From 80cbdbae51d58ba06c807da16686dacc060a835e Mon Sep 17 00:00:00 2001 From: Tim Moody Date: Sun, 1 Oct 2017 16:41:32 -0400 Subject: [PATCH 001/466] fix elgg: reorder so dbuser can be created --- roles/elgg/tasks/main.yml | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index ed703b722..00865ffcf 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -1,7 +1,10 @@ +# Assume we only get here if elgg_install: True +# Assume mysql is running + - name: download current version from our copy shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }} creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip - when: internet_available + when: internet_available - name: Determine if software is already expanded stat: path=/opt/elgg-{{ elgg_version }}/index.php @@ -11,7 +14,7 @@ # unarchive: dest=/opt/ # src={{ downloads_dir }}/elgg-{{ elgg_version }}.zip -- name: Expand it to our location +- name: Expand it to our location unless already done shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt" when: elgg.stat.exists is defined and not elgg.stat.exists @@ -25,6 +28,7 @@ # use template to fix up settings in engine/settings.php with our variables substituted # into engine/settings.example.php +# note this will overwrite any manual settings - name: Substitute our parameters in engine/settings.example.php template: src="settings.php.j2" dest="/opt/{{ elgg_xx }}/elgg-config/settings.php" @@ -60,39 +64,36 @@ recurse=yes state=directory -# elggdb.sql obtained with mysqldump --skip-add-drop-table elggdb > elggdb.sql -# tar up a mysqldump of freshly installed database and use it in the install to avoid the startup -# form, which worries me a lot. (/var/lib/mysql/elggdb) +- name: Create a mysql database for elgg - can be run more than once + mysql_db: name={{ dbname }} + register: create_elgg_database -- name: Create a user to access the elgg database - mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv=*.*:ALL +- name: Create a user to access the elgg database - can be run more than once + mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL with_items: - 127.0.0.1 - ::1 - localhost - when: mysql_enabled and elgg_enabled and not elgg.stat.exists - name: Create file to load database template: src=elggdb.sql.j2 dest=/tmp/elggdb.sql -- name: Create a mysql database for elgg - mysql_db: name={{ dbname }} - when: mysql_enabled and elgg_enabled - register: create_elgg_database +# elggdb.sql obtained with mysqldump --skip-add-drop-table elggdb > elggdb.sql +# tar up a mysqldump of freshly installed database and use it in the install to avoid the startup +# form, which worries me a lot. (/var/lib/mysql/elggdb) - name: Load elgg database dump mysql_db: name={{ dbname }} state=import target=/tmp/elggdb.sql - when: mysql_enabled and elgg_enabled and create_elgg_database.changed + when: create_elgg_database.changed - name: Remove database dump after load file: name=/tmp/elggdb.sql state=absent - name: Install config file for elgg in Apache template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf - when: mysql_enabled and elgg_enabled - name: enable elgg file: path=/etc/apache2/sites-enabled/elgg.conf From 21aa6490f948a0bbae22e5c169fbb3dccb03139c Mon Sep 17 00:00:00 2001 From: Tim Moody Date: Sun, 1 Oct 2017 18:32:44 -0400 Subject: [PATCH 002/466] add Jerry's fix for disabling on Redhat --- roles/elgg/tasks/main.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index 00865ffcf..f78dba717 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -95,17 +95,22 @@ - name: Install config file for elgg in Apache template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf -- name: enable elgg +- name: Enable elgg for debuntu (will already be enabled above for Redhat) file: path=/etc/apache2/sites-enabled/elgg.conf src=/etc/apache2/sites-available/elgg.conf state=link when: elgg_enabled and is_debuntu -- name: disable elgg +- name: Disable elgg for debuntu file: path=/etc/apache2/sites-enabled/elgg.conf state=absent when: not elgg_enabled and is_debuntu +- name: Disable elgg for Redhat - remove config file for elgg in Apache + file: dest=/etc/{{ apache_config_dir }}/elgg.conf + state=absent + when: not elgg_enabled and is_redhat + - name: add elgg to service list ini_file: dest='{{ service_filelist }}' section=elgg From 159e3280abc62043ba009a1703f5536ba7b5133c Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 1 Oct 2017 18:48:50 -0400 Subject: [PATCH 003/466] typo Provisioally -> Provisionally --- roles/mysql/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 60f9d044a..65d963fff 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -99,7 +99,7 @@ when: mysql_enabled # we had to start mysql in order to configure it, now turn if off if not enabled - - name: Provisioally Disable the MySQL service + - name: Provisionally Disable the MySQL service service: name={{ mysql_service }} enabled=no state=stopped From 6cf1bcd9807f1b4635e18404c614cb97c30ba57b Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 1 Oct 2017 21:43:25 -0400 Subject: [PATCH 004/466] typo currupted -> corrupted --- roles/network/tasks/rpi_debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index c019d8c93..49cfc20ae 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -27,7 +27,7 @@ gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined -- name: Rewrite the /etc/network/interfaces file which we currupted +- name: Rewrite the /etc/network/interfaces file which we corrupted template: dest=/etc/network/interfaces src=network/interfaces.j2 From 1bd007e02d943a0ae40f867ddfc1bb987ff3e2c2 Mon Sep 17 00:00:00 2001 From: Arky Date: Sun, 1 Oct 2017 17:48:56 +0700 Subject: [PATCH 005/466] Fixing broken symlink Perhaps xsce-admin is renamed to iiab-admin-console. Fixing bug #348 by removing symlink. --- roles/httpd/templates/iiab-console.conf.j2 | 1 - 1 file changed, 1 deletion(-) delete mode 120000 roles/httpd/templates/iiab-console.conf.j2 diff --git a/roles/httpd/templates/iiab-console.conf.j2 b/roles/httpd/templates/iiab-console.conf.j2 deleted file mode 120000 index 0148dab1d..000000000 --- a/roles/httpd/templates/iiab-console.conf.j2 +++ /dev/null @@ -1 +0,0 @@ -/opt/schoolserver/xsce/roles/xsce-admin/templates/console/xs-console.conf.j2 \ No newline at end of file From d29fa6733673ac68ed2f76ba45f7dcfdc147510d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 2 Oct 2017 10:15:09 -0500 Subject: [PATCH 006/466] disable systemd sugarizer.service --- roles/sugarizer/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 994769512..d2c4eb596 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -46,7 +46,7 @@ group=root mode=0644 with_items: - - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'} +# - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'} - { src: 'sugarizer.ini' , dest: '{{ sugarizer_location }}/sugarizer/server' } # - { src: 'sugarizer.conf' , dest: '/etc/apache2/sites-available' } @@ -68,13 +68,13 @@ chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 -- name: enable services - service: name={{ item.name }} - enabled=yes - state=restarted - with_items: - - { name: sugarizer } - when: sugarizer_enabled +#- name: enable services +# service: name={{ item.name }} +# enabled=yes +# state=restarted +# with_items: +# - { name: sugarizer } +# when: sugarizer_enabled - name: disable services From c15f3caca3d17668ae112482208cfbb91f118fb7 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 2 Oct 2017 11:34:48 -0500 Subject: [PATCH 007/466] disable systemd sugarizer.service2 --- roles/sugarizer/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index d2c4eb596..e538bd14c 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -77,13 +77,13 @@ # when: sugarizer_enabled -- name: disable services - service: name={{ item.name }} - enabled=no - state=stopped - with_items: - - { name: sugarizer } - when: not sugarizer_enabled +#- name: disable services +# service: name={{ item.name }} +# enabled=no +# state=stopped +# with_items: +# - { name: sugarizer } +# when: not sugarizer_enabled - name: add sugarizer to service list ini_file: dest='{{ service_filelist }}' From 507bfa19385d0cd8147f5bbc8b3c1bdf0c31843c Mon Sep 17 00:00:00 2001 From: George Hunt Date: Mon, 2 Oct 2017 09:37:58 -0700 Subject: [PATCH 008/466] test revert --- iiab.yml | 1 + roles/9-local-addons/tasks/main.yml | 2 -- runansible | 10 +++++++--- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/iiab.yml b/iiab.yml index 8a2df7715..6be4ebaac 100644 --- a/iiab.yml +++ b/iiab.yml @@ -6,6 +6,7 @@ - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver}}.yml - vars/local_vars.yml + - /etc/iiab/config_vars.yml roles: - { role: 1-prep, tags: ['prep','platform','base'] } diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 62d761ab3..ce546dfe9 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,5 +1,3 @@ - name: Addon services installed command: echo Addon services installed -- name: Installation Complete - shell: echo "{}" > /etc/iiab/config_vars.yml diff --git a/runansible b/runansible index 74c7013d0..500bc9c10 100755 --- a/runansible +++ b/runansible @@ -1,6 +1,11 @@ -#!/bin/bash -e -# ./scripts/ansible +#!/bin/bash + # copy var files to /etc/iiab for subsequent use +mkdir -p /etc/iiab +if [ ! -f /etc/iiab/config_vars.yml ]; then + echo "{}" > /etc/iiab/config_vars.yml +fi + # if vars/local_vars.yml is missing, put a default one in place if [ ! -f ./vars/local_vars.yml ]; then OS=`grep ^ID= /etc/*release|cut -d= -f2` @@ -73,4 +78,3 @@ export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log" ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local -#ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --syntax-check From 74244b6de451d850a838556503fdfdebc7c23acf Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 2 Oct 2017 12:59:10 -0400 Subject: [PATCH 009/466] -e restored --- runansible | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/runansible b/runansible index 500bc9c10..a775cac79 100755 --- a/runansible +++ b/runansible @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/bash -e # copy var files to /etc/iiab for subsequent use mkdir -p /etc/iiab From 7fd475b0e502f468f69cb2a9a34ed1d7234c8322 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 2 Oct 2017 12:59:37 -0500 Subject: [PATCH 010/466] use iiab.env for first_run test --- roles/1-prep/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index e5507797f..b4eae678d 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,5 +1,5 @@ - name: Determine if runansible was run - stat: path=/etc/iiab/config_vars.yml + stat: path=/etc/iiab/iiab.env register: NewInstall - name: Setting first run flag From f669a52e27f5b773f8bbc7bb388d9ffc448ee749 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 2 Oct 2017 21:39:45 -0400 Subject: [PATCH 011/466] Update medium.localvars --- vars/medium.localvars | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 327f8b500..79f232c74 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -31,8 +31,8 @@ services_externally_visible: True # Make this True if client machines should have access to WAN/Internet: iiab_gateway_enabled: False -# Make this True if you want http://box/common/services/power_off.php to work: -allow_apache_sudo: False +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True # 3-BASE @@ -68,7 +68,7 @@ phpmyadmin_enabled: False # 5-XO-SERVICES -# Legacy XO services have been removed but are recoverable. Please contact +# Lesser-supported XO services need additional testing. Please contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. # authserver_install: False @@ -102,7 +102,7 @@ wordpress_install: True wordpress_enabled: True elgg_install: True -elgg_enabled: False +elgg_enabled: True dokuwiki_install: False dokuwiki_enabled: False @@ -123,6 +123,9 @@ kalite_cron_enabled: True # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 sugarizer_install: True sugarizer_enabled: True +# sugarizer_enabled is currently IGNORED as basic Sugarizer works w/o Journal! +# https://github.com/iiab/iiab/issues/193 Subsequent "./runtags sugarizer" fail +# https://github.com/iiab/iiab/issues/240 Sugarizer 0.8 to 0.9 ongoing issues calibre_install: True calibre_enabled: True From 441d21c683e58e0d5dcba8b5afe1233daf51bf8f Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 2 Oct 2017 22:31:25 -0400 Subject: [PATCH 012/466] restore 5-xo-services --- iiab.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab.yml b/iiab.yml index 6be4ebaac..2bdf6ef1d 100644 --- a/iiab.yml +++ b/iiab.yml @@ -13,7 +13,7 @@ - { role: 2-common, tags: ['common','base'] } - { role: 3-base-server, tags: ['base'] } - { role: 4-server-options, tags: ['options'] } -# - { role: 5-xo-services, tags: ['xo-services'] } + - { role: 5-xo-services, tags: ['xo-services'] } - { role: 6-generic-apps, tags: ['generic-apps'] } - { role: 7-edu-apps, tags: ['edu-apps'] } - { role: 8-mgmt-tools, tags: ['tools'] } From b1d8b7e4860a7919b5947dc67e7c51a7e81e369f Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 3 Oct 2017 01:33:35 -0400 Subject: [PATCH 013/466] comment out 5-xo-services (too damn slow) --- iiab.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab.yml b/iiab.yml index 2bdf6ef1d..6be4ebaac 100644 --- a/iiab.yml +++ b/iiab.yml @@ -13,7 +13,7 @@ - { role: 2-common, tags: ['common','base'] } - { role: 3-base-server, tags: ['base'] } - { role: 4-server-options, tags: ['options'] } - - { role: 5-xo-services, tags: ['xo-services'] } +# - { role: 5-xo-services, tags: ['xo-services'] } - { role: 6-generic-apps, tags: ['generic-apps'] } - { role: 7-edu-apps, tags: ['edu-apps'] } - { role: 8-mgmt-tools, tags: ['tools'] } From 40a58925071083ad2ab6cfc91b7fe396b899ccf9 Mon Sep 17 00:00:00 2001 From: Arky Date: Tue, 3 Oct 2017 23:21:49 +0700 Subject: [PATCH 014/466] Disable pip caching for ka_lite_static Patch for downloading ka_lite_static failure. Fixes #372 --- roles/kalite/tasks/install.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 43ea1141b..af064b584 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -8,22 +8,24 @@ - name: Grab the requirements file get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt - when: internet_available + when: internet_available - name: Install ka-lite dependencies with pip pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no + extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available + when: internet_available - name: Install ka-lite with pip pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} virtualenv_site_packages=no + extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available + when: internet_available - name: Default is to have cronserve started with kalite set_fact: From a3d86e78cb10c092d434ec87a748d137951fad0a Mon Sep 17 00:00:00 2001 From: George Hunt Date: Tue, 3 Oct 2017 19:06:35 -0700 Subject: [PATCH 015/466] let testing occur on a fedora VM --- runansible | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/runansible b/runansible index a775cac79..2a6ea4954 100755 --- a/runansible +++ b/runansible @@ -12,7 +12,7 @@ if [ ! -f ./vars/local_vars.yml ]; then OS=${OS//\"/} case $OS in - OLPC) + OLPC | fedora) cp ./vars/olpc.localvars ./vars/local_vars.yml ;; centos | debian | ubuntu | raspbian) From 59eff1eac11f9feb5aef45acc23d1a5dd7f265b4 Mon Sep 17 00:00:00 2001 From: Arky Date: Thu, 5 Oct 2017 17:25:54 +0700 Subject: [PATCH 016/466] Updated README Created a informative readme file from exisiting content using this template: https://gist.github.com/PurpleBooth/109311bb0361f32d87a2 --- README.md | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 895c73200..003d8309f 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,22 @@ -# iiab -Internet in a Box - NEW VERSION orig from http://github.com/iiab +# Internet-in-a-Box (IIAB) + +Welcome to the Git repository of the Internet-in-a-Box (IIAB) project. This is a community-based project developed and supported by volunteers from around the world. The Internet-in-a-Box(IIAB) is small, inexpensive device which provides essential Internet resources without any Internet connection. It provides a local content server of the world’s Free information. + +The older version of this repository is at [github.com/xsce](http://github.com/xsce) . We are using [Ansible](https://www.ansible.com) as the underlying technology to install, deploy, configure and manage the various software components. + + +## Installation + +Please read [Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) wiki page for details about installation of Internet-in-a-Box (IIAB). + +## Built With + +* [Ansible](http://www.ansible.com) - Ansible + +## Contributing + +Please read [Contributors Guide](https://github.com/iiab/iiab/wiki/IIAB-Contributors-Guide) learn more about contributing to Internet-in-a-Box (IIAB) repository. + +## Versioning + +You can track the latest Internet-in-a-Box (IIAB)[releases here](https://github.com/iiab/iiab/releases). From c7c1134c3c6131dcd5bf2e647417fe57af9c5e0b Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 5 Oct 2017 10:04:33 -0400 Subject: [PATCH 017/466] typos, grammar & basic editorial suggestions --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 003d8309f..3de62a82f 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,22 @@ # Internet-in-a-Box (IIAB) -Welcome to the Git repository of the Internet-in-a-Box (IIAB) project. This is a community-based project developed and supported by volunteers from around the world. The Internet-in-a-Box(IIAB) is small, inexpensive device which provides essential Internet resources without any Internet connection. It provides a local content server of the world’s Free information. +Welcome to the Git repository of the Internet-in-a-Box (IIAB) project. This is a community-based project developed and supported by volunteers from around the world. The Internet-in-a-Box (IIAB) is small, inexpensive device which provides essential Internet resources (like Wikipedia, OpenStreetMap, Khan Academy and others) without any Internet connection. It provides a local content server of the world’s Free Knowledge. -The older version of this repository is at [github.com/xsce](http://github.com/xsce) . We are using [Ansible](https://www.ansible.com) as the underlying technology to install, deploy, configure and manage the various software components. +The older version of this repository is at [github.com/xsce](http://github.com/xsce). We are using [Ansible](https://www.ansible.com) as the underlying technology to install, deploy, configure and manage the various software components. ## Installation -Please read [Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) wiki page for details about installation of Internet-in-a-Box (IIAB). +Please read the [Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) wiki page for details about installation of Internet-in-a-Box (IIAB). ## Built With -* [Ansible](http://www.ansible.com) - Ansible +* [Ansible](http://www.ansible.com) ## Contributing -Please read [Contributors Guide](https://github.com/iiab/iiab/wiki/IIAB-Contributors-Guide) learn more about contributing to Internet-in-a-Box (IIAB) repository. +Please read our [Contributors Guide](https://github.com/iiab/iiab/wiki/IIAB-Contributors-Guide) to learn more about contributing to Internet-in-a-Box (IIAB) repository. ## Versioning -You can track the latest Internet-in-a-Box (IIAB)[releases here](https://github.com/iiab/iiab/releases). +You can track the latest Internet-in-a-Box (IIAB) [releases here](https://github.com/iiab/iiab/releases). From 16cf3fd136782d8f541894ab67cd4cd3a6b3b619 Mon Sep 17 00:00:00 2001 From: Arky Date: Tue, 10 Oct 2017 13:03:19 +0700 Subject: [PATCH 018/466] IIAB Travis CI Testing Implementation #386 This pull request is complete implementation of IIAB Travis CI Testing for synatx errors, code linting and code review. Adds: Top level .travis.yml file. Add 'tests' directory with a 'inventory' and 'tests.yml' files. Modifies: roles/moodle/tasks/main.yml to fix ansible-lint parsing problem. Modifies: README.md to add Build status button This is Git squash of many commits. Please look at individual commit message for the content changes. Creating an initial travis testing based on Jeff geerlings testing ansible methodology https://www.jeffgeerling.com/blog/testing-ansible-roles-travis-ci-github Adding Ansible-lint, Ansible-review tests to travis Aded ansible-review for full repo and diff master Removing ansible-lint install step, it automatically installed by ansible-review Ansible-review only .yml files in root and roles, vars, tests folders Updated comments Corrected ansible-lint parameters Removed extranous tab that breaks ansible-lint Removed a tab character that causes problems with ansible-lint See https://github.com/willthames/ansible-lint/issues/166 Fixing Travis Ansible Syntax tests roles path The ansible roles path had problems due: 1. Absense of top level global role 'iiab' 2. Hardcoded paths '/etc/iiab' in ansible.cfg Fixing them in a hacky way. :( Adding Travis Build status to Readme file --- .travis.yml | 42 +++++++++++++++++++++++++ README.md | 2 +- roles/moodle/tasks/main.yml | 2 +- tests/inventory | 1 + tests/test.yml | 61 +++++++++++++++++++++++++++++++++++++ 5 files changed, 106 insertions(+), 2 deletions(-) create mode 100644 .travis.yml create mode 100644 tests/inventory create mode 100644 tests/test.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 000000000..fa673617d --- /dev/null +++ b/.travis.yml @@ -0,0 +1,42 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible, ansible-lint and ansible-review + - pip install ansible + - pip install ansible-review + + # Check ansible, version + - ansible --version + - ansible-lint --version + - ansible-review --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Continuous integration: syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check -vvv + + # Continous integration: ansible-list + - ansible-lint -p *yml + + # Continous integration: ansible code review + - git ls-files *yml roles/ vars/ tests/ | xargs ansible-review + + # Continouse integration: ansible code review of changes between master and current branch + - git diff master | ansible-review + + +#notifications: +# webhooks: diff --git a/README.md b/README.md index 3de62a82f..3b3a839ca 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Internet-in-a-Box (IIAB) +# Internet-in-a-Box (IIAB) [![Build Status](https://travis-ci.org/iiab/iiab/iiab.svg?branch=master)](https://travis-ci.org/iiab/iiab) Welcome to the Git repository of the Internet-in-a-Box (IIAB) project. This is a community-based project developed and supported by volunteers from around the world. The Internet-in-a-Box (IIAB) is small, inexpensive device which provides essential Internet resources (like Wikipedia, OpenStreetMap, Khan Academy and others) without any Internet connection. It provides a local content server of the world’s Free Knowledge. diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index bc1bee9c8..c8cebcf01 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -77,7 +77,7 @@ file: path=/etc/apache2/sites-enabled/022-moodle.conf src=/etc/apache2/sites-available/022-moodle.conf state=link - when: moodle_enabled and is_debuntu + when: moodle_enabled and is_debuntu - name: Disable moodle file: path=/etc/apache2/sites-enabled/022-moodle.conf diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 000000000..2fbb50c4a --- /dev/null +++ b/tests/inventory @@ -0,0 +1 @@ +localhost diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 000000000..b1a6d5521 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,61 @@ +--- +- hosts: localhost + remote_user: root + # TODO: Making a anisble-iiab roles for ansible-galaxy + # roles: + # - iiab + # For now hardcoding all the roles manually with ls -l roles/ | cut -d " " -f 10 + roles: + - ../roles/1-prep + - ../roles/2-common + - ../roles/3-base-server + - ../roles/4-server-options + - ../roles/5-xo-services + - ../roles/6-generic-apps + - ../roles/7-edu-apps + - ../roles/8-mgmt-tools + - ../roles/9-local-addons + - ../roles/activity-server + - ../roles/ajenti + - ../roles/authserver + - ../roles/awstats + - ../roles/calibre + - ../roles/cups + - ../roles/debian_schooltool + - ../roles/docker + - ../roles/dokuwiki + - ../roles/ejabberd + - ../roles/ejabberd_xs + - ../roles/elgg + # Disabling gateway doesn't contain any tasks? + #- ../roles/gateway + - ../roles/httpd + - ../roles/idmgr + - ../roles/iiab-admin + - ../roles/kalite + - ../roles/kiwix + - ../roles/mongodb + - ../roles/monit + - ../roles/moodle + - ../roles/moodle-1.9 + - ../roles/munin + - ../roles/mysql + - ../roles/network + - ../roles/nextcloud + - ../roles/openvpn + - ../roles/osm + - ../roles/owncloud + - ../roles/pathagar + - ../roles/phpmyadmin + - ../roles/postgresql + - ../roles/rachel + - ../roles/samba + - ../roles/schooltool + - ../roles/sshd + - ../roles/sugarizer + - ../roles/sugar-stats + - ../roles/teamviewer + - ../roles/usb-lib + - ../roles/vnstat + - ../roles/wordpress + - ../roles/xovis From 9d2fb217053ecf62d3d0d3f9b5c14dce8334c4f8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 24 Sep 2017 14:33:22 -0500 Subject: [PATCH 019/466] permissions --- roles/network/tasks/enable_services.yml | 6 +++--- roles/network/templates/avahi/portal.service | 0 roles/network/templates/dhcp/dhcpd-env.j2 | 0 roles/network/templates/dhcp/dhcpd.service | 0 roles/network/templates/named/localdomain.zone | 0 roles/network/templates/named/localhost.zone | 0 roles/network/templates/named/named | 0 roles/network/templates/named/named-iiab.conf.j2 | 0 roles/network/templates/named/named.broadcast | 0 roles/network/templates/named/named.ip6.local | 0 roles/network/templates/named/named.j2 | 0 roles/network/templates/named/named.local | 0 roles/network/templates/named/named.rfc1912.zones | 0 roles/network/templates/named/named.root | 0 roles/network/templates/named/named.root.hints | 0 roles/network/templates/named/named.zero | 0 roles/network/templates/named/school.external.zone.db | 0 .../templates/named/school.internal.zone.16.in-addr.db.j2 | 0 .../templates/named/school.internal.zone.32.in-addr.db.j2 | 0 .../templates/named/school.internal.zone.48.in-addr.db.j2 | 0 roles/network/templates/named/school.internal.zone.db | 0 .../templates/named/school.internal.zone.in-addr.db.j2 | 0 roles/network/templates/network/sysconfig.network.j2 | 0 roles/network/templates/squid/iiab-httpcache.j2 | 0 roles/network/templates/squid/squid-iiab.conf.j2 | 0 roles/network/templates/squid/squid.sysconfig | 0 roles/network/templates/wondershaper/wondershaper.j2 | 0 27 files changed, 3 insertions(+), 3 deletions(-) mode change 100755 => 100644 roles/network/templates/avahi/portal.service mode change 100755 => 100644 roles/network/templates/dhcp/dhcpd-env.j2 mode change 100755 => 100644 roles/network/templates/dhcp/dhcpd.service mode change 100755 => 100644 roles/network/templates/named/localdomain.zone mode change 100755 => 100644 roles/network/templates/named/localhost.zone mode change 100755 => 100644 roles/network/templates/named/named mode change 100755 => 100644 roles/network/templates/named/named-iiab.conf.j2 mode change 100755 => 100644 roles/network/templates/named/named.broadcast mode change 100755 => 100644 roles/network/templates/named/named.ip6.local mode change 100755 => 100644 roles/network/templates/named/named.j2 mode change 100755 => 100644 roles/network/templates/named/named.local mode change 100755 => 100644 roles/network/templates/named/named.rfc1912.zones mode change 100755 => 100644 roles/network/templates/named/named.root mode change 100755 => 100644 roles/network/templates/named/named.root.hints mode change 100755 => 100644 roles/network/templates/named/named.zero mode change 100755 => 100644 roles/network/templates/named/school.external.zone.db mode change 100755 => 100644 roles/network/templates/named/school.internal.zone.16.in-addr.db.j2 mode change 100755 => 100644 roles/network/templates/named/school.internal.zone.32.in-addr.db.j2 mode change 100755 => 100644 roles/network/templates/named/school.internal.zone.48.in-addr.db.j2 mode change 100755 => 100644 roles/network/templates/named/school.internal.zone.db mode change 100755 => 100644 roles/network/templates/named/school.internal.zone.in-addr.db.j2 mode change 100755 => 100644 roles/network/templates/network/sysconfig.network.j2 mode change 100755 => 100644 roles/network/templates/squid/iiab-httpcache.j2 mode change 100755 => 100644 roles/network/templates/squid/squid-iiab.conf.j2 mode change 100755 => 100644 roles/network/templates/squid/squid.sysconfig mode change 100755 => 100644 roles/network/templates/wondershaper/wondershaper.j2 diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 500e15de4..18075b6dd 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -16,7 +16,7 @@ group=root mode={{ item.mode }} with_items: - - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0755' } + - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' } when: dhcpd_enabled - name: Copy named file @@ -26,8 +26,8 @@ group=root mode={{ item.mode }} with_items: - - { src: 'named/school.local.zone.db' , dest: '/var/named-iiab/' , mode: '0755' } - - { src: 'named/school.internal.zone.db' , dest: '/var/named-iiab/' , mode: '0755' } + - { src: 'named/school.local.zone.db' , dest: '/var/named-iiab/' , mode: '0644' } + - { src: 'named/school.internal.zone.db' , dest: '/var/named-iiab/' , mode: '0644' } - name: Enable named service service: name={{ dns_service }} diff --git a/roles/network/templates/avahi/portal.service b/roles/network/templates/avahi/portal.service old mode 100755 new mode 100644 diff --git a/roles/network/templates/dhcp/dhcpd-env.j2 b/roles/network/templates/dhcp/dhcpd-env.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/dhcp/dhcpd.service b/roles/network/templates/dhcp/dhcpd.service old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/localdomain.zone b/roles/network/templates/named/localdomain.zone old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/localhost.zone b/roles/network/templates/named/localhost.zone old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named b/roles/network/templates/named/named old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named-iiab.conf.j2 b/roles/network/templates/named/named-iiab.conf.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.broadcast b/roles/network/templates/named/named.broadcast old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.ip6.local b/roles/network/templates/named/named.ip6.local old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.j2 b/roles/network/templates/named/named.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.local b/roles/network/templates/named/named.local old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.rfc1912.zones b/roles/network/templates/named/named.rfc1912.zones old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.root b/roles/network/templates/named/named.root old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.root.hints b/roles/network/templates/named/named.root.hints old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/named.zero b/roles/network/templates/named/named.zero old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/school.external.zone.db b/roles/network/templates/named/school.external.zone.db old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/school.internal.zone.16.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.16.in-addr.db.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/school.internal.zone.32.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.32.in-addr.db.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/school.internal.zone.48.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.48.in-addr.db.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/school.internal.zone.db b/roles/network/templates/named/school.internal.zone.db old mode 100755 new mode 100644 diff --git a/roles/network/templates/named/school.internal.zone.in-addr.db.j2 b/roles/network/templates/named/school.internal.zone.in-addr.db.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/network/sysconfig.network.j2 b/roles/network/templates/network/sysconfig.network.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/squid/iiab-httpcache.j2 b/roles/network/templates/squid/iiab-httpcache.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/squid/squid-iiab.conf.j2 b/roles/network/templates/squid/squid-iiab.conf.j2 old mode 100755 new mode 100644 diff --git a/roles/network/templates/squid/squid.sysconfig b/roles/network/templates/squid/squid.sysconfig old mode 100755 new mode 100644 diff --git a/roles/network/templates/wondershaper/wondershaper.j2 b/roles/network/templates/wondershaper/wondershaper.j2 old mode 100755 new mode 100644 From c9178ee72fb416c4e975f55ead4a524bba259661 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 28 Sep 2017 19:14:54 -0500 Subject: [PATCH 020/466] add home-page as a tag --- roles/httpd/tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 9cd6e108c..e3e91970a 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -147,6 +147,9 @@ - base - include: home-page.yml + tags: + - base + - home-page - name: place the script to generate home pages template: src=refresh-wiki-docs.sh From 658fd199d18cec38a8d03ddf8561b5cfcd7ef697 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 5 Oct 2017 13:15:51 -0500 Subject: [PATCH 021/466] move home-page so admin-console can modify the setting --- roles/4-server-options/meta/main.yml | 1 + .../{httpd/tasks/home-page.yml => home-page/tasks/main.yml} | 2 +- roles/{httpd => home-page}/templates/iiab-home-page.conf | 0 roles/httpd/tasks/main.yml | 5 ----- 4 files changed, 2 insertions(+), 6 deletions(-) rename roles/{httpd/tasks/home-page.yml => home-page/tasks/main.yml} (86%) rename roles/{httpd => home-page}/templates/iiab-home-page.conf (100%) diff --git a/roles/4-server-options/meta/main.yml b/roles/4-server-options/meta/main.yml index 73438a60f..7aec1a69c 100644 --- a/roles/4-server-options/meta/main.yml +++ b/roles/4-server-options/meta/main.yml @@ -1,4 +1,5 @@ dependencies: + - { role: home-page, tags: ['home-page'] } - { role: sshd, tags: ['services','sshd','base'] } - { role: network, tags: ['services','base','network'] } - { role: postgresql, tags: ['services','postgresql','base'], when: postgresql_install } diff --git a/roles/httpd/tasks/home-page.yml b/roles/home-page/tasks/main.yml similarity index 86% rename from roles/httpd/tasks/home-page.yml rename to roles/home-page/tasks/main.yml index 522f97fe2..b5d57c82a 100644 --- a/roles/httpd/tasks/home-page.yml +++ b/roles/home-page/tasks/main.yml @@ -7,7 +7,7 @@ - name: Install admin home page into apache2 template: src=iiab-home-page.conf - dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf + dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf - name: Enable the home page file: src=/etc/{{ apache_config_dir }}/iiab-home-page.conf diff --git a/roles/httpd/templates/iiab-home-page.conf b/roles/home-page/templates/iiab-home-page.conf similarity index 100% rename from roles/httpd/templates/iiab-home-page.conf rename to roles/home-page/templates/iiab-home-page.conf diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index e3e91970a..7f2a2c3cf 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -146,11 +146,6 @@ tags: - base -- include: home-page.yml - tags: - - base - - home-page - - name: place the script to generate home pages template: src=refresh-wiki-docs.sh dest=/usr/bin/iiab-refresh-wiki-docs From bd1320e58b2f63264afb552a3e5a383fe6ffda85 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 6 Oct 2017 13:54:18 -0500 Subject: [PATCH 022/466] ensure network is completed before saying first_run is complete --- roles/1-prep/tasks/prep.yml | 19 ------------------- roles/3-base-server/tasks/main.yml | 10 +++++----- roles/4-server-options/tasks/main.yml | 12 ++++++++++++ 3 files changed, 17 insertions(+), 24 deletions(-) diff --git a/roles/1-prep/tasks/prep.yml b/roles/1-prep/tasks/prep.yml index 989b5bc3c..43fdcbcb0 100644 --- a/roles/1-prep/tasks/prep.yml +++ b/roles/1-prep/tasks/prep.yml @@ -32,25 +32,6 @@ mode=0755 state=directory -# this script can be sourced to get iiab location -- name: Create iiab.env file - template: src=iiab.env.j2 - dest=/etc/iiab/iiab.env - owner=root - group=root - mode=0644 - -- name: put a python interface to iiab.env - template: src=iiab_env.py.j2 - dest=/etc/iiab/iiab_env.py - -- name: create ansible.d facts directory - file: path=/etc/ansible/facts.d - owner=root - group=root - mode=0750 - state=directory - - name: Set XO model set_fact: phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}' diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 1da08a920..8eda7ca48 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -11,8 +11,8 @@ when: not installing # If we got here we're done -- name: Record base gui version - lineinfile: dest=/etc/iiab/iiab.env - regexp='^BASE_VERSION=*' - line='BASE_VERSION="{{ gui_version }}"' - state=present +#- name: Record base gui version +# lineinfile: dest=/etc/iiab/iiab.env +# regexp='^BASE_VERSION=*' +# line='BASE_VERSION="{{ gui_version }}"' +# state=present diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 17c420b41..d08b704fa 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -1,6 +1,18 @@ - name: Server Options Installed command: echo Server Options Installed +# this script can be sourced to get iiab location +- name: Create iiab.env file + template: src=roles/1-prep/templates/iiab.env.j2 + dest=/etc/iiab/iiab.env + owner=root + group=root + mode=0644 + +- name: put a python interface to iiab.env + template: src=roles/1-prep/templates/iiab_env.py.j2 + dest=/etc/iiab/iiab_env.py + - name: Stop postgresql service command: "/etc/init.d/postgresql stop" ignore_errors: True From 1dc1e60079a3ad306b3ff8ea6407f2c985e2e32c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 6 Oct 2017 22:09:35 -0500 Subject: [PATCH 023/466] move doc generation to 4-server-options --- roles/4-server-options/tasks/main.yml | 6 ++++-- roles/httpd/tasks/main.yml | 4 ---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index d08b704fa..5dcbb13c5 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -13,6 +13,10 @@ template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py +- name: generate the offline documents + command: /usr/bin/iiab-refresh-wiki-docs + when: not nodocs + - name: Stop postgresql service command: "/etc/init.d/postgresql stop" ignore_errors: True @@ -34,5 +38,3 @@ service: name=xs-authserver state=restarted when: authserver_enabled - - diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 9cd6e108c..3d7e271c6 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -153,10 +153,6 @@ dest=/usr/bin/iiab-refresh-wiki-docs mode=0755 -- name: generate the offline documents - command: /usr/bin/iiab-refresh-wiki-docs - when: not nodocs - - name: Give apache_user permission for poweroff template: src=020_apache_poweroff.j2 dest=/etc/sudoers.d/020_apache_poweroff From 6060370388d051b96ab6281e3cd73ac523646ad5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 8 Oct 2017 15:13:58 -0500 Subject: [PATCH 024/466] don't exclude ansible from updating for is_redhat --- roles/2-common/tasks/centos.yml | 16 ++++++++-------- roles/2-common/tasks/fedora.yml | 14 +++++++------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/roles/2-common/tasks/centos.yml b/roles/2-common/tasks/centos.yml index 6a000ba63..70b653742 100644 --- a/roles/2-common/tasks/centos.yml +++ b/roles/2-common/tasks/centos.yml @@ -19,11 +19,11 @@ - iiab-centos.repo - li.nux.ro.repo -- name: Disable updating ansible on CentOS - shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }} - with_items: - - /etc/yum.repos.d/CentOS-Base.repo - - /etc/yum.repos.d/CentOS-CR.repo - - /etc/yum.repos.d/CentOS-fasttrack.repo - - /etc/yum.repos.d/CentOS-Vault.repo - when: ansible_distribution == "CentOS" +#- name: Disable updating ansible on CentOS +# shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }} +# with_items: +# - /etc/yum.repos.d/CentOS-Base.repo +# - /etc/yum.repos.d/CentOS-CR.repo +# - /etc/yum.repos.d/CentOS-fasttrack.repo +# - /etc/yum.repos.d/CentOS-Vault.repo +# when: ansible_distribution == "CentOS" diff --git a/roles/2-common/tasks/fedora.yml b/roles/2-common/tasks/fedora.yml index abb864a78..2060c19ff 100644 --- a/roles/2-common/tasks/fedora.yml +++ b/roles/2-common/tasks/fedora.yml @@ -14,10 +14,10 @@ shell: yum --enablerepo=rpmfusion-free-updates install exfat-utils fuse-exfat when: exFAT_enabled == "True" -- name: Disable updating ansible on Fedora - shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }} - with_items: - - /etc/yum.repos.d/fedora.repo - - /etc/yum.repos.d/fedora-updates.repo - - /etc/yum.repos.d/fedora-updates-testing.repo - when: ansible_distribution == "Fedora" +#- name: Disable updating ansible on Fedora +# shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }} +# with_items: +# - /etc/yum.repos.d/fedora.repo +# - /etc/yum.repos.d/fedora-updates.repo +# - /etc/yum.repos.d/fedora-updates-testing.repo +# when: ansible_distribution == "Fedora" From dde8cdbc4462c319b52c9693ddf68059c5044bda Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 10 Oct 2017 23:35:17 -0400 Subject: [PATCH 025/466] adding xo_services_install: False --- vars/default_vars.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index b89b08b41..e5d1d9a3e 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -279,6 +279,8 @@ ejabberd_enabled: False # idmgr and activity-server idmgr_install: False activity_server_install: False + +xo_services_install: False xo_services_enabled: False ejabberd_xs_install: False ejabberd_xs_enabled: False From 07aeca2fdd57122348c76cf16dd2275a5848986a Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 10 Oct 2017 23:46:33 -0400 Subject: [PATCH 026/466] default_vars.yml more readable --- vars/default_vars.yml | 87 +++++++++++++++++++++++-------------------- 1 file changed, 47 insertions(+), 40 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index e5d1d9a3e..fc671bcac 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -129,6 +129,7 @@ iiab_home_url: /home #iiab_home_url: /wiki - either dokuwiki or mediawiki # 4-SERVER-OPTIONS + # sshd sshd_enabled: True @@ -163,17 +164,59 @@ docker_enabled: False cups_install: True cups_enabled: False +# 5-XO-SERVICES + +# Lesser-supported XO services need additional testing. Please uncomment +# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact +# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. + +xo_services_install: False +xo_services_enabled: False + +# ejabberd +ejabberd_install: False +ejabberd_enabled: False + +ejabberd_xs_install: False +ejabberd_xs_enabled: False + +# idmgr and activity-server +idmgr_install: False +idmgr_enables: False + +activity_server_install: False +activity_server_enabled: False + +# xovis +xovis_install: False +xovis_enabled: False +xovis_target_host: "127.0.0.1:5984" +xovis_deployment_name: olpc + +xovis_db_name: xovis +xovis_db_user: admin +xovis_db_password: admin + +xovis_root: "/opt/xovis" +xovis_backup_dir: "/library/users" +xovis_chart_heading: "My School: Usage Data Visualization" + +# sugar-stats +sugar_stats_install: False +sugar_stats_enabled: False + # 6-GENERIC-APPS # MYSQL mysql_install: True mysql_enabled: False -phpmyadmin_install: False -phpmyadmin_enabled: False # password is fixmysql # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 mysql_root_password: fixmysql +phpmyadmin_install: False +phpmyadmin_enabled: False + # ELGG elgg_install: True elgg_enabled: False @@ -181,8 +224,8 @@ elgg_enabled: False elgg_mysql_password: elgg4kids # OwnCloud -owncloud_install: False -owncloud_enabled: False +# owncloud_install: False +# owncloud_enabled: False # WordPress wordpress_install: True @@ -205,7 +248,6 @@ moodle_enabled: False osm_install: True osm_enabled: False - # Pathagar pathagar_install: False pathagar_enabled: False @@ -268,45 +310,10 @@ vnstat_enabled: False awstats_install: True awstats_enabled: False - -# =========== Less-supported XO services need additional testing=========== -# 5-XO-SERVICES - -# ejabberd -ejabberd_install: False -ejabberd_enabled: False - -# idmgr and activity-server -idmgr_install: False -activity_server_install: False - -xo_services_install: False -xo_services_enabled: False -ejabberd_xs_install: False -ejabberd_xs_enabled: False - -# xovis -xovis_install: False -xovis_enabled: False -xovis_target_host: "127.0.0.1:5984" -xovis_deployment_name: olpc - -xovis_db_name: xovis -xovis_db_user: admin -xovis_db_password: admin - -xovis_root: "/opt/xovis" -xovis_backup_dir: "/library/users" -xovis_chart_heading: "My School: Usage Data Visualization" - # schooltool schooltool_install: False schooltool_enabled: False -# sugar-stats -sugar_stats_install: False -sugar_stats_enabled: False - # ajenti ajenti_install: False ajenti_enabled: False From 00811fb7c5b0dc8958a2b7afff429e67b8eee20c Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 10 Oct 2017 23:59:07 -0400 Subject: [PATCH 027/466] added warning: wondershaper appears unmaintained --- vars/default_vars.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index fc671bcac..a8a21933c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -108,6 +108,7 @@ squid_install: False squid_enabled: False # wondershaper +# unmaintained and high-risk: https://github.com/iiab/iiab/pull/382 wondershaper_install: False wondershaper_enabled: False From 786ba65bc1fe44db7a71ca58dc7cca7a50b44657 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 11 Oct 2017 00:15:26 -0400 Subject: [PATCH 028/466] owncloud vars needed, or Ansible fails ("No package matching 'owncloud' is available") --- vars/default_vars.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index a8a21933c..cb522fc42 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -225,8 +225,8 @@ elgg_enabled: False elgg_mysql_password: elgg4kids # OwnCloud -# owncloud_install: False -# owncloud_enabled: False +owncloud_install: False +owncloud_enabled: False # WordPress wordpress_install: True From 84b933229d84b49225a5b072c7d4f2f5d76590ac Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 11 Oct 2017 09:33:27 -0400 Subject: [PATCH 029/466] Far more readable. Added nextcloud defaults. --- vars/default_vars.yml | 64 +++++++++++++++++++++++-------------------- 1 file changed, 35 insertions(+), 29 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index cb522fc42..967eb8508 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -17,7 +17,7 @@ yum_packages_dir: "{{ iiab_base }}/yum-packages" downloads_dir: "{{ iiab_base }}/downloads" iiab_download_url: http://download.iiab.io/packages -#Configuration File(s) +# Configuration File(s) iiab_config_file: /etc/iiab/iiab.ini service_filelist: "{{ iiab_config_file }}" @@ -44,7 +44,9 @@ iiab_domain: lan lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 -#Read docs/NETWORKING.rst +# Read https://github.com/iiab/iiab/wiki/IIAB-Networking +# Also readable offline @ http://box/info/IIAB-Networking.html + # Gateway mode iiab_lan_enabled: True iiab_wan_enabled: True @@ -53,8 +55,8 @@ gui_wan: True adm_cons_force_ssl: False adm_cons_allow_downloads: False -# Internal Wifi Access Point -# Values are used if there is an internal wifi adapter and hostapd is enabled +# Internal Wi-Fi Access Point +# Values are used if there is an internal Wi-Fi adapter and hostapd is enabled # The platform variable adapts install to specific hardware (raspberry pi=rpi2) hostapd_enabled: True host_ssid: "Internet in a Box" @@ -63,7 +65,7 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -#intended for developers +# Intended for developers exFAT_enabled: False user_wan_iface: auto user_lan_iface: auto @@ -87,7 +89,7 @@ wan_nameserver: # 3-BASE -# apache +# Apache allow_apache_sudo: False # dhcpd @@ -99,15 +101,15 @@ named_install: True named_enabled: True block_DNS: False -# dansguardian +# DansGuardian dansguardian_install: False dansguardian_enabled: False -# squid +# Squid squid_install: False squid_enabled: False -# wondershaper +# Wondershaper # unmaintained and high-risk: https://github.com/iiab/iiab/pull/382 wondershaper_install: False wondershaper_enabled: False @@ -118,11 +120,11 @@ gw_block_https: False iiab_gateway_enabled: True # Home page -# Default to the gui where the selection is made or override in localvars +# Default to the gui where the selection is made or override in local_vars.yml iiab_home_url: /home -# you can change iiab_home_url in local_vars in order to get a different home page -# these could be one of the following (assuming they are enabled): +# You can change iiab_home_url in local_vars.yml in order to get a different home page. +# For example one of the following: (assuming they are enabled) #iiab_home_url: /home #iiab_home_url: /xs-portal - the alternate home page @@ -134,18 +136,18 @@ iiab_home_url: /home # sshd sshd_enabled: True -# openvpn +# OpenVPN vpn_presence: xscenet.net openvpn_server_port: 1194 openvpn_cron_enabled: False openvpn_install: True openvpn_enabled: False -# samba +# Samba samba_install: False samba_enabled: False -# postgresql +# PostgreSQL postgresql_install: False postgresql_enabled: False @@ -157,7 +159,7 @@ authserver_enabled: False usb_lib_install: True usb_lib_enabled: True -# docker +# Docker docker_install: False docker_enabled: False @@ -188,7 +190,7 @@ idmgr_enables: False activity_server_install: False activity_server_enabled: False -# xovis +# XOVis xovis_install: False xovis_enabled: False xovis_target_host: "127.0.0.1:5984" @@ -208,7 +210,7 @@ sugar_stats_enabled: False # 6-GENERIC-APPS -# MYSQL +# MySQL mysql_install: True mysql_enabled: False # password is fixmysql @@ -218,7 +220,7 @@ mysql_root_password: fixmysql phpmyadmin_install: False phpmyadmin_enabled: False -# ELGG +# Elgg elgg_install: True elgg_enabled: False # elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 @@ -228,11 +230,15 @@ elgg_mysql_password: elgg4kids owncloud_install: False owncloud_enabled: False +# Nextcloud +nextcloud_install: True +nextcloud_enabled: False + # WordPress wordpress_install: True wordpress_enabled: False -# Dokuwiki +# DokuWiki dokuwiki_install: False dokuwiki_enabled: False @@ -265,7 +271,7 @@ rachel_content_found: False #rachel_url: /rachel rachel_doc_root: "{{ doc_root}}/modules" -# Kiwix-Serve +# Kiwix-serve kiwix_install: True kiwix_port: 3000 kiwix_serve_enabled: False @@ -282,17 +288,17 @@ kalite_server_port: 8008 kalite_enabled: False kalite_cron_enabled: False -#Sugarizer +# Sugarizer sugarizer_install: True sugarizer_enabled: False # 8-MGMT-TOOLS -# munin +# Munin munin_install: True munin_enabled: False -# monit +# Monit monit_install: False monit_enabled: False watchdog: @@ -303,23 +309,23 @@ watchdog: - postgresql - squid -# vnstat +# vnStat vnstat_install: True vnstat_enabled: False -# awstats -- sumarizes http access logs +# AWStats -- sumarizes http access logs awstats_install: True awstats_enabled: False -# schooltool +# SchoolTool schooltool_install: False schooltool_enabled: False -# ajenti +# Ajenti ajenti_install: False ajenti_enabled: False -# teamviewer +# TeamViewer - unmaintained (better to install directly from http://teamviewer.com) teamviewer_install: False teamviewer_enabled: False From b335c0f1ce17fcda6e50e2124af32d9e77bd2430 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 11 Oct 2017 09:48:24 -0400 Subject: [PATCH 030/466] Far More Readable (in future: harmonize with local_vars.yml) --- vars/default_vars.yml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 967eb8508..032b361ca 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -1,6 +1,7 @@ # WARNING: DO NOT MODIFY THIS FILE. # CHANGES WILL BE LOST IF YOU DO A GIT PULL OR FETCH. -# Instead put changes in local_vars.yml which is not tracked by git. +# Instead put changes in local_vars.yml which is not tracked by git: +# http://wiki.laptop.org/go/IIAB/local_vars.yml # By convention we use True/False to indicate boolean constants. @@ -47,7 +48,7 @@ lan_netmask: 255.255.224.0 # Read https://github.com/iiab/iiab/wiki/IIAB-Networking # Also readable offline @ http://box/info/IIAB-Networking.html -# Gateway mode +# Gateway mode iiab_lan_enabled: True iiab_wan_enabled: True ssh_port: 22 @@ -109,7 +110,7 @@ dansguardian_enabled: False squid_install: False squid_enabled: False -# Wondershaper +# Wonder Shaper # unmaintained and high-risk: https://github.com/iiab/iiab/pull/382 wondershaper_install: False wondershaper_enabled: False @@ -126,10 +127,10 @@ iiab_home_url: /home # You can change iiab_home_url in local_vars.yml in order to get a different home page. # For example one of the following: (assuming they are enabled) -#iiab_home_url: /home -#iiab_home_url: /xs-portal - the alternate home page -#iiab_home_url: /wordpress -#iiab_home_url: /wiki - either dokuwiki or mediawiki +# iiab_home_url: /home +# iiab_home_url: /xs-portal - the alternate home page +# iiab_home_url: /wordpress +# iiab_home_url: /wiki - either dokuwiki or mediawiki # 4-SERVER-OPTIONS @@ -143,7 +144,7 @@ openvpn_cron_enabled: False openvpn_install: True openvpn_enabled: False -# Samba +# Samba. Take a security audit seriously before deploying this. samba_install: False samba_enabled: False @@ -163,7 +164,7 @@ usb_lib_enabled: True docker_install: False docker_enabled: False -# Common UNIX printing system +# Common UNIX Printing System cups_install: True cups_enabled: False @@ -183,10 +184,11 @@ ejabberd_enabled: False ejabberd_xs_install: False ejabberd_xs_enabled: False -# idmgr and activity-server +# idmgr idmgr_install: False idmgr_enables: False +# activity-server activity_server_install: False activity_server_enabled: False @@ -217,6 +219,7 @@ mysql_enabled: False # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 mysql_root_password: fixmysql +# Handy for maintaining tables, but DANGEROUS if not locked down phpmyadmin_install: False phpmyadmin_enabled: False From 76ae611d532c43ec5b608fbbc914fc8f39e6ba38 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 11 Oct 2017 09:49:17 -0400 Subject: [PATCH 031/466] Added URL http://wiki.iiab.io/local_vars.yml --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 032b361ca..6b7469b6d 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -1,7 +1,7 @@ # WARNING: DO NOT MODIFY THIS FILE. # CHANGES WILL BE LOST IF YOU DO A GIT PULL OR FETCH. # Instead put changes in local_vars.yml which is not tracked by git: -# http://wiki.laptop.org/go/IIAB/local_vars.yml +# http://wiki.iiab.io/local_vars.yml # By convention we use True/False to indicate boolean constants. From 411a582d7396cfc620e7bd40200bc2098a5c489a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 11 Oct 2017 09:56:55 -0400 Subject: [PATCH 032/466] Yet more readable & understandable. --- vars/default_vars.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 6b7469b6d..209fae6d9 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -328,14 +328,16 @@ schooltool_enabled: False ajenti_install: False ajenti_enabled: False -# TeamViewer - unmaintained (better to install directly from http://teamviewer.com) +# TeamViewer - unmaintained (better to install from http://teamviewer.com) teamviewer_install: False teamviewer_enabled: False -# ===================================================================== -# Platforms - turn all off and let .yml turn on as appropriate +# Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) nodocs: False +# ================================================================ +# Platforms - turn all off and let .yml turn on as appropriate + # wide to narrow is_debuntu: False is_ubuntu: False From bfe44f188bb6bad4dede86929385087af1cff009 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 11 Oct 2017 10:01:22 -0400 Subject: [PATCH 033/466] clarified Wonder Shaper status --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 209fae6d9..31c1b2bfc 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -111,7 +111,7 @@ squid_install: False squid_enabled: False # Wonder Shaper -# unmaintained and high-risk: https://github.com/iiab/iiab/pull/382 +# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 wondershaper_install: False wondershaper_enabled: False From f3681896dafb0a3f1da6a50dd2f1c56a5f910fe8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 11 Oct 2017 20:53:52 -0400 Subject: [PATCH 034/466] update kiwix-tools 2017-09-28 to 2017-10-11 --- roles/kiwix/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 194606c3c..01d70b5c3 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -7,13 +7,13 @@ - name: Set kiwix source file name x86_64 set_fact: - kiwix_src_file: "kiwix-tools_linux64_2017-09-28.tar.gz" + kiwix_src_file: "kiwix-tools_linux64_2017-10-11.tar.gz" kiwix_src_bin_only: True when: ansible_machine == "x86_64" - name: Set kiwix source file name armv7l set_fact: - kiwix_src_file: "kiwix-tools_armhf_2017-09-28.tar.gz" + kiwix_src_file: "kiwix-tools_armhf_2017-10-11.tar.gz" kiwix_src_bin_only: True when: ansible_machine == "armv7l" or ansible_machine == "armv6l" From 1303f580e922096d8ca31be4aba4f35ecabd9764 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 12 Oct 2017 08:36:48 -0400 Subject: [PATCH 035/466] typo lx.staat.isdir prevents install on Raspbian Pixel --- roles/iiab-admin/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index ccd34a9d3..eaebf36fc 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -31,7 +31,7 @@ - name: Do the same if running on raspbian template: src=lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/ - when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu + when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu - name: put a autostart line to check for default password in LXDE lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh From 7f7436a99024a735e9e281daa6a2867ae2229686 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 12 Oct 2017 08:38:29 -0400 Subject: [PATCH 036/466] lx.staat.isdir occurred twice --- roles/iiab-admin/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index eaebf36fc..25c384717 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -36,4 +36,4 @@ - name: put a autostart line to check for default password in LXDE lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/autostart - when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu + when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu From 0d22dcb258e85aabdfc5b519f9ba0fe99944941a Mon Sep 17 00:00:00 2001 From: Arky Date: Thu, 12 Oct 2017 23:36:45 +0700 Subject: [PATCH 037/466] Disable pip caching for osm (Fixes #385) --- roles/osm/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index d0d3714aa..fa254d3d9 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -27,14 +27,14 @@ virtualenv={{ osm_venv }} virtualenv_site_packages=no version=2.6 - extra_args="--disable-pip-version-check" + extra_args="--disable-pip-version-check --no-cache-dir" when: internet_available - name: Install IIAB with dependencies pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no - extra_args="--disable-pip-version-check" + extra_args="--disable-pip-version-check --no-cache-dir" with_items: - MarkupSafe - pytz From 760cdaa97d150587d8c1feecc9de30a94ea0b2d6 Mon Sep 17 00:00:00 2001 From: Arky Date: Thu, 12 Oct 2017 23:51:01 +0700 Subject: [PATCH 038/466] Fixing broken Travis build image in README file. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3b3a839ca..1b8c20f5b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Internet-in-a-Box (IIAB) [![Build Status](https://travis-ci.org/iiab/iiab/iiab.svg?branch=master)](https://travis-ci.org/iiab/iiab) +# Internet-in-a-Box (IIAB) [![Build Status](https://travis-ci.org/iiab/iiab.svg?branch=master)](https://travis-ci.org/iiab/iiab) Welcome to the Git repository of the Internet-in-a-Box (IIAB) project. This is a community-based project developed and supported by volunteers from around the world. The Internet-in-a-Box (IIAB) is small, inexpensive device which provides essential Internet resources (like Wikipedia, OpenStreetMap, Khan Academy and others) without any Internet connection. It provides a local content server of the world’s Free Knowledge. From 81353af9cae34ce005793d53e611d0d987bb0aa5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 12 Oct 2017 12:32:05 -0500 Subject: [PATCH 039/466] remove unused role --- roles/gateway/README.rst | 46 ------------------------------------ roles/gateway/tasks/main.yml | 1 - 2 files changed, 47 deletions(-) delete mode 100644 roles/gateway/README.rst delete mode 100644 roles/gateway/tasks/main.yml diff --git a/roles/gateway/README.rst b/roles/gateway/README.rst deleted file mode 100644 index 424002f32..000000000 --- a/roles/gateway/README.rst +++ /dev/null @@ -1,46 +0,0 @@ -============== -Gateway README -============== - -Under the heading of Gateway are a number of services that provide dhcp addresses and NAT to the lan -and filter wan access both in terms of content and bandwidth. - -LAN ---- - -The LAN is managed by the dhcpd service and by iptables. The configuration of iptables is complicated -and works as follows: - -/etc/systemd/system/iptables.service calls -/etc/sysconfig/iptables-config which calls -/usr/bin/iiab-gen-iptables -and saves the resultant configuration to /etc/sysconfig/iptables -it then supplies additional rules to iptables - -As of March 2014 the following files are obsolete - -/etc/sysconfig/olpc-scripts/iptables-xs - -/etc/sysconfig/olpc-scripts/ip6tables-xs - -Filters -------- - -Content is filtered by squid and dansguardian and there are ansible variables that control them. - -There is a white list file, sites.whitelist.txt. URL patterns not in this file will not be accessible. - -An additional rule to block https has been added to iptables, also controlled by an ansible variable. - -**N.B. https blocking and whitelist checking are disabled by default** - -To enable whitelist checking and/or https blocking edit - -#Gateway Filters -gw_squid_whitelist: False -gw_block_https: False - -changing False to True where appropriate and then run runtags facts, gateway - -Bandwidth is filtered by wondershaper. - diff --git a/roles/gateway/tasks/main.yml b/roles/gateway/tasks/main.yml deleted file mode 100644 index ca15722ca..000000000 --- a/roles/gateway/tasks/main.yml +++ /dev/null @@ -1 +0,0 @@ --name: placekeeper From 932fa4c6c9a1ef3046415c9bdd600c15c6e828af Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 12 Oct 2017 19:37:38 -0400 Subject: [PATCH 040/466] refresh-wiki-docs.sh overhaul --- roles/httpd/templates/refresh-wiki-docs.sh | 101 +++++++++------------ 1 file changed, 44 insertions(+), 57 deletions(-) diff --git a/roles/httpd/templates/refresh-wiki-docs.sh b/roles/httpd/templates/refresh-wiki-docs.sh index cbf13f997..f28a265eb 100755 --- a/roles/httpd/templates/refresh-wiki-docs.sh +++ b/roles/httpd/templates/refresh-wiki-docs.sh @@ -1,81 +1,68 @@ #!/bin/bash -x -# pull down repo wiki, and use to create offline docs + +# pull down repo wiki (etc) to create offline docs + set -e source /etc/iiab/iiab.env -REPONAME=iiab -REPO=https://github.com/iiab WIKI=iiab-wiki -TARGET_URL=/info -WWWROOT=/library/www/html INPUT=/tmp/${WIKI} OUTPUT=/tmp/${WIKI}.out - -# this script is located in the scritps/ directory in the local repo -SCRIPTDIR=$(dirname $0) -pushd $SCRIPTDIR +DESTPATH=/library/www/html/info rm -rf $INPUT rm -rf $OUTPUT mkdir -p $INPUT mkdir -p $OUTPUT -mkdir -p $WWWROOT$TARGET_URL/html -git clone $REPO/$REPONAME.wiki.git $INPUT +git clone https://github.com/iiab/iiab.wiki.git $INPUT # To Do find more links to rewrite, especially after moving from xsce to iiab -for f in `ls /tmp/${WIKI}`; do +for f in `ls ${INPUT}`; do FTRIMMED=${f%.md} - if [ $FTRIMMED = "Home" ]; then FTRIMMED=index;fi + if [ $FTRIMMED = "Home" ]; then FTRIMMED=index; fi pandoc -s /tmp/${WIKI}/$f -o $OUTPUT/$FTRIMMED.html - # make links refer to local directory - sed -i -r "/.*#.*/ s|$REPO/$REPONAME/wiki/(.*)(#.*)\">|./\1.html\2\">|" $OUTPUT/$FTRIMMED.html - sed -i -r "/.*#.*/! s|$REPO/$REPONAME/wiki/(.*)\">|./\1.html\">|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|http://schoolserver.org/faq|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|http://wiki.laptop.org/go/IIAB/FAQ|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|http://wiki.laptop.org/go/XS_Community_Edition/FAQ|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|http://FAQ.IIAB.IO|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|http://faq.iiab.io|/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|./\1.html\">|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|./\1.html\">|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|wiki.laptop.org/go/IIAB/FAQ|box/info/html/FAQ.html|" $OUTPUT/$FTRIMMED.html - sed -i -e "s|wiki.laptop.org/go/IIAB/Security|box/info/html/Security.html|" $OUTPUT/$FTRIMMED.html done -rsync -av $OUTPUT/ $WWWROOT$TARGET_URL +rsync -av $OUTPUT/ $DESTPATH -# copy the faq and other things -lynx -reload -source http://wiki.laptop.org/go/IIAB/FAQ > $WWWROOT$TARGET_URL/html/FAQ.html -lynx -reload -source http://wiki.laptop.org/go/IIAB/Security > $WWWROOT$TARGET_URL/html/Security.html -lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars.yml > $WWWROOT$TARGET_URL/html/local_vars.yml +# download FAQ etc +lynx -reload -source http://wiki.laptop.org/go/IIAB/FAQ > $DESTPATH/FAQ.html +lynx -reload -source http://wiki.laptop.org/go/IIAB/Security > $DESTPATH/Security.html +lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars.yml > $DESTPATH/local_vars.yml +lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars_min.yml > $DESTPATH/local_vars_min.yml +lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars_big.yml > $DESTPATH/local_vars_big.yml -# fetch the recent release notes -lynx -reload -source https://github.com/XSCE/xsce/wiki/IIAB-6.2-Release-Notes> $WWWROOT$TARGET_URL/IIAB-6.2-Release-Notes.html -lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.0.md > $WWWROOT$TARGET_URL/ReleaseNotes6.0.html -lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.1.md> $WWWROOT$TARGET_URL/ReleaseNotes6.1.html +# download older release notes +lynx -reload -source https://github.com/XSCE/xsce/wiki/IIAB-6.2-Release-Notes > $DESTPATH/IIAB-6.2-Release-Notes.html +lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.0.md > $DESTPATH/ReleaseNotes6.0.html +lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.1.md > $DESTPATH/ReleaseNotes6.1.html -pushd $OUTPUT -for f in `ls *Release*.md`; do -# FTRIMMED=${f%.md} - FTRIMMED=${f:0:-3} - pandoc -s $f -o $WWWROOT$TARGET_URL/$FTRIMMED.html - # make links refer to local directory - sed -i -e "s|$REPO/$REPONAME/wiki/\(.*\)\">|./\1.html\">)|" $WWWROOT$TARGET_URL/$FTRIMMED.html - sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\">|./\1.html\">)|" $WWWROOT$TARGET_URL/$FTRIMMED.html +# make links refer to local items +for f in `ls ${DESTPATH}`; do + sed -i -r "s|https://github.com/iiab/iiab/wiki/([-.0-9A-z]*)|\1.html|g" $DESTPATH/$f + + sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|\1.html\">|g" $DESTPATH/$f + sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|\1.html\">|g" $DESTPATH/$f + + sed -i -e "s|http://wiki.laptop.org/go/IIAB/FAQ|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|http://wiki.iiab.io/FAQ|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|http://FAQ.IIAB.IO|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|http://faq.iiab.io|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|http://schoolserver.org/FAQ|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|http://schoolserver.org/faq|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|http://wiki.laptop.org/go/XS_Community_Edition/FAQ|FAQ.html|g" $DESTPATH/$f + + sed -i -e "s|http://wiki.laptop.org/go/IIAB/Security|Security.html|g" $DESTPATH/$f + sed -i -e "s|http://wiki.iiab.io/Security|Security.html|g" $DESTPATH/$f + + sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars.yml|local_vars.yml|g" $DESTPATH/$f + sed -i -e "s|http://wiki.iiab.io/local_vars.yml|local_vars.yml|g" $DESTPATH/$f + + sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f + sed -i -e "s|http://wiki.iiab.io/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f + + sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f + sed -i -e "s|http://wiki.iiab.io/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f done -popd -#pushd /opt/iiab/iiab-admin-console/roles/console/files/help -# fetch the embedded help pages from the admin console -#for f in `ls .`; do -# FTRIMMED=${f%.rst} -# pandoc -s $f -o $WWWROOT$TARGET_URL/html/$FTRIMMED.html -# # make links refer to local directory -# sed -i -e "s|$REPO/$ADMINREPO/wiki/\(.*\)\">|./\1.html\">)|" $WWWROOT$TARGET_URL/html/$FTRIMMED.html -#done -#popd - -#rm -rf $INPUT -#rm -rf $OUTPUT - -popd exit 0 From 8c7ba6fd80893d70299a181ac5775b621e000cde Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 12 Oct 2017 23:03:35 -0400 Subject: [PATCH 041/466] further basic refinements --- roles/httpd/templates/refresh-wiki-docs.sh | 27 +++++++++++++--------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/roles/httpd/templates/refresh-wiki-docs.sh b/roles/httpd/templates/refresh-wiki-docs.sh index f28a265eb..85cfdc4a7 100755 --- a/roles/httpd/templates/refresh-wiki-docs.sh +++ b/roles/httpd/templates/refresh-wiki-docs.sh @@ -1,12 +1,11 @@ #!/bin/bash -x -# pull down repo wiki (etc) to create offline docs +# Pull down repo's entire wiki (and similar) to create offline docs set -e source /etc/iiab/iiab.env -WIKI=iiab-wiki -INPUT=/tmp/${WIKI} -OUTPUT=/tmp/${WIKI}.out +INPUT=/tmp/iiab-wiki +OUTPUT=/tmp/iiab-wiki.out DESTPATH=/library/www/html/info rm -rf $INPUT @@ -16,35 +15,37 @@ mkdir -p $OUTPUT git clone https://github.com/iiab/iiab.wiki.git $INPUT -# To Do find more links to rewrite, especially after moving from xsce to iiab -for f in `ls ${INPUT}`; do +for f in `ls $INPUT`; do FTRIMMED=${f%.md} if [ $FTRIMMED = "Home" ]; then FTRIMMED=index; fi - pandoc -s /tmp/${WIKI}/$f -o $OUTPUT/$FTRIMMED.html + pandoc -s $INPUT/$f -o $OUTPUT/$FTRIMMED.html done rsync -av $OUTPUT/ $DESTPATH -# download FAQ etc +# To Do: find more pages to d/l and offline links to fix, based on "fieldback" from truly remote implementer/operators + +# Download FAQ etc lynx -reload -source http://wiki.laptop.org/go/IIAB/FAQ > $DESTPATH/FAQ.html lynx -reload -source http://wiki.laptop.org/go/IIAB/Security > $DESTPATH/Security.html lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars.yml > $DESTPATH/local_vars.yml lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars_min.yml > $DESTPATH/local_vars_min.yml lynx -reload -source http://wiki.laptop.org/go/IIAB/local_vars_big.yml > $DESTPATH/local_vars_big.yml -# download older release notes +# Download older release notes lynx -reload -source https://github.com/XSCE/xsce/wiki/IIAB-6.2-Release-Notes > $DESTPATH/IIAB-6.2-Release-Notes.html lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.0.md > $DESTPATH/ReleaseNotes6.0.html lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.1.md > $DESTPATH/ReleaseNotes6.1.html -# make links refer to local items -for f in `ls ${DESTPATH}`; do +# Make links refer to local items +for f in `ls $DESTPATH`; do sed -i -r "s|https://github.com/iiab/iiab/wiki/([-.0-9A-z]*)|\1.html|g" $DESTPATH/$f sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|\1.html\">|g" $DESTPATH/$f sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|\1.html\">|g" $DESTPATH/$f sed -i -e "s|http://wiki.laptop.org/go/IIAB/FAQ|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|/go/IIAB/FAQ|FAQ.html|g" $DESTPATH/$f sed -i -e "s|http://wiki.iiab.io/FAQ|FAQ.html|g" $DESTPATH/$f sed -i -e "s|http://FAQ.IIAB.IO|FAQ.html|g" $DESTPATH/$f sed -i -e "s|http://faq.iiab.io|FAQ.html|g" $DESTPATH/$f @@ -53,15 +54,19 @@ for f in `ls ${DESTPATH}`; do sed -i -e "s|http://wiki.laptop.org/go/XS_Community_Edition/FAQ|FAQ.html|g" $DESTPATH/$f sed -i -e "s|http://wiki.laptop.org/go/IIAB/Security|Security.html|g" $DESTPATH/$f + sed -i -e "s|/go/IIAB/Security|Security.html|g" $DESTPATH/$f sed -i -e "s|http://wiki.iiab.io/Security|Security.html|g" $DESTPATH/$f sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars.yml|local_vars.yml|g" $DESTPATH/$f + sed -i -e "s|/go/IIAB/local_vars.yml|local_vars.yml|g" $DESTPATH/$f sed -i -e "s|http://wiki.iiab.io/local_vars.yml|local_vars.yml|g" $DESTPATH/$f sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f + sed -i -e "s|/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f sed -i -e "s|http://wiki.iiab.io/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f + sed -i -e "s|/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f sed -i -e "s|http://wiki.iiab.io/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f done From a95a4c5f99b2457da7303bd18a7d65c6f6e9655b Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 02:14:14 -0500 Subject: [PATCH 042/466] Install nodejs correctly --- roles/sugarizer/tasks/main.yml | 46 ++++++++++++++++++---------------- 1 file changed, 25 insertions(+), 21 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index e538bd14c..004bf6f32 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -4,6 +4,7 @@ - name: Untar it to target location command: tar xzf {{ downloads_dir }}/{{ sugarizer_version }}.tar.gz -C {{ sugarizer_location }} + creates="{{ sugarizer_location }}/{{ sugarizer_version }}/index.html" - name: Create a symbolic link from generic url to version specific location file: dest={{ sugarizer_location }}/sugarizer @@ -11,15 +12,19 @@ state=link - name: Install sugarizer required packages - package: name=nodejs + package: name={{ item }} state=present -# - npm - when: internet_available + with_items: + - node-gyp + when: internet_available and is_debuntu - name: Install npm non debian - package: name=npm + package: name={{ item }} state=present - when: internet_available and not is_debian + with_items: + - nodejs + - npm + when: internet_available and not is_debuntu # attempting to reinstall npn is broken on raspbian 9 - name: check for npm already installed @@ -36,7 +41,7 @@ when: internet_available and is_debian and not npm_exists - name: Actually get it installed - command: apt-get install -y npm + command: apt-get install -y nodejs when: internet_available and is_debian and not npm_exists - name: Create systemd files and copy our ini file @@ -68,22 +73,21 @@ chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 -#- name: enable services -# service: name={{ item.name }} -# enabled=yes -# state=restarted -# with_items: -# - { name: sugarizer } -# when: sugarizer_enabled +- name: enable services + service: name={{ item.name }} + enabled=yes + state=restarted + with_items: + - { name: sugarizer } + when: sugarizer_enabled - -#- name: disable services -# service: name={{ item.name }} -# enabled=no -# state=stopped -# with_items: -# - { name: sugarizer } -# when: not sugarizer_enabled +- name: disable services + service: name={{ item.name }} + enabled=no + state=stopped + with_items: + - { name: sugarizer } + when: not sugarizer_enabled - name: add sugarizer to service list ini_file: dest='{{ service_filelist }}' From fe8785ce8019441625377e4f2ac0459dcdb7ae2d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 12:31:11 -0400 Subject: [PATCH 043/466] sugarizer - remove 10-second restart --- roles/sugarizer/templates/sugarizer.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/templates/sugarizer.service.j2 b/roles/sugarizer/templates/sugarizer.service.j2 index 298e95159..23e5a9206 100644 --- a/roles/sugarizer/templates/sugarizer.service.j2 +++ b/roles/sugarizer/templates/sugarizer.service.j2 @@ -6,7 +6,7 @@ Requires=After=mongodb.service # Requires the mongodb service to run first WorkingDirectory={{ sugarizer_location }}/sugarizer/server/ ExecStart=/usr/bin/node sugarizer.js Restart=always -RestartSec=10 # Restart service after 10 seconds if node service crashes +#RestartSec=10 # Restart service after 10 seconds if node service crashes StandardOutput=syslog # Output to syslog StandardError=syslog # Output to syslog SyslogIdentifier=sugarizer From f311b4a75ff814f2acbf25319c7181b1fe34f3b4 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 12 Oct 2017 14:33:10 -0500 Subject: [PATCH 044/466] used is_debuntu for apt sources - better discriptions of actions - use package --- roles/sugarizer/tasks/main.yml | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 004bf6f32..98f920e44 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -2,6 +2,7 @@ get_url: url={{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz dest={{ downloads_dir }}/{{ sugarizer_version }}.tar.gz +#fixme - name: Untar it to target location command: tar xzf {{ downloads_dir }}/{{ sugarizer_version }}.tar.gz -C {{ sugarizer_location }} creates="{{ sugarizer_location }}/{{ sugarizer_version }}/index.html" @@ -11,14 +12,14 @@ src={{ sugarizer_location }}/{{ sugarizer_version }} state=link -- name: Install sugarizer required packages +- name: Install sugarizer required packages - is_debuntu package: name={{ item }} state=present with_items: - node-gyp when: internet_available and is_debuntu -- name: Install npm non debian +- name: Install npm non is_debuntu package: name={{ item }} state=present with_items: @@ -36,13 +37,14 @@ npm_exists: True when: npm.stat.exists is defined and npm.stat.exists -- name: Install npm on debian -- set up apt sources +- name: Set up apt sources on is_debuntu shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - - when: internet_available and is_debian and not npm_exists + when: internet_available and is_debuntu and not npm_exists -- name: Actually get it installed - command: apt-get install -y nodejs - when: internet_available and is_debian and not npm_exists +- name: Actually get it installed on is_debuntu + package: name=nodejs + state=present + when: internet_available and is_debuntu and not npm_exists - name: Create systemd files and copy our ini file template: src={{ item.src }} @@ -51,7 +53,7 @@ group=root mode=0644 with_items: -# - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'} + - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'} - { src: 'sugarizer.ini' , dest: '{{ sugarizer_location }}/sugarizer/server' } # - { src: 'sugarizer.conf' , dest: '/etc/apache2/sites-available' } @@ -60,20 +62,20 @@ # dest=/etc/apache2/sites-enabled/sugarizer.conf # state=link -- name: Create the express framework for node.js +- name: Create the express framework for node.js - ALL less F18 shell: npm install args: chdir: "{{ sugarizer_location }}/sugarizer/server" creates: "{{ sugarizer_location }}/sugarizer/server/node_modules" when: not is_F18 -- name: Create the express framework for node.js +- name: Create the express framework for node.js - F18 shell: npm install args: chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 -- name: enable services +- name: enable services - All service: name={{ item.name }} enabled=yes state=restarted @@ -81,7 +83,7 @@ - { name: sugarizer } when: sugarizer_enabled -- name: disable services +- name: disable services - All service: name={{ item.name }} enabled=no state=stopped From f3ff239157022c773483d24d5854e29b048f367c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 13 Oct 2017 09:03:46 -0500 Subject: [PATCH 045/466] always install packages - skip npm install when already run --- roles/sugarizer/tasks/main.yml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 98f920e44..60b55f478 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -28,23 +28,26 @@ when: internet_available and not is_debuntu # attempting to reinstall npn is broken on raspbian 9 -- name: check for npm already installed +- name: check for sugarizer already installed stat: path={{ sugarizer_location }}/sugarizer/server/node_modules register: npm - name: set a flag to abort second attempt to install - set_fact: + set_fact: npm_exists: True when: npm.stat.exists is defined and npm.stat.exists - name: Set up apt sources on is_debuntu shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - - when: internet_available and is_debuntu and not npm_exists + when: internet_available and is_debuntu - name: Actually get it installed on is_debuntu - package: name=nodejs + package: name={{ item }} state=present - when: internet_available and is_debuntu and not npm_exists + with_items: + - nodejs + - npm + when: internet_available and is_debuntu - name: Create systemd files and copy our ini file template: src={{ item.src }} @@ -67,13 +70,13 @@ args: chdir: "{{ sugarizer_location }}/sugarizer/server" creates: "{{ sugarizer_location }}/sugarizer/server/node_modules" - when: not is_F18 + when: not is_F18 and not npm_exists - name: Create the express framework for node.js - F18 shell: npm install args: chdir: "{{ sugarizer_location }}/sugarizer/server" - when: is_F18 + when: is_F18 and not npm_exists - name: enable services - All service: name={{ item.name }} From b768adac5c96dffd00213c69f818456d0a3b59f8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Oct 2017 11:09:00 -0400 Subject: [PATCH 046/466] regex [-.A-Za-z0-9] needed on Ubuntu etc where A-z fails --- roles/httpd/templates/refresh-wiki-docs.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/httpd/templates/refresh-wiki-docs.sh b/roles/httpd/templates/refresh-wiki-docs.sh index 85cfdc4a7..ed72a5ee1 100755 --- a/roles/httpd/templates/refresh-wiki-docs.sh +++ b/roles/httpd/templates/refresh-wiki-docs.sh @@ -39,7 +39,7 @@ lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6 # Make links refer to local items for f in `ls $DESTPATH`; do - sed -i -r "s|https://github.com/iiab/iiab/wiki/([-.0-9A-z]*)|\1.html|g" $DESTPATH/$f + sed -i -r "s|https://github.com/iiab/iiab/wiki/([-.A-Za-z0-9]*)|\1.html|g" $DESTPATH/$f sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|\1.html\">|g" $DESTPATH/$f sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|\1.html\">|g" $DESTPATH/$f From 5f6cd4615483779d2a82aa30467b5600b547c55e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Oct 2017 11:33:09 -0400 Subject: [PATCH 047/466] "rm -rf info/html" to permit "git pull" on earlier IIAB's --- roles/httpd/templates/refresh-wiki-docs.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/httpd/templates/refresh-wiki-docs.sh b/roles/httpd/templates/refresh-wiki-docs.sh index ed72a5ee1..e5947988c 100755 --- a/roles/httpd/templates/refresh-wiki-docs.sh +++ b/roles/httpd/templates/refresh-wiki-docs.sh @@ -8,6 +8,9 @@ INPUT=/tmp/iiab-wiki OUTPUT=/tmp/iiab-wiki.out DESTPATH=/library/www/html/info +# for-loop at bottom chokes on directories: this workaround permits "git pull" on IIAB systems prior to 2017-10-13 +rm -rf $DESTPATH/html + rm -rf $INPUT rm -rf $OUTPUT mkdir -p $INPUT From 55ce3d99e44455532fa96076a264127107d8abc5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Oct 2017 11:48:54 -0400 Subject: [PATCH 048/466] permit "git pull" on earlier IIAB's, leaving legacy subdirs like info/html untouched --- roles/httpd/templates/refresh-wiki-docs.sh | 51 ++++++++++------------ 1 file changed, 24 insertions(+), 27 deletions(-) diff --git a/roles/httpd/templates/refresh-wiki-docs.sh b/roles/httpd/templates/refresh-wiki-docs.sh index e5947988c..f1124c714 100755 --- a/roles/httpd/templates/refresh-wiki-docs.sh +++ b/roles/httpd/templates/refresh-wiki-docs.sh @@ -8,9 +8,6 @@ INPUT=/tmp/iiab-wiki OUTPUT=/tmp/iiab-wiki.out DESTPATH=/library/www/html/info -# for-loop at bottom chokes on directories: this workaround permits "git pull" on IIAB systems prior to 2017-10-13 -rm -rf $DESTPATH/html - rm -rf $INPUT rm -rf $OUTPUT mkdir -p $INPUT @@ -41,36 +38,36 @@ lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6 lynx -reload -source https://github.com/XSCE/xsce/blob/release-6.2/ReleaseNotes6.1.md > $DESTPATH/ReleaseNotes6.1.html # Make links refer to local items -for f in `ls $DESTPATH`; do - sed -i -r "s|https://github.com/iiab/iiab/wiki/([-.A-Za-z0-9]*)|\1.html|g" $DESTPATH/$f +for f in $DESTPATH/*.html; do + sed -i -r "s|https://github.com/iiab/iiab/wiki/([-.A-Za-z0-9]*)|\1.html|g" $f - sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|\1.html\">|g" $DESTPATH/$f - sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|\1.html\">|g" $DESTPATH/$f + sed -i -e "s|https://github.com/xsce/xsce/blob/release-6.2/\(.*\)\.md\">|\1.html\">|g" $f + sed -i -e "s|https://github.com/xsce/xsce/wiki/\(.*\)\">|\1.html\">|g" $f - sed -i -e "s|http://wiki.laptop.org/go/IIAB/FAQ|FAQ.html|g" $DESTPATH/$f - sed -i -e "s|/go/IIAB/FAQ|FAQ.html|g" $DESTPATH/$f - sed -i -e "s|http://wiki.iiab.io/FAQ|FAQ.html|g" $DESTPATH/$f - sed -i -e "s|http://FAQ.IIAB.IO|FAQ.html|g" $DESTPATH/$f - sed -i -e "s|http://faq.iiab.io|FAQ.html|g" $DESTPATH/$f - sed -i -e "s|http://schoolserver.org/FAQ|FAQ.html|g" $DESTPATH/$f - sed -i -e "s|http://schoolserver.org/faq|FAQ.html|g" $DESTPATH/$f - sed -i -e "s|http://wiki.laptop.org/go/XS_Community_Edition/FAQ|FAQ.html|g" $DESTPATH/$f + sed -i -e "s|http://wiki.laptop.org/go/IIAB/FAQ|FAQ.html|g" $f + sed -i -e "s|/go/IIAB/FAQ|FAQ.html|g" $f + sed -i -e "s|http://wiki.iiab.io/FAQ|FAQ.html|g" $f + sed -i -e "s|http://FAQ.IIAB.IO|FAQ.html|g" $f + sed -i -e "s|http://faq.iiab.io|FAQ.html|g" $f + sed -i -e "s|http://schoolserver.org/FAQ|FAQ.html|g" $f + sed -i -e "s|http://schoolserver.org/faq|FAQ.html|g" $f + sed -i -e "s|http://wiki.laptop.org/go/XS_Community_Edition/FAQ|FAQ.html|g" $f - sed -i -e "s|http://wiki.laptop.org/go/IIAB/Security|Security.html|g" $DESTPATH/$f - sed -i -e "s|/go/IIAB/Security|Security.html|g" $DESTPATH/$f - sed -i -e "s|http://wiki.iiab.io/Security|Security.html|g" $DESTPATH/$f + sed -i -e "s|http://wiki.laptop.org/go/IIAB/Security|Security.html|g" $f + sed -i -e "s|/go/IIAB/Security|Security.html|g" $f + sed -i -e "s|http://wiki.iiab.io/Security|Security.html|g" $f - sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars.yml|local_vars.yml|g" $DESTPATH/$f - sed -i -e "s|/go/IIAB/local_vars.yml|local_vars.yml|g" $DESTPATH/$f - sed -i -e "s|http://wiki.iiab.io/local_vars.yml|local_vars.yml|g" $DESTPATH/$f + sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars.yml|local_vars.yml|g" $f + sed -i -e "s|/go/IIAB/local_vars.yml|local_vars.yml|g" $f + sed -i -e "s|http://wiki.iiab.io/local_vars.yml|local_vars.yml|g" $f - sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f - sed -i -e "s|/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f - sed -i -e "s|http://wiki.iiab.io/local_vars_min.yml|local_vars_min.yml|g" $DESTPATH/$f + sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $f + sed -i -e "s|/go/IIAB/local_vars_min.yml|local_vars_min.yml|g" $f + sed -i -e "s|http://wiki.iiab.io/local_vars_min.yml|local_vars_min.yml|g" $f - sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f - sed -i -e "s|/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f - sed -i -e "s|http://wiki.iiab.io/local_vars_big.yml|local_vars_big.yml|g" $DESTPATH/$f + sed -i -e "s|http://wiki.laptop.org/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $f + sed -i -e "s|/go/IIAB/local_vars_big.yml|local_vars_big.yml|g" $f + sed -i -e "s|http://wiki.iiab.io/local_vars_big.yml|local_vars_big.yml|g" $f done exit 0 From 3a4dd811e68c6f738605ef89dd85c921902e02a6 Mon Sep 17 00:00:00 2001 From: Arky Date: Fri, 13 Oct 2017 01:51:03 +0700 Subject: [PATCH 049/466] Remove tracking retry, log files. Updating .gitignore --- .gitignore | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 69fe02e9e..fc4b12be2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,7 @@ xs-config.spec build deprecated -.patches +.ansible +*.patches +*.log +*.retry From 6f0a903a5f5ee75efc833bca897bf9b5cd35662d Mon Sep 17 00:00:00 2001 From: Arky Date: Mon, 16 Oct 2017 13:57:57 +0700 Subject: [PATCH 050/466] Fix octal permissions warnings in Travis CI --- roles/kalite/tasks/install-f18.yml | 2 +- roles/network/tasks/avahi.yml | 2 +- roles/samba/tasks/main.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/kalite/tasks/install-f18.yml b/roles/kalite/tasks/install-f18.yml index 918a8109d..82910c7c8 100644 --- a/roles/kalite/tasks/install-f18.yml +++ b/roles/kalite/tasks/install-f18.yml @@ -52,7 +52,7 @@ dest="{{ kalite_root }}/kalite/local_settings.py" owner={{ kalite_user }} group={{ kalite_user }} - mode=644 + mode=0644 - name: Create kalite service(s) and support scripts template: backup=no diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index d9af10a94..821bd711f 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -31,7 +31,7 @@ dest=/etc/avahi/services/schoolserver.service owner=avahi group=avahi - mode=640 + mode=0640 when: 'gui_wan == True' - name: Find a clean copy of ssh.service diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index c9b3ffc89..06ab47a02 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -6,7 +6,7 @@ user: name="{{ smbuser }}" shell=/sbin/nologin password="{{ smbpassword }}" - name: create the public folder - file: dest="{{ shared_dir }}" owner="{{ smbuser }}" group="{{ smbuser }}" mode=777 state=directory + file: dest="{{ shared_dir }}" owner="{{ smbuser }}" group="{{ smbuser }}" mode=0777 state=directory # Install and configure samba server (requires ports 137, 138, 139, 445 open). - name: Ensure Samba-related packages are installed. From 908bb54145aa0e321fca37cee06b6176f686688c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 17 Oct 2017 17:12:40 -0500 Subject: [PATCH 051/466] Nodejs 6.X - npm is not available standalone --- roles/sugarizer/tasks/main.yml | 22 +++++++--------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 60b55f478..bc41f0977 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -12,20 +12,24 @@ src={{ sugarizer_location }}/{{ sugarizer_version }} state=link +- name: Set up apt sources on is_debuntu + shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - + when: internet_available and is_debuntu + - name: Install sugarizer required packages - is_debuntu package: name={{ item }} state=present - with_items: - - node-gyp when: internet_available and is_debuntu + with_items: + - nodejs - name: Install npm non is_debuntu package: name={{ item }} state=present + when: internet_available and not is_debuntu with_items: - nodejs - npm - when: internet_available and not is_debuntu # attempting to reinstall npn is broken on raspbian 9 - name: check for sugarizer already installed @@ -37,18 +41,6 @@ npm_exists: True when: npm.stat.exists is defined and npm.stat.exists -- name: Set up apt sources on is_debuntu - shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - - when: internet_available and is_debuntu - -- name: Actually get it installed on is_debuntu - package: name={{ item }} - state=present - with_items: - - nodejs - - npm - when: internet_available and is_debuntu - - name: Create systemd files and copy our ini file template: src={{ item.src }} dest={{ item.dest }} From 8859f06e03f25d1d285b692ada1a9c595feff107 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 17 Oct 2017 20:56:58 -0400 Subject: [PATCH 052/466] fix kiwix_serve_enabled -> kiwix_enabled --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 31c1b2bfc..96f803fdd 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -276,8 +276,8 @@ rachel_doc_root: "{{ doc_root}}/modules" # Kiwix-serve kiwix_install: True +kiwix_enabled: False kiwix_port: 3000 -kiwix_serve_enabled: False iiab_zim_path: /library/zims # KA Lite From f57ac88857ed24f839eeefcea6990839ca983875 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 17 Oct 2017 21:03:26 -0400 Subject: [PATCH 053/466] kiwix_enabled: False -> kiwix_enabled: True to abide by norms --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 96f803fdd..d4eaa3c06 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -276,7 +276,7 @@ rachel_doc_root: "{{ doc_root}}/modules" # Kiwix-serve kiwix_install: True -kiwix_enabled: False +kiwix_enabled: True kiwix_port: 3000 iiab_zim_path: /library/zims From 7e3b33c35ac2de8aca85da18e0db959f4396e365 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 17 Oct 2017 21:15:03 -0400 Subject: [PATCH 054/466] kiwix_serve_enabled: False -> kiwix_enabled: True --- roles/kiwix/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/defaults/main.yml b/roles/kiwix/defaults/main.yml index b6bac169f..aca4baf68 100644 --- a/roles/kiwix/defaults/main.yml +++ b/roles/kiwix/defaults/main.yml @@ -5,6 +5,6 @@ iiab_zim_path: /library/zims kiwix_library_xml: "{{ iiab_zim_path }}/library.xml" kiwix_content_path: "{{ iiab_zim_path }}/content" kiwix_install: True -kiwix_serve_enabled: False +kiwix_enabled: True kiwix_content_found: False kiwix_first_pass: False From 1af455656728e8a6ca7d756016077b82932bb3f5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 17 Oct 2017 21:16:24 -0400 Subject: [PATCH 055/466] spacing cleanup --- roles/kiwix/tasks/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 01d70b5c3..92ea14d6d 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -1,4 +1,3 @@ - #- name: Set kiwix source file name i686 # set_fact: # kiwix_src_file: "kiwix-linux-i686.tar.bz2" @@ -28,4 +27,3 @@ - debug: msg="WARNING kiwix source is not defined for your platform" when: not kiwix_src_file - From da82fa06590d1644bbc66db36dddf2e1bf5f6083 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 17 Oct 2017 21:17:45 -0400 Subject: [PATCH 056/466] kiwix_serve_enabled -> kiwix_enabled --- roles/kiwix/tasks/kiwix_install.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index b0d5ec5dc..4b6d03cf1 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -128,16 +128,16 @@ - option: kiwix_content_path value: "{{ kiwix_content_path }}" - option: enabled - value: "{{ kiwix_serve_enabled }}" + value: "{{ kiwix_enabled }}" - name: Enable kiwix-serve service service: name=kiwix-serve enabled=yes state=restarted - when: kiwix_serve_enabled + when: kiwix_enabled - name: Disable kiwix-serve service service: name=kiwix-serve enabled=no state=stopped - when: not kiwix_serve_enabled + when: not kiwix_enabled From 7855aafee928a75520df38623ace1343d49d561f Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 17 Oct 2017 21:24:59 -0400 Subject: [PATCH 057/466] sync from latest community norms @ http://wiki.laptop.org/go/IIAB/local_vars.yml --- vars/medium.localvars | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 79f232c74..6982f9484 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -1,8 +1,8 @@ # Put variables here to override /opt/iiab/iiab/vars/default_vars.yml # PLEASE READ http://wiki.laptop.org/go/IIAB/local_vars.yml -# SEE EXAMPLE http://download.iiab.io/6.4/rpi/local_vars_big.yml -# SEE EXAMPLE http://download.iiab.io/6.4/rpi/local_vars_min.yml +# SEE EXAMPLE http://download.iiab.io/6.5/rpi/local_vars_big.yml +# SEE EXAMPLE http://download.iiab.io/6.5/rpi/local_vars_min.yml # Original Idea: branch github.com/xsce/xsce-local for your deployment @@ -42,8 +42,9 @@ squid_enabled: False dansguardian_install: False dansguardian_enabled: False -wondershaper_install: False -wondershaper_enabled: False +# Unmaintained +# wondershaper_install: False +# wondershaper_enabled: False # 4-SERVER-OPTIONS @@ -54,7 +55,7 @@ openvpn_enabled: False # openvpn_cron_enabled: True # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" -# WARNING: Josh Dennis [April 2017] warned that CUPS printing can block Ansible +# Common UNIX Printing System cups_install: True cups_enabled: False @@ -68,7 +69,8 @@ phpmyadmin_enabled: False # 5-XO-SERVICES -# Lesser-supported XO services need additional testing. Please contact +# Lesser-supported XO services need additional testing. Please uncomment +# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. # authserver_install: False @@ -113,8 +115,8 @@ dokuwiki_enabled: False osm_install: True osm_enabled: True -kiwix_serve_install: True -kiwix_serve_enabled: True +kiwix_install: True +kiwix_enabled: True kalite_install: True kalite_enabled: True From f9eef63af52a008d442e4b68339d878001547be2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 17 Oct 2017 23:05:54 -0400 Subject: [PATCH 058/466] typo: XECE -> IIAB --- roles/2-common/tasks/centos.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/centos.yml b/roles/2-common/tasks/centos.yml index 70b653742..31e992924 100644 --- a/roles/2-common/tasks/centos.yml +++ b/roles/2-common/tasks/centos.yml @@ -13,7 +13,7 @@ with_items: - epel-release -- name: Install XECE repo for CentOS +- name: Install IIAB repo for CentOS template: src={{ item }} dest=/etc/yum.repos.d/ owner=root group=root mode=0644 with_items: - iiab-centos.repo From e0a13501c02ea645d5ae98b26c67ccf45245f6e2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 16 Oct 2017 21:17:23 -0500 Subject: [PATCH 059/466] bump centos to ansible 2.4.0 --- scripts/ansible | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/ansible b/scripts/ansible index bdced2c0f..19c56e6ad 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -42,8 +42,9 @@ fi if [ -f /etc/centos-release ]; then yum -y upgrade yum -y install ca-certificates nss epel-release - yum -y install ansible git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python + yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python yum -y install python-pip python-setuptools python-wheel patch + yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.0.0-1.el7.ans.noarch.rpm FOUND="yes" FAMILY="redhat" fi From 7b12175e50980b88e6ea6597b1983efdc4d8af57 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 17 Oct 2017 00:19:27 -0500 Subject: [PATCH 060/466] OSM - centos remove --disable-pip-version-check --- roles/osm/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index fa254d3d9..db2163081 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -34,7 +34,7 @@ pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no - extra_args="--disable-pip-version-check --no-cache-dir" + extra_args="--no-cache-dir" with_items: - MarkupSafe - pytz From 574b292f20ebb758bb330c38c63ec796bc12deb2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 17 Oct 2017 01:50:27 -0500 Subject: [PATCH 061/466] OSM - centos remove --disable-pip-version-check - 2 --- roles/osm/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index db2163081..4fdaeaef3 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -27,7 +27,7 @@ virtualenv={{ osm_venv }} virtualenv_site_packages=no version=2.6 - extra_args="--disable-pip-version-check --no-cache-dir" + extra_args="--no-cache-dir" when: internet_available - name: Install IIAB with dependencies From a4c69e8597e1f9a2860fbb9e9e58c9000b86be69 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 17 Oct 2017 02:25:30 -0500 Subject: [PATCH 062/466] centos remove --no-cache-dir --- roles/kalite/tasks/install.yml | 4 ++-- roles/osm/tasks/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index af064b584..3ba909bab 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -14,7 +14,7 @@ pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no - extra_args="--no-cache-dir" +# extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available @@ -23,7 +23,7 @@ version={{ kalite_version }} virtualenv={{ kalite_venv }} virtualenv_site_packages=no - extra_args="--no-cache-dir" +# extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index 4fdaeaef3..a26b53de9 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -27,14 +27,14 @@ virtualenv={{ osm_venv }} virtualenv_site_packages=no version=2.6 - extra_args="--no-cache-dir" +# extra_args="--no-cache-dir" when: internet_available - name: Install IIAB with dependencies pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no - extra_args="--no-cache-dir" +# extra_args="--no-cache-dir" with_items: - MarkupSafe - pytz From a351511b0d6bd2b58ce0167463ba8a99a33f8ef2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 18 Oct 2017 01:26:45 -0500 Subject: [PATCH 063/466] supply ansible.repo for updating --- roles/2-common/tasks/centos.yml | 1 + roles/2-common/templates/ansible.repo | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 roles/2-common/templates/ansible.repo diff --git a/roles/2-common/tasks/centos.yml b/roles/2-common/tasks/centos.yml index 31e992924..5db9cbc68 100644 --- a/roles/2-common/tasks/centos.yml +++ b/roles/2-common/tasks/centos.yml @@ -18,6 +18,7 @@ with_items: - iiab-centos.repo - li.nux.ro.repo + - ansible.repo #- name: Disable updating ansible on CentOS # shell: sed -i -e '/^enabled=/a exclude=ansible' {{ item }} diff --git a/roles/2-common/templates/ansible.repo b/roles/2-common/templates/ansible.repo new file mode 100644 index 000000000..a6918bdb7 --- /dev/null +++ b/roles/2-common/templates/ansible.repo @@ -0,0 +1,7 @@ +[ansible] +name=ansible +failovermethod=priority +baseurl=http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ +enabled=1 +metadata_expire=1d +gpgcheck=0 From 8093798210929fc9d15197b76b41e19bed40e356 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 18 Oct 2017 17:20:20 -0400 Subject: [PATCH 064/466] rm /var/lib/mongodb/journal/prealloc.* --- roles/mongodb/tasks/main.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 25844896a..55ff95615 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -8,6 +8,11 @@ tags: - download +# See https://github.com/iiab/iiab/issues/254 for other attempts to eliminate these 256MB files +- name: remove journal prealloc files + shell: rm /var/lib/mongodb/journal/prealloc.* + when: not mongodb_enabled + - name: create the data directory for mongodb file: state=directory path={{ item.path }} @@ -17,7 +22,6 @@ - { path: '/library/dbdata/mongodb' } - { path: '/var/log/mongodb' } - - name: Create systemd files template: src={{ item.src }} dest={{ item.dest }} @@ -38,7 +42,6 @@ - { name: mongodb } when: mongodb_enabled - - name: disable services service: name={{ item.name }} enabled=no From 0064694bbebc6c2d64fd8b07b22c0f1d59a26981 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 18 Oct 2017 17:20:17 -0500 Subject: [PATCH 065/466] limit --no-cache-dir exclude to is_redhat --- roles/kalite/tasks/install.yml | 6 ++++++ roles/osm/tasks/main.yml | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 3ba909bab..4077b7c8a 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -14,6 +14,9 @@ pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no + {% if not is_redhat %} + extra_args="--no-cache-dir" + {% endif %} # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available @@ -23,6 +26,9 @@ version={{ kalite_version }} virtualenv={{ kalite_venv }} virtualenv_site_packages=no + {% if not is_redhat %} + extra_args="--no-cache-dir" + {% endif %} # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index a26b53de9..a815c0e91 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -27,6 +27,9 @@ virtualenv={{ osm_venv }} virtualenv_site_packages=no version=2.6 + {% if not is_redhat %} + extra_args="--no-cache-dir" + {% endif %} # extra_args="--no-cache-dir" when: internet_available @@ -34,6 +37,9 @@ pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no + {% if not is_redhat %} + extra_args="--no-cache-dir" + {% endif %} # extra_args="--no-cache-dir" with_items: - MarkupSafe From eb2550141b4cbc454d74d897d2d30d91bb4cc546 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 18 Oct 2017 18:36:35 -0400 Subject: [PATCH 066/466] try removing prealloc files later, to catch them all --- roles/mongodb/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 55ff95615..51dd08d24 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -8,11 +8,6 @@ tags: - download -# See https://github.com/iiab/iiab/issues/254 for other attempts to eliminate these 256MB files -- name: remove journal prealloc files - shell: rm /var/lib/mongodb/journal/prealloc.* - when: not mongodb_enabled - - name: create the data directory for mongodb file: state=directory path={{ item.path }} @@ -50,6 +45,11 @@ - { name: mongodb } when: not mongodb_enabled +# See https://github.com/iiab/iiab/issues/254 for other attempts to eliminate these 256MB files +- name: remove journal prealloc files + shell: rm /var/lib/mongodb/journal/prealloc.* + when: not mongodb_enabled + - name: add mongodb to service list ini_file: dest='{{ service_filelist }}' section=mongodb From 48b30cc8a71857ed1cde6a414f5a674bf320f249 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 18 Oct 2017 19:08:30 -0400 Subject: [PATCH 067/466] remove prealloc.* in the Ansible way (works even if files absent) --- roles/mongodb/tasks/main.yml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 51dd08d24..12936476d 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -45,10 +45,19 @@ - { name: mongodb } when: not mongodb_enabled -# See https://github.com/iiab/iiab/issues/254 for other attempts to eliminate these 256MB files -- name: remove journal prealloc files - shell: rm /var/lib/mongodb/journal/prealloc.* - when: not mongodb_enabled +# See https://github.com/iiab/iiab/issues/254 for other attempts to eliminate +# these 256MB files. Brute Force Idea: rm /var/lib/mongodb/journal/prealloc.* +- name: find /var/lib/mongodb/prealloc.* files to delete + find: + paths: /var/lib/mongodb/journal + patterns: prealloc.* + register: files_to_delete + +- name: delete prealloc files + file: + path: "{{ item.path }}" + state: absent + with_items: "{{ files_to_delete.files }}" - name: add mongodb to service list ini_file: dest='{{ service_filelist }}' From 942bb4a18b66ade0f73a5d80f2d25b4f08b6f18d Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 18 Oct 2017 22:00:13 -0400 Subject: [PATCH 068/466] "when: not mongodb_enabled" added back --- roles/mongodb/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 12936476d..87a3f8824 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -52,12 +52,14 @@ paths: /var/lib/mongodb/journal patterns: prealloc.* register: files_to_delete + when: not mongodb_enabled - name: delete prealloc files file: path: "{{ item.path }}" state: absent with_items: "{{ files_to_delete.files }}" + when: not mongodb_enabled - name: add mongodb to service list ini_file: dest='{{ service_filelist }}' From 6d87652e8c8d4b2ccca77a51d20807f8297d2242 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 18 Oct 2017 19:54:28 -0500 Subject: [PATCH 069/466] just dup the code --- roles/kalite/tasks/install.yml | 25 +++++++++++++++++++------ roles/osm/tasks/main.yml | 28 +++++++++++++++++++++------- 2 files changed, 40 insertions(+), 13 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 4077b7c8a..40169dc8b 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -14,24 +14,37 @@ pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no - {% if not is_redhat %} extra_args="--no-cache-dir" - {% endif %} # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available + when: internet_available and is_debuntu - name: Install ka-lite with pip pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} virtualenv_site_packages=no - {% if not is_redhat %} extra_args="--no-cache-dir" - {% endif %} # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available + when: internet_available and is_debuntu + +- name: Install ka-lite dependencies with pip + pip: requirements={{ pip_packages_dir }}/kalite.txt + virtualenv={{ kalite_venv }} + virtualenv_site_packages=no +# extra_args="--no-cache-dir" +# extra_args="--disable-pip-version-check" + when: internet_available and not is_debuntu + +- name: Install ka-lite with pip + pip: name=ka-lite-static + version={{ kalite_version }} + virtualenv={{ kalite_venv }} + virtualenv_site_packages=no +# extra_args="--no-cache-dir" +# extra_args="--disable-pip-version-check" + when: internet_available and not is_debuntu - name: Default is to have cronserve started with kalite set_fact: diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index a815c0e91..33039e02f 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -27,25 +27,39 @@ virtualenv={{ osm_venv }} virtualenv_site_packages=no version=2.6 - {% if not is_redhat %} extra_args="--no-cache-dir" - {% endif %} -# extra_args="--no-cache-dir" - when: internet_available + when: internet_available and is_debuntu - name: Install IIAB with dependencies pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no - {% if not is_redhat %} extra_args="--no-cache-dir" - {% endif %} + with_items: + - MarkupSafe + - pytz + - Internet-in-a-Box + when: internet_available and is_debuntu + +# IIAB wants a specific version do that first +- name: Install Whoosh 2.6 + pip: name=whoosh + virtualenv={{ osm_venv }} + virtualenv_site_packages=no + version=2.6 +# extra_args="--no-cache-dir" + when: internet_available and not is_debuntu + +- name: Install IIAB with dependencies + pip: name={{ item }} + virtualenv={{ osm_venv }} + virtualenv_site_packages=no # extra_args="--no-cache-dir" with_items: - MarkupSafe - pytz - Internet-in-a-Box - when: internet_available + when: internet_available and not is_debuntu - name: Set osm_path set_fact: From 9361f6dc8843fceca8c1c82188edf1222761cd4c Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 19 Oct 2017 00:29:52 -0400 Subject: [PATCH 070/466] remove both "when: not mongodb_enabled" so prealloc files actually get deleted See https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/computed_vars.yml#L63-L67 pasted in here: - name: Turn on mongodb if sugarizer enabled set_fact: mongodb_install: True mongodb_enabled: True when: sugarizer_enabled The above 5 lines might be commented out as an experiment, to dump MongoDB entirely on a trial basis. --- roles/mongodb/tasks/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 87a3f8824..12936476d 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -52,14 +52,12 @@ paths: /var/lib/mongodb/journal patterns: prealloc.* register: files_to_delete - when: not mongodb_enabled - name: delete prealloc files file: path: "{{ item.path }}" state: absent with_items: "{{ files_to_delete.files }}" - when: not mongodb_enabled - name: add mongodb to service list ini_file: dest='{{ service_filelist }}' From a60133713da290798e9b2673d3513e6787adbb95 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 19 Oct 2017 00:41:40 -0400 Subject: [PATCH 071/466] Trial removal of MongoDB, for a more lightweight Sugarizer --- roles/1-prep/tasks/computed_vars.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 5fb7f824d..e775e9fc3 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -60,11 +60,12 @@ # we decided to enable mysql unconditionally # when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install -- name: Turn on mongodb if sugarizer enabled - set_fact: - mongodb_install: True - mongodb_enabled: True - when: sugarizer_enabled +# Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427 +# - name: Turn on mongodb if sugarizer enabled +# set_fact: +# mongodb_install: True +# mongodb_enabled: True +# when: sugarizer_enabled # There might be other db's - name: Turn on postgresql if moodle or pathagar enabled From f0b5dde2c7eceb9b4de133b3c8a9e57c1eaab704 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 19 Oct 2017 01:28:27 -0400 Subject: [PATCH 072/466] experiment with removing MongoDB --- roles/sugarizer/templates/sugarizer.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/templates/sugarizer.service.j2 b/roles/sugarizer/templates/sugarizer.service.j2 index 23e5a9206..fd5f17e40 100644 --- a/roles/sugarizer/templates/sugarizer.service.j2 +++ b/roles/sugarizer/templates/sugarizer.service.j2 @@ -1,6 +1,6 @@ [unit] Description=Node.js Sugarizer Server -Requires=After=mongodb.service # Requires the mongodb service to run first +# Requires=After=mongodb.service # Requires the mongodb service to run first [Service] WorkingDirectory={{ sugarizer_location }}/sugarizer/server/ From 9963f8bb1b243cf42cc36ae96395ce519b4f7551 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 19 Oct 2017 01:31:24 -0400 Subject: [PATCH 073/466] experiment with Sugarizer w/o MongoDB --- roles/sugarizer/meta/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/meta/main.yml b/roles/sugarizer/meta/main.yml index 60cc7431a..e3fcddc52 100644 --- a/roles/sugarizer/meta/main.yml +++ b/roles/sugarizer/meta/main.yml @@ -1,2 +1,2 @@ dependencies: - - { role: mongodb, tags: ['generic','mongodb'], when: sugarizer_install } +# - { role: mongodb, tags: ['generic','mongodb'], when: sugarizer_install } From 3abb27bbedf923d540665f25ba510fc6c56eaaf8 Mon Sep 17 00:00:00 2001 From: Arky Date: Thu, 19 Oct 2017 13:33:02 +0700 Subject: [PATCH 074/466] Misc Fixes: Clean up whitespace warnings --- roles/1-prep/tasks/detected_network.yml | 2 +- roles/1-prep/tasks/main.yml | 2 +- roles/2-common/tasks/packages.yml | 6 ++-- roles/2-common/tasks/xo.yml | 4 +-- roles/9-local-addons/meta/main.yml | 1 - roles/activity-server/tasks/main.yml | 31 ++++++++++----------- roles/authserver/tasks/main.yml | 2 +- roles/awstats/tasks/install.yml | 11 ++++---- roles/awstats/tasks/main.yml | 2 +- roles/calibre/tasks/main.yml | 2 +- roles/cups/tasks/main.yml | 2 +- roles/dokuwiki/tasks/install.yml | 5 ++-- roles/ejabberd/tasks/main.yml | 2 +- roles/idmgr/tasks/main.yml | 2 +- roles/iiab-admin/tasks/admin-user.yml | 17 ++++++----- roles/mongodb/tasks/main.yml | 2 +- roles/monit/tasks/main.yml | 4 +-- roles/moodle/tasks/main.yml | 8 +++--- roles/mysql/tasks/main.yml | 3 +- roles/network/tasks/avahi.yml | 2 +- roles/network/tasks/debian.yml | 10 +++---- roles/network/tasks/enable_services.yml | 2 +- roles/network/tasks/ifcfg_mods.yml | 3 +- roles/network/tasks/iptables.yml | 4 +-- roles/network/tasks/main.yml | 2 +- roles/network/tasks/named.yml | 8 +++--- roles/network/tasks/redetect.yml | 21 +++++++------- roles/network/tasks/rpi_debian.yml | 16 +++++------ roles/nextcloud/tasks/F18.yml | 2 +- roles/nextcloud/tasks/main.yml | 3 +- roles/nextcloud/tasks/nextcloud_enabled.yml | 4 +-- roles/openvpn/tasks/main.yml | 2 +- roles/owncloud/tasks/main.yml | 8 +++--- roles/owncloud/tasks/owncloud_enabled.yml | 1 - roles/pathagar/tasks/main.yml | 2 +- roles/phpmyadmin/tasks/main.yml | 2 +- roles/samba/tasks/main.yml | 11 ++++---- roles/sshd/tasks/main.yml | 2 +- roles/sugar-stats/tasks/main.yml | 6 ++-- roles/sugarizer/tasks/main.yml | 10 +++---- roles/teamviewer/tasks/install.yml | 9 +++--- roles/usb-lib/tasks/main.yml | 8 +++--- roles/vnstat/tasks/main.yml | 8 +++--- roles/wordpress/tasks/install.yml | 2 +- 44 files changed, 121 insertions(+), 135 deletions(-) diff --git a/roles/1-prep/tasks/detected_network.yml b/roles/1-prep/tasks/detected_network.yml index b3637d5ba..502f3dc1c 100644 --- a/roles/1-prep/tasks/detected_network.yml +++ b/roles/1-prep/tasks/detected_network.yml @@ -76,7 +76,7 @@ wifi1: "{{ item|trim }}" discovered_wireless_iface: "{{ item|trim }}" when: item|trim != "" and item|trim != discovered_wan_iface - with_items: + with_items: - "{{ wireless_list1.stdout_lines }}" # WIRELESS -- Sigh... Not all drivers update /proc/net/wireless correctly diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index b4eae678d..dc9672c67 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -21,7 +21,7 @@ state=present when: is_debuntu -- name: Test for UUID file +- name: Test for UUID file stat: path=/etc/iiab/uuid register: uuid_file diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 3e2a88611..24cb7e844 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -3,7 +3,7 @@ when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 - name: install yum from Fedora 23 for arm!!! - shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf + shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 - name: install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!! @@ -97,7 +97,7 @@ - python-pip - python-setuptools - python-virtualenv - + - name: Update common packages (not debian package: name={{ item }} state=latest @@ -124,7 +124,7 @@ # service: name=NetworkManager # state=restarted # when: not installing -# the above should use a handler - all reboots should wait until all +# the above should use a handler - all reboots should wait until all # mods are preformed - name: Install optional exFAT packages for CentOS diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index e0c86b5e0..ee9b4f852 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -112,7 +112,7 @@ get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir}}/{{ item }} with_items: - hostapd_8188_i386 - when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available + when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available tags: - xo @@ -131,5 +131,3 @@ ignore_errors: yes async: 300 poll: 120 - - diff --git a/roles/9-local-addons/meta/main.yml b/roles/9-local-addons/meta/main.yml index c88edbe27..74ae9e11f 100644 --- a/roles/9-local-addons/meta/main.yml +++ b/roles/9-local-addons/meta/main.yml @@ -1,3 +1,2 @@ # Add your role to this list and then uncomment dependencies. Adding a tag is handy for testing. #dependencies: - \ No newline at end of file diff --git a/roles/activity-server/tasks/main.yml b/roles/activity-server/tasks/main.yml index 10ef22a70..55b4d4b15 100644 --- a/roles/activity-server/tasks/main.yml +++ b/roles/activity-server/tasks/main.yml @@ -12,29 +12,29 @@ - /library/xs-activity-server/lang_templates - /library/xs-activity-server/www.0 - /library/xs-activity-server/tmp - + # Wish synchronize worked, but it doesn't - -- name: Copy language templates + +- name: Copy language templates command: rsync -a {{iiab_dir}}/roles/activity-server/files/lang_templates /library/xs-activity-server/ - -- name: Copy default index files + +- name: Copy default index files copy: src={{ item }} dest=/library/xs-activity-server/www.0 mode=0755 owner=root group=root with_fileglob: - - www.0/index.html.* - + - www.0/index.html.* + - name: Point www to www.0 as default file: src=/library/xs-activity-server/www.0 - dest=/library/xs-activity-server/www + dest=/library/xs-activity-server/www owner=root group=admin - state=link - -- name: Chown language templates + state=link + +- name: Chown language templates file: path=/library/xs-activity-server/lang_templates mode=0644 owner=root @@ -49,8 +49,8 @@ mode=0755 owner=root group=root - state=directory - + state=directory + - name: Install Python module copy: src=xs_activities/__init__.py dest=/usr/lib/python2.7/site-packages/xs_activities @@ -58,7 +58,7 @@ owner=root group=root -- name: Copy scripts to /usr/bin +- name: Copy scripts to /usr/bin copy: src={{ item }} dest=/usr/bin mode=0755 @@ -105,7 +105,7 @@ # For it only supports client's language code # TODO: Upload Activity via web interface -# and figure out what to do with olpc_activities.service +# and figure out what to do with olpc_activities.service # short term addition of link for upload-activity server # ln -sf /usr/share/xs-config/cfg/html/top/en/cntr_upl_activity.php {{ doc_root }}/upload_activity.php @@ -130,4 +130,3 @@ value: /activities - option: enabled value: "{{ xo_services_enabled }}" - diff --git a/roles/authserver/tasks/main.yml b/roles/authserver/tasks/main.yml index 45a8e4303..11e34c91f 100644 --- a/roles/authserver/tasks/main.yml +++ b/roles/authserver/tasks/main.yml @@ -4,7 +4,7 @@ - name: Install xs-authserver from pypi pip: name=xs-authserver - when: internet_available + when: internet_available - name: install gunicorn package: name=python-gunicorn diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index d495a5fd4..6610d9dc2 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -1,5 +1,5 @@ - name: Install awstats package - package: name={{ item }} + package: name={{ item }} state=present with_items: - awstats @@ -9,7 +9,7 @@ - download - name: Install awstats package - package: name={{ item }} + package: name={{ item }} state=present with_items: - libapache2-mod-authnz-external @@ -33,7 +33,7 @@ - "{{ awstats_data_dir }}" - "{{ apache_log_dir }}" -- name: Install the Apache config for Advanced Web Statistics +- name: Install the Apache config for Advanced Web Statistics template: src=apache.conf dest=/etc/{{ apache_config_dir }}/awstats.conf owner=root @@ -41,7 +41,7 @@ mode=0644 when: awstats_enabled and is_debuntu -- name: Install the Apache config for Advanced Web Statistics +- name: Install the Apache config for Advanced Web Statistics template: src=apache-awstats.conf dest=/etc/{{ apache_config_dir }}/awstats.conf owner=root @@ -74,7 +74,7 @@ state=absent when: not awstats_enabled and is_debuntu -- name: Install the awstats config for Advanced Web Statistics +- name: Install the awstats config for Advanced Web Statistics template: src=awstats.schoolserver.conf.j2 dest=/etc/awstats/awstats.schoolserver.conf owner=root @@ -95,4 +95,3 @@ - name: On first enabling of awstats, summarize httpd logs up to now shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update when: awstats_enabled and is_debuntu - diff --git a/roles/awstats/tasks/main.yml b/roles/awstats/tasks/main.yml index b60e7367e..7326d9670 100644 --- a/roles/awstats/tasks/main.yml +++ b/roles/awstats/tasks/main.yml @@ -1,6 +1,6 @@ - include: install.yml when: awstats_install - + - name: Add awstats to service list ini_file: dest='{{ service_filelist }}' section=awstats diff --git a/roles/calibre/tasks/main.yml b/roles/calibre/tasks/main.yml index 19892b95a..193a24db5 100644 --- a/roles/calibre/tasks/main.yml +++ b/roles/calibre/tasks/main.yml @@ -10,7 +10,7 @@ shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null" args: creates: /usr/bin/calibre-uninstall - when: calibre_install and ansible_distribution == 'CentOS' + when: calibre_install and ansible_distribution == 'CentOS' - name: Install Calibre rpms # the fedora rpm arm version, though older, takes care of dependencies, and exists diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index dc62c98e7..61abe61a5 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -7,7 +7,7 @@ when: cups_install tags: - download - + - name: Put our own config file in place, to permit local lan admin template: dest=/etc/cups/cupsd.conf src=cupsd.conf diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index e7d588ab5..82eaadf3e 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,6 +1,6 @@ - name: Get the Dokuwiki software get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir}}/ - when: internet_available + when: internet_available - name: Copy it to permanent location /library unarchive: src={{ downloads_dir }}/{{ dokuwiki_version }}.tgz dest=/library creates=/library/{{ dokuwiki_version }}/VERSION @@ -17,7 +17,7 @@ src=/etc/apache2/sites-available/dokuwiki.conf state=link when: dokuwiki_enabled and is_debuntu - + - name: disable the dokuwiki file: path=/etc/apache2/sites-enabled/dokuwiki.conf state=absent @@ -29,4 +29,3 @@ - name: Restart apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted - diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index 68e5dbd43..b0341521a 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -26,7 +26,7 @@ register: ejabberd_config - name: Put the startup script in place - debian - template: src='ejabberd-xs.init' + template: src='ejabberd-xs.init' dest='/etc/init.d/ejabberd-xs' when: is_debuntu diff --git a/roles/idmgr/tasks/main.yml b/roles/idmgr/tasks/main.yml index a738d231d..1140ca947 100644 --- a/roles/idmgr/tasks/main.yml +++ b/roles/idmgr/tasks/main.yml @@ -33,7 +33,7 @@ command: /etc/sysconfig/olpc-scripts/setup.d/xs-rsync creates=/etc/xinetd.d/xs-rsyncd -- name: Copy idmgr init script +- name: Copy idmgr init script command: /bin/cp /etc/init.d/idmgr /usr/libexec/idmgr.init creates=/usr/libexec/idmgr.init diff --git a/roles/iiab-admin/tasks/admin-user.yml b/roles/iiab-admin/tasks/admin-user.yml index 13501c681..c08af46bc 100644 --- a/roles/iiab-admin/tasks/admin-user.yml +++ b/roles/iiab-admin/tasks/admin-user.yml @@ -1,8 +1,8 @@ - name: Create iiab-admin user and password - user: name={{ iiab_admin_user }} + user: name={{ iiab_admin_user }} password={{ iiab_admin_passw_hash }} update_password=on_create - + - name: Create a wheel group group: name=wheel state=present @@ -14,7 +14,7 @@ - name: Add user to wheel group user: name={{ iiab_admin_user }} groups=wheel,sudo - + - name: Create root .ssh file: path=/root/.ssh mode=0700 @@ -29,7 +29,7 @@ owner=root group=root mode=0600 - + # backup=yes - name: edit the sudoers file--first make it editable @@ -42,15 +42,14 @@ dest=/etc/sudoers - name: lets wheel sudo without password - lineinfile: + lineinfile: line: "%wheel ALL= NOPASSWD: ALL" dest: /etc/sudoers - name: remove the line which requires tty - lineinfile: regexp=requiretty - state=absent + lineinfile: regexp=requiretty + state=absent dest=/etc/sudoers - + - name: end editing the sudoers file-- protect it again shell: chmod 0440 /etc/sudoers - diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 25844896a..a93e15cb1 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -4,7 +4,7 @@ with_items: - mongodb-server - mongodb - when: internet_available + when: internet_available tags: - download diff --git a/roles/monit/tasks/main.yml b/roles/monit/tasks/main.yml index 3fb6690b0..26a3c2a7f 100644 --- a/roles/monit/tasks/main.yml +++ b/roles/monit/tasks/main.yml @@ -11,7 +11,7 @@ tags: - download -- name: Update main config file +- name: Update main config file template: backup=yes src=monitrc dest=/etc/monitrc @@ -29,7 +29,7 @@ with_items: watchdog register: monit_config when: false - until: monit_config | success + until: monit_config | success retries: 5 delay: 1 diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index c8cebcf01..f13ef2be0 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -16,9 +16,9 @@ - php{{ php_version }}-curl # - php{{ php_version }}-zip - php{{ php_version }}-gd -# - php{{ php_version }}-mbstring +# - php{{ php_version }}-mbstring # mbstring is now included in php-cli - - php{{ php_version }}-cli + - php{{ php_version }}-cli when: is_debuntu - name: php-zip debian 8-9 changed name @@ -54,7 +54,7 @@ mode=0755 state=directory -- name: Create a moodle data dir with apache permission to write +- name: Create a moodle data dir with apache permission to write file: path={{ moodle_data }} owner={{ apache_user }} group={{ apache_user }} @@ -127,7 +127,7 @@ - name: Execute moodle startup script shell: '{{ moodle_base }}/moodle_installer' when: config.stat.exists is defined and not config.stat.exists - + - name: Give apache permission to read config file # command: chown -R {{ apache_user }} {{ moodle_base }} file: path={{ moodle_base }}/config.php diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 65d963fff..10b65e6b8 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -26,7 +26,7 @@ package: name=php-xml-parser state=present when: is_debian_8 - - name: Install MySQL + - name: Install MySQL package: name={{ item }} state=present with_items: @@ -118,4 +118,3 @@ value: '"mySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' - option: enabled value: "{{ mysql_enabled }}" - diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index 821bd711f..f23e61977 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -39,7 +39,7 @@ register: avahi_ver ignore_errors: True changed_when: false - + - name: Grab a clean copy of ssh.service copy: src='/usr/share/doc/{{ avahi_ver.stdout }}/ssh.service' dest='/etc/avahi/services/' diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 67cd1722d..a8ef6ce9c 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -1,15 +1,15 @@ # debian.yml -# Start out making simplifying assumptions +# Start out making simplifying assumptions # 1. we are dealing with a rpi3 # 2. Gui inputs define the config -- auto config is more difficult # a. gui_desired_network_role # b. hostapd_enabled -# c. gui_static_wan_ip +# c. gui_static_wan_ip # 3. In appliance mode: wan (and wlan0) is either static or dhcp under br0, and hostapd off # 4. In lan_controller: wan is off, eth0 and wlan0 under br0 # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway - + - name: in upgrade from earlier 6.2, delete the resolvconf package: name=resolvconf state=absent @@ -33,7 +33,7 @@ template: dest=/etc/network/interfaces src=network/interfaces.j2 -- name: Copy the bridge script +- name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab src=network/iiab.j2 register: interface @@ -54,7 +54,7 @@ - name: restart the networking service service: name=networking state=restarted when: interface.changed - + - name: start up hostapd again service: name=hostapd state=started when: interface.changed diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 18075b6dd..60dc795af 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -99,7 +99,7 @@ enabled=no when: not wondershaper_enabled and wondershaper_install -# check-LAN should be iptables.yml remove later +# check-LAN should be iptables.yml remove later - name: Grab clean copy of iiab-gen-iptables template: src={{ item.0 }} dest={{ item.1 }} diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 8b5fa01a1..8add78ffd 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -86,7 +86,7 @@ ignore_errors: True when: iiab_lan_iface != "none" and not installing and not iiab_demo_mode -# we could do the DEVICE name stuff for a cleaner looking nmcli +# we could do the DEVICE name stuff for a cleaner looking nmcli - name: Enabling ifcfg slaves shell: nmcli conn up id "System {{ item|trim }}" ignore_errors: True @@ -95,4 +95,3 @@ - "{{ lan_list_result.stdout_lines }}" # testpoint confirm with 'nmcli c show' 'brctl show' - diff --git a/roles/network/tasks/iptables.yml b/roles/network/tasks/iptables.yml index 4d2bbc078..e9eac5e28 100644 --- a/roles/network/tasks/iptables.yml +++ b/roles/network/tasks/iptables.yml @@ -19,11 +19,11 @@ when: not installing and not is_debuntu - name: Remove iptables.service file from /etc - file: path=/etc/systemd/system/iptables.service + file: path=/etc/systemd/system/iptables.service state=absent - name: Remove iptables-xs.service file from /etc - file: path=/etc/systemd/system/iptables-xs.service + file: path=/etc/systemd/system/iptables-xs.service state=absent - name: Install iptables service package diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 972fe4fde..5e93f5c3f 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -107,7 +107,7 @@ - include: computed_services.yml tags: - network - + - include: enable_services.yml tags: - network diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index aad1ed974..a152719aa 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -68,7 +68,7 @@ template: src=named/{{ dns_service }}.service dest=/etc/systemd/system/{{ dns_service }}.service mode=0644 - + - name: The dns-jail redirect requires the named.blackhole,disabling recursion # in named-iiab.conf, and the redirection of 404 error documents to / template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ @@ -77,16 +77,16 @@ - name: Separate enabling required for debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf - state=link + state=link when: is_debuntu and dns_jail_enabled - name: Separate enabling/disabling required for debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf - state=absent + state=absent when: is_debuntu and not dns_jail_enabled - name: Separate enabling/disabling required for non debian file: path=/etc/{{ apache_config_dir }}/dns-jail.conf - state=absent + state=absent when: not is_debuntu and not dns_jail_enabled diff --git a/roles/network/tasks/redetect.yml b/roles/network/tasks/redetect.yml index 0c3ea1321..afb3138d5 100644 --- a/roles/network/tasks/redetect.yml +++ b/roles/network/tasks/redetect.yml @@ -1,16 +1,16 @@ # The preferred method of disabling the LAN would be to set iiab_lan_enabled: # False before getting here but we are here... -# Well if we got here something changed with the gateway and ifcfg-WAN maybe -# no longer accurate. Note if DEVICE= is any ifcfg files the listed DEVICE -# becomes bound to the NAME in the ifcfg file. With the LAN files out of the +# Well if we got here something changed with the gateway and ifcfg-WAN maybe +# no longer accurate. Note if DEVICE= is any ifcfg files the listed DEVICE +# becomes bound to the NAME in the ifcfg file. With the LAN files out of the # way we can try the interfaces one by one starting with device_gw. # Setting up three way conditions with the results # skipped|changed|failed -# failure results in blowing away the ifcfg-WAN so lets make sure... +# failure results in blowing away the ifcfg-WAN so lets make sure... -# We only got here by way of no detected gateway, lets see if we can pick-up -# transient change like cable issues. +# We only got here by way of no detected gateway, lets see if we can pick-up +# transient change like cable issues. - name: BAD DHCP defaults set_fact: @@ -21,7 +21,7 @@ service: name=dhcpd state=stopped ### clear all connections first -# We should have the LAN torndown at this point. +# We should have the LAN torndown at this point. - name: No ifcfg-WAN known debug: msg="NO WAN known" @@ -34,7 +34,7 @@ - name: Trying wifi first shell: nmcli conn up id {{ ap_name.stdout }} - register: try_wifi + register: try_wifi ignore_errors: yes when: ap_name is defined and ap_named.changed @@ -45,7 +45,7 @@ # We have the DEVICE? - name: Now setting iiab_wan_iface based on wifi - set_fact: + set_fact: iiab_wan_iface: "{{ dhcp_wifi_results.stdout }}" dhcp_good: True when: dhcp_wifi_results.stdout is defined and dhcp_wifi_results.stdout != "" @@ -103,7 +103,7 @@ # We have the DEVICE? - name: Now setting iiab_wan_iface via nmcli - set_fact: + set_fact: iiab_wan_iface: "{{ dhcp_1BY1_results.stdout }}" dhcp_good: True when: dhcp_1BY1_results.stdout is defined and dhcp_1BY1_results.stdout != "" and not has_WAN @@ -138,4 +138,3 @@ set_fact: iiab_lan_iface: "none" when: dhcp_good and adapter_count.stdout|int == "1" - diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 49cfc20ae..62f627690 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -1,15 +1,15 @@ # rpi_debian.yml -# Start out making simplifying assumptions +# Start out making simplifying assumptions # 1. we are dealing with a rpi3 # 2. Gui inputs define the config -- auto config is more difficult # a. gui_desired_network_role # b. hostapd_enabled -# c. gui_static_wan_ip +# c. gui_static_wan_ip # 3. In appliance mode: wan (and wlan0) is either static or dhcp under br0, and hostapd off # 4. In lan_controller: wan is off, eth0 and wlan0 under br0 # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway - + - name: Raspbian stock has openresolv which is not available in debian, off it package: name=openresolv state=absent @@ -27,7 +27,7 @@ gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined -- name: Rewrite the /etc/network/interfaces file which we corrupted +- name: Rewrite the /etc/network/interfaces file which we corrupted template: dest=/etc/network/interfaces src=network/interfaces.j2 @@ -35,7 +35,7 @@ template: dest=/etc/dhcpcd.conf src=network/dhcpcd.conf -- name: Copy the network config script +- name: Copy the network config script template: dest=/etc/network/interfaces.d/iiab src=network/iiab.j2 register: interface @@ -53,12 +53,12 @@ ignore_errors: True when: interface.changed -- name: and remove the device +- name: and remove the device command: brctl delbr br0 ignore_errors: True when: interface.changed -- name: reset the eth0 interface +- name: reset the eth0 interface command: ifdown eth0 ignore_errors: True when: interface.changed @@ -66,7 +66,7 @@ - name: restart the networking service service: name=networking state=restarted when: interface.changed - + - name: start up hostapd again service: name=hostapd state=started when: interface.changed diff --git a/roles/nextcloud/tasks/F18.yml b/roles/nextcloud/tasks/F18.yml index 7c5a8be68..a29aea723 100644 --- a/roles/nextcloud/tasks/F18.yml +++ b/roles/nextcloud/tasks/F18.yml @@ -5,7 +5,7 @@ # but we use the tar file to get the latest version; really only benefits the xo4 on fedora 18 - name: Get the nextcloud software get_url: url="{{ nextcloud_dl_url }}"/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} - when: internet_available + when: internet_available - name: Copy it to permanent location /opt unarchive: src={{ downloads_dir }}/{{ nextcloud_src_file }} dest=/opt/ diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index de2114ca7..6536e7da5 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -10,7 +10,7 @@ - name: Get the nextcloud software get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} - when: internet_available + when: internet_available async: 900 poll: 15 tags: @@ -138,4 +138,3 @@ value: "{{ nextcloud_src_file }}" - option: enabled value: "{{ nextcloud_enabled }}" - diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml index 523ced972..cc9c26b2c 100644 --- a/roles/nextcloud/tasks/nextcloud_enabled.yml +++ b/roles/nextcloud/tasks/nextcloud_enabled.yml @@ -29,8 +29,8 @@ # the install wizard does not succeed if already installed - name: Determine if nextcloud is installed shell: > - sudo -u {{ apache_user }} php - '{{ nextcloud_prefix }}/nextcloud/occ' status | + sudo -u {{ apache_user }} php + '{{ nextcloud_prefix }}/nextcloud/occ' status | gawk '/installed:/ { print $3 }' register: returned diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 3ec22116f..8f974abbf 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -16,7 +16,7 @@ group=root mode=0755 -- name: Create the directory for scripts +- name: Create the directory for scripts file: dest=/etc/openvpn/scripts state=directory owner=root diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml index 9b56a568d..5a220771b 100644 --- a/roles/owncloud/tasks/main.yml +++ b/roles/owncloud/tasks/main.yml @@ -11,7 +11,7 @@ register: owncloud_page - name: Install owncloud package - package: name={{ item }} + package: name={{ item }} state=present with_items: - curl @@ -40,19 +40,19 @@ - name: Get the owncloud software get_url: url={{ iiab_download_url }}/{{ owncloud_src_file }} dest={{ downloads_dir }}/{{ owncloud_src_file }} - when: internet_available + when: internet_available async: 300 poll: 5 - name: Copy it to permanent location /opt - unarchive: src={{ downloads_dir }}/{{ owncloud_src_file }} + unarchive: src={{ downloads_dir }}/{{ owncloud_src_file }} dest={{ owncloud_prefix }} creates={{ owncloud_prefix }}/owncloud/version.php when: not is_F18 # ansible 1.4.1 does not have "creates" - name: Copy it to permanent location /opt - unarchive: src={{ downloads_dir }}/{{ owncloud_src_file }} + unarchive: src={{ downloads_dir }}/{{ owncloud_src_file }} dest={{ owncloud_prefix }} when: is_F18 diff --git a/roles/owncloud/tasks/owncloud_enabled.yml b/roles/owncloud/tasks/owncloud_enabled.yml index f3ee392b2..b7a47c05a 100644 --- a/roles/owncloud/tasks/owncloud_enabled.yml +++ b/roles/owncloud/tasks/owncloud_enabled.yml @@ -33,4 +33,3 @@ lineinfile: regexp='overwrite.cli.url' state=absent dest="{{ owncloud_prefix }}/owncloud/config/config.php" - diff --git a/roles/pathagar/tasks/main.yml b/roles/pathagar/tasks/main.yml index de8411b33..3ee3308e8 100644 --- a/roles/pathagar/tasks/main.yml +++ b/roles/pathagar/tasks/main.yml @@ -1,5 +1,5 @@ - name: Remove if exist pathagar rpm version - package: name=pathagar + package: name=pathagar state=absent - name: Install pathagar pre requisites (both fedora and debian) diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index fc7e6e317..bd7616799 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,6 +1,6 @@ - name: Get the phpmyadmin software get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir}}/phpMyAdmin.zip" - when: internet_available + when: internet_available - name: Copy it to permanent location /opt unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/ diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index 06ab47a02..7a0ef3fc3 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -10,7 +10,7 @@ # Install and configure samba server (requires ports 137, 138, 139, 445 open). - name: Ensure Samba-related packages are installed. - package: name={{ item }} + package: name={{ item }} state=present with_items: - samba @@ -26,25 +26,25 @@ - name: Ensure Samba is running and set to start on boot. service: name={{ smb_service }} state=started enabled=yes - tags: + tags: - samba when : samba_enabled - name: netbios name server is running and set to start on boot. service: name={{ nmb_service }} state=started enabled=yes - tags: + tags: - samba when : samba_enabled - name: Disable Samba if that is wanted service: name={{ smb_service }} state=stopped enabled=no - tags: + tags: - samba when : not samba_enabled - name: Disable Samba name server if that is wanted service: name={{ nmb_service }} state=stopped enabled=no - tags: + tags: - samba when : not samba_enabled @@ -60,4 +60,3 @@ value: '"Samba is a Microsoft compatible remote file access system - generalized to CIFS --common internet file system"' - option: enabled value: "{{ samba_enabled }}" - diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index b2092ced6..560774ff3 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Disable root login with password +- name: Disable root login with password lineinfile: dest=/etc/ssh/sshd_config regexp='^PermitRootLogin' line='PermitRootLogin without-password' diff --git a/roles/sugar-stats/tasks/main.yml b/roles/sugar-stats/tasks/main.yml index d972a146b..c42d6ef7f 100644 --- a/roles/sugar-stats/tasks/main.yml +++ b/roles/sugar-stats/tasks/main.yml @@ -32,13 +32,13 @@ service: name=sugar-stats-server enabled=yes when: sugar_stats_enabled - + - name: Disable sugar-stats service service: name=sugar-stats-server enabled=no when: not sugar_stats_enabled - -- include: statistics-consolidation.yml + +- include: statistics-consolidation.yml - name: Add sugar-stats to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index bc41f0977..507c6afed 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -1,7 +1,7 @@ - name: Download the latest stable version of sugarizer from location under our control get_url: url={{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz dest={{ downloads_dir }}/{{ sugarizer_version }}.tar.gz - + #fixme - name: Untar it to target location command: tar xzf {{ downloads_dir }}/{{ sugarizer_version }}.tar.gz -C {{ sugarizer_location }} @@ -41,7 +41,7 @@ npm_exists: True when: npm.stat.exists is defined and npm.stat.exists -- name: Create systemd files and copy our ini file +- name: Create systemd files and copy our ini file template: src={{ item.src }} dest={{ item.dest }} owner=root @@ -60,14 +60,14 @@ - name: Create the express framework for node.js - ALL less F18 shell: npm install args: - chdir: "{{ sugarizer_location }}/sugarizer/server" + chdir: "{{ sugarizer_location }}/sugarizer/server" creates: "{{ sugarizer_location }}/sugarizer/server/node_modules" when: not is_F18 and not npm_exists - name: Create the express framework for node.js - F18 shell: npm install args: - chdir: "{{ sugarizer_location }}/sugarizer/server" + chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 and not npm_exists - name: enable services - All @@ -95,6 +95,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform"' + value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform"' - option: enabled value: "{{ sugarizer_enabled }}" diff --git a/roles/teamviewer/tasks/install.yml b/roles/teamviewer/tasks/install.yml index 9e8a6d325..93ef6f234 100644 --- a/roles/teamviewer/tasks/install.yml +++ b/roles/teamviewer/tasks/install.yml @@ -18,21 +18,21 @@ - download - name: Install X Windows on CentOS - shell: yum groupinstall -y "Server with GUI" + shell: yum groupinstall -y "Server with GUI" when: internet_available and ansible_distribution == "CentOS" tags: - download -- name: Get the teamviewer software +- name: Get the teamviewer software get_url: url="{{ teamviewer_url }}/{{ teamviewer_rpm_file }}" dest="{{ yum_packages_dir }}/{{ teamviewer_rpm_file }}" - when: internet_available + when: internet_available tags: - download # F22 has issues with yum localinstall exclude for now - name: Do the install of teamviewer, pulling in any required dependencies shell: "yum localinstall -y {{ yum_packages_dir }}/{{ teamviewer_rpm_file }}" - when: teamviewer_install and internet_available + when: teamviewer_install and internet_available and xo_model == "none" and ansible_distribution_version <= "21" - name: making local copy available @@ -45,4 +45,3 @@ with_items: - teamviewer* when: teamviewer_install and xo_model == "none" and ansible_distribution_version >= "22" - diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb-lib/tasks/main.yml index f82cb1f2c..3d4aee182 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb-lib/tasks/main.yml @@ -34,24 +34,24 @@ - name: Add apache config for content directory template: src=content_dir.conf dest=/etc/{{ apache_config_dir }} - when: usb_lib_enabled + when: usb_lib_enabled - name: create the link to enable for debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=link when: is_debuntu - + - name: remove the link that enables in debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=absent when: is_debuntu and not usb_lib_enabled - + - name: remove apache config for content directory file: name=/etc/{{ apache_config_dir }}/content_dir.conf state=absent - when: not usb_lib_enabled + when: not usb_lib_enabled - name: Add usb-lib to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 7a37a67cc..2cfce0b0c 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -8,10 +8,10 @@ - download - name: put the config file in place - template: src=vnstat.conf.j2 - dest=/etc/vnstat.conf - mode=0744 - owner=root + template: src=vnstat.conf.j2 + dest=/etc/vnstat.conf + mode=0744 + owner=root group=root - name: create database for wan to collect vnstat data diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 2e162b872..37471e929 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -1,7 +1,7 @@ - name: Get the WordPress software get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir}}/ register: wp_download_output - when: internet_available + when: internet_available - name: Copy it to permanent location /library unarchive: src={{ wp_download_output.dest }} dest=/library From 07c4243b9188129ac98e57d0b2b91bf5a2c3819d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 19 Oct 2017 11:36:25 -0500 Subject: [PATCH 075/466] disable ansible repo for now --- roles/2-common/templates/ansible.repo | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/templates/ansible.repo b/roles/2-common/templates/ansible.repo index a6918bdb7..ea7a0120d 100644 --- a/roles/2-common/templates/ansible.repo +++ b/roles/2-common/templates/ansible.repo @@ -2,6 +2,6 @@ name=ansible failovermethod=priority baseurl=http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ -enabled=1 +enabled=0 metadata_expire=1d gpgcheck=0 From b1e166db69235111f780322cf2fa87e00dc8ea4e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 19 Oct 2017 21:16:08 -0400 Subject: [PATCH 076/466] typo in comment: npn -> npm --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 507c6afed..0110beccc 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -31,7 +31,7 @@ - nodejs - npm -# attempting to reinstall npn is broken on raspbian 9 +# attempting to reinstall npm is broken on raspbian 9 - name: check for sugarizer already installed stat: path={{ sugarizer_location }}/sugarizer/server/node_modules register: npm From 602223e4ffce8db0053e76cf57192e9c406a4b8a Mon Sep 17 00:00:00 2001 From: Arky Date: Fri, 20 Oct 2017 11:36:10 +0700 Subject: [PATCH 077/466] Adds spaces in variables after {{ and before }} Fixes various warnings in Travis CI [EXTRA0001] Variables should have spaces after {{ and before }} --- iiab.yml | 2 +- roles/2-common/tasks/xo.yml | 2 +- roles/activity-server/tasks/main.yml | 2 +- roles/dokuwiki/tasks/install.yml | 2 +- roles/elgg/templates/settings.php.j2 | 24 +++++++++---------- roles/kalite/tasks/install.yml | 4 ++-- roles/kiwix/templates/iiab-make-kiwix-lib | 2 +- roles/moodle/tasks/main.yml | 2 +- roles/network/tasks/avahi.yml | 2 +- roles/network/tasks/static.yml | 2 +- .../templates/avahi/schoolserver.service | 2 +- roles/network/templates/dhcp/dhcpd-env.j2 | 5 ++-- .../templates/gateway/iiab-gen-iptables | 16 ++++++------- roles/network/templates/network/br0.j2 | 9 ++++--- roles/network/templates/network/iiab.j2 | 3 +-- roles/nextcloud/templates/nextcloud.conf.j2 | 4 ++-- roles/owncloud/tasks/main.yml | 2 +- roles/owncloud/templates/owncloud.conf.j2 | 4 ++-- roles/phpmyadmin/tasks/main.yml | 2 +- roles/wordpress/tasks/install.yml | 2 +- roles/xovis/tasks/main.yml | 2 +- vars/default_vars.yml | 4 ++-- 22 files changed, 48 insertions(+), 51 deletions(-) diff --git a/iiab.yml b/iiab.yml index 6be4ebaac..f4cafc001 100644 --- a/iiab.yml +++ b/iiab.yml @@ -4,7 +4,7 @@ vars_files: - vars/default_vars.yml - - vars/{{ ansible_local.local_facts.os_ver}}.yml + - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml - /etc/iiab/config_vars.yml diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index ee9b4f852..4c7c1237e 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -109,7 +109,7 @@ state=absent - name: Download substitute software for i386 on FC18 XO1.5 - get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir}}/{{ item }} + get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir }}/{{ item }} with_items: - hostapd_8188_i386 when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available diff --git a/roles/activity-server/tasks/main.yml b/roles/activity-server/tasks/main.yml index 55b4d4b15..29183b146 100644 --- a/roles/activity-server/tasks/main.yml +++ b/roles/activity-server/tasks/main.yml @@ -16,7 +16,7 @@ # Wish synchronize worked, but it doesn't - name: Copy language templates - command: rsync -a {{iiab_dir}}/roles/activity-server/files/lang_templates /library/xs-activity-server/ + command: rsync -a {{ iiab_dir }}/roles/activity-server/files/lang_templates /library/xs-activity-server/ - name: Copy default index files copy: src={{ item }} diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index 82eaadf3e..796623e8c 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,5 +1,5 @@ - name: Get the Dokuwiki software - get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir}}/ + get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir }}/ when: internet_available - name: Copy it to permanent location /library diff --git a/roles/elgg/templates/settings.php.j2 b/roles/elgg/templates/settings.php.j2 index b063be31a..585e8bf0f 100644 --- a/roles/elgg/templates/settings.php.j2 +++ b/roles/elgg/templates/settings.php.j2 @@ -35,21 +35,21 @@ if (!isset($CONFIG)) { * * @global string $CONFIG->dbuser */ -$CONFIG->dbuser = '{{dbuser}}'; +$CONFIG->dbuser = '{{ dbuser }}'; /** * The database password * * @global string $CONFIG->dbpass */ -$CONFIG->dbpass = '{{dbpassword}}'; +$CONFIG->dbpass = '{{ dbpassword }}'; /** * The database name * * @global string $CONFIG->dbname */ -$CONFIG->dbname = '{{dbname}}'; +$CONFIG->dbname = '{{ dbname }}'; /** * The database host. @@ -58,7 +58,7 @@ $CONFIG->dbname = '{{dbname}}'; * * @global string $CONFIG->dbhost */ -$CONFIG->dbhost = '{{dbhost}}'; +$CONFIG->dbhost = '{{ dbhost }}'; /** * The database prefix @@ -69,7 +69,7 @@ $CONFIG->dbhost = '{{dbhost}}'; * * @global string $CONFIG->dbprefix */ -$CONFIG->dbprefix = '{{dbprefix}}'; +$CONFIG->dbprefix = '{{ dbprefix }}'; /** * Multiple database connections @@ -130,17 +130,17 @@ $CONFIG->dbprefix = '{{dbprefix}}'; /** * Cookie configuration * - * Elgg uses 2 cookies: a PHP session cookie and an extended login cookie + * Elgg uses 2 cookies: a PHP session cookie and an extended login cookie * (also called the remember me cookie). See the PHP manual for documentation on * each of these parameters. Possible options: - * + * * - Set the session name to share the session across applications. * - Set the path because Elgg is not installed in the root of the web directory. * - Set the secure option to true if you only serve the site over HTTPS. * - Set the expire option on the remember me cookie to change its lifetime * * To use, uncomment the appropriate sections below and update for your site. - * + * * @global array $CONFIG->cookies */ // get the default parameters from php.ini @@ -197,16 +197,16 @@ $CONFIG->min_password_length = 6; /** * This is an optional script used to override Elgg's default handling of * uncaught exceptions. - * + * * This should be an absolute file path to a php script that will be called * any time an uncaught exception is thrown. - * + * * The script will have access to the following variables as part of the scope * global $CONFIG * $exception - the unhandled exception - * + * * @warning - the database may not be available - * + * * @global string $CONFIG->exception_include */ $CONFIG->exception_include = ''; diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 40169dc8b..ea1d2fd5c 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -65,9 +65,9 @@ with_items: - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'} - { src: 'kalite.sh.j2', dest: '/etc/profile.d/kalite.sh', mode: '0644'} - - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir}}', mode: '0644'} + - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'} - name: Create symlink to kalite bin file in path file: path=/usr/bin/kalite - src={{kalite_venv}}/bin/kalite + src={{ kalite_venv }}/bin/kalite state=link diff --git a/roles/kiwix/templates/iiab-make-kiwix-lib b/roles/kiwix/templates/iiab-make-kiwix-lib index 6cb6d42c0..11a4b1d2a 100644 --- a/roles/kiwix/templates/iiab-make-kiwix-lib +++ b/roles/kiwix/templates/iiab-make-kiwix-lib @@ -1,6 +1,6 @@ #!/bin/sh -{{systemctl_program }} stop kiwix-serve +{{ systemctl_program }} stop kiwix-serve /usr/bin/iiab-make-kiwix-lib.py /usr/bin/iiab-make-apache-config.py {{ systemctl_program }} start kiwix-serve diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index f13ef2be0..a8f75c4b8 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -106,7 +106,7 @@ become_user: postgres - name: Put a startup install script in place - template: dest={{moodle_base}} + template: dest={{ moodle_base }} src=moodle_installer mode=0755 diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index f23e61977..289cca8d7 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -53,7 +53,7 @@ - name: set ssh port for avahi lineinfile: dest=/etc/avahi/services/ssh.service regexp='$' - line=' {{ssh_port}}' + line=' {{ ssh_port }}' state=present backrefs=yes diff --git a/roles/network/tasks/static.yml b/roles/network/tasks/static.yml index ffe658b6b..485a8b1db 100644 --- a/roles/network/tasks/static.yml +++ b/roles/network/tasks/static.yml @@ -14,6 +14,6 @@ - name: use upstream nameserver until named is installed lineinfile: dest=/etc/resolv.conf - line='nameserver {{wan_nameserver}}' + line='nameserver {{ wan_nameserver }}' create=yes state=present diff --git a/roles/network/templates/avahi/schoolserver.service b/roles/network/templates/avahi/schoolserver.service index 2c3d43952..84fd756c0 100644 --- a/roles/network/templates/avahi/schoolserver.service +++ b/roles/network/templates/avahi/schoolserver.service @@ -4,6 +4,6 @@ MGMT console at %h _https._tcp -{{gui_port}} +{{ gui_port }} diff --git a/roles/network/templates/dhcp/dhcpd-env.j2 b/roles/network/templates/dhcp/dhcpd-env.j2 index 1f308d5dc..617a3434f 100644 --- a/roles/network/templates/dhcp/dhcpd-env.j2 +++ b/roles/network/templates/dhcp/dhcpd-env.j2 @@ -1,8 +1,7 @@ ## XS Config override ## ## This file has an ".in" template - for details see -## see /usr/share/doc/xs-config-/README +## see /usr/share/doc/xs-config-/README # # Point dhcpd to the XS-specific config -DHCPDARGS='-cf /etc/dhcpd-iiab.conf {{iiab_lan_iface}}' - +DHCPDARGS='-cf /etc/dhcpd-iiab.conf {{ iiab_lan_iface }}' diff --git a/roles/network/templates/gateway/iiab-gen-iptables b/roles/network/templates/gateway/iiab-gen-iptables index a1507d4da..b45295883 100755 --- a/roles/network/templates/gateway/iiab-gen-iptables +++ b/roles/network/templates/gateway/iiab-gen-iptables @@ -16,10 +16,10 @@ $IPTABLES -t nat -F $IPTABLES -X # first match wins -# Always accept loopback traffic +# Always accept loopback traffic $IPTABLES -A INPUT -i lo -j ACCEPT -# Always drop rpc +# Always drop rpc $IPTABLES -A INPUT -p tcp --dport 111 -j DROP $IPTABLES -A INPUT -p udp --dport 111 -j DROP # mysql @@ -73,10 +73,10 @@ clear_fw $IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A INPUT -m state --state NEW -i $lan -j ACCEPT -# Allow mDNS +# Allow mDNS $IPTABLES -A INPUT -p udp --dport 5353 -j ACCEPT -#when run as gateway +#when run as gateway $IPTABLES -A INPUT -p tcp --dport $ssh_port -m state --state NEW -i $wan -j ACCEPT if [ "$gui_wan" == "True" ]; then @@ -96,9 +96,9 @@ fi $IPTABLES -A FORWARD -i $wan -o $lan -m state --state ESTABLISHED,RELATED -j ACCEPT #Block https traffic except if directed at server -if [ "$gw_block_https" == "True" ]; then +if [ "$gw_block_https" == "True" ]; then $IPTABLES -A FORWARD -p tcp ! -d 172.18.96.1 --dport 443 -j DROP -fi +fi # Allow outgoing connections from the LAN side. $IPTABLES -A FORWARD -i $lan -o $wan -j ACCEPT @@ -108,8 +108,8 @@ $IPTABLES -A FORWARD -i $wan -o $lan -j DROP $IPTABLES -A INPUT -i $wan -j DROP if [ "$block_DNS" == "True" ];then - $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 53 ! -d {{lan_ip}} -j DNAT --to {{lan_ip}}:53 - $IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{lan_ip}} -j DNAT --to {{lan_ip}}:53 + $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53 + $IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53 fi if [ -f /etc/sysconfig/xs_httpcache_on ]; then diff --git a/roles/network/templates/network/br0.j2 b/roles/network/templates/network/br0.j2 index 1230c0766..d59ccd5df 100644 --- a/roles/network/templates/network/br0.j2 +++ b/roles/network/templates/network/br0.j2 @@ -3,7 +3,7 @@ # we always want the wireless to be configured (and under bridge) auto {{ discovered_wireless_iface }} -iface {{discovered_wireless_iface }} inet manual +iface {{ discovered_wireless_iface }} inet manual pre-up ifconfig $IFACE up pre-down ifconfig $IFACE down @@ -13,7 +13,7 @@ auto {{ discovered_wan_iface }} {% if gui_static_wan == false %} iface {{ discovered_wan_iface }} inet dhcp pre-up ip link set br0 down && brctl delbr br0 -{% else %} # gui_static_wan_ip is set +{% else %} # gui_static_wan_ip is set iface {{ discovered_wan_iface }} inet static # pre-up ip link set br0 down && brctl delbr br0 address {{ gui_static_wan_ip }} @@ -25,7 +25,7 @@ iface {{ discovered_wan_iface }} inet static ################# GATEWAY ######################### auto br0 iface br0 inet static - bridge_ports {{ discovered_wireless_iface }} + bridge_ports {{ discovered_wireless_iface }} address {{ lan_ip }} netmask {{ lan_netmask }} dns-nameservers {{ lan_ip }} @@ -36,7 +36,7 @@ allow-hotplug {{ discovered_wan_iface }} iface {{ discovered_wan_iface }} inet manual pre-up ifconfig $IFACE up pre-down ifconfig $IFACE down -{% else %} # gui_static_wan_ip is set +{% else %} # gui_static_wan_ip is set iface {{ discovered_wan_iface }} inet static address {{ gui_static_wan_ip }} netmask {{ gui_static_wan_netmask }} @@ -58,4 +58,3 @@ iface br0 inet static dns-search {{ iiab_domain }} post-up systemctl restart dhcpd && systemctl restart hostapd {% endif %} - diff --git a/roles/network/templates/network/iiab.j2 b/roles/network/templates/network/iiab.j2 index 4317d2718..82e4689ba 100644 --- a/roles/network/templates/network/iiab.j2 +++ b/roles/network/templates/network/iiab.j2 @@ -6,7 +6,7 @@ {% if discovered_wireless_iface != 'none' %} auto {{ discovered_wireless_iface }} -iface {{discovered_wireless_iface }} inet manual +iface {{ discovered_wireless_iface }} inet manual {% endif %} {% if iiab_network_mode == "Appliance" %} @@ -45,4 +45,3 @@ iface br0 inet static dns-search {{ iiab_domain }} post-up systemctl restart dhcpd && systemctl restart hostapd {% endif %} - diff --git a/roles/nextcloud/templates/nextcloud.conf.j2 b/roles/nextcloud/templates/nextcloud.conf.j2 index bec146a9d..965973ad4 100644 --- a/roles/nextcloud/templates/nextcloud.conf.j2 +++ b/roles/nextcloud/templates/nextcloud.conf.j2 @@ -1,4 +1,4 @@ -Alias {{ nextcloud_url }} {{ nextcloud_prefix}}/nextcloud +Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud Options -Indexes @@ -6,7 +6,7 @@ Alias {{ nextcloud_url }} {{ nextcloud_prefix}}/nextcloud # Apache 2.4 Require host localhost - Require ip 127.0.0.1 {{lan_ip}}/{{lan_netmask}} {{ nextcloud_required_ip }} + Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} # Apache 2.2 diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml index 5a220771b..03e8fb872 100644 --- a/roles/owncloud/tasks/main.yml +++ b/roles/owncloud/tasks/main.yml @@ -77,7 +77,7 @@ - name: Create data directory library file: path={{ item }} mode=0750 - owner={{ apache_user}} + owner={{ apache_user }} group=apache state=directory with_items: diff --git a/roles/owncloud/templates/owncloud.conf.j2 b/roles/owncloud/templates/owncloud.conf.j2 index 9766e6aef..f90448c9a 100644 --- a/roles/owncloud/templates/owncloud.conf.j2 +++ b/roles/owncloud/templates/owncloud.conf.j2 @@ -1,4 +1,4 @@ -Alias {{ owncloud_url }} {{ owncloud_prefix}}/owncloud +Alias {{ owncloud_url }} {{ owncloud_prefix }}/owncloud Options -Indexes @@ -6,7 +6,7 @@ Alias {{ owncloud_url }} {{ owncloud_prefix}}/owncloud # Apache 2.4 Require host localhost - Require ip 127.0.0.1 {{lan_ip}}/{{lan_netmask}} {{ owncloud_required_ip }} + Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ owncloud_required_ip }} # Apache 2.2 diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index bd7616799..18204cab6 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,5 +1,5 @@ - name: Get the phpmyadmin software - get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir}}/phpMyAdmin.zip" + get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir }}/phpMyAdmin.zip" when: internet_available - name: Copy it to permanent location /opt diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 37471e929..21997784b 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -1,5 +1,5 @@ - name: Get the WordPress software - get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir}}/ + get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir }}/ register: wp_download_output when: internet_available diff --git a/roles/xovis/tasks/main.yml b/roles/xovis/tasks/main.yml index c0e8fd0d8..38f4469db 100644 --- a/roles/xovis/tasks/main.yml +++ b/roles/xovis/tasks/main.yml @@ -62,7 +62,7 @@ when: xovis_enabled - name: Check if db exists - shell: "kanso listdb | grep {{xovis_db_name }}" + shell: "kanso listdb | grep {{ xovis_db_name }}" register: found_db ignore_errors: yes diff --git a/vars/default_vars.yml b/vars/default_vars.yml index d4eaa3c06..ee6189b50 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -46,7 +46,7 @@ lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 # Read https://github.com/iiab/iiab/wiki/IIAB-Networking -# Also readable offline @ http://box/info/IIAB-Networking.html +# Also readable offline @ http://box/info/IIAB-Networking.html # Gateway mode iiab_lan_enabled: True @@ -272,7 +272,7 @@ rachel_install: False rachel_enabled: False rachel_content_found: False #rachel_url: /rachel -rachel_doc_root: "{{ doc_root}}/modules" +rachel_doc_root: "{{ doc_root }}/modules" # Kiwix-serve kiwix_install: True From 3ef77c3962b44ac3aad1c94e1ea8bbaf50ecb6b6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 20 Oct 2017 10:33:34 -0400 Subject: [PATCH 078/466] use Andible to pin nodejs to 6.x (curl was not suffic on WiFi install) --- roles/sugarizer/tasks/main.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 0110beccc..d0e01ec9d 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -16,12 +16,10 @@ shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - when: internet_available and is_debuntu -- name: Install sugarizer required packages - is_debuntu - package: name={{ item }} +- name: Install nodejs=6.* which also installs npm - is_debuntu + package: name=nodejs=6.* state=present when: internet_available and is_debuntu - with_items: - - nodejs - name: Install npm non is_debuntu package: name={{ item }} From 0b2a86a6bcc8f0f6954c6b9f65422d9860a68e98 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 20 Oct 2017 12:57:13 -0400 Subject: [PATCH 079/466] clarify that nodejs 6.x includes /usr/bin/npm --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index d0e01ec9d..8bb5985ed 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -16,7 +16,7 @@ shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - when: internet_available and is_debuntu -- name: Install nodejs=6.* which also installs npm - is_debuntu +- name: Install nodejs=6.* which includes /usr/bin/npm - is_debuntu package: name=nodejs=6.* state=present when: internet_available and is_debuntu From d98291fb04a8b2ce88309ed9f9832cdf5f741a7a Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 21 Sep 2017 21:06:18 -0400 Subject: [PATCH 080/466] named - wrong place --- roles/network/tasks/named.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index a152719aa..0113d7672 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -19,9 +19,9 @@ - download # or we have to change the serial number in the config files. -- name: Stop named before copying files - service: name={{ dns_service }} state=stopped - when: not installing +#- name: Stop named before copying files +# service: name={{ dns_service }} state=stopped +# when: not installing - name: Set folder permission file: path={{ item }} From c6b3cc01042b110cb45e09d765c9772de4d8e8fc Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 22 Oct 2017 05:32:41 -0400 Subject: [PATCH 081/466] 3-BASE -> 3-BASE-SERVER consistent w/ local_vars.yml etc --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index ee6189b50..20460e5ef 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -88,7 +88,7 @@ wan_nameserver: # 2-COMMON -# 3-BASE +# 3-BASE-SERVER # Apache allow_apache_sudo: False From b1d7f0da242783c92ae2f804336c583564cc3067 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 22 Oct 2017 12:16:00 -0400 Subject: [PATCH 082/466] sync from community's latest http://wiki.laptop.org/go/IIAB/local_vars.yml --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 6982f9484..8c6459e6e 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -34,7 +34,7 @@ iiab_gateway_enabled: False # Make this False to disable http://box/common/services/power_off.php button: allow_apache_sudo: True -# 3-BASE +# 3-BASE-SERVER squid_install: False squid_enabled: False From 2875b784d904ee79d181f4f9c70ca5fb03a25ad2 Mon Sep 17 00:00:00 2001 From: Arky Date: Mon, 23 Oct 2017 15:06:21 +0700 Subject: [PATCH 083/466] Adding Contribution guidelines for new developers These contribution guidelines are available offline for new developers. They are also shown in the github user interface as a link while submitting new bugs. Refer : https://help.github.com/articles/setting-guidelines-for-repository-contributors/ --- CONTRIBUTING.md | 143 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 143 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..0f543665a --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,143 @@ +Contributing to Internet-in-a-Box (IIAB) +======================================= +Internet-in-a-Box runs on various GNU/Linux operating systems such as Fedora, Ubuntu, Debian, CentOS and Raspbian. + +You can install Internet-in-a-Box on most late model desktop and laptop computers. It also supports Intel NUC, Intel Gigabyte BRIX, OLPC XO-1.5, XO-1.75, XO-4, Raspberry Pi 2 and Raspberry Pi 3. A VirtualBox VM can also used for testing purposes. Using Docker containers however is not recommended as our Ansible provisioning system requires low-level access to the operating system. + +Please refer to [IIAB Platforms](https://github.com/iiab/iiab/wiki/IIAB-Platforms) for more information. + +Internet-in-a-Box uses [Ansible](https://www.ansible.com/) infrastructure automation tool to deploy and configure all software packages. Ansible uses [playbooks](http://docs.ansible.com/ansible/latest/playbooks.html) a human readable instruction files in YAML format. Playbooks are divided into hosts, roles and tasks. +``` +├── roles +│ ├── 1-prep +│ │ ├─ defaults +| | | ├──main.yml (lowest precedence variable definitions, overridden by /vars/default_vars.yml, overridden by ./vars/local_vars.yml. +│ │ ├── README.rst +│ │ ├── tasks +| | | ├──main.yml (specifies the actions to install this role +│ │ └── templates +| | | ├<(text files where ansible variables are substituted, specified via {% %} containers-(jinja2 language). +│ ├── 2-common +│ │ ├── README.rst +│ │ ├── tasks +│ │ └── templates +``` +At runtime, Ansible gathers system information and makes it available (called 'facts') and combines this with playbook defined 'variables' to guide the installation process. The execution follows a sequence of cascading steps: + +1. Bash script `./runansible` follows instructions in `iiab.yml` in the root directory. + +2. `iiab.yml` calls 9 aggregate roles (the numbered directories under `./roles/`). + +3. Each aggregate role has a `/meta/main.yml` which calls the individual named roles. + +Please refer to the [IIAB Architecture](https://github.com/iiab/iiab/wiki/IIAB-Architecture) and [IIAB Variables]( https://github.com/iiab/iiab/wiki/IIAB-Variables) pages for more information. + +Installation +============ + +Before you start the installation please refer to the [hardware section of FAQ](http://wiki.laptop.org/go/IIAB/FAQ#What_hardware_should_I_use.3F) page for memory, storage and network requirements for your platform. Also note that downloading content might take a long time on slower Internet connections. + +If you are a developer, please consider [building Internet-in-a-Box from scratch](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch). + +Please refer to the [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) page for more information. + +Setting up development environment +=================================== +( This section uses experimental development environment for Internet-in-a-Box. It is being developed in the [iiab-dev-mode repository](https://github.com/arky/iiab-dev-mode). ) + +This section provide a quick setup of Internet-in-a-Box (IIAB) development environment using [Vagrant](https://www.vagrantup.com/). You will need a computer with [virtualization enabled](https://www.virtualbox.org/manual/UserManual.html) and git, Vagrant (2.0 or later) and [VirtualBox](https://www.virtualbox.org/) installed. + +## Requirements + + * git + * [Vagrant (2.0 or later)](https://www.vagrantup.com/) + * [VirtualBox](https://www.virtualbox.org/wiki/Downloads) + * Editor ([Atom](www.atom.io), Emacs, vi, etc) + +## Setup Instructions +1. Check out the repository and its submodules onto your development machine. +`git clone --recursive git@github.com:arky/iiab-dev-mode.git` + +2. Change directory into 'iiab-dev-mode' with `cd iiab-dev-mode`. You can update all the submodules to latest master using `git submodule foreach git pull origin master` + +3. Set up a vagrant machine with `vagrant up` and provision it with `vagrant provision`. Please select the available bridge network interface (wlan0 or eth0) that connects your host machine to the Internet. + +4. Connect to your vagrant machine with `vagrant ssh`. All your local development files available as shared folder in `/opt/iiab` directory. + +5. Install IIAB itself from the Ansible playbooks by following [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch) instructions: +``` + cd /opt/iiab/iiab/scripts/ + ./ansible + + cd /opt/iiab/iiab/ + ./runansible + + cd /opt/iiab/iiab-admin-console/ + ./install + + cd /opt/iiab/iiab-menu/ + ./cp-menus +``` +6. Hack away! + +7. You can commit your local changes to your personal forks of Internet-in-a-Box repository and then send pull request to IIAB project. Once you forked a repository, you change directory into that repository and setting a default git remote push setting with the following command. + + `cd && git remote set-url --push origin git@github.com:/.git` + + Learn more by reading blog post [Different git Push & Pull(fetch) URLs](http://blog.yuriy.tymch.uk/2012/05/different-git-push-pullfetch-urls.html) and the [Git Basics - Working with Remotes](https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes) chapter of Scott Chacon and Ben Straub's "Git Pro" book. + +8. Once you are done, you can stop your vagrant machine with `vagrant halt` or remove it completely with `vagrant destroy`. + +Debugging +========= + +Here are few strategies for debugging problems during the Internet-in-a-Box installation. + +* When a installation task fails, Ansible halts printing out a descriptive error message to the screen. This error information is also written to `iiab-install.log` file within `/opt/iiab/iiab`. (Look through logs to check if any preceding line contains the error). +* When an installation succeeds, the last lines printed on the screen will look like the following (failed=0): +``` + PLAY RECAP ********************************************************************* + 127.0.0.1 : ok=405 changed=125 unreachable=0 failed=0 +``` +* Search through the Ansible playbooks using `egrep -rn /opt/iiab/iiab/roles/*>` to find the failed task. +* You can add additional [debug print statements](http://docs.ansible.com/ansible/latest/debug_module.html) to Ansible playbooks for debugging the problem. +* Talk to us or report a bug using the information below. + + Please refer to [Ansible playbook documentation](http://docs.ansible.com/ansible/latest/playbooks.html) for more information. + +Testing your code with Travis CI +================================= + +To maintain the quality of the Internet-in-a-Box (IIAB) code we use [Travis Continuous Integration (CI)](https://travis-ci.org) build infrastructure. Travis CI does tests to +ensure the code syntax is correct and the code is formatted properly using `ansible` syntax checker, `ansible-lint` and `ansible-review` tools. The results of Travis CI Internet-in-a-Box (IIAB) could be seen [here](https://travis-ci.org/iiab/iiab). + +Every pull request is automatically tested by Travis CI. The results of these tests are added to the pull request. This aids Internet-in-a-Box (IIAB) developers in reviewing the quality of the code in a pull request. + +To test your forked repository of Internet-in-a-Box (IIAB) code. You have to enable automatic build tests in your [Travis-ci.org](https://travis-ci.org) profile page. + +* Login to [Travis-ci.org](https://travis-ci.org) using your Github account. +* Go to your Travis CI profile page and enable the repository you want to build. +* The builds will start whenever a new commit is pushed to your repository. + +Please refer to [Travis CI documentation](https://docs.travis-ci.com/user/getting-started/) for more information. + +Reporting Bugs +============== + +You can file bug reports on [GitHub](https://github.com/): + +* Sign up for a [GitHub](https://github.com/) account +* Go to the [issue tracker on GitHub](https://github.com/iiab/iiab/issues) +* Search for existing issues using the search field +* If you don't find any similar issues, file a new issue! + +Please consider providing a descriptive title, your operating system information, error messages and steps to reproduce the issue. + +Get in touch +============ + +* Join our [technology](http://lists.laptop.org/listinfo/server-devel) and [learning design](https://groups.google.com/group/unleashkids) mailing lists +* Join our [live calls](http://minutes.iiab.io) most Mondays and Thursday +* Join us on IRC live chat: [#schoolserver](https://webchat.freenode.net/?channels=#schoolserver) on [freenode]( https://www.freenode.net/) +* Post an idea or question to our [community forums](http://iiab.io/) +* Read our Frequently Asked Questions ([FAQ.IIAB.IO](http://FAQ.IIAB.IO)) From 1408d9f4ebca39fb018e0d09d464ca2ec102fb94 Mon Sep 17 00:00:00 2001 From: George Hunt Date: Mon, 23 Oct 2017 02:29:22 -0700 Subject: [PATCH 084/466] work around for bug --- roles/1-prep/tasks/detected_redhat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/detected_redhat.yml b/roles/1-prep/tasks/detected_redhat.yml index 031a0c030..509339f0b 100644 --- a/roles/1-prep/tasks/detected_redhat.yml +++ b/roles/1-prep/tasks/detected_redhat.yml @@ -44,7 +44,7 @@ - name: Set has ifcfg gw based on on macaddress if found set_fact: has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}" - when: ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" + when: ifcfg_gw_mac is defined and ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" # could use something else - name: Find wifi gateway config if present - Can Fail From 95d5e73133816898651c9fe63fdc71bcc221767b Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 26 Sep 2017 12:23:25 -0500 Subject: [PATCH 085/466] testing changes --- roles/1-prep/tasks/detected_redhat.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/1-prep/tasks/detected_redhat.yml b/roles/1-prep/tasks/detected_redhat.yml index 509339f0b..cb767758e 100644 --- a/roles/1-prep/tasks/detected_redhat.yml +++ b/roles/1-prep/tasks/detected_redhat.yml @@ -1,52 +1,53 @@ - name: Checking for ifcfg-WAN file - Can Fail stat: path=/etc/sysconfig/network-scripts/ifcfg-WAN - register: has_ifcfg_WAN when: not first_run + register: has_ifcfg_WAN + ignore_errors: True - name: Setting ifcfg-WAN True set_fact: has_WAN: True - when: has_ifcfg_WAN.stat is defined and has_ifcfg_WAN.stat.exists + when: not first_run and has_ifcfg_WAN.stat.exists -# DETECT -- gateway and wireless +# DETECT -- gateway and wireless - Can Fail - name: Get a list of slaves from previous config - Can Fail shell: "egrep -rn BRIDGE=br0 /etc/sysconfig/network-scripts/ifcfg-* | gawk -F'[-:]' '{print $3}'" + when: not first_run register: ifcfg_slaves ignore_errors: True changed_when: False - when: not first_run # returns list of paths -- name: Find gateway config based on device +- name: Find gateway config based on device - Can Fail shell: "egrep -rn {{ device_gw }} /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}'" + when: not first_run and device_gw != "none" register: ifcfg_gw_device ignore_errors: True changed_when: False - when: not first_run and device_gw != "none" # last match wins - name: Setting has ifcfg gw based on device if found set_fact: has_ifcfg_gw: "{{ item|trim }}" - ignore_errors: True when: ifcfg_gw_device.stdout_lines is defined and item|trim != "" and item|trim != "/etc/sysconfig/network-scripts/ifcfg-LAN" with_items: - "{{ ifcfg_gw_device.stdout_lines }}" + ignore_errors: True # returns path - name: Find active gateway config based on macaddress - Can Fail shell: "egrep -irn {{ ansible_default_ipv4.macaddress }} /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | head -n 1" + when: ansible_default_ipv4.gateway is defined register: ifcfg_gw_mac ignore_errors: True changed_when: False - when: ansible_default_ipv4.gateway is defined - name: Set has ifcfg gw based on on macaddress if found set_fact: has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}" when: ifcfg_gw_mac is defined and ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" -# could use something else +# could use something else - Can Fail - name: Find wifi gateway config if present - Can Fail shell: egrep -rn ESSID /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | gawk -F '/' '{print $5}' register: ifcfg_WAN_wifi @@ -62,9 +63,9 @@ - name: Finding device for wifi AP gateway - Can Fail shell: egrep -rn DEVICE /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' + when: has_wifi_gw != "none" and has_ifcfg_gw != "none" register: AP_device ignore_errors: True - when: has_wifi_gw != "none" and has_ifcfg_gw != "none" - name: Setting wifi device set_fact: @@ -78,4 +79,3 @@ # changed_when: False # ignore_errors: True # when: num_lan_interfaces >= "1" or iiab_wireless_lan_iface != "none" - From 1f1fb514614221dc11860a4c2bc136aabea55b12 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 23 Oct 2017 11:19:19 -0400 Subject: [PATCH 086/466] Rename LICENSE to LICENSE.md --- LICENSE => LICENSE.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename LICENSE => LICENSE.md (100%) diff --git a/LICENSE b/LICENSE.md similarity index 100% rename from LICENSE rename to LICENSE.md From b0fb67af9d4e3eb5ea595e7555b432ff898dd977 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 23 Oct 2017 14:13:50 -0500 Subject: [PATCH 087/466] Proposed fix for issue #448 Might need full path ie {{ osm_path }} in place of {{ osm_venv }} With the push by the distros to python3 we took the step to use virtual environments to better contain python 2.7 based programs. --- roles/osm/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index 33039e02f..e568f14ab 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -71,6 +71,12 @@ osm_path: "{{ osm_venv }}/lib/python2.7/site-packages/iiab" when: osm_enabled and is_debuntu +- name: All - Point wsgi to virtual environment + lineinfile: dest={{ osm_venv }}/bin/iiab.wsgi + regexp='path_to_virtualenv*' + line='path_to_virtualenv = /usr/local/osm' + state=present + - name: All - Copy IIAB config file template: backup=no src=osm.conf.j2 From b0fb07c6509665a9011c78ed775951bd90da0313 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 23 Oct 2017 20:18:26 -0500 Subject: [PATCH 088/466] python needs single quotes for variables --- roles/osm/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index e568f14ab..cce9c7de3 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -73,8 +73,8 @@ - name: All - Point wsgi to virtual environment lineinfile: dest={{ osm_venv }}/bin/iiab.wsgi - regexp='path_to_virtualenv*' - line='path_to_virtualenv = /usr/local/osm' + regexp="path_to_virtualenv*" + line="path_to_virtualenv = '/usr/local/osm'" state=present - name: All - Copy IIAB config file From e230aeaaaf9a4f0c889f615486d2f822283ff34c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 23 Oct 2017 21:57:51 -0500 Subject: [PATCH 089/466] tighten up regexp --- roles/osm/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index cce9c7de3..e71dbda79 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -73,7 +73,7 @@ - name: All - Point wsgi to virtual environment lineinfile: dest={{ osm_venv }}/bin/iiab.wsgi - regexp="path_to_virtualenv*" + regexp="path_to_virtualenv = None" line="path_to_virtualenv = '/usr/local/osm'" state=present From 980635332f2d17d9a57e5308d773b87af9b00a37 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 24 Oct 2017 19:55:15 -0400 Subject: [PATCH 090/466] Rename yum.yml to yum-deprecated.yml --- roles/2-common/tasks/{yum.yml => yum-deprecated.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{yum.yml => yum-deprecated.yml} (100%) diff --git a/roles/2-common/tasks/yum.yml b/roles/2-common/tasks/yum-deprecated.yml similarity index 100% rename from roles/2-common/tasks/yum.yml rename to roles/2-common/tasks/yum-deprecated.yml From 0d1e4a1dd31af8c7049e26f8e3bfa1652acd2fb6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 24 Oct 2017 20:00:48 -0400 Subject: [PATCH 091/466] Install common packages: add ntfs-3g as 26th pkg --- roles/2-common/tasks/packages.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 24cb7e844..57bef55e5 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -83,6 +83,7 @@ - curl - pandoc - lynx + - ntfs-3g #- name: Install pip as a commonly required package management system # command: curl https://bootstrap.pypa.io/get-pip.py -o {{ downloads_dir }}/get-pip.py From 0bccaf4903ab78a585edab450fa4cc87f8a3a2a5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 24 Oct 2017 20:02:54 -0400 Subject: [PATCH 092/466] Rename yum-deprecated.yml to yum-historical.yml --- roles/2-common/tasks/{yum-deprecated.yml => yum-historical.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{yum-deprecated.yml => yum-historical.yml} (100%) diff --git a/roles/2-common/tasks/yum-deprecated.yml b/roles/2-common/tasks/yum-historical.yml similarity index 100% rename from roles/2-common/tasks/yum-deprecated.yml rename to roles/2-common/tasks/yum-historical.yml From 51689263bcb382b12c95b568369dda0e49f25fc5 Mon Sep 17 00:00:00 2001 From: Arky Date: Wed, 25 Oct 2017 21:52:08 +0700 Subject: [PATCH 093/466] Add PR template and Bug template Adding PR template and Bug template under .github directory. These files will be picked up the github.com interface. Fixes #390 #391 --- .github/ISSUE_TEMPLATE.md | 5 +++++ .github/PULL_REQUEST_TEMPLATE.md | 7 +++++++ 2 files changed, 12 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 000000000..c62e3adb4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,5 @@ +### Expected behavior and actual behavior. + +### Steps to reproduce the problem. + +### Specifications like the version of the IIAB, operating system version, or hardware details. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..228e3f0aa --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,7 @@ +# Fixes Bug + +# Description of changes proposed in this pull request. + +# Smoke-tested in operating system. + +# Mention a team member for further information or comment using @ name From b5326941d04deb19b729c343c9ceb55dd6562cf3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 25 Oct 2017 12:36:32 -0400 Subject: [PATCH 094/466] kiwix 2017-10-11-> 2017-10-25 --- roles/kiwix/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 92ea14d6d..7b8c5f262 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -6,13 +6,13 @@ - name: Set kiwix source file name x86_64 set_fact: - kiwix_src_file: "kiwix-tools_linux64_2017-10-11.tar.gz" + kiwix_src_file: "kiwix-tools_linux64_2017-10-25.tar.gz" kiwix_src_bin_only: True when: ansible_machine == "x86_64" - name: Set kiwix source file name armv7l set_fact: - kiwix_src_file: "kiwix-tools_armhf_2017-10-11.tar.gz" + kiwix_src_file: "kiwix-tools_armhf_2017-10-25.tar.gz" kiwix_src_bin_only: True when: ansible_machine == "armv7l" or ansible_machine == "armv6l" From 0790119af178958e175468730bec957b234c21c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 10:26:12 -0400 Subject: [PATCH 095/466] Reno says ### better than # (smaller title w/ markdown viewer) --- .github/PULL_REQUEST_TEMPLATE.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 228e3f0aa..61851e1dd 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,7 +1,7 @@ -# Fixes Bug +### Fixes Bug -# Description of changes proposed in this pull request. +### Description of changes proposed in this pull request. -# Smoke-tested in operating system. +### Smoke-tested in operating system. -# Mention a team member for further information or comment using @ name +### Mention a team member for further information or comment using @ name From 9f45d12972d8cd3d301b9ebab0b0cf33c5c944e6 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 13 Sep 2017 08:37:52 -0500 Subject: [PATCH 096/466] replacement for a7a5f36... use netvars --- iiab-network.yml | 2 +- roles/netvars/defaults/main.yml | 1 + roles/netvars/tasks/main.yml | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) create mode 120000 roles/netvars/defaults/main.yml create mode 100644 roles/netvars/tasks/main.yml diff --git a/iiab-network.yml b/iiab-network.yml index 40cd8f589..e717e7fa5 100644 --- a/iiab-network.yml +++ b/iiab-network.yml @@ -9,5 +9,5 @@ - /etc/iiab/config_vars.yml roles: - - { role: 1-prep, tags: ['prep','platform','base'] } + - { role: netvars, tags: ['network'] } - { role: network, tags: ['network','base'] } diff --git a/roles/netvars/defaults/main.yml b/roles/netvars/defaults/main.yml new file mode 120000 index 000000000..b8fa87d4b --- /dev/null +++ b/roles/netvars/defaults/main.yml @@ -0,0 +1 @@ +/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml new file mode 100644 index 000000000..63e84b40a --- /dev/null +++ b/roles/netvars/tasks/main.yml @@ -0,0 +1,2 @@ +- include: roles/1-prep/tasks/computed_vars.yml +- include: roles/1-prep/tasks/detected_network.yml From dfab9635bca72bd4b75746ffe2454028192eaadd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 19 Sep 2017 21:56:37 -0500 Subject: [PATCH 097/466] add the not installing option to netvars --- iiab-base.yml | 1 + iiab.yml | 1 + roles/netvars/tasks/main.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/iiab-base.yml b/iiab-base.yml index 4c42c01e7..23f440d66 100644 --- a/iiab-base.yml +++ b/iiab-base.yml @@ -8,5 +8,6 @@ - vars/local_vars.yml roles: + - { role: netvars, tags: ['netvars'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: openvpn, tags: ['openvpn'] } diff --git a/iiab.yml b/iiab.yml index f4cafc001..5fc0e8e85 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,6 +9,7 @@ - /etc/iiab/config_vars.yml roles: + - { role: netvars, tags: ['netvars'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: 2-common, tags: ['common','base'] } - { role: 3-base-server, tags: ['base'] } diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index 63e84b40a..ab59b7a9e 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -1,2 +1,3 @@ - include: roles/1-prep/tasks/computed_vars.yml - include: roles/1-prep/tasks/detected_network.yml + when: not installing From 2fc670a885cb4b0419368674591b1a16f70c3272 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 19 Sep 2017 21:18:07 -0500 Subject: [PATCH 098/466] avoid 1-prep post install --- iiab-from-console.yml | 2 +- roles/netvars/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-from-console.yml b/iiab-from-console.yml index fb47ca868..98641a303 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -9,7 +9,7 @@ - /etc/iiab/config_vars.yml roles: - - { role: 1-prep, tags: ['prep','platform','base'] } + - { role: netvars, tags: ['netvars'] } - { role: 4-server-options, tags: ['options'] } - { role: 5-xo-services, tags: ['xo-services'] } - { role: 6-generic-apps, tags: ['generic-apps'] } diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index ab59b7a9e..407fa54a8 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -1,3 +1,3 @@ -- include: roles/1-prep/tasks/computed_vars.yml +- include: roles/1-prep/tasks/computed_vars.yml - include: roles/1-prep/tasks/detected_network.yml when: not installing From 8c91f4075cb36abeb80aec6e4b849156e67e59ad Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 19 Sep 2017 23:22:03 -0500 Subject: [PATCH 099/466] runtags needs tags= adjustment --- runtags | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/runtags b/runtags index 933d07a67..ad8bde5e3 100755 --- a/runtags +++ b/runtags @@ -36,7 +36,7 @@ found="N" for tag in $tags do - if [ "$tag" == "prep" ] + if [ "$tag" == "netvars" ] then found="Y" fi @@ -48,7 +48,7 @@ taglist=$1 if [ "$found" == "N" ] then - taglist="prep,"$taglist + taglist="netvars,"$taglist fi export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-debug.log" From b61b009f08e077ac2ec3aa5595528a48e84dcb99 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 06:02:42 -0400 Subject: [PATCH 100/466] move NewInstall --- roles/1-prep/tasks/main.yml | 13 ------------- roles/netvars/tasks/main.yml | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index dc9672c67..a6ae88990 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,16 +1,3 @@ -- name: Determine if runansible was run - stat: path=/etc/iiab/iiab.env - register: NewInstall - -- name: Setting first run flag - set_fact: - first_run: True - when: NewInstall.stat.exists is defined and not NewInstall.stat.exists - -# we need to inialize the ini file -- include: iiab_ini.yml - when: first_run - - name: Set flag for fedora 18 set_fact: is_F18: True diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index 407fa54a8..68b4c2b66 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -1,3 +1,17 @@ +- name: Determine if runansible was run + stat: path=/etc/iiab/iiab.env + register: NewInstall + +- name: Setting first run flag + set_fact: + first_run: True + when: not NewInstall.stat.exists +# when: NewInstall.stat.exists is defined and not NewInstall.stat.exists + +# we need to inialize the ini file +- include: roles/1-prep/tasks/iiab_ini.yml + when: first_run + - include: roles/1-prep/tasks/computed_vars.yml - include: roles/1-prep/tasks/detected_network.yml when: not installing From 337658062e9818d08338f23f70e416121b7f2430 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 06:23:13 -0400 Subject: [PATCH 101/466] prep.yml cleanup - adjusted for iiab.env --- roles/1-prep/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index a6ae88990..4dba2e733 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -71,6 +71,7 @@ ignore_errors: true - include: prep.yml + when: first_run - include: computed_vars.yml From c9332b53e11a0b432cc988e2fa00215c4c6f84de Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 12:46:25 -0400 Subject: [PATCH 102/466] 2-common disable dup'd routine --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 33a5388da..fe42574dc 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,5 +1,5 @@ -- include: iiab_ini.yml +#- include: iiab_ini.yml # create the directory structure for XSCE - include: fl.yml From ae5434bd3d4735a1d4d8c54e52c47c0a215be7ab Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 23 Sep 2017 02:04:55 -0400 Subject: [PATCH 103/466] move internet detection to be global - adjused iiab.env 2 --- roles/1-prep/tasks/computed_vars.yml | 36 +++++++++++++++++++++++ roles/1-prep/tasks/detected_network.yml | 38 ------------------------- roles/1-prep/tasks/main.yml | 5 ---- 3 files changed, 36 insertions(+), 43 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index e775e9fc3..964f0b723 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -14,6 +14,38 @@ exFAT_enabled: True when: xo_model != "none" +# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate +- name: Finding gateway + set_fact: + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + when: 'ansible_default_ipv4.gateway is defined' + +- name: Verify gateway present + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? + when: discovered_wan_iface != "none" + register: gw_active_test + +- name: Recording gateway response + set_fact: + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" + +- name: Test for internet access + get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt + ignore_errors: True +# async: 10 +# poll: 2 + register: internet_access_test + +- name: Set internet_available true if wget succeeded + set_fact: + internet_available: True + when: not internet_access_test|failed and not disregard_network + +- name: Cleanup internet test file + file: path=/tmp/heart-beat.txt + state=absent + - name: add version section ini_file: dest='{{ iiab_config_file }}' section=runtime @@ -36,6 +68,10 @@ value: '{{ ansible_swaptotal_mb }}' - option: 'product_id' value: '{{ ansible_product_uuid }}' + - option: 'gw_active' + value: '{{ gw_active }}' + - option: 'internet_available' + value: '{{ internet_available }}' # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC diff --git a/roles/1-prep/tasks/detected_network.yml b/roles/1-prep/tasks/detected_network.yml index 502f3dc1c..800becccf 100644 --- a/roles/1-prep/tasks/detected_network.yml +++ b/roles/1-prep/tasks/detected_network.yml @@ -20,40 +20,6 @@ device_gw2: "{{ prior_gw.stdout }}" when: not first_run and prior_gw is defined and prior_gw.stdout != "" -#pause checking - -# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate -- name: Finding gateway - set_fact: - discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" - when: 'ansible_default_ipv4.gateway is defined' - -- name: Verify gateway present - shell: ping -c2 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? - register: gw_active_test - when: discovered_wan_iface != "none" - -- name: Recording gateway response - set_fact: - gw_active: True - when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" - -- name: Test for internet access - get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt - ignore_errors: True -# async: 10 -# poll: 2 - register: internet_access_test - -- name: Set internet_available true if wget succeeded - set_fact: - internet_available: True - when: not internet_access_test|failed and not disregard_network - -- name: Cleanup internet test file - file: path=/tmp/heart-beat.txt - state=absent - - name: Setting wan if detected set_fact: iiab_wan_iface: "{{ discovered_wan_iface }}" @@ -197,10 +163,6 @@ option='{{ item.option }}' value='{{ item.value }}' with_items: - - option: 'gw_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - option: 'has_ifcfg_gw' value: '{{ has_ifcfg_gw }}' - option: 'discovered_wan_iface' diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 4dba2e733..49672c3a8 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -73,11 +73,6 @@ - include: prep.yml when: first_run -- include: computed_vars.yml - -- include: detected_network.yml - when: not installing - # Put conditional actions for hardware platforms here - include: raspberry_pi_2.yml when: first_run and rpi_model != "none" From bd5043387407c63566bad743b60ca7740b17d708 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 23 Sep 2017 03:03:58 -0400 Subject: [PATCH 104/466] move network detection to network -- adjused for hostname --- roles/1-prep/defaults/main.yml | 55 ++++++------------- roles/1-prep/tasks/main.yml | 5 -- roles/netvars/tasks/main.yml | 8 +-- roles/network/defaults/main.yml | 27 +++++++++ .../tasks/detected_network.yml | 0 .../tasks/detected_redhat.yml | 0 roles/network/tasks/main.yml | 6 ++ 7 files changed, 52 insertions(+), 49 deletions(-) rename roles/{1-prep => network}/tasks/detected_network.yml (100%) rename roles/{1-prep => network}/tasks/detected_redhat.yml (100%) diff --git a/roles/1-prep/defaults/main.yml b/roles/1-prep/defaults/main.yml index 71af080a7..89df65e47 100644 --- a/roles/1-prep/defaults/main.yml +++ b/roles/1-prep/defaults/main.yml @@ -6,49 +6,26 @@ gui_version: 2 # These are defaults for boolean routines, first_run: False installing: False -NUC6_firmware_needed: False -exFAT_enabled: False -no_NM_reload: False -has_WAN: False -wireless_lan_present: False -strict_networking: False -iiab_demo_mode: False -gw_active: False -gui_static_wan: False +discovered_wan_iface: "none" +gw_active: "none" internet_available: False is_F18: False +no_NM_reload: False +exFAT_enabled: False +gui_port: 80 + +# Set default for discovered hardware +rpi_model: none +is_rpi: False +xo_model: none +rtc_id: ds3231 +NUC6_firmware_needed: False + +# used in 2-common xo.yml +wifi_id: none + is_F20: False is_F21: False is_F22: False is_F23: False is_F24: False - -# Set default for discovered hardware -driver_name: nl80211 -rpi_model: none -is_rpi: False -xo_model: none -rtc_id: ds3231 - -# Set defaults for discovery process as strings -wifi1: "not found-1" -wifi2: "not found-2" -discovered_wan_iface: "none" -discovered_lan_iface: "none" -discovered_wireless_iface: "none" -iiab_wireless_lan_iface: "none" -iiab_lan_iface: "none" -iiab_wan_iface: "none" -device_gw: "none" -has_ifcfg_gw: "none" -has_wifi_gw: "none" -ap_device: "none" -device_gw2: "" - -gui_port: 80 - -# must keep roles/iiab-admin/defaults/main.yml sync'd -admin_console_path: "{{ iiab_base }}/admin_console" -cmdsrv_path: "{{ iiab_base }}/iiab_cmdsrv" -iiab_cmdsrv_dbname : "iiab_cmdsrv.0.2.db" -wifi_id: none diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 49672c3a8..60b896567 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,8 +1,3 @@ -- name: Set flag for fedora 18 - set_fact: - is_F18: True - when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" - - name: get the uuidgen program package: name=uuid-runtime state=present diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index 68b4c2b66..54ec4b7d3 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -6,12 +6,10 @@ set_fact: first_run: True when: not NewInstall.stat.exists -# when: NewInstall.stat.exists is defined and not NewInstall.stat.exists -# we need to inialize the ini file +# we need to inialize the ini file and only write the location and version sections once and only +# once to preserve the install date and git hash. - include: roles/1-prep/tasks/iiab_ini.yml when: first_run - +# Now load the computed vars - include: roles/1-prep/tasks/computed_vars.yml -- include: roles/1-prep/tasks/detected_network.yml - when: not installing diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 722761dda..25c7b6b31 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -1,10 +1,36 @@ --- +# Defaults for network detection +wireless_lan_present: False +strict_networking: False +iiab_demo_mode: False +gui_static_wan: False + +# Set defaults for discovery process as strings +wifi1: "not found-1" +wifi2: "not found-2" +discovered_lan_iface: "none" +discovered_wireless_iface: "none" +#Redhat +iiab_lan_iface: "none" +iiab_wan_iface: "none" +iiab_wireless_lan_iface: "none" +device_gw: "none" +device_gw2: "" +has_WAN: False +has_ifcfg_gw: "none" +has_wifi_gw: "none" +ap_device: "none" +#Debian +dhcpcd_result: "" +wan_in_interfaces: False + # The values here are default local variables. gui_wan_iface: "unset" gui_static_wan_ip: "unset" gui_desired_network_role: Gateway wondershaper_dspeed: "4096" wondershaper_upspeed: "1024" + # WiFi host_ssid: IIAB hostapd_wait: 10 @@ -15,6 +41,7 @@ host_country_code: US hostapd_secure: True hostapd_password: "iiab2017" driver_name: nl80211 + network_config_dir: /etc/network/interfaces.d iiab_network_mode: "Gateway" dns_jail_enabled: False diff --git a/roles/1-prep/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml similarity index 100% rename from roles/1-prep/tasks/detected_network.yml rename to roles/network/tasks/detected_network.yml diff --git a/roles/1-prep/tasks/detected_redhat.yml b/roles/network/tasks/detected_redhat.yml similarity index 100% rename from roles/1-prep/tasks/detected_redhat.yml rename to roles/network/tasks/detected_redhat.yml diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 5e93f5c3f..20a94af78 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,3 +1,9 @@ +- include: detected_network.yml + when: not installing + tags: + - network + - network-discover + - include: computed_network.yml when: not installing tags: From 0aedaa24fdd2ca3b8bc891721be10b3183573aa9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 15 Oct 2017 20:22:22 -0500 Subject: [PATCH 105/466] split network up in iiab.ini --- roles/network/tasks/computed_network.yml | 2 +- roles/network/tasks/detected_network.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 28cb52463..4b4b0f1ef 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -155,7 +155,7 @@ - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' - section=network + section=computed_network option='{{ item.option }}' value='{{ item.value }}' with_items: diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 800becccf..e38409257 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -159,7 +159,7 @@ - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' - section=network + section=detected_network option='{{ item.option }}' value='{{ item.value }}' with_items: From c6060835537eca0d454f71447a7ec0afae70d6d5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 24 Oct 2017 11:39:49 -0500 Subject: [PATCH 106/466] XSCE -> IIAB --- iiab-network | 8 ++++--- install-support | 3 ++- roles/1-prep/templates/iiab.env.j2 | 4 ++-- runansible | 37 ++++++++---------------------- runtags | 20 ++++++++-------- 5 files changed, 28 insertions(+), 44 deletions(-) diff --git a/iiab-network b/iiab-network index 5a065e556..9e24154be 100755 --- a/iiab-network +++ b/iiab-network @@ -3,15 +3,17 @@ if [ -f /etc/iiab/iiab.env ] then . /etc/iiab/iiab.env - cd $XSCE_DIR + cd $IIAB_DIR else echo /etc/iiab/iiab.env is missing. Playbook has not been run. exit 1 fi +CWD=`pwd` + if [ ! -f iiab-network.yml ] then - echo "XSCE Playbook not found." + echo "IIAB Playbook not found." echo "Please run this command from the top level of the git repo." echo "Exiting." exit @@ -22,7 +24,7 @@ then touch /etc/iiab/config_vars.yml fi -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local echo "" >> iiab-network.log ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log diff --git a/install-support b/install-support index cd73aade8..b7df01489 100755 --- a/install-support +++ b/install-support @@ -2,6 +2,7 @@ PLAYBOOK="iiab-base.yml" INVENTORY="ansible_hosts" +CWD=`pwd` if [ ! -f $PLAYBOOK ] then @@ -14,5 +15,5 @@ fi sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local diff --git a/roles/1-prep/templates/iiab.env.j2 b/roles/1-prep/templates/iiab.env.j2 index 602256841..b472d4fe6 100644 --- a/roles/1-prep/templates/iiab.env.j2 +++ b/roles/1-prep/templates/iiab.env.j2 @@ -1,7 +1,7 @@ # This is a configuration file for XSCE # It can sourced in a shell script or read into an application -XSCE_BASE_PATH={{ iiab_base }} -XSCE_DIR={{ iiab_dir }} +IIAB_BASE_PATH={{ iiab_base }} +IIAB_DIR={{ iiab_dir }} OS={{ ansible_local.local_facts.os }} OS_VER={{ ansible_local.local_facts.os_ver }} WWWROOT={{ doc_root }} diff --git a/runansible b/runansible index 2a6ea4954..51cee7876 100755 --- a/runansible +++ b/runansible @@ -1,4 +1,8 @@ #!/bin/bash -e +PLAYBOOK="iiab.yml" +INVENTORY="ansible_hosts" +# Pass cmdline options for ansible +ARGS="$@" # copy var files to /etc/iiab for subsequent use mkdir -p /etc/iiab @@ -28,13 +32,14 @@ fi if [ -f /etc/iiab/iiab.env ] then . /etc/iiab/iiab.env - cd $XSCE_DIR + cd $IIAB_DIR else - XSCE_DIR=/opt/iiab/iiab + IIAB_DIR=/opt/iiab/iiab mkdir -p /etc/iiab fi +CWD=`pwd` -if [ ! -f iiab.yml ] +if [ ! -f $PLAYBOOK ] then echo "IIAB Playbook not found." echo "Please run this command from the top level of the git repo." @@ -47,34 +52,10 @@ if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then fi cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact -PLAYBOOK="iiab.yml" -INVENTORY="ansible_hosts" -CWD=`pwd` echo "Running local playbooks! " -XSDOMAIN="" -# Pass in Existing Domain -if [ -f /etc/sysconfig/xs_domain_name ] -then - XSDOMAIN=`cat /etc/sysconfig/xs_domain_name` -fi - -# Or accept Domain on command line -if [ x"$1" != x ] -then - XSDOMAIN=$1 -fi - -# Pass in git location -if [ x"$XSDOMAIN" != x ] -then - ARGS="--extra-vars '{\"iiab_domain\":\"$XSDOMAIN\"}'" -else - ARGS="" -fi - -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local diff --git a/runtags b/runtags index ad8bde5e3..cb3b94af8 100755 --- a/runtags +++ b/runtags @@ -1,20 +1,20 @@ #!/bin/bash - -# copy var files to /etc/iiab for subsequent use - -#./install-init - -# if not the first run, repo location is here +PLAYBOOK="iiab.yml" +INVENTORY="ansible_hosts" +# Pass cmdline options for ansible +ARGS="$@" if [ -f /etc/iiab/iiab.env ] then . /etc/iiab/iiab.env - cd $XSCE_DIR + cd $IIAB_DIR fi -if [ ! -f iiab.yml ] +CWD=`pwd` + +if [ ! -f $PLAYBOOK ] then - echo "XSCE Playbook not found." + echo "IIAB Playbook not found." echo "Please run this command from the top level of the git repo." echo "Exiting." exit @@ -51,5 +51,5 @@ then taglist="netvars,"$taglist fi -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-debug.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" ansible-playbook -i ansible_hosts iiab.yml --connection=local --tags="""$taglist""" From 99633173a47b1d16bb062a86f8f601eeb71cf794 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 24 Oct 2017 11:47:28 -0500 Subject: [PATCH 107/466] remove args from runtags --- runtags | 1 - 1 file changed, 1 deletion(-) diff --git a/runtags b/runtags index cb3b94af8..ffd00a02c 100755 --- a/runtags +++ b/runtags @@ -2,7 +2,6 @@ PLAYBOOK="iiab.yml" INVENTORY="ansible_hosts" # Pass cmdline options for ansible -ARGS="$@" if [ -f /etc/iiab/iiab.env ] then From 2d49a1590b3f399103a650f7e567aeb0b78c1e6a Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 10:44:48 -0500 Subject: [PATCH 108/466] change netvars to 0-init --- iiab-base.yml | 2 +- iiab-from-console.yml | 2 +- iiab-network.yml | 2 +- iiab.yml | 2 +- roles/{netvars => 0-init}/defaults/main.yml | 0 roles/{netvars => 0-init}/tasks/main.yml | 0 runtags | 4 ++-- 7 files changed, 6 insertions(+), 6 deletions(-) rename roles/{netvars => 0-init}/defaults/main.yml (100%) rename roles/{netvars => 0-init}/tasks/main.yml (100%) diff --git a/iiab-base.yml b/iiab-base.yml index 23f440d66..a359808d9 100644 --- a/iiab-base.yml +++ b/iiab-base.yml @@ -8,6 +8,6 @@ - vars/local_vars.yml roles: - - { role: netvars, tags: ['netvars'] } + - { role: 0-init, tags: ['init'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: openvpn, tags: ['openvpn'] } diff --git a/iiab-from-console.yml b/iiab-from-console.yml index 98641a303..1c29d7b18 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -9,7 +9,7 @@ - /etc/iiab/config_vars.yml roles: - - { role: netvars, tags: ['netvars'] } + - { role: 0-init, tags: ['init'] } - { role: 4-server-options, tags: ['options'] } - { role: 5-xo-services, tags: ['xo-services'] } - { role: 6-generic-apps, tags: ['generic-apps'] } diff --git a/iiab-network.yml b/iiab-network.yml index e717e7fa5..989108cb3 100644 --- a/iiab-network.yml +++ b/iiab-network.yml @@ -9,5 +9,5 @@ - /etc/iiab/config_vars.yml roles: - - { role: netvars, tags: ['network'] } + - { role: 0-init, tags: ['network'] } - { role: network, tags: ['network','base'] } diff --git a/iiab.yml b/iiab.yml index 5fc0e8e85..b46cac86e 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,7 +9,7 @@ - /etc/iiab/config_vars.yml roles: - - { role: netvars, tags: ['netvars'] } + - { role: 0-init, tags: ['init'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: 2-common, tags: ['common','base'] } - { role: 3-base-server, tags: ['base'] } diff --git a/roles/netvars/defaults/main.yml b/roles/0-init/defaults/main.yml similarity index 100% rename from roles/netvars/defaults/main.yml rename to roles/0-init/defaults/main.yml diff --git a/roles/netvars/tasks/main.yml b/roles/0-init/tasks/main.yml similarity index 100% rename from roles/netvars/tasks/main.yml rename to roles/0-init/tasks/main.yml diff --git a/runtags b/runtags index ffd00a02c..ae25ea4df 100755 --- a/runtags +++ b/runtags @@ -35,7 +35,7 @@ found="N" for tag in $tags do - if [ "$tag" == "netvars" ] + if [ "$tag" == "init" ] then found="Y" fi @@ -47,7 +47,7 @@ taglist=$1 if [ "$found" == "N" ] then - taglist="netvars,"$taglist + taglist="init,"$taglist fi export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" From e8edbbc6b9708e120ec3cc6acdd5dc65a0ed5320 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 16:19:54 -0400 Subject: [PATCH 109/466] include_role experiment, oviating meta/main.yml ? --- roles/7-edu-apps/tasks/main.yml | 34 +++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 6b0d15d1a..b3b565876 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,3 +1,33 @@ -- name: Educational Apps and Content Installed - command: echo Educational Apps and Content Installed +- name: BEGINNING Educational Apps and Content Installed + command: echo BEGINNING Educational Apps and Content Installed +- include_role: + name: moodle + when: moodle_install + +- include_role: + name: osm + when: osm_install + +- include_role: + name: pathagar + when: pathagar_install + +- include_role: + name: rachel + when: rachel_install + +- include_role: + name: kalite + when: kalite_install + +- include_role: + name: kiwix + when: kiwix_install + +- include_role: + name: sugarizer + when: sugarizer_install + +- name: COMPLETING Educational Apps and Content Installed + command: echo COMPLETING Educational Apps and Content Installed From 0e4990175959f7088eba7efa72ddd7b6413f79ae Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 16:20:44 -0400 Subject: [PATCH 110/466] Delete main.yml --- roles/7-edu-apps/meta/main.yml | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 roles/7-edu-apps/meta/main.yml diff --git a/roles/7-edu-apps/meta/main.yml b/roles/7-edu-apps/meta/main.yml deleted file mode 100644 index 9bb0982fc..000000000 --- a/roles/7-edu-apps/meta/main.yml +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: - - { role: moodle, tags: ['olpc','moodle','edu-apps'], when: moodle_install } - - { role: osm, tags: ['osm','edu-apps'], when: osm_install } - - { role: pathagar, tags: ['pathagar','edu-apps'], when: pathagar_install } - - { role: rachel, tags: ['rachel','edu-apps'], when: rachel_install } - - { role: kalite, tags: ['kalite','edu-apps'], when: kalite_install } - - { role: kiwix, tags: ['kiwix','edu-apps'], when: kiwix_install } - - { role: sugarizer, tags: ['sugarizer','edu-apps'], when: sugarizer_install } -# - { role: debian_schooltool, tags: ['schooltool','debian_schooltool','edu-apps'], when: debian_schooltool_install and is_debuntu } From e48838da04f0407850ca7f7658d8ca85d3a8041a Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 15:56:08 -0500 Subject: [PATCH 111/466] clean up stale variables --- runansible | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/runansible b/runansible index 51cee7876..5db3ab21f 100755 --- a/runansible +++ b/runansible @@ -4,13 +4,7 @@ INVENTORY="ansible_hosts" # Pass cmdline options for ansible ARGS="$@" -# copy var files to /etc/iiab for subsequent use -mkdir -p /etc/iiab -if [ ! -f /etc/iiab/config_vars.yml ]; then - echo "{}" > /etc/iiab/config_vars.yml -fi - -# if vars/local_vars.yml is missing, put a default one in place +# if vars/local_vars.yml is missing, put a default one in place - First Run if [ ! -f ./vars/local_vars.yml ]; then OS=`grep ^ID= /etc/*release|cut -d= -f2` OS=${OS//\"/} @@ -29,14 +23,24 @@ if [ ! -f ./vars/local_vars.yml ]; then esac fi +# copy var files to /etc/iiab for subsequent use +# If iiab.env exists, on second or upgrade run, check for stale variables +# iiab.env gets created at the end of stage-4 on First Run if [ -f /etc/iiab/iiab.env ] then - . /etc/iiab/iiab.env - cd $IIAB_DIR + OLD=`grep XSCE /etc/iiab/iiab.env` + if [ x"$OLD" != "x" ] + then + rm /etc/iiab/iiab.env + else + . /etc/iiab/iiab.env + cd $IIAB_DIR + fi else - IIAB_DIR=/opt/iiab/iiab mkdir -p /etc/iiab + echo "{}" > /etc/iiab/config_vars.yml fi + CWD=`pwd` if [ ! -f $PLAYBOOK ] From 6ef437cc797fae619386735aaf59e207e814546b Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 17:08:37 -0400 Subject: [PATCH 112/466] comments included..not quite there yet 3 problems: 1. include_role: does not permit tags, so presumably prevents more advanced use of "./runtags olpc" including roles across several of the 9 stages 2. I really want a "dynamic" approach like include_tasks: that spares us the madness of dozens of pages of "skipping, skipping, skipping" crap that should not be running anyway (avoiding the "static" behavior of the old "include:") But unfortunately include_role: does not accept "static: no" (as currently works within "include: ... when:") 3. Any way to squeeze things onto 1 line in Ansible, so it's actually readable as https://github.com/iiab/iiab/blob/master/roles/7-edu-apps/meta/main.yml was? --- roles/7-edu-apps/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index b3b565876..8251cbef8 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -3,30 +3,38 @@ - include_role: name: moodle +# static: no +# tags: ['olpc','moodle','edu-apps'] when: moodle_install - include_role: name: osm +# tags: ['olpc','moodle','edu-apps'] when: osm_install - include_role: name: pathagar +# ['pathagar','edu-apps'] when: pathagar_install - include_role: name: rachel +# ['rachel','edu-apps'] when: rachel_install - include_role: name: kalite +# ['kalite','edu-apps'] when: kalite_install - include_role: name: kiwix +# ['kiwix','edu-apps'] when: kiwix_install - include_role: name: sugarizer +# ['sugarizer','edu-apps'] when: sugarizer_install - name: COMPLETING Educational Apps and Content Installed From 32c668936ad6bcf00b6d56ae7a8917a36fe56a6b Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:21:31 -0400 Subject: [PATCH 113/466] comment out ajenti --- vars/default_vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 20460e5ef..aa9b22acd 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -324,9 +324,9 @@ awstats_enabled: False schooltool_install: False schooltool_enabled: False -# Ajenti -ajenti_install: False -ajenti_enabled: False +# Ajenti - unmaintained +# ajenti_install: False +# ajenti_enabled: False # TeamViewer - unmaintained (better to install from http://teamviewer.com) teamviewer_install: False From 62b7ed8e40d1f877a20d8d18604dff2bca123a5a Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:27:42 -0400 Subject: [PATCH 114/466] proposed new template for all 9+ tasks/main.yml ? --- roles/7-edu-apps/tasks/main.yml | 62 ++++++++++++++++----------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 8251cbef8..6ac4e5655 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,41 +1,41 @@ -- name: BEGINNING Educational Apps and Content Installed - command: echo BEGINNING Educational Apps and Content Installed +- name: ...IS BEGINNING ============================================] + command: echo -- include_role: - name: moodle -# static: no -# tags: ['olpc','moodle','edu-apps'] - when: moodle_install - -- include_role: - name: osm -# tags: ['olpc','moodle','edu-apps'] - when: osm_install - -- include_role: - name: pathagar -# ['pathagar','edu-apps'] - when: pathagar_install - -- include_role: - name: rachel -# ['rachel','edu-apps'] - when: rachel_install - -- include_role: +- name: KALITE + include_role: name: kalite -# ['kalite','edu-apps'] when: kalite_install + tags: kalite -- include_role: +- name: KIWIX + include_role: name: kiwix -# ['kiwix','edu-apps'] when: kiwix_install + tags: kiwix -- include_role: +- name: MOODLE + include_role: + name: moodle + when: moodle_install + tags: olpc, moodle + +- name: OSM + include_role: + name: osm + when: osm_install + tags: osm + +- name: PATHAGAR + include_role: + name: pathagar + when: pathagar_install + tags: pathagar, edu-apps + +- name: SUGARIZER + include_role: name: sugarizer -# ['sugarizer','edu-apps'] when: sugarizer_install + tags: sugarizer -- name: COMPLETING Educational Apps and Content Installed - command: echo COMPLETING Educational Apps and Content Installed +- name: ...WAS COMPLETED ===========================================] + command: echo From 74ebfabd1f2bb4cf155c86384aa48259c1a6e734 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:29:28 -0400 Subject: [PATCH 115/466] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 6ac4e5655..a1fbcb85f 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,3 +1,5 @@ +# Educational Apps + - name: ...IS BEGINNING ============================================] command: echo From 849ba9610d7a563cbfbd6f1261f69b38c7adf28f Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:30:37 -0400 Subject: [PATCH 116/466] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 56 +++++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 004bf470f..a83b9dd9c 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,3 +1,55 @@ -- name: Assessment and Monitoring Tools Installed - command: echo Assessment and Monitoring Tools Installed +# Assessment and Monitoring Tools +- name: ...IS BEGINNING ============================================] + command: echo + +- name: AWSTATS + include_role: + name: awstats + tags: services, awstats + when: awstats_install + +- name: MONIT + include_role: + name: monit + tags: services, monit + when: monit_install + +- name: MUNIN + include_role: + name: munin + when: munin_install + tags: services, munin + +- name: PHPMYADMIN + include_role: + name: phpmyadmin + tags: services, phpmyadmin + when: phpmyadmin_install + +- name: SUGAR-STATS + include_role: + name: sugar-stats + when: sugar_stats_install and ansible_distribution != "CentOS" + tags: olpc, sugar-stats + +- name: TEAMVIEWER + include_role: + name: teamviewer + tags: services, teamviewer + when: teamviewer_install + +- name: VNSTAT + include_role: + name: vnstat + tags: services, vnstat + when: vnstat_install + +- name: XOVIS + include_role: + name: xovis + when: xovis_install and ansible_distribution != "CentOS" + tags: services, xovis + +- name: ...WAS COMPLETED ===========================================] + command: echo From bf5c1badecaf840a18d011d6bc0dd5621c747cb6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:38:49 -0400 Subject: [PATCH 117/466] tags harmonized w/ actual role names; 5-xo-services uncommented --- iiab.yml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/iiab.yml b/iiab.yml index b46cac86e..3c5004600 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,13 +9,12 @@ - /etc/iiab/config_vars.yml roles: - - { role: 0-init, tags: ['init'] } - - { role: 1-prep, tags: ['prep','platform','base'] } - - { role: 2-common, tags: ['common','base'] } - - { role: 3-base-server, tags: ['base'] } - - { role: 4-server-options, tags: ['options'] } -# - { role: 5-xo-services, tags: ['xo-services'] } - - { role: 6-generic-apps, tags: ['generic-apps'] } - - { role: 7-edu-apps, tags: ['edu-apps'] } - - { role: 8-mgmt-tools, tags: ['tools'] } - - { role: 9-local-addons, tags: ['addons'] } + - { role: 1-prep, tags: ['1-prep','platform','base'] } + - { role: 2-common, tags: ['2-common','base'] } + - { role: 3-base-server, tags: ['3-base-server','base'] } + - { role: 4-server-options, tags: ['4-server-options'] } + - { role: 5-xo-services, tags: ['5-xo-services'] } + - { role: 6-generic-apps, tags: ['6-generic-apps'] } + - { role: 7-edu-apps, tags: ['7-edu-apps'] } + - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] } + - { role: 9-local-addons, tags: ['9-local-addons'] } From 4ab0f3a50ebb0a54605684ff19103701eda67e8c Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:42:44 -0400 Subject: [PATCH 118/466] Update main.yml --- roles/9-local-addons/tasks/main.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index ce546dfe9..f6c958753 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,3 +1,7 @@ -- name: Addon services installed - command: echo Addon services installed +# Local Add-ons +- name: ...IS BEGINNING ============================================] + command: echo + +- name: ...WAS COMPLETED ===========================================] + command: echo From 33b710e0d100721385b20b3d6b88be34e0d3a79d Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:46:01 -0400 Subject: [PATCH 119/466] init -> 0-init --- runtags | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/runtags b/runtags index ae25ea4df..b353d3a65 100755 --- a/runtags +++ b/runtags @@ -35,7 +35,7 @@ found="N" for tag in $tags do - if [ "$tag" == "init" ] + if [ "$tag" == "0-init" ] then found="Y" fi @@ -47,7 +47,7 @@ taglist=$1 if [ "$found" == "N" ] then - taglist="init,"$taglist + taglist="0-init,"$taglist fi export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" From 5ef4a48abb82262cf26a5138f357195ef3adf2b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:53:54 -0400 Subject: [PATCH 120/466] tag init -> 0-init --- iiab.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab.yml b/iiab.yml index 3c5004600..d7055e91a 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,6 +9,7 @@ - /etc/iiab/config_vars.yml roles: + - { role: 0-init, tags: ['0-init'] } - { role: 1-prep, tags: ['1-prep','platform','base'] } - { role: 2-common, tags: ['2-common','base'] } - { role: 3-base-server, tags: ['3-base-server','base'] } From d128f875ea98c5e0c5b48e9e493881875fc91034 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:55:39 -0400 Subject: [PATCH 121/466] new tags names incl #s --- iiab-from-console.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/iiab-from-console.yml b/iiab-from-console.yml index 1c29d7b18..33f995186 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -9,10 +9,10 @@ - /etc/iiab/config_vars.yml roles: - - { role: 0-init, tags: ['init'] } - - { role: 4-server-options, tags: ['options'] } - - { role: 5-xo-services, tags: ['xo-services'] } - - { role: 6-generic-apps, tags: ['generic-apps'] } - - { role: 7-edu-apps, tags: ['edu-apps'] } - - { role: 8-mgmt-tools, tags: ['tools'] } - - { role: 9-local-addons, tags: ['addons'] } + - { role: 0-init, tags: ['0-init'] } + - { role: 4-server-options, tags: ['4-server-options'] } + - { role: 5-xo-services, tags: ['5-xo-services'] } + - { role: 6-generic-apps, tags: ['6-generic-apps'] } + - { role: 7-edu-apps, tags: ['7-edu-apps'] } + - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] } + - { role: 9-local-addons, tags: ['9-local-addons'] } From d66c0ccbaf40a889322706727866c4a244c31a97 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:56:28 -0400 Subject: [PATCH 122/466] new tags names incl #s --- iiab-base.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-base.yml b/iiab-base.yml index a359808d9..adf698fb9 100644 --- a/iiab-base.yml +++ b/iiab-base.yml @@ -8,6 +8,6 @@ - vars/local_vars.yml roles: - - { role: 0-init, tags: ['init'] } - - { role: 1-prep, tags: ['prep','platform','base'] } + - { role: 0-init, tags: ['0-init'] } + - { role: 1-prep, tags: ['1-prep','platform','base'] } - { role: openvpn, tags: ['openvpn'] } From a92f5cb90d644e3bd5eee35d5dd573c284f15aba Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:58:23 -0400 Subject: [PATCH 123/466] Delete main.yml --- roles/8-mgmt-tools/meta/main.yml | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 roles/8-mgmt-tools/meta/main.yml diff --git a/roles/8-mgmt-tools/meta/main.yml b/roles/8-mgmt-tools/meta/main.yml deleted file mode 100644 index 2fe3a5559..000000000 --- a/roles/8-mgmt-tools/meta/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -dependencies: -# - { role: sugar-stats, tags: ['olpc','sugar-stats','tools'], when: sugar_stats_install and ansible_distribution != "CentOS" } -# - { role: ajenti, tags: ['services','ajenti','tools'], when: ajenti_install } - - { role: munin, tags: ['services','munin','tools'], when: munin_install } - - { role: monit, tags: ['services','monit','tools'], when: monit_install } - - { role: vnstat, tags: ['services','vnstat','tools'], when: vnstat_install } -# - { role: xovis, tags: ['services','xovis','tools'], when: xovis_install and ansible_distribution != "CentOS" } - - { role: phpmyadmin, tags: ['services','phpmyadmin','tools'], when: phpmyadmin_install } - - { role: awstats, tags: ['services','awstats','tools'], when: awstats_install } - - { role: teamviewer, tags: ['services','teamviewer','tools'], when: teamviewer_install } From 9af6c3aa06ae155f6f9e17a31ad601758434d94a Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:58:56 -0400 Subject: [PATCH 124/466] Delete main.yml --- roles/9-local-addons/meta/main.yml | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 roles/9-local-addons/meta/main.yml diff --git a/roles/9-local-addons/meta/main.yml b/roles/9-local-addons/meta/main.yml deleted file mode 100644 index 74ae9e11f..000000000 --- a/roles/9-local-addons/meta/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -# Add your role to this list and then uncomment dependencies. Adding a tag is handy for testing. -#dependencies: From 4f8b7d17b83c901edab360493b188e4eb6ae9f81 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:09:55 -0400 Subject: [PATCH 125/466] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 56 +++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index f0c33e80f..ceb23b696 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,3 +1,55 @@ -- name: Generic Apps Installed - command: echo Generic Apps Installed +# Generic Apps +- name: ...IS BEGINNING ============================================] + command: echo + +- name: MYSQL + include_role: + name: mysql + tags: mysql + when: mysql_install + +- name: CALIBRE + include_role: + name: calibre + tags: calibre + when: calibre_install + +- name: DOKUWIKI + include_role: + name: dokuwiki + tags: dokuwiki + when: dokuwiki_install + +- name: ELGG + include_role: + name: elgg + tags: elgg + when: elgg_install + +- name: EJABBERD + include_role: + name: ejabberd + tags: ejabberd + when: ejabberd_install + +- name: NEXTCLOUD + include_role: + name: nextcloud + tags: nextcloud + when: nextcloud_install + +- name: OWNCLOUD + include_role: + name: owncloud + tags: owncloud + when: owncloud_install + +- name: WORDPRESS + include_role: + name: wordpress + tags: wordpress + when: wordpress_install + +- name: ...WAS COMPLETED ===========================================] + command: echo From b25acca8b65c11e70f7b162320b780922545cd25 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:10:17 -0400 Subject: [PATCH 126/466] Delete main.yml --- roles/6-generic-apps/meta/main.yml | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 roles/6-generic-apps/meta/main.yml diff --git a/roles/6-generic-apps/meta/main.yml b/roles/6-generic-apps/meta/main.yml deleted file mode 100644 index 95dd40ed7..000000000 --- a/roles/6-generic-apps/meta/main.yml +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: - - { role: mysql, tags: ['generic','mysql'], when: mysql_install } - - { role: elgg, tags: ['generic','elgg'], when: elgg_install } - - { role: owncloud, tags: ['generic','owncloud'], when: owncloud_install } - - { role: nextcloud, tags: ['generic','nextcloud'], when: nextcloud_install } - - { role: dokuwiki, tags: ['generic','dokuwiki'], when: dokuwiki_install } - - { role: wordpress, tags: ['generic','wordpress'], when: wordpress_install } - - { role: calibre, tags: ['generic','calibre'], when: calibre_install } - - { role: ejabberd, tags: ['generic','ejabberd'], when: ejabberd_install } From 0253c7bd3d5956d6ec52257e84a48e8d1b9d2940 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:15:37 -0400 Subject: [PATCH 127/466] mysql not needed (u can still do "./runtags mysql") --- roles/6-generic-apps/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index ceb23b696..17bd530eb 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -3,12 +3,6 @@ - name: ...IS BEGINNING ============================================] command: echo -- name: MYSQL - include_role: - name: mysql - tags: mysql - when: mysql_install - - name: CALIBRE include_role: name: calibre From 19f501608e58b68716b8c04afa7285f8020f145c Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:22:03 -0400 Subject: [PATCH 128/466] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index a83b9dd9c..6f19fbbf9 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -6,14 +6,14 @@ - name: AWSTATS include_role: name: awstats - tags: services, awstats when: awstats_install - + tags: services, awstats + - name: MONIT include_role: name: monit - tags: services, monit when: monit_install + tags: services, monit - name: MUNIN include_role: @@ -24,8 +24,8 @@ - name: PHPMYADMIN include_role: name: phpmyadmin - tags: services, phpmyadmin when: phpmyadmin_install + tags: services, phpmyadmin - name: SUGAR-STATS include_role: @@ -36,14 +36,14 @@ - name: TEAMVIEWER include_role: name: teamviewer - tags: services, teamviewer when: teamviewer_install + tags: services, teamviewer - name: VNSTAT include_role: name: vnstat - tags: services, vnstat when: vnstat_install + tags: services, vnstat - name: XOVIS include_role: From 8fc56009b91f52310db448e55d2f5e20b34848b3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:31:06 -0400 Subject: [PATCH 129/466] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 6f19fbbf9..a1b8d371a 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -7,25 +7,25 @@ include_role: name: awstats when: awstats_install - tags: services, awstats + tags: awstats - name: MONIT include_role: name: monit when: monit_install - tags: services, monit + tags: monit - name: MUNIN include_role: name: munin when: munin_install - tags: services, munin + tags: munin - name: PHPMYADMIN include_role: name: phpmyadmin when: phpmyadmin_install - tags: services, phpmyadmin + tags: phpmyadmin - name: SUGAR-STATS include_role: @@ -37,19 +37,19 @@ include_role: name: teamviewer when: teamviewer_install - tags: services, teamviewer + tags: teamviewer - name: VNSTAT include_role: name: vnstat when: vnstat_install - tags: services, vnstat + tags: vnstat - name: XOVIS include_role: name: xovis when: xovis_install and ansible_distribution != "CentOS" - tags: services, xovis + tags: xovis - name: ...WAS COMPLETED ===========================================] command: echo From aa279dbb8d869813ddf5b76843444a833311505a Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:43:09 -0400 Subject: [PATCH 130/466] Update main.yml --- roles/5-xo-services/tasks/main.yml | 32 ++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 700fc1270..db8a0f462 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,3 +1,31 @@ -- name: XO Services Installed - command: echo XO Services Installed +# XO Services +- name: ...IS BEGINNING ============================================] + command: echo + +- name: ACTIVITY-SERVER + include_role: + name: activity-server + when: activity_server_install + tags: olpc, activity-server + +- name: EJABBERD + include_role: + name: ejabberd + when: ejabberd_install + tags: olpc, ejabberd + +- name: EJABBERD_XS + include_role: + name: ejabberd_xs + when: ejabberd_xs_install + tags: olpc, ejabberd-xs + +- name: IDMGR + include_role: + name: idmgr + when: idmgr_install + tags: olpc, idmgr + +- name: ...WAS COMPLETED ===========================================] + command: echo From 858405be6619a1e53601e4b5d7d86ea6b2b9b083 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:44:42 -0400 Subject: [PATCH 131/466] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 17bd530eb..fb2ee19d9 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -6,44 +6,44 @@ - name: CALIBRE include_role: name: calibre - tags: calibre when: calibre_install + tags: calibre - name: DOKUWIKI include_role: name: dokuwiki - tags: dokuwiki when: dokuwiki_install + tags: dokuwiki - name: ELGG include_role: name: elgg - tags: elgg when: elgg_install + tags: elgg - name: EJABBERD include_role: name: ejabberd - tags: ejabberd when: ejabberd_install + tags: ejabberd - name: NEXTCLOUD include_role: name: nextcloud - tags: nextcloud when: nextcloud_install + tags: nextcloud - name: OWNCLOUD include_role: name: owncloud - tags: owncloud when: owncloud_install + tags: owncloud - name: WORDPRESS include_role: name: wordpress - tags: wordpress when: wordpress_install + tags: wordpress - name: ...WAS COMPLETED ===========================================] command: echo From 68c7af4987789a7265c3b8608bd8a943273536b4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:45:31 -0400 Subject: [PATCH 132/466] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index a1fbcb85f..b59604c2e 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -31,7 +31,7 @@ include_role: name: pathagar when: pathagar_install - tags: pathagar, edu-apps + tags: pathagar - name: SUGARIZER include_role: From b7899e85fa791fd42371d22e0c709a98db2a29c1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:47:46 -0400 Subject: [PATCH 133/466] Delete main.yml --- roles/5-xo-services/meta/main.yml | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 roles/5-xo-services/meta/main.yml diff --git a/roles/5-xo-services/meta/main.yml b/roles/5-xo-services/meta/main.yml deleted file mode 100644 index 4df7f37ff..000000000 --- a/roles/5-xo-services/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -dependencies: - - { role: ejabberd_xs, tags: ['olpc','ejabberd-xs','xo-services'], when: ejabberd_xs_install } - - { role: idmgr, tags: ['olpc','idmgr','xo-services'], when: idmgr_install } - - { role: activity-server, tags: ['olpc','activity-server','xo-services'], when: activity_server_install } From e413203942fd7b040f9db1572e4a6f337df07073 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:00:20 -0400 Subject: [PATCH 134/466] Delete main.yml --- roles/4-server-options/meta/main.yml | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 roles/4-server-options/meta/main.yml diff --git a/roles/4-server-options/meta/main.yml b/roles/4-server-options/meta/main.yml deleted file mode 100644 index 7aec1a69c..000000000 --- a/roles/4-server-options/meta/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -dependencies: - - { role: home-page, tags: ['home-page'] } - - { role: sshd, tags: ['services','sshd','base'] } - - { role: network, tags: ['services','base','network'] } - - { role: postgresql, tags: ['services','postgresql','base'], when: postgresql_install } - - { role: authserver, tags: ['services','authserver','base'], when: authserver_install } - - { role: openvpn, tags: ['options','openvpn'], when: openvpn_install } - - { role: samba, tags: ['services','samba','options'], when: samba_install } - - { role: usb-lib, tags: ['services','usb-lib','options'], when: usb_lib_install } - - { role: cups, tags: ['services','cups','options'], when: cups_install } From bd703564a49f0071bc20994643f45949a4fb4bda Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:01:02 -0400 Subject: [PATCH 135/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 63 ++++++++++++++++++++++++++- 1 file changed, 61 insertions(+), 2 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 5dcbb13c5..fdfb71bca 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -1,5 +1,61 @@ -- name: Server Options Installed - command: echo Server Options Installed +# Server Options + +- name: ...IS BEGINNING ============================================] + command: echo + +- name: HOMEPAGE + include_role: + name: homepage +# when: homepage_install + tags: homepage + +- name: SSHD + include_role: + name: sshd +# when: sshd_install + tags: base, sshd + +- name: NETWORK + include_role: + name: network +# when: network_install + tags: base, network + +- name: POSTGRESQL + include_role: + name: postgresql + when: postgresql_install + tags: base, postgresql + +- name: AUTHSERVER + include_role: + name: authserver + when: authserver_install + tags: base, authserver + +- name: OPENVPN + include_role: + name: openvpn + when: openvpn_install + tags: openvpn + +- name: SAMBA + include_role: + name: samba + when: samba_install + tags: samba + +- name: USB-LIB + include_role: + name: usb-lib + when: usb_lib_install + tags: usb-lib + +- name: CUPS + include_role: + name: cups + when: cups_install + tags: cups # this script can be sourced to get iiab location - name: Create iiab.env file @@ -38,3 +94,6 @@ service: name=xs-authserver state=restarted when: authserver_enabled + +- name: ...WAS COMPLETED ===========================================] + command: echo From ec0d48146df66c18b4c26d0f4c6721efbd841485 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:04:54 -0400 Subject: [PATCH 136/466] Update main.yml --- roles/home-page/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/home-page/tasks/main.yml b/roles/home-page/tasks/main.yml index b5d57c82a..91b570df5 100644 --- a/roles/home-page/tasks/main.yml +++ b/roles/home-page/tasks/main.yml @@ -5,12 +5,12 @@ group={{ apache_user }} state=directory -- name: Install admin home page into apache2 - template: src=iiab-home-page.conf - dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf +- name: Install admin homepage into apache2 + template: src=iiab-homepage.conf + dest=/etc/{{ apache_config_dir }}/iiab-homepage.conf - name: Enable the home page - file: src=/etc/{{ apache_config_dir }}/iiab-home-page.conf - dest=/etc/apache2/sites-enabled/iiab-home-page.conf + file: src=/etc/{{ apache_config_dir }}/iiab-homepage.conf + dest=/etc/apache2/sites-enabled/iiab-homepage.conf state=link when: is_debuntu From 10bd33a5d16c163982463ca755e1b9b92e0aec5e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:06:20 -0400 Subject: [PATCH 137/466] Update iiab-home-page.conf --- roles/home-page/templates/iiab-home-page.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/home-page/templates/iiab-home-page.conf b/roles/home-page/templates/iiab-home-page.conf index b1910cc26..fa853aa4d 100644 --- a/roles/home-page/templates/iiab-home-page.conf +++ b/roles/home-page/templates/iiab-home-page.conf @@ -1,7 +1,7 @@ -# XSCE Home Page +# IIAB Home Page # Redirect to home page on School Server -# Default is xs-portal +# Default [was] xs-portal [and is now generally] home # RedirectMatch of root to home page # See the note in default_vars.yml From 2be027a07ddeafd7b31ae39a00c82d625f76c6ad Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:06:39 -0400 Subject: [PATCH 138/466] Update iiab-home-page.conf --- roles/home-page/templates/iiab-home-page.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/home-page/templates/iiab-home-page.conf b/roles/home-page/templates/iiab-home-page.conf index fa853aa4d..0fc7a8e2e 100644 --- a/roles/home-page/templates/iiab-home-page.conf +++ b/roles/home-page/templates/iiab-home-page.conf @@ -3,7 +3,7 @@ # Redirect to home page on School Server # Default [was] xs-portal [and is now generally] home -# RedirectMatch of root to home page +# RedirectMatch of root to homepage # See the note in default_vars.yml RedirectMatch ^/$ {{ iiab_home_url }} From 0d1982de56aeb5f046e0e9b80add95dafb1c7fa2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:09:05 -0400 Subject: [PATCH 139/466] Update main.yml --- roles/httpd/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 0470303e0..81c6498fc 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -146,7 +146,7 @@ tags: - base -- name: place the script to generate home pages +- name: place the script to generate homepages template: src=refresh-wiki-docs.sh dest=/usr/bin/iiab-refresh-wiki-docs mode=0755 From 97a6930e1a7aece0bb1d98467c8e3fe79bd1fd0e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:14:01 -0400 Subject: [PATCH 140/466] Update main.yml --- roles/5-xo-services/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index db8a0f462..a2fa867f8 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -9,12 +9,6 @@ when: activity_server_install tags: olpc, activity-server -- name: EJABBERD - include_role: - name: ejabberd - when: ejabberd_install - tags: olpc, ejabberd - - name: EJABBERD_XS include_role: name: ejabberd_xs From 3b32a9877a3ccb520cbc2fd3eae2ac1e06c2f2ad Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:22:31 -0400 Subject: [PATCH 141/466] Delete main.yml --- roles/3-base-server/meta/main.yml | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 roles/3-base-server/meta/main.yml diff --git a/roles/3-base-server/meta/main.yml b/roles/3-base-server/meta/main.yml deleted file mode 100644 index 86ba2c3f2..000000000 --- a/roles/3-base-server/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: - - { role: httpd, tags: ['services','httpd','base'] } - - { role: iiab-admin, tags: ['services','iiab-admin','base'] } From ba42a04569b5a5e6ec6fbfdaa0e46f972649e5c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:22:59 -0400 Subject: [PATCH 142/466] Update main.yml --- roles/3-base-server/tasks/main.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 8eda7ca48..a1794fb2c 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,3 +1,20 @@ +# Base Server + +- name: ...IS BEGINNING ============================================] + command: echo + +- name: HTTPD + include_role: + name: httpd +# when: httpd_install + tags: base, httpd + +- name: IIAB-ADMIN + include_role: + name: iiab-admin +# when: iiab_install + tags: base, iiab-admin + - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory @@ -16,3 +33,6 @@ # regexp='^BASE_VERSION=*' # line='BASE_VERSION="{{ gui_version }}"' # state=present + +- name: ...WAS COMPLETED ===========================================] + command: echo From 08a746cd06bf4b737f61c59f28b2a9ed08bfe380 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:24:42 -0400 Subject: [PATCH 143/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index fdfb71bca..5b787e90f 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -21,12 +21,6 @@ # when: network_install tags: base, network -- name: POSTGRESQL - include_role: - name: postgresql - when: postgresql_install - tags: base, postgresql - - name: AUTHSERVER include_role: name: authserver From 8555f7ee951b800c11f8834032a18d8950a653f8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:28:18 -0400 Subject: [PATCH 144/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 5b787e90f..8f72650c7 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -6,21 +6,20 @@ - name: HOMEPAGE include_role: name: homepage -# when: homepage_install tags: homepage - name: SSHD include_role: name: sshd -# when: sshd_install tags: base, sshd - name: NETWORK include_role: name: network -# when: network_install tags: base, network +# the above 3 have no XXXXX_intall flag -- whereas the 5 below do + - name: AUTHSERVER include_role: name: authserver From c5e3836708b10f73099deab539051228b1db0c69 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:29:16 -0400 Subject: [PATCH 145/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 8f72650c7..37a172732 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -24,7 +24,7 @@ include_role: name: authserver when: authserver_install - tags: base, authserver + tags: authserver - name: OPENVPN include_role: From 961ea1813ebeed08f47ae7bc9a234e06a135b4a9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:29:54 -0400 Subject: [PATCH 146/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 37a172732..edb9cddfe 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -6,7 +6,7 @@ - name: HOMEPAGE include_role: name: homepage - tags: homepage + tags: base, homepage - name: SSHD include_role: From 0538bdc3863e65b4ee13632a457e2ac4d99d7702 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:31:56 -0400 Subject: [PATCH 147/466] Update main.yml --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index a1794fb2c..966979e56 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -6,14 +6,14 @@ - name: HTTPD include_role: name: httpd -# when: httpd_install tags: base, httpd - name: IIAB-ADMIN include_role: name: iiab-admin -# when: iiab_install tags: base, iiab-admin + +# the above 2 have no XXXXX_intall flag - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content From c3c215ed5c6e0a0e0a98927ee6bba3b45cd51896 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:33:15 -0400 Subject: [PATCH 148/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index edb9cddfe..1f4bd8fb3 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -18,7 +18,7 @@ name: network tags: base, network -# the above 3 have no XXXXX_intall flag -- whereas the 5 below do +# the above 3 have no "when: XXXXX_install" flag -- whereas the 5 below do - name: AUTHSERVER include_role: From 18178f35cb71f62c99848a8d01cb046cf74dcb48 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:33:22 -0400 Subject: [PATCH 149/466] Update main.yml --- roles/3-base-server/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 966979e56..076c6ff2d 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -13,7 +13,7 @@ name: iiab-admin tags: base, iiab-admin -# the above 2 have no XXXXX_intall flag +# the above 2 have no "when: XXXXX_install" flag - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content From 8235710e6386da0528f61e2abf58cf5b9218be26 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:44:06 -0400 Subject: [PATCH 150/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 33 ++++++++++++++------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 1f4bd8fb3..bc933e102 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -3,22 +3,29 @@ - name: ...IS BEGINNING ============================================] command: echo -- name: HOMEPAGE - include_role: - name: homepage - tags: base, homepage - - name: SSHD include_role: name: sshd + # has no "when: XXXXX_install" flag tags: base, sshd +- name: OPENVPN + include_role: + name: openvpn + when: openvpn_install + tags: openvpn + - name: NETWORK include_role: name: network + # has no "when: XXXXX_install" flag tags: base, network -# the above 3 have no "when: XXXXX_install" flag -- whereas the 5 below do +- name: HOMEPAGE + include_role: + name: homepage + # has no "when: XXXXX_install" flag + tags: base, homepage - name: AUTHSERVER include_role: @@ -26,11 +33,11 @@ when: authserver_install tags: authserver -- name: OPENVPN +- name: CUPS include_role: - name: openvpn - when: openvpn_install - tags: openvpn + name: cups + when: cups_install + tags: cups - name: SAMBA include_role: @@ -44,12 +51,6 @@ when: usb_lib_install tags: usb-lib -- name: CUPS - include_role: - name: cups - when: cups_install - tags: cups - # this script can be sourced to get iiab location - name: Create iiab.env file template: src=roles/1-prep/templates/iiab.env.j2 From d34e724421d664275bf583e144b887b11a6814ec Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:44:54 -0400 Subject: [PATCH 151/466] Update main.yml --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 076c6ff2d..44de6651b 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -6,14 +6,14 @@ - name: HTTPD include_role: name: httpd + # has no "when: XXXXX_install" flag tags: base, httpd - name: IIAB-ADMIN include_role: name: iiab-admin + # has no "when: XXXXX_install" flag tags: base, iiab-admin - -# the above 2 have no "when: XXXXX_install" flag - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content From ef30a8c3e32d0385e1efa9f6d503686278cd2bdc Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 21:52:41 -0500 Subject: [PATCH 152/466] rename home-page --- roles/{home-page => homepage}/tasks/main.yml | 0 roles/{home-page => homepage}/templates/iiab-home-page.conf | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename roles/{home-page => homepage}/tasks/main.yml (100%) rename roles/{home-page => homepage}/templates/iiab-home-page.conf (100%) diff --git a/roles/home-page/tasks/main.yml b/roles/homepage/tasks/main.yml similarity index 100% rename from roles/home-page/tasks/main.yml rename to roles/homepage/tasks/main.yml diff --git a/roles/home-page/templates/iiab-home-page.conf b/roles/homepage/templates/iiab-home-page.conf similarity index 100% rename from roles/home-page/templates/iiab-home-page.conf rename to roles/homepage/templates/iiab-home-page.conf From 5f883fdcff383b7c6e89e465d347e2cdb9e781c8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:56:33 -0400 Subject: [PATCH 153/466] Rename iiab-home-page.conf to iiab-homepage.conf --- .../templates/{iiab-home-page.conf => iiab-homepage.conf} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/homepage/templates/{iiab-home-page.conf => iiab-homepage.conf} (100%) diff --git a/roles/homepage/templates/iiab-home-page.conf b/roles/homepage/templates/iiab-homepage.conf similarity index 100% rename from roles/homepage/templates/iiab-home-page.conf rename to roles/homepage/templates/iiab-homepage.conf From 6f688799df3e75f5d420ca2cab16c5ed8b705799 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 23:43:50 -0400 Subject: [PATCH 154/466] Update main.yml --- roles/2-common/tasks/main.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index fe42574dc..f1e35905d 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,7 +1,11 @@ +# Common OS-Level Additions & Mods (that only need to be performed once) + +- name: ...IS BEGINNING ============================================] + command: echo #- include: iiab_ini.yml -# create the directory structure for XSCE +# create the directory structure for IIAB - include: fl.yml - include: xo.yml @@ -43,3 +47,6 @@ when: not is_debuntu and not is_F18 - include: udev.yml + +- name: ...WAS COMPLETED ===========================================] + command: echo From 3f4c42d3c6185e537ecc0b79ffd4fe376a2ac7c3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 23:46:57 -0400 Subject: [PATCH 155/466] Update main.yml --- roles/1-prep/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 60b896567..d3d7c47d3 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,3 +1,8 @@ +# OS/HW-Level Preparations + +- name: ...IS BEGINNING ============================================] + command: echo + - name: get the uuidgen program package: name=uuid-runtime state=present @@ -82,3 +87,6 @@ get_url: dest=/lib/firmware url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 + +- name: ...WAS COMPLETED ===========================================] + command: echo From 8088858b109485d1ffa92f4fa3da4e18fa5a1a6d Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 23:48:02 -0400 Subject: [PATCH 156/466] Update main.yml --- roles/1-prep/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index d3d7c47d3..b0a45f109 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,4 +1,4 @@ -# OS/HW-Level Preparations +# Preparations (Hardware Level) - name: ...IS BEGINNING ============================================] command: echo From a013dc6bfb50c0f1e8a437f3b28e26d3b83d3a57 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 22:58:56 -0500 Subject: [PATCH 157/466] clean up roles/4-server-options/tasks/main.yml --- roles/4-server-options/tasks/main.yml | 22 ---------------------- roles/authserver/tasks/main.yml | 9 ++++++++- roles/postgresql/tasks/main.yml | 11 +++++++++++ 3 files changed, 19 insertions(+), 23 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index bc933e102..ca77dc010 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -67,27 +67,5 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: Stop postgresql service - command: "/etc/init.d/postgresql stop" - ignore_errors: True - when: postgresql_install and is_debuntu - -- name: Start postgresql service - service: name=postgresql-iiab - state=restarted - enabled=yes - when: postgresql_enabled - -- name: Stop authserver service - service: name=xs-authserver - state=stopped - enabled=no - when: not authserver_enabled and authserver_install - -- name: Start xs-authserver service - service: name=xs-authserver - state=restarted - when: authserver_enabled - - name: ...WAS COMPLETED ===========================================] command: echo diff --git a/roles/authserver/tasks/main.yml b/roles/authserver/tasks/main.yml index 11e34c91f..304c72392 100644 --- a/roles/authserver/tasks/main.yml +++ b/roles/authserver/tasks/main.yml @@ -38,8 +38,15 @@ environment: XS_AUTHSERVER_DATABASE: /var/lib/xs-authserver/data.db -- name: Enable xs-authserver service +- name: Stop authserver service service: name=xs-authserver + state=stopped + enabled=no + when: not authserver_enabled + +- name: Start xs-authserver service + service: name=xs-authserver + state=restarted enabled=yes when: authserver_enabled diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index ac125b67a..73321bf7d 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -64,6 +64,11 @@ group=postgres mode=0640 +- name: Stop postgresql service + command: "/etc/init.d/postgresql stop" + ignore_errors: True + when: postgresql_install and is_debuntu + - name: Stop and disable stock postgresql service service: name=postgresql state=stopped @@ -75,6 +80,12 @@ enabled=yes when: postgresql_enabled +- name: Stop and disable postgresql-iiab service + service: name=postgresql + state=stopped + enabled=no + when: not postgresql_enabled + - name: Add postgresql to service list ini_file: dest='{{ service_filelist }}' section=postgresql From 2c1f3411ec45b6b9c667b2fe8e86a39cca1337ae Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 00:28:51 -0400 Subject: [PATCH 158/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index bc933e102..99f18fcb6 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -31,7 +31,7 @@ include_role: name: authserver when: authserver_install - tags: authserver + tags: olpc, authserver - name: CUPS include_role: From cf1d1fce2f8eafc2794f94864b1ce5b3d0467c07 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 00:56:28 -0400 Subject: [PATCH 159/466] Update main.yml --- roles/mysql/defaults/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/mysql/defaults/main.yml b/roles/mysql/defaults/main.yml index 276c573d7..982f2a583 100644 --- a/roles/mysql/defaults/main.yml +++ b/roles/mysql/defaults/main.yml @@ -1,4 +1,2 @@ -phpMyAdmin: "phpMyAdmin-4.2.7.1-all-languages.zip" mysql_install: True mysql_enabled: False -phpmyadmin_enabled: False From 83c1a8aab54a10db933a2ef9ad8eceef84c46da7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 00:58:23 -0400 Subject: [PATCH 160/466] Update main.yml --- roles/phpmyadmin/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/phpmyadmin/defaults/main.yml b/roles/phpmyadmin/defaults/main.yml index edb827543..c53c26477 100644 --- a/roles/phpmyadmin/defaults/main.yml +++ b/roles/phpmyadmin/defaults/main.yml @@ -1,2 +1,3 @@ -phpmyadmin_install: True +phpmyadmin_install: False phpmyadmin_enabled: False +phpMyAdmin: "phpMyAdmin-4.7.5-all-languages.zip" From f6bfb60f54bcc58ae7aa516a9cbd6d55690faade Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:01:02 -0400 Subject: [PATCH 161/466] Update main.yml --- roles/phpmyadmin/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 18204cab6..1218019d6 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -6,7 +6,7 @@ unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/ - name: Create a symbolic link to the folder of the current version phpmyadmin - file: path=/opt/phpmyadmin src=phpMyAdmin-4.2.7.1-all-languages state=link + file: path=/opt/phpmyadmin src=phpMyAdmin-4.7.5-all-languages state=link - name: Copy the phpmyadmin config file into place template: src=config.inc.php dest=/opt/phpmyadmin/config.inc.php From 76e387885c48a44322005c3a4b5b93cbcb2e480b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:38:00 -0400 Subject: [PATCH 162/466] Update main.yml --- roles/1-prep/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index b0a45f109..6388a65a1 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,6 +1,6 @@ # Preparations (Hardware Level) -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ============================================ command: echo - name: get the uuidgen program @@ -88,5 +88,5 @@ url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED =========================================== command: echo From 7a22e94d0d834dcf9a1d23b457aa4ab73e2a0987 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:39:40 -0400 Subject: [PATCH 163/466] Update main.yml --- roles/2-common/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index f1e35905d..2b5d6a352 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,6 +1,6 @@ # Common OS-Level Additions & Mods (that only need to be performed once) -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ========================================== command: echo #- include: iiab_ini.yml @@ -48,5 +48,5 @@ - include: udev.yml -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ========================================= command: echo From ddab0ca42bc2c4676c4533ea0ea09c774011912c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:41:14 -0400 Subject: [PATCH 164/466] Update main.yml --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 44de6651b..6024555bc 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,6 +1,6 @@ # Base Server -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ===================================== command: echo - name: HTTPD @@ -34,5 +34,5 @@ # line='BASE_VERSION="{{ gui_version }}"' # state=present -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ==================================== command: echo From e4e638a4ee46fb0cf94469c4f6210f6b47828b84 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:41:47 -0400 Subject: [PATCH 165/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 59c5fac02..340e103f5 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -1,6 +1,6 @@ # Server Options -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ================================== command: echo - name: SSHD @@ -67,5 +67,5 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ================================= command: echo From 66e13ab3e1a972fda96a6e09e33b8c8367b17a53 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:44:50 -0400 Subject: [PATCH 166/466] Update main.yml --- roles/0-init/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 54ec4b7d3..dd972fe09 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,3 +1,8 @@ +# Initialize + +- name: ...IS BEGINNING ============================================ + command: echo + - name: Determine if runansible was run stat: path=/etc/iiab/iiab.env register: NewInstall @@ -13,3 +18,6 @@ when: first_run # Now load the computed vars - include: roles/1-prep/tasks/computed_vars.yml + +- name: ...WAS COMPLETED =========================================== + command: echo From e05c525d8f6c78393ef304948c97ef9453335053 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:46:55 -0400 Subject: [PATCH 167/466] Update main.yml --- roles/5-xo-services/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index a2fa867f8..6769f69ca 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,6 +1,6 @@ # XO Services -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ===================================== command: echo - name: ACTIVITY-SERVER @@ -21,5 +21,5 @@ when: idmgr_install tags: olpc, idmgr -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ==================================== command: echo From f411d1b6cf6291fe56f84e147cf3796525620db7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:48:00 -0400 Subject: [PATCH 168/466] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index fb2ee19d9..07bbd4762 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,6 +1,6 @@ # Generic Apps -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ==================================== command: echo - name: CALIBRE @@ -45,5 +45,5 @@ when: wordpress_install tags: wordpress -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED =================================== command: echo From d5f11e8fa689d7d7ef955c1b1810dd083809c400 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:50:00 -0400 Subject: [PATCH 169/466] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index b59604c2e..34bc371c2 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,6 +1,6 @@ # Educational Apps -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ======================================== command: echo - name: KALITE @@ -39,5 +39,5 @@ when: sugarizer_install tags: sugarizer -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ======================================= command: echo From 701f972d92539da79e050bed8348c306cf774f4e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:53:18 -0400 Subject: [PATCH 170/466] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index a1b8d371a..eadc6283f 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,6 +1,6 @@ # Assessment and Monitoring Tools -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ====================================== command: echo - name: AWSTATS @@ -51,5 +51,5 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ===================================== command: echo From 641ad2340162ef248440619e96fa5bc9df259f72 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:55:08 -0400 Subject: [PATCH 171/466] Update main.yml --- roles/9-local-addons/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index f6c958753..31f166b3f 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,7 +1,7 @@ # Local Add-ons -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ==================================== command: echo -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED =================================== command: echo From 932a2988a6337f0d39b591c0ffc63fb188093c6c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:57:51 -0400 Subject: [PATCH 172/466] Update README.rst --- roles/9-local-addons/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/README.rst b/roles/9-local-addons/README.rst index 89be22318..84a671fc3 100644 --- a/roles/9-local-addons/README.rst +++ b/roles/9-local-addons/README.rst @@ -7,7 +7,7 @@ This role is a place to aggregate roles developed by various contributors or loc Development ----------- -Create the role you wish to add to the XSCE School Server by following the pattern of another role or any other means. +Create the role you wish to add to Internet-in-a-Box by following the pattern of another role or any other means. Packaging --------- @@ -18,4 +18,4 @@ the next ansible run. More Info --------- -Have a look at the docs section of this git repo for more detailed information. \ No newline at end of file +Have a look at the docs section of this git repo for more detailed information. From b9278fedf78fd2d55331bca8b4994869d53472a1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:59:33 -0400 Subject: [PATCH 173/466] Update README.rst --- roles/6-generic-apps/README.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/README.rst b/roles/6-generic-apps/README.rst index 03df57f50..d1bc82dae 100644 --- a/roles/6-generic-apps/README.rst +++ b/roles/6-generic-apps/README.rst @@ -2,6 +2,7 @@ Generic Apps README =================== -This role is a place to aggregate roles that install apps of a more generic nature, as opposed to educational or managment. -Content Management Systems or Chat or Wiki applications would go here. +This role is a place to aggregate roles that install apps of a more generic or collaborative nature, +as opposed to educational or managment. Content Management Systems or Chat or Wiki applications +would go here. From 83e9d0bd600a848475819bb327ecfa7011dc5897 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:00:35 -0400 Subject: [PATCH 174/466] Update README.rst --- roles/5-xo-services/README.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/5-xo-services/README.rst b/roles/5-xo-services/README.rst index b215621b0..b0926083c 100644 --- a/roles/5-xo-services/README.rst +++ b/roles/5-xo-services/README.rst @@ -2,5 +2,4 @@ XO Services README ================== -This role is a place to aggregate roles that provide XO specific services. - +This role is a place to aggregate roles that provide specific services for One Laptop Per Child's XO laptops. From 3601c33d5ba9696a2f65947188745f70ec047c84 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:01:03 -0400 Subject: [PATCH 175/466] Update README.rst --- roles/6-generic-apps/README.rst | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/6-generic-apps/README.rst b/roles/6-generic-apps/README.rst index d1bc82dae..372e32d08 100644 --- a/roles/6-generic-apps/README.rst +++ b/roles/6-generic-apps/README.rst @@ -5,4 +5,3 @@ Generic Apps README This role is a place to aggregate roles that install apps of a more generic or collaborative nature, as opposed to educational or managment. Content Management Systems or Chat or Wiki applications would go here. - From 9fd1466b7818dd4c0041312072d4d6b1c25469d3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:01:27 -0400 Subject: [PATCH 176/466] Update README.rst --- roles/7-edu-apps/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/7-edu-apps/README.rst b/roles/7-edu-apps/README.rst index 05ede48d8..edb32c1d9 100644 --- a/roles/7-edu-apps/README.rst +++ b/roles/7-edu-apps/README.rst @@ -3,4 +3,4 @@ Educational Apps and Content README =================================== This role is a place to aggregate roles that provide Educational Content or -are specifically targetted at pedagogical activities. +are specifically targetted at pedagogical activities. From 070c4bcc3deacd93edb6a6cb21d7f41e2f0874ce Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:04:55 -0400 Subject: [PATCH 178/466] Update README.rst --- roles/9-local-addons/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/README.rst b/roles/9-local-addons/README.rst index 84a671fc3..b06e7f461 100644 --- a/roles/9-local-addons/README.rst +++ b/roles/9-local-addons/README.rst @@ -12,10 +12,10 @@ Create the role you wish to add to Internet-in-a-Box by following the pattern of Packaging --------- -Add your role into the main.yml file in the meta directory of the 7-local-addons role. It will now get installed as part of +Add your role into the main.yml file in the tasks directory of the 9-local-addons role. It will now get installed as part of the next ansible run. More Info --------- -Have a look at the docs section of this git repo for more detailed information. +Have a look at https://github.com/iiab/iiab/wiki/IIAB-Architecture (offline at http://box/info/IIAB-Architecture.html) for more detailed information. From 2ce1414e4f12e8bb75d0edf236a5eb69ff0a983b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:07:25 -0400 Subject: [PATCH 179/466] Update README.rst --- roles/3-base-server/README.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/3-base-server/README.rst b/roles/3-base-server/README.rst index 366e5a9e8..e3f2ab091 100644 --- a/roles/3-base-server/README.rst +++ b/roles/3-base-server/README.rst @@ -6,7 +6,6 @@ This role is a place to aggregate roles that are required to create a basic web The functionality here is not packages that are not directly consumed by users, which are in common, nor specific applications, such as those found in the apps and tools roles. -The difference between this aggregate and server-options is that the roles here are required. +The difference between this aggregate (3-base-server) and 4-server-options is that the roles here are required. Eventually a graphical configuration console will be added here. - From 5ffe093d0d6c9667f2a075b8b0a2cc03f3f47c3a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:12:04 -0400 Subject: [PATCH 183/466] Update README.rst --- roles/1-prep/README.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/README.rst b/roles/1-prep/README.rst index 660c800d3..00fef1be7 100644 --- a/roles/1-prep/README.rst +++ b/roles/1-prep/README.rst @@ -2,5 +2,6 @@ Prep README =========== -This role is a sort on init or startup. It includes preliminaries like hostname and is where things -that are specific to a particular platform, such as the XO, are done before the bulk of the install. +This role is primarily hardware-focused, prior to OS additions/mods. Traditionally it included +preliminaries like hostname and things specific to a particular platform, such as the XO laptop, +done before the bulk of the install. From 8f75d24dfa1fe0c811c0001ce2c2f675c162b7b3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:37:42 -0400 Subject: [PATCH 184/466] Update enable_services.yml --- roles/network/tasks/enable_services.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 60dc795af..623ede0e9 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -19,7 +19,7 @@ - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' } when: dhcpd_enabled -- name: Copy named file +- name: Copy named file template: src={{ item.src }} dest={{ item.dest }} owner=root From 3196b933ff0a4f5e2e50e9c12fb9665aaba7dd3c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:43:56 -0400 Subject: [PATCH 185/466] Update main.yml --- roles/cups/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 61abe61a5..012aa3685 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -31,7 +31,7 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable services for cups for xo's +- name: Enable services for cups for XO laptops service: name=cups state=started enabled=yes @@ -50,7 +50,7 @@ - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for cups for xo's +- name: Disable services for cups for XO laptops service: name=cups state=stopped enabled=no From 3c6d31b22f26506c2f1142297af0e68b59ef62b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 03:27:28 -0400 Subject: [PATCH 186/466] Update detected_network.yml --- roles/network/tasks/detected_network.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index e38409257..0676934b6 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -84,7 +84,7 @@ when: blacklist_wifi is defined and discovered_wireless_iface != iiab_wan_iface and num_wifi_interfaces >= "2" # LAN - pick non WAN's -- name: Create list of LAN (non wan) ifaces +- name: Create list of LAN (non wan) ifaces shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} register: lan_list_result ignore_errors: True From 066c0c09c5a038199fa3ef75fcbc6378dd4b8abe Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 03:51:56 -0400 Subject: [PATCH 187/466] Update main.yml --- roles/awstats/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/awstats/tasks/main.yml b/roles/awstats/tasks/main.yml index 7326d9670..f1feed18c 100644 --- a/roles/awstats/tasks/main.yml +++ b/roles/awstats/tasks/main.yml @@ -1,7 +1,7 @@ - include: install.yml when: awstats_install -- name: Add awstats to service list +- name: Add AWStats to service list ini_file: dest='{{ service_filelist }}' section=awstats option='{{ item.option }}' @@ -10,7 +10,7 @@ - option: name value: awstats - option: description - value: '"Awstats is Advanced Web Statistics package written in perl which generates static or dynamic html summaries based upon web server logs"' + value: '"AWStats is Advanced Web Statistics package written in Perl which generates static or dynamic html summaries based upon web server logs"' - option: installed value: "{{ awstats_install }}" - option: enabled From 77b3c9dd02c7124cb13873dc3b130f4ea6f4a960 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 03:55:12 -0400 Subject: [PATCH 188/466] Awstats -> AWStats --- roles/awstats/tasks/install.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index 6610d9dc2..0e10e5c33 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Install awstats package +- name: Install AWStats package package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Install awstats package +- name: Install AWStats package package: name={{ item }} state=present with_items: @@ -22,7 +22,7 @@ command: a2enmod cgi when: is_debuntu -- name: Create directory for awstat to use as intermediate summary storage +- name: Create directory for AWStats to use as intermediate summary storage file: path={{ item }} mode=0750 owner={{ apache_user }} @@ -33,7 +33,7 @@ - "{{ awstats_data_dir }}" - "{{ apache_log_dir }}" -- name: Install the Apache config for Advanced Web Statistics +- name: Install the Apache config for AWStats template: src=apache.conf dest=/etc/{{ apache_config_dir }}/awstats.conf owner=root @@ -41,7 +41,7 @@ mode=0644 when: awstats_enabled and is_debuntu -- name: Install the Apache config for Advanced Web Statistics +- name: Install the Apache config for AWStats template: src=apache-awstats.conf dest=/etc/{{ apache_config_dir }}/awstats.conf owner=root @@ -63,18 +63,18 @@ command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist when: awstats.stat.islnk is defined and not awstats.stat.islnk -- name: Enable Awstats +- name: Enable AWStats file: src=/etc/apache2/sites-available/awstats.conf path=/etc/apache2/sites-enabled/awstats.conf state=link when: awstats_enabled and is_debuntu -- name: Disable Awstats +- name: Disable AWStats file: path=/etc/apache2/sites-enabled/awstats.conf state=absent when: not awstats_enabled and is_debuntu -- name: Install the awstats config for Advanced Web Statistics +- name: Install the AWStats config template: src=awstats.schoolserver.conf.j2 dest=/etc/awstats/awstats.schoolserver.conf owner=root @@ -82,16 +82,16 @@ mode=0644 when: awstats_enabled -- name: Create a symbolic link to use when access is by ip address +- name: Create a symbolic link to use when access is by IP address file: src=/etc/awstats/awstats.schoolserver.conf dest=/etc/awstats/awstats.conf state=link when: awstats_enabled -- name: On first enabling of awstats, summarize httpd logs up to now +- name: On first enabling of AWStats, summarize httpd logs up to now shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update when: awstats_enabled and not is_debuntu -- name: On first enabling of awstats, summarize httpd logs up to now +- name: On first enabling of AWStats, summarize httpd logs up to now shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update when: awstats_enabled and is_debuntu From b18a2df1f04fd9d20d77c722bd5d975839bb312e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 04:20:53 -0400 Subject: [PATCH 189/466] Update computed_vars.yml --- roles/1-prep/tasks/computed_vars.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 964f0b723..ae53e7970 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -9,7 +9,7 @@ xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}' phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}' -- name: Set exFAT enabled for XOs +- name: Set exFAT enabled for XO laptops set_fact: exFAT_enabled: True when: xo_model != "none" @@ -88,7 +88,7 @@ gui_port: 443 when: adm_cons_force_ssl -- name: Turn on mysql if elgg or rachel enabled +- name: Require MySQL to be on set_fact: mysql_install: True mysql_enabled: True @@ -104,13 +104,13 @@ # when: sugarizer_enabled # There might be other db's -- name: Turn on postgresql if moodle or pathagar enabled +- name: Turn on PostgreSQL if Moodle or Pathagar enabled set_fact: postgresql_install: True postgresql_enabled: True when: moodle_enabled or pathagar_enabled -- name: Turn on docker if schooltool is to be installed +- name: Turn on Docker if SchoolTool is to be installed set_fact: docker_install: True docker_enabled: True @@ -130,18 +130,18 @@ # but 'mariadb', which is its real name can # on fedora 18 we need to use 'mysqld' -- name: Set mysqld service name to mariadb by default +- name: Set mysqld_service to mariadb by default set_fact: mysql_service: mariadb -- name: Set mysqld service name to mysqld for fedora 18 +- name: Set mysqld_service to mysqld for Fedora 18 set_fact: mysql_service: mysqld no_NM_reload: True is_F18: True when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" -- name: Set mysql service name to mysql for debian +- name: Set mysql_service to mysql for Debian set_fact: mysql_service: mysql when: is_debuntu From ab79c36f4a1a864508ef4f49fe6ba9965d1c7672 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 05:31:32 -0400 Subject: [PATCH 190/466] ordered correctly, per tasks/main.yml across Ansible's 9 stages --- vars/default_vars.yml | 375 +++++++++++++++++++++--------------------- 1 file changed, 192 insertions(+), 183 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index aa9b22acd..fba8c450c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -38,16 +38,17 @@ language_priority: en es # Time Zone (php needs timezone to be set) local_tz: "{{ ansible_date_time.tz }}" -# Network Parameters +# Read https://github.com/iiab/iiab/wiki/IIAB-Networking +# Also readable offline @ http://box/info/IIAB-Networking.html + +# NETWORK PARAMETERS FOLLOW ACROSS THE NEXT 60 LINES, as enabled by Ansible's +# NETWORK role (/opt/iiab/iiab/roles/network/*) in 4-SERVER-OPTIONS. iiab_hostname: box iiab_domain: lan lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 -# Read https://github.com/iiab/iiab/wiki/IIAB-Networking -# Also readable offline @ http://box/info/IIAB-Networking.html - # Gateway mode iiab_lan_enabled: True iiab_wan_enabled: True @@ -66,33 +67,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -# Intended for developers -exFAT_enabled: False -user_wan_iface: auto -user_lan_iface: auto -wan_ip: dhcp -wan_netmask: -wan_gateway: -wan_nameserver: -#only change these if you know what you are doing - -# Parameters by Aggregate Roles -# Each Role must have the following variables which are either True or False: -# _install -# _enabled - -# Our current convention is to install everything in all aggregates -# And to enable everything in 1-PREP, 2-COMMON, and 3-BASE - -# 1-PREP - -# 2-COMMON - -# 3-BASE-SERVER - -# Apache -allow_apache_sudo: False - # dhcpd dhcpd_install: True dhcpd_enabled: False @@ -120,17 +94,51 @@ gw_squid_whitelist: False gw_block_https: False iiab_gateway_enabled: True -# Home page -# Default to the gui where the selection is made or override in local_vars.yml -iiab_home_url: /home +# Intended for developers +user_wan_iface: auto +user_lan_iface: auto +wan_ip: dhcp +wan_netmask: +wan_gateway: +wan_nameserver: +exFAT_enabled: False +#only change these if you know what you are doing -# You can change iiab_home_url in local_vars.yml in order to get a different home page. -# For example one of the following: (assuming they are enabled) +# Parameters by Aggregate Roles +# Each Role must have the following variables which are either True or False: +# _install +# _enabled -# iiab_home_url: /home -# iiab_home_url: /xs-portal - the alternate home page -# iiab_home_url: /wordpress -# iiab_home_url: /wiki - either dokuwiki or mediawiki +# Our current convention is to install everything in all aggregates +# And to enable everything in 1-PREP, 2-COMMON, and 3-BASE-SERVER + +# 1-PREP + +# Docker (lesser-supported) +docker_install: False +docker_enabled: False + +# 2-COMMON + +# 3-BASE-SERVER + +# Needed if you want http://box/common/services/power_off.php to work +allow_apache_sudo: False + +# HTTPD role runs here. + +# IIAB-ADMIN role runs here. + +# MySQL - SEE roles/1-prep/tasks/computed_vars.yml for de facto defaults +mysql_install: True +mysql_enabled: True +# password is fixmysql +# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 +mysql_root_password: fixmysql + +# PostgreSQL +postgresql_install: False +postgresql_enabled: False # 4-SERVER-OPTIONS @@ -144,43 +152,52 @@ openvpn_cron_enabled: False openvpn_install: True openvpn_enabled: False -# Samba. Take a security audit seriously before deploying this. -samba_install: False -samba_enabled: False +# NETWORK role runs here. -# PostgreSQL -postgresql_install: False -postgresql_enabled: False +# Homepage +# Default to the gui where the selection is made or override in local_vars.yml +iiab_home_url: /home + +# You can change iiab_home_url in local_vars.yml in order to get a different home page. +# For example one of the following: (assuming they are enabled) + +# iiab_home_url: /home +# iiab_home_url: /xs-portal - the alternate homepage +# iiab_home_url: /wordpress +# iiab_home_url: /wiki - either dokuwiki or mediawiki # authserver authserver_install: False authserver_enabled: False +# Common UNIX Printing System (CUPS) +cups_install: True +cups_enabled: False + +# Samba. Take a security audit seriously before deploying this. +samba_install: False +samba_enabled: False + # usb-lib usb_lib_install: True usb_lib_enabled: True -# Docker -docker_install: False -docker_enabled: False - -# Common UNIX Printing System -cups_install: True -cups_enabled: False +# Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) +nodocs: False # 5-XO-SERVICES -# Lesser-supported XO services need additional testing. Please uncomment -# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact +# Lesser-supported XO services need additional testing. Please contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. xo_services_install: False xo_services_enabled: False -# ejabberd -ejabberd_install: False -ejabberd_enabled: False +# activity-server +activity_server_install: False +activity_server_enabled: False +# ejabberd-xs ejabberd_xs_install: False ejabberd_xs_enabled: False @@ -188,9 +205,113 @@ ejabberd_xs_enabled: False idmgr_install: False idmgr_enables: False -# activity-server -activity_server_install: False -activity_server_enabled: False +# 6-GENERIC-APPS + +# Calibre +calibre_install: True +calibre_enabled: False +calibre_port: 8080 + +# DokuWiki +dokuwiki_install: False +dokuwiki_enabled: False + +# Elgg +elgg_install: True +elgg_enabled: False +# elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 +elgg_mysql_password: elgg4kids + +# ejabberd +ejabberd_install: False +ejabberd_enabled: False + +# Nextcloud +nextcloud_install: True +nextcloud_enabled: False + +# ownCloud +owncloud_install: False +owncloud_enabled: False + +# WordPress +wordpress_install: True +wordpress_enabled: False + +# 7-EDU-APPS + +# KA Lite +kalite_install: True +kalite_root: "/library/ka-lite" +kalite_user: kalite +kalite_password_hash: $6$$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/ +kalite_password: kalite +kalite_server_name: kalite +kalite_server_port: 8008 +kalite_enabled: False +kalite_cron_enabled: False + +# Kiwix +kiwix_install: True +kiwix_enabled: True +kiwix_port: 3000 +iiab_zim_path: /library/zims + +# Moodle +moodle_install: False +moodle_enabled: False + +# OpenStreetMap (OSM) +osm_install: True +osm_enabled: False +# changed in June 2017 from: +# iiab_install: True +# iiab_enabled: False + +# Pathagar - similar to Calibre, but unmaintained +pathagar_install: False +pathagar_enabled: False + +# Sugarizer +sugarizer_install: True +sugarizer_enabled: False + +# 8-MGMT-TOOLS + +# AWStats -- sumarizes http access logs +awstats_install: True +awstats_enabled: False + +# Monit +monit_install: False +monit_enabled: False +watchdog: + - sshd + - idmgr + - ejabberd + - httpd + - postgresql + - squid + +# Munin +munin_install: True +munin_enabled: False + +# Handy for maintaining tables, but DANGEROUS if not locked down +phpmyadmin_install: False +phpmyadmin_enabled: False + +# sugar-stats +sugar_stats_install: False +sugar_stats_enabled: False + +# TeamViewer - unmaintained (better to install from http://teamviewer.com) +teamviewer_install: False +teamviewer_enabled: False + +# vnStat +vnstat_install: True +vnstat_enabled: False # XOVis xovis_install: False @@ -206,134 +327,22 @@ xovis_root: "/opt/xovis" xovis_backup_dir: "/library/users" xovis_chart_heading: "My School: Usage Data Visualization" -# sugar-stats -sugar_stats_install: False -sugar_stats_enabled: False - -# 6-GENERIC-APPS - -# MySQL -mysql_install: True -mysql_enabled: False -# password is fixmysql -# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 -mysql_root_password: fixmysql - -# Handy for maintaining tables, but DANGEROUS if not locked down -phpmyadmin_install: False -phpmyadmin_enabled: False - -# Elgg -elgg_install: True -elgg_enabled: False -# elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 -elgg_mysql_password: elgg4kids - -# OwnCloud -owncloud_install: False -owncloud_enabled: False - -# Nextcloud -nextcloud_install: True -nextcloud_enabled: False - -# WordPress -wordpress_install: True -wordpress_enabled: False - -# DokuWiki -dokuwiki_install: False -dokuwiki_enabled: False - -# 7-EDU-APPS - -# Moodle -moodle_install: False -moodle_enabled: False - -# Internet-in-a-Box -#iiab_install: True -#iiab_enabled: False -# above 2 variables changed in June 2017 to: -osm_install: True -osm_enabled: False - -# Pathagar -pathagar_install: False -pathagar_enabled: False - -# Calibre -calibre_install: True -calibre_enabled: False -calibre_port: 8080 - -# RACHEL -rachel_install: False -rachel_enabled: False -rachel_content_found: False -#rachel_url: /rachel -rachel_doc_root: "{{ doc_root }}/modules" - -# Kiwix-serve -kiwix_install: True -kiwix_enabled: True -kiwix_port: 3000 -iiab_zim_path: /library/zims - -# KA Lite -kalite_install: True -kalite_root: "/library/ka-lite" -kalite_user: kalite -kalite_password_hash: $6$$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/ -kalite_password: kalite -kalite_server_name: kalite -kalite_server_port: 8008 -kalite_enabled: False -kalite_cron_enabled: False - -# Sugarizer -sugarizer_install: True -sugarizer_enabled: False - -# 8-MGMT-TOOLS - -# Munin -munin_install: True -munin_enabled: False - -# Monit -monit_install: False -monit_enabled: False -watchdog: - - sshd - - idmgr - - ejabberd - - httpd - - postgresql - - squid - -# vnStat -vnstat_install: True -vnstat_enabled: False - -# AWStats -- sumarizes http access logs -awstats_install: True -awstats_enabled: False - -# SchoolTool -schooltool_install: False -schooltool_enabled: False +# ================================================================ # Ajenti - unmaintained # ajenti_install: False # ajenti_enabled: False -# TeamViewer - unmaintained (better to install from http://teamviewer.com) -teamviewer_install: False -teamviewer_enabled: False +# RACHEL - no longer in use +# rachel_install: False +# rachel_enabled: False +# rachel_content_found: False +# #rachel_url: /rachel +# rachel_doc_root: "{{ doc_root }}/modules" -# Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) -nodocs: False +# SchoolTool - unmaintained +# schooltool_install: False +# schooltool_enabled: False # ================================================================ # Platforms - turn all off and let .yml turn on as appropriate From a0d8c2682f08d139e503887b731b06f5f10fa354 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 05:41:17 -0400 Subject: [PATCH 191/466] Update default_vars.yml --- vars/default_vars.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index fba8c450c..d874f4c2b 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -109,7 +109,7 @@ exFAT_enabled: False # _install # _enabled -# Our current convention is to install everything in all aggregates +# Our past convention was to install everything in all aggregates # And to enable everything in 1-PREP, 2-COMMON, and 3-BASE-SERVER # 1-PREP @@ -155,14 +155,13 @@ openvpn_enabled: False # NETWORK role runs here. # Homepage -# Default to the gui where the selection is made or override in local_vars.yml +# Default to the GUI where the selection is made or override in local_vars.yml iiab_home_url: /home -# You can change iiab_home_url in local_vars.yml in order to get a different home page. -# For example one of the following: (assuming they are enabled) +# You can change iiab_home_url in local_vars.yml in order to get a different +# homepage. For example one of the following: (assuming they are enabled) # iiab_home_url: /home -# iiab_home_url: /xs-portal - the alternate homepage # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki From 7aafaadfd26f48e73f0f2903e61eb6ff0ae50b70 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 05:45:34 -0400 Subject: [PATCH 192/466] Update default_vars.yml --- vars/default_vars.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index d874f4c2b..97b731802 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -118,6 +118,10 @@ exFAT_enabled: False docker_install: False docker_enabled: False +# SchoolTool - unmaintained +schooltool_install: False +schooltool_enabled: False + # 2-COMMON # 3-BASE-SERVER @@ -339,10 +343,6 @@ xovis_chart_heading: "My School: Usage Data Visualization" # #rachel_url: /rachel # rachel_doc_root: "{{ doc_root }}/modules" -# SchoolTool - unmaintained -# schooltool_install: False -# schooltool_enabled: False - # ================================================================ # Platforms - turn all off and let .yml turn on as appropriate From ccadf7090df417f9a1527055c570a054465eda9e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 06:16:11 -0400 Subject: [PATCH 193/466] Update default_vars.yml --- vars/default_vars.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 97b731802..2b2f78a2f 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -76,14 +76,14 @@ named_install: True named_enabled: True block_DNS: False -# DansGuardian -dansguardian_install: False -dansguardian_enabled: False - # Squid squid_install: False squid_enabled: False +# DansGuardian +dansguardian_install: False +dansguardian_enabled: False + # Wonder Shaper # Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 wondershaper_install: False From 8184ec3baebc65b61a84e7a973e463065b2a94c4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:15:49 -0400 Subject: [PATCH 194/466] Update default_vars.yml --- vars/default_vars.yml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 2b2f78a2f..4d610239c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -49,14 +49,6 @@ iiab_domain: lan lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 -# Gateway mode -iiab_lan_enabled: True -iiab_wan_enabled: True -ssh_port: 22 -gui_wan: True -adm_cons_force_ssl: False -adm_cons_allow_downloads: False - # Internal Wi-Fi Access Point # Values are used if there is an internal Wi-Fi adapter and hostapd is enabled # The platform variable adapts install to specific hardware (raspberry pi=rpi2) @@ -67,6 +59,19 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme +# Gateway mode +iiab_lan_enabled: True +iiab_wan_enabled: True +ssh_port: 22 +gui_wan: True +adm_cons_force_ssl: False +adm_cons_allow_downloads: False + +# Gateway and Filters +iiab_gateway_enabled: True +gw_squid_whitelist: False +gw_block_https: False + # dhcpd dhcpd_install: True dhcpd_enabled: False @@ -89,11 +94,6 @@ dansguardian_enabled: False wondershaper_install: False wondershaper_enabled: False -# Gateway and Filters -gw_squid_whitelist: False -gw_block_https: False -iiab_gateway_enabled: True - # Intended for developers user_wan_iface: auto user_lan_iface: auto @@ -304,7 +304,7 @@ munin_enabled: False phpmyadmin_install: False phpmyadmin_enabled: False -# sugar-stats +# sugar-stats - unmaintained sugar_stats_install: False sugar_stats_enabled: False @@ -316,7 +316,7 @@ teamviewer_enabled: False vnstat_install: True vnstat_enabled: False -# XOVis +# XOVis - unmaintained xovis_install: False xovis_enabled: False xovis_target_host: "127.0.0.1:5984" From 7709c2513a88d434358fc72b1f06b285c2894ce0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:18:38 -0400 Subject: [PATCH 195/466] grab latest local_var.yml community norms from http://wiki.laptop.org/go/IIAB/local_vars.yml --- vars/medium.localvars | 118 +++++++++++++++++++++++------------------- 1 file changed, 65 insertions(+), 53 deletions(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 8c6459e6e..3f2d9fd21 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -14,6 +14,7 @@ iiab_admin_user: iiab-admin iiab_hostname: box iiab_domain: lan +# Set to /home or /wordpress or /wiki (for DokuWiki or MediaWiki) iiab_home_url: /home host_ssid: "Internet in a Box" host_wifi_mode: g @@ -34,18 +35,20 @@ iiab_gateway_enabled: False # Make this False to disable http://box/common/services/power_off.php button: allow_apache_sudo: True -# 3-BASE-SERVER - squid_install: False squid_enabled: False dansguardian_install: False dansguardian_enabled: False -# Unmaintained +# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 # wondershaper_install: False # wondershaper_enabled: False +# 3-BASE-SERVER + +# MySQL & PostgreSQL are auto-installed around here as necessary. + # 4-SERVER-OPTIONS # SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security @@ -55,6 +58,10 @@ openvpn_enabled: False # openvpn_cron_enabled: True # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" +# Unmaintained +# authserver_install: False +# authserver_enabled: False + # Common UNIX Printing System cups_install: True cups_enabled: False @@ -63,18 +70,13 @@ cups_enabled: False samba_install: False samba_enabled: False -# Handy for maintaining tables, but DANGEROUS if not locked down -phpmyadmin_install: False -phpmyadmin_enabled: False - # 5-XO-SERVICES -# Lesser-supported XO services need additional testing. Please uncomment -# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact +# Lesser-supported XO services need additional testing. Please contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. -# authserver_install: False -# authserver_enabled: False +# xo_services_install: False +# xo_services_enabled: False # activity_server_install: False # activity_server_enabled: False @@ -83,44 +85,51 @@ phpmyadmin_enabled: False # idmgr_install: False # idmgr_enabled: False -# ejabberd_install: False -# ejabberd_enabled: False - -# xo_services_install: False -# xo_services_enabled: False - -# sugar_stats_install: False -# sugar_stats_enabled: False - -# xovis_install: False -# xovis_enabled: False +# ejabberd_xs_install: False +# ejabberd_xs_enabled: False # 6-GENERIC-APPS +calibre_install: True +calibre_enabled: True +# Change calibre_port to 8010 if you're using XO laptops needing above idmgr +calibre_port: 8080 + +dokuwiki_install: False +dokuwiki_enabled: False + +elgg_install: True +elgg_enabled: True + +ejabberd_install: False +ejabberd_enabled: False + nextcloud_install: True nextcloud_enabled: True wordpress_install: True wordpress_enabled: True -elgg_install: True -elgg_enabled: True - -dokuwiki_install: False -dokuwiki_enabled: False - # 7-EDU-APPS +kalite_install: True +kalite_enabled: True +kalite_cron_enabled: True + +kiwix_install: True +kiwix_enabled: True + +# Warning: Moodle is a serious LMS, that takes a while to install +moodle_install: False +moodle_enabled: False + # OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 osm_install: True osm_enabled: True -kiwix_install: True -kiwix_enabled: True - -kalite_install: True -kalite_enabled: True -kalite_cron_enabled: True +# Similar to Calibre, but unmaintained +pathagar_install: False +pathagar_enabled: False # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 sugarizer_install: True @@ -129,33 +138,36 @@ sugarizer_enabled: True # https://github.com/iiab/iiab/issues/193 Subsequent "./runtags sugarizer" fail # https://github.com/iiab/iiab/issues/240 Sugarizer 0.8 to 0.9 ongoing issues -calibre_install: True -calibre_enabled: True -# Change calibre_port to 8010 if you're using XO laptops needing above idmgr -calibre_port: 8080 - -# Similar to Calibre, but unmaintained -pathagar_install: False -pathagar_enabled: False - -# Warning: Moodle is a serious LMS, that takes a while to install -moodle_install: False -moodle_enabled: False - # 8-MGMT-TOOLS -munin_install: True -munin_enabled: True - -vnstat_install: True -vnstat_enabled: True - awstats_install: True awstats_enabled: True monit_install: False monit_enabled: False +munin_install: True +munin_enabled: True + +# Handy for maintaining tables, but DANGEROUS if not locked down +phpmyadmin_install: False +phpmyadmin_enabled: False + +# Unmaintained (better to install from http://teamviewer.com) +teamviewer_install: False +teamviewer_enabled: False + +vnstat_install: True +vnstat_enabled: True + +# Unmaintained +# sugar_stats_install: False +# sugar_stats_enabled: False + +# Unmaintained +# xovis_install: False +# xovis_enabled: False + # Unmaintained # schooltool_install: False # schooltool_enabled: False From 64c2dc1faa9b76f742fe16f1528ec4b78fc050dc Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:26:49 -0400 Subject: [PATCH 196/466] Update main.yml --- roles/0-init/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index dd972fe09..31e8e2054 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -19,5 +19,5 @@ # Now load the computed vars - include: roles/1-prep/tasks/computed_vars.yml -- name: ...WAS COMPLETED =========================================== +- name: ...HAS COMPLETED =========================================== command: echo From 3f0cae31d664eafbd07ed1e3cdc2c98d03e3301a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:27:04 -0400 Subject: [PATCH 197/466] Update main.yml --- roles/1-prep/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 6388a65a1..c64beaad4 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -88,5 +88,5 @@ url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 -- name: ...WAS COMPLETED =========================================== +- name: ...HAS COMPLETED =========================================== command: echo From 8de05f1f9fe78f08d60a1d18f1cea078883487bf Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:27:45 -0400 Subject: [PATCH 198/466] Update main.yml --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 2b5d6a352..33e821ef6 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -48,5 +48,5 @@ - include: udev.yml -- name: ...WAS COMPLETED ========================================= +- name: ...HAS COMPLETED ========================================= command: echo From ced8d1dd18e3abfc651217e81e1c6267b0e2b936 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:28:02 -0400 Subject: [PATCH 199/466] Update main.yml --- roles/3-base-server/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 6024555bc..279322513 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -34,5 +34,5 @@ # line='BASE_VERSION="{{ gui_version }}"' # state=present -- name: ...WAS COMPLETED ==================================== +- name: ...HAS COMPLETED ==================================== command: echo From b5cbfa619c2bea2c6651199650457453292ffc78 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:28:38 -0400 Subject: [PATCH 200/466] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 340e103f5..01684d2b7 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -67,5 +67,5 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: ...WAS COMPLETED ================================= +- name: ...HAS COMPLETED ================================= command: echo From b67e29c2b4ee9f2511f51c23ea440f440061bd1e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:29:12 -0400 Subject: [PATCH 201/466] Update main.yml --- roles/5-xo-services/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 6769f69ca..2ee59d9e0 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -21,5 +21,5 @@ when: idmgr_install tags: olpc, idmgr -- name: ...WAS COMPLETED ==================================== +- name: ...HAS COMPLETED ==================================== command: echo From aad9d297ae915b5862953adadb8e1e4799a5c8d5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:29:31 -0400 Subject: [PATCH 202/466] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 07bbd4762..6b4deeb49 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -45,5 +45,5 @@ when: wordpress_install tags: wordpress -- name: ...WAS COMPLETED =================================== +- name: ...HAS COMPLETED =================================== command: echo From 5c76060e8403d1994f4a8698ae753488d96f2c13 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:29:43 -0400 Subject: [PATCH 203/466] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 34bc371c2..d484570b1 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -39,5 +39,5 @@ when: sugarizer_install tags: sugarizer -- name: ...WAS COMPLETED ======================================= +- name: ...HAS COMPLETED ======================================= command: echo From 01782af67c9fa5ef78c20650f9b528e6557b1ad7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:30:03 -0400 Subject: [PATCH 204/466] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index eadc6283f..01920102d 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -51,5 +51,5 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: ...WAS COMPLETED ===================================== +- name: ...HAS COMPLETED ===================================== command: echo From 7d6a249a63ba5f2372723d8199c7a2ced969b9dc Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:30:20 -0400 Subject: [PATCH 205/466] Update main.yml --- roles/9-local-addons/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 31f166b3f..197bb3366 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -3,5 +3,5 @@ - name: ...IS BEGINNING ==================================== command: echo -- name: ...WAS COMPLETED =================================== +- name: ...HAS COMPLETED =================================== command: echo From 82bd0d346a6da93fb88381b0208c4fc8130eeb07 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:51:43 -0400 Subject: [PATCH 206/466] rename IIAB -> OSM here --- roles/osm/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index e71dbda79..de2ef415f 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install IIAB required packages +- name: Install OSM required packages package: name={{ item }} state=present with_items: @@ -9,7 +9,7 @@ - libapache2-mod-xsendfile when: is_debuntu -- name: Install IIAB required packages +- name: Install OSM required packages package: name={{ item }} state=present with_items: @@ -21,7 +21,7 @@ - mod_xsendfile when: not is_debuntu -# IIAB wants a specific version do that first +# OSM wants a specific version do that first - name: Install Whoosh 2.6 pip: name=whoosh virtualenv={{ osm_venv }} @@ -30,7 +30,7 @@ extra_args="--no-cache-dir" when: internet_available and is_debuntu -- name: Install IIAB with dependencies +- name: Install OSM with dependencies pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no @@ -41,7 +41,7 @@ - Internet-in-a-Box when: internet_available and is_debuntu -# IIAB wants a specific version do that first +# OSM wants a specific version do that first - name: Install Whoosh 2.6 pip: name=whoosh virtualenv={{ osm_venv }} @@ -50,7 +50,7 @@ # extra_args="--no-cache-dir" when: internet_available and not is_debuntu -- name: Install IIAB with dependencies +- name: Install OSM with dependencies pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no @@ -77,7 +77,7 @@ line="path_to_virtualenv = '/usr/local/osm'" state=present -- name: All - Copy IIAB config file +- name: All - Copy OSM config file template: backup=no src=osm.conf.j2 dest=/etc/{{ apache_config_dir }}/osm.conf @@ -137,7 +137,7 @@ service: name={{ apache_service }} state=restarted -- name: add osm to service list +- name: Add OSM to service list ini_file: dest='{{ service_filelist }}' section=osm option='{{ item.option }}' From 0d2d29b3863a5da61a30cd85af86e2067247e5e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 08:18:26 -0400 Subject: [PATCH 207/466] clean up OpenVPN messaging --- roles/openvpn/tasks/main.yml | 51 ++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 8f974abbf..d0b45f685 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install openvpn packages +- name: Install OpenVPN packages package: name={{ item }} state=present with_items: @@ -27,7 +27,7 @@ file: path=/usr/lib/iiab state=directory -- name: Configure openvpn +- name: Configure OpenVPN template: src={{ item.src }} dest={{ item.dest }} owner={{ item.owner }} @@ -49,59 +49,60 @@ - { src: 'iiab-remote-on', dest: '/usr/bin/iiab-remote-on', owner: "root" , mode: '0755' } - { src: 'iiab-remote-off', dest: '/usr/bin/iiab-remote-off', owner: "root" , mode: '0755' } -- name: put up_wan in place for debian +- name: Put up_wan in place for Debian template: src=up_wan dest=/usr/lib/iiab/up_wan when: is_debuntu -- name: put dispatcher up for NM +- name: Put dispatcher up for NM template: src=15-openvpn dest=/etc/NetworkManager/dispatcher.d/ when: not is_debuntu -- name: check for manually configured openvpn tunnel +- name: Check for manually configured OpenVPN tunnel stat: path=/etc/openvpn/iiab-vpn.conf register: stat + # note that ansible does not currently handle @ in a service name -- name: enable the openvpn tunnel at boot time +- name: Enable the OpenVPN tunnel at boot time shell: systemctl enable openvpn@xscenet.service when: openvpn_enabled and not stat.exists is defined and is_debuntu -- name: enable the openvpn tunnel at boot time for Debian +- name: Enable the OpenVPN tunnel at boot time for Debian shell: update-rc.d openvpn enable when: openvpn_enabled and not stat.exists is defined and is_debuntu -- name: start the openvpn tunnel now +- name: Start the OpenVPN tunnel now shell: systemctl start openvpn@xscenet.service when: openvpn_enabled and not stat.exists is defined and not installing -- name: make openvpn connection automatic + +- name: Make OpenVPN connection automatic lineinfile: dest=/etc/crontab line="25 * * * * root (/usr/bin/systemctl start openvpn@xscenet.service) > /dev/null" - when: - openvpn_enabled and openvpn_cron_enabled and not stat.exists is defined + when: openvpn_enabled and openvpn_cron_enabled and not stat.exists is defined -- name: make openvpn connection manual +- name: Make OpenVPN connection manual lineinfile: dest=/etc/crontab regexp=".*/usr/bin/systemctl*" state=absent - when: - not openvpn_enabled or not openvpn_cron_enabled + when: not openvpn_enabled or not openvpn_cron_enabled -- name: stop starting the openvpn tunnel at boot time - shell: systemctl disable openvpn@xscenet.service - when: not openvpn_enabled and not is_debuntu +- name: Stop starting the OpenVPN tunnel at boot time + shell: systemctl disable openvpn@xscenet.service + when: not openvpn_enabled and not is_debuntu -- name: stop starting the openvpn tunnel at boot time for Debian - shell: update-rc.d openvpn disable - when: not openvpn_enabled and is_debuntu +- name: Stop starting the OpenVPN tunnel at boot time for Debian + shell: update-rc.d openvpn disable + when: not openvpn_enabled and is_debuntu -- name: stop openvpn tunnel immediately - shell: systemctl stop openvpn@xscenet.service +- name: Stop OpenVPN tunnel immediately + shell: systemctl stop openvpn@xscenet.service ignore_errors: True - when: not openvpn_enabled and not installing + when: not openvpn_enabled and not installing -- name: Add openvpn to service list + +- name: Add OpenVPN to service list ini_file: dest='{{ service_filelist }}' section=openvpn option='{{ item.option }}' @@ -110,7 +111,7 @@ - option: name value: "openvpn" - option: description - value: '"Openvpn is a means of Contacting a server anywhere on the internet via a middleman server"' + value: '"OpenVPN is a means of connecting to a server anywhere on the internet via a middleman server"' - option: middleman_url value: "{{ vpn_presence }}" - option: port From 1bd1fbda8febdf433c29168a8ed34f2f4f6012c1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:16:55 -0400 Subject: [PATCH 208/466] cleaner Ansible messaging --- roles/1-prep/tasks/main.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index c64beaad4..e6e2b382a 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -3,12 +3,12 @@ - name: ...IS BEGINNING ============================================ command: echo -- name: get the uuidgen program +- name: Get the uuidgen program package: name=uuid-runtime state=present when: is_debuntu -- name: Test for UUID file +- name: Test for /etc/iiab/uuid file stat: path=/etc/iiab/uuid register: uuid_file @@ -25,11 +25,11 @@ shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid when: not uuid_file.stat.exists -- name: get the uuid +- name: Get the uuid command: cat /etc/iiab/uuid register: stored_uuid -- name: get the value into a variable +- name: Get the value into a variable set_fact: uuid={{ stored_uuid.stdout_lines[0] }} @@ -48,26 +48,26 @@ dest=/etc/chrony.conf src=chrony.conf.j2 -- name: Disable apparmor -- on by default in ubuntu +- name: Disable AppArmor -- on by default in Ubuntu service: name=apparmor enabled=False state=stopped when: first_run and is_ubuntu ignore_errors: true -- name: Disable selinux on next boot +- name: Disable SELinux on next boot selinux: state=disabled register: selinux_disabled when: first_run and not is_debuntu -- name: Disable selinux for this session (if needed) +- name: Disable SELinux for this session (if needed) command: setenforce Permissive when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed ## DISCOVER PLATFORMS ###### -- name: Discover if this is a rpi -- assume if so it is running raspbian +- name: Discover if this is an rpi -- assume it is running Raspbian if so set_fact: rpi_model: "rpi" is_rpi: "True" - when: ansible_local.local_facts.os == "raspbian" + when: ansible_local.local_facts.os == "raspbian" ignore_errors: true - include: prep.yml @@ -77,13 +77,13 @@ - include: raspberry_pi_2.yml when: first_run and rpi_model != "none" -- name: Check if the identifier for intel's NUC6 builtin wifi is present +- name: Check if the identifier for Intel's NUC6 builtin WiFi is present shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'" register: usb_NUC6 ignore_errors: true when: first_run -- name: download the firmware for built in wifi on NUC6 +- name: Download the firmware for built-in WiFi on NUC6 get_url: dest=/lib/firmware url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 From 0b688550ea7329ff811aa0a31587073f0889d31a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:18:51 -0400 Subject: [PATCH 209/466] cleaner Ansible messaging --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 33e821ef6..bfb69887b 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -32,7 +32,7 @@ - sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present -- name: Set default Timezone +- name: Set default Time Zone shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime when: iiab_TZ is defined and iiab_TZ != "" From 87f55cd62883802acbee3cdac8d19ce6530df865 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:21:30 -0400 Subject: [PATCH 210/466] cleaner Ansible messaging --- roles/4-server-options/tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 01684d2b7..69173b017 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -51,7 +51,7 @@ when: usb_lib_install tags: usb-lib -# this script can be sourced to get iiab location +# this script can be sourced to get IIAB location - name: Create iiab.env file template: src=roles/1-prep/templates/iiab.env.j2 dest=/etc/iiab/iiab.env @@ -59,11 +59,11 @@ group=root mode=0644 -- name: put a python interface to iiab.env +- name: Put a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py -- name: generate the offline documents +- name: Generate the offline documents command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs From 011005d707f58ba998eecd71831730d16ed44a62 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:25:51 -0400 Subject: [PATCH 211/466] cleaner Ansible messaging --- roles/httpd/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 81c6498fc..2eb71b8ce 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -40,7 +40,7 @@ - download when: is_redhat -- name: remove the default apache2 config file +- name: Remove the default apache2 config file file: path=/etc/apache2/sites-enabled/000-default.conf src=/etc/apache2/sites-available/000-default.conf state=absent @@ -67,7 +67,7 @@ - mpm_event.load when: is_debuntu -- name: create symlinks for mpm-prefork +- name: Create symlinks for mpm-prefork file: path=/etc/apache2/mods-enabled/{{ item }} src=/etc/apache2/mods-available/{{ item }} state=link @@ -76,7 +76,7 @@ - mpm_prefork.load when: is_debuntu -- name: turn on mod_proxy +- name: Turn on mod_proxy command: a2enmod {{ item }} with_items: - proxy @@ -85,7 +85,7 @@ - rewrite when: is_debuntu -- name: create symlinks for enabling our site +- name: Create symlinks for enabling our site file: path=/etc/apache2/sites-enabled/{{ item }} src=/etc/apache2/sites-available/{{ item }} state=link @@ -105,7 +105,7 @@ group=root state=directory -- name: create admin group +- name: Create admin group group: name=admin state=present @@ -146,7 +146,7 @@ tags: - base -- name: place the script to generate homepages +- name: Place the script to generate homepages template: src=refresh-wiki-docs.sh dest=/usr/bin/iiab-refresh-wiki-docs mode=0755 From 08a9014598d67bb1ff0c6194cbe4d5a320c681e3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:27:19 -0400 Subject: [PATCH 212/466] cleaner Ansible messaging --- roles/iiab-admin/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index 25c384717..4541f4027 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -28,12 +28,12 @@ stat: path=/home/pi/.config/lxsession register: lx -- name: Do the same if running on raspbian +- name: Do the same if running on Raspbian template: src=lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/ when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu -- name: put a autostart line to check for default password in LXDE +- name: Put an autostart line to check for default password in LXDE lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/autostart when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu From 2569968b294f22969ade49b932fd846f0122c244 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:31:12 -0400 Subject: [PATCH 213/466] cleaner Ansible messaging --- roles/iiab-admin/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/iiab-admin/README.rst b/roles/iiab-admin/README.rst index b39d4b729..01f202d6e 100644 --- a/roles/iiab-admin/README.rst +++ b/roles/iiab-admin/README.rst @@ -1,5 +1,5 @@ ================= -XSCE Admin README +IIAB Admin README ================= This role is home to a number of administrative playbooks. Those implemented are: @@ -22,4 +22,4 @@ Add Packages for Remote Access Admin Console ------------- -Has been moved to a separate git repo \ No newline at end of file +Has been moved to separate git repo: https://github.com/iiab/iiab-admin-console From e662025c4b1520bf7681420a321318e1b9122d06 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:33:32 -0400 Subject: [PATCH 214/466] cleaner Ansible messaging --- roles/network/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 20a94af78..0d8b2b8cc 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -80,7 +80,7 @@ tags: - network -- name: ask systemd to reread the unit files, picks up changes done +- name: Ask systemd to reread the unit files, picks up changes done shell: systemctl daemon-reload when: not installing @@ -99,7 +99,7 @@ - network when: is_debuntu and is_rpi and not installing -- name: Create iiab network flags +- name: Create IIAB network flags template: src=network/{{ item }}.j2 dest=/etc/sysconfig/{{ item }} mode=0644 From 504264a11fddb5d4f33388c72bbaa951df1b95c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:37:00 -0400 Subject: [PATCH 215/466] cleaner Ansible messaging --- roles/mysql/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 10b65e6b8..e4819172a 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -68,17 +68,17 @@ # 'localhost' needs to be the last item for idempotency, see # http://ansible.cc/docs/modules.html#mysql-user # unfortunately it still doesn't work - - name: update mysql root password for localhost root accounts + - name: Update MySQL root password for localhost root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: - localhost when: mysql_enabled - - name: copy .my.cnf file with root password credentials + - name: Copy .my.cnf file with root password credentials template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 when: mysql_enabled - - name: update mysql root password for all remaining root accounts + - name: Update mysql root password for all remaining root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: # - "{{ iiab_hostname }}.{{ iiab_domain }}" @@ -86,15 +86,15 @@ - ::1 when: mysql_enabled - - name: delete anonymous MySQL server user for {{ ansible_hostname }} + - name: Delete anonymous MySQL server user for {{ ansible_hostname }} mysql_user: user="" host="{{ ansible_hostname }}" state="absent" when: mysql_enabled - - name: delete anonymous MySQL server user for localhost + - name: Delete anonymous MySQL server user for localhost mysql_user: user="" state="absent" when: mysql_enabled - - name: remove the MySQL test database + - name: Remove the MySQL test database mysql_db: db=test state=absent when: mysql_enabled @@ -106,7 +106,7 @@ when: not mysql_enabled - - name: add mysql to service list + - name: Add mysql to service list ini_file: dest='{{ service_filelist }}' section=mysql option='{{ item.option }}' @@ -115,6 +115,6 @@ - option: name value: mysql-database - option: description - value: '"mySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' + value: '"MySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' - option: enabled value: "{{ mysql_enabled }}" From 50ced1eec845004562bce7e45cb23b43eabf2868 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:40:47 -0400 Subject: [PATCH 216/466] cleaner Ansible messaging --- roles/elgg/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index f78dba717..d76b35fe4 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -1,7 +1,7 @@ # Assume we only get here if elgg_install: True # Assume mysql is running -- name: download current version from our copy +- name: Download current version from our copy shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }} creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip when: internet_available @@ -18,7 +18,7 @@ shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt" when: elgg.stat.exists is defined and not elgg.stat.exists -- name: Create a link to the versioned elgg folder +- name: Create a link to the versioned elgg-* folder file: src=./elgg-{{ elgg_version }} dest=/opt/elgg owner={{ apache_user }} @@ -36,7 +36,7 @@ group={{ apache_user }} # The name of this file changed from 1.9 to 1.10. -- name: Copy default .htaccess to the root directory of elgg tree +- name: Copy default .htaccess to the root directory of Elgg tree copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" dest="/opt/{{ elgg_xx }}/.htaccess" mode=0644 @@ -51,13 +51,13 @@ insertafter='^#RewriteBase' line="RewriteBase {{ elgg_url }}/" -- name: Change permissions on engine directory so apache can write +- name: Change permissions on engine directory so Apache can write file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory - name: Create an upload directory that Apache can write in or elgg file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }} -- name: change ownership +- name: Change ownership file: path=/opt/elgg-{{ elgg_version }} owner={{ apache_user }} group={{ apache_user }} @@ -68,7 +68,7 @@ mysql_db: name={{ dbname }} register: create_elgg_database -- name: Create a user to access the elgg database - can be run more than once +- name: Create a user to access the Elgg database - can be run more than once mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL with_items: - 127.0.0.1 @@ -95,23 +95,23 @@ - name: Install config file for elgg in Apache template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf -- name: Enable elgg for debuntu (will already be enabled above for Redhat) +- name: Enable Elgg for debuntu (will already be enabled above for Redhat) file: path=/etc/apache2/sites-enabled/elgg.conf src=/etc/apache2/sites-available/elgg.conf state=link when: elgg_enabled and is_debuntu -- name: Disable elgg for debuntu +- name: Disable Elgg for debuntu file: path=/etc/apache2/sites-enabled/elgg.conf state=absent when: not elgg_enabled and is_debuntu -- name: Disable elgg for Redhat - remove config file for elgg in Apache +- name: Disable Elgg for Redhat - remove config file for Elgg in Apache file: dest=/etc/{{ apache_config_dir }}/elgg.conf state=absent when: not elgg_enabled and is_redhat -- name: add elgg to service list +- name: Add Elgg to service list ini_file: dest='{{ service_filelist }}' section=elgg option='{{ item.option }}' From d8f0aca278422ed028cf9c44c1fb62394afaa5b4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:47:06 -0400 Subject: [PATCH 217/466] cleaner Ansible messaging --- roles/nextcloud/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 6536e7da5..06e8c9bfc 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -1,14 +1,14 @@ # we need to install the rpm in order to get the dependencies # but we only need to do this the first time -- name: See if the nextcloud startup page exists +- name: See if the Nextcloud startup page exists stat: path={{ nextcloud_prefix }}/nextcloud/index.php register: nextcloud_page # but we use the tar file to get the latest version -- name: Get the nextcloud software +- name: Get the Nextcloud software get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} when: internet_available async: 900 @@ -16,7 +16,7 @@ tags: - download -- name: ubuntu and debian treat names differently +- name: Ubuntu and Debian treat names differently package: name={{ item }} state=present with_items: - libapache2-mod-php{{ php_version }} @@ -24,7 +24,7 @@ - php{{ php_version }}-zip when: is_debian -- name: ubuntu and debian treat names differently +- name: Ubuntu and Debian treat names differently package: name={{ item }} state=present with_items: - libapache2-mod-php @@ -70,7 +70,7 @@ dest={{ nextcloud_prefix }} when: is_F18 -- name: in Centos, the following config dir is symlink to /etc/nextcloud +- name: In CentOS, the following config dir is symlink to /etc/nextcloud file: path=/etc/nextcloud state=directory when: is_centos @@ -83,7 +83,7 @@ mode=0640 when: is_centos -- name: Make apache owner +- name: Make Apache owner file: path={{ nextcloud_prefix }}/nextcloud owner={{ apache_user }} group={{ apache_user }} @@ -99,11 +99,11 @@ with_items: - "{{ nextcloud_data_dir }}" -- name: Create a mysql database for nextcloud +- name: Create a MySQL database for Nextcloud mysql_db: name={{ nextcloud_dbname }} when: mysql_enabled and nextcloud_enabled -- name: Create a user to access the nextcloud database +- name: Create a user to access the Nextcloud database mysql_user: name={{ nextcloud_dbuser }} host={{ item }} password={{ nextcloud_dbpassword }} priv={{ nextcloud_dbname }}.*:ALL,GRANT with_items: - "{{ nextcloud_dbhost }}" @@ -113,7 +113,7 @@ when: mysql_enabled and nextcloud_enabled -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted when: not nextcloud_enabled @@ -122,7 +122,7 @@ # following enables and disables - include: nextcloud_enabled.yml -- name: Add nextcloud to service list +- name: Add Nextcloud to service list ini_file: dest='{{ service_filelist }}' section=nextcloud option='{{ item.option }}' From 9cd817e3ad7d974339b8fef38c3d0712e61e65c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:53:42 -0400 Subject: [PATCH 218/466] cleaner Ansible messaging --- roles/usb-lib/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb-lib/tasks/main.yml index 3d4aee182..f158f1433 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb-lib/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Add a content directory for links to be located +- name: Add a content directory for links to be located file: dest={{ doc_root }}/local_content state=directory owner={{ apache_user }} @@ -31,24 +31,24 @@ state=absent when: not usb_lib_enabled -- name: Add apache config for content directory +- name: Add Apache config for content directory template: src=content_dir.conf dest=/etc/{{ apache_config_dir }} when: usb_lib_enabled -- name: create the link to enable for debian +- name: Create the link to enable for Debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=link when: is_debuntu -- name: remove the link that enables in debian +- name: Remove the link that enables in Debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=absent when: is_debuntu and not usb_lib_enabled -- name: remove apache config for content directory +- name: Remove Apache config for content directory file: name=/etc/{{ apache_config_dir }}/content_dir.conf state=absent when: not usb_lib_enabled @@ -62,6 +62,6 @@ - option: name value: usb-lib - option: description - value: '"usb-lib automounts a usb drive with and links to library content."' + value: '"usb-lib automounts a USB drives and links to library content."' - option: enabled value: "{{ usb_lib_enabled }}" From 72753c295d45a0c9f1e77424bce23f1c6a6820bd Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:55:15 -0400 Subject: [PATCH 219/466] cleaner README --- roles/dokuwiki/README.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/dokuwiki/README.rst b/roles/dokuwiki/README.rst index 039fa93fd..07c9a6015 100644 --- a/roles/dokuwiki/README.rst +++ b/roles/dokuwiki/README.rst @@ -1,5 +1,5 @@ =============== -Dokuwiki README +DokuWiki README =============== DokuWiki is a simple to use and highly versatile Open Source wiki software that @@ -10,12 +10,12 @@ make DokuWiki especially useful in the enterprise context and the large number o plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki. -http://dokuwiki.org/ +http://dokuwiki.org After Installation ------------------ -Head to http://schoolserver.lan/wiki. The webpage will probably throw up an error +Head to http://box.lan/wiki. The webpage will probably throw up an error saying you haven't run install.php yet, with a link to it. Click the link to be taken to the install page which does the initial configuration of the wiki. After this, you should be all set! @@ -33,4 +33,4 @@ None yet other than the basic enabled/disabled. Haven't really tested if they wo Todo ---- * Preinstall some popular plugins. -* Additional XSCE customizations. +* Additional IIAB customizations. From 62f64b309343cd73f766a9e3e4e09dae5099b29b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:56:10 -0400 Subject: [PATCH 220/466] cleaner Ansible messaging --- roles/dokuwiki/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/dokuwiki/tasks/main.yml b/roles/dokuwiki/tasks/main.yml index 9b08d1705..9841a32b6 100644 --- a/roles/dokuwiki/tasks/main.yml +++ b/roles/dokuwiki/tasks/main.yml @@ -2,7 +2,7 @@ include: install.yml when: dokuwiki_install -- name: Add dokuwiki to service list +- name: Add DokuWiki to service list ini_file: dest='{{ service_filelist }}' section=dokuwiki option='{{ item.option }}' From 0223e6d7171d6c095e92eac1ff25e44eacc4f531 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:57:21 -0400 Subject: [PATCH 221/466] cleaner Ansible messaging --- roles/dokuwiki/tasks/install.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index 796623e8c..815a23d9e 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Get the Dokuwiki software +- name: Get the DokuWiki software get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir }}/ when: internet_available @@ -8,24 +8,24 @@ - name: Symlink /library/dokuwiki* to /library/dokuwiki shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi -- name: Install config file for dokuwiki in Apache +- name: Install config file for DokuWiki in Apache template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf when: dokuwiki_enabled -- name: enable the dokuwiki +- name: Enable the DokuWiki file: path=/etc/apache2/sites-enabled/dokuwiki.conf src=/etc/apache2/sites-available/dokuwiki.conf state=link when: dokuwiki_enabled and is_debuntu -- name: disable the dokuwiki +- name: Disable the DokuWiki file: path=/etc/apache2/sites-enabled/dokuwiki.conf state=absent when: not dokuwiki_enabled and is_debuntu -- name: Change permissions on engine directory so apache can write +- name: Change permissions on engine directory so Apache can write file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted From ca7f578e14c13eadd7efcce92c562f089b084d0f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:58:40 -0400 Subject: [PATCH 222/466] cleaner README --- roles/kalite/README.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/kalite/README.rst b/roles/kalite/README.rst index 739e1d363..49aa9d972 100644 --- a/roles/kalite/README.rst +++ b/roles/kalite/README.rst @@ -1,13 +1,13 @@ ============== -KA-Lite README +KA Lite README ============== -This role installs KA-Lite, an offline version of the Khan Academy (https://www.khanacademy.org/), +This role installs KA Lite, an offline version of the Khan Academy (https://www.khanacademy.org/), written by Learning Equality (https://learningequality.org/ka-lite/). -KA Lite has two servers, a light httpd server that serves KA videos, and a cron server that sets -up cron jobs to download language packs and KA videos from the internet. There are separate flags -to enable these two servers. +KA Lite has two servers, a light httpd server that serves Khan Academy videos, and a cron server +that sets up cron jobs to download language packs and KA videos from the internet. There are +separate flags to enable these two servers. Access ------ From ebb621a2cfd25ae293b695dd1d33d9c0308717a6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:00:58 -0400 Subject: [PATCH 223/466] cleaner Ansible messaging --- roles/kalite/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kalite/tasks/main.yml b/roles/kalite/tasks/main.yml index 71aadf35c..b0c02471d 100644 --- a/roles/kalite/tasks/main.yml +++ b/roles/kalite/tasks/main.yml @@ -22,7 +22,7 @@ - include: install.yml when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 -- name: ask systemd to reread the unit files +- name: Ask systemd to reread the unit files shell: systemctl daemon-reload when: not kalite_installed.stat.exists From 1aac4fb15c95d49e441cb6ff46df0ea4f4da2176 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:02:26 -0400 Subject: [PATCH 224/466] cleaner Ansible messaging --- roles/kalite/tasks/enable.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kalite/tasks/enable.yml b/roles/kalite/tasks/enable.yml index 79614686f..0c62de120 100644 --- a/roles/kalite/tasks/enable.yml +++ b/roles/kalite/tasks/enable.yml @@ -1,12 +1,12 @@ # By the time we get here we should have ka-lite of some version # And the systemd unit files should be defined -- name: Enable kalite server +- name: Enable kalite-serve service service: name=kalite-serve enabled=yes state=started -- name: Disable kalite server +- name: Disable kalite-serve service service: name=kalite-serve enabled=no state=stopped From b1f77b10922828fa0cd9f3d5d6f22869dd487d78 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:08:41 -0400 Subject: [PATCH 225/466] cleaner Ansible messaging --- roles/kiwix/tasks/kiwix_install.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 4b6d03cf1..4d5db847a 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -1,4 +1,4 @@ -- name: Create various directories for zims +- name: Create various directories for ZIM files file: path={{ item }} owner=root group=root @@ -18,7 +18,7 @@ kiwix_first_pass: True when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists -- name: Copy kiwix library file if needed +- name: Copy Kiwix library file if needed template: src={{ item }} dest="{{ kiwix_library_xml }}" mode=0644 @@ -54,7 +54,7 @@ mode=0755 state=directory -- name: enable the mods which permit apache to proxy +- name: Enable the mods which permit Apache to proxy apache2_module: name={{ item }} with_items: - proxy @@ -71,7 +71,7 @@ when: kiwix_src_bin_only and kiwix_first_pass # workaround because unarchive does not set ownership properly -- name: Set kiwix ownership +- name: Set kiwix ownership to root [WARNING chown -R across all of /opt/iiab] command: "chown -R root:root {{ iiab_base }}" # workaround because kiwix-serve does not stay running @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: add kiwix to service list +- name: Add kiwix to service list ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' From 01a98b1f154a7b2066a00b860ca03977f0d4bb53 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:09:30 -0400 Subject: [PATCH 226/466] cleaner Ansible messaging --- roles/kiwix/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 7b8c5f262..c7409db31 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -16,7 +16,7 @@ kiwix_src_bin_only: True when: ansible_machine == "armv7l" or ansible_machine == "armv6l" -- name: Get the kiwix software +- name: Get the Kiwix software get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}" dest="{{ downloads_dir }}/{{ kiwix_src_file }}" when: internet_available From b1ec762ffbf314685ea502dab922b165e32a0693 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:16:05 -0400 Subject: [PATCH 227/466] cleaner Ansible messaging --- roles/moodle/tasks/main.yml | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index a8f75c4b8..04abeede2 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Install moodle required packages +- name: Install Moodle required packages package: name={{ item }} state=present with_items: @@ -7,7 +7,7 @@ - php-pgsql when: not is_debuntu -- name: Install moodle required packages +- name: Install Moodle required packages package: name={{ item }} state=present with_items: @@ -29,11 +29,11 @@ package: name=php-pclzip when: is_debian_8 -- name: Determine if moodle is already downloaded +- name: Determine if Moodle is already downloaded stat: path={{ moodle_base }}/config-dist.php register: moodle -- name: Download the latest moodle repo +- name: Download the latest Moodle repo git: repo={{ moodle_repo_url }} dest={{ moodle_base }} depth=1 @@ -42,30 +42,30 @@ # ignore_errors: yes when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists -- name: Prepare the downloaded directory so apache can install config file +- name: Prepare the downloaded directory so Apache can install config file file: path={{ moodle_base }} owner={{ apache_user }} recurse=yes state=directory -- name: Give apache permission to write moodle data directory +- name: Give Apache permission to write Moodle data directory file: path={{ content_base }}/dbdata/moodle owner={{ apache_user }} mode=0755 state=directory -- name: Create a moodle data dir with apache permission to write +- name: Create a Moodle data dir with Apache permission to write file: path={{ moodle_data }} owner={{ apache_user }} group={{ apache_user }} mode=0770 state=directory -- name: Remove stock moodle conf +- name: Remove stock Moodle conf file: path='/etc/{{ apache_config_dir }}/moodle.conf' state=absent -- name: Put moodle config file in place +- name: Put Moodle config file in place template: src=022-moodle.j2 dest=/etc/{{ apache_config_dir }}/022-moodle.conf owner=root @@ -73,13 +73,13 @@ mode=0644 when: moodle_enabled -- name: Enable moodle +- name: Enable Moodle file: path=/etc/apache2/sites-enabled/022-moodle.conf src=/etc/apache2/sites-available/022-moodle.conf state=link when: moodle_enabled and is_debuntu -- name: Disable moodle +- name: Disable Moodle file: path=/etc/apache2/sites-enabled/022-moodle.conf state=absent when: not moodle_enabled and is_debuntu @@ -116,24 +116,24 @@ enabled=yes when: moodle_enabled -- name: Restart apache +- name: Restart Apache service: name={{ apache_service }} state=restarted -- name: see if the config.php file exists +- name: See if the config.php file exists stat: path='{{ moodle_base }}/config.php' register: config -- name: Execute moodle startup script +- name: Execute Moodle startup script shell: '{{ moodle_base }}/moodle_installer' when: config.stat.exists is defined and not config.stat.exists -- name: Give apache permission to read config file +- name: Give Apache permission to read config file # command: chown -R {{ apache_user }} {{ moodle_base }} file: path={{ moodle_base }}/config.php mode=0644 -- name: add moodle to service list +- name: Add Moodle to service list ini_file: dest='{{ service_filelist }}' section=moodle option='{{ item.option }}' From d3017d764c41c89598ccc984531252555dc7314d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:20:21 -0400 Subject: [PATCH 228/466] cleaner Ansible messaging --- roles/postgresql/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index 73321bf7d..7574c2fc9 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install postgresql packages +- name: Install PostgreSQL packages package: name={{ item }} state=present with_items: @@ -6,13 +6,13 @@ tags: - download -- name: Install postgresql for debian +- name: Install PostgreSQL for Debian package: name=postgresql-client when: is_debuntu tags: - download -- name: Install postgresql for fedora +- name: Install PostgreSQL for Fedora package: name=postgresql-server when: not is_debuntu tags: @@ -32,12 +32,12 @@ mode=0700 state=directory -- name: make sure that the en_US locale is enabled +- name: Make sure that the en_US locale is enabled lineinfile: dest=/etc/locale.gen line="{{ postgresql_locale }} UTF-8" when: is_debuntu -- name: generate the selected locales +- name: Generate the selected locales command: /usr/sbin/locale-gen when: is_debuntu @@ -56,7 +56,7 @@ creates=/library/pgsql-iiab/pg_hba.conf when: not is_debuntu -- name: Configure postgres +- name: Configure PostgreSQL template: backup=yes src=postgresql.conf.j2 dest=/library/pgsql-iiab/postgresql.conf @@ -80,7 +80,7 @@ enabled=yes when: postgresql_enabled -- name: Stop and disable postgresql-iiab service +- name: Stop and disable postgresql service if not postgresql_enabled service: name=postgresql state=stopped enabled=no From a7cf338aa91a62f04f8e1e33ddf771e5be3500e0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:23:08 -0400 Subject: [PATCH 229/466] cleaner Ansible messaging --- roles/sugarizer/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 8bb5985ed..0e0e8efa2 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Download the latest stable version of sugarizer from location under our control +- name: Download the latest stable version of Sugarizer from location under our control get_url: url={{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz dest={{ downloads_dir }}/{{ sugarizer_version }}.tar.gz @@ -29,12 +29,12 @@ - nodejs - npm -# attempting to reinstall npm is broken on raspbian 9 -- name: check for sugarizer already installed +# attempting to reinstall npm is broken on Raspbian 9 +- name: Check for Sugarizer already installed stat: path={{ sugarizer_location }}/sugarizer/server/node_modules register: npm -- name: set a flag to abort second attempt to install +- name: Set a flag to abort second attempt to install set_fact: npm_exists: True when: npm.stat.exists is defined and npm.stat.exists @@ -68,7 +68,7 @@ chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 and not npm_exists -- name: enable services - All +- name: Enable services - All service: name={{ item.name }} enabled=yes state=restarted @@ -76,7 +76,7 @@ - { name: sugarizer } when: sugarizer_enabled -- name: disable services - All +- name: Disable services - All service: name={{ item.name }} enabled=no state=stopped @@ -84,7 +84,7 @@ - { name: sugarizer } when: not sugarizer_enabled -- name: add sugarizer to service list +- name: Add Sugarizer to service list ini_file: dest='{{ service_filelist }}' section=sugarizer option='{{ item.option }}' @@ -93,6 +93,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform"' + value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform."' - option: enabled value: "{{ sugarizer_enabled }}" From 4be8702090c0e7c9f645100326b06806251872de Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:27:17 -0400 Subject: [PATCH 230/466] cleaner Ansible messaging --- roles/munin/tasks/main.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index b8ec4cd8f..b6b6a0728 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install munin package +- name: Install Munin package package: name={{ item }} state=present with_items: @@ -11,7 +11,7 @@ - download when: is_debuntu -- name: Install munin package +- name: Install Munin package package: name={{ item }} state=present with_items: @@ -21,7 +21,7 @@ - download when: not is_debuntu -- name: Copy munin config file +- name: Copy Munin config file template: src={{ item.src }} dest={{ item.dest }} owner=root @@ -44,13 +44,13 @@ state=started when: munin_enabled -- name: Enable apache lookup +- name: Enable Apache lookup file: src=/etc/apache2/sites-available/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf state=link when: munin_enabled and is_debuntu -- name: disable apache lookup +- name: Disable Apache lookup file: src=/etc/apache2/sites-available/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf state=absent @@ -62,7 +62,7 @@ state=stopped when: not munin_enabled -- name: If mysql is enabled, let munin monitor it +- name: If MySQL is enabled, let Munin monitor it copy: dest=/etc/munin/plugins/ src={{ item }} with_items: @@ -89,4 +89,3 @@ value: "{{ munin_install }}" - option: enabled value: "{{ munin_enabled }}" - From fbb68bdee65aad7832c2618fd8369f104ce66d71 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:29:49 -0400 Subject: [PATCH 231/466] cleaner Ansible messaging --- roles/vnstat/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 2cfce0b0c..97ddea6c7 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -7,24 +7,24 @@ tags: - download -- name: put the config file in place +- name: Put the config file in place template: src=vnstat.conf.j2 dest=/etc/vnstat.conf mode=0744 owner=root group=root -- name: create database for wan to collect vnstat data +- name: Create database for WAN to collect vnStat data shell: /usr/bin/vnstat -i {{ iiab_wan_iface }} -- name: create database for lan to collect vnstat data if not appliace config +- name: Create database for LAN to collect vnStat data if not appliance config shell: /usr/bin/vnstat -i {{ iiab_lan_iface }} when: not iiab_lan_iface == "" -- name: start vnstat daemon via systemd +- name: Start vnStat daemon via systemd service: name=vnstat enabled=yes state=started -- name: Add vnstat to service list +- name: Add vnStat to service list ini_file: dest='{{ service_filelist }}' section=vnstat option='{{ item.option }}' From 113b3c496f30477f4c4b3f5aa63b5e2cda5b6b46 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:32:45 -0400 Subject: [PATCH 232/466] cleaner Ansible messaging --- roles/phpmyadmin/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 1218019d6..a73c70ee2 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,24 +1,24 @@ - - name: Get the phpmyadmin software + - name: Get the phpMyAdmin software get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir }}/phpMyAdmin.zip" when: internet_available - name: Copy it to permanent location /opt unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/ - - name: Create a symbolic link to the folder of the current version phpmyadmin + - name: Create a symbolic link to the folder of the current version phpMyAdmin file: path=/opt/phpmyadmin src=phpMyAdmin-4.7.5-all-languages state=link - - name: Copy the phpmyadmin config file into place + - name: Copy the phpMyAdmin config file into place template: src=config.inc.php dest=/opt/phpmyadmin/config.inc.php - - name: Change the owner of the php tree to apache + - name: Change the owner of the PHP tree to Apache shell: "chown -R {{ apache_user }} /opt/phpmyadmin" - name: Put the alias into Apache config when enabled template: src=phpmyadmin.j2 dest=/etc/{{ apache_config_dir }}/phpmyadmin.conf when: phpmyadmin_enabled - - name: Enable phpmyadmin + - name: Enable phpMyAdmin file: path=/etc/apache2/sites-enabled/phpmyadmin.conf src=/etc/apache2/sites-available/phpmyadmin.conf state=link @@ -29,7 +29,7 @@ state=absent when: not phpmyadmin_enabled and is_debuntu - - name: add phpmyadmin to service list + - name: Add phpmyadmin to service list ini_file: dest='{{ service_filelist }}' section=phpmyadmin option='{{ item.option }}' @@ -38,7 +38,7 @@ - option: name value: phpMyAdmin - option: description - value: '"phpMyAdmin is an interface with a mysql database written in php, and available to administer the database engine locally or across the network"' + value: '"phpMyAdmin is an interface with a MySQL database written in PHP, and available to administer the database engine locally or across the network."' - option: path value: /opt/phpmyadmin - option: enabled From 2904163eeea7432f5ee772025f69f79444bc8fb5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:51:16 -0400 Subject: [PATCH 233/466] clarify Ansible output --- roles/kiwix/tasks/kiwix_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 4d5db847a..e27760ae5 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: Add kiwix to service list +- name: Add kiwix-serve to list of services ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' From 71cb3ec713b11d106d3f8641fc0a5201aefa038e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:41:24 -0400 Subject: [PATCH 234/466] cleaner Ansible output --- roles/2-common/tasks/packages.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 57bef55e5..700159be6 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -19,7 +19,7 @@ shell: createrepo {{ yum_packages_dir }} when: is_redhat -- name: Install local repo file. +- name: Install local repo file template: dest=/etc/yum.repos.d/iiab-local.repo src=local.repo owner=root @@ -91,7 +91,7 @@ #- name: Run the install script for pip # command: python {{ downloads_dir }}/get-pip.py -- name: Install Common python packages +- name: Install common Python packages package: name={{ item }} state=present with_items: @@ -99,7 +99,7 @@ - python-setuptools - python-virtualenv -- name: Update common packages (not debian +- name: Update common packages (not Debian) package: name={{ item }} state=latest with_items: @@ -109,7 +109,7 @@ - iptables when: is_redhat -- name: Update common packages (debian) +- name: Update common packages (Debian) package: name={{ item }} state=latest with_items: From 8d58b1cfbb2d923a5bba7274c94136b2f3fcc89c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:44:19 -0400 Subject: [PATCH 235/466] cleaner Ansible output --- roles/iiab-admin/tasks/admin-user.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/iiab-admin/tasks/admin-user.yml b/roles/iiab-admin/tasks/admin-user.yml index c08af46bc..3a72a9272 100644 --- a/roles/iiab-admin/tasks/admin-user.yml +++ b/roles/iiab-admin/tasks/admin-user.yml @@ -32,24 +32,24 @@ # backup=yes -- name: edit the sudoers file--first make it editable +- name: Edit the sudoers file -- first make it editable shell: chmod 0640 /etc/sudoers -- name: have sudo log all commands it handles +- name: Have sudo log all commands it handles lineinfile: regexp=logfile line='Defaults logfile = /var/log/sudo.log' state=present dest=/etc/sudoers -- name: lets wheel sudo without password +- name: Lets wheel sudo without password lineinfile: line: "%wheel ALL= NOPASSWD: ALL" dest: /etc/sudoers -- name: remove the line which requires tty +- name: Remove the line which requires tty lineinfile: regexp=requiretty state=absent dest=/etc/sudoers -- name: end editing the sudoers file-- protect it again +- name: End editing the sudoers file -- protect it again shell: chmod 0440 /etc/sudoers From d6bbb9cd07af0bfad7fa8ecab98f9b636f581d31 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:49:55 -0400 Subject: [PATCH 236/466] More readable Ansible output --- roles/network/tasks/wondershaper.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index fb12b245e..7c27d507e 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -1,10 +1,10 @@ -- name: copy wshaper service script +- name: Copy Wondershaper service script template: backup=yes src=wondershaper/wondershaper.service dest=/etc/systemd/system/wondershaper.service mode=0644 -- name: copy wshaper script +- name: Copy Wondershaper script template: backup=yes src=wondershaper/wondershaper.j2 dest=/usr/bin/wondershaper @@ -12,21 +12,21 @@ group=root mode=0744 -- name: create conf.d directory +- name: Create conf.d directory file: path=/etc/conf.d owner=root group=root mode=0755 state=directory -- name: copy wshaper config script +- name: Copy Wondershaper config script template: src=wondershaper/wondershaper.conf dest=/etc/conf.d/wondershaper.conf owner=root group=root mode=0600 -- name: create fact for wondershaper config file +- name: Create fact for Wondershaper config file file: src=/etc/conf.d/wondershaper.conf dest=/etc/ansible/facts.d/wondershaper.fact owner=root @@ -42,6 +42,6 @@ - option: name value: wondershaper - option: description - value: '"Wondershaper is a command line tool to set maximum transfer rates for network adapters"' + value: '"Wondershaper is a command line tool to set maximum transfer rates for network adapters."' - option: enabled value: "{{ wondershaper_enabled }}" From c8b7bba77f76016d0c421ddf06836dbc929dd25d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:53:43 -0400 Subject: [PATCH 237/466] More readable Ansible output --- roles/network/tasks/named.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 0113d7672..638bdd423 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -1,4 +1,4 @@ -- name: Install named packages +- name: Install named packages for Debian/Debuntu package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Install named packages +- name: Install named packages for non Debian/Debuntu package: name={{ item }} state=present with_items: @@ -64,7 +64,7 @@ - { src: 'named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} -- name: substitute our unit file which uses $OPTIONS from sysconfig +- name: Substitute our unit file which uses $OPTIONS from sysconfig template: src=named/{{ dns_service }}.service dest=/etc/systemd/system/{{ dns_service }}.service mode=0644 @@ -80,13 +80,13 @@ state=link when: is_debuntu and dns_jail_enabled -- name: Separate enabling/disabling required for debian +- name: Separate enabling/disabling required for Debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=absent when: is_debuntu and not dns_jail_enabled -- name: Separate enabling/disabling required for non debian +- name: Separate enabling/disabling required for non Debian file: path=/etc/{{ apache_config_dir }}/dns-jail.conf state=absent when: not is_debuntu and not dns_jail_enabled From 998825769322820a35459dfe233f0d1c8004cf85 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:56:46 -0400 Subject: [PATCH 238/466] More readable Ansible output --- roles/elgg/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index d76b35fe4..f2d56ecf2 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -64,7 +64,7 @@ recurse=yes state=directory -- name: Create a mysql database for elgg - can be run more than once +- name: Create a MySQL database for Elgg - can be run more than once mysql_db: name={{ dbname }} register: create_elgg_database From 5e891828760224c01c90596ca6833f8ab8aba5f1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:59:36 -0400 Subject: [PATCH 239/466] More readable Ansible output --- roles/network/tasks/rpi_debian.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 62f627690..97715d1c2 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -18,11 +18,11 @@ package: name=resolvconf state=absent -- name: on upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 +- name: On upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent -- name: default to lan controller +- name: Default to LAN Controller set_fact: gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined @@ -53,21 +53,21 @@ ignore_errors: True when: interface.changed -- name: and remove the device +- name: And remove the device command: brctl delbr br0 ignore_errors: True when: interface.changed -- name: reset the eth0 interface +- name: Reset the eth0 interface command: ifdown eth0 ignore_errors: True when: interface.changed -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted when: interface.changed -- name: start up hostapd again +- name: Start up hostapd again service: name=hostapd state=started when: interface.changed From 15e8ef565ed61862441c0688ba300d762c5a0943 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:02:21 -0400 Subject: [PATCH 240/466] More readable Ansible output --- roles/network/tasks/hostapd.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index e4eccedb6..6b56a675c 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -6,7 +6,7 @@ mode=0644 when: iiab_wireless_lan_iface != "none" -- name: Disable the Access Point Hostapd program +- name: Disable the Access Point hostapd program service: enabled=no name=hostapd.service state=stopped @@ -19,10 +19,10 @@ group=root mode=0644 -- name: ask systemd to reread the unit files for hostapd +- name: Ask systemd to reread the unit files for hostapd shell: systemctl daemon-reload -- name: Enable the Access Point Hostapd program +- name: Enable the Access Point hostapd program service: enabled=yes name=hostapd.service state=restarted From a5ebc31991ca0f88620e8d679afedc909a0e47fc Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:05:27 -0400 Subject: [PATCH 241/466] More readable Ansible output --- roles/network/tasks/debian.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index a8ef6ce9c..859a9a51a 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -10,21 +10,21 @@ # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway -- name: in upgrade from earlier 6.2, delete the resolvconf +- name: In upgrade from earlier IIAB 6.2, delete the resolvconf package: name=resolvconf state=absent enabled=False ignore_errors: True -- name: Get the dhcp client daemon used in recent raspbian +- name: Get the dhcp client daemon used in recent Raspbian package: name=dhcpcd5 state=present -- name: for upgrades from earlier 6.2, remove br0 file +- name: For upgrades from earlier IIAB 6.2, remove br0 file file: path=/etc/network/interfaces.d/br0 state=absent -- name: default to lan controller +- name: Default to LAN Controller set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined @@ -38,7 +38,7 @@ src=network/iiab.j2 register: interface -- name: start up the dhcpcd service +- name: Start up the dhcpcd service service: name=dhcpcd enabled=True state=started @@ -51,11 +51,11 @@ service: name=bind9 state=stopped when: interface.changed -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted when: interface.changed -- name: start up hostapd again +- name: Start up hostapd again service: name=hostapd state=started when: interface.changed From 753752ae9b0850ce1d75640ceda011dc3cb8d20b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:08:35 -0400 Subject: [PATCH 242/466] clean Ansible output --- roles/network/tasks/redetect.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/redetect.yml b/roles/network/tasks/redetect.yml index afb3138d5..638b5b0e0 100644 --- a/roles/network/tasks/redetect.yml +++ b/roles/network/tasks/redetect.yml @@ -27,12 +27,12 @@ debug: msg="NO WAN known" when: not has_WAN -- name: Finding connection name for wifi AP gateway first +- name: Finding connection name for WiFi AP gateway first shell: egrep -rn NAME /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' register: ap_name when: has_wifi_gw != "none" and has_ifcfg_gw != "none" -- name: Trying wifi first +- name: Trying WiFi first shell: nmcli conn up id {{ ap_name.stdout }} register: try_wifi ignore_errors: yes @@ -69,7 +69,7 @@ has_WAN: False when: dhcp_WAN is defined and dhcp_WAN|failed and wan_ip == "dhcp" -- name: interface list +- name: Interface list shell: ls /sys/class/net | grep -v -e lo -e br -e tun register: adapter_list @@ -134,7 +134,7 @@ ### keep at end. ### If dhcp fails the single interface will become LAN again because we didn't prevent the creation # Now disable LAN if single interface -- name: DHCP found on Single interface forcing LAN disabled. +- name: DHCP found on Single interface forcing LAN disabled set_fact: iiab_lan_iface: "none" when: dhcp_good and adapter_count.stdout|int == "1" From 4a76c927cea9a00ba67832b647e4d462442627c8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:12:05 -0400 Subject: [PATCH 243/466] clean Ansible output --- roles/network/tasks/avahi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index 289cca8d7..517ddb808 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -50,7 +50,7 @@ dest='/etc/avahi/services/' when: is_debuntu -- name: set ssh port for avahi +- name: Set ssh port for avahi lineinfile: dest=/etc/avahi/services/ssh.service regexp='$' line=' {{ ssh_port }}' From 3ee4beda1963fd26abe66bf25d3c8501912824a3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:15:10 -0400 Subject: [PATCH 244/466] clean Ansible output --- roles/network/tasks/edit_ifcfg.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/edit_ifcfg.yml b/roles/network/tasks/edit_ifcfg.yml index fb8076722..90a1d368f 100644 --- a/roles/network/tasks/edit_ifcfg.yml +++ b/roles/network/tasks/edit_ifcfg.yml @@ -1,4 +1,4 @@ -- name: Turn off isp nameservers +- name: Turn off ISP nameservers lineinfile: state=present backrefs=yes regexp='^PEERDNS' @@ -34,9 +34,9 @@ dest={{ has_ifcfg_gw }} when: iiab_wan_iface != "none" and has_wifi_gw == "none" -- name: add marker +- name: Add marker lineinfile: state=present - line="# Modified by XSCE" + line="# Modified by IIAB" dest={{ has_ifcfg_gw }} - name: Rename supplied gateway ifcfg file to WAN if present From 7431fe572ed00302a493c895fcaf7288039c2f56 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:17:09 -0400 Subject: [PATCH 245/466] cleaner --- roles/network/tasks/rpi_debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 97715d1c2..9c5e39cf0 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -18,7 +18,7 @@ package: name=resolvconf state=absent -- name: On upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 +- name: On upgrade from earlier IIAB versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent From 37148b3cf85e410244cb59ff358a6ef10596bbb2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:22:06 -0400 Subject: [PATCH 246/466] cleaner Ansible output --- roles/network/tasks/enable_services.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 623ede0e9..66a3d6abf 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -39,12 +39,12 @@ enabled=no when: not named_enabled -- name: Enable dansguardian +- name: Enable DansGuardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install -- name: Disable dansguardian +- name: Disable DansGuardian service: name=dansguardian enabled=no when: not dansguardian_enabled and dansguardian_install @@ -54,7 +54,7 @@ creates=/etc/sysconfig/xs_httpcache_on when: squid_enabled -- name: Enable squid service +- name: Enable Squid service service: name={{ proxy }} enabled=yes when: squid_enabled and squid_install @@ -73,13 +73,13 @@ mode: '0644' when: squid_enabled and squid_install -- name: point to Squid config file from startup file +- name: Point to Squid config file from startup file lineinfile: regexp='^CONFIG' line='CONFIG=/etc/{{ proxy }}/squid-iiab.conf' dest=/etc/init.d/{{ proxy }} when: squid_enabled and squid_install and is_debuntu -- name: Disable squid service +- name: Disable Squid service service: name={{ proxy }} enabled=no when: not squid_enabled and squid_install @@ -89,12 +89,12 @@ state=absent when: not squid_enabled -- name: Enable wondershaper service +- name: Enable Wondershaper service service: name=wondershaper enabled=yes when: wondershaper_enabled and wondershaper_install -- name: Disable wondershaper service +- name: Disable Wondershaper service service: name=wondershaper enabled=no when: not wondershaper_enabled and wondershaper_install @@ -122,7 +122,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add dansguardian to service list +- name: Add DansGuardian to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' From 3b9940c16e6e4dc4dbe32fc65510009883dc529e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:09:12 -0400 Subject: [PATCH 247/466] cleaner --- roles/network/tasks/NM.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/NM.yml b/roles/network/tasks/NM.yml index fb31c23d3..3bbe5a872 100644 --- a/roles/network/tasks/NM.yml +++ b/roles/network/tasks/NM.yml @@ -1,4 +1,4 @@ -- name: restart NetworkManager services +- name: Restart NetworkManager services service: name=NetworkManager enabled=yes state=stopped From eab8010b0a86d6a3ed98612dc1d3cbf619e059a6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:13:11 -0400 Subject: [PATCH 248/466] cleaner --- roles/network/tasks/computed_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 4b4b0f1ef..85d4e8379 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -20,7 +20,7 @@ iiab_demo_mode: True when: teamviewer_install and not strict_networking -- name: XO wants usb wifi interface as AP mode +- name: XO laptop wants USB WiFi interface as AP mode set_fact: iiab_wireless_lan_iface: "{{ discovered_lan_iface }}" when: num_wifi_interfaces >= "2" and xo_model != "none" and discovered_wan_iface != "none" and discovered_wireless_iface == "eth0" @@ -32,7 +32,7 @@ gui_static_wan_ip: undefined when: gui_static_wan_ip != "unset" and not gui_static_wan -- name: undo gui-static-wan by requesting new template file +- name: Undo gui-static-wan by requesting new template file set_fact: has_WAN: False when: gui_static_wan_ip != "unset" and not gui_static_wan @@ -81,7 +81,7 @@ when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController" # override with user_wan_iface setting if no longer in auto -- name: setting user WAN fact +- name: Setting user WAN fact set_fact: iiab_wan_iface: "{{ user_wan_iface }}" when: user_wan_iface != "auto" @@ -136,11 +136,11 @@ when: 'user_lan_iface != "auto"' # so this works -- name: interface count +- name: Interface count shell: ls /sys/class/net | grep -v -e lo | wc | awk '{print $1}' register: adapter_count -# well if there ever was a point to tell the user thing are FUBAR this is it. +# well if there ever was a point to tell the user things are FUBAR this is it. - name: We're hosed no work interfaces set_fact: iiab_network_mode: "No_network_found" From 9d97750b6ddb56785ad3883c2330497b579d3490 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:16:13 -0400 Subject: [PATCH 249/466] more readable --- roles/network/tasks/dansguardian.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index a51f190ff..64610759d 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -1,4 +1,4 @@ -- name: Install dansguardian packages +- name: Install DansGuardian packages package: name={{ item }} state=present with_items: @@ -6,7 +6,7 @@ tags: - download -- name: Copy dansguardian config file +- name: Copy DansGuardian config file template: src=squid/dansguardian.conf.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -14,7 +14,7 @@ mode=0640 when: ansible_distribution == "Fedora" -- name: Copy dansguardian config file +- name: Copy DansGuardian config file template: src=squid/dansguardian.conf.debian.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -22,7 +22,7 @@ mode=0640 when: is_debuntu -- name: Copy dansguardian config file for CentOS +- name: Copy DansGuardian config file for CentOS template: src=squid/dansguardian.conf.centos.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -30,7 +30,7 @@ mode=0640 when: ansible_distribution == "CentOS" -- name: Create dansguardian log directory +- name: Create 'dansguardian' log directory file: path=/var/log/dansguardian owner=dansguardian group=dansguardian @@ -38,7 +38,7 @@ state=directory when: ansible_distribution != "CentOS" -- name: Create dansguardian log directory for CentOS +- name: Create DansGuardian log directory for CentOS file: path=/var/log/dansguardian owner=dansguardian group=vscan From ee55dea59b3f47e027c6516361e83cc79d8e9d6e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:19:59 -0400 Subject: [PATCH 250/466] a bit better/cleaner --- roles/network/tasks/computed_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 85d4e8379..0ff415e57 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -1,7 +1,7 @@ # just lie about active gateway present on XOs to suppress ifcfg-WAN # auto-creation/moving with XOs using NM/system-connections/ via keyfile. # ifcfg-rh acts on /etc/sys*/net*/ifcfg-* where we search for devices. -- name: Setting XO has wifi gateway +- name: Setting XO has WiFi gateway set_fact: user_wan_iface: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" and xo_model != "none" and has_ifcfg_gw == "none" @@ -64,7 +64,7 @@ # gui wants LanController # keeps ifcfg-WAN but onboot=no # the change over might be a little bumpy ATM. -- name: Setting GUI wants LanController +- name: Setting GUI wants 'LanController' set_fact: device_gw: "none" user_wan_iface: "none" @@ -114,17 +114,17 @@ user_wan_iface: "{{ discovered_lan_iface }}" when: num_lan_interfaces == "1" and user_lan_iface == "auto" and user_wan_iface == "auto" -- name: No LAN configured - Appliance mode +- name: No LAN configured - 'Appliance' mode set_fact: iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" -- name: LAN configured - LanController mode +- name: LAN configured - 'LanController' mode set_fact: iiab_network_mode: "LanController" when: iiab_lan_iface != "" and iiab_wan_iface == "none" -- name: LAN configured - Gateway mode +- name: LAN configured - 'Gateway' mode set_fact: iiab_network_mode: "Gateway" when: iiab_lan_iface != "none" and iiab_wan_iface != "none" From 9fdcd5cbaa92ff89a18323c1083cee4ddbbe1265 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:24:19 -0400 Subject: [PATCH 251/466] cleaner output --- roles/network/tasks/detected_network.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 0676934b6..ca92d29f9 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -61,30 +61,30 @@ with_items: - "{{ wireless_list2.stdout_lines }}" -- name: Count Wifi ifaces +- name: Count WiFi ifaces shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l" register: count_wifi_interfaces -- name: Remember number of Wifi devices +- name: Remember number of WiFi devices set_fact: num_wifi_interfaces: "{{ count_wifi_interfaces.stdout|int }}" # XO hack here ap_device would not be active therefore not set with # wired as gw use ap_device to exclude eth0 from network calulations -- name: XO override 2 wifi on LAN +- name: XO laptop override 2 WiFi on LAN set_fact: ap_device: "eth0" when: iiab_wan_iface != "eth0" and discovered_wireless_iface != "none" and xo_model == "XO-1.5" # takes adapter name -- name: Blacklisted wifi adapter +- name: Blacklisted WiFi adapter set_fact: ap_device: "{{ blacklist_wifi }}" when: blacklist_wifi is defined and discovered_wireless_iface != iiab_wan_iface and num_wifi_interfaces >= "2" # LAN - pick non WAN's -- name: Create list of LAN (non wan) ifaces +- name: Create list of LAN (non WAN) ifaces shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} register: lan_list_result ignore_errors: True @@ -92,7 +92,7 @@ # Select an adapter that is not WAN and not wireless # if there is more than one the last one wins -- name: Set iiab discovered lan fact +- name: Set IIAB discovered_lan_iface fact set_fact: discovered_lan_iface: "{{ item|trim }}" when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface @@ -128,12 +128,12 @@ # moved to detected_redhat # use value only if present -- name: Setting detected lan +- name: Setting detected LAN set_fact: iiab_lan_iface: "{{ discovered_lan_iface }}" when: 'discovered_lan_iface != "none" and num_lan_interfaces == "1"' -- name: for debian, always use bridging +- name: For Debian, always use bridging set_fact: iiab_lan_iface: br0 when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' From 28ee464753f4e40d6636139c81c9878f9b2a8bf3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:26:27 -0400 Subject: [PATCH 252/466] cleaner Ansible output --- roles/network/tasks/detected_redhat.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/detected_redhat.yml b/roles/network/tasks/detected_redhat.yml index cb767758e..0936e1f91 100644 --- a/roles/network/tasks/detected_redhat.yml +++ b/roles/network/tasks/detected_redhat.yml @@ -42,13 +42,13 @@ ignore_errors: True changed_when: False -- name: Set has ifcfg gw based on on macaddress if found +- name: Set has ifcfg gw based on macaddress if found set_fact: has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}" when: ifcfg_gw_mac is defined and ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" # could use something else - Can Fail -- name: Find wifi gateway config if present - Can Fail +- name: Find WiFi gateway config if present - Can Fail shell: egrep -rn ESSID /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | gawk -F '/' '{print $5}' register: ifcfg_WAN_wifi ignore_errors: True @@ -61,13 +61,13 @@ with_items: - "{{ ifcfg_WAN_wifi.stdout_lines }}" -- name: Finding device for wifi AP gateway - Can Fail +- name: Finding device for WiFi AP gateway - Can Fail shell: egrep -rn DEVICE /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' when: has_wifi_gw != "none" and has_ifcfg_gw != "none" register: AP_device ignore_errors: True -- name: Setting wifi device +- name: Setting WiFi device set_fact: ap_device: "{{ AP_device.stdout }}" when: AP_device.stdout is defined and AP_device.stdout != "" From bb3e4d0eb582727cf35cd7a65ff52ec963067f10 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:28:17 -0400 Subject: [PATCH 253/466] Apostrophe --- roles/network/tasks/dhcpd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index 9d7ea39ba..b26ecf73c 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -31,7 +31,7 @@ creates=/var/lib/dhcpd/dhcpd.leases when: is_redhat -- name: Check leases permissions +- name: Check lease's permissions file: path=/var/lib/dhcpd/dhcpd.leases owner=dhcpd group=dhcpd From 721e1c97edfe5e5efa069522aabd82510a36717f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:30:54 -0400 Subject: [PATCH 254/466] Update ifcfg_mods.yml --- roles/network/tasks/ifcfg_mods.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 8add78ffd..b98c9a019 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -1,4 +1,4 @@ -- name: Stop the Access Point Hostapd program +- name: Stop the Access Point hostapd program service: name=hostapd.service state=stopped when: iiab_wireless_lan_iface != "none" From 4aa5ada670736d0c7afb3ae7eefe1f5a42d4f7e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:32:06 -0400 Subject: [PATCH 255/466] Update iptables.yml --- roles/network/tasks/iptables.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/iptables.yml b/roles/network/tasks/iptables.yml index e9eac5e28..25ded7d8c 100644 --- a/roles/network/tasks/iptables.yml +++ b/roles/network/tasks/iptables.yml @@ -50,7 +50,7 @@ - { 0: 'gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' } - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' } -- name: Install debian config +- name: Install Debian config template: src=gateway/iptables dest=/etc/network/if-pre-up.d/iptables mode=0755 when: is_debuntu From bc7efdd8d950524e89e4533df9c03e95eb5f1389 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:34:00 -0400 Subject: [PATCH 256/466] slight bit cleaner --- roles/network/tasks/restart.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index b9d6adaab..67ec681a5 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -16,28 +16,28 @@ when: named_enabled register: dns_started -- name: Stop dansguardian +- name: Stop DansGuardian service: name=dansguardian state=stopped when: not dansguardian_enabled and dansguardian_install -- name: Restart dansguardian +- name: Restart DansGuardian service: name=dansguardian state=restarted when: dansguardian_enabled and dansguardian_install -- name: Stop squid service +- name: Stop Squid service service: name={{ proxy }} state=stopped when: not squid_enabled and squid_install # Squid get re-loaded with dispatcher.d -- name: Restart squid service +- name: Restart Squid service service: name={{ proxy }} state=started when: squid_enabled and squid_install -- name: Restart wondershaper service +- name: Restart Wondershaper service service: name=wondershaper state=restarted when: wondershaper_enabled From 052305979f6bcc0c18c7fd5036cc32652e8b420b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:36:33 -0400 Subject: [PATCH 257/466] cleaner messaging --- roles/network/tasks/squid.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 3b0c55d8f..595a24e06 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -1,4 +1,4 @@ -- name: Install squid packages +- name: Install Squid packages package: name={{ item }} state=present with_items: @@ -7,7 +7,7 @@ tags: - download -- name: Create the squid user +- name: Create the Squid user user: name={{ proxy_user }} createhome=False shell=/bin/false @@ -50,14 +50,14 @@ group: 'root' mode: '0755' -- name: Create squid cache directory +- name: Create Squid cache directory file: path=/library/cache owner={{ proxy_user }} group={{ proxy_user }} mode=0750 state=directory -- name: Create squid log directory +- name: Create Squid log directory file: path=/var/log/{{ proxy }} owner={{ proxy_user }} group={{ proxy_user }} @@ -73,7 +73,7 @@ ignore_errors: yes when: not installing -- name: Add squid to service list +- name: Add Squid to service list ini_file: dest='{{ service_filelist }}' section={{ proxy }} option='{{ item.option }}' @@ -86,7 +86,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add dansguardian to service list +- name: Add 'dansguardian' to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' @@ -95,6 +95,6 @@ - option: name value: dansguardian - option: description - value: '"Dansguardian searches web content for sexual references and denies access when found"' + value: '"DansGuardian searches web content for obectionable references and denies access when found."' - option: enabled value: "{{ dansguardian_enabled }}" From 68cd077b40ffe15f169996607a681662c9b7871d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:37:37 -0400 Subject: [PATCH 258/466] cleaner Ansible output --- roles/network/tasks/static.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/static.yml b/roles/network/tasks/static.yml index 485a8b1db..4168ab9a7 100644 --- a/roles/network/tasks/static.yml +++ b/roles/network/tasks/static.yml @@ -1,6 +1,6 @@ # supply an ifcfg if no gateway detected but wan_ip is set # set user_wan_iface: and use wan_* for static info -- name: Supply wan interface file +- name: Supply WAN interface file template: src=network/ifcfg-WAN.j2 dest=/etc/sysconfig/network-scripts/ifcfg-WAN @@ -12,7 +12,7 @@ ignore_errors: yes when: 'ansible_distribution_version >= "21" and wan_ip != "dhcp"' -- name: use upstream nameserver until named is installed +- name: Use upstream nameserver until named is installed lineinfile: dest=/etc/resolv.conf line='nameserver {{ wan_nameserver }}' create=yes From 1df73baf706cbbdbdf1996533f4d88596f588469 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:43:15 -0400 Subject: [PATCH 259/466] refined --- roles/network/tasks/computed_network.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 0ff415e57..1257ec34f 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -75,7 +75,7 @@ # single interface vars/ users would need to set iiab_wan_enabled False as above, to disable the WAN # and set user_lan_iface = to suppress the auto detection for the same effect. -- name: Setting user_lan_iface for LanController for single interface +- name: Setting user_lan_iface for 'LanController' for single interface set_fact: user_lan_iface: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController" @@ -93,14 +93,14 @@ when: 'not iiab_lan_enabled' # gui wants Appliance Note: could of used iiab_lan_enabled false -- name: Setting GUI wants Appliance +- name: Setting GUI wants 'Appliance' set_fact: user_lan_iface: "none" iiab_gateway_enabled: "False" when: gui_desired_network_role is defined and gui_desired_network_role == "Appliance" # gui wants Gateway -- name: Setting GUI wants and has active Gateway +- name: Setting GUI wants and has active 'Gateway' set_fact: user_lan_iface: "auto" user_wan_iface: "{{ iiab_wan_iface }}" @@ -146,7 +146,7 @@ iiab_network_mode: "No_network_found" when: adapter_count.stdout|int == "0" -# well if there ever was a point to tell the user thing are FUBAR this is it. +# well if there ever was a point to tell the user things are FUBAR this is it. - name: I'm not guessing declare gateway please set_fact: iiab_network_mode: "Undetectable_use_local_vars" From bc10993ec3d3d1a90861bafee1f3045a9dc5a28b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:44:36 -0400 Subject: [PATCH 260/466] refined --- roles/network/tasks/debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 859a9a51a..27e50359d 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -24,7 +24,7 @@ file: path=/etc/network/interfaces.d/br0 state=absent -- name: Default to LAN Controller +- name: Default to 'lan_controller' set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined From d38627f05353b055f835b8cdf76d12674fe3c221 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:49:00 -0400 Subject: [PATCH 261/466] refined --- roles/network/tasks/detected_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index ca92d29f9..f8e1e569a 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -20,13 +20,13 @@ device_gw2: "{{ prior_gw.stdout }}" when: not first_run and prior_gw is defined and prior_gw.stdout != "" -- name: Setting wan if detected +- name: Setting WAN if detected set_fact: iiab_wan_iface: "{{ discovered_wan_iface }}" device_gw: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" -- name: RedHat Network detection +- name: RedHat network detection include: detected_redhat.yml when: is_redhat @@ -46,14 +46,14 @@ - "{{ wireless_list1.stdout_lines }}" # WIRELESS -- Sigh... Not all drivers update /proc/net/wireless correctly -- name: Look for any wireless interfaces take 2 +- name: Look for any wireless interfaces (take 2) shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}'" register: wireless_list2 ignore_errors: True changed_when: False # Last device is used -- name: Set the discovered wireless, if found take 2 +- name: Set the discovered wireless, if found (take 2) set_fact: wifi2: "{{ item|trim }}" discovered_wireless_iface: "{{ item|trim }}" @@ -118,7 +118,7 @@ # num_lan_interfaces: "1" # when: iiab_lan_enabled and iiab_wan_enabled and num_lan_interfaces == "2" and discovered_wireless_iface != "none" and iiab_wan_iface == "none" -- name: Set the variable for wireless_iface if present +- name: Set variable discovered_wireless_iface if present set_fact: iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}" when: discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface From dfc0641e19dad7d8fe002b6d6fdbff8b4c010b3e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:51:20 -0400 Subject: [PATCH 262/466] refined --- roles/network/tasks/enable_services.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 66a3d6abf..308a3056f 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -113,7 +113,7 @@ - name: Execute the script that sets up userspace firewall shell: iiab-gen-iptables -- name: Add squid to service list +- name: Add 'squid' to service list ini_file: dest='{{ service_filelist }}' section=squid option='{{ item.option }}' @@ -122,7 +122,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add DansGuardian to service list +- name: Add 'dansguardian' to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' @@ -131,7 +131,7 @@ - option: enabled value: "{{ dansguardian_enabled }}" -- name: Add wondershaper to service list +- name: Add 'wondershaper' to service list ini_file: dest='{{ service_filelist }}' section=wondershaper option='{{ item.option }}' From 7414763721556907b8bcb8dedbe42bbbb3a97992 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:53:46 -0400 Subject: [PATCH 263/466] refined --- roles/network/tasks/named.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 638bdd423..182a58f88 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -74,7 +74,7 @@ template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ when: dns_jail_enabled -- name: Separate enabling required for debian +- name: Separate enabling required for Debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=link From 9cd03ceb85669a66a09c41da2074c61db25c6982 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:55:24 -0400 Subject: [PATCH 264/466] refined --- roles/network/tasks/redetect.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/redetect.yml b/roles/network/tasks/redetect.yml index 638b5b0e0..7ecfb9903 100644 --- a/roles/network/tasks/redetect.yml +++ b/roles/network/tasks/redetect.yml @@ -44,7 +44,7 @@ when: try_wifi is defined and try_wifi.changed # We have the DEVICE? -- name: Now setting iiab_wan_iface based on wifi +- name: Now setting iiab_wan_iface based on WiFi set_fact: iiab_wan_iface: "{{ dhcp_wifi_results.stdout }}" dhcp_good: True From 01eb8f3528c5a66d720190c0c01659256ad18b39 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:56:51 -0400 Subject: [PATCH 265/466] refined --- roles/network/tasks/rpi_debian.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 9c5e39cf0..c6e25bd3c 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -10,7 +10,7 @@ # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway -- name: Raspbian stock has openresolv which is not available in debian, off it +- name: Raspbian stock has openresolv which is not available in Debian, off it package: name=openresolv state=absent @@ -22,7 +22,7 @@ file: path=/etc/network/interfaces.d/br0 state=absent -- name: Default to LAN Controller +- name: Default to 'LanController' set_fact: gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined From 0f8cc95815f532deef2b381bd9016a8e59408fe5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:57:40 -0400 Subject: [PATCH 266/466] refined --- roles/network/tasks/wondershaper.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index 7c27d507e..5fec75b3b 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -33,7 +33,7 @@ group=root state=link -- name: Add wondershaper to service list +- name: Add 'wondershaper' to service list ini_file: dest='{{ service_filelist }}' section=wondershaper option='{{ item.option }}' From bc3f59d30b7ef105458057dfd9a845715a7b795b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 14:13:19 -0400 Subject: [PATCH 267/466] Ansible output refined --- roles/network/tasks/computed_services.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 2b8e6bac1..5b5bac4da 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -1,4 +1,4 @@ -- name: No LAN configured - Appliance mode +- name: No LAN configured - 'Appliance' mode set_fact: dansguardian_enabled: False squid_enabled: False @@ -8,7 +8,7 @@ iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" or user_lan_iface == "none" -- name: LAN configured - LanController mode +- name: LAN configured - 'LanController' mode set_fact: named_enabled: True dhcpd_enabled: True @@ -18,7 +18,7 @@ iiab_network_mode: "LanController" when: iiab_lan_iface != "" and iiab_wan_iface == "none" -- name: LAN configured - Gateway mode +- name: LAN configured - 'Gateway' mode set_fact: named_enabled: True dhcpd_enabled: True From 6e9535a1c31afb52f792b900d075d3b767bb7ad6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 14:46:59 -0400 Subject: [PATCH 268/466] typo/clarif in roles/usb-lib/tasks/main.yml --- roles/usb-lib/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb-lib/tasks/main.yml index f158f1433..f0de224a8 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb-lib/tasks/main.yml @@ -62,6 +62,6 @@ - option: name value: usb-lib - option: description - value: '"usb-lib automounts a USB drives and links to library content."' + value: '"usb-lib automounts USB drives and can live-link /library/www/html/local_content to Teachers Content."' - option: enabled value: "{{ usb_lib_enabled }}" From 105c1c8b4a9c777f0094ff461532e52077a398ae Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 19 Jul 2017 15:38:50 -0500 Subject: [PATCH 269/466] finish xsce -> iiab rename --- roles/ejabberd/templates/ejabberd | 4 ++-- .../templates/{ejabberd-xs => ejabberd-iiab} | 2 +- ...jabberd-xs.cfg.j2 => ejabberd-iiab.cfg.j2} | 0 .../{ejabberd-xs.init => ejabberd-iiab.init} | 20 +++++++++---------- ...xs.service.j2 => ejabberd-iiab.service.j2} | 6 +++--- .../{xs-ejabberd-srg => iiab-ejabberd-srg} | 2 +- roles/ejabberd_xs/templates/ejabberd-xs.init | 14 ++++++------- 7 files changed, 23 insertions(+), 25 deletions(-) rename roles/ejabberd/templates/{ejabberd-xs => ejabberd-iiab} (90%) rename roles/ejabberd/templates/{ejabberd-xs.cfg.j2 => ejabberd-iiab.cfg.j2} (100%) rename roles/ejabberd/templates/{ejabberd-xs.init => ejabberd-iiab.init} (93%) rename roles/ejabberd/templates/{ejabberd-xs.service.j2 => ejabberd-iiab.service.j2} (64%) rename roles/ejabberd/templates/{xs-ejabberd-srg => iiab-ejabberd-srg} (96%) diff --git a/roles/ejabberd/templates/ejabberd b/roles/ejabberd/templates/ejabberd index bf0d2505c..ef7fa5c5e 100755 --- a/roles/ejabberd/templates/ejabberd +++ b/roles/ejabberd/templates/ejabberd @@ -3,9 +3,9 @@ # # ejabberd now handles domain changes in the initrd script # -SERVICE_NAME=ejabberd-xs +SERVICE_NAME=ejabberd-iiab -CONFIG_LIST="/etc/ejabberd/ejabberd-xs.cfg" +CONFIG_LIST="/etc/ejabberd/ejabberd-iiab.cfg" # taken from ejabberd spec %post # taken from ejabberd spec %post diff --git a/roles/ejabberd/templates/ejabberd-xs b/roles/ejabberd/templates/ejabberd-iiab similarity index 90% rename from roles/ejabberd/templates/ejabberd-xs rename to roles/ejabberd/templates/ejabberd-iiab index 627260af5..ab85fb555 100755 --- a/roles/ejabberd/templates/ejabberd-xs +++ b/roles/ejabberd/templates/ejabberd-iiab @@ -2,7 +2,7 @@ ## Where should ejabberd find its configuration file? # -CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg +CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg ## ULIMIT_MAX_FILES alters the number of files that ejabberd is ## allowed to have open at once. If it is unset the system default diff --git a/roles/ejabberd/templates/ejabberd-xs.cfg.j2 b/roles/ejabberd/templates/ejabberd-iiab.cfg.j2 similarity index 100% rename from roles/ejabberd/templates/ejabberd-xs.cfg.j2 rename to roles/ejabberd/templates/ejabberd-iiab.cfg.j2 diff --git a/roles/ejabberd/templates/ejabberd-xs.init b/roles/ejabberd/templates/ejabberd-iiab.init similarity index 93% rename from roles/ejabberd/templates/ejabberd-xs.init rename to roles/ejabberd/templates/ejabberd-iiab.init index 9585e2ada..43d747d90 100755 --- a/roles/ejabberd/templates/ejabberd-xs.init +++ b/roles/ejabberd/templates/ejabberd-iiab.init @@ -17,10 +17,13 @@ # Description: A distributed, fault-tolerant Jabber/XMPP server ### END INIT INFO +SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name +OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name + . /etc/rc.d/init.d/functions -if [ -r /etc/sysconfig/ejabberd-xs ]; then - . /etc/sysconfig/ejabberd-xs +if [ -r /etc/sysconfig/ejabberd-iiab ]; then + . /etc/sysconfig/ejabberd-iiab fi if [ ! "$CONFIG_FILE" ]; then @@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd # avoid using consolehelper, call ejabberdctl directly progctl=/usr/sbin/ejabberdctl -SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name -OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name - check_domain_configured() { - if [ ! -e /etc/sysconfig/xs_domain_name ]; then - echo "Domain not configured yet" > /dev/stderr + if [ ! -e $SYS_DOMAIN_FILE ]; then + echo "Domain not configured yet 1" > /dev/stderr exit 1; fi domain=`cat "$SYS_DOMAIN_FILE" ` if [ "$domain" == "random.xs.laptop.org" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 2" > /dev/stderr exit 1; fi #hostname=`hostname -f` hostname=`hostname ` if [ "$hostname" == "localhost.localdomain" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 3" > /dev/stderr fi # if [ "$hostname" != "schoolserver.$domain" ]; then @@ -218,5 +218,3 @@ case "$1" in esac exit $RETVAL - - diff --git a/roles/ejabberd/templates/ejabberd-xs.service.j2 b/roles/ejabberd/templates/ejabberd-iiab.service.j2 similarity index 64% rename from roles/ejabberd/templates/ejabberd-xs.service.j2 rename to roles/ejabberd/templates/ejabberd-iiab.service.j2 index 73a9b9ea3..28f1b10dc 100755 --- a/roles/ejabberd/templates/ejabberd-xs.service.j2 +++ b/roles/ejabberd/templates/ejabberd-iiab.service.j2 @@ -8,9 +8,9 @@ User=root Group=root LimitNOFILE=50000 RestartSec=5 -EnvironmentFile=/etc/sysconfig/ejabberd-xs -ExecStart=/usr/libexec/ejabberd-xs start -ExecStop=/usr/libexec/ejabberd-xs stop +EnvironmentFile=/etc/sysconfig/ejabberd-iiab +ExecStart=/usr/libexec/ejabberd-iiab start +ExecStop=/usr/libexec/ejabberd-iiab stop RemainAfterExit=yes [Install] diff --git a/roles/ejabberd/templates/xs-ejabberd-srg b/roles/ejabberd/templates/iiab-ejabberd-srg similarity index 96% rename from roles/ejabberd/templates/xs-ejabberd-srg rename to roles/ejabberd/templates/iiab-ejabberd-srg index 4f3b5bc32..f794020bf 100755 --- a/roles/ejabberd/templates/xs-ejabberd-srg +++ b/roles/ejabberd/templates/iiab-ejabberd-srg @@ -2,7 +2,7 @@ progctl=/usr/sbin/ejabberdctl -SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name +SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name setup_online_srg() { diff --git a/roles/ejabberd_xs/templates/ejabberd-xs.init b/roles/ejabberd_xs/templates/ejabberd-xs.init index 9585e2ada..9bd07eea0 100755 --- a/roles/ejabberd_xs/templates/ejabberd-xs.init +++ b/roles/ejabberd_xs/templates/ejabberd-xs.init @@ -17,6 +17,9 @@ # Description: A distributed, fault-tolerant Jabber/XMPP server ### END INIT INFO +SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name +OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name + . /etc/rc.d/init.d/functions if [ -r /etc/sysconfig/ejabberd-xs ]; then @@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd # avoid using consolehelper, call ejabberdctl directly progctl=/usr/sbin/ejabberdctl -SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name -OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name - check_domain_configured() { - if [ ! -e /etc/sysconfig/xs_domain_name ]; then - echo "Domain not configured yet" > /dev/stderr + if [ ! -e $SYS_DOMAIN_FILE ]; then + echo "Domain not configured yet 1" > /dev/stderr exit 1; fi domain=`cat "$SYS_DOMAIN_FILE" ` if [ "$domain" == "random.xs.laptop.org" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 2" > /dev/stderr exit 1; fi #hostname=`hostname -f` hostname=`hostname ` if [ "$hostname" == "localhost.localdomain" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 3" > /dev/stderr fi # if [ "$hostname" != "schoolserver.$domain" ]; then From a1609bfa1d19fa32d1058df04a4aefe7012e75fd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 19 Jul 2017 16:10:32 -0500 Subject: [PATCH 270/466] adjust tasks for rename and disable online group creation in ansible --- roles/ejabberd/tasks/main.yml | 40 ++++++++++++++++++-------------- roles/ejabberd_xs/tasks/main.yml | 15 +++++------- 2 files changed, 28 insertions(+), 27 deletions(-) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index b0341521a..b3fcf3079 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -14,25 +14,25 @@ group=root mode={{ item.mode }} with_items: - - { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' } + - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' } - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } - - { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' } + - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } - - { src: 'ejabberd-xs.service.j2', dest: '/etc/systemd/system/ejabberd-xs.service', mode: '0755' } - - { src: 'xs-ejabberd-srg', dest: '/usr/bin/xs-ejabberd-srg' , mode: '0755' } - - { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' } + - { src: 'ejabberd-iiab.service.j2', dest: '/etc/systemd/system/ejabberd-iiab.service', mode: '0755' } + - { src: 'iiab-ejabberd-srg', dest: '/usr/bin/iiab-ejabberd-srg' , mode: '0755' } +# - { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' } - { src: 'ejabberd.tmpfiles', dest: '/etc/tmpfiles.d/ejabberd.conf', mode: '0640' } register: ejabberd_config - name: Put the startup script in place - debian - template: src='ejabberd-xs.init' - dest='/etc/init.d/ejabberd-xs' + template: src='ejabberd-iiab.init' + dest='/etc/init.d/ejabberd-iiab' when: is_debuntu - name: Put the startup script in place - non debian - template: src='ejabberd-xs.init' - dest='/usr/libexec/ejabberd-xs' + template: src='ejabberd-iiab.init' + dest='/usr/libexec/ejabberd-iiab' when: not is_debuntu - name: Remove ejabberd_domain if domain changes @@ -41,14 +41,14 @@ when: ejabberd_config.changed - name: Enable ejabberd service - file: src=/etc/systemd/system/ejabberd-xs.service - dest=/etc/systemd/system/multi-user.target.wants/ejabberd-xs.service + file: src=/etc/systemd/system/ejabberd-iiab.service + dest=/etc/systemd/system/multi-user.target.wants/ejabberd-iiab.service owner=root group=root state=link - name: Start ejabberd service - service: name=ejabberd-xs + service: name=ejabberd-iiab state=restarted enabled=yes when: ejabberd_config.changed and ejabberd_enabled @@ -60,10 +60,14 @@ timeout=300 when: ejabberd_config.changed and ejabberd_enabled -- name: Create online group - shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online - when: ejabberd_config.changed and not is_debuntu +# ejabberd-iiab.init has the logic for the below, needs to be done once +# and only if the group does not exist based on presence of +# /var/lib/ejabberd online_src_created -- name: Add all users to online group - shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver" - when: ejabberd_config.changed and not is_debuntu +#- name: Create online group +# shell: ejabberdctl srg_create Online "{{ iiab_hostname }}" Online "Online_Users" Online +# when: ejabberd_config.changed + +#- name: Add all users to online group +# shell: ejabberdctl srg_user_add '@online@' "{{ iiab_hostname }}" Online "schoolserver" +# when: ejabberd_config.changed diff --git a/roles/ejabberd_xs/tasks/main.yml b/roles/ejabberd_xs/tasks/main.yml index 503adeaf1..5131b9218 100644 --- a/roles/ejabberd_xs/tasks/main.yml +++ b/roles/ejabberd_xs/tasks/main.yml @@ -76,13 +76,10 @@ timeout=300 when: ejabberd_config.changed and ejabberd_xs_enabled -- name: Create online group - shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online - when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled - -- name: Add all users to online group - shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver" - when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled - - +#- name: Create online group +# shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online +# when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled +#- name: Add all users to online group +# shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver" +# when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled From 549cc48d042fb7f9d4f310ce6d179492eb84ab16 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 19 Jul 2017 18:32:37 -0500 Subject: [PATCH 271/466] split ejabberd/ejabberd_xs config files names --- roles/ejabberd/tasks/main.yml | 2 +- roles/ejabberd/templates/ejabberd-iiab.init | 4 ++-- roles/ejabberd_xs/tasks/main.yml | 2 +- roles/ejabberd_xs/templates/ejabberd-xs.init | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index b3fcf3079..ec78415ae 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -15,7 +15,7 @@ mode={{ item.mode }} with_items: - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' } - - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } + - { src: 'ejabberdctl-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' } - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } diff --git a/roles/ejabberd/templates/ejabberd-iiab.init b/roles/ejabberd/templates/ejabberd-iiab.init index 43d747d90..a944ead9a 100755 --- a/roles/ejabberd/templates/ejabberd-iiab.init +++ b/roles/ejabberd/templates/ejabberd-iiab.init @@ -27,7 +27,7 @@ if [ -r /etc/sysconfig/ejabberd-iiab ]; then fi if [ ! "$CONFIG_FILE" ]; then - CONFIG_FILE=/etc/ejabberd/ejabberd.cfg + CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg fi # /var/run is tmpfs in fc18, so need to create every time @@ -149,7 +149,7 @@ start() { fi daemon --user=ejabberd $progctl start --config $CONFIG_FILE \ - --ctl-config /etc/ejabberd/ejabberdctl.cfg \ + --ctl-config /etc/ejabberd/ejabberdctl-iiab.cfg \ --logs "/var/log/ejabberd" \ --spool "/var/lib/ejabberd/spool" \ 2>/dev/null diff --git a/roles/ejabberd_xs/tasks/main.yml b/roles/ejabberd_xs/tasks/main.yml index 5131b9218..e73ecf7eb 100644 --- a/roles/ejabberd_xs/tasks/main.yml +++ b/roles/ejabberd_xs/tasks/main.yml @@ -34,7 +34,7 @@ mode={{ item.mode }} with_items: - { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' } - - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } + - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-xs.cfg', mode: '0644' } - { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } diff --git a/roles/ejabberd_xs/templates/ejabberd-xs.init b/roles/ejabberd_xs/templates/ejabberd-xs.init index 9bd07eea0..ca1ef8618 100755 --- a/roles/ejabberd_xs/templates/ejabberd-xs.init +++ b/roles/ejabberd_xs/templates/ejabberd-xs.init @@ -27,7 +27,7 @@ if [ -r /etc/sysconfig/ejabberd-xs ]; then fi if [ ! "$CONFIG_FILE" ]; then - CONFIG_FILE=/etc/ejabberd/ejabberd.cfg + CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg fi # /var/run is tmpfs in fc18, so need to create every time @@ -149,7 +149,7 @@ start() { fi daemon --user=ejabberd $progctl start --config $CONFIG_FILE \ - --ctl-config /etc/ejabberd/ejabberdctl.cfg \ + --ctl-config /etc/ejabberd/ejabberdctl-xs.cfg \ --logs "/var/log/ejabberd" \ --spool "/var/lib/ejabberd/spool" \ 2>/dev/null From 2beb64f2491f47225230f39bb806a23f386177b8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 11:09:16 -0500 Subject: [PATCH 272/466] Stop and disable OS provided ejabberd service --- roles/ejabberd/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index ec78415ae..b24effe2e 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -25,6 +25,11 @@ - { src: 'ejabberd.tmpfiles', dest: '/etc/tmpfiles.d/ejabberd.conf', mode: '0640' } register: ejabberd_config +- name: Stop and disable OS provided systemd ejabberd service + service: name=ejabberd + state=stopped + enabled=no + - name: Put the startup script in place - debian template: src='ejabberd-iiab.init' dest='/etc/init.d/ejabberd-iiab' From f1f80c9ae90576722d332b9d125ea498237a2e33 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 16:08:08 -0500 Subject: [PATCH 273/466] template name is ejabberdctl.cfg.j2 - jenkins error --- roles/ejabberd/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index b24effe2e..3e99df865 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -15,7 +15,7 @@ mode={{ item.mode }} with_items: - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' } - - { src: 'ejabberdctl-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' } + - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' } - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } From 47a78b426c671a399c96fd20153fd1e177b0f4aa Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 19:17:51 -0400 Subject: [PATCH 274/466] Ansible output tweak --- roles/2-common/tasks/udev.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/udev.yml b/roles/2-common/tasks/udev.yml index 7e55c9f83..7e66a2d93 100644 --- a/roles/2-common/tasks/udev.yml +++ b/roles/2-common/tasks/udev.yml @@ -23,13 +23,12 @@ shell: systemctl daemon-reload when: udev_unit.stat.exists is defined and udev_unit.stat.exists -- name: restart so systemd recognizes the changes +- name: Restart so systemd recognizes the changes shell: systemctl restart systemd-udevd.service when: udev_unit.stat.exists is defined and udev_unit.stat.exists -- name: reload systemd-udevd so it has rootfs open read-write +- name: Reload systemd-udevd so it has rootfs open read-write template: src=udev-reload.service dest=/etc/systemd/system/ -- name: enable the reload service +- name: Enable the reload service shell: systemctl enable udev-reload.service - From f101f87a36d23a20cb7f94fd73b7ef6273c2b95d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 20:13:45 -0400 Subject: [PATCH 275/466] tweaks to cultivate implementers into engaging+understanding more deeply --- roles/mysql/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index e4819172a..2b1a622fe 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,4 +1,4 @@ - - name: Install MySQL Debian + - name: Install MySQL if Debian/Debuntu package: name={{ item }} state=present with_items: @@ -18,11 +18,11 @@ tags: - download - - name: php-xml for ubuntu and debian-9 + - name: php-xml for 'ubuntu' and 'debian-9' package: name=php{{ php_version }}-xml state=present when: is_ubuntu or is_debian_9 - - name: php-xml for debian-8 + - name: php-xml for 'debian-8' package: name=php-xml-parser state=present when: is_debian_8 @@ -78,7 +78,7 @@ template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 when: mysql_enabled - - name: Update mysql root password for all remaining root accounts + - name: Update MySQL root password for all remaining root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: # - "{{ iiab_hostname }}.{{ iiab_domain }}" @@ -106,7 +106,7 @@ when: not mysql_enabled - - name: Add mysql to service list + - name: Add 'mysql' to service list ini_file: dest='{{ service_filelist }}' section=mysql option='{{ item.option }}' @@ -115,6 +115,6 @@ - option: name value: mysql-database - option: description - value: '"MySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' + value: '"MySQL is a widely used free and open source (GPLv2) database, offered by most web hosting services, on a diversity of platforms."' - option: enabled value: "{{ mysql_enabled }}" From 40a0a4063a7b9207bc8174ab8053b919de7a0a57 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 20:17:40 -0400 Subject: [PATCH 276/466] Update main.yml --- roles/mysql/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 2b1a622fe..7ae2cfad6 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,4 +1,4 @@ - - name: Install MySQL if Debian/Debuntu + - name: Install MySQL for Debian/Debuntu package: name={{ item }} state=present with_items: @@ -26,7 +26,7 @@ package: name=php-xml-parser state=present when: is_debian_8 - - name: Install MySQL + - name: Install MySQL for non-Debian/Debuntu package: name={{ item }} state=present with_items: From 2e53b1a248c14c3cf93c15dfa2f6844199801abf Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 12:32:07 -0500 Subject: [PATCH 277/466] mysql --- roles/3-base-server/tasks/main.yml | 8 +++++--- roles/elgg/meta/main.yml | 3 --- roles/mysql/tasks/main.yml | 1 - roles/nextcloud/meta/main.yml | 3 --- roles/owncloud/meta/main.yml | 3 --- roles/rachel/meta/main.yml | 4 ---- roles/wordpress/meta/main.yml | 3 --- 7 files changed, 5 insertions(+), 20 deletions(-) delete mode 100644 roles/elgg/meta/main.yml delete mode 100644 roles/nextcloud/meta/main.yml delete mode 100644 roles/owncloud/meta/main.yml delete mode 100644 roles/rachel/meta/main.yml delete mode 100644 roles/wordpress/meta/main.yml diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 279322513..26d4af235 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -15,13 +15,15 @@ # has no "when: XXXXX_install" flag tags: base, iiab-admin +- name: MYSQL + include_role: + name: mysql + tags: base, mysql + - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory -- name: Base Server Installed - command: echo Base Server Installed - - name: Restart httpd service: name={{ apache_service }} state=restarted diff --git a/roles/elgg/meta/main.yml b/roles/elgg/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/elgg/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index e4819172a..1ff6a2920 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -105,7 +105,6 @@ state=stopped when: not mysql_enabled - - name: Add mysql to service list ini_file: dest='{{ service_filelist }}' section=mysql diff --git a/roles/nextcloud/meta/main.yml b/roles/nextcloud/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/nextcloud/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } diff --git a/roles/owncloud/meta/main.yml b/roles/owncloud/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/owncloud/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } diff --git a/roles/rachel/meta/main.yml b/roles/rachel/meta/main.yml deleted file mode 100644 index 09f9b4e28..000000000 --- a/roles/rachel/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -allow_duplicates: yes -dependencies: - - { role: mysql, mysql_enabled: True } diff --git a/roles/wordpress/meta/main.yml b/roles/wordpress/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/wordpress/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } From 97b829ebba0c531107ea3241bb135c5696b6ff5e Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 12:36:14 -0500 Subject: [PATCH 278/466] postgresql --- roles/4-server-options/tasks/main.yml | 6 ++++++ roles/moodle/meta/main.yml | 3 --- roles/pathagar/meta/main.yml | 3 --- 3 files changed, 6 insertions(+), 6 deletions(-) delete mode 100644 roles/moodle/meta/main.yml delete mode 100644 roles/pathagar/meta/main.yml diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 69173b017..9348d5933 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -27,6 +27,12 @@ # has no "when: XXXXX_install" flag tags: base, homepage +- name: POSTGRESQL + include_role: + name: postgresql + when: postgresql_install + tags: postgresql + - name: AUTHSERVER include_role: name: authserver diff --git a/roles/moodle/meta/main.yml b/roles/moodle/meta/main.yml deleted file mode 100644 index 55dedee1a..000000000 --- a/roles/moodle/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: postgresql } diff --git a/roles/pathagar/meta/main.yml b/roles/pathagar/meta/main.yml deleted file mode 100644 index 55dedee1a..000000000 --- a/roles/pathagar/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: postgresql } From 992c87e79d3724704c1fd62af0801cc0cf155262 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 12:41:48 -0500 Subject: [PATCH 279/466] postgresql tags --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 9348d5933..7efdffe74 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -31,7 +31,7 @@ include_role: name: postgresql when: postgresql_install - tags: postgresql + tags: postgresql, pathagar, moodle - name: AUTHSERVER include_role: From e2a8b090143821930680c0aa16023254bd173a4e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 20:56:48 -0400 Subject: [PATCH 280/466] tweaks for understandability --- roles/monit/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/monit/tasks/main.yml b/roles/monit/tasks/main.yml index 26a3c2a7f..e57ee7c39 100644 --- a/roles/monit/tasks/main.yml +++ b/roles/monit/tasks/main.yml @@ -1,10 +1,10 @@ -- name: Install monit package +- name: Install Monit package package: name=monit state=present tags: - download -- name: Install chkconfig package -- not in debian 9 +- name: Install chkconfig package -- not in Debian 8 package: name=chkconfig state=present when: is_debian and ansible_distribution_major_version == "8" @@ -34,14 +34,14 @@ delay: 1 #TODO: create systemd script -- name: Enable monit service +- name: Enable 'monit' service command: chkconfig monit on when: is_debian and ansible_local.local_facts.os_ver == "debian-8" #- name: Restart monit service # command: service monit restart -- name: Add monit to service list +- name: Add 'monit' to service list ini_file: dest='{{ service_filelist }}' section=monit option='{{ item.option }}' @@ -50,6 +50,6 @@ - option: name value: monit - option: description - value: '"Monit is a background service monitor which can correct problems, send email, restart services"' + value: '"Monit is a background service monitor which can correct problems, send email, restart services."' - option: enabled value: "{{ monit_enabled }}" From 4769e3cff87a447b93d0460210c3578a2631570b Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 28 Oct 2017 07:39:26 -0400 Subject: [PATCH 281/466] Update main.yml Until we come up with a more readable style...am emulating SSHD, NETWORK and HOMEPAGE @ https://github.com/iiab/iiab/blob/master/roles/4-server-options/tasks/main.yml --- roles/3-base-server/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 26d4af235..3aa90c43b 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -18,6 +18,7 @@ - name: MYSQL include_role: name: mysql + # has no "when: XXXXX_install" flag tags: base, mysql - name: Make sure there is a content directory From 6fe7b209de2f2d5ba6b74ec8b309b855bc2c8d21 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 28 Oct 2017 09:14:58 -0400 Subject: [PATCH 282/466] PostgreSQL defaults moved from 3 to 4 for now --- vars/default_vars.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4d610239c..0056dbf1a 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -140,10 +140,6 @@ mysql_enabled: True # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 mysql_root_password: fixmysql -# PostgreSQL -postgresql_install: False -postgresql_enabled: False - # 4-SERVER-OPTIONS # sshd @@ -169,6 +165,10 @@ iiab_home_url: /home # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki +# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml +postgresql_install: False +postgresql_enabled: False + # authserver authserver_install: False authserver_enabled: False From 26202240190ad5195c01df526c6ebe898088ab59 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 29 Oct 2017 23:57:11 -0500 Subject: [PATCH 283/466] use ansible-2.4.1 on CentOS --- scripts/ansible | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ansible b/scripts/ansible index 19c56e6ad..4ae9924e0 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -44,7 +44,7 @@ if [ -f /etc/centos-release ]; then yum -y install ca-certificates nss epel-release yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python yum -y install python-pip python-setuptools python-wheel patch - yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.0.0-1.el7.ans.noarch.rpm + yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.1.0-1.el7.ans.noarch.rpm FOUND="yes" FAMILY="redhat" fi From 565392dea19f7bd23eacad49e14c8dd632e86e1f Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 11:40:29 -0400 Subject: [PATCH 284/466] tweak DB defaults' explanations --- vars/default_vars.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 0056dbf1a..c99fddfba 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -133,7 +133,7 @@ allow_apache_sudo: False # IIAB-ADMIN role runs here. -# MySQL - SEE roles/1-prep/tasks/computed_vars.yml for de facto defaults +# MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True mysql_enabled: True # password is fixmysql @@ -165,7 +165,7 @@ iiab_home_url: /home # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki -# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml +# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml, roles/postgresql/tasks/main.yml postgresql_install: False postgresql_enabled: False From 9a5faa8832f989d3ae094ee780302697785a47d0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:26:25 -0400 Subject: [PATCH 285/466] added+clarified PostgreSQL flags --- vars/medium.localvars | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 3f2d9fd21..9248e0eaf 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -47,7 +47,7 @@ dansguardian_enabled: False # 3-BASE-SERVER -# MySQL & PostgreSQL are auto-installed around here as necessary. +# MySQL mandatory installation here # 4-SERVER-OPTIONS @@ -58,6 +58,11 @@ openvpn_enabled: False # openvpn_cron_enabled: True # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" +# PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! +# roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml +postgresql_install: False +postgresql_enabled: False + # Unmaintained # authserver_install: False # authserver_enabled: False From ecd68a30b80a1daaa162d830c0885f0abcedd701 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:30:51 -0400 Subject: [PATCH 286/466] Clarified PostgreSQL --- vars/default_vars.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index c99fddfba..a9461ba54 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -165,7 +165,8 @@ iiab_home_url: /home # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki -# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml, roles/postgresql/tasks/main.yml +# PostgreSQL auto-installed by Moodle &/or Pathagar as nec, no need to touch! +# roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml postgresql_install: False postgresql_enabled: False From a92c1b31117755e7b86b5dfc155a3a3f05888a26 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:32:35 -0400 Subject: [PATCH 287/466] mysql passwd was stated twice --- vars/default_vars.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index a9461ba54..497a13901 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -136,7 +136,6 @@ allow_apache_sudo: False # MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True mysql_enabled: True -# password is fixmysql # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 mysql_root_password: fixmysql From 08bdf48ea3f9dfb1ad9e0453c8e11972ce14f10b Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:33:23 -0400 Subject: [PATCH 288/466] Abbreviated. Explanation is in default_vars.html --- vars/medium.localvars | 1 - 1 file changed, 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 9248e0eaf..73e1e96c9 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -59,7 +59,6 @@ openvpn_enabled: False # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" # PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! -# roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml postgresql_install: False postgresql_enabled: False From f8fb51243aced2e9aee5bddd1e29ded486be3886 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:45:03 -0400 Subject: [PATCH 289/466] cleanup+clarifs --- vars/medium.localvars | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 73e1e96c9..32a8e70db 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -45,9 +45,13 @@ dansguardian_enabled: False # wondershaper_install: False # wondershaper_enabled: False +# 1-PREP + +# 2-COMMON + # 3-BASE-SERVER -# MySQL mandatory installation here +# roles/mysql runs here # 4-SERVER-OPTIONS @@ -58,6 +62,8 @@ openvpn_enabled: False # openvpn_cron_enabled: True # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" +# roles/network runs here (MANY SETTINGS ABOVE) + # PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! postgresql_install: False postgresql_enabled: False From 54b1dfe54b84f3b5a9bd32467b6dca62d2ce3103 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:45:13 -0400 Subject: [PATCH 290/466] cleanup+clarifs --- vars/default_vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 497a13901..4f286be21 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -129,9 +129,9 @@ schooltool_enabled: False # Needed if you want http://box/common/services/power_off.php to work allow_apache_sudo: False -# HTTPD role runs here. +# roles/httpd runs here -# IIAB-ADMIN role runs here. +# roles/iiab-admin runs here # MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True @@ -151,7 +151,7 @@ openvpn_cron_enabled: False openvpn_install: True openvpn_enabled: False -# NETWORK role runs here. +# roles/network runs here (MANY SETTINGS ABOVE) # Homepage # Default to the GUI where the selection is made or override in local_vars.yml From 239a7c6ffcc38482f6bea20567bdd958b6736c0a Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:49:56 -0400 Subject: [PATCH 291/466] MySQL mandatory (clarif) --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4f286be21..48555b782 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -133,7 +133,7 @@ allow_apache_sudo: False # roles/iiab-admin runs here -# MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml +# MySQL MANDATORY - THESE SETTINGS HAVE NO EFFECT - SEE roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True mysql_enabled: True # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 From 7c2b8a97033295d015937be2531e4204fc8364a0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:50:04 -0400 Subject: [PATCH 292/466] MySQL mandatory (clarif) --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 32a8e70db..ac39788c6 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -51,7 +51,7 @@ dansguardian_enabled: False # 3-BASE-SERVER -# roles/mysql runs here +# roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS From 38a87bbcc1acff7c3b4c9807717507bfde6272c6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 23:29:32 -0400 Subject: [PATCH 294/466] cleanup for readability --- roles/1-prep/tasks/raspberry_pi_2.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/1-prep/tasks/raspberry_pi_2.yml b/roles/1-prep/tasks/raspberry_pi_2.yml index 43a66dc25..f93f734ee 100644 --- a/roles/1-prep/tasks/raspberry_pi_2.yml +++ b/roles/1-prep/tasks/raspberry_pi_2.yml @@ -26,23 +26,23 @@ mode=0644 when: rtc_id != "none" -- name: pre-Install packages +- name: Pre-install packages package: name={{ item }} state=latest with_items: - ntp -- name: increase the swap file size (kalite pip download fails) +- name: Increase the swap file size (kalite pip download fails) lineinfile: regexp="^CONF_SWAPSIZE" line=CONF_SWAPSIZE=500 dest=/etc/dphys-swapfile when: is_debuntu -- name: restart the swap service +- name: Restart the swap service command: /etc/init.d/dphys-swapfile restart when: is_debuntu -- name: Add rpi rootfs resizing service +- name: Add RPi rootfs resizing service template: src={{ item.src }} dest={{ item.dest }} owner=root @@ -55,4 +55,3 @@ - name: Enable rootfs resizing service service: name=iiab-rpi-root-resize enabled=yes - From 17d116433748876f7fa4009dc97f41cb192b55e4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 23:30:29 -0400 Subject: [PATCH 295/466] cleanup for readability --- roles/2-common/tasks/xo.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index 4c7c1237e..168f978bc 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -25,7 +25,7 @@ regexp='^%_excludedocs' state=absent -- name: pre-Install packages +- name: Pre-install packages package: name={{ item }} state=latest with_items: @@ -34,7 +34,7 @@ - man-db - man-pages -- name: re-Install packages +- name: Re-install packages shell: yum -y reinstall sed libidn grep which util-linux wget gnupg2 groff gnash yum when: not osbuilder is defined @@ -44,7 +44,7 @@ option=plugins value=ifcfg-rh,keyfile -- name: check for modem config file +- name: Check for modem config file stat: path=/etc/NetworkManager/system-connections/"Sugar Modem Connection" register: config From 0ffbd6f11954dff28184199354a56f9d39a3ed84 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 23:34:39 -0400 Subject: [PATCH 296/466] cleanup for readability --- roles/2-common/tasks/packages.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 700159be6..e409b5dee 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -1,16 +1,16 @@ -- name: install yum deps for arm!!! +- name: Install yum deps for arm!!! shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 -- name: install yum from Fedora 23 for arm!!! +- name: Install yum from Fedora 23 for arm!!! shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 -- name: install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!! +- name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!! shell: dnf install -y yum when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l" -- name: get the createrepo program +- name: Get the createrepo program package: name=createrepo state=present when: is_redhat From f845efb421f4e257ba007cc148d6ffe8703d0356 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 31 Oct 2017 10:12:35 -0400 Subject: [PATCH 297/466] readability tweak --- roles/2-common/tasks/iiab_ini.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/iiab_ini.yml b/roles/2-common/tasks/iiab_ini.yml index 32607d738..90db8f296 100644 --- a/roles/2-common/tasks/iiab_ini.yml +++ b/roles/2-common/tasks/iiab_ini.yml @@ -14,7 +14,7 @@ - option: 'iiab_dir' value: '{{ iiab_dir }}' -- name: add version section +- name: Add version section ini_file: dest='{{ iiab_config_file }}' section=version option='{{ item.option }}' From 48a922cd6ff3ea5a2d7a61724c4d004fefb1d05d Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 31 Oct 2017 13:03:08 -0400 Subject: [PATCH 298/466] calrif on Squid execution path --- vars/medium.localvars | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/medium.localvars b/vars/medium.localvars index ac39788c6..96cd8d7d7 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -35,6 +35,7 @@ iiab_gateway_enabled: False # Make this False to disable http://box/common/services/power_off.php button: allow_apache_sudo: True +# Stages 3 & 4 must be run (using iiab-install or runtags) if changing these: squid_install: False squid_enabled: False From 6506313223f365f6bd5ce54f3db3bd56839ed858 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 1 Nov 2017 13:11:34 -0400 Subject: [PATCH 299/466] no_admin variable explained --- vars/default_vars.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 48555b782..f1456ca3c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -26,8 +26,17 @@ service_filelist: "{{ iiab_config_file }}" disregard_network: False # use cache or error out if cache does not exist # Users and Passwords -# obtain a password hash with - python -c 'import crypt; print crypt.crypt("", "$6$<salt>")' +# Uncomment the following if you don't want iiab_admin_user (by default +# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml +# Also disables sudo-based verification of published passwords. +# no_admin: "" + +# If no_admin variable is established above (its actual value is IGNORED) also +# set iiab_admin_user (below) to an existing Linux user that has sudo access. +# This is the username you'll use to login to Admin Console @ http://box/admin + +# obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' iiab_admin_user: iiab-admin iiab_admin_passw_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. From 076aafe560cd3d62d35ac51fc2d173bffa9c00c8 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 1 Nov 2017 13:14:40 -0400 Subject: [PATCH 300/466] no_admin var explained --- vars/medium.localvars | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/vars/medium.localvars b/vars/medium.localvars index 96cd8d7d7..226915f14 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -6,6 +6,18 @@ # Original Idea: branch github.com/xsce/xsce-local for your deployment +# Users and Passwords + +# Uncomment the following if you don't want iiab_admin_user (by default +# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml +# Also disables sudo-based verification of published passwords. + +# no_admin: "" + +# If no_admin variable is established above (its actual value is IGNORED) also +# set iiab_admin_user (below) to an existing Linux user that has sudo access. +# This is the username you'll use to login to Admin Console @ http://box/admin + iiab_admin_user: iiab-admin # Obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' From 5455f43c8bf41b2d040fd1f98b681b973da1ffc5 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 1 Nov 2017 13:15:59 -0400 Subject: [PATCH 301/466] no_admin clarified/sync'd with medium.localvars --- vars/default_vars.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index f1456ca3c..0a95140ce 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -30,14 +30,16 @@ disregard_network: False # use cache or error out if cache does not exist # Uncomment the following if you don't want iiab_admin_user (by default # iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml # Also disables sudo-based verification of published passwords. + # no_admin: "" # If no_admin variable is established above (its actual value is IGNORED) also # set iiab_admin_user (below) to an existing Linux user that has sudo access. # This is the username you'll use to login to Admin Console @ http://box/admin -# obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' iiab_admin_user: iiab-admin + +# Obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' iiab_admin_passw_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. # Languages From 6b8cdf7831f30f117c8f442981dca211ef709c22 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 01:20:13 -0400 Subject: [PATCH 302/466] obectionable -> objectionable --- roles/network/tasks/squid.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 595a24e06..47c67cd6f 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -95,6 +95,6 @@ - option: name value: dansguardian - option: description - value: '"DansGuardian searches web content for obectionable references and denies access when found."' + value: '"DansGuardian searches web content for objectionable references and denies access when found."' - option: enabled value: "{{ dansguardian_enabled }}" From 38ce25d53d30395feabc0d99c789253bcf385b27 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 01:22:20 -0400 Subject: [PATCH 303/466] indent clauses within "case $OS in..." --- runansible | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/runansible b/runansible index 5db3ab21f..b7f0eb5b9 100755 --- a/runansible +++ b/runansible @@ -11,15 +11,15 @@ if [ ! -f ./vars/local_vars.yml ]; then case $OS in OLPC | fedora) - cp ./vars/olpc.localvars ./vars/local_vars.yml - ;; + cp ./vars/olpc.localvars ./vars/local_vars.yml + ;; centos | debian | ubuntu | raspbian) - cp ./vars/medium.localvars ./vars/local_vars.yml - ;; + cp ./vars/medium.localvars ./vars/local_vars.yml + ;; *) - echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." - exit 1 - ;; + echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." + exit 1 + ;; esac fi From c4ca29a2032c700da5a5c2602e7bfc21d8fdff17 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 02:11:34 -0400 Subject: [PATCH 304/466] clarif: php-zip name for Debian 9 or Ubuntu (vs Debian 8) --- roles/moodle/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index 04abeede2..c618a0b4f 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -21,11 +21,11 @@ - php{{ php_version }}-cli when: is_debuntu -- name: php-zip debian 8-9 changed name +- name: php-zip name for Debian 9 or Ubuntu package: name=php{{ php_version }}-zip when: is_debian_9 or is_ubuntu -- name: php-zip debian 8-9 changed name +- name: php-zip name for Debian 8 package: name=php-pclzip when: is_debian_8 From 749846fb0a14826ed490d7b9db47cb4ab1438541 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 02:31:13 -0400 Subject: [PATCH 305/466] Sugarizer description --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 0e0e8efa2..f974d3df4 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -93,6 +93,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform."' + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/Javascript implementation of Sugar, usable in most all browsers."' - option: enabled value: "{{ sugarizer_enabled }}" From d59d09c4b7b49eaf16c5a264e7dbe3c756d7cfd9 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 02:35:35 -0400 Subject: [PATCH 306/466] description tweak (JavaScript) --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index f974d3df4..29764d060 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -93,6 +93,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/Javascript implementation of Sugar, usable in most all browsers."' + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' - option: enabled value: "{{ sugarizer_enabled }}" From 9e27cab6fc42fab895c7e56fc6900cfcb5b6ec05 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Fri, 3 Nov 2017 12:42:04 -0400 Subject: [PATCH 307/466] English cleaned up. --- roles/cups/tasks/main.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 012aa3685..05dca2a2b 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -1,5 +1,5 @@ # administer this service by browsing to localhost:631 -- name: get the CUPS package installed +- name: Get the CUPS package installed package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Put our own config file in place, to permit local lan admin +- name: Put our own config file in place, to permit local LAN admin template: dest=/etc/cups/cupsd.conf src=cupsd.conf @@ -22,7 +22,7 @@ state=link when: cups_enabled and is_debuntu -- name: Enable services for cups +- name: Enable services for CUPS service: name={{ item }} state=started enabled=yes @@ -31,17 +31,17 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable services for cups for XO laptops +- name: Enable services for CUPS for Fedora 18 (XO laptops) service: name=cups state=started enabled=yes when: cups_enabled and is_F18 -- name: Permit headless admin of CUPS -- only works when cups daemon is running +- name: Permit headless admin of CUPS -- only works when CUPS daemon is running shell: "cupsctl --remote-admin" when: cups_enabled -- name: Disable services for cups +- name: Disable services for CUPS service: name={{ item }} state=stopped enabled=no @@ -50,13 +50,13 @@ - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for cups for XO laptops +- name: Disable services for CUPS for Fedora 18 (XO laptops) service: name=cups state=stopped enabled=no when: not cups_enabled and is_F18 -- name: add cups to service list +- name: Add 'cups' to service list ini_file: dest={{ service_filelist }} section=cups option={{ item.option }} @@ -65,7 +65,7 @@ - option: name value: '"Common UNIX Printing System (CUPS)"' - option: description - value: '"CUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' + value: '"CUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' - option: installed value: "{{ cups_install }}" - option: enabled From 397bb2781b4c06cb0d2633f7c6ee315287d5435f Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 4 Nov 2017 15:33:52 -0400 Subject: [PATCH 308/466] restart kiwix-serve 4AM nightly (not 15min after every hour) --- roles/kiwix/tasks/kiwix_install.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index e27760ae5..be9c6d058 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -75,15 +75,15 @@ command: "chown -R root:root {{ iiab_base }}" # workaround because kiwix-serve does not stay running -- name: Make an entry in crontab to restart every hour +- name: Make an entry in crontab to restart at 4AM # * * * * * user-name command to be executed - lineinfile: line="15 * * * * root /bin/systemctl restart kiwix-serve.service" + lineinfile: line="0 4 * * * root /bin/systemctl restart kiwix-serve.service" dest=/etc/crontab when: is_debuntu -- name: Make an entry in crontab to restart every hour +- name: Make an entry in crontab to restart at 4AM # * * * * * user-name command to be executed - lineinfile: line="15 * * * * root /usr/bin/systemctl restart kiwix-serve.service" + lineinfile: line="0 4 * * * root /usr/bin/systemctl restart kiwix-serve.service" dest=/etc/crontab when: is_redhat From 899b0c8c26f647cdfb54389d0c4c3e4a050a3aff Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 4 Nov 2017 15:49:03 -0400 Subject: [PATCH 309/466] Messaging --- roles/kiwix/tasks/kiwix_install.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index be9c6d058..48c1d439a 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -1,4 +1,4 @@ -- name: Create various directories for ZIM files +- name: Create various directories for Kiwix's ZIM files file: path={{ item }} owner=root group=root @@ -9,11 +9,11 @@ - "{{ kiwix_content_path }}" - "{{ iiab_zim_path }}/index" -- name: Check for kiwix-serve binary +- name: Check for 'kiwix-serve' binary stat: path={{ iiab_base }}/kiwix/bin/kiwix-serve register: kiwix_bin -- name: Set kiwix first pass +- name: Set kiwix_first_pass set_fact: kiwix_first_pass: True when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists @@ -47,7 +47,7 @@ group=root when: not kiwix_src_bin_only and kiwix_first_pass -- name: Create directory for kiwix bin +- name: Create kiwix/bin directory file: path="{{ iiab_base }}/kiwix/bin" owner=root group=root @@ -63,7 +63,7 @@ - rewrite when: is_debuntu -- name: Unarchive it to permanent location - bin only +- name: Unarchive Kiwix to permanent location - bin only unarchive: src="{{ downloads_dir }}/{{ kiwix_src_file }}" dest="{{ iiab_base }}/kiwix/bin" owner=root @@ -71,17 +71,17 @@ when: kiwix_src_bin_only and kiwix_first_pass # workaround because unarchive does not set ownership properly -- name: Set kiwix ownership to root [WARNING chown -R across all of /opt/iiab] +- name: "Set Kiwix ownership - WARNING 'chown -R root:root' runs across all of /opt/iiab" command: "chown -R root:root {{ iiab_base }}" # workaround because kiwix-serve does not stay running -- name: Make an entry in crontab to restart at 4AM +- name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu) # * * * * * user-name command to be executed lineinfile: line="0 4 * * * root /bin/systemctl restart kiwix-serve.service" dest=/etc/crontab when: is_debuntu -- name: Make an entry in crontab to restart at 4AM +- name: Make a crontab entry to restart kiwix-serve at 4AM (redhat) # * * * * * user-name command to be executed lineinfile: line="0 4 * * * root /usr/bin/systemctl restart kiwix-serve.service" dest=/etc/crontab @@ -89,7 +89,7 @@ # Create kiwix service -- name: Create kiwix-serve service +- name: Create 'kiwix-serve' service template: backup=no src={{ item.src }} dest={{ item.dest }} @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: Add kiwix-serve to list of services +- name: Add 'kiwix-serve' to list of services ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' @@ -130,13 +130,13 @@ - option: enabled value: "{{ kiwix_enabled }}" -- name: Enable kiwix-serve service +- name: Enable 'kiwix-serve' service service: name=kiwix-serve enabled=yes state=restarted when: kiwix_enabled -- name: Disable kiwix-serve service +- name: Disable 'kiwix-serve' service service: name=kiwix-serve enabled=no state=stopped From d748a14cbda76758663b4e330b6831b856366679 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 4 Nov 2017 16:00:27 -0400 Subject: [PATCH 310/466] "chown -R root:root /opt/iiab/kiwix" (not all of /opt/iiab) --- roles/kiwix/tasks/kiwix_install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 48c1d439a..54d7d4d86 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -71,8 +71,8 @@ when: kiwix_src_bin_only and kiwix_first_pass # workaround because unarchive does not set ownership properly -- name: "Set Kiwix ownership - WARNING 'chown -R root:root' runs across all of /opt/iiab" - command: "chown -R root:root {{ iiab_base }}" +- name: "Set ownership: 'chown -R root:root /opt/iiab/kiwix'" + command: "chown -R root:root {{ iiab_base }}/kiwix" # workaround because kiwix-serve does not stay running - name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu) From a276def718eb2a231de49b649b21a6ae89120b96 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:16:18 -0400 Subject: [PATCH 311/466] Tighten up messaging --- roles/calibre/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/calibre/tasks/main.yml b/roles/calibre/tasks/main.yml index 193a24db5..9852e05c8 100644 --- a/roles/calibre/tasks/main.yml +++ b/roles/calibre/tasks/main.yml @@ -6,13 +6,13 @@ mode=0755 when: ansible_distribution == "CentOS" -- name: Install Calibre +- name: Install Calibre (CentOS) shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null" args: creates: /usr/bin/calibre-uninstall when: calibre_install and ansible_distribution == 'CentOS' -- name: Install Calibre rpms +- name: Install Calibre (OS's other than CentOS) # the fedora rpm arm version, though older, takes care of dependencies, and exists package: name={{ item }} state=present @@ -20,7 +20,7 @@ - calibre when: calibre_install and ansible_distribution != 'CentOS' -- name: Create Calibre service(s) and support scripts +- name: Create calibre-serve.service and calibre.conf template: backup=no src={{ item.src }} dest={{ item.dest }} @@ -52,7 +52,7 @@ state=stopped when: not calibre_enabled -- name: Add Calibre to service list +- name: Add 'calibre-serve' to service list ini_file: dest='{{ service_filelist }}' section=calibre option='{{ item.option }}' From c215dc0f8f19ec3d462d2d858246f1b2f3599936 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:23:34 -0400 Subject: [PATCH 312/466] Tighter messaging --- roles/nextcloud/tasks/nextcloud_enabled.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml index cc9c26b2c..e78c4dfc5 100644 --- a/roles/nextcloud/tasks/nextcloud_enabled.yml +++ b/roles/nextcloud/tasks/nextcloud_enabled.yml @@ -1,10 +1,10 @@ # This should go in computed_network.yml, but here for now -- name: Compute nextcloud listen ip addr for nextcloud.conf +- name: Compute Nextcloud listen ip addr for nextcloud.conf set_fact: nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}" when: ansible_default_ipv4.network is defined -- name: Enable nextcloud by copying template to httpd config +- name: Enable Nextcloud by copying template to httpd config template: src=nextcloud.conf.j2 dest=/etc/{{ apache_config_dir }}/nextcloud.conf owner=root @@ -12,7 +12,7 @@ mode=0644 when: nextcloud_enabled -- name: Enable nextcloud +- name: Enable Nextcloud file: path=/etc/apache2/sites-enabled/nextcloud.conf src=/etc/apache2/sites-available/nextcloud.conf state=link @@ -23,18 +23,18 @@ state=absent when: not nextcloud_enabled and is_redhat -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted # the install wizard does not succeed if already installed -- name: Determine if nextcloud is installed +- name: Determine if Nextcloud is installed shell: > sudo -u {{ apache_user }} php '{{ nextcloud_prefix }}/nextcloud/occ' status | gawk '/installed:/ { print $3 }' register: returned -- name: Run nextcloud initial install wizard +- name: Run Nextcloud initial install wizard shell: > cd {{ nextcloud_prefix }}/nextcloud; sudo -u {{ apache_user }} php occ maintenance:install @@ -46,13 +46,13 @@ --admin-pass "{{ nextcloud_admin_password }}" when: nextcloud_enabled and returned.stdout == "false" -- name: allow access from all hosts and ips +- name: Allow access from all hosts and ips command: php '{{ nextcloud_prefix }}/nextcloud/occ' config:system:set trusted_domains 1 --value=* become: true become_user: "{{ apache_user }}" when: nextcloud_enabled and returned.stdout == "false" -- name: Determine if nextcloud user exists already +- name: Determine if Nextcloud user exists already shell: > sudo -u {{ apache_user }} php '{{ nextcloud_prefix }}/nextcloud/occ' user:list | @@ -60,7 +60,7 @@ register: returned_count # nextcloud wants to make users rather than just mysql users and not done -- name: create the default user +- name: Create the default user shell: > su -s /bin/sh {{ apache_user }} -c 'OC_PASS={{ nextcloud_user_password }}; From ff378c49339dfea95fe3b694fdbe094a6606f32b Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:44:34 -0400 Subject: [PATCH 313/466] Tighter messaging --- roles/nextcloud/tasks/main.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 06e8c9bfc..67019a3b2 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -9,14 +9,14 @@ # but we use the tar file to get the latest version - name: Get the Nextcloud software - get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} + get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} when: internet_available async: 900 poll: 15 tags: - download -- name: Ubuntu and Debian treat names differently +- name: Ubuntu and Debian treat names differently (debian) package: name={{ item }} state=present with_items: - libapache2-mod-php{{ php_version }} @@ -24,7 +24,7 @@ - php{{ php_version }}-zip when: is_debian -- name: Ubuntu and Debian treat names differently +- name: Ubuntu and Debian treat names differently (ubuntu) package: name={{ item }} state=present with_items: - libapache2-mod-php @@ -33,7 +33,7 @@ - php-mbstring when: is_ubuntu -- name: Install list of packages for debuntu +- name: Install list of packages (debuntu) package: name={{ item }} state=present with_items: - php{{ php_version }}-gd @@ -44,7 +44,7 @@ - php{{ php_version }}-mcrypt when: is_debuntu -- name: Install list of packages +- name: Install list of packages (redhat) package: name={{ item }} state=present with_items: - php @@ -58,14 +58,14 @@ # - php-imagick when: is_redhat -- name: Copy it to permanent location /opt +- name: Copy it to permanent location /opt (OS's other than Fedora 18) unarchive: src={{ downloads_dir }}/{{ nextcloud_src_file }} dest={{ nextcloud_prefix }} creates={{ nextcloud_prefix }}/nextcloud/version.php when: not is_F18 # ansible 1.4.1 does not have "creates" -- name: Copy it to permanent location /opt +- name: Copy it to permanent location /opt (Fedora 18) unarchive: src={{ downloads_dir }}/{{ nextcloud_src_file }} dest={{ nextcloud_prefix }} when: is_F18 @@ -75,7 +75,7 @@ state=directory when: is_centos -- name: Add autoconfig file +- name: Add autoconfig file (CentOS) template: src=autoconfig.php.j2 dest={{ nextcloud_prefix }}/nextcloud/config/autoconfig.php owner={{ apache_user }} @@ -120,7 +120,7 @@ # Enable nextcloud by copying template to httpd config # following enables and disables -- include: nextcloud_enabled.yml +- include_tasks: nextcloud_enabled.yml - name: Add Nextcloud to service list ini_file: dest='{{ service_filelist }}' From 0ad88a3368b0c5e3e40c8b77abb4ea9cfd958770 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:46:47 -0400 Subject: [PATCH 314/466] Update main.yml --- roles/nextcloud/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 67019a3b2..60186385a 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -16,7 +16,7 @@ tags: - download -- name: Ubuntu and Debian treat names differently (debian) +- name: Ubuntu and Debian treat names differently (Debian) package: name={{ item }} state=present with_items: - libapache2-mod-php{{ php_version }} @@ -24,7 +24,7 @@ - php{{ php_version }}-zip when: is_debian -- name: Ubuntu and Debian treat names differently (ubuntu) +- name: Ubuntu and Debian treat names differently (Ubuntu) package: name={{ item }} state=present with_items: - libapache2-mod-php From 6dec11c4eb8a289be07df7b4c628f2f9b3b75602 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:52:18 -0400 Subject: [PATCH 315/466] Messaging cleaner --- roles/kalite/tasks/enable.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/kalite/tasks/enable.yml b/roles/kalite/tasks/enable.yml index 0c62de120..ed278a863 100644 --- a/roles/kalite/tasks/enable.yml +++ b/roles/kalite/tasks/enable.yml @@ -1,18 +1,18 @@ # By the time we get here we should have ka-lite of some version # And the systemd unit files should be defined -- name: Enable kalite-serve service +- name: Enable 'kalite-serve' service service: name=kalite-serve enabled=yes state=started -- name: Disable kalite-serve service +- name: Disable 'kalite-serve' service service: name=kalite-serve enabled=no state=stopped when: not kalite_enabled -# Since Fedora 18 we don't have a separate unit fiile for kalite-cron +# Since Fedora 18 we don't have a separate unit file for kalite-cron - name: Disable kalite cron server F18 service: name=kalite-cron From 26e7c59015e2a679937fabab219b5a97906719be Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:01:26 -0500 Subject: [PATCH 316/466] Cleaner messaging --- roles/kalite/tasks/install.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index ea1d2fd5c..5bbc39d5a 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -1,6 +1,6 @@ # This is for an OS other than Fedora 18 -- name: Install missing packages required for kalite startup +- name: Install missing packages required for KA Lite startup package: name={{ item }} state=present with_items: @@ -10,7 +10,7 @@ get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt when: internet_available -- name: Install ka-lite dependencies with pip +- name: Install KA Lite dependencies with pip (debuntu) pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no @@ -19,7 +19,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install ka-lite with pip +- name: Install KA Lite with pip (OS's other than debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} @@ -29,7 +29,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install ka-lite dependencies with pip +- name: Install KA Lite dependencies with pip (debuntu) pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no @@ -37,7 +37,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and not is_debuntu -- name: Install ka-lite with pip +- name: Install KA Lite with pip (OS's other than debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} @@ -46,7 +46,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and not is_debuntu -- name: Default is to have cronserve started with kalite +- name: Default is to have cronserve started with KA Lite set_fact: job_scheduler_stanza: "" @@ -55,7 +55,7 @@ job_scheduler_stanza: "--skip-job-scheduler " when: not kalite_cron_enabled -- name: Create kalite service(s) and support scripts +- name: Create 'kalite-serve' service, kalite.sh and kalite.conf template: backup=no src={{ item.src }} dest={{ item.dest }} From 1c8110c7e9dd77537d50f581913bd13d959fff5b Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:06:15 -0500 Subject: [PATCH 317/466] Cleaner messaging --- roles/kalite/tasks/install-f18.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/kalite/tasks/install-f18.yml b/roles/kalite/tasks/install-f18.yml index 82910c7c8..bad6c551a 100644 --- a/roles/kalite/tasks/install-f18.yml +++ b/roles/kalite/tasks/install-f18.yml @@ -1,6 +1,6 @@ # This is for Fedora 18, assumed to be an XO -- name: Install dependent packages F18 +- name: Install dependent packages (Fedora 18) package: name={{ item }} state=present with_items: @@ -8,35 +8,35 @@ - expect when: is_F18 -- name: Install dependent pip packages F18 +- name: Install dependent pip packages (Fedora 18) pip: name=selenium - when: internet_available and is_F18 + when: internet_available and is_F18 -- name: Determine if kalite is already downloaded +- name: Determine if KA Lite is already downloaded stat: path={{ downloads_dir }}/ka-lite register: kalite -- name: Download the latest kalite repo +- name: Download the latest KA Lite repo git: repo={{ kalite_repo_url }} dest={{ downloads_dir }}/ka-lite depth=1 version="0.13.x" ignore_errors: yes - when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists + when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists -- name: Create iiab-kalite user and password F18 +- name: Create iiab-kalite user and password (Fedora 18) user: name={{ kalite_user }} password={{ kalite_password_hash }} update_password=on_create -- name: Create kalite_root directory F18 +- name: Create kalite_root directory (Fedora 18) file: path={{ kalite_root }} owner=root group=root mode=0755 state=directory -- name: Copy the kalite repo into place F18 +- name: Copy the KA Lite repo into place (Fedora 18) command: "rsync -at {{ downloads_dir }}/ka-lite/ {{ kalite_root }}" - name: Make kalite_user owner @@ -54,7 +54,7 @@ group={{ kalite_user }} mode=0644 -- name: Create kalite service(s) and support scripts +- name: Create kalite-serve & kalite-cron services, and iiab_cronservectl.sh template: backup=no src={{ item.src }} dest={{ item.dest }} From 9ae9b71690fb6f2434eac00f65003e3b62f92dc8 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:10:13 -0500 Subject: [PATCH 318/466] Tighter messaging --- roles/kalite/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/kalite/tasks/main.yml b/roles/kalite/tasks/main.yml index b0c02471d..ed69c882d 100644 --- a/roles/kalite/tasks/main.yml +++ b/roles/kalite/tasks/main.yml @@ -2,39 +2,39 @@ # Assume all XOs are F18 and nothing else is -- name: Calc kalite db file name F18 +- name: Calc KA Lite db file name (Fedora 18) set_fact: kalite_db_name: "{{ kalite_root }}/kalite/database/data.sqlite" when: is_F18 -- name: Calc kalite db file name +- name: Calc KA Lite db file name (OS's other than Fedora 18) set_fact: kalite_db_name: "{{ kalite_root }}/database/data.sqlite" when: not is_F18 -- name: See if kalite is already configured +- name: See if KA Lite is already configured stat: path="{{ kalite_db_name }}" register: kalite_installed -- include: install-f18.yml +- include_tasks: install-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: install.yml +- include_tasks: install.yml when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 - name: Ask systemd to reread the unit files shell: systemctl daemon-reload when: not kalite_installed.stat.exists -- include: setup-f18.yml +- include_tasks: setup-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: setup.yml +- include_tasks: setup.yml when: not kalite_installed.stat.exists and not is_F18 -- include: enable.yml +- include_tasks: enable.yml -- name: Add kalite to service list +- name: Add 'kalite-serve' to service list ini_file: dest='{{ service_filelist }}' section=kalite option='{{ item.option }}' @@ -43,7 +43,7 @@ - option: name value: kalite - option: description - value: '"KA-Lite is a server to present Khan Academy videos offline and to download them."' + value: '"KA Lite is a server to present Khan Academy videos offline and to download them."' - option: path value: "{{ kalite_root }}" - option: server_name From 89b858df0aaf7b331f7068fd7f4f5fcf2d6eb38a Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:11:53 -0500 Subject: [PATCH 319/466] Clarify messaging --- roles/kalite/tasks/setup-f18.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kalite/tasks/setup-f18.yml b/roles/kalite/tasks/setup-f18.yml index 688ba1c09..23037d260 100644 --- a/roles/kalite/tasks/setup-f18.yml +++ b/roles/kalite/tasks/setup-f18.yml @@ -1,11 +1,11 @@ # This is for Fedora 18, assumed to be an XO -- name: Run the setup using kalite manage F18 +- name: Run the setup using 'kalite manage' (Fedora 18) command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite manage setup --username={{ kalite_user }} --password={{ kalite_password }} --noinput'" async: 900 poll: 10 -- name: Finish setup by running kalite start F18 +- name: Finish setup by running 'kalite start' (Fedora 18) command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite start'" async: 900 poll: 10 From ec28fbc50ef838f023b567921c93989d299ba160 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:12:57 -0500 Subject: [PATCH 320/466] Messaging tweak --- roles/kalite/tasks/setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kalite/tasks/setup.yml b/roles/kalite/tasks/setup.yml index 37d900100..2ad239833 100644 --- a/roles/kalite/tasks/setup.yml +++ b/roles/kalite/tasks/setup.yml @@ -7,7 +7,7 @@ mode=0755 state=directory -- name: Run the setup using kalite manage +- name: Run the setup using 'kalite manage' command: "{{ kalite_program }} manage setup --username={{ kalite_admin_user }} --password={{ kalite_admin_password }} --noinput" environment: KALITE_HOME: "{{ kalite_root }}" From 8b2f69d7b96ec7c5a4364311b5b7c3c0cd9cb298 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 02:50:08 -0500 Subject: [PATCH 321/466] Messaging Clarifs --- roles/cups/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 05dca2a2b..111b5098e 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -22,7 +22,7 @@ state=link when: cups_enabled and is_debuntu -- name: Enable services for CUPS +- name: Enable services for CUPS (OS's other than Fedora 18) service: name={{ item }} state=started enabled=yes @@ -31,7 +31,7 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable services for CUPS for Fedora 18 (XO laptops) +- name: Enable services for CUPS (Fedora 18, for XO laptops) service: name=cups state=started enabled=yes @@ -41,7 +41,7 @@ shell: "cupsctl --remote-admin" when: cups_enabled -- name: Disable services for CUPS +- name: Disable services for CUPS (OS's other than Fedora 18) service: name={{ item }} state=stopped enabled=no @@ -50,7 +50,7 @@ - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for CUPS for Fedora 18 (XO laptops) +- name: Disable services for CUPS (Fedora 18, for XO laptops) service: name=cups state=stopped enabled=no From d8a57c15a11563073770213ebdea53ec2606d528 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 00:04:18 -0600 Subject: [PATCH 322/466] vnstat - guard against iiab_lan_iface not defined in Appliance Mode --- roles/vnstat/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 97ddea6c7..2a42bee7d 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -19,7 +19,7 @@ - name: Create database for LAN to collect vnStat data if not appliance config shell: /usr/bin/vnstat -i {{ iiab_lan_iface }} - when: not iiab_lan_iface == "" + when: iiab_lan_iface is defined - name: Start vnStat daemon via systemd service: name=vnstat enabled=yes state=started From f7ace1858dbc3308b8a565b48c664e3439647ad7 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 6 Nov 2017 07:44:01 -0500 Subject: [PATCH 323/466] revert June 9 change to historical docs https://github.com/jvonau/iiab/commit/f319afa432eaeba937d722d0d20410dec0cba34c#diff-aede8d6f742ef20e82702a1de3b50723 --- README-historical.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README-historical.md b/README-historical.md index 954c97fcc..f1da871b1 100644 --- a/README-historical.md +++ b/README-historical.md @@ -34,8 +34,8 @@ Please read the `installation`_ documentation. See the `XSCE project`_ for more information about the project. -.. _XSCE wiki: https://github.com/XSCE/iiab/wiki -.. _installation: https://github.com/XSCE/iiab/wiki/XSCE-Installation +.. _XSCE wiki: https://github.com/XSCE/xsce/wiki +.. _installation: https://github.com/XSCE/xsce/wiki/XSCE-Installation .. _ansible: http://www.ansibleworks.com/ .. _ansible documentation: http://www.ansibleworks.com/docs/ .. _XSCE project: http://schoolserver.org/ From 788407cc9ae35b1b392d66a74917045a3d16c77b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 27 Aug 2017 23:32:28 -0500 Subject: [PATCH 324/466] correct service name - stock interfaces - rebased edits --- roles/network/tasks/debian.yml | 10 +++------- roles/network/tasks/enable_services.yml | 3 --- roles/network/tasks/restart.yml | 6 ++++++ roles/network/tasks/rpi_debian.yml | 14 ++++---------- 4 files changed, 13 insertions(+), 20 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 27e50359d..7f0223134 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -55,13 +55,9 @@ service: name=networking state=restarted when: interface.changed -- name: Start up hostapd again - service: name=hostapd state=started - when: interface.changed - -- name: dhcpd may be affected - service: name=bind9 state=started - when: interface.changed +- name: start up dhcpcd again + service: name=dhcpcd state=started + when: interface.changed and dhcpcd_result == "enabled" #create lan br0 if lan_controller or gateway #create wan br0 if appliance diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 308a3056f..dd968341a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -110,9 +110,6 @@ - { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' } - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN' } -- name: Execute the script that sets up userspace firewall - shell: iiab-gen-iptables - - name: Add 'squid' to service list ini_file: dest='{{ service_filelist }}' section=squid diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 67ec681a5..61833144b 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -4,6 +4,12 @@ state=stopped when: not dhcpd_enabled +# assume NM is not running +- name: Start dhcpd + service: name=dhcpd + state=started + when: dhcpd_enabled and is_debuntu + - name: Stop named service service: name={{ dns_service }} state=stopped diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index c6e25bd3c..e563634d9 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -63,17 +63,11 @@ ignore_errors: True when: interface.changed -- name: Restart the networking service +- name: start up dhcpcd again + service: name=dhcpcd state=started + +- name: restart the networking service service: name=networking state=restarted - when: interface.changed - -- name: Start up hostapd again - service: name=hostapd state=started - when: interface.changed - -- name: dhcpd may be affected - service: name=bind9 state=started - when: interface.changed #create lan br0 if lan_controller or gateway #create wan br0 if appliance From 78cd58ca8a0e6785e58333e96bf0ae4b76940f40 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 9 Sep 2017 20:54:23 -0500 Subject: [PATCH 325/466] boolean in template needs ==t/f --- roles/network/tasks/debian.yml | 13 +++-- roles/network/tasks/rpi_debian.yml | 5 +- roles/network/templates/network/interfaces.j2 | 48 +++++++++++++++++-- 3 files changed, 58 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 7f0223134..55a538712 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -23,20 +23,27 @@ - name: For upgrades from earlier IIAB 6.2, remove br0 file file: path=/etc/network/interfaces.d/br0 state=absent + when: iiab_lan_iface != "br0" and wan_ip == "dhcp" - name: Default to 'lan_controller' set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined -- name: Recover from putting config in /etc/network/interfaces - template: dest=/etc/network/interfaces - src=network/interfaces.j2 +- name: Supply resolvconf.conf + template: dest=/etc/resolvconf.conf + src=network/resolvconf.j2 + +- name: Supply dhcpcd.conf + template: dest=/etc/dhcpcd.conf + src=network/dhcpcd.conf.j2 + when: dhcpcd_result == "enabled" and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab src=network/iiab.j2 register: interface + when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - name: Start up the dhcpcd service service: name=dhcpcd diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index e563634d9..3aa7b7441 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -21,6 +21,7 @@ - name: On upgrade from earlier IIAB versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent + when: iiab_lan_iface != "br0" and wan_ip == "dhcp" - name: Default to 'LanController' set_fact: @@ -33,12 +34,14 @@ - name: Supply our own dhcpcd.conf template: dest=/etc/dhcpcd.conf - src=network/dhcpcd.conf + src=network/dhcpcd.conf.j2 + when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - name: Copy the network config script template: dest=/etc/network/interfaces.d/iiab src=network/iiab.j2 register: interface + when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - name: If this was a change, things need to shift service: name=hostapd state=stopped diff --git a/roles/network/templates/network/interfaces.j2 b/roles/network/templates/network/interfaces.j2 index 54b3a2db9..fb2e3a28f 100644 --- a/roles/network/templates/network/interfaces.j2 +++ b/roles/network/templates/network/interfaces.j2 @@ -1,9 +1,49 @@ # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). -source /etc/network/interfaces.d/* +{% if iiab_network_mode == "Appliance" %} +################# APPLIANCE ######################### +{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet dhcp +{% else %} # gui_static_wan_ip is set +iface {{ iiab_wan_iface }} inet manual +{% endif %} {# end of dhcp_wan #} -# The loopback network interface -auto lo -iface lo inet loopback +{% if wan_ip != "dhcp" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet static + address {{ wan_ip }} + netmask {{ wan_netmask }} + gateway {{ wan_gateway }} + dns-nameservers {{ wan_nameserver }} + dns-search {{ iiab_domain }} +{% endif %} {# end of static_wan #} +{% elif iiab_network_mode == "Gateway" %} +################# GATEWAY ######################### +auto br0 +iface br0 inet static + bridge_ports {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} + + bridge_maxwait 0 + address {{ lan_ip }} + netmask {{ lan_netmask }} + dns-nameservers {{ lan_ip }} +{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet dhcp +{% else %} # gui_static_wan_ip is set +iface {{ iiab_wan_iface }} inet manual +{% endif %} {# end of dhcp_wan #} + +{% if wan_ip != "dhcp" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet static + address {{ wan_ip }} + netmask {{ wan_netmask }} + gateway {{ wan_gateway }} + dns-nameservers {{ wan_nameserver }} + dns-search {{ iiab_domain }} + {% endif %} +{% else %} {# end of iiab_network_mode == Gateway #} From c326a49de1cde90e094043254561bf6adb8ed95c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 16 Sep 2017 02:07:18 -0500 Subject: [PATCH 326/466] rename interfaces.j2 - rebased - edits --- roles/network/tasks/debian.yml | 20 +++++++++---------- roles/network/tasks/rpi_debian.yml | 2 +- .../network/{interfaces.j2 => systemd.j2} | 0 3 files changed, 11 insertions(+), 11 deletions(-) rename roles/network/templates/network/{interfaces.j2 => systemd.j2} (100%) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 55a538712..8be1ec8f6 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -9,16 +9,16 @@ # 4. In lan_controller: wan is off, eth0 and wlan0 under br0 # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway + +#- name: In upgrade from earlier IIAB 6.2, delete the resolvconf +# package: name=resolvconf +# state=absent +# enabled=False +# ignore_errors: True -- name: In upgrade from earlier IIAB 6.2, delete the resolvconf - package: name=resolvconf - state=absent - enabled=False - ignore_errors: True - -- name: Get the dhcp client daemon used in recent Raspbian - package: name=dhcpcd5 - state=present +#- name: Get the dhcp client daemon used in recent raspbian +# package: name=dhcpcd5 +# state=present - name: For upgrades from earlier IIAB 6.2, remove br0 file file: path=/etc/network/interfaces.d/br0 @@ -41,7 +41,7 @@ - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab - src=network/iiab.j2 + src=network/systemd.j2 register: interface when: iiab_lan_iface == "br0" or wan_ip != "dhcp" diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 3aa7b7441..2f4219aff 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -39,7 +39,7 @@ - name: Copy the network config script template: dest=/etc/network/interfaces.d/iiab - src=network/iiab.j2 + src=network/systemd.j2 register: interface when: iiab_lan_iface == "br0" or wan_ip != "dhcp" diff --git a/roles/network/templates/network/interfaces.j2 b/roles/network/templates/network/systemd.j2 similarity index 100% rename from roles/network/templates/network/interfaces.j2 rename to roles/network/templates/network/systemd.j2 From cc8494608e68732241b233f3fb6ae9988a8bcf9b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 9 Sep 2017 16:12:05 -0500 Subject: [PATCH 327/466] reorder dhcpcd networking services - rebased edits looks weird on redhat add systemd reload --- roles/network/tasks/computed_services.yml | 29 +++++++++++++---- roles/network/tasks/debian.yml | 36 ++++++++++++---------- roles/network/tasks/enable_services.yml | 18 ++++++++++- roles/network/tasks/ifcfg_mods.yml | 4 +++ roles/network/tasks/main.yml | 36 ++++++++++++++-------- roles/network/tasks/restart.yml | 10 +++--- roles/network/tasks/rpi_debian.yml | 8 +++-- roles/network/templates/network/systemd.j2 | 8 ++--- 8 files changed, 103 insertions(+), 46 deletions(-) diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 5b5bac4da..1ba1283d7 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -2,16 +2,12 @@ set_fact: dansguardian_enabled: False squid_enabled: False - named_enabled: True - dhcpd_enabled: False wondershaper_enabled: False iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" or user_lan_iface == "none" - name: LAN configured - 'LanController' mode set_fact: - named_enabled: True - dhcpd_enabled: True dansguardian_enabled: False squid_enabled: False wondershaper_enabled: False @@ -20,11 +16,32 @@ - name: LAN configured - 'Gateway' mode set_fact: - named_enabled: True - dhcpd_enabled: True iiab_network_mode: "Gateway" when: 'iiab_lan_iface != "none" and iiab_wan_iface != "none"' +- name: No LAN configured - non-dnsmasq + set_fact: + named_enabled: True + dhcpd_enabled: False + dns_service2: "{{ dns_service }}" + when: iiab_lan_iface == "none" or user_lan_iface == "none" and dns_service!= "dnsmasq" +# when: iiab_lan_iface == "none" or user_lan_iface == "none" and not dnsmasq_enabled" + +- name: LAN configured - non-dnsmasq + set_fact: + named_enabled: True + dhcpd_enabled: True + dns_service2: "{{ dns_service }}" + when: dns_service != "dnsmasq" and iiab_network_mode != "Appliance" +# when: not dnsmasq_enabled and iiab_network_mode != "Appliance" + +#- name: LAN configured - dnsmasq +# set_fact: +# named_enabled: False +# dhcpd_enabled: False +# dns_service2: dnsmasq +# when: dnsmasq_enabled and iiab_network_mode != "Appliance" + - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' section=network diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 8be1ec8f6..97346ac07 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -25,11 +25,6 @@ state=absent when: iiab_lan_iface != "br0" and wan_ip == "dhcp" -- name: Default to 'lan_controller' - set_fact: - gui_desired_network_role: "lan_controller" - when: not gui_desired_network_role is defined - - name: Supply resolvconf.conf template: dest=/etc/resolvconf.conf src=network/resolvconf.j2 @@ -45,26 +40,33 @@ register: interface when: iiab_lan_iface == "br0" or wan_ip != "dhcp" -- name: Start up the dhcpcd service - service: name=dhcpcd - enabled=True - state=started - - name: If this was a change, things need to shift service: name=hostapd state=stopped when: interface.changed -- name: dhcpd may be affected - service: name=bind9 state=stopped +#- name: dhcpcd may be affected +# service: name=dhcpcd state=stopped +# when: interface.changed and dhcpcd_result == "enabled" + +- name: dns may be affected + service: name={{ dns_service2 }} state=stopped when: interface.changed -- name: Restart the networking service +- name: reload systemd + shell: systemctl daemon-reload + +# now pick up denyinterfaces +- name: restart dhcpcd + service: name=dhcpcd state=restarted + when: interface.changed and dhcpcd_result == "enabled" + +- name: restart the networking service service: name=networking state=restarted when: interface.changed - -- name: start up dhcpcd again - service: name=dhcpcd state=started - when: interface.changed and dhcpcd_result == "enabled" + +- name: dns may be affected + service: name={{ dns_service2 }} state=started + when: interface.changed #create lan br0 if lan_controller or gateway #create wan br0 if appliance diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index dd968341a..e6e47cd48 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -39,7 +39,23 @@ enabled=no when: not named_enabled -- name: Enable DansGuardian +#- name: Enable dnsmasq +# service: name=dnsmasq +# enabled=no +# when: dnsmasq_enabled + +# copy config file +#- name: Supply dnsmasq.conf +# template: dest= +# src= +# when: dnsmasq_enabled + +#- name: Enable dnsmasq +# service: name=dnsmasq +# enabled=yes +# when: dnsmasq_enabled + +- name: Enable dansguardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index b98c9a019..89b03a922 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -67,6 +67,10 @@ - include: enable_wan.yml when: not installing and not iiab_demo_mode +- name: ask systemd to reread the unit files, picks up changes done + shell: systemctl daemon-reload + when: not installing + # monitor-connection-files defaults to no with F21, F18-F20 defaults to yes - name: Re-read network config files shell: nmcli con reload diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 0d8b2b8cc..9bb1763f2 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -40,7 +40,6 @@ - network - domain - ##### Start static ip address info for first run ##### #- include: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' @@ -50,6 +49,9 @@ tags: - network +##### end hostname setup +##### start install portion +# only needs to be done once - include: named.yml tags: - named @@ -80,9 +82,20 @@ tags: - network -- name: Ask systemd to reread the unit files, picks up changes done - shell: systemctl daemon-reload +#### end install portion +#### start network layout +# setting installing would skip configuring network +# but would configure but not start services +- include: computed_network.yml when: not installing + tags: + - network + - network-discover + +# templates needed from above install section live here +- include: enable_services.yml + tags: + - network - include: ifcfg_mods.yml tags: @@ -99,6 +112,11 @@ - network when: is_debuntu and is_rpi and not installing +- include: hostapd.yml + when: not installing + tags: + - network + - name: Create IIAB network flags template: src=network/{{ item }}.j2 dest=/etc/sysconfig/{{ item }} @@ -109,21 +127,15 @@ when: not installing tags: - network +#### end network layout +#### start services - include: computed_services.yml tags: - network -- include: enable_services.yml - tags: - - network - - include: restart.yml when: not installing tags: - network - -- include: hostapd.yml - when: not installing - tags: - - network +#### end services diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 61833144b..4de5c37c4 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -15,12 +15,14 @@ state=stopped when: not named_enabled +#- name: Stop dnsmasq service +# service: name=dnsmasq +# state=stopped +# when: not dnsmasq_enabled + - name: Start named service - service: name={{ dns_service }} + service: name={{ dns_service2 }} state=started - ignore_errors: True - when: named_enabled - register: dns_started - name: Stop DansGuardian service: name=dansguardian diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 2f4219aff..b26cd84f4 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -47,8 +47,8 @@ service: name=hostapd state=stopped when: interface.changed -- name: dhcpd may be affected - service: name=bind9 state=stopped +- name: dhcpcd may be affected + service: name=dhcpcd state=stopped when: interface.changed - name: Tear down any bridge and start fresh @@ -69,6 +69,10 @@ - name: start up dhcpcd again service: name=dhcpcd state=started +# now pick up denyinterfaces +- name: restart dhcpcd + service: name=dhcpcd state=restarted + - name: restart the networking service service: name=networking state=restarted diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index fb2e3a28f..58260354b 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -3,9 +3,9 @@ {% if iiab_network_mode == "Appliance" %} ################# APPLIANCE ######################### -{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet dhcp +iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set iface {{ iiab_wan_iface }} inet manual {% endif %} {# end of dhcp_wan #} @@ -29,9 +29,9 @@ iface br0 inet static address {{ lan_ip }} netmask {{ lan_netmask }} dns-nameservers {{ lan_ip }} -{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet dhcp +iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set iface {{ iiab_wan_iface }} inet manual {% endif %} {# end of dhcp_wan #} From 054fa6b35d9b9984e94eb2744370d42531e7c0cb Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 12 Sep 2017 00:21:41 -0500 Subject: [PATCH 328/466] RFC - re-ordered to allow common shared parts --- roles/network/templates/network/systemd.j2 | 45 +++++++++------------- 1 file changed, 19 insertions(+), 26 deletions(-) diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index 58260354b..271a96e7a 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -1,26 +1,5 @@ -# This file describes the network interfaces available on your system -# and how to activate them. For more information, see interfaces(5). - -{% if iiab_network_mode == "Appliance" %} -################# APPLIANCE ######################### -{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} -auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet manual -{% else %} # gui_static_wan_ip is set -iface {{ iiab_wan_iface }} inet manual -{% endif %} {# end of dhcp_wan #} - -{% if wan_ip != "dhcp" %} -auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet static - address {{ wan_ip }} - netmask {{ wan_netmask }} - gateway {{ wan_gateway }} - dns-nameservers {{ wan_nameserver }} - dns-search {{ iiab_domain }} -{% endif %} {# end of static_wan #} -{% elif iiab_network_mode == "Gateway" %} -################# GATEWAY ######################### +{% if iiab_network_mode != "Appliance" %} +################# LANCONTROLLER ################### auto br0 iface br0 inet static bridge_ports {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} @@ -28,8 +7,22 @@ iface br0 inet static bridge_maxwait 0 address {{ lan_ip }} netmask {{ lan_netmask }} + {% if iiab_network_mode == "Gateway" %} + gateway {{ lan_ip }} + {% endif %} dns-nameservers {{ lan_ip }} -{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} + dns-search {{ iiab_domain }} +{% endif %} +{# end LANCONTROLLER #} + +{% if iiab_network_mode != "LanController" %} +################# GATEWAY or APPLIANCE ######################### +{% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} +# client or user defined +{% endif %} + +{% if dhcpcd_result == "enabled" and is_rpi == "true" %} +#cover rpi auto {{ iiab_wan_iface }} iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set @@ -45,5 +38,5 @@ iface {{ iiab_wan_iface }} inet static dns-nameservers {{ wan_nameserver }} dns-search {{ iiab_domain }} {% endif %} -{% else %} {# end of iiab_network_mode == Gateway #} - +{% endif %} {# end of static_wan #} +{# end of iiab_network_mode != LanController #} From 8cf448155398a76f905e9476809e184d6bbe2d7a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 13 Sep 2017 06:07:25 -0500 Subject: [PATCH 329/466] port dnsmasq over from nginx-rebase-eth0 - rebased edits --- iiab-network | 9 ++- roles/0-vars/defaults/main.yml | 1 + roles/0-vars/tasks/main.yml | 2 + roles/network/defaults/main.yml | 9 +++ roles/network/tasks/computed_services.yml | 28 +++++---- roles/network/tasks/debian.yml | 59 ++++--------------- roles/network/tasks/dhcpd.yml | 1 + roles/network/tasks/dnsmasq.yml | 12 ++++ roles/network/tasks/enable_services.yml | 34 +++++------ roles/network/tasks/ifcfg_mods.yml | 15 ++++- roles/network/tasks/main.yml | 16 +++-- roles/network/tasks/restart.yml | 25 +------- roles/network/tasks/rpi_debian.yml | 33 ----------- .../templates/gateway/iiab-gen-iptables | 9 ++- .../templates/network/dnsmasq.service.rh | 10 ++++ roles/network/templates/network/resolvconf.j2 | 14 +++++ 16 files changed, 134 insertions(+), 143 deletions(-) create mode 120000 roles/0-vars/defaults/main.yml create mode 100644 roles/0-vars/tasks/main.yml create mode 100644 roles/network/tasks/dnsmasq.yml create mode 100644 roles/network/templates/network/dnsmasq.service.rh create mode 100644 roles/network/templates/network/resolvconf.j2 diff --git a/iiab-network b/iiab-network index 9e24154be..863d04da7 100755 --- a/iiab-network +++ b/iiab-network @@ -24,7 +24,8 @@ then touch /etc/iiab/config_vars.yml fi -export ANSIBLE_LOG_PATH="$CWD/iiab-network.log" +Start=`date` +export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local echo "" >> iiab-network.log ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log @@ -32,8 +33,12 @@ if [ ! "OS" == "debian" ]; then nmcli d >> iiab-network.log nmcli c >> iiab-network.log fi +echo "" >> iiab-network.log brctl show >> iiab-network.log -echo "run on:" >> iiab-network.log +echo "" >> iiab-network.log +echo "run start:" >> iiab-network.log +echo "$Start" >> iiab-network.log +echo "run end:" >> iiab-network.log date >> iiab-network.log echo "" >> iiab-network.log echo "" >> iiab-network.log diff --git a/roles/0-vars/defaults/main.yml b/roles/0-vars/defaults/main.yml new file mode 120000 index 000000000..b8fa87d4b --- /dev/null +++ b/roles/0-vars/defaults/main.yml @@ -0,0 +1 @@ +/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/0-vars/tasks/main.yml b/roles/0-vars/tasks/main.yml new file mode 100644 index 000000000..63e84b40a --- /dev/null +++ b/roles/0-vars/tasks/main.yml @@ -0,0 +1,2 @@ +- include: roles/1-prep/tasks/computed_vars.yml +- include: roles/1-prep/tasks/detected_network.yml diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 25c7b6b31..4c42380cd 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -46,3 +46,12 @@ network_config_dir: /etc/network/interfaces.d iiab_network_mode: "Gateway" dns_jail_enabled: False services_externally_visible: False + +# following variables set for old apache,dhcpd,named usage +dhcpd_install: True +dhcpd_enabled: True +named_install: True +named_enabled: True +dnsmasq_install: True +dnsmasq_enabled: True +captive_portal_enabled: False diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 1ba1283d7..e5b3b096f 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -17,30 +17,28 @@ - name: LAN configured - 'Gateway' mode set_fact: iiab_network_mode: "Gateway" - when: 'iiab_lan_iface != "none" and iiab_wan_iface != "none"' + when: iiab_lan_iface != "none" and iiab_wan_iface != "none" - name: No LAN configured - non-dnsmasq set_fact: named_enabled: True dhcpd_enabled: False - dns_service2: "{{ dns_service }}" - when: iiab_lan_iface == "none" or user_lan_iface == "none" and dns_service!= "dnsmasq" -# when: iiab_lan_iface == "none" or user_lan_iface == "none" and not dnsmasq_enabled" + dhcp_service2: "dhcpd" + when: not dnsmasq_enabled and iiab_network_mode == "Appliance" - name: LAN configured - non-dnsmasq set_fact: named_enabled: True dhcpd_enabled: True - dns_service2: "{{ dns_service }}" - when: dns_service != "dnsmasq" and iiab_network_mode != "Appliance" -# when: not dnsmasq_enabled and iiab_network_mode != "Appliance" + dhcp_service2: "dhcpd" + when: not dnsmasq_enabled and iiab_network_mode != "Appliance" -#- name: LAN configured - dnsmasq -# set_fact: -# named_enabled: False -# dhcpd_enabled: False -# dns_service2: dnsmasq -# when: dnsmasq_enabled and iiab_network_mode != "Appliance" +- name: LAN configured - dnsmasq + set_fact: + named_enabled: False + dhcpd_enabled: False + dhcp_service2: "dnsmasq" + when: dnsmasq_install and dnsmasq_enabled and iiab_network_mode != "Appliance" - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' @@ -50,3 +48,7 @@ with_items: - option: 'iiab_network_mode_applied' value: '{{ iiab_network_mode }}' + - option: 'dhcp_service2' + value: '{{ dhcp_service2 }}' + - option: 'dnsmasq_enabled' + value: '{{ dnsmasq_enabled }}' diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 97346ac07..1f1c79e0e 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -44,13 +44,18 @@ service: name=hostapd state=stopped when: interface.changed -#- name: dhcpcd may be affected -# service: name=dhcpcd state=stopped -# when: interface.changed and dhcpcd_result == "enabled" +- name: bind may be affected + service: name={{ dns_service }} state=stopped + when: named_install and dnsmasq_enabled -- name: dns may be affected - service: name={{ dns_service2 }} state=stopped - when: interface.changed +# dhcpd_server release the interface +- name: dhcpd_server may be affected - stopping dhcpd + service: name=dhcpd state=stopped + when: dhcpd_install + +- name: dhcpd_server may be affected - stopping dnsmasq + service: name=dnsmasq state=stopped + when: dnsmasq_install - name: reload systemd shell: systemctl daemon-reload @@ -63,45 +68,3 @@ - name: restart the networking service service: name=networking state=restarted when: interface.changed - -- name: dns may be affected - service: name={{ dns_service2 }} state=started - when: interface.changed - -#create lan br0 if lan_controller or gateway -#create wan br0 if appliance -#allocate wlan0 under br0 in all cases -#allocate eth0 under br0 if appliance, alone if gateway - -- name: Add location section to config file - ini_file: dest='{{ iiab_config_file }}' - section=network - option='{{ item.option }}' - value='{{ item.value }}' - with_items: - - option: 'gateway_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - - option: 'gateway_ifcfg' - value: '{{ has_ifcfg_gw }}' - - option: 'detected_gateway' - value: '{{ discovered_wan_iface }}' - - option: 'prior_gateway' - value: '{{ device_gw2 }}' - - option: 'wireless_list_1' - value: '{{ wifi1 }}' - - option: 'wireless_list_2' - value: '{{ wifi2 }}' - - option: 'num_wifi_interfaces' - value: '{{ num_wifi_interfaces }}' - - option: 'discovered_wireless_iface' - value: '{{ discovered_wireless_iface }}' - - option: 'iiab_wireless_lan_iface' - value: '{{ iiab_wireless_lan_iface }}' - - option: 'num_lan_interfaces' - value: '{{ num_lan_interfaces }}' - - option: 'detected_lan' - value: '{{ discovered_lan_iface }}' - - option: 'static_wan' - value: '{{ gui_static_wan }}' diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index b26ecf73c..4315ba0b5 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -15,6 +15,7 @@ - name: Create non-privileged user user: name=dhcpd createhome=no + when: is_debuntu - name: Configure dhcpd template: src={{ item.src }} diff --git a/roles/network/tasks/dnsmasq.yml b/roles/network/tasks/dnsmasq.yml new file mode 100644 index 000000000..4ffc09dea --- /dev/null +++ b/roles/network/tasks/dnsmasq.yml @@ -0,0 +1,12 @@ +- name: Install dnsmasq + package: name=dnsmasq state=present + +- name: Configure dhcpd + template: src={{ item.src }} + dest={{ item.dest }} + owner=root + group=root + mode={{ item.mode }} + with_items: + - { src: 'network/dnsmasq.service.rh', dest: '/etc/systemd/system/dnsmasq.service', mode: '0644' } + diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e6e47cd48..4a950fecc 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,13 +1,13 @@ - name: Disable dhcpd service service: name=dhcpd enabled=no - when: not dhcpd_enabled + when: not dhcpd_enabled and dhcpd_install # service is restarted with NM dispatcher.d script - name: Enable dhcpd service service: name=dhcpd enabled=yes - when: dhcpd_enabled + when: dhcpd_enabled and dhcpd_install - name: Copy /etc/sysconfig/dhcpd file template: src={{ item.src }} @@ -17,7 +17,7 @@ mode={{ item.mode }} with_items: - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' } - when: dhcpd_enabled + when: dhcpd_enabled and dhcpd_install - name: Copy named file template: src={{ item.src }} @@ -32,28 +32,26 @@ - name: Enable named service service: name={{ dns_service }} enabled=yes - when: named_enabled + when: named_enabled and named_install - name: Disable named service service: name={{ dns_service }} enabled=no - when: not named_enabled + when: not named_enabled and named_install -#- name: Enable dnsmasq -# service: name=dnsmasq -# enabled=no -# when: dnsmasq_enabled +- name: Disable dnsmasq + service: name=dnsmasq + enabled=no + when: not dnsmasq_enabled and dnsmasq_install -# copy config file -#- name: Supply dnsmasq.conf -# template: dest= -# src= -# when: dnsmasq_enabled +- name: dnsmasq copy config file to /etc + template: src=network/dnsmasq.conf dest=/etc/ + when: dnsmasq_enabled and dnsmasq_install -#- name: Enable dnsmasq -# service: name=dnsmasq -# enabled=yes -# when: dnsmasq_enabled +- name: Enable dnsmasq + service: name=dnsmasq + enabled=yes + when: dnsmasq_enabled and dnsmasq_install - name: Enable dansguardian service: name=dansguardian diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 89b03a922..9c4023e42 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -24,6 +24,18 @@ with_items: - "{{ discovered_lan_iface }}" +- name: bind may be affected + service: name={{ dns_service }} state=stopped + when: named_install and dnsmasq_enabled + +- name: dhcpd_server may be affected - stopping dhcpd + service: name=dhcpd state=stopped + when: dhcpd_install + +- name: dhcpd_server may be affected - stopping dnsmasq + service: name=dnsmasq state=stopped + when: dnsmasq_install + - name: Stop the LAN/Bridge deleting iiab-LAN shell: nmcli con delete id iiab-LAN ignore_errors: True @@ -98,4 +110,5 @@ with_items: - "{{ lan_list_result.stdout_lines }}" -# testpoint confirm with 'nmcli c show' 'brctl show' +- name: dhcp_server may be affected - starting - user choice + service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 9bb1763f2..39d48bcdf 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -56,11 +56,19 @@ tags: - named - network + when: named_install - include: dhcpd.yml tags: - dhcpd - network + when: dhcpd_install + +- include: dnsmasq.yml + tags: + - dnsmasq + - network + when: dnsmasq_install - include: squid.yml tags: @@ -92,6 +100,10 @@ - network - network-discover +- include: computed_services.yml + tags: + - network + # templates needed from above install section live here - include: enable_services.yml tags: @@ -130,10 +142,6 @@ #### end network layout #### start services -- include: computed_services.yml - tags: - - network - - include: restart.yml when: not installing tags: diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 4de5c37c4..5619721c7 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,28 +1,7 @@ -# dhcpd service is restarted with NM dispatcher.d script -- name: Stop dhcpd - service: name=dhcpd - state=stopped - when: not dhcpd_enabled - -# assume NM is not running -- name: Start dhcpd - service: name=dhcpd - state=started - when: dhcpd_enabled and is_debuntu - -- name: Stop named service - service: name={{ dns_service }} - state=stopped - when: not named_enabled - -#- name: Stop dnsmasq service -# service: name=dnsmasq -# state=stopped -# when: not dnsmasq_enabled - - name: Start named service - service: name={{ dns_service2 }} + service: name={{ dns_service }} state=started + when: named_enabled and named_install - name: Stop DansGuardian service: name=dansguardian diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index b26cd84f4..189989540 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -80,36 +80,3 @@ #create wan br0 if appliance #allocate wlan0 under br0 in all cases #allocate eth0 under br0 if appliance, alone if gateway - -- name: Add location section to config file - ini_file: dest='{{ iiab_config_file }}' - section=network - option='{{ item.option }}' - value='{{ item.value }}' - with_items: - - option: 'gateway_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - - option: 'gateway_ifcfg' - value: '{{ has_ifcfg_gw }}' - - option: 'detected_gateway' - value: '{{ discovered_wan_iface }}' - - option: 'prior_gateway' - value: '{{ device_gw2 }}' - - option: 'wireless_list_1' - value: '{{ wifi1 }}' - - option: 'wireless_list_2' - value: '{{ wifi2 }}' - - option: 'num_wifi_interfaces' - value: '{{ num_wifi_interfaces }}' - - option: 'discovered_wireless_iface' - value: '{{ discovered_wireless_iface }}' - - option: 'iiab_wireless_lan_iface' - value: '{{ iiab_wireless_lan_iface }}' - - option: 'num_lan_interfaces' - value: '{{ num_lan_interfaces }}' - - option: 'detected_lan' - value: '{{ discovered_lan_iface }}' - - option: 'static_wan' - value: '{{ gui_static_wan }}' diff --git a/roles/network/templates/gateway/iiab-gen-iptables b/roles/network/templates/gateway/iiab-gen-iptables index b45295883..63f3a20ff 100755 --- a/roles/network/templates/gateway/iiab-gen-iptables +++ b/roles/network/templates/gateway/iiab-gen-iptables @@ -57,6 +57,7 @@ calibre_port={{ calibre_port }} kiwix_port={{ kiwix_port }} kalite_server_port={{ kalite_server_port }} block_DNS={{ block_DNS }} +captive_portal_enabled={{ captive_portal_enabled }} echo "Lan is $lan and WAN is $wan" # @@ -112,7 +113,13 @@ if [ "$block_DNS" == "True" ];then $IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53 fi -if [ -f /etc/sysconfig/xs_httpcache_on ]; then +if [ "$captive_portal_enabled" == "True" ];then + $IPTABLES -t mangle -N internet + $IPTABLES -t mangle -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m tcp --dport 80 -j internet + $IPTABLES -t mangle -A internet -j MARK --set-mark 99 + $IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }} + +elif [ -f /etc/sysconfig/xs_httpcache_on ]; then $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d 172.18.96.1 -j DNAT --to 172.18.96.1:3128 fi diff --git a/roles/network/templates/network/dnsmasq.service.rh b/roles/network/templates/network/dnsmasq.service.rh new file mode 100644 index 000000000..79b687f43 --- /dev/null +++ b/roles/network/templates/network/dnsmasq.service.rh @@ -0,0 +1,10 @@ +[Unit] +Description=DNS caching server. +After=network.target + +[Service] +ExecStart=/usr/sbin/dnsmasq -k +ExecStop=/bin/killall -9 dnsmasq + +[Install] +WantedBy=multi-user.target diff --git a/roles/network/templates/network/resolvconf.j2 b/roles/network/templates/network/resolvconf.j2 new file mode 100644 index 000000000..7a8d7461d --- /dev/null +++ b/roles/network/templates/network/resolvconf.j2 @@ -0,0 +1,14 @@ +# Supplied by IIAB +# Configuration for resolvconf(8) +# See resolvconf.conf(5) for details + +resolv_conf=/etc/resolv.conf +# If you run a local name server, you should uncomment the below line and +# configure your subscribers configuration files below. +name_servers=127.0.0.1 + +# Mirror the Debian package defaults for the below resolvers +# so that resolvconf integrates seemlessly. +dnsmasq_resolv=/var/run/dnsmasq/resolv.conf +pdnsd_conf=/etc/pdnsd.conf +unbound_conf=/var/cache/unbound/resolvconf_resolvers.conf From fcb04885024eb1f9fff33c2af2db925ef9bfc6f1 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 13 Sep 2017 08:37:52 -0500 Subject: [PATCH 330/466] use netvars --- roles/0-vars/defaults/main.yml | 1 - roles/0-vars/tasks/main.yml | 2 -- 2 files changed, 3 deletions(-) delete mode 120000 roles/0-vars/defaults/main.yml delete mode 100644 roles/0-vars/tasks/main.yml diff --git a/roles/0-vars/defaults/main.yml b/roles/0-vars/defaults/main.yml deleted file mode 120000 index b8fa87d4b..000000000 --- a/roles/0-vars/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ -/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/0-vars/tasks/main.yml b/roles/0-vars/tasks/main.yml deleted file mode 100644 index 63e84b40a..000000000 --- a/roles/0-vars/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -- include: roles/1-prep/tasks/computed_vars.yml -- include: roles/1-prep/tasks/detected_network.yml From de4be7c6462e4de0bc888ec28921becabc8cd00e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 13 Sep 2017 09:30:59 -0500 Subject: [PATCH 331/466] Everybody is testing debian.yml - Toggle dnsmasq_enabled False - edits use hostapd.yml supplied templates sooner - remove systemd reload and restarted - move restarted to restart.yml live testing --- roles/network/defaults/main.yml | 2 +- roles/network/tasks/hostapd.yml | 24 +-------- roles/network/tasks/main.yml | 20 +++----- roles/network/tasks/restart.yml | 15 ++++++ roles/network/templates/network/dhcpcd.conf | 23 +++++---- .../network/templates/network/dhcpcd.conf.j2 | 50 +++++++++++++++++++ roles/network/templates/network/systemd.j2 | 43 ++++++++++------ 7 files changed, 116 insertions(+), 61 deletions(-) create mode 100644 roles/network/templates/network/dhcpcd.conf.j2 diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 4c42380cd..d405a43c9 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -53,5 +53,5 @@ dhcpd_enabled: True named_install: True named_enabled: True dnsmasq_install: True -dnsmasq_enabled: True +dnsmasq_enabled: False captive_portal_enabled: False diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 6b56a675c..2d6953613 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -6,10 +6,9 @@ mode=0644 when: iiab_wireless_lan_iface != "none" -- name: Disable the Access Point hostapd program +- name: Disable the Access Point Hostapd program service: enabled=no name=hostapd.service - state=stopped when: iiab_wireless_lan_iface == "none" or iiab_network_mode == "Appliance" or not hostapd_enabled - name: Use custom systemd unit file to start hostapd @@ -19,26 +18,7 @@ group=root mode=0644 -- name: Ask systemd to reread the unit files for hostapd - shell: systemctl daemon-reload - -- name: Enable the Access Point hostapd program +- name: Enable the Access Point Hostapd program service: enabled=yes name=hostapd.service - state=restarted when: iiab_wireless_lan_iface != "none" and iiab_network_mode != "Appliance" and hostapd_enabled - -- name: Checking if slave is active waiting 10 seconds - shell: "sleep {{ hostapd_wait }} | brctl show | grep {{ iiab_wireless_lan_iface }}" - ignore_errors: True - changed_when: False - register: wifi_slave - when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" - -- name: Restart hostapd if slave is inactive - service: name=hostapd.service - state=restarted - when: is_debuntu and iiab_lan_iface == "br0" and item|trim == "" - with_items: - - "{{ wifi_slave.stdout }}" - ignore_errors: true diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 39d48bcdf..4304f37b7 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -109,23 +109,17 @@ tags: - network -- include: ifcfg_mods.yml +- include: hostapd.yml + tags: + - network + +- include: ifcfg_mods.yml + when: not is_debuntu and not installing tags: - network - when: is_redhat and not installing - include: debian.yml - tags: - - network - when: is_debuntu and not is_rpi and not installing - -- include: rpi_debian.yml - tags: - - network - when: is_debuntu and is_rpi and not installing - -- include: hostapd.yml - when: not installing + when: is_debuntu and not installing tags: - network diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 5619721c7..62661b19e 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -40,3 +40,18 @@ - name: Run iptables command: /usr/bin/iiab-gen-iptables + +- name: Checking if slave is active waiting 10 seconds + shell: "sleep {{ hostapd_wait }} | brctl show | grep {{ iiab_wireless_lan_iface }}" + ignore_errors: True + changed_when: False + register: wifi_slave + when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" + +- name: Restart hostapd if slave is inactive + service: name=hostapd.service + state=restarted + when: iiab_lan_iface == "br0" and item|trim == "" + with_items: + - "{{ wifi_slave.stdout }}" + ignore_errors: true diff --git a/roles/network/templates/network/dhcpcd.conf b/roles/network/templates/network/dhcpcd.conf index 1db23cae6..a9eaf1c08 100644 --- a/roles/network/templates/network/dhcpcd.conf +++ b/roles/network/templates/network/dhcpcd.conf @@ -37,16 +37,21 @@ require dhcp_server_identifier # Generate Stable Private IPv6 Addresses instead of hardware based ones slaac private -# don't let dhcpcd mess with IIAB LAN -denyinterfaces br0 wlan0 +# IIAB +denyinterfaces {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} {% if iiab_lan_iface != "br0" %} {{ iiab_lan_iface }} {% endif %} -# Example static IP configuration: -{% if gui_static_wan == true %} -interface {{ discovered_wan_iface }} -# strange that dhcpcd does not have a netmask option -- hardcode it FIXME -static ip_address={{ gui_static_wan_ip }}/24 -static routers={{ gui_static_wan_gateway }} -domain_name_servers= {{ gui_static_wan_nameserver }} +{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} +interface {{ iiab_lan_iface }} +static ip_address={{ lan_ip }}/19 +static domain_name_servers=127.0.0.1 +{% endif %} + +# IIAB static IP configuration: +{% if wan_ip != dhcp %} +interface {{ iiab_wan_iface }} +static ip_address={{ wan_ip }}/24 +static routers={{ wan_gateway }} +domain_name_servers= {{ wan_nameserver }} {% endif %} # It is possible to fall back to a static IP if DHCP fails: diff --git a/roles/network/templates/network/dhcpcd.conf.j2 b/roles/network/templates/network/dhcpcd.conf.j2 new file mode 100644 index 000000000..4a598574e --- /dev/null +++ b/roles/network/templates/network/dhcpcd.conf.j2 @@ -0,0 +1,50 @@ +# Supplied by IIAB +# A sample configuration for dhcpcd. +# See dhcpcd.conf(5) for details. + +# Allow users of this group to interact with dhcpcd via the control socket. +#controlgroup wheel + +# Inform the DHCP server of our hostname for DDNS. +hostname + +# Use the hardware address of the interface for the Client ID. +clientid +# or +# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. +# Some non-RFC compliant DHCP servers do not reply with this set. +# In this case, comment out duid and enable clientid above. +#duid + +# Persist interface configuration when dhcpcd exits. +persistent + +# Rapid commit support. +# Safe to enable by default because it requires the equivalent option set +# on the server to actually work. +option rapid_commit + +# A list of options to request from the DHCP server. +option domain_name_servers, domain_name, domain_search, host_name +option classless_static_routes +# Most distributions have NTP support. +option ntp_servers +# Respect the network MTU. This is applied to DHCP routes. +option interface_mtu + +# A ServerID is required by RFC2131. +require dhcp_server_identifier + +# Generate Stable Private IPv6 Addresses instead of hardware based ones +slaac private + +# supplied by IIAB + +denyinterfaces {% if gui_static_wan == true %} {{ iiab_wan_iface }} {% endif %} {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} + +{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} +interface {{ iiab_lan_iface }} +static ip_address={{ lan_ip }}/19 +static routers={{ lan_ip }} +static domain_name_servers={{ lan_ip }} +{% endif %} diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index 271a96e7a..f5d0816a2 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -1,42 +1,53 @@ +# iiab_network_mode is {{ iiab_network_mode }} +# gui_desired_network_role is {{ gui_desired_network_role }} + {% if iiab_network_mode != "Appliance" %} ################# LANCONTROLLER ################### auto br0 +{% if dhcpcd_result == "enabled" %} +iface br0 inet manual +{% else %} iface br0 inet static - bridge_ports {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} - +{% endif %} +{% if discovered_lan_iface != "none" %} + bridge_ports {{ discovered_lan_iface }} +{% endif %} bridge_maxwait 0 +{% if dhcpcd_result != "enabled" %} address {{ lan_ip }} netmask {{ lan_netmask }} - {% if iiab_network_mode == "Gateway" %} - gateway {{ lan_ip }} - {% endif %} - dns-nameservers {{ lan_ip }} +{% endif %} + dns-nameservers 127.0.0.1 dns-search {{ iiab_domain }} {% endif %} {# end LANCONTROLLER #} {% if iiab_network_mode != "LanController" %} ################# GATEWAY or APPLIANCE ######################### +# start dhcp clients {% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} # client or user defined {% endif %} - {% if dhcpcd_result == "enabled" and is_rpi == "true" %} #cover rpi +#auto {{ iiab_wan_iface }} +#iface {{ iiab_wan_iface }} inet manual +{% endif %} +{% if dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} +#cover butt auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet manual -{% else %} # gui_static_wan_ip is set -iface {{ iiab_wan_iface }} inet manual -{% endif %} {# end of dhcp_wan #} - -{% if wan_ip != "dhcp" %} +iface {{ iiab_wan_iface }} inet dhcp +{% endif %} +# end dhcp clients +# static wan +{% if wan_ip != "dhcp" and dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} iface {{ iiab_wan_iface }} inet static address {{ wan_ip }} netmask {{ wan_netmask }} gateway {{ wan_gateway }} - dns-nameservers {{ wan_nameserver }} + dns-nameservers 127.0.0.1 {{ wan_nameserver }} dns-search {{ iiab_domain }} - {% endif %} {% endif %} {# end of static_wan #} -{# end of iiab_network_mode != LanController #} + +{% endif %} {# end of iiab_network_mode != LanController #} From 5ca8db9d093483ac9ae0bed55c739860f32a091d Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Fri, 15 Sep 2017 11:56:57 -0500 Subject: [PATCH 332/466] lose rpi_debian - rebased -- dropped file --- iiab-network | 17 +++++++++++------ roles/network/tasks/debian.yml | 7 +++++++ roles/network/tasks/ifcfg_mods.yml | 4 ++++ roles/network/tasks/restart.yml | 6 +++--- roles/network/tasks/squid.yml | 10 +++++----- 5 files changed, 30 insertions(+), 14 deletions(-) diff --git a/iiab-network b/iiab-network index 863d04da7..87be5ccdc 100755 --- a/iiab-network +++ b/iiab-network @@ -27,18 +27,23 @@ fi Start=`date` export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local +End=`date` echo "" >> iiab-network.log -ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log if [ ! "OS" == "debian" ]; then + ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log nmcli d >> iiab-network.log nmcli c >> iiab-network.log fi echo "" >> iiab-network.log -brctl show >> iiab-network.log +ip r >> iiab-network.log echo "" >> iiab-network.log -echo "run start:" >> iiab-network.log -echo "$Start" >> iiab-network.log -echo "run end:" >> iiab-network.log -date >> iiab-network.log +brctl show br0>> iiab-network.log +echo "run start: $Start" >> iiab-network.log +echo "run end: $End" >> iiab-network.log echo "" >> iiab-network.log echo "" >> iiab-network.log +ip r +brctl show br0 +echo "run start:$Start" +echo "run end: $End" + diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 1f1c79e0e..7845c7524 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -68,3 +68,10 @@ - name: restart the networking service service: name=networking state=restarted when: interface.changed + +- name: restart hostapd when wifi is present + service: name=hostapd state=started + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + +- name: dhcp_server may be affected - starting - user choice + service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 9c4023e42..39c4d0156 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -110,5 +110,9 @@ with_items: - "{{ lan_list_result.stdout_lines }}" +- name: restart hostapd when wifi is present + service: name=hostapd state=started + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 62661b19e..2180daf51 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -41,14 +41,14 @@ - name: Run iptables command: /usr/bin/iiab-gen-iptables -- name: Checking if slave is active waiting 10 seconds - shell: "sleep {{ hostapd_wait }} | brctl show | grep {{ iiab_wireless_lan_iface }}" +- name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds + shell: "sleep {{ hostapd_wait }} | brctl show br0 | grep {{ iiab_wireless_lan_iface }}" ignore_errors: True changed_when: False register: wifi_slave when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" -- name: Restart hostapd if slave is inactive +- name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted when: iiab_lan_iface == "br0" and item|trim == "" diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 595a24e06..1abadaf4b 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -67,11 +67,11 @@ - include: dansguardian.yml when: dansguardian_install -- name: Stop Squid - service: name={{ proxy }} - state=stopped - ignore_errors: yes - when: not installing +#- name: Stop Squid +# service: name={{ proxy }} +# state=stopped +# ignore_errors: yes +# when: not installing - name: Add Squid to service list ini_file: dest='{{ service_filelist }}' From 8cad64c34a3e97b02fc07f672d783517d5f9f293 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Fri, 15 Sep 2017 23:43:15 -0500 Subject: [PATCH 333/466] fix proper runtags support --- roles/network/defaults/main.yml | 2 +- roles/network/tasks/enable_services.yml | 2 +- roles/network/tasks/main.yml | 12 ++++++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index d405a43c9..a354fd7ac 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -52,6 +52,6 @@ dhcpd_install: True dhcpd_enabled: True named_install: True named_enabled: True -dnsmasq_install: True dnsmasq_enabled: False +dnsmasq_install: False captive_portal_enabled: False diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 4a950fecc..e15d8ab0a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -66,7 +66,7 @@ - name: Create xs_httpcache flag shell: echo 1 > /etc/sysconfig/xs_httpcache_on creates=/etc/sysconfig/xs_httpcache_on - when: squid_enabled + when: squid_enabled and squid_install - name: Enable Squid service service: name={{ proxy }} diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 4304f37b7..5a82d6d55 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -103,11 +103,19 @@ - include: computed_services.yml tags: - network + - named + - dhcpd + - dnsmasq + - squid # templates needed from above install section live here - include: enable_services.yml tags: - network + - named + - dhcpd + - dnsmasq + - squid - include: hostapd.yml tags: @@ -140,4 +148,8 @@ when: not installing tags: - network + - named + - dhcpd + - dnsmasq + - squid #### end services From ea44bcaf05a8601dc054a50b69b06bb2e69f0d5e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 13:49:38 -0500 Subject: [PATCH 334/466] split installing out of main.yml --- roles/network/tasks/installing.yml | 34 ++++++++++++++++++++++++++++++ roles/network/tasks/main.yml | 30 ++------------------------ 2 files changed, 36 insertions(+), 28 deletions(-) create mode 100644 roles/network/tasks/installing.yml diff --git a/roles/network/tasks/installing.yml b/roles/network/tasks/installing.yml new file mode 100644 index 000000000..0d985a5e5 --- /dev/null +++ b/roles/network/tasks/installing.yml @@ -0,0 +1,34 @@ +# only needs to be done once +- include: named.yml + tags: + - named + - network + when: named_install + +- include: dhcpd.yml + tags: + - dhcpd + - network + when: dhcpd_install + +- include: dnsmasq.yml + tags: + - dnsmasq + - network + when: dnsmasq_install + +- include: squid.yml + tags: + - squid + - network + when: squid_install + +- include: wondershaper.yml + tags: + - wondershaper + - network + +- include: iptables.yml + tags: + - iptables + - network diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 5a82d6d55..6d00bc585 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -52,39 +52,13 @@ ##### end hostname setup ##### start install portion # only needs to be done once -- include: named.yml +- include: installing.yml tags: + - network - named - - network - when: named_install - -- include: dhcpd.yml - tags: - dhcpd - - network - when: dhcpd_install - -- include: dnsmasq.yml - tags: - dnsmasq - - network - when: dnsmasq_install - -- include: squid.yml - tags: - squid - - network - when: squid_install - -- include: wondershaper.yml - tags: - - wondershaper - - network - -- include: iptables.yml - tags: - - iptables - - network - include: avahi.yml tags: From 8bb61669144fe920e5b907b70d0667a5cff8a5aa Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 14:27:06 -0500 Subject: [PATCH 335/466] network install once --- roles/network/tasks/main.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 6d00bc585..4a1db623f 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -15,6 +15,8 @@ src=network/hostname.j2 owner=root mode=0644 + when: is_debuntu + register: hostname_change tags: - network - domain @@ -25,6 +27,8 @@ owner=root group=root mode=0644 + when: is_redhat + register: hostname_change tags: - network - domain @@ -35,7 +39,6 @@ mode=0644 with_items: - iiab_domain_name - register: domainname tags: - network - domain @@ -48,17 +51,20 @@ - include: hosts.yml tags: - network + - domain ##### end hostname setup ##### start install portion # only needs to be done once - include: installing.yml + when: hostname_change.changed or installing tags: - network - named - dhcpd - dnsmasq - squid + - domain - include: avahi.yml tags: From 5cd426fa897e41444448b17af551e0165abf00a5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 15:09:43 -0500 Subject: [PATCH 336/466] redhat debugging and remove dup'd stanzas --- roles/network/tasks/detected_network.yml | 19 +++++++++++++++++++ roles/network/tasks/main.yml | 10 +++++----- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index f8e1e569a..6c422a746 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -30,6 +30,25 @@ include: detected_redhat.yml when: is_redhat +- name: check to see if dhcpcd is installed and active - Can Fail + shell: systemctl is-enabled dhcpcd + register: dhcpcd_test + ignore_errors: True + +- name: setting dhcpcd_test results + set_fact: + dhcpcd_result: "{{ dhcpcd_test.stdout }}" + +- name: check /etc/network/interfaces for gateway + shell: grep {{ device_gw }} /etc/network/interfaces | wc -l + when: is_debuntu + register: wan_file + +- name: setting wan_in_interfaces + set_fact: + wan_in_interfaces: True + when: is_debuntu and wan_file.stdout|int >= "0" + # WIRELESS -- if any wireless is detected as gateway, it becomes WAN - name: Look for any wireless interfaces shell: "cat /proc/net/wireless | grep -v -e Inter -e face | awk -F: '{print $1}' " diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 4a1db623f..e0eba0efe 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -74,11 +74,11 @@ #### start network layout # setting installing would skip configuring network # but would configure but not start services -- include: computed_network.yml - when: not installing - tags: - - network - - network-discover +#- include: computed_network.yml +# when: not installing +# tags: +# - network +# - network-discover - include: computed_services.yml tags: From a60661f45ccd3cad4356cdccfdf0d0e9abb95fa9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 15:25:57 -0500 Subject: [PATCH 337/466] move avahi package install --- roles/2-common/tasks/packages.yml | 6 ++++++ roles/network/tasks/avahi.yml | 22 ---------------------- 2 files changed, 6 insertions(+), 22 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index e409b5dee..3dc470753 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -36,6 +36,9 @@ - linux-firmware - syslog - xml-common + - nss-mdns + - avahi + - avahi-tools when: is_redhat - name: Download usbmount -- not in debian-9 @@ -52,6 +55,9 @@ with_items: - inetutils-syslogd - wpasupplicant + - libnss-mdns + - avahi-daemon + - avahi-discover when: is_debuntu - name: Install common packages diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index 517ddb808..0801a477f 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -1,25 +1,3 @@ -- name: Install avahi package - package: name={{ item }} - state=present - with_items: - - libnss-mdns - - avahi-daemon - - avahi-discover - when: is_debuntu - tags: - - download - -- name: Install avahi package - package: name={{ item }} - state=present - with_items: - - nss-mdns - - avahi - - avahi-tools - when: not is_debuntu - tags: - - download - - name: Create a user for avahi user: name=avahi createhome=no From 82854b94a14f25c0e02fad6748f53f3799740134 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 26 Sep 2017 01:47:26 -0500 Subject: [PATCH 338/466] too fancy atm --- roles/network/tasks/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index e0eba0efe..bf6a96334 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -57,7 +57,6 @@ ##### start install portion # only needs to be done once - include: installing.yml - when: hostname_change.changed or installing tags: - network - named @@ -65,6 +64,8 @@ - dnsmasq - squid - domain +# when: hostname_change.changed or installing + - include: avahi.yml tags: From aab78257d45574e0dbf671333bd72f9a746893ae Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 26 Sep 2017 00:54:58 -0500 Subject: [PATCH 339/466] disable stock isc-dhcp-server config --- roles/network/tasks/enable_services.yml | 5 +++++ vars/debian-9.yml | 1 + 2 files changed, 6 insertions(+) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e15d8ab0a..e9ec16eef 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,3 +1,8 @@ +- name: Disable stock dhcp_service service + service: name={{ dhcp_service }} + enabled=no + when: dhcpd_install and first_run and is_debian_9 + - name: Disable dhcpd service service: name=dhcpd enabled=no diff --git a/vars/debian-9.yml b/vars/debian-9.yml index 1e1697783..4145ed60a 100644 --- a/vars/debian-9.yml +++ b/vars/debian-9.yml @@ -2,6 +2,7 @@ is_debuntu: True is_debian: True is_debian_9: True dns_service: bind9 +dhcp_service: isc-dhcp-server dns_user: bind proxy: squid proxy_user: proxy From c1a272cd90f0ba7ddea7bb0867b94f5668e3ef85 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 10 Oct 2017 13:06:20 -0500 Subject: [PATCH 340/466] treat ubuntu same as debian --- roles/network/tasks/enable_services.yml | 5 +++-- vars/ubuntu-16.yml | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e9ec16eef..f3840dc2a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,7 +1,8 @@ -- name: Disable stock dhcp_service service +- name: Disable stock dhcp_service service: name={{ dhcp_service }} enabled=no - when: dhcpd_install and first_run and is_debian_9 + state=stopped + when: dhcpd_install and first_run - name: Disable dhcpd service service: name=dhcpd diff --git a/vars/ubuntu-16.yml b/vars/ubuntu-16.yml index 1971d5a18..be62d0718 100644 --- a/vars/ubuntu-16.yml +++ b/vars/ubuntu-16.yml @@ -2,6 +2,7 @@ is_debuntu: True is_ubuntu: True dns_service: bind9 dns_user: bind +dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 From b17bc7f7799d7b3ebfb45b3a981902f177924013 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 15 Oct 2017 20:33:12 -0500 Subject: [PATCH 341/466] tighten up hostapd check --- roles/network/tasks/restart.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 2180daf51..30ef4a84b 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -43,15 +43,12 @@ - name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds shell: "sleep {{ hostapd_wait }} | brctl show br0 | grep {{ iiab_wireless_lan_iface }}" - ignore_errors: True - changed_when: False - register: wifi_slave when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" + register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_lan_iface == "br0" and item|trim == "" + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and item|trim == "" with_items: - "{{ wifi_slave.stdout }}" - ignore_errors: true From e4ff73bf92bf7a90f18f5e0f0f0c587369e48ac8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 15 Oct 2017 20:34:37 -0500 Subject: [PATCH 342/466] reduce hostapd wait time --- roles/network/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index a354fd7ac..9a546c8c1 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -33,7 +33,7 @@ wondershaper_upspeed: "1024" # WiFi host_ssid: IIAB -hostapd_wait: 10 +hostapd_wait: 1 host_wifi_mode: g host_channel: 6 host_wireless_n: False From 2b3b285f47827906677919a3f6db2c7d1ba3fe67 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 17 Oct 2017 09:22:06 -0500 Subject: [PATCH 343/466] centos - add dhcp_service --- vars/centos-7.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/centos-7.yml b/vars/centos-7.yml index f852434f6..79a654af3 100644 --- a/vars/centos-7.yml +++ b/vars/centos-7.yml @@ -12,6 +12,7 @@ smb_service: smb nmb_service: nmb systemctl_program: /usr/bin/systemctl mysql_service: mariadb +dhcp_service: dhcpd apache_log: /var/log/httpd/access_log sshd_service: sshd php_version: 7.0 From 28a1ebb1b03877919b93247b7e29034680449989 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 17 Oct 2017 10:18:59 -0500 Subject: [PATCH 344/466] dhcp_service first_run add is_debuntu only --- roles/network/tasks/enable_services.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index f3840dc2a..ab3f82733 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -2,7 +2,7 @@ service: name={{ dhcp_service }} enabled=no state=stopped - when: dhcpd_install and first_run + when: dhcpd_install and first_run and is_debuntu - name: Disable dhcpd service service: name=dhcpd From f06c4154443ac6c2bd1f59226f2ed48122d16f24 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Fri, 27 Oct 2017 11:24:22 -0500 Subject: [PATCH 345/466] raspbian - dhcp_service: isc-dhcp-server --- vars/raspbian-9.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/raspbian-9.yml b/vars/raspbian-9.yml index e18c339da..ad0e0a408 100644 --- a/vars/raspbian-9.yml +++ b/vars/raspbian-9.yml @@ -5,6 +5,7 @@ rtc_id: ds3231 dns_service: bind9 dns_user: bind +dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 From 47c497ca096ecaa59ace395eb881b5fceca36073 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 13:30:27 -0500 Subject: [PATCH 346/466] introduce iiab-steps.yml --- iiab-steps.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 iiab-steps.yml diff --git a/iiab-steps.yml b/iiab-steps.yml new file mode 100644 index 000000000..66c97721c --- /dev/null +++ b/iiab-steps.yml @@ -0,0 +1,29 @@ +--- +- hosts: all + become: yes + + vars_files: + - vars/default_vars.yml + - vars/{{ ansible_local.local_facts.os_ver }}.yml + - vars/local_vars.yml + + roles: + - { role: 0-init, tags: ['0-init'] } + - { role: 1-prep, tags: ['1-prep','platform','base'], + when: ansible_local.local_facts.stage|int < 1 } + - { role: 2-common, tags: ['2-common','base'], + when: ansible_local.local_facts.stage|int < 2 } + - { role: 3-base-server, tags: ['3-base-server','base'], + when: ansible_local.local_facts.stage|int < 3 } + - { role: 4-server-options, tags: ['4-server-options'], + when: ansible_local.local_facts.stage|int < 4 } + - { role: 5-xo-services, tags: ['5-xo-services'], + when: ansible_local.local_facts.stage|int < 5 } + - { role: 6-generic-apps, tags: ['6-generic-apps'], + when: ansible_local.local_facts.stage|int < 6 } + - { role: 7-edu-apps, tags: ['7-edu-apps'], + when: ansible_local.local_facts.stage|int < 7 } + - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'], + when: ansible_local.local_facts.stage|int < 8 } + - { role: 9-local-addons, tags: ['9-local-addons'], + when: ansible_local.local_facts.stage|int < 9 } From 7c8b2e16419cad87484f88ae304b77d9cce58e86 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 11:31:32 -0500 Subject: [PATCH 347/466] introduce 'stage' --- scripts/local_facts.fact | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/scripts/local_facts.fact b/scripts/local_facts.fact index 4d9da02d6..43f8ab6f5 100755 --- a/scripts/local_facts.fact +++ b/scripts/local_facts.fact @@ -41,9 +41,20 @@ else XO_VERSION="none" fi +# upgrades return found, clean installs return 0 +# interruptions return last stage number recorded (1-9) +if [ -f /etc/iiab/iiab.env ] +then + STAGE=0 + source /etc/iiab/iiab.env + STAGE=$STAGE +else + STAGE=0 +fi ANSIBLE_VERSION=$(ansible --version|head -n 1|cut -f 2 -d " ") cat <<EOF {"phplib_dir" : "$PHPLIB_DIR", +"stage" : "$STAGE", "iiab_branch" : "$BRANCH", "iiab_commit" : "$COMMIT", "xo_model" : "$XO_VERSION", From ef914cac7c49f0983d628aec3e5378304f0be6bb Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 12:42:51 -0500 Subject: [PATCH 348/466] activate old marker code --- roles/3-base-server/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 3aa90c43b..ca7c86b66 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -31,11 +31,11 @@ when: not installing # If we got here we're done -#- name: Record base gui version -# lineinfile: dest=/etc/iiab/iiab.env -# regexp='^BASE_VERSION=*' -# line='BASE_VERSION="{{ gui_version }}"' -# state=present +- name: Record STAGE + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=3' + state=present - name: ...HAS COMPLETED ==================================== command: echo From d907568c4b83f3de085cc969280b13ca48529696 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 12:46:47 -0500 Subject: [PATCH 349/466] move iiab.env template - add starting STAGE=1 - update STAGE on the fly part 1 --- roles/1-prep/tasks/main.yml | 8 ++++++++ roles/1-prep/templates/iiab.env.j2 | 1 + roles/2-common/tasks/main.yml | 6 ++++++ roles/4-server-options/tasks/main.yml | 12 +++++------- 4 files changed, 20 insertions(+), 7 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index e6e2b382a..02e39ccd1 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -88,5 +88,13 @@ url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 +# this script can be sourced to get IIAB location +- name: Create iiab.env file + template: src=roles/1-prep/templates/iiab.env.j2 + dest=/etc/iiab/iiab.env + owner=root + group=root + mode=0644 + - name: ...HAS COMPLETED =========================================== command: echo diff --git a/roles/1-prep/templates/iiab.env.j2 b/roles/1-prep/templates/iiab.env.j2 index b472d4fe6..bd08f9441 100644 --- a/roles/1-prep/templates/iiab.env.j2 +++ b/roles/1-prep/templates/iiab.env.j2 @@ -5,3 +5,4 @@ IIAB_DIR={{ iiab_dir }} OS={{ ansible_local.local_facts.os }} OS_VER={{ ansible_local.local_facts.os_ver }} WWWROOT={{ doc_root }} +STAGE=1 diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index bfb69887b..e67044a85 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -48,5 +48,11 @@ - include: udev.yml +- name: Record STAGE + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=2' + state=present + - name: ...HAS COMPLETED ========================================= command: echo diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 7efdffe74..fb22f6d0e 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -57,13 +57,11 @@ when: usb_lib_install tags: usb-lib -# this script can be sourced to get IIAB location -- name: Create iiab.env file - template: src=roles/1-prep/templates/iiab.env.j2 - dest=/etc/iiab/iiab.env - owner=root - group=root - mode=0644 +- name: Record STAGE + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=4' + state=present - name: Put a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 From d981d55fdeeecc76fb7cb0b917a4716a3eba85c1 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 12:53:47 -0500 Subject: [PATCH 350/466] update STAGE on the fly part 2 --- roles/5-xo-services/tasks/main.yml | 6 ++++++ roles/6-generic-apps/tasks/main.yml | 6 ++++++ roles/7-edu-apps/tasks/main.yml | 6 ++++++ roles/8-mgmt-tools/tasks/main.yml | 6 ++++++ 4 files changed, 24 insertions(+) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 2ee59d9e0..6e99a3299 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -21,5 +21,11 @@ when: idmgr_install tags: olpc, idmgr +- name: Record STAGE 5 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=5' + state=present + - name: ...HAS COMPLETED ==================================== command: echo diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 6b4deeb49..969450b36 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -45,5 +45,11 @@ when: wordpress_install tags: wordpress +- name: Record STAGE 6 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=6' + state=present + - name: ...HAS COMPLETED =================================== command: echo diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index d484570b1..d5a5e97b3 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -39,5 +39,11 @@ when: sugarizer_install tags: sugarizer +- name: Record STAGE 7 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=7' + state=present + - name: ...HAS COMPLETED ======================================= command: echo diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 01920102d..9351d6770 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -51,5 +51,11 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis +- name: Record STAGE 8 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=8' + state=present + - name: ...HAS COMPLETED ===================================== command: echo From ff626df2f4de70b4e5c729b470490392b54d805f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 29 Oct 2017 01:53:13 -0500 Subject: [PATCH 351/466] cherry-pick f6ddc8ecfbf736dd0bbaf034c9943ee0b2ae7d6d --- roles/1-prep/tasks/computed_vars.yml | 63 +++++++++++++++------------- 1 file changed, 34 insertions(+), 29 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index ae53e7970..28ba861d6 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -6,8 +6,9 @@ # set top level variables from local facts for convenience - set_fact: - xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}' - phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}' + xo_model: '{{ ansible_local.local_facts.xo_model }}' + phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' + iiab_stage: '{{ ansible_local.local_facts.stage }}' - name: Set exFAT enabled for XO laptops set_fact: @@ -46,33 +47,6 @@ file: path=/tmp/heart-beat.txt state=absent -- name: add version section - ini_file: dest='{{ iiab_config_file }}' - section=runtime - option='{{ item.option }}' - value='{{ item.value }}' - with_items: - - option: 'runtime_branch' - value: '{{ ansible_local["local_facts"]["iiab_branch"] }}' - - option: 'runtime_commit' - value: '{{ ansible_local["local_facts"]["iiab_commit"] }}' - - option: 'runtime_date' - value: '{{ ansible_date_time["iso8601"] }}' - - option: 'runtime_php' - value: '{{ phplib_dir }}' - - option: 'kernel' - value: '{{ ansible_kernel }}' - - option: 'memory_mb' - value: '{{ ansible_memtotal_mb }}' - - option: 'swap_mb' - value: '{{ ansible_swaptotal_mb }}' - - option: 'product_id' - value: '{{ ansible_product_uuid }}' - - option: 'gw_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC set_fact: local_tz='UTC' @@ -176,3 +150,34 @@ set_fact: is_CentOS: True when: ansible_distribution == "CentOS" + +- name: add version section + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'iiab_stage' + value: '{{ iiab_stage }}' + - option: 'runtime_php' + value: '{{ phplib_dir }}' + - option: 'runtime_branch' + value: '{{ ansible_local.local_facts.iiab_branch }}' + - option: 'runtime_commit' + value: '{{ ansible_local.local_facts.iiab_commit }}' + - option: 'runtime_date' + value: '{{ ansible_date_time.iso8601 }}' + - option: 'ansible_version' + value: '{{ ansible_local.local_facts.ansible_version }}' + - option: 'kernel' + value: '{{ ansible_kernel }}' + - option: 'memory_mb' + value: '{{ ansible_memtotal_mb }}' + - option: 'swap_mb' + value: '{{ ansible_swaptotal_mb }}' + - option: 'product_id' + value: '{{ ansible_product_uuid }}' + - option: 'gw_active' + value: '{{ gw_active }}' + - option: 'internet_available' + value: '{{ internet_available }}' From dc15f066b9fa81c9b42f84dc14388c5d3a84382e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 12:02:18 -0500 Subject: [PATCH 352/466] partial cherry-pick of 87c81df5e0f4c938ac03df92433bcfc31a0294e0 --- scripts/local_facts.fact | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/local_facts.fact b/scripts/local_facts.fact index 43f8ab6f5..54863bcd7 100755 --- a/scripts/local_facts.fact +++ b/scripts/local_facts.fact @@ -45,7 +45,7 @@ fi # interruptions return last stage number recorded (1-9) if [ -f /etc/iiab/iiab.env ] then - STAGE=0 + STAGE=1 source /etc/iiab/iiab.env STAGE=$STAGE else @@ -58,7 +58,7 @@ cat <<EOF "iiab_branch" : "$BRANCH", "iiab_commit" : "$COMMIT", "xo_model" : "$XO_VERSION", -"ansble_version" : "$ANSIBLE_VERSION", +"ansible_version" : "$ANSIBLE_VERSION", "os" : "$OS", "os_ver" : "$OS_VER"} From 17bd76097d3686b54796fe3fdf9e22be0d5f723f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 12:14:09 -0500 Subject: [PATCH 353/466] partial cherry-pick of 0026446a800b345a7cbc7314ce10de0ea85efb0a --- roles/1-prep/tasks/main.yml | 7 ++----- roles/2-common/tasks/main.yml | 7 ++----- roles/3-base-server/tasks/main.yml | 8 ++------ roles/4-server-options/tasks/main.yml | 14 +++++--------- roles/5-xo-services/tasks/main.yml | 8 ++------ roles/6-generic-apps/tasks/main.yml | 8 ++------ roles/7-edu-apps/tasks/main.yml | 8 ++------ roles/8-mgmt-tools/tasks/main.yml | 7 ++----- roles/9-local-addons/tasks/main.yml | 9 ++++++--- 9 files changed, 25 insertions(+), 51 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 02e39ccd1..84ae926eb 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,6 +1,6 @@ # Preparations (Hardware Level) -- name: ...IS BEGINNING ============================================ +- name: ...IS BEGINNING ================================== command: echo - name: Get the uuidgen program @@ -89,12 +89,9 @@ when: first_run and usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location -- name: Create iiab.env file +- name: Recording STAGE 1 HAS COMPLETED ================== template: src=roles/1-prep/templates/iiab.env.j2 dest=/etc/iiab/iiab.env owner=root group=root mode=0644 - -- name: ...HAS COMPLETED =========================================== - command: echo diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index e67044a85..acaacc99f 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,6 +1,6 @@ # Common OS-Level Additions & Mods (that only need to be performed once) -- name: ...IS BEGINNING ========================================== +- name: ...IS BEGINNING ================================== command: echo #- include: iiab_ini.yml @@ -48,11 +48,8 @@ - include: udev.yml -- name: Record STAGE +- name: Recording STAGE 2 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=2' state=present - -- name: ...HAS COMPLETED ========================================= - command: echo diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index ca7c86b66..e59553e9e 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,6 +1,5 @@ # Base Server - -- name: ...IS BEGINNING ===================================== +- name: ...IS BEGINNING ================================== command: echo - name: HTTPD @@ -30,12 +29,9 @@ state=restarted when: not installing -# If we got here we're done -- name: Record STAGE +- name: Record STAGE 3 HAS COMPLETED ===================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=3' state=present -- name: ...HAS COMPLETED ==================================== - command: echo diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index fb22f6d0e..2b68861eb 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -1,5 +1,4 @@ # Server Options - - name: ...IS BEGINNING ================================== command: echo @@ -57,12 +56,6 @@ when: usb_lib_install tags: usb-lib -- name: Record STAGE - lineinfile: dest=/etc/iiab/iiab.env - regexp='^STAGE=*' - line='STAGE=4' - state=present - - name: Put a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py @@ -71,5 +64,8 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: ...HAS COMPLETED ================================= - command: echo +- name: Recording STAGE 4 HAS COMPLETED ================== + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=4' + state=present diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 6e99a3299..bc9c20653 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,6 +1,5 @@ # XO Services - -- name: ...IS BEGINNING ===================================== +- name: ...IS BEGINNING ================================== command: echo - name: ACTIVITY-SERVER @@ -21,11 +20,8 @@ when: idmgr_install tags: olpc, idmgr -- name: Record STAGE 5 +- name: Recording STAGE 5 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=5' state=present - -- name: ...HAS COMPLETED ==================================== - command: echo diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 969450b36..9cf53a700 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,6 +1,5 @@ # Generic Apps - -- name: ...IS BEGINNING ==================================== +- name: ...IS BEGINNING ================================== command: echo - name: CALIBRE @@ -45,11 +44,8 @@ when: wordpress_install tags: wordpress -- name: Record STAGE 6 +- name: Recording STAGE 6 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=6' state=present - -- name: ...HAS COMPLETED =================================== - command: echo diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index d5a5e97b3..ee98a0d2d 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,6 +1,5 @@ # Educational Apps - -- name: ...IS BEGINNING ======================================== +- name: ...IS BEGINNING ================================== command: echo - name: KALITE @@ -39,11 +38,8 @@ when: sugarizer_install tags: sugarizer -- name: Record STAGE 7 +- name: Recording STAGE 7 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=7' state=present - -- name: ...HAS COMPLETED ======================================= - command: echo diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 9351d6770..91413900b 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,6 +1,6 @@ # Assessment and Monitoring Tools -- name: ...IS BEGINNING ====================================== +- name: ...IS BEGINNING ================================== command: echo - name: AWSTATS @@ -51,11 +51,8 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: Record STAGE 8 +- name: Recording STAGE 8 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=8' state=present - -- name: ...HAS COMPLETED ===================================== - command: echo diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 197bb3366..f518d6c81 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,7 +1,10 @@ # Local Add-ons -- name: ...IS BEGINNING ==================================== +- name: ...IS BEGINNING ============================= command: echo -- name: ...HAS COMPLETED =================================== - command: echo +- name: Recording STAGE 9 HAS COMPLETED ============= + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=9' + state=present From c32b3518cd19f0038b9979af6dc9672ed4b5b289 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 12:57:55 -0500 Subject: [PATCH 354/466] scripts cleanup --- iiab-network | 15 +++------------ install-support | 3 ++- runtags | 14 +++----------- 3 files changed, 8 insertions(+), 24 deletions(-) diff --git a/iiab-network b/iiab-network index 87be5ccdc..eb9f1b239 100755 --- a/iiab-network +++ b/iiab-network @@ -1,15 +1,8 @@ #!/bin/bash - -if [ -f /etc/iiab/iiab.env ] -then - . /etc/iiab/iiab.env - cd $IIAB_DIR -else - echo /etc/iiab/iiab.env is missing. Playbook has not been run. - exit 1 -fi - +# running from a git repo +# ansible files exist CWD=`pwd` +export ANSIBLE_LOG_PATH="$CWD/iiab-network.log" if [ ! -f iiab-network.yml ] then @@ -25,7 +18,6 @@ then fi Start=`date` -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local End=`date` echo "" >> iiab-network.log @@ -46,4 +38,3 @@ ip r brctl show br0 echo "run start:$Start" echo "run end: $End" - diff --git a/install-support b/install-support index b7df01489..79439f2f7 100755 --- a/install-support +++ b/install-support @@ -4,6 +4,8 @@ PLAYBOOK="iiab-base.yml" INVENTORY="ansible_hosts" CWD=`pwd` +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" + if [ ! -f $PLAYBOOK ] then echo "IIAB Playbook not found." @@ -15,5 +17,4 @@ fi sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml -export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local diff --git a/runtags b/runtags index b353d3a65..45ee507e7 100755 --- a/runtags +++ b/runtags @@ -1,16 +1,11 @@ #!/bin/bash +# running from a git repo PLAYBOOK="iiab.yml" INVENTORY="ansible_hosts" -# Pass cmdline options for ansible - -if [ -f /etc/iiab/iiab.env ] -then - . /etc/iiab/iiab.env - cd $IIAB_DIR -fi - CWD=`pwd` +export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" + if [ ! -f $PLAYBOOK ] then echo "IIAB Playbook not found." @@ -41,8 +36,6 @@ do fi done -# echo $found - taglist=$1 if [ "$found" == "N" ] @@ -50,5 +43,4 @@ then taglist="0-init,"$taglist fi -export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" ansible-playbook -i ansible_hosts iiab.yml --connection=local --tags="""$taglist""" From 41242f4471ae329523d491786fabb486f510c236 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 15:09:24 -0500 Subject: [PATCH 355/466] XSCE -> IIAB in iiab.env --- roles/1-prep/templates/iiab.env.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/templates/iiab.env.j2 b/roles/1-prep/templates/iiab.env.j2 index bd08f9441..423c13ec6 100644 --- a/roles/1-prep/templates/iiab.env.j2 +++ b/roles/1-prep/templates/iiab.env.j2 @@ -1,4 +1,4 @@ -# This is a configuration file for XSCE +# This is a configuration file for IIAB # It can sourced in a shell script or read into an application IIAB_BASE_PATH={{ iiab_base }} IIAB_DIR={{ iiab_dir }} From 925ce00c7aca99ae594a0994a82bc18303c3ae9c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 13:05:19 -0500 Subject: [PATCH 356/466] introduce iiab-install --- iiab-install | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100755 iiab-install diff --git a/iiab-install b/iiab-install new file mode 100755 index 000000000..5a3994622 --- /dev/null +++ b/iiab-install @@ -0,0 +1,74 @@ +#!/bin/bash -e +# running from a git repo +PLAYBOOK="iiab-steps.yml" +INVENTORY="ansible_hosts" +CWD=`pwd` +# Add cmdline options for passing to ansible +# todo add proper shift to gobble up --debug --upgrade +ARGS="" + +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" + +if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then + mkdir -p /etc/ansible/facts.d +fi +cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact + +STAGE="" + +if [ -f /etc/iiab/iiab.env ]; then + OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` + if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then + echo "Found old XSCE install - re-installing from scratch" + rm /etc/iiab/iiab.env + # check ansible version here and force ansible upgrade if needed + else + source /etc/iiab/iiab.env + if [ $STAGE == 9 ] && [ "$1" = "--debug" ]; then + echo "Entering debug mode" + sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env + elif [ ! $STAGE == 9 ]; then + echo "Restarting from STAGE $STAGE" + else + # place keeper add read response + # "offer 'Y' or stage number dialog box option to override" + echo "'iiab-install' has already been completed" + echo "use --debug to override " + echo "In demo mode not preventing second run" + #echo "Exiting." + #exit 0 + fi + fi +else + mkdir -p /etc/iiab +fi + +if [ ! -f $PLAYBOOK ]; then + echo "IIAB Playbook not found." + echo "Please run this command from the top level of the git repo." + echo "Exiting." + exit 1 +fi + +# if vars/local_vars.yml is missing, put a default one in place - First Run +if [ ! -f ./vars/local_vars.yml ]; then + OS=`grep ^ID= /etc/*release|cut -d= -f2` + OS=${OS//\"/} + + case $OS in + OLPC | fedora) + cp ./vars/olpc.localvars ./vars/local_vars.yml + ;; + centos | debian | ubuntu | raspbian) + cp ./vars/medium.localvars ./vars/local_vars.yml + ;; + *) + echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." + exit 1 + ;; + esac +fi + +echo "Running local playbooks! " +ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null +ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local From da7f875cc0a3b1c5c6fc32b19aac98eb41cca3cb Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 15:02:23 -0500 Subject: [PATCH 357/466] flip logic for easier read - exit if STAGE=9 --- iiab-install | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/iiab-install b/iiab-install index 5a3994622..15010a3bd 100755 --- a/iiab-install +++ b/iiab-install @@ -4,7 +4,7 @@ PLAYBOOK="iiab-steps.yml" INVENTORY="ansible_hosts" CWD=`pwd` # Add cmdline options for passing to ansible -# todo add proper shift to gobble up --debug --upgrade +# todo add proper shift to gobble up --debug --reinstall ARGS="" export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" @@ -16,7 +16,9 @@ cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact STAGE="" -if [ -f /etc/iiab/iiab.env ]; then +if [ ! -f /etc/iiab/iiab.env ]; then + mkdir -p /etc/iiab +else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then echo "Found old XSCE install - re-installing from scratch" @@ -34,13 +36,11 @@ if [ -f /etc/iiab/iiab.env ]; then # "offer 'Y' or stage number dialog box option to override" echo "'iiab-install' has already been completed" echo "use --debug to override " - echo "In demo mode not preventing second run" + #echo "In demo mode not preventing second run" #echo "Exiting." - #exit 0 + exit 1 fi fi -else - mkdir -p /etc/iiab fi if [ ! -f $PLAYBOOK ]; then From 4a4cc48c480ec3ff2be9f904bc39ed080d1f6bb4 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 15:19:09 -0500 Subject: [PATCH 358/466] exit warning --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 15010a3bd..52f4575ca 100755 --- a/iiab-install +++ b/iiab-install @@ -37,7 +37,7 @@ else echo "'iiab-install' has already been completed" echo "use --debug to override " #echo "In demo mode not preventing second run" - #echo "Exiting." + echo "Exiting." exit 1 fi fi From 104bbf784ad8093aafb12e7aedcda2cdd0b9d4dc Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:29:49 -0400 Subject: [PATCH 359/466] fill lines with ==='s --- roles/1-prep/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 84ae926eb..fea4ea34f 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,6 +1,6 @@ # Preparations (Hardware Level) -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ============================================ command: echo - name: Get the uuidgen program @@ -89,7 +89,7 @@ when: first_run and usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location -- name: Recording STAGE 1 HAS COMPLETED ================== +- name: Recording STAGE 1 HAS COMPLETED ============================ template: src=roles/1-prep/templates/iiab.env.j2 dest=/etc/iiab/iiab.env owner=root From c329a156a7d2594d83cf18962401a69f5403c601 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:31:16 -0400 Subject: [PATCH 360/466] fill lines with ==='s --- roles/2-common/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index acaacc99f..c7af19941 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,6 +1,6 @@ # Common OS-Level Additions & Mods (that only need to be performed once) -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ========================================== command: echo #- include: iiab_ini.yml @@ -48,7 +48,7 @@ - include: udev.yml -- name: Recording STAGE 2 HAS COMPLETED ================== +- name: Recording STAGE 2 HAS COMPLETED ========================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=2' From 9ca180ce8fb29988336f7e35b7aadb626e1d64ea Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:32:31 -0400 Subject: [PATCH 361/466] fill lines with ==='s --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index e59553e9e..b77c032ef 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,5 +1,5 @@ # Base Server -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ===================================== command: echo - name: HTTPD @@ -29,7 +29,7 @@ state=restarted when: not installing -- name: Record STAGE 3 HAS COMPLETED ===================== +- name: Record STAGE 3 HAS COMPLETED ======================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=3' From 5259d1f29df6d17f8ebf0dead913b171855eebf0 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:34:22 -0400 Subject: [PATCH 362/466] fill lines with ==='s --- roles/5-xo-services/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index bc9c20653..58b750908 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,5 +1,5 @@ # XO Services -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ===================================== command: echo - name: ACTIVITY-SERVER @@ -20,7 +20,7 @@ when: idmgr_install tags: olpc, idmgr -- name: Recording STAGE 5 HAS COMPLETED ================== +- name: Recording STAGE 5 HAS COMPLETED ===================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=5' From 7b03e1b4b7729b78d857a485fc9ade7e4bde1a35 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:35:28 -0400 Subject: [PATCH 363/466] fill lines with ==='s --- roles/6-generic-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 9cf53a700..9c4113fc1 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,5 +1,5 @@ # Generic Apps -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ==================================== command: echo - name: CALIBRE @@ -44,7 +44,7 @@ when: wordpress_install tags: wordpress -- name: Recording STAGE 6 HAS COMPLETED ================== +- name: Recording STAGE 6 HAS COMPLETED ==================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=6' From 6e8f81b500c30d7aace5dfddc53098a55838d9bd Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:37:06 -0400 Subject: [PATCH 364/466] fill lines with ==='s --- roles/7-edu-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index ee98a0d2d..5f7f081d9 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,5 +1,5 @@ # Educational Apps -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ======================================== command: echo - name: KALITE @@ -38,7 +38,7 @@ when: sugarizer_install tags: sugarizer -- name: Recording STAGE 7 HAS COMPLETED ================== +- name: Recording STAGE 7 HAS COMPLETED ======================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=7' From 6fbf870464fa925c6ae4832523ad011b00d0f148 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:38:09 -0400 Subject: [PATCH 365/466] fill lines with ==='s --- roles/8-mgmt-tools/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 91413900b..ad22382ed 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,6 +1,6 @@ # Assessment and Monitoring Tools -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ====================================== command: echo - name: AWSTATS @@ -51,7 +51,7 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: Recording STAGE 8 HAS COMPLETED ================== +- name: Recording STAGE 8 HAS COMPLETED ====================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=8' From 42264f1e3474dd848b4628fe15611b14bb523f3f Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:39:35 -0400 Subject: [PATCH 366/466] fill lines with ==='s --- roles/9-local-addons/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index f518d6c81..3a13a1b37 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,9 +1,9 @@ # Local Add-ons -- name: ...IS BEGINNING ============================= +- name: ...IS BEGINNING ==================================== command: echo -- name: Recording STAGE 9 HAS COMPLETED ============= +- name: Recording STAGE 9 HAS COMPLETED ==================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=9' From 009795aec0a24dd1de9c3910e1d9e84128370735 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:42:30 -0400 Subject: [PATCH 367/466] Update main.yml --- roles/3-base-server/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index b77c032ef..877ab58e4 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -34,4 +34,3 @@ regexp='^STAGE=*' line='STAGE=3' state=present - From 68f199f3ee684fa8c3a9e4930af6e8cdf5ee5fd2 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:56:52 -0400 Subject: [PATCH 368/466] role: -> include_role: avoid pages of spam output --- iiab-steps.yml | 78 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 20 deletions(-) diff --git a/iiab-steps.yml b/iiab-steps.yml index 66c97721c..b514c3dc0 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -7,23 +7,61 @@ - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml - roles: - - { role: 0-init, tags: ['0-init'] } - - { role: 1-prep, tags: ['1-prep','platform','base'], - when: ansible_local.local_facts.stage|int < 1 } - - { role: 2-common, tags: ['2-common','base'], - when: ansible_local.local_facts.stage|int < 2 } - - { role: 3-base-server, tags: ['3-base-server','base'], - when: ansible_local.local_facts.stage|int < 3 } - - { role: 4-server-options, tags: ['4-server-options'], - when: ansible_local.local_facts.stage|int < 4 } - - { role: 5-xo-services, tags: ['5-xo-services'], - when: ansible_local.local_facts.stage|int < 5 } - - { role: 6-generic-apps, tags: ['6-generic-apps'], - when: ansible_local.local_facts.stage|int < 6 } - - { role: 7-edu-apps, tags: ['7-edu-apps'], - when: ansible_local.local_facts.stage|int < 7 } - - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'], - when: ansible_local.local_facts.stage|int < 8 } - - { role: 9-local-addons, tags: ['9-local-addons'], - when: ansible_local.local_facts.stage|int < 9 } + name: 0-init + include_role: + name: 0-init + tags: 0-init + + name: 1-prep + include_role: + name: 1-prep + when: ansible_local.local_facts.stage|int < 1 + tags: 1-prep, platform, base + + name: 2-common + include_role: + name: 2-common + when: ansible_local.local_facts.stage|int < 2 + tags: 2-common, base + + name: 3-base-server + include_role: + name: 3-base-server + when: ansible_local.local_facts.stage|int < 3 + tags: 3-base-server, base + + name: 4-server-options + include_role: + name: 4-server-options + when: ansible_local.local_facts.stage|int < 4 + tags: 4-server-options + + name: 5-xo-services + include_role: + name: 5-xo-services + when: ansible_local.local_facts.stage|int < 5 + tags: 5-xo-services + + name: 6-generic-apps + include_role: + name: 6-generic-apps + when: ansible_local.local_facts.stage|int < 6 + tags: 6-generic-apps + + name: 7-edu-apps + include_role: + name: 7-edu-apps + when: ansible_local.local_facts.stage|int < 7 + tags: 7-edu-apps + + name: 8-mgmt-tools + include_role: + name: 8-mgmt-tools + when: ansible_local.local_facts.stage|int < 8 + tags: 8-mgmt-tools + + name: 9-local-addons + include_role: + name: 9-local-addons + when: ansible_local.local_facts.stage|int < 9 + tags: 9-local-addons From 84fb30f513081bf93e925816f0de52b3f46b1ccf Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 17:12:19 -0400 Subject: [PATCH 369/466] dashes added --- iiab-steps.yml | 98 +++++++++++++++++++++++++------------------------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/iiab-steps.yml b/iiab-steps.yml index b514c3dc0..de325bd59 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -7,61 +7,61 @@ - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml - name: 0-init - include_role: - name: 0-init - tags: 0-init + - name: 0-init + include_role: + name: 0-init + tags: 0-init - name: 1-prep - include_role: - name: 1-prep - when: ansible_local.local_facts.stage|int < 1 - tags: 1-prep, platform, base + - name: 1-prep + include_role: + name: 1-prep + when: ansible_local.local_facts.stage|int < 1 + tags: 1-prep, platform, base - name: 2-common - include_role: - name: 2-common - when: ansible_local.local_facts.stage|int < 2 - tags: 2-common, base + - name: 2-common + include_role: + name: 2-common + when: ansible_local.local_facts.stage|int < 2 + tags: 2-common, base - name: 3-base-server - include_role: - name: 3-base-server - when: ansible_local.local_facts.stage|int < 3 - tags: 3-base-server, base + - name: 3-base-server + include_role: + name: 3-base-server + when: ansible_local.local_facts.stage|int < 3 + tags: 3-base-server, base - name: 4-server-options - include_role: - name: 4-server-options - when: ansible_local.local_facts.stage|int < 4 - tags: 4-server-options + - name: 4-server-options + include_role: + name: 4-server-options + when: ansible_local.local_facts.stage|int < 4 + tags: 4-server-options - name: 5-xo-services - include_role: - name: 5-xo-services - when: ansible_local.local_facts.stage|int < 5 - tags: 5-xo-services + - name: 5-xo-services + include_role: + name: 5-xo-services + when: ansible_local.local_facts.stage|int < 5 + tags: 5-xo-services - name: 6-generic-apps - include_role: - name: 6-generic-apps - when: ansible_local.local_facts.stage|int < 6 - tags: 6-generic-apps + - name: 6-generic-apps + include_role: + name: 6-generic-apps + when: ansible_local.local_facts.stage|int < 6 + tags: 6-generic-apps - name: 7-edu-apps - include_role: - name: 7-edu-apps - when: ansible_local.local_facts.stage|int < 7 - tags: 7-edu-apps + - name: 7-edu-apps + include_role: + name: 7-edu-apps + when: ansible_local.local_facts.stage|int < 7 + tags: 7-edu-apps - name: 8-mgmt-tools - include_role: - name: 8-mgmt-tools - when: ansible_local.local_facts.stage|int < 8 - tags: 8-mgmt-tools + - name: 8-mgmt-tools + include_role: + name: 8-mgmt-tools + when: ansible_local.local_facts.stage|int < 8 + tags: 8-mgmt-tools - name: 9-local-addons - include_role: - name: 9-local-addons - when: ansible_local.local_facts.stage|int < 9 - tags: 9-local-addons + - name: 9-local-addons + include_role: + name: 9-local-addons + when: ansible_local.local_facts.stage|int < 9 + tags: 9-local-addons From d5ee8ff4ff76093332418471878affe89fc922b4 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 20:45:52 -0400 Subject: [PATCH 370/466] roles: -> tasks: for dynamic execution Since Ansible 2.3 / 2.4 per https://docs.ansible.com/ansible/2.4/playbooks_reuse_roles.html --- iiab-steps.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab-steps.yml b/iiab-steps.yml index de325bd59..834dce951 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -7,6 +7,7 @@ - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml + tasks: - name: 0-init include_role: name: 0-init From 5de56cd3f2b19d46dd99b0fe687ad11ab253639a Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 20:46:43 -0400 Subject: [PATCH 371/466] Update iiab-steps.yml --- iiab-steps.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab-steps.yml b/iiab-steps.yml index 834dce951..ce27ec00c 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -8,6 +8,7 @@ - vars/local_vars.yml tasks: + - name: 0-init include_role: name: 0-init From d23e3d760f47a434039e8ef2f66f7dafa7759fef Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 21:58:29 -0400 Subject: [PATCH 372/466] tweak iiab-install's annc of which stage it's continuing with --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 52f4575ca..086c86775 100755 --- a/iiab-install +++ b/iiab-install @@ -30,7 +30,7 @@ else echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then - echo "Restarting from STAGE $STAGE" + echo "Restarting *after* STAGE $STAGE (as soon as Stage 0 completes..Stage 9 will be last)" else # place keeper add read response # "offer 'Y' or stage number dialog box option to override" From c07c0d2d7619421e71a5d59149f9f03efa799a3d Mon Sep 17 00:00:00 2001 From: Adam Holt <holt@laptop.org> Date: Mon, 30 Oct 2017 23:55:24 -0400 Subject: [PATCH 373/466] 56 changes to include_tasks --edits double check after rebase --- roles/0-init/tasks/main.yml | 4 +- roles/1-prep/tasks/main.yml | 4 +- roles/2-common/tasks/main.yml | 16 ++++---- roles/ajenti/tasks/main.yml | 2 +- roles/awstats/tasks/main.yml | 2 +- roles/dokuwiki/tasks/main.yml | 2 +- roles/httpd/tasks/main.yml | 2 +- roles/iiab-admin/tasks/main.yml | 4 +- roles/kalite/tasks/main.yml | 10 ++--- roles/kiwix/tasks/main.yml | 2 +- roles/mysql/tasks/main.yml | 4 +- roles/network/tasks/detected_network.yml | 2 +- roles/network/tasks/ifcfg_mods.yml | 8 ++-- roles/network/tasks/main.yml | 50 ++++++++++++++---------- roles/network/tasks/squid.yml | 2 +- roles/network/tasks/static.yml | 2 +- roles/nextcloud/tasks/main.yml | 2 +- roles/owncloud/tasks/main.yml | 2 +- roles/rachel/tasks/main.yml | 2 +- roles/sugar-stats/tasks/main.yml | 2 +- roles/teamviewer/tasks/main.yml | 2 +- roles/wordpress/tasks/main.yml | 2 +- 22 files changed, 68 insertions(+), 60 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 31e8e2054..e7351e158 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -14,10 +14,10 @@ # we need to inialize the ini file and only write the location and version sections once and only # once to preserve the install date and git hash. -- include: roles/1-prep/tasks/iiab_ini.yml +- include_tasks: roles/1-prep/tasks/iiab_ini.yml when: first_run # Now load the computed vars -- include: roles/1-prep/tasks/computed_vars.yml +- include_tasks: roles/1-prep/tasks/computed_vars.yml - name: ...HAS COMPLETED =========================================== command: echo diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index fea4ea34f..a96e281f6 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -70,11 +70,11 @@ when: ansible_local.local_facts.os == "raspbian" ignore_errors: true -- include: prep.yml +- include_tasks: prep.yml when: first_run # Put conditional actions for hardware platforms here -- include: raspberry_pi_2.yml +- include_tasks: raspberry_pi_2.yml when: first_run and rpi_model != "none" - name: Check if the identifier for Intel's NUC6 builtin WiFi is present diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index c7af19941..ec15dcee5 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -3,22 +3,22 @@ - name: ...IS BEGINNING ========================================== command: echo -#- include: iiab_ini.yml +#- include_tasks: iiab_ini.yml # create the directory structure for IIAB -- include: fl.yml +- include_tasks: fl.yml -- include: xo.yml +- include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined -- include: centos.yml +- include_tasks: centos.yml when: ansible_distribution == "CentOS" -- include: fedora.yml +- include_tasks: fedora.yml when: ansible_distribution == "Fedora" # the following installs common packages for both debian and fedora -- include: packages.yml +- include_tasks: packages.yml - sysctl: name=net.ipv4.ip_forward value=1 state=present - sysctl: name=net.ipv4.conf.default.rp_filter value=1 state=present @@ -43,10 +43,10 @@ mode=0644 backup=no -- include: net_mods.yml +- include_tasks: net_mods.yml when: not is_debuntu and not is_F18 -- include: udev.yml +- include_tasks: udev.yml - name: Recording STAGE 2 HAS COMPLETED ========================== lineinfile: dest=/etc/iiab/iiab.env diff --git a/roles/ajenti/tasks/main.yml b/roles/ajenti/tasks/main.yml index 93f7bacd0..789afbf31 100644 --- a/roles/ajenti/tasks/main.yml +++ b/roles/ajenti/tasks/main.yml @@ -37,7 +37,7 @@ mode=0744 state=file -- include: ajenti-wondershaper.yml +- include_tasks: ajenti-wondershaper.yml when: 'iiab_lan_iface != ""' # handler doesn't fire diff --git a/roles/awstats/tasks/main.yml b/roles/awstats/tasks/main.yml index f1feed18c..8a9cd37e3 100644 --- a/roles/awstats/tasks/main.yml +++ b/roles/awstats/tasks/main.yml @@ -1,4 +1,4 @@ -- include: install.yml +- include_tasks: install.yml when: awstats_install - name: Add AWStats to service list diff --git a/roles/dokuwiki/tasks/main.yml b/roles/dokuwiki/tasks/main.yml index 9841a32b6..5b2d738ce 100644 --- a/roles/dokuwiki/tasks/main.yml +++ b/roles/dokuwiki/tasks/main.yml @@ -1,5 +1,5 @@ - name: Include the install playbook - include: install.yml + include_tasks: install.yml when: dokuwiki_install - name: Add DokuWiki to service list diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 2eb71b8ce..4319e141b 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -142,7 +142,7 @@ state=absent when: is_debuntu -- include: html.yml +- include_tasks: html.yml tags: - base diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index 4541f4027..5f609238b 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -1,9 +1,9 @@ -- include: admin-user.yml +- include_tasks: admin-user.yml tags: - base when: not no_admin is defined -- include: access.yml +- include_tasks: access.yml tags: - base diff --git a/roles/kalite/tasks/main.yml b/roles/kalite/tasks/main.yml index b0c02471d..74dd9229b 100644 --- a/roles/kalite/tasks/main.yml +++ b/roles/kalite/tasks/main.yml @@ -16,23 +16,23 @@ stat: path="{{ kalite_db_name }}" register: kalite_installed -- include: install-f18.yml +- include_tasks: install-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: install.yml +- include_tasks: install.yml when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 - name: Ask systemd to reread the unit files shell: systemctl daemon-reload when: not kalite_installed.stat.exists -- include: setup-f18.yml +- include_tasks: setup-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: setup.yml +- include_tasks: setup.yml when: not kalite_installed.stat.exists and not is_F18 -- include: enable.yml +- include_tasks: enable.yml - name: Add kalite to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index c7409db31..9a1cfc2b0 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -20,7 +20,7 @@ get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}" dest="{{ downloads_dir }}/{{ kiwix_src_file }}" when: internet_available -- include: kiwix_install.yml +- include_tasks: kiwix_install.yml when: kiwix_src_file is defined tags: - kiwix diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index ecc42815f..4afc6d0ab 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -45,12 +45,12 @@ tags: - download - - include: centos.yml + - include_tasks: centos.yml when: ansible_distribution == "CentOS" tags: - download - - include: fedora.yml + - include_tasks: fedora.yml when: ansible_distribution == "Fedora" tags: - download diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 6c422a746..d52cbc194 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -27,7 +27,7 @@ when: discovered_wan_iface != "none" - name: RedHat network detection - include: detected_redhat.yml + include_tasks: detected_redhat.yml when: is_redhat - name: check to see if dhcpcd is installed and active - Can Fail diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 39c4d0156..cdc22be6f 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -43,17 +43,17 @@ when: (num_lan_interfaces != "0" or iiab_wireless_lan_iface != "none") ## vars/ users should set user_wan_iface to avoid messy redetect -- include: redetect.yml +- include_tasks: redetect.yml when: discovered_wan_iface == "none" and user_wan_iface == "auto" # move gateway if not WAN # might have wifi info if wireless is used as uplink. -- include: edit_ifcfg.yml +- include_tasks: edit_ifcfg.yml when: has_wifi_gw == "none" and has_ifcfg_gw != "none" and has_ifcfg_gw != "/etc/sysconfig/network-scripts/ifcfg-WAN" # create ifcfg-WAN if missing # if we get here we have gateway but no ifcfg file -- include: create_ifcfg.yml +- include_tasks: create_ifcfg.yml when: iiab_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none" and xo_model == "none" and not iiab_demo_mode - name: Configuring LAN interface as iiab_lan_iface @@ -76,7 +76,7 @@ tags: - network -- include: enable_wan.yml +- include_tasks: enable_wan.yml when: not installing and not iiab_demo_mode - name: ask systemd to reread the unit files, picks up changes done diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index bf6a96334..71ac61418 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,10 +1,10 @@ -- include: detected_network.yml +- include_tasks: detected_network.yml when: not installing tags: - network - network-discover -- include: computed_network.yml +- include_tasks: computed_network.yml when: not installing tags: - network @@ -44,30 +44,29 @@ - domain ##### Start static ip address info for first run ##### -#- include: static.yml +#- include_tasks: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' ##### End static ip address info -- include: hosts.yml +- include_tasks: hosts.yml tags: - network - domain -##### end hostname setup -##### start install portion -# only needs to be done once -- include: installing.yml +- include_tasks: named.yml tags: - network - named + +- include_tasks: dhcpd.yml + tags: - dhcpd - dnsmasq - squid - domain # when: hostname_change.changed or installing - -- include: avahi.yml +- include_tasks: squid.yml tags: - network @@ -81,7 +80,7 @@ # - network # - network-discover -- include: computed_services.yml +- include_tasks: wondershaper.yml tags: - network - named @@ -89,8 +88,7 @@ - dnsmasq - squid -# templates needed from above install section live here -- include: enable_services.yml +- include_tasks: iptables.yml tags: - network - named @@ -98,19 +96,23 @@ - dnsmasq - squid -- include: hostapd.yml +- include_tasks: avahi.yml tags: - network -- include: ifcfg_mods.yml - when: not is_debuntu and not installing +- include_tasks: ifcfg_mods.yml tags: - network -- include: debian.yml - when: is_debuntu and not installing +- include_tasks: debian.yml tags: - network + when: is_debuntu and not is_rpi and not installing + +- include_tasks: rpi_debian.yml + tags: + - network + when: is_debuntu and is_rpi and not installing - name: Create IIAB network flags template: src=network/{{ item }}.j2 @@ -122,10 +124,16 @@ when: not installing tags: - network -#### end network layout -#### start services -- include: restart.yml +- include_tasks: computed_services.yml + tags: + - network + +- include_tasks: enable_services.yml + tags: + - network + +- include_tasks: restart.yml when: not installing tags: - network diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 1abadaf4b..6ef23db3f 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -64,7 +64,7 @@ mode=0750 state=directory -- include: dansguardian.yml +- include_tasks: dansguardian.yml when: dansguardian_install #- name: Stop Squid diff --git a/roles/network/tasks/static.yml b/roles/network/tasks/static.yml index 4168ab9a7..06ac8b391 100644 --- a/roles/network/tasks/static.yml +++ b/roles/network/tasks/static.yml @@ -4,7 +4,7 @@ template: src=network/ifcfg-WAN.j2 dest=/etc/sysconfig/network-scripts/ifcfg-WAN -- include: NM.yml +- include_tasks: NM.yml when: 'ansible_distribution_version <= "20" and wan_ip != "dhcp"' - name: Re-read network config files diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 06e8c9bfc..cd6b5dd9c 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -120,7 +120,7 @@ # Enable nextcloud by copying template to httpd config # following enables and disables -- include: nextcloud_enabled.yml +- include_tasks: nextcloud_enabled.yml - name: Add Nextcloud to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml index 03e8fb872..12bcbdcc8 100644 --- a/roles/owncloud/tasks/main.yml +++ b/roles/owncloud/tasks/main.yml @@ -102,7 +102,7 @@ # Enable owncloud by copying template to httpd config -- include: owncloud_enabled.yml +- include_tasks: owncloud_enabled.yml when: owncloud_enabled - name: Add owncloud to service list diff --git a/roles/rachel/tasks/main.yml b/roles/rachel/tasks/main.yml index 898a212d5..f37843250 100644 --- a/roles/rachel/tasks/main.yml +++ b/roles/rachel/tasks/main.yml @@ -20,7 +20,7 @@ rachel_content_found: True when: rachel_content.stat.exists == true -- include: rachel_enabled.yml +- include_tasks: rachel_enabled.yml when: rachel_enabled and rachel_content_found - name: Add rachel to service list diff --git a/roles/sugar-stats/tasks/main.yml b/roles/sugar-stats/tasks/main.yml index c42d6ef7f..6f9f708dc 100644 --- a/roles/sugar-stats/tasks/main.yml +++ b/roles/sugar-stats/tasks/main.yml @@ -38,7 +38,7 @@ enabled=no when: not sugar_stats_enabled -- include: statistics-consolidation.yml +- include_tasks: statistics-consolidation.yml - name: Add sugar-stats to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/teamviewer/tasks/main.yml b/roles/teamviewer/tasks/main.yml index 9421a919c..7ea48de93 100644 --- a/roles/teamviewer/tasks/main.yml +++ b/roles/teamviewer/tasks/main.yml @@ -5,7 +5,7 @@ when: ansible_architecture == "armv7l" or not is_redhat - name: Install Teamviewer if intel - include: install.yml + include_tasks: install.yml when: teamviewer_install - name: Add teamviewer to service list diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml index db4eb2c53..4a77b45f8 100644 --- a/roles/wordpress/tasks/main.yml +++ b/roles/wordpress/tasks/main.yml @@ -1,3 +1,3 @@ - name: Include the install playbook - include: install.yml + include_tasks: install.yml when: wordpress_install \ No newline at end of file From b81c2c5121112ed13fb7595eba500bb26391c46c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Tue, 31 Oct 2017 00:45:45 -0400 Subject: [PATCH 374/466] "Restarting *after* STAGE.." clarified --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 086c86775..934885fe1 100755 --- a/iiab-install +++ b/iiab-install @@ -30,7 +30,7 @@ else echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then - echo "Restarting *after* STAGE $STAGE (as soon as Stage 0 completes..Stage 9 will be last)" + echo "Restarting *after* STAGE $STAGE..as soon as Stage 0 completes. Stage 9 comes last." else # place keeper add read response # "offer 'Y' or stage number dialog box option to override" From c0590d973e317f48c827f163bfbc7d72e432838a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 8 Oct 2017 14:42:55 -0500 Subject: [PATCH 375/466] move hostname handling from network role --edited double check after rebase --- roles/1-prep/tasks/computed_vars.yml | 9 ++++++ roles/2-common/tasks/hostname.yml | 11 +++++++ roles/2-common/tasks/main.yml | 7 +++++ roles/network/tasks/detected_network.yml | 11 ------- roles/network/tasks/main.yml | 39 ++---------------------- 5 files changed, 30 insertions(+), 47 deletions(-) create mode 100644 roles/2-common/tasks/hostname.yml diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 28ba861d6..bbd7b8091 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -47,6 +47,15 @@ file: path=/tmp/heart-beat.txt state=absent +- name: no prior domain name + set_fact: + iiab_domain: "{{ iiab_domain }}" + iiab_hostname: "{{ iiab_hostname }}" + +# Now check FQDN +- include: roles/2-common/tasks/hostname.yml + when: not first_run and "iiab_hostname.iiab_domain" != ansible_fqdn + # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC set_fact: local_tz='UTC' diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml new file mode 100644 index 000000000..a3ae16870 --- /dev/null +++ b/roles/2-common/tasks/hostname.yml @@ -0,0 +1,11 @@ +- name: turn the crank for systemd + shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}" + when: is_debuntu + +- name: Configure /etc/sysconfig/network + template: src=roles/network/templates/network/sysconfig.network.j2 + dest=/etc/sysconfig/network + owner=root + group=root + mode=0644 + when: is_redhat diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index ec15dcee5..f7c0cc95b 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -11,6 +11,13 @@ - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined +# set FQDN for IIAB +- include_tasks: hostname.yml + tags: + - network + - domain + - hostname + - include_tasks: centos.yml when: ansible_distribution == "CentOS" diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index d52cbc194..a7fd839d8 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -1,14 +1,3 @@ -- name: Checking iiab_domain_name - shell: "cat /etc/sysconfig/iiab_domain_name" - register: prior_domain - when: not first_run - -# above always registers -- name: Checking for prior domain name - set_fact: - iiab_domain: "{{ prior_domain.stdout }}" - when: not first_run and prior_domain.stdout != "lan" and prior_domain.stdout != "" - - name: iiab_wan_device shell: "cat /etc/sysconfig/iiab_wan_device" register: prior_gw diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 71ac61418..b9ad86872 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -10,39 +10,6 @@ - network - network-discover -- name: Set hostname - template: dest=/etc/hostname - src=network/hostname.j2 - owner=root - mode=0644 - when: is_debuntu - register: hostname_change - tags: - - network - - domain - -- name: Configure /etc/sysconfig/network - template: src=network/sysconfig.network.j2 - dest=/etc/sysconfig/network - owner=root - group=root - mode=0644 - when: is_redhat - register: hostname_change - tags: - - network - - domain - -- name: Create iiab_domain_name flag - template: src=network/{{ item }}.j2 - dest=/etc/sysconfig/{{ item }} - mode=0644 - with_items: - - iiab_domain_name - tags: - - network - - domain - ##### Start static ip address info for first run ##### #- include_tasks: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' @@ -51,20 +18,20 @@ - include_tasks: hosts.yml tags: - network + - hostname - domain - include_tasks: named.yml tags: - network - named + - domain - include_tasks: dhcpd.yml tags: - dhcpd - - dnsmasq - - squid + - network - domain -# when: hostname_change.changed or installing - include_tasks: squid.yml tags: From ff22bcaf83704ba2b20a5d6ea68b58db49e3d977 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 15 Oct 2017 15:08:08 -0500 Subject: [PATCH 376/466] backport of 46c36b3e3542ffe5609ab5cc10a60de7335d6cd9 double check after rebase backport of c837cde92304cfaf4a44c31dfb40bbadfd05fe04 backport of a0102669d2d842163d17d61e254dbd0ba8a3ea92 touch up backport of a55c0555b6fb92a6b6b239a9dce2fde2100e7ae5 --- roles/1-prep/tasks/computed_vars.yml | 51 +++++++++++++++++-- roles/network/tasks/detected_network.yml | 4 +- roles/network/tasks/enable_services.yml | 12 +++-- roles/network/tasks/main.yml | 23 ++++++--- .../templates/gateway/iiab-gen-iptables | 9 ++-- 5 files changed, 78 insertions(+), 21 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index bbd7b8091..f9fb64852 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -47,14 +47,51 @@ file: path=/tmp/heart-beat.txt state=absent -- name: no prior domain name +- name: set FQDN set_fact: - iiab_domain: "{{ iiab_domain }}" - iiab_hostname: "{{ iiab_hostname }}" + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False + +- name: FQDN changed + set_fact: + FQDN_changed: True + when: iiab_fqdn != ansible_fqdn # Now check FQDN - include: roles/2-common/tasks/hostname.yml - when: not first_run and "iiab_hostname.iiab_domain" != ansible_fqdn + when: not first_run and FQDN_changed + +# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate +- name: Finding gateway + set_fact: + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + when: 'ansible_default_ipv4.gateway is defined' + +- name: Verify gateway present + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? + when: discovered_wan_iface != "none" + register: gw_active_test + +- name: Recording gateway response + set_fact: + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" + +- name: Test for internet access + get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt + ignore_errors: True +# async: 10 +# poll: 2 + register: internet_access_test + +- name: Set internet_available true if wget succeeded + set_fact: + internet_available: True + when: not internet_access_test|failed and not disregard_network + +- name: Cleanup internet test file + file: path=/tmp/heart-beat.txt + state=absent # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC @@ -190,3 +227,9 @@ value: '{{ gw_active }}' - option: 'internet_available' value: '{{ internet_available }}' + - option: 'first_run' + value: '{{ first_run }}' + - option: 'local_tz' + value: '{{ local_tz }}' + - option: 'FQDN_changed' + value: '{{ FQDN_changed }}' diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index a7fd839d8..6f5f7ce1d 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -1,7 +1,7 @@ - name: iiab_wan_device - shell: "cat /etc/sysconfig/iiab_wan_device" - register: prior_gw + shell: grep IIAB_WAN_DEVICE /etc/iiab/iiab.env | awk -F "=" '{print $2}' when: not first_run + register: prior_gw - name: Checking for old device gateway interface for device test set_fact: diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index ab3f82733..e24bcb142 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -70,8 +70,10 @@ when: not dansguardian_enabled and dansguardian_install - name: Create xs_httpcache flag - shell: echo 1 > /etc/sysconfig/xs_httpcache_on - creates=/etc/sysconfig/xs_httpcache_on + lineinfile: dest=/etc/iiab/iiab.env + regexp='^HTTPCACHE_ON=*' + line='HTTPCACHE_ON=True' + state=present when: squid_enabled and squid_install - name: Enable Squid service @@ -105,8 +107,10 @@ when: not squid_enabled and squid_install - name: Remove xs_httpcache flag - file: path=/etc/sysconfig/xs_httpcache_on - state=absent + lineinfile: dest=/etc/iiab/iiab.env + regexp='^HTTPCACHE_ON=*' + line='HTTPCACHE_ON=False' + state=present when: not squid_enabled - name: Enable Wondershaper service diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index b9ad86872..e1fe66ea7 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -81,17 +81,26 @@ - network when: is_debuntu and is_rpi and not installing -- name: Create IIAB network flags - template: src=network/{{ item }}.j2 - dest=/etc/sysconfig/{{ item }} - mode=0644 - with_items: - - iiab_wan_device - - iiab_lan_device +- name: Record iiab_wan_device + lineinfile: dest=/etc/iiab/iiab.env + regexp='^IIAB_WAN_DEVICE=*' + line='IIAB_WAN_DEVICE="{{ iiab_wan_iface }}"' + state=present when: not installing tags: - network +- name: Record iiab_lan_device + lineinfile: dest=/etc/iiab/iiab.env + regexp='^IIAB_LAN_DEVICE=*' + line='IIAB_LAN_DEVICE="{{ iiab_lan_iface }}"' + state=present + when: not installing + tags: + - network + +#### end network layout +#### start services - include_tasks: computed_services.yml tags: - network diff --git a/roles/network/templates/gateway/iiab-gen-iptables b/roles/network/templates/gateway/iiab-gen-iptables index 63f3a20ff..284db36ef 100755 --- a/roles/network/templates/gateway/iiab-gen-iptables +++ b/roles/network/templates/gateway/iiab-gen-iptables @@ -1,4 +1,5 @@ #!/bin/bash -x +source /etc/iiab/iiab.env {% if is_debuntu %} IPTABLES=/sbin/iptables IPTABLES_DATA=/etc/iptables.up.rules @@ -6,8 +7,8 @@ IPTABLES_DATA=/etc/iptables.up.rules IPTABLES=/usr/sbin/iptables IPTABLES_DATA=/etc/sysconfig/iptables {% endif %} -LANIF=`cat /etc/sysconfig/iiab_lan_device` -WANIF=`cat /etc/sysconfig/iiab_wan_device` +LANIF=$IIAB_LAN_DEVICE +WANIF=$IIAB_WAN_DEVICE MODE=`grep iiab_network_mode_applied /etc/iiab/iiab.ini | gawk '{print $3}'` clear_fw() { @@ -33,7 +34,7 @@ $IPTABLES -A INPUT -p tcp --dport 5984 -j DROP $IPTABLES -A INPUT -p udp --dport 5984 -j DROP } -if [ "x$WANIF" == "x" ] || [ "$MODE" == 'Appliance' ]; then +if [ "x$WANIF" == "xnone" ] || [ "$MODE" == 'Appliance' ]; then clear_fw # save the rule set {% if is_debuntu %} @@ -119,7 +120,7 @@ if [ "$captive_portal_enabled" == "True" ];then $IPTABLES -t mangle -A internet -j MARK --set-mark 99 $IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }} -elif [ -f /etc/sysconfig/xs_httpcache_on ]; then +elif [ "$HTTPCACHE_ON" == "True" ]; then $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d 172.18.96.1 -j DNAT --to 172.18.96.1:3128 fi From 55ee21dd4928002710eaf112d33333dec4bb8c45 Mon Sep 17 00:00:00 2001 From: Adam Holt <holt@laptop.org> Date: Tue, 31 Oct 2017 03:04:04 -0400 Subject: [PATCH 377/466] use include_vars in 0-init --- roles/0-init/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index e7351e158..528bf3aa9 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,7 +1,7 @@ # Initialize - name: ...IS BEGINNING ============================================ - command: echo + include_vars: roles/1-prep/defaults/main.yml - name: Determine if runansible was run stat: path=/etc/iiab/iiab.env From 6cae3930b714913d7fda38d79cadd525455211ce Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 05:10:46 -0400 Subject: [PATCH 378/466] move network package install - double check after rebase --- roles/3-base-server/tasks/main.yml | 24 +++++++++++++ roles/network/tasks/dansguardian.yml | 6 ++-- roles/network/tasks/dhcpd.yml | 3 +- roles/network/tasks/enable_services.yml | 1 + roles/network/tasks/main.yml | 38 -------------------- roles/network/tasks/named.yml | 46 ++++++++++++------------- roles/network/tasks/squid.yml | 14 ++++---- roles/network/tasks/wondershaper.yml | 6 ++-- 8 files changed, 62 insertions(+), 76 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 877ab58e4..6729c5597 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -20,6 +20,30 @@ # has no "when: XXXXX_install" flag tags: base, mysql +- include_tasks: roles/network/tasks/named.yml + tags: + - named + - network + - domain + +- include_tasks: roles/network/tasks/dhcpd.yml + tags: + - dhcpd + - network + - domain + +- include_tasks: roles/network/tasks/squid.yml + tags: + - squid + - network + when: squid_install + +- include_tasks: roles/network/tasks/wondershaper.yml + tags: + - wondershaper + - network + when: wondershaper_install + - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index 64610759d..2d4cebc40 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -7,7 +7,7 @@ - download - name: Copy DansGuardian config file - template: src=squid/dansguardian.conf.j2 + template: src=roles/network/templates/squid/dansguardian.conf.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian group=dansguardian @@ -15,7 +15,7 @@ when: ansible_distribution == "Fedora" - name: Copy DansGuardian config file - template: src=squid/dansguardian.conf.debian.j2 + template: src=roles/network/templates/squid/dansguardian.conf.debian.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian group=dansguardian @@ -23,7 +23,7 @@ when: is_debuntu - name: Copy DansGuardian config file for CentOS - template: src=squid/dansguardian.conf.centos.j2 + template: src=roles/network/templates/squid/dansguardian.conf.centos.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian group=vscan diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index 4315ba0b5..f5612df22 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -24,8 +24,7 @@ group=root mode={{ item.mode }} with_items: - - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf', mode: '0644' } - - { src: 'dhcp/dhcpd.service', dest: '/etc/systemd/system/dhcpd.service', mode: '0644' } + - { src: 'roles/network/templates/dhcp/dhcpd.service', dest: '/etc/systemd/system/dhcpd.service', mode: '0644' } - name: Create dhcpd needed files command: touch /var/lib/dhcpd/dhcpd.leases diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e24bcb142..aa1808286 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -23,6 +23,7 @@ mode={{ item.mode }} with_items: - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' } + - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf', mode: '0644' } when: dhcpd_enabled and dhcpd_install - name: Copy named file diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index e1fe66ea7..829a95929 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -21,47 +21,9 @@ - hostname - domain -- include_tasks: named.yml - tags: - - network - - named - - domain - -- include_tasks: dhcpd.yml - tags: - - dhcpd - - network - - domain - -- include_tasks: squid.yml - tags: - - network - -#### end install portion -#### start network layout -# setting installing would skip configuring network -# but would configure but not start services -#- include: computed_network.yml -# when: not installing -# tags: -# - network -# - network-discover - -- include_tasks: wondershaper.yml - tags: - - network - - named - - dhcpd - - dnsmasq - - squid - - include_tasks: iptables.yml tags: - network - - named - - dhcpd - - dnsmasq - - squid - include_tasks: avahi.yml tags: diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 182a58f88..07b58ec17 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -41,37 +41,37 @@ group=root mode={{ item.mode }} with_items: - - { src: 'named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root" , mode: '0644' } - - { src: 'named/named.j2', dest: '/etc/sysconfig/named', owner: "root" , mode: '0644' } - - { src: 'named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root" , mode: '0644' } - - { src: 'named/localdomain.zone', dest: '/var/named-iiab/localdomain.zone',owner: "{{ dns_user }}" , mode: '0644' } - - { src: 'named/localhost.zone', dest: '/var/named-iiab/localhost.zone', owner: "{{ dns_user }}" , mode: '0644' } - - { src: 'named/named.broadcast', dest: '/var/named-iiab/named.broadcast', owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.ip6.local', dest: '/var/named-iiab/named.ip6.local' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.local', dest: '/var/named-iiab/named.local' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.rfc1912.zones', dest: '/var/named-iiab/named.rfc1912.zones' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.root', dest: '/var/named-iiab/named.root' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.root.hints', dest: '/var/named-iiab/named.root.hints' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.zero', dest: '/var/named-iiab/named.zero' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.external.zone.db', dest: '/var/named-iiab/school.external.zone.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.16.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.32.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.48.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root" , mode: '0644' } + - { src: 'roles/network/templates/named/named.j2', dest: '/etc/sysconfig/named', owner: "root" , mode: '0644' } + - { src: 'roles/network/templates/named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root" , mode: '0644' } + - { src: 'roles/network/templates/named/localdomain.zone', dest: '/var/named-iiab/localdomain.zone',owner: "{{ dns_user }}" , mode: '0644' } + - { src: 'roles/network/templates/named/localhost.zone', dest: '/var/named-iiab/localhost.zone', owner: "{{ dns_user }}" , mode: '0644' } + - { src: 'roles/network/templates/named/named.broadcast', dest: '/var/named-iiab/named.broadcast', owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.ip6.local', dest: '/var/named-iiab/named.ip6.local' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.local', dest: '/var/named-iiab/named.local' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.rfc1912.zones', dest: '/var/named-iiab/named.rfc1912.zones' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.root', dest: '/var/named-iiab/named.root' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.root.hints', dest: '/var/named-iiab/named.root.hints' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.zero', dest: '/var/named-iiab/named.zero' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.external.zone.db', dest: '/var/named-iiab/school.external.zone.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.16.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.32.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.48.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} # the following two files are not writeable by named, but bind 9.4 cannot discover that fact correctly - - { src: 'named/school.internal.zone.db', dest: '/var/named-iiab/school.internal.zone.db' , owner: "root" , mode: '0644'} - - { src: 'named/school.local.zone.db', dest: '/var/named-iiab/school.local.zone.db' , owner: "root" , mode: '0644'} - - { src: 'named/school.internal.zone.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.db', dest: '/var/named-iiab/school.internal.zone.db' , owner: "root" , mode: '0644'} + - { src: 'roles/network/templates/named/school.local.zone.db', dest: '/var/named-iiab/school.local.zone.db' , owner: "root" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} - name: Substitute our unit file which uses $OPTIONS from sysconfig - template: src=named/{{ dns_service }}.service + template: src=roles/network/templates/named/{{ dns_service }}.service dest=/etc/systemd/system/{{ dns_service }}.service mode=0644 - name: The dns-jail redirect requires the named.blackhole,disabling recursion # in named-iiab.conf, and the redirection of 404 error documents to / - template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ + template: src=roles/network/templates/named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ when: dns_jail_enabled - name: Separate enabling required for Debian diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 6ef23db3f..2b8e3f184 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -19,32 +19,32 @@ group={{ item.group }} mode={{ item.mode }} with_items: - - src: 'squid/squid.sysconfig' + - src: 'roles/network/templates/squid/squid.sysconfig' dest: '/etc/sysconfig/squid' owner: 'root' group: 'root' mode: '0755' - - src: 'squid/sites.whitelist.txt' + - src: 'roles/network/templates/squid/sites.whitelist.txt' dest: '/etc/{{ proxy }}/sites.whitelist.txt' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/allowregex.rules' + - src: 'roles/network/templates/squid/allowregex.rules' dest: '/etc/{{ proxy }}/allowregex.rules' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/denyregex.rules' + - src: 'roles/network/templates/squid/denyregex.rules' dest: '/etc/{{ proxy }}/denyregex.rules' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/dstaddress.rules' + - src: 'roles/network/templates/squid/dstaddress.rules' dest: '/etc/{{ proxy }}/dstaddress.rules' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/iiab-httpcache.j2' + - src: 'roles/network/templates/squid/iiab-httpcache.j2' dest: '/usr/bin/iiab-httpcache' owner: 'root' group: 'root' @@ -64,7 +64,7 @@ mode=0750 state=directory -- include_tasks: dansguardian.yml +- include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install #- name: Stop Squid diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index 5fec75b3b..04c66bdf5 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -1,12 +1,12 @@ - name: Copy Wondershaper service script template: backup=yes - src=wondershaper/wondershaper.service + src=roles/network/templates/wondershaper/wondershaper.service dest=/etc/systemd/system/wondershaper.service mode=0644 - name: Copy Wondershaper script template: backup=yes - src=wondershaper/wondershaper.j2 + src=roles/network/templates/wondershaper/wondershaper.j2 dest=/usr/bin/wondershaper owner=root group=root @@ -20,7 +20,7 @@ state=directory - name: Copy Wondershaper config script - template: src=wondershaper/wondershaper.conf + template: src=roles/network/templates/wondershaper/wondershaper.conf dest=/etc/conf.d/wondershaper.conf owner=root group=root From 534bd253f41e07d6f8d09b65c28fbe3ac8409984 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 10:49:56 -0400 Subject: [PATCH 379/466] network detection replace first_run with iiab_stage --- roles/network/tasks/detected_network.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 6f5f7ce1d..cdd73cc98 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -1,19 +1,19 @@ - name: iiab_wan_device shell: grep IIAB_WAN_DEVICE /etc/iiab/iiab.env | awk -F "=" '{print $2}' - when: not first_run + when: iiab_stage|int > 4 register: prior_gw - name: Checking for old device gateway interface for device test set_fact: - device_gw: "{{ prior_gw.stdout }}" - device_gw2: "{{ prior_gw.stdout }}" - when: not first_run and prior_gw is defined and prior_gw.stdout != "" + device_gw: "{{ prior_gw.stdout }}" + device_gw2: "{{ prior_gw.stdout }}" + when: iiab_stage|int > 4 and prior_gw is defined and prior_gw.stdout != "" - name: Setting WAN if detected set_fact: - iiab_wan_iface: "{{ discovered_wan_iface }}" - device_gw: "{{ discovered_wan_iface }}" - when: discovered_wan_iface != "none" + iiab_wan_iface: "{{ discovered_wan_iface }}" + device_gw: "{{ discovered_wan_iface }}" + when: ansible_default_ipv4.gateway is defined - name: RedHat network detection include_tasks: detected_redhat.yml From 16102e0da6a28e218d4e293005ad55f97c95a13e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 11:10:33 -0400 Subject: [PATCH 380/466] computed_vars cleaning --- roles/1-prep/tasks/computed_vars.yml | 63 +++++++--------------------- 1 file changed, 16 insertions(+), 47 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index f9fb64852..0d5b68dd6 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -6,76 +6,45 @@ # set top level variables from local facts for convenience - set_fact: - xo_model: '{{ ansible_local.local_facts.xo_model }}' - phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' - iiab_stage: '{{ ansible_local.local_facts.stage }}' + xo_model: '{{ ansible_local.local_facts.xo_model }}' + phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' + iiab_stage: '{{ ansible_local.local_facts.stage }}' - name: Set exFAT enabled for XO laptops set_fact: exFAT_enabled: True when: xo_model != "none" -# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate -- name: Finding gateway - set_fact: - discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" - when: 'ansible_default_ipv4.gateway is defined' - -- name: Verify gateway present - shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? - when: discovered_wan_iface != "none" - register: gw_active_test - -- name: Recording gateway response - set_fact: - gw_active: True - when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" - -- name: Test for internet access - get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt - ignore_errors: True -# async: 10 -# poll: 2 - register: internet_access_test - -- name: Set internet_available true if wget succeeded - set_fact: - internet_available: True - when: not internet_access_test|failed and not disregard_network - -- name: Cleanup internet test file - file: path=/tmp/heart-beat.txt - state=absent - - name: set FQDN set_fact: - iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" - FQDN_changed: False + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False - name: FQDN changed set_fact: - FQDN_changed: True + FQDN_changed: True when: iiab_fqdn != ansible_fqdn -# Now check FQDN -- include: roles/2-common/tasks/hostname.yml - when: not first_run and FQDN_changed +- name: Now check FQDN + include_tasks: roles/2-common/tasks/hostname.yml + when: FQDN_changed # Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate - name: Finding gateway set_fact: - discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" - when: 'ansible_default_ipv4.gateway is defined' + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + iiab_wan_iface: "{{ discovered_wan_iface }}" + when: ansible_default_ipv4.gateway is defined - name: Verify gateway present - shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l when: discovered_wan_iface != "none" register: gw_active_test - name: Recording gateway response set_fact: - gw_active: True - when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "1" - name: Test for internet access get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt @@ -86,7 +55,7 @@ - name: Set internet_available true if wget succeeded set_fact: - internet_available: True + internet_available: True when: not internet_access_test|failed and not disregard_network - name: Cleanup internet test file From 7d63af3d6ad4734b7e08e84a3e0b66c72b1a4607 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 12:13:50 -0500 Subject: [PATCH 381/466] steps -> stages --- iiab-install | 2 +- iiab-steps.yml => iiab-stages.yml | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename iiab-steps.yml => iiab-stages.yml (100%) diff --git a/iiab-install b/iiab-install index 934885fe1..c2b35864c 100755 --- a/iiab-install +++ b/iiab-install @@ -1,6 +1,6 @@ #!/bin/bash -e # running from a git repo -PLAYBOOK="iiab-steps.yml" +PLAYBOOK="iiab-stages.yml" INVENTORY="ansible_hosts" CWD=`pwd` # Add cmdline options for passing to ansible diff --git a/iiab-steps.yml b/iiab-stages.yml similarity index 100% rename from iiab-steps.yml rename to iiab-stages.yml From bd7d1dded57578ef088ea480781f608d960765dc Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 13:02:41 -0500 Subject: [PATCH 382/466] move is_rpi to computed_vars.yml for 0-init --- roles/1-prep/tasks/computed_vars.yml | 12 ++++++++---- roles/1-prep/tasks/main.yml | 7 ------- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 0d5b68dd6..9e4e7fdf4 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -1,7 +1,4 @@ -# get local vars from scripts in /etc/ansible/facts.d -# on first run, this will generate UUID - -- name: re-read facts +- name: re-read local_facts.facts from /etc/ansible/facts.d setup: filter=ansible_local # set top level variables from local facts for convenience @@ -10,6 +7,13 @@ phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' iiab_stage: '{{ ansible_local.local_facts.stage }}' +# Networking uses a different file for the rpi +- name: Discover if this is a rpi -- assume if so it is running raspbian + set_fact: + rpi_model: "rpi" + is_rpi: "True" + when: ansible_local.local_facts.os == "raspbian" + - name: Set exFAT enabled for XO laptops set_fact: exFAT_enabled: True diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index a96e281f6..cff1ba0a7 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -63,13 +63,6 @@ when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed ## DISCOVER PLATFORMS ###### -- name: Discover if this is an rpi -- assume it is running Raspbian if so - set_fact: - rpi_model: "rpi" - is_rpi: "True" - when: ansible_local.local_facts.os == "raspbian" - ignore_errors: true - - include_tasks: prep.yml when: first_run From 38fb39ad2b53215ad0bce81c2584eb19e7ea6349 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 13:08:42 -0500 Subject: [PATCH 383/466] remove first_run from 1-prep main.yml --- roles/1-prep/tasks/main.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index cff1ba0a7..05010b77a 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -50,13 +50,13 @@ - name: Disable AppArmor -- on by default in Ubuntu service: name=apparmor enabled=False state=stopped - when: first_run and is_ubuntu + when: is_ubuntu ignore_errors: true - name: Disable SELinux on next boot selinux: state=disabled register: selinux_disabled - when: first_run and not is_debuntu + when: not is_debuntu - name: Disable SELinux for this session (if needed) command: setenforce Permissive @@ -64,7 +64,6 @@ ## DISCOVER PLATFORMS ###### - include_tasks: prep.yml - when: first_run # Put conditional actions for hardware platforms here - include_tasks: raspberry_pi_2.yml @@ -74,12 +73,11 @@ shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'" register: usb_NUC6 ignore_errors: true - when: first_run - name: Download the firmware for built-in WiFi on NUC6 get_url: dest=/lib/firmware url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode - when: first_run and usb_NUC6.stdout|int > 0 + when: usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location - name: Recording STAGE 1 HAS COMPLETED ============================ From e9fc26fc2d191f5ef3bdbb98617ae973a98537c6 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 13:13:09 -0500 Subject: [PATCH 384/466] update syntax in 1-prep iiab_ini.yml --- roles/1-prep/tasks/iiab_ini.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/1-prep/tasks/iiab_ini.yml b/roles/1-prep/tasks/iiab_ini.yml index c78970507..a1b4cb046 100755 --- a/roles/1-prep/tasks/iiab_ini.yml +++ b/roles/1-prep/tasks/iiab_ini.yml @@ -25,10 +25,10 @@ - option: 'arch' value: '{{ ansible_architecture }}' - option: 'iiab_branch' - value: '{{ ansible_local["local_facts"]["iiab_branch"] }}' + value: '{{ ansible_local.local_facts.iiab_branch }}' - option: 'iiab_commit' - value: '{{ ansible_local["local_facts"]["iiab_commit"] }}' + value: '{{ ansible_local.local_facts.iiab_commit }}' - option: 'install_date' - value: '{{ ansible_date_time["iso8601"] }}' + value: '{{ ansible_date_time.iso8601 }}' - option: 'install_xo' value: '{{ xo_model }}' From 2c9a2970bc59e5c0de3b77f6ad941ece0a935a03 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 16:18:16 -0500 Subject: [PATCH 385/466] merge iiab-install - missed is_redhat --- roles/network/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 829a95929..295823df8 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -32,6 +32,7 @@ - include_tasks: ifcfg_mods.yml tags: - network + when: is_redhat and not installing - include_tasks: debian.yml tags: From 9f9a462ad026cc067228296bff5efdb5c124701b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 16:41:13 -0500 Subject: [PATCH 386/466] is_VM --- roles/network/tasks/debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 7845c7524..e11592a79 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -67,7 +67,7 @@ - name: restart the networking service service: name=networking state=restarted - when: interface.changed + when: interface.changed and not is_VM is defined - name: restart hostapd when wifi is present service: name=hostapd state=started From e490693dab308c8f90eb495f9b81f477b3b77355 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 16:57:39 -0500 Subject: [PATCH 387/466] merge - move services - double check after rebase --- roles/network/tasks/main.yml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 295823df8..fd4b64329 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -29,6 +29,15 @@ tags: - network +- include_tasks: hostapd.yml + tags: + - network + - AP + +- include_tasks: computed_services.yml + tags: + - network + - include_tasks: ifcfg_mods.yml tags: - network @@ -64,13 +73,15 @@ #### end network layout #### start services -- include_tasks: computed_services.yml - tags: - - network - - include_tasks: enable_services.yml tags: - network + tags: + - network + - named + - dhcpd + - dnsmasq + - squid - include_tasks: restart.yml when: not installing From c1183cc578805de01021704a70a33a64a0022d9d Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 17:30:55 -0500 Subject: [PATCH 388/466] big hammer on bridging --- roles/network/tasks/detected_network.yml | 28 ++++++++++++++---------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index cdd73cc98..eb0e50500 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -141,20 +141,26 @@ iiab_lan_iface: "{{ discovered_lan_iface }}" when: 'discovered_lan_iface != "none" and num_lan_interfaces == "1"' -- name: For Debian, always use bridging - set_fact: - iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' +# big hammer for now +#- name: For Debian, always use bridging +# set_fact: +# iiab_lan_iface: br0 +# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' -- name: 2 or more devices on the LAN - use bridging - set_fact: - iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_debian' +#- name: 2 or more devices on the LAN - use bridging +# set_fact: +# iiab_lan_iface: br0 +# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_debian' -- name: WiFi is on the LAN - use bridging +#- name: WiFi is on the LAN - use bridging +# set_fact: +# iiab_lan_iface: br0 +# when: iiab_wireless_lan_iface != "none" + +- name: in VM disable bridging set_fact: - iiab_lan_iface: br0 - when: iiab_wireless_lan_iface != "none" + iiab_lan_iface: none + when: is_VM is defined # OK try old gw this is a best guess based on what's in # /etc/sysconfig/iiab_wan_device's last state intended to From 5829faac91eb625aaebaf03617868411bbe4ea82 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 17:45:10 -0500 Subject: [PATCH 389/466] dhcpd - is_VM --- roles/network/tasks/debian.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index e11592a79..5ae034620 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -75,3 +75,4 @@ - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} state=started + when: not is_VM is defined From 22165b1c04dc7ff286becda5e94fbfa9dadbaae2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 18:11:53 -0500 Subject: [PATCH 390/466] dhcpd - iiab_network_mode != Appliance debian --- roles/network/tasks/debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 5ae034620..cf5dd23ff 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -75,4 +75,4 @@ - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} state=started - when: not is_VM is defined + when: not iiab_network_mode != "Appliance" From cdf368d257f79ccce6245bd0153b733829740594 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 10:15:59 -0400 Subject: [PATCH 391/466] fixed cherry-pick 54f7b4e728061bb75bf714fcc982b2c0c55784c7 --- roles/network/tasks/main.yml | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index fd4b64329..d1d82a1e5 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -25,6 +25,7 @@ tags: - network +#### start services - include_tasks: avahi.yml tags: - network @@ -37,6 +38,21 @@ - include_tasks: computed_services.yml tags: - network + - named + - dhcpd + - dnsmasq + - squid + +- include_tasks: enable_services.yml + tags: + - network + - named + - dhcpd + - dnsmasq + - squid + +#### end services +#### Start network layout - include_tasks: ifcfg_mods.yml tags: @@ -72,17 +88,6 @@ - network #### end network layout -#### start services -- include_tasks: enable_services.yml - tags: - - network - tags: - - network - - named - - dhcpd - - dnsmasq - - squid - - include_tasks: restart.yml when: not installing tags: @@ -91,4 +96,3 @@ - dhcpd - dnsmasq - squid -#### end services From 37b8e3fdb6fd242bd9397f792e616636e1dba3cf Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 10:59:33 -0400 Subject: [PATCH 392/466] fixed cherry-pick of 76835bac0539366278ff617ace99f24b4ad06dff --- roles/network/tasks/debian.yml | 12 ++++++------ roles/network/tasks/ifcfg_mods.yml | 10 +++++----- roles/network/tasks/restart.yml | 23 +++++++++++++++++------ 3 files changed, 28 insertions(+), 17 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index cf5dd23ff..20f0e5227 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -69,10 +69,10 @@ service: name=networking state=restarted when: interface.changed and not is_VM is defined -- name: restart hostapd when wifi is present - service: name=hostapd state=started - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" +#- name: restart hostapd when wifi is present +# service: name=hostapd state=started +# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" -- name: dhcp_server may be affected - starting - user choice - service: name={{ dhcp_service2 }} state=started - when: not iiab_network_mode != "Appliance" +#- name: dhcp_server may be affected - starting - user choice +# service: name={{ dhcp_service2 }} state=started +# when: iiab_network_mode != "Appliance" diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index cdc22be6f..b985aa401 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -110,9 +110,9 @@ with_items: - "{{ lan_list_result.stdout_lines }}" -- name: restart hostapd when wifi is present - service: name=hostapd state=started - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" +#- name: restart hostapd when wifi is present +# service: name=hostapd state=started +# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" -- name: dhcp_server may be affected - starting - user choice - service: name={{ dhcp_service2 }} state=started +#- name: dhcp_server may be affected - starting - user choice +# service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 30ef4a84b..24a3e4f09 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,3 +1,8 @@ +- name: restart hostapd when wifi is present + service: name=hostapd state=started + when: iiab_wireless_lan_iface != "none" and hostapd_enabled +# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + - name: Start named service service: name={{ dns_service }} state=started @@ -26,7 +31,7 @@ - name: Restart Wondershaper service service: name=wondershaper - state=restarted + state=restarted when: wondershaper_enabled - name: Restart avahi service @@ -38,17 +43,23 @@ creates=/etc/sysconfig/olpc-scripts/setup.d/installed/gateway when: iiab_network_mode == "Gateway" +- name: Waiting {{ hostapd_wait }} seconds for network to stablize + shell: sleep {{ hostapd_wait }} + - name: Run iptables command: /usr/bin/iiab-gen-iptables - name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds - shell: "sleep {{ hostapd_wait }} | brctl show br0 | grep {{ iiab_wireless_lan_iface }}" - when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" + shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} + when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and item|trim == "" - with_items: - - "{{ wifi_slave.stdout }}" + when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled + +- name: dhcp_server may be affected - starting - user choice + service: name={{ dhcp_service2 }} + state=restarted + when: iiab_network_mode != "Appliance" From 8e37472fbfb45767e7912d563472b584c12df482 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 08:45:55 -0400 Subject: [PATCH 393/466] running - double check after rebase --- roles/network/defaults/main.yml | 19 ++++--- roles/network/tasks/debian.yml | 7 +-- roles/network/tasks/detected_network.yml | 50 ++++++++++++------- roles/network/tasks/main.yml | 14 ++++-- .../network/templates/network/dhcpcd.conf.j2 | 6 ++- 5 files changed, 61 insertions(+), 35 deletions(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 9a546c8c1..74376c895 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -8,18 +8,23 @@ gui_static_wan: False # Set defaults for discovery process as strings wifi1: "not found-1" wifi2: "not found-2" -discovered_lan_iface: "none" -discovered_wireless_iface: "none" -#Redhat -iiab_lan_iface: "none" -iiab_wan_iface: "none" -iiab_wireless_lan_iface: "none" +ap_device: "none" device_gw: "none" device_gw2: "" + +iiab_wan_iface: "none" +iiab_lan_iface: "none" +discovered_lan_iface: "none" +discovered_wired_iface: "none" +discovered_wireless_iface: "none" +iiab_wired_lan_iface: "none" +iiab_wireless_lan_iface: "none" + +#Redhat has_WAN: False has_ifcfg_gw: "none" has_wifi_gw: "none" -ap_device: "none" + #Debian dhcpcd_result: "" wan_in_interfaces: False diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 20f0e5227..d64bafbe2 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -32,7 +32,8 @@ - name: Supply dhcpcd.conf template: dest=/etc/dhcpcd.conf src=network/dhcpcd.conf.j2 - when: dhcpcd_result == "enabled" and (iiab_lan_iface == "br0" or wan_ip != "dhcp") + when: dhcpcd_result == "enabled" +#and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab @@ -42,7 +43,7 @@ - name: If this was a change, things need to shift service: name=hostapd state=stopped - when: interface.changed +# when: interface.changed - name: bind may be affected service: name={{ dns_service }} state=stopped @@ -63,7 +64,7 @@ # now pick up denyinterfaces - name: restart dhcpcd service: name=dhcpcd state=restarted - when: interface.changed and dhcpcd_result == "enabled" + when: dhcpcd_result == "enabled" - name: restart the networking service service: name=networking state=restarted diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index eb0e50500..023c85c73 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -73,6 +73,7 @@ shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l" register: count_wifi_interfaces +# facts are apparently all stored as text, so do text comparisons from here on - name: Remember number of WiFi devices set_fact: num_wifi_interfaces: "{{ count_wifi_interfaces.stdout|int }}" @@ -98,22 +99,12 @@ ignore_errors: True changed_when: false -# Select an adapter that is not WAN and not wireless -# if there is more than one the last one wins -- name: Set IIAB discovered_lan_iface fact - set_fact: - discovered_lan_iface: "{{ item|trim }}" - when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface - with_items: - - "{{ lan_list_result.stdout_lines }}" - - name: Count LAN ifaces shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} | wc -l register: num_lan_interfaces_result ignore_errors: True changed_when: false -# facts are apparently all stored as text, so do text comparisons from here on - name: Calulate number of LAN interfaces including WiFi set_fact: num_lan_interfaces: "{{ num_lan_interfaces_result.stdout|int }}" @@ -126,20 +117,39 @@ # num_lan_interfaces: "1" # when: iiab_lan_enabled and iiab_wan_enabled and num_lan_interfaces == "2" and discovered_wireless_iface != "none" and iiab_wan_iface == "none" -- name: Set variable discovered_wireless_iface if present +# if there is more than one the last one wins +# Select an adapter that is not WAN and not wireless +- name: Set discovered_wired_iface fact if present + set_fact: + discovered_wired_iface: "{{ item|trim }}" + when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface + with_items: + - "{{ lan_list_result.stdout_lines }}" + +- name: Set discovered_wireless_lan_iface fact if present set_fact: iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}" - when: discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface + when: discovered_wireless_iface is defined and discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface + +- name: Set variable discovered_wired_lan_iface if present + set_fact: + iiab_wired_lan_iface: "{{ discovered_wired_iface }}" + when: discovered_wired_iface is defined and discovered_wired_iface != "none" and discovered_wired_iface != iiab_wan_iface #unused #- name: Get a list of ifcfg files to delete # moved to detected_redhat # use value only if present -- name: Setting detected LAN +- name: Setting wired LAN as only interface set_fact: - iiab_lan_iface: "{{ discovered_lan_iface }}" - when: 'discovered_lan_iface != "none" and num_lan_interfaces == "1"' + iiab_lan_iface: "{{ iiab_wired_lan_iface }}" + when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" + +- name: Setting wireless LAN as only interface + set_fact: + iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" + when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" # big hammer for now #- name: For Debian, always use bridging @@ -159,7 +169,7 @@ - name: in VM disable bridging set_fact: - iiab_lan_iface: none + iiab_lan_iface: none when: is_VM is defined # OK try old gw this is a best guess based on what's in @@ -195,7 +205,11 @@ value: '{{ iiab_wireless_lan_iface }}' - option: 'num_lan_interfaces' value: '{{ num_lan_interfaces }}' - - option: 'discovered_lan_iface' - value: '{{ discovered_lan_iface }}' + - option: 'discovered_wired_iface' + value: '{{ discovered_wired_iface }}' - option: 'gui_static_wan' value: '{{ gui_static_wan }}' + - option: 'dhcpcd_result' + value: '{{ dhcpcd_result }}' + - option: 'iiab_lan' + value: '{{ iiab_lan_iface }}' diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index d1d82a1e5..a6abc237b 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,3 +1,6 @@ + +- include_vars: roles/network/defaults/main.yml + - include_tasks: detected_network.yml when: not installing tags: @@ -62,12 +65,13 @@ - include_tasks: debian.yml tags: - network - when: is_debuntu and not is_rpi and not installing + when: is_debuntu +#and not is_rpi and not installing -- include_tasks: rpi_debian.yml - tags: - - network - when: is_debuntu and is_rpi and not installing +#- include_tasks: rpi_debian.yml +# tags: +# - network +# when: is_debuntu and is_rpi and not installing - name: Record iiab_wan_device lineinfile: dest=/etc/iiab/iiab.env diff --git a/roles/network/templates/network/dhcpcd.conf.j2 b/roles/network/templates/network/dhcpcd.conf.j2 index 4a598574e..e2fa13dd4 100644 --- a/roles/network/templates/network/dhcpcd.conf.j2 +++ b/roles/network/templates/network/dhcpcd.conf.j2 @@ -40,9 +40,11 @@ slaac private # supplied by IIAB -denyinterfaces {% if gui_static_wan == true %} {{ iiab_wan_iface }} {% endif %} {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} +#{% if gui_static_wan == true %} +#denyinterfaces {{ iiab_wan_iface }} +#{% endif %} -{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} +{% if dhcpcd_result == "enabled" and iiab_lan_iface != "none" %} interface {{ iiab_lan_iface }} static ip_address={{ lan_ip }}/19 static routers={{ lan_ip }} From e467df273e1675f11642b572db2ffe2f2f7fcc2f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 10:15:59 -0400 Subject: [PATCH 394/466] move enable_service - edits --- roles/network/tasks/main.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index a6abc237b..73d9db943 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -57,6 +57,17 @@ #### end services #### Start network layout +- include_tasks: enable_services.yml + tags: + - network + - named + - dhcpd + - dnsmasq + - squid + +#### end services +#### Start network layout + - include_tasks: ifcfg_mods.yml tags: - network From 73b6937c8e844a6fd190d02fe0950cc5bd1832dd Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 15:43:19 -0500 Subject: [PATCH 395/466] re-enable bridging for non-RPi --- roles/network/tasks/detected_network.yml | 39 ++++++++++++------------ 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 023c85c73..efd822956 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -141,33 +141,32 @@ # moved to detected_redhat # use value only if present -- name: Setting wired LAN as only interface +- name: For Debian, always use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' and not is_rpi + +- name: WiFi is on the LAN - use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: iiab_wireless_lan_iface != "none" and not is_rpi + +- name: Setting wired LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" + when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" and is_rpi -- name: Setting wireless LAN as only interface +- name: Setting wireless LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" + when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" and is_rpi -# big hammer for now -#- name: For Debian, always use bridging -# set_fact: -# iiab_lan_iface: br0 -# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' +- name: 2 or more devices on the LAN - use bridging + set_fact: + iiab_lan_iface: br0 + when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi' -#- name: 2 or more devices on the LAN - use bridging -# set_fact: -# iiab_lan_iface: br0 -# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_debian' - -#- name: WiFi is on the LAN - use bridging -# set_fact: -# iiab_lan_iface: br0 -# when: iiab_wireless_lan_iface != "none" - -- name: in VM disable bridging +- name: in VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none when: is_VM is defined From 4d8fe7fd4629a138bfb1c7feeaa16da9ea9517be Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 15:45:55 -0500 Subject: [PATCH 396/466] remove dup'd stanza --- roles/network/tasks/main.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 73d9db943..a6abc237b 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -57,17 +57,6 @@ #### end services #### Start network layout -- include_tasks: enable_services.yml - tags: - - network - - named - - dhcpd - - dnsmasq - - squid - -#### end services -#### Start network layout - - include_tasks: ifcfg_mods.yml tags: - network From 312f5a99ee1b79d3f3fb8b23ebda20fd397d9bd7 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 16:14:00 -0500 Subject: [PATCH 397/466] adjust systemd.j2 --- roles/network/templates/network/systemd.j2 | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index f5d0816a2..9ff1a21d4 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -10,7 +10,7 @@ iface br0 inet manual iface br0 inet static {% endif %} {% if discovered_lan_iface != "none" %} - bridge_ports {{ discovered_lan_iface }} + bridge_ports {{ iiab_wired_lan_iface }} {% endif %} bridge_maxwait 0 {% if dhcpcd_result != "enabled" %} @@ -28,11 +28,6 @@ iface br0 inet static {% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} # client or user defined {% endif %} -{% if dhcpcd_result == "enabled" and is_rpi == "true" %} -#cover rpi -#auto {{ iiab_wan_iface }} -#iface {{ iiab_wan_iface }} inet manual -{% endif %} {% if dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} #cover butt auto {{ iiab_wan_iface }} From f2d3207ac3553120d9678408f51311171b9bb516 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 16:26:40 -0500 Subject: [PATCH 398/466] adjust debian.yml --- roles/network/tasks/debian.yml | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index d64bafbe2..90f0f6fd7 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -33,17 +33,11 @@ template: dest=/etc/dhcpcd.conf src=network/dhcpcd.conf.j2 when: dhcpcd_result == "enabled" -#and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab src=network/systemd.j2 - register: interface - when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - -- name: If this was a change, things need to shift - service: name=hostapd state=stopped -# when: interface.changed + when: not is_rpi and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: bind may be affected service: name={{ dns_service }} state=stopped @@ -68,11 +62,11 @@ - name: restart the networking service service: name=networking state=restarted - when: interface.changed and not is_VM is defined + when: not is_rpi or not is_VM is defined -#- name: restart hostapd when wifi is present -# service: name=hostapd state=started -# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" +- name: restart hostapd when wifi is present + service: name=hostapd state=restarted + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" #- name: dhcp_server may be affected - starting - user choice # service: name={{ dhcp_service2 }} state=started From a33c5f76b98ef0b71a548082e66d311a5baf671e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 16:43:59 -0500 Subject: [PATCH 399/466] quotes --- roles/network/tasks/detected_network.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index efd822956..e1ab599d4 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -144,7 +144,7 @@ - name: For Debian, always use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' and not is_rpi + when: discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu and not is_rpi - name: WiFi is on the LAN - use bridging - except RPi set_fact: @@ -164,7 +164,7 @@ - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi' + when: discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi - name: in VM disable LAN - needs local_vars entry to activate set_fact: From 16adb8e1993cabd51e5e306716329659706d58c8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 17:40:18 -0500 Subject: [PATCH 400/466] Noted odd behaviour when altering local_vars for 'host_ssid' & is_VM --- roles/network/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index a6abc237b..b5ac91ab1 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,5 +1,6 @@ - include_vars: roles/network/defaults/main.yml +- include_vars: vars/local_vars.yml - include_tasks: detected_network.yml when: not installing From 4a63f790858088a45a765e58ec4c61adba761b19 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 18:15:28 -0500 Subject: [PATCH 401/466] local_vars is_VM 2 --- roles/network/tasks/debian.yml | 2 +- roles/network/tasks/detected_network.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 90f0f6fd7..33444bd8d 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -62,7 +62,7 @@ - name: restart the networking service service: name=networking state=restarted - when: not is_rpi or not is_VM is defined + when: not is_rpi or not no_net_restart is defined - name: restart hostapd when wifi is present service: name=hostapd state=restarted diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index e1ab599d4..a6a3aba83 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -169,6 +169,7 @@ - name: in VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none + no_net_restart: True when: is_VM is defined # OK try old gw this is a best guess based on what's in From 3e4ae6b07dada4d8074710efc106f7354a41ca95 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 18:50:10 -0500 Subject: [PATCH 402/466] syntax check --- roles/1-prep/tasks/computed_vars.yml | 14 +++++++++++++- roles/network/tasks/computed_services.yml | 2 ++ roles/network/tasks/debian.yml | 4 ++-- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 9e4e7fdf4..96cb679df 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -11,7 +11,7 @@ - name: Discover if this is a rpi -- assume if so it is running raspbian set_fact: rpi_model: "rpi" - is_rpi: "True" + is_rpi: True when: ansible_local.local_facts.os == "raspbian" - name: Set exFAT enabled for XO laptops @@ -200,9 +200,21 @@ value: '{{ gw_active }}' - option: 'internet_available' value: '{{ internet_available }}' + - option: 'is_rpi' + value: '{{ is_rpi }}' - option: 'first_run' value: '{{ first_run }}' - option: 'local_tz' value: '{{ local_tz }}' - option: 'FQDN_changed' value: '{{ FQDN_changed }}' + +- name: add version section + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'is_VM' + value: 'yes' + when: is_VM is defined diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index e5b3b096f..cd28c4d1d 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -52,3 +52,5 @@ value: '{{ dhcp_service2 }}' - option: 'dnsmasq_enabled' value: '{{ dnsmasq_enabled }}' + - option: 'is_rpi' + value: '{{ is_rpi }}' diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 33444bd8d..3ef51d66a 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -61,8 +61,8 @@ when: dhcpcd_result == "enabled" - name: restart the networking service - service: name=networking state=restarted - when: not is_rpi or not no_net_restart is defined + service: name=networking state=restarted + when: not is_rpi or not is_VM is defined - name: restart hostapd when wifi is present service: name=hostapd state=restarted From 4015a7c8f1246b57cf10a355fa8fb60f9471bb5b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 21:25:13 -0400 Subject: [PATCH 403/466] no_net_restart --- roles/1-prep/defaults/main.yml | 1 + roles/1-prep/tasks/computed_vars.yml | 1 + roles/network/tasks/computed_services.yml | 4 ++-- roles/network/tasks/debian.yml | 2 +- 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/1-prep/defaults/main.yml b/roles/1-prep/defaults/main.yml index 89df65e47..9e41e02fc 100644 --- a/roles/1-prep/defaults/main.yml +++ b/roles/1-prep/defaults/main.yml @@ -4,6 +4,7 @@ gui_version: 2 # These entries should never be changed in this file. # These are defaults for boolean routines, +no_net_restart: False first_run: False installing: False discovered_wan_iface: "none" diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 96cb679df..0f19a5389 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -12,6 +12,7 @@ set_fact: rpi_model: "rpi" is_rpi: True + no_net_restart: True when: ansible_local.local_facts.os == "raspbian" - name: Set exFAT enabled for XO laptops diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index cd28c4d1d..d8831fd2d 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -52,5 +52,5 @@ value: '{{ dhcp_service2 }}' - option: 'dnsmasq_enabled' value: '{{ dnsmasq_enabled }}' - - option: 'is_rpi' - value: '{{ is_rpi }}' + - option: 'no_net_restart' + value: '{{ no_net_restart }}' diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 3ef51d66a..d79c97264 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -62,7 +62,7 @@ - name: restart the networking service service: name=networking state=restarted - when: not is_rpi or not is_VM is defined + when: not no_net_restart - name: restart hostapd when wifi is present service: name=hostapd state=restarted From 6fae49c4656b695193aeb1235041f3c58a4103b3 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 23:45:38 -0500 Subject: [PATCH 404/466] enter --debug anytime --- iiab-install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index c2b35864c..001dc8eac 100755 --- a/iiab-install +++ b/iiab-install @@ -26,12 +26,12 @@ else # check ansible version here and force ansible upgrade if needed else source /etc/iiab/iiab.env - if [ $STAGE == 9 ] && [ "$1" = "--debug" ]; then + if [ "$1" = "--debug" ]; then echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then echo "Restarting *after* STAGE $STAGE..as soon as Stage 0 completes. Stage 9 comes last." - else + elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" echo "'iiab-install' has already been completed" From 26aa57537fd906e4aeddf8369e894d6599df170f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 01:18:26 -0500 Subject: [PATCH 405/466] stop squid after install --- roles/network/tasks/squid.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 2b8e3f184..398c2f54d 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -64,15 +64,14 @@ mode=0750 state=directory +- name: Stop Squid + service: name={{ proxy }} + state=stopped + when: not installing + - include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install -#- name: Stop Squid -# service: name={{ proxy }} -# state=stopped -# ignore_errors: yes -# when: not installing - - name: Add Squid to service list ini_file: dest='{{ service_filelist }}' section={{ proxy }} From 18d66e47f468e992c35293918eef8f80903944df Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 11:06:45 -0500 Subject: [PATCH 406/466] numbers should not have quotes --- roles/network/tasks/detected_network.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index a6a3aba83..7b38f8886 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -36,7 +36,7 @@ - name: setting wan_in_interfaces set_fact: wan_in_interfaces: True - when: is_debuntu and wan_file.stdout|int >= "0" + when: is_debuntu and wan_file.stdout|int >= 0 # WIRELESS -- if any wireless is detected as gateway, it becomes WAN - name: Look for any wireless interfaces @@ -144,7 +144,7 @@ - name: For Debian, always use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu and not is_rpi + when: discovered_lan_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi - name: WiFi is on the LAN - use bridging - except RPi set_fact: @@ -154,17 +154,17 @@ - name: Setting wired LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" and is_rpi + when: iiab_wired_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - name: Setting wireless LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" and is_rpi + when: iiab_wireless_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi + when: discovered_lan_iface != "none" and num_lan_interfaces >= 2 and not is_rpi - name: in VM disable LAN - needs local_vars entry to activate set_fact: @@ -211,5 +211,7 @@ value: '{{ gui_static_wan }}' - option: 'dhcpcd_result' value: '{{ dhcpcd_result }}' - - option: 'iiab_lan' + - option: 'wan_in_interfaces' + value: '{{ wan_in_interfaces }}' + - option: 'iiab_lan_iface' value: '{{ iiab_lan_iface }}' From 47dd40bd264bbd8efdd43cd13654594a34e8a93e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 11:18:06 -0500 Subject: [PATCH 407/466] CentOS - numbers should not have quotes & no config file needed. Might need to enable resolveconf to have the correct nameserver used -needs further testing to confirm testing --- roles/network/tasks/ifcfg_mods.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index b985aa401..760cdd4aa 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -14,13 +14,13 @@ # clear all bridge ifcfg files - name: Now delete slave bridge ifcfg files shell: rm -f /etc/sysconfig/network-scripts/ifcfg-"{{ item }}" - when: num_lan_interfaces != "0" or iiab_wireless_lan_iface != "none" + when: num_lan_interfaces != 0 or iiab_wireless_lan_iface != "none" with_items: - "{{ ifcfg_slaves.stdout_lines }}" - name: Now delete original ifcfg files shell: rm -f /etc/sysconfig/network-scripts/ifcfg-"{{ item }}" - when: num_lan_interfaces == "1" and iiab_lan_iface != "br0" + when: num_lan_interfaces == 1 and iiab_lan_iface != "br0" with_items: - "{{ discovered_lan_iface }}" @@ -40,7 +40,7 @@ shell: nmcli con delete id iiab-LAN ignore_errors: True changed_when: False - when: (num_lan_interfaces != "0" or iiab_wireless_lan_iface != "none") + when: (num_lan_interfaces != 0 or iiab_wireless_lan_iface != "none") ## vars/ users should set user_wan_iface to avoid messy redetect - include_tasks: redetect.yml @@ -53,8 +53,8 @@ # create ifcfg-WAN if missing # if we get here we have gateway but no ifcfg file -- include_tasks: create_ifcfg.yml - when: iiab_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none" and xo_model == "none" and not iiab_demo_mode +#- include_tasks: create_ifcfg.yml +# when: iiab_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none" and xo_model == "none" and not iiab_demo_mode - name: Configuring LAN interface as iiab_lan_iface template: src=network/ifcfg.j2 From 9bd493b0c56241ea3f08614ced62f8b0d8121e3f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 12:43:47 -0500 Subject: [PATCH 408/466] discovered_lan_iface -> discovered_wired_iface --- roles/network/tasks/detected_network.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 7b38f8886..fad64638d 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -144,7 +144,7 @@ - name: For Debian, always use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi + when: discovered_wired_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi - name: WiFi is on the LAN - use bridging - except RPi set_fact: @@ -164,7 +164,7 @@ - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= 2 and not is_rpi + when: num_lan_interfaces >= 2 and not is_rpi - name: in VM disable LAN - needs local_vars entry to activate set_fact: From 259c03fbcbd0ddead2780e22d68c5eac7ceeddf0 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 12:52:16 -0500 Subject: [PATCH 409/466] better squid <-> dansguardian switchover when enabling/disabling services due to port 3128 usage --- roles/network/tasks/restart.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 24a3e4f09..5fe64f8fc 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -11,22 +11,22 @@ - name: Stop DansGuardian service: name=dansguardian state=stopped - when: not dansguardian_enabled and dansguardian_install + when: dansguardian_install + +- name: Stop Squid service + service: name={{ proxy }} + state=stopped + when: squid_install - name: Restart DansGuardian service: name=dansguardian state=restarted when: dansguardian_enabled and dansguardian_install -- name: Stop Squid service - service: name={{ proxy }} - state=stopped - when: not squid_enabled and squid_install - # Squid get re-loaded with dispatcher.d - name: Restart Squid service service: name={{ proxy }} - state=started + state=restarted when: squid_enabled and squid_install - name: Restart Wondershaper service From f5f3e175838a435398ab0c70b5077644e7043df3 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 14:33:48 -0500 Subject: [PATCH 410/466] stop named after install --- roles/network/tasks/named.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 07b58ec17..8c88cd101 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -19,9 +19,9 @@ - download # or we have to change the serial number in the config files. -#- name: Stop named before copying files -# service: name={{ dns_service }} state=stopped -# when: not installing +- name: Stop named before copying files + service: name={{ dns_service }} state=stopped + when: not installing - name: Set folder permission file: path={{ item }} From 8c764acbca76ec3da46b1d074a11839cf7b854a8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 14:35:55 -0500 Subject: [PATCH 411/466] systemd.j2 touchups --- roles/network/templates/network/systemd.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index 9ff1a21d4..c84b9735a 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -9,7 +9,7 @@ iface br0 inet manual {% else %} iface br0 inet static {% endif %} -{% if discovered_lan_iface != "none" %} +{% if iiab_wired_lan_iface != "none" %} bridge_ports {{ iiab_wired_lan_iface }} {% endif %} bridge_maxwait 0 @@ -25,10 +25,10 @@ iface br0 inet static {% if iiab_network_mode != "LanController" %} ################# GATEWAY or APPLIANCE ######################### # start dhcp clients -{% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} +{% if dhcpcd_result == "enabled" or wan_in_interfaces %} # client or user defined {% endif %} -{% if dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} +{% if dhcpcd_result != "enabled" and not wan_in_interfaces %} #cover butt auto {{ iiab_wan_iface }} iface {{ iiab_wan_iface }} inet dhcp From 836747908da2889afde3fa3ba3cb4460b01b751a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 16:56:31 -0500 Subject: [PATCH 412/466] Ubuntu - stop squid before replacing the stock config files otherwise stock service does not stop with replacement files already in place --- roles/network/tasks/squid.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 398c2f54d..e608427a4 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -7,6 +7,11 @@ tags: - download +- name: Stop Squid + service: name={{ proxy }} + state=stopped + when: not installing + - name: Create the Squid user user: name={{ proxy_user }} createhome=False @@ -64,11 +69,6 @@ mode=0750 state=directory -- name: Stop Squid - service: name={{ proxy }} - state=stopped - when: not installing - - include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install From 4a6db98f5b611f768d0ba82f7989ed1845047c89 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 19:33:33 -0500 Subject: [PATCH 413/466] Ubuntu - bigger hammer to stop squid on ubuntu with DG enabled --- roles/network/tasks/squid.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index e608427a4..9405b86a7 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -7,6 +7,10 @@ tags: - download +- name: Bigger hammer for Ubuntu + command: /etc/init.d/squid stop + when: is_ubuntu + - name: Stop Squid service: name={{ proxy }} state=stopped From df08c29cfd83d0cdb1b0dacec4403068bcf178fe Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 21:16:28 -0500 Subject: [PATCH 414/466] Ubuntu - skip restart with DG enabled during install --- roles/network/tasks/restart.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 5fe64f8fc..6660e60fe 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,7 +1,6 @@ - name: restart hostapd when wifi is present service: name=hostapd state=started when: iiab_wireless_lan_iface != "none" and hostapd_enabled -# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" - name: Start named service service: name={{ dns_service }} @@ -18,10 +17,10 @@ state=stopped when: squid_install -- name: Restart DansGuardian +- name: Restart DansGuardian - execpt Ubuntu which needs reboot to activate service: name=dansguardian state=restarted - when: dansguardian_enabled and dansguardian_install + when: dansguardian_enabled and dansguardian_install and ( not is_ubuntu and iiab_stage|int < 4 ) # Squid get re-loaded with dispatcher.d - name: Restart Squid service From ac0d86a4dee14282ee582994430b521e424282d9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 22:36:11 -0500 Subject: [PATCH 415/466] Better O-init visuals --- roles/0-init/defaults/main.yml | 33 ++++++++++++++++++- .../tasks/computed_vars.yml | 2 +- roles/0-init/tasks/main.yml | 13 ++++---- roles/1-prep/defaults/main.yml | 32 ------------------ 4 files changed, 39 insertions(+), 41 deletions(-) mode change 120000 => 100644 roles/0-init/defaults/main.yml rename roles/{1-prep => 0-init}/tasks/computed_vars.yml (98%) delete mode 100644 roles/1-prep/defaults/main.yml diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml deleted file mode 120000 index b8fa87d4b..000000000 --- a/roles/0-init/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ -/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml new file mode 100644 index 000000000..9e41e02fc --- /dev/null +++ b/roles/0-init/defaults/main.yml @@ -0,0 +1,32 @@ +# use these as a tag a release at a point in time +iiab_base_ver: 6.4 +gui_version: 2 + +# These entries should never be changed in this file. +# These are defaults for boolean routines, +no_net_restart: False +first_run: False +installing: False +discovered_wan_iface: "none" +gw_active: "none" +internet_available: False +is_F18: False +no_NM_reload: False +exFAT_enabled: False +gui_port: 80 + +# Set default for discovered hardware +rpi_model: none +is_rpi: False +xo_model: none +rtc_id: ds3231 +NUC6_firmware_needed: False + +# used in 2-common xo.yml +wifi_id: none + +is_F20: False +is_F21: False +is_F22: False +is_F23: False +is_F24: False diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/0-init/tasks/computed_vars.yml similarity index 98% rename from roles/1-prep/tasks/computed_vars.yml rename to roles/0-init/tasks/computed_vars.yml index 0f19a5389..3063927ae 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/0-init/tasks/computed_vars.yml @@ -210,7 +210,7 @@ - option: 'FQDN_changed' value: '{{ FQDN_changed }}' -- name: add version section +- name: STAGE 0 HAS COMPLETED ====================================== ini_file: dest='{{ iiab_config_file }}' section=runtime option='{{ item.option }}' diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 528bf3aa9..ea72d214b 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,9 +1,9 @@ # Initialize - name: ...IS BEGINNING ============================================ - include_vars: roles/1-prep/defaults/main.yml + include_vars: roles/0-init/defaults/main.yml -- name: Determine if runansible was run +- name: Determine if installer was run stat: path=/etc/iiab/iiab.env register: NewInstall @@ -14,10 +14,9 @@ # we need to inialize the ini file and only write the location and version sections once and only # once to preserve the install date and git hash. -- include_tasks: roles/1-prep/tasks/iiab_ini.yml +- name: Write iiab_ini.yml for the first time + include_tasks: roles/1-prep/tasks/iiab_ini.yml when: first_run -# Now load the computed vars -- include_tasks: roles/1-prep/tasks/computed_vars.yml -- name: ...HAS COMPLETED =========================================== - command: echo +- name: Loading computed_vars + include_tasks: roles/0-init/tasks/computed_vars.yml diff --git a/roles/1-prep/defaults/main.yml b/roles/1-prep/defaults/main.yml deleted file mode 100644 index 9e41e02fc..000000000 --- a/roles/1-prep/defaults/main.yml +++ /dev/null @@ -1,32 +0,0 @@ -# use these as a tag a release at a point in time -iiab_base_ver: 6.4 -gui_version: 2 - -# These entries should never be changed in this file. -# These are defaults for boolean routines, -no_net_restart: False -first_run: False -installing: False -discovered_wan_iface: "none" -gw_active: "none" -internet_available: False -is_F18: False -no_NM_reload: False -exFAT_enabled: False -gui_port: 80 - -# Set default for discovered hardware -rpi_model: none -is_rpi: False -xo_model: none -rtc_id: ds3231 -NUC6_firmware_needed: False - -# used in 2-common xo.yml -wifi_id: none - -is_F20: False -is_F21: False -is_F22: False -is_F23: False -is_F24: False From f3fa1d21e93e4b71703dafde0457a9b806c24cda Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 22:52:13 -0500 Subject: [PATCH 416/466] move squid stop before DG --- roles/network/tasks/restart.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 6660e60fe..fe30fe6ec 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -7,16 +7,16 @@ state=started when: named_enabled and named_install -- name: Stop DansGuardian - service: name=dansguardian - state=stopped - when: dansguardian_install - - name: Stop Squid service service: name={{ proxy }} state=stopped when: squid_install +- name: Stop DansGuardian + service: name=dansguardian + state=stopped + when: dansguardian_install + - name: Restart DansGuardian - execpt Ubuntu which needs reboot to activate service: name=dansguardian state=restarted From e74838b8b2b3b34d367b624ecd9834e807e8b8ba Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 15:47:48 -0400 Subject: [PATCH 417/466] test disabling include_vars and moving computed_vars.yml in main.yml looking at "installing" as defined in roles/0-init/defaults/main.yml and first use in named.yml: Stop named before copying files where the install aborts when not defined --- roles/0-init/tasks/main.yml | 198 ++++++++++++++++++++++++++++++++++- roles/network/tasks/main.yml | 4 +- 2 files changed, 196 insertions(+), 6 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index ea72d214b..b8a8f9f1f 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,9 +1,9 @@ # Initialize - name: ...IS BEGINNING ============================================ - include_vars: roles/0-init/defaults/main.yml +# include_vars: roles/0-init/defaults/main.yml -- name: Determine if installer was run +#- name: Determine if installer was run stat: path=/etc/iiab/iiab.env register: NewInstall @@ -18,5 +18,195 @@ include_tasks: roles/1-prep/tasks/iiab_ini.yml when: first_run -- name: Loading computed_vars - include_tasks: roles/0-init/tasks/computed_vars.yml +#- name: Loading computed_vars +# include_tasks: roles/0-init/tasks/computed_vars.yml +- name: re-read local_facts.facts from /etc/ansible/facts.d + setup: filter=ansible_local + +# set top level variables from local facts for convenience +- set_fact: + xo_model: '{{ ansible_local.local_facts.xo_model }}' + phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' + iiab_stage: '{{ ansible_local.local_facts.stage }}' + +# Networking uses a different file for the rpi +- name: Discover if this is a rpi -- assume if so it is running raspbian + set_fact: + rpi_model: "rpi" + is_rpi: True + no_net_restart: True + when: ansible_local.local_facts.os == "raspbian" + +- name: Set exFAT enabled for XO laptops + set_fact: + exFAT_enabled: True + when: xo_model != "none" + +- name: set FQDN + set_fact: + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False + +- name: FQDN changed + set_fact: + FQDN_changed: True + when: iiab_fqdn != ansible_fqdn + +- name: Now check FQDN + include_tasks: roles/2-common/tasks/hostname.yml + when: FQDN_changed + +# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate +- name: Finding gateway + set_fact: + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + iiab_wan_iface: "{{ discovered_wan_iface }}" + when: ansible_default_ipv4.gateway is defined + +- name: Verify gateway present + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l + when: discovered_wan_iface != "none" + register: gw_active_test + +- name: Recording gateway response + set_fact: + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "1" + +- name: Test for internet access + get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt + ignore_errors: True +# async: 10 +# poll: 2 + register: internet_access_test + +- name: Set internet_available true if wget succeeded + set_fact: + internet_available: True + when: not internet_access_test|failed and not disregard_network + +- name: Cleanup internet test file + file: path=/tmp/heart-beat.txt + state=absent + +# Put all computed vars here so derive properly from any prior var file +- name: If the TZ is not set in env, set it to UTC + set_fact: local_tz='UTC' + when: local_tz == "" + +- name: Set port 80 for Admin Console + set_fact: + gui_port: 80 + when: not adm_cons_force_ssl + +- name: Set port 443 for Admin Console + set_fact: + gui_port: 443 + when: adm_cons_force_ssl + +- name: Require MySQL to be on + set_fact: + mysql_install: True + mysql_enabled: True + +# we decided to enable mysql unconditionally +# when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install + +# Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427 +# - name: Turn on mongodb if sugarizer enabled +# set_fact: +# mongodb_install: True +# mongodb_enabled: True +# when: sugarizer_enabled + +# There might be other db's +- name: Turn on PostgreSQL if Moodle or Pathagar enabled + set_fact: + postgresql_install: True + postgresql_enabled: True + when: moodle_enabled or pathagar_enabled + +- name: Turn on Docker if SchoolTool is to be installed + set_fact: + docker_install: True + docker_enabled: True + when: schooltool_enabled or schooltool_install + +- name: Set python_path for is_redhat + set_fact: + python_path: /usr/lib/python2.7/site-packages/ + when: is_redhat + +- name: Set python_path for is_debuntu + set_fact: + python_path: /usr/local/lib/python2.7/dist-packages/ + when: is_debuntu + +# for various reasons the mysql service can not be enabled on fedora 20, +# but 'mariadb', which is its real name can +# on fedora 18 we need to use 'mysqld' + +- name: Set mysqld_service to mariadb by default + set_fact: + mysql_service: mariadb + +- name: Set mysqld_service to mysqld for Fedora 18 + set_fact: + mysql_service: mysqld + no_NM_reload: True + is_F18: True + when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" + +- name: Set mysql_service to mysql for Debian + set_fact: + mysql_service: mysql + when: is_debuntu + +- name: add version section + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'iiab_stage' + value: '{{ iiab_stage }}' + - option: 'runtime_php' + value: '{{ phplib_dir }}' + - option: 'runtime_branch' + value: '{{ ansible_local.local_facts.iiab_branch }}' + - option: 'runtime_commit' + value: '{{ ansible_local.local_facts.iiab_commit }}' + - option: 'runtime_date' + value: '{{ ansible_date_time.iso8601 }}' + - option: 'ansible_version' + value: '{{ ansible_local.local_facts.ansible_version }}' + - option: 'kernel' + value: '{{ ansible_kernel }}' + - option: 'memory_mb' + value: '{{ ansible_memtotal_mb }}' + - option: 'swap_mb' + value: '{{ ansible_swaptotal_mb }}' + - option: 'product_id' + value: '{{ ansible_product_uuid }}' + - option: 'gw_active' + value: '{{ gw_active }}' + - option: 'internet_available' + value: '{{ internet_available }}' + - option: 'is_rpi' + value: '{{ is_rpi }}' + - option: 'first_run' + value: '{{ first_run }}' + - option: 'local_tz' + value: '{{ local_tz }}' + - option: 'FQDN_changed' + value: '{{ FQDN_changed }}' + +- name: STAGE 0 HAS COMPLETED ====================================== + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'is_VM' + value: 'yes' + when: is_VM is defined diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index b5ac91ab1..e4a8880b8 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,6 +1,6 @@ -- include_vars: roles/network/defaults/main.yml -- include_vars: vars/local_vars.yml +#- include_vars: roles/network/defaults/main.yml +#- include_vars: vars/local_vars.yml - include_tasks: detected_network.yml when: not installing From 9df384840f44469da01abe30764d246249260895 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 20:21:59 -0400 Subject: [PATCH 418/466] needed for 'installing' and others listed --- iiab-stages.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab-stages.yml b/iiab-stages.yml index ce27ec00c..74af5c454 100644 --- a/iiab-stages.yml +++ b/iiab-stages.yml @@ -3,6 +3,7 @@ become: yes vars_files: + - roles/0-init/defaults/main.yml - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml From 5e854fb798040bb94cd4c8f2a494289d4683941c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 20:35:02 -0400 Subject: [PATCH 419/466] adjust defaults --- roles/0-init/defaults/main.yml | 6 ------ roles/network/defaults/main.yml | 4 ++-- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml index 9e41e02fc..64d63b3cf 100644 --- a/roles/0-init/defaults/main.yml +++ b/roles/0-init/defaults/main.yml @@ -24,9 +24,3 @@ NUC6_firmware_needed: False # used in 2-common xo.yml wifi_id: none - -is_F20: False -is_F21: False -is_F22: False -is_F23: False -is_F24: False diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 74376c895..a7766b667 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -17,8 +17,8 @@ iiab_lan_iface: "none" discovered_lan_iface: "none" discovered_wired_iface: "none" discovered_wireless_iface: "none" -iiab_wired_lan_iface: "none" -iiab_wireless_lan_iface: "none" +#iiab_wired_lan_iface: "none" +#iiab_wireless_lan_iface: "none" #Redhat has_WAN: False From 4c17f2daa7f910f0c9b522a255137783f24c95a5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 20:57:49 -0400 Subject: [PATCH 420/466] adjust for 'is defined' --- roles/network/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index a7766b667..ea1de51a8 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -14,7 +14,7 @@ device_gw2: "" iiab_wan_iface: "none" iiab_lan_iface: "none" -discovered_lan_iface: "none" +#discovered_lan_iface: "none" discovered_wired_iface: "none" discovered_wireless_iface: "none" #iiab_wired_lan_iface: "none" @@ -48,7 +48,7 @@ hostapd_password: "iiab2017" driver_name: nl80211 network_config_dir: /etc/network/interfaces.d -iiab_network_mode: "Gateway" +#iiab_network_mode: "Gateway" dns_jail_enabled: False services_externally_visible: False From 8eb4b230a0a3ca536b872c55ce4f33f70db35f0f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 21:10:41 -0400 Subject: [PATCH 421/466] adjusted for order of apperence --- roles/0-init/defaults/main.yml | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml index 64d63b3cf..3e44ab4fd 100644 --- a/roles/0-init/defaults/main.yml +++ b/roles/0-init/defaults/main.yml @@ -4,23 +4,29 @@ gui_version: 2 # These entries should never be changed in this file. # These are defaults for boolean routines, -no_net_restart: False first_run: False -installing: False -discovered_wan_iface: "none" -gw_active: "none" -internet_available: False -is_F18: False -no_NM_reload: False -exFAT_enabled: False -gui_port: 80 - -# Set default for discovered hardware rpi_model: none is_rpi: False xo_model: none +gw_active: none +internet_available: False +discovered_wan_iface: none + +# old defs +gui_port: 80 +exFAT_enabled: False +is_F18: False + +# Set default 1-prep discovered hardware rtc_id: ds3231 NUC6_firmware_needed: False # used in 2-common xo.yml wifi_id: none + +# used 3+ others +installing: False + +# network +no_net_restart: False +no_NM_reload: False From a9926e670071eab062d3bcb10c4c2f45b8ab8175 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 21:11:27 -0400 Subject: [PATCH 422/466] adjust for 'is defined' and order --- roles/network/tasks/detected_network.yml | 64 ++++++++++++------------ 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index fad64638d..80afa1c92 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -117,12 +117,12 @@ # num_lan_interfaces: "1" # when: iiab_lan_enabled and iiab_wan_enabled and num_lan_interfaces == "2" and discovered_wireless_iface != "none" and iiab_wan_iface == "none" -# if there is more than one the last one wins # Select an adapter that is not WAN and not wireless +# if there is more than one the last one wins - name: Set discovered_wired_iface fact if present set_fact: discovered_wired_iface: "{{ item|trim }}" - when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface + when: item|trim != discovered_wireless_iface with_items: - "{{ lan_list_result.stdout_lines }}" @@ -141,31 +141,31 @@ # moved to detected_redhat # use value only if present -- name: For Debian, always use bridging - except RPi - set_fact: - iiab_lan_iface: br0 - when: discovered_wired_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi - -- name: WiFi is on the LAN - use bridging - except RPi - set_fact: - iiab_lan_iface: br0 - when: iiab_wireless_lan_iface != "none" and not is_rpi - -- name: Setting wired LAN as only interface - RPi - set_fact: - iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: iiab_wired_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - -- name: Setting wireless LAN as only interface - RPi - set_fact: - iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: iiab_wireless_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 when: num_lan_interfaces >= 2 and not is_rpi +- name: For Debian, always use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: num_lan_interfaces >= 1 and is_debuntu and not is_rpi + +- name: WiFi is on the LAN - use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: not is_rpi and iiab_wireless_lan_iface is defined + +- name: Setting wired LAN as only interface - RPi + set_fact: + iiab_lan_iface: "{{ iiab_wired_lan_iface }}" + when: is_rpi and iiab_wired_lan_iface is defined + +- name: Setting wireless LAN as only interface - RPi + set_fact: + iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" + when: is_rpi and iiab_wireless_lan_iface is defined + - name: in VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none @@ -189,10 +189,12 @@ with_items: - option: 'has_ifcfg_gw' value: '{{ has_ifcfg_gw }}' - - option: 'discovered_wan_iface' - value: '{{ discovered_wan_iface }}' - option: 'prior_gateway_(device_gw2)' value: '{{ device_gw2 }}' + - option: 'dhcpcd_result' + value: '{{ dhcpcd_result }}' + - option: 'wan_in_interfaces' + value: '{{ wan_in_interfaces }}' - option: 'wireless_list_1(wifi1)' value: '{{ wifi1 }}' - option: 'wireless_list_2(wifi2)' @@ -201,17 +203,15 @@ value: '{{ num_wifi_interfaces }}' - option: 'discovered_wireless_iface' value: '{{ discovered_wireless_iface }}' - - option: 'iiab_wireless_lan_iface' - value: '{{ iiab_wireless_lan_iface }}' - - option: 'num_lan_interfaces' - value: '{{ num_lan_interfaces }}' - option: 'discovered_wired_iface' value: '{{ discovered_wired_iface }}' +# - option: 'iiab_wireless_lan_iface' +# value: '{{ iiab_wireless_lan_iface }}' + - option: 'num_lan_interfaces' + value: '{{ num_lan_interfaces }}' - option: 'gui_static_wan' value: '{{ gui_static_wan }}' - - option: 'dhcpcd_result' - value: '{{ dhcpcd_result }}' - - option: 'wan_in_interfaces' - value: '{{ wan_in_interfaces }}' - option: 'iiab_lan_iface' value: '{{ iiab_lan_iface }}' + - option: 'iiab_wan_iface' + value: '{{ iiab_wan_iface }}' From c8950389e884f9591b093299903875d2600a834f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 00:33:15 -0400 Subject: [PATCH 423/466] raspbian kernel check --- iiab-install | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/iiab-install b/iiab-install index 001dc8eac..703bb3ab1 100755 --- a/iiab-install +++ b/iiab-install @@ -1,14 +1,29 @@ #!/bin/bash -e # running from a git repo -PLAYBOOK="iiab-stages.yml" -INVENTORY="ansible_hosts" -CWD=`pwd` # Add cmdline options for passing to ansible # todo add proper shift to gobble up --debug --reinstall ARGS="" +PLAYBOOK="iiab-stages.yml" +INVENTORY="ansible_hosts" +CWD=`pwd` +OS=`grep ^ID= /etc/*release|cut -d= -f2` +OS=${OS//\"/} + export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" +if [ $OS = "raspbian" ]; then + echo "found" + REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` + if [ $REBOOT != 1 ]; then + echo "Please update your system with 'add inst' " + echo "and reboot to install latest kernel" + exit 1 + else + echo "latest kernel installed - continuing" + fi +fi + if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then mkdir -p /etc/ansible/facts.d fi @@ -52,9 +67,6 @@ fi # if vars/local_vars.yml is missing, put a default one in place - First Run if [ ! -f ./vars/local_vars.yml ]; then - OS=`grep ^ID= /etc/*release|cut -d= -f2` - OS=${OS//\"/} - case $OS in OLPC | fedora) cp ./vars/olpc.localvars ./vars/local_vars.yml From 483634d3e93d2e7abe01da890a17ba1afd2c7793 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 00:41:41 -0400 Subject: [PATCH 424/466] bail early if playbook not found --- iiab-install | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/iiab-install b/iiab-install index 703bb3ab1..67a4b4b5e 100755 --- a/iiab-install +++ b/iiab-install @@ -12,6 +12,13 @@ OS=${OS//\"/} export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" +if [ ! -f $PLAYBOOK ]; then + echo "IIAB Playbook not found." + echo "Please run this command from the top level of the git repo." + echo "Exiting." + exit 1 +fi + if [ $OS = "raspbian" ]; then echo "found" REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` @@ -58,13 +65,6 @@ else fi fi -if [ ! -f $PLAYBOOK ]; then - echo "IIAB Playbook not found." - echo "Please run this command from the top level of the git repo." - echo "Exiting." - exit 1 -fi - # if vars/local_vars.yml is missing, put a default one in place - First Run if [ ! -f ./vars/local_vars.yml ]; then case $OS in From 53224d0c05f1f46377b1cf132aec27a67a5d200d Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 00:53:44 -0400 Subject: [PATCH 425/466] instructions and ansible --- iiab-install | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index 67a4b4b5e..241e46f28 100755 --- a/iiab-install +++ b/iiab-install @@ -23,8 +23,8 @@ if [ $OS = "raspbian" ]; then echo "found" REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` if [ $REBOOT != 1 ]; then - echo "Please update your system with 'add inst' " - echo "and reboot to install latest kernel" + echo "Please update your system with "apt update" then " + echo ""apt dist-upgrade" and reboot to install latest kernel" exit 1 else echo "latest kernel installed - continuing" @@ -40,6 +40,7 @@ STAGE="" if [ ! -f /etc/iiab/iiab.env ]; then mkdir -p /etc/iiab + ./scripts/ansible else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then From d315f14526505a57a19555c40aa5a431a5217e79 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 01:03:36 -0400 Subject: [PATCH 426/466] update ansible check to 2.4.1 --- scripts/ansible | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ansible b/scripts/ansible index 4ae9924e0..34353fae4 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -10,13 +10,13 @@ if [ $(which ansible-playbook) ]; then VER=`ansible --version|head -n 1|cut -f 2 -d " "` GOOD_VER=`echo $VER | grep ^2.4` # 2.2.0.0 -> 2.4.0 patching was not applied -just upgrade via pip - if [ $VER = "2.2.0.0" ]; then + if [ $GOOD_VER = "" ]; then echo "Ansible $VER installed updating to 2.4.0" - pip install --upgrade ansible==2.4.0 --disable-pip-version-check + pip install --upgrade ansible==2.4.1 --disable-pip-version-check exit 0 fi -# keep an eye out for 2.4.0.X in the future - if [ $VER = "2.4.0.0" ]; then +# keep an eye out for 2.4.1.X in the future + if [ $VER = "2.4.1.0" ]; then echo "Ansible $VER installed exiting..." exit 0 fi From 6044abe401aec11b83ab798304f0b411adca2d19 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 10:59:40 -0500 Subject: [PATCH 427/466] dhcpcd.conf.j2 cleanup --- roles/network/templates/network/dhcpcd.conf | 66 ------------------- .../network/templates/network/dhcpcd.conf.j2 | 19 ++++-- 2 files changed, 12 insertions(+), 73 deletions(-) delete mode 100644 roles/network/templates/network/dhcpcd.conf diff --git a/roles/network/templates/network/dhcpcd.conf b/roles/network/templates/network/dhcpcd.conf deleted file mode 100644 index a9eaf1c08..000000000 --- a/roles/network/templates/network/dhcpcd.conf +++ /dev/null @@ -1,66 +0,0 @@ -# A sample configuration for dhcpcd. -# See dhcpcd.conf(5) for details. - -# Allow users of this group to interact with dhcpcd via the control socket. -#controlgroup wheel - -# Inform the DHCP server of our hostname for DDNS. -hostname - -# Use the hardware address of the interface for the Client ID. -clientid -# or -# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. -# Some non-RFC compliant DHCP servers do not reply with this set. -# In this case, comment out duid and enable clientid above. -#duid - -# Persist interface configuration when dhcpcd exits. -persistent - -# Rapid commit support. -# Safe to enable by default because it requires the equivalent option set -# on the server to actually work. -option rapid_commit - -# A list of options to request from the DHCP server. -option domain_name_servers, domain_name, domain_search, host_name -option classless_static_routes -# Most distributions have NTP support. -option ntp_servers -# Respect the network MTU. This is applied to DHCP routes. -option interface_mtu - -# A ServerID is required by RFC2131. -require dhcp_server_identifier - -# Generate Stable Private IPv6 Addresses instead of hardware based ones -slaac private - -# IIAB -denyinterfaces {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} {% if iiab_lan_iface != "br0" %} {{ iiab_lan_iface }} {% endif %} - -{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} -interface {{ iiab_lan_iface }} -static ip_address={{ lan_ip }}/19 -static domain_name_servers=127.0.0.1 -{% endif %} - -# IIAB static IP configuration: -{% if wan_ip != dhcp %} -interface {{ iiab_wan_iface }} -static ip_address={{ wan_ip }}/24 -static routers={{ wan_gateway }} -domain_name_servers= {{ wan_nameserver }} -{% endif %} - -# It is possible to fall back to a static IP if DHCP fails: -# define static profile -#profile static_eth0 -#static ip_address=192.168.1.23/24 -#static routers=192.168.1.1 -#static domain_name_servers=192.168.1.1 - -# fallback to static profile on eth0 -#interface eth0 -#fallback static_eth0 diff --git a/roles/network/templates/network/dhcpcd.conf.j2 b/roles/network/templates/network/dhcpcd.conf.j2 index e2fa13dd4..63918be98 100644 --- a/roles/network/templates/network/dhcpcd.conf.j2 +++ b/roles/network/templates/network/dhcpcd.conf.j2 @@ -1,4 +1,3 @@ -# Supplied by IIAB # A sample configuration for dhcpcd. # See dhcpcd.conf(5) for details. @@ -38,15 +37,21 @@ require dhcp_server_identifier # Generate Stable Private IPv6 Addresses instead of hardware based ones slaac private -# supplied by IIAB +# IIAB +denyinterfaces {% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }} {% endif %} -#{% if gui_static_wan == true %} -#denyinterfaces {{ iiab_wan_iface }} -#{% endif %} +#{% if iiab_lan_iface != "br0" %} {{ iiab_lan_iface }} {% endif %} {% if dhcpcd_result == "enabled" and iiab_lan_iface != "none" %} interface {{ iiab_lan_iface }} static ip_address={{ lan_ip }}/19 -static routers={{ lan_ip }} -static domain_name_servers={{ lan_ip }} +static domain_name_servers=127.0.0.1 +{% endif %} + +# IIAB static IP configuration: +{% if wan_ip != "dhcp" %} +interface {{ iiab_wan_iface }} +static ip_address={{ wan_ip }}/24 +static routers={{ wan_gateway }} +domain_name_servers= {{ wan_nameserver }} {% endif %} From a45389ff41d1329a3a26e4a2d5d9591bed63100a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 11:03:17 -0500 Subject: [PATCH 428/466] iiab-install - case styling --- iiab-install | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/iiab-install b/iiab-install index 241e46f28..3a9acd441 100755 --- a/iiab-install +++ b/iiab-install @@ -70,15 +70,15 @@ fi if [ ! -f ./vars/local_vars.yml ]; then case $OS in OLPC | fedora) - cp ./vars/olpc.localvars ./vars/local_vars.yml - ;; + cp ./vars/olpc.localvars ./vars/local_vars.yml + ;; centos | debian | ubuntu | raspbian) - cp ./vars/medium.localvars ./vars/local_vars.yml - ;; + cp ./vars/medium.localvars ./vars/local_vars.yml + ;; *) - echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." - exit 1 - ;; + echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." + exit 1 + ;; esac fi From 78a9434122318e0d90793f07835f8e7120d65908 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 11:59:57 -0500 Subject: [PATCH 429/466] restore bridging for RPi and make optional --- roles/0-init/tasks/main.yml | 3 ++- roles/network/tasks/debian.yml | 7 ++++++- roles/network/tasks/detected_network.yml | 6 +++--- roles/network/templates/network/rpi.j2 | 13 +++++++++++++ 4 files changed, 24 insertions(+), 5 deletions(-) create mode 100644 roles/network/templates/network/rpi.j2 diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index b8a8f9f1f..bd3ffc66d 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -34,7 +34,8 @@ set_fact: rpi_model: "rpi" is_rpi: True - no_net_restart: True +# no_net_restart: True +# nobridge: True when: ansible_local.local_facts.os == "raspbian" - name: Set exFAT enabled for XO laptops diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index d79c97264..6fe93a197 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -39,6 +39,11 @@ src=network/systemd.j2 when: not is_rpi and (iiab_lan_iface == "br0" or wan_ip != "dhcp") +- name: Copy the bridge script for RPi + template: dest=/etc/network/interfaces.d/iiab + src=network/rpi.j2 + when: is_rpi and iiab_lan_iface == "br0" + - name: bind may be affected service: name={{ dns_service }} state=stopped when: named_install and dnsmasq_enabled @@ -62,7 +67,7 @@ - name: restart the networking service service: name=networking state=restarted - when: not no_net_restart + when: not nobridge is defined and not no_net_restart - name: restart hostapd when wifi is present service: name=hostapd state=restarted diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 80afa1c92..6848199dc 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -154,17 +154,17 @@ - name: WiFi is on the LAN - use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: not is_rpi and iiab_wireless_lan_iface is defined + when: iiab_wireless_lan_iface is defined and not nobridge is defined - name: Setting wired LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: is_rpi and iiab_wired_lan_iface is defined + when: iiab_wired_lan_iface is defined and nobridge is defined - name: Setting wireless LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: is_rpi and iiab_wireless_lan_iface is defined + when: iiab_wireless_lan_iface is defined and nobridge is defined - name: in VM disable LAN - needs local_vars entry to activate set_fact: diff --git a/roles/network/templates/network/rpi.j2 b/roles/network/templates/network/rpi.j2 new file mode 100644 index 000000000..b2e6ab083 --- /dev/null +++ b/roles/network/templates/network/rpi.j2 @@ -0,0 +1,13 @@ +# iiab_network_mode is {{ iiab_network_mode }} +# gui_desired_network_role is {{ gui_desired_network_role }} + +{% if iiab_network_mode != "Appliance" %} +################# LANCONTROLLER ################### +auto br0 +iface br0 inet manual + bridge_ports {% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }} {% endif %} + bridge_maxwait 0 + dns-nameservers 127.0.0.1 + dns-search {{ iiab_domain }} +{% endif %} +{# end LANCONTROLLER #} From 35cd2b44a56c0d4baf020bfb4b5ee9e37a97b106 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 13:22:37 -0500 Subject: [PATCH 430/466] iiab_wireless_lan_iface is defined for machines without wifi --- roles/network/tasks/debian.yml | 2 +- roles/network/tasks/hostapd.yml | 6 +++--- roles/network/tasks/restart.yml | 10 +++++----- roles/network/templates/hostapd/hostapd.conf.j2 | 4 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 6fe93a197..889c10dde 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -71,7 +71,7 @@ - name: restart hostapd when wifi is present service: name=hostapd state=restarted - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + when: iiab_wireless_lan_iface is defined and hostapd_enabled and iiab_network_mode != "Appliance" #- name: dhcp_server may be affected - starting - user choice # service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 2d6953613..33b9d8727 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -4,12 +4,12 @@ owner=root group=root mode=0644 - when: iiab_wireless_lan_iface != "none" + when: discovered_wireless_iface is defined - name: Disable the Access Point Hostapd program service: enabled=no name=hostapd.service - when: iiab_wireless_lan_iface == "none" or iiab_network_mode == "Appliance" or not hostapd_enabled + when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" or not hostapd_enabled - name: Use custom systemd unit file to start hostapd template: src=hostapd/hostapd.service.j2 @@ -21,4 +21,4 @@ - name: Enable the Access Point Hostapd program service: enabled=yes name=hostapd.service - when: iiab_wireless_lan_iface != "none" and iiab_network_mode != "Appliance" and hostapd_enabled + when: iiab_wireless_lan_iface is defined and iiab_network_mode != "Appliance" and hostapd_enabled diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index fe30fe6ec..af0808dc4 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,6 +1,6 @@ -- name: restart hostapd when wifi is present - service: name=hostapd state=started - when: iiab_wireless_lan_iface != "none" and hostapd_enabled +#- name: restart hostapd when wifi is present +# service: name=hostapd state=started +# when: iiab_wireless_lan_iface is defined and hostapd_enabled - name: Start named service service: name={{ dns_service }} @@ -50,13 +50,13 @@ - name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} - when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled + when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled + when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} diff --git a/roles/network/templates/hostapd/hostapd.conf.j2 b/roles/network/templates/hostapd/hostapd.conf.j2 index e09fc693f..fa1ce62cb 100644 --- a/roles/network/templates/hostapd/hostapd.conf.j2 +++ b/roles/network/templates/hostapd/hostapd.conf.j2 @@ -1,6 +1,6 @@ # Basic configuration -interface={{ iiab_wireless_lan_iface }} +interface={% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} ssid={{ host_ssid }} channel={{ host_channel }} {%if iiab_lan_iface == "br0" %} @@ -28,4 +28,4 @@ wpa_key_mgmt=WPA-PSK wpa_passphrase={{ hostapd_password }} # Use AES, instead of TKIP rsn_pairwise=CCMP -{% endif %} \ No newline at end of file +{% endif %} From a32f81922e7236b5c48a82e599b69adb9d65a2b2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 13:40:19 -0600 Subject: [PATCH 431/466] set hostname alias early --- roles/2-common/tasks/hostname.yml | 8 ++++++++ roles/network/tasks/hosts.yml | 8 -------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index a3ae16870..a4e400924 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -9,3 +9,11 @@ group=root mode=0644 when: is_redhat + +- name: Configure short hostname in /etc/hosts + lineinfile: dest=/etc/hosts + regexp='^127\.0\.0\.1' + line='127.0.0.1 localhost.localdomain localhost box {{ iiab_hostname }}' + owner=root + group=root + mode=0644 diff --git a/roles/network/tasks/hosts.yml b/roles/network/tasks/hosts.yml index 693400c54..cf4b38278 100644 --- a/roles/network/tasks/hosts.yml +++ b/roles/network/tasks/hosts.yml @@ -1,12 +1,4 @@ #TODO: Use vars instead of hardcoded values -- name: Configure short hostname in /etc/hosts - lineinfile: dest=/etc/hosts - regexp='^127\.0\.0\.1' - line='127.0.0.1 localhost.localdomain localhost box {{ iiab_hostname }}' - owner=root - group=root - mode=0644 - - name: Remove fqdn in /etc/hosts without LAN lineinfile: dest=/etc/hosts regexp='^172\.18\.96\.1' From e8bb95a33adb227876d22ea95e5bc82bb1743455 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 13:54:26 -0600 Subject: [PATCH 432/466] (re)install named, dhcpd, squid when FQDN changes --- roles/2-common/tasks/hostname.yml | 21 +++++++++++++++++++++ roles/2-common/tasks/main.yml | 10 +++++----- roles/3-base-server/tasks/main.yml | 18 ------------------ 3 files changed, 26 insertions(+), 23 deletions(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index a4e400924..961add87d 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -17,3 +17,24 @@ owner=root group=root mode=0644 + +- name: Configuring named + include_tasks: roles/network/tasks/named.yml + tags: + - named + - network + - domain + +- name: Configuring dhcpd + include_tasks: roles/network/tasks/dhcpd.yml + tags: + - dhcpd + - network + - domain + +- name: Configuring squid + include_tasks: roles/network/tasks/squid.yml + when: squid_install + tags: + - squid + - network diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index f7c0cc95b..c23b33521 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -12,11 +12,11 @@ when: xo_model != "none" or osbuilder is defined # set FQDN for IIAB -- include_tasks: hostname.yml - tags: - - network - - domain - - hostname +#- include_tasks: hostname.yml +# tags: +# - network +# - domain +# - hostname - include_tasks: centos.yml when: ansible_distribution == "CentOS" diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 6729c5597..c83eaa0a0 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -20,24 +20,6 @@ # has no "when: XXXXX_install" flag tags: base, mysql -- include_tasks: roles/network/tasks/named.yml - tags: - - named - - network - - domain - -- include_tasks: roles/network/tasks/dhcpd.yml - tags: - - dhcpd - - network - - domain - -- include_tasks: roles/network/tasks/squid.yml - tags: - - squid - - network - when: squid_install - - include_tasks: roles/network/tasks/wondershaper.yml tags: - wondershaper From 5132062bf740337465b46b879d164f234bbad846 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 14:19:23 -0600 Subject: [PATCH 433/466] install iptables in 2-common --- roles/2-common/tasks/main.yml | 7 +------ roles/network/tasks/iptables.yml | 6 +++--- roles/network/tasks/main.yml | 4 ---- 3 files changed, 4 insertions(+), 13 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index c23b33521..0e09e2514 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -11,12 +11,7 @@ - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined -# set FQDN for IIAB -#- include_tasks: hostname.yml -# tags: -# - network -# - domain -# - hostname +- include_tasks: roles/network/tasks/iptables.yml - include_tasks: centos.yml when: ansible_distribution == "CentOS" diff --git a/roles/network/tasks/iptables.yml b/roles/network/tasks/iptables.yml index 25ded7d8c..0025fab99 100644 --- a/roles/network/tasks/iptables.yml +++ b/roles/network/tasks/iptables.yml @@ -47,10 +47,10 @@ group='root' mode={{ item.2 }} with_items: - - { 0: 'gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' } - - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' } + - { 0: 'roles/network/templates/gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' } + - { 0: 'roles/network/templates/gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' } - name: Install Debian config - template: src=gateway/iptables dest=/etc/network/if-pre-up.d/iptables + template: src=roles/network/templates/gateway/iptables dest=/etc/network/if-pre-up.d/iptables mode=0755 when: is_debuntu diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index e4a8880b8..675dd805c 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -25,10 +25,6 @@ - hostname - domain -- include_tasks: iptables.yml - tags: - - network - #### start services - include_tasks: avahi.yml tags: From 6e22e73ab6e5ea58ac9a0ce11188a33e402342d9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 15:11:14 -0600 Subject: [PATCH 434/466] reconfiguring for FQDN change --- roles/0-init/tasks/main.yml | 3 --- roles/2-common/tasks/hostname.yml | 8 ++++++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index bd3ffc66d..5e847b071 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,9 +1,6 @@ # Initialize - name: ...IS BEGINNING ============================================ -# include_vars: roles/0-init/defaults/main.yml - -#- name: Determine if installer was run stat: path=/etc/iiab/iiab.env register: NewInstall diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index 961add87d..e63a6d6ad 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -38,3 +38,11 @@ tags: - squid - network + +- name: Re-configuring httpd - not initial install + include_tasks: roles/network/tasks/main.yml + when: iiab_stage|int > 3 + +- name: Re-configuring rest of networking - not initial install + include_tasks: roles/network/tasks/main.yml + when: iiab_stage|int > 4 From 3df58f1d001ba144d5526aaa0fe347b8514a5173 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 14:18:17 -0600 Subject: [PATCH 435/466] network - remove unused installing.yml file --- roles/network/tasks/installing.yml | 34 ------------------------------ 1 file changed, 34 deletions(-) delete mode 100644 roles/network/tasks/installing.yml diff --git a/roles/network/tasks/installing.yml b/roles/network/tasks/installing.yml deleted file mode 100644 index 0d985a5e5..000000000 --- a/roles/network/tasks/installing.yml +++ /dev/null @@ -1,34 +0,0 @@ -# only needs to be done once -- include: named.yml - tags: - - named - - network - when: named_install - -- include: dhcpd.yml - tags: - - dhcpd - - network - when: dhcpd_install - -- include: dnsmasq.yml - tags: - - dnsmasq - - network - when: dnsmasq_install - -- include: squid.yml - tags: - - squid - - network - when: squid_install - -- include: wondershaper.yml - tags: - - wondershaper - - network - -- include: iptables.yml - tags: - - iptables - - network From 49c9d00c939c26359b70d2ad79bcb8183dbe5f39 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 16:45:06 -0600 Subject: [PATCH 436/466] Record FQDN state before running task --- roles/0-init/tasks/main.yml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 5e847b071..10705e6cd 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -40,20 +40,6 @@ exFAT_enabled: True when: xo_model != "none" -- name: set FQDN - set_fact: - iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" - FQDN_changed: False - -- name: FQDN changed - set_fact: - FQDN_changed: True - when: iiab_fqdn != ansible_fqdn - -- name: Now check FQDN - include_tasks: roles/2-common/tasks/hostname.yml - when: FQDN_changed - # Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate - name: Finding gateway set_fact: @@ -160,6 +146,16 @@ mysql_service: mysql when: is_debuntu +- name: set FQDN + set_fact: + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False + +- name: FQDN changed + set_fact: + FQDN_changed: True + when: iiab_fqdn != ansible_fqdn + - name: add version section ini_file: dest='{{ iiab_config_file }}' section=runtime @@ -199,6 +195,10 @@ - option: 'FQDN_changed' value: '{{ FQDN_changed }}' +- name: Now changing FQDN + include_tasks: roles/2-common/tasks/hostname.yml + when: FQDN_changed + - name: STAGE 0 HAS COMPLETED ====================================== ini_file: dest='{{ iiab_config_file }}' section=runtime From 7ac839a300d21e3538c04167b3ce2dc0b9ceb915 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 16:47:01 -0600 Subject: [PATCH 437/466] FQDN - should of been httpd --- roles/2-common/tasks/hostname.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index e63a6d6ad..ab56a3182 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -40,7 +40,7 @@ - network - name: Re-configuring httpd - not initial install - include_tasks: roles/network/tasks/main.yml + include_tasks: roles/httpd/tasks/main.yml when: iiab_stage|int > 3 - name: Re-configuring rest of networking - not initial install From ccdb5cd2fbf5e1389080f7ac6172e693a3fd0dab Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 17:14:33 -0600 Subject: [PATCH 438/466] restart.yml - wifi bridge slave touchup --- roles/network/tasks/restart.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index af0808dc4..87e17d4cd 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -48,15 +48,15 @@ - name: Run iptables command: /usr/bin/iiab-gen-iptables -- name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds - shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} +- name: Checking if wifi slave is active + shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} | wc -l when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled + when: wifi_slave.stdout is defined and hostapd_enabled and wifi_slave.stdout == 0 - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} From 991f1e87b8096cefe7dd3bb7321d554064ec3246 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 17:17:30 -0600 Subject: [PATCH 439/466] wondershaper.yml --- roles/3-base-server/tasks/main.yml | 6 ------ roles/network/tasks/main.yml | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index c83eaa0a0..877ab58e4 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -20,12 +20,6 @@ # has no "when: XXXXX_install" flag tags: base, mysql -- include_tasks: roles/network/tasks/wondershaper.yml - tags: - - wondershaper - - network - when: wondershaper_install - - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 675dd805c..d52c088fc 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -19,6 +19,12 @@ # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' ##### End static ip address info +- include_tasks: roles/network/tasks/wondershaper.yml + tags: + - wondershaper + - network + when: wondershaper_install + - include_tasks: hosts.yml tags: - network From 9fe05cbfd431143a04107da13a03c940b9a6c8aa Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 18:22:11 -0600 Subject: [PATCH 440/466] needs space or the next line is combined --- roles/network/templates/hostapd/hostapd.conf.j2 | 3 ++- roles/network/templates/network/rpi.j2 | 3 ++- roles/network/templates/network/systemd.j2 | 5 ++--- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/roles/network/templates/hostapd/hostapd.conf.j2 b/roles/network/templates/hostapd/hostapd.conf.j2 index fa1ce62cb..1eb39a8c1 100644 --- a/roles/network/templates/hostapd/hostapd.conf.j2 +++ b/roles/network/templates/hostapd/hostapd.conf.j2 @@ -1,6 +1,7 @@ # Basic configuration -interface={% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} +interface={% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %} + ssid={{ host_ssid }} channel={{ host_channel }} {%if iiab_lan_iface == "br0" %} diff --git a/roles/network/templates/network/rpi.j2 b/roles/network/templates/network/rpi.j2 index b2e6ab083..b426fa81e 100644 --- a/roles/network/templates/network/rpi.j2 +++ b/roles/network/templates/network/rpi.j2 @@ -5,7 +5,8 @@ ################# LANCONTROLLER ################### auto br0 iface br0 inet manual - bridge_ports {% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }} {% endif %} + bridge_ports {% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }}{% endif %} + bridge_maxwait 0 dns-nameservers 127.0.0.1 dns-search {{ iiab_domain }} diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index c84b9735a..9f9e143d6 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -9,9 +9,8 @@ iface br0 inet manual {% else %} iface br0 inet static {% endif %} -{% if iiab_wired_lan_iface != "none" %} - bridge_ports {{ iiab_wired_lan_iface }} -{% endif %} + bridge_ports {% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }} {% endif %}{% if iiab_wired_lan_iface is defined %}{{ iiab_wired_lan_iface }}{% endif %} + bridge_maxwait 0 {% if dhcpcd_result != "enabled" %} address {{ lan_ip }} From 651755f2ff1dbd07814c8ac6da1852fb19649fa7 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 20:00:10 -0600 Subject: [PATCH 441/466] jiggle fl.yml to run before squid --- roles/2-common/tasks/hostname.yml | 4 ++++ roles/2-common/tasks/main.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index ab56a3182..ca72699c9 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -1,3 +1,7 @@ +- name: Creat filesytem layout + include_tasks: roles/2-common/tasks/fl.yml + when: first_run + - name: turn the crank for systemd shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}" when: is_debuntu diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 0e09e2514..06dacacbe 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -6,7 +6,7 @@ #- include_tasks: iiab_ini.yml # create the directory structure for IIAB -- include_tasks: fl.yml +#- include_tasks: fl.yml - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined From 3daf1aca2c3a231577e6be660dbd02d0fa17a0e8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau@gmail3.com> Date: Mon, 6 Nov 2017 22:22:30 -0500 Subject: [PATCH 442/466] Revise kernel warning on Raspbian --- iiab-install | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/iiab-install b/iiab-install index 3a9acd441..97dc04bd2 100755 --- a/iiab-install +++ b/iiab-install @@ -3,7 +3,7 @@ # Add cmdline options for passing to ansible # todo add proper shift to gobble up --debug --reinstall ARGS="" - +OLD_RPI_KERN="4.9.41-v7+" PLAYBOOK="iiab-stages.yml" INVENTORY="ansible_hosts" CWD=`pwd` @@ -20,14 +20,15 @@ if [ ! -f $PLAYBOOK ]; then fi if [ $OS = "raspbian" ]; then - echo "found" - REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` - if [ $REBOOT != 1 ]; then - echo "Please update your system with "apt update" then " - echo ""apt dist-upgrade" and reboot to install latest kernel" - exit 1 + echo "Found Raspbian" + ABORT=`uname -a | grep $OLD_RPI_KERN | wc -l` + if [ "$ABORT" == 1 ]; then + echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" + echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." + echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" + exit 1 else - echo "latest kernel installed - continuing" + echo "Kernel looks ok - continuing" fi fi From 743c91de8c93ec0ae34bb8a316972d25f4aec53c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 00:57:00 -0500 Subject: [PATCH 443/466] OS's other than debuntu -> debuntu --- roles/kalite/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 5bbc39d5a..c08cc52de 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -19,7 +19,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install KA Lite with pip (OS's other than debuntu) +- name: Install KA Lite with pip (debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} From 04a045a66bc806d5642be0fd9d6af960dbd877ca Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:14:09 -0500 Subject: [PATCH 444/466] Readability revisions --- roles/wordpress/tasks/install.yml | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 21997784b..58614e610 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -1,17 +1,17 @@ - name: Get the WordPress software - get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir }}/ + get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir }}/ register: wp_download_output when: internet_available - name: Copy it to permanent location /library - unarchive: src={{ wp_download_output.dest }} dest=/library + unarchive: src={{ wp_download_output.dest }} dest=/library when: internet_available - name: Rename /library/wordpress* to /library/wordpress shell: if [ ! -d {{ wp_abs_path }} ]; then mv {{ wp_abs_path }}* {{ wp_abs_path }}; fi # First pass at permissions and ownership -- name: Make apache owner and group +- name: Make Apache owner and group file: path={{ wp_abs_path }} recurse=yes owner=root @@ -19,7 +19,7 @@ mode=0664 state=directory -- name: Make directories 775 so apache can traverse and write +- name: Make directories 775 so Apache can traverse and write command: "/usr/bin/find {{ wp_abs_path }} -type d -exec chmod 775 {} +" - name: Copy wp salt values @@ -45,15 +45,15 @@ file: path=/tmp/get-iiab-wp-salts state=absent -- name: mysql database needs to be running if we are trying to create a new db +- name: MySQL database needs to be running if we are trying to create a new db service: state=started name='{{ mysql_service }}' -- name: Create mysql wordpress database +- name: Create MySQL wordpress database mysql_db: name={{ wp_db_name }} state=present -- name: Create mysql wordpress database user +- name: Create MySQL wordpress database user mysql_user: name={{ wp_db_user }} password={{ wp_db_user_password }} priv={{ wp_db_name }}.*:ALL,GRANT @@ -70,22 +70,21 @@ template: src=wordpress.conf.j2 dest=/etc/{{ apache_config_dir }}/wordpress.conf -- name: Enable httpd conf file if we are disabled +- name: Enable httpd conf file if we are disabled (debuntu) file: path=/etc/apache2/sites-enabled/wordpress.conf src=/etc/apache2/sites-available/wordpress.conf state=link when: wordpress_enabled and is_debuntu - -- name: Remove httpd conf file if we are disabled +- name: Remove httpd conf file if we are disabled (OS's other than debuntu) file: path=/etc/apache2/sites-enabled/wordpress.conf state=absent when: not wordpress_enabled and is_debuntu -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted -- name: Add wordpress to service list +- name: Add 'wordpress' to service list ini_file: dest='{{ service_filelist }}' section=wordpress option='{{ item.option }}' From ce9481a2fa2c3aa74c114690272df1785c03f6b9 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:17:23 -0500 Subject: [PATCH 445/466] Minor text revision --- roles/nextcloud/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 60186385a..259182c8a 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -122,7 +122,7 @@ # following enables and disables - include_tasks: nextcloud_enabled.yml -- name: Add Nextcloud to service list +- name: Add 'nextcloud' to service list ini_file: dest='{{ service_filelist }}' section=nextcloud option='{{ item.option }}' From 3de88620decc9cb7e616005da4b33fb64faea1f5 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:18:36 -0500 Subject: [PATCH 446/466] "Create a Python interface to iiab.env" --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 2b68861eb..e596a072a 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -56,7 +56,7 @@ when: usb_lib_install tags: usb-lib -- name: Put a Python interface to iiab.env +- name: Create a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py From aef70cc1c2bc8d5aa0e50b6742864483947d1a77 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:22:50 -0500 Subject: [PATCH 447/466] ansible output clarifs --- roles/mysql/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 4afc6d0ab..7fec93eb9 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,4 +1,4 @@ - - name: Install MySQL for Debian/Debuntu + - name: Install MySQL (debuntu) package: name={{ item }} state=present with_items: @@ -26,7 +26,7 @@ package: name=php-xml-parser state=present when: is_debian_8 - - name: Install MySQL for non-Debian/Debuntu + - name: Install MySQL (OS's other than debuntu) package: name={{ item }} state=present with_items: From 1227bd017b795410021fb16f60af2d6a1c27b50c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:33:16 -0500 Subject: [PATCH 448/466] discussion needed on ./scripts/ansible modularity/choice vs. mandatory intergration --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 97dc04bd2..f047033a0 100755 --- a/iiab-install +++ b/iiab-install @@ -41,7 +41,7 @@ STAGE="" if [ ! -f /etc/iiab/iiab.env ]; then mkdir -p /etc/iiab - ./scripts/ansible + # ./scripts/ansible # needs discussion else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then From 6d985ac30a877618c7ef79864fda4ceda8aba3cf Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:38:13 -0500 Subject: [PATCH 449/466] == and = were interspersed. Let's converge on one. Presumably == --- iiab-install | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/iiab-install b/iiab-install index f047033a0..72fe0b2db 100755 --- a/iiab-install +++ b/iiab-install @@ -19,7 +19,7 @@ if [ ! -f $PLAYBOOK ]; then exit 1 fi -if [ $OS = "raspbian" ]; then +if [ $OS == "raspbian" ]; then echo "Found Raspbian" ABORT=`uname -a | grep $OLD_RPI_KERN | wc -l` if [ "$ABORT" == 1 ]; then @@ -44,13 +44,13 @@ if [ ! -f /etc/iiab/iiab.env ]; then # ./scripts/ansible # needs discussion else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` - if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then + if [ "$OLD" != 0 ] || [ "$1" == "--reinstall" ]; then echo "Found old XSCE install - re-installing from scratch" rm /etc/iiab/iiab.env # check ansible version here and force ansible upgrade if needed else source /etc/iiab/iiab.env - if [ "$1" = "--debug" ]; then + if [ "$1" == "--debug" ]; then echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then From 6173e59b1dbe89029402fcf441b69049b1f76a5d Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:53:19 -0500 Subject: [PATCH 450/466] clarif: 'hostapd' service --- roles/network/tasks/hostapd.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 33b9d8727..199e0a883 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -6,19 +6,19 @@ mode=0644 when: discovered_wireless_iface is defined -- name: Disable the Access Point Hostapd program +- name: Disable the Access Point 'hostapd' service service: enabled=no name=hostapd.service when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" or not hostapd_enabled -- name: Use custom systemd unit file to start hostapd +- name: Use custom systemd unit file to start 'hostapd' service template: src=hostapd/hostapd.service.j2 dest=/etc/systemd/system/hostapd.service owner=root group=root mode=0644 -- name: Enable the Access Point Hostapd program +- name: Enable the Access Point 'hostapd' service service: enabled=yes name=hostapd.service when: iiab_wireless_lan_iface is defined and iiab_network_mode != "Appliance" and hostapd_enabled From 901aad5e0f270bc483edb1ee68ba5bb7d2ec9e8c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:55:04 -0500 Subject: [PATCH 451/466] dansguardian -> DansGuardian --- roles/network/tasks/enable_services.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index aa1808286..25335401a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -60,7 +60,7 @@ enabled=yes when: dnsmasq_enabled and dnsmasq_install -- name: Enable dansguardian +- name: Enable DansGuardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install From 60d8afaab814fb197cb980da272f36615fe9664d Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:58:26 -0500 Subject: [PATCH 452/466] spelling typos cleaned --- roles/network/tasks/restart.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 87e17d4cd..62eed3108 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -17,7 +17,7 @@ state=stopped when: dansguardian_install -- name: Restart DansGuardian - execpt Ubuntu which needs reboot to activate +- name: Restart DansGuardian - except Ubuntu which needs reboot to activate service: name=dansguardian state=restarted when: dansguardian_enabled and dansguardian_install and ( not is_ubuntu and iiab_stage|int < 4 ) @@ -42,18 +42,18 @@ creates=/etc/sysconfig/olpc-scripts/setup.d/installed/gateway when: iiab_network_mode == "Gateway" -- name: Waiting {{ hostapd_wait }} seconds for network to stablize +- name: Waiting {{ hostapd_wait }} seconds for network to stabilize shell: sleep {{ hostapd_wait }} - name: Run iptables command: /usr/bin/iiab-gen-iptables -- name: Checking if wifi slave is active +- name: Checking if WiFi slave is active shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} | wc -l when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave -- name: Restart hostapd if wifi slave is inactive +- name: Restart hostapd if WiFi slave is inactive service: name=hostapd.service state=restarted when: wifi_slave.stdout is defined and hostapd_enabled and wifi_slave.stdout == 0 From 4585445e8057163da29f2708092daa0db7a31520 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:00:07 -0500 Subject: [PATCH 453/466] Capitalize 1st word of ansible outputs --- roles/network/tasks/rpi_debian.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 189989540..525fe4f19 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -66,14 +66,14 @@ ignore_errors: True when: interface.changed -- name: start up dhcpcd again +- name: Start up dhcpcd again service: name=dhcpcd state=started # now pick up denyinterfaces -- name: restart dhcpcd +- name: Restart dhcpcd service: name=dhcpcd state=restarted -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted #create lan br0 if lan_controller or gateway From 1533ad7ef63ecd2d6e2dd6ad12c3d5f88b3560de Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:02:22 -0500 Subject: [PATCH 454/466] Spelling / Capitalizations --- roles/2-common/tasks/hostname.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index ca72699c9..50c8d2167 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -1,8 +1,8 @@ -- name: Creat filesytem layout +- name: Create filesytem layout include_tasks: roles/2-common/tasks/fl.yml when: first_run -- name: turn the crank for systemd +- name: Turn the crank for systemd shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}" when: is_debuntu @@ -36,7 +36,7 @@ - network - domain -- name: Configuring squid +- name: Configuring Squid include_tasks: roles/network/tasks/squid.yml when: squid_install tags: From 84296a9de15a86662ca913affe3fb1aa289514b1 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:03:32 -0500 Subject: [PATCH 455/466] XSCE -> IIAB --- roles/network/templates/network/sysconfig.network.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/templates/network/sysconfig.network.j2 b/roles/network/templates/network/sysconfig.network.j2 index 755f0da8f..9adca39e4 100644 --- a/roles/network/templates/network/sysconfig.network.j2 +++ b/roles/network/templates/network/sysconfig.network.j2 @@ -1,4 +1,4 @@ -# Generated by XSCE +# Generated by IIAB NETWORKING=yes NETWORKING_IPV6=no IPV6FORWARDING=no From 84f18a637dcd161e72c617d4c720c52cb94eec10 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:12:59 -0500 Subject: [PATCH 456/466] 2.4.0 -> 2.4.1 - later version_gt() might flag older Ansibles --- scripts/ansible | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ansible b/scripts/ansible index 34353fae4..5a6028cc6 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -9,9 +9,9 @@ URL="NA" if [ $(which ansible-playbook) ]; then VER=`ansible --version|head -n 1|cut -f 2 -d " "` GOOD_VER=`echo $VER | grep ^2.4` -# 2.2.0.0 -> 2.4.0 patching was not applied -just upgrade via pip +# 2.2.0.0 -> 2.4.1+ patching was not applied -just upgrade via pip if [ $GOOD_VER = "" ]; then - echo "Ansible $VER installed updating to 2.4.0" + echo "Ansible $VER installed updating to 2.4.1" pip install --upgrade ansible==2.4.1 --disable-pip-version-check exit 0 fi @@ -99,12 +99,12 @@ fi ### start ansible pip install TODO add venv location /opt/iiab/anisble if [ $FAMILY = "olpc" ]; then - pip install ansible==2.4.0 --disable-pip-version-check + pip install ansible==2.4.1 --disable-pip-version-check VER=`ansible --version|head -n 1|cut -f 2 -d " "` echo "ansible version installed via pip $VER" fi -# handle 2.2.1 -> 2.4.0 deb install undo patching +# handle 2.2.1 -> 2.4.1+ deb install undo patching # unsure if install above will upgrade or skip - cover that now if [ $FAMILY = "debian" ]; then if [ ! $VER == "" ]; then From c63f4f671f76ad9bb41d04cafb425869ecf477fc Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:28:00 -0500 Subject: [PATCH 457/466] presentions tweaks --- iiab-install | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/iiab-install b/iiab-install index 72fe0b2db..d901a148f 100755 --- a/iiab-install +++ b/iiab-install @@ -14,7 +14,7 @@ export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" if [ ! -f $PLAYBOOK ]; then echo "IIAB Playbook not found." - echo "Please run this command from the top level of the git repo." + echo "Please run this command from /opt/iiab/iiab (top level of the git repo)." echo "Exiting." exit 1 fi @@ -28,7 +28,7 @@ if [ $OS == "raspbian" ]; then echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 else - echo "Kernel looks ok - continuing" + echo "Kernel looks ok - continuing" fi fi @@ -58,8 +58,8 @@ else elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" - echo "'iiab-install' has already been completed" - echo "use --debug to override " + echo "'iiab-install' has already been completed." + echo "Use --debug to override." #echo "In demo mode not preventing second run" echo "Exiting." exit 1 @@ -83,6 +83,6 @@ if [ ! -f ./vars/local_vars.yml ]; then esac fi -echo "Running local playbooks! " +echo "Running local playbooks!" ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local From 50cf4c44ff3a812d7e60e887a587b5a244ce69fd Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:53:54 -0500 Subject: [PATCH 458/466] if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then --- iiab-install | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/iiab-install b/iiab-install index d901a148f..bfb72c85e 100755 --- a/iiab-install +++ b/iiab-install @@ -10,25 +10,27 @@ CWD=`pwd` OS=`grep ^ID= /etc/*release|cut -d= -f2` OS=${OS//\"/} +function version_gt() { [ "$(printf '%s\n' "$@" | sort -V | head -1)" != "$1" ]; } + export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" if [ ! -f $PLAYBOOK ]; then echo "IIAB Playbook not found." - echo "Please run this command from /opt/iiab/iiab (top level of the git repo)." + echo "Please run this command from the top level of the git repo." echo "Exiting." exit 1 fi if [ $OS == "raspbian" ]; then echo "Found Raspbian" - ABORT=`uname -a | grep $OLD_RPI_KERN | wc -l` - if [ "$ABORT" == 1 ]; then - echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" - echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." + CURRENT_KERN=`uname -r` + if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then + echo "Kernel looks ok - continuing" + else + echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first" + echo "need to update your system with 'apt update' then 'apt dist-upgrade' then reboot." echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 - else - echo "Kernel looks ok - continuing" fi fi @@ -58,8 +60,8 @@ else elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" - echo "'iiab-install' has already been completed." - echo "Use --debug to override." + echo "'iiab-install' has already been completed" + echo "use --debug to override " #echo "In demo mode not preventing second run" echo "Exiting." exit 1 @@ -83,6 +85,6 @@ if [ ! -f ./vars/local_vars.yml ]; then esac fi -echo "Running local playbooks!" +echo "Running local playbooks! " ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local From b4bb8166b377630bd9e4bf6a70cb264f45564130 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:56:13 -0500 Subject: [PATCH 459/466] Kernel warning's output alignment fixed --- iiab-install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index bfb72c85e..c145cdd4f 100755 --- a/iiab-install +++ b/iiab-install @@ -27,8 +27,8 @@ if [ $OS == "raspbian" ]; then if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then echo "Kernel looks ok - continuing" else - echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first" - echo "need to update your system with 'apt update' then 'apt dist-upgrade' then reboot." + echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" + echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 fi From c682b1d162afa759669ebd1535241782685b2ef9 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:11:54 -0500 Subject: [PATCH 460/466] Update iiab-install --- iiab-install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index c145cdd4f..99b04c66f 100755 --- a/iiab-install +++ b/iiab-install @@ -60,8 +60,8 @@ else elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" - echo "'iiab-install' has already been completed" - echo "use --debug to override " + echo "'iiab-install' has already been completed." + echo "Use --debug to override." #echo "In demo mode not preventing second run" echo "Exiting." exit 1 From 36d46d0321ff20347ca24096f47b1b3026f0504c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:16:24 -0500 Subject: [PATCH 461/466] Kernel warning fixed up --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 99b04c66f..bca0a1a2d 100755 --- a/iiab-install +++ b/iiab-install @@ -27,7 +27,7 @@ if [ $OS == "raspbian" ]; then if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then echo "Kernel looks ok - continuing" else - echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" + echo "Kernel "$CURRENT_KERN" is too old. Before running './iiab-install' you first need" echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 From 19a3e338f58ef5a74c5c47a63c71a585440f59e5 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:43:49 -0500 Subject: [PATCH 462/466] Update default_vars.yml --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 0a95140ce..fdc12a050 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -35,7 +35,7 @@ disregard_network: False # use cache or error out if cache does not exist # If no_admin variable is established above (its actual value is IGNORED) also # set iiab_admin_user (below) to an existing Linux user that has sudo access. -# This is the username you'll use to login to Admin Console @ http://box/admin +# That is the username you'll use to login to Admin Console @ http://box/admin iiab_admin_user: iiab-admin From a8d89d01795622cbd22c367379c165c58ee36dc4 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:44:38 -0500 Subject: [PATCH 463/466] Update medium.localvars --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 226915f14..678c94992 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -16,7 +16,7 @@ # If no_admin variable is established above (its actual value is IGNORED) also # set iiab_admin_user (below) to an existing Linux user that has sudo access. -# This is the username you'll use to login to Admin Console @ http://box/admin +# That is the username you'll use to login to Admin Console @ http://box/admin iiab_admin_user: iiab-admin From fc7bdc0009904687a6fcbd8bcc2516a4084ec988 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 04:41:16 -0500 Subject: [PATCH 464/466] using 'debuntu' in Ansible output --- roles/network/tasks/named.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 8c88cd101..bd5d1b4c1 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -1,4 +1,4 @@ -- name: Install named packages for Debian/Debuntu +- name: Install named packages (debuntu) package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Install named packages for non Debian/Debuntu +- name: Install named packages (OS's that are not debuntu) package: name={{ item }} state=present with_items: @@ -74,19 +74,19 @@ template: src=roles/network/templates/named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ when: dns_jail_enabled -- name: Separate enabling required for Debian +- name: Separate enabling required for debuntu file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=link when: is_debuntu and dns_jail_enabled -- name: Separate enabling/disabling required for Debian +- name: Separate enabling/disabling required (debuntu) file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=absent when: is_debuntu and not dns_jail_enabled -- name: Separate enabling/disabling required for non Debian +- name: Separate enabling/disabling required (OS's that are not debuntu) file: path=/etc/{{ apache_config_dir }}/dns-jail.conf state=absent when: not is_debuntu and not dns_jail_enabled From 244cef6dfaa6be05f2ce4e68115c6c1ff8490e3c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 7 Nov 2017 19:07:52 -0600 Subject: [PATCH 465/466] kalite static only --- roles/kalite/tasks/install.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index c08cc52de..6fb620c6e 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -10,16 +10,16 @@ get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt when: internet_available -- name: Install KA Lite dependencies with pip (debuntu) - pip: requirements={{ pip_packages_dir }}/kalite.txt - virtualenv={{ kalite_venv }} - virtualenv_site_packages=no - extra_args="--no-cache-dir" +#- name: Install KA Lite devel with pip - (debuntu) +# pip: requirements={{ pip_packages_dir }}/kalite.txt +# virtualenv={{ kalite_venv }} +# virtualenv_site_packages=no +# extra_args="--no-cache-dir" # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available and is_debuntu +# when: internet_available and is_debuntu -- name: Install KA Lite with pip (debuntu) +- name: Install KA Lite static with pip - (debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} @@ -29,15 +29,15 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install KA Lite dependencies with pip (debuntu) - pip: requirements={{ pip_packages_dir }}/kalite.txt - virtualenv={{ kalite_venv }} - virtualenv_site_packages=no +#- name: Install KA Lite devel with pip - (OS's other than debuntu) +# pip: requirements={{ pip_packages_dir }}/kalite.txt +# virtualenv={{ kalite_venv }} +# virtualenv_site_packages=no # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available and not is_debuntu +# when: internet_available and not is_debuntu -- name: Install KA Lite with pip (OS's other than debuntu) +- name: Install KA Lite static with pip - (OS's other than debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} From d507c62328fdb901e0c98c384b3133c19fab6106 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 13:46:06 -0500 Subject: [PATCH 466/466] clarified non-static + reqs file --- roles/kalite/tasks/install.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 6fb620c6e..32b6cc5c3 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -10,12 +10,11 @@ get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt when: internet_available -#- name: Install KA Lite devel with pip - (debuntu) +#- name: Install KA Lite non-static + reqs file with pip - (debuntu) # pip: requirements={{ pip_packages_dir }}/kalite.txt # virtualenv={{ kalite_venv }} # virtualenv_site_packages=no # extra_args="--no-cache-dir" -# extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" # when: internet_available and is_debuntu @@ -25,11 +24,10 @@ virtualenv={{ kalite_venv }} virtualenv_site_packages=no extra_args="--no-cache-dir" -# extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -#- name: Install KA Lite devel with pip - (OS's other than debuntu) +#- name: Install KA Lite non-static + reqs file with pip - (OS's other than debuntu) # pip: requirements={{ pip_packages_dir }}/kalite.txt # virtualenv={{ kalite_venv }} # virtualenv_site_packages=no