cleanup

roles/0-init/tasks/computed_vars.yml

@@ -1,221 +0,0 @@
-- name: re-read local_facts.facts from /etc/ansible/facts.d
-  setup: filter=ansible_local
-
-# set top level variables from local facts for convenience
-- set_fact:
-      xo_model: '{{ ansible_local.local_facts.xo_model }}'
-      phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}'
-      iiab_stage: '{{ ansible_local.local_facts.stage }}'
-
-# Networking uses a different file for the rpi
-- name: Discover if this is a rpi -- assume if so it is running raspbian
-  set_fact:
-      rpi_model: "rpi"
-      is_rpi: True
-      no_net_restart: True
-  when: ansible_local.local_facts.os == "raspbian"
-
-- name: Set exFAT enabled for XO laptops
-  set_fact:
-     exFAT_enabled: True
-  when: xo_model != "none"
-
-- name: set FQDN
-  set_fact:
-      iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
-      FQDN_changed: False
-
-- name: FQDN changed
-  set_fact:
-      FQDN_changed: True
-  when: iiab_fqdn != ansible_fqdn
-
-- name: Now check FQDN
-  include_tasks: roles/2-common/tasks/hostname.yml
-  when: FQDN_changed
-
-# Discover  do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
-- name: Finding gateway
-  set_fact:
-      discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
-      iiab_wan_iface: "{{ discovered_wan_iface }}"
-  when: ansible_default_ipv4.gateway is defined
-
-- name: Verify gateway present
-  shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l
-  when: discovered_wan_iface != "none"
-  register: gw_active_test
-
-- name: Recording gateway response
-  set_fact:
-      gw_active: True
-  when: discovered_wan_iface != "none" and gw_active_test.stdout == "1"
-
-- name: Test for internet access
-  get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
-  ignore_errors: True
-#  async: 10
-#  poll: 2
-  register: internet_access_test
-
-- name: Set internet_available true if wget succeeded
-  set_fact:
-      internet_available: True
-  when: not internet_access_test|failed and not disregard_network
-
-- name: Cleanup internet test file
-  file: path=/tmp/heart-beat.txt
-        state=absent
-
-# Put all computed vars here so derive properly from any prior var file
-- name: If the TZ is not set in env, set it to UTC
-  set_fact: local_tz='UTC'
-  when: local_tz == ""
-
-- name: Set port 80 for Admin Console
-  set_fact:
-    gui_port: 80
-  when: not adm_cons_force_ssl
-
-- name: Set port 443 for Admin Console
-  set_fact:
-    gui_port: 443
-  when: adm_cons_force_ssl
-
-- name: Require MySQL to be on
-  set_fact:
-    mysql_install: True
-    mysql_enabled: True
-
-# we decided to enable mysql unconditionally
-#  when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install
-
-# Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427
-# - name: Turn on mongodb if sugarizer enabled
-#   set_fact:
-#     mongodb_install: True
-#     mongodb_enabled: True
-#   when: sugarizer_enabled
-
-# There might be other db's
-- name: Turn on PostgreSQL if Moodle or Pathagar enabled
-  set_fact:
-    postgresql_install: True
-    postgresql_enabled: True
-  when: moodle_enabled or pathagar_enabled
-
-- name: Turn on Docker if SchoolTool is to be installed
-  set_fact:
-    docker_install: True
-    docker_enabled: True
-  when: schooltool_enabled or schooltool_install
-
-- name: Set python_path for is_redhat
-  set_fact:
-    python_path: /usr/lib/python2.7/site-packages/
-  when: is_redhat
-
-- name: Set python_path for is_debuntu
-  set_fact:
-    python_path: /usr/local/lib/python2.7/dist-packages/
-  when: is_debuntu
-
-# for various reasons the mysql service can not be enabled on fedora 20,
-# but 'mariadb', which is its real name can
-# on fedora 18 we need to use 'mysqld'
-
-- name: Set mysqld_service to mariadb by default
-  set_fact:
-    mysql_service: mariadb
-
-- name: Set mysqld_service to mysqld for Fedora 18
-  set_fact:
-    mysql_service: mysqld
-    no_NM_reload: True
-    is_F18: True
-  when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
-
-- name: Set mysql_service to mysql for Debian
-  set_fact:
-    mysql_service: mysql
-  when: is_debuntu
-
-# PLATFORM variables
-- name: Fedora 20
-  set_fact:
-    is_F20: True
-  when: ansible_distribution == "Fedora" and ansible_distribution_version == "20"
-
-- name: Fedora 21
-  set_fact:
-    is_F21: True
-  when: ansible_distribution == "Fedora" and ansible_distribution_version == "21"
-
-- name: Fedora 22
-  set_fact:
-    is_F22: True
-  when: ansible_distribution == "Fedora" and ansible_distribution_version == "22"
-
-- name: Fedora 23
-  set_fact:
-    is_F23: True
-  when: ansible_distribution == "Fedora" and ansible_distribution_version == "23"
-
-- name: Fedora 24
-  set_fact:
-    is_F24: True
-  when: ansible_distribution == "Fedora" and ansible_distribution_version == "24"
-
-- name: CentOS
-  set_fact:
-    is_CentOS: True
-  when: ansible_distribution == "CentOS"
-
-- name: add version section
-  ini_file: dest='{{ iiab_config_file }}'
-            section=runtime
-            option='{{ item.option }}'
-            value='{{ item.value }}'
-  with_items:
-    - option: 'iiab_stage'
-      value: '{{ iiab_stage }}'
-    - option: 'runtime_php'
-      value: '{{ phplib_dir }}'
-    - option: 'runtime_branch'
-      value: '{{ ansible_local.local_facts.iiab_branch }}'
-    - option: 'runtime_commit'
-      value: '{{ ansible_local.local_facts.iiab_commit }}'
-    - option: 'runtime_date'
-      value: '{{ ansible_date_time.iso8601 }}'
-    - option: 'ansible_version'
-      value: '{{ ansible_local.local_facts.ansible_version }}'
-    - option: 'kernel'
-      value: '{{ ansible_kernel }}'
-    - option: 'memory_mb'
-      value: '{{ ansible_memtotal_mb }}'
-    - option: 'swap_mb'
-      value: '{{ ansible_swaptotal_mb }}'
-    - option: 'product_id'
-      value: '{{ ansible_product_uuid }}'
-    - option: 'gw_active'
-      value:  '{{ gw_active }}'
-    - option: 'internet_available'
-      value:  '{{ internet_available }}'
-    - option: 'is_rpi'
-      value:  '{{ is_rpi }}'
-    - option: 'first_run'
-      value:  '{{ first_run }}'
-    - option: 'local_tz'
-      value:  '{{ local_tz }}'
-    - option: 'FQDN_changed'
-      value:  '{{ FQDN_changed }}'
-
-- name: STAGE 0 HAS COMPLETED ======================================
-  ini_file: dest='{{ iiab_config_file }}'
-            section=runtime
-            option='{{ item.option }}'
-            value='{{ item.value }}'
-  with_items:
-    - option: 'is_VM'
-      value:  'yes'
-  when: is_VM is defined

roles/0-init/tasks/first_run.yml

@@ -0,0 +1,6 @@
+- name: Write iiab_ini.yml for the first time
+  include_tasks: iiab_ini.yml
+
+- name: Create the directory structure for IIAB
+  include_tasks: fl.yml
+

roles/0-init/tasks/fl.yml

@@ -0,0 +1,27 @@
+- name: Create various library directories
+  file: path={{ item }}
+        owner=root
+        group=root
+        mode=0755
+        state=directory
+  with_items:
+    - "{{ yum_packages_dir }}"
+    - "{{ pip_packages_dir }}"
+    - "{{ downloads_dir }}"
+    - /library/downloads/zims
+    - /library/downloads/rachel
+    - /library/working/zims
+    - /library/working/rachel
+    - "{{ iiab_zim_path }}/content"
+    - "{{ iiab_zim_path }}/index"
+    - "{{ doc_root }}/modules"
+    - "{{ doc_root }}/common/css"
+    - "{{ doc_root }}/common/js"
+    - "{{ doc_root }}/common/fonts"
+    - "{{ doc_root }}/common/html"
+    - "{{ doc_root }}/common/images"
+    - "{{ doc_root }}/common/assets"
+    - "{{ doc_root }}/common/services"
+    - /etc/sysconfig/olpc-scripts/
+    - /etc/sysconfig/olpc-scripts/setup.d/installed/
+

roles/0-init/tasks/main.yml

@@ -12,7 +12,7 @@
 # we need to inialize the ini file and only write the location and version sections once and only
 # once to preserve the install date and git hash.
 - name: Write iiab_ini.yml for the first time
-  include_tasks: roles/1-prep/tasks/iiab_ini.yml
+  include_tasks: first_run.yml
   when: first_run
 
 #- name: Loading computed_vars

roles/1-prep/tasks/iiab_ini.yml

@@ -1,34 +0,0 @@
-# workaround for fact that auto create does not work on ini_file
-- name: Create iiab config file
-  file: dest='{{ iiab_config_file }}'
-        state=touch
-
-- name: Add location section to config file
-  ini_file: dest='{{ iiab_config_file }}'
-            section=location
-            option='{{ item.option }}'
-            value='{{ item.value }}'
-  with_items:
-    - option: 'iiab_base'
-      value: '{{ iiab_base }}'
-    - option: 'iiab_dir'
-      value: '{{ iiab_dir }}'
-
-- name: add version section
-  ini_file: dest='{{ iiab_config_file }}'
-            section=version
-            option='{{ item.option }}'
-            value='{{ item.value }}'
-  with_items:
-    - option: 'distribution'
-      value: '{{ ansible_distribution }}'
-    - option: 'arch'
-      value: '{{ ansible_architecture }}'
-    - option: 'iiab_branch'
-      value: '{{ ansible_local.local_facts.iiab_branch }}'
-    - option: 'iiab_commit'
-      value: '{{ ansible_local.local_facts.iiab_commit }}'
-    - option: 'install_date'
-      value: '{{ ansible_date_time.iso8601 }}'
-    - option: 'install_xo'
-      value: '{{ xo_model }}'

roles/1-prep/tasks/main.yml

@@ -63,8 +63,6 @@
   when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
 
 ##  DISCOVER PLATFORMS ######
-- include_tasks: prep.yml
-
 # Put conditional actions for hardware platforms here
 - include_tasks: raspberry_pi_2.yml
   when: first_run and rpi_model != "none"

roles/1-prep/tasks/prep.yml

@@ -1,48 +0,0 @@
-- name: Since f22, dnf has replaced yum, but ansible works with yum
-  command: dnf install -y yum
-  when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
-
-- name: Install iiab-extra repos
-  template: backup=yes
-            dest=/etc/yum.repos.d/iiab-extra.repo
-            src=iiab-extra.repo
-            owner=root
-            mode=0666
-  when: is_redhat
-
-- name: Install iiab-testing repos
-  template: backup=yes
-            dest=/etc/yum.repos.d/iiab-testing.repo
-            src=iiab-testing.repo
-            owner=root
-            mode=0666
-  when: is_redhat
-
-- name: Install rpmfusion-free-updates repo -- for exfat
-  template: dest=/etc/yum.repos.d/rpmfusion-free-updates.repo
-            src=rpmfusion-free-updates.repo
-            owner=root
-            mode=0666
-  when:     ansible_distribution == "Fedora"
-
-- name: Create /etc/iiab
-  file: path=/etc/iiab
-        owner=root
-        group=root
-        mode=0755
-        state=directory
-
-- name: Set XO model
-  set_fact:
-    phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}'
-    xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}'
-
-- name: Install script to fully initialize network config, and/or collect data
-# calling iiab-network-reset w/ snapshot name, stores info, but aborts reset
-# intended as a convenience function for us
-  template: src=iiab-network-reset
-            dest=/usr/bin
-            owner=root
-            group=root
-            mode=0755
-

roles/2-common/tasks/centos.yml

@@ -7,12 +7,6 @@
             option=keepcache
             value=1
 
-- name: Install epel-release for CentOS
-  package: name={{ item }}
-           state=present
-  with_items:
-   - epel-release
-
 - name: Install IIAB repo for CentOS
   template: src={{ item }} dest=/etc/yum.repos.d/ owner=root group=root mode=0644
   with_items:
@@ -20,11 +14,6 @@
    - li.nux.ro.repo
    - ansible.repo
 
-#- name: Disable updating ansible on CentOS
-#  shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
-#  with_items:
-#    - /etc/yum.repos.d/CentOS-Base.repo
-#    - /etc/yum.repos.d/CentOS-CR.repo
-#    - /etc/yum.repos.d/CentOS-fasttrack.repo
-#    - /etc/yum.repos.d/CentOS-Vault.repo
-#  when: ansible_distribution == "CentOS"
+- name: Install optional exFAT packages for CentOS
+  shell: yum --enablerepo=li-nux-ro install exfat-utils fuse-exfat
+  when: exFAT_enabled == "True"

roles/2-common/tasks/fedora.yml

@@ -4,20 +4,31 @@
             option=keepcache
             value=1
 
+- name: Install rpmfusion-free-updates repo -- for exfat
+  template: dest=/etc/yum.repos.d/rpmfusion-free-updates.repo
+            src=rpmfusion-free-updates.repo
+            owner=root
+            group=root
+            mode=0666
+
+- name: Install optional exFAT packages for Fedora
+  shell: yum --enablerepo=rpmfusion-free-updates install exfat-utils fuse-exfat
+  when: exFAT_enabled and is_F18
+
+- name: Install yum deps for arm!!!
+  shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser
+  when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
+
+- name: Install yum from Fedora 23 for arm!!!
+  shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf
+  when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
+
+- name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!!
+  shell: dnf install -y yum
+  when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l"
+
 - name: Install Fedora specifc packages
   package: name={{ item }}
            state=present
   with_items:
    - mtd-utils
-
-- name: Install optional exFAT packages for Fedora
-  shell: yum --enablerepo=rpmfusion-free-updates install exfat-utils fuse-exfat
-  when: exFAT_enabled == "True"
-
-#- name: Disable updating ansible on Fedora
-#  shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
-#  with_items:
-#    - /etc/yum.repos.d/fedora.repo
-#    - /etc/yum.repos.d/fedora-updates.repo
-#    - /etc/yum.repos.d/fedora-updates-testing.repo
-#  when: ansible_distribution == "Fedora"

roles/2-common/tasks/fl.yml

@@ -1,68 +0,0 @@
-- name: Create /opt/iiab/iiab
-  file: path={{ iiab_dir }}
-        owner=root
-        group=root
-        mode=0755
-        state=directory
-
-- name: Create /opt/iiab/yum-packages
-  file: path={{ yum_packages_dir }}
-        owner=root
-        group=root
-        mode=0755
-        state=directory
-
-- name: Create /opt/iiab/pip-packages
-  file: path={{ pip_packages_dir }}
-        owner=root
-        group=root
-        mode=0755
-        state=directory
-
-- name: Create /opt/iiab/downloads
-  file: path={{ downloads_dir }}
-        owner=root
-        group=root
-        mode=0755
-        state=directory
-
-- name: Create various library directories
-  file: path={{ item }}
-        owner=root
-        group=root
-        mode=0755
-        state=directory
-  with_items:
-    - /library/downloads/zims
-    - /library/downloads/rachel
-    - /library/working/zims
-    - /library/working/rachel
-    - "{{ iiab_zim_path }}/content"
-    - "{{ iiab_zim_path }}/index"
-    - "{{ doc_root }}/modules"
-
-- name: Create directory for common packages
-  file: path={{ item }}
-        mode=0755
-        owner=root
-        group=root
-        state=directory
-  with_items:
-    - "{{ doc_root }}/common/css"
-    - "{{ doc_root }}/common/js"
-    - "{{ doc_root }}/common/fonts"
-    - "{{ doc_root }}/common/html"
-    - "{{ doc_root }}/common/images"
-    - "{{ doc_root }}/common/assets"
-    - "{{ doc_root }}/common/services"
-
-- name: Create olpc-scripts directory
-  file: path={{ item }}
-        owner=root
-        group=root
-        mode=0755
-        state=directory
-  with_items:
-    - /etc/sysconfig/olpc-scripts/
-    - /etc/sysconfig/olpc-scripts/setup.d/installed/
-

roles/2-common/tasks/hostname.yml

@@ -1,7 +1,3 @@
-- name: Create filesytem layout
-  include_tasks: roles/2-common/tasks/fl.yml
-  when: first_run
-
 - name: Turn the crank for systemd
   shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}"
   when: is_debuntu

roles/2-common/tasks/main.yml

@@ -3,25 +3,23 @@
 - name: ...IS BEGINNING ==========================================
   command: echo
 
-#- include_tasks: iiab_ini.yml
-
-# create the directory structure for IIAB
-#- include_tasks: fl.yml
-
-- include_tasks: xo.yml
-  when: xo_model != "none" or osbuilder is defined
-
-- include_tasks: roles/network/tasks/iptables.yml
-
 - include_tasks: centos.yml
   when: ansible_distribution == "CentOS"
 
 - include_tasks: fedora.yml
   when: ansible_distribution == "Fedora"
 
+- include_tasks: prep.yml
+  when: not is_debuntu
+
+- include_tasks: xo.yml
+  when: xo_model != "none" or osbuilder is defined
+
 # the following installs common packages for both debian and fedora
 - include_tasks: packages.yml
 
+- include_tasks: roles/network/tasks/iptables.yml
+
 - sysctl: name=net.ipv4.ip_forward value=1 state=present
 - sysctl: name=net.ipv4.conf.default.rp_filter value=1 state=present
 - sysctl: name=net.ipv4.conf.default.accept_source_route value=0 state=present

roles/2-common/tasks/packages.yml

@@ -1,31 +1,3 @@
-- name: Install yum deps for arm!!!
-  shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser
-  when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
-
-- name: Install yum from Fedora 23 for arm!!!
-  shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf
-  when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
-
-- name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!!
-  shell: dnf install -y yum
-  when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l"
-
-- name: Get the createrepo program (redhat)
-  package: name=createrepo
-           state=present
-  when: is_redhat
-
-- name: Create local repo (redhat)
-  shell: createrepo {{ yum_packages_dir }}
-  when: is_redhat
-
-- name: Install local repo file (redhat)
-  template: dest=/etc/yum.repos.d/iiab-local.repo
-            src=local.repo
-            owner=root
-            mode=0644
-  when: is_redhat
-
 - name: Install yum packages (redhat)
   package: name={{ item }}
            state=present
@@ -107,15 +79,18 @@
    - python-setuptools
    - python-virtualenv
 
-- name: Update common packages (redhat)
-  package: name={{ item }}
-           state=latest
-  with_items:
-   - NetworkManager
-   - glibc # CVE-2015-7547
-   - bash
-   - iptables
-  when: is_redhat
+# instructions state to start with a fully updated system before starting, stop using
+# ansible as a crutch for developers not following the directions and taking short-cuts
+
+#- name: Update common packages (not Debian)
+#  package: name={{ item }}
+#           state=latest
+#  with_items:
+#   - NetworkManager
+#   - glibc # CVE-2015-7547
+#   - bash
+#   - iptables
+#  when: is_redhat
 
 - name: Update common packages (debuntu)
   package: name={{ item }}
@@ -128,16 +103,9 @@
    - exfat-utils
   when: is_debuntu
 
-# instructions state to start with a fully updated system before starting, stop using
-# ansible as a crutch for developers not following the directions and taking short-cuts
-
 #- name: If version of Network manager has changed, subsequent nmcli commands will fail,restart now
 #  service: name=NetworkManager
 #           state=restarted
 #  when: not installing
 # the above should use a handler - all reboots should wait until all
 # mods are preformed
-
-- name: Install optional exFAT packages for CentOS
-  shell: yum --enablerepo=li-nux-ro install exfat-utils fuse-exfat
-  when: exFAT_enabled == "True" and ansible_distribution == "CentOS"

roles/2-common/tasks/prep.yml

@@ -0,0 +1,29 @@
+- name: Install iiab-extra repos
+  template: backup=no
+            dest=/etc/yum.repos.d/iiab-extra.repo
+            src=iiab-extra.repo
+            owner=root
+            group=root
+            mode=0666
+
+- name: Install iiab-testing repos
+  template: backup=no
+            dest=/etc/yum.repos.d/iiab-testing.repo
+            src=iiab-testing.repo
+            owner=root
+            group=root
+            mode=0666
+
+- name: Get the createrepo program
+  package: name=createrepo
+           state=present
+
+- name: Install local repo file
+  template: dest=/etc/yum.repos.d/iiab-local.repo
+            src=local.repo
+            owner=root
+            group=root
+            mode=0644
+
+- name: Create local repo
+  shell: createrepo {{ yum_packages_dir }}