diff --git a/iiab-network b/iiab-network index 9ac41f986..5dc831b8e 100755 --- a/iiab-network +++ b/iiab-network @@ -4,11 +4,14 @@ CWD=`pwd` export ANSIBLE_LOG_PATH="$CWD/iiab-network.log" -if [ ! -f iiab-network.yml ]; then - echo "iiab-network.yml not found in current directory." - echo "Please rerun this command from the top level of the git repo." - echo "Exiting." +exit_error() { + echo -e "\nEXITING: "$@ | tee -a /opt/iiab/iiab/iiab-network.log exit 1 +} + +if [ ! -f iiab-network.yml ]; then + exit_error "iiab-network.yml not found in current directory." \ + "Please rerun this command from the top level of the git repo." fi OS="unknown" # will be overridden below, if /etc/iiab/iiab.env is legit @@ -19,26 +22,21 @@ if [ -f /etc/iiab/iiab.env ]; then if grep -q STAGE= /etc/iiab/iiab.env ; then echo -e "\nExtracted STAGE=$STAGE (counter) from /etc/iiab/iiab.env" if ! [ "$STAGE" -eq "$STAGE" ] 2> /dev/null; then - echo -e "\nEXITING: STAGE (counter) value == ""$STAGE"" is non-integer" - exit 1 + exit_error "STAGE (counter) value == ""$STAGE"" is non-integer" elif [ "$STAGE" -lt 0 ] || [ "$STAGE" -gt 9 ]; then - echo -e "\nEXITING: STAGE (counter) value == ""$STAGE"" is out-of-range" - exit 1 + exit_error "STAGE (counter) value == ""$STAGE"" is out-of-range" elif [ "$STAGE" -lt 3 ]; then - echo -e "\nEXITING: STAGE (counter) value == ""$STAGE" - echo -e "\nIIAB Stage 3 not complete." - echo -e "\nPlease run: ./iiab-install" - exit 1 + exit_error "STAGE (counter) value == ""$STAGE" \ + "\nIIAB Stage 3 not complete." \ + "\nPlease run: ./iiab-install" fi else - echo -e "\nEXITING: STAGE (counter) not found" - echo -e "\nIIAB not installed." - echo -e "\nPlease run: ./iiab-install" - exit 1 + exit_error "STAGE (counter) not found" \ + "\nIIAB not installed." \ + "\nPlease run: ./iiab-install" fi else - echo -e "\nEXITING: /etc/iiab/iiab.env not found" - exit 1 + exit_error "/etc/iiab/iiab.env not found" fi echo "Ansible will now run iiab-network.yml -- log file is iiab-network.log" diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index 15a62de8e..8fe5f7159 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -7,7 +7,7 @@ - name: Install avahi announce config file /etc/avahi/services/schoolserver.service template: - src: avahi/schoolserver.service + src: roles/network/templates/avahi/schoolserver.service # Invoked by 1-prep (so full path needed) dest: /etc/avahi/services/schoolserver.service owner: avahi group: avahi diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 01ff42e18..8a5dd3a5d 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -36,25 +36,22 @@ device_gw: "{{ discovered_wan_iface }}" when: ansible_default_ipv4.gateway is defined -- name: Figure out netplan file name - shell: ls /etc/netplan - register: netplan - ignore_errors: True # pre 17.10 doesn't use netplan - when: is_ubuntu +# 2022-07-22: Moved to netplan.yml AND restart.yml (REMOVE DUPLICATE CODE LATER?!) +# - name: Figure out netplan file name +# shell: ls /etc/netplan +# register: netplan +# ignore_errors: True # pre 17.10 doesn't use netplan +# when: is_ubuntu - name: Setting dhcpcd_test results set_fact: dhcpcd_result: "{{ ansible_local.local_facts.dhcpcd }}" -- name: Setting systemd_networkd results +# 2022-07-22: Copied to netplan.yml (REMOVE DUPLICATE CODE LATER?!) +- name: "Set 'systemd_networkd_active: True' if local_facts.systemd_networkd confirms" set_fact: systemd_networkd_active: True - when: 'ansible_local.local_facts.systemd_networkd == "enabled"' - -- name: Setting systemd_networkd-2 results - set_fact: - systemd_networkd_active: True - when: 'ansible_local.local_facts.systemd_networkd == "enabled-runtime"' + when: ansible_local.local_facts.systemd_networkd == "enabled" or ansible_local.local_facts.systemd_networkd == "enabled-runtime" - name: Setting network_manager results set_fact: diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 2991a0c58..4566c00bb 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -202,17 +202,6 @@ # group: root mode: 0755 -- name: Install /usr/bin/iiab-internet-on|off from template (root:root by default) - template: - src: "{{ item }}" - dest: /usr/bin/ - # owner: root - # group: root - mode: 0755 - with_items: - - gateway/iiab-internet-on - - gateway/iiab-internet-off - - name: Add 'squid' variable values to {{ iiab_ini_file }} - if squid_installed is defined ini_file: diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 0bae7b20f..99fb6cf41 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -1,14 +1,14 @@ -- name: Unmask the Access Point 'hostapd' service - systemd: - name: hostapd - enabled: no - masked: no - - name: Disable hostapd when not using ap0 and wifi gateway present, or no WiFi hardware present or support not detected set_fact: hostapd_enabled: False when: (not wifi_up_down and discovered_wireless_iface == iiab_wan_iface) or discovered_wireless_iface == "none" or not can_be_ap +- name: Disable the Access Point 'hostapd' service + systemd: + name: hostapd + enabled: no + when: not hostapd_enabled + - name: Detect current Wifi channel shell: iw {{ discovered_wireless_iface }} info | grep channel | cut -d' ' -f2 register: current_client_channel @@ -22,10 +22,12 @@ - name: Generate new random mac address for ap0 shell: tr -dc A-F0-9 < /dev/urandom | head -c 10 | sed -r 's/(..)/\1:/g;s/:$//;s/^/02:/' register: ap0_mac + when: can_be_ap - name: Setting ap0 mac address for use in hostapd service file set_fact: ap0_mac_addr: "{{ ap0_mac.stdout }}" + when: can_be_ap - name: "Use custom 'hostapd' systemd service unit file using ap0 -- install from template: /etc/systemd/system/hostapd.service, /etc/systemd/system/iiab-clone-wifi.service, /etc/systemd/system/iiab-wifi-test.service, /usr/sbin/iiab-test-wifi" template: diff --git a/roles/network/tasks/install.yml b/roles/network/tasks/install.yml index 08ddb9113..ebdf5a080 100644 --- a/roles/network/tasks/install.yml +++ b/roles/network/tasks/install.yml @@ -1,7 +1,7 @@ # 2022-03-16: 'apt show | grep Size' revealed download sizes, on 64-bit RasPiOS with desktop. - name: Install dnsmasq -- configure LATER in 'network', after Stage 9 - include_tasks: roles/network/tasks/dnsmasq.yml + include_tasks: roles/network/tasks/dnsmasq.yml # Invoked by 1-prep (so full path needed) - name: Install package networkd-dispatcher (OS's other than RasPiOS) package: @@ -45,6 +45,14 @@ # dest: /etc/network/if-pre-up.d/iptables # mode: '0755' +- name: Unmask the Access Point 'hostapd' service + systemd: + name: hostapd + enabled: no + masked: no + +- name: Install Avahi (mDNS, Zeroconf/Bonjour) + include_tasks: roles/network/tasks/avahi.yml # Invoked by 1-prep (so full path needed) # Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes: - name: "4 network settings in /etc/sysctl.conf -- e.g. disabling IPv6 (this might be overkill, as IPv6 should really only be disabled on the LAN side, i.e. br0)" @@ -61,21 +69,42 @@ #- { name: 'net.ipv6.conf.lo.disable_ipv6', value: '1' } # BY ABOVE -# UNMAINTAINED +# UNUSED #- name: Install named / BIND # include_tasks: roles/network/tasks/named.yml # when: named_install is defined and named_install -# UNMAINTAINED +# UNUSED #- name: Install dhcpd # include_tasks: roles/network/tasks/dhcpd.yml # when: dhcpd_install is defined and dhcpd_install # LESS MAINTAINED - name: Install Squid - include_tasks: roles/network/tasks/squid.yml + include_tasks: roles/network/tasks/squid.yml # Invoked by 1-prep (so full path needed) when: squid_install and squid_installed is undefined + #preprep for backends +- name: Netplan in use on Ubuntu 18.04+ + include_tasks: roles/network/tasks/netplan.yml # Invoked by 1-prep (so full path needed) + when: is_ubuntu + +# all installs + +- name: Install /usr/bin/iiab-internet-on|off from template (root:root by default) + template: + src: "{{ item }}" + dest: /usr/bin/ + mode: 0755 + with_items: + - roles/network/templates/gateway/iiab-internet-on # Invoked by 1-prep (so full path needed) + - roles/network/templates/gateway/iiab-internet-off # Invoked by 1-prep (so full path needed) + +- name: 'Install /usr/local/sbin/netwarn for pop-ups on boot, if iiab-network should be run' + include_tasks: roles/network/tasks/netwarn.yml # Invoked by 1-prep (so full path needed) + + +# RECORD Network AS INSTALLED - name: "Set 'network_installed: True'" set_fact: diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 8e225eb40..67f9d28e7 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -21,52 +21,46 @@ - name: computed_network include_tasks: computed_network.yml +# 2022-07-22: @jvonau asks for this to be (1) BELOW computed_network.yml +# (what goes into iiab-hotspot-on|off depends on can_be_ap and wifi_up_down) +# AND (2) ABOVE install.yml for some reason? REQUIREMENT: Admin Console reads +# iiab_network_mode from /etc/iiab/iiab.ini + uses /usr/bin/iiab-hotspot-on|off +- name: Install /usr/bin/iiab-hotspot-on|off from template (root:root by default) + template: + src: "{{ item }}" + dest: /usr/bin/ + mode: 0755 + with_items: + - hostapd/iiab-hotspot-on + - hostapd/iiab-hotspot-off + - name: Install network packages (including many WiFi tools, and also iptables-persistent for firewall) include_tasks: install.yml when: network_install and network_installed is undefined -- name: Create /usr/bin/iiab-hotspot-on from template - template: - src: hostapd/iiab-hotspot-on - dest: /usr/bin/iiab-hotspot-on - owner: root - group: root - mode: 0755 - -- name: Create /usr/bin/iiab-hotspot-off from template - template: - src: hostapd/iiab-hotspot-off - dest: /usr/bin/iiab-hotspot-off - owner: root - group: root - mode: 0755 - name: Configuring Network if enabled block: - # - name: Configure wondershaper - # include_tasks: wondershaper.yml - # when: wondershaper_install or wondershaper_installed is defined -# - name: (Re)Install named -# include_tasks: named.yml -# when: named_install and FQDN_changed and iiab_stage|int == 9 + # DEPRECATED + #- name: Configure wondershaper + # include_tasks: wondershaper.yml + # when: wondershaper_install or wondershaper_installed is defined + # + #- name: (Re)Install named + # include_tasks: named.yml + # when: named_install and FQDN_changed and iiab_stage|int == 9 + # + #- name: (Re)Install dhcpd + # include_tasks: dhcpd.yml + # when: dhcpd_install and FQDN_changed and iiab_stage|int == 9 -# - name: (Re)Install dhcpd -# include_tasks: dhcpd.yml -# when: dhcpd_install and FQDN_changed and iiab_stage|int == 9 - -# - name: (Re)Install Squid -# include_tasks: squid.yml -# when: squid_install and FQDN_changed and iiab_stage|int == 9 - - #preprep for backends - - name: Netplan in use on Ubuntu 18.04+ - include_tasks: netplan.yml - when: is_ubuntu and not is_ubuntu_16 + # 2022-07-22: Is './runrole --reinstall network' the new way to make this run? + #- name: (Re)Install Squid + # include_tasks: squid.yml + # when: squid_install and FQDN_changed and iiab_stage|int == 9 #### Start services - - name: avahi - include_tasks: avahi.yml - name: hostapd include_tasks: hostapd.yml - name: computed_services @@ -99,5 +93,13 @@ - name: Restart services include_tasks: restart.yml + # end block when: network_installed is defined and network_enabled + + +- name: Create {{ iiab_etc_path }}/install-flags/iiab-network-complete on second pass of network role. + file: + path: "{{ iiab_etc_path }}/install-flags/iiab-network-complete" + state: touch + when: iiab_stage|int == 9 diff --git a/roles/network/tasks/netplan.yml b/roles/network/tasks/netplan.yml index 43865d437..8a772d214 100644 --- a/roles/network/tasks/netplan.yml +++ b/roles/network/tasks/netplan.yml @@ -1,3 +1,16 @@ +# 2022-07-22: Moved from detected_network.yml to netplan.yml AND restart.yml (REMOVE DUPLICATE CODE LATER?!) +- name: Figure out netplan file name + shell: ls /etc/netplan + register: netplan + #ignore_errors: True # pre 17.10 doesn't use netplan + +# 2022-07-22: Copied from detected_network.yml (REMOVE DUPLICATE CODE LATER?!) +- name: "Set 'systemd_networkd_active: True' if local_facts.systemd_networkd confirms" + set_fact: + systemd_networkd_active: True + when: ansible_local.local_facts.systemd_networkd == "enabled" or ansible_local.local_facts.systemd_networkd == "enabled-runtime" + + - name: Disable cloud-init the easy way shell: touch /etc/cloud/cloud-init.disabled when: item|trim == "50-cloud-init.yaml" diff --git a/roles/network/tasks/netwarn.yml b/roles/network/tasks/netwarn.yml new file mode 100644 index 000000000..d31b262d7 --- /dev/null +++ b/roles/network/tasks/netwarn.yml @@ -0,0 +1,40 @@ +- name: Does /etc/xdg/lxsession/LXDE-pi/autostart exist? + stat: + path: /etc/xdg/lxsession/LXDE-pi/autostart + register: lxde_pi_autostart_present + +- name: If so, add /usr/local/sbin/netwarn to /etc/xdg/lxsession/LXDE-pi/autostart + lineinfile: + path: /etc/xdg/lxsession/LXDE-pi/autostart + regexp: '^/usr/local/sbin/netwarn$' + line: '/usr/local/sbin/netwarn' + when: lxde_pi_autostart_present.stat.exists + + +# mate desktop detection based on 'register: nd_dir' in enable_services +- name: Does /usr/share/mate/autostart/ exist? + stat: + path: /usr/share/mate/autostart/ + register: mate_dir + +# contents work with mate as of 'switch to using dash via sh' +# 'text' is up for debate other structural changes I do not recommend JV + +- name: 'Install from template: /usr/share/mate/autostart/netwarn-iiab-network.desktop' + template: + src: roles/network/templates/netwarn/netwarn-iiab-network.desktop # Invoked by 1-prep (so full path needed) + dest: /usr/share/mate/autostart/ + when: mate_dir.stat.exists and mate_dir.stat.isdir + + +# 2022-07-21: Is autostart pop-up logic for Mint & stock Ubuntu much the same? + +# (Let's insert those here if so, and refine the 'when:' line below.) + + +- name: 'If a supported graphical OS is detected, install from template: /usr/local/sbin/netwarn' + template: + src: roles/network/templates/netwarn/netwarn # Invoked by 1-prep (so full path needed) + dest: /usr/local/sbin/ + mode: 0755 + when: lxde_pi_autostart_present or (mate_dir.stat.exists and mate_dir.stat.isdir) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index de930332f..1576a2af3 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,3 +1,11 @@ +# 2022-07-22: Moved from detected_network.yml to netplan.yml AND restart.yml (REMOVE DUPLICATE CODE LATER?!) +# - name: Figure out netplan file name +# shell: ls /etc/netplan +# register: netplan +# #ignore_errors: True # pre 17.10 doesn't use netplan +# when: is_ubuntu + + - name: Restart wpa_supplicant service systemd: name: "{{ item }}" @@ -25,9 +33,13 @@ daemon_reload: yes when: hostapd_enabled and (wifi_up_down or not no_net_restart) -- name: Reload netplan for Wifi gateway on Ubuntu 18+ - shell: netplan apply - when: wifi_up_down and is_ubuntu and netplan.stdout.find("yaml") != -1 +# 2022-07-22: @jvonau suggests commenting this out as: "we really don't touch +# any of the config files... netplan.yml renames one file if it's a container +# build like on MATE, could possibly skip netplan.yml in future or toss that in +# the mix now and see what shakes up" [ok, but keep netplan.yml as is for now] +# - name: Reload netplan for Wifi gateway on Ubuntu 18+ +# shell: netplan apply +# when: wifi_up_down and is_ubuntu and netplan.stdout.find("yaml") != -1 #- name: Start named service # systemd: diff --git a/roles/network/templates/netwarn/netwarn b/roles/network/templates/netwarn/netwarn new file mode 100755 index 000000000..fc4c8f4bb --- /dev/null +++ b/roles/network/templates/netwarn/netwarn @@ -0,0 +1,24 @@ +#!/bin/bash + +if [ -f /etc/iiab/install-flags/iiab-network-complete ]; then + exit +fi + +zenity --question --width=360 --text="IIAB needs to configure networking:\n\n► Internet must be live before you begin.\n►You might be prompted for your password.\n\nContinue? (This can take 2-3 minutes)" +rc=$? +if [[ $rc != "0" ]]; then + exit $rc +fi + +# mate-terminal always returns 255 w/ autostart, so intercept/record return code +x-terminal-emulator -e "bash -c '/usr/local/bin/iiab-network; echo \"\$?\" > /tmp/iiab-network.rc'" +rc=$(cat /tmp/iiab-network.rc) +if [[ $rc != "0" ]]; then + zenity --warning --width=360 --text="iiab-network exited with error: $rc\n\nPlease review /opt/iiab/iiab/iiab-network.log" + exit $rc +fi + +zenity --question --width=360 --text="iiab-network complete.\n\nWould you like to REBOOT now? (Recommended)" +if [[ $? == "0" ]]; then + x-terminal-emulator -e "sudo reboot" +fi diff --git a/roles/network/templates/netwarn/netwarn-iiab-network.desktop b/roles/network/templates/netwarn/netwarn-iiab-network.desktop new file mode 100644 index 000000000..35547ee41 --- /dev/null +++ b/roles/network/templates/netwarn/netwarn-iiab-network.desktop @@ -0,0 +1,10 @@ +[Desktop Entry] +Name[en_US]=iiab-network +Comment[en_US]=iiab-network +Name[en_CA]=iiab-network +Comment[en_CA]=iiab-network +Type=Application +Exec=/usr/local/sbin/netwarn +Hidden=false +Name=iiab-network +Comment=iiab-network diff --git a/roles/network/templates/network/ifcfg-WAN.j2 b/roles/network/templates/network/ifcfg-WAN.j2.unused similarity index 100% rename from roles/network/templates/network/ifcfg-WAN.j2 rename to roles/network/templates/network/ifcfg-WAN.j2.unused diff --git a/roles/network/templates/network/ifcfg-slave.j2 b/roles/network/templates/network/ifcfg-slave.j2.unused similarity index 100% rename from roles/network/templates/network/ifcfg-slave.j2 rename to roles/network/templates/network/ifcfg-slave.j2.unused diff --git a/roles/network/templates/network/ifcfg.j2 b/roles/network/templates/network/ifcfg.j2.unused similarity index 100% rename from roles/network/templates/network/ifcfg.j2 rename to roles/network/templates/network/ifcfg.j2.unused diff --git a/roles/network/templates/network/sysconfig.network.j2 b/roles/network/templates/network/sysconfig.network.j2.unused similarity index 100% rename from roles/network/templates/network/sysconfig.network.j2 rename to roles/network/templates/network/sysconfig.network.j2.unused diff --git a/roles/www_options/tasks/main.yml b/roles/www_options/tasks/main.yml index 445ee5e0e..ec25d97ef 100644 --- a/roles/www_options/tasks/main.yml +++ b/roles/www_options/tasks/main.yml @@ -23,29 +23,29 @@ when: nginx_installed is defined #when: nginx_install -- name: Make home page autostart on localhost (the server's console) if session manager is LXDE (rpi) +- name: Does /etc/xdg/lxsession/LXDE-pi/autostart exist? (if so, auto-launch browser on boot, displaying http://box.lan IIAB home page) stat: path: /etc/xdg/lxsession/LXDE-pi/autostart - register: lxde_present + register: lxde_pi_autostart_present -- name: Check for Chromium name change +- name: Does /usr/bin/chromium exist? (check for browser filename change) stat: path: /usr/bin/chromium register: chromium_present -- name: Add chromium-browser to /etc/xdg/lxsession/LXDE-pi/autostart if session manager is LXDE +- name: Add chromium-browser to /etc/xdg/lxsession/LXDE-pi/autostart lineinfile: path: /etc/xdg/lxsession/LXDE-pi/autostart regexp: '^/usr/bin/chromium-browser' - line: '/usr/bin/chromium-browser --disable-restore-session-state http://box/home' - when: lxde_present.stat.exists and not chromium_present.stat.exists + line: '/usr/bin/chromium-browser --disable-restore-session-state http://box/home' + when: lxde_pi_autostart_present.stat.exists and not chromium_present.stat.exists -- name: Add chromium to /etc/xdg/lxsession/LXDE-pi/autostart if session manager is LXDE +- name: Add chromium to /etc/xdg/lxsession/LXDE-pi/autostart lineinfile: path: /etc/xdg/lxsession/LXDE-pi/autostart regexp: '^/usr/bin/chromium' - line: '/usr/bin/chromium --disable-restore-session-state http://box/home' - when: lxde_present.stat.exists and chromium_present.stat.exists + line: '/usr/bin/chromium --disable-restore-session-state http://box/home' + when: lxde_pi_autostart_present.stat.exists and chromium_present.stat.exists - debug: diff --git a/scripts/iiab-network b/scripts/iiab-network index 9e56350eb..c2d12056f 100644 --- a/scripts/iiab-network +++ b/scripts/iiab-network @@ -1,7 +1,3 @@ #!/bin/bash -e cd /opt/iiab/iiab sudo ./iiab-network -rc=$? -if [[ $rc == "0" ]]; then - sudo touch /etc/iiab/install-flags/iiab-network-complete -fi