## template: jinja #cloud-config # Jinja variables: # {% set USER_NAME='ha' %} system_info: distro: debian default_user: name: ha gecos: Home Assistant groups: [adm, audio, cdrom, libvirt, plugdev, sudo, video, docker, bluetooth, systemd-journal] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/bash password: password chpasswd: { expire: False } ssh_pwauth: True groups: - docker users: - default # apt: preserve_sources_list: true sources: docker.list: source: deb https://download.docker.com/linux/debian/ $RELEASE stable keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 package_update: false #package_upgrade: true packages: - jq - udisks2 - libglib2.0-bin - network-manager - apt-transport-https - ca-certificates - gnupg-agent - qemu-guest-agent - software-properties-common - docker-ce - rauc-service - unzip - bluetooth - cifs-utils - avahi-daemon - avahi-utils - libmicrohttpd12 - systemd-journal-remote - systemd-resolved - lsb-release - wget - curl - apparmor - dbus - nfs-common # set timezone timezone: Europe/Paris ntp: enabled: true disable_ec2_metadata: true # 2G swap swap: filename: /swapfile size: 2147483648 # enable forwarding write_files: - path: /etc/sysctl.d/enabled_ip_forwarding.conf content: | net.ipv4.conf.all.forwarding=1 net.ipv4.conf.default.forwarding=1 net.ipv6.conf.all.forwarding=1 net.ipv6.conf.default.forwarding=1 # bootcmd: # setup gpg early if missing - type gpg >/dev/null 2>&1 || DEBIAN_FRONTEND=noninteractive apt-get -yqq update - type gpg >/dev/null 2>&1 || DEBIAN_FRONTEND=noninteractive apt-get -yqq install gnupg runcmd: - DEB_BUILD_ARCH=$(dpkg --print-architecture) # fix pa rights - chmod 644 /etc/dbus-1/system.d/pa-system.conf # fix security source if needed # - sed -i 's/bullseye\/updates/bullseye-security/g' /etc/apt/sources.list # disable deb-src - sed -Ei 's/^deb-src /# deb-src /' /etc/apt/sources.list.d/debian.sources # remove modemmanager - DEBIAN_FRONTEND=noninteractive apt-get -yqq purge modemmanager # update nm config - echo "managed=1" >> /etc/NetworkManager/NetworkManager.conf # update kernel cmdline - sed -i "s/GRUB_CMDLINE_LINUX=\"\(.*\)\"/GRUB_CMDLINE_LINUX=\"\1 consoleblank=0 acpi_osi=Linux systemd.unified_cgroup_hierarchy=false\"/" /etc/default/grub - /usr/sbin/update-grub # setup ha os agent - curl -LO $(curl -s https://api.github.com/repos/home-assistant/os-agent/releases | grep browser_download_url | grep '{{ v1.machine }}[.]deb' | head -n 1 | cut -d '"' -f 4) - dpkg -i os-agent_*_linux_{{ v1.machine }}.deb - rm os-agent_*_linux_{{ v1.machine }}.deb # add user to netdev group - usermod -a -G netdev {{ USER_NAME }} # setup ha - echo homeassistant-supervised ha/machine-type select qemuarm-64 | debconf-set-selections - wget -q https://github.com/home-assistant/supervised-installer/releases/latest/download/homeassistant-supervised.deb - DEBIAN_FRONTEND=noninteractive dpkg -i homeassistant-supervised.deb - rm homeassistant-supervised.deb # fix nm config now - echo "\nmanaged=1" >> /etc/NetworkManager/NetworkManager.conf # remove unused packages - DEBIAN_FRONTEND=noninteractive apt-get -yqq autoremove - apt-get clean # onboarding - echo Waiting for home assistant onboarding && sleep 3 - timeout 1200 bash -c '{ until exec 3<>/dev/tcp/localhost/8123; do sleep 10; done } > /dev/null 2>&1 || [ "$?" = 1 ]' - echo HA onboarding ready @ http://{{ v1.local_hostname }}.local:8123 - echo Waiting for home assistant setup && sleep 3 - timeout 1200 bash -c '{ until [ -f "/usr/share/hassio/homeassistant/home-assistant.log" ]; do sleep 10; done } > /dev/null 2>&1 || [ "$?" = 1 ]' # allow backup restore - ha jobs options --ignore-conditions internet_host # setup hacs - wget -O - https://get.hacs.xyz | bash - # cooldown journald docker mount logs ref https://github.com/systemd/systemd/issues/6432 - echo "MaxLevelStore=notice" >> /etc/systemd/journald.conf - echo "MaxLevelSyslog=notice" >> /etc/systemd/journald.conf # reset ha jobs - ha jobs reset # disable systemd-networkd (will test removal) # - systemctl disable --now systemd-networkd.service final_message: "Init finished in $UPTIME seconds" power_state: delay: "now" mode: reboot message: Setup complete for {{ v1.local_hostname }}, rebooting timeout: 60 condition: True merge_how: - name: list settings: [append] - name: dict settings: [no_replace, recurse_list]