bring cp changes on top of current HEAD

roles/captiveportal/tasks/main.yml

@@ -12,21 +12,16 @@
     state: directory
     owner: "{{ apache_user }}"
 
-- name: 'Copy scripts: checkurls'
+- name: 'Copy scripts: checkurls, capture-wsgi.py'
   template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     mode: "{{ item.mode }}"
   with_items:
-    - { src: roles/captiveportal/templates/checkurls, mode: '0644', dest: /opt/iiab/captiveportal/ }
+    - { src: checkurls, mode: '0644', dest: /opt/iiab/captiveportal/ }
-    - { src: roles/captiveportal/templates/iiab-make-cp-servers.py, mode: '0755', dest: /usr/sbin/ }
+    - { src: capture-wsgi.py, mode: '0755', dest: /opt/iiab/captiveportal/ }
-    - { src: roles/captiveportal/templates/iiab-divert-to-nginx, mode: '0755', dest: /usr/sbin/ }
+    - { src: iiab-make-cp-servers.py, mode: '0755', dest: /usr/sbin/ }
-
+    - { src: iiab-divert-to-nginx, mode: '0755', dest: /usr/sbin/ }
-- name: Put put the python script that creates the server in place
-  template:
-    src: roles/captiveportal/templates/capture-wsgi.py 
-    mode: '0755' 
-    dest: /opt/iiab/captiveportal/ 
 
 - name: 'Copy templates: simple.template, mac.template'
   copy:
@@ -38,50 +33,48 @@
 
 - name: Copy uWSGI config file
   template:
-    src: roles/captiveportal/templates/captiveportal.ini.j2
+    src: captiveportal.ini
-    dest: /opt/iiab/captiveportal/captiveportal.ini
+    dest: /etc/uwsgi/apps-available/
+
+- name: Enable uwsgi config for captiveportal
+  file:
+    src: /etc/uwsgi/apps-available/captiveportal.ini
+    path: /etc/uwsgi/apps-enabled/captiveportal.ini
+    state: link
+  when: captiveportal_enabled | bool
 
 - name: Copy unit file for uWSGI service
   template:
-    src: roles/captiveportal/templates/uwsgi-captiveportal.service
+    src: uwsgi-captiveportal.service
     dest: /etc/systemd/system/
 
 - name: Start or restart server which responds to browsers trying to detect a captive portal
   systemd: 
     name: uwsgi-captiveportal.service
     state: restarted
-    enabled: True
   when: captiveportal_enabled | bool
 
 - name: Stop uWSGI server if captive portal has been disabled
   systemd: 
     name: uwsgi-captiveportal.service
     state: stopped
-    enabled: False
   when: not captiveportal_enabled | bool
 
 - name: Run divert to generate diversion lists for nginx
-  shell: /usr/sbin/iiab-divert-to-nginx
+  shell: iiab-divert-to-nginx
      
 - name: Run script to generate nginx servers from checkurls input list
-  command: /usr/sbin/iiab-make-cp-servers.py
+  shell: iiab-make-cp-servers.py
-  args:
+     
-      creates: /etc/nginx/sites-available/capture.conf
+- name: Install nginx's captiveportal.conf from template if captiveportal_enabled
-  
+  template:
-- name: Enable nginx to service the sites in checkurls list
+    src: roles/captiveportal/templates/captiveportal-nginx.conf
-  file:
+    dest: /etc/nginx/conf.d/
-    src: /etc/nginx/sites-available/capture.conf
+    owner: root
-    path: /etc/nginx/sites-enabled/capture.conf
+    group: root
-    state: link
+    mode: 0644
   when: captiveportal_enabled | bool
 
-- name: Disable nginx to location definitions for checkurls
-  file:
-    src: /etc/nginx/sites-available/capture.conf
-    path: /etc/nginx/sites-enabled/capture.conf
-    state: absent
-  when: not captiveportal_enabled | bool
-
 - name: Make sure dnsmasq is not diverting if not captiveportal_enabled
   file:
     path: /etc/dnsmasq.d/capture

roles/captiveportal/templates/captiveportal-nginx.conf

@@ -0,0 +1,9 @@
+location /capture {
+   rewrite /capture/(.+) /$1 break;
+   include uwsgi_params;
+   #uwsgi_pass unix:///tmp/captiveportal.sock;
+   uwsgi_pass localhost:9090;
+}
+
+  
+

roles/captiveportal/templates/captiveportal.ini

@@ -0,0 +1,12 @@
+[uwsgi]
+   uid = www-data
+   gid = www-data
+   http-socket = :9090
+   chdir = /opt/iiab/captiveportal
+   wsgi-file = capture-wsgi.py
+   #wsgi-file = very_simple.py
+   master = true
+   plugins = python3
+   log-to = /var/log/uwsgi/app/captiveportal.log
+   #die-on-term = true
+   py-autoreload = 2

roles/captiveportal/templates/capture-wsgi.py

@@ -40,19 +40,15 @@ doc_root = get_iiab_env("WWWROOT")
 fully_qualified_domain_name = get_iiab_env("FQDN")
 
 
-loggingLevel = "ERROR"
+loggingLevel = "DEBUG"
-if len(sys.argv) > 1:
-   if sys.argv[1] == '-l':
-      loggingLevel = "DEBUG"
-      
 # set up some logging -- selectable for diagnostics
 logging.basicConfig(filename='/var/log/apache2/portal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel)
 logger = logging.getLogger('/var/log/apache2/portal.log')
 handler = RotatingFileHandler("/var/log/apache2/portal.log", maxBytes=100000, backupCount=2)
 logger.addHandler(handler)
 
-PORT={{ captiveportal_port }}
+#PORT={{ captiveportal_port }}
-#PORT=9090
+PORT=9090
 
 
 # Define globals
@@ -151,7 +147,7 @@ def set_lasttimestamp(ip):
 
 #  ###################  Action routines based on OS  ################3
 def microsoft(environ,start_response):
-    logger.debug('in microsoft')
+    print('in microsoft')
     # firefox -- seems both mac and Windows use it
     agent = environ.get('HTTP_USER_AGENT','default_agent')
     if agent.startswith('Mozilla'):
@@ -244,7 +240,7 @@ def android_https(environ, start_response):
     return [response_body]
 
 def mac_splash(environ,start_response):
-    logger.debug('in mac_splash')
+    print('in mac_splash')
     logger.debug("in function mac_splash")
     en_txt={ 'message': "Click on the button to go to the IIAB home page",\
             'btn1': "GO TO IIAB HOME PAGE",'success_token': 'Success',
@@ -268,7 +264,7 @@ def mac_splash(environ,start_response):
     return [response_body]
 
 def macintosh(environ, start_response):
-    logger.debug('in macintosh')
+    print('in macintosh')
     global ip
     logger.debug("in function mcintosh")
     #print >> sys.stderr , "Geo Print to stderr" + environ['HTTP_HOST']

roles/captiveportal/templates/checkurls-nginx

@@ -0,0 +1,111 @@
+server {
+    listen 80;
+    server_name clients3.google.com
+    rewrite ^clients3.google.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name connectivitycheck.gstatic.com
+    rewrite ^connectivitycheck.gstatic.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name detectportal.firefox.com
+    rewrite ^detectportal.firefox.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name *.akamaitechnologies.com
+    rewrite ^*.akamaitechnologies.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name appleiphonecell.com
+    rewrite ^appleiphonecell.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name thinkdifferent.us
+    rewrite ^thinkdifferent.us http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name *.apple.com.edgekey.net
+    rewrite ^*.apple.com.edgekey.net http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name ipv6.msftncsi.com
+    rewrite ^ipv6.msftncsi.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name ipv6.msftncsi.com.edgesuite.net
+    rewrite ^ipv6.msftncsi.com.edgesuite.net http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name www.msftncsi.com
+    rewrite ^www.msftncsi.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name www.msftncsi.com.edgesuite.net
+    rewrite ^www.msftncsi.com.edgesuite.net http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name www.msftconnecttest.com
+    rewrite ^www.msftconnecttest.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name www.msn.com
+    rewrite ^www.msn.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name teredo.ipv6.microsoft.com
+    rewrite ^teredo.ipv6.microsoft.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name teredo.ipv6.microsoft.com.nsatc.net
+    rewrite ^teredo.ipv6.microsoft.com.nsatc.net http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name captive.apple.com
+    rewrite ^captive.apple.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name init-p01st.push.apple.com
+    rewrite ^init-p01st.push.apple.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name mtalk.google.com
+    rewrite ^mtalk.google.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name connectivitycheck.android.com
+    rewrite ^connectivitycheck.android.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name alt7-mtalk.google.com
+    rewrite ^alt7-mtalk.google.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name alt6-mtalk.google.com
+    rewrite ^alt6-mtalk.google.com http://127.0.0.1/captive
+}
+server {
+    listen 80;
+    server_name captive.lan
+    rewrite ^captive.lan http://127.0.0.1/captive
+}
+

roles/captiveportal/templates/iiab-divert-to-nginx

@@ -1,4 +1,4 @@
 #!/bin/bash -x
-awk '{print("address=/" $1 "/172.18.96.1")}' /opt/iiab/captiveportal/checkurls > /etc/dnsmasq.d/capture
+awk '{print("address=/" $1 "/ 172.18.96.1")}' /opt/iiab/captiveportal/checkurls > /etc/dnsmasq.d/capture
 echo "#following tells windows 7 that captive portal is active" >>/etc/dnsmasq.d/capture
 echo "address=/dns.msftncsi.com/131.107.255.255" >> /etc/dnsmasq.d/capture

roles/captiveportal/templates/iiab-make-cp-servers.py

@@ -4,8 +4,7 @@
 import os
 outstr = ''
 
-#os.chdir('{{ iiab_dir }}/roles/captiveportal/templates')
+os.chdir('{{ iiab_dir }}/roles/captiveportal/templates')
-os.chdir('/opt/iiab/iiab/roles/captiveportal/templates')
 with open('checkurls','r') as urls:
    for line in urls:
       line = line.replace('*','.*')

roles/captiveportal/templates/uwsgi-captiveportal.service

@@ -2,7 +2,7 @@
 Description=uWSGI Service
 
 [Service]
-ExecStart=/usr/bin/uwsgi --ini  /opt/iiab/captiveportal/captiveportal.ini
+ExecStart=/usr/bin/uwsgi --ini  /etc/uwsgi/apps-enabled/captiveportal.ini
 Restart=always
 RestartSec=5
 KillSignal=SIGQUIT