Merge branch 'master' into bug-324

2025-03-09 15:40:17 +00:00 · 2017-11-09 06:00:03 -05:00 · 2017-11-09 06:00:03 -05:00 · 0c5782c919
commit 0c5782c919
parent b6bec94830 43ce5228a1
214 changed files with 3132 additions and 2051 deletions
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@ -0,0 +1,5 @@
 ### Expected behavior and actual behavior.
 ### Steps to reproduce the problem.
 ### Specifications like the version of the IIAB, operating system version, or hardware details.
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -0,0 +1,7 @@
 ### Fixes Bug
 ### Description of changes proposed in this pull request.
 ### Smoke-tested in operating system.
 ### Mention a team member for further information or comment using @ name
--- a/.gitignore
+++ b/.gitignore
@ -1,4 +1,7 @@
 xs-config.spec
 build
 deprecated
-.patches
+.ansible
 *.patches
 *.log 
 *.retry
--- a/.travis.yml
+++ b/.travis.yml
@ -0,0 +1,42 @@
 ---
 language: python
 python: "2.7"
 # Use the new container infrastructure
 sudo: false
 # Install ansible
 addons:
  apt:
    packages:
    - python-pip
 install:
  # Install ansible, ansible-lint and ansible-review
  - pip install ansible
  - pip install ansible-review
  # Check ansible,  version
  - ansible --version
  - ansible-lint --version
  - ansible-review --version
  # Create ansible.cfg with correct roles_path
  - printf '[defaults]\nroles_path=../' >ansible.cfg
 script:
  # Continuous integration: syntax check
  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check -vvv
  # Continous integration: ansible-list
  - ansible-lint -p *yml
  #  Continous integration: ansible code review
  - git ls-files *yml roles/ vars/ tests/  | xargs ansible-review
  # Continouse integration: ansible code review of changes between master and current branch
  - git diff master | ansible-review
 #notifications:
 #  webhooks:
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -0,0 +1,143 @@
 Contributing to Internet-in-a-Box (IIAB)
 =======================================
 Internet-in-a-Box runs on various GNU/Linux operating systems such as Fedora, Ubuntu, Debian, CentOS and Raspbian.
 You can install Internet-in-a-Box on most late model desktop and laptop computers. It also supports Intel NUC, Intel Gigabyte BRIX, OLPC XO-1.5, XO-1.75, XO-4, Raspberry Pi 2 and Raspberry Pi 3. A VirtualBox VM can also used for testing purposes. Using Docker containers however is not recommended as our Ansible provisioning system requires low-level access to the operating system.
 Please refer to [IIAB Platforms](https://github.com/iiab/iiab/wiki/IIAB-Platforms) for more information.
 Internet-in-a-Box uses [Ansible](https://www.ansible.com/) infrastructure automation tool to deploy and configure all software packages. Ansible uses [playbooks](http://docs.ansible.com/ansible/latest/playbooks.html) a human readable instruction files in YAML format. Playbooks are divided into hosts, roles and tasks.
 ```
 ├── roles
 │   ├── 1-prep
 │   │   ├─ defaults
 |   |   |    ├──main.yml (lowest precedence variable definitions, overridden by <repo_root>/vars/default_vars.yml, overridden by ./vars/local_vars.yml.
 │   │   ├── README.rst
 │   │   ├── tasks
 |   |   |    ├──main.yml (specifies the actions to install this role
 │   │   └── templates
 |   |   |    ├<(text files where ansible variables are substituted, specified via {% <variable> %} containers-(jinja2 language).
 │   ├── 2-common
 │   │   ├── README.rst
 │   │   ├── tasks
 │   │   └── templates
 ```
 At runtime, Ansible gathers system information and makes it available (called 'facts') and combines this with playbook defined 'variables' to guide the installation process. The execution follows a sequence of cascading steps:
 1. Bash script `./runansible` follows instructions in `iiab.yml` in the root directory.
 2. `iiab.yml` calls 9 aggregate roles (the numbered directories under `./roles/`).
 3. Each aggregate role has a `<role>/meta/main.yml` which calls the individual named roles.
 Please refer to the [IIAB Architecture](https://github.com/iiab/iiab/wiki/IIAB-Architecture) and [IIAB Variables]( https://github.com/iiab/iiab/wiki/IIAB-Variables) pages for more information.
 Installation
 ============
 Before you start the installation please refer to the [hardware section of FAQ](http://wiki.laptop.org/go/IIAB/FAQ#What_hardware_should_I_use.3F) page for memory, storage and network requirements for your platform. Also note that downloading content might take a long time on slower Internet connections.
 If you are a developer, please consider [building Internet-in-a-Box from scratch](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch).
 Please refer to the [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) page for more information.
 Setting up development environment
 ===================================
 ( This section uses experimental development environment for Internet-in-a-Box. It is being developed in the [iiab-dev-mode repository](https://github.com/arky/iiab-dev-mode). )
 This section provide a quick setup of Internet-in-a-Box (IIAB) development environment using [Vagrant](https://www.vagrantup.com/). You will need a computer with [virtualization enabled](https://www.virtualbox.org/manual/UserManual.html) and git, Vagrant (2.0 or later) and [VirtualBox](https://www.virtualbox.org/) installed.
 ## Requirements
 * git
 * [Vagrant (2.0 or later)](https://www.vagrantup.com/)
 * [VirtualBox](https://www.virtualbox.org/wiki/Downloads)
 * Editor ([Atom](www.atom.io), Emacs, vi, etc)
 ## Setup Instructions
 1. Check out the repository and its submodules onto your development machine.
 `git clone --recursive git@github.com:arky/iiab-dev-mode.git`
 2. Change directory into 'iiab-dev-mode' with `cd iiab-dev-mode`. You can update all the submodules to latest master using `git submodule foreach git pull origin master`
 3. Set up a vagrant machine with `vagrant up` and provision it with `vagrant provision`. Please select the available bridge network interface (wlan0 or eth0) that connects your host machine to the Internet.
 4. Connect to your vagrant machine with `vagrant ssh`. All your local development files available as shared folder in `/opt/iiab` directory.
 5. Install IIAB itself from the Ansible playbooks by following [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch) instructions:
 ```
   cd /opt/iiab/iiab/scripts/
   ./ansible
   cd /opt/iiab/iiab/
   ./runansible
   cd /opt/iiab/iiab-admin-console/
   ./install
   cd /opt/iiab/iiab-menu/
   ./cp-menus
 ```
 6. Hack away!
 7. You can commit your local changes to your personal forks of Internet-in-a-Box repository and then send pull request to IIAB project. Once you forked a repository, you change directory into that repository and setting a default git remote push setting with the following command.
   `cd <repo> && git remote set-url --push origin git@github.com:<your_username>/<your_forked_iiab_repo_name>.git`
 	Learn more by reading blog post [Different git Push & Pull(fetch) URLs](http://blog.yuriy.tymch.uk/2012/05/different-git-push-pullfetch-urls.html) and the [Git Basics - Working with Remotes](https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes) chapter of Scott Chacon and Ben Straub's "Git Pro" book.
 8. Once you are done, you can stop your vagrant machine with `vagrant halt` or remove it completely with `vagrant destroy`.
 Debugging
 =========
 Here are few strategies for debugging problems during the Internet-in-a-Box installation.
 * When a installation task fails, Ansible halts printing out a descriptive error message to the screen. This error information is also written to `iiab-install.log` file within `/opt/iiab/iiab`. (Look through logs to check if any preceding line contains the error).
 * When an installation succeeds, the last lines printed on the screen will look like the following (failed=0):
 ```
   PLAY RECAP *********************************************************************
   127.0.0.1                  : ok=405  changed=125  unreachable=0    failed=0
 ```
 * Search through the Ansible playbooks using `egrep -rn <string from the failing step> /opt/iiab/iiab/roles/*>` to find the failed task.
 * You can add additional [debug print statements](http://docs.ansible.com/ansible/latest/debug_module.html) to Ansible playbooks for debugging the problem.
 * Talk to us or report a bug using the information below.
 Please refer to [Ansible playbook documentation](http://docs.ansible.com/ansible/latest/playbooks.html) for more information.
 Testing your code with Travis CI
 =================================
 To maintain the quality of the Internet-in-a-Box (IIAB) code we use [Travis Continuous Integration (CI)](https://travis-ci.org) build infrastructure. Travis CI does tests to
 ensure the code syntax is correct and the code is formatted properly using `ansible` syntax checker, `ansible-lint` and `ansible-review` tools. The results of Travis CI Internet-in-a-Box (IIAB) could be seen [here](https://travis-ci.org/iiab/iiab).
 Every pull request is automatically tested by Travis CI. The results of these tests are added to the pull request. This aids Internet-in-a-Box (IIAB) developers in reviewing the quality of the code in a pull request.
 To test your forked repository of Internet-in-a-Box (IIAB) code. You have to enable automatic build tests in your [Travis-ci.org](https://travis-ci.org) profile page.
 * Login to [Travis-ci.org](https://travis-ci.org) using your Github account.
 * Go to your Travis CI profile page and enable the repository you want to build.
 * The builds will start whenever a new commit is pushed to your repository.
 Please refer to [Travis CI documentation](https://docs.travis-ci.com/user/getting-started/) for more information.
 Reporting Bugs
 ==============
 You can file bug reports on [GitHub](https://github.com/):
 * Sign up for a [GitHub](https://github.com/) account
 * Go to the [issue tracker on GitHub](https://github.com/iiab/iiab/issues)
 * Search for existing issues using the search field
 * If you don't find any similar issues, file a new issue!
 Please consider providing a descriptive title, your operating system information, error messages and steps to reproduce the issue.
 Get in touch
 ============
 * Join our [technology](http://lists.laptop.org/listinfo/server-devel) and [learning design](https://groups.google.com/group/unleashkids) mailing lists
 * Join our [live calls](http://minutes.iiab.io) most Mondays and Thursday
 * Join us on IRC live chat: [#schoolserver](https://webchat.freenode.net/?channels=#schoolserver) on [freenode]( https://www.freenode.net/)
 * Post an idea or question to our [community forums](http://iiab.io/)
 * Read our Frequently Asked Questions ([FAQ.IIAB.IO](http://FAQ.IIAB.IO))
--- a/LICENSE.md
+++ b/LICENSE.md
--- a/README-historical.md
+++ b/README-historical.md
@ -34,8 +34,8 @@ Please read the `installation`_ documentation.
 See the `XSCE project`_ for more information about the project.
-.. _XSCE wiki: https://github.com/XSCE/iiab/wiki
+.. _XSCE wiki: https://github.com/XSCE/xsce/wiki
-.. _installation: https://github.com/XSCE/iiab/wiki/XSCE-Installation
+.. _installation: https://github.com/XSCE/xsce/wiki/XSCE-Installation
 .. _ansible: http://www.ansibleworks.com/
 .. _ansible documentation: http://www.ansibleworks.com/docs/
 .. _XSCE project: http://schoolserver.org/
--- a/README.md
+++ b/README.md
@ -1,2 +1,22 @@
-# iiab
+# Internet-in-a-Box (IIAB) [![Build Status](https://travis-ci.org/iiab/iiab.svg?branch=master)](https://travis-ci.org/iiab/iiab)
-Internet in a Box - NEW VERSION orig from http://github.com/iiab
+
 Welcome to the Git repository of the Internet-in-a-Box (IIAB) project. This is a community-based project developed and supported by volunteers from around the world. The Internet-in-a-Box (IIAB) is small, inexpensive device which provides essential Internet resources (like Wikipedia, OpenStreetMap, Khan Academy and others) without any Internet connection. It provides a local content server of the world’s Free Knowledge.
 The older version of this repository is at [github.com/xsce](http://github.com/xsce). We are using [Ansible](https://www.ansible.com) as the underlying technology to install, deploy, configure and manage the various software components.
 ## Installation
 Please read the [Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) wiki page for details about installation of Internet-in-a-Box (IIAB).
 ## Built With
 * [Ansible](http://www.ansible.com)
 ## Contributing
 Please read our [Contributors Guide](https://github.com/iiab/iiab/wiki/IIAB-Contributors-Guide) to learn more about contributing to Internet-in-a-Box (IIAB) repository.
 ## Versioning
 You can track the latest Internet-in-a-Box (IIAB) [releases here](https://github.com/iiab/iiab/releases).
--- a/iiab-base.yml
+++ b/iiab-base.yml
@ -8,5 +8,6 @@
  - vars/local_vars.yml
  roles:
-      - { role: 1-prep, tags: ['prep','platform','base'] }
+      - { role: 0-init, tags: ['0-init'] }
      - { role: 1-prep, tags: ['1-prep','platform','base'] }
      - { role: openvpn, tags: ['openvpn'] }
--- a/iiab-from-console.yml
+++ b/iiab-from-console.yml
@ -9,10 +9,10 @@
  - /etc/iiab/config_vars.yml
  roles:
-      - { role: 1-prep, tags: ['prep','platform','base'] }
+      - { role: 0-init, tags: ['0-init'] }
-      - { role: 4-server-options, tags: ['options'] }
+      - { role: 4-server-options, tags: ['4-server-options'] }
-      - { role: 5-xo-services, tags: ['xo-services'] }
+      - { role: 5-xo-services, tags: ['5-xo-services'] }
-      - { role: 6-generic-apps, tags: ['generic-apps'] }
+      - { role: 6-generic-apps, tags: ['6-generic-apps'] }
-      - { role: 7-edu-apps, tags: ['edu-apps'] }
+      - { role: 7-edu-apps, tags: ['7-edu-apps'] }
-      - { role: 8-mgmt-tools, tags: ['tools'] }
+      - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
-      - { role: 9-local-addons, tags: ['addons'] }
+      - { role: 9-local-addons, tags: ['9-local-addons'] }
--- a/90
+++ b/90
@ -0,0 +1,90 @@
 #!/bin/bash -e
 # running from a git repo
 # Add cmdline options for passing to ansible
 # todo add proper shift to gobble up --debug --reinstall
 ARGS=""
 OLD_RPI_KERN="4.9.41-v7+"
 PLAYBOOK="iiab-stages.yml"
 INVENTORY="ansible_hosts"
 CWD=`pwd`
 OS=`grep ^ID= /etc/*release|cut -d= -f2`
 OS=${OS//\"/}
 function version_gt() { [ "$(printf '%s\n' "$@" | sort -V | head -1)" != "$1" ]; }
 export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
 if [ ! -f $PLAYBOOK ]; then
    echo "IIAB Playbook not found."
    echo "Please run this command from the top level of the git repo."
    echo "Exiting."
    exit 1
 fi
 if [ $OS == "raspbian" ]; then
    echo "Found Raspbian"
    CURRENT_KERN=`uname -r`
    if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then
    	echo "Kernel looks ok - continuing"
    else
 	echo "Kernel "$CURRENT_KERN" is too old. Before running './iiab-install' you first need"
 	echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot."
 	echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation"
 	exit 1
    fi
 fi
 if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then
    mkdir -p /etc/ansible/facts.d
 fi
 cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact
 STAGE=""
 if [ ! -f /etc/iiab/iiab.env ]; then
    mkdir -p /etc/iiab
    # ./scripts/ansible   # needs discussion
 else
    OLD=`grep XSCE /etc/iiab/iiab.env | wc -l`
    if [ "$OLD" != 0 ] || [ "$1" == "--reinstall" ]; then
        echo "Found old XSCE install - re-installing from scratch"
        rm /etc/iiab/iiab.env
        # check ansible version here and force ansible upgrade if needed
    else
        source /etc/iiab/iiab.env
        if [ "$1" == "--debug" ]; then
            echo "Entering debug mode"
            sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env
        elif [ ! $STAGE == 9 ]; then
            echo "Restarting *after* STAGE $STAGE..as soon as Stage 0 completes. Stage 9 comes last."
        elif [ $STAGE == 9 ]; then
            # place keeper add read response
            # "offer 'Y' or stage number dialog box option to override"
            echo "'iiab-install' has already been completed."
            echo "Use --debug to override."
            #echo "In demo mode not preventing second run"
            echo "Exiting."
            exit 1
        fi
    fi
 fi
 # if vars/local_vars.yml is missing, put a default one in place - First Run
 if [ ! -f ./vars/local_vars.yml ]; then
    case $OS in
        OLPC | fedora)
            cp ./vars/olpc.localvars ./vars/local_vars.yml
            ;;
        centos | debian | ubuntu | raspbian)
            cp ./vars/medium.localvars ./vars/local_vars.yml
            ;;
        *)
            echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..."
            exit 1
            ;;
    esac
 fi
 echo "Running local playbooks! "
 ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null
 ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local
--- a/33
+++ b/33
@ -1,17 +1,12 @@
 #!/bin/bash
-
+# running from a git repo
-if [ -f /etc/iiab/iiab.env ]
+# ansible files exist
-then
+CWD=`pwd`
-  . /etc/iiab/iiab.env
+export ANSIBLE_LOG_PATH="$CWD/iiab-network.log"
  cd $XSCE_DIR
 else
  echo /etc/iiab/iiab.env is missing. Playbook has not been run.
  exit 1
 fi
 if [ ! -f iiab-network.yml ]
 then
- echo "XSCE Playbook not found."
+ echo "IIAB Playbook not found."
 echo "Please run this command from the top level of the git repo."
 echo "Exiting."
 exit
@ -22,16 +17,24 @@ then
   touch /etc/iiab/config_vars.yml
 fi
-export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log"
+Start=`date`
 ansible-playbook -i ansible_hosts iiab-network.yml --connection=local
 End=`date`
 echo "" >> iiab-network.log
 ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log
 if [ ! "OS" == "debian" ]; then
   ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log
   nmcli d >> iiab-network.log
   nmcli c >> iiab-network.log
 fi
-brctl show >> iiab-network.log
+echo "" >> iiab-network.log
-echo "run on:" >> iiab-network.log
+ip r >> iiab-network.log
-date >> iiab-network.log
+echo "" >> iiab-network.log
 brctl show br0>> iiab-network.log
 echo "run start: $Start" >> iiab-network.log
 echo "run end: $End" >> iiab-network.log
 echo "" >> iiab-network.log
 echo "" >> iiab-network.log
 ip r
 brctl show br0
 echo "run start:$Start"
 echo "run end: $End"
--- a/iiab-network.yml
+++ b/iiab-network.yml
@ -9,5 +9,5 @@
  - /etc/iiab/config_vars.yml
  roles:
-      - { role: 1-prep, tags: ['prep','platform','base'] }
+      - { role: 0-init, tags: ['network'] }
      - { role: network, tags: ['network','base'] }
--- a/iiab-stages.yml
+++ b/iiab-stages.yml
@ -0,0 +1,70 @@
 ---
 - hosts: all
  become: yes
  vars_files:
  - roles/0-init/defaults/main.yml
  - vars/default_vars.yml
  - vars/{{ ansible_local.local_facts.os_ver }}.yml
  - vars/local_vars.yml
  tasks:
  - name: 0-init
    include_role:
      name: 0-init
    tags: 0-init
  - name: 1-prep
    include_role:
      name: 1-prep
    when: ansible_local.local_facts.stage|int < 1
    tags: 1-prep, platform, base
  - name: 2-common
    include_role:
      name: 2-common
    when: ansible_local.local_facts.stage|int < 2
    tags: 2-common, base
  - name: 3-base-server
    include_role:
      name: 3-base-server
    when: ansible_local.local_facts.stage|int < 3
    tags: 3-base-server, base
  - name: 4-server-options
    include_role:
      name: 4-server-options
    when: ansible_local.local_facts.stage|int < 4
    tags: 4-server-options
  - name: 5-xo-services
    include_role:
      name: 5-xo-services
    when: ansible_local.local_facts.stage|int < 5
    tags: 5-xo-services
  - name: 6-generic-apps
    include_role:
      name: 6-generic-apps
    when: ansible_local.local_facts.stage|int < 6
    tags: 6-generic-apps
  - name: 7-edu-apps
    include_role:
      name: 7-edu-apps
    when: ansible_local.local_facts.stage|int < 7
    tags: 7-edu-apps
  - name: 8-mgmt-tools
    include_role:
      name: 8-mgmt-tools
    when: ansible_local.local_facts.stage|int < 8
    tags: 8-mgmt-tools
  - name: 9-local-addons
    include_role:
      name: 9-local-addons
    when: ansible_local.local_facts.stage|int < 9
    tags: 9-local-addons
--- a/iiab.yml
+++ b/iiab.yml
@ -4,16 +4,18 @@
  vars_files:
  - vars/default_vars.yml
-  - vars/{{ ansible_local.local_facts.os_ver}}.yml
+  - vars/{{ ansible_local.local_facts.os_ver }}.yml
  - vars/local_vars.yml
  - /etc/iiab/config_vars.yml
  roles:
-      - { role: 1-prep, tags: ['prep','platform','base'] }
+      - { role: 0-init, tags: ['0-init'] }
-      - { role: 2-common, tags: ['common','base'] }
+      - { role: 1-prep, tags: ['1-prep','platform','base'] }
-      - { role: 3-base-server, tags: ['base'] }
+      - { role: 2-common, tags: ['2-common','base'] }
-      - { role: 4-server-options, tags: ['options'] }
+      - { role: 3-base-server, tags: ['3-base-server','base'] }
-#      - { role: 5-xo-services, tags: ['xo-services'] }
+      - { role: 4-server-options, tags: ['4-server-options'] }
-      - { role: 6-generic-apps, tags: ['generic-apps'] }
+      - { role: 5-xo-services, tags: ['5-xo-services'] }
-      - { role: 7-edu-apps, tags: ['edu-apps'] }
+      - { role: 6-generic-apps, tags: ['6-generic-apps'] }
-      - { role: 8-mgmt-tools, tags: ['tools'] }
+      - { role: 7-edu-apps, tags: ['7-edu-apps'] }
-      - { role: 9-local-addons, tags: ['addons'] }
+      - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
      - { role: 9-local-addons, tags: ['9-local-addons'] }
--- a/4
+++ b/4
@ -2,6 +2,9 @@
 PLAYBOOK="iiab-base.yml"
 INVENTORY="ansible_hosts"
 CWD=`pwd`
 export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
 if [ ! -f $PLAYBOOK ]
 then
@ -14,5 +17,4 @@ fi
 sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml
 sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml
 export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log"
 ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local
--- a/roles/0-init/defaults/main.yml
+++ b/roles/0-init/defaults/main.yml
@ -0,0 +1,32 @@
 # use these as a tag a release at a point in time
 iiab_base_ver: 6.4
 gui_version: 2
 # These entries should never be changed in this file.
 # These are defaults for boolean routines, 
 first_run: False
 rpi_model: none
 is_rpi: False
 xo_model: none
 gw_active: none
 internet_available: False
 discovered_wan_iface: none
 # old defs
 gui_port: 80
 exFAT_enabled: False
 is_F18: False
 # Set default 1-prep discovered hardware
 rtc_id: ds3231
 NUC6_firmware_needed: False
 # used in 2-common xo.yml
 wifi_id: none
 # used 3+ others
 installing: False
 # network
 no_net_restart: False
 no_NM_reload: False
--- a/roles/0-init/tasks/computed_vars.yml
+++ b/roles/0-init/tasks/computed_vars.yml
@ -0,0 +1,221 @@
 - name: re-read local_facts.facts from /etc/ansible/facts.d
  setup: filter=ansible_local
 # set top level variables from local facts for convenience
 - set_fact:
      xo_model: '{{ ansible_local.local_facts.xo_model }}'
      phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}'
      iiab_stage: '{{ ansible_local.local_facts.stage }}'
 # Networking uses a different file for the rpi
 - name: Discover if this is a rpi -- assume if so it is running raspbian
  set_fact:
      rpi_model: "rpi"
      is_rpi: True
      no_net_restart: True
  when: ansible_local.local_facts.os == "raspbian"
 - name: Set exFAT enabled for XO laptops
  set_fact:
     exFAT_enabled: True
  when: xo_model != "none"
 - name: set FQDN
  set_fact:
      iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
      FQDN_changed: False
 - name: FQDN changed
  set_fact:
      FQDN_changed: True
  when: iiab_fqdn != ansible_fqdn
 - name: Now check FQDN
  include_tasks: roles/2-common/tasks/hostname.yml
  when: FQDN_changed
 # Discover  do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
 - name: Finding gateway
  set_fact:
      discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
      iiab_wan_iface: "{{ discovered_wan_iface }}"
  when: ansible_default_ipv4.gateway is defined
 - name: Verify gateway present
  shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l
  when: discovered_wan_iface != "none"
  register: gw_active_test
 - name: Recording gateway response
  set_fact:
      gw_active: True
  when: discovered_wan_iface != "none" and gw_active_test.stdout == "1"
 - name: Test for internet access
  get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
  ignore_errors: True
 #  async: 10
 #  poll: 2
  register: internet_access_test
 - name: Set internet_available true if wget succeeded
  set_fact:
      internet_available: True
  when: not internet_access_test|failed and not disregard_network
 - name: Cleanup internet test file
  file: path=/tmp/heart-beat.txt
        state=absent
 # Put all computed vars here so derive properly from any prior var file
 - name: If the TZ is not set in env, set it to UTC
  set_fact: local_tz='UTC'
  when: local_tz == ""
 - name: Set port 80 for Admin Console
  set_fact:
    gui_port: 80
  when: not adm_cons_force_ssl
 - name: Set port 443 for Admin Console
  set_fact:
    gui_port: 443
  when: adm_cons_force_ssl
 - name: Require MySQL to be on
  set_fact:
    mysql_install: True
    mysql_enabled: True
 # we decided to enable mysql unconditionally
 #  when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install
 # Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427
 # - name: Turn on mongodb if sugarizer enabled
 #   set_fact:
 #     mongodb_install: True
 #     mongodb_enabled: True
 #   when: sugarizer_enabled
 # There might be other db's
 - name: Turn on PostgreSQL if Moodle or Pathagar enabled
  set_fact:
    postgresql_install: True
    postgresql_enabled: True
  when: moodle_enabled or pathagar_enabled
 - name: Turn on Docker if SchoolTool is to be installed
  set_fact:
    docker_install: True
    docker_enabled: True
  when: schooltool_enabled or schooltool_install
 - name: Set python_path for is_redhat
  set_fact:
    python_path: /usr/lib/python2.7/site-packages/
  when: is_redhat
 - name: Set python_path for is_debuntu
  set_fact:
    python_path: /usr/local/lib/python2.7/dist-packages/
  when: is_debuntu
 # for various reasons the mysql service can not be enabled on fedora 20,
 # but 'mariadb', which is its real name can
 # on fedora 18 we need to use 'mysqld'
 - name: Set mysqld_service to mariadb by default
  set_fact:
    mysql_service: mariadb
 - name: Set mysqld_service to mysqld for Fedora 18
  set_fact:
    mysql_service: mysqld
    no_NM_reload: True
    is_F18: True
  when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
 - name: Set mysql_service to mysql for Debian
  set_fact:
    mysql_service: mysql
  when: is_debuntu
 # PLATFORM variables
 - name: Fedora 20
  set_fact:
    is_F20: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "20"
 - name: Fedora 21
  set_fact:
    is_F21: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "21"
 - name: Fedora 22
  set_fact:
    is_F22: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "22"
 - name: Fedora 23
  set_fact:
    is_F23: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "23"
 - name: Fedora 24
  set_fact:
    is_F24: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "24"
 - name: CentOS
  set_fact:
    is_CentOS: True
  when: ansible_distribution == "CentOS"
 - name: add version section
  ini_file: dest='{{ iiab_config_file }}'
            section=runtime
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: 'iiab_stage'
      value: '{{ iiab_stage }}'
    - option: 'runtime_php'
      value: '{{ phplib_dir }}'
    - option: 'runtime_branch'
      value: '{{ ansible_local.local_facts.iiab_branch }}'
    - option: 'runtime_commit'
      value: '{{ ansible_local.local_facts.iiab_commit }}'
    - option: 'runtime_date'
      value: '{{ ansible_date_time.iso8601 }}'
    - option: 'ansible_version'
      value: '{{ ansible_local.local_facts.ansible_version }}'
    - option: 'kernel'
      value: '{{ ansible_kernel }}'
    - option: 'memory_mb'
      value: '{{ ansible_memtotal_mb }}'
    - option: 'swap_mb'
      value: '{{ ansible_swaptotal_mb }}'
    - option: 'product_id'
      value: '{{ ansible_product_uuid }}'
    - option: 'gw_active'
      value:  '{{ gw_active }}'
    - option: 'internet_available'
      value:  '{{ internet_available }}'
    - option: 'is_rpi'
      value:  '{{ is_rpi }}'
    - option: 'first_run'
      value:  '{{ first_run }}'
    - option: 'local_tz'
      value:  '{{ local_tz }}'
    - option: 'FQDN_changed'
      value:  '{{ FQDN_changed }}'
 - name: STAGE 0 HAS COMPLETED ======================================
  ini_file: dest='{{ iiab_config_file }}'
            section=runtime
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: 'is_VM'
      value:  'yes'
  when: is_VM is defined
--- a/roles/0-init/tasks/main.yml
+++ b/roles/0-init/tasks/main.yml
@ -0,0 +1,210 @@
 # Initialize
 - name: ...IS BEGINNING ============================================
  stat: path=/etc/iiab/iiab.env
  register: NewInstall
 - name: Setting first run flag
  set_fact:
    first_run: True
  when: not NewInstall.stat.exists
 # we need to inialize the ini file and only write the location and version sections once and only
 # once to preserve the install date and git hash.
 - name: Write iiab_ini.yml for the first time
  include_tasks: roles/1-prep/tasks/iiab_ini.yml
  when: first_run
 #- name: Loading computed_vars
 #  include_tasks: roles/0-init/tasks/computed_vars.yml
 - name: re-read local_facts.facts from /etc/ansible/facts.d
  setup: filter=ansible_local
 # set top level variables from local facts for convenience
 - set_fact:
      xo_model: '{{ ansible_local.local_facts.xo_model }}'
      phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}'
      iiab_stage: '{{ ansible_local.local_facts.stage }}'
 # Networking uses a different file for the rpi
 - name: Discover if this is a rpi -- assume if so it is running raspbian
  set_fact:
      rpi_model: "rpi"
      is_rpi: True
 #      no_net_restart: True
 #      nobridge: True
  when: ansible_local.local_facts.os == "raspbian"
 - name: Set exFAT enabled for XO laptops
  set_fact:
     exFAT_enabled: True
  when: xo_model != "none"
 # Discover  do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
 - name: Finding gateway
  set_fact:
      discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
      iiab_wan_iface: "{{ discovered_wan_iface }}"
  when: ansible_default_ipv4.gateway is defined
 - name: Verify gateway present
  shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l
  when: discovered_wan_iface != "none"
  register: gw_active_test
 - name: Recording gateway response
  set_fact:
      gw_active: True
  when: discovered_wan_iface != "none" and gw_active_test.stdout == "1"
 - name: Test for internet access
  get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
  ignore_errors: True
 #  async: 10
 #  poll: 2
  register: internet_access_test
 - name: Set internet_available true if wget succeeded
  set_fact:
      internet_available: True
  when: not internet_access_test|failed and not disregard_network
 - name: Cleanup internet test file
  file: path=/tmp/heart-beat.txt
        state=absent
 # Put all computed vars here so derive properly from any prior var file
 - name: If the TZ is not set in env, set it to UTC
  set_fact: local_tz='UTC'
  when: local_tz == ""
 - name: Set port 80 for Admin Console
  set_fact:
    gui_port: 80
  when: not adm_cons_force_ssl
 - name: Set port 443 for Admin Console
  set_fact:
    gui_port: 443
  when: adm_cons_force_ssl
 - name: Require MySQL to be on
  set_fact:
    mysql_install: True
    mysql_enabled: True
 # we decided to enable mysql unconditionally
 #  when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install
 # Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427
 # - name: Turn on mongodb if sugarizer enabled
 #   set_fact:
 #     mongodb_install: True
 #     mongodb_enabled: True
 #   when: sugarizer_enabled
 # There might be other db's
 - name: Turn on PostgreSQL if Moodle or Pathagar enabled
  set_fact:
    postgresql_install: True
    postgresql_enabled: True
  when: moodle_enabled or pathagar_enabled
 - name: Turn on Docker if SchoolTool is to be installed
  set_fact:
    docker_install: True
    docker_enabled: True
  when: schooltool_enabled or schooltool_install
 - name: Set python_path for is_redhat
  set_fact:
    python_path: /usr/lib/python2.7/site-packages/
  when: is_redhat
 - name: Set python_path for is_debuntu
  set_fact:
    python_path: /usr/local/lib/python2.7/dist-packages/
  when: is_debuntu
 # for various reasons the mysql service can not be enabled on fedora 20,
 # but 'mariadb', which is its real name can
 # on fedora 18 we need to use 'mysqld'
 - name: Set mysqld_service to mariadb by default
  set_fact:
    mysql_service: mariadb
 - name: Set mysqld_service to mysqld for Fedora 18
  set_fact:
    mysql_service: mysqld
    no_NM_reload: True
    is_F18: True
  when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
 - name: Set mysql_service to mysql for Debian
  set_fact:
    mysql_service: mysql
  when: is_debuntu
 - name: set FQDN
  set_fact:
      iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
      FQDN_changed: False
 - name: FQDN changed
  set_fact:
      FQDN_changed: True
  when: iiab_fqdn != ansible_fqdn
 - name: add version section
  ini_file: dest='{{ iiab_config_file }}'
            section=runtime
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: 'iiab_stage'
      value: '{{ iiab_stage }}'
    - option: 'runtime_php'
      value: '{{ phplib_dir }}'
    - option: 'runtime_branch'
      value: '{{ ansible_local.local_facts.iiab_branch }}'
    - option: 'runtime_commit'
      value: '{{ ansible_local.local_facts.iiab_commit }}'
    - option: 'runtime_date'
      value: '{{ ansible_date_time.iso8601 }}'
    - option: 'ansible_version'
      value: '{{ ansible_local.local_facts.ansible_version }}'
    - option: 'kernel'
      value: '{{ ansible_kernel }}'
    - option: 'memory_mb'
      value: '{{ ansible_memtotal_mb }}'
    - option: 'swap_mb'
      value: '{{ ansible_swaptotal_mb }}'
    - option: 'product_id'
      value: '{{ ansible_product_uuid }}'
    - option: 'gw_active'
      value:  '{{ gw_active }}'
    - option: 'internet_available'
      value:  '{{ internet_available }}'
    - option: 'is_rpi'
      value:  '{{ is_rpi }}'
    - option: 'first_run'
      value:  '{{ first_run }}'
    - option: 'local_tz'
      value:  '{{ local_tz }}'
    - option: 'FQDN_changed'
      value:  '{{ FQDN_changed }}'
 - name: Now changing FQDN
  include_tasks: roles/2-common/tasks/hostname.yml
  when: FQDN_changed
 - name: STAGE 0 HAS COMPLETED ======================================
  ini_file: dest='{{ iiab_config_file }}'
            section=runtime
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: 'is_VM'
      value:  'yes'
  when: is_VM is defined
--- a/roles/1-prep/README.rst
+++ b/roles/1-prep/README.rst
@ -2,5 +2,6 @@
 Prep README
 ===========
-This role is a sort on init or startup.  It includes preliminaries like hostname and is where things
+This role is primarily hardware-focused, prior to OS additions/mods.  Traditionally it included
-that are specific to a particular platform, such as the XO, are done before the bulk of the install.
+preliminaries like hostname and things specific to a particular platform, such as the XO laptop,
 done before the bulk of the install.
--- a/roles/1-prep/defaults/main.yml
+++ b/roles/1-prep/defaults/main.yml
@ -1,54 +0,0 @@
 # use these as a tag a release at a point in time
 iiab_base_ver: 6.4
 gui_version: 2
 # These entries should never be changed in this file.
 # These are defaults for boolean routines, 
 first_run: False
 installing: False
 NUC6_firmware_needed: False
 exFAT_enabled: False
 no_NM_reload: False
 has_WAN: False
 wireless_lan_present: False
 strict_networking: False
 iiab_demo_mode: False
 gw_active: False
 gui_static_wan: False
 internet_available: False
 is_F18: False
 is_F20: False
 is_F21: False
 is_F22: False
 is_F23: False
 is_F24: False
 # Set default for discovered hardware
 driver_name: nl80211
 rpi_model: none
 is_rpi: False
 xo_model: none
 rtc_id: ds3231
 # Set defaults for discovery process as strings
 wifi1: "not found-1"
 wifi2: "not found-2"
 discovered_wan_iface: "none"
 discovered_lan_iface: "none"
 discovered_wireless_iface: "none"
 iiab_wireless_lan_iface: "none"
 iiab_lan_iface: "none"
 iiab_wan_iface: "none"
 device_gw: "none"
 has_ifcfg_gw: "none"
 has_wifi_gw: "none"
 ap_device: "none"
 device_gw2: ""
 gui_port: 80
 # must keep roles/iiab-admin/defaults/main.yml sync'd
 admin_console_path: "{{ iiab_base }}/admin_console"
 cmdsrv_path: "{{ iiab_base }}/iiab_cmdsrv"
 iiab_cmdsrv_dbname : "iiab_cmdsrv.0.2.db"
 wifi_id: none
--- a/roles/1-prep/tasks/computed_vars.yml
+++ b/roles/1-prep/tasks/computed_vars.yml
@ -1,141 +0,0 @@
 # get local vars from scripts in /etc/ansible/facts.d
 # on first run, this will generate UUID
 - name: re-read facts
  setup: filter=ansible_local
 # set top level variables from local facts for convenience
 - set_fact:
     xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}'
     phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}'
 - name: Set exFAT enabled for XOs
  set_fact:
     exFAT_enabled: True
  when: xo_model != "none"
 - name: add version section
  ini_file: dest='{{ iiab_config_file }}'
            section=runtime
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: 'runtime_branch'
      value: '{{ ansible_local["local_facts"]["iiab_branch"] }}'
    - option: 'runtime_commit'
      value: '{{ ansible_local["local_facts"]["iiab_commit"] }}'
    - option: 'runtime_date'
      value: '{{ ansible_date_time["iso8601"] }}'
    - option: 'runtime_php'
      value: '{{ phplib_dir }}'
    - option: 'kernel'
      value: '{{ ansible_kernel }}'
    - option: 'memory_mb'
      value: '{{ ansible_memtotal_mb }}'
    - option: 'swap_mb'
      value: '{{ ansible_swaptotal_mb }}'
    - option: 'product_id'
      value: '{{ ansible_product_uuid }}'
 # Put all computed vars here so derive properly from any prior var file
 - name: If the TZ is not set in env, set it to UTC
  set_fact: local_tz='UTC'
  when: local_tz == ""
 - name: Set port 80 for Admin Console
  set_fact:
    gui_port: 80
  when: not adm_cons_force_ssl
 - name: Set port 443 for Admin Console
  set_fact:
    gui_port: 443
  when: adm_cons_force_ssl
 - name: Turn on mysql if elgg or rachel enabled
  set_fact:
    mysql_install: True
    mysql_enabled: True
 # we decided to enable mysql unconditionally
 #  when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install
 - name: Turn on mongodb if sugarizer enabled
  set_fact:
    mongodb_install: True
    mongodb_enabled: True
  when: sugarizer_enabled
 # There might be other db's
 - name: Turn on postgresql if moodle or pathagar enabled
  set_fact:
    postgresql_install: True
    postgresql_enabled: True
  when: moodle_enabled or pathagar_enabled
 - name: Turn on docker if schooltool is to be installed
  set_fact:
    docker_install: True
    docker_enabled: True
  when: schooltool_enabled or schooltool_install
 - name: Set python_path for is_redhat
  set_fact:
    python_path: /usr/lib/python2.7/site-packages/
  when: is_redhat
 - name: Set python_path for is_debuntu
  set_fact:
    python_path: /usr/local/lib/python2.7/dist-packages/
  when: is_debuntu
 # for various reasons the mysql service can not be enabled on fedora 20,
 # but 'mariadb', which is its real name can
 # on fedora 18 we need to use 'mysqld'
 - name: Set mysqld service name to mariadb by default
  set_fact:
    mysql_service: mariadb
 - name: Set mysqld service name to mysqld for fedora 18
  set_fact:
    mysql_service: mysqld
    no_NM_reload: True
    is_F18: True
  when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
 - name: Set mysql service name to mysql for debian
  set_fact:
    mysql_service: mysql
  when: is_debuntu
 # PLATFORM variables
 - name: Fedora 20
  set_fact:
    is_F20: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "20"
 - name: Fedora 21
  set_fact:
    is_F21: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "21"
 - name: Fedora 22
  set_fact:
    is_F22: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "22"
 - name: Fedora 23
  set_fact:
    is_F23: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "23"
 - name: Fedora 24
  set_fact:
    is_F24: True
  when: ansible_distribution == "Fedora" and ansible_distribution_version == "24"
 - name: CentOS
  set_fact:
    is_CentOS: True
  when: ansible_distribution == "CentOS"
--- a/roles/1-prep/tasks/iiab_ini.yml
+++ b/roles/1-prep/tasks/iiab_ini.yml
@ -25,10 +25,10 @@
    - option: 'arch'
      value: '{{ ansible_architecture }}'
    - option: 'iiab_branch'
-      value: '{{ ansible_local["local_facts"]["iiab_branch"] }}'
+      value: '{{ ansible_local.local_facts.iiab_branch }}'
    - option: 'iiab_commit'
-      value: '{{ ansible_local["local_facts"]["iiab_commit"] }}'
+      value: '{{ ansible_local.local_facts.iiab_commit }}'
    - option: 'install_date'
-      value: '{{ ansible_date_time["iso8601"] }}'
+      value: '{{ ansible_date_time.iso8601 }}'
    - option: 'install_xo'
      value: '{{ xo_model }}'
--- a/roles/1-prep/tasks/main.yml
+++ b/roles/1-prep/tasks/main.yml
@ -1,27 +1,14 @@
- name: Determine if runansible was run
+# Preparations (Hardware Level)
  stat: path=/etc/iiab/config_vars.yml
  register: NewInstall
- name: Setting first run flag
+- name: ...IS BEGINNING ============================================
-  set_fact:
+  command: echo
    first_run: True
  when: NewInstall.stat.exists is defined and not NewInstall.stat.exists
-# we need to inialize the ini file
+- name: Get the uuidgen program
 - include: iiab_ini.yml
  when: first_run
 - name: Set flag for fedora 18
  set_fact:
    is_F18: True
  when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
 - name: get the uuidgen program
  package: name=uuid-runtime
           state=present
  when: is_debuntu
- name: Test for UUID file 
+- name: Test for /etc/iiab/uuid file
  stat: path=/etc/iiab/uuid
  register: uuid_file
@ -38,11 +25,11 @@
  shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid
  when: not uuid_file.stat.exists
- name: get the uuid
+- name: Get the uuid
  command: cat /etc/iiab/uuid
  register: stored_uuid
- name: get the value into a variable
+- name: Get the value into a variable
  set_fact:
      uuid={{ stored_uuid.stdout_lines[0] }}
@ -61,46 +48,41 @@
            dest=/etc/chrony.conf
            src=chrony.conf.j2
- name: Disable apparmor -- on by default in ubuntu
+- name: Disable AppArmor -- on by default in Ubuntu
  service: name=apparmor enabled=False state=stopped
-  when: first_run and is_ubuntu
+  when: is_ubuntu
  ignore_errors: true
- name: Disable selinux on next boot
+- name: Disable SELinux on next boot
  selinux: state=disabled
  register: selinux_disabled
-  when: first_run and not is_debuntu
+  when: not is_debuntu
- name: Disable selinux for this session (if needed)
+- name: Disable SELinux for this session (if needed)
  command: setenforce Permissive
  when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
 ##  DISCOVER PLATFORMS ######
- name: Discover if this is a rpi -- assume if so it is running raspbian
+- include_tasks: prep.yml
  set_fact:
     rpi_model: "rpi"
     is_rpi: "True"
  when:   ansible_local.local_facts.os == "raspbian"
  ignore_errors: true
 - include: prep.yml
 - include: computed_vars.yml
 - include: detected_network.yml
  when: not installing
 # Put conditional actions for hardware platforms here
- include: raspberry_pi_2.yml
+- include_tasks: raspberry_pi_2.yml
  when: first_run and rpi_model != "none"
- name: Check if the identifier for intel's NUC6 builtin wifi is present
+- name: Check if the identifier for Intel's NUC6 builtin WiFi is present
  shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'"
  register: usb_NUC6
  ignore_errors: true
  when: first_run
- name: download the firmware for built in wifi on NUC6
+- name: Download the firmware for built-in WiFi on NUC6
  get_url: dest=/lib/firmware
           url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode
-  when: first_run and usb_NUC6.stdout|int > 0
+  when: usb_NUC6.stdout|int > 0
 # this script can be sourced to get IIAB location
 - name: Recording STAGE 1 HAS COMPLETED ============================
  template: src=roles/1-prep/templates/iiab.env.j2
            dest=/etc/iiab/iiab.env
            owner=root
            group=root
            mode=0644
--- a/roles/1-prep/tasks/prep.yml
+++ b/roles/1-prep/tasks/prep.yml
@ -32,25 +32,6 @@
        mode=0755
        state=directory
 # this script can be sourced to get iiab location
 - name: Create iiab.env file
  template: src=iiab.env.j2
            dest=/etc/iiab/iiab.env
            owner=root
            group=root
            mode=0644
 - name: put a python interface to iiab.env
  template: src=iiab_env.py.j2
            dest=/etc/iiab/iiab_env.py
 - name: create ansible.d facts directory
  file: path=/etc/ansible/facts.d
        owner=root
        group=root
        mode=0750
        state=directory
 - name: Set XO model
  set_fact:
    phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}'
--- a/roles/1-prep/tasks/raspberry_pi_2.yml
+++ b/roles/1-prep/tasks/raspberry_pi_2.yml
@ -26,23 +26,23 @@
            mode=0644
  when: rtc_id != "none"
- name: pre-Install packages
+- name: Pre-install packages
  package: name={{ item }}
           state=latest
  with_items:
    - ntp
- name: increase the swap file size (kalite pip download fails)
+- name: Increase the swap file size (kalite pip download fails)
  lineinfile: regexp="^CONF_SWAPSIZE"
              line=CONF_SWAPSIZE=500
              dest=/etc/dphys-swapfile
  when: is_debuntu
- name: restart the swap service
+- name: Restart the swap service
  command: /etc/init.d/dphys-swapfile restart
  when: is_debuntu
- name: Add rpi rootfs resizing service
+- name: Add RPi rootfs resizing service
  template: src={{ item.src }}
            dest={{ item.dest }}
            owner=root
@ -55,4 +55,3 @@
 - name: Enable rootfs resizing service
  service: name=iiab-rpi-root-resize
           enabled=yes
--- a/roles/1-prep/templates/iiab.env.j2
+++ b/roles/1-prep/templates/iiab.env.j2
@ -1,7 +1,8 @@
-# This is a configuration file for XSCE
+# This is a configuration file for IIAB
 # It can sourced in a shell script or read into an application
-XSCE_BASE_PATH={{ iiab_base }}
+IIAB_BASE_PATH={{ iiab_base }}
-XSCE_DIR={{ iiab_dir }}
+IIAB_DIR={{ iiab_dir }}
 OS={{ ansible_local.local_facts.os }}
 OS_VER={{ ansible_local.local_facts.os_ver }}
 WWWROOT={{ doc_root }}
 STAGE=1
--- a/roles/2-common/tasks/centos.yml
+++ b/roles/2-common/tasks/centos.yml
@ -13,17 +13,18 @@
  with_items:
   - epel-release
- name: Install XECE repo for CentOS
+- name: Install IIAB repo for CentOS
  template: src={{ item }} dest=/etc/yum.repos.d/ owner=root group=root mode=0644
  with_items:
   - iiab-centos.repo
   - li.nux.ro.repo
   - ansible.repo
- name: Disable updating ansible on CentOS
+#- name: Disable updating ansible on CentOS
-  shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
+#  shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
-  with_items:
+#  with_items:
-    - /etc/yum.repos.d/CentOS-Base.repo
+#    - /etc/yum.repos.d/CentOS-Base.repo
-    - /etc/yum.repos.d/CentOS-CR.repo
+#    - /etc/yum.repos.d/CentOS-CR.repo
-    - /etc/yum.repos.d/CentOS-fasttrack.repo
+#    - /etc/yum.repos.d/CentOS-fasttrack.repo
-    - /etc/yum.repos.d/CentOS-Vault.repo
+#    - /etc/yum.repos.d/CentOS-Vault.repo
-  when: ansible_distribution == "CentOS"
+#  when: ansible_distribution == "CentOS"
--- a/roles/2-common/tasks/fedora.yml
+++ b/roles/2-common/tasks/fedora.yml
@ -14,10 +14,10 @@
  shell: yum --enablerepo=rpmfusion-free-updates install exfat-utils fuse-exfat
  when: exFAT_enabled == "True"
- name: Disable updating ansible on Fedora
+#- name: Disable updating ansible on Fedora
-  shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
+#  shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
-  with_items:
+#  with_items:
-    - /etc/yum.repos.d/fedora.repo
+#    - /etc/yum.repos.d/fedora.repo
-    - /etc/yum.repos.d/fedora-updates.repo
+#    - /etc/yum.repos.d/fedora-updates.repo
-    - /etc/yum.repos.d/fedora-updates-testing.repo
+#    - /etc/yum.repos.d/fedora-updates-testing.repo
-  when: ansible_distribution == "Fedora"
+#  when: ansible_distribution == "Fedora"
--- a/roles/2-common/tasks/hostname.yml
+++ b/roles/2-common/tasks/hostname.yml
@ -0,0 +1,52 @@
 - name: Create filesytem layout
  include_tasks: roles/2-common/tasks/fl.yml
  when: first_run
 - name: Turn the crank for systemd
  shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}"
  when: is_debuntu
 - name: Configure /etc/sysconfig/network
  template: src=roles/network/templates/network/sysconfig.network.j2
            dest=/etc/sysconfig/network
            owner=root
            group=root
            mode=0644
  when: is_redhat
 - name: Configure short hostname in /etc/hosts
  lineinfile: dest=/etc/hosts
              regexp='^127\.0\.0\.1'
              line='127.0.0.1            localhost.localdomain   localhost  box {{ iiab_hostname }}'
              owner=root
              group=root
              mode=0644
 - name: Configuring named
  include_tasks: roles/network/tasks/named.yml
  tags:
    - named
    - network
    - domain
 - name: Configuring dhcpd
  include_tasks: roles/network/tasks/dhcpd.yml
  tags:
    - dhcpd
    - network
    - domain
 - name: Configuring Squid
  include_tasks: roles/network/tasks/squid.yml
  when: squid_install
  tags:
    - squid
    - network
 - name: Re-configuring httpd - not initial install
  include_tasks: roles/httpd/tasks/main.yml
  when: iiab_stage|int > 3
 - name: Re-configuring rest of networking - not initial install
  include_tasks: roles/network/tasks/main.yml
  when: iiab_stage|int > 4
--- a/roles/2-common/tasks/iiab_ini.yml
+++ b/roles/2-common/tasks/iiab_ini.yml
@ -14,7 +14,7 @@
    - option: 'iiab_dir'
      value: '{{ iiab_dir }}'
- name: add version section
+- name: Add version section
  ini_file: dest='{{ iiab_config_file }}'
            section=version
            option='{{ item.option }}'
--- a/roles/2-common/tasks/main.yml
+++ b/roles/2-common/tasks/main.yml
@ -1,20 +1,26 @@
 # Common OS-Level Additions & Mods (that only need to be performed once)
- include: iiab_ini.yml
+- name: ...IS BEGINNING ==========================================
  command: echo
-# create the directory structure for XSCE
+#- include_tasks: iiab_ini.yml
 - include: fl.yml
- include: xo.yml
+# create the directory structure for IIAB
 #- include_tasks: fl.yml
 - include_tasks: xo.yml
  when: xo_model != "none" or osbuilder is defined
- include: centos.yml
+- include_tasks: roles/network/tasks/iptables.yml
 - include_tasks: centos.yml
  when: ansible_distribution == "CentOS"
- include: fedora.yml
+- include_tasks: fedora.yml
  when: ansible_distribution == "Fedora"
 # the following installs common packages for both debian and fedora
- include: packages.yml
+- include_tasks: packages.yml
 - sysctl: name=net.ipv4.ip_forward value=1 state=present
 - sysctl: name=net.ipv4.conf.default.rp_filter value=1 state=present
@ -28,7 +34,7 @@
 - sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present
 - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present
- name: Set default Timezone
+- name: Set default Time Zone
  shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime
  when: iiab_TZ is defined and iiab_TZ != ""
@ -39,7 +45,13 @@
            mode=0644
            backup=no
- include: net_mods.yml
+- include_tasks: net_mods.yml
  when: not is_debuntu and not is_F18
- include: udev.yml
+- include_tasks: udev.yml
 - name: Recording STAGE 2 HAS COMPLETED ==========================
  lineinfile: dest=/etc/iiab/iiab.env
              regexp='^STAGE=*'
              line='STAGE=2'
              state=present
--- a/roles/2-common/tasks/packages.yml
+++ b/roles/2-common/tasks/packages.yml
@ -1,16 +1,16 @@
- name: install yum deps for arm!!!
+- name: Install yum deps for arm!!!
  shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser
  when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: install yum from Fedora 23 for arm!!!
+- name: Install yum from Fedora 23 for arm!!!
-  shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf 
+  shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf
  when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!!
+- name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!!
  shell: dnf install -y yum
  when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l"
- name: get the createrepo program
+- name: Get the createrepo program
  package: name=createrepo
           state=present
  when: is_redhat
@ -19,7 +19,7 @@
  shell: createrepo {{ yum_packages_dir }}
  when: is_redhat
- name: Install local repo file.
+- name: Install local repo file
  template: dest=/etc/yum.repos.d/iiab-local.repo
            src=local.repo
            owner=root
@ -36,6 +36,9 @@
   - linux-firmware
   - syslog
   - xml-common
   - nss-mdns
   - avahi
   - avahi-tools
  when: is_redhat
 - name: Download usbmount -- not in debian-9
@ -52,6 +55,9 @@
  with_items:
    - inetutils-syslogd
    - wpasupplicant
    - libnss-mdns
    - avahi-daemon
    - avahi-discover
  when: is_debuntu
 - name: Install common packages
@ -83,6 +89,7 @@
   - curl
   - pandoc
   - lynx
   - ntfs-3g
 #- name: Install pip as a commonly required package management system
 #  command: curl https://bootstrap.pypa.io/get-pip.py -o {{ downloads_dir }}/get-pip.py
@ -90,15 +97,15 @@
 #- name: Run the install script for pip
 #  command: python {{ downloads_dir }}/get-pip.py
- name: Install Common python packages
+- name: Install common Python packages
  package: name={{ item }}
           state=present
  with_items:
   - python-pip
   - python-setuptools
   - python-virtualenv
- 
+
- name: Update common packages (not debian
+- name: Update common packages (not Debian)
  package: name={{ item }}
           state=latest
  with_items:
@ -108,7 +115,7 @@
   - iptables
  when: is_redhat
- name: Update common packages  (debian)
+- name: Update common packages (Debian)
  package: name={{ item }}
           state=latest
  with_items:
@ -124,7 +131,7 @@
 #  service: name=NetworkManager
 #           state=restarted
 #  when: not installing
-# the above should use a handler - all reboots should wait until all 
+# the above should use a handler - all reboots should wait until all
 # mods are preformed
 - name: Install optional exFAT packages for CentOS
--- a/roles/2-common/tasks/udev.yml
+++ b/roles/2-common/tasks/udev.yml
@ -23,13 +23,12 @@
  shell: systemctl daemon-reload
  when: udev_unit.stat.exists is defined and udev_unit.stat.exists
- name: restart so systemd recognizes the changes
+- name: Restart so systemd recognizes the changes
  shell: systemctl restart systemd-udevd.service
  when: udev_unit.stat.exists is defined and udev_unit.stat.exists
- name: reload systemd-udevd so it has rootfs open read-write
+- name: Reload systemd-udevd so it has rootfs open read-write
  template: src=udev-reload.service dest=/etc/systemd/system/
- name: enable the reload service
+- name: Enable the reload service
  shell: systemctl enable udev-reload.service
--- a/roles/2-common/tasks/xo.yml
+++ b/roles/2-common/tasks/xo.yml
@ -25,7 +25,7 @@
              regexp='^%_excludedocs'
              state=absent
- name: pre-Install packages
+- name: Pre-install packages
  package: name={{ item }}
           state=latest
  with_items:
@ -34,7 +34,7 @@
   - man-db
   - man-pages
- name: re-Install packages
+- name: Re-install packages
  shell: yum -y reinstall sed libidn grep which util-linux wget gnupg2 groff gnash yum
  when: not osbuilder is defined
@ -44,7 +44,7 @@
            option=plugins
            value=ifcfg-rh,keyfile
- name: check for modem config file
+- name: Check for modem config file
  stat: path=/etc/NetworkManager/system-connections/"Sugar Modem Connection"
  register: config
@ -109,10 +109,10 @@
        state=absent
 - name: Download substitute software for i386 on FC18 XO1.5
-  get_url: url="{{ iiab_download_url }}/{{ item }}"  dest={{ downloads_dir}}/{{ item }}
+  get_url: url="{{ iiab_download_url }}/{{ item }}"  dest={{ downloads_dir }}/{{ item }}
  with_items:
     - hostapd_8188_i386
-  when: wifi_id  ==  "tplink_WM725M" and xo_model == "XO-1.5"  and internet_available 
+  when: wifi_id  ==  "tplink_WM725M" and xo_model == "XO-1.5"  and internet_available
  tags:
    - xo
@ -131,5 +131,3 @@
  ignore_errors: yes
  async: 300
  poll: 120
--- a/roles/2-common/tasks/yum-historical.yml
+++ b/roles/2-common/tasks/yum-historical.yml
--- a/roles/2-common/templates/ansible.repo
+++ b/roles/2-common/templates/ansible.repo
@ -0,0 +1,7 @@
 [ansible]
 name=ansible
 failovermethod=priority
 baseurl=http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/
 enabled=0
 metadata_expire=1d
 gpgcheck=0
--- a/roles/3-base-server/README.rst
+++ b/roles/3-base-server/README.rst
@ -6,7 +6,6 @@ This role is a place to aggregate roles that are required to create a basic web
 The functionality here is not packages that are not directly consumed by users, which are in common,
 nor specific applications, such as those found in the apps and tools roles.
-The difference between this aggregate and server-options is that the roles here are required.
+The difference between this aggregate (3-base-server) and 4-server-options is that the roles here are required.
 Eventually a graphical configuration console will be added here.
--- a/roles/3-base-server/meta/main.yml
+++ b/roles/3-base-server/meta/main.yml
@ -1,3 +0,0 @@
 dependencies:
   - { role: httpd, tags: ['services','httpd','base'] }
   - { role: iiab-admin, tags: ['services','iiab-admin','base'] }
--- a/roles/3-base-server/tasks/main.yml
+++ b/roles/3-base-server/tasks/main.yml
@ -1,18 +1,36 @@
 # Base Server
 - name: ...IS BEGINNING =====================================
  command: echo
 - name: HTTPD
  include_role:
    name: httpd
  # has no "when: XXXXX_install" flag
  tags: base, httpd
 - name: IIAB-ADMIN
  include_role:
    name: iiab-admin
  # has no "when: XXXXX_install" flag
  tags: base, iiab-admin
 - name: MYSQL
  include_role:
    name: mysql
  # has no "when: XXXXX_install" flag
  tags: base, mysql
 - name: Make sure there is a content directory
  file: dest={{ doc_root }}/local_content
        state=directory
 - name: Base Server Installed
  command: echo Base Server Installed
 - name: Restart httpd
  service: name={{ apache_service }}
           state=restarted
  when: not installing
-# If we got here we're done
+- name: Record STAGE 3 HAS COMPLETED ========================
 - name: Record base gui version
  lineinfile: dest=/etc/iiab/iiab.env
-              regexp='^BASE_VERSION=*'
+              regexp='^STAGE=*'
-              line='BASE_VERSION="{{ gui_version }}"'
+              line='STAGE=3'
              state=present
--- a/roles/4-server-options/meta/main.yml
+++ b/roles/4-server-options/meta/main.yml
@ -1,9 +0,0 @@
 dependencies:
    - { role: sshd, tags: ['services','sshd','base'] }
    - { role: network, tags: ['services','base','network'] }
    - { role: postgresql, tags: ['services','postgresql','base'], when: postgresql_install }
    - { role: authserver,  tags: ['services','authserver','base'], when: authserver_install }
    - { role: openvpn, tags: ['options','openvpn'], when: openvpn_install }
    - { role: samba, tags: ['services','samba','options'], when: samba_install }
    - { role: usb-lib, tags: ['services','usb-lib','options'], when: usb_lib_install }
    - { role: cups, tags: ['services','cups','options'], when: cups_install }
--- a/roles/4-server-options/tasks/main.yml
+++ b/roles/4-server-options/tasks/main.yml
@ -1,26 +1,71 @@
- name: Server Options Installed
+# Server Options
-  command: echo Server Options Installed
+- name: ...IS BEGINNING ==================================
  command: echo
- name: Stop postgresql service
+- name: SSHD
-  command: "/etc/init.d/postgresql stop"
+  include_role:
-  ignore_errors: True
+    name: sshd
-  when: postgresql_install and is_debuntu
+  # has no "when: XXXXX_install" flag
  tags: base, sshd
- name: Start postgresql service
+- name: OPENVPN
-  service: name=postgresql-iiab
+  include_role:
-           state=restarted
+    name: openvpn
-           enabled=yes
+  when: openvpn_install
-  when: postgresql_enabled
+  tags: openvpn
- name: Stop authserver service
+- name: NETWORK
-  service: name=xs-authserver
+  include_role:
-           state=stopped
+    name: network
-           enabled=no
+  # has no "when: XXXXX_install" flag
-  when: not authserver_enabled and authserver_install
+  tags: base, network
- name: Start xs-authserver service
+- name: HOMEPAGE
-  service: name=xs-authserver
+  include_role:
-           state=restarted
+    name: homepage
-  when: authserver_enabled
+  # has no "when: XXXXX_install" flag
  tags: base, homepage
 - name: POSTGRESQL
  include_role:
    name: postgresql
  when: postgresql_install
  tags: postgresql, pathagar, moodle
 - name: AUTHSERVER
  include_role:
    name: authserver
  when: authserver_install
  tags: olpc, authserver
 - name: CUPS
  include_role:
    name: cups
  when: cups_install
  tags: cups
 - name: SAMBA
  include_role:
    name: samba
  when: samba_install
  tags: samba
 - name: USB-LIB
  include_role:
    name: usb-lib
  when: usb_lib_install
  tags: usb-lib
 - name: Create a Python interface to iiab.env
  template: src=roles/1-prep/templates/iiab_env.py.j2
            dest=/etc/iiab/iiab_env.py
 - name: Generate the offline documents
  command: /usr/bin/iiab-refresh-wiki-docs
  when: not nodocs
 - name: Recording STAGE 4 HAS COMPLETED ==================
  lineinfile: dest=/etc/iiab/iiab.env
              regexp='^STAGE=*'
              line='STAGE=4'
              state=present
--- a/roles/5-xo-services/README.rst
+++ b/roles/5-xo-services/README.rst
@ -2,5 +2,4 @@
 XO Services README
 ==================
-This role is a place to aggregate roles that provide XO specific services.
+This role is a place to aggregate roles that provide specific services for One Laptop Per Child's XO laptops.
--- a/roles/5-xo-services/meta/main.yml
+++ b/roles/5-xo-services/meta/main.yml
@ -1,4 +0,0 @@
 dependencies:
   - { role: ejabberd_xs, tags: ['olpc','ejabberd-xs','xo-services'], when: ejabberd_xs_install }
   - { role: idmgr,  tags: ['olpc','idmgr','xo-services'], when: idmgr_install }
   - { role: activity-server, tags: ['olpc','activity-server','xo-services'], when: activity_server_install }
--- a/roles/5-xo-services/tasks/main.yml
+++ b/roles/5-xo-services/tasks/main.yml
@ -1,3 +1,27 @@
- name: XO Services Installed
+# XO Services
-  command: echo XO Services Installed
+- name: ...IS BEGINNING =====================================
  command: echo
 - name: ACTIVITY-SERVER
  include_role:
    name: activity-server
  when: activity_server_install
  tags: olpc, activity-server
 - name: EJABBERD_XS
  include_role:
    name: ejabberd_xs
  when: ejabberd_xs_install
  tags: olpc, ejabberd-xs
 - name: IDMGR
  include_role:
    name: idmgr
  when: idmgr_install
  tags: olpc, idmgr
 - name: Recording STAGE 5 HAS COMPLETED =====================
  lineinfile: dest=/etc/iiab/iiab.env
             regexp='^STAGE=*'
              line='STAGE=5'
              state=present
--- a/roles/6-generic-apps/README.rst
+++ b/roles/6-generic-apps/README.rst
@ -2,6 +2,6 @@
 Generic Apps README
 ===================
-This role is a place to aggregate roles that install apps of a more generic nature, as opposed to educational or managment.
+This role is a place to aggregate roles that install apps of a more generic or collaborative nature,
-Content Management Systems or Chat or Wiki applications would go here.
+as opposed to educational or managment.  Content Management Systems or Chat or Wiki applications
-
+would go here.
--- a/roles/6-generic-apps/meta/main.yml
+++ b/roles/6-generic-apps/meta/main.yml
@ -1,9 +0,0 @@
 dependencies:
   - { role: mysql, tags: ['generic','mysql'], when: mysql_install }
   - { role: elgg, tags: ['generic','elgg'], when: elgg_install }
   - { role: owncloud, tags: ['generic','owncloud'], when: owncloud_install }
   - { role: nextcloud, tags: ['generic','nextcloud'], when: nextcloud_install }
   - { role: dokuwiki, tags: ['generic','dokuwiki'], when: dokuwiki_install }
   - { role: wordpress, tags: ['generic','wordpress'], when: wordpress_install }
   - { role: calibre, tags: ['generic','calibre'], when: calibre_install }
   - { role: ejabberd, tags: ['generic','ejabberd'], when: ejabberd_install }
--- a/roles/6-generic-apps/tasks/main.yml
+++ b/roles/6-generic-apps/tasks/main.yml
@ -1,3 +1,51 @@
- name: Generic Apps Installed
+# Generic Apps
-  command: echo Generic Apps Installed
+- name: ...IS BEGINNING ====================================
  command: echo
 - name: CALIBRE
  include_role:
    name: calibre
  when: calibre_install
  tags: calibre
 - name: DOKUWIKI
  include_role:
    name: dokuwiki
  when: dokuwiki_install
  tags: dokuwiki
 - name: ELGG
  include_role:
    name: elgg
  when: elgg_install
  tags: elgg
 - name: EJABBERD
  include_role:
    name: ejabberd
  when: ejabberd_install
  tags: ejabberd
 - name: NEXTCLOUD
  include_role:
    name: nextcloud
  when: nextcloud_install
  tags: nextcloud
 - name: OWNCLOUD
  include_role:
    name: owncloud
  when: owncloud_install
  tags: owncloud
 - name: WORDPRESS
  include_role:
    name: wordpress
  when: wordpress_install
  tags: wordpress
 - name: Recording STAGE 6 HAS COMPLETED ====================
  lineinfile: dest=/etc/iiab/iiab.env
             regexp='^STAGE=*'
              line='STAGE=6'
              state=present
--- a/roles/7-edu-apps/README.rst
+++ b/roles/7-edu-apps/README.rst
@ -3,4 +3,4 @@ Educational Apps and Content README
 ===================================
 This role is a place to aggregate roles that provide Educational Content or
-are specifically targetted at pedagogical activities. 
+are specifically targetted at pedagogical activities.
--- a/roles/7-edu-apps/meta/main.yml
+++ b/roles/7-edu-apps/meta/main.yml
@ -1,9 +0,0 @@
 dependencies:
   - { role: moodle, tags: ['olpc','moodle','edu-apps'], when: moodle_install }
   - { role: osm, tags: ['osm','edu-apps'], when: osm_install }
   - { role: pathagar, tags: ['pathagar','edu-apps'], when: pathagar_install }
   - { role: rachel, tags: ['rachel','edu-apps'], when: rachel_install }
   - { role: kalite, tags: ['kalite','edu-apps'], when: kalite_install }
   - { role: kiwix, tags: ['kiwix','edu-apps'], when: kiwix_install }
   - { role: sugarizer, tags: ['sugarizer','edu-apps'], when: sugarizer_install }
 #   - { role: debian_schooltool, tags: ['schooltool','debian_schooltool','edu-apps'], when: debian_schooltool_install and is_debuntu }
--- a/roles/7-edu-apps/tasks/main.yml
+++ b/roles/7-edu-apps/tasks/main.yml
@ -1,3 +1,45 @@
- name: Educational Apps and Content Installed
+# Educational Apps
-  command: echo Educational Apps and Content Installed
+- name: ...IS BEGINNING ========================================
  command: echo
 - name: KALITE
  include_role:
    name: kalite
  when: kalite_install
  tags: kalite
 - name: KIWIX
  include_role:
    name: kiwix
  when: kiwix_install
  tags: kiwix
 - name: MOODLE
  include_role:
    name: moodle
  when: moodle_install
  tags: olpc, moodle
 - name: OSM
  include_role:
    name: osm
  when: osm_install
  tags: osm
 - name: PATHAGAR
  include_role:
    name: pathagar
  when: pathagar_install
  tags: pathagar
 - name: SUGARIZER
  include_role:
    name: sugarizer
  when: sugarizer_install
  tags: sugarizer
 - name: Recording STAGE 7 HAS COMPLETED ========================
  lineinfile: dest=/etc/iiab/iiab.env
             regexp='^STAGE=*'
              line='STAGE=7'
              state=present
--- a/roles/8-mgmt-tools/meta/main.yml
+++ b/roles/8-mgmt-tools/meta/main.yml
@ -1,10 +0,0 @@
 dependencies:
 #   - { role: sugar-stats, tags: ['olpc','sugar-stats','tools'], when: sugar_stats_install and ansible_distribution != "CentOS" }
 #   - { role: ajenti, tags: ['services','ajenti','tools'], when: ajenti_install }
   - { role: munin, tags: ['services','munin','tools'], when: munin_install }
   - { role: monit, tags: ['services','monit','tools'], when: monit_install }
   - { role: vnstat, tags: ['services','vnstat','tools'], when: vnstat_install }
 #   - { role: xovis, tags: ['services','xovis','tools'], when: xovis_install and ansible_distribution != "CentOS" }
   - { role: phpmyadmin, tags: ['services','phpmyadmin','tools'], when: phpmyadmin_install }
   - { role: awstats, tags: ['services','awstats','tools'], when: awstats_install }
   - { role: teamviewer, tags: ['services','teamviewer','tools'], when: teamviewer_install }
--- a/roles/8-mgmt-tools/tasks/main.yml
+++ b/roles/8-mgmt-tools/tasks/main.yml
@ -1,3 +1,58 @@
- name: Assessment and Monitoring Tools Installed
+# Assessment and Monitoring Tools
  command: echo Assessment and Monitoring Tools Installed
 - name: ...IS BEGINNING ======================================
  command: echo
 - name: AWSTATS
  include_role:
    name: awstats
  when: awstats_install
  tags: awstats
 - name: MONIT
  include_role:
    name: monit
  when: monit_install
  tags: monit
 - name: MUNIN
  include_role:
    name: munin
  when: munin_install
  tags: munin
 - name: PHPMYADMIN
  include_role:
    name: phpmyadmin
  when: phpmyadmin_install
  tags: phpmyadmin
 - name: SUGAR-STATS
  include_role:
    name: sugar-stats
  when: sugar_stats_install and ansible_distribution != "CentOS"
  tags: olpc, sugar-stats
 - name: TEAMVIEWER
  include_role:
    name: teamviewer
  when: teamviewer_install
  tags: teamviewer
 - name: VNSTAT
  include_role:
    name: vnstat
  when: vnstat_install
  tags: vnstat
 - name: XOVIS
  include_role:
    name: xovis
  when: xovis_install and ansible_distribution != "CentOS"
  tags: xovis
 - name: Recording STAGE 8 HAS COMPLETED ======================
  lineinfile: dest=/etc/iiab/iiab.env
             regexp='^STAGE=*'
              line='STAGE=8'
              state=present
--- a/roles/9-local-addons/README.rst
+++ b/roles/9-local-addons/README.rst
@ -7,15 +7,15 @@ This role is a place to aggregate roles developed by various contributors or loc
 Development
 -----------
-Create the role you wish to add to the XSCE School Server by following the pattern of another role or any other means.
+Create the role you wish to add to Internet-in-a-Box by following the pattern of another role or any other means.
 Packaging
 ---------
-Add your role into the main.yml file in the meta directory of the 7-local-addons role.  It will now get installed as part of
+Add your role into the main.yml file in the tasks directory of the 9-local-addons role.  It will now get installed as part of
 the next ansible run.
 More Info
 ---------
-Have a look at the docs section of this git repo for more detailed information.
+Have a look at https://github.com/iiab/iiab/wiki/IIAB-Architecture (offline at http://box/info/IIAB-Architecture.html) for more detailed information.
--- a/roles/9-local-addons/meta/main.yml
+++ b/roles/9-local-addons/meta/main.yml
@ -1,3 +0,0 @@
 # Add your role to this list and then uncomment dependencies.  Adding a tag is handy for testing.
 #dependencies:
--- a/roles/9-local-addons/tasks/main.yml
+++ b/roles/9-local-addons/tasks/main.yml
@ -1,5 +1,10 @@
- name: Addon services installed
+# Local Add-ons
  command: echo Addon services installed
- name: Installation Complete
+- name: ...IS BEGINNING ====================================
-  shell: echo "{}" > /etc/iiab/config_vars.yml
+  command: echo
 - name: Recording STAGE 9 HAS COMPLETED ====================
  lineinfile: dest=/etc/iiab/iiab.env
             regexp='^STAGE=*'
              line='STAGE=9'
              state=present
--- a/roles/activity-server/tasks/main.yml
+++ b/roles/activity-server/tasks/main.yml
@ -12,29 +12,29 @@
    - /library/xs-activity-server/lang_templates
    - /library/xs-activity-server/www.0
    - /library/xs-activity-server/tmp
-    
+
 # Wish synchronize worked, but it doesn't
-                
+
- name: Copy language templates        
+- name: Copy language templates
-  command: rsync -a {{iiab_dir}}/roles/activity-server/files/lang_templates /library/xs-activity-server/
+  command: rsync -a {{ iiab_dir }}/roles/activity-server/files/lang_templates /library/xs-activity-server/
-  
+
- name: Copy default index files   
+- name: Copy default index files
  copy: src={{ item }}
        dest=/library/xs-activity-server/www.0
        mode=0755
        owner=root
        group=root
  with_fileglob:
-        - www.0/index.html.*        
+        - www.0/index.html.*
-        
+
 - name: Point www to www.0 as default
  file: src=/library/xs-activity-server/www.0
-        dest=/library/xs-activity-server/www        
+        dest=/library/xs-activity-server/www
        owner=root
        group=admin
-        state=link       
+        state=link
-  
+
- name: Chown language templates  
+- name: Chown language templates
  file: path=/library/xs-activity-server/lang_templates
        mode=0644
        owner=root
@ -49,8 +49,8 @@
        mode=0755
        owner=root
        group=root
-        state=directory  
+        state=directory
-    
+
 - name: Install Python module
  copy: src=xs_activities/__init__.py
        dest=/usr/lib/python2.7/site-packages/xs_activities
@ -58,7 +58,7 @@
        owner=root
        group=root
- name: Copy scripts to /usr/bin   
+- name: Copy scripts to /usr/bin
  copy: src={{ item }}
        dest=/usr/bin
        mode=0755
@ -105,7 +105,7 @@
 #       For it only supports client's language code
 # TODO: Upload Activity via web interface
-#       and figure out what to do with olpc_activities.service 
+#       and figure out what to do with olpc_activities.service
 # short term addition of link for upload-activity server
 # ln -sf /usr/share/xs-config/cfg/html/top/en/cntr_upl_activity.php {{ doc_root }}/upload_activity.php
@ -130,4 +130,3 @@
      value: /activities
    - option: enabled
      value: "{{ xo_services_enabled }}"
--- a/roles/ajenti/tasks/main.yml
+++ b/roles/ajenti/tasks/main.yml
@ -37,7 +37,7 @@
        mode=0744
        state=file
- include: ajenti-wondershaper.yml
+- include_tasks: ajenti-wondershaper.yml
  when: 'iiab_lan_iface != ""'
 # handler doesn't fire
--- a/roles/authserver/tasks/main.yml
+++ b/roles/authserver/tasks/main.yml
@ -4,7 +4,7 @@
 - name: Install xs-authserver from pypi
  pip: name=xs-authserver
-  when: internet_available 
+  when: internet_available
 - name: install gunicorn
  package: name=python-gunicorn
@ -38,8 +38,15 @@
  environment:
    XS_AUTHSERVER_DATABASE: /var/lib/xs-authserver/data.db
- name: Enable xs-authserver service
+- name: Stop authserver service
  service: name=xs-authserver
           state=stopped
           enabled=no
  when: not authserver_enabled
 - name: Start xs-authserver service
  service: name=xs-authserver
           state=restarted
           enabled=yes
  when: authserver_enabled
--- a/roles/awstats/tasks/install.yml
+++ b/roles/awstats/tasks/install.yml
@ -1,5 +1,5 @@
- name: Install awstats package
+- name: Install AWStats package
-  package: name={{ item }} 
+  package: name={{ item }}
           state=present
  with_items:
    - awstats
@ -8,8 +8,8 @@
  tags:
    - download
- name: Install awstats package
+- name: Install AWStats package
-  package: name={{ item }} 
+  package: name={{ item }}
           state=present
  with_items:
    - libapache2-mod-authnz-external
@ -22,7 +22,7 @@
  command: a2enmod cgi
  when: is_debuntu
- name: Create directory for awstat to use as intermediate summary storage
+- name: Create directory for AWStats to use as intermediate summary storage
  file: path={{ item }}
        mode=0750
        owner={{ apache_user }}
@ -33,7 +33,7 @@
    - "{{ awstats_data_dir }}"
    - "{{ apache_log_dir }}"
- name: Install the Apache config for Advanced Web Statistics 
+- name: Install the Apache config for AWStats
  template: src=apache.conf
            dest=/etc/{{ apache_config_dir }}/awstats.conf
            owner=root
@ -41,7 +41,7 @@
            mode=0644
  when: awstats_enabled and is_debuntu
- name: Install the Apache config for Advanced Web Statistics 
+- name: Install the Apache config for AWStats
  template: src=apache-awstats.conf
            dest=/etc/{{ apache_config_dir }}/awstats.conf
            owner=root
@ -63,18 +63,18 @@
  command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist
  when: awstats.stat.islnk is defined and not awstats.stat.islnk
- name: Enable Awstats
+- name: Enable AWStats
  file: src=/etc/apache2/sites-available/awstats.conf
        path=/etc/apache2/sites-enabled/awstats.conf
        state=link
  when: awstats_enabled and is_debuntu
- name: Disable Awstats
+- name: Disable AWStats
  file: path=/etc/apache2/sites-enabled/awstats.conf
        state=absent
  when: not awstats_enabled and is_debuntu
- name: Install the awstats config for Advanced Web Statistics 
+- name: Install the AWStats config
  template: src=awstats.schoolserver.conf.j2
            dest=/etc/awstats/awstats.schoolserver.conf
            owner=root
@ -82,17 +82,16 @@
            mode=0644
  when: awstats_enabled
- name: Create a symbolic link to use when access is by ip address
+- name: Create a symbolic link to use when access is by IP address
  file: src=/etc/awstats/awstats.schoolserver.conf
        dest=/etc/awstats/awstats.conf
        state=link
  when: awstats_enabled
- name: On first enabling of awstats, summarize httpd logs up to now
+- name: On first enabling of AWStats, summarize httpd logs up to now
  shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update
  when: awstats_enabled and not is_debuntu
- name: On first enabling of awstats, summarize httpd logs up to now
+- name: On first enabling of AWStats, summarize httpd logs up to now
  shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update
  when: awstats_enabled and is_debuntu
--- a/roles/awstats/tasks/main.yml
+++ b/roles/awstats/tasks/main.yml
@ -1,7 +1,7 @@
- include: install.yml
+- include_tasks: install.yml
  when: awstats_install
- 
+
- name: Add awstats to service list
+- name: Add AWStats to service list
  ini_file: dest='{{ service_filelist }}'
            section=awstats
            option='{{ item.option }}'
@ -10,7 +10,7 @@
    - option: name
      value: awstats
    - option: description
-      value: '"Awstats is Advanced Web Statistics package written in perl which generates static or dynamic html summaries based upon web server logs"'
+      value: '"AWStats is Advanced Web Statistics package written in Perl which generates static or dynamic html summaries based upon web server logs"'
    - option: installed
      value: "{{ awstats_install }}"
    - option: enabled
--- a/roles/calibre/tasks/main.yml
+++ b/roles/calibre/tasks/main.yml
@ -6,13 +6,13 @@
    mode=0755
  when: ansible_distribution == "CentOS"
- name: Install Calibre
+- name: Install Calibre (CentOS)
  shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null"
  args:
    creates: /usr/bin/calibre-uninstall
-  when: calibre_install and ansible_distribution == 'CentOS' 
+  when: calibre_install and ansible_distribution == 'CentOS'
- name: Install Calibre rpms
+- name: Install Calibre (OS's other than CentOS)
 # the fedora rpm arm version, though older, takes care of dependencies, and exists
  package:  name={{ item }}
            state=present
@ -20,7 +20,7 @@
    - calibre
  when: calibre_install and ansible_distribution != 'CentOS'
- name: Create Calibre service(s) and support scripts
+- name: Create calibre-serve.service and calibre.conf
  template: backup=no
            src={{ item.src }}
            dest={{ item.dest }}
@ -52,7 +52,7 @@
           state=stopped
  when: not calibre_enabled
- name: Add Calibre to service list
+- name: Add 'calibre-serve' to service list
  ini_file: dest='{{ service_filelist }}'
            section=calibre
            option='{{ item.option }}'
--- a/roles/cups/tasks/main.yml
+++ b/roles/cups/tasks/main.yml
@ -1,5 +1,5 @@
 # administer this service by browsing to localhost:631
- name: get the CUPS package installed
+- name: Get the CUPS package installed
  package: name={{ item }}
           state=present
  with_items:
@ -7,8 +7,8 @@
  when: cups_install
  tags:
    - download
-  
+
- name: Put our own config file in place, to permit local lan admin
+- name: Put our own config file in place, to permit local LAN admin
  template: dest=/etc/cups/cupsd.conf
            src=cupsd.conf
@ -22,7 +22,7 @@
        state=link
  when: cups_enabled and is_debuntu
- name: Enable services for cups
+- name: Enable services for CUPS (OS's other than Fedora 18)
  service: name={{ item }}
           state=started
           enabled=yes
@ -31,17 +31,17 @@
    - cups-browsed
  when: cups_enabled and not is_F18
- name: Enable services for cups for xo's
+- name: Enable services for CUPS (Fedora 18, for XO laptops)
  service: name=cups
           state=started
           enabled=yes
  when: cups_enabled and is_F18
- name: Permit headless admin of CUPS -- only works when cups daemon is running
+- name: Permit headless admin of CUPS -- only works when CUPS daemon is running
  shell: "cupsctl --remote-admin"
  when: cups_enabled
- name: Disable services for cups
+- name: Disable services for CUPS (OS's other than Fedora 18)
  service: name={{ item }}
          state=stopped
          enabled=no
@ -50,13 +50,13 @@
    - cups-browsed
  when: not cups_enabled and not is_F18
- name: Disable services for cups for xo's
+- name: Disable services for CUPS (Fedora 18, for XO laptops)
  service: name=cups
           state=stopped
           enabled=no
  when: not cups_enabled and is_F18
- name: add cups to service list
+- name: Add 'cups' to service list
  ini_file: dest={{ service_filelist }}
            section=cups
            option={{ item.option }}
@ -65,7 +65,7 @@
    - option: name
      value: '"Common UNIX Printing System (CUPS)"'
    - option: description
-      value: '"CUPS  is a modular printing system  which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."'
+      value: '"CUPS is a modular printing system  which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."'
    - option: installed
      value: "{{ cups_install }}"
    - option: enabled
--- a/roles/dokuwiki/README.rst
+++ b/roles/dokuwiki/README.rst
@ -1,5 +1,5 @@
 ===============
-Dokuwiki README
+DokuWiki README
 ===============
 DokuWiki is a simple to use and highly versatile Open Source wiki software that 
@ -10,12 +10,12 @@ make DokuWiki especially useful in the enterprise context and the large number o
 plugins contributed by its vibrant community allow for a broad range of use cases
 beyond a traditional wiki. 
-http://dokuwiki.org/
+http://dokuwiki.org
 After Installation
 ------------------
-Head to http://schoolserver.lan/wiki. The webpage will probably throw up an error
+Head to http://box.lan/wiki. The webpage will probably throw up an error
 saying you haven't run install.php yet, with a link to it. Click the link to be 
 taken to the install page which does the initial configuration of the wiki. After
 this, you should be all set!
@ -33,4 +33,4 @@ None yet other than the basic enabled/disabled. Haven't really tested if they wo
 Todo
 ----
 * Preinstall some popular plugins.
-* Additional XSCE customizations.
+* Additional IIAB customizations.
--- a/roles/dokuwiki/tasks/install.yml
+++ b/roles/dokuwiki/tasks/install.yml
@ -1,6 +1,6 @@
- name: Get the Dokuwiki software
+- name: Get the DokuWiki software
-  get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz"  dest={{ downloads_dir}}/
+  get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz"  dest={{ downloads_dir }}/
-  when: internet_available 
+  when: internet_available
 - name: Copy it to permanent location /library
  unarchive: src={{ downloads_dir }}/{{ dokuwiki_version }}.tgz  dest=/library creates=/library/{{ dokuwiki_version }}/VERSION
@ -8,25 +8,24 @@
 - name: Symlink /library/dokuwiki* to /library/dokuwiki
  shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi
- name: Install config file for dokuwiki in Apache
+- name: Install config file for DokuWiki in Apache
  template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf
  when: dokuwiki_enabled
- name: enable the dokuwiki
+- name: Enable the DokuWiki
  file: path=/etc/apache2/sites-enabled/dokuwiki.conf
        src=/etc/apache2/sites-available/dokuwiki.conf
        state=link
  when: dokuwiki_enabled and is_debuntu
-              
+
- name: disable the dokuwiki
+- name: Disable the DokuWiki
  file: path=/etc/apache2/sites-enabled/dokuwiki.conf
        state=absent
  when: not dokuwiki_enabled and is_debuntu
- name: Change permissions on engine directory so apache can write
+- name: Change permissions on engine directory so Apache can write
  file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes
- name: Restart apache, so it picks up the new aliases
+- name: Restart Apache, so it picks up the new aliases
  service: name={{ apache_service }} state=restarted
--- a/roles/dokuwiki/tasks/main.yml
+++ b/roles/dokuwiki/tasks/main.yml
@ -1,8 +1,8 @@
 - name: Include the install playbook
-  include: install.yml
+  include_tasks: install.yml
  when: dokuwiki_install
- name: Add dokuwiki to service list
+- name: Add DokuWiki to service list
  ini_file: dest='{{ service_filelist }}'
            section=dokuwiki
            option='{{ item.option }}'
--- a/roles/ejabberd/tasks/main.yml
+++ b/roles/ejabberd/tasks/main.yml
@ -14,25 +14,30 @@
            group=root
            mode={{ item.mode }}
  with_items:
-    - { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' }
+    - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' }
-    - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' }
+    - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' }
-    - { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' }
+    - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' }
 #    - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'}
 #    - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' }
-    - { src: 'ejabberd-xs.service.j2', dest: '/etc/systemd/system/ejabberd-xs.service', mode: '0755' }
+    - { src: 'ejabberd-iiab.service.j2', dest: '/etc/systemd/system/ejabberd-iiab.service', mode: '0755' }
-    - { src: 'xs-ejabberd-srg', dest: '/usr/bin/xs-ejabberd-srg' , mode: '0755' }
+    - { src: 'iiab-ejabberd-srg', dest: '/usr/bin/iiab-ejabberd-srg' , mode: '0755' }
-    - { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' }
+#    - { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' }
    - { src: 'ejabberd.tmpfiles', dest: '/etc/tmpfiles.d/ejabberd.conf', mode: '0640' }
  register: ejabberd_config
 - name: Stop and disable OS provided systemd ejabberd service
  service: name=ejabberd
           state=stopped
           enabled=no
 - name: Put the startup script in place - debian
-  template: src='ejabberd-xs.init' 
+  template: src='ejabberd-iiab.init'
-            dest='/etc/init.d/ejabberd-xs'
+            dest='/etc/init.d/ejabberd-iiab'
  when: is_debuntu
 - name: Put the startup script in place - non debian
-  template: src='ejabberd-xs.init'
+  template: src='ejabberd-iiab.init'
-            dest='/usr/libexec/ejabberd-xs'
+            dest='/usr/libexec/ejabberd-iiab'
  when: not is_debuntu
 - name: Remove ejabberd_domain if domain changes
@ -41,14 +46,14 @@
  when: ejabberd_config.changed
 - name: Enable ejabberd service
-  file: src=/etc/systemd/system/ejabberd-xs.service
+  file: src=/etc/systemd/system/ejabberd-iiab.service
-        dest=/etc/systemd/system/multi-user.target.wants/ejabberd-xs.service
+        dest=/etc/systemd/system/multi-user.target.wants/ejabberd-iiab.service
        owner=root
        group=root
        state=link
 - name: Start ejabberd service
-  service: name=ejabberd-xs
+  service: name=ejabberd-iiab
           state=restarted
           enabled=yes
  when: ejabberd_config.changed and ejabberd_enabled
@ -60,10 +65,14 @@
            timeout=300
  when: ejabberd_config.changed and ejabberd_enabled
- name: Create online group
+# ejabberd-iiab.init has the logic for the below, needs to be done once 
-  shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online
+# and only if the group does not exist based on presence of
-  when: ejabberd_config.changed and not is_debuntu
+# /var/lib/ejabberd online_src_created
- name: Add all users to online group
+#- name: Create online group
-  shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver"
+#  shell: ejabberdctl srg_create Online "{{ iiab_hostname }}" Online "Online_Users" Online
-  when: ejabberd_config.changed and not is_debuntu
+#  when: ejabberd_config.changed
 #- name: Add all users to online group
 #  shell: ejabberdctl srg_user_add '@online@' "{{ iiab_hostname }}" Online "schoolserver"
 #  when: ejabberd_config.changed
--- a/roles/ejabberd/templates/ejabberd
+++ b/roles/ejabberd/templates/ejabberd
@ -3,9 +3,9 @@
 #
 # ejabberd now handles domain changes in the initrd script
 #
-SERVICE_NAME=ejabberd-xs
+SERVICE_NAME=ejabberd-iiab
-CONFIG_LIST="/etc/ejabberd/ejabberd-xs.cfg"
+CONFIG_LIST="/etc/ejabberd/ejabberd-iiab.cfg"
 # taken from ejabberd spec %post
 # taken from ejabberd spec %post
--- a/roles/ejabberd/templates/ejabberd-iiab
+++ b/roles/ejabberd/templates/ejabberd-iiab
@ -2,7 +2,7 @@
 ## Where should ejabberd find its configuration file?
 #
-CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg
+CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg
 ## ULIMIT_MAX_FILES alters the number of files that ejabberd is
 ## allowed to have open at once.  If it is unset the system default
--- a/roles/ejabberd/templates/ejabberd-iiab.cfg.j2
+++ b/roles/ejabberd/templates/ejabberd-iiab.cfg.j2
--- a/roles/ejabberd/templates/ejabberd-iiab.init
+++ b/roles/ejabberd/templates/ejabberd-iiab.init
@ -17,14 +17,17 @@
 # Description: A distributed, fault-tolerant Jabber/XMPP server
 ### END INIT INFO
 SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name
 OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
 . /etc/rc.d/init.d/functions
-if [ -r /etc/sysconfig/ejabberd-xs ]; then
+if [ -r /etc/sysconfig/ejabberd-iiab ]; then
-	. /etc/sysconfig/ejabberd-xs
+	. /etc/sysconfig/ejabberd-iiab
 fi
 if [ ! "$CONFIG_FILE" ]; then
-	CONFIG_FILE=/etc/ejabberd/ejabberd.cfg
+	CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg
 fi
 # /var/run is tmpfs in fc18, so need to create every time
@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd
 # avoid using consolehelper, call ejabberdctl directly
 progctl=/usr/sbin/ejabberdctl
 SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name
 OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
 check_domain_configured() {
-    if [ ! -e /etc/sysconfig/xs_domain_name ]; then
+    if [ ! -e $SYS_DOMAIN_FILE ]; then
-	echo "Domain not configured yet" > /dev/stderr
+	echo "Domain not configured yet 1" > /dev/stderr
 	exit 1;
    fi
    domain=`cat "$SYS_DOMAIN_FILE" `
    if [ "$domain" == "random.xs.laptop.org" ]; then
-	echo "Domain not configured yet" > /dev/stderr
+	echo "Domain not configured yet 2" > /dev/stderr
 	exit 1;
    fi
    #hostname=`hostname -f`
    hostname=`hostname `
    if [ "$hostname" == "localhost.localdomain" ]; then
-         echo "Domain not configured yet" > /dev/stderr
+         echo "Domain not configured yet 3" > /dev/stderr
    fi
 #    if [ "$hostname" != "schoolserver.$domain" ]; then
@ -149,7 +149,7 @@ start() {
 	fi
 	daemon --user=ejabberd $progctl start	--config $CONFIG_FILE \
-				--ctl-config /etc/ejabberd/ejabberdctl.cfg \
+				--ctl-config /etc/ejabberd/ejabberdctl-iiab.cfg \
 				--logs "/var/log/ejabberd" \
 				--spool "/var/lib/ejabberd/spool" \
 				2>/dev/null
@ -218,5 +218,3 @@ case "$1" in
 esac
 exit $RETVAL
--- a/roles/ejabberd/templates/ejabberd-iiab.service.j2
+++ b/roles/ejabberd/templates/ejabberd-iiab.service.j2
@ -8,9 +8,9 @@ User=root
 Group=root
 LimitNOFILE=50000
 RestartSec=5
-EnvironmentFile=/etc/sysconfig/ejabberd-xs
+EnvironmentFile=/etc/sysconfig/ejabberd-iiab
-ExecStart=/usr/libexec/ejabberd-xs start
+ExecStart=/usr/libexec/ejabberd-iiab start
-ExecStop=/usr/libexec/ejabberd-xs stop
+ExecStop=/usr/libexec/ejabberd-iiab stop
 RemainAfterExit=yes
 [Install]
--- a/roles/ejabberd/templates/iiab-ejabberd-srg
+++ b/roles/ejabberd/templates/iiab-ejabberd-srg
@ -2,7 +2,7 @@
 progctl=/usr/sbin/ejabberdctl
-SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name
+SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name
 OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
 setup_online_srg() {
--- a/roles/ejabberd_xs/tasks/main.yml
+++ b/roles/ejabberd_xs/tasks/main.yml
@ -34,7 +34,7 @@
            mode={{ item.mode }}
  with_items:
    - { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' }
-    - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' }
+    - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-xs.cfg', mode: '0644' }
    - { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' }
 #    - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'}
 #    - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' }
@ -76,13 +76,10 @@
            timeout=300
  when: ejabberd_config.changed and ejabberd_xs_enabled
- name: Create online group
+#- name: Create online group
-  shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online
+#  shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online
-  when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled
+#  when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled
 - name: Add all users to online group
  shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver"
  when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled
 #- name: Add all users to online group
 #  shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver"
 #  when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled
--- a/roles/ejabberd_xs/templates/ejabberd-xs.init
+++ b/roles/ejabberd_xs/templates/ejabberd-xs.init
@ -17,6 +17,9 @@
 # Description: A distributed, fault-tolerant Jabber/XMPP server
 ### END INIT INFO
 SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name
 OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
 . /etc/rc.d/init.d/functions
 if [ -r /etc/sysconfig/ejabberd-xs ]; then
@ -24,7 +27,7 @@ if [ -r /etc/sysconfig/ejabberd-xs ]; then
 fi
 if [ ! "$CONFIG_FILE" ]; then
-	CONFIG_FILE=/etc/ejabberd/ejabberd.cfg
+	CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg
 fi
 # /var/run is tmpfs in fc18, so need to create every time
@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd
 # avoid using consolehelper, call ejabberdctl directly
 progctl=/usr/sbin/ejabberdctl
 SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name
 OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
 check_domain_configured() {
-    if [ ! -e /etc/sysconfig/xs_domain_name ]; then
+    if [ ! -e $SYS_DOMAIN_FILE ]; then
-	echo "Domain not configured yet" > /dev/stderr
+	echo "Domain not configured yet 1" > /dev/stderr
 	exit 1;
    fi
    domain=`cat "$SYS_DOMAIN_FILE" `
    if [ "$domain" == "random.xs.laptop.org" ]; then
-	echo "Domain not configured yet" > /dev/stderr
+	echo "Domain not configured yet 2" > /dev/stderr
 	exit 1;
    fi
    #hostname=`hostname -f`
    hostname=`hostname `
    if [ "$hostname" == "localhost.localdomain" ]; then
-         echo "Domain not configured yet" > /dev/stderr
+         echo "Domain not configured yet 3" > /dev/stderr
    fi
 #    if [ "$hostname" != "schoolserver.$domain" ]; then
@ -149,7 +149,7 @@ start() {
 	fi
 	daemon --user=ejabberd $progctl start	--config $CONFIG_FILE \
-				--ctl-config /etc/ejabberd/ejabberdctl.cfg \
+				--ctl-config /etc/ejabberd/ejabberdctl-xs.cfg \
 				--logs "/var/log/ejabberd" \
 				--spool "/var/lib/ejabberd/spool" \
 				2>/dev/null
--- a/roles/elgg/meta/main.yml
+++ b/roles/elgg/meta/main.yml
@ -1,3 +0,0 @@
 ---
 dependencies:
    - { role: mysql }
--- a/roles/elgg/tasks/main.yml
+++ b/roles/elgg/tasks/main.yml
@ -1,7 +1,10 @@
- name: download current version from our copy
+# Assume we only get here if elgg_install: True
 # Assume mysql is running
 - name: Download current version from our copy
  shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }}
         creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip
-  when: internet_available 
+  when: internet_available
 - name: Determine if software is already expanded
  stat: path=/opt/elgg-{{ elgg_version }}/index.php
@ -11,11 +14,11 @@
 # unarchive: dest=/opt/
 #            src={{ downloads_dir }}/elgg-{{ elgg_version }}.zip
- name: Expand it to our location
+- name: Expand it to our location unless already done
  shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt"
  when: elgg.stat.exists is defined and not elgg.stat.exists
- name: Create a link to the versioned elgg folder
+- name: Create a link to the versioned elgg-* folder
  file: src=./elgg-{{ elgg_version }}
        dest=/opt/elgg
        owner={{ apache_user }}
@ -25,6 +28,7 @@
 # use template to fix up settings in engine/settings.php with our variables substituted
 # into engine/settings.example.php
 # note this will overwrite any manual settings
 - name: Substitute our parameters in engine/settings.example.php
  template: src="settings.php.j2"
            dest="/opt/{{ elgg_xx }}/elgg-config/settings.php"
@ -32,7 +36,7 @@
            group={{ apache_user }}
 # The name of this file changed from 1.9 to 1.10.
- name: Copy default .htaccess to the root directory of elgg tree
+- name: Copy default .htaccess to the root directory of Elgg tree
  copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist"
        dest="/opt/{{ elgg_xx }}/.htaccess"
        mode=0644
@ -47,65 +51,67 @@
              insertafter='^#RewriteBase'
              line="RewriteBase {{ elgg_url }}/"
- name: Change permissions on engine directory so apache can write
+- name: Change permissions on engine directory so Apache can write
  file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory
 - name: Create an upload directory that Apache can write in or elgg
  file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }}
- name: change ownership
+- name: Change ownership
  file: path=/opt/elgg-{{ elgg_version }}
        owner={{ apache_user }}
        group={{ apache_user }}
        recurse=yes
        state=directory
-# elggdb.sql obtained with mysqldump --skip-add-drop-table elggdb > elggdb.sql
+- name: Create a MySQL database for Elgg - can be run more than once
-# tar up a mysqldump of freshly installed database and use it in the install to avoid the startup
+  mysql_db: name={{ dbname }}
-# form, which worries me a lot. (/var/lib/mysql/elggdb)
+  register: create_elgg_database
- name: Create a user to access the elgg database
+- name: Create a user to access the Elgg database - can be run more than once
-  mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv=*.*:ALL
+  mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL
  with_items:
        - 127.0.0.1
        - ::1
        - localhost
  when: mysql_enabled and elgg_enabled and not elgg.stat.exists
 - name: Create file to load database
  template: src=elggdb.sql.j2
            dest=/tmp/elggdb.sql
- name: Create a mysql database for elgg
+# elggdb.sql obtained with mysqldump --skip-add-drop-table elggdb > elggdb.sql
-  mysql_db: name={{ dbname }}
+# tar up a mysqldump of freshly installed database and use it in the install to avoid the startup
-  when: mysql_enabled and elgg_enabled
+# form, which worries me a lot. (/var/lib/mysql/elggdb)
  register: create_elgg_database
 - name: Load elgg database dump
  mysql_db: name={{ dbname }}
            state=import
            target=/tmp/elggdb.sql
-  when: mysql_enabled and elgg_enabled and create_elgg_database.changed
+  when: create_elgg_database.changed
 - name: Remove database dump after load
  file: name=/tmp/elggdb.sql state=absent
 - name: Install config file for elgg in Apache
  template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf
  when: mysql_enabled and elgg_enabled
- name: enable elgg
+- name: Enable Elgg for debuntu (will already be enabled above for Redhat)
  file: path=/etc/apache2/sites-enabled/elgg.conf
        src=/etc/apache2/sites-available/elgg.conf
        state=link
  when: elgg_enabled and is_debuntu
- name: disable elgg
+- name: Disable Elgg for debuntu
  file: path=/etc/apache2/sites-enabled/elgg.conf
        state=absent
  when: not elgg_enabled and is_debuntu
- name: add elgg to service list
+- name: Disable Elgg for Redhat - remove config file for Elgg in Apache
  file: dest=/etc/{{ apache_config_dir }}/elgg.conf
        state=absent
  when: not elgg_enabled and is_redhat
 - name: Add Elgg to service list
  ini_file: dest='{{ service_filelist }}'
            section=elgg
            option='{{ item.option }}'
--- a/roles/elgg/templates/settings.php.j2
+++ b/roles/elgg/templates/settings.php.j2
@ -35,21 +35,21 @@ if (!isset($CONFIG)) {
 *
 * @global string $CONFIG->dbuser
 */
-$CONFIG->dbuser = '{{dbuser}}';
+$CONFIG->dbuser = '{{ dbuser }}';
 /**
 * The database password
 *
 * @global string $CONFIG->dbpass
 */
-$CONFIG->dbpass = '{{dbpassword}}';
+$CONFIG->dbpass = '{{ dbpassword }}';
 /**
 * The database name
 *
 * @global string $CONFIG->dbname
 */
-$CONFIG->dbname = '{{dbname}}';
+$CONFIG->dbname = '{{ dbname }}';
 /**
 * The database host.
@ -58,7 +58,7 @@ $CONFIG->dbname = '{{dbname}}';
 *
 * @global string $CONFIG->dbhost
 */
-$CONFIG->dbhost = '{{dbhost}}';
+$CONFIG->dbhost = '{{ dbhost }}';
 /**
 * The database prefix
@ -69,7 +69,7 @@ $CONFIG->dbhost = '{{dbhost}}';
 *
 * @global string $CONFIG->dbprefix
 */
-$CONFIG->dbprefix = '{{dbprefix}}';
+$CONFIG->dbprefix = '{{ dbprefix }}';
 /**
 * Multiple database connections
@ -130,17 +130,17 @@ $CONFIG->dbprefix = '{{dbprefix}}';
 /**
 * Cookie configuration
 *
- * Elgg uses 2 cookies: a PHP session cookie and an extended login cookie 
+ * Elgg uses 2 cookies: a PHP session cookie and an extended login cookie
 * (also called the remember me cookie). See the PHP manual for documentation on
 * each of these parameters. Possible options:
- * 
+ *
 *  - Set the session name to share the session across applications.
 *  - Set the path because Elgg is not installed in the root of the web directory.
 *  - Set the secure option to true if you only serve the site over HTTPS.
 *  - Set the expire option on the remember me cookie to change its lifetime
 *
 * To use, uncomment the appropriate sections below and update for your site.
- * 
+ *
 * @global array $CONFIG->cookies
 */
 // get the default parameters from php.ini
@ -197,16 +197,16 @@ $CONFIG->min_password_length = 6;
 /**
 * This is an optional script used to override Elgg's default handling of
 * uncaught exceptions.
- * 
+ *
 * This should be an absolute file path to a php script that will be called
 * any time an uncaught exception is thrown.
- * 
+ *
 * The script will have access to the following variables as part of the scope
 * global $CONFIG
 * $exception - the unhandled exception
- * 
+ *
 * @warning - the database may not be available
- * 
+ *
 * @global string $CONFIG->exception_include
 */
 $CONFIG->exception_include = '';
--- a/roles/gateway/README.rst
+++ b/roles/gateway/README.rst
@ -1,46 +0,0 @@
 ==============
 Gateway README
 ==============
 Under the heading of Gateway are a number of services that provide dhcp addresses and NAT to the lan 
 and filter wan access both in terms of content and bandwidth.
 LAN
 ---
 The LAN is managed by the dhcpd service and by iptables.  The configuration of iptables is complicated
 and works as follows:
 /etc/systemd/system/iptables.service calls 
 /etc/sysconfig/iptables-config which calls 
 /usr/bin/iiab-gen-iptables
 and saves the resultant configuration to /etc/sysconfig/iptables
 it then supplies additional rules to iptables
 As of March 2014 the following files are obsolete
 /etc/sysconfig/olpc-scripts/iptables-xs 
 /etc/sysconfig/olpc-scripts/ip6tables-xs
 Filters
 -------
 Content is filtered by squid and dansguardian and there are ansible variables that control them.
 There is a white list file, sites.whitelist.txt.  URL patterns not in this file will not be accessible.
 An additional rule to block https has been added to iptables, also controlled by an ansible variable.
 **N.B. https blocking and whitelist checking are disabled by default**
 To enable whitelist checking and/or https blocking edit 
 #Gateway Filters
 gw_squid_whitelist: False
 gw_block_https: False
 changing False to True where appropriate and then run runtags facts, gateway 
 Bandwidth is filtered by wondershaper.
--- a/roles/gateway/tasks/main.yml
+++ b/roles/gateway/tasks/main.yml
@ -1 +0,0 @@
 -name: placekeeper
--- a/roles/homepage/tasks/main.yml
+++ b/roles/homepage/tasks/main.yml
@ -0,0 +1,16 @@
 - name: Create home directory
  file: path={{ doc_root }}/home
        mode=0755
        owner={{ apache_user }}
        group={{ apache_user }}
        state=directory
 - name: Install admin homepage into apache2
  template: src=iiab-homepage.conf
            dest=/etc/{{ apache_config_dir }}/iiab-homepage.conf
 - name: Enable the home page
  file: src=/etc/{{ apache_config_dir }}/iiab-homepage.conf
        dest=/etc/apache2/sites-enabled/iiab-homepage.conf
        state=link
  when: is_debuntu
--- a/roles/homepage/templates/iiab-homepage.conf
+++ b/roles/homepage/templates/iiab-homepage.conf
@ -1,9 +1,9 @@
-# XSCE Home Page
+# IIAB Home Page
 # Redirect to home page on School Server
-# Default is xs-portal
+# Default [was] xs-portal [and is now generally] home
-# RedirectMatch of root to home page
+# RedirectMatch of root to homepage
 # See the note in default_vars.yml
 RedirectMatch ^/$ {{ iiab_home_url }}
--- a/roles/httpd/tasks/home-page.yml
+++ b/roles/httpd/tasks/home-page.yml
@ -1,16 +0,0 @@
 - name: Create home directory
  file: path={{ doc_root }}/home
        mode=0755
        owner={{ apache_user }}
        group={{ apache_user }}
        state=directory
 - name: Install admin home page into apache2
  template: src=iiab-home-page.conf
             dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf
 - name: Enable the home page
  file: src=/etc/{{ apache_config_dir }}/iiab-home-page.conf
        dest=/etc/apache2/sites-enabled/iiab-home-page.conf
        state=link
  when: is_debuntu
--- a/roles/httpd/tasks/main.yml
+++ b/roles/httpd/tasks/main.yml
@ -40,7 +40,7 @@
    - download
  when: is_redhat
- name: remove the default apache2 config file
+- name: Remove the default apache2 config file
  file: path=/etc/apache2/sites-enabled/000-default.conf
        src=/etc/apache2/sites-available/000-default.conf
        state=absent
@ -67,7 +67,7 @@
      - mpm_event.load
  when: is_debuntu
- name: create symlinks for mpm-prefork
+- name: Create symlinks for mpm-prefork
  file: path=/etc/apache2/mods-enabled/{{ item }}
        src=/etc/apache2/mods-available/{{ item }}
        state=link
@ -76,7 +76,7 @@
      - mpm_prefork.load
  when: is_debuntu
- name: turn on mod_proxy
+- name: Turn on mod_proxy
  command: a2enmod {{ item }}
  with_items:
     - proxy
@ -85,7 +85,7 @@
     - rewrite
  when: is_debuntu
- name: create symlinks for enabling our site
+- name: Create symlinks for enabling our site
  file: path=/etc/apache2/sites-enabled/{{ item }}
        src=/etc/apache2/sites-available/{{ item }}
        state=link
@ -105,7 +105,7 @@
        group=root
        state=directory
- name: create admin group
+- name: Create admin group
  group: name=admin
         state=present
@ -142,21 +142,15 @@
        state=absent
  when: is_debuntu
- include: html.yml
+- include_tasks: html.yml
  tags:
    - base
- include: home-page.yml
+- name: Place the script to generate homepages
 - name: place the script to generate home pages
  template: src=refresh-wiki-docs.sh
            dest=/usr/bin/iiab-refresh-wiki-docs
            mode=0755
 - name: generate the offline documents
  command: /usr/bin/iiab-refresh-wiki-docs
  when: not nodocs
 - name: Give apache_user permission for poweroff
  template: src=020_apache_poweroff.j2
            dest=/etc/sudoers.d/020_apache_poweroff
--- a/roles/httpd/templates/iiab-console.conf.j2
+++ b/roles/httpd/templates/iiab-console.conf.j2
@ -1 +0,0 @@
 /opt/schoolserver/xsce/roles/xsce-admin/templates/console/xs-console.conf.j2
--- a/roles/httpd/templates/refresh-wiki-docs.sh
+++ b/roles/httpd/templates/refresh-wiki-docs.sh
@ -1,81 +1,73 @@
 #!/bin/bash -x
-# pull down repo wiki, and use to create offline docs
+
 # Pull down repo's entire wiki (and similar) to create offline docs
 set -e
 source /etc/iiab/iiab.env
-REPONAME=iiab
+INPUT=/tmp/iiab-wiki
-REPO=https://github.com/iiab
+OUTPUT=/tmp/iiab-wiki.out
-WIKI=iiab-wiki
+DESTPATH=/library/www/html/info
 TARGET_URL=/info
 WWWROOT=/library/www/html
 INPUT=/tmp/${WIKI}
 OUTPUT=/tmp/${WIKI}.out
 # this script is located in the scritps/ directory in the local repo
 SCRIPTDIR=$(dirname $0)
 pushd $SCRIPTDIR
 rm -rf $INPUT
 rm -rf $OUTPUT
 mkdir -p $INPUT
 mkdir -p $OUTPUT
 mkdir -p $WWWROOT$TARGET_URL/html
-git clone $REPO/$REPONAME.wiki.git $INPUT
+git clone https://github.com/iiab/iiab.wiki.git $INPUT
-# To Do find more links to rewrite, especially after moving from xsce to iiab
+for f in `ls $INPUT`; do
 for f in `ls /tmp/${WIKI}`; do
    FTRIMMED=${f%.md}
-    if [ $FTRIMMED = "Home" ]; then FTRIMMED=index;fi
+    if [ $FTRIMMED = "Home" ]; then FTRIMMED=index; fi
-    pandoc -s /tmp/${WIKI}/$f -o $OUTPUT/$FTRIMMED.html
+    pandoc -s $INPUT/$f -o $OUTPUT/$FTRIMMED.html
    # make links refer to local directory
    sed -i -r "/.*#.*/ s|$REPO/$REPONAME/wiki/(.*)(#.*)\">|./\1.html\2\">|" $OUTPUT/$FTRIMMED.html
    sed -i -r "/.*#.*/! s|$REPO/$REPONAME/wiki/(.*)\">|./\1.html\">|" $OUTPUT/$FTRIMMED.html
    sed -i -e "s|http://schoolserver.org/faq|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html
    sed -i -e "s|http://wiki.laptop.org/go/IIAB/FAQ|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html
    sed -i -e "s|http://wiki.laptop.org/go/XS_Community_Edition/FAQ|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html
    sed -i -e "s|http://FAQ.IIAB.IO|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html
    sed -i -e "s|http://faq.iiab.io|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html
    sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|./\1.html\">|"  $OUTPUT/$FTRIMMED.html
    sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|./\1.html\">|"  $OUTPUT/$FTRIMMED.html
    sed -i -e "s|wiki.laptop.org/go/IIAB/FAQ|box/info/html/FAQ.html|"  $OUTPUT/$FTRIMMED.html
    sed -i -e "s|wiki.laptop.org/go/IIAB/Security|box/info/html/Security.html|"  $OUTPUT/$FTRIMMED.html
 done
-rsync -av $OUTPUT/ $WWWROOT$TARGET_URL
+rsync -av $OUTPUT/ $DESTPATH
-# copy the faq and other things
+# To Do: find more pages to d/l and offline links to fix, based on "fieldback" from truly remote implementer/operators
 lynx -reload -source http://wiki.laptop.org/go/IIAB/FAQ >  $WWWROOT$TARGET_URL/html/FAQ.html
 lynx -reload -source http://wiki.laptop.org/go/IIAB/Security >  $WWWROOT$TARGET_URL/html/Security.html
 lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars.yml >  $WWWROOT$TARGET_URL/html/local_vars.yml
-# fetch the recent release notes
+# Download FAQ etc
-lynx -reload -source https://github.com/XSCE/xsce/wiki/IIAB-6.2-Release-Notes>  $WWWROOT$TARGET_URL/IIAB-6.2-Release-Notes.html
+lynx -reload -source http://wiki.laptop.org/go/IIAB/FAQ > $DESTPATH/FAQ.html
-lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.0.md >  $WWWROOT$TARGET_URL/ReleaseNotes6.0.html
+lynx -reload -source http://wiki.laptop.org/go/IIAB/Security > $DESTPATH/Security.html
-lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.1.md>  $WWWROOT$TARGET_URL/ReleaseNotes6.1.html
+lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars.yml > $DESTPATH/local_vars.yml
 lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars_min.yml > $DESTPATH/local_vars_min.yml
 lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars_big.yml > $DESTPATH/local_vars_big.yml
-pushd $OUTPUT
+# Download older release notes
-for f in `ls *Release*.md`; do
+lynx -reload -source https://github.com/XSCE/xsce/wiki/IIAB-6.2-Release-Notes > $DESTPATH/IIAB-6.2-Release-Notes.html
-#    FTRIMMED=${f%.md}
+lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.0.md > $DESTPATH/ReleaseNotes6.0.html
-    FTRIMMED=${f:0:-3}
+lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.1.md > $DESTPATH/ReleaseNotes6.1.html
-    pandoc -s $f -o  $WWWROOT$TARGET_URL/$FTRIMMED.html
+
-    # make links refer to local directory
+# Make links refer to local items
-    sed -i -e "s|$REPO/$REPONAME/wiki/\(.*\)\">|./\1.html\">)|"  $WWWROOT$TARGET_URL/$FTRIMMED.html
+for f in $DESTPATH/*.html; do
-    sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\">|./\1.html\">)|"  $WWWROOT$TARGET_URL/$FTRIMMED.html
+    sed -i -r "s|https://github.com/iiab/iiab/wiki/([-.A-Za-z0-9]*)|\1.html|g" $f
    sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|\1.html\">|g" $f
    sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|\1.html\">|g" $f
    sed -i -e "s|http://wiki.laptop.org/go/IIAB/FAQ|FAQ.html|g" $f
    sed -i -e "s|/go/IIAB/FAQ|FAQ.html|g" $f
    sed -i -e "s|http://wiki.iiab.io/FAQ|FAQ.html|g" $f
    sed -i -e "s|http://FAQ.IIAB.IO|FAQ.html|g" $f
    sed -i -e "s|http://faq.iiab.io|FAQ.html|g" $f
    sed -i -e "s|http://schoolserver.org/FAQ|FAQ.html|g" $f
    sed -i -e "s|http://schoolserver.org/faq|FAQ.html|g" $f
    sed -i -e "s|http://wiki.laptop.org/go/XS_Community_Edition/FAQ|FAQ.html|g" $f
    sed -i -e "s|http://wiki.laptop.org/go/IIAB/Security|Security.html|g" $f
    sed -i -e "s|/go/IIAB/Security|Security.html|g" $f
    sed -i -e "s|http://wiki.iiab.io/Security|Security.html|g" $f
    sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars.yml|local_vars.yml|g" $f
    sed -i -e "s|/go/IIAB/local_vars.yml|local_vars.yml|g" $f
    sed -i -e "s|http://wiki.iiab.io/local_vars.yml|local_vars.yml|g" $f
    sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $f
    sed -i -e "s|/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $f
    sed -i -e "s|http://wiki.iiab.io/local_vars_min.yml|local_vars_min.yml|g" $f
    sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $f
    sed -i -e "s|/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $f
    sed -i -e "s|http://wiki.iiab.io/local_vars_big.yml|local_vars_big.yml|g" $f
 done
 popd
 #pushd /opt/iiab/iiab-admin-console/roles/console/files/help
 # fetch the embedded help pages from the admin console
 #for f in `ls .`; do
 #    FTRIMMED=${f%.rst}
 #    pandoc -s $f -o $WWWROOT$TARGET_URL/html/$FTRIMMED.html
 #    # make links refer to local directory
 #    sed -i -e "s|$REPO/$ADMINREPO/wiki/\(.*\)\">|./\1.html\">)|" $WWWROOT$TARGET_URL/html/$FTRIMMED.html
 #done
 #popd
 #rm -rf $INPUT
 #rm -rf $OUTPUT
 popd
 exit 0
--- a/roles/idmgr/tasks/main.yml
+++ b/roles/idmgr/tasks/main.yml
@ -33,7 +33,7 @@
  command: /etc/sysconfig/olpc-scripts/setup.d/xs-rsync
           creates=/etc/xinetd.d/xs-rsyncd
- name: Copy idmgr init script 
+- name: Copy idmgr init script
  command: /bin/cp /etc/init.d/idmgr /usr/libexec/idmgr.init
           creates=/usr/libexec/idmgr.init
--- a/roles/iiab-admin/README.rst
+++ b/roles/iiab-admin/README.rst
@ -1,5 +1,5 @@
 =================
-XSCE Admin README
+IIAB Admin README
 =================
 This role is home to a number of administrative playbooks.  Those implemented are:
@ -22,4 +22,4 @@ Add Packages for Remote Access
 Admin Console
 -------------
-Has been moved to a separate git repo
+Has been moved to separate git repo: https://github.com/iiab/iiab-admin-console
--- a/roles/iiab-admin/tasks/admin-user.yml
+++ b/roles/iiab-admin/tasks/admin-user.yml
@ -1,8 +1,8 @@
 - name: Create iiab-admin user and password
-  user: name={{ iiab_admin_user }}  
+  user: name={{ iiab_admin_user }}
        password={{ iiab_admin_passw_hash }}
        update_password=on_create
-        
+
 - name: Create a wheel group
  group: name=wheel
         state=present
@ -14,7 +14,7 @@
 - name: Add user to wheel group
  user: name={{ iiab_admin_user }} groups=wheel,sudo
-  
+
 - name: Create root .ssh
  file: path=/root/.ssh
        mode=0700
@ -29,28 +29,27 @@
        owner=root
        group=root
        mode=0600
-        
+
 #        backup=yes
- name: edit the sudoers file--first make it editable
+- name: Edit the sudoers file -- first make it editable
  shell: chmod 0640 /etc/sudoers
- name: have sudo log all commands it handles
+- name: Have sudo log all commands it handles
  lineinfile: regexp=logfile
              line='Defaults     logfile = /var/log/sudo.log'
              state=present
              dest=/etc/sudoers
- name: lets wheel sudo without password
+- name: Lets wheel sudo without password
-  lineinfile: 
+  lineinfile:
     line: "%wheel ALL= NOPASSWD: ALL"
     dest: /etc/sudoers
- name: remove the line which requires tty
+- name: Remove the line which requires tty
-  lineinfile: regexp=requiretty 
+  lineinfile: regexp=requiretty
-              state=absent 
+              state=absent
              dest=/etc/sudoers
-                
+
- name: end editing the sudoers file-- protect it again
+- name: End editing the sudoers file -- protect it again
  shell: chmod 0440 /etc/sudoers
--- a/roles/iiab-admin/tasks/main.yml
+++ b/roles/iiab-admin/tasks/main.yml
@ -1,9 +1,9 @@
- include: admin-user.yml
+- include_tasks: admin-user.yml
  tags:
    - base
  when: not no_admin is defined
- include: access.yml
+- include_tasks: access.yml
  tags:
    - base
@ -28,12 +28,12 @@
  stat: path=/home/pi/.config/lxsession
  register: lx
- name: Do the same if running on raspbian
+- name: Do the same if running on Raspbian
  template: src=lxde_ssh_warn.sh
            dest=/home/pi/.config/lxsession/LXDE-pi/
-  when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu
+  when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu
- name: put a autostart line to check for default password in LXDE
+- name: Put an autostart line to check for default password in LXDE
  lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh
              dest=/home/pi/.config/lxsession/LXDE-pi/autostart
-  when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu
+  when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu
--- a/roles/kalite/README.rst
+++ b/roles/kalite/README.rst
@ -1,13 +1,13 @@
 ==============
-KA-Lite README
+KA Lite README
 ==============
-This role installs KA-Lite, an offline version of the Khan Academy (https://www.khanacademy.org/),
+This role installs KA Lite, an offline version of the Khan Academy (https://www.khanacademy.org/),
 written by Learning Equality (https://learningequality.org/ka-lite/).
-KA Lite has two servers, a light httpd server that serves KA videos, and a cron server that sets
+KA Lite has two servers, a light httpd server that serves Khan Academy videos, and a cron server
-up cron jobs to download language packs and KA videos from the internet.  There are separate flags
+that sets up cron jobs to download language packs and KA videos from the internet.  There are
-to enable these two servers.
+separate flags to enable these two servers.
 Access
 ------
--- a/roles/kalite/tasks/enable.yml
+++ b/roles/kalite/tasks/enable.yml
@ -1,18 +1,18 @@
 # By the time we get here we should have ka-lite of some version
 # And the systemd unit files should be defined
- name: Enable kalite server
+- name: Enable 'kalite-serve' service
  service: name=kalite-serve
           enabled=yes
           state=started
- name: Disable kalite server
+- name: Disable 'kalite-serve' service
  service: name=kalite-serve
           enabled=no
           state=stopped
  when: not kalite_enabled
-# Since Fedora 18 we don't have a separate unit fiile for kalite-cron
+# Since Fedora 18 we don't have a separate unit file for kalite-cron
 - name: Disable kalite cron server F18
  service: name=kalite-cron
--- a/roles/kalite/tasks/install-f18.yml
+++ b/roles/kalite/tasks/install-f18.yml
@ -1,6 +1,6 @@
 # This is for Fedora 18, assumed to be an XO
- name: Install dependent packages F18
+- name: Install dependent packages (Fedora 18)
  package: name={{ item }}
           state=present
  with_items:
@ -8,35 +8,35 @@
    - expect
  when: is_F18
- name: Install dependent pip packages F18
+- name: Install dependent pip packages (Fedora 18)
  pip: name=selenium
-  when: internet_available  and is_F18
+  when: internet_available and is_F18
- name: Determine if kalite is already downloaded
+- name: Determine if KA Lite is already downloaded
  stat: path={{ downloads_dir }}/ka-lite
  register: kalite
- name: Download the latest kalite repo
+- name: Download the latest KA Lite repo
  git: repo={{ kalite_repo_url }}
       dest={{ downloads_dir }}/ka-lite
       depth=1
       version="0.13.x"
  ignore_errors: yes
-  when: internet_available  and kalite.stat.exists is defined and not kalite.stat.exists
+  when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists
- name: Create iiab-kalite user and password F18
+- name: Create iiab-kalite user and password (Fedora 18)
  user: name={{ kalite_user }}
        password={{ kalite_password_hash }}
        update_password=on_create
- name: Create kalite_root directory F18
+- name: Create kalite_root directory (Fedora 18)
  file: path={{ kalite_root }}
        owner=root
        group=root
        mode=0755
        state=directory
- name: Copy the kalite repo into place F18
+- name: Copy the KA Lite repo into place (Fedora 18)
  command: "rsync -at {{ downloads_dir }}/ka-lite/ {{ kalite_root }}"
 - name: Make kalite_user owner
@ -52,9 +52,9 @@
            dest="{{ kalite_root }}/kalite/local_settings.py"
            owner={{ kalite_user }}
            group={{ kalite_user }}
-            mode=644
+            mode=0644
- name: Create kalite service(s) and support scripts
+- name: Create kalite-serve & kalite-cron services, and iiab_cronservectl.sh
  template: backup=no
            src={{ item.src }}
            dest={{ item.dest }}
--- a/roles/kalite/tasks/install.yml
+++ b/roles/kalite/tasks/install.yml
@ -1,6 +1,6 @@
 # This is for an OS other than Fedora 18
- name: Install missing packages required for kalite startup
+- name: Install missing packages required for KA Lite startup
  package: name={{ item }}
           state=present
  with_items:
@ -8,24 +8,43 @@
 - name: Grab the requirements file
  get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt
-  when: internet_available 
+  when: internet_available
- name: Install ka-lite dependencies with pip
+#- name: Install KA Lite non-static + reqs file with pip - (debuntu)
-  pip: requirements={{ pip_packages_dir }}/kalite.txt
+#  pip: requirements={{ pip_packages_dir }}/kalite.txt
-       virtualenv={{ kalite_venv }}
+#       virtualenv={{ kalite_venv }}
-       virtualenv_site_packages=no
+#       virtualenv_site_packages=no
 #       extra_args="--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
-  when: internet_available 
+#  when: internet_available and is_debuntu
- name: Install ka-lite with pip
+- name: Install KA Lite static with pip - (debuntu)
  pip: name=ka-lite-static
       version={{ kalite_version }}
       virtualenv={{ kalite_venv }}
       virtualenv_site_packages=no
       extra_args="--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
-  when: internet_available 
+  when: internet_available and is_debuntu
- name: Default is to have cronserve started with kalite
+#- name: Install KA Lite non-static + reqs file with pip - (OS's other than debuntu)
 #  pip: requirements={{ pip_packages_dir }}/kalite.txt
 #       virtualenv={{ kalite_venv }}
 #       virtualenv_site_packages=no
 #       extra_args="--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
 #  when: internet_available and not is_debuntu
 - name: Install KA Lite static with pip - (OS's other than debuntu)
  pip: name=ka-lite-static
       version={{ kalite_version }}
       virtualenv={{ kalite_venv }}
       virtualenv_site_packages=no
 #       extra_args="--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
  when: internet_available and not is_debuntu
 - name: Default is to have cronserve started with KA Lite
  set_fact:
     job_scheduler_stanza: ""
@ -34,7 +53,7 @@
     job_scheduler_stanza: "--skip-job-scheduler "
  when: not kalite_cron_enabled
- name: Create kalite service(s) and support scripts
+- name: Create 'kalite-serve' service, kalite.sh and kalite.conf
  template: backup=no
            src={{ item.src }}
            dest={{ item.dest }}
@ -44,9 +63,9 @@
  with_items:
    - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'}
    - { src: 'kalite.sh.j2', dest: '/etc/profile.d/kalite.sh', mode: '0644'}
-    - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir}}', mode: '0644'}
+    - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'}
 - name: Create symlink to kalite bin file in path
  file: path=/usr/bin/kalite
-        src={{kalite_venv}}/bin/kalite
+        src={{ kalite_venv }}/bin/kalite
        state=link
--- a/roles/kalite/tasks/main.yml
+++ b/roles/kalite/tasks/main.yml
@ -2,39 +2,39 @@
 # Assume all XOs are F18 and nothing else is
- name: Calc kalite db file name F18
+- name: Calc KA Lite db file name (Fedora 18)
  set_fact:
     kalite_db_name: "{{ kalite_root }}/kalite/database/data.sqlite"
  when: is_F18
- name: Calc kalite db file name
+- name: Calc KA Lite db file name (OS's other than Fedora 18)
  set_fact:
     kalite_db_name: "{{ kalite_root }}/database/data.sqlite"
  when: not is_F18
- name: See if kalite is already configured
+- name: See if KA Lite is already configured
  stat: path="{{ kalite_db_name }}"
  register: kalite_installed
- include: install-f18.yml
+- include_tasks: install-f18.yml
  when: not kalite_installed.stat.exists and is_F18
- include: install.yml
+- include_tasks: install.yml
  when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18
- name: ask systemd to reread the unit files
+- name: Ask systemd to reread the unit files
  shell: systemctl daemon-reload
  when: not kalite_installed.stat.exists
- include: setup-f18.yml
+- include_tasks: setup-f18.yml
  when: not kalite_installed.stat.exists and is_F18
- include: setup.yml
+- include_tasks: setup.yml
  when: not kalite_installed.stat.exists and not is_F18
- include: enable.yml
+- include_tasks: enable.yml
- name: Add kalite to service list
+- name: Add 'kalite-serve' to service list
  ini_file: dest='{{ service_filelist }}'
            section=kalite
            option='{{ item.option }}'
@ -43,7 +43,7 @@
    - option: name
      value: kalite
    - option: description
-      value: '"KA-Lite is a server to present Khan Academy videos offline and to download them."'
+      value: '"KA Lite is a server to present Khan Academy videos offline and to download them."'
    - option: path
      value: "{{ kalite_root }}"
    - option: server_name
--- a/roles/kalite/tasks/setup-f18.yml
+++ b/roles/kalite/tasks/setup-f18.yml
@ -1,11 +1,11 @@
 # This is for Fedora 18, assumed to be an XO
- name: Run the setup using kalite manage F18
+- name: Run the setup using 'kalite manage' (Fedora 18)
  command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite manage setup --username={{ kalite_user }} --password={{ kalite_password }} --noinput'"
  async: 900
  poll: 10
- name: Finish setup by running kalite start F18
+- name: Finish setup by running 'kalite start' (Fedora 18)
  command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite start'"
  async: 900
  poll: 10
--- a/roles/kalite/tasks/setup.yml
+++ b/roles/kalite/tasks/setup.yml
@ -7,7 +7,7 @@
        mode=0755
        state=directory
- name: Run the setup using kalite manage
+- name: Run the setup using 'kalite manage'
  command: "{{ kalite_program }} manage setup --username={{ kalite_admin_user }} --password={{ kalite_admin_password }} --noinput"
  environment:
     KALITE_HOME: "{{ kalite_root }}"
--- a/roles/kiwix/defaults/main.yml
+++ b/roles/kiwix/defaults/main.yml
@ -5,6 +5,6 @@ iiab_zim_path: /library/zims
 kiwix_library_xml: "{{ iiab_zim_path }}/library.xml"
 kiwix_content_path: "{{ iiab_zim_path }}/content"
 kiwix_install: True
-kiwix_serve_enabled: False
+kiwix_enabled: True
 kiwix_content_found: False
 kiwix_first_pass: False
--- a/roles/kiwix/tasks/kiwix_install.yml
+++ b/roles/kiwix/tasks/kiwix_install.yml
@ -1,4 +1,4 @@
- name: Create various directories for zims
+- name: Create various directories for Kiwix's ZIM files
  file: path={{ item }}
        owner=root
        group=root
@ -9,16 +9,16 @@
    - "{{ kiwix_content_path }}"
    - "{{ iiab_zim_path }}/index"
- name: Check for kiwix-serve binary
+- name: Check for 'kiwix-serve' binary
  stat: path={{ iiab_base }}/kiwix/bin/kiwix-serve
  register: kiwix_bin
- name: Set kiwix first pass
+- name: Set kiwix_first_pass
  set_fact:
    kiwix_first_pass: True
  when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists
- name: Copy kiwix library file if needed
+- name: Copy Kiwix library file if needed
  template: src={{ item }}
            dest="{{ kiwix_library_xml }}"
            mode=0644
@ -47,14 +47,14 @@
             group=root
  when: not kiwix_src_bin_only and kiwix_first_pass
- name: Create directory for kiwix bin
+- name: Create kiwix/bin directory
  file: path="{{ iiab_base }}/kiwix/bin"
        owner=root
        group=root
        mode=0755
        state=directory
- name: enable the mods which permit apache to proxy
+- name: Enable the mods which permit Apache to proxy
  apache2_module: name={{ item }}
  with_items:
    - proxy
@ -63,7 +63,7 @@
    - rewrite
  when: is_debuntu
- name: Unarchive it to permanent location - bin only
+- name: Unarchive Kiwix to permanent location - bin only
  unarchive: src="{{ downloads_dir }}/{{ kiwix_src_file }}"
             dest="{{ iiab_base }}/kiwix/bin"
             owner=root
@ -71,28 +71,28 @@
  when: kiwix_src_bin_only and kiwix_first_pass
 # workaround because unarchive does not set ownership properly
- name: Set kiwix ownership
+- name: "Set ownership as if: 'chown -R root:root /opt/iiab/kiwix'"
  file: path="{{ iiab_base }}/kiwix"
        owner=root
        group=root
        recurse=yes
 # workaround because kiwix-serve does not stay running
- name: Make an entry in crontab to restart every hour
+- name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu)
 # *  *  *  *  * user-name  command to be executed
-  lineinfile: line="15 *  *  *  * root /bin/systemctl restart kiwix-serve.service"
+  lineinfile: line="0  4  *  *  * root /bin/systemctl restart kiwix-serve.service"
              dest=/etc/crontab
  when: is_debuntu
- name: Make an entry in crontab to restart every hour
+- name: Make a crontab entry to restart kiwix-serve at 4AM (redhat)
 # *  *  *  *  * user-name  command to be executed
-  lineinfile: line="15 *  *  *  * root /usr/bin/systemctl restart kiwix-serve.service"
+  lineinfile: line="0  4  *  *  * root /usr/bin/systemctl restart kiwix-serve.service"
              dest=/etc/crontab
  when: is_redhat
 # Create kiwix service
- name: Create kiwix-serve service
+- name: Create 'kiwix-serve' service
  template: backup=no
            src={{ item.src }}
            dest={{ item.dest }}
@ -108,7 +108,7 @@
    - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'}
- name: add kiwix to service list
+- name: Add 'kiwix-serve' to list of services
  ini_file: dest='{{ service_filelist }}'
            section=kiwix-serve
            option='{{ item.option }}'
@ -131,16 +131,16 @@
    - option: kiwix_content_path
      value: "{{ kiwix_content_path }}"
    - option: enabled
-      value: "{{ kiwix_serve_enabled }}"
+      value: "{{ kiwix_enabled }}"
- name: Enable kiwix-serve service
+- name: Enable 'kiwix-serve' service
  service: name=kiwix-serve
           enabled=yes
           state=restarted
-  when: kiwix_serve_enabled
+  when: kiwix_enabled
- name: Disable kiwix-serve service
+- name: Disable 'kiwix-serve' service
  service: name=kiwix-serve
           enabled=no
           state=stopped
-  when: not kiwix_serve_enabled
+  when: not kiwix_enabled
--- a/roles/kiwix/tasks/main.yml
+++ b/roles/kiwix/tasks/main.yml
@ -1,4 +1,3 @@
 #- name: Set kiwix source file name i686
 #  set_fact:
 #     kiwix_src_file: "kiwix-linux-i686.tar.bz2"
@ -7,25 +6,24 @@
 - name: Set kiwix source file name x86_64
  set_fact:
-     kiwix_src_file: "kiwix-tools_linux64_2017-09-28.tar.gz"
+     kiwix_src_file: "kiwix-tools_linux64_2017-10-25.tar.gz"
     kiwix_src_bin_only: True
  when: ansible_machine == "x86_64"
 - name: Set kiwix source file name armv7l
  set_fact:
-     kiwix_src_file: "kiwix-tools_armhf_2017-09-28.tar.gz"
+     kiwix_src_file: "kiwix-tools_armhf_2017-10-25.tar.gz"
     kiwix_src_bin_only: True
  when: ansible_machine == "armv7l" or ansible_machine == "armv6l"
- name: Get the kiwix software
+- name: Get the Kiwix software
  get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}"  dest="{{ downloads_dir }}/{{ kiwix_src_file }}"
  when: internet_available
- include: kiwix_install.yml
+- include_tasks: kiwix_install.yml
  when: kiwix_src_file is defined
  tags:
    - kiwix
 - debug:  msg="WARNING kiwix source is not defined for your platform"
  when: not kiwix_src_file
--- a/Show more
+++ b/Show more
		`@ -1,3 +0,0 @@`
			`# Add your role to this list and then uncomment dependencies. Adding a tag is handy for testing.`
			`#dependencies:`
		`@ -1 +0,0 @@`
			`/opt/schoolserver/xsce/roles/xsce-admin/templates/console/xs-console.conf.j2`