Dustin C. Hatch
ef4e769ed2
The *motioneye* role installs motionEye on a Fedora machine using `pip`. It configures Apache to proxy for motionEye for outside (HTTPS) access. The official installation instructions and default configuration for motionEye assume it will be running as root. There is, however, no specific reason for this, as it works just fine as an unprivileged user. The only minor surprise is that the `conf_path` configuration setting must be writable, as this is where motionEye places generated configuration for `motion`. This path does not, however, have to include the `motioneye.conf` file itself, which can still be read-only.
111 lines
2.4 KiB
YAML
111 lines
2.4 KiB
YAML
- name: ensure rpmfusion repo is available
|
|
dnf:
|
|
name: >-
|
|
https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_distribution_version }}.noarch.rpm
|
|
state: present
|
|
tags: install
|
|
|
|
- name: ensure motion is installed
|
|
package:
|
|
name: '{{ motion_packages }}'
|
|
state: present
|
|
tags: install
|
|
- name: ensure motioneye dependencies are installed
|
|
package:
|
|
name: '{{ motioneye_packages }}'
|
|
state: present
|
|
tags: install
|
|
- name: ensure motioneye is installed
|
|
pip:
|
|
name: motioneye
|
|
executable: /usr/bin/pip2
|
|
state: present
|
|
tags:
|
|
- install
|
|
- pip
|
|
|
|
- name: ensure motioneye user exists
|
|
user:
|
|
name: motioneye
|
|
system: true
|
|
shell: /sbin/nologin
|
|
state: present
|
|
tags:
|
|
- user
|
|
|
|
- name: ensure motioneye media directory exists
|
|
file:
|
|
path: /var/lib/motioneye
|
|
owner: motioneye
|
|
group: motioneye
|
|
mode: '0755'
|
|
state: directory
|
|
- name: ensure motioneye configuration directory exists
|
|
file:
|
|
path: /var/lib/motioneye/conf
|
|
owner: motioneye
|
|
group: motioneye
|
|
mode: '0755'
|
|
state: directory
|
|
- name: ensure motioneye log directory exists
|
|
file:
|
|
path: /var/log/motioneye
|
|
owner: motioneye
|
|
group: motioneye
|
|
mode: '0755'
|
|
state: directory
|
|
|
|
- name: ensure motioneye is configured
|
|
template:
|
|
src: motioneye.conf.j2
|
|
dest: /etc/motioneye.conf
|
|
mode: '0644'
|
|
|
|
- name: ensure tmpfiles.d directory exists
|
|
file:
|
|
path: /etc/tmpfiles.d
|
|
mode: '0755'
|
|
state: directory
|
|
- name: ensure motioneye tmpfiles are configured
|
|
copy:
|
|
src: motioneye.tmpfiles.conf
|
|
dest: /etc/tmpfiles.d/motioneye.conf
|
|
notify: process tmpfiles
|
|
|
|
- name: ensure motioneye systemd unit is installed
|
|
copy:
|
|
src: motioneye.service
|
|
dest: /etc/systemd/system/motioneye.service
|
|
mode: '0644'
|
|
notify:
|
|
- reload systemd
|
|
- restart motioneye
|
|
tags: systemd
|
|
- name: ensure motioneye service is enabled
|
|
service:
|
|
name: motioneye
|
|
enabled: true
|
|
- meta: flush_handlers
|
|
- name: ensure motioneye service is running
|
|
service:
|
|
name: motioneye
|
|
state: started
|
|
|
|
- name: ensure apache is allowed to proxy for motioneye
|
|
seboolean:
|
|
name: httpd_can_network_connect
|
|
persistent: true
|
|
state: true
|
|
tags:
|
|
- apache
|
|
- selinux
|
|
- name: ensure apache is configured to proxy for motioneye
|
|
template:
|
|
src: motioneye.httpd.conf.j2
|
|
dest: /etc/httpd/conf.d/motioneye.conf
|
|
mode: '0644'
|
|
notify: reload httpd
|
|
tags:
|
|
- apache
|
|
- apache-config
|