diff --git a/roles/1-prep/tasks/detected_redhat.yml b/roles/1-prep/tasks/detected_redhat.yml index a74fd5f07..031a0c030 100644 --- a/roles/1-prep/tasks/detected_redhat.yml +++ b/roles/1-prep/tasks/detected_redhat.yml @@ -6,7 +6,7 @@ - name: Setting ifcfg-WAN True set_fact: has_WAN: True - when: has_ifcfg_WAN.stat.exists + when: has_ifcfg_WAN.stat is defined and has_ifcfg_WAN.stat.exists # DETECT -- gateway and wireless - name: Get a list of slaves from previous config - Can Fail diff --git a/roles/2-common/tasks/udev.yml b/roles/2-common/tasks/udev.yml index 8bd5f7621..f377973fd 100644 --- a/roles/2-common/tasks/udev.yml +++ b/roles/2-common/tasks/udev.yml @@ -18,9 +18,12 @@ state=present when: udev_unit.stat.exists is defined and udev_unit.stat.exists +# ubuntu 16.04 comes with ansible 2.0.0.2 -- no systemd module - name: Ask systemd to recognize the changes - systemd: name=systemd-udevd - daemon-reload=True - state=restarted + shell: systemctl daemon-reload + when: udev_unit.stat.exists is defined and udev_unit.stat.exists + +- name: restart so systemd recognizes the changes + shell: systemctl restart systemd-udevd.service when: udev_unit.stat.exists is defined and udev_unit.stat.exists diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index d5a039817..43ea1141b 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -14,7 +14,7 @@ pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no - extra_args="--disable-pip-version-check" +# extra_args="--disable-pip-version-check" when: internet_available - name: Install ka-lite with pip @@ -22,7 +22,7 @@ version={{ kalite_version }} virtualenv={{ kalite_venv }} virtualenv_site_packages=no - extra_args="--disable-pip-version-check" +# extra_args="--disable-pip-version-check" when: internet_available - name: Default is to have cronserve started with kalite diff --git a/runansible b/runansible index 8368c0312..74c7013d0 100755 --- a/runansible +++ b/runansible @@ -1,4 +1,5 @@ -#!/bin/bash +#!/bin/bash -e +# ./scripts/ansible # copy var files to /etc/iiab for subsequent use # if vars/local_vars.yml is missing, put a default one in place if [ ! -f ./vars/local_vars.yml ]; then @@ -14,7 +15,7 @@ if [ ! -f ./vars/local_vars.yml ]; then ;; *) echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." - exit 0 + exit 1 ;; esac fi @@ -33,7 +34,7 @@ then echo "IIAB Playbook not found." echo "Please run this command from the top level of the git repo." echo "Exiting." - exit + exit 1 fi if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then diff --git a/scripts/ansible b/scripts/ansible index c861c7c4e..c8d9012d1 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -1,106 +1,140 @@ -#!/bin/bash -x -#TODO.md -yum_makecache_retry() { - tries=0 - until [ $tries -ge 5 ] - do - yum makecache && break - let tries++ - sleep 1 - done -} - -if [ "x$KITCHEN_LOG" = "xDEBUG" -o "x$OMNIBUS_ANSIBLE_LOG" = "xDEBUG" ]; then - export PS4='(${BASH_SOURCE}:${LINENO}): - [${SHLVL},${BASH_SUBSHELL},$?] $ ' - set -x +#!/bin/bash -e +# required to start loading IIAB with ansible +FOUND="" +VER="" +# below are unused for future use +GOOD_VER="" +URL="NA" +# TODO add check for version - to revese patching if upgrading +if [ $(which ansible-playbook) ]; then + VER=`ansible --version|head -n 1|cut -f 2 -d " "` + GOOD_VER=`echo $VER | grep ^2.4` +# 2.2.0.0 -> 2.4.0 patching was not applied -just upgrade via pip + if [ $VER = "2.2.0.0" ]; then + echo "Ansible $VER installed updating to 2.4.0" + pip install --upgrade ansible==2.4.0 --disable-pip-version-check + exit 0 + fi +# keep an eye out for 2.4.0.X in the future + if [ $VER = "2.4.0.0" ]; then + echo "Ansible $VER installed exiting..." + exit 0 + fi fi -if [ ! $(which ansible-playbook) ]; then - if [ -f /etc/centos-release ] || [ -f /etc/redhat-release ] || [ -f /etc/oracle-release ] || [ -f /etc/system-release ] || grep -q 'Amazon Linux' /etc/system-release; then +# TODO add check for version - to revese patching if upgrading +#if [ $(which ansible-playbook) ]; then +# VER=`ansible --version|head -n 1|cut -f 2 -d " "` - # Install required Python libs and pip - # Fix EPEL Metalink SSL error - # - workaround: https://community.hpcloud.com/article/centos-63-instance-giving-cannot-retrieve-metalink-repository-epel-error - # - SSL secure solution: Update ca-certs!! - # - http://stackoverflow.com/q/26734777/645491#27667111 - # - http://serverfault.com/q/637549/77156 - # - http://unix.stackexchange.com/a/163368/7688 +echo "Installing --- Please Wait" +if [ -f /etc/fedora-release ]; then + VER=`grep VERSION_ID /etc/*elease | cut -d= -f2` + URL=https://github.com/jvonau/iiab/blob/ansible/vars/fedora-$VER.yml + dnf -y upgrade + dnf -y install ansible git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python + dnf -y install python-pip python-setuptools python-wheel patch + FOUND="yes" + FAMILY="redhat" +fi +# might have to revisit dependencies with a redhat dialect +# ansible python-kerberos python-selinux python-winrm python-xmltodict sshpass bzip2 file findutils gzip tar unzip zip python-keyczar python-boto python-dnspython python-pyrax python-sphere + +if [ -f /etc/centos-release ]; then + yum -y upgrade + yum -y install ca-certificates nss epel-release + yum -y install ansible git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python + yum -y install python-pip python-setuptools python-wheel patch + FOUND="yes" + FAMILY="redhat" +fi +if [ -f /etc/olpc-release ]; then + yum -y upgrade yum -y install ca-certificates nss - yum clean all - rm -rf /var/cache/yum - yum_makecache_retry - yum -y install epel-release - # One more time with EPEL to avoid failures - yum_makecache_retry - - yum -y install python-pip PyYAML python-jinja2 python-httplib2 python-keyczar python-paramiko git - # If python-pip install failed and setuptools exists, try that - if [ -z "$(which pip)" -a -z "$(which easy_install)" ]; then - yum -y install python-setuptools - easy_install pip - elif [ -z "$(which pip)" -a -n "$(which easy_install)" ]; then - easy_install pip - fi - - # Install passlib for encrypt - yum -y groupinstall "Development tools" - yum -y install python-devel MySQL-python sshpass && pip install pyrax pysphere boto passlib dnspython - - # Install Ansible module dependencies - yum -y install bzip2 file findutils git gzip hg svn sudo tar which unzip xz zip libselinux-python - [ -n "$(yum search procps-ng)" ] && yum -y install procps-ng || yum -y install procps - elif [ -f /etc/debian_version ] || [ grep -qi ubuntu /etc/lsb-release ] || grep -qi ubuntu /etc/os-release; then - apt-get update - # Install via package - # apt-get update && \ - # apt-get install --no-install-recommends -y software-properties-common && \ - # apt-add-repository ppa:ansible/ansible && \ - # apt-get update && \ - # apt-get install -y ansible - - # Install required Python libs and pip - apt-get install -y python-pip python-yaml python-jinja2 python-httplib2 python-paramiko python-pkg-resources - [ -n "$( apt-cache search python-keyczar )" ] && apt-get install -y python-keyczar - if ! apt-get install -y git ; then - apt-get install -y git-core - fi - # If python-pip install failed and setuptools exists, try that - if [ -z "$(which pip)" -a -z "$(which easy_install)" ]; then - apt-get -y install python-setuptools - easy_install pip - elif [ -z "$(which pip)" -a -n "$(which easy_install)" ]; then - easy_install pip - fi - # If python-keyczar apt package does not exist, use pip - [ -z "$( apt-cache search python-keyczar )" ] && sudo pip install python-keyczar - - # Install passlib for encrypt - apt-get install -y build-essential - apt-get install -y python-all-dev python-mysqldb sshpass && pip install pyrax pysphere boto passlib dnspython - - # Install Ansible module dependencies - apt-get install -y bzip2 file findutils git gzip mercurial procps subversion sudo tar debianutils unzip xz-utils zip python-selinux - - else - echo 'WARN: Could not detect distro or distro unsupported' - echo 'WARN: Trying to install ansible via pip without some dependencies' - echo 'WARN: Not all functionality of ansible may be available' - fi - - mkdir /etc/ansible/ - echo -e '[local]\nlocalhost\n' > /etc/ansible/hosts - pip install ansible==2.2 - - if [ -f /etc/centos-release ] || [ -f /etc/redhat-release ] || [ -f /etc/oracle-release ] || [ -f /etc/system-release ] || grep -q 'Amazon Linux' /etc/system-release; then - # Fix for pycrypto pip / yum issue - # https://github.com/ansible/ansible/issues/276 - if ansible --version 2>&1 | grep -q "AttributeError: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'" ; then - echo 'WARN: Re-installing python-crypto package to workaround ansible/ansible#276' - echo 'WARN: https://github.com/ansible/ansible/issues/276' - pip uninstall -y pycrypto - yum erase -y python-crypto - yum install -y python-crypto python-paramiko - fi - fi - + yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python + yum -y install python-pip python-setuptools python-wheel patch + pip install --upgrade pip setuptools wheel #EOL just do it + FOUND="yes" + FAMILY="olpc" fi + +if [ -f /etc/debian_version ]; then + echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu xenial main" >> /etc/apt/sources.list + apt-get -y install dirmngr + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 + apt-get -y update + apt-get -y install ansible git python-pip python-setuptools python-wheel patch +# apt-get install ansible python-kerberos python-selinux python-winrm python-xmltodict sshpass bzip2 file findutils gzip tar unzip zip python-keyczar python-boto python-dnspython python-pyrax python-sphere + FOUND="yes" + FAMILY="debian" +fi +# Has 2.2.1 +if [ `grep -qi raspbian /etc/*elease` ]; then + echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu xenial main" >> /etc/apt/sources.list + apt-get -y install dirmngr + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 + apt-get -y update + apt-get -y install ansible git python-pip python-setuptools python-wheel patch +# apt-get install ansible python-kerberos python-selinux python-winrm python-xmltodict sshpass bzip2 file findutils gzip tar unzip zip python-keyczar python-boto python-dnspython python-pyrax python-sphere + FOUND="yes" + FAMILY="debian" +fi +if [ ! $FOUND = "yes" ]; then + if [ `grep -qi ubuntu /etc/lsb-release` ] || [ `grep -qi ubuntu /etc/os-release` ]; then + echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu xenial main" >> /etc/apt/sources.list + apt-get -y install dirmngr + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 + apt-get -y update +#confirm PPA location +# apt-get install software-properties-common +# apt-add-repository ppa:ansible/ansible +# apt-get update + apt-get -y install ansible git python-pip python-setuptools python-wheel patch +# apt-get install ansible python-kerberos python-selinux python-winrm python-xmltodict sshpass bzip2 file findutils gzip tar unzip zip python-keyczar python-boto python-dnspython python-pyrax python-sphere + FOUND="yes" + FAMILY="debian" + fi +fi +if [ ! $FOUND = "yes" ]; then + echo 'WARN: Could not detect distro or distro unsupported' + exit 1 +fi + +# latest pip 2.2 is 2.2.3.0 on 2017-07-07 +# ansible-2.3.1.0-1.el7.noarch.rpm from 2017-06-01 + +### start ansible pip install TODO add venv location /opt/iiab/anisble +if [ $FAMILY = "olpc" ]; then + pip install ansible==2.4.0 --disable-pip-version-check + VER=`ansible --version|head -n 1|cut -f 2 -d " "` + echo "ansible version installed via pip $VER" +fi + +# handle 2.2.1 -> 2.4.0 deb install undo patching +# unsure if install above will upgrade or skip - cover that now +if [ $FAMILY = "debian" ]; then + if [ ! $VER == "" ]; then + sed -i 's/LooseVersion/StrictVersion/g' /usr/lib/python2.7/dist-packages/ansible/modules/core/web_infrastructure/htpasswd.py + apt-get -y upgrade ansible + fi +fi +VER=`ansible --version|head -n 1|cut -f 2 -d " "` +echo "Current ansible version installed is $VER" + +# sample only +#if [ $FAMILY = "debian" ]; then +# rpm -e ansible +# pip install ansible==2.2.1 --disable-pip-version-check +#fi + +#if [ $FAMILY = "debian" ]; then +# echo 'WARN: Trying to install ansible via pip without some dependencies' +# echo 'WARN: Not all functionality of ansible may be available' +# pip install ansible==2.3.1 --disable-pip-version-check +#fi +mkdir -p /etc/ansible/ +echo -e '[local]\nlocalhost\n' > /etc/ansible/hosts + +### end ansible routine +### +# other pip upgrades here if needed +### diff --git a/scripts/ansible-2.2.0 b/scripts/ansible-2.2.0 new file mode 100755 index 000000000..c861c7c4e --- /dev/null +++ b/scripts/ansible-2.2.0 @@ -0,0 +1,106 @@ +#!/bin/bash -x +#TODO.md +yum_makecache_retry() { + tries=0 + until [ $tries -ge 5 ] + do + yum makecache && break + let tries++ + sleep 1 + done +} + +if [ "x$KITCHEN_LOG" = "xDEBUG" -o "x$OMNIBUS_ANSIBLE_LOG" = "xDEBUG" ]; then + export PS4='(${BASH_SOURCE}:${LINENO}): - [${SHLVL},${BASH_SUBSHELL},$?] $ ' + set -x +fi + +if [ ! $(which ansible-playbook) ]; then + if [ -f /etc/centos-release ] || [ -f /etc/redhat-release ] || [ -f /etc/oracle-release ] || [ -f /etc/system-release ] || grep -q 'Amazon Linux' /etc/system-release; then + + # Install required Python libs and pip + # Fix EPEL Metalink SSL error + # - workaround: https://community.hpcloud.com/article/centos-63-instance-giving-cannot-retrieve-metalink-repository-epel-error + # - SSL secure solution: Update ca-certs!! + # - http://stackoverflow.com/q/26734777/645491#27667111 + # - http://serverfault.com/q/637549/77156 + # - http://unix.stackexchange.com/a/163368/7688 + yum -y install ca-certificates nss + yum clean all + rm -rf /var/cache/yum + yum_makecache_retry + yum -y install epel-release + # One more time with EPEL to avoid failures + yum_makecache_retry + + yum -y install python-pip PyYAML python-jinja2 python-httplib2 python-keyczar python-paramiko git + # If python-pip install failed and setuptools exists, try that + if [ -z "$(which pip)" -a -z "$(which easy_install)" ]; then + yum -y install python-setuptools + easy_install pip + elif [ -z "$(which pip)" -a -n "$(which easy_install)" ]; then + easy_install pip + fi + + # Install passlib for encrypt + yum -y groupinstall "Development tools" + yum -y install python-devel MySQL-python sshpass && pip install pyrax pysphere boto passlib dnspython + + # Install Ansible module dependencies + yum -y install bzip2 file findutils git gzip hg svn sudo tar which unzip xz zip libselinux-python + [ -n "$(yum search procps-ng)" ] && yum -y install procps-ng || yum -y install procps + elif [ -f /etc/debian_version ] || [ grep -qi ubuntu /etc/lsb-release ] || grep -qi ubuntu /etc/os-release; then + apt-get update + # Install via package + # apt-get update && \ + # apt-get install --no-install-recommends -y software-properties-common && \ + # apt-add-repository ppa:ansible/ansible && \ + # apt-get update && \ + # apt-get install -y ansible + + # Install required Python libs and pip + apt-get install -y python-pip python-yaml python-jinja2 python-httplib2 python-paramiko python-pkg-resources + [ -n "$( apt-cache search python-keyczar )" ] && apt-get install -y python-keyczar + if ! apt-get install -y git ; then + apt-get install -y git-core + fi + # If python-pip install failed and setuptools exists, try that + if [ -z "$(which pip)" -a -z "$(which easy_install)" ]; then + apt-get -y install python-setuptools + easy_install pip + elif [ -z "$(which pip)" -a -n "$(which easy_install)" ]; then + easy_install pip + fi + # If python-keyczar apt package does not exist, use pip + [ -z "$( apt-cache search python-keyczar )" ] && sudo pip install python-keyczar + + # Install passlib for encrypt + apt-get install -y build-essential + apt-get install -y python-all-dev python-mysqldb sshpass && pip install pyrax pysphere boto passlib dnspython + + # Install Ansible module dependencies + apt-get install -y bzip2 file findutils git gzip mercurial procps subversion sudo tar debianutils unzip xz-utils zip python-selinux + + else + echo 'WARN: Could not detect distro or distro unsupported' + echo 'WARN: Trying to install ansible via pip without some dependencies' + echo 'WARN: Not all functionality of ansible may be available' + fi + + mkdir /etc/ansible/ + echo -e '[local]\nlocalhost\n' > /etc/ansible/hosts + pip install ansible==2.2 + + if [ -f /etc/centos-release ] || [ -f /etc/redhat-release ] || [ -f /etc/oracle-release ] || [ -f /etc/system-release ] || grep -q 'Amazon Linux' /etc/system-release; then + # Fix for pycrypto pip / yum issue + # https://github.com/ansible/ansible/issues/276 + if ansible --version 2>&1 | grep -q "AttributeError: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'" ; then + echo 'WARN: Re-installing python-crypto package to workaround ansible/ansible#276' + echo 'WARN: https://github.com/ansible/ansible/issues/276' + pip uninstall -y pycrypto + yum erase -y python-crypto + yum install -y python-crypto python-paramiko + fi + fi + +fi