external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-13 19:52:06 +00:00
Code Issues Releases Wiki Activity

Merge pull request #508 from jvonau/condense

Browse source 
Condense
This commit is contained in:
A Holt 2017-11-13 12:33:26 -05:00 committed by GitHub
commit 52c64aa01b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
33 changed files with 146 additions and 570 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

221
roles/0-init/tasks/computed_vars.yml
View file

@ -1,221 +0,0 @@
- name: re-read local_facts.facts from /etc/ansible/facts.d
setup: filter=ansible_local
# set top level variables from local facts for convenience
- set_fact:
xo_model: '{{ ansible_local.local_facts.xo_model }}'
phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}'
iiab_stage: '{{ ansible_local.local_facts.stage }}'
# Networking uses a different file for the rpi
- name: Discover if this is a rpi -- assume if so it is running raspbian
set_fact:
rpi_model: "rpi"
is_rpi: True
no_net_restart: True
when: ansible_local.local_facts.os == "raspbian"
- name: Set exFAT enabled for XO laptops
set_fact:
exFAT_enabled: True
when: xo_model != "none"
- name: set FQDN
set_fact:
iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
FQDN_changed: False
- name: FQDN changed
set_fact:
FQDN_changed: True
when: iiab_fqdn != ansible_fqdn
- name: Now check FQDN
include_tasks: roles/2-common/tasks/hostname.yml
when: FQDN_changed
# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
- name: Finding gateway
set_fact:
discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
iiab_wan_iface: "{{ discovered_wan_iface }}"
when: ansible_default_ipv4.gateway is defined
- name: Verify gateway present
shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l
when: discovered_wan_iface != "none"
register: gw_active_test
- name: Recording gateway response
set_fact:
gw_active: True
when: discovered_wan_iface != "none" and gw_active_test.stdout == "1"
- name: Test for internet access
get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
ignore_errors: True
# async: 10
# poll: 2
register: internet_access_test
- name: Set internet_available true if wget succeeded
set_fact:
internet_available: True
when: not internet_access_test|failed and not disregard_network
- name: Cleanup internet test file
file: path=/tmp/heart-beat.txt
state=absent
# Put all computed vars here so derive properly from any prior var file
- name: If the TZ is not set in env, set it to UTC
set_fact: local_tz='UTC'
when: local_tz == ""
- name: Set port 80 for Admin Console
set_fact:
gui_port: 80
when: not adm_cons_force_ssl
- name: Set port 443 for Admin Console
set_fact:
gui_port: 443
when: adm_cons_force_ssl
- name: Require MySQL to be on
set_fact:
mysql_install: True
mysql_enabled: True
# we decided to enable mysql unconditionally
# when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install
# Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427
# - name: Turn on mongodb if sugarizer enabled
# set_fact:
# mongodb_install: True
# mongodb_enabled: True
# when: sugarizer_enabled
# There might be other db's
- name: Turn on PostgreSQL if Moodle or Pathagar enabled
set_fact:
postgresql_install: True
postgresql_enabled: True
when: moodle_enabled or pathagar_enabled
- name: Turn on Docker if SchoolTool is to be installed
set_fact:
docker_install: True
docker_enabled: True
when: schooltool_enabled or schooltool_install
- name: Set python_path for is_redhat
set_fact:
python_path: /usr/lib/python2.7/site-packages/
when: is_redhat
- name: Set python_path for is_debuntu
set_fact:
python_path: /usr/local/lib/python2.7/dist-packages/
when: is_debuntu
# for various reasons the mysql service can not be enabled on fedora 20,
# but 'mariadb', which is its real name can
# on fedora 18 we need to use 'mysqld'
- name: Set mysqld_service to mariadb by default
set_fact:
mysql_service: mariadb
- name: Set mysqld_service to mysqld for Fedora 18
set_fact:
mysql_service: mysqld
no_NM_reload: True
is_F18: True
when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
- name: Set mysql_service to mysql for Debian
set_fact:
mysql_service: mysql
when: is_debuntu
# PLATFORM variables
- name: Fedora 20
set_fact:
is_F20: True
when: ansible_distribution == "Fedora" and ansible_distribution_version == "20"
- name: Fedora 21
set_fact:
is_F21: True
when: ansible_distribution == "Fedora" and ansible_distribution_version == "21"
- name: Fedora 22
set_fact:
is_F22: True
when: ansible_distribution == "Fedora" and ansible_distribution_version == "22"
- name: Fedora 23
set_fact:
is_F23: True
when: ansible_distribution == "Fedora" and ansible_distribution_version == "23"
- name: Fedora 24
set_fact:
is_F24: True
when: ansible_distribution == "Fedora" and ansible_distribution_version == "24"
- name: CentOS
set_fact:
is_CentOS: True
when: ansible_distribution == "CentOS"
- name: add version section
ini_file: dest='{{ iiab_config_file }}'
section=runtime
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'iiab_stage'
value: '{{ iiab_stage }}'
- option: 'runtime_php'
value: '{{ phplib_dir }}'
- option: 'runtime_branch'
value: '{{ ansible_local.local_facts.iiab_branch }}'
- option: 'runtime_commit'
value: '{{ ansible_local.local_facts.iiab_commit }}'
- option: 'runtime_date'
value: '{{ ansible_date_time.iso8601 }}'
- option: 'ansible_version'
value: '{{ ansible_local.local_facts.ansible_version }}'
- option: 'kernel'
value: '{{ ansible_kernel }}'
- option: 'memory_mb'
value: '{{ ansible_memtotal_mb }}'
- option: 'swap_mb'
value: '{{ ansible_swaptotal_mb }}'
- option: 'product_id'
value: '{{ ansible_product_uuid }}'
- option: 'gw_active'
value: '{{ gw_active }}'
- option: 'internet_available'
value: '{{ internet_available }}'
- option: 'is_rpi'
value: '{{ is_rpi }}'
- option: 'first_run'
value: '{{ first_run }}'
- option: 'local_tz'
value: '{{ local_tz }}'
- option: 'FQDN_changed'
value: '{{ FQDN_changed }}'
- name: STAGE 0 HAS COMPLETED ======================================
ini_file: dest='{{ iiab_config_file }}'
section=runtime
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'is_VM'
value: 'yes'
when: is_VM is defined

6
roles/0-init/tasks/first_run.yml Normal file
View file

@ -0,0 +1,6 @@
- name: Write iiab_ini.yml for the first time
include_tasks: iiab_ini.yml
- name: Create the directory structure for IIAB
include_tasks: fl.yml

27
roles/0-init/tasks/fl.yml Normal file
View file

@ -0,0 +1,27 @@
- name: Create various library directories
file: path={{ item }}
owner=root
group=root
mode=0755
state=directory
with_items:
- "{{ yum_packages_dir }}"
- "{{ pip_packages_dir }}"
- "{{ downloads_dir }}"
- /library/downloads/zims
- /library/downloads/rachel
- /library/working/zims
- /library/working/rachel
- "{{ iiab_zim_path }}/content"
- "{{ iiab_zim_path }}/index"
- "{{ doc_root }}/modules"
- "{{ doc_root }}/common/css"
- "{{ doc_root }}/common/js"
- "{{ doc_root }}/common/fonts"
- "{{ doc_root }}/common/html"
- "{{ doc_root }}/common/images"
- "{{ doc_root }}/common/assets"
- "{{ doc_root }}/common/services"
- /etc/sysconfig/olpc-scripts/
- /etc/sysconfig/olpc-scripts/setup.d/installed/

0
roles/2-common/tasks/iiab_ini.yml → roles/0-init/tasks/iiab_ini.yml
View file

2
roles/0-init/tasks/main.yml
View file

@ -12,7 +12,7 @@
# we need to inialize the ini file and only write the location and version sections once and only
# once to preserve the install date and git hash.
- name: Write iiab_ini.yml for the first time
include_tasks: roles/1-prep/tasks/iiab_ini.yml
include_tasks: first_run.yml
when: first_run
#- name: Loading computed_vars

34
roles/1-prep/tasks/iiab_ini.yml
View file

@ -1,34 +0,0 @@
# workaround for fact that auto create does not work on ini_file
- name: Create iiab config file
file: dest='{{ iiab_config_file }}'
state=touch
- name: Add location section to config file
ini_file: dest='{{ iiab_config_file }}'
section=location
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'iiab_base'
value: '{{ iiab_base }}'
- option: 'iiab_dir'
value: '{{ iiab_dir }}'
- name: add version section
ini_file: dest='{{ iiab_config_file }}'
section=version
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'distribution'
value: '{{ ansible_distribution }}'
- option: 'arch'
value: '{{ ansible_architecture }}'
- option: 'iiab_branch'
value: '{{ ansible_local.local_facts.iiab_branch }}'
- option: 'iiab_commit'
value: '{{ ansible_local.local_facts.iiab_commit }}'
- option: 'install_date'
value: '{{ ansible_date_time.iso8601 }}'
- option: 'install_xo'
value: '{{ xo_model }}'

2
roles/1-prep/tasks/main.yml
View file

@ -63,8 +63,6 @@
when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
## DISCOVER PLATFORMS ######
- include_tasks: prep.yml
# Put conditional actions for hardware platforms here
- include_tasks: raspberry_pi_2.yml
when: first_run and rpi_model != "none"

48
roles/1-prep/tasks/prep.yml
View file

@ -1,48 +0,0 @@
- name: Since f22, dnf has replaced yum, but ansible works with yum
command: dnf install -y yum
when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
- name: Install iiab-extra repos
template: backup=yes
dest=/etc/yum.repos.d/iiab-extra.repo
src=iiab-extra.repo
owner=root
mode=0666
when: is_redhat
- name: Install iiab-testing repos
template: backup=yes
dest=/etc/yum.repos.d/iiab-testing.repo
src=iiab-testing.repo
owner=root
mode=0666
when: is_redhat
- name: Install rpmfusion-free-updates repo -- for exfat
template: dest=/etc/yum.repos.d/rpmfusion-free-updates.repo
src=rpmfusion-free-updates.repo
owner=root
mode=0666
when: ansible_distribution == "Fedora"
- name: Create /etc/iiab
file: path=/etc/iiab
owner=root
group=root
mode=0755
state=directory
- name: Set XO model
set_fact:
phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}'
xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}'
- name: Install script to fully initialize network config, and/or collect data
# calling iiab-network-reset w/ snapshot name, stores info, but aborts reset
# intended as a convenience function for us
template: src=iiab-network-reset
dest=/usr/bin
owner=root
group=root
mode=0755

17
roles/2-common/tasks/centos.yml
View file

@ -7,12 +7,6 @@
option=keepcache
value=1
- name: Install epel-release for CentOS
package: name={{ item }}
state=present
with_items:
- epel-release
- name: Install IIAB repo for CentOS
template: src={{ item }} dest=/etc/yum.repos.d/ owner=root group=root mode=0644
with_items:
@ -20,11 +14,6 @@
- li.nux.ro.repo
- ansible.repo
#- name: Disable updating ansible on CentOS
# shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
# with_items:
# - /etc/yum.repos.d/CentOS-Base.repo
# - /etc/yum.repos.d/CentOS-CR.repo
# - /etc/yum.repos.d/CentOS-fasttrack.repo
# - /etc/yum.repos.d/CentOS-Vault.repo
# when: ansible_distribution == "CentOS"
- name: Install optional exFAT packages for CentOS
shell: yum --enablerepo=li-nux-ro install exfat-utils fuse-exfat
when: exFAT_enabled == "True"

35
roles/2-common/tasks/fedora.yml
View file

@ -4,20 +4,31 @@
option=keepcache
value=1
- name: Install rpmfusion-free-updates repo -- for exfat
template: dest=/etc/yum.repos.d/rpmfusion-free-updates.repo
src=rpmfusion-free-updates.repo
owner=root
group=root
mode=0666
- name: Install optional exFAT packages for Fedora
shell: yum --enablerepo=rpmfusion-free-updates install exfat-utils fuse-exfat
when: exFAT_enabled and is_F18
- name: Install yum deps for arm!!!
shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser
when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: Install yum from Fedora 23 for arm!!!
shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf
when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!!
shell: dnf install -y yum
when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l"
- name: Install Fedora specifc packages
package: name={{ item }}
state=present
with_items:
- mtd-utils
- name: Install optional exFAT packages for Fedora
shell: yum --enablerepo=rpmfusion-free-updates install exfat-utils fuse-exfat
when: exFAT_enabled == "True"
#- name: Disable updating ansible on Fedora
# shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }}
# with_items:
# - /etc/yum.repos.d/fedora.repo
# - /etc/yum.repos.d/fedora-updates.repo
# - /etc/yum.repos.d/fedora-updates-testing.repo
# when: ansible_distribution == "Fedora"

68
roles/2-common/tasks/fl.yml
View file

@ -1,68 +0,0 @@
- name: Create /opt/iiab/iiab
file: path={{ iiab_dir }}
owner=root
group=root
mode=0755
state=directory
- name: Create /opt/iiab/yum-packages
file: path={{ yum_packages_dir }}
owner=root
group=root
mode=0755
state=directory
- name: Create /opt/iiab/pip-packages
file: path={{ pip_packages_dir }}
owner=root
group=root
mode=0755
state=directory
- name: Create /opt/iiab/downloads
file: path={{ downloads_dir }}
owner=root
group=root
mode=0755
state=directory
- name: Create various library directories
file: path={{ item }}
owner=root
group=root
mode=0755
state=directory
with_items:
- /library/downloads/zims
- /library/downloads/rachel
- /library/working/zims
- /library/working/rachel
- "{{ iiab_zim_path }}/content"
- "{{ iiab_zim_path }}/index"
- "{{ doc_root }}/modules"
- name: Create directory for common packages
file: path={{ item }}
mode=0755
owner=root
group=root
state=directory
with_items:
- "{{ doc_root }}/common/css"
- "{{ doc_root }}/common/js"
- "{{ doc_root }}/common/fonts"
- "{{ doc_root }}/common/html"
- "{{ doc_root }}/common/images"
- "{{ doc_root }}/common/assets"
- "{{ doc_root }}/common/services"
- name: Create olpc-scripts directory
file: path={{ item }}
owner=root
group=root
mode=0755
state=directory
with_items:
- /etc/sysconfig/olpc-scripts/
- /etc/sysconfig/olpc-scripts/setup.d/installed/

25
roles/2-common/tasks/hostname.yml
View file

@ -1,7 +1,3 @@
- name: Create filesytem layout
include_tasks: roles/2-common/tasks/fl.yml
when: first_run
- name: Turn the crank for systemd
shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}"
when: is_debuntu
@ -22,27 +18,6 @@
group=root
mode=0644
- name: Configuring named
include_tasks: roles/network/tasks/named.yml
tags:
- named
- network
- domain
- name: Configuring dhcpd
include_tasks: roles/network/tasks/dhcpd.yml
tags:
- dhcpd
- network
- domain
- name: Configuring Squid
include_tasks: roles/network/tasks/squid.yml
when: squid_install
tags:
- squid
- network
- name: Re-configuring httpd - not initial install
include_tasks: roles/httpd/tasks/main.yml
when: iiab_stage|int > 3

5
roles/network/tasks/iptables.yml → roles/2-common/tasks/iptables.yml
View file

@ -47,10 +47,9 @@
group='root'
mode={{ item.2 }}
with_items:
- { 0: 'roles/network/templates/gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' }
- { 0: 'roles/network/templates/gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' }
- { 0: 'iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' }
- name: Install Debian config
template: src=roles/network/templates/gateway/iptables dest=/etc/network/if-pre-up.d/iptables
template: src=iptables dest=/etc/network/if-pre-up.d/iptables
mode=0755
when: is_debuntu

18
roles/2-common/tasks/main.yml
View file

@ -3,25 +3,23 @@
- name: ...IS BEGINNING ==========================================
command: echo
#- include_tasks: iiab_ini.yml
# create the directory structure for IIAB
#- include_tasks: fl.yml
- include_tasks: xo.yml
when: xo_model != "none" or osbuilder is defined
- include_tasks: roles/network/tasks/iptables.yml
- include_tasks: centos.yml
when: ansible_distribution == "CentOS"
- include_tasks: fedora.yml
when: ansible_distribution == "Fedora"
- include_tasks: prep.yml
when: not is_debuntu
- include_tasks: xo.yml
when: xo_model != "none" or osbuilder is defined
# the following installs common packages for both debian and fedora
- include_tasks: packages.yml
- include_tasks: iptables.yml
- sysctl: name=net.ipv4.ip_forward value=1 state=present
- sysctl: name=net.ipv4.conf.default.rp_filter value=1 state=present
- sysctl: name=net.ipv4.conf.default.accept_source_route value=0 state=present

56
roles/2-common/tasks/packages.yml
View file

@ -1,31 +1,3 @@
- name: Install yum deps for arm!!!
shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser
when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: Install yum from Fedora 23 for arm!!!
shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf
when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!!
shell: dnf install -y yum
when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l"
- name: Get the createrepo program (redhat)
package: name=createrepo
state=present
when: is_redhat
- name: Create local repo (redhat)
shell: createrepo {{ yum_packages_dir }}
when: is_redhat
- name: Install local repo file (redhat)
template: dest=/etc/yum.repos.d/iiab-local.repo
src=local.repo
owner=root
mode=0644
when: is_redhat
- name: Install yum packages (redhat)
package: name={{ item }}
state=present
@ -107,15 +79,18 @@
- python-setuptools
- python-virtualenv
- name: Update common packages (redhat)
package: name={{ item }}
state=latest
with_items:
- NetworkManager
- glibc # CVE-2015-7547
- bash
- iptables
when: is_redhat
# instructions state to start with a fully updated system before starting, stop using
# ansible as a crutch for developers not following the directions and taking short-cuts
#- name: Update common packages (not Debian)
# package: name={{ item }}
# state=latest
# with_items:
# - NetworkManager
# - glibc # CVE-2015-7547
# - bash
# - iptables
# when: is_redhat
- name: Update common packages (debuntu)
package: name={{ item }}
@ -128,16 +103,9 @@
- exfat-utils
when: is_debuntu
# instructions state to start with a fully updated system before starting, stop using
# ansible as a crutch for developers not following the directions and taking short-cuts
#- name: If version of Network manager has changed, subsequent nmcli commands will fail,restart now
# service: name=NetworkManager
# state=restarted
# when: not installing
# the above should use a handler - all reboots should wait until all
# mods are preformed
- name: Install optional exFAT packages for CentOS
shell: yum --enablerepo=li-nux-ro install exfat-utils fuse-exfat
when: exFAT_enabled == "True" and ansible_distribution == "CentOS"

29
roles/2-common/tasks/prep.yml Normal file
View file

@ -0,0 +1,29 @@
- name: Install iiab-extra repos
template: backup=no
dest=/etc/yum.repos.d/iiab-extra.repo
src=iiab-extra.repo
owner=root
group=root
mode=0666
- name: Install iiab-testing repos
template: backup=no
dest=/etc/yum.repos.d/iiab-testing.repo
src=iiab-testing.repo
owner=root
group=root
mode=0666
- name: Get the createrepo program
package: name=createrepo
state=present
- name: Install local repo file
template: dest=/etc/yum.repos.d/iiab-local.repo
src=local.repo
owner=root
group=root
mode=0644
- name: Create local repo
shell: createrepo {{ yum_packages_dir }}

0
roles/1-prep/templates/iiab-extra.repo → roles/2-common/templates/iiab-extra.repo
View file

0
roles/1-prep/templates/iiab-testing.repo → roles/2-common/templates/iiab-testing.repo
View file

0
roles/network/templates/gateway/iptables → roles/2-common/templates/iptables
View file

0
roles/network/templates/gateway/iptables-config → roles/2-common/templates/iptables-config
View file

0
roles/1-prep/templates/rpmfusion-free-updates.repo → roles/2-common/templates/rpmfusion-free-updates.repo
View file

20
roles/4-server-options/tasks/main.yml
View file

@ -15,6 +15,26 @@
when: openvpn_install
tags: openvpn
- name: Configuring wondershaper
include_tasks: roles/network/tasks/wondershaper.yml
when: wondershaper_install
tags: wondershaper, network
- name: Configuring named
include_tasks: roles/network/tasks/named.yml
when: FQDN_changed
tags: named, network, domain
- name: Configuring dhcpd
include_tasks: roles/network/tasks/dhcpd.yml
when: FQDN_changed
tags: dhcpd, network, domain
- name: Configuring Squid
include_tasks: roles/network/tasks/squid.yml
when: squid_install
tags: squid, network, domain
- name: NETWORK
include_role:
name: network

2
roles/network/tasks/computed_network.yml
View file

@ -122,7 +122,7 @@
- name: LAN configured - 'LanController' mode
set_fact:
iiab_network_mode: "LanController"
when: iiab_lan_iface != "" and iiab_wan_iface == "none"
when: iiab_lan_iface != "none" and iiab_wan_iface == "none"
- name: LAN configured - 'Gateway' mode
set_fact:

2
roles/network/tasks/computed_services.yml
View file

@ -12,7 +12,7 @@
squid_enabled: False
wondershaper_enabled: False
iiab_network_mode: "LanController"
when: iiab_lan_iface != "" and iiab_wan_iface == "none"
when: iiab_lan_iface != "none" and iiab_wan_iface == "none"
- name: LAN configured - 'Gateway' mode
set_fact:

17
roles/network/tasks/detected_network.yml
View file

@ -92,23 +92,20 @@
ap_device: "{{ blacklist_wifi }}"
when: blacklist_wifi is defined and discovered_wireless_iface != iiab_wan_iface and num_wifi_interfaces >= "2"
# LAN - pick non WAN's
- name: Create list of LAN (non WAN) ifaces
shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }}
register: lan_list_result
ignore_errors: True
changed_when: false
- name: Count LAN ifaces
shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} | wc -l
register: num_lan_interfaces_result
ignore_errors: True
changed_when: false
- name: Calculate number of LAN interfaces including WiFi
set_fact:
num_lan_interfaces: "{{ num_lan_interfaces_result.stdout|int }}"
# LAN - pick non WAN's
- name: Create list of LAN (non WAN) ifaces
shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }}
when: num_lan_interfaces != 0
register: lan_list_result
# If 2 interfaces found in gateway mode, with one wifi, declare other to be wan
#- name: In gateway mode with one wifi adapter, the other is WAN
# set_fact:
@ -122,7 +119,7 @@
- name: Set discovered_wired_iface fact if present
set_fact:
discovered_wired_iface: "{{ item|trim }}"
when: item|trim != discovered_wireless_iface
when: item|trim != discovered_wireless_iface and lan_list_result is defined
with_items:
- "{{ lan_list_result.stdout_lines }}"

1
roles/network/tasks/enable_services.yml
View file

@ -133,7 +133,6 @@
mode='0755'
with_items:
- { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' }
- { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN' }
- name: Add 'squid' to service list
ini_file: dest='{{ service_filelist }}'

6
roles/network/tasks/main.yml
View file

@ -19,12 +19,6 @@
# when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"'
##### End static ip address info
- include_tasks: roles/network/tasks/wondershaper.yml
tags:
- wondershaper
- network
when: wondershaper_install
- include_tasks: hosts.yml
tags:
- network

2
roles/network/tasks/named.yml
View file

@ -21,7 +21,7 @@
# or we have to change the serial number in the config files.
- name: Stop named before copying files
service: name={{ dns_service }} state=stopped
when: not installing
when: first_run and is_debuntu
- name: Set folder permission
file: path={{ item }}

61
roles/network/templates/gateway/check-LAN
View file

@ -1,61 +0,0 @@
#!/bin/bash
run_detect(){
logger "check-LAN: running reconfig"
cd /opt/schoolserver/iiab
/opt/schoolserver/iiab/runtags network > /dev/null
logger "check-LAN: completed reconfig"
exit 0
}
exit_clean(){
logger "check-LAN: completed - nothing to do"
exit 0
}
logger "check-LAN: startup"
if [ -f /etc/sysconfig/xs_lan_device ]; then
LAN_DEVICE=`cat /etc/sysconfig/xs_lan_device`
if [ "x$LAN_DEVICE" = "x" ]; then
logger "check-LAN: no lan expected"
exit_clean
else
if [ "$LAN_DEVICE" = "br0" ]; then
SLAVES=`egrep -rn BRIDGE=br0 /etc/sysconfig/network-scripts/ifcfg-* \
| gawk -F'[-:]' '{print $3}'`
SLAVE_COUNT=`egrep -rn BRIDGE=br0 /etc/sysconfig/network-scripts/ifcfg-* \
| wc | awk '{print $1}'`
logger "check-LAN: looking for $SLAVE_COUNT slaves"
while [ "$SLAVE_COUNT" > 1 ]; do
TEST_SLAVE=`brctl show | tail -n $[ $SLAVE_COUNT - 1 ] | awk '{print $1}'`
if [ "x$TEST_SLAVE" = "x" ]; then
logger "check-LAN: blank slave for number $SLAVE_COUNT"
run_detect
else
logger "check-LAN: slave number $SLAVE_COUNT $TEST_SLAVE present"
fi
SLAVE_COUNT="$[ $SLAVE_COUNT - 1 ]"
if [ "$SLAVE_COUNT" = 1 ]; then
TEST_SLAVE=`brctl show | grep br0 | awk '{print $4}'`
if [ "x$TEST_SLAVE" = "x" ]; then
logger "check-LAN: single blank slave for number $SLAVE_COUNT"
run_detect
else
logger "check-LAN: single slave number $SLAVE_COUNT $TEST_SLAVE present"
exit_clean
fi
fi
done
fi
LAN_IF=`ip -o addr | grep 172.18 | awk '{print $2}'`
if [ "$LAN_IF" = "$LAN_DEVICE" ]; then
logger "check-LAN: expected LAN matched $LAN_DEVICE"
exit_clean
fi
fi
else
logger "check-LAN: unconfigured"
exit_clean
fi

1
roles/network/templates/network/iiab_domain_name.j2
View file

@ -1 +0,0 @@
{{ iiab_domain }}

3
roles/network/templates/network/iiab_lan_device.j2
View file

@ -1,3 +0,0 @@
{% if iiab_lan_iface != "none" %}
{{ iiab_lan_iface }}
{% endif %}

3
roles/network/templates/network/iiab_wan_device.j2
View file

@ -1,3 +0,0 @@
{% if iiab_wan_iface != "none" %}
{{ iiab_wan_iface }}
{% endif %}

5
runtags
View file

@ -14,6 +14,11 @@ then
exit
fi
if [ ! -f /etc/iiab/config_vars.yml ]; then
mkdir -p /etc/iiab
echo "{}" > /etc/iiab/config_vars.yml
fi
tags=$(echo $1 | tr "," "\n")
if [ "$tags" == "" ]