From a9e92191db71497caa804f485835a37f84d5e6e3 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 8 Jul 2022 01:16:36 -0500 Subject: [PATCH 01/12] remove named and dhcpd install options --- roles/network/tasks/NM-debian.yml | 4 +- roles/network/tasks/computed_services.yml | 30 +++--- roles/network/tasks/debian.yml | 2 +- .../tasks/{dhcpd.yml => dhcpd.yml.unused} | 0 ...down-debian.yml => down-debian.yml.unused} | 0 roles/network/tasks/enable_services.yml | 97 ++++++++++--------- roles/network/tasks/install.yml | 12 +-- roles/network/tasks/main.yml | 18 ++-- .../tasks/{named.yml => named.yml.unused} | 0 roles/network/tasks/restart.yml | 13 +-- roles/network/tasks/rpi_debian.yml | 6 +- roles/network/tasks/sysd-netd-debian.yml | 4 +- .../captive-portal.py.j2 | 0 .../{dhcp => dhcp.unused}/dhcpd-env.j2 | 0 .../{dhcp => dhcp.unused}/dhcpd-iiab.conf.j2 | 0 .../{dhcp => dhcp.unused}/dhcpd.service | 0 .../{named => named.unused}/bind9.service | 0 .../{named => named.unused}/dns-jail.conf | 0 .../templates/{named => named.unused}/dummy | 0 .../{named => named.unused}/localdomain.zone | 0 .../{named => named.unused}/localhost.zone | 0 .../templates/{named => named.unused}/named | 0 .../named-iiab.conf.j2 | 0 .../{named => named.unused}/named.blackhole | 0 .../{named => named.unused}/named.broadcast | 0 .../{named => named.unused}/named.ip6.local | 0 .../{named => named.unused}/named.j2 | 0 .../{named => named.unused}/named.local | 0 .../named.rfc1912.zones | 0 .../{named => named.unused}/named.root | 0 .../{named => named.unused}/named.root.hints | 0 .../{named => named.unused}/named.service | 0 .../{named => named.unused}/named.zero | 0 .../school.external.zone.db | 0 .../school.internal.zone.16.in-addr.db.j2 | 0 .../school.internal.zone.32.in-addr.db.j2 | 0 .../school.internal.zone.48.in-addr.db.j2 | 0 .../school.internal.zone.db.j2 | 0 .../school.internal.zone.in-addr.db.j2 | 0 .../school.local.zone.db.j2 | 0 40 files changed, 95 insertions(+), 91 deletions(-) rename roles/network/tasks/{dhcpd.yml => dhcpd.yml.unused} (100%) rename roles/network/tasks/{down-debian.yml => down-debian.yml.unused} (100%) rename roles/network/tasks/{named.yml => named.yml.unused} (100%) rename roles/network/templates/{captive-portal => captive-portal.unused}/captive-portal.py.j2 (100%) rename roles/network/templates/{dhcp => dhcp.unused}/dhcpd-env.j2 (100%) rename roles/network/templates/{dhcp => dhcp.unused}/dhcpd-iiab.conf.j2 (100%) rename roles/network/templates/{dhcp => dhcp.unused}/dhcpd.service (100%) rename roles/network/templates/{named => named.unused}/bind9.service (100%) rename roles/network/templates/{named => named.unused}/dns-jail.conf (100%) rename roles/network/templates/{named => named.unused}/dummy (100%) rename roles/network/templates/{named => named.unused}/localdomain.zone (100%) rename roles/network/templates/{named => named.unused}/localhost.zone (100%) rename roles/network/templates/{named => named.unused}/named (100%) rename roles/network/templates/{named => named.unused}/named-iiab.conf.j2 (100%) rename roles/network/templates/{named => named.unused}/named.blackhole (100%) rename roles/network/templates/{named => named.unused}/named.broadcast (100%) rename roles/network/templates/{named => named.unused}/named.ip6.local (100%) rename roles/network/templates/{named => named.unused}/named.j2 (100%) rename roles/network/templates/{named => named.unused}/named.local (100%) rename roles/network/templates/{named => named.unused}/named.rfc1912.zones (100%) rename roles/network/templates/{named => named.unused}/named.root (100%) rename roles/network/templates/{named => named.unused}/named.root.hints (100%) rename roles/network/templates/{named => named.unused}/named.service (100%) rename roles/network/templates/{named => named.unused}/named.zero (100%) rename roles/network/templates/{named => named.unused}/school.external.zone.db (100%) rename roles/network/templates/{named => named.unused}/school.internal.zone.16.in-addr.db.j2 (100%) rename roles/network/templates/{named => named.unused}/school.internal.zone.32.in-addr.db.j2 (100%) rename roles/network/templates/{named => named.unused}/school.internal.zone.48.in-addr.db.j2 (100%) rename roles/network/templates/{named => named.unused}/school.internal.zone.db.j2 (100%) rename roles/network/templates/{named => named.unused}/school.internal.zone.in-addr.db.j2 (100%) rename roles/network/templates/{named => named.unused}/school.local.zone.db.j2 (100%) diff --git a/roles/network/tasks/NM-debian.yml b/roles/network/tasks/NM-debian.yml index 8cf977c8a..d5dad9ffc 100644 --- a/roles/network/tasks/NM-debian.yml +++ b/roles/network/tasks/NM-debian.yml @@ -1,6 +1,6 @@ # NM-debian.yml -- name: Stopping services - include_tasks: down-debian.yml +#- name: Stopping services +# include_tasks: down-debian.yml # provide keyfile layout like the XO's used way back. #- name: Create uuid for NM's keyfile store diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 47c3cd7cc..939167cce 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -22,30 +22,30 @@ - name: No LAN configured - non-dnsmasq set_fact: - named_enabled: True - dhcpd_enabled: False +# named_enabled: True +# dhcpd_enabled: False dhcp_service2: "dhcpd disabled" when: not dnsmasq_enabled and iiab_network_mode == "Appliance" - name: LAN configured - non-dnsmasq set_fact: - named_enabled: True - dhcpd_enabled: True +# named_enabled: True +# dhcpd_enabled: True dhcp_service2: "dhcpd" when: not dnsmasq_enabled and iiab_network_mode != "Appliance" - name: LAN configured - dnsmasq set_fact: - named_enabled: False - dhcpd_enabled: False +# named_enabled: False +# dhcpd_enabled: False dnsmasq_enabled: True dhcp_service2: "dnsmasq" when: dnsmasq_install and iiab_network_mode != "Appliance" - name: LAN not configured - dnsmasq set_fact: - named_enabled: False - dhcpd_enabled: False +# named_enabled: False +# dhcpd_enabled: False dnsmasq_enabled: True dhcp_service2: "dnsmasq" when: dnsmasq_install and iiab_network_mode == "Appliance" @@ -71,12 +71,12 @@ # value: "{{ wondershaper_enabled }}" - option: iiab_network_mode_applied value: "{{ iiab_network_mode }}" - - option: dhcpd_enabled - value: "{{ dhcpd_enabled }}" - - option: dhcp_service2 - value: "{{ dhcp_service2 }}" - - option: named_enabled - value: "{{ named_enabled }}" +# - option: dhcpd_enabled +# value: "{{ dhcpd_enabled }}" +# - option: dhcp_service2 +# value: "{{ dhcp_service2 }}" +# - option: named_enabled +# value: "{{ named_enabled }}" - option: dnsmasq_enabled value: "{{ dnsmasq_enabled }}" - option: no_net_restart @@ -89,7 +89,7 @@ value: "{{ host_wifi_mode }}" - option: host_channel value: "{{ host_channel }}" - + - name: Add 'network' variable 'current_client_channel' value if defined, to {{ iiab_ini_file }} ini_file: dest: "{{ iiab_ini_file }}" diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 74ca452c7..52982af42 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -62,7 +62,7 @@ regexp: "{{ iiab_wan_iface }}" when: wan_ip != "dhcp" and iiab_wan_iface != "none" and is_debian and not is_debian_8 -- include_tasks: down-debian.yml +#- include_tasks: down-debian.yml - name: Reload systemd systemd: diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml.unused similarity index 100% rename from roles/network/tasks/dhcpd.yml rename to roles/network/tasks/dhcpd.yml.unused diff --git a/roles/network/tasks/down-debian.yml b/roles/network/tasks/down-debian.yml.unused similarity index 100% rename from roles/network/tasks/down-debian.yml rename to roles/network/tasks/down-debian.yml.unused diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index bf73f1f77..50d0f69ed 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,70 +1,72 @@ -- name: Disable dhcpd service - service: - name: dhcpd - enabled: no - when: (dhcpd_install or dhcpd_installed is defined) and not dhcpd_enabled +#- name: Disable dhcpd service +# service: +# name: dhcpd +# enabled: no +# when: (dhcpd_install or dhcpd_installed is defined) and not dhcpd_enabled # service is restarted with NM dispatcher.d script -- name: Enable dhcpd service - service: - name: dhcpd - enabled: yes - when: dhcpd_install and dhcpd_enabled +#- name: Enable dhcpd service +# service: +# name: dhcpd +# enabled: yes +# when: dhcpd_install and dhcpd_enabled -- name: Install /etc/sysconfig/dhcpd, /etc/dhcpd-iiab.conf from templates (root:root, 0644 by default) - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" +#- name: Install /etc/sysconfig/dhcpd, /etc/dhcpd-iiab.conf from templates (root:root, 0644 by default) +# template: +# src: "{{ item.src }}" +# dest: "{{ item.dest }}" +# # owner: root + # group: root + # mode: "{{ item.mode }}" +# with_items: +# - { src: 'dhcp/dhcpd-env.j2', dest: '/etc/sysconfig/dhcpd' } +# - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf' } +# when: dhcpd_install and dhcpd_enabled + +#- name: Install /etc/named-iiab.conf and two *.zone.db files into /var/named-iiab (root:root, 0644 by default) +# template: +# src: "{{ item.src }}" +# dest: "{{ item.dest }}" # owner: root # group: root # mode: "{{ item.mode }}" - with_items: - - { src: 'dhcp/dhcpd-env.j2', dest: '/etc/sysconfig/dhcpd' } - - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf' } - when: dhcpd_install and dhcpd_enabled +# with_items: +# - { src: 'named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf' } +# - { src: 'named/school.local.zone.db.j2', dest: '/var/named-iiab/school.local.zone.db' } +# - { src: 'named/school.internal.zone.db.j2', dest: '/var/named-iiab/school.internal.zone.db' } +# when: named_install and named_enabled -- name: Install /etc/named-iiab.conf and two *.zone.db files into /var/named-iiab (root:root, 0644 by default) - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - # owner: root - # group: root - # mode: "{{ item.mode }}" - with_items: - - { src: 'named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf' } - - { src: 'named/school.local.zone.db.j2', dest: '/var/named-iiab/school.local.zone.db' } - - { src: 'named/school.internal.zone.db.j2', dest: '/var/named-iiab/school.internal.zone.db' } - when: named_install and named_enabled +#- name: Enable named service ({{ dns_service }}) if named_enabled +# systemd: +# name: "{{ dns_service }}" +# enabled: yes +# when: named_install and named_enabled -- name: Enable named service ({{ dns_service }}) if named_enabled - systemd: - name: "{{ dns_service }}" - enabled: yes - when: named_install and named_enabled - -- name: Disable named service ({{ dns_service }}) if not named_enabled - systemd: - name: "{{ dns_service }}" - enabled: no - when: (named_install or named_installed is defined) and not named_enabled +#- name: Disable named service ({{ dns_service }}) if not named_enabled +# systemd: +# name: "{{ dns_service }}" +# enabled: no +# when: (named_install or named_installed is defined) and not named_enabled - name: Install /etc/dnsmasq.d/iiab.conf from template, when dnsmasq_enabled and isn't Appliance template: src: network/dnsmasq.conf.j2 dest: /etc/dnsmasq.d/iiab.conf - when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance") + when: iiab_network_mode != "Appliance" +# when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance") - name: Install /etc/hosts.dnsmasq from template for /etc/dnsmasq.d/iiab.conf (instead of using /etc/hosts) template: src: network/hosts-dnsmasq.j2 dest: /etc/hosts.dnsmasq - when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance") + when: iiab_network_mode != "Appliance" +# when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance") - name: Update /etc/dnsmasq.d/dnsmasq-iiab for custom dns setting template: src: network/dnsmasq-iiab dest: /etc/dnsmasq.d/dnsmasq-iiab - when: dnsmasq_install # 2020-05-10: Are all these dnsmasq_install conditions really still necessary ? +# when: dnsmasq_install # 2020-05-10: Are all these dnsmasq_install conditions really still necessary ? ## Another way to skin the cat ##- name: Check if systemd service networkd-dispatcher is enabled @@ -100,7 +102,8 @@ mode: 0755 # owner: root # group: root - when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance") + when: nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance") +# when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance") #when: dnsmasq_install and dnsmasq_enabled and nd_enabled is defined and nd_enabled.stdout == "enabled" and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance") #when: dnsmasq_install and dnsmasq_enabled and systemd_out.status.UnitFileState == "enabled" and networkd_dir.stat.exists and networkd_dir.stat.isdir and (iiab_network_mode != "Appliance") @@ -108,13 +111,13 @@ file: path: /etc/dnsmasq.d/iiab.conf state: absent - when: (not dnsmasq_enabled) or (iiab_network_mode == "Appliance") + when: iiab_network_mode == "Appliance" - name: Enable iiab-dnsmasq systemd service, if dnsmasq_enabled systemd: name: iiab-dnsmasq enabled: yes - when: dnsmasq_install and dnsmasq_enabled +# when: dnsmasq_install and dnsmasq_enabled - name: Disable iiab-dnsmasq, if not dnsmasq_enabled systemd: diff --git a/roles/network/tasks/install.yml b/roles/network/tasks/install.yml index 65f7fb2c2..394286c32 100644 --- a/roles/network/tasks/install.yml +++ b/roles/network/tasks/install.yml @@ -62,14 +62,14 @@ # UNMAINTAINED -- name: Install named / BIND - include_tasks: roles/network/tasks/named.yml - when: named_install is defined and named_install +#- name: Install named / BIND +# include_tasks: roles/network/tasks/named.yml +# when: named_install is defined and named_install # UNMAINTAINED -- name: Install dhcpd - include_tasks: roles/network/tasks/dhcpd.yml - when: dhcpd_install is defined and dhcpd_install +#- name: Install dhcpd +# include_tasks: roles/network/tasks/dhcpd.yml +# when: dhcpd_install is defined and dhcpd_install # LESS MAINTAINED - name: Install Squid diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 567a21159..8e225eb40 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -47,17 +47,17 @@ # include_tasks: wondershaper.yml # when: wondershaper_install or wondershaper_installed is defined - - name: (Re)Install named - include_tasks: named.yml - when: named_install and FQDN_changed and iiab_stage|int == 9 +# - name: (Re)Install named +# include_tasks: named.yml +# when: named_install and FQDN_changed and iiab_stage|int == 9 - - name: (Re)Install dhcpd - include_tasks: dhcpd.yml - when: dhcpd_install and FQDN_changed and iiab_stage|int == 9 +# - name: (Re)Install dhcpd +# include_tasks: dhcpd.yml +# when: dhcpd_install and FQDN_changed and iiab_stage|int == 9 - - name: (Re)Install Squid - include_tasks: squid.yml - when: squid_install and FQDN_changed and iiab_stage|int == 9 +# - name: (Re)Install Squid +# include_tasks: squid.yml +# when: squid_install and FQDN_changed and iiab_stage|int == 9 #preprep for backends - name: Netplan in use on Ubuntu 18.04+ diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml.unused similarity index 100% rename from roles/network/tasks/named.yml rename to roles/network/tasks/named.yml.unused diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 0dda30a6f..659a18329 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -29,11 +29,11 @@ shell: netplan apply when: wifi_up_down and is_ubuntu and netplan.stdout.find("yaml") != -1 -- name: Start named service - systemd: - name: "{{ dns_service }}" - state: restarted - when: named_enabled and named_install +#- name: Start named service +# systemd: +# name: "{{ dns_service }}" +# state: restarted +# when: named_enabled and named_install - name: Stop Squid service systemd: @@ -98,7 +98,8 @@ #both interfaces.d and systemd-networkd should have br0 available and Appliance lacks br0 #keep an eye on legacy wifi installs where br0 is present but not 'online' with an ip address #due to hostapd didn't go to a carrier state. All others should get dnsmasq restarted -- name: User choice of dnsmasq or dhcpd - restarting {{ dhcp_service2 }} +#- name: User choice of dnsmasq or dhcpd - restarting {{ dhcp_service2 }} +- name: Restarting {{ dhcp_service2 }} systemd: name: "{{ dhcp_service2 }}" state: restarted diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 9c245a5f6..4d672ad0b 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -31,7 +31,7 @@ when: country_code is defined and country_code.stdout | length > 0 - name: Put country code ({{ host_country_code }}) in /etc/wpa_supplicant/wpa_supplicant.conf if nec - lineinfile: + lineinfile: path: /etc/wpa_supplicant/wpa_supplicant.conf regexp: "^country.*" line: country={{ host_country_code }} @@ -54,8 +54,8 @@ src: network/dnsmasq-iiab when: iiab_lan_iface == "br0" -- name: Stopping services - include_tasks: down-debian.yml +#- name: Stopping services +# include_tasks: down-debian.yml - name: Reload systemd systemd: diff --git a/roles/network/tasks/sysd-netd-debian.yml b/roles/network/tasks/sysd-netd-debian.yml index c32b966a1..e88c0483e 100644 --- a/roles/network/tasks/sysd-netd-debian.yml +++ b/roles/network/tasks/sysd-netd-debian.yml @@ -44,8 +44,8 @@ #when: wan_ip != "dhcp" and not is_ubuntu_18 -- name: Stopping services - include_tasks: down-debian.yml +#- name: Stopping services +# include_tasks: down-debian.yml - name: Reload systemd systemd: diff --git a/roles/network/templates/captive-portal/captive-portal.py.j2 b/roles/network/templates/captive-portal.unused/captive-portal.py.j2 similarity index 100% rename from roles/network/templates/captive-portal/captive-portal.py.j2 rename to roles/network/templates/captive-portal.unused/captive-portal.py.j2 diff --git a/roles/network/templates/dhcp/dhcpd-env.j2 b/roles/network/templates/dhcp.unused/dhcpd-env.j2 similarity index 100% rename from roles/network/templates/dhcp/dhcpd-env.j2 rename to roles/network/templates/dhcp.unused/dhcpd-env.j2 diff --git a/roles/network/templates/dhcp/dhcpd-iiab.conf.j2 b/roles/network/templates/dhcp.unused/dhcpd-iiab.conf.j2 similarity index 100% rename from roles/network/templates/dhcp/dhcpd-iiab.conf.j2 rename to roles/network/templates/dhcp.unused/dhcpd-iiab.conf.j2 diff --git a/roles/network/templates/dhcp/dhcpd.service b/roles/network/templates/dhcp.unused/dhcpd.service similarity index 100% rename from roles/network/templates/dhcp/dhcpd.service rename to roles/network/templates/dhcp.unused/dhcpd.service diff --git a/roles/network/templates/named/bind9.service b/roles/network/templates/named.unused/bind9.service similarity index 100% rename from roles/network/templates/named/bind9.service rename to roles/network/templates/named.unused/bind9.service diff --git a/roles/network/templates/named/dns-jail.conf b/roles/network/templates/named.unused/dns-jail.conf similarity index 100% rename from roles/network/templates/named/dns-jail.conf rename to roles/network/templates/named.unused/dns-jail.conf diff --git a/roles/network/templates/named/dummy b/roles/network/templates/named.unused/dummy similarity index 100% rename from roles/network/templates/named/dummy rename to roles/network/templates/named.unused/dummy diff --git a/roles/network/templates/named/localdomain.zone b/roles/network/templates/named.unused/localdomain.zone similarity index 100% rename from roles/network/templates/named/localdomain.zone rename to roles/network/templates/named.unused/localdomain.zone diff --git a/roles/network/templates/named/localhost.zone b/roles/network/templates/named.unused/localhost.zone similarity index 100% rename from roles/network/templates/named/localhost.zone rename to roles/network/templates/named.unused/localhost.zone diff --git a/roles/network/templates/named/named b/roles/network/templates/named.unused/named similarity index 100% rename from roles/network/templates/named/named rename to roles/network/templates/named.unused/named diff --git a/roles/network/templates/named/named-iiab.conf.j2 b/roles/network/templates/named.unused/named-iiab.conf.j2 similarity index 100% rename from roles/network/templates/named/named-iiab.conf.j2 rename to roles/network/templates/named.unused/named-iiab.conf.j2 diff --git a/roles/network/templates/named/named.blackhole b/roles/network/templates/named.unused/named.blackhole similarity index 100% rename from roles/network/templates/named/named.blackhole rename to roles/network/templates/named.unused/named.blackhole diff --git a/roles/network/templates/named/named.broadcast b/roles/network/templates/named.unused/named.broadcast similarity index 100% rename from roles/network/templates/named/named.broadcast rename to roles/network/templates/named.unused/named.broadcast diff --git a/roles/network/templates/named/named.ip6.local b/roles/network/templates/named.unused/named.ip6.local similarity index 100% rename from roles/network/templates/named/named.ip6.local rename to roles/network/templates/named.unused/named.ip6.local diff --git a/roles/network/templates/named/named.j2 b/roles/network/templates/named.unused/named.j2 similarity index 100% rename from roles/network/templates/named/named.j2 rename to roles/network/templates/named.unused/named.j2 diff --git a/roles/network/templates/named/named.local b/roles/network/templates/named.unused/named.local similarity index 100% rename from roles/network/templates/named/named.local rename to roles/network/templates/named.unused/named.local diff --git a/roles/network/templates/named/named.rfc1912.zones b/roles/network/templates/named.unused/named.rfc1912.zones similarity index 100% rename from roles/network/templates/named/named.rfc1912.zones rename to roles/network/templates/named.unused/named.rfc1912.zones diff --git a/roles/network/templates/named/named.root b/roles/network/templates/named.unused/named.root similarity index 100% rename from roles/network/templates/named/named.root rename to roles/network/templates/named.unused/named.root diff --git a/roles/network/templates/named/named.root.hints b/roles/network/templates/named.unused/named.root.hints similarity index 100% rename from roles/network/templates/named/named.root.hints rename to roles/network/templates/named.unused/named.root.hints diff --git a/roles/network/templates/named/named.service b/roles/network/templates/named.unused/named.service similarity index 100% rename from roles/network/templates/named/named.service rename to roles/network/templates/named.unused/named.service diff --git a/roles/network/templates/named/named.zero b/roles/network/templates/named.unused/named.zero similarity index 100% rename from roles/network/templates/named/named.zero rename to roles/network/templates/named.unused/named.zero diff --git a/roles/network/templates/named/school.external.zone.db b/roles/network/templates/named.unused/school.external.zone.db similarity index 100% rename from roles/network/templates/named/school.external.zone.db rename to roles/network/templates/named.unused/school.external.zone.db diff --git a/roles/network/templates/named/school.internal.zone.16.in-addr.db.j2 b/roles/network/templates/named.unused/school.internal.zone.16.in-addr.db.j2 similarity index 100% rename from roles/network/templates/named/school.internal.zone.16.in-addr.db.j2 rename to roles/network/templates/named.unused/school.internal.zone.16.in-addr.db.j2 diff --git a/roles/network/templates/named/school.internal.zone.32.in-addr.db.j2 b/roles/network/templates/named.unused/school.internal.zone.32.in-addr.db.j2 similarity index 100% rename from roles/network/templates/named/school.internal.zone.32.in-addr.db.j2 rename to roles/network/templates/named.unused/school.internal.zone.32.in-addr.db.j2 diff --git a/roles/network/templates/named/school.internal.zone.48.in-addr.db.j2 b/roles/network/templates/named.unused/school.internal.zone.48.in-addr.db.j2 similarity index 100% rename from roles/network/templates/named/school.internal.zone.48.in-addr.db.j2 rename to roles/network/templates/named.unused/school.internal.zone.48.in-addr.db.j2 diff --git a/roles/network/templates/named/school.internal.zone.db.j2 b/roles/network/templates/named.unused/school.internal.zone.db.j2 similarity index 100% rename from roles/network/templates/named/school.internal.zone.db.j2 rename to roles/network/templates/named.unused/school.internal.zone.db.j2 diff --git a/roles/network/templates/named/school.internal.zone.in-addr.db.j2 b/roles/network/templates/named.unused/school.internal.zone.in-addr.db.j2 similarity index 100% rename from roles/network/templates/named/school.internal.zone.in-addr.db.j2 rename to roles/network/templates/named.unused/school.internal.zone.in-addr.db.j2 diff --git a/roles/network/templates/named/school.local.zone.db.j2 b/roles/network/templates/named.unused/school.local.zone.db.j2 similarity index 100% rename from roles/network/templates/named/school.local.zone.db.j2 rename to roles/network/templates/named.unused/school.local.zone.db.j2 From bcc59a0bc36bef48fcc7b8e5e321c8fb8aa9749e Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 8 Jul 2022 02:04:05 -0500 Subject: [PATCH 02/12] cleanups --- roles/network/tasks/computed_services.yml | 36 +++++++++++------------ roles/network/tasks/enable_services.yml | 14 ++++----- roles/network/tasks/restart.yml | 7 +++-- 3 files changed, 29 insertions(+), 28 deletions(-) diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 939167cce..9527ed7d3 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -20,35 +20,35 @@ iiab_network_mode: "Gateway" when: iiab_lan_iface != "none" and iiab_wan_iface != "none" -- name: No LAN configured - non-dnsmasq - set_fact: +#- name: No LAN configured - non-dnsmasq +# set_fact: # named_enabled: True # dhcpd_enabled: False - dhcp_service2: "dhcpd disabled" - when: not dnsmasq_enabled and iiab_network_mode == "Appliance" +# dhcp_service2: "dhcpd disabled" +# when: not dnsmasq_enabled and iiab_network_mode == "Appliance" -- name: LAN configured - non-dnsmasq - set_fact: +#- name: LAN configured - non-dnsmasq +# set_fact: # named_enabled: True # dhcpd_enabled: True - dhcp_service2: "dhcpd" - when: not dnsmasq_enabled and iiab_network_mode != "Appliance" +# dhcp_service2: "dhcpd" +# when: not dnsmasq_enabled and iiab_network_mode != "Appliance" -- name: LAN configured - dnsmasq - set_fact: +#- name: LAN configured - dnsmasq +# set_fact: # named_enabled: False # dhcpd_enabled: False - dnsmasq_enabled: True - dhcp_service2: "dnsmasq" - when: dnsmasq_install and iiab_network_mode != "Appliance" +# dnsmasq_enabled: True +# dhcp_service2: "dnsmasq" +# when: dnsmasq_install and iiab_network_mode != "Appliance" -- name: LAN not configured - dnsmasq - set_fact: +#- name: LAN not configured - dnsmasq +# set_fact: # named_enabled: False # dhcpd_enabled: False - dnsmasq_enabled: True - dhcp_service2: "dnsmasq" - when: dnsmasq_install and iiab_network_mode == "Appliance" +# dnsmasq_enabled: True +# dhcp_service2: "dnsmasq" +# when: dnsmasq_install and iiab_network_mode == "Appliance" - name: Add 'network' variable values (from computed_services.yml) to {{ iiab_ini_file }} ini_file: diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 50d0f69ed..f6686de3d 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -117,13 +117,13 @@ systemd: name: iiab-dnsmasq enabled: yes -# when: dnsmasq_install and dnsmasq_enabled + when: dnsmasq_enabled - name: Disable iiab-dnsmasq, if not dnsmasq_enabled systemd: name: iiab-dnsmasq enabled: no - when: dnsmasq_install and not dnsmasq_enabled + when: not dnsmasq_enabled # - name: Enable DansGuardian systemd service, if dansguardian_enabled # systemd: @@ -142,13 +142,13 @@ path: "{{ iiab_env_file }}" regexp: '^HTTPCACHE_ON=*' line: 'HTTPCACHE_ON=True' - when: squid_install and squid_enabled + when: squid_installed is defined and squid_enabled - name: Enable systemd service '{{ proxy }}' - if squid_install and squid_enabled systemd: name: "{{ proxy }}" # squid (or 'squid3' on vars/debian-8.yml, vars/raspbian-8.yml) enabled: yes - when: squid_install and squid_enabled + when: squid_installed is defined and squid_enabled - name: Install /etc/{{ proxy }}/squid.conf from template (root:root, 0644 by default) - and create a timestamped backup of the original - if squid_install and squid_enabled template: @@ -157,7 +157,7 @@ # owner: "{{ proxy_user }}" # proxy (or 'squid' on vars/centos-7.yml, vars/fedora-18.yml, vars/fedora-12.yml) # group: "{{ proxy_user }}" backup: yes - when: squid_install and squid_enabled + when: squid_installed is defined and squid_enabled # - name: Point /etc/init.d/{{ proxy }} to /etc/{{ proxy }}/squid-iiab.conf - if squid_install and squid_enabled # lineinfile: @@ -170,14 +170,14 @@ systemd: name: "{{ proxy }}" enabled: no - when: (squid_install or squid_installed is defined) and not squid_enabled + when: squid_installed is defined and not squid_enabled - name: Revert {{ iiab_env_file }} to 'HTTPCACHE_ON=False' - if squid_install and not squid_enabled lineinfile: path: "{{ iiab_env_file }}" regexp: '^HTTPCACHE_ON=*' line: 'HTTPCACHE_ON=False' - when: squid_install and not squid_enabled + when: squid_installed is defined and not squid_enabled # - name: Enable Wondershaper service, if wondershaper_enabled # systemd: diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 659a18329..de930332f 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -99,11 +99,12 @@ #keep an eye on legacy wifi installs where br0 is present but not 'online' with an ip address #due to hostapd didn't go to a carrier state. All others should get dnsmasq restarted #- name: User choice of dnsmasq or dhcpd - restarting {{ dhcp_service2 }} -- name: Restarting {{ dhcp_service2 }} +- name: Restarting dnsmasq systemd: - name: "{{ dhcp_service2 }}" + name: dnsmasq state: restarted - when: (not no_net_restart or (is_ubuntu and wifi_up_down)) or (iiab_stage|int == 9) + when: dnsmasq_enabled and ((not no_net_restart or (is_ubuntu and wifi_up_down)) or (iiab_stage|int == 9)) +# when: (not no_net_restart or (is_ubuntu and wifi_up_down)) or (iiab_stage|int == 9) #when: (not no_net_restart or (is_ubuntu_20 and wifi_up_down)) or (iiab_stage|int == 9) #when: (not no_net_restart or (is_ubuntu_20 and wifi_up_down)) #when: (iiab_network_mode != "Appliance") # Sufficient b/c br0 exists thanks to /etc/network/interfaces.d/iiab From 9ce883ab01d76adca063776552859964a3c0c4e5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 8 Jul 2022 00:51:33 -0500 Subject: [PATCH 03/12] lockout unsupported options --- roles/0-init/tasks/validate_vars.yml | 32 ++++++++++++++--------- vars/default_vars.yml | 38 ++++++++++++++-------------- 2 files changed, 39 insertions(+), 31 deletions(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index f2f6cf8e0..5d4566055 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -63,15 +63,12 @@ # # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc -- name: Set vars_checklist for 45 + 45 + 41 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked +- name: Set vars_checklist for 43 + 43 + 41 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked set_fact: vars_checklist: - hostapd - - dhcpd - - named - dnsmasq - bluetooth - #- wondershaper # Unmaintained - sshd - openvpn - remoteit @@ -80,18 +77,10 @@ #- apache # Unmaintained - former dependency #- mysql # MANDATORY - squid - #- dansguardian # Unmaintained - cups - samba - usb_lib - #- xo_services # Unmaintained - #- activity_server # Unmaintained - #- ejabberd_xs # Unmaintained - #- idmgr # Unmaintained - azuracast - #- dokuwiki # Unmaintained - #- ejabberd # Unmaintained - #- elgg # Unmaintained - gitea - jupyterhub - lokole @@ -166,3 +155,22 @@ quiet: yes when: item != 'nodejs' and item != 'postgresql' and item != 'mongodb' and item != 'yarn' # Exclude auto-installed dependencies loop: "{{ vars_checklist }}" + +# Validates stale options are not marked for install +- name: 'DISALLOW "XYZ_install: True" Unmaintained' + assert: + that: "{{ item }}_install is undefined" + fail_msg: "DISALLOWED: '{{ item }}_install: True' (e.g. in /etc/iiab/local_vars.yml)" + quiet: yes + with_items: + - named + - dhcpd + - wondershaper # Unmaintained + - dansguardian # Unmaintained + - xo_services # Unmaintained + - activity_server # Unmaintained + - ejabberd_xs # Unmaintained + - idmgr # Unmaintained + - dokuwiki # Unmaintained + - ejabberd # Unmaintained + - elgg # Unmaintained diff --git a/vars/default_vars.yml b/vars/default_vars.yml index ecfa0d677..cf80f3295 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -201,13 +201,13 @@ dnsmasq_install: True dnsmasq_enabled: True # UNMAINTAINED as of July 2021 -dhcpd_install: False -dhcpd_enabled: False +#dhcpd_install: False +#dhcpd_enabled: False # UNMAINTAINED as of July 2021 # named (BIND) -named_install: False -named_enabled: False +#named_install: False +#named_enabled: False block_DNS: False # Enable in local_vars.yml AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" @@ -357,20 +357,20 @@ nodocs: False # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. # UNMAINTAINED since about 2012-2017 -xo_services_install: False # 2020-01-23: UNUSED -xo_services_enabled: False # 2020-01-23: Used in idmgr/tasks/main.yml & iiab-admin-console/roles/console/files/htmlf/20-configure.html +#xo_services_install: False # 2020-01-23: UNUSED +#xo_services_enabled: False # 2020-01-23: Used in idmgr/tasks/main.yml & iiab-admin-console/roles/console/files/htmlf/20-configure.html # UNMAINTAINED since about 2012-2017 -activity_server_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml (originally defined in activity-server/defaults/main.yml) -activity_server_enabled: False # 2020-01-23: Used in activity-server/tasks/main.yml (originally defined in activity-server/defaults/main.yml) +#activity_server_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml (originally defined in activity-server/defaults/main.yml) +#activity_server_enabled: False # 2020-01-23: Used in activity-server/tasks/main.yml (originally defined in activity-server/defaults/main.yml) # UNMAINTAINED since about 2012-2017: consider 'ejabberd' in Stage 6-GENERIC-APPS below? -ejabberd_xs_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml & roles/ejabberd_xs/tasks/main.yml -ejabberd_xs_enabled: False # 2020-01-23: Used in roles/ejabberd_xs/tasks/main.yml +#ejabberd_xs_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml & roles/ejabberd_xs/tasks/main.yml +#ejabberd_xs_enabled: False # 2020-01-23: Used in roles/ejabberd_xs/tasks/main.yml # UNMAINTAINED since about 2012-2017: change calibre_port from 8080 to 8010 below, if you use idmgr -idmgr_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml -idmgr_enabled: False # 2020-01-23: UNUSED +#idmgr_install: False # 2020-01-23: Used in 5-xo-services/tasks/main.yml +#idmgr_enabled: False # 2020-01-23: UNUSED # 6-GENERIC-APPS @@ -388,17 +388,17 @@ azuracast_https_port: 10443 azuracast_port_range_prefix: 10 # UNMAINTAINED as of January 2020: https://github.com/iiab/iiab/issues/2056 -dokuwiki_install: False -dokuwiki_enabled: False -dokuwiki_url: /dokuwiki +#dokuwiki_install: False +#dokuwiki_enabled: False +#dokuwiki_url: /dokuwiki # UNMAINTAINED as of November 2019 -ejabberd_install: False -ejabberd_enabled: False +#ejabberd_install: False +#ejabberd_enabled: False # UNMAINTAINED as of July 2021 -elgg_install: False -elgg_enabled: False +#elgg_install: False +#elgg_enabled: False # elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 elgg_mysql_password: elgg4kids From e382d193dad3059b38ce226d673cf292c2b631b8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 8 Jul 2022 06:12:00 -0500 Subject: [PATCH 04/12] Removed --- roles/0-init/tasks/validate_vars.yml | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index 5d4566055..b7da3e09d 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -63,7 +63,7 @@ # # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc -- name: Set vars_checklist for 43 + 43 + 41 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked +- name: Set vars_checklist for 43 + 43 + 39 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked set_fact: vars_checklist: - hostapd @@ -159,18 +159,19 @@ # Validates stale options are not marked for install - name: 'DISALLOW "XYZ_install: True" Unmaintained' assert: - that: "{{ item }}_install is undefined" + that: "{{ item }}_install is undefined or not {{ item }}_install" + fail_msg: "DISALLOWED: '{{ item }}_install: True' (e.g. in /etc/iiab/local_vars.yml)" quiet: yes with_items: - - named - - dhcpd - - wondershaper # Unmaintained - - dansguardian # Unmaintained - - xo_services # Unmaintained - - activity_server # Unmaintained - - ejabberd_xs # Unmaintained - - idmgr # Unmaintained - - dokuwiki # Unmaintained - - ejabberd # Unmaintained - - elgg # Unmaintained + - named # Removed + - dhcpd # Removed + - wondershaper # Removed + - dansguardian # Removed + #- xo_services # Unmaintained + #- activity_server # Unmaintained + #- ejabberd_xs # Unmaintained + #- idmgr # Unmaintained + #- dokuwiki # Unmaintained + #- ejabberd # Unmaintained + #- elgg # Unmaintained From 48bd4223bba76e50186e2e8f72c7a4788f05ee85 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 16 Jul 2022 00:20:48 -0500 Subject: [PATCH 05/12] network speedup --- roles/firmware/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/firmware/tasks/main.yml b/roles/firmware/tasks/main.yml index edbd27da2..3e33890ba 100644 --- a/roles/firmware/tasks/main.yml +++ b/roles/firmware/tasks/main.yml @@ -18,7 +18,7 @@ - name: Install firmware (for RPi internal WiFi) include_tasks: install.yml - #when: firmware_installed is undefined + when: firmware_installed is undefined # Two variables are placed in /etc/iiab/iiab_state.yml: # From 30677d78295193d6e8b165607f2927805e79d84e Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 16 Jul 2022 00:21:40 -0500 Subject: [PATCH 06/12] correct procedure --- roles/firmware/templates/iiab-check-firmware | 10 ++++++---- roles/firmware/templates/iiab-firmware-warn.sh | 5 +++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/roles/firmware/templates/iiab-check-firmware b/roles/firmware/templates/iiab-check-firmware index 9e66b6462..a953d70b8 100644 --- a/roles/firmware/templates/iiab-check-firmware +++ b/roles/firmware/templates/iiab-check-firmware @@ -44,10 +44,12 @@ else echo -e "settings in /etc/iiab/local_vars.yml, please then run:" echo echo -e " cd /opt/iiab/iiab" - echo -e " sudo iiab-hotspot-off # Sometimes nec, eg to restore 'wifi_up_down: True'" - echo -e " sudo ./iiab-network # Or, 'sudo ./runrole firmware' is SOMETIMES enough" - echo -e " sudo iiab-hotspot-on # Sometimes nec, eg to restore 'wifi_up_down: True'" - echo -e " sudo poweroff\n" +# echo -e " sudo iiab-hotspot-off # Sometimes nec, eg to restore 'wifi_up_down: True'" +# echo -e " sudo ./iiab-network # Or, 'sudo ./runrole firmware' is SOMETIMES enough" +# echo -e " sudo iiab-hotspot-on # Sometimes nec, eg to restore 'wifi_up_down: True'" +# echo -e " sudo poweroff\n" + echo -e " sudo ./runrole firmware" + echo -e " sudo reboot\n" #echo #echo -e "Disconnect your power cord before rebooting, for better WiFi firmware results.\n" fi diff --git a/roles/firmware/templates/iiab-firmware-warn.sh b/roles/firmware/templates/iiab-firmware-warn.sh index 03e98ba2e..77e38c71c 100644 --- a/roles/firmware/templates/iiab-firmware-warn.sh +++ b/roles/firmware/templates/iiab-firmware-warn.sh @@ -2,8 +2,9 @@ if [ -f /tmp/.fw_modified ]; then echo -e "\n\e[41;1mWiFi Firmware link(s) modified, per iiab/iiab#2853: PLEASE REBOOT!\e[0m" - echo - echo -e "If you want this warning to stop, run: sudo rm /tmp/.fw_modified\n" + # /tmp should be auto cleaned with a reboot + #echo + #echo -e "If you want this warning to stop, run: sudo rm /tmp/.fw_modified\n" fi # \e[1m = bright white \e[100;1m = bright white, on gray \n\e[41;1m = bright white, on red From 6d089636341a959b814e849b73136399b8e83a73 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 16 Jul 2022 00:26:40 -0500 Subject: [PATCH 07/12] name resolution failure on the iiab box post-install when iiab-network ran with usb0 uplink --- roles/network/tasks/sysd-netd-debian.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/network/tasks/sysd-netd-debian.yml b/roles/network/tasks/sysd-netd-debian.yml index e88c0483e..66281973d 100644 --- a/roles/network/tasks/sysd-netd-debian.yml +++ b/roles/network/tasks/sysd-netd-debian.yml @@ -64,6 +64,13 @@ enabled: yes masked: no +- name: Enable & Restart systemd-resolved.service + systemd: + name: systemd-resolved + state: restarted + enabled: yes + masked: no + - name: Enable & Restart networkd-dispatcher.service systemd: name: networkd-dispatcher From a2cbfc45d6f558e493272d4d8fb93c91b2a4275e Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 16 Jul 2022 14:26:34 -0400 Subject: [PATCH 08/12] firmware/templates/iiab-firmware-warn.sh: Suggest reboot --- roles/firmware/templates/iiab-firmware-warn.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/firmware/templates/iiab-firmware-warn.sh b/roles/firmware/templates/iiab-firmware-warn.sh index 77e38c71c..dd2c34dba 100644 --- a/roles/firmware/templates/iiab-firmware-warn.sh +++ b/roles/firmware/templates/iiab-firmware-warn.sh @@ -2,9 +2,8 @@ if [ -f /tmp/.fw_modified ]; then echo -e "\n\e[41;1mWiFi Firmware link(s) modified, per iiab/iiab#2853: PLEASE REBOOT!\e[0m" - # /tmp should be auto cleaned with a reboot - #echo - #echo -e "If you want this warning to stop, run: sudo rm /tmp/.fw_modified\n" + echo + echo -e "If you want this warning to stop, reboot to remove /tmp/.fw_modified\n" fi # \e[1m = bright white \e[100;1m = bright white, on gray \n\e[41;1m = bright white, on red From ffb831cf664d5035947d98c530f320f1a8aea98f Mon Sep 17 00:00:00 2001 From: root Date: Mon, 18 Jul 2022 09:41:20 -0400 Subject: [PATCH 09/12] Clean + explain 0-init/tasks/validate_vars.yml --- roles/0-init/tasks/validate_vars.yml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index b7da3e09d..934c4a561 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -156,18 +156,16 @@ when: item != 'nodejs' and item != 'postgresql' and item != 'mongodb' and item != 'yarn' # Exclude auto-installed dependencies loop: "{{ vars_checklist }}" -# Validates stale options are not marked for install -- name: 'DISALLOW "XYZ_install: True" Unmaintained' +- name: 'DISALLOW "XYZ_install: True" if deprecated' assert: that: "{{ item }}_install is undefined or not {{ item }}_install" - fail_msg: "DISALLOWED: '{{ item }}_install: True' (e.g. in /etc/iiab/local_vars.yml)" quiet: yes with_items: - - named # Removed - - dhcpd # Removed - - wondershaper # Removed - - dansguardian # Removed + - dhcpd # Deprecated + - named # Deprecated + - wondershaper # Deprecated + - dansguardian # Deprecated #- xo_services # Unmaintained #- activity_server # Unmaintained #- ejabberd_xs # Unmaintained From cf2b5a409755c567ca263b35e7cad6fa529de219 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 18 Jul 2022 10:00:21 -0400 Subject: [PATCH 10/12] iiab-check-firmware: Emphasize './runrole --reinstall firmware' --- roles/firmware/templates/iiab-check-firmware | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/firmware/templates/iiab-check-firmware b/roles/firmware/templates/iiab-check-firmware index a953d70b8..b26810440 100644 --- a/roles/firmware/templates/iiab-check-firmware +++ b/roles/firmware/templates/iiab-check-firmware @@ -44,11 +44,10 @@ else echo -e "settings in /etc/iiab/local_vars.yml, please then run:" echo echo -e " cd /opt/iiab/iiab" -# echo -e " sudo iiab-hotspot-off # Sometimes nec, eg to restore 'wifi_up_down: True'" -# echo -e " sudo ./iiab-network # Or, 'sudo ./runrole firmware' is SOMETIMES enough" -# echo -e " sudo iiab-hotspot-on # Sometimes nec, eg to restore 'wifi_up_down: True'" -# echo -e " sudo poweroff\n" - echo -e " sudo ./runrole firmware" + echo -e " sudo iiab-hotspot-off # NO LONGER NEC? eg to restore 'wifi_up_down: True'" + echo -e " sudo ./runrole --reinstall firmware" + echo -e " sudo ./iiab-network # SOMETIMES NECESSARY" + echo -e " sudo iiab-hotspot-on # NO LONGER NEC? eg to restore 'wifi_up_down: True'" echo -e " sudo reboot\n" #echo #echo -e "Disconnect your power cord before rebooting, for better WiFi firmware results.\n" From eb3c0a2684c81e6f916c8219c49918e8d304d1da Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 16 Jul 2022 11:12:40 -0500 Subject: [PATCH 11/12] shut the log up for #3278 --- roles/network/tasks/enable_services.yml | 4 +++- roles/network/tasks/hostapd.yml | 2 +- roles/network/tasks/install.yml | 2 +- roles/network/tasks/sysd-netd-debian.yml | 1 + 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index f6686de3d..2991a0c58 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -95,6 +95,8 @@ #- debug: # var: nd_dir +# networkd-dispatcher not enabled for is_linuxmint https://github.com/iiab/iiab/issues/3278 +# might need the same dispatcher treatment using networkmanager-dispatcher to bring up dnsmasq or look at dnsmasq-iiab - name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04 or later) (root:root by default) template: src: roles/network/templates/network/dnsmasq.sh.j2 @@ -107,7 +109,7 @@ #when: dnsmasq_install and dnsmasq_enabled and nd_enabled is defined and nd_enabled.stdout == "enabled" and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance") #when: dnsmasq_install and dnsmasq_enabled and systemd_out.status.UnitFileState == "enabled" and networkd_dir.stat.exists and networkd_dir.stat.isdir and (iiab_network_mode != "Appliance") -- name: Remove /etc/dnsmasq.d/iiab.conf, when not dnsmasq_enabled or is Appliance +- name: Remove /etc/dnsmasq.d/iiab.conf, when is Appliance file: path: /etc/dnsmasq.d/iiab.conf state: absent diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 3b9231a86..0bae7b20f 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -118,7 +118,7 @@ systemd: name: "{{ item }}" enabled: no - daemon_reload: yes + daemon_reload: yes with_items: - iiab-clone-wifi.service - iiab-wifi-test.service diff --git a/roles/network/tasks/install.yml b/roles/network/tasks/install.yml index 394286c32..08ddb9113 100644 --- a/roles/network/tasks/install.yml +++ b/roles/network/tasks/install.yml @@ -7,7 +7,7 @@ package: name: networkd-dispatcher # 15kB download: Dispatcher service for systemd-networkd connection status changes state: present - when: not is_raspbian + when: not is_raspbian or not is_linuxmint # 2021-07-27 from @jvonau: 3 apt packages BELOW (iw, rfkill, wireless-tools) # are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: diff --git a/roles/network/tasks/sysd-netd-debian.yml b/roles/network/tasks/sysd-netd-debian.yml index 66281973d..3c0b3d875 100644 --- a/roles/network/tasks/sysd-netd-debian.yml +++ b/roles/network/tasks/sysd-netd-debian.yml @@ -77,3 +77,4 @@ state: restarted enabled: yes masked: no + when: not is_linuxmint From a907459b3e785efc5d2ea6191399567358ef3f2f Mon Sep 17 00:00:00 2001 From: root Date: Mon, 18 Jul 2022 16:19:36 -0400 Subject: [PATCH 12/12] vars/.yml: Remove dns_service, dns_user, dhcp_service --- vars/debian-11.yml | 8 +------- vars/debian-12.yml | 8 +------- vars/linuxmint-20.yml | 8 +------- vars/linuxmint-21.yml | 8 +------- vars/raspbian-11.yml | 8 +------- vars/ubuntu-2004.yml | 8 +------- vars/ubuntu-2204.yml | 8 +------- vars/ubuntu-2210.yml | 8 +------- 8 files changed, 8 insertions(+), 56 deletions(-) diff --git a/vars/debian-11.yml b/vars/debian-11.yml index 57160cecb..bf0154cef 100644 --- a/vars/debian-11.yml +++ b/vars/debian-11.yml @@ -4,23 +4,17 @@ is_debuntu: True is_debian: True # Opposite of is_ubuntu for now is_debian_11: True -# 2019-01-31: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dhcp_service: isc-dhcp-server -dns_user: bind - proxy: squid proxy_user: proxy apache_service: apache2 apache_conf_dir: apache2/sites-available apache_user: www-data apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: openssh-server sshd_service: ssh php_version: 7.4 diff --git a/vars/debian-12.yml b/vars/debian-12.yml index cf4fbfcea..3e22cd07e 100644 --- a/vars/debian-12.yml +++ b/vars/debian-12.yml @@ -4,23 +4,17 @@ is_debuntu: True is_debian: True # Opposite of is_ubuntu for now is_debian_12: True -# 2019-01-31: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dhcp_service: isc-dhcp-server -dns_user: bind - proxy: squid proxy_user: proxy apache_service: apache2 apache_conf_dir: apache2/sites-available apache_user: www-data apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: openssh-server sshd_service: ssh php_version: 8.1 diff --git a/vars/linuxmint-20.yml b/vars/linuxmint-20.yml index 0afc95bb0..4e3cc762b 100644 --- a/vars/linuxmint-20.yml +++ b/vars/linuxmint-20.yml @@ -6,23 +6,17 @@ is_ubuntu_20: True is_linuxmint: True is_linuxmint_20: True -# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dns_user: bind -dhcp_service: isc-dhcp-server - proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data apache_conf_dir: apache2/sites-available apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: openssh-server sshd_service: ssh php_version: 7.4 diff --git a/vars/linuxmint-21.yml b/vars/linuxmint-21.yml index 0135cd65f..799915c1e 100644 --- a/vars/linuxmint-21.yml +++ b/vars/linuxmint-21.yml @@ -6,23 +6,17 @@ is_ubuntu_2204: True is_linuxmint: True is_linuxmint_21: True -# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dns_user: bind -dhcp_service: isc-dhcp-server - proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data apache_conf_dir: apache2/sites-available apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: openssh-server sshd_service: ssh php_version: 8.1 diff --git a/vars/raspbian-11.yml b/vars/raspbian-11.yml index 932455bc7..6ad1ebe21 100644 --- a/vars/raspbian-11.yml +++ b/vars/raspbian-11.yml @@ -6,23 +6,17 @@ is_debian_11: True is_raspbian: True is_raspbian_11: True -# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dns_user: bind -dhcp_service: isc-dhcp-server - proxy: squid proxy_user: proxy apache_service: apache2 apache_conf_dir: apache2/sites-available apache_user: www-data apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: ssh sshd_service: ssh php_version: 7.4 diff --git a/vars/ubuntu-2004.yml b/vars/ubuntu-2004.yml index 7e7e1a2ad..b5890c330 100644 --- a/vars/ubuntu-2004.yml +++ b/vars/ubuntu-2004.yml @@ -4,23 +4,17 @@ is_debuntu: True is_ubuntu: True # Opposite of is_debian for now is_ubuntu_2004: True -# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dns_user: bind -dhcp_service: isc-dhcp-server - proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data apache_conf_dir: apache2/sites-available apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: openssh-server sshd_service: ssh php_version: 7.4 diff --git a/vars/ubuntu-2204.yml b/vars/ubuntu-2204.yml index bbe849b36..47d60d401 100644 --- a/vars/ubuntu-2204.yml +++ b/vars/ubuntu-2204.yml @@ -4,23 +4,17 @@ is_debuntu: True is_ubuntu: True # Opposite of is_debian for now is_ubuntu_2204: True -# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dns_user: bind -dhcp_service: isc-dhcp-server - proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data apache_conf_dir: apache2/sites-available apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: openssh-server sshd_service: ssh php_version: 8.1 diff --git a/vars/ubuntu-2210.yml b/vars/ubuntu-2210.yml index e7ac7cc12..31d73daf9 100644 --- a/vars/ubuntu-2210.yml +++ b/vars/ubuntu-2210.yml @@ -4,23 +4,17 @@ is_debuntu: True is_ubuntu: True # Opposite of is_debian for now is_ubuntu_2210: True -# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True -# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True) -dns_service: bind9 -dns_user: bind -dhcp_service: isc-dhcp-server - proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data apache_conf_dir: apache2/sites-available apache_log_dir: /var/log/apache2 +apache_log: /var/log/apache2/access.log smb_service: smbd nmb_service: nmbd systemctl_program: /bin/systemctl mysql_service: mariadb -apache_log: /var/log/apache2/access.log sshd_package: openssh-server sshd_service: ssh php_version: 8.1