From fe5ab4496d1aa652ffb4521ec82a86212db030ad Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 17:32:07 -0400 Subject: [PATCH 01/26] Update main.yml --- roles/1-prep/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index c46bfe997..1845416dc 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -37,6 +37,12 @@ set_fact: uuid: "{{ stored_uuid.stdout_lines[0] }}" +- name: OPENVPN + include_role: + name: openvpn + when: openvpn_install + tags: openvpn + # for rpi, without rtc, we need time as soon as possible - name: Install chrony package package: From 405b9bc779f69be88ba40917dcf9963d7e59af7a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 17:32:53 -0400 Subject: [PATCH 02/26] Update main.yml --- roles/4-server-options/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index fbe551818..8989677a6 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -10,12 +10,6 @@ # has no "when: XXXXX_install" flag tags: base, sshd -- name: OPENVPN - include_role: - name: openvpn - when: openvpn_install - tags: openvpn - - name: Installing dnsmasq include_tasks: roles/network/tasks/dnsmasq.yml when: dnsmasq_install From fd6929e51d56bde5f52d969455712fae33a822db Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:04:08 -0400 Subject: [PATCH 03/26] Create osm.conf --- roles/httpd/files/osm.conf | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 roles/httpd/files/osm.conf diff --git a/roles/httpd/files/osm.conf b/roles/httpd/files/osm.conf new file mode 100644 index 000000000..568ed64e1 --- /dev/null +++ b/roles/httpd/files/osm.conf @@ -0,0 +1,3 @@ +# For new vector tileset, as documented @ http://FAQ.IIAB.IO ("How do I add zoomable maps for my region? ") & http://download.iiab.io/content/OSM/vector-tiles/ +Alias /maps /library/www/html/modules/en-osm-omt-min/ +Alias /osm /library/www/html/modules/en-osm-omt-min/ From dbab833e2169629578774cb2398019eacc45c8bd Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:32:49 -0400 Subject: [PATCH 04/26] Update main.yml --- roles/httpd/tasks/main.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 9604a026f..d5a4adeaf 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -170,6 +170,22 @@ state: absent when: is_debuntu +- name: Copy osm.conf for http://box/maps (all OS's) + copy: + src: osm.conf + dest: "/etc/{{ apache_config_dir }}" + owner: root + group: root + mode: 0644 + backup: yes + +- name: Create link from sites-enabled to sites-available (debuntu) + file: + src: "/etc/{{ apache_config_dir }}/osm.conf" + dest: /etc/apache2/sites-enabled/osm.conf + state: link + when: is_debuntu + - include_tasks: html.yml tags: - base From 84050bc661129d3cf9c2a3253eb36ad1196c3a68 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:35:16 -0400 Subject: [PATCH 05/26] Update main.yml --- roles/httpd/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index d5a4adeaf..2ced8979e 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -170,6 +170,7 @@ state: absent when: is_debuntu +# SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook) - name: Copy osm.conf for http://box/maps (all OS's) copy: src: osm.conf From 56b140c7edb19f249d00cc96ea9254a13e9a16b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:45:02 -0400 Subject: [PATCH 06/26] Update osm.conf.j2 --- roles/osm/templates/osm.conf.j2 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/osm/templates/osm.conf.j2 b/roles/osm/templates/osm.conf.j2 index dea0ab4e2..3e6da0d41 100644 --- a/roles/osm/templates/osm.conf.j2 +++ b/roles/osm/templates/osm.conf.j2 @@ -8,9 +8,10 @@ WSGIScriptAlias /iiab {{ doc_root }}/osm.wsgi # For old bitmap/raster tileset Alias /iiabstatic {{ osm_path }}/static -# For new vector tileset, as documented @ http://FAQ.IIAB.IO ("How do I add zoomable maps for my region? ") & http://download.iiab.io/content/OSM/vector-tiles/ -Alias /maps /library/www/html/modules/en-osm-omt-min/ -Alias /osm /library/www/html/modules/en-osm-omt-min/ +# 2018-09-19: placement of osm.conf (for http://box/maps) moved to roles/httpd/tasks/main.yml to economize 5min during install, now that this (older) osm playbook is rarely used +## For new vector tileset, as documented @ http://FAQ.IIAB.IO ("How do I add zoomable maps for my region? ") & http://download.iiab.io/content/OSM/vector-tiles/ +#Alias /maps /library/www/html/modules/en-osm-omt-min/ +#Alias /osm /library/www/html/modules/en-osm-omt-min/ require all granted From d1b4c08bfe1ff91b1ecf5e2adcc9a5810cd85f21 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:47:16 -0400 Subject: [PATCH 07/26] Update main.yml --- roles/httpd/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 2ced8979e..2091165f1 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -170,7 +170,7 @@ state: absent when: is_debuntu -# SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook) +# SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways) - name: Copy osm.conf for http://box/maps (all OS's) copy: src: osm.conf From b7ef1ebde121caf5588eb5e0d0573af668798287 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:50:40 -0400 Subject: [PATCH 08/26] Update default_vars.yml --- vars/default_vars.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 23a00db1c..6609b79de 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -310,8 +310,8 @@ iiab_zim_path: /library/zims moodle_install: False moodle_enabled: False -# OpenStreetMap (OSM) -osm_install: True +# OpenStreetMap (OSM) - PLEASE CONSIDER THE NEW WAY INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ +osm_install: False osm_enabled: False # changed in June 2017 from: # iiab_install: True From 47781a1c324685ba73438c9b458f7bfefc6f1c83 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:55:07 -0400 Subject: [PATCH 09/26] Update default_vars.yml --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 6609b79de..0db8ac558 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -310,7 +310,7 @@ iiab_zim_path: /library/zims moodle_install: False moodle_enabled: False -# OpenStreetMap (OSM) - PLEASE CONSIDER THE NEW WAY INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ +# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 osm_install: False osm_enabled: False # changed in June 2017 from: From dfe575e59e70bb5b145cd3e8f544fff0d4d162d2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:55:25 -0400 Subject: [PATCH 10/26] Update local_vars_min.yml --- vars/local_vars_min.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 1c6a0294a..305d298ed 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -174,7 +174,7 @@ kiwix_enabled: True moodle_install: False moodle_enabled: False -# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 +# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 osm_install: False osm_enabled: False From bb2de7b769614b346431ec25f07f2c9a273d6afc Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:55:44 -0400 Subject: [PATCH 11/26] Update local_vars_medium.yml --- vars/local_vars_medium.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index ff035e97f..0dbdeb81d 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -174,9 +174,9 @@ kiwix_enabled: True moodle_install: False moodle_enabled: False -# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 -osm_install: True -osm_enabled: True +# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 +osm_install: False +osm_enabled: False # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 From 70736375d965ab5096904b8d2b83065d69cdb564 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 18:56:04 -0400 Subject: [PATCH 12/26] Update local_vars_big.yml --- vars/local_vars_big.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index a5465d733..d68c85aab 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -174,9 +174,9 @@ kiwix_enabled: True moodle_install: True moodle_enabled: True -# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 -osm_install: True -osm_enabled: True +# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 +osm_install: False +osm_enabled: False # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 From 556240a868862082a11636b82330d62110a267b8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 19:54:28 -0400 Subject: [PATCH 13/26] Update osm.conf.j2 --- roles/osm/templates/osm.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/osm/templates/osm.conf.j2 b/roles/osm/templates/osm.conf.j2 index 3e6da0d41..fb1b5bcc0 100644 --- a/roles/osm/templates/osm.conf.j2 +++ b/roles/osm/templates/osm.conf.j2 @@ -8,7 +8,7 @@ WSGIScriptAlias /iiab {{ doc_root }}/osm.wsgi # For old bitmap/raster tileset Alias /iiabstatic {{ osm_path }}/static -# 2018-09-19: placement of osm.conf (for http://box/maps) moved to roles/httpd/tasks/main.yml to economize 5min during install, now that this (older) osm playbook is rarely used +# 2018-09-19: placement of osm.conf (for http://box/maps) moved to roles/httpd/tasks/main.yml to economize ~5 min during RPi install, now that this (older) osm playbook is rarely used ## For new vector tileset, as documented @ http://FAQ.IIAB.IO ("How do I add zoomable maps for my region? ") & http://download.iiab.io/content/OSM/vector-tiles/ #Alias /maps /library/www/html/modules/en-osm-omt-min/ #Alias /osm /library/www/html/modules/en-osm-omt-min/ From 67300c6d949b242918e4530f4465515f32651ab2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:06:55 -0400 Subject: [PATCH 14/26] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index f36742ec3..e9eced3ac 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -30,7 +30,7 @@ - name: OSM include_role: name: osm - when: osm_install + when: osm_install is defined and osm_install tags: osm - name: PATHAGAR From eaf5fe87df6a2d9f621dd707116b4bf083190793 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:07:22 -0400 Subject: [PATCH 15/26] Update default_vars.yml --- vars/default_vars.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 0db8ac558..e1abea459 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -310,13 +310,6 @@ iiab_zim_path: /library/zims moodle_install: False moodle_enabled: False -# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 -osm_install: False -osm_enabled: False -# changed in June 2017 from: -# iiab_install: True -# iiab_enabled: False - # Sugarizer # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 @@ -423,6 +416,17 @@ calibreweb_url: /books calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web +# PLEASE CONSIDER THESE 2 NEW MAPS APPROACHES INSTEAD, AS OF 2018: +# - http://download.iiab.io/content/OSM/vector-tiles/ +# - http://oer2go.org/viewmod/en-worldmap-10 +# +# OpenStreetMap (OSM) legacy - unmaintained: +# osm_install: False +# osm_enabled: False +# Changed in June 2017, from the original: +# iiab_install: True +# iiab_enabled: False + # TeamViewer - unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io) # teamviewer_install: False # teamviewer_enabled: False From c5eefa0f530eb07832b2d1cf8397577ba42622e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:07:34 -0400 Subject: [PATCH 16/26] Update local_vars_min.yml --- vars/local_vars_min.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 305d298ed..ea593c810 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -174,10 +174,6 @@ kiwix_enabled: True moodle_install: False moodle_enabled: False -# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 -osm_install: False -osm_enabled: False - # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 sugarizer_install: False @@ -254,6 +250,14 @@ calibreweb_url: /books calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web +# PLEASE CONSIDER THESE 2 NEW MAPS APPROACHES INSTEAD, AS OF 2018: +# - http://download.iiab.io/content/OSM/vector-tiles/ +# - http://oer2go.org/viewmod/en-worldmap-10 +# +# Unmaintained - OpenStreetMap (OSM) legacy +# osm_install: False +# osm_enabled: False + # Unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io) # teamviewer_install: False # teamviewer_enabled: False From aad6ffb865b32c9e843129c40241af23063ffbc9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:07:47 -0400 Subject: [PATCH 17/26] Update local_vars_medium.yml --- vars/local_vars_medium.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 0dbdeb81d..1d06677b3 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -174,10 +174,6 @@ kiwix_enabled: True moodle_install: False moodle_enabled: False -# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 -osm_install: False -osm_enabled: False - # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 sugarizer_install: True @@ -254,6 +250,14 @@ calibreweb_url: /books calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web +# PLEASE CONSIDER THESE 2 NEW MAPS APPROACHES INSTEAD, AS OF 2018: +# - http://download.iiab.io/content/OSM/vector-tiles/ +# - http://oer2go.org/viewmod/en-worldmap-10 +# +# Unmaintained - OpenStreetMap (OSM) legacy +# osm_install: False +# osm_enabled: False + # Unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io) # teamviewer_install: False # teamviewer_enabled: False From d155bb57973115f09dde1c204825f78731a3af05 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:08:10 -0400 Subject: [PATCH 18/26] Update local_vars_big.yml --- vars/local_vars_big.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index d68c85aab..eaf6ef161 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -174,10 +174,6 @@ kiwix_enabled: True moodle_install: True moodle_enabled: True -# OpenStreetMap (OSM) legacy - PLEASE CONSIDER NEW WAYS INSTEAD: http://download.iiab.io/content/OSM/vector-tiles/ or http://oer2go.org/viewmod/en-worldmap-10 -osm_install: False -osm_enabled: False - # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 sugarizer_install: True @@ -254,6 +250,14 @@ calibreweb_url: /books calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web +# PLEASE CONSIDER THESE 2 NEW MAPS APPROACHES INSTEAD, AS OF 2018: +# - http://download.iiab.io/content/OSM/vector-tiles/ +# - http://oer2go.org/viewmod/en-worldmap-10 +# +# Unmaintained - OpenStreetMap (OSM) legacy +# osm_install: False +# osm_enabled: False + # Unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io) # teamviewer_install: False # teamviewer_enabled: False From faffb7939d6be71482577d71bb525dafa8802990 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:41:08 -0400 Subject: [PATCH 19/26] Update main.yml --- roles/4-server-options/tasks/main.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 8989677a6..3dc010450 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -3,13 +3,6 @@ - name: ...IS BEGINNING ================================== command: echo -# MANDATORY SO PERHAPS THIS BELONGS IN 3-BASE-SERVER ? -- name: SSHD - include_role: - name: sshd - # has no "when: XXXXX_install" flag - tags: base, sshd - - name: Installing dnsmasq include_tasks: roles/network/tasks/dnsmasq.yml when: dnsmasq_install From 84eea97af920fc3f550cbfc97ca3aea72bbbce04 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:42:37 -0400 Subject: [PATCH 20/26] Update main.yml --- roles/1-prep/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 1845416dc..b0f2df3fe 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -37,6 +37,12 @@ set_fact: uuid: "{{ stored_uuid.stdout_lines[0] }}" +- name: SSHD + include_role: + name: sshd + # has no "when: XXXXX_install" flag + tags: base, sshd + - name: OPENVPN include_role: name: openvpn From ea6382c2214099cb31b4df4128eb11a03b815bd1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:44:42 -0400 Subject: [PATCH 21/26] modern Ansible syntax in roles/sshd --- roles/sshd/tasks/main.yml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index 560774ff3..89e8f444e 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -1,18 +1,21 @@ - name: Disable root login with password - lineinfile: dest=/etc/ssh/sshd_config - regexp='^PermitRootLogin' - line='PermitRootLogin without-password' - state=present + lineinfile: + dest: /etc/ssh/sshd_config + regexp: '^PermitRootLogin' + line: 'PermitRootLogin without-password' + state: present #TODO: use handler to reload ssh - name: Enable sshd - service: name={{ sshd_service }} - enabled=yes - state=started + service: + name: "{{ sshd_service }}" + enabled: yes + state: started when: sshd_enabled - name: Disable sshd - service: name={{ sshd_service }} - enabled=no - state=stopped + service: + name: "{{ sshd_service }}" + enabled: no + state: stopped when: not sshd_enabled From 1a504318b40ec3753c77111cf9bd104a92f44ca1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:47:46 -0400 Subject: [PATCH 22/26] Update main.yml --- roles/sshd/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index 89e8f444e..2e602d0fa 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -6,7 +6,7 @@ state: present #TODO: use handler to reload ssh -- name: Enable sshd +- name: Enable & start sshd service: name: "{{ sshd_service }}" enabled: yes From a34268d5a9f9c76d3808c1b9427ae1e1c62f1654 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:52:35 -0400 Subject: [PATCH 23/26] Update admin-user.yml --- roles/iiab-admin/tasks/admin-user.yml | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/roles/iiab-admin/tasks/admin-user.yml b/roles/iiab-admin/tasks/admin-user.yml index 9fc481ab4..7fa6ff147 100644 --- a/roles/iiab-admin/tasks/admin-user.yml +++ b/roles/iiab-admin/tasks/admin-user.yml @@ -21,23 +21,6 @@ name: "{{ iiab_admin_user }}" groups: wheel,sudo -- name: Create root .ssh - file: - path: /root/.ssh - owner: root - group: root - mode: 0700 - state: directory - -- name: Install dummy root keys as placeholder - copy: - src: dummy_authorized_keys - dest: /root/.ssh/authorized_keys - owner: root - group: root - mode: 0600 - force: no - - name: Edit the sudoers file -- first make it editable file: path: /etc/sudoers From 37b2f947a270ccee2f5c185cda1f7e350c88b0ff Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 20:55:28 -0400 Subject: [PATCH 24/26] Update main.yml --- roles/sshd/tasks/main.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index 2e602d0fa..567fd72dd 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -6,6 +6,25 @@ state: present #TODO: use handler to reload ssh +- name: Create root .ssh + file: + path: /root/.ssh + owner: root + group: root + mode: 0700 + state: directory + when: sshd_enabled + +- name: Install dummy root keys as placeholder + copy: + src: dummy_authorized_keys + dest: /root/.ssh/authorized_keys + owner: root + group: root + mode: 0600 + force: no + when: sshd_enabled + - name: Enable & start sshd service: name: "{{ sshd_service }}" From 3a5bdc4a2be65613019a3c2c49ef6af8425fbdb6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 21:02:11 -0400 Subject: [PATCH 25/26] Rename roles/iiab-admin/files/dummy_authorized_keys to roles/sshd/files/dummy_authorized_keys --- roles/{iiab-admin => sshd}/files/dummy_authorized_keys | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/{iiab-admin => sshd}/files/dummy_authorized_keys (100%) diff --git a/roles/iiab-admin/files/dummy_authorized_keys b/roles/sshd/files/dummy_authorized_keys similarity index 100% rename from roles/iiab-admin/files/dummy_authorized_keys rename to roles/sshd/files/dummy_authorized_keys From 5665f0792aab672041b5751a8367e89a8b61f652 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Sep 2018 21:07:23 -0400 Subject: [PATCH 26/26] Update admin-user.yml --- roles/iiab-admin/tasks/admin-user.yml | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/roles/iiab-admin/tasks/admin-user.yml b/roles/iiab-admin/tasks/admin-user.yml index 9fc481ab4..7fa6ff147 100644 --- a/roles/iiab-admin/tasks/admin-user.yml +++ b/roles/iiab-admin/tasks/admin-user.yml @@ -21,23 +21,6 @@ name: "{{ iiab_admin_user }}" groups: wheel,sudo -- name: Create root .ssh - file: - path: /root/.ssh - owner: root - group: root - mode: 0700 - state: directory - -- name: Install dummy root keys as placeholder - copy: - src: dummy_authorized_keys - dest: /root/.ssh/authorized_keys - owner: root - group: root - mode: 0600 - force: no - - name: Edit the sudoers file -- first make it editable file: path: /etc/sudoers