iiab/roles/network/tasks/enable_services.yml

- name: Install /etc/dnsmasq.d/iiab.conf from template, when dnsmasq_enabled and isn't Appliance
  template:
    src: network/dnsmasq.conf.j2
    dest: /etc/dnsmasq.d/iiab.conf
  when: iiab_network_mode != "Appliance"

- name: Install /etc/hosts.dnsmasq from template for /etc/dnsmasq.d/iiab.conf (instead of using /etc/hosts)
  template:
    src: network/hosts-dnsmasq.j2
    dest: /etc/hosts.dnsmasq
  when: iiab_network_mode != "Appliance"

- name: Update /etc/dnsmasq.d/dnsmasq-iiab for custom dns setting
  template:
    src: network/dnsmasq-iiab
    dest: /etc/dnsmasq.d/dnsmasq-iiab

## Another way to skin the cat
##- name: Check if systemd service networkd-dispatcher is enabled
##  systemd:
##    name: networkd-dispatcher
##    state: reloaded
##  register: systemd_out
##
## Yet Another
## command: systemctl show networkd-dispatcher | grep ^UnitFileState=
## would yield "UnitFileState=enabled"
##
#- name: Check if systemd service networkd-dispatcher is enabled
#  command: systemctl is-enabled networkd-dispatcher
#  register: nd_enabled
#  ignore_errors: True

- name: Check if /etc/networkd-dispatcher/routable.d exists
  stat:
    path: /etc/networkd-dispatcher/routable.d
  register: nd_dir

- name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04 or later) (root:root by default)
  template:
    src: roles/network/templates/network/dnsmasq.sh.j2
    dest: /etc/networkd-dispatcher/routable.d/dnsmasq.sh
    mode: 0755
  when: nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
  #when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
  #when: dnsmasq_install and dnsmasq_enabled and nd_enabled is defined and nd_enabled.stdout == "enabled" and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
  #when: dnsmasq_install and dnsmasq_enabled and systemd_out.status.UnitFileState == "enabled" and networkd_dir.stat.exists and networkd_dir.stat.isdir and (iiab_network_mode != "Appliance")

- name: Remove /etc/dnsmasq.d/iiab.conf, when not dnsmasq_enabled or is Appliance
  file:
    path: /etc/dnsmasq.d/iiab.conf
    state: absent
  when: not dnsmasq_enabled or iiab_network_mode == "Appliance"

- name: Enable iiab-dnsmasq systemd service, if dnsmasq_enabled
  systemd:
    name: iiab-dnsmasq
    enabled: yes
  when: dnsmasq_enabled

- name: Disable iiab-dnsmasq, if not dnsmasq_enabled
  systemd:
    name: iiab-dnsmasq
    enabled: no
  when: not dnsmasq_enabled


- name: Mandate 'HTTPCACHE_ON=True' in {{ iiab_env_file }} - if squid_install [{{ squid_install }}] and squid_enabled [{{ squid_enabled }}]
  lineinfile:
    path: "{{ iiab_env_file }}"
    regexp: '^HTTPCACHE_ON=*'
    line: 'HTTPCACHE_ON=True'
  when: squid_installed is defined and squid_enabled

- name: Enable systemd service '{{ proxy }}' - if squid_install and squid_enabled
  systemd:
    name: "{{ proxy }}"    # squid (or 'squid3' on vars/debian-8.yml, vars/raspbian-8.yml)
    enabled: yes
  when: squid_installed is defined and squid_enabled

- name: Install /etc/{{ proxy }}/squid.conf from template (root:root, 0644 by default) - and create a timestamped backup of the original - if squid_install and squid_enabled
  template:
    src: squid/squid.conf.j2
    dest: /etc/{{ proxy }}/squid.conf
    # owner: "{{ proxy_user }}"    # proxy (or 'squid' on vars/centos-7.yml, vars/fedora-18.yml, vars/fedora-12.yml)
    # group: "{{ proxy_user }}"
    backup: yes
  when: squid_installed is defined and squid_enabled

# - name: Point /etc/init.d/{{ proxy }} to /etc/{{ proxy }}/squid-iiab.conf - if squid_install and squid_enabled
#   lineinfile:
#     regexp: '^CONFIG'
#     line: "CONFIG=/etc/{{ proxy }}/squid-iiab.conf"
#     path: "/etc/init.d/{{ proxy }}"
#   when: squid_install and squid_enabled

- name: Disable systemd service '{{ proxy }}' - if (squid_install or squid_installed [{{ squid_installed }}] is defined) and not squid_enabled
  systemd:
    name: "{{ proxy }}"
    enabled: no
  when: squid_installed is defined and not squid_enabled

- name: Revert {{ iiab_env_file }} to 'HTTPCACHE_ON=False' - if squid_install and not squid_enabled
  lineinfile:
    path: "{{ iiab_env_file }}"
    regexp: '^HTTPCACHE_ON=*'
    line: 'HTTPCACHE_ON=False'
  when: squid_installed is defined and not squid_enabled


# check-LAN should be iptables.yml remove later
- name: Install clean copy of /usr/bin/iiab-gen-iptables from template (root:root by default)
  template:
    src: gateway/iiab-gen-iptables
    dest: /usr/bin/iiab-gen-iptables
    mode: 0755


- name: Add 'squid' variable values to {{ iiab_ini_file }} - if squid_installed is defined
  ini_file:
    path: "{{ iiab_ini_file }}"    # /etc/iiab/iiab.ini
    section: squid
    option: "{{ item.option }}"
    value: "{{ item.value | string }}"
  with_items:
    - option: squid_install
      value: "{{ squid_install }}"
    - option: squid_enabled
      value: "{{ squid_enabled }}"
  when: squid_installed is defined
Update enable_services.yml 2019-01-17 20:03:12 +00:00			`- name: Install /etc/dnsmasq.d/iiab.conf from template, when dnsmasq_enabled and isn't Appliance`
modern Ansible syntax/style for readability 2018-07-12 17:50:32 +00:00			`template:`
			`src: network/dnsmasq.conf.j2`
move dnsmasq config file to /etc/dnsmasq.d/ Bugfix don't supply named/bind files when not enabled. 2019-01-17 16:41:48 +00:00			`dest: /etc/dnsmasq.d/iiab.conf`
remove named and dhcpd install options 2022-07-08 06:16:36 +00:00			`when: iiab_network_mode != "Appliance"`
Update enable_services.yml 2019-06-29 22:29:58 +00:00
Clarify purpose of /etc/hosts.dnsmasq 2019-12-11 05:54:33 +00:00			`- name: Install /etc/hosts.dnsmasq from template for /etc/dnsmasq.d/iiab.conf (instead of using /etc/hosts)`
use alternate hosts file for dnsmasq 2019-12-02 06:41:12 +00:00			`template:`
			`src: network/hosts-dnsmasq.j2`
			`dest: /etc/hosts.dnsmasq`
remove named and dhcpd install options 2022-07-08 06:16:36 +00:00			`when: iiab_network_mode != "Appliance"`
use alternate hosts file for dnsmasq 2019-12-02 06:41:12 +00:00
settable at runtime 2020-05-09 04:46:24 +00:00			`- name: Update /etc/dnsmasq.d/dnsmasq-iiab for custom dns setting`
			`template:`
			`src: network/dnsmasq-iiab`
			`dest: /etc/dnsmasq.d/dnsmasq-iiab`

Update enable_services.yml 2019-06-29 22:29:58 +00:00			`## Another way to skin the cat`
			`##- name: Check if systemd service networkd-dispatcher is enabled`
			`## systemd:`
			`## name: networkd-dispatcher`
			`## state: reloaded`
			`## register: systemd_out`
			`##`
			`## Yet Another`
			`## command: systemctl show networkd-dispatcher \| grep ^UnitFileState=`
			`## would yield "UnitFileState=enabled"`
			`##`
			`#- name: Check if systemd service networkd-dispatcher is enabled`
			`# command: systemctl is-enabled networkd-dispatcher`
			`# register: nd_enabled`
			`# ignore_errors: True`

Ubuntu - use networkd-dispatcher hooks to restart hostapd when br0 appears 2020-08-01 16:06:45 +00:00			`- name: Check if /etc/networkd-dispatcher/routable.d exists`
			`stat:`
			`path: /etc/networkd-dispatcher/routable.d`
			`register: nd_dir`
Update enable_services.yml 2019-06-29 22:29:58 +00:00
Cleaner computed_network.yml, computed_services.yml, enable_services.yml 2021-08-14 20:44:22 +00:00			`- name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04 or later) (root:root by default)`
Ubuntu - use networkd-dispatcher hooks to restart hostapd when br0 appears 2020-08-01 16:06:45 +00:00			`template:`
			`src: roles/network/templates/network/dnsmasq.sh.j2`
			`dest: /etc/networkd-dispatcher/routable.d/dnsmasq.sh`
			`mode: 0755`
remove named and dhcpd install options 2022-07-08 06:16:36 +00:00			`when: nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")`
enable_services.yml: Remove 110+ stale lines (dhcpd, named, DansGuardian, Wondershaper} 2022-11-02 02:44:02 +00:00			`#when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")`
Update enable_services.yml 2019-06-29 22:29:58 +00:00			`#when: dnsmasq_install and dnsmasq_enabled and nd_enabled is defined and nd_enabled.stdout == "enabled" and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")`
			`#when: dnsmasq_install and dnsmasq_enabled and systemd_out.status.UnitFileState == "enabled" and networkd_dir.stat.exists and networkd_dir.stat.isdir and (iiab_network_mode != "Appliance")`
Move the dnsmasq-restarter script from dnsmasq.yml to enable_services.yml 2019-06-23 07:57:19 +00:00
Revert "shut the log up for #3278" This reverts commit eb3c0a2684c81e6f916c8219c49918e8d304d1da. 2022-10-07 08:24:12 +00:00			`- name: Remove /etc/dnsmasq.d/iiab.conf, when not dnsmasq_enabled or is Appliance`
move dnsmasq config file to /etc/dnsmasq.d/ Bugfix don't supply named/bind files when not enabled. 2019-01-17 16:41:48 +00:00			`file:`
			`path: /etc/dnsmasq.d/iiab.conf`
			`state: absent`
restore missing optional user disabling of dnsmasq 2022-10-07 08:39:01 +00:00			`when: not dnsmasq_enabled or iiab_network_mode == "Appliance"`
move dnsmasq config file to /etc/dnsmasq.d/ Bugfix don't supply named/bind files when not enabled. 2019-01-17 16:41:48 +00:00
use iiab-dnsmasq.service everywhere 2018-12-16 13:52:50 +00:00			`- name: Enable iiab-dnsmasq systemd service, if dnsmasq_enabled`
Update enable_services.yml 2018-10-31 07:58:55 +00:00			`systemd:`
use iiab-dnsmasq.service everywhere 2018-12-16 13:52:50 +00:00			`name: iiab-dnsmasq`
modern Ansible syntax/style for readability 2018-07-12 17:50:32 +00:00			`enabled: yes`
cleanups 2022-07-08 07:04:05 +00:00			`when: dnsmasq_enabled`
reorder dhcpcd networking services - rebased edits looks weird on redhat add systemd reload 2017-09-09 21:12:05 +00:00
use iiab-dnsmasq.service everywhere 2018-12-16 13:52:50 +00:00			`- name: Disable iiab-dnsmasq, if not dnsmasq_enabled`
			`systemd:`
			`name: iiab-dnsmasq`
			`enabled: no`
cleanups 2022-07-08 07:04:05 +00:00			`when: not dnsmasq_enabled`
use iiab-dnsmasq.service everywhere 2018-12-16 13:52:50 +00:00
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
squid-iiab.conf.j2: Comment out 'if dansguardian_enabled' etc 2021-08-15 15:12:46 +00:00			`- name: Mandate 'HTTPCACHE_ON=True' in {{ iiab_env_file }} - if squid_install [{{ squid_install }}] and squid_enabled [{{ squid_enabled }}]`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`lineinfile:`
			`path: "{{ iiab_env_file }}"`
			`regexp: '^HTTPCACHE_ON=*'`
			`line: 'HTTPCACHE_ON=True'`
cleanups 2022-07-08 07:04:05 +00:00			`when: squid_installed is defined and squid_enabled`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
network/tasks/enable_services.yml: Clarify Squid enable/disable actions 2021-08-15 17:25:50 +00:00			`- name: Enable systemd service '{{ proxy }}' - if squid_install and squid_enabled`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`systemd:`
Spring Cleaning for dysfunctional Squid 2021-08-16 16:44:14 +00:00			`name: "{{ proxy }}" # squid (or 'squid3' on vars/debian-8.yml, vars/raspbian-8.yml)`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`enabled: yes`
cleanups 2022-07-08 07:04:05 +00:00			`when: squid_installed is defined and squid_enabled`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Spring Cleaning for dysfunctional Squid 2021-08-16 16:44:14 +00:00			`- name: Install /etc/{{ proxy }}/squid.conf from template (root:root, 0644 by default) - and create a timestamped backup of the original - if squid_install and squid_enabled`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`template:`
Spring Cleaning for dysfunctional Squid 2021-08-16 16:44:14 +00:00			`src: squid/squid.conf.j2`
			`dest: /etc/{{ proxy }}/squid.conf`
			`# owner: "{{ proxy_user }}" # proxy (or 'squid' on vars/centos-7.yml, vars/fedora-18.yml, vars/fedora-12.yml)`
			`# group: "{{ proxy_user }}"`
			`backup: yes`
cleanups 2022-07-08 07:04:05 +00:00			`when: squid_installed is defined and squid_enabled`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Spring Cleaning for dysfunctional Squid 2021-08-16 16:44:14 +00:00			`# - name: Point /etc/init.d/{{ proxy }} to /etc/{{ proxy }}/squid-iiab.conf - if squid_install and squid_enabled`
			`# lineinfile:`
			`# regexp: '^CONFIG'`
			`# line: "CONFIG=/etc/{{ proxy }}/squid-iiab.conf"`
			`# path: "/etc/init.d/{{ proxy }}"`
			`# when: squid_install and squid_enabled`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
network/tasks/enable_services.yml: Clarify Squid enable/disable actions 2021-08-15 17:25:50 +00:00			`- name: Disable systemd service '{{ proxy }}' - if (squid_install or squid_installed [{{ squid_installed }}] is defined) and not squid_enabled`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`systemd:`
			`name: "{{ proxy }}"`
			`enabled: no`
cleanups 2022-07-08 07:04:05 +00:00			`when: squid_installed is defined and not squid_enabled`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
network/tasks/enable_services.yml: Clarify Squid enable/disable actions 2021-08-15 17:25:50 +00:00			`- name: Revert {{ iiab_env_file }} to 'HTTPCACHE_ON=False' - if squid_install and not squid_enabled`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`lineinfile:`
			`path: "{{ iiab_env_file }}"`
			`regexp: '^HTTPCACHE_ON=*'`
			`line: 'HTTPCACHE_ON=False'`
cleanups 2022-07-08 07:04:05 +00:00			`when: squid_installed is defined and not squid_enabled`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00

Misc Fixes: Clean up whitespace warnings 2017-10-19 06:33:02 +00:00			`# check-LAN should be iptables.yml remove later`
Deprecate DansGuardian, Squid, WonderShaper 2021-08-14 20:18:12 +00:00			`- name: Install clean copy of /usr/bin/iiab-gen-iptables from template (root:root by default)`
modern Ansible syntax/style for readability 2018-07-12 17:50:32 +00:00			`template:`
Update enable_services.yml 2018-10-31 07:58:55 +00:00			`src: gateway/iiab-gen-iptables`
			`dest: /usr/bin/iiab-gen-iptables`
modern Ansible syntax/style for readability 2018-07-12 17:50:32 +00:00			`mode: 0755`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
WIP: iiab.ini vars set in 3 places? For Squid, DansGuardian, Wondershaper 2021-04-29 20:08:31 +00:00
squid-iiab.conf.j2: Comment out 'if dansguardian_enabled' etc 2021-08-15 15:12:46 +00:00			`- name: Add 'squid' variable values to {{ iiab_ini_file }} - if squid_installed is defined`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`ini_file:`
Squid clarifs in local_vars.yml, enable_services.yml etc 2021-08-15 14:06:01 +00:00			`path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini`
Reinstate Squid, cutting out DansGuardian 2021-08-15 11:59:35 +00:00			`section: squid`
			`option: "{{ item.option }}"`
			`value: "{{ item.value \| string }}"`
			`with_items:`
			`- option: squid_install`
			`value: "{{ squid_install }}"`
			`- option: squid_enabled`
			`value: "{{ squid_enabled }}"`
			`when: squid_installed is defined`