# dotmesh-monitor Ansible playbooks for deploying MeshCore monitoring nodes (Raspberry Pi Zero W / Zero 2 W). ## Hosts | Host | Hardware | Group | |---|---|---| | dm-baldock | Pi Zero W (armv6) | zero_w | | dm-ashwell | Pi Zero 2 W (armv7) | zero2_w | | dm-edworth | Pi Zero 2 W (armv7) | zero2_w | ## Prerequisites **Local machine:** ```bash pip install ansible # or: sudo apt install ansible ``` **New Pi node checklist:** 1. Flash Raspberry Pi OS Lite (Bookworm), connect to WiFi 2. Install Tailscale and join the network 3. Ensure `david` user exists with sudo access 4. Connect the MeshCore device via USB, then find its serial ID: ```bash ls /dev/serial/by-id/ ``` 5. Set `serial_port` in `ansible/host_vars/.yml` SSH key auth is required. From this machine: ```bash ssh-copy-id david@.tail740bb.ts.net ``` ## Usage **Deploy to a single host (recommended for first run / testing):** ```bash cd ansible ansible-playbook -i inventory.yml site.yml --limit dm-edworth ``` **Deploy to all nodes:** ```bash ansible-playbook -i inventory.yml site.yml ``` **Dry run:** ```bash ansible-playbook -i inventory.yml site.yml --limit dm-edworth --check ``` If sudo requires a password, add `--ask-become-pass`. You'll be prompted for a Tailscale auth key — leave blank if the node is already authenticated. ## What it does 1. **base** — apt upgrade, installs screen/pipx/vnstat/git, sets MOTD, installs and authenticates Tailscale 2. **meshcore_cli** — installs `meshcore-cli` via pipx 3. **meshcore_capture** — runs the agessaman/meshcore-packet-capture install script, writes `.env.local` config, enables `meshcore-capture.service`, deploys update/log helper scripts 4. **scripts** — deploys `voltage.sh` and `bandwidth.sh` ## Config Shared MQTT config lives in `group_vars/meshcore.yml`. Per-host serial port is in `host_vars/.yml`. Running the playbook again re-applies `.env.local` and restarts the service if it changed — safe to run on already-deployed nodes. ## Credentials note `group_vars/meshcore.yml` contains MQTT credentials in plaintext. Consider encrypting with Ansible Vault if this repo is shared: ```bash ansible-vault encrypt_string 'yourpassword' --name mqtt_ukmesh_password ```