diff --git a/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml b/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml index bd845ecc0..302edb5e0 100644 --- a/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml @@ -3,7 +3,7 @@ postgresql_install: True postgresql_enabled: True -- name: POSTGRESQL - run the 'postgresql' role +- name: POSTGRESQL - run 'postgresql' role include_role: name: postgresql diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 9e736a9bb..9ebf80444 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -52,6 +52,6 @@ - name: Recording STAGE 2 HAS COMPLETED ========================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=2' diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index fbe60024c..3575e9645 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -23,6 +23,6 @@ - name: Recording STAGE 3 HAS COMPLETED ===================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=3' diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index e0eb29a66..9f94cde9e 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -50,6 +50,6 @@ - name: Recording STAGE 4 HAS COMPLETED ================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=4' diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 94cc58597..40f9d2d6e 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -23,6 +23,6 @@ - name: Recording STAGE 5 HAS COMPLETED ===================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=5' diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index f0a617954..25fe4602c 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -67,6 +67,6 @@ - name: Recording STAGE 6 HAS COMPLETED ==================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=6' diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 5acad13f3..c181e7924 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -47,6 +47,6 @@ - name: Recording STAGE 7 HAS COMPLETED ======================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=7' diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 896c900ef..c882eb632 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -35,6 +35,6 @@ - name: Recording STAGE 8 HAS COMPLETED ====================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=8' diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 8d1ba1744..7a9448a71 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -51,6 +51,6 @@ - name: Recording STAGE 9 HAS COMPLETED ==================== lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^STAGE=*' line: 'STAGE=9' diff --git a/roles/awstats/tasks/apache.yml b/roles/awstats/tasks/apache.yml index 974dea5f4..071064f55 100644 --- a/roles/awstats/tasks/apache.yml +++ b/roles/awstats/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite awstats.conf when: not awstats_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index de191701c..a66324784 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -109,6 +109,6 @@ - name: "Add 'awstats_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^awstats_installed' line: 'awstats_installed: True' diff --git a/roles/azuracast/tasks/install.yml b/roles/azuracast/tasks/install.yml index e927173cf..7a19c6a14 100644 --- a/roles/azuracast/tasks/install.yml +++ b/roles/azuracast/tasks/install.yml @@ -73,6 +73,6 @@ - name: "Add 'azuracast_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^azuracast_installed' line: 'azuracast_installed: True' diff --git a/roles/bluetooth/tasks/install.yml b/roles/bluetooth/tasks/install.yml index 5872ec99b..be7378b13 100644 --- a/roles/bluetooth/tasks/install.yml +++ b/roles/bluetooth/tasks/install.yml @@ -64,6 +64,6 @@ - name: "Add 'bluetooth_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^bluetooth_installed' line: 'bluetooth_installed: True' diff --git a/roles/calibre-web/tasks/apache.yml b/roles/calibre-web/tasks/apache.yml index 34bf00f32..92dae1626 100644 --- a/roles/calibre-web/tasks/apache.yml +++ b/roles/calibre-web/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite calibre-web.conf when: not calibreweb_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index 6b98dd2b3..330ebe56b 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -109,6 +109,6 @@ - name: "Add 'calibreweb_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^calibreweb_installed' line: 'calibreweb_installed: True' diff --git a/roles/calibre/tasks/install.yml b/roles/calibre/tasks/install.yml index 1f2fc58bb..4144d58a5 100644 --- a/roles/calibre/tasks/install.yml +++ b/roles/calibre/tasks/install.yml @@ -93,6 +93,6 @@ - name: "Add 'calibre_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^calibre_installed' line: 'calibre_installed: True' diff --git a/roles/captiveportal/tasks/install.yml b/roles/captiveportal/tasks/install.yml index 5ef5406ec..40c50f146 100644 --- a/roles/captiveportal/tasks/install.yml +++ b/roles/captiveportal/tasks/install.yml @@ -61,6 +61,6 @@ - name: "Add 'captiveportal_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^captiveportal_installed' line: 'captiveportal_installed: True' diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index d0a52f7ff..72ffec896 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -31,7 +31,7 @@ - name: "Add 'cups_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^cups_installed' line: 'cups_installed: True' diff --git a/roles/elgg/tasks/apache.yml b/roles/elgg/tasks/apache.yml new file mode 100644 index 000000000..d08fbd87b --- /dev/null +++ b/roles/elgg/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box{{ elgg_url }} via Apache # http://box/elgg + command: a2ensite elgg.conf + when: elgg_enabled | bool + +- name: Disable http://box{{ elgg_url }} via Apache # http://box/elgg + command: a2dissite elgg.conf + when: not elgg_enabled + +- name: (Re)Start '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted diff --git a/roles/elgg/tasks/enable.yml b/roles/elgg/tasks/enable.yml index 249ab6de0..c787df7df 100644 --- a/roles/elgg/tasks/enable.yml +++ b/roles/elgg/tasks/enable.yml @@ -2,42 +2,40 @@ - name: Enable http://box{{ elgg_url }} via Apache # http://box/elgg command: a2ensite elgg.conf - when: apache_install and elgg_enabled + when: elgg_enabled | bool - name: Disable http://box{{ elgg_url }} via Apache # http://box/elgg command: a2dissite elgg.conf - when: apache_install and not elgg_enabled + when: not elgg_enabled + -- name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" state: restarted - when: apache_enabled | bool # NGINX -- name: "SHIM: Enable http://box{{ elgg_url }} via NGINX, by installing {{ nginx_conf_dir }}/elgg-nginx.conf from template" # http://box/elgg +- name: Enable http://box{{ elgg_url }} via NGINX, by installing {{ nginx_conf_dir }}/elgg-nginx.conf from template # http://box/elgg template: src: elgg-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/elgg-nginx.conf" - when: nginx_install and elgg_enabled + dest: "{{ nginx_conf_dir }}/elgg-nginx.conf" # /etc/nginx/conf.d + when: elgg_enabled | bool -- name: "SHIM: Disable http://box{{ elgg_url }} via NGINX, by removing {{ nginx_conf_dir }}/elgg-nginx.conf" # http://box/elgg +- name: Disable http://box{{ elgg_url }} via NGINX, by removing {{ nginx_conf_dir }}/elgg-nginx.conf # http://box/elgg file: - path: "{{ nginx_conf_dir }}/elgg-nginx.conf" + path: "{{ nginx_conf_dir }}/elgg-nginx.conf" # /etc/nginx/conf.d state: absent - when: nginx_install and not elgg_enabled + when: not elgg_enabled - name: Restart 'nginx' systemd service systemd: name: nginx state: restarted - when: nginx_enabled | bool - name: Add 'elgg' variable values to {{ iiab_ini_file }} ini_file: - path: "{{ iiab_ini_file }}" + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini section: elgg option: "{{ item.option }}" value: "{{ item.value | string }}" diff --git a/roles/elgg/tasks/install.yml b/roles/elgg/tasks/install.yml index 484c9ab78..aa181bdb7 100644 --- a/roles/elgg/tasks/install.yml +++ b/roles/elgg/tasks/install.yml @@ -1,5 +1,15 @@ -# Assume we only get here if elgg_install: True -# Assume MySQL is running +# Assume (enforce) we only get here if elgg_install: True +# Assume (enforce) MySQL is running + +- name: "Set 'mysql_install: True' and 'mysql_enabled: True'" + set_fact: + mysql_install: True + mysql_enabled: True + +- name: MYSQL - run 'mysql' role (attempt to install & enable MySQL) + include_role: + name: mysql + - name: Download {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip to {{ downloads_dir }} #shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }} @@ -88,6 +98,10 @@ dest: "/etc/{{ apache_conf_dir }}/elgg.conf" +- name: Set up Elgg's MySQL database + include_tasks: setup.yml + + # RECORD Elgg AS INSTALLED - name: "Set 'elgg_installed: True'" @@ -96,6 +110,6 @@ - name: "Add 'elgg_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^elgg_installed' line: 'elgg_installed: True' diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index 8c03710ae..2462d2f2e 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -1,11 +1,51 @@ -- name: Install Elgg +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 + +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "elgg_install is sameas true" (boolean not string etc) + assert: + that: elgg_install is sameas true + fail_msg: "PLEASE SET 'elgg_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "elgg_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: elgg_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'elgg_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + + +- name: Install Elgg if 'elgg_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml - when: elgg_install and not elgg_installed is defined + when: elgg_installed is undefined -- name: Provision DB - include_tasks: setup.yml - when: elgg_install and not installing -- name: Enable Elgg - include_tasks: enable.yml - when: elgg_install or elgg_installed is defined +#- name: Enable/Disable/Restart Apache if primary +- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache + include_tasks: apache.yml + #when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'elgg' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: elgg + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Elgg + - option: description + value: '"Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured social networks and applications."' + - option: path + value: /opt/elgg + - option: elgg_enabled + value: "{{ elgg_enabled }}" diff --git a/roles/elgg/tasks/nginx.yml b/roles/elgg/tasks/nginx.yml new file mode 100644 index 000000000..a0213cb71 --- /dev/null +++ b/roles/elgg/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box{{ elgg_url }} via NGINX, by installing {{ nginx_conf_dir }}/elgg-nginx.conf from template # http://box/elgg + template: + src: elgg-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/elgg-nginx.conf" # /etc/nginx/conf.d + when: elgg_enabled | bool + +- name: Disable http://box{{ elgg_url }} via NGINX, by removing {{ nginx_conf_dir }}/elgg-nginx.conf # http://box/elgg + file: + path: "{{ nginx_conf_dir }}/elgg-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not elgg_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted diff --git a/roles/gitea/tasks/apache.yml b/roles/gitea/tasks/apache.yml index 9c4214c86..e61effc08 100644 --- a/roles/gitea/tasks/apache.yml +++ b/roles/gitea/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite gitea.conf when: not gitea_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 7ccb3350c..b919608bf 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -114,6 +114,6 @@ - name: "Add 'gitea_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^gitea_installed' line: 'gitea_installed: True' diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index 8dfaf8b88..03fb3cdf7 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -149,6 +149,6 @@ - name: "Add 'apache_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^apache_installed' line: 'apache_installed: True' diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index c7289edd6..9d80ce71d 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -67,6 +67,6 @@ - name: "Add 'internetarchive_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^internetarchive_installed' line: 'internetarchive_installed: True' diff --git a/roles/kalite/tasks/setup.yml b/roles/kalite/tasks/setup.yml index 495ee6b3c..7884e6be2 100644 --- a/roles/kalite/tasks/setup.yml +++ b/roles/kalite/tasks/setup.yml @@ -27,6 +27,6 @@ - name: "Add 'kalite_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^kalite_installed' line: 'kalite_installed: True' diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index b047f65b1..0e8235d86 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -93,6 +93,6 @@ - name: "Add 'kiwix_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^kiwix_installed' line: 'kiwix_installed: True' diff --git a/roles/kolibri/tasks/apache.yml b/roles/kolibri/tasks/apache.yml index b438fd797..d2a2056af 100644 --- a/roles/kolibri/tasks/apache.yml +++ b/roles/kolibri/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite kolibri.conf when: not kolibri_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/kolibri/tasks/install.yml b/roles/kolibri/tasks/install.yml index 83a9aec3e..7dbc7e2de 100644 --- a/roles/kolibri/tasks/install.yml +++ b/roles/kolibri/tasks/install.yml @@ -121,6 +121,6 @@ - name: "Add 'kolibri_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^kolibri_installed' line: 'kolibri_installed: True' diff --git a/roles/lokole/tasks/apache.yml b/roles/lokole/tasks/apache.yml index f9ddedace..bcfc50676 100644 --- a/roles/lokole/tasks/apache.yml +++ b/roles/lokole/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite lokole.conf when: not lokole_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 76099bde1..fa8c7051e 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -100,6 +100,6 @@ - name: "Add 'lokole_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^lokole_installed' line: 'lokole_installed: True' diff --git a/roles/lokole/tasks/nginx.yml b/roles/lokole/tasks/nginx.yml index 59c259159..954192577 100644 --- a/roles/lokole/tasks/nginx.yml +++ b/roles/lokole/tasks/nginx.yml @@ -1,10 +1,10 @@ -- name: "SHIM: Enable http://box{{ lokole_url }} via NGINX, by installing {{ nginx_conf_dir }}/lokole-nginx.conf from template" # http://box/lokole +- name: Enable http://box{{ lokole_url }} via NGINX, by installing {{ nginx_conf_dir }}/lokole-nginx.conf from template # http://box/lokole template: src: lokole-nginx.conf.j2 dest: "{{ nginx_conf_dir }}/lokole-nginx.conf" # /etc/nginx/conf.d when: lokole_enabled | bool -- name: "SHIM: Disable http://box{{ lokole_url }} via NGINX, by removing {{ nginx_conf_dir }}/lokole-nginx.conf" # http://box/lokole +- name: Disable http://box{{ lokole_url }} via NGINX, by removing {{ nginx_conf_dir }}/lokole-nginx.conf # http://box/lokole file: path: "{{ nginx_conf_dir }}/lokole-nginx.conf" # /etc/nginx/conf.d state: absent diff --git a/roles/mediawiki/tasks/install.yml b/roles/mediawiki/tasks/install.yml index 3b8151a1b..587441ff2 100644 --- a/roles/mediawiki/tasks/install.yml +++ b/roles/mediawiki/tasks/install.yml @@ -94,6 +94,6 @@ - name: "Add 'mediawiki_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^mediawiki_installed' line: 'mediawiki_installed: True' diff --git a/roles/minetest/tasks/provision.yml b/roles/minetest/tasks/provision.yml index 74de12d15..5d932d31a 100644 --- a/roles/minetest/tasks/provision.yml +++ b/roles/minetest/tasks/provision.yml @@ -78,6 +78,6 @@ - name: "Add 'minetest_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^minetest_installed' line: 'minetest_installed: True' diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index 08e8c6a21..0ecb52bc0 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -135,6 +135,6 @@ - name: "Add 'mongodb_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^mongodb_installed' line: 'mongodb_installed: True' diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 8a753b62a..0354e808c 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -18,42 +18,37 @@ fail_msg: "PLEASE GIVE VARIABLE 'mongodb_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes -- name: EXIT MONGODB PLAYBOOK, IF DEBIAN 10+ (where MongoDB doesn't exist) - meta: end_play - when: (is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9) +- debug: + var: mongodb_install +- debug: + var: mongodb_enabled +- debug: + var: mongodb_installed -- name: Install MongoDB if 'mongodb_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml - include_tasks: install.yml - when: mongodb_installed is undefined +- debug: + var: is_debian +- debug: + var: is_raspbian +- name: EXIT 'mongodb' ROLE & CONTINUE, IF 'is_debian and not is_raspbian' i.e. TRUE DEBIAN (where MongoDB no longer exists) + fail: # FORCE IT RED THIS ONCE! + msg: ATTEMPTED MongoDB INSTALLATION WITH (TRUE) DEBIAN, which is no longer supported. Nevertheless IIAB will continue (consider this a warning!) + when: is_debian and not is_raspbian + #when: (is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9) # Test for Debian 10+ + ignore_errors: yes -- name: Enable & Restart 'mongodb' systemd service if mongodb_enabled, incl daemon-reload (in case mongodb.service changed?) - systemd: - name: mongodb - daemon_reload: yes - enabled: yes - state: restarted - when: mongodb_enabled | bool +# ELSE... -- name: Disable 'mongodb' service, if not mongodb_enabled - systemd: - name: mongodb - enabled: no - state: stopped - when: not mongodb_enabled +- name: Install/Enable/Disable/Record MongoDB (main2.yml) if is_raspbian or not is_debian, i.e. not True Debian + include_tasks: main2.yml + when: is_raspbian or not is_debian +# THE block: APPROACH BELOW WORKS JUST LIKE main2.yml ABOVE. +# BUT IT VISUALLY POLLUTES: MANY BLUE "skipping:" MESSAGES IN ANSIBLE'S OUTPUT. -- name: Add 'mongodb' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini - section: mongodb - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: MongoDB - - option: description - value: '"MongoDB is an open-source document database that provides high performance, high availability, and automatic scaling."' - - option: enabled - value: "{{ mongodb_enabled }}" +# - block: # ENTIRE BLOCK CONDITIONED ON 'when: is_raspbian or not is_debian' +# +# [MOVED TO main2.yml] +# +# when: is_raspbian or not is_debian # CONDITION FOR ENTIRE ABOVE block: diff --git a/roles/mongodb/tasks/main2.yml b/roles/mongodb/tasks/main2.yml new file mode 100644 index 000000000..d3ac75edb --- /dev/null +++ b/roles/mongodb/tasks/main2.yml @@ -0,0 +1,34 @@ +- name: Install MongoDB if 'mongodb_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: mongodb_installed is undefined + + +- name: Enable & Restart 'mongodb' systemd service if mongodb_enabled, incl daemon-reload (in case mongodb.service changed?) + systemd: + name: mongodb + daemon_reload: yes + enabled: yes + state: restarted + when: mongodb_enabled | bool + +- name: Disable & Stop 'mongodb' service, if not mongodb_enabled + systemd: + name: mongodb + enabled: no + state: stopped + when: not mongodb_enabled + + +- name: Add 'mongodb' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: mongodb + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: MongoDB + - option: description + value: '"MongoDB is an open-source document database that provides high performance, high availability, and automatic scaling."' + - option: enabled + value: "{{ mongodb_enabled }}" diff --git a/roles/monit/tasks/install.yml b/roles/monit/tasks/install.yml index 7e16ada96..96addc26e 100644 --- a/roles/monit/tasks/install.yml +++ b/roles/monit/tasks/install.yml @@ -63,6 +63,6 @@ - name: "Add 'monit_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^monit_installed' line: 'monit_installed: True' diff --git a/roles/moodle/tasks/apache.yml b/roles/moodle/tasks/apache.yml new file mode 100644 index 000000000..1c9076179 --- /dev/null +++ b/roles/moodle/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box/moodle via Apache + command: a2ensite 022-moodle.conf + when: moodle_enabled | bool + +- name: Disable http://box/moodle via Apache + command: a2dissite 022-moodle.conf + when: not moodle_enabled + +- name: (Re)Start '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted diff --git a/roles/moodle/tasks/enable.yml b/roles/moodle/tasks/enable.yml deleted file mode 100644 index 36f211c60..000000000 --- a/roles/moodle/tasks/enable.yml +++ /dev/null @@ -1,67 +0,0 @@ -- name: Enable 'postgresql-iiab' systemd service, if moodle_enabled - systemd: - name: postgresql-iiab - state: started - enabled: yes - when: moodle_enabled - -# if the only service using the backend db disable if not running -- name: Disable 'postgresql-iiab' systemd service, if not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled) - systemd: - name: postgresql-iiab - state: stopped - enabled: no - when: not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled) - -# Apache - -- name: Enable http://box/moodle via Apache - command: a2ensite 022-moodle.conf - when: apache_install and moodle_enabled - -- name: Disable http://box/moodle via Apache - command: a2dissite 022-moodle.conf - when: apache_install and not moodle_enabled - -- name: Restart '{{ apache_service }}' systemd service - systemd: - name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml - state: restarted - when: apache_enabled | bool - -# NGINX - -- name: Enable http://box/moodle via NGINX, by installing {{ nginx_conf_dir }}/moodle-nginx.conf from template - template: - src: moodle-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/moodle-nginx.conf" - when: nginx_install and moodle_enabled - -- name: Disable http://box/moodle via NGINX, by removing {{ nginx_conf_dir }}/moodle-nginx.conf - file: - path: "{{ nginx_conf_dir }}/moodle-nginx.conf" - state: absent - when: nginx_install and not moodle_enabled - -- name: Restart 'nginx' systemd service - systemd: - name: nginx - state: restarted - when: nginx_enabled | bool - - -- name: Add 'moodle' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" - section: moodle - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Moodle - - option: description - value: '"Access the Moodle learning management system."' - - option: "moodle_base" - value: "{{ moodle_base }}" - - option: moodle_enabled - value: "{{ moodle_enabled }}" diff --git a/roles/moodle/tasks/install.yml b/roles/moodle/tasks/install.yml index 4283312c0..528b0666d 100644 --- a/roles/moodle/tasks/install.yml +++ b/roles/moodle/tasks/install.yml @@ -1,19 +1,13 @@ -- debug: - var: postgresql_install -- debug: - var: postgresql_enabled -- debug: - var: postgresql_installed - - name: "Set 'postgresql_install: True' and 'postgresql_enabled: True'" set_fact: postgresql_install: True postgresql_enabled: True -- name: POSTGRESQL - run the 'postgresql' role +- name: POSTGRESQL - run 'postgresql' role (attempt to install & enable PostgreSQL) include_role: name: postgresql + - name: "Install packages: python-psycopg2, php-pgsql (OS's other than debuntu)" package: name: @@ -35,22 +29,22 @@ state: present when: is_debuntu | bool -- name: "Install package: php{{ php_version }}-zip (ubuntu or debian-9+)" +- name: "Install package: php{{ php_version }}-zip (Ubuntu or Debian 9+)" package: name: "php{{ php_version }}-zip" when: is_ubuntu or (is_debian and not is_debian_8) -- name: "Install package: php-pclzip (debian-8)" - package: - name: php-pclzip - when: is_debian_8 | bool +# - name: "Install package: php-pclzip (debian-8)" +# package: +# name: php-pclzip +# when: is_debian_8 | bool -- name: Determine if Moodle is already downloaded +- name: Does {{ moodle_base }}/config-dist.php exist? (indicating Moodle is/was installed) stat: path: "{{ moodle_base }}/config-dist.php" register: moodle -- name: Download the latest Moodle repo +- name: Clone (i.e. use git to download) {{ moodle_repo_url }} to {{ moodle_base }} git: repo: "{{ moodle_repo_url }}" dest: "{{ moodle_base }}" @@ -63,32 +57,32 @@ - name: Create dir {{ moodle_base }} owned by {{ apache_user }} (for config file?) file: + state: directory path: "{{ moodle_base }}" owner: "{{ apache_user }}" recurse: yes - state: directory - name: Create dir {{ content_base }}/dbdata/moodle owned by {{ apache_user }} file: + state: directory path: "{{ content_base }}/dbdata/moodle" owner: "{{ apache_user }}" # mode: '0755' - state: directory -- name: Create dir {{ moodle_data }} owned by {{ apache_user }}:{{ apache_user }} with write permission 0770 # /library/moodle +- name: Create dir {{ moodle_data }} ({{ apache_user }}:{{ apache_user }}, '0770') # /library/moodle file: + state: directory path: "{{ moodle_data }}" owner: "{{ apache_user }}" group: "{{ apache_user }}" mode: '0770' - state: directory -- name: Remove Apache's stock moodle.conf +- name: Remove stock /etc/{{ apache_conf_dir }}/moodle.conf file: path: "/etc/{{ apache_conf_dir }}/moodle.conf" state: absent -- name: Install Apache's 022-moodle.conf from template, if moodle_enabled +- name: Install /etc/{{ apache_conf_dir }}/022-moodle.conf from template template: src: 022-moodle.j2 dest: "/etc/{{ apache_conf_dir }}/022-moodle.conf" @@ -96,10 +90,10 @@ # group: root # mode: '0644' -- name: Restart postgresql-iiab - service: +- name: Start 'postgresql-iiab' systemd service, to configure Moodle's DB + systemd: name: postgresql-iiab - state: restarted + state: started - name: Create PostgreSQL db user Admin/changeme postgresql_user: @@ -121,21 +115,21 @@ become: yes become_user: postgres -- name: Install {{ moodle_base }}/moodle_installer from template +- name: Install {{ moodle_base }}/moodle_installer from template ('0755') template: src: moodle_installer dest: "{{ moodle_base }}" mode: '0755' -- name: Enable & Restart postgresql-iiab - service: +- name: (Re)Start 'postgresql-iiab' systemd service + systemd: name: postgresql-iiab state: restarted - enabled: yes - when: moodle_enabled | bool + #enabled: yes + #when: moodle_enabled | bool -- name: Restart Apache systemd service ({{ apache_service }}) - service: +- name: (Re)Start '{{ apache_service }}' systemd service + systemd: name: "{{ apache_service }}" state: restarted @@ -148,10 +142,10 @@ shell: "{{ moodle_base }}/moodle_installer" when: config.stat.exists is defined and not config.stat.exists -- name: Give read permission 0644 to {{ moodle_base }}/config.php # /opt/iiab/moodle/config.php +- name: Make {{ moodle_base }}/config.php readable, with permission '0644' #command: chown -R {{ apache_user }} {{ moodle_base }} file: - path: "{{ moodle_base }}/config.php" + path: "{{ moodle_base }}/config.php" # /opt/iiab/moodle mode: '0644' @@ -163,6 +157,6 @@ - name: "Add 'moodle_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^moodle_installed' line: 'moodle_installed: True' diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index 9665f3d6d..c9d8382b1 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -1,7 +1,82 @@ -- name: "Install Moodle" - include_tasks: install.yml - when: moodle_install and not moodle_installed is defined +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: Enable Moodle - include_tasks: enable.yml - when: moodle_install or moodle_installed is defined +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "moodle_install is sameas true" (boolean not string etc) + assert: + that: moodle_install is sameas true + fail_msg: "PLEASE SET 'moodle_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "moodle_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: moodle_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'moodle_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + + +- name: Install Moodle if 'moodle_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: moodle_installed is undefined + + +# - name: Enable 'postgresql-iiab' systemd service, if moodle_enabled +# systemd: +# name: postgresql-iiab +# deamon_reload: yes +# state: started +# enabled: yes +# when: moodle_enabled | bool +# +# # if the only service using the backend db disable if not running +# - name: Disable 'postgresql-iiab' systemd service, if 'not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled)' +# systemd: +# name: postgresql-iiab +# state: stopped +# enabled: no +# when: not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled) + +- name: "Set 'postgresql_enabled: True'" if moodle_enabled + set_fact: + postgresql_enabled: True + when: moodle_enabled | bool + +- name: "Set 'postgresql_enabled: False'" if 'not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled)' + set_fact: + postgresql_enabled: False + when: not moodle_enabled and not (pathagar_enabled is defined and pathagar_enabled) + +- name: POSTGRESQL - run 'postgresql' role (Enable&Start or Disable&Stop PostgreSQL) + include_role: + name: postgresql + + +#- name: Enable/Disable/Restart Apache if primary +- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache + include_tasks: apache.yml + #when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'moodle' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: moodle + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Moodle + - option: description + value: '"Access the Moodle learning management system."' + - option: "moodle_base" + value: "{{ moodle_base }}" + - option: moodle_enabled + value: "{{ moodle_enabled }}" diff --git a/roles/moodle/tasks/nginx.yml b/roles/moodle/tasks/nginx.yml new file mode 100644 index 000000000..4537e44cd --- /dev/null +++ b/roles/moodle/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box/moodle via NGINX, by installing {{ nginx_conf_dir }}/moodle-nginx.conf from template + template: + src: moodle-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/moodle-nginx.conf" # /etc/nginx/conf.d + when: moodle_enabled | bool + +- name: Disable http://box/moodle via NGINX, by removing {{ nginx_conf_dir }}/moodle-nginx.conf + file: + path: "{{ nginx_conf_dir }}/moodle-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not moodle_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted diff --git a/roles/mosquitto/tasks/install.yml b/roles/mosquitto/tasks/install.yml index 695a8d9f2..1df4b78f4 100644 --- a/roles/mosquitto/tasks/install.yml +++ b/roles/mosquitto/tasks/install.yml @@ -38,6 +38,6 @@ - name: "Add 'mosquitto_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^mosquitto_installed' line: 'mosquitto_installed: True' diff --git a/roles/munin/tasks/apache.yml b/roles/munin/tasks/apache.yml index 757ddddaf..150f74ad3 100644 --- a/roles/munin/tasks/apache.yml +++ b/roles/munin/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite munin24.conf when: not munin_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/munin/tasks/install.yml b/roles/munin/tasks/install.yml index f42daa35e..56a0f4386 100644 --- a/roles/munin/tasks/install.yml +++ b/roles/munin/tasks/install.yml @@ -57,6 +57,6 @@ - name: "Add 'munin_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^munin_installed' line: 'munin_installed: True' diff --git a/roles/mysql/tasks/install.yml b/roles/mysql/tasks/install.yml new file mode 100644 index 000000000..29116b500 --- /dev/null +++ b/roles/mysql/tasks/install.yml @@ -0,0 +1,183 @@ +# Stanzas as of 2020-02-04: +# +# - 4 base install +# - Remove the last 3 above, as CentOS & Fedora no longer supported ? +# - 6 double timeout for slow CPUs +# - 7 DB config +# - 2 record as installed + +- name: 'Install MySQL packages: mariadb-server, mariadb-client, and 9 php packages (debuntu)' + package: + name: + - mariadb-server + - mariadb-client + - php{{ php_version }} + - php{{ php_version }}-mysql + - php-pear + - php{{ php_version }}-gd + - php{{ php_version }}-imap + - php{{ php_version }}-ldap + - php{{ php_version }}-odbc + - php{{ php_version }}-xml # Was below + - php{{ php_version }}-xmlrpc + state: present + when: is_debuntu | bool + +# - name: Install package 'php{{ php_version }}-xml' (debuntu) # WAS: (ubuntu or debian 9+) +# package: +# name: "php{{ php_version }}-xml" +# state: present +# when: is_debuntu | bool +# #when: is_ubuntu or (is_debian and not is_debian_8) + +#- name: Install php-xml-parser (debian-8) +# package: +# name: php-xml-parser +# state: present +# when: is_debian_8 | bool + +- name: "Install packages: mysql, MySQL-python and 9 php packages (OS's other than debuntu)" + package: + name: + - MySQL-python + - mysql + - php + - php-mysql + - php-pear + - php-gd + - php-imap + - php-ldap + - php-odbc + - php-xml + - php-xmlrpc + state: present + when: not is_debuntu + +- include_tasks: centos.yml + when: ansible_distribution == "CentOS" + +- include_tasks: fedora.yml + when: ansible_distribution == "Fedora" + + +# 2019-07-03 @jvonau @holta: the next 50 lines (6 stanzas) double MariaDB's +# default boot timeout (90s to 180s) for slow CPUs like this Ubuntu 18.04.2 VM: +# https://github.com/iiab/iiab/issues/1802 +# https://mariadb.com/kb/en/library/what-to-do-if-mariadb-doesnt-start/#systemd + +- name: Check if /lib/systemd/system/mariadb.service exists + stat: + path: /lib/systemd/system/mariadb.service + register: mariadb_unit_file + +- name: Copy pkg's /lib/systemd/system/mariadb.service to /etc/systemd/system/ to be customized (CREATES TIMESTAMPED BACKUPS OF /etc/systemd/system/mariadb.service e.g. IF OPERATOR CUSTOMIZED IT, EVEN DESPITE WARNING BELOW!) + copy: + force: yes + backup: yes + src: /lib/systemd/system/mariadb.service + dest: /etc/systemd/system/ + when: mariadb_unit_file.stat.exists + +- name: Symlink /etc/systemd/system/mysql.service -> /etc/systemd/system/mariadb.service + file: + state: link + force: yes + src: /etc/systemd/system/mariadb.service + path: /etc/systemd/system/mysql.service + when: mariadb_unit_file.stat.exists + +- name: Symlink /etc/systemd/system/mysqld.service -> /etc/systemd/system/mariadb.service + file: + state: link + force: yes + src: /etc/systemd/system/mariadb.service + path: /etc/systemd/system/mysqld.service + when: mariadb_unit_file.stat.exists + +- name: "WARN OPERATOR: Changes made to /etc/systemd/system/mariadb.service WILL BE LOST whenever 'mysql' playbook is run" + lineinfile: + path: /etc/systemd/system/mariadb.service + insertbefore: BOF # Beginning of file + line: "# WARNING: CHANGES TO THIS FILE WILL BE REGULARLY *OVERWRITTEN* BY:\n# /opt/iiab/iiab/roles/mysql/tasks/main.yml\n" + when: mariadb_unit_file.stat.exists + +- name: Set systemd boot timeout to 180 seconds for slow machines, in /etc/systemd/system/mariadb.service + lineinfile: + path: /etc/systemd/system/mariadb.service + insertafter: '^\[Service\]$' + regexp: "^TimeoutStartSec=" + line: "\n# 2019-07-03: @jvonau @holta doubled MariaDB's default boot timeout, from\n# 90 seconds to 180 seconds, for slow machines like this Ubuntu 18.04.2 VM:\n# https://github.com/iiab/iiab/issues/1802\n# https://mariadb.com/kb/en/library/what-to-do-if-mariadb-doesnt-start/#systemd\nTimeoutStartSec=180\n" + # If the line above were to be run repeatedly (never happens here!) Ansible + # would pollute MariaDB's systemd unit file. As multi-line regexp's are + # not allowed (both regexp's should match, for idempotency). If nec, use + # the 1-liner below, or Ansible's 'blockinfile' which pollutes config files + # in its own way...surrounding blocks with marker lines. + # line: "TimeoutStartSec=180" + when: mariadb_unit_file.stat.exists + + +# 7 STANZAS BELOW...could later be put into setup.yml or config.yml or or provision.yml ? + +# Name of MySQL service varies by OS, so hardcoded in /opt/iiab/iiab/vars/.yml (formerly in roles/0-init/tasks/main.yml) +- name: Start MySQL systemd service ({{ mysql_service }}) to permit configuration + systemd: + name: "{{ mysql_service }}" + daemon_reload: yes + state: restarted + +- name: Install /root/.my.cnf file from template, with root password credentials + template: + src: my.cnf.j2 + dest: /root/.my.cnf + owner: root + mode: '0600' + +# 'localhost' needs to be the last item for idempotency, see +# http://ansible.cc/docs/modules.html#mysql-user +# unfortunately it still doesn't work +- name: Update MySQL root password for localhost root accounts + mysql_user: + name: root + host: localhost + password: "{{ mysql_root_password }}" + priv: "*.*:ALL,GRANT" + +- name: Update MySQL root password for all remaining root accounts (127.0.0.1, ::1) + mysql_user: + name: root + host: "{{ item }}" + password: "{{ mysql_root_password }}" + priv: "*.*:ALL,GRANT" + with_items: + #- "{{ iiab_hostname }}.{{ iiab_domain }}" + - 127.0.0.1 + - ::1 + +- name: Delete anonymous MySQL server user for {{ ansible_hostname }} + mysql_user: + user: "" + host: "{{ ansible_hostname }}" + state: absent + +- name: Delete anonymous MySQL server user for localhost + mysql_user: + user: "" + state: absent + +- name: Remove the MySQL 'test' database + mysql_db: + db: test + state: absent + + +# RECORD MySQL AS INSTALLED + +- name: "Set 'mysql_installed: True'" + set_fact: + mysql_installed: True + +- name: "Add 'mysql_installed: True' to {{ iiab_state_file }}" + lineinfile: + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^mysql_installed' + line: 'mysql_installed: True' diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index b62ff931b..c0d24368a 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,194 +1,46 @@ -# TO DO: -# - Validate input vars mysql_install & mysql_enabled -# - Put ~13 stanzas just below into install.yml -# - Triggered by... 'when: mysql_installed is undefined' -# - Eliminate stale Fedora/CentOS code & gratuitous when: is_debuntu clauses? -# - Put ~8 stanzas below that into enable-or-disable.yml +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: 'Install MySQL packages: mariadb-server, mariadb-client, and 8 php packages (debuntu)' - package: - name: - - mariadb-server - - mariadb-client - - php{{ php_version }} - - php{{ php_version }}-mysql - - php-pear - - php{{ php_version }}-gd - - php{{ php_version }}-imap - - php{{ php_version }}-ldap - - php{{ php_version }}-odbc - #- php{{ php_version }}-xml - - php{{ php_version }}-xmlrpc - state: present - when: is_debuntu | bool +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible -- name: Install package 'php{{ php_version }}-xml' (debuntu) # WAS: (ubuntu or debian 9+) - package: - name: "php{{ php_version }}-xml" - state: present - when: is_debuntu | bool - #when: is_ubuntu or (is_debian and not is_debian_8) +- name: Assert that "mysql_install is sameas true" (boolean not string etc) + assert: + that: mysql_install is sameas true + fail_msg: "PLEASE SET 'mysql_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -#- name: Install php-xml-parser (debian-8) -# package: -# name: php-xml-parser -# state: present -# when: is_debian_8 | bool +- name: Assert that "mysql_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: mysql_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'mysql_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -- name: "Install packages: mysql, MySQL-python and 9 php packages (OS's other than debuntu)" - package: - name: - - MySQL-python - - mysql - - php - - php-mysql - - php-pear - - php-gd - - php-imap - - php-ldap - - php-odbc - - php-xml - - php-xmlrpc - state: present - when: not is_debuntu - -- include_tasks: centos.yml - when: ansible_distribution == "CentOS" - -- include_tasks: fedora.yml - when: ansible_distribution == "Fedora" +- debug: + var: mysql_install +- debug: + var: mysql_enabled +- debug: + var: mysql_installed -# 2019-07-03 @jvonau @holta: the next 50 lines (6 stanzas) double MariaDB's -# default boot timeout (90s to 180s) for slow CPUs like this Ubuntu 18.04.2 VM: -# https://github.com/iiab/iiab/issues/1802 -# https://mariadb.com/kb/en/library/what-to-do-if-mariadb-doesnt-start/#systemd - -- name: Check if /lib/systemd/system/mariadb.service exists - stat: - path: /lib/systemd/system/mariadb.service - register: mariadb_unit_file - -- name: Copy pkg's /lib/systemd/system/mariadb.service to /etc/systemd/system/ to be customized (CREATES TIMESTAMPED BACKUPS OF /etc/systemd/system/mariadb.service e.g. IF OPERATOR CUSTOMIZED IT, EVEN DESPITE WARNING BELOW!) - copy: - force: yes - backup: yes - src: /lib/systemd/system/mariadb.service - dest: /etc/systemd/system/ - when: mariadb_unit_file.stat.exists - -- name: Symlink /etc/systemd/system/mysql.service -> /etc/systemd/system/mariadb.service - file: - state: link - force: yes - src: /etc/systemd/system/mariadb.service - path: /etc/systemd/system/mysql.service - when: mariadb_unit_file.stat.exists - -- name: Symlink /etc/systemd/system/mysqld.service -> /etc/systemd/system/mariadb.service - file: - state: link - force: yes - src: /etc/systemd/system/mariadb.service - path: /etc/systemd/system/mysqld.service - when: mariadb_unit_file.stat.exists - -- name: "WARN OPERATOR: Changes made to /etc/systemd/system/mariadb.service WILL BE LOST whenever 'mysql' playbook is run" - lineinfile: - path: /etc/systemd/system/mariadb.service - insertbefore: BOF # Beginning of file - line: "# WARNING: CHANGES TO THIS FILE WILL BE REGULARLY *OVERWRITTEN* BY:\n# /opt/iiab/iiab/roles/mysql/tasks/main.yml\n" - when: mariadb_unit_file.stat.exists - -- name: Set systemd boot timeout to 180 seconds for slow machines, in /etc/systemd/system/mariadb.service - lineinfile: - path: /etc/systemd/system/mariadb.service - insertafter: '^\[Service\]$' - regexp: "^TimeoutStartSec=" - line: "\n# 2019-07-03: @jvonau @holta doubled MariaDB's default boot timeout, from\n# 90 seconds to 180 seconds, for slow machines like this Ubuntu 18.04.2 VM:\n# https://github.com/iiab/iiab/issues/1802\n# https://mariadb.com/kb/en/library/what-to-do-if-mariadb-doesnt-start/#systemd\nTimeoutStartSec=180\n" - # If the line above were to be run repeatedly (never happens here!) Ansible - # would pollute MariaDB's systemd unit file. As multi-line regexp's are - # not allowed (both regexp's should match, for idempotency). If nec, use - # the 1-liner below, or Ansible's 'blockinfile' which pollutes config files - # in its own way...surrounding blocks with marker lines. - # line: "TimeoutStartSec=180" - when: mariadb_unit_file.stat.exists +- name: Install MySQL if 'mysql_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: mysql_installed is undefined -# RECORD MySQL AS INSTALLED - -- name: "Set 'mysql_installed: True'" - set_fact: - mysql_installed: True - -- name: "Add 'mysql_installed: True' to {{ iiab_state_file }}" - lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml - regexp: '^mysql_installed' - line: 'mysql_installed: True' - - -# Name of MySQL service varies by OS, so hardcoded in /opt/iiab/iiab/vars/.yml (formerly in roles/0-init/tasks/main.yml) -- name: Enable & Start MySQL systemd service ({{ mysql_service }}) if mysql_enabled +- name: Enable & Start MySQL ({{ mysql_service }}) systemd service, if mysql_enabled systemd: name: "{{ mysql_service }}" daemon_reload: yes - state: restarted + state: started enabled: yes when: mysql_enabled | bool -- name: Install /root/.my.cnf file from template, with root password credentials, if mysql_enabled - template: - src: my.cnf.j2 - dest: /root/.my.cnf - owner: root - mode: '0600' - when: mysql_enabled | bool - -# 'localhost' needs to be the last item for idempotency, see -# http://ansible.cc/docs/modules.html#mysql-user -# unfortunately it still doesn't work -- name: Update MySQL root password for localhost root accounts, if mysql_enabled - mysql_user: - name: root - host: localhost - password: "{{ mysql_root_password }}" - priv: "*.*:ALL,GRANT" - when: mysql_enabled | bool - -- name: Update MySQL root password for all remaining root accounts (127.0.0.1, ::1) if mysql_enabled - mysql_user: - name: root - host: "{{ item }}" - password: "{{ mysql_root_password }}" - priv: "*.*:ALL,GRANT" - with_items: - #- "{{ iiab_hostname }}.{{ iiab_domain }}" - - 127.0.0.1 - - ::1 - when: mysql_enabled | bool - -- name: Delete anonymous MySQL server user for {{ ansible_hostname }}, if mysql_enabled - mysql_user: - user: "" - host: "{{ ansible_hostname }}" - state: absent - when: mysql_enabled | bool - -- name: Delete anonymous MySQL server user for localhost, if mysql_enabled - mysql_user: - user: "" - state: absent - when: mysql_enabled | bool - -- name: Remove the MySQL 'test' database, if mysql_enabled - mysql_db: - db: test - state: absent - when: mysql_enabled | bool - -# we had to start mysql in order to configure it, now turn if off if not enabled -- name: Config is done but now DISABLE MySQL service, if not mysql_enabled +# We had to start MySQL in order to configure it, now turn if off if not enabled +- name: Disable & Stop MySQL ({{ mysql_service }}) systemd service, if not mysql_enabled systemd: name: "{{ mysql_service }}" enabled: no @@ -198,7 +50,7 @@ - name: Add 'mysql' variable values to {{ iiab_ini_file }} ini_file: - path: "{{ iiab_ini_file }}" + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini section: mysql option: "{{ item.option }}" value: "{{ item.value | string }}" diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 5e78b7714..15e275d9d 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -174,14 +174,14 @@ - name: Record IIAB_WAN_DEVICE to {{ iiab_env_file }} lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^IIAB_WAN_DEVICE=*' line: 'IIAB_WAN_DEVICE="{{ iiab_wan_iface }}"' when: not installing #REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml - name: Record IIAB_LAN_DEVICE to {{ iiab_env_file }} lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^IIAB_LAN_DEVICE=*' line: 'IIAB_LAN_DEVICE="{{ iiab_lan_iface }}"' state: present diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index fba41efe9..619644bcf 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -50,6 +50,6 @@ - name: "Add 'dansguardian_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^dansguardian_installed' line: 'dansguardian_installed: True' diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index 054db6ee5..5a066eba2 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -56,6 +56,6 @@ - name: "Add 'dhcpd_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^dhcpd_installed' line: 'dhcpd_installed: True' diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 28b399df0..76b4602da 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -174,7 +174,7 @@ - name: Revert to 'HTTPCACHE_ON=False' if not squid_enabled lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^HTTPCACHE_ON=*' line: 'HTTPCACHE_ON=False' state: present diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index a99632867..7c14c190f 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -63,7 +63,7 @@ - name: Record HOSTAPD_ENABLED to {{ iiab_env_file }} lineinfile: - dest: "{{ iiab_env_file }}" + path: "{{ iiab_env_file }}" regexp: '^HOSTAPD_ENABLED=*' line: 'HOSTAPD_ENABLED={{ hostapd_enabled }}' state: present diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index f967f5c4a..2111f15aa 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -79,7 +79,7 @@ - name: "Add 'named_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^named_installed' line: 'named_installed: True' diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 55f8ad0a9..8bde37ba7 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -82,7 +82,7 @@ - name: "Add 'squid_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^squid_installed' line: 'squid_installed: True' diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index d55481471..ce96c79b7 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -40,7 +40,7 @@ - name: "Add 'wondershaper_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^wondershaper_installed' line: 'wondershaper_installed: True' diff --git a/roles/nextcloud/tasks/apache.yml b/roles/nextcloud/tasks/apache.yml index f5de50ed7..5a1945a78 100644 --- a/roles/nextcloud/tasks/apache.yml +++ b/roles/nextcloud/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite nextcloud.conf when: not nextcloud_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 1ccbc4ad7..cf1d233a5 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -188,6 +188,6 @@ - name: "Add 'nextcloud_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^nextcloud_installed' line: 'nextcloud_installed: True' diff --git a/roles/nextcloud/tasks/nginx.yml b/roles/nextcloud/tasks/nginx.yml index b4b36b401..80001b232 100644 --- a/roles/nextcloud/tasks/nginx.yml +++ b/roles/nextcloud/tasks/nginx.yml @@ -1,10 +1,10 @@ -- name: "SHIM: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template" # http://box/nextcloud +- name: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template # http://box/nextcloud template: src: nextcloud-nginx.conf.j2 dest: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d when: nextcloud_enabled | bool -- name: "SHIM: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf" # http://box/nextcloud +- name: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf # http://box/nextcloud file: path: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d state: absent diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index ad21ac29d..fcc04db91 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -52,6 +52,6 @@ - name: "Add 'nginx_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^nginx_installed' line: 'nginx_installed: True' diff --git a/roles/nodejs/tasks/install.yml b/roles/nodejs/tasks/install.yml new file mode 100644 index 000000000..5a7e0ae0d --- /dev/null +++ b/roles/nodejs/tasks/install.yml @@ -0,0 +1,154 @@ +# 1. TEST IF Node.js ALEADY INSTALLED & WARN AS NEC + +# 2019-02-03: BELOW TESTS IF 'nodejs' VERSION IS ALREADY INSTALLED: +# IF SO & THIS DOESN'T MATCH nodejs_version AS SET IN defaults_vars.yml +# AND/OR local_vars.yml, INSTALL HALTS WITH AN EXPLANATION (PR #1447) + +# 2019-07-04: FOR A SOMEWHAT MORE MODERN "VERSION DETECTOR" SEE: +# github.com/iiab/iiab/blob/master/roles/nextcloud/tasks/install.yml#L1-L40 + +- name: Try to run 'nodejs -v' to get Node.js version + # 'node -v' doesn't work with older versions e.g. Ubuntu 16.04's nodejs 4.2.6 + # Both below convert v10.15.1 to 10.x, but this is safer: (removes non-digits) + shell: nodejs -v | sed 's/[^0-9]*//' | sed 's/[^0-9].*/.x/' + #shell: nodejs -v | sed 's/^[vV]//' | sed 's/\..*/.x/' + register: nodejs_version_installed + +#- debug: +# var: nodejs_version_installed + +# When nodejs is NOT installed: +# nodejs_version_installed.rc == 0 # Crazy with stderr below, "due to pipes" +# nodejs_version_installed.stdout == "" +# nodejs_version_installed.stderr == "/bin/sh: 1: nodejs: not found" +# BOTH ABOVE (incl non-null stderr) are USED BELOW to confirm install is nec! + +#- name: "ENFORCE PRECONDITION: Stop installing (intentionally fail) IF an installed 'nodejs' version isn't {{ nodejs_version }}" +# fail: +# msg: > +# PLEASE REMOVE 'nodejs' VERSION {{ nodejs_version_installed.stdout }} AS +# IT DOES NOT MATCH THE REQUIRED nodejs_version: {{ nodejs_version }} -- +# as set in /opt/iiab/iiab/vars/default_vars.yml and/or +# /etc/iiab/local_vars.yml -- then re-run this IIAB installer. +# when: nodejs_version_installed is defined and nodejs_version_installed.stdout != nodejs_version and nodejs_version_installed.stderr == "" + +# Forces < 12 or > 12 to be removed, ignored if file is absent +- name: Remove /etc/apt/sources.list.d/nodesource.list if nodejs_version_installed.stdout is not {{ nodejs_version }} + file: + state: absent + path: /etc/apt/sources.list.d/nodesource.list + when: nodejs_version_installed is defined and nodejs_version_installed.stdout != nodejs_version and nodejs_version_installed.stdout != "" + +# BRUTAL but ensures consistency across OS's / distros like Raspbian Desktop & Ubermix that often include an older version of Node.js +# Forces < 12 or > 12 to be uninstalled +- name: ASK apt/yum/dnf TO REMOVE PRE-EXISTING Node.js {{ nodejs_version_installed.stdout }} (IF IT'S NOT {{ nodejs_version }}) + package: + name: nodejs + state: absent + when: nodejs_version_installed is defined and nodejs_version_installed.stdout != nodejs_version and nodejs_version_installed.stdout != "" + +# Forces == 12 +- name: Warn if Node.js {{ nodejs_version}} already installed & might be updated + debug: + msg: "WARN: YOUR Node.js {{ nodejs_version }} MIGHT NOW BE UPDATED USING nodesource.com" + when: nodejs_version_installed is defined and nodejs_version_installed.stdout == nodejs_version + + +# 2. INSTALL Node.js USING nodesource.com + +# 2019-02-12: Should not be nec, as stanza below it should overwrite +# /etc/apt/sources.list.d/nodesource.list regardless! +# +#- name: Clear prior /etc/apt/sources.list.d/nodesource.list (permitting Node.js downgrade if nec) +# file: +# path: /etc/apt/sources.list.d/nodesource.list +# state: absent +# when: internet_available and is_debuntu + +- name: Set up Node.js {{ nodejs_version }} apt sources (debuntu) + shell: curl -sL https://deb.nodesource.com/setup_{{ nodejs_version }} | bash - + args: + warn: no + creates: /etc/apt/sources.list.d/nodesource.list + when: internet_available and is_debuntu + #when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) + # NOT NEC TO TEST FOR is_raspbian_8 OR is_raspbian_9 AS /opt/iiab/iiab/vars/.yml + # DEFINES THESE AS SUBSETS OF is_debian_8 OR is_debian_9 (FOR NOW!) + +# 2019-03-29: Above works on Debian 10 Buster pre-releases, but fails on Ubuntu +# 19.04 Beta. Comment it out for now, and manually run: "apt install npm" then +# "npm install -g npm@latest" (all *SHOULD* be magically fixed by 2019-04-18 ?) + +# Forces update +- name: Install latest Node.js {{ nodejs_version }} which includes /usr/bin/npm (debuntu) + package: + #name: nodejs={{ nodejs_version }} + name: nodejs + state: latest + #state: present + when: internet_available and is_debuntu + #when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) + +- name: Set up & install Node.js {{ nodejs_version }} which includes /usr/bin/npm (redhat) + shell: curl -sL https://rpm.nodesource.com/setup_{{ nodejs_version }} | bash - + args: + warn: no + when: internet_available and is_redhat + + +# 2018-07-14: BOTH STEPS ABOVE TAKE TIME, but Raspbian (apt offers npm +# 1.4.21) & Debian 9 (apt offers no npm!) STILL NEED the above +# nodesource.com approach to get a version of npm that works with Sugarizer: +# https://github.com/iiab/iiab/issues/798#issuecomment-404324530 +# +# MORE POSITIVELY: this nodesource.com approach (brings in npm 5.6.0 with +# nodejs 8.11.3 for now, to any OS) would also work on Ubuntu 18.04, and +# might even bring about a sane consistency across mainline OS's? +# +# BUT FOR NOW: Ubuntu 18.04's apt (approach below) brings in npm 3.5.2, +# which appears suffic "SO FAR"? 18.04's nodejs 8.10.0 is more reassuring! +# +# CRAZY IDEA: most versions of npm can upgrade themselves to the latest +# (6.2.0 for now) using command "npm install -g npm", if that helps us in +# future, e.g. TK's memory issue etc? If so, be CAREFUL this puts npm +# in /usr/local/bin on Ubuntu 18.04 -- unlike Ubuntu 16.04 and Raspbian +# where it upgrades /usr/bin/npm in place: +# https://askubuntu.com/questions/1036278/npm-is-incorrect-version-on-latest-ubuntu-18-04-installation + +# 2019-02-03: OLD WAY (PRIOR TO 2019) BELOW. Since then, @m-anish helped +# us standardize on the above nodesource.com approach i.e. +# https://github.com/nodesource/distributions#debinstall ...across all +# distros (so nodejs & npm always findable in /usr/bin, for Node-RED etc) + +# - name: Install packages nodejs {{ nodejs_version }} and npm (debuntu distros AFTER 2017, or other distros) +# package: +# name: +# - nodejs={{ nodejs_version }} # Nec to change above from 'package:' to 'apt:' ? +# - npm +# state: latest +# when: internet_available and not (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) + +# 2019-01-16: fyi Node.js 10.x became "LTS" on 2018-10-30 but distros are +# holding back for now: certainly Ubuntu 18.04 and even Debian 10/Buster +# ("testing" branch) both install Node.js 8.x (instead of 10.x). While the +# more bleeding-edge Debian Sid ("unstable" branch) does install Node.js 10.x +# +# This May Change: thanks all for running "apt -a list nodejs" on Buster's +# daily builds @ www.debian.org/devel/debian-installer/ and Disco Dingo (Ubuntu +# 19.04) https://launchpad.net/ubuntu/+source/nodejs to keep us informed! + +# 2019-03-29: Debian 10 Buster & Ubuntu 19.04 pre-releases made the jump +# thankfully; currently both offer Node.js 10.15.2 + + +# 3. RECORD Node.js AS INSTALLED + +- name: "Set 'nodejs_installed: True'" + set_fact: + nodejs_installed: True + +- name: "Add 'nodejs_installed: True' to {{ iiab_state_file }}" + lineinfile: + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^nodejs_installed' + line: 'nodejs_installed: True' diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index e47ba1cf0..243a688fa 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -1,164 +1,57 @@ -# 2019-02-12: SEE VAR nodejs_version: 10.x (FOR NOW!) IN vars/default_vars.yml -# AND IF NEC OVERRIDE THIS IN /etc/iiab/local_vars.yml +# SEE VAR nodejs_version: 12.x IN /opt/iiab/iiab/vars/default_vars.yml (FOR +# NOW!) AND IF NEC OVERRIDE THIS IN /etc/iiab/local_vars.yml -# Duplicate Node.js code unified by @jvonau. Revised by @holta. Now used by: -# roles/nodered/tasks/main.yml w/ roles/nodered/meta/main.yml -# roles/pbx/tasks/main.yml w/ roles/pbx/meta/main.yml (Asterisk/FreePBX) -# roles/sugarizer/tasks/main.yml w/ roles/sugarizer/meta/main.yml +# Duplicate Node.js code unified by @jvonau. Revised by @holta. Used by: +# roles/nodered/tasks/*.yml formerly w/ roles/nodered/meta/main.yml +# roles/pbx/tasks/*.yml formerly w/ roles/pbx/meta/main.yml (Asterisk/FreePBX) +# roles/sugarizer/tasks/*.yml formerly w/ roles/sugarizer/meta/main.yml -# 1. TEST IF Node.js ALEADY INSTALLED & WARN AS NEC +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -# 2019-02-03: BELOW TESTS IF 'nodejs' VERSION IS ALREADY INSTALLED: -# IF SO & THIS DOESN'T MATCH nodejs_version AS SET IN defaults_vars.yml -# AND/OR local_vars.yml, INSTALL HALTS WITH AN EXPLANATION (PR #1447) +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible -# 2019-07-04: FOR A SOMEWHAT MORE MODERN "VERSION DETECTOR" SEE: -# github.com/iiab/iiab/blob/master/roles/nextcloud/tasks/install.yml#L1-L40 +- name: Assert that "nodejs_install is sameas true" (boolean not string etc) + assert: + that: nodejs_install is sameas true + fail_msg: "PLEASE SET 'nodejs_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -- name: Try to run 'nodejs -v' to get Node.js version - # 'node -v' doesn't work with older versions e.g. Ubuntu 16.04's nodejs 4.2.6 - # Both below convert v10.15.1 to 10.x, but this is safer: (removes non-digits) - shell: nodejs -v | sed 's/[^0-9]*//' | sed 's/[^0-9].*/.x/' - #shell: nodejs -v | sed 's/^[vV]//' | sed 's/\..*/.x/' - register: nodejs_version_installed +- name: Assert that "nodejs_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: nodejs_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'nodejs_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -#- debug: -# var: nodejs_version_installed - -# When nodejs is NOT installed: -# nodejs_version_installed.rc == 0 # Crazy with stderr below, "due to pipes" -# nodejs_version_installed.stdout == "" -# nodejs_version_installed.stderr == "/bin/sh: 1: nodejs: not found" -# BOTH ABOVE (incl non-null stderr) are USED BELOW to confirm install is nec! - -#- name: "ENFORCE PRECONDITION: Stop installing (intentionally fail) IF an installed 'nodejs' version isn't {{ nodejs_version }}" -# fail: -# msg: > -# PLEASE REMOVE 'nodejs' VERSION {{ nodejs_version_installed.stdout }} AS -# IT DOES NOT MATCH THE REQUIRED nodejs_version: {{ nodejs_version }} -- -# as set in /opt/iiab/iiab/vars/default_vars.yml and/or -# /etc/iiab/local_vars.yml -- then re-run this IIAB installer. -# when: nodejs_version_installed is defined and nodejs_version_installed.stdout != nodejs_version and nodejs_version_installed.stderr == "" - -# Forces < 12 or > 12 to be removed, ignored if file is absent -- name: Remove /etc/apt/sources.list.d/nodesource.list if nodejs_version_installed.stdout is not {{ nodejs_version }} - file: - state: absent - path: /etc/apt/sources.list.d/nodesource.list - when: nodejs_version_installed is defined and nodejs_version_installed.stdout != nodejs_version and nodejs_version_installed.stdout != "" - -# BRUTAL but ensures consistency across OS's / distros like Raspbian Desktop & Ubermix that often include an older version of Node.js -# Forces < 12 or > 12 to be uninstalled -- name: ASK apt/yum/dnf TO REMOVE PRE-EXISTING Node.js {{ nodejs_version_installed.stdout }} (IF IT'S NOT {{ nodejs_version }}) - package: - name: nodejs - state: absent - when: nodejs_version_installed is defined and nodejs_version_installed.stdout != nodejs_version and nodejs_version_installed.stdout != "" - -# Forces == 12 -- name: Warn if Node.js {{ nodejs_version}} already installed & might be updated - debug: - msg: "WARN: YOUR Node.js {{ nodejs_version }} MIGHT NOW BE UPDATED USING nodesource.com" - when: nodejs_version_installed is defined and nodejs_version_installed.stdout == nodejs_version +- debug: + var: nodejs_install +- debug: + var: nodejs_enabled +- debug: + var: nodejs_installed -# 2. INSTALL Node.js USING nodesource.com - -# 2019-02-12: Should not be nec, as stanza below it should overwrite -# /etc/apt/sources.list.d/nodesource.list regardless! -# -#- name: Clear prior /etc/apt/sources.list.d/nodesource.list (permitting Node.js downgrade if nec) -# file: -# path: /etc/apt/sources.list.d/nodesource.list -# state: absent -# when: internet_available and is_debuntu - -- name: Set up Node.js {{ nodejs_version }} apt sources (debuntu) - shell: curl -sL https://deb.nodesource.com/setup_{{ nodejs_version }} | bash - - args: - warn: no - creates: /etc/apt/sources.list.d/nodesource.list - when: internet_available and is_debuntu - #when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) - # NOT NEC TO TEST FOR is_raspbian_8 OR is_raspbian_9 AS /opt/iiab/iiab/vars/.yml - # DEFINES THESE AS SUBSETS OF is_debian_8 OR is_debian_9 (FOR NOW!) - -# 2019-03-29: Above works on Debian 10 Buster pre-releases, but fails on Ubuntu -# 19.04 Beta. Comment it out for now, and manually run: "apt install npm" then -# "npm install -g npm@latest" (all *SHOULD* be magically fixed by 2019-04-18 ?) - -# Forces update -- name: Install latest Node.js {{ nodejs_version }} which includes /usr/bin/npm (debuntu) - package: - #name: nodejs={{ nodejs_version }} - name: nodejs - state: latest - #state: present - when: internet_available and is_debuntu - #when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) - -- name: Set up & install Node.js {{ nodejs_version }} which includes /usr/bin/npm (redhat) - shell: curl -sL https://rpm.nodesource.com/setup_{{ nodejs_version }} | bash - - args: - warn: no - when: internet_available and is_redhat +- name: Install Node.js if 'nodejs_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: nodejs_installed is undefined -# 2018-07-14: BOTH STEPS ABOVE TAKE TIME, but Raspbian (apt offers npm -# 1.4.21) & Debian 9 (apt offers no npm!) STILL NEED the above -# nodesource.com approach to get a version of npm that works with Sugarizer: -# https://github.com/iiab/iiab/issues/798#issuecomment-404324530 -# -# MORE POSITIVELY: this nodesource.com approach (brings in npm 5.6.0 with -# nodejs 8.11.3 for now, to any OS) would also work on Ubuntu 18.04, and -# might even bring about a sane consistency across mainline OS's? -# -# BUT FOR NOW: Ubuntu 18.04's apt (approach below) brings in npm 3.5.2, -# which appears suffic "SO FAR"? 18.04's nodejs 8.10.0 is more reassuring! -# -# CRAZY IDEA: most versions of npm can upgrade themselves to the latest -# (6.2.0 for now) using command "npm install -g npm", if that helps us in -# future, e.g. TK's memory issue etc? If so, be CAREFUL this puts npm -# in /usr/local/bin on Ubuntu 18.04 -- unlike Ubuntu 16.04 and Raspbian -# where it upgrades /usr/bin/npm in place: -# https://askubuntu.com/questions/1036278/npm-is-incorrect-version-on-latest-ubuntu-18-04-installation - -# 2019-02-03: OLD WAY (PRIOR TO 2019) BELOW. Since then, @m-anish helped -# us standardize on the above nodesource.com approach i.e. -# https://github.com/nodesource/distributions#debinstall ...across all -# distros (so nodejs & npm always findable in /usr/bin, for Node-RED etc) - -# - name: Install packages nodejs {{ nodejs_version }} and npm (debuntu distros AFTER 2017, or other distros) -# package: -# name: -# - nodejs={{ nodejs_version }} # Nec to change above from 'package:' to 'apt:' ? -# - npm -# state: latest -# when: internet_available and not (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) - -# 2019-01-16: fyi Node.js 10.x became "LTS" on 2018-10-30 but distros are -# holding back for now: certainly Ubuntu 18.04 and even Debian 10/Buster -# ("testing" branch) both install Node.js 8.x (instead of 10.x). While the -# more bleeding-edge Debian Sid ("unstable" branch) does install Node.js 10.x -# -# This May Change: thanks all for running "apt -a list nodejs" on Buster's -# daily builds @ www.debian.org/devel/debian-installer/ and Disco Dingo (Ubuntu -# 19.04) https://launchpad.net/ubuntu/+source/nodejs to keep us informed! - -# 2019-03-29: Debian 10 Buster & Ubuntu 19.04 pre-releases made the jump -# thankfully; currently both offer Node.js 10.15.2 - - - -# 3. RECORD Node.js AS INSTALLED - -- name: "Set 'nodejs_installed: True'" - set_fact: - nodejs_installed: True - -- name: "Add 'nodejs_installed: True' to {{ iiab_state_file }}" - lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml - regexp: '^nodejs_installed' - line: 'nodejs_installed: True' +- name: Add 'nodejs' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab_state.yml + section: nodejs + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Nodejs + - option: description + value: '"Node.js is a JavaScript runtime environment built on Chrome''s V8 JavaScript engine, that executes JavaScript code outside of a browser."' + - option: install + value: "{{ nodejs_install }}" + - option: enabled + value: "{{ nodejs_enabled }}" diff --git a/roles/nodered/tasks/apache.yml b/roles/nodered/tasks/apache.yml new file mode 100644 index 000000000..db2484a3b --- /dev/null +++ b/roles/nodered/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box/nodered via Apache + command: a2ensite nodered.conf + when: nodered_enabled | bool + +- name: Disable http://box/nodered via Apache + command: a2dissite nodered.conf + when: not nodered_enabled + +- name: (Re)Start '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted diff --git a/roles/nodered/tasks/enable.yml b/roles/nodered/tasks/enable.yml deleted file mode 100644 index d6eb9dba8..000000000 --- a/roles/nodered/tasks/enable.yml +++ /dev/null @@ -1,68 +0,0 @@ -- name: Enable & (Re)start 'nodered' systemd service - systemd: - name: nodered - daemon_reload: yes - enabled: yes - state: restarted - when: nodered_enabled - -- name: Disable & Stop 'nodered' systemd service - systemd: - name: nodered - enabled: no - state: stopped - when: not nodered_enabled - -# Apache - -- name: Enable http://box/nodered via Apache - command: a2ensite nodered.conf - when: apache_install and nodered_enabled - -- name: Disable http://box/nodered via Apache - command: a2dissite nodered.conf - when: apache_install and not nodered_enabled - -- name: Restart Apache systemd service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" - state: restarted - when: apache_enabled | bool - -# NGINX - -- name: "SHIM: Enable http://box/nodered_url via NGINX, by installing {{ nginx_conf_dir }}/nodered-nginx.conf from template" - template: - src: nodered-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/nodered-nginx.conf" - # mode: '0666' - when: nginx_install and nodered_enabled - -- name: "SHIM: Disable http://box/nodered_url via NGINX, by removing {{ nginx_conf_dir }}/nodered-nginx.conf" - file: - path: "{{ nginx_conf_dir }}/nodered-nginx.conf" - state: absent - when: nginx_install and not nodered_enabled - -- name: Restart 'nginx' systemd service - systemd: - name: nginx - state: restarted - when: nginx_enabled | bool - - -- name: Add 'nodered' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" - section: nodered - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Node-RED - - option: description - value: '"Node-RED is a flow-based development tool for visual programming developed originally by IBM for wiring together hardware devices, APIs and online services as part of the Internet of Things. Node-RED provides a web browser-based flow editor, which can be used to create JavaScript functions."' - - option: nodered_install - value: "{{ nodered_install }}" - - option: nodered_enabled - value: "{{ nodered_enabled }}" diff --git a/roles/nodered/tasks/install.yml b/roles/nodered/tasks/install.yml index 80551feac..91a7bdd59 100644 --- a/roles/nodered/tasks/install.yml +++ b/roles/nodered/tasks/install.yml @@ -1,31 +1,24 @@ # 2019-01-16: @jvonau's PR #1403 moved installation of Node.js (8.x for now) & # npm to roles/nodejs/tasks/main.yml -- debug: - var: nodejs_install -- debug: - var: nodejs_enabled -- debug: - var: nodejs_installed - - name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" set_fact: nodejs_install: True nodejs_enabled: True # 2020-01-04 no longer triggered by roles/nodered/meta/main.yml -- name: NODEJS - run the 'nodejs' role +- name: NODEJS - run 'nodejs' role (attempt to install & enable Node.js) include_role: name: nodejs -- name: FAIL (STOP THE INSTALL) IF nodejs_installed is undefined +- name: FAIL (STOP THE INSTALL) IF 'nodejs_installed is undefined' fail: - msg: "Sugarizer install cannot proceed, as Node.js failed to install." + msg: "Node-RED install cannot proceed, as Node.js is not installed." when: nodejs_installed is undefined -- name: FAIL (STOP THE INSTALL) IF nodejs_version != "12.x" +- name: FAIL (STOP THE INSTALL) IF 'nodejs_version != "12.x"' fail: - msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, and your nodejs_version appears to be {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc!" + msg: "Node-RED install cannot proceed, as it currently requires Node.js 12.x, whereas nodejs_version is set to {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc." when: nodejs_version != "12.x" @@ -130,6 +123,6 @@ - name: "Add 'nodered_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^nodered_installed' line: 'nodered_installed: True' diff --git a/roles/nodered/tasks/main.yml b/roles/nodered/tasks/main.yml index 6ee3d8abe..543489291 100644 --- a/roles/nodered/tasks/main.yml +++ b/roles/nodered/tasks/main.yml @@ -1,5 +1,66 @@ -- include_tasks: install.yml - when: nodered_install and not nodered_installed is defined +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- include_tasks: enable.yml - when: nodered_install or nodered_installed is defined +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "nodered_install is sameas true" (boolean not string etc) + assert: + that: nodered_install is sameas true + fail_msg: "PLEASE SET 'nodered_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "nodered_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: nodered_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'nodered_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + + +- name: Install Node-RED if nodered_installed is not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: nodered_installed is undefined + + +- name: Enable & (Re)start 'nodered' systemd service, if nodered_enabled + systemd: + name: nodered + daemon_reload: yes + enabled: yes + state: restarted + when: nodered_enabled | bool + +- name: Disable & Stop 'nodered' systemd service, if not nodered_enabled + systemd: + name: nodered + enabled: no + state: stopped + when: not nodered_enabled + +#- name: Enable/Disable/Restart Apache if primary +- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache + include_tasks: apache.yml + #when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'nodered' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: nodered + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Node-RED + - option: description + value: '"Node-RED is a flow-based development tool for visual programming developed originally by IBM for wiring together hardware devices, APIs and online services as part of the Internet of Things. Node-RED provides a web browser-based flow editor, which can be used to create JavaScript functions."' + - option: nodered_install + value: "{{ nodered_install }}" + - option: nodered_enabled + value: "{{ nodered_enabled }}" diff --git a/roles/nodered/tasks/nginx.yml b/roles/nodered/tasks/nginx.yml new file mode 100644 index 000000000..168b43c1d --- /dev/null +++ b/roles/nodered/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box/nodered via NGINX, by installing {{ nginx_conf_dir }}/nodered-nginx.conf from template + template: + src: nodered-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/nodered-nginx.conf" # /etc/nginx/conf.d + when: nodered_enabled | bool + +- name: Disable http://box/nodered via NGINX, by removing {{ nginx_conf_dir }}/nodered-nginx.conf + file: + path: "{{ nginx_conf_dir }}/nodered-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not nodered_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 10651af47..c0273eb83 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -116,7 +116,7 @@ - name: "Add 'openvpn_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^openvpn_installed' line: 'openvpn_installed: True' diff --git a/roles/osm-vector-maps/tasks/install.yml b/roles/osm-vector-maps/tasks/install.yml index e4e17d099..849c42017 100644 --- a/roles/osm-vector-maps/tasks/install.yml +++ b/roles/osm-vector-maps/tasks/install.yml @@ -75,6 +75,6 @@ - name: "Add 'osm_vector_maps_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^osm_vector_maps_installed' line: 'osm_vector_maps_installed: True' diff --git a/roles/pbx/tasks/install.yml b/roles/pbx/tasks/install.yml new file mode 100644 index 000000000..6eec69a3a --- /dev/null +++ b/roles/pbx/tasks/install.yml @@ -0,0 +1,72 @@ +- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + set_fact: + nodejs_install: True + nodejs_enabled: True + +- name: NODEJS - run 'nodejs' role (attempt to install & enable Node.js) + include_role: + name: nodejs + +- name: FAIL (STOP THE INSTALL) IF 'nodejs_installed is undefined' + fail: + msg: "PBX install cannot proceed, as Node.js is not installed." + when: nodejs_installed is undefined + +- name: FAIL (STOP THE INSTALL) IF 'nodejs_version != "10.x"' + fail: + msg: "PBX install cannot proceed, as it currently requires Node.js 10.x, whereas nodejs_version is set to {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc." + when: nodejs_version != "10.x" + + +#- name: TODO: Check if asterisk and freepbx are already installed + +- debug: # Crazy spacing below is tuned for 80-column screens + msg: >- + ####################################################################WARNING: + ONLY UBUNTU 18.04, DEBIAN 9 & RASPBIAN ARE SUPPORTED AS OF FEB 2019. Please + assist Internet-in-a-Box communities worldwide if you can make + Asterisk and FreePBX work on other OS's / distros, Thank + You! http://FAQ.IIAB.IO ############################################################################### + +- name: Check if freepbx is already installed + stat: + path: /etc/systemd/system/freepbx.service + register: freepbx_installed + +- debug: + msg: >- + FreePBX already installed. Reinstall shall be skipped + when: freepbx_installed.stat.exists + +- name: Install Asterisk (debuntu) + include_tasks: asterisk.yml + when: internet_available and pbx_install and (not pbx_installed) and is_debuntu and (not freepbx_installed.stat.exists) + + #when: internet_available and pbx_install and (not pbx_installed) and ((is_debian and ansible_distribution_major_version == "9") or is_ubuntu_18) + +- name: Install FreePBX (debuntu) + include_tasks: freepbx.yml + when: internet_available and pbx_install and (not pbx_installed) and is_debuntu and (not freepbx_installed.stat.exists) + #when: internet_available and pbx_install and (not pbx_installed) and ((is_debian and ansible_distribution_major_version == "9") or is_ubuntu_18) + +- name: Enable FreePBX (debuntu) + include_tasks: freepbx_enable.yml + when: internet_available and pbx_install and (not pbx_installed) and is_debuntu + #when: internet_available and pbx_install and (not pbx_installed) and ((is_debian and ansible_distribution_major_version == "9") or is_ubuntu_18) + +- name: Asterisk - Install chan_dongle + include: chan_dongle.yml + when: asterisk_chan_dongle | bool + + +# RECORD PBX AS INSTALLED + +- name: "Set 'pbx_installed: True'" + set_fact: + pbx_installed: True + +- name: "Add 'pbx_installed: True' to {{ iiab_state_file }}" + lineinfile: + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^pbx_installed' + line: 'pbx_installed: True' diff --git a/roles/pbx/tasks/main.yml b/roles/pbx/tasks/main.yml index bdcc26c51..44bbe2332 100644 --- a/roles/pbx/tasks/main.yml +++ b/roles/pbx/tasks/main.yml @@ -1,81 +1,41 @@ -- debug: - var: nodejs_install -- debug: - var: nodejs_enabled -- debug: - var: nodejs_installed +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" - set_fact: - nodejs_install: True - nodejs_enabled: True +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible -- name: NODEJS - run the 'nodejs' role - include_role: - name: nodejs +- name: Assert that "pbx_install is sameas true" (boolean not string etc) + assert: + that: pbx_install is sameas true + fail_msg: "PLEASE SET 'pbx_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -- name: FAIL (STOP THE INSTALL) IF nodejs_installed is undefined - fail: - msg: "PBX install cannot proceed, as Node.js failed to install." - when: nodejs_installed is undefined - -- name: Fail if nodejs_version is incorrect - fail: - msg: >- - PBX: Refusing to install as nodejs_version is not 10.x. Please fix that - (looking into /etc/iiab/local_vars.yml and - /opt/iiab/iiab/vars/default_vars.yml) and then rerun. - when: pbx_install and (nodejs_version != "10.x") - -#- name: TODO: Check if asterisk and freepbx are already installed - -- debug: # Crazy spacing below is tuned for 80-column screens - msg: >- - ####################################################################WARNING: - ONLY UBUNTU 18.04, DEBIAN 9 & RASPBIAN ARE SUPPORTED AS OF FEB 2019. Please - assist Internet-in-a-Box communities worldwide if you can make - Asterisk and FreePBX work on other OS's / distros, Thank - You! http://FAQ.IIAB.IO ############################################################################### - -- name: Check if freepbx is already installed - stat: - path: /etc/systemd/system/freepbx.service - register: freepbx_installed - -- debug: - msg: >- - FreePBX already installed. Reinstall shall be skipped - when: freepbx_installed.stat.exists - -- name: Install Asterisk (debuntu) - include_tasks: asterisk.yml - when: internet_available and pbx_install and (not pbx_installed) and is_debuntu and (not freepbx_installed.stat.exists) - - #when: internet_available and pbx_install and (not pbx_installed) and ((is_debian and ansible_distribution_major_version == "9") or is_ubuntu_18) - -- name: Install FreePBX (debuntu) - include_tasks: freepbx.yml - when: internet_available and pbx_install and (not pbx_installed) and is_debuntu and (not freepbx_installed.stat.exists) - #when: internet_available and pbx_install and (not pbx_installed) and ((is_debian and ansible_distribution_major_version == "9") or is_ubuntu_18) - -- name: Enable FreePBX (debuntu) - include_tasks: freepbx_enable.yml - when: internet_available and pbx_install and (not pbx_installed) and is_debuntu - #when: internet_available and pbx_install and (not pbx_installed) and ((is_debian and ansible_distribution_major_version == "9") or is_ubuntu_18) - -- name: Asterisk - Install chan_dongle - include: chan_dongle.yml - when: asterisk_chan_dongle | bool +- name: Assert that "pbx_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: pbx_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'pbx_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -# RECORD PBX AS INSTALLED +- name: Install PBX if pbx_installed is not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: pbx_installed is undefined -- name: "Set 'pbx_installed: True'" - set_fact: - pbx_installed: True -- name: "Add 'pbx_installed: True' to {{ iiab_state_file }}" - lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml - regexp: '^pbx_installed' - line: 'pbx_installed: True' +- name: Add 'pbx' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: pbx + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: PBX + - option: description + value: '"Full-featured PBX for rural telephony etc, that can integrate with GSM (mobile phone) networks. Based on Asterisk (Voice over IP, SIP telephone numbers) and FreePBX (web-based GUI to administer it)."' + - option: pbx_install + value: "{{ pbx_install }}" + - option: pbx_enabled + value: "{{ pbx_enabled }}" diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 088fd4e2e..bfc8587d7 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -60,7 +60,7 @@ - name: "Add 'phpmyadmin_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^phpmyadmin_installed' line: 'phpmyadmin_installed: True' diff --git a/roles/postgresql/tasks/install.yml b/roles/postgresql/tasks/install.yml new file mode 100644 index 000000000..eb77dcac9 --- /dev/null +++ b/roles/postgresql/tasks/install.yml @@ -0,0 +1,94 @@ +- name: Install 'postgresql' package + package: + name: postgresql + state: present + +- name: Install 'postgresql-client' package (debuntu) + package: + name: postgresql-client + state: present + when: is_debuntu | bool + +- name: Install 'postgresql-server' package (OS's other than debuntu) + package: + name: postgresql-server + state: present + when: not is_debuntu + +- name: Install /etc/systemd/system/postgresql-iiab.service from template + template: + src: postgresql-iiab.service + dest: /etc/systemd/system/postgresql-iiab.service + # owner: root + # group: root + # mode: '0644' + +- name: Create PostgreSQL data dir /library/pgsql-iiab, owned by postgres:postgres + file: + path: /library/pgsql-iiab + owner: postgres + group: postgres + mode: '0700' + state: directory + +- name: Make sure locale {{ postgresql_locale }} is enabled (debuntu) # en_US.UTF-8 + lineinfile: + dest: /etc/locale.gen + line: "{{ postgresql_locale }} UTF-8" + when: is_debuntu | bool + +- name: Generate locales (debuntu) + command: /usr/sbin/locale-gen + when: is_debuntu | bool + +- name: Initialize the PostgreSQL db, creating /library/pgsql-iiab/pg_hba.conf (debuntu) + #command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab" + command: /usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab + args: + creates: /library/pgsql-iiab/pg_hba.conf + become: yes + become_user: postgres + when: is_debuntu | bool + +- name: Initialize the PostgreSQL db, creating /library/pgsql-iiab/pg_hba.conf (OS's other than debuntu) + #command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab" + command: /usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab + args: + creates: /library/pgsql-iiab/pg_hba.conf + become: yes + become_user: postgres + when: not is_debuntu + +- name: Install /library/pgsql-iiab/postgresql.conf owned by postgres:postgres, from template + template: + backup: yes + src: postgresql.conf.j2 + dest: /library/pgsql-iiab/postgresql.conf + owner: postgres + group: postgres + mode: '0640' + +# Likely No Longer Nec! Given stanza below does the same... +#- name: 'Stop postgresql service: /etc/init.d/postgresql stop (debuntu)' +# command: "/etc/init.d/postgresql stop" +# ignore_errors: True +# when: postgresql_install and is_debuntu + +- name: Disable & Stop stock 'postgresql' systemd service + systemd: + name: postgresql + state: stopped + enabled: no + + +# RECORD PostgreSQL AS INSTALLED + +- name: "Set 'postgresql_installed: True'" + set_fact: + postgresql_installed: True + +- name: "Add 'postgresql_installed: True' to {{ iiab_state_file }}" + lineinfile: + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^postgresql_installed' + line: 'postgresql_installed: True' diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index 50a4bbc3e..ef342c464 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,122 +1,55 @@ -# TO DO: -# - Validate input vars postgresql_install & postgresql_enabled -# - Put ~13 stanzas just below into install.yml -# - Triggered by... 'when: postgresql_installed is undefined' +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: Install 'postgresql' package - package: - name: postgresql - state: present +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible -- name: Install 'postgresql-client' package (debuntu) - package: - name: postgresql-client - state: present - when: is_debuntu | bool +- name: Assert that "postgresql_install is sameas true" (boolean not string etc) + assert: + that: postgresql_install is sameas true + fail_msg: "PLEASE SET 'postgresql_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -- name: Install 'postgresql-server' package (OS's other than debuntu) - package: - name: postgresql-server - state: present - when: not is_debuntu +- name: Assert that "postgresql_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: postgresql_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'postgresql_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -- name: Install /etc/systemd/system/postgresql-iiab.service from template - template: - src: postgresql-iiab.service - dest: /etc/systemd/system/postgresql-iiab.service - # owner: root - # group: root - # mode: '0644' - -- name: Create PostgreSQL data dir /library/pgsql-iiab, owned by postgres:postgres - file: - path: /library/pgsql-iiab - owner: postgres - group: postgres - mode: '0700' - state: directory - -- name: Make sure locale {{ postgresql_locale }} is enabled (debuntu) # en_US.UTF-8 - lineinfile: - dest: /etc/locale.gen - line: "{{ postgresql_locale }} UTF-8" - when: is_debuntu | bool - -- name: Generate locales (debuntu) - command: /usr/sbin/locale-gen - when: is_debuntu | bool - -- name: Initialize the PostgreSQL db, creating /library/pgsql-iiab/pg_hba.conf (debuntu) - #command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab" - command: /usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab - args: - creates: /library/pgsql-iiab/pg_hba.conf - become: yes - become_user: postgres - when: is_debuntu | bool - -- name: Initialize the PostgreSQL db, creating /library/pgsql-iiab/pg_hba.conf (OS's other than debuntu) - #command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab" - command: /usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab - args: - creates: /library/pgsql-iiab/pg_hba.conf - become: yes - become_user: postgres - when: not is_debuntu - -- name: Install /library/pgsql-iiab/postgresql.conf owned by postgres:postgres, from template - template: - backup: yes - src: postgresql.conf.j2 - dest: /library/pgsql-iiab/postgresql.conf - owner: postgres - group: postgres - mode: '0640' - -# Likely No Longer Nec! Given stanza below does the same... -#- name: 'Stop postgresql service: /etc/init.d/postgresql stop (debuntu)' -# command: "/etc/init.d/postgresql stop" -# ignore_errors: True -# when: postgresql_install and is_debuntu - -- name: Disable & Stop stock 'postgresql' systemd service - systemd: - name: postgresql - state: stopped - enabled: no +- debug: + var: postgresql_install +- debug: + var: postgresql_enabled +- debug: + var: postgresql_installed -# RECORD PostgreSQL AS INSTALLED - -- name: "Set 'postgresql_installed: True'" - set_fact: - postgresql_installed: True - -- name: "Add 'postgresql_installed: True' to {{ iiab_state_file }}" - lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml - regexp: '^postgresql_installed' - line: 'postgresql_installed: True' +- name: Install PostgreSQL if 'postgresql_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: postgresql_installed is undefined -- name: Enable & Start 'postgresql-iiab' systemd service, if 'postgresql_enabled' +- name: Enable & Start 'postgresql-iiab' systemd service, if postgresql_enabled systemd: name: postgresql-iiab - state: started + daemon_reload: yes enabled: yes + state: started when: postgresql_enabled | bool -- name: Disable 'postgresql-iiab' systemd service, if not 'postgresql_enabled' +- name: Disable & Stop 'postgresql-iiab' systemd service, if not postgresql_enabled systemd: name: postgresql-iiab - state: stopped enabled: no + state: stopped when: not postgresql_enabled - name: Add 'postgresql' variable values to {{ iiab_ini_file }} ini_file: - path: "{{ iiab_ini_file }}" + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab_state.yml section: postgresql option: "{{ item.option }}" value: "{{ item.value | string }}" diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index 17e80938f..613db11e2 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -36,7 +36,7 @@ - name: "Add 'samba_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^samba_installed' line: 'samba_installed: True' diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index ac96f0208..67c8b1478 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -40,7 +40,7 @@ - name: "Add 'sshd_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^sshd_installed' line: 'sshd_installed: True' diff --git a/roles/sugarizer/tasks/apache.yml b/roles/sugarizer/tasks/apache.yml index cab445322..e1bb4ef1f 100644 --- a/roles/sugarizer/tasks/apache.yml +++ b/roles/sugarizer/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite sugarizer.conf when: not sugarizer_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index 90e6ad1fb..267136ab8 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -1,64 +1,32 @@ -# 0. ATTEMPT INSTALL-THEN-ASSERT OF (1) HARD PREREQ Node.js (2) SOFT PREREQ MongoDB +# 0. INSTALL/ASSERT PREREQ #1: MongoDB -- debug: - var: nodejs_install -- debug: - var: nodejs_enabled -- debug: - var: nodejs_installed +# 3 stanzas moved up to main.yml, so Debian finishes "BIG-sized" IIAB install +# (WITH LOUD RED WARNINGS!) -- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + +# 1. INSTALL/ASSERT PREREQ #2: Node.js + +- name: Set 'nodejs_install: True' and 'nodejs_enabled: True' set_fact: nodejs_install: True nodejs_enabled: True -- name: NODEJS - run the 'nodejs' role +- name: NODEJS - run 'nodejs' role (attempt to install & enable Node.js) include_role: name: nodejs -- name: FAIL (STOP THE INSTALL) IF nodejs_installed is undefined +- name: FAIL (STOP THE INSTALL) IF 'nodejs_installed is undefined' fail: - msg: "Sugarizer install cannot proceed, as Node.js failed to install." + msg: "PBX install cannot proceed, as Node.js is not installed." when: nodejs_installed is undefined -- name: FAIL (STOP THE INSTALL) IF nodejs_version != "12.x" +- name: FAIL (STOP THE INSTALL) IF 'nodejs_version != "12.x"' fail: - msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, and your nodejs_version appears to be {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc!" + msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, whereas nodejs_version is set to {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc." when: nodejs_version != "12.x" -- debug: - var: mongodb_install -- debug: - var: mongodb_enabled -- debug: - var: mongodb_installed - -- name: "Set 'mongodb_install: True' and 'mongodb_enabled: True'" - set_fact: - mongodb_install: True - mongodb_enabled: True - -- name: MONGODB - run the 'mongodb' role - include_role: - name: mongodb - -# 2020-01-29: FOR NOW LET'S TRY A VERY SOFT (BEST EFFORT) PREREQ, AS Sugarizer -# TRADITIONALLY CAN WORK (?) EVEN WITHOUT MongoDB. IF LATER WE INSTEAD WANT TO -# ENFORCE MongoDB...AS A MEDIUM-STRENGTH PREREQ...OR AS A HARD (STRICT) PREREQ -# ...THEN UNCOMMENT EITHER BELOW: -# -#- name: EXIT SUGARIZER PLAYBOOK (BUT CONTINUE INSTALLING IIAB) IF mongodb_installed is undefined -# meta: end_play -# when: mongodb_installed is undefined -# -#- name: FAIL (STOP THE INSTALL) IF mongodb_installed is undefined -# fail: -# msg: "Sugarizer install cannot proceed, as MongoDB failed to install." -# when: mongodb_installed is undefined - - -# 1. DOWNLOAD+LINK /opt/iiab/sugarizer +# 2. DOWNLOAD+LINK /opt/iiab/sugarizer - name: Clone llaske/sugarizer ({{ sugarizer_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_dir_version }} (MAY DOWNLOAD 600+ MB) git: @@ -76,7 +44,7 @@ state: link -# 2. DOWNLOAD+LINK /opt/iiab/sugarizer-server +# 3. DOWNLOAD+LINK /opt/iiab/sugarizer-server # 2018-07-11: http://download.iiab.io/packages/sugarizer-server-1.0.tar.gz # was flawed, as documented at: @@ -109,13 +77,7 @@ state: link -# 3. INSTALL A GOOD VERSION OF Node.js AND npm - -# 2019-01-16/29: @jvonau's PR #1403 moved install of Node.js (10.x for now) & -# npm to roles/nodejs/tasks/main.yml, triggered by roles/sugarizer/meta/main.yml - - -# 4. RUN "npm install" TO POPULATE ~35MB /opt/iiab/sugarizer-server/node_modules +# 4. RUN "npm install" TO POPULATE ~35MB /opt/iiab/sugarizer-server/node_modules (TWICE, BIG JOB THEN SMALL JOB) # Re-running "npm install" USED TO fail on Raspbian 9 if not other OS's ? # Strategies considered to avoid re-running it: @@ -278,6 +240,6 @@ - name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^sugarizer_installed' line: 'sugarizer_installed: True' diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 4d394c56c..3e21e93c3 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -19,52 +19,35 @@ quiet: yes -- name: Install Sugarizer if 'sugarizer_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml - include_tasks: install.yml - when: sugarizer_installed is undefined +# 3 stanzas moved up from install.yml, so Debian finishes "BIG" IIAB install: +# (WITH LOUD RED WARNINGS!) +- name: "Set 'mongodb_install: True' and 'mongodb_enabled: True'" + set_fact: + mongodb_install: True + mongodb_enabled: True -# Auto-starts mongodb via the requires= line in unit file -- name: Enable & Restart 'sugarizer' systemd service, if sugarizer_enabled - systemd: - name: sugarizer - daemon_reload: yes # in case mongodb.service changed, etc - enabled: yes - state: restarted - when: sugarizer_enabled | bool +- name: MONGODB - run 'mongodb' role (attempt to install & enable MongoDB) + include_role: + name: mongodb -# Stops sugarizer but not mongodb -- name: Disable & Stop 'sugarizer' systemd service, if not sugarizer_enabled - systemd: - name: sugarizer - enabled: no - state: stopped - when: not sugarizer_enabled +- name: EXIT 'sugarizer' ROLE & CONTINUE, IF 'mongodb_installed is undefined' + fail: # FORCE IT RED THIS ONCE! + msg: MongoDB INSTALLATION FAILED, likely because your OS is Debian. Nevertheless IIAB will continue (consider this a warning!) + when: mongodb_installed is undefined + ignore_errors: yes -# Stops mongodb (in the past this would've been called via meta/main.yml) -- name: Run mongodb/tasks/enable.yml to stop MongoDB, if not sugarizer_enabled - include_tasks: roles/mongodb/tasks/enable.yml - when: not sugarizer_enabled +# ELSE... -- name: Enable/Disable/Restart Apache if primary - include_tasks: apache.yml - when: not nginx_enabled +- name: Install/Enable/Disable/Record Sugarizer (main2.yml) IF 'mongodb_installed is defined' + include_tasks: main2.yml + when: mongodb_installed is defined -- name: Enable/Disable/Restart NGINX if primary - include_tasks: nginx.yml - when: nginx_enabled | bool +# THE block: APPROACH BELOW WORKS JUST LIKE main2.yml ABOVE. +# BUT IT VISUALLY POLLUTES: MANY BLUE "skipping:" MESSAGES IN ANSIBLE'S OUTPUT. - -- name: Add 'sugarizer' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini - section: sugarizer - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Sugarizer - - option: description - value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' - - option: sugarizer_enabled - value: "{{ sugarizer_enabled }}" +# - block: # ENTIRE BLOCK CONDITIONED ON 'when: mongodb_installed is defined' +# +# [MOVED TO main2.yml] +# +# when: mongodb_installed is defined # CONDITION FOR ENTIRE ABOVE block: diff --git a/roles/sugarizer/tasks/main2.yml b/roles/sugarizer/tasks/main2.yml new file mode 100644 index 000000000..624fce191 --- /dev/null +++ b/roles/sugarizer/tasks/main2.yml @@ -0,0 +1,64 @@ +- name: Install Sugarizer if 'sugarizer_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: sugarizer_installed is undefined + +- block: # 2 STANZAS BELOW, CONDITIONED ON 'when: sugarizer_enabled | bool' + + # sugarizer.service line 'Requires=mongodb.service' auto-starts MongoDB (but record that in var too) + - name: "Set 'mongodb_enabled: True' if sugarizer_enabled" + set_fact: + mongodb_enabled: True + + - name: Enable & Restart 'sugarizer' systemd service, if sugarizer_enabled + systemd: + name: sugarizer + daemon_reload: yes # In case mongodb.service changed, etc + enabled: yes + state: restarted + + when: sugarizer_enabled | bool # CONDITION FOR 2-STANZA block: ABOVE + +- block: # 3 STANZAS BELOW, CONDITIONED ON 'when: not sugarizer_enabled' + + # Stops 'sugarizer' but not 'mongodb' + - name: Disable & Stop 'sugarizer' systemd service, if not sugarizer_enabled + systemd: + name: sugarizer + enabled: no + state: stopped + + # Disable & Stop 'mongodb' via 2 stanzas below + # (meta/main.yml did this in the past) + + - name: "Set 'mongodb_enabled: False' if not sugarizer_enabled" + set_fact: + mongodb_enabled: False + + - name: MONGODB - run 'mongodb' role, to Disable & Stop MongoDB, if not sugarizer_enabled + include_role: + name: mongodb + + when: not sugarizer_enabled # CONDITION FOR 3-STANZA block: ABOVE + +- name: Enable/Disable/Restart Apache if primary + include_tasks: apache.yml + when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'sugarizer' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: sugarizer + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Sugarizer + - option: description + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' + - option: sugarizer_enabled + value: "{{ sugarizer_enabled }}" diff --git a/roles/transmission/tasks/main.yml b/roles/transmission/tasks/main.yml index 340f3d95b..2abc6efe5 100644 --- a/roles/transmission/tasks/main.yml +++ b/roles/transmission/tasks/main.yml @@ -36,7 +36,7 @@ - name: "Add 'transmission_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^transmission_installed' line: 'transmission_installed: True' diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 82ecc6724..ff6a179c1 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -44,7 +44,7 @@ - name: "Add 'usb_lib_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^usb_lib_installed' line: 'usb_lib_installed: True' diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index ad33cc15e..f1c793fe0 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -27,7 +27,7 @@ - name: "Add 'vnstat_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^vnstat_installed' line: 'vnstat_installed: True' diff --git a/roles/wordpress/tasks/apache.yml b/roles/wordpress/tasks/apache.yml index 7b76d43a7..9fe8d4025 100644 --- a/roles/wordpress/tasks/apache.yml +++ b/roles/wordpress/tasks/apache.yml @@ -6,7 +6,7 @@ command: a2dissite wordpress.conf when: not wordpress_enabled -- name: Restart '{{ apache_service }}' systemd service +- name: (Re)Start '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 29a8bc216..5580e9696 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -100,6 +100,6 @@ - name: "Add 'wordpress_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^wordpress_installed' line: 'wordpress_installed: True' diff --git a/roles/yarn/tasks/main.yml b/roles/yarn/tasks/main.yml index 533a5315a..178f8e429 100644 --- a/roles/yarn/tasks/main.yml +++ b/roles/yarn/tasks/main.yml @@ -36,6 +36,6 @@ - name: "Add 'yarn_installed: True' to {{ iiab_state_file }}" lineinfile: - dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^yarn_installed' line: 'yarn_installed: True'