Let motion regulate the brightness of a video device (default: off).
# The auto_brightness feature uses the brightness option as its target value.
# If brightness is zero auto_brightness will adjust to average brightness value 128.
# Only recommended for cameras without auto brightness
auto_brightness off
# Set the initial brightness of a video device.
# If auto_brightness is enabled, this value defines the average brightness level
# which Motion will try and adjust to.
# Valid range 0-255, default 0 = disabled
brightness 0
# Set the contrast of a video device.
# Valid range 0-255, default 0 = disabled
contrast 0
# Set the saturation of a video device.
# Valid range 0-255, default 0 = disabled
saturation 0
# Set the hue of a video device (NTSC feature).
# Valid range 0-255, default 0 = disabled
hue 0
############################################################
# Round Robin (multiple inputs on same video device name)
############################################################
# Number of frames to capture in each roundrobin step (default: 1)
roundrobin_frames 1
# Number of frames to skip before each roundrobin step (default: 1)
roundrobin_skip 1
# Try to filter out noise generated by roundrobin (default: off)
switchfilter off
############################################################
# Motion Detection Settings:
############################################################
# Threshold for number of changed pixels in an image that
# triggers motion detection (default: 1500)
threshold 1500
# Automatically tune the threshold down if possible (default: off)
threshold_tune off
# Noise threshold for the motion detection (default: 32)
noise_level 32
# Automatically tune the noise threshold (default: on)
noise_tune on
# Despeckle motion image using (e)rode or (d)ilate or (l)abel (Default: not defined)
# Recommended value is EedDl. Any combination (and number of) of E, e, d, and D is valid.
# (l)abeling must only be used once and the 'l' must be the last letter.
# Comment out to disable
despeckle_filter EedDl
# Detect motion in predefined areas (1 - 9). Areas are numbered like that: 1 2 3
# A script (on_area_detected) is started immediately when motion is 4 5 6
# detected in one of the given areas, but only once during an event. 7 8 9
# One or more areas can be specified with this option. Take care: This option
# does NOT restrict detection to these areas! (Default: not defined)
; area_detect value
# PGM file to use as a sensitivity mask.
# Full path name to. (Default: not defined)
; mask_file value
# Dynamically create a mask file during operation (default: 0)
# Adjust speed of mask changes from 0 (off) to 10 (fast)
smart_mask_speed 0
# Ignore sudden massive light intensity changes given as a percentage of the picture
# area that changed intensity. Valid range: 0 - 100 , default: 0 = disabled
lightswitch 0
# Picture frames must contain motion at least the specified number of frames
# in a row before they are detected as true motion. At the default of 1, all
# motion is detected. Valid range: 1 to thousands, recommended 1-5
minimum_motion_frames 1
# Specifies the number of pre-captured (buffered) pictures from before motion
# was detected that will be output at motion detection.
# Recommended range: 0 to 5 (default: 0)
# Do not use large values! Large values will cause Motion to skip video frames and
# cause unsmooth movies. To smooth movies use larger values of post_capture instead.
pre_capture 0
# Number of frames to capture after motion is no longer detected (default: 0)
post_capture 0
# Event Gap is the seconds of no motion detection that triggers the end of an event.
# An event is defined as a series of motion images taken within a short timeframe.
# Recommended value is 60 seconds (Default). The value -1 is allowed and disables
# events causing all Motion to be written to one single movie file and no pre_capture.
# If set to 0, motion is running in gapless mode. Movies don't have gaps anymore. An
# event ends right after no more motion is detected and post_capture is over.
event_gap 60
# Maximum length in seconds of a movie
# When value is exceeded a new movie file is created. (Default: 0 = infinite)
max_movie_time 0
# Always save images even if there was no motion (default: off)
emulate_motion off
############################################################
# Image File Output
############################################################
# Output 'normal' pictures when motion is detected (default: on)
# Valid values: on, off, first, best, center
# When set to 'first', only the first picture of an event is saved.
# Picture with most motion of an event is saved when set to 'best'.
# Picture with motion nearest center of picture is saved when set to 'center'.
# Can be used as preview shot for the corresponding movie.
output_pictures off
# Output pictures with only the pixels moving object (ghost images) (default: off)
output_debug_pictures off
# The quality (in percent) to be used by the jpeg compression (default: 75)
quality 75
# Type of output images
# Valid values: jpeg, ppm (default: jpeg)
picture_type jpeg
############################################################
# FFMPEG related options
# Film (movies) file output, and deinterlacing of the video input
# The options movie_filename and timelapse_filename are also used
# by the ffmpeg feature
############################################################
# Use ffmpeg to encode movies in realtime (default: off)
ffmpeg_output_movies off
# Use ffmpeg to make movies with only the pixels moving
# object (ghost images) (default: off)
ffmpeg_output_debug_movies off
# Use ffmpeg to encode a timelapse movie
# Default value 0 = off - else save frame every Nth second
ffmpeg_timelapse 0
# The file rollover mode of the timelapse video
# Valid values: hourly, daily (default), weekly-sunday, weekly-monday, monthly, manual
ffmpeg_timelapse_mode daily
# Bitrate to be used by the ffmpeg encoder (default: 400000)
# This option is ignored if ffmpeg_variable_bitrate is not 0 (disabled)
ffmpeg_bps 400000
# Enables and defines variable bitrate for the ffmpeg encoder.
# ffmpeg_bps is ignored if variable bitrate is enabled.
# Valid values: 0 (default) = fixed bitrate defined by ffmpeg_bps,
# or the range 1 - 100 where 1 means worst quality and 100 is best.
ffmpeg_variable_bitrate 0
# Codec to used by ffmpeg for the video compression.
# Timelapse videos have two options.
# mpg - Creates mpg file with mpeg-2 encoding.
# If motion is shutdown and restarted, new pics will be appended
# to any previously created file with name indicated for timelapse.
# mpeg4 - Creates avi file with the default encoding.
# If motion is shutdown and restarted, new pics will create a
# new file with the name indicated for timelapse.
# Supported formats are:
# mpeg4 or msmpeg4 - gives you files with extension .avi
# msmpeg4 is recommended for use with Windows Media Player because
# it requires no installation of codec on the Windows client.
# swf - gives you a flash film with extension .swf
# flv - gives you a flash video with extension .flv
# ffv1 - FF video codec 1 for Lossless Encoding
# mov - QuickTime
# mp4 - MPEG-4 Part 14 H264 encoding
# mkv - Matroska H264 encoding
# hevc - H.265 / HEVC (High Efficiency Video Coding)
ffmpeg_video_codec mpeg4
# When creating videos, should frames be duplicated in order
# to keep up with the requested frames per second
# (default: true)
ffmpeg_duplicate_frames true
############################################################
# SDL Window
############################################################
# Number of motion thread to show in SDL Window (default: 0 = disabled)
#sdl_threadnr 0
############################################################
# External pipe to video encoder
# Replacement for FFMPEG builtin encoder for ffmpeg_output_movies only.
# The options movie_filename and timelapse_filename are also used
# by the ffmpeg feature
#############################################################
# Bool to enable or disable extpipe (default: off)
use_extpipe off
# External program (full path and opts) to pipe raw video to
# Generally, use '-' for STDIN...
;extpipe mencoder -demuxer rawvideo -rawvideo w=%w:h=%h:i420 -ovc x264 -x264encopts bframes=4:frameref=1:subq=1:scenecut=-1:nob_adapt:threads=1:keyint=1000:8x8dct:vbv_bufsize=4000:crf=24:partitions=i8x8,i4x4:vbv_maxrate=800:no-chroma-me -vf denoise3d=16:12:48:4,pp=lb -of avi -o %f.avi - -fps %fps
;extpipe x264 - --input-res %wx%h --fps %fps --bitrate 2000 --preset ultrafast --quiet -o %f.mp4
;extpipe mencoder -demuxer rawvideo -rawvideo w=%w:h=%h:fps=%fps -ovc x264 -x264encopts preset=ultrafast -of lavf -o %f.mp4 - -fps %fps
;extpipe ffmpeg -y -f rawvideo -pix_fmt yuv420p -video_size %wx%h -framerate %fps -i pipe:0 -vcodec libx264 -preset ultrafast -f mp4 %f.mp4
############################################################
# Snapshots (Traditional Periodic Webcam File Output)
############################################################
# Make automated snapshot every N seconds (default: 0 = disabled)
snapshot_interval 0
############################################################
# Text Display
# %Y = year, %m = month, %d = date,
# %H = hour, %M = minute, %S = second, %T = HH:MM:SS,
# %v = event, %q = frame number, %t = camera id number,
# %D = changed pixels, %N = noise level, \n = new line,
# %i and %J = width and height of motion area,
# %K and %L = X and Y coordinates of motion center
# %C = value defined by text_event - do not use with text_event!
# You can put quotation marks around the text to allow
# leading spaces
############################################################
# Locate and draw a box around the moving object.
# Valid values: on, off, preview (default: off)
# Set to 'preview' will only draw a box in preview_shot pictures.
locate_motion_mode off
# Set the look and style of the locate box if enabled.
# Valid values: box, redbox, cross, redcross (default: box)
# Set to 'box' will draw the traditional box.
# Set to 'redbox' will draw a red box.
# Set to 'cross' will draw a little cross to mark center.
# Set to 'redcross' will draw a little red cross to mark center.
locate_motion_style box
# Draws the timestamp using same options as C function strftime(3)
# Default: %Y-%m-%d\n%T = date in ISO format and time in 24 hour clock
# Text is placed in lower right corner
text_right %Y-%m-%d\n%T-%q
# Draw a user defined text on the images using same options as C function strftime(3)
# Default: Not defined = no text
# Text is placed in lower left corner
; text_left CAMERA %t
# Draw the number of changed pixed on the images (default: off)
# Will normally be set to off except when you setup and adjust the motion settings
# Text is placed in upper right corner
text_changes off
# This option defines the value of the special event conversion specifier %C
# You can use any conversion specifier in this option except %C. Date and time
# values are from the timestamp of the first image in the current event.
# Default: %Y%m%d%H%M%S
# The idea is that %C can be used filenames and text_left/right for creating
# a unique identifier for each event.
text_event %Y%m%d%H%M%S
# Draw characters at twice normal size on images. (default: off)
text_double off
# Text to include in a JPEG EXIF comment
# May be any text, including conversion specifiers.
# The EXIF timestamp is included independent of this text.
;exif_text %i%J/%K%L
############################################################
# Target Directories and filenames For Images And Films
# For the options snapshot_, picture_, movie_ and timelapse_filename
# you can use conversion specifiers
# %Y = year, %m = month, %d = date,
# %H = hour, %M = minute, %S = second,
# %v = event, %q = frame number, %t = camera id number,
# %D = changed pixels, %N = noise level,
# %i and %J = width and height of motion area,
# %K and %L = X and Y coordinates of motion center
# %C = value defined by text_event
# Quotation marks round string are allowed.
############################################################
# Target base directory for pictures and films
# Recommended to use absolute path. (Default: current working directory)
target_dir /var/run/motion/capture
# File path for snapshots (jpeg or ppm) relative to target_dir
# Default: %v-%Y%m%d%H%M%S-snapshot
# Default value is equivalent to legacy oldlayout option
# For Motion 3.0 compatible mode choose: %Y/%m/%d/%H/%M/%S-snapshot
# File extension .jpg or .ppm is automatically added so do not include this.
# Note: A symbolic link called lastsnap.jpg created in the target_dir will always
# point to the latest snapshot, unless snapshot_filename is exactly 'lastsnap'
snapshot_filename %v-%Y%m%d%H%M%S-snapshot
# File path for motion triggered images (jpeg or ppm) relative to target_dir
# Default: %v-%Y%m%d%H%M%S-%q
# Default value is equivalent to legacy oldlayout option
# For Motion 3.0 compatible mode choose: %Y/%m/%d/%H/%M/%S-%q
# File extension .jpg or .ppm is automatically added so do not include this
# Set to 'preview' together with best-preview feature enables special naming
# convention for preview shots. See motion guide for details
picture_filename %v-%Y%m%d%H%M%S-%q
# File path for motion triggered ffmpeg films (movies) relative to target_dir
# Default: %v-%Y%m%d%H%M%S
# File extensions(.mpg .avi) are automatically added so do not include them
movie_filename %v-%Y%m%d%H%M%S
# File path for timelapse movies relative to target_dir
# Default: %Y%m%d-timelapse
# File extensions(.mpg .avi) are automatically added so do not include them
timelapse_filename %Y%m%d-timelapse
############################################################
# Global Network Options
############################################################
# Enable IPv6 (default: off)
ipv6_enabled off
############################################################
# Live Stream Server
############################################################
# The mini-http server listens to this port for requests (default: 0 = disabled)
stream_port 8081
# Quality of the jpeg (in percent) images produced (default: 50)
stream_quality 50
# Output frames at 1 fps when no motion is detected and increase to the
# rate given by stream_maxrate when motion is detected (default: off)
stream_motion off
# Maximum framerate for stream streams (default: 1)
stream_maxrate 1
# Restrict stream connections to localhost only (default: on)
stream_localhost off
# Limits the number of images per connection (default: 0 = unlimited)
# Number can be defined by multiplying actual stream rate by desired number of seconds
# Actual stream rate is the smallest of the numbers framerate and stream_maxrate
stream_limit 0
# Set the authentication method (default: 0)
# 0 = disabled
# 1 = Basic authentication
# 2 = MD5 digest (the safer authentication)
stream_auth_method 0
# Authentication for the stream. Syntax username:password
# Default: not defined (Disabled)
; stream_authentication username:password
# Percentage to scale the stream image for preview
# Default: 25
; stream_preview_scale 25
# Have stream preview image start on a new line
# Default: no
; stream_preview_newline no
############################################################
# HTTP Based Control
############################################################
# TCP/IP port for the http server to listen on (default: 0 = disabled)
webcontrol_port 8080
# Restrict control connections to localhost only (default: on)
webcontrol_localhost on
# Output for http server, select off to choose raw text plain (default: on)
webcontrol_html_output on
# Authentication for the http based control. Syntax username:password
# Default: not defined (Disabled)
; webcontrol_authentication username:password
############################################################
# Tracking (Pan/Tilt)
#############################################################
# Type of tracker (0=none (default), 1=stepper, 2=iomojo, 3=pwc, 4=generic, 5=uvcvideo, 6=servo)
# The generic type enables the definition of motion center and motion size to
# be used with the conversion specifiers for options like on_motion_detected
track_type 0
# Enable auto tracking (default: off)
track_auto off
# Serial port of motor (default: none)
;track_port /dev/ttyS0
# Motor number for x-axis (default: 0)
;track_motorx 0
# Set motorx reverse (default: 0)
;track_motorx_reverse 0
# Motor number for y-axis (default: 0)
;track_motory 1
# Set motory reverse (default: 0)
;track_motory_reverse 0
# Maximum value on x-axis (default: 0)
;track_maxx 200
# Minimum value on x-axis (default: 0)
;track_minx 50
# Maximum value on y-axis (default: 0)
;track_maxy 200
# Minimum value on y-axis (default: 0)
;track_miny 50
# Center value on x-axis (default: 0)
;track_homex 128
# Center value on y-axis (default: 0)
;track_homey 128
# ID of an iomojo camera if used (default: 0)
track_iomojo_id 0
# Angle in degrees the camera moves per step on the X-axis
# with auto-track (default: 10)
# Currently only used with pwc type cameras
track_step_angle_x 10
# Angle in degrees the camera moves per step on the Y-axis
# with auto-track (default: 10)
# Currently only used with pwc type cameras
track_step_angle_y 10
# Delay to wait for after tracking movement as number
# of picture frames (default: 10)
track_move_wait 10
# Speed to set the motor to (stepper motor option) (default: 255)
track_speed 255
# Number of steps to make (stepper motor option) (default: 40)
track_stepsize 40
############################################################
# External Commands, Warnings and Logging:
# You can use conversion specifiers for the on_xxxx commands
# %Y = year, %m = month, %d = date,
# %H = hour, %M = minute, %S = second,
# %v = event, %q = frame number, %t = camera id number,
# %D = changed pixels, %N = noise level,
# %i and %J = width and height of motion area,
# %K and %L = X and Y coordinates of motion center
# %C = value defined by text_event
# %f = filename with full path
# %n = number indicating filetype
# Both %f and %n are only defined for on_picture_save,
# on_movie_start and on_movie_end
# Quotation marks round string are allowed.
############################################################
# Do not sound beeps when detecting motion (default: on)
# Note: Motion never beeps when running in daemon mode.
quiet on
# Command to be executed when an event starts. (default: none)
# An event starts at first motion detected after a period of no motion defined by event_gap
; on_event_start value
# Command to be executed when an event ends after a period of no motion
# (default: none). The period of no motion is defined by option event_gap.
; on_event_end value
# Command to be executed when a picture (.ppm|.jpg) is saved (default: none)
# To give the filename as an argument to a command append it with %f
; on_picture_save value
# Command to be executed when a motion frame is detected (default: none)
; on_motion_detected value
# Command to be executed when motion in a predefined area is detected
# Check option 'area_detect'. (default: none)
; on_area_detected value
# Command to be executed when a movie file (.mpg|.avi) is created. (default: none)
# To give the filename as an argument to a command append it with %f
; on_movie_start value
# Command to be executed when a movie file (.mpg|.avi) is closed. (default: none)
# To give the filename as an argument to a command append it with %f
; on_movie_end value
# Command to be executed when a camera can't be opened or if it is lost
# NOTE: There is situations when motion don't detect a lost camera!
# It depends on the driver, some drivers dosn't detect a lost camera at all
# Some hangs the motion thread. Some even hangs the PC! (default: none)
; on_camera_lost value
#####################################################################
# Common Options for database features.
# Options require database options to be active also.
#####################################################################
# Log to the database when creating motion triggered picture file (default: on)
; sql_log_picture on
# Log to the database when creating a snapshot image file (default: on)
; sql_log_snapshot on
# Log to the database when creating motion triggered movie file (default: off)
; sql_log_movie off
# Log to the database when creating timelapse movies file (default: off)
; sql_log_timelapse off
# SQL query string that is sent to the database
# Use same conversion specifiers has for text features
# Additional special conversion specifiers are
# %n = the number representing the file_type
# %f = filename with full path
# Default value:
# Create tables :
##
# Mysql
# CREATE TABLE security (camera int, filename char(80) not null, frame int, file_type int, time_stamp timestamp(14), event_time_stamp timestamp(14));
#
# Postgresql
# CREATE TABLE security (camera int, filename char(80) not null, frame int, file_type int, time_stamp timestamp without time zone, event_time_stamp timestamp without time zone);
#
# insert into security(camera, filename, frame, file_type, time_stamp, text_event) values('%t', '%f', '%q', '%n', '%Y-%m-%d %T', '%C')
; sql_query insert into security(camera, filename, frame, file_type, time_stamp, event_time_stamp) values('%t', '%f', '%q', '%n', '%Y-%m-%d %T', '%C')
############################################################
# Database Options
############################################################
# database type : mysql, postgresql, sqlite3 (default : not defined)
; database_type value
# database to log to (default: not defined)
# for sqlite3, the full path and name for the database.
; database_dbname value
# The host on which the database is located (default: localhost)
; database_host value
# User account name for database (default: not defined)
; database_user value
# User password for database (default: not defined)
; database_password value
# Port on which the database is located
# mysql 3306 , postgresql 5432 (default: not defined)
; database_port value
# Database wait time in milliseconds for locked database to
# be unlocked before returning database locked error (default 0)
; database_busy_timeout 0
############################################################
# Video Loopback Device (vloopback project)
############################################################
# Output images to a video4linux loopback device
# The value '-' means next available (default: not defined)
; video_pipe value
# Output motion images to a video4linux loopback device
# The value '-' means next available (default: not defined)
; motion_video_pipe value
##############################################################
# camera config files - One for each camera.
# Except if only one camera - You only need this config file.
# If you have more than one camera you MUST define one camera
# config file for each camera in addition to this config file.
##############################################################
# Remember: If you have more than one camera you must have one
# camera file for each camera. E.g. 2 cameras requires 3 files:
# This motion.conf file AND camera1.conf and camera2.conf.
# Only put the options that are unique to each camera in the
# camera config files.
; camera /etc/motion/camera1.conf
; camera /etc/motion/camera2.conf
; camera /etc/motion/camera3.conf
; camera /etc/motion/camera4.conf
##############################################################
# Camera config directory - One for each camera.
##############################################################
#
; camera_dir /etc/motion/conf.d

72
roles/Geth-Hub/tasks/main.yml Normal file
View File

@ -0,0 +1,72 @@
---
- name: Geth-Hub packages
become: yes
package:
name:
- motion
- lirc
state: present
- name: Copy the SSH key
authorized_key:
user: "{{ depriv_user | default('pi') }}"
state: present
key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/geth.pub') }}"
- name: Copy the motion config
become: yes
register: motion_config
copy:
src: "motion.conf"
dest: "/etc/motion/motion.conf"
- name: Restart the motion service
become: yes
when: motion_config.changed
service:
name: motion
state: restarted
enabled: yes
# Thanks to https://wiki.geekworm.com/Raspberry_Pi_IR_Control_Expansion_Board for instructions setting up lirc
- name: Set the dtoverlay
become: yes
lineinfile:
path: "/boot/config.txt"
regexp: "^dtoverlay="
line: "dtoverlay=lirc-rpi,gpio_in_pin={{ gpio_in_pin | default('18') }},gpio_out_pin={{ gpio_out_pin | default('17') }}"
- name: Set the dtparam
become: yes
lineinfile:
path: "/boot/config.txt"
regexp: "^dtparam="
line: "dtparam=gpio_in_pull={{ gpio_in_pull | default('down') }}"
- name: Copy the modules config
become: yes
template:
src: "modules.j2"
dest: "/etc/modules"
- name: Copy lircd supplemental config
register: lircd_supp_config
become: yes
copy:
src: "hardware.conf"
dest: "/etc/lirc/hardware.conf"
- name: Copy lircd remote config
register: lircd_remote_config
become: yes
copy:
src: "lircd.conf.{{ inventory_hostname }}"
dest: /etc/lircd.conf
- name: Start the services
when: lircd_supp_config.changed or lircd_remote_config.changed
become: yes
service:
name: lirc
state: restarted
enabled: yes

10
roles/Geth-Hub/templates/modules.j2 Normal file
View File

@ -0,0 +1,10 @@
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
lirc_dev
lirc_rpi gpio_in_pin={{ gpio_in_pin | default('18') }} gpio_out_pin={{ gpio_out_pin | default('17') }}
bcm2835-v4l2
r8188eu

34
roles/Nazara/files/dhcp Normal file
View File

@ -0,0 +1,34 @@
dhcp-range=10.0.1.224,10.0.1.254,255.255.255.0,12h
dhcp-option=option:router,10.0.1.1
dhcp-option=option:dns-server,10.0.1.7
dhcp-range=10.0.1.1,10.0.1.223,255.255.255.0,12h
dhcp-host=B8:27:EB:B6:AA:0C,10.0.1.2
dhcp-host=B8:27:EB:B6:AA:0C,10.0.1.3
dhcp-host=B8:27:EB:B6:AA:0C,10.0.1.4
dhcp-host=B8:27:EB:B6:AA:0C,10.0.1.5
dhcp-host=B8:27:EB:B6:AA:0C,10.0.1.6
dhcp-host=B8:27:EB:B6:AA:0C,10.0.1.7
dhcp-host=00:15:5D:01:02:05,10.0.1.8
dhcp-host=00:15:5D:01:02:04,10.0.1.9
dhcp-host=00:15:5d:01:02:06,10.0.1.10
dhcp-host=00:15:5d:01:02:07,10.0.1.11
dhcp-host=00:25:90:0d:6e:86,10.0.1.12
dhcp-host=84:16:F9:14:15:C5,10.0.1.16
dhcp-host=84:16:F9:13:B6:E6,10.0.1.17
dhcp-host=00:15:5d:01:02:08,10.0.1.24
dhcp-host=00:15:5d:01:02:09,10.0.1.25
dhcp-host=aa:aa:aa:aa:aa:aa,10.0.1.32
dhcp-host=34:f6:4b:36:12:8f,10.0.1.33
dhcp-host=64:C2:DE:78:BB:40,10.0.1.34
dhcp-host=64:C2:DE:0C:AB:0D,10.0.1.35
dhcp-host=00:1F:BC:10:1C:F7,10.0.1.36
dhcp-host=2c:30:33:64:f4:03,10.0.1.1
dhcp-host=00:80:92:77:CE:E4,10.0.1.37
dhcp-host=00:25:90:0D:82:5B,10.0.1.38
dhcp-host=00:25:90:3E:C6:8C,10.0.1.39
dhcp-host=9c:a3:aa:33:a3:99,10.0.1.40
dhcp-host=64:16:66:08:57:F5,10.0.2.2
dhcp-host=18:B4:30:2F:F1:37,10.0.2.3
dhcp-host=64:52:99:14:28:2B,10.0.2.4
dhcp-host=40:9F:38:95:06:34,10.0.2.5

29
roles/Nazara/files/dns Normal file
View File

@ -0,0 +1,29 @@
10.0.1.2 Nazara.MSN0.AniNIX.net Nazara
10.0.1.3 Node-1.MSN0.AniNIX.net Node-1
10.0.1.4 Node-2.MSN0.AniNIX.net Node-2
10.0.1.5 Node-3.MSN0.AniNIX.net Node-3
10.0.1.6 Node-4.MSN0.AniNIX.net Node-4
10.0.1.7 Node-5.MSN0.AniNIX.net Node-5
10.0.1.8 Sharingan.MSN0.AniNIX.net Sharingan
10.0.1.9 DarkNet.MSN0.AniNIX.net DarkNet
10.0.1.10 Maat.MSN0.AniNIX.net Maat
10.0.1.11 Aether.MSN0.AniNIX.net Aether
10.0.1.12 Core.MSN0.AniNIX.net Core
10.0.1.16 Geth-Hub-1.MSN0.AniNIX.net Geth-Hub-1
10.0.1.17 Geth-Hub-2.MSN0.AniNIX.net Geth-Hub-2
10.0.1.24 DedNet.MSN0.AniNIX.net DedNet
10.0.1.25 Geth.MSN0.AniNIX.net Geth
10.0.1.32 Tachikoma.MSN0.AniNIX.net Tachikoma
10.0.1.33 Dedsec.MSN0.AniNIX.net Dedsec
10.0.1.34 DarkFeather.MSN0.AniNIX.net DarkFeather
10.0.1.35 Lykos.MSN0.AniNIX.net Lykos
10.0.1.36 Games.MSN0.AniNIX.net Games
10.0.1.1 Shadowfeed.MSN0.AniNIX.net Shadowfeed
10.0.1.37 Print.MSN0.AniNIX.net Print
10.0.1.38 Core-Console.MSN0.AniNIX.net Core-Console
10.0.1.39 Maat-Console.MSN0.AniNIX.net Maat-Console
10.0.1.40 Geth-Eyes.MSN0.AniNIX.net Geth-Eyes
10.0.2.2 LinKeuei.MSN0.AniNIX.net LinKeuei
10.0.2.3 Canary.MSN0.AniNIX.net Canary
10.0.2.4 Charon.MSN0.AniNIX.net Charon
10.0.2.5 Skitarii-1.MSN0.AniNIX.net Skitarii-1

52
roles/Nazara/tasks/main.yml
View File

@ -1,7 +1,51 @@
---
- name: Nazara packages
- name: Clone pi-hole
become: yes
package:
name:
- pi-hole
git:
accept_newhostkey: yes
dest: /opt/pi-hole
repo: https://github.com/pi-hole/pi-hole.git
- name: Install pi-hole if needed
become: yes
command:
creates: /usr/bin/pihole-FTL
cmd: bash basic-install.sh
chdir: '/opt/pi-hole/automated install'
- name: Generate DNS/DHCP from inventory
delegate_to: localhost
run_once: true
command: "python3 ../bin/generate-pihole-dns-dhcp.py {{ inventory_file }}"
- name: Nazara DNS
become: yes
register: dns_updated
copy:
dest: /etc/pihole/custom.list
src: dns
owner: pihole
group: pihole
mode: 0644
- name: Reload dns
become: yes
command: "pihole restartdns"
when: dns_updated.changed
- name: Nazara DHCP
become: yes
register: dhcp_updated
copy:
src: dhcp
dest: /etc/dnsmasq.d/04-pihole-static-dhcp.conf
owner: root
group: root
mode: 0644
- name: Reload services
become: yes
command: pihole restartdns
when: dns_updated.changed or dhcp_updated.changed

2
roles/TheRaven/README.md
View File

@ -9,7 +9,7 @@ Ravens are smart, ubiquitous birds. [DarkFeather](https://foundation.aninix.net/
You can deploy this service directly with the following invocation:
```
ansible-playbook -i core, -e '{ "role": "TheRaven", "raven": { "ircnetwork": "localhost", "ircport": "6667", "serviceport": "8373" } }' playbooks/one-role.yml
ansible-playbook -i Core, -e 'role=TheRaven' playbooks/one-role.yml
```
# Configuration

21
roles/TheRaven/templates/raven.conf.j2
View File

@ -1,9 +1,12 @@
[ Login ]
host={{ raven.ircnetwork }}
port={{ raven.ircport }}
host={{ raven.ircnetwork | default('localhost') }}
port={{ raven.ircport | default('6667') }}
username=TheRaven
password={{ passwords.TheRaven }}
netListenerPort={{ raven.serviceport }}
[ API ]
port={{ raven.serviceport | default('8373') }}
password={{ passwords.TheRavenAPI }}
[ Whitelist ]
DarkFeather
@ -18,14 +21,14 @@ Connor
[ Rooms ]
lobby
martialarts
mapuzzle
maworkouts
fencing
bjj
ccw
sharingan
foundation
tech
therafters
martialarts
maworkouts
dromundkaas
inn
[ Searches ]
r.google|http://google.com/search?q=|+|Google

16
roles/basics/bin/find-mirrors Executable file
View File

@ -0,0 +1,16 @@
#!/bin/bash
# File: find-mirrors
#
# Description: This file generates a pacman mirrorlist to ensure hosts use the right mirrors for performance.
#
# Package: AniNIX::Foundation/HelloWorld
# Copyright: WTFPL
#
# Author: DarkFeather <ircs://aninix.net:6697/DarkFeather>
country="United States"
curl -s https://raw.githubusercontent.com/archlinux/svntogit-packages/packages/pacman-mirrorlist/trunk/mirrorlist | awk '/^## '"$country"'$/{f=1; next}f==0{next}/^$/{exit}{print substr($0, 1);}' | sed 's/^#Server/Server/' > /tmp/mirrorlist
rankmirrors -n 6 /tmp/mirrorlist > files/mirrorlist
rm /tmp/mirrorlist

29
roles/basics/tasks/main.yml
View File

@ -1,29 +1,13 @@
---
###
# This role installs the basic package and host setup for AniNIX operations.
#
#
#
- name: Set up AniNIX-specific repository
become: yes
file:
path: /opt/aninix
state: directory
- name: Verify GPG keys
ignore_errors: yes
become: yes
command:
cmd: gpg --homedir /etc/pacman.d/gnupg --list-key 1CC1E3F4ED06F296
register: gpg_verify
when: ansible_os_family == "Archlinux"
- name: Install GPG keys
become: yes
command:
cmd: /bin/bash -l -c 'pacman-key --recv-key 1CC1E3F4ED06F296; pacman-key --finger 1CC1E3F4ED06F296; pacman-key --lsign-key 1CC1E3F4ED06F296;'
when: ansible_os_family == "Archlinux" and gpg_verify.rc != 0
- name: Set up pacman.conf
become: yes
blockinfile:
@ -88,13 +72,14 @@
become: yes
copy:
dest: /etc/sudoers.d/basics
content: "{{ lookup('env','USER') }} ALL=(ALL) NOPASSWD: ALL\n"
content: "{{ ansible_user_id }} ALL=(ALL) NOPASSWD: ALL\n"
# Remove unneeded file
- file:
path: /etc/sudoers.d/1001
state: absent
- name: Ensure we include /etc/sudoers.d
become: yes
lineinfile:
path: /etc/sudoers
regexp: "includedir /etc/sudoers.d"
line: "includedir /etc/sudoers.d"
- name: Test root password
ignore_errors: yes