external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

Iiab (#68)

Browse source 
* xs- goes to iiab-

* more xs->iiab

* sysconfig was forgotten

* hyphen vs underscore i roles network templates

* bulk sed on pgsql-xs

* create links for old script names

* missed named-xs -> named-iiab

* squid-xs ->squid-iiab

* misspelled squid-iiab.conf.j2
This commit is contained in:
georgejhunt 2017-06-27 19:53:13 -07:00 committed by GitHub
parent 909439f40b
commit 4462652deb
36 changed files with 110 additions and 104 deletions
Download patch file Download diff file Expand all files Collapse all files

10
roles/1-prep/tasks/detected_network.yml
View file

@ -1,5 +1,5 @@
- name: Checking xs_domain_name - name: Checking iiab_domain_name
shell: "cat /etc/sysconfig/xs_domain_name" shell: "cat /etc/sysconfig/iiab_domain_name"
register: prior_domain register: prior_domain
ignore_errors: True ignore_errors: True
@ -9,8 +9,8 @@
iiab_domain: "{{ prior_domain.stdout }}" iiab_domain: "{{ prior_domain.stdout }}"
when: prior_domain.stdout != "lan" and prior_domain.stdout != "" when: prior_domain.stdout != "lan" and prior_domain.stdout != ""
- name: xs_wan_device - name: iiab_wan_device
shell: "cat /etc/sysconfig/xs_wan_device" shell: "cat /etc/sysconfig/iiab_wan_device"
register: prior_gw register: prior_gw
ignore_errors: True ignore_errors: True
@ -263,7 +263,7 @@
when: iiab_wireless_lan_iface != "none" when: iiab_wireless_lan_iface != "none"
# OK try old gw this is a best guess based on what's in # OK try old gw this is a best guess based on what's in
# /etc/sysconfig/xs_wan_device's last state intended to # /etc/sysconfig/iiab_wan_device's last state intended to
# provide a seed value to display in the GUI when no # provide a seed value to display in the GUI when no
# gateway is present but we had one. # gateway is present but we had one.
- name: Has old gateway and no discovered gateway setting WAN - name: Has old gateway and no discovered gateway setting WAN

4
roles/1-prep/tasks/prep.yml
View file

@ -68,9 +68,9 @@
iiab_preload: '{{ ansible_local["local_facts"]["iiab_preload"] }}' iiab_preload: '{{ ansible_local["local_facts"]["iiab_preload"] }}'
- name: Install script to fully initialize network config, and/or collect data - name: Install script to fully initialize network config, and/or collect data
# calling xs-network-reset w/ snapshot name, stores info, but aborts reset # calling iiab-network-reset w/ snapshot name, stores info, but aborts reset
# intended as a convenience function for us # intended as a convenience function for us
template: src=xs-network-reset template: src=iiab-network-reset
dest=/usr/bin dest=/usr/bin
owner=root owner=root
group=root group=root

24
roles/1-prep/templates/xs-network-reset → roles/1-prep/templates/iiab-network-reset
View file

@ -80,21 +80,21 @@ else
touch /tmp/$basket/no_iiab-network.log touch /tmp/$basket/no_iiab-network.log
fi fi
if [ -f /etc/sysconfig/xs_domain_name ];then if [ -f /etc/sysconfig/iiab_domain_name ];then
cp -p /etc/sysconfig/xs_domain_name /tmp/$basket cp -p /etc/sysconfig/iiab_domain_name /tmp/$basket
else else
touch /tmp/$basket/xs_domain_name_not_set touch /tmp/$basket/iiab_domain_name_not_set
fi fi
if [ -f /etc/sysconfig/xs_lan_device ];then if [ -f /etc/sysconfig/iiab_lan_device ];then
cp -p /etc/sysconfig/xs_lan_device /tmp/$basket cp -p /etc/sysconfig/iiab_lan_device /tmp/$basket
else else
touch /tmp/$basket/xs_lan_device_not_set touch /tmp/$basket/iiab_lan_device_not_set
fi fi
if [ -f /etc/sysconfig/xs_wan_device ];then if [ -f /etc/sysconfig/iiab_wan_device ];then
cp -p /etc/sysconfig/xs_wan_device /tmp/$basket cp -p /etc/sysconfig/iiab_wan_device /tmp/$basket
else else
touch /tmp/$basket/xs_wan_device_not_set touch /tmp/$basket/iiab_wan_device_not_set
fi fi
ls /etc/NetworkManager/system-connections > /dev/null ls /etc/NetworkManager/system-connections > /dev/null
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
@ -120,9 +120,9 @@ else
fi fi
# clear out all the memory variables and let auto-configure start from scratch # clear out all the memory variables and let auto-configure start from scratch
rm -rf /etc/sysconfig/xs_domain_name rm -rf /etc/sysconfig/iiab_domain_name
rm -rf /etc/sysconfig/xs_lan_device rm -rf /etc/sysconfig/iiab_lan_device
rm -rf /etc/sysconfig/xs_wan_device rm -rf /etc/sysconfig/iiab_wan_device
rm -rf /etc/NetworkManager/system-connestions/* rm -rf /etc/NetworkManager/system-connestions/*
if [ -f /etc/sysconfig/network-scripts/ifcfg-WAN ];then if [ -f /etc/sysconfig/network-scripts/ifcfg-WAN ];then
mv /etc/sysconfig/network-scripts/ifcfg-WAN /root mv /etc/sysconfig/network-scripts/ifcfg-WAN /root

2
roles/4-server-options/tasks/main.yml
View file

@ -7,7 +7,7 @@
when: postgresql_install and is_debuntu when: postgresql_install and is_debuntu
- name: Start postgresql service - name: Start postgresql service
service: name=postgresql-xs service: name=postgresql-iiab
state=restarted state=restarted
enabled=yes enabled=yes
when: postgresql_enabled when: postgresql_enabled

2
roles/gateway/README.rst
View file

@ -13,7 +13,7 @@ and works as follows:
/etc/systemd/system/iptables.service calls /etc/systemd/system/iptables.service calls
/etc/sysconfig/iptables-config which calls /etc/sysconfig/iptables-config which calls
/usr/bin/xs-gen-iptables /usr/bin/iiab-gen-iptables
and saves the resultant configuration to /etc/sysconfig/iptables and saves the resultant configuration to /etc/sysconfig/iptables
it then supplies additional rules to iptables it then supplies additional rules to iptables

0
roles/httpd/templates/xs-console.conf.j2 → roles/httpd/templates/iiab-console.conf.j2
View file

0
roles/httpd/templates/xs-http → roles/httpd/templates/iiab-http
View file

0
roles/httpd/templates/xs-http.j2 → roles/httpd/templates/iiab-http.j2
View file

6
roles/monit/templates/postgresql
View file

@ -1,6 +1,6 @@
check process postgresql with pidfile /library/pgsql-xs/postmaster.pid check process postgresql with pidfile /library/pgsql-iiab/postmaster.pid
start program = "/sbin/service postgresql-xs start" start program = "/sbin/service postgresql-iiab start"
stop program = "/sbin/service postgresql-xs stop" stop program = "/sbin/service postgresql-iiab stop"
if failed unixsocket /var/run/postgresql/.s.PGSQL.5432 protocol pgsql then restart if failed unixsocket /var/run/postgresql/.s.PGSQL.5432 protocol pgsql then restart
if failed host localhost port 5432 protocol pgsql then restart if failed host localhost port 5432 protocol pgsql then restart
if 5 restarts within 5 cycles then timeout if 5 restarts within 5 cycles then timeout

8
roles/moodle-1.9/moodle/tasks/main.yml
View file

@ -34,8 +34,8 @@
service: name=postgresql service: name=postgresql
state=stopped state=stopped
- name: Start postgresql-xs - name: Start postgresql-iiab
service: name=postgresql-xs service: name=postgresql-iiab
state=started state=started
- name: Create db user - name: Create db user
@ -58,8 +58,8 @@
- name: Execute moodle startup script - name: Execute moodle startup script
command: /usr/libexec/moodle-xs-init start command: /usr/libexec/moodle-xs-init start
- name: Restart postgresql-xs - name: Restart postgresql-iiab
service: name=postgresql-xs service: name=postgresql-iiab
state=restarted state=restarted
- name: Restart httpd - name: Restart httpd

8
roles/moodle/tasks/main.yml
View file

@ -83,8 +83,8 @@
state=absent state=absent
when: not moodle_enabled and is_debuntu when: not moodle_enabled and is_debuntu
- name: Start postgresql-xs - name: Start postgresql-iiab
service: name=postgresql-xs service: name=postgresql-iiab
state=restarted state=restarted
- name: Create db user - name: Create db user
@ -109,8 +109,8 @@
src=moodle_installer src=moodle_installer
mode=0755 mode=0755
- name: Restart postgresql-xs - name: Restart postgresql-iiab
service: name=postgresql-xs service: name=postgresql-iiab
state=restarted state=restarted
enabled=yes enabled=yes
when: moodle_enabled when: moodle_enabled

2
roles/network/tasks/dhcpd.yml
View file

@ -23,7 +23,7 @@
group=root group=root
mode={{ item.mode }} mode={{ item.mode }}
with_items: with_items:
- { src: 'dhcp/dhcpd-xs.conf.j2', dest: '/etc/dhcpd-xs.conf', mode: '0644' } - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf', mode: '0644' }
- { src: 'dhcp/dhcpd.service', dest: '/etc/systemd/system/dhcpd.service', mode: '0755' } - { src: 'dhcp/dhcpd.service', dest: '/etc/systemd/system/dhcpd.service', mode: '0755' }
- name: Create dhcpd needed files - name: Create dhcpd needed files

19
roles/network/tasks/enable_services.yml
View file

@ -26,8 +26,8 @@
group=root group=root
mode={{ item.mode }} mode={{ item.mode }}
with_items: with_items:
- { src: 'named/school.local.zone.db' , dest: '/var/named-xs/' , mode: '0755' } - { src: 'named/school.local.zone.db' , dest: '/var/named-iiab/' , mode: '0755' }
- { src: 'named/school.internal.zone.db' , dest: '/var/named-xs/' , mode: '0755' } - { src: 'named/school.internal.zone.db' , dest: '/var/named-iiab/' , mode: '0755' }
- name: Enable named service - name: Enable named service
service: name={{ dns_service }} service: name={{ dns_service }}
@ -66,8 +66,8 @@
group={{ item.group }} group={{ item.group }}
mode={{ item.mode }} mode={{ item.mode }}
with_items: with_items:
- src: 'squid/squid-xs.conf.j2' - src: 'squid/squid-iiab.conf.j2'
dest: '/etc/{{ proxy }}/squid-xs.conf' dest: '/etc/{{ proxy }}/squid-iiab.conf'
owner: '{{ proxy_user }}' owner: '{{ proxy_user }}'
group: '{{ proxy_user }}' group: '{{ proxy_user }}'
mode: '0644' mode: '0644'
@ -75,7 +75,7 @@
- name: point to Squid config file from startup file - name: point to Squid config file from startup file
lineinfile: regexp='^CONFIG' lineinfile: regexp='^CONFIG'
line='CONFIG=/etc/{{ proxy }}/squid-xs.conf' line='CONFIG=/etc/{{ proxy }}/squid-iiab.conf'
dest=/etc/init.d/{{ proxy }} dest=/etc/init.d/{{ proxy }}
when: squid_enabled and is_debuntu when: squid_enabled and is_debuntu
@ -100,18 +100,21 @@
when: not wondershaper_enabled when: not wondershaper_enabled
# check-LAN should be iptables.yml remove later # check-LAN should be iptables.yml remove later
- name: Grab clean copy of xs-gen-iptables - name: Grab clean copy of iiab-gen-iptables
template: src={{ item.0 }} template: src={{ item.0 }}
dest={{ item.1 }} dest={{ item.1 }}
owner='root' owner='root'
group='root' group='root'
mode='0755' mode='0755'
with_items: with_items:
- { 0: 'gateway/xs-gen-iptables', 1: '/usr/bin/xs-gen-iptables' } - { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' }
- { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN' } - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN' }
- name: Create link so that old invocation will work
file: src=/usr/bin/iiab-gen-iptables dest=/usr/bin/xs-gen-iptables state=link
- name: Execute the script that sets up userspace firewall - name: Execute the script that sets up userspace firewall
shell: xs-gen-iptables shell: iiab-gen-iptables
- name: Add squid to service list - name: Add squid to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'

10
roles/network/tasks/main.yml
View file

@ -27,12 +27,12 @@
- network - network
- domain - domain
- name: Create xs_domain_name flag - name: Create iiab_domain_name flag
template: src=network/{{ item }}.j2 template: src=network/{{ item }}.j2
dest=/etc/sysconfig/{{ item }} dest=/etc/sysconfig/{{ item }}
mode=0644 mode=0644
with_items: with_items:
- xs_domain_name - iiab_domain_name
register: domainname register: domainname
tags: tags:
- network - network
@ -105,13 +105,13 @@
- network - network
when: is_debuntu and is_rpi and not installing when: is_debuntu and is_rpi and not installing
- name: Create xs network flags - name: Create iiab network flags
template: src=network/{{ item }}.j2 template: src=network/{{ item }}.j2
dest=/etc/sysconfig/{{ item }} dest=/etc/sysconfig/{{ item }}
mode=0644 mode=0644
with_items: with_items:
- xs_wan_device - iiab_wan_device
- xs_lan_device - iiab_lan_device
when: not installing when: not installing
tags: tags:
- network - network

44
roles/network/tasks/named.yml
View file

@ -30,8 +30,8 @@
mode=0755 mode=0755
state=directory state=directory
with_items: with_items:
- /var/named-xs - /var/named-iiab
- /var/named-xs/data - /var/named-iiab/data
- /etc/sysconfig/olpc-scripts/domain_config.d - /etc/sysconfig/olpc-scripts/domain_config.d
- name: Configure named - name: Configure named
@ -41,28 +41,28 @@
group=root group=root
mode={{ item.mode }} mode={{ item.mode }}
with_items: with_items:
- { src: 'named/named-xs.conf.j2', dest: '/etc/named-xs.conf', owner: "root" , mode: '0644' } - { src: 'named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root" , mode: '0644' }
- { src: 'named/named.j2', dest: '/etc/sysconfig/named', owner: "root" , mode: '0644' } - { src: 'named/named.j2', dest: '/etc/sysconfig/named', owner: "root" , mode: '0644' }
- { src: 'named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root" , mode: '0644' } - { src: 'named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root" , mode: '0644' }
- { src: 'named/localdomain.zone', dest: '/var/named-xs/localdomain.zone',owner: "{{ dns_user }}" , mode: '0644' } - { src: 'named/localdomain.zone', dest: '/var/named-iiab/localdomain.zone',owner: "{{ dns_user }}" , mode: '0644' }
- { src: 'named/localhost.zone', dest: '/var/named-xs/localhost.zone', owner: "{{ dns_user }}" , mode: '0644' } - { src: 'named/localhost.zone', dest: '/var/named-iiab/localhost.zone', owner: "{{ dns_user }}" , mode: '0644' }
- { src: 'named/named.broadcast', dest: '/var/named-xs/named.broadcast', owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.broadcast', dest: '/var/named-iiab/named.broadcast', owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/named.ip6.local', dest: '/var/named-xs/named.ip6.local' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.ip6.local', dest: '/var/named-iiab/named.ip6.local' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/named.local', dest: '/var/named-xs/named.local' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.local', dest: '/var/named-iiab/named.local' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/named.rfc1912.zones', dest: '/var/named-xs/named.rfc1912.zones' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.rfc1912.zones', dest: '/var/named-iiab/named.rfc1912.zones' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/named.root', dest: '/var/named-xs/named.root' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.root', dest: '/var/named-iiab/named.root' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/named.root.hints', dest: '/var/named-xs/named.root.hints' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.root.hints', dest: '/var/named-iiab/named.root.hints' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/named.zero', dest: '/var/named-xs/named.zero' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.zero', dest: '/var/named-iiab/named.zero' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/school.external.zone.db', dest: '/var/named-xs/school.external.zone.db' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/school.external.zone.db', dest: '/var/named-iiab/school.external.zone.db' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-xs/school.internal.zone.16.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.16.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-xs/school.internal.zone.32.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.32.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-xs/school.internal.zone.48.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.48.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'}
# the following two files are not writeable by named, but bind 9.4 cannot discover that fact correctly # the following two files are not writeable by named, but bind 9.4 cannot discover that fact correctly
- { src: 'named/school.internal.zone.db', dest: '/var/named-xs/school.internal.zone.db' , owner: "root" , mode: '0644'} - { src: 'named/school.internal.zone.db', dest: '/var/named-iiab/school.internal.zone.db' , owner: "root" , mode: '0644'}
- { src: 'named/school.local.zone.db', dest: '/var/named-xs/school.local.zone.db' , owner: "root" , mode: '0644'} - { src: 'named/school.local.zone.db', dest: '/var/named-iiab/school.local.zone.db' , owner: "root" , mode: '0644'}
- { src: 'named/school.internal.zone.in-addr.db.j2', dest: '/var/named-xs/school.internal.zone.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/school.internal.zone.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/dummy', dest: '/var/named-xs/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'}
- { src: 'named/named.blackhole', dest: '/var/named-xs/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'}
- name: substitute our unit file which uses $OPTIONS from sysconfig - name: substitute our unit file which uses $OPTIONS from sysconfig
template: src=named/{{ dns_service }}.service template: src=named/{{ dns_service }}.service
@ -70,7 +70,7 @@
mode=0644 mode=0644
- name: The dns-jail redirect requires the named.blackhole,disabling recursion - name: The dns-jail redirect requires the named.blackhole,disabling recursion
# in named-xs.conf, and the redirection of 404 error documents to / # in named-iiab.conf, and the redirection of 404 error documents to /
template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/
when: dns_jail_enabled when: dns_jail_enabled

2
roles/network/tasks/restart.yml
View file

@ -53,5 +53,5 @@
when: iiab_network_mode == "Gateway" when: iiab_network_mode == "Gateway"
- name: Run iptables - name: Run iptables
command: /usr/bin/xs-gen-iptables command: /usr/bin/iiab-gen-iptables

4
roles/network/tasks/squid.yml
View file

@ -45,8 +45,8 @@
owner: '{{ proxy_user }}' owner: '{{ proxy_user }}'
group: '{{ proxy_user }}' group: '{{ proxy_user }}'
mode: '0644' mode: '0644'
- src: 'squid/xs-httpcache.j2' - src: 'squid/iiab-httpcache.j2'
dest: '/usr/bin/xs-httpcache' dest: '/usr/bin/iiab-httpcache'
owner: 'root' owner: 'root'
group: 'root' group: 'root'
mode: '0755' mode: '0755'

2
roles/network/templates/dhcp/dhcpd-env.j2
View file

@ -4,5 +4,5 @@
## see /usr/share/doc/xs-config-<version>/README ## see /usr/share/doc/xs-config-<version>/README
# #
# Point dhcpd to the XS-specific config # Point dhcpd to the XS-specific config
DHCPDARGS='-cf /etc/dhcpd-xs.conf {{iiab_lan_iface}}' DHCPDARGS='-cf /etc/dhcpd-iiab.conf {{iiab_lan_iface}}'

0
roles/network/templates/dhcp/dhcpd-xs.conf.j2 → roles/network/templates/dhcp/dhcpd-iiab.conf.j2
View file

0
roles/network/templates/gateway/xs-gen-iptables → roles/network/templates/gateway/iiab-gen-iptables
View file

2
roles/network/templates/named/named
View file

@ -13,7 +13,7 @@ SERVICE_NAME={{ dns_service }}
# This is a list of files related to this service which will have # This is a list of files related to this service which will have
# the domain name globally replaced inside them # the domain name globally replaced inside them
CONFIG_LIST="/etc/named-xs.conf /var/named-xs/school.internal.zone.in-addr.db /var/named-xs/school.internal.zone.in-addr.db /var/named-xs/school.internal.zone.16.in-addr.db /var/named-xs/school.internal.zone.32.in-addr.db /var/named-xs/school.internal.zone.48.in-addr.db" CONFIG_LIST="/etc/named-iiab.conf /var/named-iiab/school.internal.zone.in-addr.db /var/named-iiab/school.internal.zone.in-addr.db /var/named-iiab/school.internal.zone.16.in-addr.db /var/named-iiab/school.internal.zone.32.in-addr.db /var/named-iiab/school.internal.zone.48.in-addr.db"
# This is the suffix which original versions of modified files will have # This is the suffix which original versions of modified files will have
BACKUP_SUFFIX=old BACKUP_SUFFIX=old

10
roles/network/templates/named/named-xs.conf.j2 → roles/network/templates/named/named-iiab.conf.j2
View file

@ -17,7 +17,7 @@ options
listen-on { any; }; listen-on { any; };
/* listen-on-v6 { any; }; */ /* listen-on-v6 { any; }; */
// Put files that named is allowed to write in the data/ directory: // Put files that named is allowed to write in the data/ directory:
directory "/var/named-xs"; // the default directory "/var/named-iiab"; // the default
// this line will be replaced by the @@forwarders@@ option -- please leave in place // this line will be replaced by the @@forwarders@@ option -- please leave in place
dump-file "data/cache_dump.db"; dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt"; statistics-file "data/named_stats.txt";
@ -58,13 +58,13 @@ view "localhost_resolver"
recursion yes; recursion yes;
{% endif %} {% endif %}
# all views must contain the root hints zone: # all views must contain the root hints zone:
include "/var/named-xs/named.root.hints"; include "/var/named-iiab/named.root.hints";
/* these are zones that contain definitions for all the localhost /* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should * names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients: * ONLY be served to localhost clients:
*/ */
include "/var/named-xs/named.rfc1912.zones"; include "/var/named-iiab/named.rfc1912.zones";
/* and these are the local subnet names */ /* and these are the local subnet names */
zone "{{ iiab_domain }}" in { zone "{{ iiab_domain }}" in {
@ -87,7 +87,7 @@ view "internal"
{% endif %} {% endif %}
// all views must contain the root hints zone: // all views must contain the root hints zone:
include "/var/named-xs/named.root.hints"; include "/var/named-iiab/named.root.hints";
// These are your "authoritative" internal zones, and would probably // These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above : // also be included in the "localhost_resolver" view above :
@ -135,7 +135,7 @@ view "external"
recursion yes; recursion yes;
{% endif %} {% endif %}
// all views must contain the root hints zone: // all views must contain the root hints zone:
include "/var/named-xs/named.root.hints"; include "/var/named-iiab/named.root.hints";
// These are your "authoritative" external zones, and would probably // These are your "authoritative" external zones, and would probably
// also be included in the "localhost_resolver" view above : // also be included in the "localhost_resolver" view above :

2
roles/network/templates/named/named.j2
View file

@ -9,7 +9,7 @@
### IPv6 is disabled until we have verified that the XS's IPv6 setup ### IPv6 is disabled until we have verified that the XS's IPv6 setup
### is sane (#11630) ### is sane (#11630)
### ###
OPTIONS='-4 -c /etc/named-xs.conf' OPTIONS='-4 -c /etc/named-iiab.conf'
# Currently, you can use the following options: # Currently, you can use the following options:
# #

0
roles/network/templates/network/xs_domain_name.j2 → roles/network/templates/network/iiab_domain_name.j2
View file

0
roles/network/templates/network/xs_lan_device.j2 → roles/network/templates/network/iiab_lan_device.j2
View file

0
roles/network/templates/network/xs_wan_device.j2 → roles/network/templates/network/iiab_wan_device.j2
View file

2
roles/network/templates/squid/xs-httpcache.j2 → roles/network/templates/squid/iiab-httpcache.j2
View file

@ -10,7 +10,7 @@ if [[ $1 == "enable" ]]; then
if [ ! -d $SQUID_CACHEDIR ]; then if [ ! -d $SQUID_CACHEDIR ]; then
mkdir $SQUID_CACHEDIR mkdir $SQUID_CACHEDIR
chown $SQUID_USER $SQUID_CACHEDIR chown $SQUID_USER $SQUID_CACHEDIR
/usr/sbin/squid -f /etc/squid/squid-xs.conf -z /usr/sbin/squid -f /etc/squid/squid-iiab.conf -z
fi fi
# Turn squid on after the next reboot # Turn squid on after the next reboot

0
roles/network/templates/squid/squid-xs.conf.j2 → roles/network/templates/squid/squid-iiab.conf.j2
View file

2
roles/network/templates/squid/squid.sysconfig
View file

@ -11,4 +11,4 @@ SQUID_OPTS=""
SQUID_SHUTDOWN_TIMEOUT=100 SQUID_SHUTDOWN_TIMEOUT=100
# default squid conf file # default squid conf file
SQUID_CONF="/etc/squid/squid-xs.conf" SQUID_CONF="/etc/squid/squid-iiab.conf"

7
roles/openvpn/tasks/main.yml
View file

@ -42,13 +42,16 @@
- { src: 'silence', dest: '/etc/openvpn/scripts/silence', owner: "root" , mode: '0755' } - { src: 'silence', dest: '/etc/openvpn/scripts/silence', owner: "root" , mode: '0755' }
- { src: 'xscenet.conf', dest: '/etc/openvpn/xscenet.conf', owner: "root" , mode: '0644' } - { src: 'xscenet.conf', dest: '/etc/openvpn/xscenet.conf', owner: "root" , mode: '0644' }
- { src: 'iiab-vpn.conf.in', dest: '/etc/openvpn/iiab-vpn.conf.in', owner: "root" , mode: '0644' } - { src: 'iiab-vpn.conf.in', dest: '/etc/openvpn/iiab-vpn.conf.in', owner: "root" , mode: '0644' }
- { src: 'xs-vpn', dest: '/usr/bin/xs-vpn', owner: "root" , mode: '0755' } - { src: 'iiab-vpn', dest: '/usr/bin/iiab-vpn', owner: "root" , mode: '0755' }
- { src: 'xs-handle', dest: '/usr/bin/xs-handle', owner: "root" , mode: '0755' } - { src: 'iiab-handle', dest: '/usr/bin/iiab-handle', owner: "root" , mode: '0755' }
- { src: 'up_wan', dest: '/usr/lib/iiab/up_wan', owner: "root" , mode: '0755' } - { src: 'up_wan', dest: '/usr/lib/iiab/up_wan', owner: "root" , mode: '0755' }
- { src: 'start.j2', dest: '/usr/lib/iiab/start', owner: "root" , mode: '0755' } - { src: 'start.j2', dest: '/usr/lib/iiab/start', owner: "root" , mode: '0755' }
- { src: 'iiab-remote-on', dest: '/usr/bin/iiab-remote-on', owner: "root" , mode: '0755' } - { src: 'iiab-remote-on', dest: '/usr/bin/iiab-remote-on', owner: "root" , mode: '0755' }
- { src: 'iiab-remote-off', dest: '/usr/bin/iiab-remote-off', owner: "root" , mode: '0755' } - { src: 'iiab-remote-off', dest: '/usr/bin/iiab-remote-off', owner: "root" , mode: '0755' }
- name: Create a link to old script for changeing handle
file: src=./iiab-handle dest=/usr/bin/xs-handle state=link
- name: put up_wan in place for debian - name: put up_wan in place for debian
template: src=up_wan dest=/usr/lib/iiab/up_wan template: src=up_wan dest=/usr/lib/iiab/up_wan
when: is_debuntu when: is_debuntu

0
roles/openvpn/templates/xs-handle → roles/openvpn/templates/iiab-handle
View file

0
roles/openvpn/templates/xs-vpn → roles/openvpn/templates/iiab-vpn
View file

8
roles/pathagar/tasks/main.yml
View file

@ -101,13 +101,13 @@
become: yes become: yes
become_user: postgres become_user: postgres
- name: Start postgresql-xs - name: Start postgresql-iiab
service: name=postgresql-xs service: name=postgresql-iiab
state=started state=started
- name: Enable pathagar postgresql user access by md5 method - name: Enable pathagar postgresql user access by md5 method
lineinfile: backup=yes lineinfile: backup=yes
dest=/library/pgsql-xs/pg_hba.conf dest=/library/pgsql-iiab/pg_hba.conf
regexp="^host\s+pathagar" regexp="^host\s+pathagar"
line="host pathagar pathagar samehost md5" line="host pathagar pathagar samehost md5"
state=present state=present
@ -117,7 +117,7 @@
register: enable_pathagar_md5_access register: enable_pathagar_md5_access
- name: Reload postgresql service - name: Reload postgresql service
service: name=postgresql-xs service: name=postgresql-iiab
state=reloaded state=reloaded
when: enable_pathagar_md5_access.changed when: enable_pathagar_md5_access.changed

26
roles/postgresql/tasks/main.yml
View file

@ -18,15 +18,15 @@
tags: tags:
- download - download
- name: Create postgresql-xs systemd service - name: Create postgresql-iiab systemd service
template: src=postgresql-xs.service template: src=postgresql-iiab.service
dest=/etc/systemd/system/postgresql-xs.service dest=/etc/systemd/system/postgresql-iiab.service
owner=root owner=root
group=root group=root
mode=0644 mode=0644
- name: Create postgres data directory - name: Create postgres data directory
file: path=/library/pgsql-xs file: path=/library/pgsql-iiab
owner=postgres owner=postgres
group=postgres group=postgres
mode=0700 mode=0700
@ -42,24 +42,24 @@
when: is_debuntu when: is_debuntu
- name: Initialize the postgres db - name: Initialize the postgres db
command: su - postgres -c "/usr/lib/postgresql/9.4/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-xs" command: su - postgres -c "/usr/lib/postgresql/9.4/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab"
creates=/library/pgsql-xs/pg_hba.conf creates=/library/pgsql-iiab/pg_hba.conf
when: is_debian when: is_debian
- name: Initialize the postgres db - name: Initialize the postgres db
command: su - postgres -c "/usr/lib/postgresql/9.5/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-xs" command: su - postgres -c "/usr/lib/postgresql/9.5/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab"
creates=/library/pgsql-xs/pg_hba.conf creates=/library/pgsql-iiab/pg_hba.conf
when: is_ubuntu when: is_ubuntu
- name: Initialize the postgres db - name: Initialize the postgres db
command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-xs" command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab"
creates=/library/pgsql-xs/pg_hba.conf creates=/library/pgsql-iiab/pg_hba.conf
when: not is_debuntu when: not is_debuntu
- name: Configure postgres - name: Configure postgres
template: backup=yes template: backup=yes
src=postgresql.conf.j2 src=postgresql.conf.j2
dest=/library/pgsql-xs/postgresql.conf dest=/library/pgsql-iiab/postgresql.conf
owner=postgres owner=postgres
group=postgres group=postgres
mode=0640 mode=0640
@ -69,8 +69,8 @@
state=stopped state=stopped
enabled=no enabled=no
- name: Start and enable postgresql-xs service - name: Start and enable postgresql-iiab service
service: name=postgresql-xs service: name=postgresql-iiab
state=started state=started
enabled=yes enabled=yes
when: postgresql_enabled when: postgresql_enabled

4
roles/postgresql/templates/postgresql-xs.service → roles/postgresql/templates/postgresql-iiab.service
View file

@ -25,7 +25,7 @@ Environment=PG_OOM_ADJUST_VALUE=0
# PGSTARTTIMEOUT should be less than TimeoutSec value. # PGSTARTTIMEOUT should be less than TimeoutSec value.
Environment=PGSTARTTIMEOUT=270 Environment=PGSTARTTIMEOUT=270
Environment=PGDATA=/library/pgsql-xs Environment=PGDATA=/library/pgsql-iiab
ExecStart=/usr/lib/postgresql/{{ postgresql_version }}/bin/pg_ctl start -D ${PGDATA} -s -w -t ${PGSTARTTIMEOUT} ExecStart=/usr/lib/postgresql/{{ postgresql_version }}/bin/pg_ctl start -D ${PGDATA} -s -w -t ${PGSTARTTIMEOUT}
ExecStop=/usr/lib/postgresql/{{ postgresql_version }}/bin/pg_ctl stop -D ${PGDATA} -s -m fast ExecStop=/usr/lib/postgresql/{{ postgresql_version }}/bin/pg_ctl stop -D ${PGDATA} -s -m fast
@ -42,5 +42,5 @@ WantedBy=multi-user.target
# --postgres_xs.service # --postgres_xs.service
.include /usr/lib/systemd/system/postgresql.service .include /usr/lib/systemd/system/postgresql.service
[Service] [Service]
Environment=PGDATA=/library/pgsql-xs Environment=PGDATA=/library/pgsql-iiab
{% endif %} {% endif %}

4
roles/sugar-stats/tasks/statistics-consolidation.yml
View file

@ -27,7 +27,7 @@
- name: Enable postgresl access by md5 method - name: Enable postgresl access by md5 method
lineinfile: backup=yes lineinfile: backup=yes
dest=/library/pgsql-xs/pg_hba.conf dest=/library/pgsql-iiab/pg_hba.conf
regexp="^host\s+statsconso" regexp="^host\s+statsconso"
line="host statsconso statsconso samehost md5" line="host statsconso statsconso samehost md5"
state=present state=present
@ -36,7 +36,7 @@
group=postgres group=postgres
- name: Restart postgresql service - name: Restart postgresql service
service: name=postgresql-xs service: name=postgresql-iiab
state=restarted state=restarted
- name: Create postgres user - name: Create postgres user