fix: update readme (#3)

Signed-off-by: Martin Buchleitner <mabunixda@gmail.com>

README.md

@@ -1,3 +1,48 @@
 # Ansible UDMP Role
 
 Customize your Ubiquiti UDM (Pro) with ansible and [udm-utilities](https://github.com/boostchicken/udm-utilities).
+
+Because the Ubiquiti UDM and Pro have not valid python installation, raw commands must be used to do all the changes.
+
+## Sample Playbook
+
+With this playbook:
+* your custom SSL certificate is loaded to the UDM (Pro)
+* [udm-utilities](https://github.com/boostchicken/udm-utilities) gets installed
+* ssh keys are loaded from the Unifi Controller to the UDM (Pro)
+* node exporter for prometheus scraping gets setup as container via podman
+
+```yaml
+---
+- name: udmp setup
+  hosts: unifi-udmp-gateway
+  gather_facts: false
+  roles:
+    - role: mabunixda.ansible_udmp
+      certificate: <path-to-certificate.pem>
+      certificate_key: <path-to-certificate-key.pem>
+```
+
+## You can configure following services:
+
+Except the nodeexporter all services require configuration tasks after deploying the services. This configuration tasks must be done manually or by other roles/plays.
+
+### nodeexporter_enabled
+
+Starts a nodeexporter instance via podman on the gateway to scrape metrics via prometheus
+
+### frr_enabled
+
+FRR is a service to enable BGP routing ( e.g. when running kubernetes with Metallb, or nomad with calico )
+
+### rsyncd_enabled
+
+This services enabled you to offload your configuration/backup by rsync via port 2202
+
+### openvpn_enabled
+
+Openvpn Service to connect the UDM(Pro) to a certain OpenVPN tunnel.
+
+### zerotier_enabled
+
+Launches a zerotier container on the UDM(Pro) and connects to a certain zerotier network

defaults/main.yml

@@ -1,13 +1,15 @@
 ---
 
+nodeexporter_enabled: yes
+frr_enabled: no
+rsyncd_enabled: no
+openvpn_enabled: no
+zerotier_enabled: no
+
 unifi_certificate_path: "{{ unifi_mount_path }}/unifi-os/unifi-core/config"
 unifi_os_certificate_path: "{{ unifi_os_mount_path }}/unifi-core/config"
 
 java_certificate_import: "java -jar /usr/lib/unifi/lib/ace.jar import_key_cert"
 
-openvpn_enabled: no
-zerotier_enabled: no
-nodeexporter_enabled: yes
-
 udm_onboot_version: 1.0.4
 udm_onboot_download_uri: "https://github.com/boostchicken/udm-utilities/releases/download/{{ udm_onboot_version }}/udm-boot_{{ udm_onboot_version }}_all.deb"

tasks/onboot.yml

@@ -21,8 +21,8 @@
   with_items:
     - { file: "files/00-onboot-sshkeys.sh", enabled: yes }
     - { file: "files/05-onboot-container.sh", enabled: yes }
-    - { file: "files/10-onboot-frr.sh", enabled: yes }
-    - { file: "files/10-onboot-rsyncd.sh", enabled: yes }
+    - { file: "files/10-onboot-frr.sh", enabled: "{{ frr_enabled | bool }}" }
+    - { file: "files/10-onboot-rsyncd.sh", enabled: "{{ rsyncd_enabled | bool }}" }
     - { file: "files/10-onboot-nodeexporter.sh", enabled: "{{ nodeexporter_enabled | bool }}" }
     - { file: "files/10-onboot-openvpn.sh", enabled: "{{ openvpn_enabled | bool }}"  }
     - { file: "files/10-onboot-zerotier.sh", enabled: "{{ zerotier_enabled | bool }}" }

vars/main.yml

@@ -4,7 +4,6 @@ unifi_mount_path: "/mnt/data"
 unifi_os_mount_path: "/data"
 
 unifi_os_container: "unifi-os"
+unifi_os_cmd: podman exec -it "{{ unifi_os_container }}"
 
 unifi_onboot_directory: "{{ unifi_mount_path }}/on_boot.d/"
-
-unifi_os_cmd: podman exec -it "{{ unifi_os_container }}"