Merge pull request #202 from iiab/master

sync from iiab/iiab

roles/2-common/tasks/fl.yml

@@ -1,3 +1,5 @@
+# fl.yml signifies "file layout"
+
 - name: Create 19 directories with ownership root:root and permissions 0755 (1 in /etc, 3 in {{ iiab_base }} and 15 in /library)    # iiab_base is /opt/iiab
   file:
     path: "{{ item }}"

roles/2-common/tasks/main.yml

@@ -3,7 +3,7 @@
 - name: ...IS BEGINNING ==========================================
   command: echo
 
-- name: Create IIAB directory structure
+- name: Create IIAB directory structure ("file layout")
   include_tasks: fl.yml
 
 - include_tasks: centos.yml

roles/6-generic-apps/tasks/main.yml

@@ -33,6 +33,18 @@
   when: lokole_install
   tags: lokole
 
+- name: MOSQUITTO
+  include_role:
+    name: mosquitto
+  when: mosquitto_install
+  tags: mosquitto
+
+- name: NODE-RED
+  include_role:
+    name: nodered
+  when: nodered_install
+  tags: nodered
+
 - name: NEXTCLOUD
   include_role:
     name: nextcloud

roles/mosquitto/README.rst

@@ -0,0 +1,25 @@
+================
+Mosquitto README
+================
+
+Adds the `Mosquitto <https://mosquitto.org/>`_ (`MQTT <https://mqtt.org/faq>`_) `pub-sub <https://en.wikipedia.org/wiki/Publish–subscribe_pattern>`_ broker to Internet-in-a-Box (IIAB) for educational experiments with  `IoT <https://en.wikipedia.org/wiki/Internet_of_things>`_.
+
+Roughly follows this guide: https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-the-mosquitto-mqtt-messaging-broker-on-ubuntu-16-04
+
+Using It
+-------
+
+The Mosquitto service is authenticated with:
+
+Username: ``Admin``
+
+Password: ``changeme``
+
+You can monitor it with command::
+
+  systemctl status mosquitto
+
+See Also
+--------
+
+`Node-RED <../nodered/README.rst>`_

roles/mosquitto/defaults/main.yml

@@ -0,0 +1,5 @@
+mosquitto_install: False
+mosquitto_enabled: False
+
+mosquitto_user: Admin
+mosquitto_password: changeme

roles/mosquitto/tasks/main.yml

@@ -0,0 +1,45 @@
+- name: Install mosquitto & mosquitto-clients
+  package:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - mosquitto
+    - mosquitto-clients
+  when: mosquitto_install
+  tags: download
+
+- name: Disable & Stop mosquitto service
+  systemd:
+    name: mosquitto
+    enabled: no
+    state: stopped
+  when: mosquitto_install
+
+- name: Create (touch) file /etc/mosquitto/passwd
+  file:
+    path: /etc/mosquitto/passwd
+    state: touch
+    mode: "u=rw,g=r,o=r"    # 0644
+  when: mosquitto_install
+
+- name: Populate /etc/mosquitto/passwd with actual username/password
+  shell: mosquitto_passwd -b /etc/mosquitto/passwd "{{ mosquitto_user }}" "{{ mosquitto_password  }}"
+  when: mosquitto_install
+
+- name: Install /etc/mosquitto/conf.d/websockets.conf from template
+  template:
+    backup: yes
+    src: websockets.conf.j2
+    dest: /etc/mosquitto/conf.d/websockets.conf
+    owner: root
+    group: root
+    mode: 0755
+  when: mosquitto_install
+
+- name: Enable & Start mosquitto service
+  systemd:
+    daemon_reload: yes
+    name: mosquitto
+    enabled: yes
+    state: started
+  when: mosquitto_enabled

roles/mosquitto/templates/websockets.conf.j2

@@ -0,0 +1,3 @@
+listener 1883
+allow_anonymous false
+password_file /etc/mosquitto/passwd

roles/network/tasks/main.yml

@@ -55,24 +55,24 @@
     - hostname
     - domain
 
-- name: Configuring wondershaper
+- name: Configure wondershaper
   include_tasks: wondershaper.yml
   when: wondershaper_install
   tags:
     - network
     - wondershaper
 
-- name: (Re)Installing named
+- name: (Re)Install named
   include_tasks: named.yml
-  when: FQDN_changed and iiab_stage|int == 9
+  when: named_install and FQDN_changed and iiab_stage|int == 9
 
-- name: (Re)Installing dhcpd
+- name: (Re)Install dhcpd
   include_tasks: dhcpd.yml
-  when: FQDN_changed and iiab_stage|int == 9
+  when: dhcpd_install and FQDN_changed and iiab_stage|int == 9
 
-- name: (Re)Installing Squid
+- name: (Re)Install Squid
   include_tasks: squid.yml
-  when: FQDN_changed and squid_install and iiab_stage|int == 9
+  when: squid_install and FQDN_changed and iiab_stage|int == 9
 
 #### start services
 - include_tasks: avahi.yml
@@ -104,7 +104,7 @@
   tags:
     - network
 
-- name: Netplan in use on ubuntu 18
+- name: Netplan in use on Ubuntu 18
   include_tasks: netplan.yml
   when: is_ubuntu_18
 #and not installing

roles/network/templates/gateway/iiab-gen-iptables

@@ -62,6 +62,8 @@ cups_port={{ cups_port }}
 transmission_http_port={{ transmission_http_port }}
 transmission_peer_port={{ transmission_peer_port }}
 sugarizer_port={{ sugarizer_port }}
+nodered_port={{ nodered_port }}
+mosquitto_port={{ mosquitto_port }}
 block_DNS={{ block_DNS }}
 
 echo "LAN is $lan and WAN is $wan"
@@ -96,6 +98,8 @@ if [ "$services_externally_visible" == "True" ]; then
     $IPTABLES -A INPUT -p tcp --dport $calibre_port -m state --state NEW -i $wan -j ACCEPT
     $IPTABLES -A INPUT -p tcp --dport $cups_port -m state --state NEW -i $wan -j ACCEPT
     $IPTABLES -A INPUT -p tcp --dport $sugarizer_port -m state --state NEW -i $wan -j ACCEPT
+    $IPTABLES -A INPUT -p tcp --dport $nodered_port -m state --state NEW -i $wan -j ACCEPT
+    $IPTABLES -A INPUT -p tcp --dport $mosquitto_port -m state --state NEW -i $wan -j ACCEPT
     $IPTABLES -A INPUT -p tcp --dport $transmission_http_port -m state --state NEW -i $wan -j ACCEPT
     $IPTABLES -A INPUT -p tcp --dport $transmission_peer_port -m state --state NEW -i $wan -j ACCEPT
 fi

roles/nextcloud/tasks/main.yml

@@ -63,7 +63,7 @@
   package:
     name: "php{{ php_version }}-mcrypt"
     state: present
-  when: is_debuntu and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17)
+  when: is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17
   # NOT NEC TO TEST FOR is_raspbian_8 OR is_raspbian_9 AS /opt/iiab/iiab/vars/<OS>.yml
   # DEFINES THESE AS SUBSETS OF is_debian_8 OR is_debian_9 (FOR NOW!)
 

roles/nodered/README.rst

@@ -0,0 +1,30 @@
+===============
+Node-RED README
+===============
+
+Adds `Node-RED <https://nodered.org/>`_ and `Node-RED Dashboard <https://flows.nodered.org/node/node-red-dashboard>`_ to Internet-in-a-Box (IIAB) for educational experiments with `IoT <https://en.wikipedia.org/wiki/Internet_of_things>`_.
+
+Node-RED is a flow-based development tool for visual programming developed originally by IBM for wiring together hardware devices, APIs and online services as part of the Internet of Things.  Node-RED provides a web browser-based flow editor, which can be used to create JavaScript functions.
+
+Using It
+--------
+
+Prior to installing IIAB, make sure your `/etc/iiab/local_vars.yml <http://wiki.laptop.org/go/IIAB/FAQ#What_is_local_vars.yml_and_how_do_I_customize_it.3F>`_ contains::
+
+  nodered_install: True
+  nodered_enabled: True
+
+After installing Node-RED as part IIAB, please log in to http://box:1880 with:
+
+Username: ``Admin``
+
+Password: ``changeme``
+
+You can monitor the Node-RED service with command::
+
+  systemctl status node-red
+
+See Also
+--------
+
+`Mosquitto (MQTT) <../mosquitto/README.rst>`_

roles/nodered/defaults/main.yml

@@ -0,0 +1,9 @@
+nodered_install: False
+nodered_enabled: False
+
+nodered_user: Admin
+nodered_password: changeme
+nodered_password_hash: $2b$08$oxgvoU9et3deSbXY8UNVTOWHSTQAyEASIal86RHVMqYQJhpPMNz7q
+# To generate a new password hash, run 'node-red-admin hash-pw' and enter the
+# new password.  Paste the resulting hash above.  After Ansible runs, username
+# and password hash will be placed in: /home/nodered/.node-red/settings.js

roles/nodered/tasks/main.yml

@@ -0,0 +1,80 @@
+- name: Set up Node.js 8.x apt sources (debuntu distros up to 2017)
+  shell: curl -sL https://deb.nodesource.com/setup_8.x | bash -
+  args:
+    warn: no
+  when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) and nodered_install
+  # NOT NEC TO TEST FOR is_raspbian_8 OR is_raspbian_9 AS /opt/iiab/iiab/vars/<OS>.yml
+  # DEFINES THESE AS SUBSETS OF is_debian_8 OR is_debian_9 (FOR NOW!)
+  
+- name: Install latest Node.js which includes /usr/bin/npm (debuntu distros up to 2017)
+  package:
+    name: nodejs
+    # name: nodejs=8.x
+    state: latest
+    # state: present
+  when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) and nodered_install
+
+# 2019-01-15: WE'RE BORROWING npm INSTALLATION TRICKS FROM MID-2018 SUGARIZER:
+# https://github.com/iiab/iiab/blob/master/roles/sugarizer/tasks/main.yml#L77-L94
+
+- name: Install latest packages nodejs and npm (debuntu distros after 2017, or other distros)
+  package:
+    name:
+      - nodejs
+      - npm
+    state: latest
+  when: internet_available and not (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17) and nodered_install
+
+
+- name: 'npm install node-red packages globally: node-red, node-red-admin, node-red-dashboard'
+  shell: npm install -g --unsafe-perm node-red node-red-admin node-red-dashboard
+  when: nodered_install
+
+- name: Ensure Linux group "nodered" exists
+  group:
+    name: nodered
+    state: present
+  when: nodered_install
+
+- name: Ensure Linux user "nodered" exists and is added to group "nodered"
+  user:
+    name: nodered
+    group: nodered
+  when: nodered_install
+
+- name: Create /home/nodered/.node-red/ directory
+  file:
+    path: /home/nodered/.node-red
+    state: directory
+    owner: nodered
+    group: nodered
+    mode: 0775
+  when: nodered_install
+
+- name: Install /home/nodered/.node-red/settings.js from template, with authentication
+  template:
+    backup: yes
+    src: settings.js.j2
+    dest: /home/nodered/.node-red/settings.js
+    owner: nodered
+    group: nodered
+    mode: 0755
+  when: nodered_install
+
+- name: Install /etc/systemd/system/node-red.service systemd unit file from template
+  template:
+    backup: yes
+    src: node-red.service.j2
+    dest: /etc/systemd/system/node-red.service
+    owner: root
+    group: root
+    mode: 0666
+  when: nodered_install
+
+- name: Enable & Start node-red service
+  systemd:
+    daemon_reload: yes
+    name: node-red
+    enabled: yes
+    state: started
+  when: nodered_enabled

roles/nodered/templates/node-red.service.j2

@@ -0,0 +1,25 @@
+[Unit]
+Description=Node-RED
+After=syslog.target network.target
+
+[Service]
+{% if is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17 %}
+ExecStart=/usr/bin/node-red-pi --max-old-space-size=128 -v
+{% else %}
+ExecStart=/usr/local/bin/node-red-pi --max-old-space-size=128 -v
+{% endif %}
+Restart=on-failure
+KillSignal=SIGINT
+
+# log output to syslog as 'node-red'
+SyslogIdentifier=node-red
+StandardOutput=syslog
+
+# non-root user to run as
+WorkingDirectory=/home/nodered/
+User=nodered
+Group=nodered
+
+[Install]
+WantedBy=multi-user.target
+

roles/nodered/templates/settings.js.j2

@@ -0,0 +1,245 @@
+/**
+ * Copyright JS Foundation and other contributors, http://js.foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ **/
+
+// The `https` setting requires the `fs` module. Uncomment the following
+// to make it available:
+//var fs = require("fs");
+
+module.exports = {
+    // the tcp port that the Node-RED web server is listening on
+    uiPort: process.env.PORT || 1880,
+
+    // By default, the Node-RED UI accepts connections on all IPv4 interfaces.
+    // To listen on all IPv6 addresses, set uiHost to "::",
+    // The following property can be used to listen on a specific interface. For
+    // example, the following would only allow connections from the local machine.
+    //uiHost: "127.0.0.1",
+
+    // Retry time in milliseconds for MQTT connections
+    mqttReconnectTime: 15000,
+
+    // Retry time in milliseconds for Serial port connections
+    serialReconnectTime: 15000,
+
+    // Retry time in milliseconds for TCP socket connections
+    //socketReconnectTime: 10000,
+
+    // Timeout in milliseconds for TCP server socket connections
+    //  defaults to no timeout
+    //socketTimeout: 120000,
+
+    // Timeout in milliseconds for HTTP request connections
+    //  defaults to 120 seconds
+    //httpRequestTimeout: 120000,
+
+    // The maximum length, in characters, of any message sent to the debug sidebar tab
+    debugMaxLength: 1000,
+
+    // The maximum number of messages nodes will buffer internally as part of their
+    // operation. This applies across a range of nodes that operate on message sequences.
+    //  defaults to no limit. A value of 0 also means no limit is applied.
+    //nodeMaxMessageBufferLength: 0,
+
+    // To disable the option for using local files for storing keys and certificates in the TLS configuration
+    //  node, set this to true
+    //tlsConfigDisableLocalFiles: true,
+
+    // Colourise the console output of the debug node
+    //debugUseColors: true,
+
+    // The file containing the flows. If not set, it defaults to flows_<hostname>.json
+    //flowFile: 'flows.json',
+
+    // To enabled pretty-printing of the flow within the flow file, set the following
+    //  property to true:
+    //flowFilePretty: true,
+
+    // By default, credentials are encrypted in storage using a generated key. To
+    // specify your own secret, set the following property.
+    // If you want to disable encryption of credentials, set this property to false.
+    // Note: once you set this property, do not change it - doing so will prevent
+    // node-red from being able to decrypt your existing credentials and they will be
+    // lost.
+    //credentialSecret: "a-secret-key",
+
+    // By default, all user data is stored in the Node-RED install directory. To
+    // use a different location, the following property can be used
+    //userDir: '/home/nol/.node-red/',
+
+    // Node-RED scans the `nodes` directory in the install directory to find nodes.
+    // The following property can be used to specify an additional directory to scan.
+    //nodesDir: '/home/nol/.node-red/nodes',
+
+    // By default, the Node-RED UI is available at http://localhost:1880/
+    // The following property can be used to specify a different root path.
+    // If set to false, this is disabled.
+    //httpAdminRoot: '/admin',
+
+    // Some nodes, such as HTTP In, can be used to listen for incoming http requests.
+    // By default, these are served relative to '/'. The following property
+    // can be used to specifiy a different root path. If set to false, this is
+    // disabled.
+    //httpNodeRoot: '/red-nodes',
+
+    // The following property can be used in place of 'httpAdminRoot' and 'httpNodeRoot',
+    // to apply the same root to both parts.
+    //httpRoot: '/red',
+
+    // When httpAdminRoot is used to move the UI to a different root path, the
+    // following property can be used to identify a directory of static content
+    // that should be served at http://localhost:1880/.
+    //httpStatic: '/home/nol/node-red-static/',
+
+    // The maximum size of HTTP request that will be accepted by the runtime api.
+    // Default: 5mb
+    //apiMaxLength: '5mb',
+
+    // If you installed the optional node-red-dashboard you can set it's path
+    // relative to httpRoot
+    ui: { path: "ui" },
+
+    // Securing Node-RED
+    // -----------------
+    // To password protect the Node-RED editor and admin API, the following
+    // property can be used. See http://nodered.org/docs/security.html for details.
+    adminAuth: {
+        type: "credentials",
+        users: [{
+            username: "{{ nodered_user }}",
+            password: "{{ nodered_password_hash }}",
+            permissions: "*"
+        }]
+    },
+
+    // To password protect the node-defined HTTP endpoints (httpNodeRoot), or
+    // the static content (httpStatic), the following properties can be used.
+    // The pass field is a bcrypt hash of the password.
+    // See http://nodered.org/docs/security.html#generating-the-password-hash
+    //httpNodeAuth: {user:"user",pass:"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN."},
+    //httpStaticAuth: {user:"user",pass:"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN."},
+
+    // The following property can be used to enable HTTPS
+    // See http://nodejs.org/api/https.html#https_https_createserver_options_requestlistener
+    // for details on its contents.
+    // See the comment at the top of this file on how to load the `fs` module used by
+    // this setting.
+    //
+    //https: {
+    //    key: fs.readFileSync('privatekey.pem'),
+    //    cert: fs.readFileSync('certificate.pem')
+    //},
+
+    // The following property can be used to cause insecure HTTP connections to
+    // be redirected to HTTPS.
+    //requireHttps: true
+
+    // The following property can be used to disable the editor. The admin API
+    // is not affected by this option. To disable both the editor and the admin
+    // API, use either the httpRoot or httpAdminRoot properties
+    //disableEditor: false,
+
+    // The following property can be used to configure cross-origin resource sharing
+    // in the HTTP nodes.
+    // See https://github.com/troygoode/node-cors#configuration-options for
+    // details on its contents. The following is a basic permissive set of options:
+    //httpNodeCors: {
+    //    origin: "*",
+    //    methods: "GET,PUT,POST,DELETE"
+    //},
+
+    // If you need to set an http proxy please set an environment variable
+    // called http_proxy (or HTTP_PROXY) outside of Node-RED in the operating system.
+    // For example - http_proxy=http://myproxy.com:8080
+    // (Setting it here will have no effect)
+    // You may also specify no_proxy (or NO_PROXY) to supply a comma separated
+    // list of domains to not proxy, eg - no_proxy=.acme.co,.acme.co.uk
+
+    // The following property can be used to add a custom middleware function
+    // in front of all http in nodes. This allows custom authentication to be
+    // applied to all http in nodes, or any other sort of common request processing.
+    //httpNodeMiddleware: function(req,res,next) {
+    //    // Handle/reject the request, or pass it on to the http in node by calling next();
+    //    // Optionally skip our rawBodyParser by setting this to true;
+    //    //req.skipRawBodyParser = true;
+    //    next();
+    //},
+
+    // The following property can be used to verify websocket connection attempts.
+    // This allows, for example, the HTTP request headers to be checked to ensure
+    // they include valid authentication information.
+    //webSocketNodeVerifyClient: function(info) {
+    //    // 'info' has three properties:
+    //    //   - origin : the value in the Origin header
+    //    //   - req : the HTTP request
+    //    //   - secure : true if req.connection.authorized or req.connection.encrypted is set
+    //    //
+    //    // The function should return true if the connection should be accepted, false otherwise.
+    //    //
+    //    // Alternatively, if this function is defined to accept a second argument, callback,
+    //    // it can be used to verify the client asynchronously.
+    //    // The callback takes three arguments:
+    //    //   - result : boolean, whether to accept the connection or not
+    //    //   - code : if result is false, the HTTP error status to return
+    //    //   - reason: if result is false, the HTTP reason string to return
+    //},
+
+    // Anything in this hash is globally available to all functions.
+    // It is accessed as context.global.
+    // eg:
+    //    functionGlobalContext: { os:require('os') }
+    // can be accessed in a function block as:
+    //    context.global.os
+
+    functionGlobalContext: {
+        // os:require('os'),
+        // jfive:require("johnny-five"),
+        // j5board:require("johnny-five").Board({repl:false})
+    },
+
+    // The following property can be used to order the categories in the editor
+    // palette. If a node's category is not in the list, the category will get
+    // added to the end of the palette.
+    // If not set, the following default order is used:
+    //paletteCategories: ['subflows', 'input', 'output', 'function', 'social', 'mobile', 'storage', 'analysis', 'advanced'],
+
+    // Configure the logging output
+    logging: {
+        // Only console logging is currently supported
+        console: {
+            // Level of logging to be recorded. Options are:
+            // fatal - only those errors which make the application unusable should be recorded
+            // error - record errors which are deemed fatal for a particular request + fatal errors
+            // warn - record problems which are non fatal + errors + fatal errors
+            // info - record information about the general running of the application + warn + error + fatal errors
+            // debug - record information which is more verbose than info + info + warn + error + fatal errors
+            // trace - record very detailed logging + debug + info + warn + error + fatal errors
+            // off - turn off all logging (doesn't affect metrics or audit)
+            level: "info",
+            // Whether or not to include metric events in the log output
+            metrics: false,
+            // Whether or not to include audit events in the log output
+            audit: false
+        }
+    },
+
+    // Customising the editor
+    editorTheme: {
+        projects: {
+            // To enable the Projects feature, set this value to true
+            enabled: false
+        }
+    }
+}

roles/sugarizer/tasks/main.yml

@@ -60,19 +60,23 @@
 
 # 3. INSTALL A GOOD VERSION OF Node.js AND npm
 
-- name: Set up Node.js 8.x apt sources (debuntu, but avoid ubuntu-18)
+- name: Set up Node.js 8.x apt sources (debuntu distros up to 2017)
   shell: curl -sL https://deb.nodesource.com/setup_8.x | bash -
   args:
     warn: no
-  when: internet_available and is_debuntu and not is_ubuntu_18
+  when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17)
+  # NOT NEC TO TEST FOR is_raspbian_8 OR is_raspbian_9 AS /opt/iiab/iiab/vars/<OS>.yml
+  # DEFINES THESE AS SUBSETS OF is_debian_8 OR is_debian_9 (FOR NOW!)
 
-- name: Install latest Node.js which includes /usr/bin/npm (debuntu, but avoid ubuntu-18)
+- name: Install latest Node.js which includes /usr/bin/npm (debuntu distros up to 2017)
   package:
     name: nodejs
     # name: nodejs=8.x
     state: latest
     # state: present
-  when: internet_available and is_debuntu and not is_ubuntu_18
+  when: internet_available and (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17)
+
+# 2019-01-15: BORROWED BY https://github.com/iiab/iiab/blob/master/roles/nodered/tasks/main.yml#L1-L26
 
 # 2018-07-14: BOTH STEPS ABOVE TAKE TIME, but Raspbian (apt offers npm
 # 1.4.21) & Debian 9 (apt offers no npm!) STILL NEED the above
@@ -93,13 +97,13 @@
 # where it upgrades /usr/bin/npm in place:
 # https://askubuntu.com/questions/1036278/npm-is-incorrect-version-on-latest-ubuntu-18-04-installation
 
-- name: Install latest packages nodejs and npm (ubuntu-18 or not debuntu)
+- name: Install latest packages nodejs and npm (debuntu distros after 2017, or other distros)
   package:
     name:
       - nodejs
       - npm
     state: latest
-  when: internet_available and (is_ubuntu_18 or not is_debuntu)
+  when: internet_available and not (is_debian_8 or is_debian_9 or is_ubuntu_16 or is_ubuntu_17)
 
 
 # 4. RUN "npm install" TO POPULATE ~35MB /opt/iiab/sugarizer-server/node_modules

vars/default_vars.yml

@@ -282,6 +282,16 @@ ejabberd_enabled: False
 lokole_install: False
 lokole_enabled: False
 
+# MQTT pub-sub broker for IoT on Raspberry Pi etc
+mosquitto_install: False
+mosquitto_enabled: False
+mosquitto_port: 1883
+
+# Flow-based visual programming for wiring together IoT hardware devices etc
+nodered_install: False
+nodered_enabled: False
+nodered_port: 1880
+
 nextcloud_install: False
 nextcloud_enabled: False
 
@@ -289,7 +299,6 @@ nextcloud_enabled: False
 wordpress_install: False
 wordpress_enabled: False
 
-
 # 7-EDU-APPS
 
 # KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS

vars/local_vars_big.yml

@@ -184,6 +184,14 @@ ejabberd_enabled: False
 lokole_install: True
 lokole_enabled: True
 
+# MQTT pub-sub broker for IoT on Raspberry Pi etc
+mosquitto_install: True
+mosquitto_enabled: True
+
+# Flow-based visual programming for wiring together IoT hardware devices etc
+nodered_install: True
+nodered_enabled: True
+
 nextcloud_install: True
 nextcloud_enabled: True
 
@@ -191,7 +199,6 @@ nextcloud_enabled: True
 wordpress_install: True
 wordpress_enabled: True
 
-
 # 7-EDU-APPS
 
 # KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS

vars/local_vars_medium.yml

@@ -184,6 +184,14 @@ ejabberd_enabled: False
 lokole_install: False
 lokole_enabled: False
 
+# MQTT pub-sub broker for IoT on Raspberry Pi etc
+mosquitto_install: False
+mosquitto_enabled: False
+
+# Flow-based visual programming for wiring together IoT hardware devices etc
+nodered_install: False
+nodered_enabled: False
+
 nextcloud_install: True
 nextcloud_enabled: True
 
@@ -191,7 +199,6 @@ nextcloud_enabled: True
 wordpress_install: True
 wordpress_enabled: True
 
-
 # 7-EDU-APPS
 
 # KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS

vars/local_vars_min.yml

@@ -184,6 +184,14 @@ ejabberd_enabled: False
 lokole_install: False
 lokole_enabled: False
 
+# MQTT pub-sub broker for IoT on Raspberry Pi etc
+mosquitto_install: False
+mosquitto_enabled: False
+
+# Flow-based visual programming for wiring together IoT hardware devices etc
+nodered_install: False
+nodered_enabled: False
+
 nextcloud_install: False
 nextcloud_enabled: False
 
@@ -191,7 +199,6 @@ nextcloud_enabled: False
 wordpress_install: False
 wordpress_enabled: False
 
-
 # 7-EDU-APPS
 
 # KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS