Major work complete
- Added some documentation for setup process - Added productivity tools to configuration - Refactored artwork location - Improved Ansible privilege escalation - Default to 720p profilemaster
parent
b054a9a67a
commit
d1831d7044
99
README.md
99
README.md
|
@ -1,2 +1,101 @@
|
||||||
|
|
||||||
# fossasia-video
|
# fossasia-video
|
||||||
|
|
||||||
The FOSSASIA video recording setup
|
The FOSSASIA video recording setup
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
|
||||||
|
## Installing Debian
|
||||||
|
|
||||||
|
For the recording machines, get a fresh copy of Debian, and install it with the following settings:
|
||||||
|
|
||||||
|
- Username: opentech
|
||||||
|
- Hostname: model-increment
|
||||||
|
- Example: x220-01
|
||||||
|
- Add GNOME Desktop
|
||||||
|
- Add OpenSSH Server
|
||||||
|
|
||||||
|
If a GNOME Desktop and SSH daemon is already installed, a reinstall is not required but recommended.
|
||||||
|
|
||||||
|
## WireGuard
|
||||||
|
|
||||||
|
To set up the overlay WireGuard network to manage machines everywhere, a server needs to be set up. [`wireguard-negotiator`](https://github.com/serverwentdown/wireguard-negotiator) is a tool written to automate some of the key exchange, that must be run on a publicly accessible server as root:
|
||||||
|
|
||||||
|
```
|
||||||
|
# Create WireGuard interface
|
||||||
|
ip link add dev wg1 type wireguard
|
||||||
|
ip addr add fd11:f055:a514:0000::1/64 dev wg1
|
||||||
|
# Configure the interface once. Assumes the configuration file exists
|
||||||
|
# See WireGuard docs on how to write this configuraion file
|
||||||
|
wg setconf wg1 /etc/wireguard/wg1.conf
|
||||||
|
# Bring up the interface
|
||||||
|
ip link set wg1 up
|
||||||
|
wireguard-negotiator server -i wg1 -e [hostname] -l :8080 -I -B
|
||||||
|
```
|
||||||
|
|
||||||
|
On every recording machine, the client can be easily configured like so:
|
||||||
|
|
||||||
|
```
|
||||||
|
# For now, we have to manually install WireGuard
|
||||||
|
echo "deb http://deb.debian.org/debian/ unstable main" | sudo tee /etc/apt/sources.list.d/unstable.list
|
||||||
|
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' | sudo tee /etc/apt/preferences.d/limit-unstable
|
||||||
|
sudo apt update
|
||||||
|
sudo apt install wireguard
|
||||||
|
# TODO: validate this section
|
||||||
|
sudo systemctl enable --now systemd-networkd
|
||||||
|
wget -O wgn http://[hostname]:8080
|
||||||
|
chmod +x wgn
|
||||||
|
sudo ./wgn request -s http://[hostname]:8080
|
||||||
|
```
|
||||||
|
|
||||||
|
## Configuring Rooms
|
||||||
|
|
||||||
|
To specify the room for a specific host, do the following:
|
||||||
|
|
||||||
|
```
|
||||||
|
echo the_room_id > ~opentech/room_id
|
||||||
|
echo teh_room_type > ~opentech/room_type
|
||||||
|
```
|
||||||
|
|
||||||
|
This step is optional. This and the following steps should be done for every change in room or setup of the laptop.
|
||||||
|
|
||||||
|
## Exporting Hosts
|
||||||
|
|
||||||
|
Export all hosts on the overlay network from WireGuard configuration:
|
||||||
|
|
||||||
|
```
|
||||||
|
wireguard-negotiator dump > wireguard.list
|
||||||
|
```
|
||||||
|
|
||||||
|
This list of IPs can be exported into our Ansible hosts format as such:
|
||||||
|
|
||||||
|
```
|
||||||
|
go run event-generate.go opentech < wireguard.list > event
|
||||||
|
```
|
||||||
|
|
||||||
|
The script `event-fetch-generate.sh` does the exporting and generating of the `event` inventory.
|
||||||
|
|
||||||
|
## Running Playbooks
|
||||||
|
|
||||||
|
Before running any Playbooks, switch to SSH authentication:
|
||||||
|
|
||||||
|
```
|
||||||
|
ansible-playbook -Kf 8 -kc paramiko -i event ssh-key.yml
|
||||||
|
ansible -Kf 8 -kc paramiko -b -i event all -a reboot
|
||||||
|
```
|
||||||
|
|
||||||
|
Now, plays can be run like so:
|
||||||
|
|
||||||
|
```
|
||||||
|
./play [inventory] [playbook]
|
||||||
|
# Which executes the following command
|
||||||
|
ansible-playbook -Kf 4 -i [inventory] [playbook]
|
||||||
|
# Example:
|
||||||
|
./play event recorders.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
## Install Wireless Drivers
|
||||||
|
|
||||||
|
```
|
||||||
|
ansible -Kf 8 -b -i event all -a 'apt install firmware-iwlwifi'
|
||||||
|
```
|
||||||
|
|
|
@ -1,6 +1,3 @@
|
||||||
[recorders:children]
|
[recorders]
|
||||||
testgroup
|
x220-01 ansible_host=fd11:f055:a514::2 ansible_user=opentech room_id= room_type=
|
||||||
|
x230-01 ansible_host=fd11:f055:a514::3 ansible_user=opentech room_id=testroom1 room_type=special
|
||||||
[testgroup]
|
|
||||||
#user@10.10.2.5 room_id=test
|
|
||||||
ambrose@10.10.0.90 room_id=test
|
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
echo "Fetching event inventory"
|
||||||
|
|
||||||
|
ssh saguaro /usr/local/bin/wireguard-negotiator dump -i wg1 | go run event-generate.go opentech > event
|
|
@ -0,0 +1,59 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bufio"
|
||||||
|
"bytes"
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
"os/exec"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
s := bufio.NewScanner(os.Stdin)
|
||||||
|
if len(os.Args) != 1+1 {
|
||||||
|
fmt.Fprintf(os.Stderr, "not enough arguments\nusage: %s [ssh user]\n", os.Args[0])
|
||||||
|
return
|
||||||
|
}
|
||||||
|
user := os.Args[1]
|
||||||
|
|
||||||
|
fmt.Printf("[recorders]\n")
|
||||||
|
|
||||||
|
for s.Scan() {
|
||||||
|
host := s.Text()
|
||||||
|
if strings.HasPrefix(host, "#") {
|
||||||
|
// Is a comment
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
if strings.HasSuffix(host, ":0") {
|
||||||
|
// Is a "system" host
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
hostname, roomId, roomType, err := discover(host, user)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Fprintf(os.Stderr, "host %s discovery failed: %v\n", host, err)
|
||||||
|
}
|
||||||
|
fmt.Printf("%s ansible_host=%s ansible_user=%s room_id=%s room_type=%s\n", hostname, host, user, roomId, roomType)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func discover(host, user string) (hostname, roomId, roomType string, err error) {
|
||||||
|
cmd := exec.Command("/usr/bin/ssh", "-l", user, host, "sh", "-c", "hostname; cat room_id; cat room_type; exit 0")
|
||||||
|
fmt.Fprintf(os.Stderr, "command: %s\n", cmd)
|
||||||
|
var out bytes.Buffer
|
||||||
|
cmd.Stdout = &out
|
||||||
|
err = cmd.Run()
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
hostname, err = out.ReadString('\n')
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
hostname = strings.TrimSpace(hostname)
|
||||||
|
roomId, _ = out.ReadString('\n')
|
||||||
|
roomId = strings.TrimSpace(roomId)
|
||||||
|
roomType, _ = out.ReadString('\n')
|
||||||
|
roomType = strings.TrimSpace(roomType)
|
||||||
|
return
|
||||||
|
}
|
|
@ -3,6 +3,11 @@
|
||||||
room_id: unknown
|
room_id: unknown
|
||||||
|
|
||||||
# Overwrite in inventory if cannot cope
|
# Overwrite in inventory if cannot cope
|
||||||
record_profile: 1080p
|
record_profile: 720p
|
||||||
# Overwrite in inventory if want to use more storage to use less CPU
|
# Overwrite in inventory if want to use more storage to use less CPU
|
||||||
record_fast: false
|
record_fast: false
|
||||||
|
|
||||||
|
record_user: mixer
|
||||||
|
record_home: /home/mixer
|
||||||
|
|
||||||
|
autostart: true
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
ansible-playbook -Kbf 1 -i "$1" "$2"
|
set -e
|
||||||
|
|
||||||
|
ansible-playbook -Kf 4 -i "$1" "$2"
|
||||||
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- hosts: recorders
|
||||||
|
roles:
|
||||||
|
- productivity
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
- hosts: recorders
|
||||||
|
roles:
|
||||||
|
- role: recorder
|
||||||
|
- role: monitoring-client
|
||||||
|
vars:
|
||||||
|
autostart: false
|
|
@ -0,0 +1,30 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
# Credits: Michael Heap
|
||||||
|
|
||||||
|
- name: Does the Google apt file exist?
|
||||||
|
become: yes
|
||||||
|
command: test -f {{ apt_file }}
|
||||||
|
register: google_apt_exists
|
||||||
|
ignore_errors: True
|
||||||
|
|
||||||
|
- name: Add Google Chrome key
|
||||||
|
become: yes
|
||||||
|
shell: wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add -
|
||||||
|
when: google_apt_exists.rc == 1
|
||||||
|
|
||||||
|
- name: Add Google Chrome repo
|
||||||
|
become: yes
|
||||||
|
copy: content="deb http://dl.google.com/linux/chrome/deb/ stable main" dest={{ apt_file }} owner=root group=root mode=644
|
||||||
|
when: google_apt_exists.rc == 1
|
||||||
|
|
||||||
|
- name: Update apt cache
|
||||||
|
become: yes
|
||||||
|
apt: update_cache=yes
|
||||||
|
when: google_apt_exists.rc == 1
|
||||||
|
|
||||||
|
- name: Install Google Chrome
|
||||||
|
become: yes
|
||||||
|
apt:
|
||||||
|
state: latest
|
||||||
|
pkg: google-chrome-stable
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
- include: chrome.yml
|
||||||
|
vars:
|
||||||
|
- apt_file: /etc/apt/sources.list.d/google-chrome.list
|
||||||
|
- include: vscode.yml
|
||||||
|
vars:
|
||||||
|
- apt_file: /etc/apt/sources.list.d/vscode.list
|
||||||
|
- include: packages.yml
|
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: install editors
|
||||||
|
become: yes
|
||||||
|
apt:
|
||||||
|
state: latest
|
||||||
|
name:
|
||||||
|
- neovim
|
||||||
|
- emacs
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
# Credits: Michael Heap
|
||||||
|
|
||||||
|
- name: Does the vscode apt file exist?
|
||||||
|
become: yes
|
||||||
|
command: test -f {{ apt_file }}
|
||||||
|
register: vscode_apt_exists
|
||||||
|
ignore_errors: True
|
||||||
|
|
||||||
|
- name: Add Microsoft key
|
||||||
|
become: yes
|
||||||
|
shell: wget -q -O - https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
|
||||||
|
when: vscode_apt_exists.rc == 1
|
||||||
|
|
||||||
|
- name: Add vscode repo
|
||||||
|
become: yes
|
||||||
|
copy: content="deb https://packages.microsoft.com/repos/vscode stable main" dest={{ apt_file }} owner=root group=root mode=644
|
||||||
|
when: vscode_apt_exists.rc == 1
|
||||||
|
|
||||||
|
- name: Update apt cache
|
||||||
|
become: yes
|
||||||
|
apt: update_cache=yes
|
||||||
|
when: vscode_apt_exists.rc == 1
|
||||||
|
|
||||||
|
- name: Install vscode
|
||||||
|
become: yes
|
||||||
|
apt:
|
||||||
|
state: latest
|
||||||
|
pkg: code
|
|
@ -2,19 +2,17 @@
|
||||||
|
|
||||||
- name: create artwork directory
|
- name: create artwork directory
|
||||||
file:
|
file:
|
||||||
dest: "/opt/artwork/{{ event.id }}"
|
dest: "{{ mixer_user.home }}/artwork/{{ event.id }}"
|
||||||
state: directory
|
state: directory
|
||||||
recurse: yes
|
recurse: yes
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
become: yes
|
||||||
|
become_user: mixer
|
||||||
|
|
||||||
- name: copy backgrounds
|
- name: copy backgrounds
|
||||||
copy:
|
copy:
|
||||||
src: "../../../artwork/{{ event.id }}/{{ item }}.png"
|
src: "../../../artwork/{{ event.id }}/{{ item }}.png"
|
||||||
dest: "/opt/artwork/{{ event.id }}"
|
dest: "{{ mixer_user.home }}/artwork/{{ event.id }}"
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: u=rw,g=r,o=r
|
mode: u=rw,g=r,o=r
|
||||||
with_items:
|
with_items:
|
||||||
- side-by-side
|
- side-by-side
|
||||||
|
@ -22,3 +20,5 @@
|
||||||
- side-by-side-43
|
- side-by-side-43
|
||||||
- side-by-side-43-reverse
|
- side-by-side-43-reverse
|
||||||
- blank
|
- blank
|
||||||
|
become: yes
|
||||||
|
become_user: mixer
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: generate hosts file
|
- name: generate hosts file
|
||||||
|
become: yes
|
||||||
template:
|
template:
|
||||||
src: etc-hosts.j2
|
src: etc-hosts.j2
|
||||||
dest: /etc/hosts
|
dest: /etc/hosts
|
||||||
|
|
||||||
- name: set hostname to room_id
|
- name: set hostname to room_id
|
||||||
|
become: yes
|
||||||
hostname:
|
hostname:
|
||||||
name: "room-{{ room_id }}"
|
name: "room-{{ room_id }}"
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
- include: user.yml
|
- include: user.yml
|
||||||
- include: hostname.yml
|
#- include: hostname.yml
|
||||||
- include: packages.yml
|
- include: packages.yml
|
||||||
- include: artwork.yml
|
- include: artwork.yml
|
||||||
- include: obs.yml
|
- include: obs.yml
|
||||||
|
|
|
@ -5,39 +5,39 @@
|
||||||
dest: "{{ mixer_user.home }}/.config/obs-studio/{{ item }}"
|
dest: "{{ mixer_user.home }}/.config/obs-studio/{{ item }}"
|
||||||
state: directory
|
state: directory
|
||||||
recurse: yes
|
recurse: yes
|
||||||
owner: mixer
|
|
||||||
group: mixer
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
mode: u=rwx,g=rx,o=rx
|
||||||
with_items:
|
with_items:
|
||||||
- basic/profiles/1080p
|
- basic/profiles/1080p
|
||||||
- basic/profiles/720p
|
- basic/profiles/720p
|
||||||
- basic/scenes
|
- basic/scenes
|
||||||
|
become: yes
|
||||||
|
become_user: mixer
|
||||||
|
|
||||||
- name: create videos directory
|
- name: create videos directory
|
||||||
file:
|
file:
|
||||||
dest: "{{ mixer_user.home }}/Videos/{{ event.id }}/{{ room_id }}"
|
dest: "{{ mixer_user.home }}/Videos/{{ event.id }}/{{ room_id }}"
|
||||||
state: directory
|
state: directory
|
||||||
recurse: yes
|
recurse: yes
|
||||||
owner: mixer
|
|
||||||
group: mixer
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
become: yes
|
||||||
|
become_user: mixer
|
||||||
|
|
||||||
- name: generate base obs configuration files
|
- name: generate base obs configuration files
|
||||||
template:
|
template:
|
||||||
src: "obs-studio/{{ item }}.j2"
|
src: "obs-studio/{{ item }}.j2"
|
||||||
dest: "{{ mixer_user.home }}/.config/obs-studio/{{ item }}"
|
dest: "{{ mixer_user.home }}/.config/obs-studio/{{ item }}"
|
||||||
owner: mixer
|
|
||||||
group: mixer
|
|
||||||
mode: u=rw,g=r,o=r
|
mode: u=rw,g=r,o=r
|
||||||
with_items:
|
with_items:
|
||||||
- global.ini
|
- global.ini
|
||||||
- basic/profiles/1080p/basic.ini
|
- basic/profiles/1080p/basic.ini
|
||||||
- basic/profiles/720p/basic.ini
|
- basic/profiles/720p/basic.ini
|
||||||
|
become: yes
|
||||||
|
become_user: mixer
|
||||||
|
|
||||||
- name: generate event obs configuration files
|
- name: generate event obs configuration files
|
||||||
template:
|
template:
|
||||||
src: "obs-studio/basic/scenes/event_id.json.j2"
|
src: "obs-studio/basic/scenes/event_id.json.j2"
|
||||||
dest: "{{ mixer_user.home }}/.config/obs-studio/basic/scenes/{{ event.id }}.json"
|
dest: "{{ mixer_user.home }}/.config/obs-studio/basic/scenes/{{ event.id }}.json"
|
||||||
owner: mixer
|
|
||||||
group: mixer
|
|
||||||
mode: u=rw,g=r,o=r
|
mode: u=rw,g=r,o=r
|
||||||
|
become: yes
|
||||||
|
become_user: mixer
|
||||||
|
|
|
@ -1,12 +1,14 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: install general packages
|
- name: install general packages
|
||||||
|
become: yes
|
||||||
apt:
|
apt:
|
||||||
state: latest
|
state: latest
|
||||||
name:
|
name:
|
||||||
- git
|
- git
|
||||||
|
|
||||||
- name: install packages required to be a recorder
|
- name: install packages required to be a recorder
|
||||||
|
become: yes
|
||||||
apt:
|
apt:
|
||||||
state: latest
|
state: latest
|
||||||
name:
|
name:
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: create mixer group
|
- name: create mixer group
|
||||||
|
become: yes
|
||||||
group:
|
group:
|
||||||
name: mixer
|
name: mixer
|
||||||
|
|
||||||
- name: create mixer user with password mixer
|
- name: create mixer user with password mixer
|
||||||
|
become: yes
|
||||||
user:
|
user:
|
||||||
name: mixer
|
name: mixer
|
||||||
group: mixer
|
group: mixer
|
||||||
|
@ -14,7 +16,8 @@
|
||||||
register: mixer_user
|
register: mixer_user
|
||||||
|
|
||||||
- name: enable gdm autologin to mixer user
|
- name: enable gdm autologin to mixer user
|
||||||
copy:
|
become: yes
|
||||||
|
template:
|
||||||
src: gdm.conf
|
src: gdm.conf
|
||||||
dest: /etc/gdm3/daemon.conf
|
dest: /etc/gdm3/daemon.conf
|
||||||
owner: root
|
owner: root
|
||||||
|
|
|
@ -8,9 +8,11 @@
|
||||||
# Uncomment the line below to force the login screen to use Xorg
|
# Uncomment the line below to force the login screen to use Xorg
|
||||||
#WaylandEnable=false
|
#WaylandEnable=false
|
||||||
|
|
||||||
|
{% if autostart %}
|
||||||
# Enabling automatic login
|
# Enabling automatic login
|
||||||
AutomaticLoginEnable = true
|
AutomaticLoginEnable = true
|
||||||
AutomaticLogin = mixer
|
AutomaticLogin = mixer
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# Enabling timed login
|
# Enabling timed login
|
||||||
# TimedLoginEnable = true
|
# TimedLoginEnable = true
|
|
@ -11,7 +11,7 @@ OutputCY=1080
|
||||||
Mode=Simple
|
Mode=Simple
|
||||||
|
|
||||||
[Audio]
|
[Audio]
|
||||||
SampleRate=48000
|
SampleRate=44100
|
||||||
|
|
||||||
[Hotkeys]
|
[Hotkeys]
|
||||||
OBSBasic.StartRecording={\n "bindings": [\n {\n "control": true,\n "key": "OBS_KEY_RETURN"\n }\n ]\n}
|
OBSBasic.StartRecording={\n "bindings": [\n {\n "control": true,\n "key": "OBS_KEY_RETURN"\n }\n ]\n}
|
||||||
|
@ -20,7 +20,8 @@ OBSBasic.Transition={\n "bindings": [\n {\n "key": "OBS_KEY
|
||||||
|
|
||||||
[SimpleOutput]
|
[SimpleOutput]
|
||||||
RecFormat=mkv
|
RecFormat=mkv
|
||||||
RecQuality=Small
|
RecQuality=Stream
|
||||||
|
VBitrate=3000
|
||||||
{% if record_fast %}
|
{% if record_fast %}
|
||||||
RecEncoder=x264_lowcpu
|
RecEncoder=x264_lowcpu
|
||||||
{% else %}
|
{% else %}
|
||||||
|
|
|
@ -11,7 +11,7 @@ OutputCY=720
|
||||||
Mode=Simple
|
Mode=Simple
|
||||||
|
|
||||||
[Audio]
|
[Audio]
|
||||||
SampleRate=48000
|
SampleRate=44100
|
||||||
|
|
||||||
[Hotkeys]
|
[Hotkeys]
|
||||||
OBSBasic.StartRecording={\n "bindings": [\n {\n "control": true,\n "key": "OBS_KEY_RETURN"\n }\n ]\n}
|
OBSBasic.StartRecording={\n "bindings": [\n {\n "control": true,\n "key": "OBS_KEY_RETURN"\n }\n ]\n}
|
||||||
|
@ -20,7 +20,8 @@ OBSBasic.Transition={\n "bindings": [\n {\n "key": "OBS_KEY
|
||||||
|
|
||||||
[SimpleOutput]
|
[SimpleOutput]
|
||||||
RecFormat=mkv
|
RecFormat=mkv
|
||||||
RecQuality=Small
|
RecQuality=Stream
|
||||||
|
VBitrate=3000
|
||||||
{% if record_fast %}
|
{% if record_fast %}
|
||||||
RecEncoder=x264_lowcpu
|
RecEncoder=x264_lowcpu
|
||||||
{% else %}
|
{% else %}
|
||||||
|
|
|
@ -159,7 +159,7 @@
|
||||||
"push-to-talk": false,
|
"push-to-talk": false,
|
||||||
"push-to-talk-delay": 0,
|
"push-to-talk-delay": 0,
|
||||||
"settings": {
|
"settings": {
|
||||||
"file": "/opt/artwork/{{ event.id }}/blank.png",
|
"file": "{{ mixer_user.home }}/artwork/{{ event.id }}/blank.png",
|
||||||
"unload": true
|
"unload": true
|
||||||
},
|
},
|
||||||
"sync": 0,
|
"sync": 0,
|
||||||
|
@ -446,7 +446,7 @@
|
||||||
"push-to-talk": false,
|
"push-to-talk": false,
|
||||||
"push-to-talk-delay": 0,
|
"push-to-talk-delay": 0,
|
||||||
"settings": {
|
"settings": {
|
||||||
"file": "/opt/artwork/{{ event.id }}/side-by-side-43-reverse.png",
|
"file": "{{ mixer_user.home }}/artwork/{{ event.id }}/side-by-side-43-reverse.png",
|
||||||
"unload": true
|
"unload": true
|
||||||
},
|
},
|
||||||
"sync": 0,
|
"sync": 0,
|
||||||
|
@ -609,7 +609,7 @@
|
||||||
"push-to-talk": false,
|
"push-to-talk": false,
|
||||||
"push-to-talk-delay": 0,
|
"push-to-talk-delay": 0,
|
||||||
"settings": {
|
"settings": {
|
||||||
"file": "/opt/artwork/{{ event.id }}/side-by-side-43.png",
|
"file": "{{ mixer_user.home }}/artwork/{{ event.id }}/side-by-side-43.png",
|
||||||
"unload": true
|
"unload": true
|
||||||
},
|
},
|
||||||
"sync": 0,
|
"sync": 0,
|
||||||
|
@ -913,7 +913,7 @@
|
||||||
"push-to-talk": false,
|
"push-to-talk": false,
|
||||||
"push-to-talk-delay": 0,
|
"push-to-talk-delay": 0,
|
||||||
"settings": {
|
"settings": {
|
||||||
"file": "/opt/artwork/{{ event.id }}/side-by-side.png",
|
"file": "{{ mixer_user.home }}/artwork/{{ event.id }}/side-by-side.png",
|
||||||
"unload": false
|
"unload": false
|
||||||
},
|
},
|
||||||
"sync": 0,
|
"sync": 0,
|
||||||
|
@ -1103,7 +1103,7 @@
|
||||||
"push-to-talk": false,
|
"push-to-talk": false,
|
||||||
"push-to-talk-delay": 0,
|
"push-to-talk-delay": 0,
|
||||||
"settings": {
|
"settings": {
|
||||||
"file": "/opt/artwork/{{ event.id }}/side-by-side-reverse.png",
|
"file": "{{ mixer_user.home }}/artwork/{{ event.id }}/side-by-side-reverse.png",
|
||||||
"unload": false
|
"unload": false
|
||||||
},
|
},
|
||||||
"sync": 0,
|
"sync": 0,
|
||||||
|
|
|
@ -9,8 +9,8 @@ cx=720
|
||||||
cy=580
|
cy=580
|
||||||
|
|
||||||
[BasicWindow]
|
[BasicWindow]
|
||||||
geometry=AdnQywACAAAAAABDAAAAGwAAA/8AAAL/AAAAWAAAAEYAAAOuAAACwgAAAAACAAAABAA=
|
geometry=AdnQywACAAAAAAAAAAAAGwAABVUAAAL/AAAAAAAAAEAAAAQ2AAAC/wAAAAACAAAABVY=
|
||||||
DockState=AAAA/wAAAAD9AAAAAQAAAAMAAAO9AAAA+/wBAAAABfsAAAAUAHMAYwBlAG4AZQBzAEQAbwBjAGsBAAAAAAAAANsAAACoAP////sAAAAWAHMAbwB1AHIAYwBlAHMARABvAGMAawEAAADhAAAA3AAAAKgA////+wAAABIAbQBpAHgAZQByAEQAbwBjAGsBAAABwwAAASoAAADkAP////sAAAAeAHQAcgBhAG4AcwBpAHQAaQBvAG4AcwBEAG8AYwBrAAAAAlgAAAC/AAAAggD////7AAAAGABjAG8AbgB0AHIAbwBsAHMARABvAGMAawEAAALzAAAAygAAAJsA////AAADvQAAAZkAAAAEAAAABAAAAAgAAAAI/AAAAAA=
|
DockState=AAAA/wAAAAD9AAAAAQAAAAMAAAVWAAABF/wBAAAABfsAAAAUAHMAYwBlAG4AZQBzAEQAbwBjAGsBAAAAAAAAAToAAACoAP////sAAAAWAHMAbwB1AHIAYwBlAHMARABvAGMAawEAAAFAAAABPAAAAKgA////+wAAABIAbQBpAHgAZQByAEQAbwBjAGsBAAACggAAAawAAADkAP////sAAAAeAHQAcgBhAG4AcwBpAHQAaQBvAG4AcwBEAG8AYwBrAAAAAlgAAAC/AAAAggD////7AAAAGABjAG8AbgB0AHIAbwBsAHMARABvAGMAawEAAAQ0AAABIgAAAJoA////AAAFVgAAAXIAAAAEAAAABAAAAAgAAAAI/AAAAAA=
|
||||||
PreviewEnabled=true
|
PreviewEnabled=true
|
||||||
AlwaysOnTop=false
|
AlwaysOnTop=false
|
||||||
SceneDuplicationMode=true
|
SceneDuplicationMode=true
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
---
|
||||||
|
- hosts: recorders
|
||||||
|
tasks:
|
||||||
|
- name: set permissions for .ssh directory
|
||||||
|
file:
|
||||||
|
path: "{{ ansible_env.HOME }}/.ssh"
|
||||||
|
state: directory
|
||||||
|
mode: u=rwx,g=-rwx,o=-rwx
|
||||||
|
- name: create authorized_keys file
|
||||||
|
file:
|
||||||
|
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||||
|
state: touch
|
||||||
|
mode: u=rwx,g=r-wx,o=r-wx
|
||||||
|
- name: insert ambrose's public ssh key
|
||||||
|
blockinfile:
|
||||||
|
dest: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||||
|
block: |
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDBsAEpJLRUzF9O58EkRFAe+WFp46SNEEz6ChOEkzWs+Vn4b60uKABXB60l56S1Ok6PHlNxyIlLuF+IXUOfalO+V9HXxZmjdHp7SibOXcEDFRDnCgGqnRTwd5zEbdMnZ9g0ia7NnIeaS7M5pXGtir7S86pNNaVWWnBvobDuc1As4NGIHa7hPHPOsPRgjNgB6YqaRq6a98j1yGghMiQJJvsBeZ0S00MZp9lfUiB+jrxhDgGyPsU5M9U+ObJmOFlaLx5XqZW3/5tTJoEmyD/vRV6IzOhhR6PPgGpQXJBdmrbJOKWtTwckwWE2xR+rs3J154OyZadkJ9+1aj/EKleTYs5GfDzGQeTb/wsyRz3tgTesFcXW/klVYVEcvZZxPvOoMPUK8vtYIt2LiFJov+/EQu5wfeilLURfZwKk2fBIC+CFUwg6ewogb4Ynvxv7++J11+7uMSOkuqu/0t/7rrv4TDt06dtA5oUNfZ5cUH0/H/KX48DkCp+mRI7S5uJ6majXZEm5Nmi7u+gOCSjAewe6Ex++I91MsX3WrgVG5OUffx/QTsLeRhT9ZMAlnED7lcTXNhDCEmJif87CQFucRnrkO9FvDnZG2i9721MLGo9Sf/M7AliwMH7fcVucgvY4AJuESspEjWjQn9YEqhp1cDb/PtNZtRl/v1TJOV4eQUDSWusdw== ambrose-yubikey
|
||||||
|
- name: prevent password login
|
||||||
|
become: yes
|
||||||
|
blockinfile:
|
||||||
|
dest: /etc/ssh/sshd_config
|
||||||
|
block: |
|
||||||
|
PasswordAuthentication no
|
||||||
|
|
Loading…
Reference in New Issue