diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index f9369d65d..a2fadff04 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -123,18 +123,6 @@ # We decided to enable mysql unconditionally. # when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install -# MongoDB is auto-included by Sugarizer as of Feb 2019, thanks to: roles/sugarizer/meta/main.yml -# -# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False -# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own -# -## Late 2017: Had commented out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427 -#- name: Turn on both vars for MongoDB if sugarizer_enabled -# set_fact: -# mongodb_install: True -# mongodb_enabled: True -# when: sugarizer_enabled | bool - # There might be other db's - name: Turn on both vars for PostgreSQL if moodle_enabled or pathagar_enabled set_fact: diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index 4e117a7e8..206d3502d 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -1,9 +1,14 @@ # 2020-01-21: Ansible Input Validation (basic sanity checking for now) to check # that *_install and *_enabled variables (as set in places like -# /etc/iiab/local_vars.yml) appear coherent i.e. (1) are confirmed defined, (2) -# have type boolean (Ansible often inverts logic when boolean vars are +# /etc/iiab/local_vars.yml) appear coherent i.e. (1) are confirmed defined, +# (2) have type boolean (Ansible often inverts logic when boolean vars are # accidentally declared as strings, see below!) and (3) have plausible values. +# 2020-01-23: *_installed variables (incrementally saved to +# /etc/iiab/iiab_state.yml) are not required to be boolean (or even defined!) +# for now. However if any of these are defined, the corresponding value of +# *_install must be True, as IIAB does not currently support uninstalling! + # Stricter validation is needed later, when roles/playbooks/tasks are invoked # by various scripts, possibly bypassing 0-init? Either way, risks abound :/ @@ -32,10 +37,11 @@ # I want to perform input validation for Ansible playbooks" # https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -# 2020-01-21: checks 46+46 vars...for now...expect this to change! Should we -# remove idmgr as it's officially now UNMAINTAINED in default_vars.yml and +# 2020-01-23: checks 53 + 53 + up-to-53 vars...for now...expect this to change! +# Should we remove {xo_services, activity_server, ejabberd_xs, idmgr} as these +# are officially now UNMAINTAINED in default_vars.yml and # https://github.com/iiab/iiab/blob/master/unmaintained-roles.txt etc? -- name: Set vars_checklist for ~46 + ~46 vars ("XYZ_install" + "XYZ_enabled") to be checked +- name: Set vars_checklist for 53 + 53 + up-to-53 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked set_fact: vars_checklist: - hostapd @@ -47,6 +53,7 @@ - wondershaper - sshd - openvpn + - admin_console - nginx - apache - mysql @@ -55,6 +62,10 @@ - postgresql - cups - samba + - usb_lib + - xo_services + - activity_server + - ejabberd_xs - idmgr - azuracast - dokuwiki @@ -64,6 +75,7 @@ - lokole - mediawiki - mosquitto + - nodejs - nodered - nextcloud - pbx @@ -74,6 +86,7 @@ - moodle - mongodb - sugarizer + - osm_vector_maps - transmission - awstats - monit @@ -88,7 +101,7 @@ - name: Assert that {{ vars_checklist | length }} "XYZ_install" vars are all... defined assert: that: "{{ item }}_install is defined" - fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes loop: "{{ vars_checklist }}" #register: install_vars_defined @@ -96,7 +109,7 @@ - name: Assert that {{ vars_checklist | length }} "XYZ_enabled" vars are all... defined assert: that: "{{ item }}_enabled is defined" - fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes loop: "{{ vars_checklist }}" #register: enabled_vars_defined @@ -104,7 +117,7 @@ - name: Assert that {{ vars_checklist | length }} "XYZ_install" vars are all... type boolean (NOT type string, which can invert logic!) assert: that: "{{ item }}_install | type_debug == 'bool'" - fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes loop: "{{ vars_checklist }}" #register: install_vars_boolean @@ -112,7 +125,7 @@ - name: Assert that {{ vars_checklist | length }} "XYZ_enabled" vars are all... type boolean (NOT type string, which can invert logic!) assert: that: "{{ item }}_enabled | type_debug == 'bool'" - fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE GIVE THIS VARIABLE A PROPER (UNQUOTED) BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes loop: "{{ vars_checklist }}" #register: enabled_vars_boolean @@ -120,8 +133,15 @@ - name: 'DISALLOW "XYZ_install: False" WITH "XYZ_enabled: True" ...for all {{ vars_checklist | length }} var pairs' assert: that: "{{ item }}_install or not {{ item }}_enabled" - fail_msg: "PLEASE VERIFY THESE 2 VARIABLES e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "IIAB DOES NOT SUPPORT UNINSTALLS. PLEASE VERIFY {{ item }}_install AND {{ item }}_enabled e.g. IN: /etc/iiab/local_vars.yml" #fail_msg: '{{ item }}_install or not {{ item }}_enabled {{ item }}_install is {{ {{ item }}_install }} {{ item }}_enabled is {{ {{ item }}_enabled }}' # Is there a way to output var values ? quiet: yes loop: "{{ vars_checklist }}" #register: var_pairs_validation + +- name: 'DISALLOW "XYZ_install: False" WHEN "XYZ_installed is defined" IN /etc/iiab/iiab_state.yml ...for up-to-{{ vars_checklist | length }} var pairs' + assert: + that: "{{ item }}_install or {{ item }}_installed is undefined" + fail_msg: "{{ item }} ALREADY INSTALLED. IIAB DOES NOT SUPPORT UNINSTALLS. PLEASE SET '{{ item }}_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + loop: "{{ vars_checklist }}" diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index f339c6b3e..3659fa6e7 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -9,7 +9,7 @@ - name: Assert that "captiveportal_install is sameas true" (boolean not string etc) assert: that: captiveportal_install is sameas true - fail_msg: "PLEASE SET 'captiveportal_install: True' e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE SET 'captiveportal_install: True' e.g. IN: /etc/iiab/local_vars.yml" quiet: yes #that: captiveportal_install is defined and captiveportal_install is sameas true #success_msg: captiveportal_install is defined and captiveportal_install is sameas true @@ -17,7 +17,7 @@ - name: Assert that "captiveportal_enabled | type_debug == 'bool'" (boolean not string etc) assert: that: captiveportal_enabled | type_debug == 'bool' - fail_msg: "PLEASE GIVE VARIABLE 'captiveportal_enabled' A PROPER (UNQUOTED) BOOLEAN VALUE e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE GIVE VARIABLE 'captiveportal_enabled' A PROPER (UNQUOTED) BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes #that: captiveportal_enabled is defined and captiveportal_enabled | type_debug == 'bool' #success_msg: captiveportal_enabled is defined and captiveportal_enabled | type_debug == 'bool' diff --git a/roles/mediawiki/tasks/install.yml b/roles/mediawiki/tasks/install.yml index f577fc54d..6d38cc4b6 100644 --- a/roles/mediawiki/tasks/install.yml +++ b/roles/mediawiki/tasks/install.yml @@ -68,13 +68,17 @@ lineinfile: dest: "{{ mediawiki_abs_path }}/LocalSettings.php" line: '$wgArticlePath = "/wiki/$1";' - create: yes -- name: Configure wgUsePathInfo variable in {{ mediawiki_abs_path }}/LocalSettings.php +- name: Configure $wgUsePathInfo variable in {{ mediawiki_abs_path }}/LocalSettings.php lineinfile: dest: "{{ mediawiki_abs_path }}/LocalSettings.php" line: '$wgUsePathInfo = true;' - create: yes + +- name: Configure $wgServer variable in {{ mediawiki_abs_path }}/LocalSettings.php + lineinfile: + dest: "{{ mediawiki_abs_path }}/LocalSettings.php" + regexp: '^\$wgServer =' + line: '$wgServer = "//" . $_SERVER["HTTP_HOST"];' - name: Install /etc/{{ apache_config_dir }}/mediawiki.conf from template, for http://box{{ mediawiki_url }} via Apache template: diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index cfc6d7046..bc250c367 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -9,7 +9,7 @@ - name: Assert that "munin_install is sameas true" (boolean not string etc) assert: that: munin_install is sameas true - fail_msg: "PLEASE SET 'munin_install: True' e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE SET 'munin_install: True' e.g. IN: /etc/iiab/local_vars.yml" quiet: yes #that: munin_install is defined and munin_install is sameas true #success_msg: munin_install is defined and munin_install is sameas true @@ -17,7 +17,7 @@ - name: Assert that "munin_enabled | type_debug == 'bool'" (boolean not string etc) assert: that: munin_enabled | type_debug == 'bool' - fail_msg: "PLEASE GIVE VARIABLE 'munin_enabled' A PROPER (UNQUOTED) BOOLEAN VALUE e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE GIVE VARIABLE 'munin_enabled' A PROPER (UNQUOTED) BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes #that: munin_enabled is defined and munin_enabled | type_debug == 'bool' #success_msg: munin_enabled is defined and munin_enabled | type_debug == 'bool' diff --git a/roles/sugarizer/templates/sugarizer.service b/roles/sugarizer/templates/sugarizer.service index 3b1e75cfa..274877f10 100644 --- a/roles/sugarizer/templates/sugarizer.service +++ b/roles/sugarizer/templates/sugarizer.service @@ -1,8 +1,9 @@ [Unit] Description=Node.js Sugarizer Server +# Forces mongodb to start up if not started Requires=mongodb.service +# Wait for mongodb service to run first After=mongodb.service -# Requires mongodb service to run first [Service] WorkingDirectory=/opt/iiab/sugarizer-server/ diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml index 172a128c7..16e3f9ed0 100644 --- a/roles/wordpress/tasks/main.yml +++ b/roles/wordpress/tasks/main.yml @@ -11,7 +11,7 @@ - name: Assert that "wordpress_install is sameas true" (boolean not string etc) assert: that: wordpress_install is sameas true - fail_msg: "PLEASE SET 'wordpress_install: True' e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE SET 'wordpress_install: True' e.g. IN: /etc/iiab/local_vars.yml" quiet: yes #that: wordpress_install is defined and wordpress_install is sameas true #success_msg: wordpress_install is defined and wordpress_install is sameas true @@ -19,7 +19,7 @@ - name: Assert that "wordpress_enabled | type_debug == 'bool'" (boolean not string etc) assert: that: wordpress_enabled | type_debug == 'bool' - fail_msg: "PLEASE GIVE VARIABLE 'wordpress_enabled' A PROPER (UNQUOTED) BOOLEAN VALUE e.g. in: /etc/iiab/local_vars.yml" + fail_msg: "PLEASE GIVE VARIABLE 'wordpress_enabled' A PROPER (UNQUOTED) BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes #that: wordpress_enabled is defined and wordpress_enabled | type_debug == 'bool' #success_msg: wordpress_enabled is defined and wordpress_enabled | type_debug == 'bool' diff --git a/vars/default_vars.yml b/vars/default_vars.yml index fa6082e0d..230a3a449 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -284,9 +284,11 @@ squid_enabled: False dansguardian_install: False dansguardian_enabled: False -# PostgreSQL auto-installed by Moodle &/or Pathagar as nec, no need to touch! -# roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml -postgresql_install: False +# 2020-01-23: postgresql_install is completely ignored as PostgreSQL is +# installed on demand as a dependency -- by Moodle &/or Pathagar as nec -- +# but for now we set fake value 'postgresql_install: True' for +# 'postgresql_installed is defined' tests e.g. in 0-init/tasks/validate_vars.yml +postgresql_install: True postgresql_enabled: False # Common UNIX Printing System (CUPS) @@ -316,20 +318,21 @@ nodocs: False # Lesser-supported XO services need additional testing. Please contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. -xo_services_install: False -xo_services_enabled: False - -activity_server_install: False -activity_server_enabled: False - -# Please instead consider 'ejabberd' in Stage 6-GENERIC-APPS below -ejabberd_xs_install: False -ejabberd_xs_enabled: False +# UNMAINTAINED since about 2012-2017 +xo_services_install: False # 2020-01-23: UNUSED +xo_services_enabled: False # 2020-01-23: Used in idmgr/tasks/main.yml & iiab-admin-console/roles/console/files/htmlf/20-configure.html # UNMAINTAINED since about 2012-2017 -# Change calibre_port from 8080 to 8010 below, if you enable idmgr -idmgr_install: False -idmgr_enabled: False +activity_server_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml (originally defined in activity-server/defaults/main.yml) +activity_server_enabled: False # 2020-01-23: Used in activity-server/tasks/main.yml (originally defined in activity-server/defaults/main.yml) + +# UNMAINTAINED since about 2012-2017: consider 'ejabberd' in Stage 6-GENERIC-APPS below? +ejabberd_xs_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml & roles/ejabberd_xs/tasks/main.yml +ejabberd_xs_enabled: False # 2020-01-23: Used in roles/ejabberd_xs/tasks/main.yml + +# UNMAINTAINED since about 2012-2017: change calibre_port from 8080 to 8010 below, if you use idmgr +idmgr_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml +idmgr_enabled: False # 2020-01-23: UNUSED # 6-GENERIC-APPS @@ -378,6 +381,12 @@ mosquitto_install: False mosquitto_enabled: False mosquitto_port: 1883 +# 2020-01-23: nodejs_install is completely ignored as Node.js is installed on +# demand as a dependency -- by Node-RED, Sugarizer and/or Internet Archive -- +# but for now we set fake value 'nodejs_install: True' for +# 'nodejs_installed is defined' tests e.g. in 0-init/tasks/validate_vars.yml +nodejs_install: True +nodejs_enabled: False # Node.js version used by roles/nodejs/tasks/main.yml for 3 roles: # nodered (Node-RED), pbx (Asterix, FreePBX) & sugarizer (Sugarizer) nodejs_version: 12.x # was 8.x until 2019-02-02, was 10.x until 2019-12-21 @@ -444,11 +453,17 @@ moodle_install: False moodle_enabled: False # If using Moodle intensively, set apache_high_php_limits in 3-BASE-SERVER -# MongoDB (/library/dbdata/mongodb) is used by Sugarizer: -# The mongodb playbook itself is later invoked by roles/sugarizer/meta/main.yml -# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False -# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own -mongodb_install: False +# MongoDB (/library/dbdata/mongodb) greatly enhances the Sugarizer experience. +# The roles/mongodb playbook (was?) invoked by roles/sugarizer/meta/main.yml +# 2020-01-23: mongodb_install is completely ignored as MongoDB is installed on +# demand as a dependency -- by Sugarizer -- but for now we set fake value +# 'mongodb_install: True' for 'mongodb_installed is defined' tests e.g. in +# 0-init/tasks/validate_vars.yml +mongodb_install: True +# FYI 'mongodb_enabled: False' works when Sugarizer is disabled. Required by +# mongodb/tasks/enable.yml to shut down the service and log status, but that is +# misleading as Sugarizer starts mongodb's systemd service on its own, due to +# 'Requires=mongodb.service' within /etc/systemd/system/sugarizer.service mongodb_enabled: False mongodb_port: 27018