From 2eebe604fa3fbb0a58d638df15dd7cfa32e687e0 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 2 Feb 2020 21:16:26 -0500 Subject: [PATCH] Cleaner Kolibri playbook --- roles/kolibri/tasks/apache.yml | 12 +++++ roles/kolibri/tasks/enable.yml | 71 ----------------------------- roles/kolibri/tasks/install.yml | 39 ++++++++-------- roles/kolibri/tasks/main.yml | 79 ++++++++++++++++++++++++++++++--- roles/kolibri/tasks/nginx.yml | 16 +++++++ 5 files changed, 121 insertions(+), 96 deletions(-) create mode 100644 roles/kolibri/tasks/apache.yml delete mode 100644 roles/kolibri/tasks/enable.yml create mode 100644 roles/kolibri/tasks/nginx.yml diff --git a/roles/kolibri/tasks/apache.yml b/roles/kolibri/tasks/apache.yml new file mode 100644 index 000000000..b438fd797 --- /dev/null +++ b/roles/kolibri/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box{{ kolibri_url }} via Apache # http://box/kolibri + command: a2ensite kolibri.conf + when: kolibri_enabled | bool + +- name: Disable http://box{{ kolibri_url }} via Apache # http://box/kolibri + command: a2dissite kolibri.conf + when: not kolibri_enabled + +- name: Restart '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted diff --git a/roles/kolibri/tasks/enable.yml b/roles/kolibri/tasks/enable.yml deleted file mode 100644 index 7395628fe..000000000 --- a/roles/kolibri/tasks/enable.yml +++ /dev/null @@ -1,71 +0,0 @@ -- name: Enable & Start 'kolibri' systemd service - systemd: - name: kolibri - daemon_reload: yes - enabled: yes - state: started - when: kolibri_enabled | bool - -- name: Disable & Stop 'kolibri' systemd service - systemd: - name: kolibri - enabled: no - state: stopped - when: not kolibri_enabled - - # Apache - -- name: Enable http://box{{ kolibri_url }} via Apache # i.e. http://box/kolibri - command: a2ensite kolibri.conf - when: apache_install and kolibri_enabled - -- name: Disable http://box{{ kolibri_url }} via Apache - command: a2dissite kolibri.conf - when: apache_install and not kolibri_enabled - -- name: Restart Apache systemd service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml - state: restarted - when: apache_enabled | bool - -# NGINX - -- name: Enable http://box{{ kolibri_url }} via NGINX, by installing {{ nginx_conf_dir }}/kolibri-nginx.conf from template - template: - src: kolibri-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/kolibri-nginx.conf" - when: nginx_install and kolibri_enabled - -- name: Disable http://box{{ kolibri_url }} via NGINX, by removing {{ nginx_conf_dir }}/kolibri-nginx.conf - file: - path: "{{ nginx_conf_dir }}/kolibri-nginx.conf" - state: absent - when: nginx_install and not kolibri_enabled - -- name: Restart 'nginx' systemd service - systemd: - name: nginx - state: restarted - when: nginx_enabled | bool - - -- name: Add 'kolibri' variable values to {{ iiab_ini_file }} # /etc/iiab/iiab.ini - ini_file: - path: "{{ iiab_ini_file }}" - section: kolibri - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: kolibri - - option: description - value: '"Kolibri is an open-source educational platform specially designed to provide offline access to a wide range of quality, openly licensed educational contents in low-resource contexts like rural schools, refugee camps, orphanages, and also in non-formal school programs."' - - option: kolibri_url - value: "{{ kolibri_url }}" - - option: kolibri_path - value: "{{ kolibri_exec_path }}" - - option: kolibri_port - value: "{{ kolibri_http_port }}" - - option: kolibri_enabled - value: "{{ kolibri_enabled }}" diff --git a/roles/kolibri/tasks/install.yml b/roles/kolibri/tasks/install.yml index ddd2d49c5..082ac8f0e 100644 --- a/roles/kolibri/tasks/install.yml +++ b/roles/kolibri/tasks/install.yml @@ -9,37 +9,37 @@ system: yes create_home: no -- name: Create {{ kolibri_home }} (for Kolibri content, configuration, sqlite3 databases) +- name: Create directory {{ kolibri_home }} (for Kolibri content, configuration, sqlite3 databases) file: + state: directory path: "{{ kolibri_home }}" # /library/kolibri owner: "{{ kolibri_user }}" # kolibri group: "{{ apache_user }}" # www-data (on Debian/Ubuntu/Raspbian) - mode: 0755 - state: directory + mode: '0755' -- name: Create /etc/kolibri +- name: Create directory /etc/kolibri file: - name: /etc/kolibri state: directory - owner: root - group: root - mode: 0755 + name: /etc/kolibri + # owner: root + # group: root + # mode: '0755' - name: Save kolibri_user ({{ kolibri_user }}) to /etc/kolibri/username copy: content: "{{ kolibri_user }}" dest: /etc/kolibri/username - owner: root - group: root - mode: 0644 + # owner: root + # group: root + # mode: '0644' - name: Save kolibri_home (KOLIBRI_HOME="{{ kolibri_home }}") to /etc/kolibri/daemon.conf copy: content: 'KOLIBRI_HOME="{{ kolibri_home }}"' dest: /etc/kolibri/daemon.conf - owner: root - group: root - mode: 0644 + # owner: root + # group: root + # mode: '0644' - name: apt install latest Kolibri .deb from {{ kolibri_deb_url }} (populates {{ kolibri_home }}, migrates database) # i.e. /library/kolibri apt: @@ -53,18 +53,19 @@ template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root - mode: 0644 + # owner: root + # group: root + # mode: '0644' with_items: - { src: 'kolibri.service.j2', dest: '/etc/systemd/system/kolibri.service' } - { src: 'kolibri.conf.j2', dest: '/etc/apache2/sites-available/kolibri.conf' } -- name: Enable 'kolibri' systemd service (for reboots) but ensure it's stopped for Kolibri provisioning +# - name: Enable 'kolibri' systemd service (for reboots) but ensure it's stopped for Kolibri provisioning +- name: Stop 'kolibri' systemd service, for Kolibri provisioning (after daemon_reload) systemd: name: kolibri daemon_reload: yes - enabled: yes + # enabled: yes state: stopped diff --git a/roles/kolibri/tasks/main.yml b/roles/kolibri/tasks/main.yml index 34b9d9c81..6c88a06e7 100644 --- a/roles/kolibri/tasks/main.yml +++ b/roles/kolibri/tasks/main.yml @@ -1,7 +1,74 @@ -- name: Install Kolibri - include_tasks: install.yml - when: kolibri_install and not kolibri_installed is defined +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: Enable Kolibri - include_tasks: enable.yml - when: kolibri_install or kolibri_installed is defined +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "kolibri_install is sameas true" (boolean not string etc) + assert: + that: kolibri_install is sameas true + fail_msg: "PLEASE SET 'kolibri_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "kolibri_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: kolibri_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'kolibri_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + + +#- name: "Set 'kolibri_provision: False' for a more lightweight (re)install" +# set_fact: +# kolibri_provision: False +# when: ??? + +- name: Install Kolibri, if 'kolibri_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: kolibri_installed is undefined + + +- name: Enable & Start 'kolibri' systemd service, if kolibri_enabled + systemd: + name: kolibri + daemon_reload: yes + enabled: yes + state: started + when: kolibri_enabled | bool + +- name: Disable & Stop 'kolibri' systemd service, if not kolibri_enabled + systemd: + name: kolibri + enabled: no + state: stopped + when: not kolibri_enabled + +- name: Enable/Disable/Restart Apache if primary + include_tasks: apache.yml + when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'kolibri' variable values to {{ iiab_ini_file }} # /etc/iiab/iiab.ini + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: kolibri + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Kolibri + - option: description + value: '"Kolibri is an open-source educational platform specially designed to provide offline access to a wide range of quality, openly licensed educational contents in low-resource contexts like rural schools, refugee camps, orphanages, and also in non-formal school programs."' + - option: kolibri_url + value: "{{ kolibri_url }}" + - option: kolibri_path + value: "{{ kolibri_exec_path }}" + - option: kolibri_port + value: "{{ kolibri_http_port }}" + - option: kolibri_enabled + value: "{{ kolibri_enabled }}" diff --git a/roles/kolibri/tasks/nginx.yml b/roles/kolibri/tasks/nginx.yml new file mode 100644 index 000000000..51bc4742f --- /dev/null +++ b/roles/kolibri/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box{{ kolibri_url }} via NGINX, by installing {{ nginx_conf_dir }}/kolibri-nginx.conf from template # http://box/kolibri + template: + src: kolibri-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/kolibri-nginx.conf" # /etc/nginx/conf.d + when: kolibri_enabled | bool + +- name: Disable http://box{{ kolibri_url }} via NGINX, by removing {{ nginx_conf_dir }}/kolibri-nginx.conf # http://box/kolibri + file: + path: "{{ nginx_conf_dir }}/kolibri-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not kolibri_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted