Ages ago I built
a FlightAware ADS-B feeder on a
Raspberry Pi Model B Rev 1.
To this day it is still running and happily feeding data to both
FlightAware and FlightRadar24. Earlier this
year I even built another feeder for the
UAT variant. Well FlightAware finally
released support for
Raspbian (Debian) 10.0 (Buster)
so I decided that it was time to upgrade. At first I started down the path of
simply making a new manifest for Puppet which readers of
this blog might recognize as my preferred configuration management utility.
Well the two feeders I have are both rather under-powered and have pretty small
memories. Since the SDR decoding process takes up so much CPU time and memory
is already very thin running the Puppet agent just didn't make a lot of sense. It turns
out that "look at Ansible again" has been sitting
around aging nicely in my
~/TODO so I figured why not.
At first look I really do prefer the agent based setup of Puppet. The mutual TLS authentication adds a nice warm and fuzzy and the expansive custom module library means that I rarely find myself having to figure out how to manage stuff myself. Having augeas natively as a type in Puppet is also nice. The ansible-augeas module looks unloved and thus far I have not gotten it to work so I've resorted to going back and writing shell scripts to update config files. 🤮 That being said I pretty obviously prefer Jinja2 as a template system over the various Ruby-ish systems Puppet uses and in this case the lightweight ssh-driven approach of Ansible clearly wins out. I most certainly have not found a pervasive reason to start porting over the 6600+ lines of Puppet manifests that I have written already, but I see no reason I can't use Ansible to manage my small fleet of Raspberry Pi systems.
I went and read through the Ansible documentation and found it generally good though it takes a little while until it gets to the part where it tells you how to layout something more complex than 'install and start this single service with the default configuration', so once I got that sorted out I created a fairly generic common role that serves to provide a known-good starting point. Inexplicably there is a bunch of stuff installed by default in the Raspbian 'lite' distribution that is completely useless. I also restore the default Debian network functionality instead of letting a DHCP client configure static networking. 🙄 This is just basic systems administration 101 stuff like
- DNS resolvers
- Local Users
- root password
- root mail alias
Once that is done I start applying the ADS-B feeder configuration.
Since I have two separate feeders, one for ADS-B and one for UAT (see these previous posts for more information about them) I split the configuration into two separate roles so the common pieces could be centralized.
--- - name: install flightaware repository key apt_key: id: 4E49CAF6B9F2BF8FC240E4BAB931BB28DE85F0DD keyserver: keyserver.ubuntu.com - name: install flightware repository apt_repository: repo: 'deb http://flightaware.com/adsb/piaware/files/packages stretch piaware' state: present filename: piaware-stretch update_cache: yes - name: Install FlightAware Feeder common packages apt: state: latest pkg: - collectd - nagios-nrpe-server - monitoring-plugins-basic - monitoring-plugins-common - name: install rtl-sdr rules copy: src=rtl-sdr.rules dest=/etc/udev/rules.d/rtl-sdr.rules mode=0644 - name: install modprobe blacklist copy: src=rtlsdr-blacklist.conf dest=/etc/modprobe.d/rtlsdr-blacklist.conf mode=0644
This sets up the FlightAware repository and adds some monitoring packages as
well as sets up the blacklist for the kernel's SDR modules since both
dump978-fa need direct access to the USB radio.
--- - name: add flightradar24 repository key apt_key: id: B35C96E2E7F2C2C73274120FC969F07840C430F5 keyserver: keyserver.ubuntu.com - name: add flightradar24 repository apt_repository: repo: 'deb http://repo.feed.flightradar24.com flightradar24 raspberrypi-stable' state: present filename: flightradar24 update_cache: yes - name: Install Packages for ADS-B Feeding apt: state: present pkg: - piaware - piaware-web - dump1090-fa - fr24feed - name: configure fr24feed template: src: fr24feed.ini.j2 dest: /etc/fr24feed.ini notify: restart fr24feed - name: configure piaware template: src: piaware-config.txt.j2 dest: /boot/piaware-config.txt notify: restart piaware - name: configure dump1090-fa copy: src=dump1090-fa.default dest=/etc/default/dump1090-fa notify: restart dump1090-fa - name: configure nrpe copy: src=nrpe.cfg dest=/etc/nagios/nrpe.d/ub3rgeek.cfg
Here we configure the FlightRadar 24 repository and install all the ADS-B
specific software. The credentials for all the services are stored in an
encrypted Ansible Vault so I have to write out the config files from templates.
The entire playbook is in my git repo if you want to look at it, it's rough but it works.
~/TODO item down...