Add role wireless network

bitraf-friskluft.yml

@@ -0,0 +1,23 @@
+- hosts:
+    - bitraf-friskluft
+  vars:
+    lan: "{{ host_database[ansible_hostname].interfaces.lan }}"
+  roles:
+    - lusers
+    - superusers
+    - wireless-network
+
+    - role: systemd-networkd-interface
+      tags: network
+      vars:
+        priority: 10
+        interface: wlan0
+        network_content: |
+          [Match]
+          Name={{ interface }}
+
+          [Network]
+          Address={{ lan.ipv4.address }}/{{ lan.ipv4.netmask }}
+          {% if lan.ipv4.gateway|default("")|length>0 %}
+          Gateway={{ lan.ipv4.gateway }}
+          {% endif %}

group_vars/all/host_database.yml

@@ -115,3 +115,5 @@ host_database:
         dns: bitraf-friskluft.lan.bitraf.no
         ipv4:
           address: 10.13.37.229
+          netmask: 24
+          gateway: 10.13.37.1

inventory

@@ -3,6 +3,7 @@
 aix                 ansible_host=aix.bitraf.no                          ansible_python_interpreter=/usr/local/bin/python3   ansible_become_method=doas
 bite                ansible_host=bite.bitraf.no                         ansible_python_interpreter=/usr/bin/python3
 bitnode             ansible_host=bitnode.bitraf.no
+bitraf-friskluft    ansible_host=bitraf-friskluft.lan.bitraf.no		ansible_python_interpreter=/usr/bin/python3
 bomba               ansible_host=bomba.bitraf.no
 boxy2               ansible_host=boxy2.local
 boxy2-eof           ansible_host=boxy2-eof.local

shared-roles/wireless-network/README.md

@@ -0,0 +1,10 @@
+A role to configure the wireless network on Raspberry Pi, running RaspiOS (Raspbian).
+
+You will need to define
+
+    wifi_ssid: <ssid>
+    wifi_psk: <psk>
+
+in a file ../../host_vars/<hostname>/wifi.yml
+
+and encrypt it with ansible-vault before this role will work. NOTE: remember to encrypt before the file leaves your machine!

shared-roles/wireless-network/defaults/main.yml

@@ -0,0 +1 @@
+wifi__country: "NO"

shared-roles/wireless-network/handlers/main.yml

@@ -0,0 +1,5 @@
+- name: Restart Networking
+  become: yes
+  service:
+    name: networking
+    state: restarted

shared-roles/wireless-network/tasks/main.yml

@@ -0,0 +1,20 @@
+- name: configure wireless network
+  tags: wireless-network
+  block:
+  - name: Install system dependencies
+    apt:
+      name:
+      - wpasupplicant
+  - name: Configure wpa_supplicant
+    become: yes
+    template:
+      src: wpa_supplicant.conf.j2
+      dest: /etc/wpa_supplicant/wpa_supplicant.conf
+      backup: yes
+  - name: disable the rf kill switch
+    become: yes
+    command: "rfkill unblock wlan"
+  - name: make wpa_supplicant re-read it's configuration file
+    become: yes
+    command: "wpa_cli -i wlan0 reconfigure"
+    notify: Restart Networking

shared-roles/wireless-network/templates/wpa_supplicant.conf.j2

@@ -0,0 +1,11 @@
+# managed with ansible
+ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
+update_config=1
+p2p_disabled=1
+country={{ wifi__country }}
+
+network={
+    #scan_ssid=1
+    ssid="{{ wifi_ssid }}"
+    psk="{{ wifi_psk }}"
+}