external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-13 03:32:12 +00:00
Code Issues Releases Wiki Activity

Merge pull request #426 from iiab/master

Browse source 
Sync from iiab:master
This commit is contained in:
A Holt 2020-09-23 15:53:44 -04:00 committed by GitHub
commit 6857e32f6e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
44 changed files with 863 additions and 510 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
roles/1-prep/tasks/main.yml
View file

@ -83,7 +83,7 @@
- name: IIAB-ADMIN
include_role:
name: iiab-admin
#when: iiab-admin_install | bool # Flag might be created in future?
#when: iiab_admin_install | bool # Flag might be created in future?
- name: OPENVPN
include_role:

0
roles/azuracast/tasks/enable.yml → roles/azuracast/tasks/enable-or-disable.yml
View file

8
roles/azuracast/tasks/install.yml
View file

@ -7,16 +7,16 @@
template:
src: env.j2
dest: "{{ azuracast_host_dir }}/.env"
owner: root
group: root
#owner: root
#group: root
mode: 0644
- name: AzuraCast - Install {{ azuracast_host_dir }}/docker-compose.override.yml from template
template:
src: docker-compose.override.yml.j2
dest: "{{ azuracast_host_dir }}/docker-compose.override.yml"
owner: root
group: root
#owner: root
#group: root
mode: 0644
- name: AzuraCast - Download {{ docker_sh_url }} to {{ azuracast_host_dir }}

49
roles/azuracast/tasks/main.yml
View file

@ -1,8 +1,43 @@
- name: Install AzuraCast if azuracast_install
include_tasks: install.yml
when: azuracast_install and not azuracast_installed is defined | bool
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
# TODO figure out what to turn off for azuracast
#- name: Enable AzuraCast
# include_tasks: enable.yml
# when: azuracast_install or azuracast_installed is defined | bool
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "azuracast_install is sameas true" (boolean not string etc)
assert:
that: azuracast_install is sameas true
fail_msg: "PLEASE SET 'azuracast_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "azuracast_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: azuracast_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'azuracast_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Install AzuraCast if 'azuracast_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: azuracast_installed is undefined
# TODO figure out what to turn off/on for AzuraCast
# - include_tasks: enable-or-disable.yml
- name: Add 'azuracast' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: azuracast
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: azuracast
- option: description
value: '"AzuraCast is a self-hosted, all-in-one radio station platform. Use AzuraCast to schedule podcasts, music, and even do live streaming of audio content. A variety of streaming formats are supported."'
- option: enabled
value: "{{ azuracast_enabled }}"

50
roles/bluetooth/tasks/enable.yml
View file

@ -1,31 +1,33 @@
- name: Enable & Restart 'bt-agent' service
- name: systemd daemon-reload
systemd:
daemon_reload: yes
name: bluetooth
enabled: yes
state: restarted
# enable or disable bt-agent
- name: Enable & Restart 'bt-agent' service
# enable or disable both... bluetooth and bt-agent
- name: 'Enable & Restart 2 services: bluetooth, bt-agent'
systemd:
daemon_reload: yes
name: bt-agent
name: "{{ item }}"
enabled: yes
state: restarted
with_items:
- bluetooth
- bt-agent
when: bluetooth_enabled or bluetooth_term_enabled
- name: Disable 'bt-agent' service
- name: 'Disable 2 services: bluetooth, bt-agent'
systemd:
daemon_reload: yes
name: bt-agent
name: "{{ item }}"
enabled: no
state: stopped
with_items:
- bluetooth
- bt-agent
when: not bluetooth_enabled and not bluetooth_term_enabled
# enable or disable bt-pan
- name: Enable & Restart 'bt-pan' service
systemd:
daemon_reload: yes
name: bt-pan
enabled: yes
state: restarted
@ -33,16 +35,15 @@
- name: Disable 'bt-pan' service
systemd:
daemon_reload: yes
name: bt-pan
enabled: no
state: stopped
when: not bluetooth_enabled | bool
when: not bluetooth_enabled
# enable or disable bt-term
- name: Enable & Restart 'bt-term' service
systemd:
daemon_reload: yes
name: bt-term
enabled: yes
state: restarted
@ -50,24 +51,7 @@
- name: Disable 'bt-term' service
systemd:
daemon_reload: yes
name: bt-term
enabled: no
state: stopped
when: not bluetooth_term_enabled | bool
- name: Add 'bluetooth' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: bluetooth
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Bluetooth
- option: description
value: '"Bluetooth services for pan and terminal."'
- option: bluetooth_enabled
value: "{{ bluetooth_enabled }}"
- option: bluetooth_term_enabled
value: "{{ bluetooth_term_enabled }}"
when: not bluetooth_term_enabled

46
roles/bluetooth/tasks/main.yml
View file

@ -1,6 +1,44 @@
- include_tasks: install.yml
when: bluetooth_install and not bluetooth_installed is defined
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- include_tasks: enable.yml
when: bluetooth_install or bluetooth_installed is defined
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "bluetooth_install is sameas true" (boolean not string etc)
assert:
that: bluetooth_install is sameas true
fail_msg: "PLEASE SET 'bluetooth_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "bluetooth_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: bluetooth_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'bluetooth_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Install Bluetooth if 'bluetooth_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: bluetooth_installed is undefined
- include_tasks: enable.yml # i.e. enable-or-disable.yml in other roles
- name: Add 'bluetooth' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: bluetooth
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Bluetooth
- option: description
value: '"Bluetooth services for pan and terminal."'
- option: bluetooth_enabled
value: "{{ bluetooth_enabled }}"
- option: bluetooth_term_enabled
value: "{{ bluetooth_term_enabled }}"

51
roles/cups/tasks/enable-or-disable.yml Normal file
View file

@ -0,0 +1,51 @@
- name: Enable http://box/cups via Apache (MIGHT NOT WORK?)
command: a2ensite cups.conf
when: cups_enabled | bool
- name: Disable http://box/cups via Apache
command: a2dissite cups.conf
when: not cups_enabled
- name: systemd daemon-reload
systemd:
daemon_reload: yes
- name: Enable & (Re)Start 'cups' and 'cups-browsed' systemd services (OS's other than Fedora 18)
systemd:
name: "{{ item }}"
enabled: yes
state: restarted
with_items:
- cups
- cups-browsed
when: cups_enabled | bool
#when: cups_enabled and not is_F18
# - name: Enable & Start 'cups' systemd service (Fedora 18, for XO laptops)
# systemd:
# name: cups
# state: started
# enabled: yes
# when: cups_enabled and is_F18
- name: Permit headless admin of CUPS -- only works when CUPS daemon is running (if cups_enabled)
shell: "cupsctl --remote-admin"
when: cups_enabled | bool
- name: Disable & Stop 'cups' & 'cups-browsed' systemd services (OS's other than Fedora 18)
systemd:
name: "{{ item }}"
enabled: no
state: stopped
with_items:
- cups
- cups-browsed
when: not cups_enabled
#when: not cups_enabled and not is_F18
# - name: Disable & Stop 'cups' systemd service (Fedora 18, for XO laptops)
# systemd:
# name: cups
# enabled: no
# state: stopped
# when: not cups_enabled and is_F18

37
roles/cups/tasks/install.yml Normal file
View file

@ -0,0 +1,37 @@
- name: "Set 'apache_install: True' and 'apache_enabled: True'"
set_fact:
apache_install: True
apache_enabled: True
- name: APACHE - run 'httpd' role
include_role:
name: httpd
- name: Install 'cups' package
package:
name: cups
state: present
- name: Install our own /etc/cups/cupsd.conf from template, to permit local LAN admin
template:
src: cupsd.conf
dest: /etc/cups/cupsd.conf
- name: Install /etc/{{ apache_conf_dir }}/cups.conf from template
template:
src: cups.conf
dest: "/etc/{{ apache_conf_dir }}/"
# RECORD CUPS AS INSTALLED
- name: "Set 'cups_installed: True'"
set_fact:
cups_installed: True
- name: "Add 'cups_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^cups_installed'
line: 'cups_installed: True'

111
roles/cups/tasks/main.yml
View file

@ -2,102 +2,43 @@
# Above URL does NOT work over OpenVPN (ANYONE KNOW WHY?)
# TO DO:
# - validate input vars + prereqs
# - move ~7 top stanzas into install.yml
# - move ~7 next stanzas into enable-or-disable.yml
# - create /etc/nginx/conf.d/cups-nginx.conf as SHIM to Apache on port 8090 ?
# - deprecate ~2 F18 stanzas?
#
# - CREATE /etc/nginx/conf.d/cups-nginx.conf as SHIM to Apache on port 8090.
# SEE OTHERS @ https://github.com/iiab/iiab/blob/master/roles/nginx/README.md
- name: "Set 'apache_install: True' and 'apache_enabled: True'"
set_fact:
apache_install: True
apache_enabled: True
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- name: APACHE - run 'httpd' role
include_role:
name: httpd
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "cups_install is sameas true" (boolean not string etc)
assert:
that: cups_install is sameas true
fail_msg: "PLEASE SET 'cups_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "cups_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: cups_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'cups_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Install 'cups' package
package:
name: cups
state: present
- name: Install our own /etc/cups/cupsd.conf from template, to permit local LAN admin
template:
src: cupsd.conf
dest: /etc/cups/cupsd.conf
- name: Install /etc/{{ apache_conf_dir }}/cups.conf from template
template:
src: cups.conf
dest: "/etc/{{ apache_conf_dir }}/"
- name: Install CUPS if 'cups_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: cups_installed is undefined
# RECORD CUPS AS INSTALLED
- name: "Set 'cups_installed: True'"
set_fact:
cups_installed: True
- name: "Add 'cups_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^cups_installed'
line: 'cups_installed: True'
- name: Enable http://box/cups via Apache (MIGHT NOT WORK?)
command: a2ensite cups.conf
when: cups_enabled | bool
- name: Disable http://box/cups via Apache
command: a2dissite cups.conf
when: not cups_enabled
- name: Enable & Start 'cups' and 'cups-browsed' systemd services (OS's other than Fedora 18)
service:
name: "{{ item }}"
state: started
enabled: yes
with_items:
- cups
- cups-browsed
when: cups_enabled and not is_F18
- name: Enable & Start 'cups' systemd service (Fedora 18, for XO laptops)
systemd:
name: cups
state: started
enabled: yes
when: cups_enabled and is_F18
- name: Permit headless admin of CUPS -- only works when CUPS daemon is running (if cups_enabled)
shell: "cupsctl --remote-admin"
when: cups_enabled | bool
- name: Disable & Stop 'cups' & 'cups-browsed' systemd services (OS's other than Fedora 18)
systemd:
name: "{{ item }}"
enabled: no
state: stopped
with_items:
- cups
- cups-browsed
when: not cups_enabled and not is_F18
- name: Disable & Stop 'cups' systemd service (Fedora 18, for XO laptops)
systemd:
name: cups
enabled: no
state: stopped
when: not cups_enabled and is_F18
- include_tasks: enable-or-disable.yml
- name: Add 'cups' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: cups
option: "{{ item.option }}"
value: "{{ item.value | string }}"

33
roles/firmware/tasks/download.yml Normal file
View file

@ -0,0 +1,33 @@
- name: Back up original e.g. OS-provided firmware (for RPi internal WiFi)
copy:
src: "/lib/firmware/brcm/{{ item }}"
dest: "/lib/firmware/brcm/{{ item }}.orig"
with_items:
- brcmfmac43430-sdio.bin
- brcmfmac43455-sdio.bin
- brcmfmac43455-sdio.clm_blob
- name: Download high-capacity older firmware (for RPi internal WiFi, per https://github.com/iiab/iiab/issues/823#issuecomment-662285202)
get_url:
url: "{{ item.url }}"
dest: "{{ item.dest }}"
with_items:
- { url: 'http://d.iiab.io/packages/brcmfmac43430-sdio.bin_2018-09-11_7.45.98.65', dest: '/lib/firmware/brcm/brcmfmac43430-sdio.bin.iiab' }
- { url: 'http://d.iiab.io/packages/brcmfmac43430-sdio.clm_blob_2018-09-11_7.45.98.65', dest: '/lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab' }
- { url: 'http://d.iiab.io/packages/brcmfmac43455-sdio.bin_2015-03-01_7.45.18.0_ub19.10.1', dest: '/lib/firmware/brcm/brcmfmac43455-sdio.bin.iiab' }
- { url: 'http://d.iiab.io/packages/brcmfmac43455-sdio.clm_blob_2018-02-26_rpi', dest: '/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.iiab' }
# RECORD firmware AS DOWNLOADED
- name: "Set 'firmware_downloaded: True'"
set_fact:
firmware_downloaded: True
- name: "Add 'firmware_downloaded: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^firmware_downloaded'
line: 'firmware_downloaded: True'
# SEE ALSO firmware_installed in install.yml

47
roles/firmware/tasks/install.yml
View file

@ -1,32 +1,35 @@
# check the timestamps, might want to preserve the old ones
- name: Back up OS-provided firmware (for RPi's internal WiFi)
copy:
src: "/lib/firmware/brcm/{{ item }}"
dest: "/lib/firmware/brcm/{{ item }}.orig"
with_items:
- brcmfmac43430-sdio.bin
- brcmfmac43455-sdio.bin
- brcmfmac43455-sdio.clm_blob
- name: Back up originals then download firmware (for RPi internal WiFi)
include_tasks: download.yml
when: firmware_downloaded is undefined # SEE ALSO firmware_installed below
- name: Download older firmware (for RPi high-capacity internal WiFi)
get_url:
url: "{{ item.url }}"
- name: 'Install from template: check-firmware.service, iiab-check-firmware & fw_warn.sh'
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { url: 'http://d.iiab.io/packages/brcmfmac43430-sdio.bin_2018-09-11_7.45.98.65', dest: '/lib/firmware/brcm/brcmfmac43430-sdio.bin.iiab' }
- { url: 'http://d.iiab.io/packages/brcmfmac43430-sdio.clm_blob_2018-09-11_7.45.98.65', dest: '/lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab' }
- { url: 'http://d.iiab.io/packages/brcmfmac43455-sdio.bin_2015-03-01_7.45.18.0_ub19.10.1', dest: '/lib/firmware/brcm/brcmfmac43455-sdio.bin.iiab' }
- { url: 'http://d.iiab.io/packages/brcmfmac43455-sdio.clm_blob_2018-02-26_rpi', dest: '/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.iiab' }
- { src: 'check-firmware.service', dest: '/etc/systemd/system/', mode: '0644' }
- { src: 'iiab-check-firmware', dest: '/usr/sbin/', mode: '0755' }
- { src: 'fw_warn.sh', dest: '/etc/profile.d/', mode: '0644' }
- name: Enable & (Re)Start check-firmware.service (also runs on each boot)
systemd:
name: check-firmware.service
daemon_reload: yes
state: restarted
enabled: yes
# RECORD RPi Firmware AS DOWNLOADED
# RECORD firmware AS INSTALLED
- name: "Set 'rpi_firmware_downloaded: True'"
- name: "Set 'firmware_installed: True'"
set_fact:
rpi_firmware_downloaded: True
firmware_installed: True
- name: "Add 'firmware_retrieved: True' to {{ iiab_state_file }}"
- name: "Add 'firmware_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^rpi_firmware_downloaded'
line: 'rpi_firmware_downloaded: True'
regexp: '^firmware_installed'
line: 'firmware_installed: True'
# SEE ALSO firmware_downloaded above & in download.yml

33
roles/firmware/tasks/main.yml
View file

@ -1,20 +1,17 @@
- name: Back up/Download firmware (for RPi internal WiFi)
# Please set 'wifi_hotspot_capacity_rpi_fix: True' in /etc/iiab/local_vars.yml
# to restore support for 30-32 WiFi client devices on any Raspberry Pi that
# has internal WiFi. This installs firmware 7.45.18.0 for Zero W and RPi 3
# and firmware 7.45.98.65 for RPi 3 B+ and RPi 4. Capacity testing writeup:
# https://github.com/iiab/iiab/issues/823#issuecomment-662285202
- name: Install firmware (for RPi internal WiFi)
include_tasks: install.yml
when: rpi_firmware_downloaded is undefined
#when: firmware_installed is undefined
- name: 'Install from template: check-firmware.service, check-firmware.sh & fw_warn.sh'
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { src: 'check-firmware.service', dest: '/etc/systemd/system/', mode: '0644' }
- { src: 'check-firmware.sh', dest: '/usr/sbin/', mode: '0755' }
- { src: 'fw_warn.sh', dest: '/etc/profile.d/', mode: '0644' }
- name: Enable & (Re)start check-firmware.service
systemd:
name: check-firmware.service
daemon_reload: yes
state: restarted
enabled: yes
# Two variable are placed in /etc/iiab/iiab_state.yml:
#
# - firmware_downloaded (set in download.yml) is used in install.yml
#
# - firmware_installed (set in install.yml) isn't acted upon programmatically.
# It serves as a very helpful rapid reminder in iiab_state.yml in the same
# way as roles like: sshd, iiab-admin, pylibs, www_base, www_options.

2
roles/firmware/templates/check-firmware.service
View file

@ -4,7 +4,7 @@ Before=clone-wifi.service
[Service]
Type=oneshot
ExecStart=/usr/sbin/check-firmware.sh
ExecStart=/usr/sbin/iiab-check-firmware
[Install]
WantedBy=multi-user.target

47
roles/firmware/templates/check-firmware.sh
View file

@ -1,47 +0,0 @@
#!/bin/bash
FW_MODE=$(grep wifi_hotspot_capacity_rpi_fix /etc/iiab/local_vars.yml| grep True)
WARN=0
DATE=$(date +%F-%T)
if [ -z "$FW_MODE" ]; then
echo "FW marker not found"
else
echo "$FW_MODE"
if ! $(diff -q /lib/firmware/brcm/brcmfmac43455-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43455-sdio.bin); then
mv /lib/firmware/brcm/brcmfmac43455-sdio.bin /lib/firmware/brcm/brcmfmac43455-sdio.bin.$DATE
cp /lib/firmware/brcm/brcmfmac43455-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43455-sdio.bin
echo "replacing firmware"
WARN=1
fi
if ! $(diff -q /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob); then
mv /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.$DATE
cp /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob
echo "replacing firmware"
WARN=1
fi
if ! $(diff -q /lib/firmware/brcm/brcmfmac43430-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43430-sdio.bin); then
mv /lib/firmware/brcm/brcmfmac43430-sdio.bin /lib/firmware/brcm/brcmfmac43430-sdio.bin.$DATE
cp /lib/firmware/brcm/brcmfmac43430-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43430-sdio.bin
cp /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob
echo "replacing firmware"
WARN=1
fi
if ! $(diff -q /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob); then
mv /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.$DATE
cp /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob
echo "replacing firmware"
WARN=1
fi
fi
if [ "$WARN" = "1" ]; then
echo -e " \033[31;5mFirmware has been replaced\033[0m"
echo -e " \033[31;5mReboot is required to activate\033[0m"
touch /.fw_replaced
#echo "rebooting..."
#reboot
else
echo -e " Firmware check \033[32;5mPASSED\033[0m"
if [ -f /.fw_replaced ]; then
rm /.fw_replaced
fi
fi
exit 0

8
roles/firmware/templates/fw_warn.sh
View file

@ -1,6 +1,6 @@
#!/bin/bash
if [ -f /.fw_replaced ]; then
echo -e " \033[31;5mFirmware has been replaced\033[0m"
echo -e " \033[31;5mReboot is required to activate\033[0m"
fi
if [ -f /.fw_replaced ]; then
echo -e "\n \033[31;5mWiFi Firmware has been replaced, per iiab/iiab#823.\033[0m"
echo -e " \033[31;5mReboot is required to activate.\033[0m\n"
fi

59
roles/firmware/templates/iiab-check-firmware Normal file
View file

@ -0,0 +1,59 @@
#!/bin/bash
WARN=0
DATE=$(date +%F-%T)
if grep -q '^wifi_hotspot_capacity_rpi_fix: False' /etc/iiab/local_vars.yml ; then
echo "'wifi_hotspot_capacity_rpi_fix: False' found in /etc/iiab/local_vars.yml"
echo "...so WiFi firmware will NOT be checked or replaced."
exit 0
fi
echo -e "'wifi_hotspot_capacity_rpi_fix: True' presumed..."
echo -e "...in /etc/iiab/local_vars.yml (or /opt/iiab/iiab/vars/default_vars.yml ?)\n"
if ! $(diff -q /lib/firmware/brcm/brcmfmac43455-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43455-sdio.bin); then
mv /lib/firmware/brcm/brcmfmac43455-sdio.bin /lib/firmware/brcm/brcmfmac43455-sdio.bin.$DATE
cp /lib/firmware/brcm/brcmfmac43455-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43455-sdio.bin
echo "Replacing /lib/firmware/brcm/brcmfmac43455-sdio.bin"
WARN=1
fi
if ! $(diff -q /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob); then
mv /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.$DATE
cp /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob
echo "Replacing /lib/firmware/brcm/brcmfmac43455-sdio.clm_blob"
WARN=1
fi
if ! $(diff -q /lib/firmware/brcm/brcmfmac43430-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43430-sdio.bin); then
mv /lib/firmware/brcm/brcmfmac43430-sdio.bin /lib/firmware/brcm/brcmfmac43430-sdio.bin.$DATE
cp /lib/firmware/brcm/brcmfmac43430-sdio.bin.iiab /lib/firmware/brcm/brcmfmac43430-sdio.bin
cp /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob
echo "Replacing /lib/firmware/brcm/brcmfmac43430-sdio.bin"
WARN=1
fi
if ! $(diff -q /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob); then
mv /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.$DATE
cp /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob.iiab /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob
echo "Replacing /lib/firmware/brcm/brcmfmac43430-sdio.clm_blob"
WARN=1
fi
if [ "$WARN" = "1" ]; then
echo -e "\n \033[31;5mWiFi Firmware has been replaced, per iiab/iiab#823.\033[0m"
echo -e " \033[31;5mReboot is required to activate.\033[0m\n"
touch /.fw_replaced
#echo "rebooting..."
#reboot
else
echo -e " WiFi Firmware check \033[32;5mPASSED\033[0m, per iiab/iiab#823."
echo -e " (Assuming you've rebooted since it was replaced!)\n"
if [ -f /.fw_replaced ]; then
rm /.fw_replaced
fi
fi
# exit 0

13
roles/iiab-admin/tasks/main.yml
View file

@ -48,3 +48,16 @@
path: /etc/xdg/lxsession/LXDE-pi/autostart
line: "@/etc/xdg/lxsession/LXDE-pi/sshpwd-lxde-iiab.sh"
when: lx.stat.isdir is defined and lx.stat.isdir and is_raspbian and is_debuntu
# RECORD iiab-admin AS INSTALLED
- name: "Set 'iiab_admin_installed: True'"
set_fact:
iiab_admin_installed: True
- name: "Add 'iiab_admin_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^iiab_admin_installed'
line: 'iiab_admin_installed: True'

22
roles/minetest/tasks/enable.yml
View file

@ -7,30 +7,10 @@
state: restarted
when: minetest_enabled | bool
- name: Disable 'minetest-server' service
- name: Disable & Stop 'minetest-server' service
systemd:
daemon_reload: yes
name: minetest-server
enabled: no
state: stopped
when: not minetest_enabled
- name: Add 'minetest' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: minetest
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Minetest Server
- option: description
value: '"Minetest is an open source clone of the Minecraft building blocks game."'
- option: minetest_world_dir
value: "{{ minetest_world_dir }}"
- option: minetest_port
value: "{{ minetest_port }}"
- option: minetest_enabled
value: "{{ minetest_enabled }}"
- option: minetest_world_dir
value: "{{ minetest_world_dir }}"

51
roles/minetest/tasks/main.yml
View file

@ -1,5 +1,48 @@
- include_tasks: provision.yml
when: minetest_install and not minetest_installed is defined
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- include_tasks: enable.yml
when: minetest_install or minetest_installed is defined
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "minetest_install is sameas true" (boolean not string etc)
assert:
that: minetest_install is sameas true
fail_msg: "PLEASE SET 'minetest_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "minetest_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: minetest_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'minetest_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Install Minetest if 'minetest_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: provision.yml # i.e. install.yml in other roles
when: minetest_installed is undefined
- include_tasks: enable.yml # i.e. enable-or-disable.yml in other roles
- name: Add 'minetest' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: minetest
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Minetest Server
- option: description
value: '"Minetest is an open source clone of the Minecraft building blocks game."'
- option: minetest_world_dir
value: "{{ minetest_world_dir }}"
- option: minetest_port
value: "{{ minetest_port }}"
- option: minetest_enabled
value: "{{ minetest_enabled }}"
- option: minetest_world_dir
value: "{{ minetest_world_dir }}"

22
roles/monit/tasks/enable-or-disable.yml Normal file
View file

@ -0,0 +1,22 @@
#- name: Enable 'monit' service (chkconfig monit on)
# command: chkconfig monit on
# when: is_debian and ansible_local.local_facts.os_ver == "debian-8"
#- name: Restart monit service
# command: service monit restart
- name: Enable & (Re)Start 'monit' systemd service, if monit_enabled
systemd:
daemon_reload: yes
name: monit
enabled: yes
state: restarted
when: monit_enabled | bool
- name: Disable & Stop 'monit' service, if not monit_enabled
systemd:
daemon_reload: yes
name: monit
enabled: no
state: stopped
when: not monit_enabled

36
roles/monit/tasks/install.yml
View file

@ -3,19 +3,19 @@
name: monit
state: present
- name: Install chkconfig package (debian-8)
package:
name: chkconfig
state: present
when: is_debian and ansible_distribution_major_version == "8"
# - name: Install chkconfig package (debian-8)
# package:
# name: chkconfig
# state: present
# when: is_debian and ansible_distribution_major_version == "8"
- name: Install /etc/monitrc from template
template:
backup: yes
src: monitrc
dest: /etc/monitrc
owner: root
group: root
#owner: root
#group: root
mode: '0600'
# - name: Install config file /etc/monit.d/watchdog from template (NEVER RUNS, WHY?)
@ -32,28 +32,6 @@
# retries: 5
# delay: 1
#TODO: create systemd script
- name: Enable 'monit' service (chkconfig monit on)
command: chkconfig monit on
when: is_debian and ansible_local.local_facts.os_ver == "debian-8"
#- name: Restart monit service
# command: service monit restart
- name: Add 'monit' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: monit
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Monit
- option: description
value: '"Monit is a background service monitor which can correct problems, send email, restart services."'
- option: enabled
value: "{{ monit_enabled }}"
# RECORD Monit AS INSTALLED

51
roles/monit/tasks/main.yml
View file

@ -1,3 +1,24 @@
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "monit_install is sameas true" (boolean not string etc)
assert:
that: monit_install is sameas true
fail_msg: "PLEASE SET 'monit_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "monit_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: monit_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'monit_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
# 2019-07-06: The 'monit' package was suddenly removed from Debian 10.0.0
# "Buster" during the very final days prior to release, as confirmed by the
# sudden disappearance of these 2 pages:
@ -9,6 +30,32 @@
# be is_debian_10 in vars/raspbian-10.yml for now!) still provides 'monit' via
# apt -- so eliminating "Debian 10+" requires this funky conditional:
- name: Install 'monit' if monit_install and not Debian 10+
# 2020-09-21: The 'monit' package appears to be returning to Debian 11, per:
#
# https://packages.debian.org/bullseye/monit
# https://packages.debian.org/source/bullseye/monit
#
# SEE iiab/iiab#1849 re: "Debian 10 Buster no longer includes Monit" etc.
- name: Install Monit if 'monit_installed' not defined, e.g. in {{ iiab_state_file }} AND not Debian 10 # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: monit_install and not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9))
when: monit_installed is undefined and not (is_debian_10 and not is_raspbian)
#when: monit_installed is undefined and not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9))
- include_tasks: enable-or-disable.yml
- name: Add 'monit' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: monit
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Monit
- option: description
value: '"Monit is a background service monitor which can correct problems, send email, restart services."'
- option: enabled
value: "{{ monit_enabled }}"

15
roles/mosquitto/tasks/enable-or-disable.yml Normal file
View file

@ -0,0 +1,15 @@
- name: Enable & (Re)Start 'mosquitto' systemd service, if mosquitto_enabled
systemd:
daemon_reload: yes
name: mosquitto
enabled: yes
state: restarted
when: mosquitto_enabled | bool
- name: Disable & Stop 'mosquitto' systemd service, if not mosquitto_enabled
systemd:
daemon_reload: yes
name: mosquitto
enabled: no
state: stopped
when: not mosquitto_enabled

21
roles/mosquitto/tasks/enable.yml
View file

@ -1,21 +0,0 @@
- name: Enable & Start 'mosquitto' service
systemd:
daemon_reload: yes
name: mosquitto
enabled: yes
state: started
when: mosquitto_enabled | bool
- name: Add 'mosquitto' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: mosquitto
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Mosquitto service
- option: description
value: Mosquitto service
- option: mosquitto_enabled
value: "{{ mosquitto_enabled }}"

4
roles/mosquitto/tasks/install.yml
View file

@ -25,8 +25,8 @@
template:
src: websockets.conf.j2
dest: /etc/mosquitto/conf.d/websockets.conf
owner: root
group: root
#owner: root
#group: root
mode: '0755'

45
roles/mosquitto/tasks/main.yml
View file

@ -1,5 +1,42 @@
- include_tasks: install.yml
when: mosquitto_install and not mosquitto_installed is defined
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- include_tasks: enable.yml
when: mosquitto_install or mosquitto_installed is defined
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "mosquitto_install is sameas true" (boolean not string etc)
assert:
that: mosquitto_install is sameas true
fail_msg: "PLEASE SET 'mosquitto_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "mosquitto_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: mosquitto_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'mosquitto_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Install Mosquitto if 'mosquitto_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: mosquitto_installed is undefined
- include_tasks: enable-or-disable.yml
- name: Add 'mosquitto' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: mosquitto
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Mosquitto service
- option: description
value: '"Mosquitto (uses the MQTT protocol) is a pub-sub broker for electronics projects and educational Internet of Things (IoT) experiments. It''s designed for TCP/IP with remote locations where a ''small code footprint'' is required or bandwidth is limited. See also: Node-RED"'
- option: mosquitto_enabled
value: "{{ mosquitto_enabled }}"

15
roles/nginx/README.md
View file

@ -10,7 +10,7 @@
2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX.
3. Current state of IIAB App/Service migrations as of 2020-09-21:
3. Current state of IIAB App/Service migrations as of 2020-09-22:
1. These support "Native" NGINX but ***NOT*** Apache
* Admin Console
@ -40,16 +40,17 @@
* nodered
4. These each run their own web server or non-web / backend services, e.g. off of their own [unique port(s)](https://github.com/iiab/iiab/wiki/IIAB-Networking#list-of-ports--services) (IIAB home pages link directly to these destinations). In future we'd like mnemonic URL's for all of these: (e.g. http://box/calibre, http://box/archive, http://box/kalite)
* bluetooth
* calibre (menu goes directly to port 8080)
* internetarchive (menu goes directly to port 4244, [PR #2120](https://github.com/iiab/iiab/pull/2120)) [*]
* kalite (menu goes directly to ports 8006-8008)
* minetest [*]
* minetest
* mosquitto
* openvpn
* mosquitto [*]
* pbx [*, requires Apache for now, as in Section iii.]
* phpmyadmin [*, requires Apache for now, as in Section iii.]
* phpmyadmin [requires Apache for now, as in Section iii.]
* samba
* transmission [*]
* vnstat [*]
* transmission
* vnstat
[*] The 8 above starred roles could use improvement, as of 2020-09-21.
[*] The 3 above starred roles could use improvement, as of 2020-09-22.

9
roles/phpmyadmin/tasks/enable-or-disable.yml Normal file
View file

@ -0,0 +1,9 @@
- name: Enable phpMyAdmin via Apache, if phpmyadmin_enabled
command: a2ensite phpmyadmin.conf
when: phpmyadmin_enabled | bool
#when: apache_installed is defined and phpmyadmin_enabled
- name: Disable phpMyAdmin via Apache, if not phpmyadmin_enabled
command: a2dissite phpmyadmin.conf
when: not phpmyadmin_enabled
#when: apache_installed is defined and not phpmyadmin_enabled

75
roles/phpmyadmin/tasks/install.yml Normal file
View file

@ -0,0 +1,75 @@
- name: "Set 'apache_install: True' and 'apache_enabled: True'"
set_fact:
apache_install: True
apache_enabled: True
- name: APACHE - run 'httpd' role
include_role:
name: httpd
- name: Download {{ iiab_download_url }}/{{ phpmyadmin_name_zip }} to {{ downloads_dir }}
get_url:
url: "{{ iiab_download_url }}/{{ phpmyadmin_name_zip }}"
dest: "{{ downloads_dir }}"
timeout: "{{ download_timeout }}"
when: internet_available | bool
- name: Does {{ downloads_dir }}/{{ phpmyadmin_name_zip }} exist? # e.g. /opt/iiab/downloads/phpMyAdmin-5.0.2-all-languages.zip
stat:
path: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }}"
register: phpmyadmin_dl
- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/{{ phpmyadmin_name_zip }} doesn't exist
fail:
msg: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }} is REQUIRED in order to install phpMyAdmin."
when: not phpmyadmin_dl.stat.exists
- name: Unzip to permanent location /opt/{{ phpmyadmin_name }}, owned by {{ apache_user }}
unarchive:
src: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }}"
dest: /opt
owner: "{{ apache_user }}"
- name: Symlink /opt/phpmyadmin -> {{ phpmyadmin_name }}
file:
src: "{{ phpmyadmin_name }}"
path: /opt/phpmyadmin
owner: "{{ apache_user }}" # Some Linux's ignore symlink owners?
state: link
- name: Install /opt/phpmyadmin/config.inc.php owned by {{ apache_user }}, from template
template:
src: config.inc.php
dest: /opt/phpmyadmin/config.inc.php
owner: "{{ apache_user }}"
# Above 3 stanzas set link/tree/contents ownership to {{ apache_user }}:root
# OOPS: CHOWN BELOW CHANGED LINK ALONE (TREE/CONTENTS REMAINED root:root)
# - name: Change the owner of the PHP tree to Apache
# shell: "chown -R {{ apache_user }} /opt/phpmyadmin"
# #file:
# # path: "/opt/{{ phpmyadmin_name_zip }}"
# # owner: "{{ apache_user }}"
# # recurse: yes
# # state: directory
- name: Install /etc/{{ apache_conf_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled
template:
src: phpmyadmin.j2
dest: "/etc/{{ apache_conf_dir }}/phpmyadmin.conf"
when: apache_installed is defined
# RECORD phpMyAdmin AS INSTALLED
- name: "Set 'phpmyadmin_installed: True'"
set_fact:
phpmyadmin_installed: True
- name: "Add 'phpmyadmin_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^phpmyadmin_installed'
line: 'phpmyadmin_installed: True'

103
roles/phpmyadmin/tasks/main.yml
View file

@ -1,92 +1,35 @@
- name: "Set 'apache_install: True' and 'apache_enabled: True'"
set_fact:
apache_install: True
apache_enabled: True
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- name: APACHE - run 'httpd' role
include_role:
name: httpd
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "phpmyadmin_install is sameas true" (boolean not string etc)
assert:
that: phpmyadmin_install is sameas true
fail_msg: "PLEASE SET 'phpmyadmin_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "phpmyadmin_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: phpmyadmin_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'phpmyadmin_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Download {{ iiab_download_url }}/{{ phpmyadmin_name_zip }} to {{ downloads_dir }}
get_url:
url: "{{ iiab_download_url }}/{{ phpmyadmin_name_zip }}"
dest: "{{ downloads_dir }}"
timeout: "{{ download_timeout }}"
when: internet_available | bool
- name: Does {{ downloads_dir }}/{{ phpmyadmin_name_zip }} exist? # e.g. /opt/iiab/downloads/phpMyAdmin-4.8.3-all-languages.zip
stat:
path: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }}"
register: phpmyadmin_dl
- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/{{ phpmyadmin_name_zip }} doesn't exist
fail:
msg: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }} is REQUIRED in order to install phpMyAdmin."
when: not phpmyadmin_dl.stat.exists
- name: Unzip to permanent location /opt/{{ phpmyadmin_name }}, owned by {{ apache_user }}
unarchive:
src: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }}"
dest: /opt
owner: "{{ apache_user }}"
- name: Symlink /opt/phpmyadmin -> {{ phpmyadmin_name }}
file:
src: "{{ phpmyadmin_name }}"
path: /opt/phpmyadmin
owner: "{{ apache_user }}" # Some Linux's ignore symlink owners?
state: link
- name: Install /opt/phpmyadmin/config.inc.php owned by {{ apache_user }}, from template
template:
src: config.inc.php
dest: /opt/phpmyadmin/config.inc.php
owner: "{{ apache_user }}"
# Above 3 stanzas set link/tree/contents ownership to {{ apache_user }}:root
# OOPS: CHOWN BELOW CHANGED LINK ALONE (TREE/CONTENTS REMAINED root:root)
# - name: Change the owner of the PHP tree to Apache
# shell: "chown -R {{ apache_user }} /opt/phpmyadmin"
# #file:
# # path: "/opt/{{ phpmyadmin_name_zip }}"
# # owner: "{{ apache_user }}"
# # recurse: yes
# # state: directory
- name: Install /etc/{{ apache_conf_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled
template:
src: phpmyadmin.j2
dest: "/etc/{{ apache_conf_dir }}/phpmyadmin.conf"
when: apache_installed is defined
- name: Install phpMyAdmin if 'phpmyadmin_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: phpmyadmin_installed is undefined
# RECORD phpMyAdmin AS INSTALLED
- name: "Set 'phpmyadmin_installed: True'"
set_fact:
phpmyadmin_installed: True
- name: "Add 'phpmyadmin_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^phpmyadmin_installed'
line: 'phpmyadmin_installed: True'
- name: Enable phpMyAdmin via Apache, if phpmyadmin_enabled
command: a2ensite phpmyadmin.conf
when: apache_installed is defined and phpmyadmin_enabled
- name: Disable phpMyAdmin via Apache, if not phpmyadmin_enabled
command: a2dissite phpmyadmin.conf
when: apache_installed is defined and not phpmyadmin_enabled
- include_tasks: enable-or-disable.yml
- name: Add 'phpmyadmin' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: phpmyadmin
option: "{{ item.option }}"
value: "{{ item.value | string }}"

13
roles/pylibs/tasks/main.yml
View file

@ -9,3 +9,16 @@
- { src: 'iiab_const.py.j2', dest: '{{ py3_dist_path }}/iiab/iiab_const.py' }
- { src: 'iiab_lib.py', dest: '{{ py3_dist_path }}/iiab/iiab_lib.py' }
- { src: 'iiab_env.py.j2', dest: '{{ iiab_etc_path }}/iiab_env.py' }
# RECORD pylibs AS INSTALLED
- name: "Set 'pylibs_installed: True'"
set_fact:
pylibs_installed: True
- name: "Add 'pylibs_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^pylibs_installed'
line: 'pylibs_installed: True'

4
roles/samba/tasks/enable-or-disable.yml
View file

@ -1,3 +1,7 @@
- name: systemd daemon-reload
systemd:
daemon_reload: yes
- name: Enable & Start Samba service ({{ smb_service }}) and NetBIOS name service ({{ nmb_service }}) if samba_enabled
systemd:
name: "{{ item }}"

7
roles/sugarizer/tasks/main.yml
View file

@ -27,11 +27,12 @@
set_fact:
mongodb_install: True
# auto started by sugarizer.service just to record that mongodb should be running
# MongoDB auto-started by sugarizer.service - let's set 'mongodb_enabled: True'
# regardless - anticipating that MongoDB (should!) run on demand:
- name: "Set 'mongodb_enabled: True' when sugarizer_enabled"
set_fact:
mongodb_enabled: True
when: sugarizer_enabled
when: sugarizer_enabled | bool
- name: MONGODB - run 'mongodb' role (attempt to install MongoDB)
include_role:
@ -39,7 +40,7 @@
- name: EXIT 'sugarizer' ROLE & CONTINUE, IF 'mongodb_installed is undefined'
fail: # FORCE IT RED THIS ONCE!
msg: MongoDB INSTALLATION FAILED, likely because your OS is Debian. Nevertheless IIAB will continue (consider this a warning!)
msg: MongoDB INSTALLATION FAILED, perhaps because your OS is Debian 10 on aarch64? Nevertheless IIAB will continue (consider this a warning!)
when: mongodb_installed is undefined
ignore_errors: yes

1
roles/sugarizer/tasks/main2.yml
View file

@ -4,6 +4,7 @@
- block: # 2 STANZAS BELOW, CONDITIONED ON 'when: sugarizer_enabled | bool'
# LIKELY UNNEC: THIS SAME CODE IS IN main.yml (LINES 32-35, ALREADY RUN)
# sugarizer.service line 'Requires=mongodb.service' auto-starts MongoDB (but record that in var too)
- name: "Set 'mongodb_enabled: True' if sugarizer_enabled"
set_fact:

25
roles/transmission/tasks/enable-or-disable.yml Normal file
View file

@ -0,0 +1,25 @@
- name: Enable & (Re)Start 'transmission-daemon' systemd service, if transmission_enabled
systemd:
daemon_reload: yes
name: transmission-daemon
enabled: yes
state: restarted
when: transmission_enabled | bool
- name: Add PAUSED KA Lite torrent(s) to transmission-daemon's queue
shell: >
/usr/bin/transmission-remote
--start-paused
-n {{ transmission_username }}:{{ transmission_password }}
-a http://pantry.learningequality.org/downloads/ka-lite/{{ transmission_kalite_version }}/content/ka-lite-0.17-resized-videos-{{ item }}.torrent
with_items: "{{ transmission_kalite_languages }}"
when: transmission_enabled and transmission_provision and transmission_kalite_languages is defined and transmission_kalite_languages is not none
ignore_errors: yes
- name: Disable & Stop 'transmission-daemon' service, if not transmission_enabled
systemd:
daemon_reload: yes
name: transmission-daemon
enabled: no
state: stopped
when: not transmission_enabled

41
roles/transmission/tasks/install.yml Normal file
View file

@ -0,0 +1,41 @@
- name: "Install BitTorrent packages: transmission-daemon, transmission-cli"
package:
name:
- transmission-daemon
- transmission-cli
state: present
- name: Create download dir {{ transmission_download_dir }}, owned by {{ transmission_user }}:{{ transmission_group }}
file:
state: directory
path: "{{ transmission_download_dir }}" # /library/transmission
owner: "{{ transmission_user }}" # debian-transmission
group: "{{ transmission_group }}" # root
# mode: '0755'
- name: Stop 'transmission-daemon' systemd service, before modifying its settings
systemd:
name: transmission-daemon
state: stopped
ignore_errors: yes
- name: Install /etc/transmission-daemon/settings.json from template
template:
src: settings.json.j2
dest: /etc/transmission-daemon/settings.json
owner: "{{ transmission_user }}" # debian-transmission
group: "{{ transmission_group }}" # root
# mode: '0644'
# RECORD Transmission AS INSTALLED
- name: "Set 'transmission_installed: True'"
set_fact:
transmission_installed: True
- name: "Add 'transmission_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^transmission_installed'
line: 'transmission_installed: True'

83
roles/transmission/tasks/main.yml
View file

@ -1,76 +1,35 @@
- name: "Install BitTorrent packages: transmission-daemon, transmission-cli"
package:
name:
- transmission-daemon
- transmission-cli
state: present
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- name: Create download dir {{ transmission_download_dir }}, owned by {{ transmission_user }}:{{ transmission_group }}
file:
state: directory
path: "{{ transmission_download_dir }}" # /library/transmission
owner: "{{ transmission_user }}" # debian-transmission
group: "{{ transmission_group }}" # root
# mode: '0755'
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Stop 'transmission-daemon' systemd service, before modifying its settings
systemd:
name: transmission-daemon
state: stopped
ignore_errors: yes
- name: Assert that "transmission_install is sameas true" (boolean not string etc)
assert:
that: transmission_install is sameas true
fail_msg: "PLEASE SET 'transmission_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Install /etc/transmission-daemon/settings.json from template
template:
src: settings.json.j2
dest: /etc/transmission-daemon/settings.json
owner: "{{ transmission_user }}" # debian-transmission
group: "{{ transmission_group }}" # root
# mode: '0644'
- name: Assert that "transmission_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: transmission_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'transmission_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
# RECORD Transmission AS INSTALLED
- name: "Set 'transmission_installed: True'"
set_fact:
transmission_installed: True
- name: "Add 'transmission_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^transmission_installed'
line: 'transmission_installed: True'
- name: Install Transmission if 'transmission_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: transmission_installed is undefined
- name: Enable & Restart 'transmission-daemon' systemd service, incl daemon-reload
systemd:
name: transmission-daemon
daemon_reload: yes
enabled: yes
state: restarted
when: transmission_enabled | bool
- name: Add PAUSED KA Lite torrent(s) to transmission-daemon's queue
shell: >
/usr/bin/transmission-remote
--start-paused
-n {{ transmission_username }}:{{ transmission_password }}
-a http://pantry.learningequality.org/downloads/ka-lite/{{ transmission_kalite_version }}/content/ka-lite-0.17-resized-videos-{{ item }}.torrent
with_items: "{{ transmission_kalite_languages }}"
when: transmission_enabled and transmission_provision and transmission_kalite_languages is defined and transmission_kalite_languages is not none
ignore_errors: yes
- name: Disable & Stop 'transmission-daemon' service, if not transmission_enabled
systemd:
name: transmission-daemon
daemon_reload: yes
enabled: no
state: stopped
when: not transmission_enabled
- include_tasks: enable-or-disable.yml
- name: Add 'transmission' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: transmission
option: "{{ item.option }}"
value: "{{ item.value | string }}"

15
roles/vnstat/tasks/enable-or-disable.yml Normal file
View file

@ -0,0 +1,15 @@
- name: Enable & (Re)Start 'vnstat' systemd service, if vnstat_enabled
systemd:
daemon_reload: yes
name: vnstat
enabled: yes
state: restarted
when: vnstat_enabled | bool
- name: Disable & Stop 'vnstat' systemd service, if not vnstat_enabled
systemd:
daemon_reload: yes
name: vnstat
enabled: no
state: stopped
when: not vnstat_enabled

32
roles/vnstat/tasks/install.yml Normal file
View file

@ -0,0 +1,32 @@
- name: Install 'vnstat' package
package:
name: vnstat
state: present
- name: Install /etc/vnstat.conf from template
template:
src: vnstat.conf.j2
dest: /etc/vnstat.conf
# owner: root
# group: root
mode: '0744'
- name: Create database for WAN to collect vnStat data
shell: /usr/bin/vnstat -i {{ iiab_wan_iface }}
- name: Create database for LAN to collect vnStat data if not appliance config
shell: /usr/bin/vnstat -i {{ iiab_lan_iface }}
when: iiab_lan_iface is defined and iiab_lan_iface != "none"
# RECORD vnStat AS INSTALLED
- name: "Set 'vnstat_installed: True'"
set_fact:
vnstat_installed: True
- name: "Add 'vnstat_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^vnstat_installed'
line: 'vnstat_installed: True'

56
roles/vnstat/tasks/main.yml
View file

@ -1,49 +1,35 @@
- name: Install 'vnstat' package
package:
name: vnstat
state: present
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- name: Install /etc/vnstat.conf from template
template:
src: vnstat.conf.j2
dest: /etc/vnstat.conf
# owner: root
# group: root
mode: '0744'
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Create database for WAN to collect vnStat data
shell: /usr/bin/vnstat -i {{ iiab_wan_iface }}
- name: Assert that "vnstat_install is sameas true" (boolean not string etc)
assert:
that: vnstat_install is sameas true
fail_msg: "PLEASE SET 'vnstat_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Create database for LAN to collect vnStat data if not appliance config
shell: /usr/bin/vnstat -i {{ iiab_lan_iface }}
when: iiab_lan_iface is defined and iiab_lan_iface != "none"
- name: Assert that "vnstat_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: vnstat_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'vnstat_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
# RECORD vnStat AS INSTALLED
- name: "Set 'vnstat_installed: True'"
set_fact:
vnstat_installed: True
- name: "Add 'vnstat_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^vnstat_installed'
line: 'vnstat_installed: True'
- name: Install vnStat if 'vnstat_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: vnstat_installed is undefined
- name: Enable & (Re)Start 'vnstat' systemd service, if vnstat_enabled
systemd:
name: vnstat
daemon_reload: yes
enabled: yes
state: restarted
when: vnstat_enabled | bool
- include_tasks: enable-or-disable.yml
- name: Add 'vnstat' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: vnstat
option: "{{ item.option }}"
value: "{{ item.value | string }}"

10
vars/default_vars.yml
View file

@ -349,12 +349,12 @@ idmgr_enabled: False # 2020-01-23: UNUSED
# 6-GENERIC-APPS
# UNMAINTAINED as of September 2020
azuracast_install: False
azuracast_enabled: False
azuracast_enabled: False # This var is currently IGNORED.
azuracast_http_port: 10080
azuracast_https_port: 10443
#
# AzuraCast needs many ports in the 8000:8100 range by default, but IIAB
# services conflict with those ports so this variable below sets a sane prefix.
# e.g. setting the below variable to 10 will result in port ranges 10000-10100
@ -492,7 +492,7 @@ vector_map_path: "{{ content_base }}/www/osm-vector-maps" # /library/www/osm-
# roles/sugarizer/meta/main.yml auto-invokes 2 above prereqs: mongodb & nodejs
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
# 2020-09-22: Both vars WERE IGNORED on Deb 10 (MongoDB) but no longer? #1437
sugarizer_install: False
sugarizer_enabled: False
sugarizer_port: 8089
@ -540,7 +540,7 @@ transmission_kalite_languages:
awstats_install: True
awstats_enabled: True
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
# 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849
monit_install: False
monit_enabled: False
watchdog:

7
vars/local_vars_big.yml
View file

@ -219,8 +219,9 @@ iiab_usb_lib_show_all: True
# 6-GENERIC-APPS
# UNMAINTAINED as of September 2020
azuracast_install: False
azuracast_enabled: False
azuracast_enabled: False # This var is currently IGNORED.
# UNMAINTAINED as of January 2020: https://github.com/iiab/iiab/issues/2056
# dokuwiki_install: False
@ -305,7 +306,7 @@ osm_vector_maps_enabled: True
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
# 2020-09-22: Both vars WERE IGNORED on Deb 10 (MongoDB) but no longer? #1437
sugarizer_install: True
sugarizer_enabled: True
@ -336,7 +337,7 @@ transmission_kalite_languages:
awstats_install: True
awstats_enabled: True
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
# 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849
monit_install: False
monit_enabled: False

7
vars/local_vars_medium.yml
View file

@ -219,8 +219,9 @@ iiab_usb_lib_show_all: True
# 6-GENERIC-APPS
# UNMAINTAINED as of September 2020
azuracast_install: False
azuracast_enabled: False
azuracast_enabled: False # This var is currently IGNORED.
# UNMAINTAINED as of January 2020: https://github.com/iiab/iiab/issues/2056
# dokuwiki_install: False
@ -305,7 +306,7 @@ osm_vector_maps_enabled: True
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
# 2020-09-22: Both vars WERE IGNORED on Deb 10 (MongoDB) but no longer? #1437
sugarizer_install: True
sugarizer_enabled: True
@ -336,7 +337,7 @@ transmission_kalite_languages:
awstats_install: True
awstats_enabled: True
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
# 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849
monit_install: False
monit_enabled: False

7
vars/local_vars_min.yml
View file

@ -219,8 +219,9 @@ iiab_usb_lib_show_all: True
# 6-GENERIC-APPS
# UNMAINTAINED as of September 2020
azuracast_install: False
azuracast_enabled: False
azuracast_enabled: False # This var is currently IGNORED.
# UNMAINTAINED as of January 2020: https://github.com/iiab/iiab/issues/2056
# dokuwiki_install: False
@ -305,7 +306,7 @@ osm_vector_maps_enabled: True
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
# 2020-09-22: Both vars WERE IGNORED on Deb 10 (MongoDB) but no longer? #1437
sugarizer_install: False
sugarizer_enabled: False
@ -336,7 +337,7 @@ transmission_kalite_languages:
awstats_install: True
awstats_enabled: True
# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
# 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849
monit_install: False
monit_enabled: False