diff --git a/iiab-from-console.yml b/iiab-from-console.yml index 33f995186..97e8de990 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -16,3 +16,4 @@ - { role: 7-edu-apps, tags: ['7-edu-apps'] } - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] } - { role: 9-local-addons, tags: ['9-local-addons'] } + - { role: network, tags: ['network'] } diff --git a/iiab-install b/iiab-install index 8e16c53bd..32b2c1c64 100755 --- a/iiab-install +++ b/iiab-install @@ -3,15 +3,6 @@ # Add cmdline options for passing to ansible # Todo add proper shift to gobble up --debug --reinstall -if [ "$1" != "--debug" ] && [ "$1" != "--reinstall" ] && [ "$1" != "" ]; then - echo "Use './iiab-install' for regular installs, or to continue an install." - echo "Use './iiab-install --reinstall' to force running all Stages 0-9." - echo "Use './iiab-install --debug' to run Stage 0, followed by Stages 3-9." - echo "Use './runtags' to run a single Stage or Tag or Role." - echo "Use './iiab-network' to run Network sections." - exit 1 -fi - PLAYBOOK="iiab-stages.yml" INVENTORY="ansible_hosts" ARGS="" @@ -23,12 +14,27 @@ MIN_ANSIBLE_VER=2.4.1.0 export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" +if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then + mkdir -p /etc/ansible/facts.d +fi +cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact +echo "Placed /etc/ansible/facts.d/local_facts.fact into position." + if [ ! -f $PLAYBOOK ]; then echo "EXITING: IIAB Playbook not found." echo "Please run 'iiab-install' from /opt/iiab/iiab (top level of git repo)." exit 1 fi +if [ "$1" != "--debug" ] && [ "$1" != "--reinstall" ] && [ "$1" != "" ]; then + echo "Use './iiab-install' for regular installs, or to continue an install." + echo "Use './iiab-install --reinstall' to force running all Stages 0-9." + echo "Use './iiab-install --debug' to run Stage 0, followed by Stages 3-9." + echo "Use './runtags' to run a single Stage or Tag or Role." + echo "Use './iiab-network' to run Network sections." + exit 1 +fi + # Subroutine compares software version numbers. Generates rare false positives # like "1.0 > 1" and "2.4.0 > 2.4". Avoid risks by structuring conditionals w/ # a consistent # of decimal points e.g. "if version_gt w.x.y.z a.b.c.d; then" @@ -61,24 +67,10 @@ if version_gt $MIN_ANSIBLE_VER $CURR_ANSIBLE_VER; then exit 1 fi -if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then - mkdir -p /etc/ansible/facts.d -fi -cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact -echo "Placed /etc/ansible/facts.d/local_facts.fact into position." - # Stage 0 will always be run. From there on up to Stage 9 we keep a counter # (in /etc/iiab/iiab.env) of the highest completed Stage. Avoid repetition! STAGE=0 -if [ ! -f /etc/iiab/iiab.env ]; then - mkdir -p /etc/iiab - echo "Ran 'mkdir -p /etc/iiab'" - # ./runtags and Admin Console currently require /etc/iiab/config_vars.yml (in future they may be self-sufficient?) - if [ ! -f /etc/iiab/config_vars.yml ]; then - echo "{}" > /etc/iiab/config_vars.yml - echo "Created stub /etc/iiab/config_vars.yml" - fi -else +if [ -f /etc/iiab/iiab.env ]; then if [[ `grep STAGE= /etc/iiab/iiab.env` ]]; then source /etc/iiab/iiab.env echo "Extracted STAGE="$STAGE" (counter) from /etc/iiab/iiab.env" diff --git a/iiab-stages.yml b/iiab-stages.yml index 74af5c454..0f0d0ae56 100644 --- a/iiab-stages.yml +++ b/iiab-stages.yml @@ -68,3 +68,8 @@ name: 9-local-addons when: ansible_local.local_facts.stage|int < 9 tags: 9-local-addons + + - name: Network + include_role: + name: network + tags: network diff --git a/iiab.yml b/iiab.yml index d7055e91a..721203544 100644 --- a/iiab.yml +++ b/iiab.yml @@ -19,3 +19,4 @@ - { role: 7-edu-apps, tags: ['7-edu-apps'] } - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] } - { role: 9-local-addons, tags: ['9-local-addons'] } + - { role: network, tags: ['network'] } diff --git a/roles/0-init/tasks/first_run.yml b/roles/0-init/tasks/first_run.yml index 4248be004..0c3b01281 100644 --- a/roles/0-init/tasks/first_run.yml +++ b/roles/0-init/tasks/first_run.yml @@ -1,6 +1,5 @@ -- name: Write iiab_ini.yml for the first time - include_tasks: iiab_ini.yml - - name: Create the directory structure for IIAB include_tasks: fl.yml +- name: Write iiab_ini.yml for the first time + include_tasks: iiab_ini.yml diff --git a/roles/0-init/tasks/fl.yml b/roles/0-init/tasks/fl.yml index 3dd518df7..537029c48 100644 --- a/roles/0-init/tasks/fl.yml +++ b/roles/0-init/tasks/fl.yml @@ -5,6 +5,7 @@ mode=0755 state=directory with_items: + - /etc/iiab - "{{ yum_packages_dir }}" - "{{ pip_packages_dir }}" - "{{ downloads_dir }}" @@ -14,6 +15,7 @@ - /library/working/rachel - "{{ iiab_zim_path }}/content" - "{{ iiab_zim_path }}/index" + - "{{ doc_root }}/local_content" - "{{ doc_root }}/modules" - "{{ doc_root }}/common/css" - "{{ doc_root }}/common/js" diff --git a/roles/2-common/tasks/hostname.yml b/roles/0-init/tasks/hostname.yml similarity index 71% rename from roles/2-common/tasks/hostname.yml rename to roles/0-init/tasks/hostname.yml index 4726ec306..b929e18f1 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/0-init/tasks/hostname.yml @@ -18,10 +18,10 @@ group=root mode=0644 -- name: Re-configuring httpd - not initial install - include_tasks: roles/httpd/tasks/main.yml - when: iiab_stage|int > 3 +#- name: Re-configuring httpd - not initial install +# include_tasks: roles/httpd/tasks/main.yml +# when: iiab_stage|int > 3 -- name: Re-configuring rest of networking - not initial install - include_tasks: roles/network/tasks/main.yml - when: iiab_stage|int > 4 +#- name: Re-configuring rest of networking - not initial install +# include_tasks: roles/network/tasks/main.yml +# when: iiab_stage|int > 4 diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index dd80cc686..8e548ee05 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -74,8 +74,7 @@ # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC - set_fact: local_tz='UTC' - when: local_tz == "" + include_tasks: tz.yml - name: Set port 80 for Admin Console set_fact: @@ -199,7 +198,7 @@ value: '{{ FQDN_changed }}' - name: Now changing FQDN - include_tasks: roles/2-common/tasks/hostname.yml + include_tasks: hostname.yml when: FQDN_changed - name: STAGE 0 HAS COMPLETED ====================================== diff --git a/roles/0-init/tasks/tz.yml b/roles/0-init/tasks/tz.yml new file mode 100644 index 000000000..d2e0f4991 --- /dev/null +++ b/roles/0-init/tasks/tz.yml @@ -0,0 +1,32 @@ +- name: Check if the TZ is not already set via /etc/localtime - Can Fail + shell: readlink /etc/localtime | awk -F "zoneinfo/" '{print $2}' + register: TZ_set + ignore_errors: True + +- name: Set local and iiab TZ to UTC if /etc/localtime is not set + set_fact: + local_tz: 'UTC' + iiab_TZ: 'UTC' + when: TZ_set.stdout == "" + +- name: Override ansible on timezone if TZ set + set_fact: + local_tz: '{{ TZ_set.stdout }}' + when: TZ_set.stdout != "" + +- name: Using iiab TZ for local TZ + set_fact: + local_tz: '{{ iiab_TZ }}' + when: iiab_TZ is defined and iiab_TZ != "" and iiab_TZ != "TZ_set.stdout" + +- name: Set default Timezone from iiab TZ - Debian + shell: timedatectl set-timezone {{ iiab_TZ }} + when: is_debuntu and iiab_TZ is defined and iiab_TZ != "" and iiab_TZ != "TZ_set.stdout" + +- name: Set default Timezone from iiab TZ - Redhat + file: + path: /etc/localtime + src: /usr/share/zoneinfo/{{ iiab_TZ }} + force: yes + state: link + when: is_redhat and iiab_TZ is defined and iiab_TZ != "" and iiab_TZ != "TZ_set.stdout" diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 8b8df2f2e..638457f5f 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -32,10 +32,6 @@ - sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present -- name: Set default Time Zone - shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime - when: iiab_TZ is defined and iiab_TZ != "" - - name: Install custom profile file template: dest=/etc/profile.d/zzz_iiab.sh src=zzz_iiab.sh diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 9da79a5d8..7e972e04b 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -21,10 +21,6 @@ # has no "when: XXXXX_install" flag tags: base, mysql -- name: Make sure there is a content directory - file: dest={{ doc_root }}/local_content - state=directory - - name: Restart httpd service: name={{ apache_service }} state=restarted diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 0b8ef0e10..addb76517 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -15,31 +15,31 @@ when: openvpn_install tags: openvpn -- name: Configuring wondershaper - include_tasks: roles/network/tasks/wondershaper.yml - when: wondershaper_install - tags: wondershaper, network +#- name: Configuring wondershaper +# include_tasks: roles/network/tasks/wondershaper.yml +# when: wondershaper_install +# tags: wondershaper, network -- name: Configuring named +- name: Installing named include_tasks: roles/network/tasks/named.yml - when: FQDN_changed - tags: named, network, domain + when: named_install + tags: base, named, network, domain -- name: Configuring dhcpd +- name: Installing dhcpd include_tasks: roles/network/tasks/dhcpd.yml - when: FQDN_changed - tags: dhcpd, network, domain + when: dhcpd_install + tags: base, dhcpd, network, domain -- name: Configuring Squid +- name: Installing Squid include_tasks: roles/network/tasks/squid.yml when: squid_install - tags: squid, network, domain + tags: base, squid, network, domain -- name: NETWORK - include_role: - name: network - # has no "when: XXXXX_install" flag - tags: base, network +#- name: NETWORK +# include_role: +# name: network +# # has no "when: XXXXX_install" flag +# tags: base, network - name: HOMEPAGE include_role: diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index f30a94d46..0f8bd75a9 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -3,12 +3,6 @@ - name: ...IS BEGINNING ==================================== command: echo -- name: CALIBRE - include_role: - name: calibre - when: calibre_install - tags: calibre - - name: DOKUWIKI include_role: name: dokuwiki diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index ad22382ed..dc0cb270e 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -51,6 +51,12 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis +- name: CALIBRE + include_role: + name: calibre + when: calibre_install + tags: calibre + - name: Recording STAGE 8 HAS COMPLETED ====================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' diff --git a/roles/calibre/defaults/main.yml b/roles/calibre/defaults/main.yml index bfd9cdd35..84b572e62 100644 --- a/roles/calibre/defaults/main.yml +++ b/roles/calibre/defaults/main.yml @@ -11,3 +11,6 @@ calibre_sample_book: "Metamorphosis-jackson.epub" # Must be downloadable from http://download.iiab.io/packages calibre_src_url: "https://raw.githubusercontent.com/kovidgoyal/calibre/master/setup/linux-installer.py" + +calibre_debs_on_debian: false +# USE TO TEST debs.yml (RASPBIAN APPROACH!) ON DEBIAN 9.X diff --git a/roles/calibre/tasks/create-db.yml b/roles/calibre/tasks/create-db.yml new file mode 100644 index 000000000..be3c47f8f --- /dev/null +++ b/roles/calibre/tasks/create-db.yml @@ -0,0 +1,35 @@ +- name: Create /library/calibre (mandatory since Calibre 3.x) + file: + path: "{{ calibre_dbpath }}" + state: directory + #mode: 0755 + +- name: Check if sample book exists in /opt/iiab/downloads + stat: + path: "{{ content_base }}/downloads/{{ calibre_sample_book }}" + register: sample_bk + +- name: Download sample book (mandatory since Calibre 3.x) + get_url: + url: "{{ iiab_download_url }}/{{ calibre_sample_book }}" + dest: "{{ content_base }}/downloads" + when: internet_available and not sample_bk.stat.exists + +- name: Check if sample book exists in /opt/iiab/downloads + stat: + path: "{{ content_base }}/downloads/{{ calibre_sample_book }}" + register: sample_bk + +- name: Incorporate sample book into Calibre DB (mandatory since Calibre 3.x) + shell: "calibredb add {{ content_base }}/downloads/{{ calibre_sample_book }} --with-library {{ calibre_dbpath }}" + when: sample_bk.stat.exists + +- name: Make /library/calibre/metadata.db writable for Calibre client SW + file: + path: "{{ calibre_dbpath }}/metadata.db" + mode: "ugo+w" + #mode: 0666 + #owner: pi + #group: pi + #owner: iiab-admin + #group: iiab-admin diff --git a/roles/calibre/tasks/debs.yml b/roles/calibre/tasks/debs.yml new file mode 100644 index 000000000..64c6504a2 --- /dev/null +++ b/roles/calibre/tasks/debs.yml @@ -0,0 +1,7 @@ +- name: Start by installing OS's Calibre package + package: + name: calibre + state: present + +- name: Upgrade latest Calibre + command: scripts/calibre-install-latest.sh diff --git a/roles/calibre/tasks/main.yml b/roles/calibre/tasks/main.yml index b44a15841..5b999d9f1 100644 --- a/roles/calibre/tasks/main.yml +++ b/roles/calibre/tasks/main.yml @@ -1,60 +1,45 @@ -- name: Download latest linux-installer.py from GitHub to calibre-installer.py -# seems to work with just about any Linux, and deals with dependencies - get_url: - url: "{{ calibre_src_url }}" - dest: "{{ downloads_dir }}/calibre-installer.py" - mode: 0755 - force: yes - backup: yes - register: calibre_download_output - when: internet_available +# 1. INSTALL THE LATEST CALIBRE 3.X+ (calibre-server etc) ON ALL OS'S -# ALWAYS DEFINED, DESPITE get_url DOCUMENTATION CLAIM... -# - debug: -# msg: "{{ calibre_download_output.src }}" -# -# DEFINED ONLY WHEN /opt/iiab/downloads/calibre-installer.py CHANGES -# - debug: -# msg: "{{ calibre_download_output.backup_file }}" +# RUNS IF /usr/bin/calibre-uninstall DOES NOT ALEADY EXIST +- name: Install Calibre via calibre-installer.py (OS's other than Raspbian) + include_tasks: py-installer.yml + when: (not is_rpi) and (not calibre_debs_on_debian) + #when: is_redhat or is_ubuntu -# OOPS BAD IDEA: changes in https://github.com/kovidgoyal/calibre/commits/master/setup/linux-installer.py are not sync'd with Calibre releases! -# - name: FORCE AN UPGRADE IF calibre-installer.py HAS CHANGED, IF SO ORIGINAL IS SAVED TO {{ calibre_download_output.backup_file }} -# file: -# path: /usr/bin/calibre-uninstall -# state: absent -# when: calibre_download_output.backup_file is defined +- name: Install Calibre via .debs (Raspbian) + include_tasks: debs.yml + when: is_rpi or calibre_debs_on_debian + #when: is_rpi or is_debian # (is_debian also covers & includes is_rpi) -- name: Check if calibre-installer.py exists in /opt/iiab/downloads +# 2. STOP CALIBRE SERVICE IF IT EXISTS (REQUIRED FOR DB ACTIVITY...AND IF not calibre_enabled) + +#- name: Check if Calibre systemd service exists +# stat: +# path: /etc/systemd/system/calibre-serve.service +# register: calibre_svc + +- name: Stop Calibre service -- calibre-server by Kovid Goyal +# systemd: + service: + name: calibre-serve + state: stopped + #enabled: no +# register: command_result # gist.github.com/tyrells/0a79681de339237cb04c + failed_when: false # Never Fail during "systemctl stop calibre-serve" (even if service doesn't exist!) +# when: calibre_svc.stat.exists + +# 3. CREATE DATABASE WITH A SAMPLE BOOK (REQUIRED AS OF CALIBRE 3.x) + +- name: Check if /library/calibre/metadata.db exists stat: - path: "{{ downloads_dir }}/calibre-installer.py" - register: calib_inst + path: "{{ calibre_dbpath }}/metadata.db" + register: calibre_db -- name: Check if calibre-uninstall exists in /usr/bin - stat: - path: "/usr/bin/calibre-uninstall" - register: calib_uninst +- name: Create database (required since Calibre 3.x) with a sample book + include_tasks: create-db.yml + when: not calibre_db.stat.exists -- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/calibre-installer.py doesn't exist OR needed Internet connection is missing -# meta: end_play - fail: - msg: "{{ downloads_dir }}/calibre-installer.py and an Internet connection are REQUIRED in order to install Calibre!" - when: (not calib_inst.stat.exists) or (not internet_available and not calib_uninst.stat.exists) - -# INSTALL THE LATEST CALIBRE (calibre-server etc) ON ALL OS'S - RUNS IF /usr/bin/calibre-uninstall DOES NOT ALEADY EXIST - -- name: Run calibre-installer.py to install Calibre programs into /usr/bin - MANUALLY REMOVE /usr/bin/calibre-uninstall TO FORCE calibre-installer.py TO REINSTALL/UPGRADE HERE! - shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null" - args: - creates: /usr/bin/calibre-uninstall - when: internet_available - -# - name: Install Calibre (OS's other than CentOS) -# # the fedora rpm arm version, though older, takes care of dependencies, and exists -# package: name={{ item }} -# state=present -# with_items: -# - calibre -# when: calibre_install and ansible_distribution != 'CentOS' +# 4. WRAP UP: CALIBRE SERVICE, http://box/books ETC - name: Create calibre-serve.service and calibre.conf template: @@ -67,6 +52,7 @@ with_items: - { src: 'calibre-serve.service.j2', dest: '/etc/systemd/system/calibre-serve.service', mode: '0644'} - { src: 'calibre.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'} + when: calibre_enabled # http://box:8080 & http://box:8080/mobile WORK BUT OTHER URL'S LIKE http://box/books ARE A MESS (BOOKS RARELY DISPLAY) - name: Create calibre.conf link for UNTESTED http://box/books etc (debuntu) @@ -74,65 +60,24 @@ src: /etc/apache2/sites-available/calibre.conf dest: /etc/apache2/sites-enabled/calibre.conf state: link - when: is_debuntu + when: calibre_enabled and is_debuntu -# CREATE CALIBRE DATABASE WITH A SAMPLE BOOK - -- name: Disable Calibre service -- stops calibre-server by Kovid Goyal - service: - name: calibre-serve - enabled: no - state: stopped - -- name: Create /library/calibre (mandatory since Calibre 3.x) +- name: Remove calibre.conf link if disabled (debuntu) file: - path: "{{ calibre_dbpath }}" - state: directory - mode: 0755 - -- name: Check if sample book exists in /opt/iiab/downloads - stat: - path: "{{ content_base }}/downloads/{{ calibre_sample_book }}" - register: sample_bk - -- name: Download sample book (mandatory since Calibre 3.x) - get_url: - url: "{{ iiab_download_url }}/{{ calibre_sample_book }}" - dest: "{{ content_base }}/downloads" - when: internet_available and not sample_bk.stat.exists - -- name: Check if sample book exists in /opt/iiab/downloads - stat: - path: "{{ content_base }}/downloads/{{ calibre_sample_book }}" - register: sample_bk - -- name: Check if /library/calibre/metadata.db exists - stat: - path: "{{ calibre_dbpath }}/metadata.db" - register: calibre_db - -- name: Incorporate sample book into Calibre DB (mandatory since Calibre 3.x) - shell: "calibredb add {{ content_base }}/downloads/{{ calibre_sample_book }} --with-library {{ calibre_dbpath }}" - when: sample_bk.stat.exists and not calibre_db.stat.exists - -# WRAP UP CALIBRE INSTALLATION + dest: /etc/apache2/sites-enabled/calibre.conf + state: absent + when: (not calibre_enabled) and is_debuntu - name: Enable Calibre service -- runs calibre-server by Kovid Goyal service: name: calibre-serve enabled: yes state: started - #async: 900 - #poll: 5 when: calibre_enabled + #async: 900 + #poll: 5 -# - name: Disable Calibre service -- stops calibre-server by Kovid Goyal -# service: name=calibre-serve -# enabled=no -# state=stopped -# when: not calibre_enabled - -- name: Add 'calibre-serve' to service list +- name: Add 'calibre-serve' to service list at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" section: calibre diff --git a/roles/calibre/tasks/py-installer.yml b/roles/calibre/tasks/py-installer.yml new file mode 100644 index 000000000..4480405ea --- /dev/null +++ b/roles/calibre/tasks/py-installer.yml @@ -0,0 +1,51 @@ +# Seems to work with just about any Linux (Fedora 18 on OLPC XO Laptops??) and deals with dependencies. +# But is arch dependent: requires x86_64 or i686 for now. + +- name: Download latest linux-installer.py from GitHub to calibre-installer.py + get_url: + url: "{{ calibre_src_url }}" + dest: "{{ downloads_dir }}/calibre-installer.py" + mode: 0755 + force: yes + backup: yes + register: calibre_download_output + when: internet_available + +# ALWAYS DEFINED, DESPITE get_url DOCUMENTATION CLAIM... +# - debug: +# msg: "{{ calibre_download_output.src }}" +# +# DEFINED ONLY WHEN /opt/iiab/downloads/calibre-installer.py CHANGES +# - debug: +# msg: "{{ calibre_download_output.backup_file }}" + +# OOPS BAD IDEA: changes in https://github.com/kovidgoyal/calibre/commits/master/setup/linux-installer.py are not sync'd with Calibre releases! +# - name: FORCE AN UPGRADE IF calibre-installer.py HAS CHANGED, IF SO ORIGINAL IS SAVED TO {{ calibre_download_output.backup_file }} +# file: +# path: /usr/bin/calibre-uninstall +# state: absent +# when: calibre_download_output.backup_file is defined + +- name: Check if calibre-installer.py exists in /opt/iiab/downloads + stat: + path: "{{ downloads_dir }}/calibre-installer.py" + register: calib_inst + +- name: Check if calibre-uninstall exists in /usr/bin + stat: + path: "/usr/bin/calibre-uninstall" + register: calib_uninst + +- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/calibre-installer.py doesn't exist OR needed Internet connection is missing + # meta: end_play + fail: + msg: "{{ downloads_dir }}/calibre-installer.py and an Internet connection are REQUIRED in order to install Calibre!" + when: (not calib_inst.stat.exists) or (not internet_available and not calib_uninst.stat.exists) + +# INSTALL THE LATEST CALIBRE (calibre-server etc) - RUNS IF /usr/bin/calibre-uninstall DOES NOT ALEADY EXIST + +- name: Run calibre-installer.py to install Calibre programs into /usr/bin - MANUALLY REMOVE /usr/bin/calibre-uninstall TO FORCE calibre-installer.py TO REINSTALL/UPGRADE HERE! + shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null" + args: + creates: /usr/bin/calibre-uninstall + when: internet_available diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 19cd1048a..6b3eba538 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -6,19 +6,19 @@ user_wan_iface: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" and xo_model != "none" and has_ifcfg_gw == "none" -- name: Checking for NetworkManager-config-server - shell: rpm -qa | grep NetworkManager-config-server | wc -l - register: strict_networking_check +#- name: Checking for NetworkManager-config-server +# shell: rpm -qa | grep NetworkManager-config-server | wc -l +# register: strict_networking_check -- name: Found Checking for NetworkManager-config-server - set_fact: - strict_networking: True - when: strict_networking_check == "1" +#- name: Found Checking for NetworkManager-config-server +# set_fact: +# strict_networking: True +# when: strict_networking_check == "1" -- name: Use restricted network features - set_fact: - iiab_demo_mode: True - when: teamviewer_install and not strict_networking +#- name: Use restricted network features +# set_fact: +# iiab_demo_mode: True +# when: teamviewer_install and not strict_networking - name: XO laptop wants USB WiFi interface as AP mode set_fact: diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 50636bb87..ff876f314 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -60,9 +60,10 @@ set_fact: wifi2: "{{ item|trim }}" discovered_wireless_iface: "{{ item|trim }}" - when: wireless_list2.stdout != "" and item|trim != discovered_wan_iface + when: wireless_list2.stdout is defined with_items: - "{{ wireless_list2.stdout_lines }}" +#item|trim != discovered_wan_iface - name: Count WiFi ifaces shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l" diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index f5612df22..3896c6381 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -17,7 +17,13 @@ createhome=no when: is_debuntu -- name: Configure dhcpd +- name: Disable stock dhcp_service + service: name={{ dhcp_service }} + enabled=no + state=stopped + when: is_debuntu + +- name: Install systemd unit file to /etc/systemd/system/dhcpd.service template: src={{ item.src }} dest={{ item.dest }} owner=root diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 6e53c08cb..243342c15 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,8 +1,8 @@ -- name: Disable stock dhcp_service - service: name={{ dhcp_service }} - enabled=no - state=stopped - when: dhcpd_install and first_run and is_debuntu +- name: Disable the Access Point 'hostapd' service + service: enabled=no + name=hostapd.service + when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" +#or not hostapd_enabled - name: Disable dhcpd service service: name=dhcpd @@ -52,7 +52,7 @@ when: not dnsmasq_enabled and dnsmasq_install - name: dnsmasq copy config file to /etc - template: src=network/dnsmasq.conf dest=/etc/ + template: src=network/dnsmasq.conf.j2 dest=/etc/ when: dnsmasq_enabled and dnsmasq_install - name: Enable dnsmasq diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 199e0a883..2f8ac6c07 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -4,12 +4,20 @@ owner=root group=root mode=0644 + when: iiab_wireless_lan_iface is defined + +- name: Create a config template for hostapd + template: src=hostapd/iiab-hostapd.conf.j2 + dest=/etc/hostapd/hostapd.conf.template + owner=root + group=root + mode=0644 when: discovered_wireless_iface is defined - name: Disable the Access Point 'hostapd' service service: enabled=no name=hostapd.service - when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" or not hostapd_enabled + when: not hostapd_enabled - name: Use custom systemd unit file to start 'hostapd' service template: src=hostapd/hostapd.service.j2 @@ -17,6 +25,21 @@ owner=root group=root mode=0644 + when: hostapd_enabled + +- name: Use custom iiab-hotspot-on + template: src=network/iiab-hotspot-on + dest=/usr/bin/iiab-hotspot-on + owner=root + group=root + mode=0755 + +- name: Use custom iiab-hotspot-off + template: src=network/iiab-hotspot-off + dest=/usr/bin/iiab-hotspot-off + owner=root + group=root + mode=0755 - name: Enable the Access Point 'hostapd' service service: enabled=yes diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 675dd805c..77b131b71 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -8,12 +8,31 @@ - network - network-discover +- name: RPi hack for AP post install via wifi so the services are right + set_fact: + iiab_lan_iface: br0 + iiab_wan_iface: "{{ discovered_wired_iface }}" + iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}" + iiab_wired_lan_iface: "" + when: is_rpi and discovered_wireless_iface is defined and discovered_wireless_iface == iiab_wan_iface + - include_tasks: computed_network.yml when: not installing tags: - network - network-discover +- include_tasks: hostapd.yml + tags: + - network + - AP + +- name: RPi hack for AP post install via wifi don't blow away current network + set_fact: + no_net_restart: True + hostapd_enabled: False + when: is_rpi and discovered_wireless_iface is defined and discovered_wired_iface != iiab_wan_iface + ##### Start static ip address info for first run ##### #- include_tasks: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' @@ -25,16 +44,28 @@ - hostname - domain +- name: Configuring wondershaper + include_tasks: wondershaper.yml + when: wondershaper_install + tags: wondershaper, network + +- name: (Re)Installing named + include_tasks: named.yml + when: FQDN_changed and iiab_stage|int == 9 + +- name: (Re)Installing dhcpd + include_tasks: dhcpd.yml + when: FQDN_changed and iiab_stage|int == 9 + +- name: (Re)Installing Squid + include_tasks: squid.yml + when: FQDN_changed and squid_install and iiab_stage|int == 9 + #### start services - include_tasks: avahi.yml tags: - network -- include_tasks: hostapd.yml - tags: - - network - - AP - - include_tasks: computed_services.yml tags: - network @@ -42,7 +73,7 @@ - dhcpd - dnsmasq - squid - + - include_tasks: enable_services.yml tags: - network @@ -97,3 +128,4 @@ - dhcpd - dnsmasq - squid + - AP diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 62eed3108..49fff4e68 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -10,6 +10,7 @@ - name: Stop Squid service service: name={{ proxy }} state=stopped + async: 120 when: squid_install - name: Stop DansGuardian diff --git a/roles/network/templates/hostapd/iiab-hostapd.conf.j2 b/roles/network/templates/hostapd/iiab-hostapd.conf.j2 new file mode 100644 index 000000000..5ee541281 --- /dev/null +++ b/roles/network/templates/hostapd/iiab-hostapd.conf.j2 @@ -0,0 +1,32 @@ +# Basic configuration + +interface={{ discovered_wireless_iface }} + +ssid={{ host_ssid }} +channel={{ host_channel }} +{%if iiab_lan_iface == "br0" %} +bridge=br0 +{% endif %} + +# Hardware configuration +driver={{ driver_name }} +{%if host_wireless_n %} +ieee80211n=1 +{% endif %} +country_code={{ host_country_code }} +# limit emissions to what is legal in country +ieee80211d=1 +hw_mode={{ host_wifi_mode }} + +{%if hostapd_secure %} +# Use WPA authentication +auth_algs=1 +# Use WPA2 +wpa=2 +# Use a pre-shared key +wpa_key_mgmt=WPA-PSK +# The network passphrase +wpa_passphrase={{ hostapd_password }} +# Use AES, instead of TKIP +rsn_pairwise=CCMP +{% endif %} diff --git a/roles/network/templates/network/dnsmasq.conf.j2 b/roles/network/templates/network/dnsmasq.conf.j2 new file mode 100644 index 000000000..3a6365850 --- /dev/null +++ b/roles/network/templates/network/dnsmasq.conf.j2 @@ -0,0 +1,20 @@ +# Never forward addresses in the non-routed address spaces. +bogus-priv +# Add other name servers here, with domain specs if they are for non-public domains. +#server=/{{ iiab_domain }}/{{ iiab_hostname }} +# Add local-only domains here, queries in these domains are answered from /etc/hosts or DHCP only. +local=/{{ iiab_domain }}/ +# Make all host names resolve to the Raspberry Pi's IP address +address=/#/{{ lan_ip }} +# Specify the interface that will listen for DHCP and DNS requests +interface={{ iiab_lan_iface }} +# Set the domain for dnsmasq +domain={{ iiab_domain }} +# Specify the range of IP addresses the DHCP server will lease out to devices, and the duration of the lease +dhcp-range=172.18.100.1,172.18.126.254,1h +# Specify the default route +dhcp-option=3,{{ lan_ip }} +# Specify the DNS server address +dhcp-option=6,{{ lan_ip }} +# Set the DHCP server to authoritative mode. +dhcp-authoritative diff --git a/roles/network/templates/network/iiab-hotspot-off b/roles/network/templates/network/iiab-hotspot-off new file mode 100755 index 000000000..ca266dcb5 --- /dev/null +++ b/roles/network/templates/network/iiab-hotspot-off @@ -0,0 +1,7 @@ +#!/bin/bash +sed -i -e "s/^denyinterfaces*/#denyinterfaces/" /etc/dhcpcd.conf +systemctl disable hostapd +systemctl stop hostapd +systemctl daemon-reload +systemctl restart dhcpcd +systemctl restart networking diff --git a/roles/network/templates/network/iiab-hotspot-on b/roles/network/templates/network/iiab-hotspot-on new file mode 100755 index 000000000..0f1310110 --- /dev/null +++ b/roles/network/templates/network/iiab-hotspot-on @@ -0,0 +1,7 @@ +#!/bin/bash +sed -i -e "s/#denyinterfaces*/denyinterfaces/" /etc/dhcpcd.conf +systemctl enable hostapd +systemctl daemon-reload +systemctl restart dhcpcd +systemctl restart networking +systemctl start hostapd diff --git a/roles/network/templates/network/rpi.j2 b/roles/network/templates/network/rpi.j2 index b426fa81e..4b8f86e9f 100644 --- a/roles/network/templates/network/rpi.j2 +++ b/roles/network/templates/network/rpi.j2 @@ -5,8 +5,9 @@ ################# LANCONTROLLER ################### auto br0 iface br0 inet manual - bridge_ports {% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }}{% endif %} - +{% if iiab_wired_lan_iface is defined %} + bridge_ports {{ iiab_wired_lan_iface }} +{% endif %} bridge_maxwait 0 dns-nameservers 127.0.0.1 dns-search {{ iiab_domain }} diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 691975f60..363f50e5d 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -96,7 +96,7 @@ - { name: sugarizer } when: not sugarizer_enabled -- name: Add 'sugarizer' to service list in /etc/iiab/iiab.ini +- name: Add 'sugarizer' to service list at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" section: sugarizer diff --git a/scripts/calibre-install-latest.sh b/scripts/calibre-install-latest.sh new file mode 100755 index 000000000..69f2e4d43 --- /dev/null +++ b/scripts/calibre-install-latest.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +# Thanks to Jerry Vonau (https://github.com/jvonau) who made +# this critical breakthrough (Calibre 3.x on Raspbian) possible! + +export DEBIAN_FRONTEND=noninteractive +# Drags in stock desktop dependencies without too much from testing below +apt -y install calibre-bin dirmngr + +# Updates calibre-bin to version 3.10 from testing +apt-key adv --recv-key --keyserver keyserver.ubuntu.com 7638D0442B90D010 +echo "deb http://deb.debian.org/debian testing main" >> /etc/apt/sources.list.d/debian-testing.list +apt update +apt -y install libqt5core5a python-lxml calibre +# Remove last line, safer than: rm /etc/apt/sources.list.d/debian-testing.list +sed -i '$ d' /etc/apt/sources.list.d/debian-testing.list + +# Updates to calibre & calibre-bin to 3.12 from unstable +echo "deb http://deb.debian.org/debian unstable main" >> /etc/apt/sources.list.d/debian-unstable.list +apt update +apt -y install calibre +# Remove last line, safer than: rm /etc/apt/sources.list.d/debian-unstable.list +sed -i '$ d' /etc/apt/sources.list.d/debian-unstable.list + +# Clears the cache of testing and unstable +apt update diff --git a/scripts/local_facts.fact b/scripts/local_facts.fact index 67c274826..1735a2b60 100755 --- a/scripts/local_facts.fact +++ b/scripts/local_facts.fact @@ -5,7 +5,7 @@ VERSION_ID=`grep VERSION_ID /etc/*elease | cut -d= -f2` VERSION_ID=${VERSION_ID//\"/} VERSION_ID=${VERSION_ID%%.*} OS_VER=$OS-$VERSION_ID -DHCPCD=`which dhcpcd` +DHCPCD_PATH=`which dhcpcd` case $OS_VER in "fedora-18" | \ @@ -53,6 +53,11 @@ else STAGE=0 fi ANSIBLE_VERSION=$(ansible --version|head -n 1|cut -f 2 -d " ") + +if [ ! x$DHCPCD_PATH = x ] +then + DHCPCD=`systemctl is-enabled dhcpcd` +fi cat <