iiab/roles/network/tasks/enable_services.yml

- name: Disable stock dhcp_service
  service: name={{ dhcp_service }}
           enabled=no
           state=stopped
  when: dhcpd_install and first_run and is_debuntu

- name: Disable dhcpd service
  service: name=dhcpd
           enabled=no
  when: not dhcpd_enabled and dhcpd_install

# service is restarted with NM dispatcher.d script
- name: Enable dhcpd service
  service: name=dhcpd
           enabled=yes
  when: dhcpd_enabled and dhcpd_install

- name: Copy /etc/sysconfig/dhcpd file
  template: src={{ item.src }}
            dest={{ item.dest }}
            owner=root
            group=root
            mode={{ item.mode }}
  with_items:
   - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' }
  when: dhcpd_enabled and dhcpd_install

- name: Copy named file
  template: src={{ item.src }}
            dest={{ item.dest }}
            owner=root
            group=root
            mode={{ item.mode }}
  with_items:
   - { src: 'named/school.local.zone.db' , dest: '/var/named-iiab/' , mode: '0644' }
   - { src: 'named/school.internal.zone.db' , dest: '/var/named-iiab/' , mode: '0644' }

- name: Enable named service
  service: name={{ dns_service }}
           enabled=yes
  when: named_enabled and named_install

- name: Disable named service
  service: name={{ dns_service }}
           enabled=no
  when: not named_enabled and named_install

- name: Disable dnsmasq
  service: name=dnsmasq
           enabled=no
  when: not dnsmasq_enabled and dnsmasq_install

- name: dnsmasq copy config file to /etc
  template: src=network/dnsmasq.conf dest=/etc/
  when: dnsmasq_enabled and dnsmasq_install

- name: Enable dnsmasq
  service: name=dnsmasq
           enabled=yes
  when: dnsmasq_enabled and dnsmasq_install

- name: Enable dansguardian
  service: name=dansguardian
           enabled=yes
  when: dansguardian_enabled and dansguardian_install

- name: Disable DansGuardian
  service: name=dansguardian
           enabled=no
  when: not dansguardian_enabled and dansguardian_install

- name: Create xs_httpcache flag
  shell: echo 1 > /etc/sysconfig/xs_httpcache_on
         creates=/etc/sysconfig/xs_httpcache_on
  when: squid_enabled and squid_install

- name: Enable Squid service
  service: name={{ proxy }}
           enabled=yes
  when: squid_enabled and squid_install

- name: Copy init script and config file
  template: src={{ item.src }}
            dest={{ item.dest }}
            owner={{ item.owner }}
            group={{ item.group }}
            mode={{ item.mode }}
  with_items:
    - src: 'squid/squid-iiab.conf.j2'
      dest: '/etc/{{ proxy }}/squid-iiab.conf'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
  when: squid_enabled and squid_install

- name: Point to Squid config file from startup file
  lineinfile: regexp='^CONFIG'
              line='CONFIG=/etc/{{ proxy }}/squid-iiab.conf'
              dest=/etc/init.d/{{ proxy }}
  when: squid_enabled and squid_install and is_debuntu

- name: Disable Squid service
  service: name={{ proxy }}
           enabled=no
  when: not squid_enabled and squid_install

- name: Remove xs_httpcache flag
  file: path=/etc/sysconfig/xs_httpcache_on
        state=absent
  when: not squid_enabled

- name: Enable Wondershaper service
  service: name=wondershaper
           enabled=yes
  when: wondershaper_enabled and wondershaper_install

- name: Disable Wondershaper service
  service: name=wondershaper
           enabled=no
  when: not wondershaper_enabled and wondershaper_install

# check-LAN should be iptables.yml remove later
- name: Grab clean copy of iiab-gen-iptables
  template: src={{ item.0 }}
            dest={{ item.1 }}
            owner='root'
            group='root'
            mode='0755'
  with_items:
   - { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' }
   - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN' }

- name: Add 'squid' to service list
  ini_file: dest='{{ service_filelist }}'
            section=squid
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: enabled
      value: "{{ squid_enabled }}"

- name: Add 'dansguardian' to service list
  ini_file: dest='{{ service_filelist }}'
            section=dansguardian
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: enabled
      value: "{{ dansguardian_enabled }}"

- name: Add 'wondershaper' to service list
  ini_file: dest='{{ service_filelist }}'
            section=wondershaper
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: enabled
      value: "{{ wondershaper_enabled }}"
treat ubuntu same as debian 2017-10-10 18:06:20 +00:00			`- name: Disable stock dhcp_service`
disable stock isc-dhcp-server config 2017-09-26 05:54:58 +00:00			`service: name={{ dhcp_service }}`
			`enabled=no`
treat ubuntu same as debian 2017-10-10 18:06:20 +00:00			`state=stopped`
dhcp_service first_run add is_debuntu only 2017-10-17 15:18:59 +00:00			`when: dhcpd_install and first_run and is_debuntu`
disable stock isc-dhcp-server config 2017-09-26 05:54:58 +00:00
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`- name: Disable dhcpd service`
			`service: name=dhcpd`
			`enabled=no`
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`when: not dhcpd_enabled and dhcpd_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
			`# service is restarted with NM dispatcher.d script`
			`- name: Enable dhcpd service`
			`service: name=dhcpd`
			`enabled=yes`
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`when: dhcpd_enabled and dhcpd_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
			`- name: Copy /etc/sysconfig/dhcpd file`
			`template: src={{ item.src }}`
			`dest={{ item.dest }}`
			`owner=root`
			`group=root`
			`mode={{ item.mode }}`
			`with_items:`
permissions 2017-09-24 19:33:22 +00:00			`- { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' }`
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`when: dhcpd_enabled and dhcpd_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Update enable_services.yml 2017-10-27 06:37:42 +00:00			`- name: Copy named file`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`template: src={{ item.src }}`
			`dest={{ item.dest }}`
			`owner=root`
			`group=root`
			`mode={{ item.mode }}`
			`with_items:`
permissions 2017-09-24 19:33:22 +00:00			`- { src: 'named/school.local.zone.db' , dest: '/var/named-iiab/' , mode: '0644' }`
			`- { src: 'named/school.internal.zone.db' , dest: '/var/named-iiab/' , mode: '0644' }`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
			`- name: Enable named service`
			`service: name={{ dns_service }}`
			`enabled=yes`
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`when: named_enabled and named_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
			`- name: Disable named service`
			`service: name={{ dns_service }}`
			`enabled=no`
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`when: not named_enabled and named_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`- name: Disable dnsmasq`
			`service: name=dnsmasq`
			`enabled=no`
			`when: not dnsmasq_enabled and dnsmasq_install`
reorder dhcpcd networking services - rebased edits looks weird on redhat add systemd reload 2017-09-09 21:12:05 +00:00
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`- name: dnsmasq copy config file to /etc`
			`template: src=network/dnsmasq.conf dest=/etc/`
			`when: dnsmasq_enabled and dnsmasq_install`
reorder dhcpcd networking services - rebased edits looks weird on redhat add systemd reload 2017-09-09 21:12:05 +00:00
port dnsmasq over from nginx-rebase-eth0 - rebased edits 2017-09-13 11:07:25 +00:00			`- name: Enable dnsmasq`
			`service: name=dnsmasq`
			`enabled=yes`
			`when: dnsmasq_enabled and dnsmasq_install`
reorder dhcpcd networking services - rebased edits looks weird on redhat add systemd reload 2017-09-09 21:12:05 +00:00
			`- name: Enable dansguardian`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`service: name=dansguardian`
			`enabled=yes`
make DG and squid respect *_install and default dansguardian_install to False 2017-08-09 05:29:40 +00:00			`when: dansguardian_enabled and dansguardian_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
cleaner Ansible output 2017-10-27 16:22:06 +00:00			`- name: Disable DansGuardian`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`service: name=dansguardian`
			`enabled=no`
make DG and squid respect *_install and default dansguardian_install to False 2017-08-09 05:29:40 +00:00			`when: not dansguardian_enabled and dansguardian_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
			`- name: Create xs_httpcache flag`
			`shell: echo 1 > /etc/sysconfig/xs_httpcache_on`
			`creates=/etc/sysconfig/xs_httpcache_on`
fix proper runtags support 2017-09-16 04:43:15 +00:00			`when: squid_enabled and squid_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
cleaner Ansible output 2017-10-27 16:22:06 +00:00			`- name: Enable Squid service`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`service: name={{ proxy }}`
			`enabled=yes`
cover bad selection of install False enabled True by enduser 2017-09-19 23:35:00 +00:00			`when: squid_enabled and squid_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
			`- name: Copy init script and config file`
			`template: src={{ item.src }}`
			`dest={{ item.dest }}`
			`owner={{ item.owner }}`
			`group={{ item.group }}`
			`mode={{ item.mode }}`
			`with_items:`
Iiab (#68) * xs- goes to iiab- * more xs->iiab * sysconfig was forgotten * hyphen vs underscore i roles network templates * bulk sed on pgsql-xs * create links for old script names * missed named-xs -> named-iiab * squid-xs ->squid-iiab * misspelled squid-iiab.conf.j2 2017-06-28 02:53:13 +00:00			`- src: 'squid/squid-iiab.conf.j2'`
			`dest: '/etc/{{ proxy }}/squid-iiab.conf'`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`owner: '{{ proxy_user }}'`
			`group: '{{ proxy_user }}'`
			`mode: '0644'`
cover bad selection of install False enabled True by enduser 2017-09-19 23:35:00 +00:00			`when: squid_enabled and squid_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
cleaner Ansible output 2017-10-27 16:22:06 +00:00			`- name: Point to Squid config file from startup file`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`lineinfile: regexp='^CONFIG'`
Iiab (#68) * xs- goes to iiab- * more xs->iiab * sysconfig was forgotten * hyphen vs underscore i roles network templates * bulk sed on pgsql-xs * create links for old script names * missed named-xs -> named-iiab * squid-xs ->squid-iiab * misspelled squid-iiab.conf.j2 2017-06-28 02:53:13 +00:00			`line='CONFIG=/etc/{{ proxy }}/squid-iiab.conf'`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`dest=/etc/init.d/{{ proxy }}`
cover bad selection of install False enabled True by enduser 2017-09-19 23:35:00 +00:00			`when: squid_enabled and squid_install and is_debuntu`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
cleaner Ansible output 2017-10-27 16:22:06 +00:00			`- name: Disable Squid service`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`service: name={{ proxy }}`
			`enabled=no`
make DG and squid respect *_install and default dansguardian_install to False 2017-08-09 05:29:40 +00:00			`when: not squid_enabled and squid_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
			`- name: Remove xs_httpcache flag`
			`file: path=/etc/sysconfig/xs_httpcache_on`
			`state=absent`
			`when: not squid_enabled`

cleaner Ansible output 2017-10-27 16:22:06 +00:00			`- name: Enable Wondershaper service`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`service: name=wondershaper`
			`enabled=yes`
cover bad selection of install False enabled True by enduser 2017-09-19 23:35:00 +00:00			`when: wondershaper_enabled and wondershaper_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
cleaner Ansible output 2017-10-27 16:22:06 +00:00			`- name: Disable Wondershaper service`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`service: name=wondershaper`
			`enabled=no`
cover bad selection of install False enabled True by enduser 2017-09-19 23:35:00 +00:00			`when: not wondershaper_enabled and wondershaper_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Misc Fixes: Clean up whitespace warnings 2017-10-19 06:33:02 +00:00			`# check-LAN should be iptables.yml remove later`
Iiab (#68) * xs- goes to iiab- * more xs->iiab * sysconfig was forgotten * hyphen vs underscore i roles network templates * bulk sed on pgsql-xs * create links for old script names * missed named-xs -> named-iiab * squid-xs ->squid-iiab * misspelled squid-iiab.conf.j2 2017-06-28 02:53:13 +00:00			`- name: Grab clean copy of iiab-gen-iptables`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`template: src={{ item.0 }}`
			`dest={{ item.1 }}`
			`owner='root'`
			`group='root'`
			`mode='0755'`
			`with_items:`
Iiab (#68) * xs- goes to iiab- * more xs->iiab * sysconfig was forgotten * hyphen vs underscore i roles network templates * bulk sed on pgsql-xs * create links for old script names * missed named-xs -> named-iiab * squid-xs ->squid-iiab * misspelled squid-iiab.conf.j2 2017-06-28 02:53:13 +00:00			`- { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' }`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`- { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN' }`

refined 2017-10-27 17:51:20 +00:00			`- name: Add 'squid' to service list`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`ini_file: dest='{{ service_filelist }}'`
			`section=squid`
			`option='{{ item.option }}'`
			`value='{{ item.value }}'`
			`with_items:`
			`- option: enabled`
			`value: "{{ squid_enabled }}"`

refined 2017-10-27 17:51:20 +00:00			`- name: Add 'dansguardian' to service list`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`ini_file: dest='{{ service_filelist }}'`
			`section=dansguardian`
			`option='{{ item.option }}'`
			`value='{{ item.value }}'`
			`with_items:`
			`- option: enabled`
			`value: "{{ dansguardian_enabled }}"`

refined 2017-10-27 17:51:20 +00:00			`- name: Add 'wondershaper' to service list`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`ini_file: dest='{{ service_filelist }}'`
			`section=wondershaper`
			`option='{{ item.option }}'`
			`value='{{ item.value }}'`
			`with_items:`
			`- option: enabled`
			`value: "{{ wondershaper_enabled }}"`