feat: add migrate_to_wmt playbook; track hand-crafted playbooks in git

.gitignore

@@ -31,8 +31,11 @@ logs/
 ansible/inventory/dynamic_inventory.yaml
 ansible/inventory/dynamic_inventory.yaml.bak
 
-# Generated playbooks (recreated at runtime)
+# Generated playbooks (recreated at runtime) — but keep hand-crafted ones
 ansible/playbooks/*.yml
+!ansible/playbooks/distribute_ssh_keys.yml
+!ansible/playbooks/restart_service.yml
+!ansible/playbooks/migrate_to_wmt.yml
 
 # VS Code
 .vscode/

ansible/playbooks/distribute_ssh_keys.yml

@@ -0,0 +1,55 @@
+---
+# Distribute SSH Public Key to All Devices
+# ─────────────────────────────────────────
+# Purpose : Push the monitoring server's public key to every device so that
+#           all subsequent Ansible playbooks can use key-based authentication.
+#
+# Auth    : Connects with ansible_password (set via --extra-vars at runtime).
+#           No SSH key is required on the target to run this playbook.
+#
+# Run via : Ansible > SSH Setup > "Deploy SSH Keys to All Devices" button, or
+#           POST /api/ansible/ssh/distribute-keys
+#
+# After   : Disable "Use password authentication" in SSH Settings so all other
+#           playbooks switch back to key-based auth automatically.
+
+- name: Distribute SSH Public Key to All Devices
+  hosts: all
+  gather_facts: false
+  become: false
+
+  tasks:
+
+    - name: Ensure .ssh directory exists with correct permissions
+      file:
+        path: /home/pi/.ssh
+        state: directory
+        mode: '0700'
+        owner: pi
+        group: pi
+
+    - name: Deploy controller public key to authorized_keys
+      authorized_key:
+        user: pi
+        key: "{{ lookup('file', playbook_dir + '/../ssh_keys/app_key.pub') }}"
+        state: present
+        exclusive: false
+
+    - name: Set correct permissions on authorized_keys
+      file:
+        path: /home/pi/.ssh/authorized_keys
+        mode: '0600'
+        owner: pi
+        group: pi
+
+    - name: Count keys in authorized_keys
+      shell: grep -c "" /home/pi/.ssh/authorized_keys
+      register: key_count
+      changed_when: false
+
+    - name: Confirm successful deployment
+      debug:
+        msg: >-
+          SSH key deployed on {{ inventory_hostname }} ({{ ansible_host }}).
+          authorized_keys now contains {{ key_count.stdout }} key(s).
+          Key-based authentication is ready.

ansible/playbooks/migrate_to_wmt.yml

@@ -0,0 +1,126 @@
+---
+# Migrate devices from Prezenta app to WMT
+# ──────────────────────────────────────────────────────────────────────────
+# What this playbook does (in order):
+#
+#   1. Create /home/pi/Desktop/WMT on the target
+#   2. Copy /home/pi/Desktop/WMT_project from the CONTROLLER to /home/pi/Desktop/WMT on the target
+#   3. Read /home/pi/Desktop/Prezenta/data/idmasa.txt from the target
+#   4. Write that value as work_place in WMT/data/config.txt (replaces notconfig)
+#   5. Update ~/.config/wayfire.ini [autostart] start_python to launch from WMT
+#   6. Rename /home/pi/Desktop/Prezenta → /home/pi/Desktop/Prezenta_Old_Data
+#   7. Reboot the host
+#
+# Run via: Ansible > Playbooks > "Migrate to WMT" or POST /api/ansible/execute
+# ──────────────────────────────────────────────────────────────────────────
+
+- name: Migrate devices from Prezenta to WMT
+  hosts: all
+  gather_facts: false
+  become: false
+
+  tasks:
+
+    # ── 1. Ensure destination directory exists ────────────────────────────
+    - name: Create WMT directory on target
+      file:
+        path: /home/pi/Desktop/WMT
+        state: directory
+        owner: pi
+        group: pi
+        mode: '0755'
+
+    # ── 2. Copy WMT_project from controller → target as WMT ──────────────
+    - name: Copy WMT_project folder to target as /home/pi/Desktop/WMT
+      copy:
+        src: /home/pi/Desktop/WMT_project/
+        dest: /home/pi/Desktop/WMT/
+        owner: pi
+        group: pi
+        mode: preserve
+        force: true
+
+    # ── 3. Ensure WMT data directory exists (in case config.txt is missing)
+    - name: Ensure WMT/data directory exists
+      file:
+        path: /home/pi/Desktop/WMT/data
+        state: directory
+        owner: pi
+        group: pi
+        mode: '0755'
+
+    # ── 4. Read idmasa.txt from the Prezenta data folder ─────────────────
+    - name: Read idmasa.txt from Prezenta
+      slurp:
+        src: /home/pi/Desktop/Prezenta/data/idmasa.txt
+      register: idmasa_raw
+
+    - name: Decode idmasa value
+      set_fact:
+        work_place_value: "{{ (idmasa_raw.content | b64decode).strip() }}"
+
+    - name: Show detected work_place value
+      debug:
+        msg: "work_place will be set to: '{{ work_place_value }}'"
+
+    # ── 5. Ensure config.txt has a [device] section with work_place ───────
+    - name: Ensure [device] section exists in config.txt
+      ini_file:
+        path: /home/pi/Desktop/WMT/data/config.txt
+        section: device
+        option: work_place
+        value: "{{ work_place_value }}"
+        backup: true
+        create: true
+        owner: pi
+        group: pi
+        mode: '0644'
+
+    # ── 6. Update wayfire.ini autostart to launch from WMT ───────────────
+    - name: Update wayfire.ini start_python path from Prezenta to WMT
+      lineinfile:
+        path: /home/pi/.config/wayfire.ini
+        regexp: "^start_python\\s*=.*"
+        line: "start_python = lxterminal -e \"bash -c 'cd /home/pi/Desktop/WMT; python3 app.py; exec bash'\""
+        backrefs: false
+        backup: true
+
+    - name: Confirm wayfire.ini change
+      command: grep "start_python" /home/pi/.config/wayfire.ini
+      register: wayfire_check
+      changed_when: false
+
+    - name: Show wayfire.ini start_python line
+      debug:
+        msg: "{{ wayfire_check.stdout }}"
+
+    # ── 7. Rename Prezenta → Prezenta_Old_Data ────────────────────────────
+    - name: Check if Prezenta folder exists
+      stat:
+        path: /home/pi/Desktop/Prezenta
+      register: prezenta_stat
+
+    - name: Check if Prezenta_Old_Data already exists
+      stat:
+        path: /home/pi/Desktop/Prezenta_Old_Data
+      register: prezenta_old_stat
+
+    - name: Rename Prezenta to Prezenta_Old_Data
+      command: mv /home/pi/Desktop/Prezenta /home/pi/Desktop/Prezenta_Old_Data
+      when:
+        - prezenta_stat.stat.exists
+        - not prezenta_old_stat.stat.exists
+
+    - name: Warn if Prezenta_Old_Data already exists (rename skipped)
+      debug:
+        msg: "⚠ Prezenta_Old_Data already exists — rename skipped to avoid overwrite."
+      when: prezenta_old_stat.stat.exists
+
+    # ── 8. Reboot ─────────────────────────────────────────────────────────
+    - name: Reboot host to apply all changes
+      become: true
+      reboot:
+        msg: "Rebooting after WMT migration"
+        reboot_timeout: 180
+        pre_reboot_delay: 3
+        post_reboot_delay: 15

ansible/playbooks/restart_service.yml

@@ -0,0 +1,29 @@
+- become: true
+  hosts: all
+  name: Restart monitoring service
+  tasks:
+  - name: Stop prezenta service
+    systemd:
+      name: prezenta.service
+      state: stopped
+  - name: Wait for service to stop
+    wait_for:
+      timeout: 10
+  - name: Start prezenta service
+    systemd:
+      enabled: true
+      name: prezenta.service
+      state: started
+  - name: Verify service is running
+    register: service_status
+    systemd:
+      name: prezenta.service
+  - name: Report service restart
+    uri:
+      body:
+        device_ip: '{{ ansible_host }}'
+        hostname: '{{ inventory_hostname }}'
+        service_status: '{{ service_status.status.ActiveState }}'
+      body_format: json
+      method: POST
+      url: http://{{ ansible_controller_ip }}/api/service_restarted