Merge pull request #34 from iiab/master

sync from iiab/iiab

iiab-from-console.yml

@@ -16,3 +16,4 @@
       - { role: 7-edu-apps, tags: ['7-edu-apps'] }
       - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
       - { role: 9-local-addons, tags: ['9-local-addons'] }
+      - { role: network, tags: ['network'] }

iiab-install

@@ -3,15 +3,6 @@
 # Add cmdline options for passing to ansible
 # Todo add proper shift to gobble up --debug --reinstall
 
-if [ "$1" != "--debug" ] && [ "$1" != "--reinstall" ] && [ "$1" != "" ]; then
-    echo "Use './iiab-install' for regular installs, or to continue an install."
-    echo "Use './iiab-install --reinstall' to force running all Stages 0-9."
-    echo "Use './iiab-install --debug' to run Stage 0, followed by Stages 3-9."
-    echo "Use './runtags' to run a single Stage or Tag or Role."
-    echo "Use './iiab-network' to run Network sections."
-    exit 1
-fi
-
 PLAYBOOK="iiab-stages.yml"
 INVENTORY="ansible_hosts"
 ARGS=""
@@ -23,12 +14,27 @@ MIN_ANSIBLE_VER=2.4.1.0
 
 export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
 
+if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then
+    mkdir -p /etc/ansible/facts.d
+fi
+cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact
+echo "Placed /etc/ansible/facts.d/local_facts.fact into position."
+
 if [ ! -f $PLAYBOOK ]; then
     echo "EXITING: IIAB Playbook not found."
     echo "Please run 'iiab-install' from /opt/iiab/iiab (top level of git repo)."
     exit 1
 fi
 
+if [ "$1" != "--debug" ] && [ "$1" != "--reinstall" ] && [ "$1" != "" ]; then
+    echo "Use './iiab-install' for regular installs, or to continue an install."
+    echo "Use './iiab-install --reinstall' to force running all Stages 0-9."
+    echo "Use './iiab-install --debug' to run Stage 0, followed by Stages 3-9."
+    echo "Use './runtags' to run a single Stage or Tag or Role."
+    echo "Use './iiab-network' to run Network sections."
+    exit 1
+fi
+
 # Subroutine compares software version numbers.  Generates rare false positives
 # like "1.0 > 1" and "2.4.0 > 2.4".  Avoid risks by structuring conditionals w/
 # a consistent # of decimal points e.g. "if version_gt w.x.y.z a.b.c.d; then"
@@ -61,24 +67,10 @@ if version_gt $MIN_ANSIBLE_VER $CURR_ANSIBLE_VER; then
     exit 1
 fi
 
-if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then
-    mkdir -p /etc/ansible/facts.d
-fi
-cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact
-echo "Placed /etc/ansible/facts.d/local_facts.fact into position."
-
 # Stage 0 will always be run.  From there on up to Stage 9 we keep a counter
 # (in /etc/iiab/iiab.env) of the highest completed Stage.  Avoid repetition!
 STAGE=0
-if [ ! -f /etc/iiab/iiab.env ]; then
-    mkdir -p /etc/iiab
-    echo "Ran 'mkdir -p /etc/iiab'"
-    # ./runtags and Admin Console currently require /etc/iiab/config_vars.yml (in future they may be self-sufficient?)
-    if [ ! -f /etc/iiab/config_vars.yml ]; then
-        echo "{}" > /etc/iiab/config_vars.yml
-        echo "Created stub /etc/iiab/config_vars.yml"
-    fi
-else
+if [ -f /etc/iiab/iiab.env ]; then
     if [[ `grep STAGE= /etc/iiab/iiab.env` ]]; then
         source /etc/iiab/iiab.env
         echo "Extracted STAGE="$STAGE" (counter) from /etc/iiab/iiab.env"

iiab-stages.yml

@@ -68,3 +68,8 @@
       name: 9-local-addons
     when: ansible_local.local_facts.stage|int < 9
     tags: 9-local-addons
+
+  - name: Network
+    include_role:
+      name: network
+    tags: network

iiab.yml

@@ -19,3 +19,4 @@
       - { role: 7-edu-apps, tags: ['7-edu-apps'] }
       - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
       - { role: 9-local-addons, tags: ['9-local-addons'] }
+      - { role: network, tags: ['network'] }

roles/0-init/tasks/first_run.yml

@@ -1,6 +1,5 @@
-- name: Write iiab_ini.yml for the first time
-  include_tasks: iiab_ini.yml
-
 - name: Create the directory structure for IIAB
   include_tasks: fl.yml
 
+- name: Write iiab_ini.yml for the first time
+  include_tasks: iiab_ini.yml

roles/0-init/tasks/fl.yml

@@ -5,6 +5,7 @@
         mode=0755
         state=directory
   with_items:
+    - /etc/iiab
     - "{{ yum_packages_dir }}"
     - "{{ pip_packages_dir }}"
     - "{{ downloads_dir }}"
@@ -14,6 +15,7 @@
     - /library/working/rachel
     - "{{ iiab_zim_path }}/content"
     - "{{ iiab_zim_path }}/index"
+    - "{{ doc_root }}/local_content"
     - "{{ doc_root }}/modules"
     - "{{ doc_root }}/common/css"
     - "{{ doc_root }}/common/js"

roles/0-init/tasks/hostname.yml

@@ -18,10 +18,10 @@
               group=root
               mode=0644
 
-- name: Re-configuring httpd - not initial install
-  include_tasks: roles/httpd/tasks/main.yml
-  when: iiab_stage|int > 3
+#- name: Re-configuring httpd - not initial install
+#  include_tasks: roles/httpd/tasks/main.yml
+#  when: iiab_stage|int > 3
 
-- name: Re-configuring rest of networking - not initial install
-  include_tasks: roles/network/tasks/main.yml
-  when: iiab_stage|int > 4
+#- name: Re-configuring rest of networking - not initial install
+#  include_tasks: roles/network/tasks/main.yml
+#  when: iiab_stage|int > 4

roles/0-init/tasks/main.yml

@@ -74,8 +74,7 @@
 
 # Put all computed vars here so derive properly from any prior var file
 - name: If the TZ is not set in env, set it to UTC
-  set_fact: local_tz='UTC'
-  when: local_tz == ""
+  include_tasks: tz.yml
 
 - name: Set port 80 for Admin Console
   set_fact:
@@ -199,7 +198,7 @@
       value:  '{{ FQDN_changed }}'
 
 - name: Now changing FQDN
-  include_tasks: roles/2-common/tasks/hostname.yml
+  include_tasks: hostname.yml
   when: FQDN_changed
 
 - name: STAGE 0 HAS COMPLETED ======================================

roles/0-init/tasks/tz.yml

@@ -0,0 +1,32 @@
+- name: Check if the TZ is not already set via /etc/localtime - Can Fail
+  shell: readlink /etc/localtime | awk -F "zoneinfo/" '{print $2}'
+  register: TZ_set
+  ignore_errors: True
+
+- name: Set local and iiab TZ to UTC if /etc/localtime is not set
+  set_fact:
+      local_tz: 'UTC'
+      iiab_TZ: 'UTC'
+  when: TZ_set.stdout == ""
+
+- name: Override ansible on timezone if TZ set
+  set_fact:
+      local_tz: '{{ TZ_set.stdout }}'
+  when: TZ_set.stdout != ""
+
+- name: Using iiab TZ for local TZ
+  set_fact:
+      local_tz: '{{ iiab_TZ }}'
+  when: iiab_TZ is defined and iiab_TZ != "" and iiab_TZ != "TZ_set.stdout"
+
+- name: Set default Timezone from iiab TZ -  Debian
+  shell: timedatectl set-timezone {{ iiab_TZ }}
+  when: is_debuntu and iiab_TZ is defined and iiab_TZ != "" and iiab_TZ != "TZ_set.stdout"
+
+- name: Set default Timezone from iiab TZ -  Redhat
+  file:
+      path: /etc/localtime
+      src: /usr/share/zoneinfo/{{ iiab_TZ }}
+      force: yes
+      state: link
+  when: is_redhat and iiab_TZ is defined and iiab_TZ != "" and iiab_TZ != "TZ_set.stdout"

roles/2-common/tasks/main.yml

@@ -32,10 +32,6 @@
 - sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present
 - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present
 
-- name: Set default Time Zone
-  shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime
-  when: iiab_TZ is defined and iiab_TZ != ""
-
 - name: Install custom profile file
   template: dest=/etc/profile.d/zzz_iiab.sh
             src=zzz_iiab.sh

roles/3-base-server/tasks/main.yml

@@ -21,10 +21,6 @@
   # has no "when: XXXXX_install" flag
   tags: base, mysql
 
-- name: Make sure there is a content directory
-  file: dest={{ doc_root }}/local_content
-        state=directory
-
 - name: Restart httpd
   service: name={{ apache_service }}
            state=restarted

roles/4-server-options/tasks/main.yml

@@ -15,31 +15,31 @@
   when: openvpn_install
   tags: openvpn
 
-- name: Configuring wondershaper
-  include_tasks: roles/network/tasks/wondershaper.yml
-  when: wondershaper_install
-  tags: wondershaper, network
+#- name: Configuring wondershaper
+#  include_tasks: roles/network/tasks/wondershaper.yml
+#  when: wondershaper_install
+#  tags: wondershaper, network
 
-- name: Configuring named
+- name: Installing named
   include_tasks: roles/network/tasks/named.yml
-  when: FQDN_changed
-  tags: named, network, domain
+  when: named_install
+  tags: base, named, network, domain
 
-- name: Configuring dhcpd
+- name: Installing dhcpd
   include_tasks: roles/network/tasks/dhcpd.yml
-  when: FQDN_changed
-  tags: dhcpd, network, domain
+  when: dhcpd_install
+  tags: base, dhcpd, network, domain
 
-- name: Configuring Squid
+- name: Installing Squid
   include_tasks: roles/network/tasks/squid.yml
   when: squid_install
-  tags: squid, network, domain
+  tags: base, squid, network, domain
 
-- name: NETWORK
-  include_role:
-    name: network
-  # has no "when: XXXXX_install" flag
-  tags: base, network
+#- name: NETWORK
+#  include_role:
+#    name: network
+#  # has no "when: XXXXX_install" flag
+#  tags: base, network
 
 - name: HOMEPAGE
   include_role:

roles/6-generic-apps/tasks/main.yml

@@ -3,12 +3,6 @@
 - name: ...IS BEGINNING ====================================
   command: echo
 
-- name: CALIBRE
-  include_role:
-    name: calibre
-  when: calibre_install
-  tags: calibre
-
 - name: DOKUWIKI
   include_role:
     name: dokuwiki

roles/8-mgmt-tools/tasks/main.yml

@@ -51,6 +51,12 @@
   when: xovis_install and ansible_distribution != "CentOS"
   tags: xovis
 
+- name: CALIBRE
+  include_role:
+    name: calibre
+  when: calibre_install
+  tags: calibre
+
 - name: Recording STAGE 8 HAS COMPLETED ======================
   lineinfile: dest=/etc/iiab/iiab.env
              regexp='^STAGE=*'

roles/calibre/defaults/main.yml

@@ -11,3 +11,6 @@ calibre_sample_book: "Metamorphosis-jackson.epub"
 # Must be downloadable from http://download.iiab.io/packages
 
 calibre_src_url: "https://raw.githubusercontent.com/kovidgoyal/calibre/master/setup/linux-installer.py"
+
+calibre_debs_on_debian: false
+# USE TO TEST debs.yml (RASPBIAN APPROACH!) ON DEBIAN 9.X

roles/calibre/tasks/create-db.yml

@@ -0,0 +1,35 @@
+- name: Create /library/calibre (mandatory since Calibre 3.x)
+  file:
+    path: "{{ calibre_dbpath }}"
+    state: directory
+    #mode: 0755
+
+- name: Check if sample book exists in /opt/iiab/downloads
+  stat:
+    path: "{{ content_base }}/downloads/{{ calibre_sample_book }}"
+  register: sample_bk
+
+- name: Download sample book (mandatory since Calibre 3.x)
+  get_url:
+    url: "{{ iiab_download_url }}/{{ calibre_sample_book }}"
+    dest: "{{ content_base }}/downloads"
+  when: internet_available and not sample_bk.stat.exists
+
+- name: Check if sample book exists in /opt/iiab/downloads
+  stat:
+    path: "{{ content_base }}/downloads/{{ calibre_sample_book }}"
+  register: sample_bk 
+
+- name: Incorporate sample book into Calibre DB (mandatory since Calibre 3.x)
+  shell: "calibredb add {{ content_base }}/downloads/{{ calibre_sample_book }} --with-library {{ calibre_dbpath }}"
+  when: sample_bk.stat.exists
+
+- name: Make /library/calibre/metadata.db writable for Calibre client SW
+  file:
+    path: "{{ calibre_dbpath }}/metadata.db"
+    mode: "ugo+w"
+    #mode: 0666
+    #owner: pi
+    #group: pi
+    #owner: iiab-admin
+    #group: iiab-admin

roles/calibre/tasks/debs.yml

@@ -0,0 +1,7 @@
+- name: Start by installing OS's Calibre package
+  package:
+    name: calibre
+    state: present
+
+- name: Upgrade latest Calibre
+  command: scripts/calibre-install-latest.sh

roles/calibre/tasks/main.yml

@@ -1,60 +1,45 @@
-- name: Download latest linux-installer.py from GitHub to calibre-installer.py
-# seems to work with just about any Linux, and deals with dependencies
-  get_url:
-    url: "{{ calibre_src_url }}"
-    dest: "{{ downloads_dir }}/calibre-installer.py"
-    mode: 0755
-    force: yes
-    backup: yes
-  register: calibre_download_output
-  when: internet_available
+# 1. INSTALL THE LATEST CALIBRE 3.X+ (calibre-server etc) ON ALL OS'S
 
-# ALWAYS DEFINED, DESPITE get_url DOCUMENTATION CLAIM...
-# - debug:
-#     msg: "{{ calibre_download_output.src }}"
-#
-# DEFINED ONLY WHEN /opt/iiab/downloads/calibre-installer.py CHANGES
-# - debug:
-#    msg: "{{ calibre_download_output.backup_file }}"
+# RUNS IF /usr/bin/calibre-uninstall DOES NOT ALEADY EXIST
+- name: Install Calibre via calibre-installer.py (OS's other than Raspbian)
+  include_tasks: py-installer.yml
+  when: (not is_rpi) and (not calibre_debs_on_debian)
+  #when: is_redhat or is_ubuntu
 
-# OOPS BAD IDEA: changes in https://github.com/kovidgoyal/calibre/commits/master/setup/linux-installer.py are not sync'd with Calibre releases!
-# - name: FORCE AN UPGRADE IF calibre-installer.py HAS CHANGED, IF SO ORIGINAL IS SAVED TO {{ calibre_download_output.backup_file }}
-#   file:
-#     path: /usr/bin/calibre-uninstall
-#     state: absent
-#   when: calibre_download_output.backup_file is defined
+- name: Install Calibre via .debs (Raspbian)
+  include_tasks: debs.yml
+  when: is_rpi or calibre_debs_on_debian
+  #when: is_rpi or is_debian     # (is_debian also covers & includes is_rpi)
 
-- name: Check if calibre-installer.py exists in /opt/iiab/downloads
+# 2. STOP CALIBRE SERVICE IF IT EXISTS (REQUIRED FOR DB ACTIVITY...AND IF not calibre_enabled)
+
+#- name: Check if Calibre systemd service exists
+#  stat:
+#    path: /etc/systemd/system/calibre-serve.service
+#  register: calibre_svc
+
+- name: Stop Calibre service -- calibre-server by Kovid Goyal
+# systemd:
+  service:
+    name: calibre-serve
+    state: stopped
+    #enabled: no
+# register: command_result    # gist.github.com/tyrells/0a79681de339237cb04c
+  failed_when: false          # Never Fail during "systemctl stop calibre-serve" (even if service doesn't exist!)
+# when: calibre_svc.stat.exists
+
+# 3. CREATE DATABASE WITH A SAMPLE BOOK (REQUIRED AS OF CALIBRE 3.x)
+
+- name: Check if /library/calibre/metadata.db exists
   stat:
-    path: "{{ downloads_dir }}/calibre-installer.py"
-  register: calib_inst
+    path: "{{ calibre_dbpath }}/metadata.db"
+  register: calibre_db
 
-- name: Check if calibre-uninstall exists in /usr/bin
-  stat:
-    path: "/usr/bin/calibre-uninstall"
-  register: calib_uninst
+- name: Create database (required since Calibre 3.x) with a sample book
+  include_tasks: create-db.yml
+  when: not calibre_db.stat.exists
 
-- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/calibre-installer.py doesn't exist OR needed Internet connection is missing
-# meta: end_play
-  fail:
-    msg: "{{ downloads_dir }}/calibre-installer.py and an Internet connection are REQUIRED in order to install Calibre!"
-  when: (not calib_inst.stat.exists) or (not internet_available and not calib_uninst.stat.exists)
-
-# INSTALL THE LATEST CALIBRE (calibre-server etc) ON ALL OS'S - RUNS IF /usr/bin/calibre-uninstall DOES NOT ALEADY EXIST
-
-- name: Run calibre-installer.py to install Calibre programs into /usr/bin - MANUALLY REMOVE /usr/bin/calibre-uninstall TO FORCE calibre-installer.py TO REINSTALL/UPGRADE HERE!
-  shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null"
-  args:
-    creates: /usr/bin/calibre-uninstall
-  when: internet_available
-
-# - name: Install Calibre (OS's other than CentOS)
-# # the fedora rpm arm version, though older, takes care of dependencies, and exists
-#   package: name={{ item }}
-#            state=present
-#   with_items:
-#     - calibre
-#   when: calibre_install and ansible_distribution != 'CentOS'
+# 4. WRAP UP: CALIBRE SERVICE, http://box/books ETC
 
 - name: Create calibre-serve.service and calibre.conf
   template:
@@ -67,6 +52,7 @@
   with_items:
     - { src: 'calibre-serve.service.j2', dest: '/etc/systemd/system/calibre-serve.service', mode: '0644'}
     - { src: 'calibre.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'}
+  when: calibre_enabled
 
 # http://box:8080 & http://box:8080/mobile WORK BUT OTHER URL'S LIKE http://box/books ARE A MESS (BOOKS RARELY DISPLAY)
 - name: Create calibre.conf link for UNTESTED http://box/books etc (debuntu)
@@ -74,65 +60,24 @@
     src: /etc/apache2/sites-available/calibre.conf
     dest: /etc/apache2/sites-enabled/calibre.conf
     state: link
-  when: is_debuntu
+  when: calibre_enabled and is_debuntu
 
-# CREATE CALIBRE DATABASE WITH A SAMPLE BOOK
-
-- name: Disable Calibre service -- stops calibre-server by Kovid Goyal
-  service:
-    name: calibre-serve
-    enabled: no
-    state: stopped
-
-- name: Create /library/calibre (mandatory since Calibre 3.x)
+- name: Remove calibre.conf link if disabled (debuntu)
   file:
-    path: "{{ calibre_dbpath }}"
-    state: directory
-    mode: 0755
-
-- name: Check if sample book exists in /opt/iiab/downloads
-  stat:
-    path: "{{ content_base }}/downloads/{{ calibre_sample_book }}"
-  register: sample_bk
-
-- name: Download sample book (mandatory since Calibre 3.x)
-  get_url:
-    url: "{{ iiab_download_url }}/{{ calibre_sample_book }}"
-    dest: "{{ content_base }}/downloads"
-  when: internet_available and not sample_bk.stat.exists
-
-- name: Check if sample book exists in /opt/iiab/downloads
-  stat:
-    path: "{{ content_base }}/downloads/{{ calibre_sample_book }}"
-  register: sample_bk
-
-- name: Check if /library/calibre/metadata.db exists
-  stat:
-    path: "{{ calibre_dbpath }}/metadata.db"
-  register: calibre_db
-
-- name: Incorporate sample book into Calibre DB (mandatory since Calibre 3.x)
-  shell: "calibredb add {{ content_base }}/downloads/{{ calibre_sample_book }} --with-library {{ calibre_dbpath }}"
-  when: sample_bk.stat.exists and not calibre_db.stat.exists
-
-# WRAP UP CALIBRE INSTALLATION
+    dest: /etc/apache2/sites-enabled/calibre.conf
+    state: absent
+  when: (not calibre_enabled) and is_debuntu
 
 - name: Enable Calibre service -- runs calibre-server by Kovid Goyal
   service:
     name: calibre-serve
     enabled: yes
     state: started
-    #async: 900
-    #poll: 5
   when: calibre_enabled
+  #async: 900
+  #poll: 5
 
-# - name: Disable Calibre service -- stops calibre-server by Kovid Goyal
-#   service: name=calibre-serve
-#            enabled=no
-#            state=stopped
-#   when: not calibre_enabled
-
-- name: Add 'calibre-serve' to service list
+- name: Add 'calibre-serve' to service list at /etc/iiab/iiab.ini
   ini_file:
     dest: "{{ service_filelist }}"
     section: calibre

roles/calibre/tasks/py-installer.yml

@@ -0,0 +1,51 @@
+# Seems to work with just about any Linux (Fedora 18 on OLPC XO Laptops??) and deals with dependencies.
+# But is arch dependent: requires x86_64 or i686 for now.
+
+- name: Download latest linux-installer.py from GitHub to calibre-installer.py
+  get_url:
+    url: "{{ calibre_src_url }}"
+    dest: "{{ downloads_dir }}/calibre-installer.py"
+    mode: 0755
+    force: yes
+    backup: yes
+  register: calibre_download_output
+  when: internet_available
+
+# ALWAYS DEFINED, DESPITE get_url DOCUMENTATION CLAIM...
+# - debug:
+#     msg: "{{ calibre_download_output.src }}"
+#
+# DEFINED ONLY WHEN /opt/iiab/downloads/calibre-installer.py CHANGES
+# - debug:
+#    msg: "{{ calibre_download_output.backup_file }}"
+
+# OOPS BAD IDEA: changes in https://github.com/kovidgoyal/calibre/commits/master/setup/linux-installer.py are not sync'd with Calibre releases!
+# - name: FORCE AN UPGRADE IF calibre-installer.py HAS CHANGED, IF SO ORIGINAL IS SAVED TO {{ calibre_download_output.backup_file }}
+#   file:
+#     path: /usr/bin/calibre-uninstall
+#     state: absent
+#   when: calibre_download_output.backup_file is defined
+
+- name: Check if calibre-installer.py exists in /opt/iiab/downloads
+  stat:
+    path: "{{ downloads_dir }}/calibre-installer.py"
+  register: calib_inst
+
+- name: Check if calibre-uninstall exists in /usr/bin
+  stat:
+    path: "/usr/bin/calibre-uninstall"
+  register: calib_uninst
+
+- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/calibre-installer.py doesn't exist OR needed Internet connection is missing
+  # meta: end_play
+  fail:
+    msg: "{{ downloads_dir }}/calibre-installer.py and an Internet connection are REQUIRED in order to install Calibre!"
+  when: (not calib_inst.stat.exists) or (not internet_available and not calib_uninst.stat.exists)
+
+# INSTALL THE LATEST CALIBRE (calibre-server etc) - RUNS IF /usr/bin/calibre-uninstall DOES NOT ALEADY EXIST
+
+- name: Run calibre-installer.py to install Calibre programs into /usr/bin - MANUALLY REMOVE /usr/bin/calibre-uninstall TO FORCE calibre-installer.py TO REINSTALL/UPGRADE HERE!
+  shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null"
+  args:
+    creates: /usr/bin/calibre-uninstall
+  when: internet_available

roles/network/tasks/computed_network.yml

@@ -6,19 +6,19 @@
      user_wan_iface: "{{ discovered_wan_iface }}"
   when: discovered_wan_iface != "none" and xo_model != "none" and has_ifcfg_gw == "none"
 
-- name: Checking for NetworkManager-config-server
-  shell: rpm -qa | grep  NetworkManager-config-server | wc -l
-  register: strict_networking_check
+#- name: Checking for NetworkManager-config-server
+#  shell: rpm -qa | grep  NetworkManager-config-server | wc -l
+#  register: strict_networking_check
 
-- name: Found Checking for NetworkManager-config-server
-  set_fact:
-     strict_networking: True
-  when: strict_networking_check == "1"
+#- name: Found Checking for NetworkManager-config-server
+#  set_fact:
+#     strict_networking: True
+#  when: strict_networking_check == "1"
 
-- name: Use restricted network features
-  set_fact:
-     iiab_demo_mode: True
-  when: teamviewer_install and not strict_networking
+#- name: Use restricted network features
+#  set_fact:
+#     iiab_demo_mode: True
+#  when: teamviewer_install and not strict_networking
 
 - name: XO laptop wants USB WiFi interface as AP mode
   set_fact:

roles/network/tasks/detected_network.yml

@@ -60,9 +60,10 @@
   set_fact:
      wifi2: "{{ item|trim }}"
      discovered_wireless_iface: "{{ item|trim }}"
-  when: wireless_list2.stdout != "" and item|trim != discovered_wan_iface
+  when: wireless_list2.stdout is defined
   with_items:
       - "{{ wireless_list2.stdout_lines }}"
+#item|trim != discovered_wan_iface
 
 - name: Count WiFi ifaces
   shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l"

roles/network/tasks/dhcpd.yml

@@ -17,7 +17,13 @@
         createhome=no
   when: is_debuntu
 
-- name: Configure dhcpd
+- name: Disable stock dhcp_service
+  service: name={{ dhcp_service }}
+           enabled=no
+           state=stopped
+  when: is_debuntu
+
+- name: Install systemd unit file to /etc/systemd/system/dhcpd.service
   template: src={{ item.src }}
             dest={{ item.dest }}
             owner=root

roles/network/tasks/enable_services.yml

@@ -1,8 +1,8 @@
-- name: Disable stock dhcp_service
-  service: name={{ dhcp_service }}
-           enabled=no
-           state=stopped
-  when: dhcpd_install and first_run and is_debuntu
+- name: Disable the Access Point 'hostapd' service
+  service: enabled=no
+           name=hostapd.service
+  when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance"
+#or not hostapd_enabled
 
 - name: Disable dhcpd service
   service: name=dhcpd
@@ -52,7 +52,7 @@
   when: not dnsmasq_enabled and dnsmasq_install
 
 - name: dnsmasq copy config file to /etc
-  template: src=network/dnsmasq.conf dest=/etc/
+  template: src=network/dnsmasq.conf.j2 dest=/etc/
   when: dnsmasq_enabled and dnsmasq_install
 
 - name: Enable dnsmasq

roles/network/tasks/hostapd.yml

@@ -4,12 +4,20 @@
             owner=root
             group=root
             mode=0644
+  when: iiab_wireless_lan_iface is defined
+
+- name: Create a config template for hostapd
+  template: src=hostapd/iiab-hostapd.conf.j2
+            dest=/etc/hostapd/hostapd.conf.template
+            owner=root
+            group=root
+            mode=0644
   when: discovered_wireless_iface is defined
 
 - name: Disable the Access Point 'hostapd' service
   service: enabled=no
            name=hostapd.service
-  when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" or not hostapd_enabled
+  when: not hostapd_enabled
 
 - name: Use custom systemd unit file to start 'hostapd' service
   template: src=hostapd/hostapd.service.j2
@@ -17,6 +25,21 @@
             owner=root
             group=root
             mode=0644
+  when: hostapd_enabled
+
+- name: Use custom iiab-hotspot-on
+  template: src=network/iiab-hotspot-on
+            dest=/usr/bin/iiab-hotspot-on
+            owner=root
+            group=root
+            mode=0755
+
+- name: Use custom iiab-hotspot-off
+  template: src=network/iiab-hotspot-off
+            dest=/usr/bin/iiab-hotspot-off
+            owner=root
+            group=root
+            mode=0755
 
 - name: Enable the Access Point 'hostapd' service
   service: enabled=yes

roles/network/tasks/main.yml

@@ -8,12 +8,31 @@
     - network
     - network-discover
 
+- name: RPi hack for AP post install via wifi so the services are right
+  set_fact:
+      iiab_lan_iface: br0
+      iiab_wan_iface: "{{ discovered_wired_iface }}"
+      iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}"
+      iiab_wired_lan_iface: ""
+  when: is_rpi and discovered_wireless_iface is defined and discovered_wireless_iface == iiab_wan_iface
+
 - include_tasks: computed_network.yml
   when: not installing
   tags:
     - network
     - network-discover
 
+- include_tasks: hostapd.yml
+  tags:
+    - network
+    - AP
+
+- name: RPi hack for AP post install via wifi don't blow away current network
+  set_fact:
+      no_net_restart: True
+      hostapd_enabled: False
+  when: is_rpi and discovered_wireless_iface is defined and discovered_wired_iface != iiab_wan_iface
+
 ##### Start static ip address info for first run #####
 #- include_tasks: static.yml
 #  when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"'
@@ -25,16 +44,28 @@
     - hostname
     - domain
 
+- name: Configuring wondershaper
+  include_tasks: wondershaper.yml
+  when: wondershaper_install
+  tags: wondershaper, network
+
+- name: (Re)Installing named
+  include_tasks: named.yml
+  when: FQDN_changed and iiab_stage|int == 9
+
+- name: (Re)Installing dhcpd
+  include_tasks: dhcpd.yml
+  when: FQDN_changed and iiab_stage|int == 9
+
+- name: (Re)Installing Squid
+  include_tasks: squid.yml
+  when: FQDN_changed and squid_install and iiab_stage|int == 9
+
 #### start services
 - include_tasks: avahi.yml
   tags:
     - network
 
-- include_tasks: hostapd.yml
-  tags:
-    - network
-    - AP
-
 - include_tasks: computed_services.yml
   tags:
     - network
@@ -42,7 +73,7 @@
     - dhcpd
     - dnsmasq
     - squid
- 
+
 - include_tasks: enable_services.yml
   tags:
     - network
@@ -97,3 +128,4 @@
     - dhcpd
     - dnsmasq
     - squid
+    - AP

roles/network/tasks/restart.yml

@@ -10,6 +10,7 @@
 - name: Stop Squid service
   service: name={{ proxy }}
            state=stopped
+  async: 120
   when: squid_install
 
 - name: Stop DansGuardian

roles/network/templates/hostapd/iiab-hostapd.conf.j2

@@ -0,0 +1,32 @@
+# Basic configuration
+
+interface={{ discovered_wireless_iface }}
+
+ssid={{ host_ssid }}
+channel={{ host_channel }}
+{%if iiab_lan_iface  == "br0" %}
+bridge=br0
+{% endif %}
+
+# Hardware configuration
+driver={{ driver_name }}
+{%if host_wireless_n %}
+ieee80211n=1
+{% endif %}
+country_code={{ host_country_code }}
+# limit emissions to what is legal in country
+ieee80211d=1
+hw_mode={{ host_wifi_mode }}
+
+{%if hostapd_secure %}
+# Use WPA authentication
+auth_algs=1
+# Use WPA2
+wpa=2
+# Use a pre-shared key
+wpa_key_mgmt=WPA-PSK
+# The network passphrase
+wpa_passphrase={{ hostapd_password }}
+# Use AES, instead of TKIP
+rsn_pairwise=CCMP
+{% endif %}

roles/network/templates/network/dnsmasq.conf.j2

@@ -0,0 +1,20 @@
+# Never forward addresses in the non-routed address spaces.
+bogus-priv
+#　Add other name servers here, with domain specs if they are for　non-public domains.
+#server=/{{ iiab_domain }}/{{ iiab_hostname }}
+# Add local-only domains here, queries in these domains are answered　from /etc/hosts or DHCP only.
+local=/{{ iiab_domain }}/
+# Make all host names resolve to the Raspberry Pi's IP address
+address=/#/{{ lan_ip }}
+# Specify the interface that will listen for DHCP and DNS requests
+interface={{ iiab_lan_iface }}
+# Set the domain for dnsmasq
+domain={{ iiab_domain }}
+# Specify the range of IP addresses the DHCP server will lease out to devices, and the duration of the lease
+dhcp-range=172.18.100.1,172.18.126.254,1h
+# Specify the default route
+dhcp-option=3,{{ lan_ip }}
+# Specify the DNS server address
+dhcp-option=6,{{ lan_ip }}
+# Set the DHCP server to authoritative mode.
+dhcp-authoritative

roles/network/templates/network/iiab-hotspot-off

@@ -0,0 +1,7 @@
+#!/bin/bash
+sed -i -e "s/^denyinterfaces*/#denyinterfaces/" /etc/dhcpcd.conf
+systemctl disable hostapd
+systemctl stop hostapd
+systemctl daemon-reload
+systemctl restart dhcpcd
+systemctl restart networking

roles/network/templates/network/iiab-hotspot-on

@@ -0,0 +1,7 @@
+#!/bin/bash
+sed -i -e "s/#denyinterfaces*/denyinterfaces/" /etc/dhcpcd.conf
+systemctl enable hostapd
+systemctl daemon-reload
+systemctl restart dhcpcd
+systemctl restart networking
+systemctl start hostapd

roles/network/templates/network/rpi.j2

@@ -5,8 +5,9 @@
 #################   LANCONTROLLER   ###################
 auto br0
 iface br0 inet manual
-    bridge_ports {% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }}{% endif %}
-
+{% if iiab_wired_lan_iface is defined %}
+    bridge_ports {{ iiab_wired_lan_iface }}
+{% endif %}
     bridge_maxwait 0
     dns-nameservers 127.0.0.1
     dns-search {{ iiab_domain }}

roles/sugarizer/tasks/main.yml

@@ -96,7 +96,7 @@
     - { name: sugarizer }
   when: not sugarizer_enabled
 
-- name: Add 'sugarizer' to service list in /etc/iiab/iiab.ini
+- name: Add 'sugarizer' to service list at /etc/iiab/iiab.ini
   ini_file:
     dest: "{{ service_filelist }}"
     section: sugarizer

scripts/calibre-install-latest.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Thanks to Jerry Vonau (https://github.com/jvonau) who made
+# this critical breakthrough (Calibre 3.x on Raspbian) possible!
+
+export DEBIAN_FRONTEND=noninteractive
+# Drags in stock desktop dependencies without too much from testing below
+apt -y install calibre-bin dirmngr
+
+# Updates calibre-bin to version 3.10 from testing
+apt-key adv --recv-key --keyserver keyserver.ubuntu.com 7638D0442B90D010
+echo "deb http://deb.debian.org/debian testing main" >> /etc/apt/sources.list.d/debian-testing.list
+apt update
+apt -y install libqt5core5a python-lxml calibre
+# Remove last line, safer than: rm /etc/apt/sources.list.d/debian-testing.list
+sed -i '$ d' /etc/apt/sources.list.d/debian-testing.list
+
+# Updates to calibre & calibre-bin to 3.12 from unstable
+echo "deb http://deb.debian.org/debian unstable main" >> /etc/apt/sources.list.d/debian-unstable.list
+apt update
+apt -y install calibre
+# Remove last line, safer than: rm /etc/apt/sources.list.d/debian-unstable.list
+sed -i '$ d' /etc/apt/sources.list.d/debian-unstable.list
+
+# Clears the cache of testing and unstable
+apt update

scripts/local_facts.fact

@@ -5,7 +5,7 @@ VERSION_ID=`grep VERSION_ID /etc/*elease | cut -d= -f2`
 VERSION_ID=${VERSION_ID//\"/}
 VERSION_ID=${VERSION_ID%%.*}
 OS_VER=$OS-$VERSION_ID
-DHCPCD=`which dhcpcd`
+DHCPCD_PATH=`which dhcpcd`
 
 case $OS_VER in
 "fedora-18" | \
@@ -53,6 +53,11 @@ else
   STAGE=0
 fi
 ANSIBLE_VERSION=$(ansible --version|head -n 1|cut -f 2 -d " ")
+
+if [ ! x$DHCPCD_PATH = x ]
+then
+  DHCPCD=`systemctl is-enabled dhcpcd`
+fi
 cat <<EOF
 {"phplib_dir"             : "$PHPLIB_DIR",
 "stage"                   : "$STAGE",