external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-13 11:42:08 +00:00
Code Issues Releases Wiki Activity

Merge pull request #177 from iiab/master

Browse source 
sync from iiab/iiab
This commit is contained in:
A Holt 2018-11-02 01:20:43 -04:00 committed by GitHub
commit 1518be298b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
54 changed files with 546 additions and 560 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
roles/2-common/tasks/iiab-startup.yml
View file

@ -3,20 +3,20 @@
path: /usr/libexec/iiab-startup.sh
register: startup_script
- name: Copy template script to /usr/libexec/iiab-startup.sh
- name: If not, install /usr/libexec/iiab-startup.sh from template
template:
src: iiab-startup.sh
dest: /usr/libexec/
mode: 0755
when: not startup_script.stat.exists
- name: Copy iiab-startup.service to {{ systemd_location }}
- name: Install {{ systemd_location }}/iiab-startup.service from template
template:
src: iiab-startup.service
dest: "{{ systemd_location }}"
when: not startup_script.stat.exists
- name: Enable & restart the systemd service after daemon-reload
- name: Enable & restart systemd service (iiab-startup) after daemon-reload
# shell: systemctl daemon-reload
# shell: systemctl restart iiab-startup.service
# shell: systemctl enable iiab-startup.service

33
roles/2-common/tasks/iptables.yml
View file

@ -4,12 +4,13 @@
enabled: no
when: not is_debuntu
- name: Use larger hammer to disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
shell: "systemctl disable firewalld.service"
# Likely no longer nec as of 2019
- name: Use larger hammer -- systemctl disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
shell: systemctl disable firewalld.service
when: not is_debuntu
- name: Mask firewalld service (OS's other than debuntu)
shell: 'systemctl mask firewalld'
shell: systemctl mask firewalld
ignore_errors: yes
when: not installing and not is_debuntu
@ -20,17 +21,17 @@
ignore_errors: yes
when: not installing and not is_debuntu
- name: Remove iptables.service file from /etc
- name: Remove /etc/systemd/system/iptables.service
file:
path: /etc/systemd/system/iptables.service
state: absent
- name: Remove iptables-xs.service file from /etc
file:
path: /etc/systemd/system/iptables-xs.service
state: absent
#- name: Remove iptables-xs.service file from /etc
# file:
# path: /etc/systemd/system/iptables-xs.service
# state: absent
- name: Install iptables service package (debuntu)
- name: Install package iptables-persistent (debuntu)
package:
name: iptables-persistent
state: present
@ -38,7 +39,7 @@
tags:
- download
- name: Install iptables service package (OS's other than debuntu)
- name: Install package iptables-services (OS's other than debuntu)
package:
name: iptables-services
state: present
@ -46,17 +47,15 @@
tags:
- download
- name: Install iptables services
- name: Install /etc/sysconfig/iptables-config from template
template:
src: "{{ item.0 }}"
dest: "{{ item.1 }}"
src: iptables-config
dest: /etc/sysconfig/iptables-config
owner: root
group: root
mode: "{{ item.2 }}"
with_items:
- { 0: 'iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' }
mode: 0644
- name: Install Debian config (debuntu)
- name: Install /etc/network/if-pre-up.d/iptables from template (debuntu)
template:
src: iptables
dest: /etc/network/if-pre-up.d/iptables

2
roles/2-common/tasks/main.yml
View file

@ -72,7 +72,7 @@
value: 1
state: present
- name: Install custom profile file
- name: Install custom /etc/profile.d/zzz_iiab.sh from template
template:
dest: /etc/profile.d/zzz_iiab.sh
src: zzz_iiab.sh

68
roles/2-common/tasks/packages.yml
View file

@ -1,72 +1,72 @@
- name: Install yum/dnf packages (redhat)
- name: "Install 10 yum/dnf packages: avahi, avahi-tools, createrepo, linux-firmware, nss-mdns, openssl, syslog, wpa_supplicant, xml-common, yum-utils (redhat)"
package:
name:
- yum-utils
- createrepo
- wpa_supplicant
- linux-firmware
- syslog
- xml-common
- nss-mdns
- avahi
- avahi-tools
- createrepo
- linux-firmware
- nss-mdns
- openssl # FC 18 does not supply, but pear requires
- syslog
- wpa_supplicant
- xml-common
- yum-utils
state: present
when: is_redhat
- name: Download & install usbmount, missing from Debian Stretch (debian-9)
- name: Install {{ iiab_download_url }}/usbmount_0.0.14.1_all.deb, missing from Debian Stretch (debian-9)
apt:
deb: "{{ iiab_download_url }}/usbmount_0.0.14.1_all.deb"
#timeout: "{{ download_timeout }}" # Ansible's apt module doesn't support timeout parameter; that's ok as usbmount_0.0.14.1_all.deb is only 10KB
when: internet_available and is_debian_9
- name: Install packages (debuntu)
- name: "Install 7 deb/apt packages: avahi-daemon, avahi-discover, exfat-fuse, exfat-utils, inetutils-syslogd, libnss-mdns, wpasupplicant (debuntu)"
package:
name:
- inetutils-syslogd
- wpasupplicant
- libnss-mdns
- avahi-daemon
- avahi-discover
- exfat-fuse
- exfat-utils
- inetutils-syslogd
- libnss-mdns
- wpasupplicant
state: present
when: is_debuntu
- name: Install common packages
- name: "Install 23 common packages: acpid, bridge-utils, bzip2, curl, gawk, hostapd, htop, i2c-tools, logrotate, make, mlocate, netmask, net-tools, ntfs-3g, openssh-server, pandoc, rsync, sudo, tar, unzip, usbmount, usbutils, wget"
package:
name:
- acpid
- mlocate
- rsync
- htop
- bridge-utils
- bzip2
- curl
#- etckeeper # "nobody is really using etckeeper and it's bloating the filesystem every time apt runs" per @jvonau at https://github.com/iiab/iiab/issues/1146
- python-passlib
- usbmount
- net-tools
- openssh-server
- sudo
- gawk
- hostapd
- htop
- i2c-tools
- logrotate
#- lynx # already installed by 1-prep's roles/iiab-admin/tasks/access.yml
- make
- mlocate
- netmask
- net-tools
- ntfs-3g
- openssh-server
- pandoc
- rsync
- sudo
- tar
- unzip
- bzip2
- i2c-tools
- bridge-utils
- netmask
- usbmount
- usbutils
- hostapd
- wget
- openssl # FC 18 does not supply, but pear requires
- gawk
- curl
- pandoc
- lynx # already installed by 1-prep's roles/iiab-admin/tasks/access.yml
- ntfs-3g
state: present
- name: Install common Python packages {python-pip, python-setuptools, python-virtualenv}
- name: "Install 4 common Python packages: python-passlib, python-pip, python-setuptools, python-virtualenv"
package:
name:
- python-passlib
- python-pip
- python-setuptools
- python-virtualenv

4
roles/3-base-server/tasks/main.yml
View file

@ -15,8 +15,8 @@
# has no "when: XXXXX_install" flag
tags: base, mysql
- name: Restart httpd
service:
- name: Restart Apache systemd service ({{ apache_service }})
systemd:
name: "{{ apache_service }}"
state: restarted
when: not installing

8
roles/4-server-options/tasks/main.yml
View file

@ -3,22 +3,22 @@
- name: ...IS BEGINNING ==================================
command: echo
- name: Installing dnsmasq
- name: Install dnsmasq
include_tasks: roles/network/tasks/dnsmasq.yml
when: dnsmasq_install
tags: base, domain, dnsmasq, network
- name: Installing named
- name: Install named / BIND
include_tasks: roles/network/tasks/named.yml
when: named_install
tags: base, named, network, domain
- name: Installing dhcpd
- name: Install dhcpd
include_tasks: roles/network/tasks/dhcpd.yml
when: dhcpd_install
tags: base, dhcpd, network, domain
- name: Installing Squid
- name: Install Squid (and DansGuardian if dansguardian_install)
include_tasks: roles/network/tasks/squid.yml
when: squid_install
tags: base, squid, network, domain

11
roles/activity-server/tasks/main.yml
View file

@ -116,11 +116,12 @@
enabled=yes
state=restarted
- name: add xs-activity-server to service list
ini_file: dest='{{ iiab_ini_file }}'
section=activity-server
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'activity-server' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: activity-server
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: "Activity Server"

11
roles/ajenti/tasks/main.yml
View file

@ -47,11 +47,12 @@
state=restarted
when: ajenti_enabled
- name: Add ajenti to service list
ini_file: dest='{{ iiab_ini_file }}'
section=ajenti
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'ajenti' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: ajenti
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: ajenti

17
roles/authserver/tasks/main.yml
View file

@ -50,18 +50,19 @@
enabled=yes
when: authserver_enabled
- name: add xs-authserver to service list
ini_file: dest='{{ iiab_ini_file }}'
section=xs-authserver
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'authserver' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: authserver
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: XS-authserver
- option: description
value: '"xs-authserver implements a seamless web authentication service
using XO laptop registration capabilities. It is heavily inspired
by the Moodle OLPC-XS authentication plugin"'
value: '"authserver (xs-authserver) implements a seamless web authentication
service using XO laptop registration capabilities. It is heavily
inspired by the Moodle OLPC-XS authentication plugin"'
- option: port
value: 5000
- option: path

6
roles/awstats/tasks/install.yml
View file

@ -1,4 +1,4 @@
- name: Install packages {awstats, pwauth, openssl}
- name: 'Install 3 packages: awstats, openssl, pwauth'
package:
name:
- awstats
@ -8,7 +8,7 @@
tags:
- download
- name: Install packages libapache2-mod-authnz-external and apache2-utils (debuntu)
- name: 'Install 2 packages: apache2-utils, libapache2-mod-authnz-external (debuntu)'
package:
name:
- libapache2-mod-authnz-external
@ -22,7 +22,7 @@
command: a2enmod cgi
when: is_debuntu
- name: Create directory for AWStats to use as intermediate summary storage
- name: 'Mandate {{ apache_user }}:{{ apache_user }} perm 0750 dirs: {{ awstats_data_dir }} (intermediate summary storage) & {{ apache_log_dir }}' # /library/awstats & /var/log/apache2 typically
file:
path: "{{ item }}"
mode: 0750

4
roles/awstats/tasks/main.yml
View file

@ -1,9 +1,9 @@
- include_tasks: install.yml
when: awstats_install
- name: Add 'awstats' to list of services at {{ iiab_ini_file }}
- name: Add 'awstats' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: awstats
option: "{{ item.option }}"
value: "{{ item.value }}"

12
roles/calibre-web/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Create Calibre-Web folders to store data and configuration files
- name: Create 3 Calibre-Web folders to store data and configuration files
file:
path: "{{ item }}"
owner: "{{ calibreweb_user }}"
@ -84,7 +84,7 @@
when: not metadatadb.stat.exists
#when: calibreweb_provision
- name: Enable and restart 'calibre-web' service
- name: Enable and restart 'calibre-web' systemd service
systemd:
name: calibre-web
daemon_reload: yes
@ -101,7 +101,7 @@
# command: apachectl -k graceful
# when: calibreweb_enabled
- name: Disable 'calibre-web' service
- name: Disable 'calibre-web' systemd service
systemd:
name: calibre-web
daemon_reload: yes
@ -117,14 +117,14 @@
# command: apachectl -k graceful
# when: not calibreweb_enabled
- name: Restart Apache
- name: Restart Apache service {{ apache_service }}
systemd:
name: "{{ apache_service }}" # httpd or apache2
state: restarted
- name: Add 'calibre-web' to list of services at {{ iiab_ini_file }}
- name: Add 'calibre-web' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: calibre-web
option: "{{ item.option }}"
value: "{{ item.value }}"

31
roles/calibre/tasks/main.yml
View file

@ -1,6 +1,6 @@
# 1. INSTALL THE LATEST CALIBRE 3.X+ (calibre, calibredb, calibre-server etc) ON ALL OS'S
- name: Check if /usr/bin/calibre exists
- name: Does /usr/bin/calibre exist?
stat:
path: "/usr/bin/calibre"
register: calib_executable
@ -39,7 +39,7 @@
group: root
mode: "{{ item.mode }}"
backup: no
# register: calibre_config
#register: calibre_config
with_items:
- { src: 'calibre-serve.service.j2', dest: '/etc/systemd/system/calibre-serve.service', mode: '0644'}
- { src: 'calibre.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'}
@ -49,7 +49,7 @@
systemd:
daemon_reload: yes
when: (not calib_executable.stat.exists)
# when: calibre_config.changed
#when: calibre_config.changed
# 2. STOP CALIBRE SERVICE IF IT EXISTS (REQUIRED FOR DB ACTIVITY...AND IF not calibre_enabled)
@ -59,14 +59,13 @@
# register: calibre_svc
- name: Stop Calibre service -- calibre-server by Kovid Goyal
# systemd:
service:
systemd:
name: calibre-serve
state: stopped
#enabled: no
# register: command_result # gist.github.com/tyrells/0a79681de339237cb04c
# failed_when: false # Never Fail during "systemctl stop calibre-serve" (even if service doesn't exist!)
# when: calibre_svc.stat.exists
#register: command_result # gist.github.com/tyrells/0a79681de339237cb04c
#failed_when: false # Never Fail during "systemctl stop calibre-serve" (even if service doesn't exist!)
#when: calibre_svc.stat.exists
# 3. CREATE USER DATABASE
@ -87,7 +86,7 @@
# 4. CREATE CONTENT DATABASE WITH A SAMPLE BOOK (REQUIRED AS OF CALIBRE 3.x)
- name: Check if /library/calibre/metadata.db exists
- name: Does /library/calibre/metadata.db exist?
stat:
path: "{{ calibre_dbpath }}/metadata.db"
register: calibre_db
@ -104,20 +103,20 @@
# https://github.com/iiab/iiab/tree/master/roles/calibre-web/templates/calibre-web.conf.j2
# (anyway this works great for calibre-web, allowing http://box/books
# to work even better than http://box:8083 when box == 192.168.0.x !)
- name: Create calibre.conf link for UNTESTED http://box/calibre etc (debuntu)
- name: Create symlink calibre.conf from sites-enabled to sites-available, for UNTESTED http://box/calibre etc (debuntu)
file:
src: /etc/apache2/sites-available/calibre.conf
dest: /etc/apache2/sites-enabled/calibre.conf
state: link
when: calibre_enabled and is_debuntu
- name: Remove calibre.conf link if disabled (debuntu)
- name: Remove symlink /etc/apache2/sites-enabled/calibre.conf (debuntu)
file:
dest: /etc/apache2/sites-enabled/calibre.conf
state: absent
when: (not calibre_enabled) and is_debuntu
- name: Enable Calibre service -- runs calibre-server by Kovid Goyal
- name: Enable & Start Calibre service -- runs calibre-server by Kovid Goyal
service:
name: calibre-serve
enabled: yes
@ -126,14 +125,14 @@
#async: 900
#poll: 5
- name: Forcing apache to reread configs
service:
- name: Reload Apache
systemd:
name: "{{ apache_service }}"
state: reloaded
- name: Add 'calibre' to list of services at {{ iiab_ini_file }}
- name: Add 'calibre' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: calibre
option: "{{ item.option }}"
value: "{{ item.value }}"

22
roles/cups/tasks/main.yml
View file

@ -7,24 +7,24 @@
tags:
- download
- name: Put our own /etc/cups/cupsd.conf in place, to permit local LAN admin
- name: Install our own /etc/cups/cupsd.conf from template, to permit local LAN admin
template:
src: cupsd.conf
dest: /etc/cups/cupsd.conf
- name: Put an apache2 config file in place
- name: Install /etc/{{ apache_config_dir }}/cups.conf from template
template:
src: cups.conf
dest: "/etc/{{ apache_config_dir }}/"
- name: Create the link for sites-enabled (debuntu)
- name: Create symlink cups.conf from sites-enabled to sites-available (debuntu)
file:
src: /etc/apache2/sites-available/cups.conf
dest: /etc/apache2/sites-enabled/cups.conf
state: link
when: cups_enabled and is_debuntu
- name: Enable services for CUPS (OS's other than Fedora 18)
- name: Enable & Start services 'cups' and 'cups-browsed' (OS's other than Fedora 18)
service:
name: "{{ item }}"
state: started
@ -34,8 +34,8 @@
- cups-browsed
when: cups_enabled and not is_F18
- name: Enable services for CUPS (Fedora 18, for XO laptops)
service:
- name: Enable & Start service 'cups' (Fedora 18, for XO laptops)
systemd:
name: cups
state: started
enabled: yes
@ -45,8 +45,8 @@
shell: "cupsctl --remote-admin"
when: cups_enabled
- name: Disable services for CUPS (OS's other than Fedora 18)
service:
- name: Disable both CUPS services (OS's other than Fedora 18)
systemd:
name: "{{ item }}"
state: stopped
enabled: no
@ -56,15 +56,15 @@
when: not cups_enabled and not is_F18
- name: Disable services for CUPS (Fedora 18, for XO laptops)
service:
systemd:
name: cups
state: stopped
enabled: no
when: not cups_enabled and is_F18
- name: Add 'cups' to list of services at {{ iiab_ini_file }}
- name: Add 'cups' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: cups
option: "{{ item.option }}"
value: "{{ item.value }}"

11
roles/docker/tasks/main.yml
View file

@ -40,11 +40,12 @@
enabled=false
when: not docker_enabled
- name: add docker to service list
ini_file: dest='{{ iiab_ini_file }}'
section=docker
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'docker' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: docker
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: Docker Container

4
roles/dokuwiki/tasks/main.yml
View file

@ -2,9 +2,9 @@
include_tasks: install.yml
when: dokuwiki_install
- name: Add 'dokuwiki' to list of services at {{ iiab_ini_file }}
- name: Add 'dokuwiki' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: dokuwiki
option: "{{ item.option }}"
value: "{{ item.value }}"

10
roles/elgg/tasks/main.yml
View file

@ -119,7 +119,7 @@
name: /tmp/elggdb.sql
state: absent
- name: Install Apache's elgg.conf from template, for http://box/elgg
- name: Install /etc/{{ apache_config_dir }}/elgg.conf from template, for http://box/elgg
template:
src: elgg.conf
dest: "/etc/{{ apache_config_dir }}/elgg.conf"
@ -131,7 +131,7 @@
state: link
when: elgg_enabled and is_debuntu
- name: Remove symlink elgg.conf from sites-enabled (debuntu)
- name: Remove symlink /etc/apache2/sites-enabled/elgg.conf (debuntu)
file:
path: /etc/apache2/sites-enabled/elgg.conf
state: absent
@ -143,14 +143,14 @@
state: absent
when: not elgg_enabled and is_redhat
- name: Restart Apache, to enable/disable http://box/elgg
- name: Restart Apache ({{ apache_service }}) to enable/disable http://box/elgg
service:
name: "{{ apache_service }}"
state: restarted
- name: Add 'elgg' to list of services at {{ iiab_ini_file }}
- name: Add 'elgg' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: elgg
option: "{{ item.option }}"
value: "{{ item.value }}"

79
roles/httpd/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Install Apache's required packages (debian)
- name: 'Install 3 packages: apache2, php{{ php_version }}, php{{ php_version }}-curl (debian)'
package:
#name: [u'apache2', u'php{{ php_version }}', u'php{{ php_version }}-curl'] # FAILS ('u' for Unicode strings)
#name: ['apache2', 'php{{ php_version }}', 'php{{ php_version }}-curl'] # WORKS?
@ -11,17 +11,7 @@
tags:
- download
- name: Debian changed SQLite name (debian-8)
package:
name: "php{{ php_version }}-sqlite"
when: is_debian and ansible_distribution_major_version == "8"
- name: Debian changed SQLite3 name (debian-9)
package:
name: "php{{ php_version }}-sqlite3"
when: is_debian and ansible_distribution_major_version == "9"
- name: Install Apache's required packages (ubuntu)
- name: 'Install 2 packages: apache2, php (ubuntu)'
package:
#name: [u'apache2', u'php'] # FAILS ('u' for Unicode strings)
#name: ['apache2', 'php'] # WORKS
@ -33,32 +23,31 @@
tags:
- download
- name: SQLite3 no longer included in another package (ubuntu-18)
- name: Install php{{ php_version }}-sqlite (debian-8)
package:
name: php{{ php_version }}-sqlite3
when: is_ubuntu_18
name: "php{{ php_version }}-sqlite"
when: is_debian and ansible_distribution_major_version == "8"
- name: Install Apache's required packages (redhat)
# SQLite3 no longer included in another package
- name: Install php{{ php_version }}-sqlite3 (debian-9 or ubuntu-18)
package:
name: "php{{ php_version }}-sqlite3"
when: (is_debian and ansible_distribution_major_version == "9") or is_ubuntu_18
- name: 'Install 4 packages: httpd, mod_authnz_external, php, php-curl (redhat)'
package:
#name: [u'httpd', u'php', u'php-curl', u'mod_authnz_external'] # FAILS ('u' for Unicode strings)
#name: ['httpd', 'php', 'php-curl', 'mod_authnz_external'] # WORKS
name:
- httpd
- mod_authnz_external
- php
- php-curl
- mod_authnz_external
state: present
when: is_redhat
tags:
- download
# MOVED DOWN ~58 LINES
#- name: Remove the default apache2 config file (debuntu)
# file:
# path: /etc/apache2/sites-enabled/000-default.conf
# state: absent
# when: is_debuntu
- name: Install Apache's 010-iiab.conf & proxy_ajp.conf into /etc/apache2/sites-available, from templates
template:
backup: yes
@ -88,7 +77,7 @@
- { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' }
# remove symlinks for mpm-event, replace with mpm-prefork
- name: Remove mpm event symlinks (debuntu)
- name: Remove both mpm_event symlinks from /etc/apache2/mods-enabled (debuntu)
file:
path: "/etc/apache2/mods-enabled/{{ item }}"
state: absent
@ -97,7 +86,7 @@
- mpm_event.load
when: is_debuntu
- name: Create symlinks for mpm-prefork (debuntu)
- name: Create both mpm_prefork symlinks from /etc/apache2/mods-enabled to /etc/apache2/mods-available (debuntu)
file:
src: "/etc/apache2/mods-available/{{ item }}"
path: "/etc/apache2/mods-enabled/{{ item }}"
@ -107,7 +96,7 @@
- mpm_prefork.load
when: is_debuntu
- name: Turn on mod_proxy (debuntu)
- name: 'Turn on mod_proxy using a2enmod with: proxy, proxy_html, headers, rewrite (debuntu)'
command: a2enmod {{ item }}
with_items:
- proxy
@ -116,14 +105,14 @@
- rewrite
when: is_debuntu
- name: Create 010-iiab.conf symlink enabling our site (debuntu)
- name: Enable our site, creating 010-iiab.conf symlink from sites-enabled to sites-available (debuntu)
file:
src: "/etc/{{ apache_config_dir }}/010-iiab.conf"
path: /etc/apache2/sites-enabled/010-iiab.conf
state: link
when: is_debuntu
- name: Remove apache2 default config files (debuntu)
- name: Remove 000-default.conf from /etc/apache2 and /etc/apache2/sites-enabled (debuntu)
file:
path: "{{ item }}"
state: absent
@ -140,19 +129,19 @@
group: root
state: directory
- name: Create admin group
- name: 'Create group: admin'
group:
name: admin
state: present
- name: Add user {{ apache_user }} (from variable apache_user) to admin group
- name: Add user {{ apache_user }} (from variable apache_user) to group admin
user:
name: "{{ apache_user }}"
groups: admin
state: present
createhome: no
- name: Create Apache's log dir /var/log/{{ apache_service }}
- name: Create Apache dir /var/log/{{ apache_service }}
file:
path: "/var/log/{{ apache_service }}"
mode: 0755
@ -160,7 +149,7 @@
group: "{{ apache_user }}"
state: directory
- name: Enable systemd service {{ apache_service }}
- name: Enable {{ apache_service }} systemd service
service:
name: "{{ apache_service }}"
enabled: yes
@ -173,23 +162,8 @@
group: "{{ apache_user }}"
state: directory
# roles/httpd/templates/iiab-info.conf.j2.deprecated is no longer needed, as
# Apache serves http://box/info directly from above /library/www/html/info
# directly (as generated by /usr/bin/iiab-refresh-wiki-docs)
#
#- name: Remove iiab-info.conf
# file:
# path: "/etc/{{ apache_config_dir }}/iiab-info.conf"
# state: absent
#
#- name: Remove iiab-info.conf symlink (debuntu)
# file:
# path: /etc/apache2/sites-enabled/iiab-info.conf
# state: absent
# when: is_debuntu
# SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways)
- name: Copy osm.conf for http://box/maps (all OS's)
- name: Copy osm.conf to /etc/{{ apache_config_dir }} for http://box/maps (all OS's)
copy:
src: osm.conf
dest: "/etc/{{ apache_config_dir }}"
@ -215,7 +189,7 @@
tags:
- base
- name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (This script will run at the end of Stage 4 = roles/4-server-options/tasks/main.yml)
- name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (Script can be run manually and/or at the end of Stage 4 = roles/4-server-options/tasks/main.yml)
template:
src: refresh-wiki-docs.sh
dest: /usr/bin/iiab-refresh-wiki-docs
@ -233,3 +207,8 @@
path: /etc/sudoers.d/020_apache_poweroff
state: absent
when: not apache_allow_sudo
- name: Restart Apache systemd service ({{ apache_service }})
systemd:
name: "{{ apache_service }}"
state: restarted

10
roles/httpd/tasks/php-stem.yml
View file

@ -11,7 +11,7 @@
# command: cd /; wget http://download.iiab.io/packages/php-stem.x64.tar
# when: not is_rpi
- name: Download & unpack php-stem.rpi.tar to / (rpi)
- name: Unarchive http://download.iiab.io/packages/php-stem.rpi.tar to / (rpi)
unarchive:
src: http://download.iiab.io/packages/php-stem.rpi.tar
dest: /
@ -21,7 +21,7 @@
remote_src: yes
when: is_rpi
- name: Download & unpack php-stem.x86.tar to / (debian-9 on x86_64 only)
- name: Unarchive http://download.iiab.io/packages/php-stem.x64.tar to / (debian-9 on x86_64 only)
unarchive:
src: http://download.iiab.io/packages/php-stem.x64.tar
dest: /
@ -33,9 +33,3 @@
# Presumably fails on Debian 8 & 10?
# Fails on Debian i686 as of 2018-08-07: https://github.com/iiab/iiab/issues/983
# Fails on Ubuntu 18.04 as of 2018-07-28: https://github.com/iiab/iiab/issues/829
# No need to do this twice? Happens later @ https://github.com/iiab/iiab/blob/master/roles/3-base-server/tasks/main.yml#L24-L28
#- name: Restart apache2 / httpd
# service:
# name: "{{ apache_service }}"
# state: restarted

13
roles/idmgr/tasks/main.yml
View file

@ -79,15 +79,16 @@
insertafter='^#allowsftp'
line=allowsftp
- name: Add idmgr to service list
ini_file: dest='{{ iiab_ini_file }}'
section=idmgr
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'idmgr' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: idmgr
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: idmgr
- option: description
value: '"Idmgr is an automatic identity manager for XO clients which enables automatic backup"'
value: '"IdMgr is an automatic identity manager for XO clients which enables automatic backup"'
- option: enabled
value: "{{ xo_services_enabled }}"

2
roles/iiab-admin/tasks/access.yml
View file

@ -1,4 +1,4 @@
- name: Install textmode remote access packages {screen, lynx}
- name: "Install textmode remote access packages: screen, lynx"
package:
name:
- screen

6
roles/kalite/tasks/main.yml
View file

@ -12,7 +12,7 @@
kalite_db_name: "{{ kalite_root }}/database/data.sqlite"
when: not is_F18
- name: See if KA Lite is already configured
- name: Does KA Lite database {{ kalite_db_name }} exist? # See if KA Lite is already configured
stat:
path: "{{ kalite_db_name }}"
register: kalite_installed
@ -36,9 +36,9 @@
- include_tasks: enable.yml
- name: Add 'kalite' to list of services at {{ iiab_ini_file }}
- name: Add 'kalite' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: kalite
option: "{{ item.option }}"
value: "{{ item.value }}"

26
roles/kiwix/tasks/kiwix_install.yml
View file

@ -1,6 +1,6 @@
# 1. CREATE/VERIFY CRITICAL DIRECTORIES & FILES ARE IN PLACE
- name: Create various directories for Kiwix ZIM files
- name: Create directory {{ iiab_zim_path }} and subdirs {content, index} for Kiwix ZIM files
file:
path: "{{ item }}"
owner: root
@ -12,12 +12,12 @@
- "{{ iiab_zim_path }}/content"
- "{{ iiab_zim_path }}/index"
- name: Check for /library/zims/library.xml
- name: Check for {{ kiwix_library_xml }} # /library/zims/library.xml
stat:
path: "{{ kiwix_library_xml }}"
register: kiwix_xml
- name: Place a stub /library/zims/library.xml if file does not exist
- name: Install a stub /library/zims/library.xml if one doesn't exist
template:
src: "{{ item }}"
dest: "{{ kiwix_library_xml }}"
@ -34,12 +34,12 @@
path: "{{ kiwix_path }}/bin/kiwix-serve"
register: kiwix_bin
- name: Set kiwix_force_install if kiwix-serve not found
- name: Set fact kiwix_force_install if kiwix-serve not found
set_fact:
kiwix_force_install: True
when: not kiwix_bin.stat.exists
- name: Copy test.zim file if kiwix_force_install
- name: Install {{ iiab_zim_path }}/content/test.zim if kiwix_force_install
copy:
src: test.zim
dest: "{{ iiab_zim_path }}/content/test.zim"
@ -49,7 +49,7 @@
force: no
when: kiwix_force_install
- name: Create /opt/iiab/kiwix/bin directory
- name: Create {{ kiwix_path }}/bin directory # /opt/iiab/kiwix/bin
file:
path: "{{ kiwix_path }}/bin"
owner: root
@ -59,7 +59,7 @@
# 2. INSTALL KIWIX-TOOLS EXECUTABLES IF kiwix_force_install
- name: Unarchive kiwix-tools .tar.gz to /tmp
- name: Unarchive {{ kiwix_src_file }} to /tmp # e.g. kiwix-tools_linux-armhf-0.6.1-1.tar.gz
unarchive:
src: "{{ downloads_dir }}/{{ kiwix_src_file }}"
dest: /tmp
@ -73,7 +73,7 @@
# 3. ENABLE MODS FOR APACHE PROXY IF DEBUNTU
- name: Enable the mods which permit Apache to proxy (debuntu)
- name: Enable the 4 mods which permit Apache to proxy (debuntu)
apache2_module:
name: "{{ item }}"
with_items:
@ -85,7 +85,7 @@
# 4. CREATE/ENABLE/RESTART (OR DISABLE) KIWIX SERVICE & ITS CRON JOB
- name: Create 'kiwix-serve' service and related files
- name: 'Install from templates: kiwix-serve.service, iiab-make-kiwix-lib, iiab-make-kiwix-lib.py, kiwix.conf'
template:
backup: no
src: "{{ item.src }}"
@ -101,14 +101,14 @@
# - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'}
- { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644'}
- name: Enable Kiwix Proxy in Apache - is disabled by turning off kiwix service (debuntu)
- name: Create softlink kiwix.conf from sites-enabled to sites-available - for Kiwix Proxy in Apache - is disabled by turning off service kiwix-serve (debuntu)
file:
src: /etc/apache2/sites-available/kiwix.conf
path: /etc/apache2/sites-enabled/kiwix.conf
state: link
when: is_debuntu
- name: Enable 'kiwix-serve' service
- name: Enable & Restart 'kiwix-serve' service
service:
name: kiwix-serve
enabled: yes
@ -149,9 +149,9 @@
# 5. FINALIZE
- name: Add 'kiwix' to list of services at {{ iiab_ini_file }}
- name: Add 'kiwix' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: kiwix
option: "{{ item.option }}"
value: "{{ item.value }}"

16
roles/kolibri/tasks/main.yml
View file

@ -9,7 +9,7 @@
system: yes
create_home: no
- name: Create /library/kolibri to store data and configuration files
- name: Create {{ kolibri_home }} (for data) and {{ kolibri_venv_path }} (for program/config)
file:
path: "{{ item }}"
owner: "{{ kolibri_user }}"
@ -20,7 +20,7 @@
- "{{ kolibri_home }}"
- "{{ kolibri_venv_path }}"
- name: Install kolibri using pip on all OS's
- name: Install latest kolibri using pip
pip:
name: kolibri
virtualenv: "{{ kolibri_venv_path }}"
@ -29,17 +29,17 @@
extra_args: --no-cache-dir
when: internet_available
- name: Run kolibri migrations
- name: Run Kolibri migrations
shell: export KOLIBRI_HOME="{{ kolibri_home }}" && "{{ kolibri_exec_path }}" manage migrate
ignore_errors: yes
when: kolibri_provision
- name: Set kolibri default language
- name: Set Kolibri default language
shell: export KOLIBRI_HOME="{{ kolibri_home }}" && "{{ kolibri_exec_path }}" language setdefault "{{ kolibri_language }}"
ignore_errors: yes
when: kolibri_provision
- name: Create kolibri default facility name, admin account and language
- name: Create Kolibri default facility name, admin account and language
shell: >
export KOLIBRI_HOME="{{ kolibri_home }}" &&
"{{ kolibri_exec_path }}" manage provisiondevice --facility "{{ kolibri_facility }}"
@ -48,7 +48,7 @@
ignore_errors: yes
when: kolibri_provision
- name: Change /library/kolibri directory permissions
- name: chown -R {{ kolibri_user }}:{{ apache_user }} {{ kolibri_home }}
file:
path: "{{ kolibri_home }}"
owner: "{{ kolibri_user }}"
@ -80,9 +80,9 @@
state: stopped
when: not kolibri_enabled
- name: Add 'kolibri' to list of services at {{ iiab_ini_file }}
- name: Add 'kolibri' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: kolibri
option: "{{ item.option }}"
value: "{{ item.value }}"

12
roles/mediawiki/tasks/install.yml
View file

@ -1,4 +1,4 @@
- name: Install packages php{{ php_version }}-intl and php{{ php_version }}-mbstring
- name: 'Install packages: php{{ php_version }}-intl, php{{ php_version }}-mbstring'
package:
name:
- "php{{ php_version }}-intl"
@ -25,7 +25,7 @@
mode: 0755
keep_newer: yes
- name: Ensure MySQL is running, so we can create db
- name: Start MySQL service, so we can create db
service:
state: started
name: "{{ mysql_service }}"
@ -60,12 +60,12 @@
chdir: "{{ mediawiki_abs_path }}"
creates: "{{ mediawiki_abs_path }}/LocalSettings.php"
- name: Copy mediawiki.conf to permit http://box{{ mediawiki_url }}
- name: Install /etc/{{ apache_config_dir }}/mediawiki.conf from template, for http://box{{ mediawiki_url }}
template:
src: mediawiki.conf.j2
dest: "/etc/{{ apache_config_dir }}/mediawiki.conf"
- name: Enable mediawiki.conf if mediawiki_enabled (debuntu)
- name: Create softlink mediawiki.conf from sites-enabled to sites-available, if mediawiki_enabled (debuntu)
file:
src: /etc/apache2/sites-available/mediawiki.conf
dest: /etc/apache2/sites-enabled/mediawiki.conf
@ -83,9 +83,9 @@
name: "{{ apache_service }}"
state: restarted
- name: Add 'mediawiki' to list of services at {{ iiab_ini_file }}
- name: Add 'mediawiki' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: mediawiki
option: "{{ item.option }}"
value: "{{ item.value }}"

14
roles/mongodb/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Install packages mongodb-server and mongodb
- name: 'Install packages: mongodb, mongodb-server'
package:
name:
- mongodb-server
@ -8,7 +8,7 @@
tags:
- download
- name: Create the data directory for MongoDB
- name: Create 3 dirs for MongoDB
file:
state: directory
path: "{{ item.path }}"
@ -18,7 +18,7 @@
- { path: "{{ mongodb_db_path }}" } # == /library/dbdata/mongodb/
- { path: '/var/log/mongodb' }
- name: Populate & position /etc/mongod.conf, mongodb.service
- name: Populate & position /etc/mongod.conf, mongodb.service, /usr/bin/iiab-mongodb-repair-if-no-lock
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -30,7 +30,7 @@
- { src: 'mongodb.service.j2', dest: '/etc/systemd/system/mongodb.service', mode: '0644' }
- { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' }
- name: Enable+restart systemd service if mongodb_enabled, with "systemctl daemon-reload" (in case mongodb.service changed?)
- name: Enable & Restart 'mongodb' systemd service if mongodb_enabled, incl daemon-reload (in case mongodb.service changed?)
systemd:
name: mongodb
enabled: yes
@ -38,16 +38,16 @@
daemon_reload: yes
when: mongodb_enabled
- name: 'Disable+stop systemd service if mongodb_enabled: False'
- name: Disable 'mongodb' service, if not mongodb_enabled
systemd:
name: mongodb
enabled: no
state: stopped
when: not mongodb_enabled
- name: Add 'mongodb' to list of services at {{ iiab_ini_file }}
- name: Add 'mongodb' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: mongodb
option: "{{ item.option }}"
value: "{{ item.value }}"

17
roles/monit/tasks/main.yml
View file

@ -5,7 +5,7 @@
tags:
- download
- name: Install chkconfig package -- not in Debian 8
- name: Install chkconfig package (debian-8)
package:
name: chkconfig
state: present
@ -13,7 +13,7 @@
tags:
- download
- name: Update main config file
- name: Install /etc/monitrc from template
template:
backup: yes
src: monitrc
@ -22,15 +22,14 @@
group: root
mode: 0600
- name: Update config files
- name: Install config file /etc/monit.d/watchdog from template
template:
src: "{{ item }}"
dest: "/etc/monit.d/{{ item }}"
src: watchdog
dest: /etc/monit.d/watchdog
owner: root
group: root
force: yes
mode: 0755
with_items: watchdog
register: monit_config
when: false
until: monit_config | success
@ -38,16 +37,16 @@
delay: 1
#TODO: create systemd script
- name: Enable 'monit' service
- name: Enable 'monit' service (chkconfig monit on)
command: chkconfig monit on
when: is_debian and ansible_local.local_facts.os_ver == "debian-8"
#- name: Restart monit service
# command: service monit restart
- name: Add 'monit' to list of services at {{ iiab_ini_file }}
- name: Add 'monit' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: monit
option: "{{ item.option }}"
value: "{{ item.value }}"

11
roles/moodle-1.9/moodle/tasks/main.yml
View file

@ -75,11 +75,12 @@
shell: cat /etc/moodle/adminpw
register: moodlepw
- name: add moodle to service list
ini_file: dest='{{ iiab_ini_file }}'
section=moodle
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'moodle' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: moodle
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: Moodle

38
roles/moodle/tasks/main.yml
View file

@ -46,21 +46,21 @@
#ignore_errors: yes
when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists
- name: Prepare the downloaded directory so Apache can install config file
- name: Create dir {{ moodle_base }} owned by {{ apache_user }} (for config file?)
file:
path: "{{ moodle_base }}"
owner: "{{ apache_user }}"
recurse: yes
state: directory
- name: Give Apache permission to write Moodle data directory
- name: Create dir {{ content_base }}/dbdata/moodle owned by {{ apache_user }} with write permission 0755
file:
path: "{{ content_base }}/dbdata/moodle"
owner: "{{ apache_user }}"
mode: 0755
state: directory
- name: Create a Moodle data dir with Apache permission to write
- name: Create dir {{ moodle_data }} owned by {{ apache_user }}:{{ apache_user }} with write permission 0770 # /library/moodle
file:
path: "{{ moodle_data }}"
owner: "{{ apache_user }}"
@ -73,7 +73,7 @@
path: "/etc/{{ apache_config_dir }}/moodle.conf"
state: absent
- name: Install Apache's 022-moodle.conf from template
- name: Install Apache's 022-moodle.conf from template, if moodle_enabled
template:
src: 022-moodle.j2
dest: "/etc/{{ apache_config_dir }}/022-moodle.conf"
@ -82,25 +82,25 @@
mode: 0644
when: moodle_enabled
- name: Create symlink 022-moodle.conf from sites-enabled to sites-available (debuntu)
- name: Create symlink 022-moodle.conf from sites-enabled to sites-available, if moodle_enabled (debuntu)
file:
src: /etc/apache2/sites-available/022-moodle.conf
dest: /etc/apache2/sites-enabled/022-moodle.conf
state: link
when: moodle_enabled and is_debuntu
- name: Remove symlink 022-moodle.conf (debuntu)
- name: Remove symlink 022-moodle.conf, if not moodle_enabled (debuntu)
file:
path: /etc/apache2/sites-enabled/022-moodle.conf
state: absent
when: not moodle_enabled and is_debuntu
- name: Start postgresql-iiab
- name: Restart postgresql-iiab
service:
name: postgresql-iiab
state: restarted
- name: Create db user
- name: Create PostgreSQL db user Admin/changeme
postgresql_user:
name: Admin
password: changeme
@ -110,7 +110,7 @@
become: yes
become_user: postgres
- name: Create database
- name: 'Create database: {{ moodle_database_name }}'
postgresql_db:
name: "{{ moodle_database_name }}"
encoding: utf8
@ -120,42 +120,42 @@
become: yes
become_user: postgres
- name: Put moodle_installer script in {{ moodle_base }}
- name: Install {{ moodle_base }}/moodle_installer from template
template:
dest: "{{ moodle_base }}"
src: moodle_installer
dest: "{{ moodle_base }}"
mode: 0755
- name: Restart postgresql-iiab
- name: Enable & Restart postgresql-iiab
service:
name: postgresql-iiab
state: restarted
enabled: yes
when: moodle_enabled
- name: Restart Apache
- name: Restart Apache ({{ apache_service }})
service:
name: "{{ apache_service }}"
state: restarted
- name: See if {{ moodle_base }}/config.php exists
- name: Does {{ moodle_base }}/config.php exist?
stat:
path: "{{ moodle_base }}/config.php"
register: config
- name: Execute moodle_installer script
shell: '{{ moodle_base }}/moodle_installer'
- name: Execute {{ moodle_base }}/moodle_installer
shell: "{{ moodle_base }}/moodle_installer"
when: config.stat.exists is defined and not config.stat.exists
- name: Give Apache permission to read {{ moodle_base }}/config.php
- name: Give read permission 0644 to {{ moodle_base }}/config.php # /opt/iiab/moodle/config.php
#command: chown -R {{ apache_user }} {{ moodle_base }}
file:
path: "{{ moodle_base }}/config.php"
mode: 0644
- name: Add 'moodle' to list of services at {{ iiab_ini_file }}
- name: Add 'moodle' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: moodle
option: "{{ item.option }}"
value: "{{ item.value }}"

8
roles/munin/tasks/main.yml
View file

@ -40,7 +40,7 @@
create: yes
state: present
- name: Enable munin-node service
- name: Enable & Start munin-node systemd service
service:
name: munin-node
enabled: yes
@ -54,7 +54,7 @@
state: link
when: munin_enabled and is_debuntu
- name: Remove symlink munin24.conf in sites-enabled if not munin_enabled (debuntu)
- name: Remove symlink /etc/apache2/sites-enabled/munin24.conf if not munin_enabled (debuntu)
file:
path: /etc/apache2/sites-enabled/munin24.conf
state: absent
@ -81,9 +81,9 @@
- /usr/share/munin/plugins/mysql_threads
when: mysql_enabled
- name: Add 'munin' to list of services at {{ iiab_ini_file }}
- name: Add 'munin' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: munin
option: "{{ item.option }}"
value: "{{ item.value }}"

45
roles/mysql/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Install MySQL (debuntu)
- name: 'Install MySQL packages: mariadb-server, mariadb-client, python-mysqldb and 8 php packages (debuntu)'
package:
name:
- mariadb-server
@ -18,19 +18,19 @@
tags:
- download
- name: php-xml (ubuntu or debian-9)
- name: Install php{{ php_version }}-xml (ubuntu or debian-9)
package:
name: "php{{ php_version }}-xml"
state: present
when: is_ubuntu or is_debian_9
- name: php-xml (debian-8)
- name: Install php-xml-parser (debian-8)
package:
name: "php-xml-parser"
name: php-xml-parser
state: present
when: is_debian_8
- name: Install MySQL (OS's other than debuntu)
- name: "Install packages: mysql, MySQL-python and 9 php packages (OS's other than debuntu)"
package:
name:
- MySQL-python
@ -59,14 +59,15 @@
tags:
- download
# Name of mysql service varies by OS so softcoded in 1-prep
- name: Start the MySQL service
service:
# Name of MySQL service varies by OS so softcoded in 1-prep
- name: 'Start MySQL systemd service: {{ mysql_service }}'
systemd:
name: "{{ mysql_service }}"
state: started
when: mysql_enabled
- name: Enable the MySQL service
service:
- name: Enable MySQL systemd service (upon subsequent boots) if mysql_enabled
systemd:
name: "{{ mysql_service }}"
enabled: yes
when: mysql_enabled
@ -74,17 +75,15 @@
# 'localhost' needs to be the last item for idempotency, see
# http://ansible.cc/docs/modules.html#mysql-user
# unfortunately it still doesn't work
- name: Update MySQL root password for localhost root accounts
- name: Update MySQL root password for localhost root accounts, if mysql_enabled
mysql_user:
name: root
host: "{{ item }}"
host: localhost
password: "{{ mysql_root_password }}"
priv: "*.*:ALL,GRANT"
with_items:
- localhost
when: mysql_enabled
- name: Install .my.cnf file from template, with root password credentials
- name: Install .my.cnf file from template, with root password credentials, if mysql_enabled
template:
src: my.cnf.j2
dest: /root/.my.cnf
@ -92,7 +91,7 @@
mode: 0600
when: mysql_enabled
- name: Update MySQL root password for all remaining root accounts
- name: Update MySQL root password for all remaining root accounts (127.0.0.1, ::1) if mysql_enabled
mysql_user:
name: root
host: "{{ item }}"
@ -104,36 +103,36 @@
- ::1
when: mysql_enabled
- name: Delete anonymous MySQL server user for {{ ansible_hostname }}
- name: Delete anonymous MySQL server user for {{ ansible_hostname }}, if mysql_enabled
mysql_user:
user: ""
host: "{{ ansible_hostname }}"
state: absent
when: mysql_enabled
- name: Delete anonymous MySQL server user for localhost
- name: Delete anonymous MySQL server user for localhost, if mysql_enabled
mysql_user:
user: ""
state: absent
when: mysql_enabled
- name: Remove the MySQL test database
- name: Remove the MySQL 'test' database, if mysql_enabled
mysql_db:
db: test
state: absent
when: mysql_enabled
# we had to start mysql in order to configure it, now turn if off if not enabled
- name: Provisionally Disable the MySQL service
service:
- name: Config is done but now DISABLE MySQL service, if not mysql_enabled
systemd:
name: "{{ mysql_service }}"
enabled: no
state: stopped
when: not mysql_enabled
- name: Add 'mysql' to list of services at {{ iiab_ini_file }}
- name: Add 'mysql' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: mysql
option: "{{ item.option }}"
value: "{{ item.value }}"

10
roles/network/tasks/dansguardian.yml
View file

@ -5,7 +5,7 @@
tags:
- download
- name: Copy DansGuardian config file (Fedora)
- name: Install /etc/dansguardian/dansguardian.conf from template (Fedora)
template:
src: roles/network/templates/squid/dansguardian.conf.j2
dest: /etc/dansguardian/dansguardian.conf
@ -14,7 +14,7 @@
mode: 0640
when: ansible_distribution == "Fedora"
- name: Copy DansGuardian config file (debuntu)
- name: Install /etc/dansguardian/dansguardian.conf from template (debuntu)
template:
src: roles/network/templates/squid/dansguardian.conf.debian.j2
dest: /etc/dansguardian/dansguardian.conf
@ -23,7 +23,7 @@
mode: 0640
when: is_debuntu
- name: Copy DansGuardian config file (CentOS)
- name: Install /etc/dansguardian/dansguardian.conf from template (CentOS)
template:
src: roles/network/templates/squid/dansguardian.conf.centos.j2
dest: /etc/dansguardian/dansguardian.conf
@ -32,7 +32,7 @@
mode: 0640
when: ansible_distribution == "CentOS"
- name: Create 'dansguardian' log directory (OS's other than CentOS)
- name: Create directory /var/log/dansguardian (OS's other than CentOS)
file:
path: /var/log/dansguardian
owner: dansguardian
@ -41,7 +41,7 @@
state: directory
when: ansible_distribution != "CentOS"
- name: Create DansGuardian log directory (CentOS)
- name: Create directory /var/log/dansguardian (CentOS)
file:
path: /var/log/dansguardian
owner: dansguardian

78
roles/network/tasks/enable_services.yml
View file

@ -11,7 +11,7 @@
enabled: yes
when: dhcpd_enabled and dhcpd_install
- name: Copy /etc/sysconfig/dhcpd file
- name: Install /etc/sysconfig/dhcpd, /etc/dhcpd-iiab.conf from templates
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -23,7 +23,7 @@
- { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf', mode: '0644' }
when: dhcpd_enabled and dhcpd_install
- name: Copy named file
- name: Install /etc/named-iiab.conf and two *.zone.db files into /var/named-iiab
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -35,63 +35,63 @@
- { src: 'named/school.local.zone.db', dest: '/var/named-iiab/', mode: '0644' }
- { src: 'named/school.internal.zone.db', dest: '/var/named-iiab/', mode: '0644' }
- name: Enable named service
service:
- name: Enable named service ({{ dns_service }}) if named_enabled
systemd:
name: "{{ dns_service }}"
enabled: yes
when: named_enabled and named_install
- name: Disable named service
service:
- name: Disable named service ({{ dns_service }}) if not named_enabled
systemd:
name: "{{ dns_service }}"
enabled: no
when: not named_enabled and named_install
- name: Disable dnsmasq
service:
- name: Disable dnsmasq, if not dnsmasq_enabled
systemd:
name: dnsmasq
enabled: no
when: not dnsmasq_enabled and dnsmasq_install
- name: Copy dnsmasq.conf to /etc
- name: Install /etc/dnsmasq.conf from template, if dnsmasq_enabled
template:
src: network/dnsmasq.conf.j2
dest: /etc/dnsmasq.conf
when: dnsmasq_enabled and dnsmasq_install
- name: Enable dnsmasq
service:
- name: Enable dnsmasq systemd service, if dnsmasq_enabled
systemd:
name: dnsmasq
enabled: yes
when: dnsmasq_enabled and dnsmasq_install
- name: Enable DansGuardian
service:
- name: Enable DansGuardian systemd service, if dansguardian_enabled
systemd:
name: dansguardian
enabled: yes
when: dansguardian_enabled and dansguardian_install
- name: Disable DansGuardian
service:
- name: Disable DansGuardian, if not dansguardian_enabled
systemd:
name: dansguardian
enabled: no
when: not dansguardian_enabled and dansguardian_install
- name: Create xs_httpcache flag
- name: Mandate 'HTTPCACHE_ON=True' in {{ iiab_env_file }}, if squid_enabled
lineinfile:
dest: "{{ iiab_env_file }}"
path: "{{ iiab_env_file }}"
regexp: '^HTTPCACHE_ON=*'
line: 'HTTPCACHE_ON=True'
state: present
when: squid_enabled and squid_install
- name: Enable Squid service
service:
- name: Enable Squid systemd service ({{ proxy }}) if squid_enabled
systemd:
name: "{{ proxy }}"
enabled: yes
when: squid_enabled and squid_install
- name: Copy init script and config file
- name: Install /etc/{{ proxy }}/squid-iiab.conf from template, owned by {{ proxy_user }}:{{ proxy_user }}
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -106,20 +106,20 @@
mode: 0644
when: squid_enabled and squid_install
- name: Point to Squid config file from startup file
- name: Point to Squid config file from startup file, if squid_enabled (debuntu)
lineinfile:
regexp: '^CONFIG'
line: "CONFIG=/etc/{{ proxy }}/squid-iiab.conf"
dest: "/etc/init.d/{{ proxy }}"
path: "/etc/init.d/{{ proxy }}"
when: squid_enabled and squid_install and is_debuntu
- name: Disable Squid service
service:
- name: Disable Squid service, if not squid_enabled
systemd:
name: "{{ proxy }}"
enabled: no
when: not squid_enabled and squid_install
- name: Remove xs_httpcache flag
- name: Revert to 'HTTPCACHE_ON=False' if not squid_enabled
lineinfile:
dest: "{{ iiab_env_file }}"
regexp: '^HTTPCACHE_ON=*'
@ -127,32 +127,30 @@
state: present
when: not squid_enabled
- name: Enable Wondershaper service
service:
- name: Enable Wondershaper service, if wondershaper_enabled
systemd:
name: wondershaper
enabled: yes
when: wondershaper_enabled and wondershaper_install
- name: Disable Wondershaper service
service:
- name: Disable Wondershaper service, if not wondershaper_enabled
systemd:
name: wondershaper
enabled: no
when: not wondershaper_enabled and wondershaper_install
# check-LAN should be iptables.yml remove later
- name: Grab clean copy of iiab-gen-iptables
- name: Install clean copy of /usr/bin/iiab-gen-iptables from template
template:
src: "{{ item.0 }}"
dest: "{{ item.1 }}"
src: gateway/iiab-gen-iptables
dest: /usr/bin/iiab-gen-iptables
owner: root
group: root
mode: 0755
with_items:
- { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' }
- name: Add 'squid' to list of services at {{ iiab_ini_file }}
- name: Add 'squid' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: squid
option: "{{ item.option }}"
value: "{{ item.value }}"
@ -160,9 +158,9 @@
- option: enabled
value: "{{ squid_enabled }}"
- name: Add 'dansguardian' to list of services at {{ iiab_ini_file }}
- name: Add 'dansguardian' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: dansguardian
option: "{{ item.option }}"
value: "{{ item.value }}"
@ -170,9 +168,9 @@
- option: enabled
value: "{{ dansguardian_enabled }}"
- name: Add 'wondershaper' to list of services at {{ iiab_ini_file }}
- name: Add 'wondershaper' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: wondershaper
option: "{{ item.option }}"
value: "{{ item.value }}"

22
roles/network/tasks/named.yml
View file

@ -1,4 +1,4 @@
- name: Install named packages {bind9, bind9utils} (if debuntu)
- name: "Install named packages: bind9, bind9utils (debuntu)"
package:
name:
- bind9
@ -8,7 +8,7 @@
tags:
- download
- name: Install named packages {bind, bind-utils} (if not debuntu)
- name: "Install named packages: bind, bind-utils (OS's other than debuntu)"
package:
name:
- bind
@ -25,7 +25,7 @@
state: stopped
when: first_run and is_debuntu
- name: Set folder permission
- name: "Set 3 folders' ownership to {{ dns_user }}:root and permission to 0755"
file:
path: "{{ item }}"
owner: "{{ dns_user }}"
@ -37,7 +37,7 @@
- /var/named-iiab/data
- /etc/sysconfig/olpc-scripts/domain_config.d
- name: Configure named
- name: Install 21 configuration files for named, from templates
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -68,39 +68,39 @@
- { src: 'roles/network/templates/named/dummy', dest: '/var/named-iiab/data/dummy', owner: "{{ dns_user }}", mode: '0644' }
- { src: 'roles/network/templates/named/named.blackhole', dest: '/var/named-iiab/named.blackhole', owner: "{{ dns_user }}", mode: '0644' }
- name: Substitute our unit file which uses $OPTIONS from sysconfig
- name: Install named unit file /etc/systemd/system/{{ dns_service }}.service, which uses $OPTIONS from sysconfig
template:
src: "roles/network/templates/named/{{ dns_service }}.service"
dest: "/etc/systemd/system/{{ dns_service }}.service"
mode: 0644
- name: The dns-jail redirect requires the named.blackhole, disabling recursion (if dns_jail_enabled)
- name: "Install /etc/{{ apache_config_dir }}/dns-jail.conf from template: dns-jail redirect requires the named.blackhole, disabling recursion (if dns_jail_enabled)"
# in named-iiab.conf, and the redirection of 404 error documents to /
template:
src: roles/network/templates/named/dns-jail.conf
dest: "/etc/{{ apache_config_dir }}/"
when: dns_jail_enabled
- name: Separate enabling required (if debuntu and dns_jail_enabled)
- name: Create symlink dns-jail.conf from sites-enabled to sites-available (if debuntu and dns_jail_enabled)
file:
src: "/etc/{{ apache_config_dir }}/dns-jail.conf"
path: "/etc/{{ apache_service }}/sites-enabled/dns-jail.conf"
state: link
when: is_debuntu and dns_jail_enabled
- name: Separate disabling required (if debuntu and not dns_jail_enabled)
- name: Remove symlink /etc/{{ apache_service }}/sites-enabled/dns-jail.conf (if debuntu and not dns_jail_enabled)
file:
path: "/etc/{{ apache_service }}/sites-enabled/dns-jail.conf"
state: absent
when: is_debuntu and not dns_jail_enabled
- name: Separate enabling/disabling required (if not debuntu and not dns_jail_enabled)
- name: Remove symlink /etc/{{ apache_config_dir }}/dns-jail.conf (if not debuntu and not dns_jail_enabled)
file:
path: "/etc/{{ apache_config_dir }}/dns-jail.conf"
state: absent
when: not is_debuntu and not dns_jail_enabled
- name: Start named after copying files
service:
- name: Start named systemd service
systemd:
name: "{{ dns_service }}"
state: started

14
roles/network/tasks/squid.yml
View file

@ -1,4 +1,4 @@
- name: Install Squid packages {{ proxy }} and cadaver
- name: "Install 2 packages: {{ proxy }}, cadaver"
package:
name:
- "{{ proxy }}"
@ -7,7 +7,7 @@
tags:
- download
- name: Bigger hammer for Ubuntu
- name: "Bigger hammer for Ubuntu, run: /etc/init.d/squid stop"
command: /etc/init.d/squid stop
when: is_ubuntu
@ -17,13 +17,13 @@
state: stopped
when: not installing
- name: Create the Squid user
- name: "Create the Squid user: {{ proxy_user }}"
user:
name: "{{ proxy_user }}"
createhome: False
shell: /bin/false
- name: Copy init script and config file
- name: "Install from template: /usr/bin/iiab-httpcache, /etc/sysconfig/squid, /etc/{{ proxy }}/sites.whitelist.txt and 3 .rules files"
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -62,7 +62,7 @@
group: 'root'
mode: '0755'
- name: Create Squid cache directory
- name: Create Squid directory /library/cache
file:
path: /library/cache
owner: "{{ proxy_user }}"
@ -70,7 +70,7 @@
mode: 0750
state: directory
- name: Create Squid log directory
- name: Create Squid directory /var/log/{{ proxy }}
file:
path: "/var/log/{{ proxy }}"
owner: "{{ proxy_user }}"
@ -82,7 +82,7 @@
when: dansguardian_install
# {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8
- name: Add '{{ proxy }}' to list of services at {{ iiab_ini_file }}
- name: Add '{{ proxy }}' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
section: "{{ proxy }}"

8
roles/nextcloud/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Check for existence of /opt/nextcloud/version.php
- name: Does /opt/nextcloud/version.php exist?
stat:
path: "{{ nextcloud_prefix }}/nextcloud/version.php"
register: nextcloud_page
@ -83,7 +83,7 @@
state: present
when: is_redhat
- name: Unpack {{ nextcloud_src_file }} to permanent location /opt/nextcloud
- name: Unarchive {{ nextcloud_src_file }} to permanent location {{ nextcloud_prefix }}/nextcloud # e.g. unpack nextcloud_latest-14.tar.bz2 to /opt/nextcloud
unarchive:
src: "{{ downloads_dir }}/{{ nextcloud_src_file }}"
dest: "{{ nextcloud_prefix }}"
@ -150,9 +150,9 @@
# Enables or disable Nextcloud!
- include_tasks: nextcloud_enabled.yml
- name: Add 'nextcloud' to list of services at {{ iiab_ini_file }}
- name: Add 'nextcloud' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: Nextcloud
option: "{{ item.option }}"
value: "{{ item.value }}"

22
roles/nodogsplash/tasks/rpi.yml
View file

@ -1,9 +1,9 @@
- name: nodogsplash dependencies
- name: Install package libmicrohttpd12 (Nodogsplash dependencies)
package:
name: libmicrohttpd12
state: present
- name: Download nodogsplash software
- name: Download {{ iiab_download_url }}/{{ nodogsplash_arm_deb }} to {{ downloads_dir }}
get_url:
url: "{{ iiab_download_url }}/{{ nodogsplash_arm_deb }}"
dest: "{{ downloads_dir }}/{{ nodogsplash_arm_deb }}"
@ -12,9 +12,9 @@
#async: 300
#poll: 5
- name: Install nodogsplash
- name: Install Nodogsplash
apt:
deb="{{ downloads_dir }}/{{ nodogsplash_arm_deb }}"
deb: "{{ downloads_dir }}/{{ nodogsplash_arm_deb }}"
#- name: Create nodogsplash.service # deb file has one
# template:
@ -25,7 +25,7 @@
# group: root
# mode: 0644
- name: Install custom files
- name: Install custom /etc/nodogsplash/nodogsplash.conf, /etc/nodogsplash/htdocs/splash.html
template:
backup: no
src: "{{ item.src }}"
@ -38,23 +38,23 @@
- { src: 'splash.html.j2', dest: '/etc/nodogsplash/htdocs/splash.html', mode: '0644'}
# We should probably only start this service on next boot
- name: Enable nodogsplash service
service:
- name: Enable & Start 'nodogsplash' systemd service, if nodogsplash_enabled
systemd:
name: nodogsplash
enabled: yes
state: started
when: nodogsplash_enabled
- name: Disable nodogsplash service
service:
- name: Disable 'nodogsplash' systemd service, if not nodogsplash_enabled
systemd:
name: nodogsplash
enabled: no
state: stopped
when: not nodogsplash_enabled
- name: Add 'nodogsplash' to list of services at {{ iiab_ini_file }}
- name: Add 'nodogsplash' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: nodogsplash
option: "{{ item.option }}"
value: "{{ item.value }}"

6
roles/openvpn/tasks/main.yml
View file

@ -43,7 +43,7 @@
- "tUM4hl009fbXY4Yy3bAadWL1CquVrZmKfBBWhyhz8zLD6TQ== ghunt@ip-192-168-123-123.ec2.internal$"
- "heOMXXNU6skxdPh2fcHh0bzQcaCSQ== holt@crank$"
- name: "Create 3 directories for: OpenVPN keys, scripts & up_wan"
- name: 'Create dirs: /etc/openvpn/keys, /etc/openvpn/scripts'
file:
path: "{{ item }}"
state: directory
@ -205,9 +205,9 @@
# when: not openvpn_enabled and not installing
- name: Add 'openvpn' to list of services at {{ iiab_ini_file }}
- name: Add 'openvpn' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: openvpn
option: "{{ item.option }}"
value: "{{ item.value }}"

88
roles/osm/tasks/main.yml
View file

@ -1,30 +1,28 @@
- name: Install OSM required packages (debuntu)
- name: Install 5 OSM required packages (debuntu)
package:
name: "{{ item }}"
name:
- gcc
- python-dev
- liblzma-dev
- libapache2-mod-wsgi
- libapache2-mod-xsendfile
state: present
with_items:
- gcc
- python-dev
- liblzma-dev
- libapache2-mod-wsgi
- libapache2-mod-xsendfile
when: is_debuntu
- name: Install OSM required packages (not debuntu)
- name: Install 6 OSM required packages (not debuntu)
package:
name: "{{ item }}"
name:
- python-pip
- gcc
- python-devel
- xz-devel
- mod_wsgi
- mod_xsendfile
state: present
with_items:
- python-pip
- gcc
- python-devel
- xz-devel
- mod_wsgi
- mod_xsendfile
when: not is_debuntu
# OSM wants a specific version do that first
- name: Install Whoosh 2.6 (debuntu)
- name: Install Whoosh 2.6 using pip, into virtualenv (debuntu)
pip:
name: whoosh
virtualenv: "{{ osm_venv }}"
@ -33,7 +31,7 @@
extra_args: "--no-cache-dir"
when: internet_available and is_debuntu
- name: Install Flask 0.12X (debuntu)
- name: Install Flask 0.12.4 using pip, into virtualenv (debuntu)
pip:
name: Flask
virtualenv: "{{ osm_venv }}"
@ -42,7 +40,7 @@
extra_args: "--no-cache-dir"
when: internet_available and is_debuntu
- name: Install OSM with dependencies (debuntu)
- name: Install OSM with dependencies using pip, into virtualenv (debuntu)
pip:
name: "{{ item }}"
virtualenv: "{{ osm_venv }}"
@ -55,56 +53,56 @@
when: internet_available and is_debuntu
# OSM wants a specific version do that first
- name: Install Whoosh 2.6 (not debuntu)
- name: Install Whoosh 2.6 using pip, into virtualenv (not debuntu)
pip:
name: whoosh
virtualenv: "{{ osm_venv }}"
virtualenv_site_packages: no
version: 2.6
# extra_args="--no-cache-dir"
#extra_args: "--no-cache-dir"
when: internet_available and not is_debuntu
- name: Install Flask 0.12X (not debuntu)
- name: Install Flask 0.12.4 using pip, into virtualenv (not debuntu)
pip:
name: Flask
virtualenv: "{{ osm_venv }}"
virtualenv_site_packages: no
version: 0.12.4
# extra_args="--no-cache-dir"
#extra_args: "--no-cache-dir"
when: internet_available and not is_debuntu
- name: Install OSM with dependencies (not debuntu)
- name: Install OSM with dependencies using pip, into virtualenv (not debuntu)
pip:
name: "{{ item }}"
virtualenv: "{{ osm_venv }}"
virtualenv_site_packages: no
# extra_args="--no-cache-dir"
#extra_args: "--no-cache-dir"
with_items:
- MarkupSafe
- pytz
- Internet-in-a-Box
when: internet_available and not is_debuntu
- name: Set osm_path (redhat)
- name: Set osm_path fact (redhat)
set_fact:
#osm_path: "{{ osm_venv }}/{{ python_path }}/iiab"
osm_path: "{{ osm_venv }}{{ python_path }}/iiab"
when: osm_enabled and is_redhat
- name: Set osm_path (debuntu)
- name: Set osm_path fact (debuntu)
set_fact:
#osm_path: "{{ osm_venv }}/lib/python2.7/site-packages/iiab"
osm_path: "{{ osm_venv }}lib/python2.7/site-packages/iiab"
when: osm_enabled and is_debuntu
- name: Point wsgi to virtual environment (all OS's)
- name: Point wsgi to virtual environment
lineinfile:
dest: "{{ osm_venv }}/bin/iiab.wsgi"
path: "{{ osm_venv }}/bin/iiab.wsgi"
regexp: "path_to_virtualenv = None"
line: "path_to_virtualenv = '/usr/local/osm'"
state: present
- name: Copy OSM config file (all OS's)
- name: Install /etc/{{ apache_config_dir }}/osm.conf from template
template:
src: osm.conf.j2
dest: "/etc/{{ apache_config_dir }}/osm.conf"
@ -114,41 +112,41 @@
backup: no
when: osm_enabled
- name: Create a link from sites-enabled to sites-available (debuntu)
- name: Create softlink osm.conf from sites-enabled to sites-available (debuntu)
file:
src: "/etc/{{ apache_config_dir }}/osm.conf"
dest: /etc/apache2/sites-enabled/osm.conf
path: /etc/apache2/sites-enabled/osm.conf
state: link
when: osm_enabled and is_debuntu
- name: Remove the link from sites-enabled to sites-available (debuntu)
- name: Remove softlink osm.conf from sites-enabled (debuntu)
file:
dest: /etc/apache2/sites-enabled/osm.conf
path: /etc/apache2/sites-enabled/osm.conf
state: absent
when: not osm_enabled and is_debuntu
- name: Remove the osm.conf (redhat)
- name: Remove /{{ apache_config_dir }}/osm.conf (redhat)
file:
dest: "/{{ apache_config_dir }}/osm.conf"
path: "/{{ apache_config_dir }}/osm.conf"
state: absent
when: not osm_enabled and is_redhat
- name: Remove link to cgi (all OS's)
- name: Remove link {{ doc_root }}/osm.wsgi
file:
dest: "{{ doc_root }}/osm.wsgi"
path: "{{ doc_root }}/osm.wsgi"
state: absent
when: not osm_enabled
- name: Create link to cgi (all OS's)
- name: Create softlink osm.wsgi to iiab.cgi
file:
src: "{{ osm_venv }}/bin/iiab.wsgi"
dest: "{{ doc_root }}/osm.wsgi"
path: "{{ doc_root }}/osm.wsgi"
owner: root
group: root
state: link
when: osm_enabled
- name: Create the knowledge data set folders
- name: Create dir /library/knowledge/modules
file:
path: /library/knowledge/modules
state: directory
@ -156,7 +154,7 @@
group: "{{ apache_user }}"
# the following was brought into OSM playbook from iiab-factory osm-fix script
- name: Copy the files
- name: Install 6 files from templates
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -174,9 +172,9 @@
name: "{{ apache_service }}"
state: restarted
- name: Add 'osm' to list of services at {{ iiab_ini_file }}
- name: Add 'osm' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: osm
option: "{{ item.option }}"
value: "{{ item.value }}"

11
roles/owncloud/tasks/main.yml
View file

@ -105,11 +105,12 @@
- include_tasks: owncloud_enabled.yml
when: owncloud_enabled
- name: Add owncloud to service list
ini_file: dest='{{ iiab_ini_file }}'
section=owncloud
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'owncloud' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: owncloud
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: owncloud

8
roles/pathagar/tasks/main.yml
View file

@ -188,14 +188,14 @@
state: absent
when: not pathagar_enabled and is_debuntu
- name: Restart http
service:
- name: Reload Apache ({{ apache_service }})
systemd:
name: "{{ apache_service }}"
state: reloaded
- name: Add 'pathagar' to list of services at {{ iiab_ini_file }}
- name: Add 'pathagar' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: pathagar
option: "{{ item.option }}"
value: "{{ item.value }}"

22
roles/phpmyadmin/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Download phpMyAdmin software
- name: Download {{ iiab_download_url }}/{{ phpmyadmin_name_zip }} to {{ downloads_dir }}
get_url:
url: "{{ iiab_download_url }}/{{ phpmyadmin_name_zip }}"
dest: "{{ downloads_dir }}"
@ -6,7 +6,7 @@
#register: phpmyadmin_dl_output
when: internet_available
- name: Check if /opt/iiab/downloads/{{ phpmyadmin_name_zip }} exists
- name: Does {{ downloads_dir }}/{{ phpmyadmin_name_zip }} exist? # e.g. /opt/iiab/downloads/phpMyAdmin-4.8.3-all-languages.zip
stat:
path: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }}"
register: phpmyadmin_dl
@ -22,14 +22,14 @@
dest: /opt
owner: "{{ apache_user }}"
- name: Create symbolic link /opt/phpmyadmin to phpMyAdmin folder above
- name: Create symlink from /opt/phpmyadmin to {{ phpmyadmin_name }}
file:
src: "{{ phpmyadmin_name }}"
dest: /opt/phpmyadmin
path: /opt/phpmyadmin
owner: "{{ apache_user }}"
state: link
- name: Copy phpMyAdmin's config file into place
- name: Install /opt/phpmyadmin/config.inc.php from template
template:
src: config.inc.php
dest: /opt/phpmyadmin/config.inc.php
@ -46,28 +46,28 @@
# # recurse: yes
# # state: directory
- name: Put the alias into Apache config when enabled
- name: Install /etc/{{ apache_config_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled
template:
src: phpmyadmin.j2
dest: "/etc/{{ apache_config_dir }}/phpmyadmin.conf"
when: phpmyadmin_enabled
- name: Enable phpMyAdmin
- name: Create symlink phpmyadmin.conf from sites-enabled to sites-available (debuntu)
file:
src: /etc/apache2/sites-available/phpmyadmin.conf
dest: /etc/apache2/sites-enabled/phpmyadmin.conf
path: /etc/apache2/sites-enabled/phpmyadmin.conf
state: link
when: phpmyadmin_enabled and is_debuntu
- name: Remove the alias into Apache config when not enabled
- name: Remove /etc/apache2/sites-enabled/phpmyadmin.conf, if not phpmyadmin_enabled (debuntu)
file:
path: /etc/apache2/sites-enabled/phpmyadmin.conf
state: absent
when: not phpmyadmin_enabled and is_debuntu
- name: Add 'phpmyadmin' to list of services at {{ iiab_ini_file }}
- name: Add 'phpmyadmin' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: phpmyadmin
option: "{{ item.option }}"
value: "{{ item.value }}"

33
roles/postgresql/tasks/main.yml
View file

@ -21,7 +21,7 @@
tags:
- download
- name: Create postgresql-iiab systemd service
- name: Install /etc/systemd/system/postgresql-iiab.service from template
template:
src: postgresql-iiab.service
dest: /etc/systemd/system/postgresql-iiab.service
@ -29,7 +29,7 @@
group: root
mode: 0644
- name: Create postgres data directory
- name: Create PostgreSQL data dir /library/pgsql-iiab, owned by postgres:postgres
file:
path: /library/pgsql-iiab
owner: postgres
@ -37,17 +37,17 @@
mode: 0700
state: directory
- name: Make sure that the en_US locale is enabled (debuntu)
- name: Make sure locale {{ postgresql_locale }} is enabled (debuntu) # en_US.UTF-8
lineinfile:
dest: /etc/locale.gen
line: "{{ postgresql_locale }} UTF-8"
when: is_debuntu
- name: Generate the selected locales (debuntu)
- name: Generate locales (debuntu)
command: /usr/sbin/locale-gen
when: is_debuntu
- name: Initialize the postgres db (debuntu)
- name: Initialize the PostgreSQL db, creating /library/pgsql-iiab/pg_hba.conf (debuntu)
#command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab"
command: /usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab
args:
@ -56,7 +56,7 @@
become_user: postgres
when: is_debuntu
- name: Initialize the postgres db (OS's other than debuntu)
- name: Initialize the PostgreSQL db, creating /library/pgsql-iiab/pg_hba.conf (OS's other than debuntu)
#command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab"
command: /usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab
args:
@ -65,7 +65,7 @@
become_user: postgres
when: not is_debuntu
- name: Configure PostgreSQL
- name: Install /library/pgsql-iiab/postgresql.conf owned by postgres:postgres, from template
template:
backup: yes
src: postgresql.conf.j2
@ -74,34 +74,35 @@
group: postgres
mode: 0640
- name: Stop postgresql service (debuntu)
# Probably Not Nec! Given stanza below does the same.
- name: 'Stop postgresql service: /etc/init.d/postgresql stop (debuntu)'
command: "/etc/init.d/postgresql stop"
ignore_errors: True
when: postgresql_install and is_debuntu
- name: Stop and disable stock postgresql service
service:
- name: Disable stock postgresql service
systemd:
name: postgresql
state: stopped
enabled: no
- name: Start and enable postgresql-iiab service
service:
- name: Enable & Start postgresql-iiab systemd service, if postgresql_enabled
systemd:
name: postgresql-iiab
state: started
enabled: yes
when: postgresql_enabled
- name: Stop and disable postgresql-iiab service if not postgresql_enabled
service:
- name: Disable postgresql-iiab service, if not postgresql_enabled
systemd:
name: postgresql-iiab
state: stopped
enabled: no
when: not postgresql_enabled
- name: Add 'postgresql' to list of services at {{ iiab_ini_file }}
- name: Add 'postgresql' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: postgresql
option: "{{ item.option }}"
value: "{{ item.value }}"

11
roles/rachel/tasks/main.yml
View file

@ -23,11 +23,12 @@
- include_tasks: rachel_enabled.yml
when: rachel_enabled and rachel_content_found
- name: Add rachel to service list
ini_file: dest='{{ iiab_ini_file }}'
section=rachel
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'rachel' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: rachel
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: rachel

34
roles/samba/tasks/main.yml
View file

@ -1,23 +1,19 @@
---
# Create a smbuser
#
- name: Create smb user
- name: "Create smb user: {{ smbuser }}"
user:
name: "{{ smbuser }}"
shell: /sbin/nologin
password: "{{ smbpassword }}"
- name: Create the public folder
- name: "Create public folder: {{ shared_dir }}"
file:
dest: "{{ shared_dir }}"
path: "{{ shared_dir }}"
owner: "{{ smbuser }}"
group: "{{ smbuser }}"
mode: 0777
state: directory
# Install and configure samba server (requires ports 137, 138, 139, 445 open).
- name: Install packages {samba, samba-client, samba-common, cifs-client}
- name: "Install 4 packages: samba, samba-client, samba-common, cifs-client"
package:
name:
- samba
@ -29,50 +25,50 @@
- samba
- download
- name: Put our smb.conf in place
- name: Install /etc/samba/smb.conf from template
template:
src: smb.conf.j2
dest: /etc/samba/smb.conf
- name: Ensure Samba is running and set to start on boot.
- name: Enable & Start Samba systemd service
service:
name: "{{ smb_service }}"
state: started
enabled: yes
tags:
- samba
when : samba_enabled
when: samba_enabled
- name: NetBIOS name server is running and set to start on boot
- name: Enable & Start NetBIOS name server ({{ nmb_service }})
service:
name: "{{ nmb_service }}"
state: started
enabled: yes
tags:
- samba
when : samba_enabled
when: samba_enabled
- name: Disable Samba if that is wanted
- name: Disable Samba if not samba_enabled
service:
name: "{{ smb_service }}"
state: stopped
enabled: no
tags:
- samba
when : not samba_enabled
when: not samba_enabled
- name: Disable Samba name server if that is wanted
- name: Disable NetBIOS name server ({{ nmb_service }}) if not samba_enabled
service:
name: "{{ nmb_service }}"
state: stopped
enabled: no
tags:
- samba
when : not samba_enabled
when: not samba_enabled
- name: Add 'samba' to list of services at {{ iiab_ini_file }}
- name: Add 'samba' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: samba
option: "{{ item.option }}"
value: "{{ item.value }}"

11
roles/schooltool/tasks/main.yml
View file

@ -55,11 +55,12 @@
enabled=no
when: not schooltool_enabled
- name: add schooltool to service list
ini_file: dest='{{ iiab_ini_file }}'
section=schooltool
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'schooltool' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: schooltool
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: Schooltool

11
roles/sugar-stats/tasks/main.yml
View file

@ -40,11 +40,12 @@
- include_tasks: statistics-consolidation.yml
- name: Add sugar-stats to service list
ini_file: dest='{{ iiab_ini_file }}'
section=sugar_stats
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'sugar-stats' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: sugar_stats
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: sugar_stats

41
roles/sugarizer/tasks/main.yml
View file

@ -6,6 +6,7 @@
warn: no
when: sugarizer_version == "sugarizer-1.0"
# 1. DOWNLOAD+LINK /opt/iiab/sugarizer
- name: Clone llaske/sugarizer ({{ sugarizer_git_version }}) from GitHub to /opt/iiab (MAY DOWNLOAD 600+ MB)
@ -17,12 +18,13 @@
depth: 1
when: internet_available
- name: Create symbolic link /opt/iiab/sugarizer -> /opt/iiab/{{ sugarizer_version }}
- name: Create symlink /opt/iiab/sugarizer -> /opt/iiab/{{ sugarizer_version }}
file:
src: "{{ sugarizer_location }}/{{ sugarizer_version }}"
dest: "{{ sugarizer_location }}/sugarizer"
state: link
# 2. DOWNLOAD+LINK /opt/iiab/sugarizer-server
# 2018-07-11: http://download.iiab.io/packages/sugarizer-server-1.0.tar.gz
@ -55,6 +57,7 @@
dest: "{{ sugarizer_location }}/sugarizer-server"
state: link
# 3. INSTALL A GOOD VERSION OF Node.js AND npm
- name: Set up Node.js 8.x apt sources (debuntu, but avoid ubuntu-18)
@ -98,6 +101,7 @@
state: latest
when: internet_available and (is_ubuntu_18 or not is_debuntu)
# 4. RUN "npm install" TO POPULATE ~35MB /opt/iiab/sugarizer-server/node_modules
# Re-running "npm install" USED TO fail on Raspbian 9 if not other OS's ?
@ -170,9 +174,10 @@
chdir: "{{ sugarizer_location }}/{{ sugarizer_server_version }}"
when: internet_available
# 5. PLACE CONFIG FILES
- name: Configure sugarizer.service (systemd), sugarizer.conf (Apache) and sugarizer.ini
- name: "Install from templates: sugarizer.service (systemd), sugarizer.conf (Apache), sugarizer.ini and sugarizer-server"
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -185,15 +190,23 @@
- { src: 'sugarizer.service.j2', dest: '/etc/systemd/system/sugarizer.service', mode: '0644' }
- { src: 'sugarizer.js', dest: '/opt/iiab/sugarizer-server', mode: '0644' }
- name: Create symlink for short URL http://box/sugarizer
- name: Create symlink sugarizer.conf from sites-enabled to sites-available, for short URL http://box/sugarizer (debuntu)
file:
src: /etc/apache2/sites-available/sugarizer.conf
dest: /etc/apache2/sites-enabled/sugarizer.conf
path: /etc/apache2/sites-enabled/sugarizer.conf
state: link
when: sugarizer_enabled and is_debuntu
- name: "Remove symlink /etc/apache2/sites-enabled/sugarizer.conf, if sugarizer_enabled: False (debuntu)"
file:
path: /etc/apache2/sites-enabled/sugarizer.conf
state: absent
when: not sugarizer_enabled and is_debuntu
# 6. RESTART/STOP SYSTEMD SERVICE
- name: Enable+restart systemd service if sugarizer_enabled, with "systemctl daemon-reload" (in case mongodb.service changed?)
- name: Enable & Restart systemd service if sugarizer_enabled, with "systemctl daemon-reload" (in case mongodb.service changed?)
systemd:
name: sugarizer
enabled: yes
@ -201,19 +214,19 @@
daemon_reload: yes
when: sugarizer_enabled
- name: Restart Apache so http://box/sugarizer works (not just http://box:8089)
systemd:
name: "{{ apache_service }}" # httpd or apache2
state: restarted
when: sugarizer_enabled
- name: 'Disable+stop systemd service if sugarizer_enabled: False'
- name: "Disable systemd service, if sugarizer_enabled: False"
systemd:
name: sugarizer
enabled: no
state: stopped
when: not sugarizer_enabled
- name: Restart Apache ({{ apache_service }}) to enable/disable http://box/sugarizer (not just http://box:8089)
systemd:
name: "{{ apache_service }}" # httpd or apache2
state: restarted
#when: sugarizer_enabled
#- name: Enable services (all OS's)
# service:
# name: "{{ item.name }}"
@ -231,9 +244,9 @@
# state: stopped
# when: not sugarizer_enabled
- name: Add 'sugarizer' to list of services at {{ iiab_ini_file }}
- name: Add 'sugarizer' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: sugarizer
option: "{{ item.option }}"
value: "{{ item.value }}"

11
roles/teamviewer/tasks/main.yml
View file

@ -8,11 +8,12 @@
include_tasks: install.yml
when: teamviewer_install
- name: Add teamviewer to service list
ini_file: dest='{{ iiab_ini_file }}'
section=teamviewer
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'teamviewer' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: teamviewer
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: teamviewer

14
roles/transmission/tasks/main.yml
View file

@ -1,11 +1,11 @@
- name: Install packages transmission-daemon and transmission-cli
- name: 'Install packages: transmission-daemon, transmission-cli'
package:
name:
- transmission-daemon
- transmission-cli
state: present
- name: Create /library/transmission download directory
- name: Create download dir {{ transmission_download_dir }}, owned by {{ transmission_user }}:{{ transmission_group }} # /library/transmission
file:
path: "{{ transmission_download_dir }}"
owner: "{{ transmission_user }}"
@ -19,7 +19,7 @@
state: stopped
ignore_errors: yes
- name: Create transmission-daemon settings
- name: Install /etc/transmission-daemon/settings.json from template
template:
src: settings.json.j2
dest: /etc/transmission-daemon/settings.json
@ -27,7 +27,7 @@
owner: "{{ transmission_user }}"
group: "{{ transmission_group }}"
- name: Enable and Restart transmission-daemon service
- name: Enable & Restart transmission-daemon systemd service, incl daemon-reload
systemd:
name: transmission-daemon
daemon_reload: yes
@ -45,7 +45,7 @@
when: transmission_enabled and transmission_provision and transmission_kalite_languages is defined and transmission_kalite_languages is not none
ignore_errors: yes
- name: Disable transmission-daemon service
- name: Disable transmission-daemon service, if not transmission_enabled
systemd:
name: transmission-daemon
daemon_reload: yes
@ -53,9 +53,9 @@
state: stopped
when: not transmission_enabled
- name: Add transmission to list of services at {{ iiab_ini_file }}
- name: Add 'transmission' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: transmission
option: "{{ item.option }}"
value: "{{ item.value }}"

33
roles/usb-lib/tasks/main.yml
View file

@ -1,12 +1,12 @@
- name: Add a content directory for links to be located
- name: Add dir {{ doc_root }}/local_content, where USB drive links can appear
file:
dest: "{{ doc_root }}/local_content"
path: "{{ doc_root }}/local_content"
state: directory
owner: "{{ apache_user }}"
group: "{{ iiab_admin_user }}" # ISN'T "{{ apache_user }}" MORE APPROPRIATE?
mode: 0775
- name: Copy mount file to usbmount when enabled
- name: Install /etc/usbmount/mount.d/70-usb-library from template
template:
src: mount.d/70-usb-library
dest: /etc/usbmount/mount.d/
@ -15,7 +15,7 @@
mode: 0751
when: usb_lib_enabled
- name: Install udev to systemd link -> usbmount
- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb-lib-show-all-on, /usr/bin/iiab-usb-lib-show-all-off'
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -26,13 +26,13 @@
- { src: 'iiab-usb-lib-show-all-on' , dest: '/usr/bin/', mode: '0755' }
- { src: 'iiab-usb-lib-show-all-off' , dest: '/usr/bin/', mode: '0755' }
- name: Enable exFAT and NTFS
- name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf
lineinfile:
regexp: '^FILESYSTEMS.*'
line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"'
dest: /etc/usbmount/usbmount.conf
path: /etc/usbmount/usbmount.conf
- name: Copy umount file to usbmount when enabled
- name: Install /etc/usbmount/umount.d/70-usb-library from template
template:
src: umount.d/70-usb-library
dest: /etc/usbmount/umount.d
@ -41,13 +41,13 @@
mode: 0751
when: usb_lib_enabled
- name: Remove mount file to usbmount when not enabled
- name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled
file:
path: /etc/usbmount/mount.d/70-usb-library
state: absent
when: not usb_lib_enabled
- name: Remove umount file to usbmount when not enabled
- name: Remove /etc/usbmount/umount.d/70-usb-library if not usb_lib_enabled
file:
path: /etc/usbmount/umount.d/70-usb-library
state: absent
@ -55,39 +55,38 @@
- name: Put variable in iiab.env that enables display of content at root of USB
lineinfile:
dest: "{{ iiab_env_file }}"
path: "{{ iiab_env_file }}"
regexp: "^IIAB_USB_LIB_SHOW_ALL.*"
line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}"
- name: Add Apache config for content directory
- name: Install /etc/{{ apache_config_dir }}/content_dir.conf from template
template:
src: content_dir.conf
dest: "/etc/{{ apache_config_dir }}"
when: usb_lib_enabled
- name: Create the link to enable (debuntu)
- name: Create symlink content_dir.conf from sites-enabled to sites-available (debuntu)
file:
src: "/etc/{{ apache_config_dir }}/content_dir.conf"
dest: /etc/apache2/sites-enabled/content_dir.conf
state: link
when: is_debuntu
- name: Remove the link that enables (debuntu)
- name: Remove symlink content_dir.conf from /etc/apache2/sites-enabled (debuntu)
file:
src: "/etc/{{ apache_config_dir }}/content_dir.conf"
dest: /etc/apache2/sites-enabled/content_dir.conf
state: absent
when: is_debuntu and not usb_lib_enabled
- name: Remove Apache config for content directory
- name: Remove content_dir.conf from /etc/{{ apache_config_dir }}
file:
name: "/etc/{{ apache_config_dir }}/content_dir.conf"
state: absent
when: not usb_lib_enabled
- name: Add usb-lib to service list
- name: Add 'usb-lib' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: usb-lib
option: "{{ item.option }}"
value: "{{ item.value }}"

6
roles/vnstat/tasks/main.yml
View file

@ -21,14 +21,14 @@
when: iiab_lan_iface is defined
- name: Enable & Start vnStat's systemd service
service:
systemd:
name: vnstat
enabled: yes
state: started
- name: Add 'vnstat' to list of services at {{ iiab_ini_file }}
- name: Add 'vnstat' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: vnstat
option: "{{ item.option }}"
value: "{{ item.value }}"

36
roles/wordpress/tasks/install.yml
View file

@ -11,7 +11,7 @@
# and security enhancements using timestamps under /library/wordpress, as these
# can arise without warning when WordPress is online, since WordPress ~4.8
- name: Download the latest WordPress software
- name: Download {{ wordpress_download_base_url }}/{{ wordpress_src }} to {{ downloads_dir }}
get_url:
url: "{{ wordpress_download_base_url }}/{{ wordpress_src }}"
dest: "{{ downloads_dir }}"
@ -21,14 +21,14 @@
register: wp_download_output
when: internet_available
- name: Create link /opt/iiab/downloads/wordpress.tar.gz pointing to {{ wp_download_output.dest }}
- name: Create symlink from /opt/iiab/downloads/wordpress.tar.gz to {{ wp_download_output.dest }}
file:
src: "{{ wp_download_output.dest }}"
dest: "{{ downloads_dir }}/wordpress.tar.gz"
path: "{{ downloads_dir }}/wordpress.tar.gz"
state: link
when: wp_download_output.dest is defined
- name: Check if /opt/iiab/downloads/wordpress.tar.gz link exists
- name: Does /opt/iiab/downloads/wordpress.tar.gz link exist?
stat:
path: "{{ downloads_dir }}/wordpress.tar.gz"
register: wp_link
@ -61,7 +61,7 @@
- name: Make /library/wordpress directories 775 so Apache can traverse and write (most files remain 0664)
command: "/usr/bin/find {{ wp_abs_path }} -type d -exec chmod 775 {} +"
- name: Copy wp salt values
- name: Install {{ wp_abs_path }}/wp-keys.php.BAK
copy:
src: wp-keys.php.BAK
dest: "{{ wp_abs_path }}/wp-keys.php.BAK"
@ -71,7 +71,7 @@
# Fetch random salts for WordPress config into wp-keys.php file by generating script and running
- name: Create wp salt script
- name: Install script /tmp/get-iiab-wp-salts from template
template:
src: get-iiab-wp-salts.j2
dest: /tmp/get-iiab-wp-salts
@ -79,20 +79,20 @@
group: root
mode: 0700
- name: Run wp salt script to create /library/wordpress/wp-keys.php
- name: Run /tmp/get-iiab-wp-salts to create /library/wordpress/wp-keys.php
command: /tmp/get-iiab-wp-salts
- name: Cleanup - remove wp salt script
- name: Remove script /tmp/get-iiab-wp-salts
file:
path: /tmp/get-iiab-wp-salts
state: absent
- name: MySQL database needs to be running if we are trying to create a new db
- name: Start MySQL systemd service
service:
state: started
name: "{{ mysql_service }}"
- name: Create MySQL wordpress database
- name: 'Create MySQL wordpress database: {{ wp_db_name }}'
mysql_db:
name: "{{ wp_db_name }}"
state: present
@ -104,7 +104,7 @@
priv: "{{ wp_db_name }}.*:ALL,GRANT"
state: present
- name: Copy wp-config.php
- name: Install {{ wp_abs_path }}/wp-config.php
template:
src: wp-config.php.j2
dest: "{{ wp_abs_path }}/wp-config.php"
@ -112,32 +112,32 @@
group: "{{ apache_user }}"
mode: 0660
- name: Copy wordpress.conf to permit http://box{{ wp_url }}
- name: Install etc/{{ apache_config_dir }}/wordpress.conf from template, for http://box{{ wp_url }}
template:
src: wordpress.conf.j2
dest: "/etc/{{ apache_config_dir }}/wordpress.conf"
- name: Enable wordpress.conf if wordpress_enabled (debuntu)
- name: Create symlink wordpress.conf from sites-enabled to sites-available, if wordpress_enabled (debuntu)
file:
src: /etc/apache2/sites-available/wordpress.conf
dest: /etc/apache2/sites-enabled/wordpress.conf
path: /etc/apache2/sites-enabled/wordpress.conf
state: link
when: wordpress_enabled and is_debuntu
- name: Remove wordpress.conf if not wordpress_enabled (debuntu)
- name: Remove /etc/apache2/sites-enabled/wordpress.conf if not wordpress_enabled (debuntu)
file:
path: /etc/apache2/sites-enabled/wordpress.conf
state: absent
when: not wordpress_enabled and is_debuntu
- name: Restart Apache to enable/disable http://box{{ wp_url }}
service:
systemd:
name: "{{ apache_service }}"
state: restarted
- name: Add 'wordpress' to list of services at {{ iiab_ini_file }}
- name: Add 'wordpress' variable values to {{ iiab_ini_file }}
ini_file:
dest: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}"
section: wordpress
option: "{{ item.option }}"
value: "{{ item.value }}"

19
roles/xovis/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Install Couchdb and other necessary packages
- name: Install CouchDB and other necessary packages
package: name={{ item }}
state=present
with_items:
@ -45,13 +45,13 @@
- name: Allow access to Couchdb from other hosts
command: sed -i 's/^\(bind_address\s*=\s*\).*$/\10\.0\.0\.0/' /etc/couchdb/default.ini
- name: Enable Couchdb service
- name: Enable CouchDB service
service: name=couchdb
enabled=yes
state=started
when: xovis_enabled
- name: Wait for couchdb to become ready
- name: Wait for CouchDB to become ready
wait_for: port=5984
delay=1
timeout=5
@ -66,7 +66,7 @@
register: found_db
ignore_errors: yes
- name: Create Couchdb database if does not already exist
- name: Create CouchDB database if does not already exist
command: kanso createdb {{ xovis_db_url }}
when: xovis_enabled and found_db.stdout != xovis_db_name
@ -81,11 +81,12 @@
--server http://{{ xovis_db_login }}@{{ xovis_target_host }}"
when: xovis_enabled
- name: Add xovis to service list
ini_file: dest='{{ iiab_ini_file }}'
section=xovis
option='{{ item.option }}'
value='{{ item.value }}'
- name: Add 'xovis' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: xovis
option: "{{ item.option }}"
value: "{{ item.value }}"
with_items:
- option: name
value: xovis