diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml index 9fd76d2e4..4a9b1e4c1 100644 --- a/roles/0-init/defaults/main.yml +++ b/roles/0-init/defaults/main.yml @@ -1,5 +1,5 @@ # (PRE-)release version number, for {{ iiab_env_file }} = /etc/iiab/iiab.env -# iiab_base_ver: 7.0 +# iiab_base_ver: 7.1 # iiab_revision: 0 # ABOVE MOVED TO /opt/iiab/iiab/vars/default_vars.yml @@ -14,7 +14,6 @@ discovered_wan_iface: none # Old defs gui_port: 80 -exFAT_enabled: False is_F18: False # Set default 1-prep discovered hardware diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index f768d3b3f..7b4fa58c4 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -43,30 +43,6 @@ - name: Pre-check that IIAB's "XYZ_install" + "XYZ_enabled" vars (1) are defined, (2) are boolean-not-string variables, and (3) contain plausible values. Also checks that "XYZ_install" is True when "XYZ_installed" is defined. include_tasks: validate_vars.yml -# SEE: https://github.com/iiab/iiab/blob/master/roles/nginx/README.md -- name: "apache_install is currently '{{ apache_install }}' and apache_enabled is currently '{{ apache_enabled }}'. Now let's set 'apache_install: True' and 'apache_enabled: True' if NGINX is set not to be enabled OR if any of {Elgg, Lokole, Moodle, Node-RED} are set to install." - set_fact: - apache_install: True - apache_enabled: True - when: not nginx_enabled or elgg_install or lokole_install or moodle_install or nodered_install -# -#- name: "Verify 'apache_install: True' and 'apache_enabled: True' if any of {DokuWiki, Elgg, Lokole, Moodle, Nextcloud, Node-RED} are set to install" -# assert: -# that: apache_install and apache_enabled or not (dokuwiki_install or elgg_install or lokole_install or moodle_install or nextcloud_install or nodered_install) -# fail_msg: "PLEASE CONFIRM 'apache_install: True' AND 'apache_enable: True' IF YOU'RE TRYING TO INSTALL ANY OF {dokuwiki, elgg, lokole, moodle, nextcloud, nodered} e.g. IN: /etc/iiab/local_vars.yml" -# quiet: yes -# -#- name: "Verify 'apache_install: True' and 'apache_enabled: True' if 'nginx_enabled: False' -- e.g. for Apache testing of older playbooks lacking full NGINX support" -# assert: -# that: apache_install and apache_enabled or nginx_enabled -# fail_msg: "PLEASE CONFIRM 'apache_install: True' AND 'apache_enable: True' IF 'nginx_enabled: False' e.g. IN: /etc/iiab/local_vars.yml" -# quiet: yes - -- name: Set exFAT_enabled if xo_model != "none" - set_fact: - exFAT_enabled: True - when: xo_model != "none" - # Discover: do we have a gateway? # If Ansible detects gateway, becomes WAN candidate. - name: "Do we have a gateway? If so set discovered_wan_iface: {{ ansible_default_ipv4.alias }}" diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index e56b33f2d..bd8725822 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -8,10 +8,14 @@ name: mysql when: mysql_install | bool -- name: HTTPD (Apache) - include_role: - name: httpd - when: apache_install | bool +# 2020-05-21: Apache role 'httpd' is installed as nec by any of these 6 roles: +# cups, elgg, lokole, moodle, nodered, phpmyadmin. +# +# These 14 roles conditionally touch Apache .conf files etc: awstats, +# calibre-web, gitea, internetarchive, kalite, kiwix, kolibri, mediawiki, +# munin, nextcloud, sugarizer, usb_lib, wordpress, www_options. +# +# SEE ALSO: roles/nginx/README.md - name: NGINX include_role: diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 9b748157f..c17ad17e7 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -41,10 +41,9 @@ name: samba when: samba_install | bool -# 2020-02-12: what was roles/homepage lives in roles/www_base & -# roles/www_options for now. Eventually softcoding of iiab_home_url -# should happen everywhere (incl Admin Console) to allow more field -# options, e.g. changing /library/www/html/home even when offline... +# 2020-20-17: what was roles/homepage lives in roles/www_options. Eventually +# softcoding of iiab_home_url should happen everywhere (incl Admin Console) for +# more field options, e.g. changing /library/www/html/home even when offline... - name: WWW_OPTIONS (WWW_BASE should have been installed earlier) include_role: diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 00f7712dd..eccf86b7c 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -30,34 +30,10 @@ name: calibre-web when: calibreweb_install | bool -# Could split these two below to Stage 10? 2020-02-12: Experimentally moving -# stuff to roles/3-base-server, 4-server-options, roles/httpd, roles/nginx. - -# - name: "Set 'nginx_enabled: True'" -# set_fact: -# nginx_enabled: True -# -# - name: Fully Enable / Configure NGINX (already installed in Stage 3-BASE-SERVER) if 'nginx_enabled' is True -# include_role: -# name: nginx -# when: nginx_enabled | bool # WAS: nginx_install -# # If just CONFIGURING (etc) shouldn't we use one of the following instead ?? -# # include_tasks: roles/nginx/tasks/setup.yml -# # include_tasks: roles/nginx/tasks/enable.yml - -# - name: "Set 'apache_enabled: True'" -# set_fact: -# apache_enabled: True -# -# - name: Fully Enable / Configure Apache systemd service ({{ apache_service }}) if 'apache_enabled' is True -# include_role: -# name: httpd -# #name: httpd-enable -# when: apache_enabled | bool # WAS: apache_install -# # WARNING THAT APACHE IS AUTO-ENABLED BY THESE ~6 APPS ALONE! -# # https://github.com/holta/iiab/blob/scaff2/roles/0-init/tasks/main.yml#L40-L44 -# # Summarized @ https://github.com/iiab/iiab/blob/master/roles/nginx/README.md -# # 2020-01-23: APACHE FUTURE SUMMARY QUESTIONS @ roles/httpd/tasks/main.yml +- name: '2020-05-21: TEMPORARILY INSTALL APACHE UNTIL ADMIN CONSOLE DECLARES (OR REMOVES?) ITS DEPENDENCY within [console : Enable ssl] to avoid error "Neither of apache2ctl nor apachctl found. At least one apache control binary is necessary." -- possibly var adm_cons_force_ssl is still useful here?' + package: + name: apache2 + when: admin_console_install | bool - name: Recording STAGE 9 HAS COMPLETED ==================== lineinfile: diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index a66324784..255698cd1 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -1,7 +1,7 @@ # TO DO: # # - Prepare for a possible future w/o Apache by verifying/refining below... -# - 5 'when: apache_install | bool' +# - 5 'when: apache_installed is defined' # - 1 'when: nginx_install | bool' # - 8 core stanzas w/o such 'when:' clauses @@ -19,11 +19,11 @@ - libapache2-mod-authnz-external - apache2-utils state: present - when: apache_install | bool + when: apache_installed is defined - name: Run 'a2enmod cgi' to enable cgi execution via Apache command: a2enmod cgi - when: apache_install | bool + when: apache_installed is defined - name: Create directory... mkdir {{ apache_log_dir }}, recursively chown {{ apache_user }}:{{ apache_user }}, with chmod u+rw,g+r,g-w,o-rwx file: @@ -34,7 +34,7 @@ group: "{{ apache_user }}" mode: u+rw,g+r,g-w,o-rwx # '0750' turned on too many x bits #force: yes - when: apache_install | bool + when: apache_installed is defined - name: Create 2 directories... mkdir {{ awstats_data_dir }} (intermediate summary storage) and /usr/lib/cgi-bin/awstats, recursively chown {{ apache_user }}:{{ apache_user }}, with chmod u+rw,g+r,g-w,o-rwx file: @@ -53,13 +53,13 @@ template: src: apache-awstats.conf dest: "/etc/{{ apache_conf_dir }}/awstats.conf" # apache2/sites-available on debuntu - when: apache_install | bool + when: apache_installed is defined - name: Install /etc/logrotate.d/apache2 from template, to ensure logrotate doesn't make logs unreadable template: src: logrotate.d.apache2 dest: /etc/logrotate.d/apache2 - when: apache_install | bool + when: apache_installed is defined - name: Does /etc/awstats/awstats.conf exist? stat: diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index 6c35db157..dee048b87 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -22,8 +22,8 @@ mode: '0755' with_items: - "{{ calibreweb_home }}" # /library/calibre-web - - "{{ calibreweb_venv_path }}" # /usr/local/calibre-web - "{{ calibreweb_config }}" # /library/calibre-web/config + - "{{ calibreweb_venv_path }}" # /usr/local/calibre-web-py3 ## TODO: Calibre-web future release might get into pypi https://github.com/janeczku/calibre-web/issues/456 - name: Clone i.e. download Calibre-Web ({{ calibreweb_version }}) from https://github.com/janeczku/calibre-web.git to {{ calibreweb_venv_path }} @@ -61,7 +61,7 @@ template: src: calibre-web.conf.j2 dest: "/etc/{{ apache_conf_dir }}/calibre-web.conf" # apache2/sites-available on debuntu - when: apache_install | bool + when: apache_installed is defined - name: Does /library/calibre-web/metadata.db exist? stat: diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 72ffec896..3a4beda15 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -3,8 +3,20 @@ # TO DO: # - validate input vars + prereqs -# - move 5 top stanzas into install.yml -# - move 5-7 next stanzas into enable-or-disable.yml +# - move ~7 top stanzas into install.yml +# - move ~7 next stanzas into enable-or-disable.yml +# - create /etc/nginx/conf.d/cups-nginx.conf as SHIM to Apache on port 8090 ? +# - deprecate ~2 F18 stanzas? + + +- name: "Set 'apache_install: True' and 'apache_enabled: True'" + set_fact: + apache_install: True + apache_enabled: True + +- name: APACHE - run 'httpd' role + include_role: + name: httpd - name: Install 'cups' package diff --git a/roles/elgg/tasks/install.yml b/roles/elgg/tasks/install.yml index 4e745c5ba..eb249c43a 100644 --- a/roles/elgg/tasks/install.yml +++ b/roles/elgg/tasks/install.yml @@ -1,6 +1,20 @@ -# Assume (enforce!) we only get here if elgg_install: True -# Assume (enforce?) MySQL is running +- name: "Set 'apache_install: True' and 'apache_enabled: True'" + set_fact: + apache_install: True + apache_enabled: True +- name: APACHE - run 'httpd' role + include_role: + name: httpd + +# 2020-05-21: Required now that mysql/tasks/install.yml installs +# "php{{ php_version }}-common" rather than the full "php{{ php_version }}" +- name: "Install package: libapache2-mod-php{{ php_version }}" + package: + name: "libapache2-mod-php{{ php_version }}" + +# Assume (enforce?) MySQL is running +# # - name: "Set 'mysql_install: True' and 'mysql_enabled: True'" # set_fact: # mysql_install: True diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index b919608bf..1981222f2 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -97,13 +97,16 @@ # 4. Create systemd service & prepare Apache for http://box/gitea -- name: "Install from templates: /etc/systemd/system/gitea.service, /etc/apache2/sites-available/gitea.conf" +- name: "Install from template: /etc/systemd/system/gitea.service" template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - with_items: - - { src: 'gitea.service.j2', dest: '/etc/systemd/system/gitea.service' } - - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_conf_dir }}/gitea.conf" } + src: gitea.service.j2 + dest: /etc/systemd/system/gitea.service + +- name: "Install from template: /etc/{{ apache_conf_dir }}/gitea.conf" + template: + src: gitea.conf.j2 + dest: "/etc/{{ apache_conf_dir }}/gitea.conf" # apache2/sites-available + when: apache_installed is defined # 5. RECORD Gitea AS INSTALLED diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index ae4a80ecf..861f5ee0f 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -69,28 +69,6 @@ - mpm_prefork.load when: is_debuntu | bool -# - name: Remove mpm_event.conf & mpm_event.load symlinks, using a2dissite -# command: "a2dissite {{ item }}" -# with_items: -# - mpm_event.conf -# - mpm_event.load -# ignore_errors: yes -# -# - name: Symlink mpm_prefork.conf & mpm_prefork.load, using a2ensite -# command: "a2ensite {{ item }}" -# with_items: -# - mpm_prefork.conf -# - mpm_prefork.load - -#- name: 'Turn on mod_proxy using a2enmod with: proxy, proxy_html, headers, rewrite (debuntu)' -# command: a2enmod {{ item }} -# with_items: -# - proxy -# - proxy_html -# - headers -# - rewrite -# when: is_debuntu | bool - - name: 'Enable 5 Apache modules, as with "a2enmod" command: headers, proxy, proxy_html, proxy_http, rewrite (for http://box/kiwix, http://box/kolibri, http://box/nodered, etc--if debuntu)' apache2_module: name: "{{ item }}" @@ -115,9 +93,9 @@ file: state: directory path: "/var/run/{{ apache_user }}" - owner: root - group: root - mode: '0755' + #owner: root + #group: root + #mode: '0755' - name: 'Create group: admin' group: @@ -131,13 +109,13 @@ state: present createhome: no -- name: Create Apache dir /var/log/{{ apache_service }} +- name: Create Apache dir /var/log/{{ apache_service }} ({{ apache_user }}:{{ apache_user }}) file: state: directory path: "/var/log/{{ apache_service }}" owner: "{{ apache_user }}" group: "{{ apache_user }}" - mode: '0755' + #mode: '0755' - name: Install Apache's 010-iiab.conf & proxy_ajp.conf into /etc/apache2/sites-available, from templates @@ -156,15 +134,14 @@ # command: a2dissite 010-iiab.conf # when: not apache_enabled + - debug: msg: roles/httpd/tasks/homepage.yml will run LATER (invoked by roles/www_options/tasks/main.yml) SO THAT APACHE CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url) # - include_tasks: roles/httpd/tasks/homepage.yml -# - name: Enable & Stop '{{ apache_service }}' systemd service -# systemd: -# name: "{{ apache_service }}" -# enabled: yes -# state: stopped +- name: Run 'systemctl daemon-reload' + systemd: + daemon_reload: yes # RECORD Apache AS INSTALLED diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 354212d7f..01f43ba38 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -31,12 +31,11 @@ when: apache_installed is undefined -- name: Enable & (Re)Start {{ apache_service }} systemd service, if apache_enabled +- name: Enable & Start-if-nec {{ apache_service }} systemd service, if apache_enabled systemd: name: "{{ apache_service }}" - daemon_reload: yes enabled: yes - state: restarted + state: started # No need to restart, as many IIAB apps do that later when: apache_enabled | bool - name: Disable & Stop {{ apache_service }} systemd service, if not apache_enabled diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index 41896e647..180118367 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -56,13 +56,16 @@ # 3. CONFIG FILES -- name: "Install from templates: /etc/systemd/system/internetarchive.service, /etc/{{ apache_conf_dir }}/internetarchive.conf" +- name: "Install from template: /etc/systemd/system/internetarchive.service" template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - with_items: - - { src: 'internetarchive.service.j2', dest: '/etc/systemd/system/internetarchive.service' } - - { src: 'internetarchive.conf', dest: '/etc/{{ apache_conf_dir }}/internetarchive.conf' } # apache2/sites-available + src: internetarchive.service.j2 + dest: /etc/systemd/system/internetarchive.service + +- name: "Install from template: /etc/{{ apache_conf_dir }}/internetarchive.conf" + template: + src: internetarchive.conf + dest: "/etc/{{ apache_conf_dir }}/internetarchive.conf" # apache2/sites-available + when: apache_installed is defined # 4. RECORD Internet Archive AS INSTALLED diff --git a/roles/internetarchive/tasks/main.yml b/roles/internetarchive/tasks/main.yml index 3b908a143..06988fc2a 100644 --- a/roles/internetarchive/tasks/main.yml +++ b/roles/internetarchive/tasks/main.yml @@ -51,7 +51,6 @@ when: internetarchive_installed is undefined and internet_available - # ENABLE/DISABLE/RESTART SYSTEMD SERVICE & WEB SERVERS AS NEC ? - name: Enable & Restart 'internetarchive' systemd service, if internetarchive_enabled @@ -69,10 +68,9 @@ state: stopped when: not internetarchive_enabled -#- name: Enable/Disable/Restart Apache if primary -- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache +- name: Enable/Disable/Restart Apache if primary include_tasks: apache.yml - #when: not nginx_enabled + when: apache_installed is defined and not nginx_enabled - name: Enable/Disable/Restart NGINX if primary include_tasks: nginx.yml diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 5f6c96632..473761d68 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -43,18 +43,20 @@ extra_args: "--no-cache-dir" when: internet_available | bool -- name: "Install from template: venv wrapper /usr/bin/kalite, systemd unit file kalite-serve.service, Apache's kalite.conf" +- name: "Install from templates: venv wrapper /usr/bin/kalite, systemd unit file kalite-serve.service" template: - backup: no src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root mode: "{{ item.mode }}" with_items: - - { src: 'kalite.sh.j2', dest: '/usr/bin/kalite', mode: '0755'} - - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'} - - { src: 'kalite.conf', dest: '/etc/{{ apache_conf_dir }}', mode: '0644'} + - { src: 'kalite.sh.j2', dest: '/usr/bin/kalite', mode: '0755' } + - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644' } + +- name: "Install from template: /etc/{{ apache_conf_dir }}/kalite.conf" + template: + src: kalite.conf + dest: "/etc/{{ apache_conf_dir }}" # apache2/sites-available on debuntu + when: apache_installed is defined - name: Fix KA Lite bug in regex parsing ifconfig output, for @m-anish's network names that contain dashes, if Raspbian/Debian < 11 or Ubuntu < 20 replace: diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index d8b5c59c8..104d6bb7c 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -100,7 +100,7 @@ # 4. INSTALL iiab-make-kiwix-lib*, kiwix-serve.service, kiwix.conf for Apache -- name: 'Install from templates: kiwix-serve.service, iiab-make-kiwix-lib, iiab-make-kiwix-lib.py, kiwix.conf' +- name: 'Install from templates: kiwix-serve.service, iiab-make-kiwix-lib, iiab-make-kiwix-lib.py' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -109,7 +109,13 @@ - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644' } - { src: 'iiab-make-kiwix-lib', dest: '/usr/bin/iiab-make-kiwix-lib', mode: '0755' } - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755' } - - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_conf_dir }}/kiwix.conf', mode: '0644' } + +- name: "Install from template: Apache's kiwix.conf" + template: + src: kiwix.conf.j2 + dest: "/etc/{{ apache_conf_dir }}/kiwix.conf" + #mode: '0644' + when: apache_installed is defined # 5. RECORD Kiwix AS INSTALLED diff --git a/roles/kolibri/tasks/install.yml b/roles/kolibri/tasks/install.yml index 7dbc7e2de..182647b3d 100644 --- a/roles/kolibri/tasks/install.yml +++ b/roles/kolibri/tasks/install.yml @@ -15,31 +15,21 @@ path: "{{ kolibri_home }}" # /library/kolibri owner: "{{ kolibri_user }}" # kolibri group: "{{ apache_user }}" # www-data (on Debian/Ubuntu/Raspbian) - mode: '0755' - name: Create directory /etc/kolibri file: state: directory name: /etc/kolibri - # owner: root - # group: root - # mode: '0755' - name: Save kolibri_user ({{ kolibri_user }}) to /etc/kolibri/username copy: content: "{{ kolibri_user }}" dest: /etc/kolibri/username - # owner: root - # group: root - # mode: '0644' - name: Save kolibri_home (KOLIBRI_HOME="{{ kolibri_home }}") to /etc/kolibri/daemon.conf copy: content: 'KOLIBRI_HOME="{{ kolibri_home }}"' dest: /etc/kolibri/daemon.conf - # owner: root - # group: root - # mode: '0644' - name: apt install latest Kolibri .deb from {{ kolibri_deb_url }} (populates {{ kolibri_home }}, migrates database) # i.e. /library/kolibri apt: @@ -49,16 +39,16 @@ KOLIBRI_USER: "{{ kolibri_user }}" # both can't hurt & Might Help Later when: internet_available | bool -- name: 'Install from templates: /etc/systemd/system/kolibri.service & /etc/{{ apache_conf_dir }}/kolibri.conf' +- name: 'Install from template: /etc/systemd/system/kolibri.service' template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - # owner: root - # group: root - # mode: '0644' - with_items: - - { src: 'kolibri.service.j2', dest: '/etc/systemd/system/kolibri.service' } - - { src: 'kolibri.conf.j2', dest: '/etc/{{ apache_conf_dir }}/kolibri.conf' } # apache2/sites-available + src: kolibri.service.j2 + dest: /etc/systemd/system/kolibri.service + +- name: 'Install from template: /etc/{{ apache_conf_dir }}/kolibri.conf' + template: + src: kolibri.conf.j2 + dest: "/etc/{{ apache_conf_dir }}/kolibri.conf" # apache2/sites-available + when: apache_installed is defined - name: Stop 'kolibri' systemd service, for Kolibri provisioning (after daemon_reload) systemd: diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index d49757e49..dcb4c1106 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -1,6 +1,17 @@ # Lokole PDF (User's Guide) gets copied for offline use (http://box/info) here: # https://github.com/iiab/iiab/blob/master/roles/httpd/templates/refresh-wiki-docs.sh#L51-L52 + +- name: "Set 'apache_install: True' and 'apache_enabled: True'" + set_fact: + apache_install: True + apache_enabled: True + +- name: APACHE - run 'httpd' role + include_role: + name: httpd + + - name: "Install 8 packages for Lokole: python3, python3-pip, python3-venv, python3-dev, python3-bcrypt, libffi-dev, libssl-dev, libopenjp2-7" apt: name: diff --git a/roles/mediawiki/tasks/install.yml b/roles/mediawiki/tasks/install.yml index a260c0e04..561aaccd8 100644 --- a/roles/mediawiki/tasks/install.yml +++ b/roles/mediawiki/tasks/install.yml @@ -80,10 +80,11 @@ regexp: '^\$wgServer =' line: '$wgServer = "//" . $_SERVER["HTTP_HOST"];' -- name: Install /etc/{{ apache_conf_dir }}/mediawiki.conf from template, for http://box{{ mediawiki_url }} via Apache +- name: 'Install from template: /etc/{{ apache_conf_dir }}/mediawiki.conf -- for http://box{{ mediawiki_url }}' template: src: mediawiki.conf.j2 - dest: "/etc/{{ apache_conf_dir }}/mediawiki.conf" # apache2/sites-available on debuntu + dest: "/etc/{{ apache_conf_dir }}/mediawiki.conf" # apache2/sites-available + when: apache_installed is defined # RECORD MediaWiki AS INSTALLED diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index 7fdbb1c6c..d0e17d32a 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -1,6 +1,6 @@ # 1. INSTALL MongoDB PACKAGES OR BINARIES -- name: "Install packages: mongodb, mongodb-server (not rpi)" +- name: "Install packages: mongodb, mongodb-server (not raspbian)" package: name: - mongodb-server @@ -9,8 +9,8 @@ when: internet_available and not is_raspbian # 2019-02-02: Sugarizer with Node.js 10.x requires MongoDB 2.6+ so -# https://andyfelong.com/2017/08/mongodb-3-0-14-for-raspbian-stretch/ -# is being used on RPi, all I found! (Raspbian's apt pkg is MongoDB 2.4.14) +# https://andyfelong.com/2017/08/mongodb-3-0-14-for-raspbian-stretch/ is +# being used on Raspbian, all I found! (Raspbian's apt pkg is MongoDB 2.4.14) # # mongodb_stretch_3_0_14_core.zip (20M) & mongodb_stretch_3_0_14_tools.zip (15M) # were backed up from andyfelong.com to http://download.iiab.io/packages/ @@ -18,50 +18,50 @@ # CLARIF: mongodb_stretch_3_0_14_core.zip IS IN FACT 3.0.14 (core) BUT... # mongodb_stretch_3_0_14_tools.zip IS REALLY 3.0.15 (tools) -- name: Create dir /tmp/mongodb-3.0.1x (rpi) +- name: Create dir /tmp/mongodb-3.0.1x (raspbian) file: path: /tmp/mongodb-3.0.1x state: directory when: internet_available and is_raspbian -- name: Download & unzip 20MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_core.zip to /tmp/mongodb-3.0.1x (rpi) +- name: Download & unzip 20MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_core.zip to /tmp/mongodb-3.0.1x (raspbian) unarchive: remote_src: yes src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_core.zip" dest: /tmp/mongodb-3.0.1x when: internet_available and is_raspbian -- name: Install (move) its 3 CORE binaries from /tmp/mongodb-3.0.1x/core to /usr/bin (rpi) +- name: Install (move) its 3 CORE binaries from /tmp/mongodb-3.0.1x/core to /usr/bin (raspbian) shell: mv /tmp/mongodb-3.0.1x/core/* /usr/bin when: internet_available and is_raspbian -- name: Download & unzip 15MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_tools.zip [IN FACT THIS ONE'S 3.0.15] to /tmp/mongodb-3.0.1x (rpi) +- name: Download & unzip 15MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_tools.zip [IN FACT THIS ONE'S 3.0.15] to /tmp/mongodb-3.0.1x (raspbian) unarchive: remote_src: yes src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_tools.zip" dest: /tmp/mongodb-3.0.1x when: internet_available and is_raspbian -- name: Install (move) its 9 TOOLS binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (rpi) +- name: Install (move) its 9 TOOLS binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (raspbian) shell: mv /tmp/mongodb-3.0.1x/tools/* /usr/bin when: internet_available and is_raspbian # OLD WAY / MUCH SLOWER: had put unnec duplicate copies in /opt/iiab/downloads/mongodb-3.0.1x # -#- name: Create dir /opt/iiab/downloads/mongodb-3.0.1x (rpi) +#- name: Create dir /opt/iiab/downloads/mongodb-3.0.1x (raspbian) # file: # path: "{{ downloads_dir }}/mongodb-3.0.1x" # state: directory # when: internet_available and is_raspbian # -#- name: Download & unzip MongoDB 3.0.14's 3 core binaries to /opt/iiab/downloads/mongodb-3.0.1x (rpi) +#- name: Download & unzip MongoDB 3.0.14's 3 core binaries to /opt/iiab/downloads/mongodb-3.0.1x (raspbian) # unarchive: # remote_src: yes # src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_core.zip" # dest: "{{ downloads_dir }}/mongodb-3.0.1x" # when: internet_available and is_raspbian # -#- name: Install (copy) 3 binaries from /opt/iiab/downloads/mongodb-3.0.1x/core to /usr/bin (rpi) +#- name: Install (copy) 3 binaries from /opt/iiab/downloads/mongodb-3.0.1x/core to /usr/bin (raspbian) # copy: # src: "{{ item }}" # dest: /usr/bin @@ -69,14 +69,14 @@ # - "{{ downloads_dir }}/mongodb-3.0.1x/core/*" # when: internet_available and is_raspbian # -#- name: Download & unzip MongoDB 3.0.15's 9 tools binaries to /opt/iiab/downloads/mongodb-3.0.1x (rpi) +#- name: Download & unzip MongoDB 3.0.15's 9 tools binaries to /opt/iiab/downloads/mongodb-3.0.1x (raspbian) # unarchive: # remote_src: yes # src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_tools.zip" # dest: "{{ downloads_dir }}/mongodb-3.0.1x" # when: internet_available and is_raspbian # -#- name: Install (copy) 9 binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (rpi) +#- name: Install (copy) 9 binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (raspbian) # copy: # src: "{{ item }}" # dest: /usr/bin @@ -84,13 +84,13 @@ # - "{{ downloads_dir }}/mongodb-3.0.1x/tools/*" # when: internet_available and is_raspbian -- name: Create Linux group mongodb (rpi) +- name: Create Linux group mongodb (raspbian) group: name: mongodb state: present when: is_raspbian | bool -- name: Create Linux user mongodb (rpi) +- name: Create Linux user mongodb (raspbian) user: name: mongodb group: mongodb # primary group diff --git a/roles/moodle/tasks/install.yml b/roles/moodle/tasks/install.yml index 528b0666d..33b3d9f08 100644 --- a/roles/moodle/tasks/install.yml +++ b/roles/moodle/tasks/install.yml @@ -1,3 +1,13 @@ +- name: "Set 'apache_install: True' and 'apache_enabled: True'" + set_fact: + apache_install: True + apache_enabled: True + +- name: APACHE - run 'httpd' role + include_role: + name: httpd + + - name: "Set 'postgresql_install: True' and 'postgresql_enabled: True'" set_fact: postgresql_install: True diff --git a/roles/munin/tasks/install.yml b/roles/munin/tasks/install.yml index 56a0f4386..bcf6b05fe 100644 --- a/roles/munin/tasks/install.yml +++ b/roles/munin/tasks/install.yml @@ -17,16 +17,16 @@ state: present when: not is_debuntu -- name: Install /etc/munin/munin.conf and Apache's munin24.conf, from templates +- name: 'Install from template: /etc/munin/munin.conf' template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - # owner: root - # group: root - # mode: 0644 - with_items: - - { src: 'munin.conf.j2', dest: '/etc/munin/munin.conf' } - - { src: 'munin24.conf.j2', dest: '/etc/{{ apache_conf_dir }}/munin24.conf' } + src: munin.conf.j2 + dest: /etc/munin/munin.conf + +- name: 'Install from template: /etc/{{ apache_conf_dir }}/munin24.conf' + template: + src: munin24.conf.j2 + dest: "/etc/{{ apache_conf_dir }}/munin24.conf" # apache2/sites-available + when: apache_installed is defined - name: Establish username/password Admin/changeme in /etc/munin/munin-htpasswd htpasswd: diff --git a/roles/mysql/tasks/install.yml b/roles/mysql/tasks/install.yml index 29116b500..9c7d5678f 100644 --- a/roles/mysql/tasks/install.yml +++ b/roles/mysql/tasks/install.yml @@ -1,7 +1,6 @@ -# Stanzas as of 2020-02-04: +# Stanzas as of 2020-05-21: # -# - 4 base install -# - Remove the last 3 above, as CentOS & Fedora no longer supported ? +# - 1 base install # - 6 double timeout for slow CPUs # - 7 DB config # - 2 record as installed @@ -11,7 +10,8 @@ name: - mariadb-server - mariadb-client - - php{{ php_version }} + # - php{{ php_version }} # On Ubuntu 20.04 (and prob other OS's) this forces the install of: apache2 apache2-bin apache2-data apache2-utils libapache2-mod-php{{ php_version }} ETC + - php{{ php_version }}-common # 2020-05-21: @jvonau suggests this to avoid Apache above. Or its superset php{{ php_version }}-cli if absolutely nec? - php{{ php_version }}-mysql - php-pear - php{{ php_version }}-gd @@ -23,41 +23,28 @@ state: present when: is_debuntu | bool -# - name: Install package 'php{{ php_version }}-xml' (debuntu) # WAS: (ubuntu or debian 9+) +# - name: "Install packages: mysql, MySQL-python and 9 php packages (OS's other than debuntu)" # package: -# name: "php{{ php_version }}-xml" +# name: +# - MySQL-python +# - mysql +# - php +# - php-mysql +# - php-pear +# - php-gd +# - php-imap +# - php-ldap +# - php-odbc +# - php-xml +# - php-xmlrpc # state: present -# when: is_debuntu | bool -# #when: is_ubuntu or (is_debian and not is_debian_8) - -#- name: Install php-xml-parser (debian-8) -# package: -# name: php-xml-parser -# state: present -# when: is_debian_8 | bool - -- name: "Install packages: mysql, MySQL-python and 9 php packages (OS's other than debuntu)" - package: - name: - - MySQL-python - - mysql - - php - - php-mysql - - php-pear - - php-gd - - php-imap - - php-ldap - - php-odbc - - php-xml - - php-xmlrpc - state: present - when: not is_debuntu - -- include_tasks: centos.yml - when: ansible_distribution == "CentOS" - -- include_tasks: fedora.yml - when: ansible_distribution == "Fedora" +# when: not is_debuntu +# +# - include_tasks: centos.yml +# when: ansible_distribution == "CentOS" +# +# - include_tasks: fedora.yml +# when: ansible_distribution == "Fedora" # 2019-07-03 @jvonau @holta: the next 50 lines (6 stanzas) double MariaDB's diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 9ccaf8565..665ede20c 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -109,7 +109,7 @@ template: src: nextcloud.conf.j2 dest: "/etc/{{ apache_conf_dir }}/nextcloud.conf" # apache2/sites-available on debuntu - when: apache_install | bool + when: apache_installed is defined # RECORD Nextcloud AS INSTALLED diff --git a/roles/nginx/README.md b/roles/nginx/README.md index 6b8edd323..5dd5a829c 100644 --- a/roles/nginx/README.md +++ b/roles/nginx/README.md @@ -10,7 +10,7 @@ 2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX. -3. Current state of IIAB App/Service migrations as of 2020-04-29: +3. Current state of IIAB App/Service migrations as of 2020-05-21: 1. These support "Native" NGINX but ***NOT*** Apache * Admin Console @@ -20,7 +20,7 @@ * OER2Go/RACHEL modules * usb_lib - 2. These support "Native" NGINX ***AND*** Apache, a.k.a. "dual support" for legacy testing (if suitable "Shims" from *Section iii.* below are preserved!) Both "Native" NGINX and "Shim" proxying from NGINX to Apache port 8090 *cannot be enabled simultaneously* for these IIAB Apps/Service. But if you want to attempt their "Shim" proxying legacy testing mode, change your *primary web server* over to Apache by setting `nginx_enabled: False` in [/etc/iiab/local_vars.yml](http://wiki.laptop.org/go/IIAB/FAQ#What_is_local_vars.yml_and_how_do_I_customize_it.3F) (which will [auto-enable Apache](../0-init/tasks/main.yml#L47-L51) for your testing). + 2. These support "Native" NGINX ***AND*** Apache, a.k.a. "dual support" for legacy testing (if suitable "Shims" from *Section iii.* below are preserved!) Both "Native" NGINX and "Shim" proxying from NGINX to Apache port 8090 *cannot be enabled simultaneously* for these IIAB Apps/Service. But if you want to attempt their "Shim" proxying legacy testing mode, try setting your *primary web server* to Apache using `apache_install: True` and `apache_enabled: True` (and `nginx_enabled: False` to disable NGINX) in [/etc/iiab/local_vars.yml](http://wiki.laptop.org/go/IIAB/FAQ#What_is_local_vars.yml_and_how_do_I_customize_it.3F) before you install IIAB. You may also need to run `cd /opt/iiab/iiab; ./runrole httpd` since this has been removed from [roles/3-base-server/tasks/main.yml](https://github.com/iiab/iiab/blob/master/roles/3-base-server/tasks/main.yml) * awstats * calibre-web * gitea @@ -32,7 +32,8 @@ * sugarizer * wordpress - 3. These support Apache but ***NOT*** "Native" NGINX. They use a "Shim" to [proxy_pass](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/) from NGINX to Apache on port 8090. See [roles/0-init/tasks/main.yml#L47-L51](../0-init/tasks/main.yml#L47-L51) for a list of these IIAB Apps/Services, that auto-enable Apache. + 3. These support Apache but ***NOT*** "Native" NGINX. They use a "Shim" to [proxy_pass](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/) from NGINX to Apache on port 8090. See [roles/3-base-server/tasks/main.yml#L11](../3-base-server/tasks/main.yml#L11) for a list of IIAB Apps/Services that auto-enable Apache. + * cups [*, shim not yet in place.] * elgg * lokole * moodle @@ -45,6 +46,7 @@ * minetest [*] * openvpn * pbx [*] + * phpmyadmin [*, requires Apache for now, as in Section 3.] * transmission [*] -[*] The 4 above starred roles could use improvement, as of 2020-04-29. +[*] The 6 above starred roles could use improvement, as of 2020-05-21. diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index beebc2da5..61f1d312d 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -1,7 +1,9 @@ -- name: Ensure that Apache (({{ apache_service }})) is not running -- we may need port swap +- name: Ensure that Apache ({{ apache_service }}) is not running -- we may need port swap systemd: name: "{{ apache_service }}" # apache2 or httpd, per /opt/iiab/iiab/vars/.yml state: stopped + ignore_errors: yes + # 'when: apache_installed is defined' insuff b/c mysql's php installs apache2 - name: Install /etc/{{ apache_service }}/ports.conf from template 1 of 2 (ports.conf.j2) if nginx_enabled, to enable Apache port {{ apache_port }} localhost only template: @@ -15,13 +17,13 @@ dest: "/etc/{{ apache_service }}/ports.conf" when: not nginx_enabled -- name: Enable & Restart '{{ apache_service }}' if apache_enabled or not nginx_enabled, since we stopped it +- name: Enable & Restart '{{ apache_service }}' if Apache is installed and enabled, since we stopped it systemd: name: "{{ apache_service }}" # apache2 or httpd, per /opt/iiab/iiab/vars/.yml daemon_reload: yes state: restarted enabled: true - when: apache_enabled or not nginx_enabled + when: apache_installed is defined and apache_enabled # or not nginx_enabled - name: Enable & (Re)Start 'nginx' systemd service, if nginx_enabled diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 25b0ce120..359e1bdd8 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -1,18 +1,9 @@ -# This stanza can likely be removed later in 2020: -- name: 'Remove legacy files if present: /etc/systemd/system/uwsgi.service, {{ nginx_conf_dir }}/usb-lib.conf, {{ nginx_conf_dir }}/modules.conf' - file: - path: "{{ item.path }}" - state: absent - with_items: - - { path: "/etc/systemd/system/uwsgi.service" } - - { path: "{{ nginx_conf_dir }}/usb-lib.conf" } - - { path: "{{ nginx_conf_dir }}/modules.conf" } - - name: Stop '{{ apache_service }}' systemd service systemd: name: "{{ apache_service }}" # apache2 or httpd, per /opt/iiab/iiab/vars/.yml state: stopped ignore_errors: yes + # 'when: apache_installed is defined' insuff b/c mysql's php installs apache2 - name: Install required and helper packages for NGINX package: diff --git a/roles/nodered/tasks/install.yml b/roles/nodered/tasks/install.yml index 6953ae0a0..8ea03a52b 100644 --- a/roles/nodered/tasks/install.yml +++ b/roles/nodered/tasks/install.yml @@ -1,3 +1,13 @@ +- name: "Set 'apache_install: True' and 'apache_enabled: True'" + set_fact: + apache_install: True + apache_enabled: True + +- name: APACHE - run 'httpd' role + include_role: + name: httpd + + # 2019-01-16: @jvonau's PR #1403 moved installation of Node.js (8.x for now) & # npm to roles/nodejs/tasks/main.yml diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index bfc8587d7..e5911c92c 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,3 +1,13 @@ +- name: "Set 'apache_install: True' and 'apache_enabled: True'" + set_fact: + apache_install: True + apache_enabled: True + +- name: APACHE - run 'httpd' role + include_role: + name: httpd + + - name: Download {{ iiab_download_url }}/{{ phpmyadmin_name_zip }} to {{ downloads_dir }} get_url: url: "{{ iiab_download_url }}/{{ phpmyadmin_name_zip }}" @@ -49,7 +59,7 @@ template: src: phpmyadmin.j2 dest: "/etc/{{ apache_conf_dir }}/phpmyadmin.conf" - when: apache_install | bool + when: apache_installed is defined # RECORD phpMyAdmin AS INSTALLED @@ -67,11 +77,11 @@ - name: Enable phpMyAdmin via Apache, if phpmyadmin_enabled command: a2ensite phpmyadmin.conf - when: apache_install and phpmyadmin_enabled + when: apache_installed is defined and phpmyadmin_enabled - name: Disable phpMyAdmin via Apache, if not phpmyadmin_enabled command: a2dissite phpmyadmin.conf - when: apache_install and not phpmyadmin_enabled + when: apache_installed is defined and not phpmyadmin_enabled - name: Add 'phpmyadmin' variable values to {{ iiab_ini_file }} diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index 3645f1507..6a10b494a 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -148,18 +148,16 @@ # 5. CONFIG FILES -- name: "Install from templates: /etc/systemd/system/sugarizer.service, /etc/apache2/sites-available/sugarizer.conf" +- name: "Install from template: /etc/systemd/system/sugarizer.service" template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - # owner: root - # group: root - # mode: '0644' - with_items: - - { src: 'sugarizer.service', dest: '/etc/systemd/system/sugarizer.service' } - - { src: 'sugarizer.conf.j2', dest: "/etc/{{ apache_conf_dir }}/sugarizer.conf" } - #- { src: 'sugarizer.ini.j2', dest: '{{ iiab_base }}/sugarizer-server/env/sugarizer.ini' } - #- { src: 'sugarizer.js', dest: '{{ iiab_base }}/sugarizer-server' } + src: sugarizer.service + dest: /etc/systemd/system + +- name: "Install from template: /etc/{{ apache_conf_dir }}/sugarizer.conf" + template: + src: sugarizer.conf.j2 + dest: "/etc/{{ apache_conf_dir }}/sugarizer.conf" # apache2/sites-available + when: apache_installed is defined # 3 [WAS 4] STANZAS ADDED BELOW JAN/FEB 2019, HOPING THIS MIGHT "JUST WORK" # WITH FUTURE UPGRADES BEYOND SUGARIZER 1.1?! diff --git a/roles/usb_lib/tasks/apache.yml b/roles/usb_lib/tasks/apache.yml new file mode 100644 index 000000000..d847184f8 --- /dev/null +++ b/roles/usb_lib/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box/usb via Apache + command: a2ensite content_dir.conf + when: usb_lib_enabled | bool + +- name: Disable http://box/usb via Apache + command: a2dissite content_dir.conf + when: not usb_lib_enabled + +- name: (Re)Start '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 03eb685c6..afc33b53b 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -28,7 +28,7 @@ template: src: content_dir.conf dest: "/etc/{{ apache_conf_dir }}" # apache2/sites-available on debuntu - when: apache_install + when: apache_installed is defined # RECORD 'USB_LIB' AS INSTALLED diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index eeea1ca48..6567de348 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -30,7 +30,13 @@ when: usb_lib_installed is undefined -- include_tasks: enable-or-disable.yml +- name: Enable/Disable/Restart Apache if primary + include_tasks: apache.yml + when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool - name: Put variable in iiab.env that enables display of content at root of USB diff --git a/roles/usb_lib/tasks/enable-or-disable.yml b/roles/usb_lib/tasks/nginx.yml similarity index 74% rename from roles/usb_lib/tasks/enable-or-disable.yml rename to roles/usb_lib/tasks/nginx.yml index 4800956cd..c9152b68b 100644 --- a/roles/usb_lib/tasks/enable-or-disable.yml +++ b/roles/usb_lib/tasks/nginx.yml @@ -28,10 +28,7 @@ state: absent when: not usb_lib_enabled -- name: Enable http://box/usb via Apache, if usb_lib_enabled - command: a2ensite content_dir.conf - when: apache_install and usb_lib_enabled - -- name: Disable http://box/usb via Apache, if not usb_lib_enabled - command: a2dissite content_dir.conf - when: apache_install and not usb_lib_enabled +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index e3f9bf2af..6fdd06fda 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -89,7 +89,7 @@ template: src: wordpress.conf.j2 dest: "/etc/{{ apache_conf_dir }}/wordpress.conf" - when: apache_enabled | bool + when: apache_installed is defined # RECORD WordPress AS INSTALLED diff --git a/roles/www_base/tasks/main.yml b/roles/www_base/tasks/main.yml index 68930417c..4ee7dd2a7 100644 --- a/roles/www_base/tasks/main.yml +++ b/roles/www_base/tasks/main.yml @@ -1,7 +1,5 @@ # Role "www_base" runs here, probably in 3-BASE-SERVER. # Role "www_options" runs later, likely in 4-SERVER-OPTIONS. -# -# (Don't take either name too literally!) - name: Using html.yml include_tasks: html.yml @@ -15,7 +13,6 @@ path: "{{ doc_root }}/home" # /library/www/html owner: "{{ apache_user }}" group: "{{ apache_user }}" - # mode: '0755' - name: Create dir {{ doc_root }}/info for http://box/info offline docs file: @@ -23,7 +20,6 @@ path: "{{ doc_root }}/info" # /library/www/html owner: "{{ apache_user }}" group: "{{ apache_user }}" - # mode: '0755' - name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (Script can be run manually and/or at the end of Stage 4 = roles/4-server-options/tasks/main.yml) template: diff --git a/roles/www_options/tasks/main.yml b/roles/www_options/tasks/main.yml index 675ace98f..b33b5c92b 100644 --- a/roles/www_options/tasks/main.yml +++ b/roles/www_options/tasks/main.yml @@ -1,7 +1,5 @@ # Role "www_base" runs earlier, likely in 3-BASE-SERVER. # Role "www_options" runs here, probably in 4-SERVER-OPTIONS. -# -# (Don't take either name too literally!) # HOMEPAGE @@ -17,12 +15,13 @@ # Used to be run by httpd/tasks/install.yml - name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) if apache_install" include_tasks: roles/httpd/tasks/homepage.yml - when: apache_install | bool + when: apache_installed is defined # Used to be run by nginx/tasks/install.yml - name: Enable IIAB pages via NGINX (e.g. on port 80) if nginx_install include_tasks: roles/nginx/tasks/homepage.yml - when: nginx_install | bool + when: nginx_installed is defined + #when: nginx_install | bool - debug: msg: 'THE 3 ANSIBLE STANZAS BELOW ONLY RUN... when: (nginx_high_php_limits or moodle_install or nextcloud_install or pbx_install or wordpress_install) and nginx_enabled' @@ -102,11 +101,11 @@ when: internet_available and not nodocs -- name: (Re)Start '{{ apache_service }}' systemd service, if apache_enabled +- name: (Re)Start '{{ apache_service }}' systemd service, if installed & enabled systemd: name: "{{ apache_service }}" # apache2 on debuntu state: restarted - when: apache_enabled | bool + when: apache_installed is defined and apache_enabled - name: (Re)Start 'nginx' systemd service, if nginx_enabled systemd: diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 6686971e2..e5ad0bc0f 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -223,19 +223,15 @@ pi_swap_file_size: 1024 # 2-COMMON -# Auto-enabled in roles/2-common/tasks/packages.yml as set in -# 0-init/defaults/main.yml AND 0-init/tasks/main.yml : -exFAT_enabled: True - # /usr/libexec/iiab-startup.sh is much like autoexec.bat & /etc/rc.local # It's put in place by 2-common/tasks/iiab-startup.yml at the end of Stage 2. # 3-BASE-SERVER -# 2020-01-22: Both vars unused. SEE ABOVE js_menu_install. -admin_console_install: True -admin_console_enabled: True +# 2020-01-22: See also js_menu_install (above). +admin_console_install: True # For now in roles/9-local-addons/tasks/main.yml +admin_console_enabled: True # Not in active use as of 2020-05-21 # MySQL MANDATORY - THESE 2 VARS HAVE NO EFFECT - SEE roles/0-init/tasks/main.yml & roles/mysql/tasks/main.yml mysql_install: True @@ -259,16 +255,22 @@ nginx_high_php_limits: False # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L67 # ...ARE SUITABLE FOR YOUR HARDWARE, for: /etc/php//fpm/php.ini +# Make this False to disable http://box/common/services/power_off.php button: +apache_allow_sudo: True + # See also Apache vars {default_language, language_priority} @ top of this file +# +# 2020-05-21: apache_install is completely ignored as Apache is installed on +# demand as a dependency -- by CUPS, Elgg, Lokole, Moodle and/or Node-RED -- +# but for now we set fake value 'apache_install: True' so that +# 'apache_installed is defined' input validation works, e.g. in +# 0-init/tasks/validate_vars.yml apache_install: True apache_enabled: False # # NGINX proxies to Apache for legacy IIAB services, using: apache_port: 8090 apache_interface: 127.0.0.1 # 2020-01-13: Var unused -# -# Make this False to disable http://box/common/services/power_off.php button: -apache_allow_sudo: True # 4-SERVER-OPTIONS diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index f03702059..e39639121 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -138,9 +138,6 @@ pi_swap_file_size: 1024 # 2-COMMON -# exFAT_enabled: True is auto-enabled in roles/2-common/tasks/packages.yml -# as set in 0-init/defaults/main.yml AND 0-init/tasks/main.yml - # /usr/libexec/iiab-startup.sh is much like autoexec.bat & /etc/rc.local # It's put in place by 2-common/tasks/iiab-startup.yml at the end of Stage 2. diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 5a3bb51c0..69202f6b1 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -138,9 +138,6 @@ pi_swap_file_size: 1024 # 2-COMMON -# exFAT_enabled: True is auto-enabled in roles/2-common/tasks/packages.yml -# as set in 0-init/defaults/main.yml AND 0-init/tasks/main.yml - # /usr/libexec/iiab-startup.sh is much like autoexec.bat & /etc/rc.local # It's put in place by 2-common/tasks/iiab-startup.yml at the end of Stage 2. diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index bb6f8ddcc..dd3e57de1 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -138,9 +138,6 @@ pi_swap_file_size: 1024 # 2-COMMON -# exFAT_enabled: True is auto-enabled in roles/2-common/tasks/packages.yml -# as set in 0-init/defaults/main.yml AND 0-init/tasks/main.yml - # /usr/libexec/iiab-startup.sh is much like autoexec.bat & /etc/rc.local # It's put in place by 2-common/tasks/iiab-startup.yml at the end of Stage 2.