From 4b5214936eaae6677f2f43c09281745425322105 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Thu, 13 Feb 2020 15:00:54 -0500
Subject: [PATCH 1/5] Update default_vars.yml

---
 vars/default_vars.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/vars/default_vars.yml b/vars/default_vars.yml
index 8f7995e25..23f845f85 100644
--- a/vars/default_vars.yml
+++ b/vars/default_vars.yml
@@ -49,7 +49,6 @@ language_priority: en es fr
 iiab_admin_user_install: True
 # If iiab_admin_user_install: False, set iiab_admin_user (below) to an existing
 # Linux user that has sudo access, for login to Admin Console http://box/admin
-# ODDLY THIS IS ALSO USED BY roles/usb-lib/tasks/main.yml TO SET GROUP PERM FOR /library/www/html/local_content (ISN'T {{ apache_user }} MORE APPROPRIATE?)
 iiab_admin_user: iiab-admin
 iiab_admin_published_pwd: g0adm1n    # For live checks/alerts of published pwds
 # Password hash to override above, if Ansible creates above user:
@@ -304,7 +303,7 @@ samba_udp_ports: "137:138"
 samba_tcp_mports: "139,445"
 shared_dir : "{{ content_base }}/public"    # /library/public
 
-# usb-lib
+# USB_LIB
 usb_lib_install: True
 usb_lib_enabled: True
 # Show entire contents of USB sticks/drives (at http://box/usb)

From 77bb569379bfdf13c79b7d1212ec3227d62914cc Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Thu, 13 Feb 2020 15:11:35 -0500
Subject: [PATCH 2/5] Create install.yml

---
 roles/usb_lib/tasks/install.yml | 43 +++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 roles/usb_lib/tasks/install.yml

diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml
new file mode 100644
index 000000000..6d98ec08f
--- /dev/null
+++ b/roles/usb_lib/tasks/install.yml
@@ -0,0 +1,43 @@
+- name: Add dir {{ doc_root }}/local_content, where USB drive links can appear
+  file:
+    state: directory
+    path: "{{ doc_root }}/local_content"
+    owner: "{{ apache_user }}"
+    group: "{{ apache_user }}"    # 2020-02-12: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222)
+    mode: '0775'
+
+- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off'
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: "{{ item.mode }}"
+  with_items:
+    - { src: 'usbmount@.service.j2' , dest: '/etc/systemd/system/usbmount@.service', mode: '0644' }
+    - { src: 'usbmount.rules.j2' , dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' }
+    - { src: 'iiab-usb_lib-show-all-on' , dest: '/usr/bin/', mode: '0755' }
+    - { src: 'iiab-usb_lib-show-all-off' , dest: '/usr/bin/', mode: '0755' }
+
+- name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf
+  lineinfile:
+    regexp: '^FILESYSTEMS.*'
+    line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"'
+    path: /etc/usbmount/usbmount.conf
+
+- name: Install /etc/{{ apache_conf_dir }}/content_dir.conf from template
+  template:
+    src: content_dir.conf
+    dest: "/etc/{{ apache_conf_dir }}"
+  when: apache_install
+
+
+# RECORD 'USB_LIB' AS INSTALLED
+
+- name: "Set 'usb_lib_installed: True'"
+  set_fact:
+    usb_lib_installed: True
+
+- name: "Add 'usb_lib_installed: True' to {{ iiab_state_file }}"
+  lineinfile:
+    path: "{{ iiab_state_file }}"    # /etc/iiab/iiab_state.yml
+    regexp: '^usb_lib_installed'
+    line: 'usb_lib_installed: True'

From a055bfdcdeaedc6277a4403019e47d7155706819 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Thu, 13 Feb 2020 15:16:59 -0500
Subject: [PATCH 3/5] Update main.yml

---
 roles/usb_lib/tasks/main.yml | 115 ++++++++++-------------------------
 1 file changed, 31 insertions(+), 84 deletions(-)

diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml
index ff6a179c1..eeea1ca48 100644
--- a/roles/usb_lib/tasks/main.yml
+++ b/roles/usb_lib/tasks/main.yml
@@ -1,91 +1,36 @@
-# TO DO:
-# - validate input vars + prereqs
-# - move 6 top stanzas into install.yml
-# - move 6 mid/lower stanzas into enable-or-disable.yml
-# - verify analogous NGINX logic from roles/nginx/* -- then integrate as nec?
-
-- name: Add dir {{ doc_root }}/local_content, where USB drive links can appear
-  file:
-    state: directory
-    path: "{{ doc_root }}/local_content"
-    owner: "{{ apache_user }}"
-    group: "{{ iiab_admin_user }}"    # ISN'T "{{ apache_user }}" MORE APPROPRIATE?
-    mode: '0775'
-
-- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off'
-  template:
-    src: "{{ item.src }}"
-    dest: "{{ item.dest }}"
-    mode: "{{ item.mode }}"
-  with_items:
-    - { src: 'usbmount@.service.j2' , dest: '/etc/systemd/system/usbmount@.service', mode: '0644' }
-    - { src: 'usbmount.rules.j2' , dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' }
-    - { src: 'iiab-usb_lib-show-all-on' , dest: '/usr/bin/', mode: '0755' }
-    - { src: 'iiab-usb_lib-show-all-off' , dest: '/usr/bin/', mode: '0755' }
-
-- name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf
-  lineinfile:
-    regexp: '^FILESYSTEMS.*'
-    line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"'
-    path: /etc/usbmount/usbmount.conf
-
-- name: Install /etc/{{ apache_conf_dir }}/content_dir.conf from template
-  template:
-    src: content_dir.conf
-    dest: "/etc/{{ apache_conf_dir }}"
-  when: apache_install
+# TO DO: (2020-02-13)
+# - Look at analogous NGINX logic for http://box/usb in
+#   nginx/templates/iiab.conf.j2 and make that visually meaningful for teachers:
+# https://github.com/iiab/iiab/blob/master/roles/nginx/templates/iiab.conf.j2#L5-L8
 
 
-# RECORD usb_lib AS INSTALLED
+# "How do i fail a task in Ansible if the variable contains a boolean value?
+# I want to perform input validation for Ansible playbooks"
+# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
 
-- name: "Set 'usb_lib_installed: True'"
-  set_fact:
-    usb_lib_installed: True
+# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
+# to re-check whether vars are defined here.  As Ansible vars cannot be unset:
+# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
 
-- name: "Add 'usb_lib_installed: True' to {{ iiab_state_file }}"
-  lineinfile:
-    path: "{{ iiab_state_file }}"    # /etc/iiab/iiab_state.yml
-    regexp: '^usb_lib_installed'
-    line: 'usb_lib_installed: True'
+- name: Assert that "usb_lib_install is sameas true" (boolean not string etc)
+  assert:
+    that: usb_lib_install is sameas true
+    fail_msg: "PLEASE SET 'usb_lib_install: True' e.g. IN: /etc/iiab/local_vars.yml"
+    quiet: yes
+
+- name: Assert that "usb_lib_enabled | type_debug == 'bool'" (boolean not string etc)
+  assert:
+    that: usb_lib_enabled | type_debug == 'bool'
+    fail_msg: "PLEASE GIVE VARIABLE 'usb_lib_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
+    quiet: yes
 
 
-- name: Install /etc/usbmount/mount.d/70-usb-library from template, if usb_lib_enabled
-  template:
-    src: mount.d/70-usb-library
-    dest: /etc/usbmount/mount.d/
-    owner: root
-    group: root
-    mode: '0751'
-  when: usb_lib_enabled | bool
+- name: Install USB_LIB if 'usb_lib_installed' not defined, e.g. in {{ iiab_state_file }}    # /etc/iiab/iiab_state.yml
+  include_tasks: install.yml
+  when: usb_lib_installed is undefined
 
-- name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled
-  template:
-    src: umount.d/70-usb-library
-    dest: /etc/usbmount/umount.d
-    owner: root
-    group: root
-    mode: '0751'
-  when: usb_lib_enabled | bool
 
-- name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled
-  file:
-    path: /etc/usbmount/mount.d/70-usb-library
-    state: absent
-  when: not usb_lib_enabled
-
-- name: Remove /etc/usbmount/umount.d/70-usb-library if not usb_lib_enabled
-  file:
-    path: /etc/usbmount/umount.d/70-usb-library
-    state: absent
-  when: not usb_lib_enabled
-
-- name: Enable http://box/usb via Apache, if usb_lib_enabled
-  command: a2ensite content_dir.conf
-  when: apache_install and usb_lib_enabled
-
-- name: Disable http://box/usb via Apache, if not usb_lib_enabled
-  command: a2dissite content_dir.conf
-  when: apache_install and not usb_lib_enabled
+- include_tasks: enable-or-disable.yml
 
 
 - name: Put variable in iiab.env that enables display of content at root of USB
@@ -96,14 +41,16 @@
 
 - name: Add 'usb_lib' variable values to {{ iiab_ini_file }}
   ini_file:
-    path: "{{ iiab_ini_file }}"
+    path: "{{ iiab_ini_file }}"    # /etc/iiab/iiab.ini
     section: usb_lib
     option: "{{ item.option }}"
     value: "{{ item.value | string }}"
   with_items:
     - option: name
-      value: usb_lib
+      value: USB_LIB
     - option: description
-      value: '"usb_lib automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"'
-    - option: enabled
+      value: '"USB_LIB automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"'
+    - option: usb_lib_install
+      value: "{{ usb_lib_install }}"
+    - option: usb_lib_enabled
       value: "{{ usb_lib_enabled }}"

From c8e2eb9d5ddfb102cd079aab0d8259e870552d08 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Thu, 13 Feb 2020 15:18:12 -0500
Subject: [PATCH 4/5] Create enable-or-disable.yml

---
 roles/usb_lib/tasks/enable-or-disable.yml | 37 +++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 roles/usb_lib/tasks/enable-or-disable.yml

diff --git a/roles/usb_lib/tasks/enable-or-disable.yml b/roles/usb_lib/tasks/enable-or-disable.yml
new file mode 100644
index 000000000..4800956cd
--- /dev/null
+++ b/roles/usb_lib/tasks/enable-or-disable.yml
@@ -0,0 +1,37 @@
+- name: Install /etc/usbmount/mount.d/70-usb-library from template, if usb_lib_enabled
+  template:
+    src: mount.d/70-usb-library
+    dest: /etc/usbmount/mount.d/
+    owner: root
+    group: root
+    mode: '0751'
+  when: usb_lib_enabled | bool
+
+- name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled
+  template:
+    src: umount.d/70-usb-library
+    dest: /etc/usbmount/umount.d
+    owner: root
+    group: root
+    mode: '0751'
+  when: usb_lib_enabled | bool
+
+- name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled
+  file:
+    path: /etc/usbmount/mount.d/70-usb-library
+    state: absent
+  when: not usb_lib_enabled
+
+- name: Remove /etc/usbmount/umount.d/70-usb-library if not usb_lib_enabled
+  file:
+    path: /etc/usbmount/umount.d/70-usb-library
+    state: absent
+  when: not usb_lib_enabled
+
+- name: Enable http://box/usb via Apache, if usb_lib_enabled
+  command: a2ensite content_dir.conf
+  when: apache_install and usb_lib_enabled
+
+- name: Disable http://box/usb via Apache, if not usb_lib_enabled
+  command: a2dissite content_dir.conf
+  when: apache_install and not usb_lib_enabled

From 37ae468e7d3723e9ba5c740cacdf716459077c58 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Thu, 13 Feb 2020 17:11:04 -0500
Subject: [PATCH 5/5] Update install.yml

---
 roles/usb_lib/tasks/install.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml
index 6d98ec08f..a1f92bb8c 100644
--- a/roles/usb_lib/tasks/install.yml
+++ b/roles/usb_lib/tasks/install.yml
@@ -3,7 +3,7 @@
     state: directory
     path: "{{ doc_root }}/local_content"
     owner: "{{ apache_user }}"
-    group: "{{ apache_user }}"    # 2020-02-12: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222)
+    group: "{{ apache_user }}"    # 2020-02-13: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222)
     mode: '0775'
 
 - name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off'
@@ -12,10 +12,10 @@
     dest: "{{ item.dest }}"
     mode: "{{ item.mode }}"
   with_items:
-    - { src: 'usbmount@.service.j2' , dest: '/etc/systemd/system/usbmount@.service', mode: '0644' }
-    - { src: 'usbmount.rules.j2' , dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' }
-    - { src: 'iiab-usb_lib-show-all-on' , dest: '/usr/bin/', mode: '0755' }
-    - { src: 'iiab-usb_lib-show-all-off' , dest: '/usr/bin/', mode: '0755' }
+    - { src: 'usbmount@.service.j2', dest: '/etc/systemd/system/usbmount@.service', mode: '0644' }
+    - { src: 'usbmount.rules.j2', dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' }
+    - { src: 'iiab-usb_lib-show-all-on', dest: '/usr/bin/', mode: '0755' }
+    - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' }
 
 - name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf
   lineinfile:
@@ -26,7 +26,7 @@
 - name: Install /etc/{{ apache_conf_dir }}/content_dir.conf from template
   template:
     src: content_dir.conf
-    dest: "/etc/{{ apache_conf_dir }}"
+    dest: "/etc/{{ apache_conf_dir }}"    # apache2/sites-available on debuntu
   when: apache_install