51 lines
1.3 KiB
YAML
51 lines
1.3 KiB
YAML
---
|
|
- name: Load IoT WiFi password from OpenBao
|
|
ansible.builtin.set_fact:
|
|
openwrt_iot_wifi_password: >-
|
|
{{
|
|
lookup(
|
|
'community.hashi_vault.vault_kv2_get',
|
|
openbao_fields.iot_wifi.path,
|
|
engine_mount_point=openbao_kv_mount
|
|
).secret[openbao_fields.iot_wifi.password_key]
|
|
}}
|
|
no_log: true
|
|
|
|
- name: Configure IoT WiFi interface (szafa, WPA2, network iot)
|
|
community.openwrt.uci:
|
|
command: section
|
|
config: wireless
|
|
type: wifi-iface
|
|
name: iot_radio0
|
|
find:
|
|
device: radio0
|
|
ssid: szafa
|
|
value:
|
|
device: radio0
|
|
network: iot
|
|
mode: ap
|
|
ssid: szafa
|
|
hidden: '1' # Stop broadcasting SSID
|
|
macfilter: allow # Apply MAC filter allowing only specific addresses
|
|
maclist:
|
|
- 80:64:7c:99:21:20 # Thermomether
|
|
- C0:F8:53:89:E5:EF # Smart plug
|
|
- C0:F8:53:89:E3:42 # smart plug
|
|
encryption: psk2
|
|
key: "{{ openwrt_iot_wifi_password }}"
|
|
disabled: '0'
|
|
replace: true
|
|
notify: Reload wireless
|
|
|
|
- name: Enable radio0
|
|
community.openwrt.uci:
|
|
command: set
|
|
key: wireless.radio0.disabled
|
|
value: '0'
|
|
notify: Reload wireless
|
|
|
|
- name: Commit wireless config
|
|
community.openwrt.uci:
|
|
command: commit
|
|
key: wireless
|