From 03748e4de7072c235f7b9cb821cf2a9e24d83827 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 24 Jan 2020 03:25:49 -0600 Subject: [PATCH 01/23] split out apache install from httpd --- roles/3-base-server/tasks/main.yml | 11 +++++++---- roles/httpd/tasks/main.yml | 2 +- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 3575e9645..1b76dca9c 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -3,21 +3,24 @@ - name: ...IS BEGINNING ===================================== command: echo -- name: HTTPD (APACHE) +- name: HTTPD include_role: name: httpd - when: apache_install | bool - name: MYSQL include_role: name: mysql when: mysql_install | bool -- name: Install NGINX (configured LATER, in Stage 9-LOCAL-ADDONS) +- name: Install APACHE (configured LATER, in Stage 4) + include_tasks: roles/httpd/tasks/install.yml + when: apache_install | bool + +- name: Install NGINX (configured LATER, in Stage 4) include_tasks: roles/nginx/tasks/install.yml when: nginx_install | bool -- name: Install dnsmasq +- name: Install dnsmasq (configured LATER, in network) include_tasks: roles/network/tasks/dnsmasq.yml when: dnsmasq_install | bool diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 945c3e7d4..e4fdd9c5c 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -9,7 +9,7 @@ # - And that we really don't want to invoke it hereunder? # - Save relevant apache_* vars to /etc/iiab/iiab.ini -- include_tasks: install.yml +#- include_tasks: install.yml - include_tasks: html.yml - include_tasks: php-stem.yml From f2395ec8d9c80f6684a882e53da7fc11556eba77 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2020 23:45:36 -0600 Subject: [PATCH 02/23] homepage used by apache --- roles/4-server-options/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 9f94cde9e..16ce4adc4 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -29,10 +29,10 @@ # This is in Stage 4-SERVER-OPTIONS (rather than 3-BASE-SERVER) because var # iiab_home_url changes, and may need to be re-run in the field/offline/etc. -- name: HOMEPAGE +- name: HOMEPAGE under Apache include_role: name: homepage - # has no "when: XXXXX_install" flag + when: not nginx_enabled - name: CUPS include_role: From 01913a8e540cf062f949e0bed746238b533dd95c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 7 Feb 2020 01:22:12 -0600 Subject: [PATCH 03/23] didn't move yet --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 1b76dca9c..18c9baffd 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -12,11 +12,11 @@ name: mysql when: mysql_install | bool -- name: Install APACHE (configured LATER, in Stage 4) +- name: Install APACHE (configured LATER, in Stage 9) include_tasks: roles/httpd/tasks/install.yml when: apache_install | bool -- name: Install NGINX (configured LATER, in Stage 4) +- name: Install NGINX (configured LATER, in Stage 9) include_tasks: roles/nginx/tasks/install.yml when: nginx_install | bool From 1d4591478a8e3a46da12b96ab2d5c7e498a87e74 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 03:08:16 -0500 Subject: [PATCH 04/23] Cleaner roles/httpd & roles/nginx --- .../httpd-enable/tasks/main.yml | 0 roles/3-base-server/tasks/main.yml | 23 ++-- roles/4-server-options/tasks/main.yml | 21 +++- roles/9-local-addons/tasks/main.yml | 42 ++++--- .../files/{osm.conf => osm.conf.deprecated} | 0 roles/httpd/tasks/enable.yml | 69 ---------- roles/httpd/tasks/install.yml | 43 ++++--- roles/httpd/tasks/main.yml | 85 +++++++++++-- .../{httpd.j2 => httpd.j2.deprecated} | 0 .../{iiab-http => iiab-http.deprecated} | 0 .../{iiab-http.j2 => iiab-http.j2.deprecated} | 0 .../{php.ini.j2 => php.ini.j2.deprecated} | 0 roles/internetarchive/tasks/main.yml | 2 +- roles/nginx/tasks/enable-or-disable.yml | 40 ++++++ roles/nginx/tasks/install.yml | 35 ++++-- roles/nginx/tasks/main.yml | 119 ++++++++---------- .../files/html/assets/lang_codes.json | 0 .../files/html/css/bootstrap-theme.css | 0 .../files/html/css/bootstrap-theme.css.map | 0 .../files/html/css/bootstrap-theme.min.css | 0 .../html/css/bootstrap-theme.min.css.map | 0 .../files/html/css/bootstrap.css | 0 .../files/html/css/bootstrap.css.map | 0 .../files/html/css/bootstrap.min.css | 0 .../files/html/css/bootstrap.min.css.map | 0 .../files/html/css/bootstrap4.min.css | 0 .../files/html/css/fa.all.min.css | 0 .../files/html/css/font-faces.css | 0 .../files/html/css/xo-common.css | 0 .../bubblegum-sans-v6-latin-regular.woff | Bin .../bubblegum-sans-v6-latin-regular.woff2 | Bin .../files/html/fonts/fa-solid-900.woff | Bin .../files/html/fonts/fa-solid-900.woff2 | Bin .../fonts/finger-paint-v7-latin-regular.woff | Bin .../fonts/finger-paint-v7-latin-regular.woff2 | Bin .../html/fonts/flavors-v6-latin-regular.woff | Bin .../html/fonts/flavors-v6-latin-regular.woff2 | Bin .../fonts/freckle-face-v6-latin-regular.woff | Bin .../fonts/freckle-face-v6-latin-regular.woff2 | Bin .../fonts/glyphicons-halflings-regular.eot | Bin .../fonts/glyphicons-halflings-regular.svg | 0 .../fonts/glyphicons-halflings-regular.ttf | Bin .../fonts/glyphicons-halflings-regular.woff | Bin .../html/fonts/open-sans-v15-latin-600.woff | Bin .../html/fonts/open-sans-v15-latin-600.woff2 | Bin .../html/fonts/open-sans-v15-latin-700.woff | Bin .../html/fonts/open-sans-v15-latin-700.woff2 | Bin .../fonts/open-sans-v15-latin-regular.woff | Bin .../fonts/open-sans-v15-latin-regular.woff2 | Bin .../files/html/html/credits.html | 0 .../files/html/js/Markdown.Converter.js | 0 .../files/html/js/Markdown.Sanitizer.js | 0 .../files/html/js/XMLDisplay.js | 0 .../files/html/js/bootstrap.js | 0 .../files/html/js/bootstrap.min.js | 0 .../files/html/js/bootstrap4.min.js | 0 .../files/html/js/jquery.min.js | 0 .../files/html/services/power_off.php | 0 roles/{httpd => web_support}/tasks/html.yml | 0 roles/web_support/tasks/main.yml | 36 ++++++ .../{httpd => web_support}/tasks/php-stem.yml | 2 +- .../templates/020_apache_poweroff.j2 | 0 .../templates/iiab-refresh-wiki-docs.sh} | 0 63 files changed, 311 insertions(+), 206 deletions(-) rename roles/{ => 0-DEPRECATED-ROLES}/httpd-enable/tasks/main.yml (100%) rename roles/httpd/files/{osm.conf => osm.conf.deprecated} (100%) delete mode 100644 roles/httpd/tasks/enable.yml rename roles/httpd/templates/{httpd.j2 => httpd.j2.deprecated} (100%) rename roles/httpd/templates/{iiab-http => iiab-http.deprecated} (100%) rename roles/httpd/templates/{iiab-http.j2 => iiab-http.j2.deprecated} (100%) rename roles/httpd/templates/{php.ini.j2 => php.ini.j2.deprecated} (100%) create mode 100644 roles/nginx/tasks/enable-or-disable.yml rename roles/{httpd => web_support}/files/html/assets/lang_codes.json (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap-theme.css (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap-theme.css.map (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap-theme.min.css (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap-theme.min.css.map (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap.css (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap.css.map (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap.min.css (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap.min.css.map (100%) rename roles/{httpd => web_support}/files/html/css/bootstrap4.min.css (100%) rename roles/{httpd => web_support}/files/html/css/fa.all.min.css (100%) rename roles/{httpd => web_support}/files/html/css/font-faces.css (100%) rename roles/{httpd => web_support}/files/html/css/xo-common.css (100%) rename roles/{httpd => web_support}/files/html/fonts/bubblegum-sans-v6-latin-regular.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 (100%) rename roles/{httpd => web_support}/files/html/fonts/fa-solid-900.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/fa-solid-900.woff2 (100%) rename roles/{httpd => web_support}/files/html/fonts/finger-paint-v7-latin-regular.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/finger-paint-v7-latin-regular.woff2 (100%) rename roles/{httpd => web_support}/files/html/fonts/flavors-v6-latin-regular.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/flavors-v6-latin-regular.woff2 (100%) rename roles/{httpd => web_support}/files/html/fonts/freckle-face-v6-latin-regular.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/freckle-face-v6-latin-regular.woff2 (100%) rename roles/{httpd => web_support}/files/html/fonts/glyphicons-halflings-regular.eot (100%) rename roles/{httpd => web_support}/files/html/fonts/glyphicons-halflings-regular.svg (100%) rename roles/{httpd => web_support}/files/html/fonts/glyphicons-halflings-regular.ttf (100%) rename roles/{httpd => web_support}/files/html/fonts/glyphicons-halflings-regular.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/open-sans-v15-latin-600.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/open-sans-v15-latin-600.woff2 (100%) rename roles/{httpd => web_support}/files/html/fonts/open-sans-v15-latin-700.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/open-sans-v15-latin-700.woff2 (100%) rename roles/{httpd => web_support}/files/html/fonts/open-sans-v15-latin-regular.woff (100%) rename roles/{httpd => web_support}/files/html/fonts/open-sans-v15-latin-regular.woff2 (100%) rename roles/{httpd => web_support}/files/html/html/credits.html (100%) rename roles/{httpd => web_support}/files/html/js/Markdown.Converter.js (100%) rename roles/{httpd => web_support}/files/html/js/Markdown.Sanitizer.js (100%) rename roles/{httpd => web_support}/files/html/js/XMLDisplay.js (100%) rename roles/{httpd => web_support}/files/html/js/bootstrap.js (100%) rename roles/{httpd => web_support}/files/html/js/bootstrap.min.js (100%) rename roles/{httpd => web_support}/files/html/js/bootstrap4.min.js (100%) rename roles/{httpd => web_support}/files/html/js/jquery.min.js (100%) rename roles/{httpd => web_support}/files/html/services/power_off.php (100%) rename roles/{httpd => web_support}/tasks/html.yml (100%) create mode 100644 roles/web_support/tasks/main.yml rename roles/{httpd => web_support}/tasks/php-stem.yml (93%) rename roles/{httpd => web_support}/templates/020_apache_poweroff.j2 (100%) rename roles/{httpd/templates/refresh-wiki-docs.sh => web_support/templates/iiab-refresh-wiki-docs.sh} (100%) diff --git a/roles/httpd-enable/tasks/main.yml b/roles/0-DEPRECATED-ROLES/httpd-enable/tasks/main.yml similarity index 100% rename from roles/httpd-enable/tasks/main.yml rename to roles/0-DEPRECATED-ROLES/httpd-enable/tasks/main.yml diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 18c9baffd..e42cefcef 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -3,24 +3,29 @@ - name: ...IS BEGINNING ===================================== command: echo -- name: HTTPD - include_role: - name: httpd - - name: MYSQL include_role: name: mysql when: mysql_install | bool -- name: Install APACHE (configured LATER, in Stage 9) - include_tasks: roles/httpd/tasks/install.yml +- name: WEB_SUPPORT + include_role: + name: web_support + #when: web_support_install | bool + when: apache_install or nginx_install + +- name: APACHE (install now, configure LATER in Stage 9) + include_role: + name: httpd when: apache_install | bool -- name: Install NGINX (configured LATER, in Stage 9) - include_tasks: roles/nginx/tasks/install.yml +- name: NGINX (install now, configure LATER in Stage 9) + include_role: + name: nginx + #include_tasks: roles/nginx/tasks/install.yml when: nginx_install | bool -- name: Install dnsmasq (configured LATER, in network) +- name: dnsmasq (install now, configure LATER in 'network') include_tasks: roles/network/tasks/dnsmasq.yml when: dnsmasq_install | bool diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 16ce4adc4..7af710e70 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -20,7 +20,7 @@ - name: Install Bluetooth - only on Raspberry Pi include_role: name: bluetooth - when: is_rpi and bluetooth_install # or bluetooth_installed is defined + when: is_rpi and bluetooth_install - name: USB_LIB include_role: @@ -37,12 +37,27 @@ - name: CUPS include_role: name: cups - when: cups_install # or cups_installed is defined + when: cups_install | bool - name: SAMBA include_role: name: samba - when: samba_install # or samba_installed is defined + when: samba_install | bool + +# DOES THE FLAG BELOW (apache_allow_sudo) WORK WITH NGINX TOO ? + +- name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_apache_poweroff from template + template: + src: 020_apache_poweroff.j2 + dest: /etc/sudoers.d/020_apache_poweroff + mode: '0755' + when: apache_allow_sudo | bool + +- name: Remove {{ apache_user }} (per variable apache_user) permission to poweroff, removing /etc/sudoers.d/020_apache_poweroff + file: + path: /etc/sudoers.d/020_apache_poweroff + state: absent + when: not apache_allow_sudo - name: Run /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (This script was installed at the beginning of Stage 3 = roles/3-base-server/tasks/main.yml, which ran Apache playbook = roles/httpd/tasks/main.yml) command: /usr/bin/iiab-refresh-wiki-docs diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 7a9448a71..2ab2ce0b2 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -30,24 +30,34 @@ name: calibre-web when: calibreweb_install | bool -# Could split these two below to Stage 10? +# Could split these two below to Stage 10? 2020-02-11: Experimentally moving +# stuff below to roles/web_support, 4-server-options, roles/httpd, roles/nginx. -- name: Fully Enable / Configure NGINX (already installed in Stage 3-BASE-SERVER) if 'nginx_enabled' is True - include_role: - name: nginx - when: nginx_enabled | bool # WAS: nginx_install -# If just CONFIGURING (etc) shouldn't we use one of the following instead ?? -# include_tasks: roles/nginx/tasks/setup.yml -# include_tasks: roles/nginx/tasks/enable.yml +# - name: "Set 'nginx_enabled: True'" +# set_fact: +# nginx_enabled: True +# +# - name: Fully Enable / Configure NGINX (already installed in Stage 3-BASE-SERVER) if 'nginx_enabled' is True +# include_role: +# name: nginx +# when: nginx_enabled | bool # WAS: nginx_install +# # If just CONFIGURING (etc) shouldn't we use one of the following instead ?? +# # include_tasks: roles/nginx/tasks/setup.yml +# # include_tasks: roles/nginx/tasks/enable.yml -- name: Fully Enable / Configure Apache systemd service ({{ apache_service }}) if 'apache_enabled' is True - include_role: - name: httpd-enable - when: apache_enabled | bool # WAS: apache_install -# WARNING THAT APACHE IS AUTO-ENABLED BY THESE ~6 APPS ALONE! -# https://github.com/holta/iiab/blob/scaff2/roles/0-init/tasks/main.yml#L40-L44 -# Summarized @ https://github.com/iiab/iiab/blob/master/roles/nginx/README.md -# 2020-01-23: APACHE FUTURE SUMMARY QUESTIONS @ roles/httpd/tasks/main.yml +# - name: "Set 'apache_enabled: True'" +# set_fact: +# apache_enabled: True +# +# - name: Fully Enable / Configure Apache systemd service ({{ apache_service }}) if 'apache_enabled' is True +# include_role: +# name: httpd +# #name: httpd-enable +# when: apache_enabled | bool # WAS: apache_install +# # WARNING THAT APACHE IS AUTO-ENABLED BY THESE ~6 APPS ALONE! +# # https://github.com/holta/iiab/blob/scaff2/roles/0-init/tasks/main.yml#L40-L44 +# # Summarized @ https://github.com/iiab/iiab/blob/master/roles/nginx/README.md +# # 2020-01-23: APACHE FUTURE SUMMARY QUESTIONS @ roles/httpd/tasks/main.yml - name: Recording STAGE 9 HAS COMPLETED ==================== lineinfile: diff --git a/roles/httpd/files/osm.conf b/roles/httpd/files/osm.conf.deprecated similarity index 100% rename from roles/httpd/files/osm.conf rename to roles/httpd/files/osm.conf.deprecated diff --git a/roles/httpd/tasks/enable.yml b/roles/httpd/tasks/enable.yml deleted file mode 100644 index 280dfdd02..000000000 --- a/roles/httpd/tasks/enable.yml +++ /dev/null @@ -1,69 +0,0 @@ -# For schools that use WordPress/Nextcloud/Moodle intensively. iiab/iiab#1147 -# WARNING: Enabling this might cause excess use of RAM/disk or other resources! -- name: Enact high limits in /etc/php/{{ php_version }}/{{ apache_service }}/php.ini if using WordPress/Nextcloud/Moodle intensively - lineinfile: - path: "/etc/php/{{ php_version }}/{{ apache_service }}/php.ini" - regexp: "{{ item.regexp }}" - line: "{{ item.line }}" - when: apache_high_php_limits | bool - with_items: - - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 500M ; default is 2M' } - - { regexp: '^post_max_size', line: 'post_max_size = 500M ; default is 8M' } - - { regexp: '^memory_limit', line: 'memory_limit = 256M ; default is 128M / Nextcloud requests 512M' } - - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' } - - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } - -- name: Install Apache's 010-iiab.conf & proxy_ajp.conf into /etc/apache2/sites-available, from templates - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - # owner: root - # group: root - # mode: 0644 - with_items: - - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_conf_dir }}/010-iiab.conf' } - - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_conf_dir }}/proxy_ajp.conf' } - -- name: Enable our site, creating 010-iiab.conf symlink from sites-enabled to sites-available (debuntu) - file: - src: "/etc/{{ apache_conf_dir }}/010-iiab.conf" - path: /etc/apache2/sites-enabled/010-iiab.conf - state: link - when: is_debuntu | bool - -# SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways) -- name: Install /etc/{{ apache_conf_dir }}/osm.conf for http://box/maps (all OS's) - copy: - src: roles/httpd/files/osm.conf - dest: "/etc/{{ apache_conf_dir }}" - # owner: root - # group: root - # mode: 0644 - when: osm_vector_maps_install | bool - -- name: Symlink /etc/apache2/sites-enabled/osm.conf -> /etc/{{ apache_conf_dir }}/osm.conf (debuntu) - file: - src: "/etc/{{ apache_conf_dir }}/osm.conf" - path: /etc/apache2/sites-enabled/osm.conf - state: link - when: is_debuntu and osm_vector_maps_enabled - -- name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_apache_poweroff from template - template: - src: roles/httpd/templates/020_apache_poweroff.j2 - dest: /etc/sudoers.d/020_apache_poweroff - mode: 0755 - when: apache_allow_sudo | bool - -- name: Remove {{ apache_user }} (per variable apache_user) permission to poweroff, removing /etc/sudoers.d/020_apache_poweroff - file: - path: /etc/sudoers.d/020_apache_poweroff - state: absent - when: not apache_allow_sudo - -- name: Restart Apache systemd service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" - state: restarted - enabled: yes - daemon_reload: yes diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index 03fb3cdf7..df3998db9 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -49,7 +49,7 @@ state: present when: is_redhat | bool -# remove symlinks for mpm-event, replace with mpm-prefork +# Remove symlinks for mpm_event, replace with mpm_prefork - name: Remove both mpm_event symlinks from /etc/apache2/mods-enabled (debuntu) file: path: "/etc/apache2/mods-enabled/{{ item }}" @@ -69,6 +69,19 @@ - mpm_prefork.load when: is_debuntu | bool +# - name: Remove mpm_event.conf & mpm_event.load symlinks, using a2dissite +# command: "a2dissite {{ item }}" +# with_items: +# - mpm_event.conf +# - mpm_event.load +# ignore_errors: yes +# +# - name: Symlink mpm_prefork.conf & mpm_prefork.load, using a2ensite +# command: "a2ensite {{ item }}" +# with_items: +# - mpm_prefork.conf +# - mpm_prefork.load + #- name: 'Turn on mod_proxy using a2enmod with: proxy, proxy_html, headers, rewrite (debuntu)' # command: a2enmod {{ item }} # with_items: @@ -100,11 +113,11 @@ - name: Create Apache's pid dir /var/run/{{ apache_user }} file: + state: directory path: "/var/run/{{ apache_user }}" owner: root group: root mode: '0755' - state: directory - name: 'Create group: admin' group: @@ -120,25 +133,25 @@ - name: Create Apache dir /var/log/{{ apache_service }} file: + state: directory path: "/var/log/{{ apache_service }}" owner: "{{ apache_user }}" group: "{{ apache_user }}" mode: '0755' - state: directory -- name: Enable Apache systemd service ({{ apache_service }}) - service: - name: "{{ apache_service }}" - enabled: yes - state: stopped +- name: Install Apache's 010-iiab.conf & proxy_ajp.conf into /etc/apache2/sites-available, from templates + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + with_items: + - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_conf_dir }}/010-iiab.conf' } + - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_conf_dir }}/proxy_ajp.conf' } -- name: Create /library/www/html/info directory for http://box/info offline docs - file: - path: "{{ doc_root }}/info" - owner: "{{ apache_user }}" - group: "{{ apache_user }}" - mode: '0755' - state: directory +# - name: Enable & Stop '{{ apache_service }}' systemd service +# systemd: +# name: "{{ apache_service }}" +# enabled: yes +# state: stopped # RECORD Apache AS INSTALLED diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index e4fdd9c5c..266ab1693 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -1,20 +1,83 @@ # 2020-01-23 TO DO / Questions: -# - Validate input vars apache_install & apache_enabled here. +# - [DONE] Validate input vars apache_install & apache_enabled here. # - Use as nec, with 'when: apache_installed is undefined' -# - Encapsulate all 3 tasks below into httpd/roles/install.yml ? +# - [DONE: moved them to roles/web_support] Encapsulate all 3 tasks below into httpd/roles/install.yml ? # - Similarly sanity-check httpd/roles/enable.yml or httpd/roles/enable-or-disable.yml... # - Verify that 9-local-addons/tasks/main.yml's invocation of # roles/httpd/tasks/enable.yml (via roles/httpd-enable/tasks/main.yml, if # apache_enabled is True) does the right thing! # - And that we really don't want to invoke it hereunder? -# - Save relevant apache_* vars to /etc/iiab/iiab.ini +# - [DONE] Save relevant apache_* vars to /etc/iiab/iiab.ini -#- include_tasks: install.yml -- include_tasks: html.yml -- include_tasks: php-stem.yml +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (Script can be run manually and/or at the end of Stage 4 = roles/4-server-options/tasks/main.yml) - template: - src: refresh-wiki-docs.sh - dest: /usr/bin/iiab-refresh-wiki-docs - mode: '0755' +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "apache_install is sameas true" (boolean not string etc) + assert: + that: apache_install is sameas true + fail_msg: "PLEASE SET 'apache_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "apache_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: apache_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'apache_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- debug: + var: apache_install +- debug: + var: apache_enabled +- debug: + var: apache_installed + + +- name: Install Apache if 'apache_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: apache_installed is undefined + + +- name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) by running 'a2ensite 010-iiab.conf', if apache_enabled" + command: a2ensite 010-iiab.conf + when: apache_enabled | bool + +- name: Disable IIAB pages via Apache (e.g. on port 80) by running 'a2dissite 010-iiab.conf', if not apache_enabled" + command: a2dissite 010-iiab.conf + when: not apache_enabled + +- name: Enable & (Re)Start {{ apache_service }} systemd service, if apache_enabled + systemd: + name: "{{ apache_service }}" + daemon_reload: yes + enabled: yes + state: restarted + when: apache_enabled | bool + +- name: Disable & Stop {{ apache_service }} systemd service, if not apache_enabled + systemd: + name: "{{ apache_service }}" + enabled: no + state: stopped + when: not apache_enabled + + +- name: Add 'apache' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: wordpress + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Apache + - option: description + value: '"The Apache HTTP Server (''httpd'')."' + - option: apache_install + value: "{{ apache_install }}" + - option: apache_enabled + value: "{{ apache_enabled }}" diff --git a/roles/httpd/templates/httpd.j2 b/roles/httpd/templates/httpd.j2.deprecated similarity index 100% rename from roles/httpd/templates/httpd.j2 rename to roles/httpd/templates/httpd.j2.deprecated diff --git a/roles/httpd/templates/iiab-http b/roles/httpd/templates/iiab-http.deprecated similarity index 100% rename from roles/httpd/templates/iiab-http rename to roles/httpd/templates/iiab-http.deprecated diff --git a/roles/httpd/templates/iiab-http.j2 b/roles/httpd/templates/iiab-http.j2.deprecated similarity index 100% rename from roles/httpd/templates/iiab-http.j2 rename to roles/httpd/templates/iiab-http.j2.deprecated diff --git a/roles/httpd/templates/php.ini.j2 b/roles/httpd/templates/php.ini.j2.deprecated similarity index 100% rename from roles/httpd/templates/php.ini.j2 rename to roles/httpd/templates/php.ini.j2.deprecated diff --git a/roles/internetarchive/tasks/main.yml b/roles/internetarchive/tasks/main.yml index 190880cf0..3b908a143 100644 --- a/roles/internetarchive/tasks/main.yml +++ b/roles/internetarchive/tasks/main.yml @@ -20,7 +20,7 @@ # 2020-02-11: @mitra42 & @holta agree (#2247) that the following 2-stanza -# "UPDATE internetarchive" block should run whenever one is isn't installing +# "UPDATE internetarchive" block should run whenever one isn't installing # (or reinstalling) internetarchive, for now. We're aware this means slowness # during "./runrole internetarchive" but that's very intentional for now -- as # it leads to more testing of more recent versions of internetarchive, which diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml new file mode 100644 index 000000000..cf4c52488 --- /dev/null +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -0,0 +1,40 @@ +- name: Ensure that Apache (({{ apache_service }})) is not running -- we may need port swap + systemd: + name: "{{ apache_service }}" + state: stopped + +- name: Install /etc/{{ apache_service }}/ports.conf from template 1 of 2 (ports.conf.j2) if nginx_enabled, to enable Apache port {{ apache_port }} localhost only + template: + src: ports.conf.j2 + dest: "/etc/{{ apache_service }}/ports.conf" + when: nginx_enabled | bool + +- name: Install /etc/{{ apache_service }}/ports.conf from template 2 of 2 (stock-apache-ports.conf) if not nginx_enabled, to disable Apache port {{ apache_port }} localhost only + template: + src: stock-apache-ports.conf + dest: "/etc/{{ apache_service }}/ports.conf" + when: not nginx_enabled + +- name: Enable & Restart '{{ apache_service }}' if apache_enabled or not nginx_enabled, since we stopped it + systemd: + name: "{{ apache_service }}" + daemon_reload: yes + state: restarted + enabled: true + when: apache_enabled or not nginx_enabled + + +- name: Enable & (Re)Start 'nginx' systemd service, if nginx_enabled + systemd: + name: nginx + daemon_reload: yes + enabled: yes + state: restarted + when: nginx_enabled | bool + +- name: Disable & Stop 'nginx' systemd service, if not nginx_enabled + systemd: + name: nginx + enabled: no + state: stopped + when: not nginx_enabled diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index fcc04db91..d63c85e9e 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -1,4 +1,14 @@ -- name: Install NGINX required and helper packages +# This stanza can likely be removed later in 2020: +- name: 'Remove legacy files if present: /etc/systemd/system/uwsgi.service, {{ nginx_conf_dir }}/usb-lib.conf, {{ nginx_conf_dir }}/modules.conf' + file: + path: "{{ item.path }}" + state: absent + with_items: + - { path: "/etc/systemd/system/uwsgi.service" } + - { path: "{{ nginx_conf_dir }}/usb-lib.conf" } + - { path: "{{ nginx_conf_dir }}/modules.conf" } + +- name: Install required and helper packages for NGINX package: name: "{{ item }}" state: present @@ -9,7 +19,7 @@ - php-fpm - libnginx-mod-http-subs-filter -- name: Add http server user to shadow group, so it can authenticate Admin Console +- name: Add user '{{ apache_user }}' to shadow group, so it can authenticate Admin Console user: name: "{{ apache_user }}" groups: shadow @@ -19,29 +29,30 @@ path: /etc/nginx/sites-enabled/default state: absent -- name: 'Install 4 files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf, /etc/systemd/system/uwsgi.service' +- name: 'Install 3-or-4 files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf' template: src: "{{ item.src }}" dest: "{{ item.dest }}" with_items: - - { src: 'roles/nginx/templates/server.conf.j2', dest: '/etc/nginx/server.conf' } - - { src: 'roles/nginx/templates/nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } - - { src: 'roles/nginx/templates/ports.conf.j2', dest: '/etc/{{ apache_service }}/ports.conf' } + - { src: 'server.conf.j2', dest: '/etc/nginx/server.conf' } + - { src: 'nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } + #- { src: 'ports.conf.j2', dest: '/etc/{{ apache_service }}/ports.conf' } # Moved to enable-or-disable.yml + - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } -# php stem extension is installed in role httpd +# php-stem extension installed by roles/web_support/tasks/php-stem.yml # here it is linked to php-fpm -- name: Create softlink 20-stem.ini to /etc/php/{{ php_version }}/mods-available/stem.ini +- name: Symlink /etc/php/{{ php_version }}/fpm/conf.d/20-stem.ini -> /etc/php/{{ php_version }}/mods-available/stem.ini file: src: "/etc/php/{{ php_version }}/mods-available/stem.ini" path: "/etc/php/{{ php_version }}/fpm/conf.d/20-stem.ini" state: link - when: nginx_enabled + #when: nginx_enabled | bool -- name: Restart php{{ php_version }}-fpm service - service: +- name: Restart php{{ php_version }}-fpm systemd service + systemd: name: "php{{ php_version }}-fpm" state: restarted - when: nginx_enabled + #when: nginx_enabled | bool # RECORD NGINX AS INSTALLED diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 567459612..54884bb0d 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -1,70 +1,51 @@ -- name: Remove stale files (usb-lib.conf, modules.conf) from {{ nginx_conf_dir }} - file: - path: "{{ item.path }}" - state: absent +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 + +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "nginx_install is sameas true" (boolean not string etc) + assert: + that: nginx_install is sameas true + fail_msg: "PLEASE SET 'nginx_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "nginx_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: nginx_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'nginx_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- debug: + var: nginx_install +- debug: + var: nginx_enabled +- debug: + var: nginx_installed + + +- name: Install NGINX if 'nginx_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: nginx_installed is undefined + + +- include_tasks: enable-or-disable.yml + + +- name: Add 'nginx' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: wordpress + option: "{{ item.option }}" + value: "{{ item.value | string }}" with_items: - - { path: "/etc/systemd/system/uwsgi.service" } - - { path: "{{ nginx_conf_dir }}/usb-lib.conf" } - - { path: "{{ nginx_conf_dir }}/modules.conf" } - -- name: Ensure that Apache (({{ apache_service }})) is not running -- we may need port swap - systemd: - name: "{{ apache_service }}" - state: stopped - -- name: "Install from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf, {{ nginx_conf_dir }}/iiab.conf" - template: - src: "{{ item.src}}" - dest: "{{ item.dest }}" - with_items: - - { src: 'server.conf.j2', dest: '/etc/nginx/server.conf' } - - { src: 'nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } - - { src: 'ports.conf.j2', dest: "/etc/{{ apache_service }}/ports.conf" } - - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } - when: nginx_enabled | bool - -# the below slides in nginx's proxypass config files for apache on localhost -# via the ports.conf file installed above -#- name: Install proxpass to Apache running on localhost port {{ apache_port }} -# include_tasks: uses_apache.yml -# when: apache_enabled | bool - -# the below task contains the same logic contained in the playbooks to enable -# 'runrole nginx' to do the right thing but with the 'src' path set to role's -# templates path ie roles//template/ -#- name: Install proxpass to other services 'dual mode' roles -# include_tasks: only_nginx.yml -# when: nginx_enabled | bool - -- name: Stop & Disable 'nginx' systemd service, when not nginx_enabled - systemd: - name: nginx - state: stopped - enabled: false - when: not nginx_enabled - -- name: Disable Apache port {{ apache_port }} localhost only, when not nginx_enabled - template: - dest: /etc/{{ apache_service }}/ports.conf - src: stock-apache-ports.conf - when: not nginx_enabled - -# should have the logic to handle both modes in the playbook -#- name: Enable Apache (a2ensite) for 'dual mode' for the role when NGINX is disabled -# include_tasks: disable.yml -# when: not nginx_enabled - -- name: Enable & Restart Apache, since we stopped it ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" - daemon_reload: yes - state: restarted - enabled: true - when: apache_enabled or not nginx_enabled - -- name: Enable & Restart NGINX, to pick up the config files installed - systemd: - name: nginx - state: restarted - enabled: true - when: nginx_enabled | bool + - option: name + value: NGINX + - option: description + value: '"NGINX is a web server which can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache."' + - option: nginx_install + value: "{{ nginx_install }}" + - option: nginx_enabled + value: "{{ nginx_enabled }}" diff --git a/roles/httpd/files/html/assets/lang_codes.json b/roles/web_support/files/html/assets/lang_codes.json similarity index 100% rename from roles/httpd/files/html/assets/lang_codes.json rename to roles/web_support/files/html/assets/lang_codes.json diff --git a/roles/httpd/files/html/css/bootstrap-theme.css b/roles/web_support/files/html/css/bootstrap-theme.css similarity index 100% rename from roles/httpd/files/html/css/bootstrap-theme.css rename to roles/web_support/files/html/css/bootstrap-theme.css diff --git a/roles/httpd/files/html/css/bootstrap-theme.css.map b/roles/web_support/files/html/css/bootstrap-theme.css.map similarity index 100% rename from roles/httpd/files/html/css/bootstrap-theme.css.map rename to roles/web_support/files/html/css/bootstrap-theme.css.map diff --git a/roles/httpd/files/html/css/bootstrap-theme.min.css b/roles/web_support/files/html/css/bootstrap-theme.min.css similarity index 100% rename from roles/httpd/files/html/css/bootstrap-theme.min.css rename to roles/web_support/files/html/css/bootstrap-theme.min.css diff --git a/roles/httpd/files/html/css/bootstrap-theme.min.css.map b/roles/web_support/files/html/css/bootstrap-theme.min.css.map similarity index 100% rename from roles/httpd/files/html/css/bootstrap-theme.min.css.map rename to roles/web_support/files/html/css/bootstrap-theme.min.css.map diff --git a/roles/httpd/files/html/css/bootstrap.css b/roles/web_support/files/html/css/bootstrap.css similarity index 100% rename from roles/httpd/files/html/css/bootstrap.css rename to roles/web_support/files/html/css/bootstrap.css diff --git a/roles/httpd/files/html/css/bootstrap.css.map b/roles/web_support/files/html/css/bootstrap.css.map similarity index 100% rename from roles/httpd/files/html/css/bootstrap.css.map rename to roles/web_support/files/html/css/bootstrap.css.map diff --git a/roles/httpd/files/html/css/bootstrap.min.css b/roles/web_support/files/html/css/bootstrap.min.css similarity index 100% rename from roles/httpd/files/html/css/bootstrap.min.css rename to roles/web_support/files/html/css/bootstrap.min.css diff --git a/roles/httpd/files/html/css/bootstrap.min.css.map b/roles/web_support/files/html/css/bootstrap.min.css.map similarity index 100% rename from roles/httpd/files/html/css/bootstrap.min.css.map rename to roles/web_support/files/html/css/bootstrap.min.css.map diff --git a/roles/httpd/files/html/css/bootstrap4.min.css b/roles/web_support/files/html/css/bootstrap4.min.css similarity index 100% rename from roles/httpd/files/html/css/bootstrap4.min.css rename to roles/web_support/files/html/css/bootstrap4.min.css diff --git a/roles/httpd/files/html/css/fa.all.min.css b/roles/web_support/files/html/css/fa.all.min.css similarity index 100% rename from roles/httpd/files/html/css/fa.all.min.css rename to roles/web_support/files/html/css/fa.all.min.css diff --git a/roles/httpd/files/html/css/font-faces.css b/roles/web_support/files/html/css/font-faces.css similarity index 100% rename from roles/httpd/files/html/css/font-faces.css rename to roles/web_support/files/html/css/font-faces.css diff --git a/roles/httpd/files/html/css/xo-common.css b/roles/web_support/files/html/css/xo-common.css similarity index 100% rename from roles/httpd/files/html/css/xo-common.css rename to roles/web_support/files/html/css/xo-common.css diff --git a/roles/httpd/files/html/fonts/bubblegum-sans-v6-latin-regular.woff b/roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff similarity index 100% rename from roles/httpd/files/html/fonts/bubblegum-sans-v6-latin-regular.woff rename to roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff diff --git a/roles/httpd/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 b/roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 rename to roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 diff --git a/roles/httpd/files/html/fonts/fa-solid-900.woff b/roles/web_support/files/html/fonts/fa-solid-900.woff similarity index 100% rename from roles/httpd/files/html/fonts/fa-solid-900.woff rename to roles/web_support/files/html/fonts/fa-solid-900.woff diff --git a/roles/httpd/files/html/fonts/fa-solid-900.woff2 b/roles/web_support/files/html/fonts/fa-solid-900.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/fa-solid-900.woff2 rename to roles/web_support/files/html/fonts/fa-solid-900.woff2 diff --git a/roles/httpd/files/html/fonts/finger-paint-v7-latin-regular.woff b/roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff similarity index 100% rename from roles/httpd/files/html/fonts/finger-paint-v7-latin-regular.woff rename to roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff diff --git a/roles/httpd/files/html/fonts/finger-paint-v7-latin-regular.woff2 b/roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/finger-paint-v7-latin-regular.woff2 rename to roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff2 diff --git a/roles/httpd/files/html/fonts/flavors-v6-latin-regular.woff b/roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff similarity index 100% rename from roles/httpd/files/html/fonts/flavors-v6-latin-regular.woff rename to roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff diff --git a/roles/httpd/files/html/fonts/flavors-v6-latin-regular.woff2 b/roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/flavors-v6-latin-regular.woff2 rename to roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff2 diff --git a/roles/httpd/files/html/fonts/freckle-face-v6-latin-regular.woff b/roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff similarity index 100% rename from roles/httpd/files/html/fonts/freckle-face-v6-latin-regular.woff rename to roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff diff --git a/roles/httpd/files/html/fonts/freckle-face-v6-latin-regular.woff2 b/roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/freckle-face-v6-latin-regular.woff2 rename to roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff2 diff --git a/roles/httpd/files/html/fonts/glyphicons-halflings-regular.eot b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.eot similarity index 100% rename from roles/httpd/files/html/fonts/glyphicons-halflings-regular.eot rename to roles/web_support/files/html/fonts/glyphicons-halflings-regular.eot diff --git a/roles/httpd/files/html/fonts/glyphicons-halflings-regular.svg b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.svg similarity index 100% rename from roles/httpd/files/html/fonts/glyphicons-halflings-regular.svg rename to roles/web_support/files/html/fonts/glyphicons-halflings-regular.svg diff --git a/roles/httpd/files/html/fonts/glyphicons-halflings-regular.ttf b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.ttf similarity index 100% rename from roles/httpd/files/html/fonts/glyphicons-halflings-regular.ttf rename to roles/web_support/files/html/fonts/glyphicons-halflings-regular.ttf diff --git a/roles/httpd/files/html/fonts/glyphicons-halflings-regular.woff b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.woff similarity index 100% rename from roles/httpd/files/html/fonts/glyphicons-halflings-regular.woff rename to roles/web_support/files/html/fonts/glyphicons-halflings-regular.woff diff --git a/roles/httpd/files/html/fonts/open-sans-v15-latin-600.woff b/roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff similarity index 100% rename from roles/httpd/files/html/fonts/open-sans-v15-latin-600.woff rename to roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff diff --git a/roles/httpd/files/html/fonts/open-sans-v15-latin-600.woff2 b/roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/open-sans-v15-latin-600.woff2 rename to roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff2 diff --git a/roles/httpd/files/html/fonts/open-sans-v15-latin-700.woff b/roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff similarity index 100% rename from roles/httpd/files/html/fonts/open-sans-v15-latin-700.woff rename to roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff diff --git a/roles/httpd/files/html/fonts/open-sans-v15-latin-700.woff2 b/roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/open-sans-v15-latin-700.woff2 rename to roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff2 diff --git a/roles/httpd/files/html/fonts/open-sans-v15-latin-regular.woff b/roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff similarity index 100% rename from roles/httpd/files/html/fonts/open-sans-v15-latin-regular.woff rename to roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff diff --git a/roles/httpd/files/html/fonts/open-sans-v15-latin-regular.woff2 b/roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff2 similarity index 100% rename from roles/httpd/files/html/fonts/open-sans-v15-latin-regular.woff2 rename to roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff2 diff --git a/roles/httpd/files/html/html/credits.html b/roles/web_support/files/html/html/credits.html similarity index 100% rename from roles/httpd/files/html/html/credits.html rename to roles/web_support/files/html/html/credits.html diff --git a/roles/httpd/files/html/js/Markdown.Converter.js b/roles/web_support/files/html/js/Markdown.Converter.js similarity index 100% rename from roles/httpd/files/html/js/Markdown.Converter.js rename to roles/web_support/files/html/js/Markdown.Converter.js diff --git a/roles/httpd/files/html/js/Markdown.Sanitizer.js b/roles/web_support/files/html/js/Markdown.Sanitizer.js similarity index 100% rename from roles/httpd/files/html/js/Markdown.Sanitizer.js rename to roles/web_support/files/html/js/Markdown.Sanitizer.js diff --git a/roles/httpd/files/html/js/XMLDisplay.js b/roles/web_support/files/html/js/XMLDisplay.js similarity index 100% rename from roles/httpd/files/html/js/XMLDisplay.js rename to roles/web_support/files/html/js/XMLDisplay.js diff --git a/roles/httpd/files/html/js/bootstrap.js b/roles/web_support/files/html/js/bootstrap.js similarity index 100% rename from roles/httpd/files/html/js/bootstrap.js rename to roles/web_support/files/html/js/bootstrap.js diff --git a/roles/httpd/files/html/js/bootstrap.min.js b/roles/web_support/files/html/js/bootstrap.min.js similarity index 100% rename from roles/httpd/files/html/js/bootstrap.min.js rename to roles/web_support/files/html/js/bootstrap.min.js diff --git a/roles/httpd/files/html/js/bootstrap4.min.js b/roles/web_support/files/html/js/bootstrap4.min.js similarity index 100% rename from roles/httpd/files/html/js/bootstrap4.min.js rename to roles/web_support/files/html/js/bootstrap4.min.js diff --git a/roles/httpd/files/html/js/jquery.min.js b/roles/web_support/files/html/js/jquery.min.js similarity index 100% rename from roles/httpd/files/html/js/jquery.min.js rename to roles/web_support/files/html/js/jquery.min.js diff --git a/roles/httpd/files/html/services/power_off.php b/roles/web_support/files/html/services/power_off.php similarity index 100% rename from roles/httpd/files/html/services/power_off.php rename to roles/web_support/files/html/services/power_off.php diff --git a/roles/httpd/tasks/html.yml b/roles/web_support/tasks/html.yml similarity index 100% rename from roles/httpd/tasks/html.yml rename to roles/web_support/tasks/html.yml diff --git a/roles/web_support/tasks/main.yml b/roles/web_support/tasks/main.yml new file mode 100644 index 000000000..d6accbdc9 --- /dev/null +++ b/roles/web_support/tasks/main.yml @@ -0,0 +1,36 @@ +- include_tasks: html.yml + + +- include_tasks: php-stem.yml + +# DOES THE FLAG BELOW (apache_high_php_limits) WORK WITH NGINX TOO? + +# For schools that use WordPress/Nextcloud/Moodle intensively. iiab/iiab#1147 +# WARNING: Enabling this might cause excess use of RAM/disk or other resources! +- name: Enact high limits in /etc/php/{{ php_version }}/{{ apache_service }}/php.ini if using WordPress/Nextcloud/Moodle intensively + lineinfile: + path: "/etc/php/{{ php_version }}/{{ apache_service }}/php.ini" + regexp: "{{ item.regexp }}" + line: "{{ item.line }}" + when: apache_high_php_limits | bool + with_items: + - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 500M ; default is 2M' } + - { regexp: '^post_max_size', line: 'post_max_size = 500M ; default is 8M' } + - { regexp: '^memory_limit', line: 'memory_limit = 256M ; default is 128M / Nextcloud requests 512M' } + - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' } + - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } + + +- name: Create dir {{ doc_root }}/info for http://box/info offline docs + file: + state: directory + path: "{{ doc_root }}/info" # /library/www/html + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + #mode: '0755' + +- name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (Script can be run manually and/or at the end of Stage 4 = roles/4-server-options/tasks/main.yml) + template: + src: iiab-refresh-wiki-docs.sh + dest: /usr/bin/iiab-refresh-wiki-docs + mode: '0755' diff --git a/roles/httpd/tasks/php-stem.yml b/roles/web_support/tasks/php-stem.yml similarity index 93% rename from roles/httpd/tasks/php-stem.yml rename to roles/web_support/tasks/php-stem.yml index 395c69378..8678e4d33 100644 --- a/roles/httpd/tasks/php-stem.yml +++ b/roles/web_support/tasks/php-stem.yml @@ -23,7 +23,7 @@ remote_src: yes when: ansible_machine == "x86_64" -# link to php done in nginx when php-fpm is installed +# link to php done in roles/nginx/tasks/install.yml when php-fpm is installed # Not sure what to do for apache, so do nothing for now diff --git a/roles/httpd/templates/020_apache_poweroff.j2 b/roles/web_support/templates/020_apache_poweroff.j2 similarity index 100% rename from roles/httpd/templates/020_apache_poweroff.j2 rename to roles/web_support/templates/020_apache_poweroff.j2 diff --git a/roles/httpd/templates/refresh-wiki-docs.sh b/roles/web_support/templates/iiab-refresh-wiki-docs.sh similarity index 100% rename from roles/httpd/templates/refresh-wiki-docs.sh rename to roles/web_support/templates/iiab-refresh-wiki-docs.sh From 5247b7f00c9221346500603707cc14d0749c1c39 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 03:14:57 -0500 Subject: [PATCH 05/23] Update roles/3-base-server/tasks/main.yml --- roles/3-base-server/tasks/main.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index e42cefcef..648388ca0 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -14,15 +14,14 @@ #when: web_support_install | bool when: apache_install or nginx_install -- name: APACHE (install now, configure LATER in Stage 9) +- name: APACHE include_role: name: httpd when: apache_install | bool -- name: NGINX (install now, configure LATER in Stage 9) +- name: NGINX include_role: name: nginx - #include_tasks: roles/nginx/tasks/install.yml when: nginx_install | bool - name: dnsmasq (install now, configure LATER in 'network') From 1779f9db40c32576402451248a1ae51113b7c777 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 03:38:04 -0500 Subject: [PATCH 06/23] Update 3-base-server & 4-server-options --- roles/3-base-server/tasks/main.yml | 4 ++-- roles/4-server-options/tasks/main.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 648388ca0..4c4b0fff9 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -14,7 +14,7 @@ #when: web_support_install | bool when: apache_install or nginx_install -- name: APACHE +- name: HTTPD (Apache) include_role: name: httpd when: apache_install | bool @@ -24,7 +24,7 @@ name: nginx when: nginx_install | bool -- name: dnsmasq (install now, configure LATER in 'network') +- name: dnsmasq (install now, configure LATER in 'network', after Stage 9) include_tasks: roles/network/tasks/dnsmasq.yml when: dnsmasq_install | bool diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 7af710e70..c72b27065 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -48,7 +48,7 @@ - name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_apache_poweroff from template template: - src: 020_apache_poweroff.j2 + src: roles/web_support/templates/020_apache_poweroff.j2 dest: /etc/sudoers.d/020_apache_poweroff mode: '0755' when: apache_allow_sudo | bool From 7b067ca2ab500bb6858b31523d254839b6a5ee42 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 04:02:50 -0500 Subject: [PATCH 07/23] Update internetarchive/tasks/install.yml --- roles/internetarchive/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index 3985956a9..41896e647 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -41,7 +41,7 @@ state: absent path: "{{ internetarchive_dir }}/node_modules" -- name: Run 'yarn add @internetarchive/dweb-mirror' to download/populate {{ internetarchive_dir }}/node_modules (CAN TAKE ~15 MINUTES) +- name: Run 'yarn add @internetarchive/dweb-mirror' to download/populate {{ internetarchive_dir }}/node_modules (CAN TAKE ~5 MINUTES) shell: yarn config set child-concurrency 1 && yarn add @internetarchive/dweb-mirror args: chdir: "{{ internetarchive_dir }}" From ac8e160e522b4d9bf63a550b974cf14b6d86404f Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 05:23:57 -0500 Subject: [PATCH 08/23] Interim solution to iiab_home_url not being softcoded --- .../homepage/tasks/main.yml | 21 ++++++++++++++ .../homepage/templates/iiab-homepage.conf | 0 roles/3-base-server/tasks/main.yml | 1 - roles/4-server-options/tasks/main.yml | 10 +++---- roles/homepage/tasks/main.yml | 19 ------------ roles/httpd/tasks/install.yml | 29 +++++++++++++++++++ roles/httpd/tasks/main.yml | 8 ----- roles/httpd/templates/iiab-homepage.conf | 9 ++++++ roles/web_support/tasks/main.yml | 11 +++++++ 9 files changed, 74 insertions(+), 34 deletions(-) create mode 100644 roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml rename roles/{ => 0-DEPRECATED-ROLES}/homepage/templates/iiab-homepage.conf (100%) delete mode 100644 roles/homepage/tasks/main.yml create mode 100644 roles/httpd/templates/iiab-homepage.conf diff --git a/roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml b/roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml new file mode 100644 index 000000000..10203e4cd --- /dev/null +++ b/roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml @@ -0,0 +1,21 @@ +- name: Create dir {{ doc_root }}/home + file: + state: directory + path: "{{ doc_root }}/home" # /library/www/html + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + mode: '0755' + +- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ + template: + src: iiab-homepage.conf + dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" + +#- name: Symlink /etc/apache2/sites-enabled/iiab-homepage.conf to /etc/{{ apache_conf_dir }}/iiab-homepage.conf (debuntu) +- name: Enable iiab-homepage.conf via Apache + command: a2ensite: iiab-homepage.conf + # file: + # src: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" + # path: /etc/apache2/sites-enabled/iiab-homepage.conf + # state: link + # when: is_debuntu | bool diff --git a/roles/homepage/templates/iiab-homepage.conf b/roles/0-DEPRECATED-ROLES/homepage/templates/iiab-homepage.conf similarity index 100% rename from roles/homepage/templates/iiab-homepage.conf rename to roles/0-DEPRECATED-ROLES/homepage/templates/iiab-homepage.conf diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 4c4b0fff9..715d59b1c 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -11,7 +11,6 @@ - name: WEB_SUPPORT include_role: name: web_support - #when: web_support_install | bool when: apache_install or nginx_install - name: HTTPD (Apache) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index c72b27065..ebe33c7ab 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -27,12 +27,10 @@ name: usb_lib when: usb_lib_install | bool -# This is in Stage 4-SERVER-OPTIONS (rather than 3-BASE-SERVER) because var -# iiab_home_url changes, and may need to be re-run in the field/offline/etc. -- name: HOMEPAGE under Apache - include_role: - name: homepage - when: not nginx_enabled +# 2020-02-12: what was roles/homepage lives in roles/web_support & roles/httpd +# for now. Eventually softcoding of iiab_home_url should happen everywhere +# (incl Admin Console) to allow more field options, e.g. changing +# /library/www/html/home even when offline... - name: CUPS include_role: diff --git a/roles/homepage/tasks/main.yml b/roles/homepage/tasks/main.yml deleted file mode 100644 index d54a806ee..000000000 --- a/roles/homepage/tasks/main.yml +++ /dev/null @@ -1,19 +0,0 @@ -- name: Create dir {{ doc_root }}/home - file: - path: "{{ doc_root }}/home" - owner: "{{ apache_user }}" - group: "{{ apache_user }}" - mode: 0755 - state: directory - -- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ - template: - src: iiab-homepage.conf - dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" - -- name: Symlink /etc/apache2/sites-enabled/iiab-homepage.conf to /etc/{{ apache_conf_dir }}/iiab-homepage.conf (debuntu) - file: - src: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" - path: /etc/apache2/sites-enabled/iiab-homepage.conf - state: link - when: is_debuntu | bool diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index df3998db9..076488a85 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -147,6 +147,35 @@ - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_conf_dir }}/010-iiab.conf' } - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_conf_dir }}/proxy_ajp.conf' } +- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ + template: + src: iiab-homepage.conf + dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" + +- name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) by running 'a2ensite 010-iiab.conf'" + command: a2ensite 010-iiab.conf + #when: apache_enabled | bool + +# - name: Disable IIAB pages via Apache (e.g. on port 80) by running 'a2dissite 010-iiab.conf', if not apache_enabled" +# command: a2dissite 010-iiab.conf +# when: not apache_enabled + +# MOVED FROM roles/homepage/tasks/main.yml (as NGINX-only IIAB's won't need it) +# and 'mkdir /library/www/html/home' is now done by roles/web_support for Admin +# Console which hard-codes that as a requirement as of 2020-02-12. +# +# './runrole --reinstall apache' is a decent solution today, for folks needing +# changes, but to make sure such things work in the field/offline/etc: soft- +# coding of iiab_home_url should probably be taken more seriously thruout IIAB! +# +- name: "IN CASE NGINX IS DISABLED: Enable iiab-homepage.conf via Apache (e.g. on port 80) by running 'a2ensite iiab-homepage.conf'" + command: a2ensite: iiab-homepage.conf + #when: apache_enabled | bool + +# - name: Disable IIAB pages via Apache (e.g. on port 80) by running 'a2dissite iiab-homepage.conf', if not apache_enabled" +# command: a2dissite iiab-homepage.conf +# when: not apache_enabled + # - name: Enable & Stop '{{ apache_service }}' systemd service # systemd: # name: "{{ apache_service }}" diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 266ab1693..85795c048 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -42,14 +42,6 @@ when: apache_installed is undefined -- name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) by running 'a2ensite 010-iiab.conf', if apache_enabled" - command: a2ensite 010-iiab.conf - when: apache_enabled | bool - -- name: Disable IIAB pages via Apache (e.g. on port 80) by running 'a2dissite 010-iiab.conf', if not apache_enabled" - command: a2dissite 010-iiab.conf - when: not apache_enabled - - name: Enable & (Re)Start {{ apache_service }} systemd service, if apache_enabled systemd: name: "{{ apache_service }}" diff --git a/roles/httpd/templates/iiab-homepage.conf b/roles/httpd/templates/iiab-homepage.conf new file mode 100644 index 000000000..0fc7a8e2e --- /dev/null +++ b/roles/httpd/templates/iiab-homepage.conf @@ -0,0 +1,9 @@ +# IIAB Home Page + +# Redirect to home page on School Server +# Default [was] xs-portal [and is now generally] home + +# RedirectMatch of root to homepage +# See the note in default_vars.yml + +RedirectMatch ^/$ {{ iiab_home_url }} diff --git a/roles/web_support/tasks/main.yml b/roles/web_support/tasks/main.yml index d6accbdc9..4594125bf 100644 --- a/roles/web_support/tasks/main.yml +++ b/roles/web_support/tasks/main.yml @@ -21,6 +21,17 @@ - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } +# 2020-02-12: *REQUIRED* by iiab-admin-console/roles/js-menu/tasks/main.yml, +# which should probably instead softcode iiab_home_url as set in local_vars.yml +- name: Create dir {{ doc_root }}/home + file: + state: directory + path: "{{ doc_root }}/home" # /library/www/html + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + mode: '0755' + + - name: Create dir {{ doc_root }}/info for http://box/info offline docs file: state: directory From 4b1b2780deb9cd7e2e7f3ac9f75c36e777238c08 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 05:45:48 -0500 Subject: [PATCH 09/23] Cleaner roles/web_support & httpd/tasks/install.yml --- roles/httpd/tasks/install.yml | 4 +- .../files/html/assets/lang_codes.json | 0 .../files/html/css/bootstrap-theme.css | 0 .../files/html/css/bootstrap-theme.css.map | 0 .../files/html/css/bootstrap-theme.min.css | 0 .../web_support/files/html/css/bootstrap.css | 0 .../files/html/css/bootstrap.css.map | 0 .../files/html/css/bootstrap.min.css | 0 .../web_support/files/html/css/xo-common.css | 0 .../fonts/glyphicons-halflings-regular.eot | Bin .../fonts/glyphicons-halflings-regular.svg | 0 .../fonts/glyphicons-halflings-regular.ttf | Bin .../fonts/glyphicons-halflings-regular.woff | Bin .../web_support/files/html/html/credits.html | 0 .../files/html/js/Markdown.Converter.js | 0 .../files/html/js/Markdown.Sanitizer.js | 0 roles/web_support/files/html/js/XMLDisplay.js | 0 roles/web_support/files/html/js/bootstrap.js | 0 .../files/html/js/bootstrap.min.js | 0 roles/web_support/files/html/js/jquery.min.js | 0 roles/web_support/tasks/html.yml | 72 +++++++++--------- 21 files changed, 38 insertions(+), 38 deletions(-) mode change 100755 => 100644 roles/web_support/files/html/assets/lang_codes.json mode change 100755 => 100644 roles/web_support/files/html/css/bootstrap-theme.css mode change 100755 => 100644 roles/web_support/files/html/css/bootstrap-theme.css.map mode change 100755 => 100644 roles/web_support/files/html/css/bootstrap-theme.min.css mode change 100755 => 100644 roles/web_support/files/html/css/bootstrap.css mode change 100755 => 100644 roles/web_support/files/html/css/bootstrap.css.map mode change 100755 => 100644 roles/web_support/files/html/css/bootstrap.min.css mode change 100755 => 100644 roles/web_support/files/html/css/xo-common.css mode change 100755 => 100644 roles/web_support/files/html/fonts/glyphicons-halflings-regular.eot mode change 100755 => 100644 roles/web_support/files/html/fonts/glyphicons-halflings-regular.svg mode change 100755 => 100644 roles/web_support/files/html/fonts/glyphicons-halflings-regular.ttf mode change 100755 => 100644 roles/web_support/files/html/fonts/glyphicons-halflings-regular.woff mode change 100755 => 100644 roles/web_support/files/html/html/credits.html mode change 100755 => 100644 roles/web_support/files/html/js/Markdown.Converter.js mode change 100755 => 100644 roles/web_support/files/html/js/Markdown.Sanitizer.js mode change 100755 => 100644 roles/web_support/files/html/js/XMLDisplay.js mode change 100755 => 100644 roles/web_support/files/html/js/bootstrap.js mode change 100755 => 100644 roles/web_support/files/html/js/bootstrap.min.js mode change 100755 => 100644 roles/web_support/files/html/js/jquery.min.js diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index 076488a85..1f9ce1629 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -162,14 +162,14 @@ # MOVED FROM roles/homepage/tasks/main.yml (as NGINX-only IIAB's won't need it) # and 'mkdir /library/www/html/home' is now done by roles/web_support for Admin -# Console which hard-codes that as a requirement as of 2020-02-12. +# Console which hard-codes that as a requirement, as of 2020-02-12. # # './runrole --reinstall apache' is a decent solution today, for folks needing # changes, but to make sure such things work in the field/offline/etc: soft- # coding of iiab_home_url should probably be taken more seriously thruout IIAB! # - name: "IN CASE NGINX IS DISABLED: Enable iiab-homepage.conf via Apache (e.g. on port 80) by running 'a2ensite iiab-homepage.conf'" - command: a2ensite: iiab-homepage.conf + command: a2ensite iiab-homepage.conf #when: apache_enabled | bool # - name: Disable IIAB pages via Apache (e.g. on port 80) by running 'a2dissite iiab-homepage.conf', if not apache_enabled" diff --git a/roles/web_support/files/html/assets/lang_codes.json b/roles/web_support/files/html/assets/lang_codes.json old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/css/bootstrap-theme.css b/roles/web_support/files/html/css/bootstrap-theme.css old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/css/bootstrap-theme.css.map b/roles/web_support/files/html/css/bootstrap-theme.css.map old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/css/bootstrap-theme.min.css b/roles/web_support/files/html/css/bootstrap-theme.min.css old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/css/bootstrap.css b/roles/web_support/files/html/css/bootstrap.css old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/css/bootstrap.css.map b/roles/web_support/files/html/css/bootstrap.css.map old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/css/bootstrap.min.css b/roles/web_support/files/html/css/bootstrap.min.css old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/css/xo-common.css b/roles/web_support/files/html/css/xo-common.css old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.eot b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.eot old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.svg b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.svg old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.ttf b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.ttf old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.woff b/roles/web_support/files/html/fonts/glyphicons-halflings-regular.woff old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/html/credits.html b/roles/web_support/files/html/html/credits.html old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/js/Markdown.Converter.js b/roles/web_support/files/html/js/Markdown.Converter.js old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/js/Markdown.Sanitizer.js b/roles/web_support/files/html/js/Markdown.Sanitizer.js old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/js/XMLDisplay.js b/roles/web_support/files/html/js/XMLDisplay.js old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/js/bootstrap.js b/roles/web_support/files/html/js/bootstrap.js old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/js/bootstrap.min.js b/roles/web_support/files/html/js/bootstrap.min.js old mode 100755 new mode 100644 diff --git a/roles/web_support/files/html/js/jquery.min.js b/roles/web_support/files/html/js/jquery.min.js old mode 100755 new mode 100644 diff --git a/roles/web_support/tasks/html.yml b/roles/web_support/tasks/html.yml index 1ea7d920a..a0f51e363 100644 --- a/roles/web_support/tasks/html.yml +++ b/roles/web_support/tasks/html.yml @@ -1,68 +1,68 @@ -- name: Copy css files to {{ doc_root }}/common/css # doc_root is /library/www/html +- name: Copy css files to {{ doc_root }}/common/css copy: src: "{{ item }}" - dest: "{{ doc_root }}/common/css" - mode: 0644 - owner: root - group: root + dest: "{{ doc_root }}/common/css" # /library/www/html + # owner: root + # group: root + # mode: '0644' with_fileglob: - html/css/*.css -- name: Copy js files to {{ doc_root }}/common/js # doc_root is /library/www/html +- name: Copy js files to {{ doc_root }}/common/js copy: src: "{{ item }}" - dest: "{{ doc_root }}/common/js" - mode: 0644 - owner: root - group: root + dest: "{{ doc_root }}/common/js" # /library/www/html + # owner: root + # group: root + # mode: '0644' with_fileglob: - html/js/*.js -- name: Copy fonts files to {{ doc_root }}/common/fonts # doc_root is /library/www/html +- name: Copy fonts files to {{ doc_root }}/common/fonts copy: src: "{{ item }}" - dest: "{{ doc_root }}/common/fonts" - mode: 0644 - owner: root - group: root + dest: "{{ doc_root }}/common/fonts" # /library/www/html + # owner: root + # group: root + # mode: '0644' with_fileglob: - html/fonts/* -- name: Copy html files to {{ doc_root }}/common/html # doc_root is /library/www/html +- name: Copy html files to {{ doc_root }}/common/html copy: src: "{{ item }}" - dest: "{{ doc_root }}/common/html" - mode: 0644 - owner: root - group: root + dest: "{{ doc_root }}/common/html" # /library/www/html + # owner: root + # group: root + # mode: '0644' with_fileglob: - html/html/* -- name: Copy assets files to {{ doc_root }}/common/assets # doc_root is /library/www/html +- name: Copy assets files to {{ doc_root }}/common/assets copy: src: "{{ item }}" - dest: "{{ doc_root }}/common/assets" - mode: 0644 - owner: root - group: root + dest: "{{ doc_root }}/common/assets" # /library/www/html + # owner: root + # group: root + # mode: '0644' with_fileglob: - html/assets/* -# copy all services, even if not permissioned elsewhere -- name: Copy services files to {{ doc_root }}/common/services # doc_root is /library/www/html +# Copy all services, even if not permissioned elsewhere +- name: Copy services files to {{ doc_root }}/common/services copy: src: "{{ item }}" - dest: "{{ doc_root }}/common/services" - mode: 0644 - owner: root - group: root + dest: "{{ doc_root }}/common/services" # /library/www/html + # owner: root + # group: root + # mode: '0644' with_fileglob: - html/services/* -- name: Symlink {{ doc_root }}/common/assets/iiab.ini to {{ iiab_ini_file }} # doc_root is /library/www/html +- name: Symlink {{ doc_root }}/common/assets/iiab.ini -> {{ iiab_ini_file }} file: - src: "{{ iiab_ini_file }}" - path: "{{ doc_root }}/common/assets/iiab.ini" - owner: root - group: root + src: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + path: "{{ doc_root }}/common/assets/iiab.ini" # /library/www/html + # owner: root + # group: root state: link From 692461d193c962f53a91f50a3ef5986451452968 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 06:27:23 -0500 Subject: [PATCH 10/23] Update 0-DEPRECATED-ROLES/homepage/tasks/main.yml --- roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml b/roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml index 10203e4cd..d3eccd12c 100644 --- a/roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/homepage/tasks/main.yml @@ -13,7 +13,7 @@ #- name: Symlink /etc/apache2/sites-enabled/iiab-homepage.conf to /etc/{{ apache_conf_dir }}/iiab-homepage.conf (debuntu) - name: Enable iiab-homepage.conf via Apache - command: a2ensite: iiab-homepage.conf + command: a2ensite iiab-homepage.conf # file: # src: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" # path: /etc/apache2/sites-enabled/iiab-homepage.conf From 494dad9f125862efcb2bf4fd939a05a28be5feef Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 06:57:14 -0500 Subject: [PATCH 11/23] Typo, comments refined --- roles/4-server-options/tasks/main.yml | 3 ++- roles/httpd/tasks/main.yml | 11 ----------- roles/nginx/tasks/enable-or-disable.yml | 8 ++++---- roles/nginx/tasks/install.yml | 4 ++-- roles/web_support/tasks/main.yml | 3 ++- 5 files changed, 10 insertions(+), 19 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index ebe33c7ab..56ed4e2cb 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -42,7 +42,8 @@ name: samba when: samba_install | bool -# DOES THE FLAG BELOW (apache_allow_sudo) WORK WITH NGINX TOO ? +# 2020-02-12: DOES THE FLAG BELOW (apache_allow_sudo) WORK WITH NGINX TOO ? +# COMPARE apache_high_php_limits @ web_support/tasks/main.yml - name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_apache_poweroff from template template: diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 85795c048..300a315dc 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -1,14 +1,3 @@ -# 2020-01-23 TO DO / Questions: -# - [DONE] Validate input vars apache_install & apache_enabled here. -# - Use as nec, with 'when: apache_installed is undefined' -# - [DONE: moved them to roles/web_support] Encapsulate all 3 tasks below into httpd/roles/install.yml ? -# - Similarly sanity-check httpd/roles/enable.yml or httpd/roles/enable-or-disable.yml... -# - Verify that 9-local-addons/tasks/main.yml's invocation of -# roles/httpd/tasks/enable.yml (via roles/httpd-enable/tasks/main.yml, if -# apache_enabled is True) does the right thing! -# - And that we really don't want to invoke it hereunder? -# - [DONE] Save relevant apache_* vars to /etc/iiab/iiab.ini - # "How do i fail a task in Ansible if the variable contains a boolean value? # I want to perform input validation for Ansible playbooks" # https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index cf4c52488..edd6cb2a8 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -1,23 +1,23 @@ - name: Ensure that Apache (({{ apache_service }})) is not running -- we may need port swap systemd: - name: "{{ apache_service }}" + name: "{{ apache_service }}" # apache2 or httpd, per /opt/iiab/iiab/vars/.yml state: stopped - name: Install /etc/{{ apache_service }}/ports.conf from template 1 of 2 (ports.conf.j2) if nginx_enabled, to enable Apache port {{ apache_port }} localhost only template: src: ports.conf.j2 - dest: "/etc/{{ apache_service }}/ports.conf" + dest: "/etc/{{ apache_service }}/ports.conf" # apache2 or httpd when: nginx_enabled | bool - name: Install /etc/{{ apache_service }}/ports.conf from template 2 of 2 (stock-apache-ports.conf) if not nginx_enabled, to disable Apache port {{ apache_port }} localhost only template: src: stock-apache-ports.conf - dest: "/etc/{{ apache_service }}/ports.conf" + dest: "/etc/{{ apache_service }}/ports.conf" # apache2 or httpd when: not nginx_enabled - name: Enable & Restart '{{ apache_service }}' if apache_enabled or not nginx_enabled, since we stopped it systemd: - name: "{{ apache_service }}" + name: "{{ apache_service }}" # apache2 or httpd, per /opt/iiab/iiab/vars/.yml daemon_reload: yes state: restarted enabled: true diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index d63c85e9e..313a877ae 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -29,7 +29,7 @@ path: /etc/nginx/sites-enabled/default state: absent -- name: 'Install 3-or-4 files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf' +- name: 'Install 3 files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, {{ nginx_conf_dir }}/iiab.conf' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -37,7 +37,7 @@ - { src: 'server.conf.j2', dest: '/etc/nginx/server.conf' } - { src: 'nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } #- { src: 'ports.conf.j2', dest: '/etc/{{ apache_service }}/ports.conf' } # Moved to enable-or-disable.yml - - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } + - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # /etc/nginx/conf.d # php-stem extension installed by roles/web_support/tasks/php-stem.yml # here it is linked to php-fpm diff --git a/roles/web_support/tasks/main.yml b/roles/web_support/tasks/main.yml index 4594125bf..3d1f05b22 100644 --- a/roles/web_support/tasks/main.yml +++ b/roles/web_support/tasks/main.yml @@ -3,7 +3,8 @@ - include_tasks: php-stem.yml -# DOES THE FLAG BELOW (apache_high_php_limits) WORK WITH NGINX TOO? +# 2020-02-12: DOES THE FLAG BELOW (apache_high_php_limits) WORK WITH NGINX TOO? +# COMPARE apache_allow_sudo @ 4-server-options/tasks/main.yml # For schools that use WordPress/Nextcloud/Moodle intensively. iiab/iiab#1147 # WARNING: Enabling this might cause excess use of RAM/disk or other resources! From 5f8745a794a86d85cb787f210c97b28ca08e9ff9 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 07:23:17 -0500 Subject: [PATCH 12/23] Clarify httpd/tasks/install.yml & web_support/tasks/main.yml --- roles/httpd/tasks/install.yml | 15 ++++++++------- roles/web_support/tasks/main.yml | 5 +++++ 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index 1f9ce1629..723f7bfdb 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -139,6 +139,7 @@ group: "{{ apache_user }}" mode: '0755' + - name: Install Apache's 010-iiab.conf & proxy_ajp.conf into /etc/apache2/sites-available, from templates template: src: "{{ item.src }}" @@ -147,11 +148,6 @@ - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_conf_dir }}/010-iiab.conf' } - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_conf_dir }}/proxy_ajp.conf' } -- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ - template: - src: iiab-homepage.conf - dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" - - name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) by running 'a2ensite 010-iiab.conf'" command: a2ensite 010-iiab.conf #when: apache_enabled | bool @@ -161,13 +157,18 @@ # when: not apache_enabled # MOVED FROM roles/homepage/tasks/main.yml (as NGINX-only IIAB's won't need it) -# and 'mkdir /library/www/html/home' is now done by roles/web_support for Admin -# Console which hard-codes that as a requirement, as of 2020-02-12. +# and 'mkdir /library/www/html/home' is now done by web_support/tasks/main.yml +# for Admin Console which hard-codes that as a requirement, as of 2020-02-12. # # './runrole --reinstall apache' is a decent solution today, for folks needing # changes, but to make sure such things work in the field/offline/etc: soft- # coding of iiab_home_url should probably be taken more seriously thruout IIAB! # +- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ + template: + src: iiab-homepage.conf + dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" + - name: "IN CASE NGINX IS DISABLED: Enable iiab-homepage.conf via Apache (e.g. on port 80) by running 'a2ensite iiab-homepage.conf'" command: a2ensite iiab-homepage.conf #when: apache_enabled | bool diff --git a/roles/web_support/tasks/main.yml b/roles/web_support/tasks/main.yml index 3d1f05b22..b75900b01 100644 --- a/roles/web_support/tasks/main.yml +++ b/roles/web_support/tasks/main.yml @@ -24,6 +24,11 @@ # 2020-02-12: *REQUIRED* by iiab-admin-console/roles/js-menu/tasks/main.yml, # which should probably instead softcode iiab_home_url as set in local_vars.yml +# +# SEE httpd/tasks/install.yml for related 'a2ensite iiab-homepage.conf' +# +# (Both mkdir & iiab-homepage.conf stuff used to be in homepage/tasks/main.yml) +# - name: Create dir {{ doc_root }}/home file: state: directory From b07bb5d3dbcd1755cdb0fdff9e497938a42cf9c4 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 07:45:04 -0500 Subject: [PATCH 13/23] Add 15 roles & Subtract 1: tests/test.yml --- tests/test.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/tests/test.yml b/tests/test.yml index 26f0b40b6..726ba679d 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -16,8 +16,12 @@ #- { role: ajenti } #- { role: authserver } - { role: awstats } + - { role: azuracast } + - { role: bluetooth } - { role: calibre } - { role: calibre-web } + - { role: captiveportal } + - { role: cham } - { role: cups } #- { role: debian_schooltool } #- { role: docker } @@ -25,28 +29,37 @@ #- { role: ejabberd } #- { role: ejabberd_xs } - { role: elgg } - - { role: homepage } + - { role: gitea } + #- { role: homepage } - { role: httpd } #- { role: idmgr } - { role: iiab-admin } + - { role: internetarchive } - { role: kalite } - { role: kiwix } - { role: kolibri } - { role: lokole } - { role: mediawiki } + - { role: minetest } - { role: mongodb } - { role: monit } - { role: moodle } #- { role: moodle-1.9 } + - { role: mosquitto } - { role: munin } - { role: mysql } - { role: network } - { role: nextcloud } + - { role: nginx } + - { role: nodejs } + - { role: nodered } #- { role: nodogsplash } - { role: openvpn } + - { role: osm-vectors-maps } #- { role: osm } #- { role: owncloud } #- { role: pathagar } + - { role: pbx } - { role: phpmyadmin } - { role: postgresql } #- { role: rachel } @@ -59,7 +72,9 @@ - { role: transmission } - { role: usb_lib } - { role: vnstat } + - { role: web-support } - { role: wordpress } + - { role: yarn } #- { roles: xovis } # Let's try to keep the above list synchronized with: From 14e085d91f7431025aed6c6025a9d1421537d10e Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 07:49:22 -0500 Subject: [PATCH 14/23] cham isn't ready for tests/test.yml --- tests/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test.yml b/tests/test.yml index 726ba679d..767aed6c0 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -21,7 +21,7 @@ - { role: calibre } - { role: calibre-web } - { role: captiveportal } - - { role: cham } + #- { role: cham } - { role: cups } #- { role: debian_schooltool } #- { role: docker } From 3f1b1e23aa6d18d0bedd3aabc16554b814400a30 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 07:52:13 -0500 Subject: [PATCH 15/23] Typo in tests/test.yml --- tests/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test.yml b/tests/test.yml index 767aed6c0..709891eec 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -55,7 +55,7 @@ - { role: nodered } #- { role: nodogsplash } - { role: openvpn } - - { role: osm-vectors-maps } + - { role: osm-vector-maps } #- { role: osm } #- { role: owncloud } #- { role: pathagar } From 8ae9e0a9fd84e61bfce0ec4a641f367654dc4b38 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 07:55:33 -0500 Subject: [PATCH 16/23] Another typo in tests/test.yml --- tests/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test.yml b/tests/test.yml index 709891eec..dae66056b 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -72,7 +72,7 @@ - { role: transmission } - { role: usb_lib } - { role: vnstat } - - { role: web-support } + - { role: web_support } - { role: wordpress } - { role: yarn } #- { roles: xovis } From 2342190016aba163a5cd193e2cf98132ab899c5c Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 10:31:08 -0500 Subject: [PATCH 17/23] /etc/iiab/iiab.ini section headers --- roles/httpd/tasks/main.yml | 2 +- roles/nginx/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 300a315dc..354212d7f 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -50,7 +50,7 @@ - name: Add 'apache' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini - section: wordpress + section: apache option: "{{ item.option }}" value: "{{ item.value | string }}" with_items: diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 54884bb0d..fb272a29c 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -37,7 +37,7 @@ - name: Add 'nginx' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini - section: wordpress + section: nginx option: "{{ item.option }}" value: "{{ item.value | string }}" with_items: From c2bda065455555f4788e87d12651a0aabe2dd07e Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 16:49:43 -0500 Subject: [PATCH 18/23] Apache must be off when NGINX installs --- roles/4-server-options/tasks/main.yml | 2 +- roles/nginx/tasks/install.yml | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 56ed4e2cb..0decf2a4b 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -58,7 +58,7 @@ state: absent when: not apache_allow_sudo -- name: Run /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (This script was installed at the beginning of Stage 3 = roles/3-base-server/tasks/main.yml, which ran Apache playbook = roles/httpd/tasks/main.yml) +- name: Run /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (This script was installed in Stage 3 = roles/3-base-server/tasks/main.yml, which ran roles/web_support/tasks/main.yml) command: /usr/bin/iiab-refresh-wiki-docs when: internet_available and not nodocs diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 313a877ae..6b3a7e25b 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -8,6 +8,12 @@ - { path: "{{ nginx_conf_dir }}/usb-lib.conf" } - { path: "{{ nginx_conf_dir }}/modules.conf" } +- name: Stop '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, per /opt/iiab/iiab/vars/.yml + state: stopped + ignore_errors: yes + - name: Install required and helper packages for NGINX package: name: "{{ item }}" @@ -21,7 +27,7 @@ - name: Add user '{{ apache_user }}' to shadow group, so it can authenticate Admin Console user: - name: "{{ apache_user }}" + name: "{{ apache_user }}" # www-data or apache, per /opt/iiab/iiab/vars/.yml groups: shadow - name: Remove NGINX default config /etc/nginx/sites-enabled/default From efd62be6060c2d6be9239769c7f09d277fae35dd Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 20:53:36 -0500 Subject: [PATCH 19/23] Try roles/www_back_end in Stage 3 & roles/www_front_end in Stage 4 --- roles/3-base-server/tasks/main.yml | 7 +- roles/4-server-options/tasks/main.yml | 32 +++------ roles/9-local-addons/tasks/main.yml | 4 +- roles/httpd/tasks/homepage.yml | 17 +++++ roles/httpd/tasks/install.yml | 23 +------ roles/nginx/tasks/enable-or-disable.yml | 4 +- roles/nginx/tasks/homepage.yml | 9 +++ roles/nginx/tasks/install.yml | 10 ++- .../files/html/assets/lang_codes.json | 0 .../files/html/css/bootstrap-theme.css | 0 .../files/html/css/bootstrap-theme.css.map | 0 .../files/html/css/bootstrap-theme.min.css | 0 .../html/css/bootstrap-theme.min.css.map | 0 .../files/html/css/bootstrap.css | 0 .../files/html/css/bootstrap.css.map | 0 .../files/html/css/bootstrap.min.css | 0 .../files/html/css/bootstrap.min.css.map | 0 .../files/html/css/bootstrap4.min.css | 0 .../files/html/css/fa.all.min.css | 0 .../files/html/css/font-faces.css | 0 .../files/html/css/xo-common.css | 0 .../bubblegum-sans-v6-latin-regular.woff | Bin .../bubblegum-sans-v6-latin-regular.woff2 | Bin .../files/html/fonts/fa-solid-900.woff | Bin .../files/html/fonts/fa-solid-900.woff2 | Bin .../fonts/finger-paint-v7-latin-regular.woff | Bin .../fonts/finger-paint-v7-latin-regular.woff2 | Bin .../html/fonts/flavors-v6-latin-regular.woff | Bin .../html/fonts/flavors-v6-latin-regular.woff2 | Bin .../fonts/freckle-face-v6-latin-regular.woff | Bin .../fonts/freckle-face-v6-latin-regular.woff2 | Bin .../fonts/glyphicons-halflings-regular.eot | Bin .../fonts/glyphicons-halflings-regular.svg | 0 .../fonts/glyphicons-halflings-regular.ttf | Bin .../fonts/glyphicons-halflings-regular.woff | Bin .../html/fonts/open-sans-v15-latin-600.woff | Bin .../html/fonts/open-sans-v15-latin-600.woff2 | Bin .../html/fonts/open-sans-v15-latin-700.woff | Bin .../html/fonts/open-sans-v15-latin-700.woff2 | Bin .../fonts/open-sans-v15-latin-regular.woff | Bin .../fonts/open-sans-v15-latin-regular.woff2 | Bin .../files/html/html/credits.html | 0 .../files/html/js/Markdown.Converter.js | 0 .../files/html/js/Markdown.Sanitizer.js | 0 .../files/html/js/XMLDisplay.js | 0 .../files/html/js/bootstrap.js | 0 .../files/html/js/bootstrap.min.js | 0 .../files/html/js/bootstrap4.min.js | 0 .../files/html/js/jquery.min.js | 0 .../files/html/services/power_off.php | 0 .../tasks/html.yml | 0 .../tasks/main.yml | 35 ++++++---- .../tasks/php-stem.yml | 0 .../templates/iiab-refresh-wiki-docs.sh | 0 roles/www_front_end/tasks/main.yml | 61 ++++++++++++++++++ .../templates/020_apache_poweroff.j2 | 0 tests/test.yml | 3 +- 57 files changed, 139 insertions(+), 66 deletions(-) create mode 100644 roles/httpd/tasks/homepage.yml create mode 100644 roles/nginx/tasks/homepage.yml rename roles/{web_support => www_back_end}/files/html/assets/lang_codes.json (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap-theme.css (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap-theme.css.map (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap-theme.min.css (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap-theme.min.css.map (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap.css (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap.css.map (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap.min.css (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap.min.css.map (100%) rename roles/{web_support => www_back_end}/files/html/css/bootstrap4.min.css (100%) rename roles/{web_support => www_back_end}/files/html/css/fa.all.min.css (100%) rename roles/{web_support => www_back_end}/files/html/css/font-faces.css (100%) rename roles/{web_support => www_back_end}/files/html/css/xo-common.css (100%) rename roles/{web_support => www_back_end}/files/html/fonts/bubblegum-sans-v6-latin-regular.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/fonts/fa-solid-900.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/fa-solid-900.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/fonts/finger-paint-v7-latin-regular.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/finger-paint-v7-latin-regular.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/fonts/flavors-v6-latin-regular.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/flavors-v6-latin-regular.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/fonts/freckle-face-v6-latin-regular.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/freckle-face-v6-latin-regular.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/fonts/glyphicons-halflings-regular.eot (100%) rename roles/{web_support => www_back_end}/files/html/fonts/glyphicons-halflings-regular.svg (100%) rename roles/{web_support => www_back_end}/files/html/fonts/glyphicons-halflings-regular.ttf (100%) rename roles/{web_support => www_back_end}/files/html/fonts/glyphicons-halflings-regular.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/open-sans-v15-latin-600.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/open-sans-v15-latin-600.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/fonts/open-sans-v15-latin-700.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/open-sans-v15-latin-700.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/fonts/open-sans-v15-latin-regular.woff (100%) rename roles/{web_support => www_back_end}/files/html/fonts/open-sans-v15-latin-regular.woff2 (100%) rename roles/{web_support => www_back_end}/files/html/html/credits.html (100%) rename roles/{web_support => www_back_end}/files/html/js/Markdown.Converter.js (100%) rename roles/{web_support => www_back_end}/files/html/js/Markdown.Sanitizer.js (100%) rename roles/{web_support => www_back_end}/files/html/js/XMLDisplay.js (100%) rename roles/{web_support => www_back_end}/files/html/js/bootstrap.js (100%) rename roles/{web_support => www_back_end}/files/html/js/bootstrap.min.js (100%) rename roles/{web_support => www_back_end}/files/html/js/bootstrap4.min.js (100%) rename roles/{web_support => www_back_end}/files/html/js/jquery.min.js (100%) rename roles/{web_support => www_back_end}/files/html/services/power_off.php (100%) rename roles/{web_support => www_back_end}/tasks/html.yml (100%) rename roles/{web_support => www_back_end}/tasks/main.yml (69%) rename roles/{web_support => www_back_end}/tasks/php-stem.yml (100%) rename roles/{web_support => www_back_end}/templates/iiab-refresh-wiki-docs.sh (100%) create mode 100644 roles/www_front_end/tasks/main.yml rename roles/{web_support => www_front_end}/templates/020_apache_poweroff.j2 (100%) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 715d59b1c..a4895f44b 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -8,10 +8,11 @@ name: mysql when: mysql_install | bool -- name: WEB_SUPPORT +- name: WWW_BACK_END (WWW_FRONT_END should be installed later) include_role: - name: web_support - when: apache_install or nginx_install + name: www_back_end + # when: www_back_end | bool + # when: apache_install or nginx_install - name: HTTPD (Apache) include_role: diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 0decf2a4b..0ee84f133 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -27,11 +27,6 @@ name: usb_lib when: usb_lib_install | bool -# 2020-02-12: what was roles/homepage lives in roles/web_support & roles/httpd -# for now. Eventually softcoding of iiab_home_url should happen everywhere -# (incl Admin Console) to allow more field options, e.g. changing -# /library/www/html/home even when offline... - - name: CUPS include_role: name: cups @@ -42,25 +37,16 @@ name: samba when: samba_install | bool -# 2020-02-12: DOES THE FLAG BELOW (apache_allow_sudo) WORK WITH NGINX TOO ? -# COMPARE apache_high_php_limits @ web_support/tasks/main.yml +# 2020-02-12: what was roles/homepage lives in roles/www_back_end & +# roles/www_front_end for now. Eventually softcoding of iiab_home_url +# should happen everywhere (incl Admin Console) to allow more field +# options, e.g. changing /library/www/html/home even when offline... -- name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_apache_poweroff from template - template: - src: roles/web_support/templates/020_apache_poweroff.j2 - dest: /etc/sudoers.d/020_apache_poweroff - mode: '0755' - when: apache_allow_sudo | bool - -- name: Remove {{ apache_user }} (per variable apache_user) permission to poweroff, removing /etc/sudoers.d/020_apache_poweroff - file: - path: /etc/sudoers.d/020_apache_poweroff - state: absent - when: not apache_allow_sudo - -- name: Run /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (This script was installed in Stage 3 = roles/3-base-server/tasks/main.yml, which ran roles/web_support/tasks/main.yml) - command: /usr/bin/iiab-refresh-wiki-docs - when: internet_available and not nodocs +- name: WWW_FRONT_END (WWW_BACK_END should have been installed earlier) + include_role: + name: www_front_end + # when: www_front_end | bool + # when: apache_install or nginx_install - name: Recording STAGE 4 HAS COMPLETED ================== lineinfile: diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 2ab2ce0b2..00f7712dd 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -30,8 +30,8 @@ name: calibre-web when: calibreweb_install | bool -# Could split these two below to Stage 10? 2020-02-11: Experimentally moving -# stuff below to roles/web_support, 4-server-options, roles/httpd, roles/nginx. +# Could split these two below to Stage 10? 2020-02-12: Experimentally moving +# stuff to roles/3-base-server, 4-server-options, roles/httpd, roles/nginx. # - name: "Set 'nginx_enabled: True'" # set_fact: diff --git a/roles/httpd/tasks/homepage.yml b/roles/httpd/tasks/homepage.yml new file mode 100644 index 000000000..25773ba31 --- /dev/null +++ b/roles/httpd/tasks/homepage.yml @@ -0,0 +1,17 @@ +# Both invoked in 4-SERVER-OPTIONS, by roles/www_front_end/tasks/main.yml: +# +# httpd/tasks/homepage.yml +# nginx/tasks/homepage.yml + +- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from httpd/templates, so Apache redirects http://box to http://box{{ iiab_home_url }} # /home + template: + src: roles/httpd/templates/iiab-homepage.conf + dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" # apache2/sites-available (on debuntu) + +- name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) by running 'a2ensite iiab-homepage.conf'" + command: a2ensite iiab-homepage.conf + #when: apache_enabled | bool + +# - name: Disable IIAB pages via Apache (e.g. on port 80) by running 'a2dissite iiab-homepage.conf', if not apache_enabled" +# command: a2dissite iiab-homepage.conf +# when: not apache_enabled diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index 723f7bfdb..8ffd6382f 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -156,26 +156,9 @@ # command: a2dissite 010-iiab.conf # when: not apache_enabled -# MOVED FROM roles/homepage/tasks/main.yml (as NGINX-only IIAB's won't need it) -# and 'mkdir /library/www/html/home' is now done by web_support/tasks/main.yml -# for Admin Console which hard-codes that as a requirement, as of 2020-02-12. -# -# './runrole --reinstall apache' is a decent solution today, for folks needing -# changes, but to make sure such things work in the field/offline/etc: soft- -# coding of iiab_home_url should probably be taken more seriously thruout IIAB! -# -- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ - template: - src: iiab-homepage.conf - dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" - -- name: "IN CASE NGINX IS DISABLED: Enable iiab-homepage.conf via Apache (e.g. on port 80) by running 'a2ensite iiab-homepage.conf'" - command: a2ensite iiab-homepage.conf - #when: apache_enabled | bool - -# - name: Disable IIAB pages via Apache (e.g. on port 80) by running 'a2dissite iiab-homepage.conf', if not apache_enabled" -# command: a2dissite iiab-homepage.conf -# when: not apache_enabled +- debug: + msg: roles/httpd/tasks/homepage.yml will run LATER (invoked by roles/www_front_end/tasks/main.yml) SO THAT APACHE CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url) +# - include_tasks: roles/httpd/tasks/homepage.yml # - name: Enable & Stop '{{ apache_service }}' systemd service # systemd: diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index edd6cb2a8..beebc2da5 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -6,13 +6,13 @@ - name: Install /etc/{{ apache_service }}/ports.conf from template 1 of 2 (ports.conf.j2) if nginx_enabled, to enable Apache port {{ apache_port }} localhost only template: src: ports.conf.j2 - dest: "/etc/{{ apache_service }}/ports.conf" # apache2 or httpd + dest: "/etc/{{ apache_service }}/ports.conf" when: nginx_enabled | bool - name: Install /etc/{{ apache_service }}/ports.conf from template 2 of 2 (stock-apache-ports.conf) if not nginx_enabled, to disable Apache port {{ apache_port }} localhost only template: src: stock-apache-ports.conf - dest: "/etc/{{ apache_service }}/ports.conf" # apache2 or httpd + dest: "/etc/{{ apache_service }}/ports.conf" when: not nginx_enabled - name: Enable & Restart '{{ apache_service }}' if apache_enabled or not nginx_enabled, since we stopped it diff --git a/roles/nginx/tasks/homepage.yml b/roles/nginx/tasks/homepage.yml new file mode 100644 index 000000000..fb01aa96f --- /dev/null +++ b/roles/nginx/tasks/homepage.yml @@ -0,0 +1,9 @@ +# Both invoked in 4-SERVER-OPTIONS, by roles/www_front_end/tasks/main.yml: +# +# httpd/tasks/homepage.yml +# nginx/tasks/homepage.yml + +- name: Install {{ nginx_conf_dir }}/iiab.conf from nginx/templates, so NGINX redirects http://box to http://box{{ iiab_home_url }} # /home + template: + src: roles/nginx/templates/iiab.conf.j2 + dest: "{{ nginx_conf_dir }}/iiab.conf" # /etc/nginx/conf.d diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 6b3a7e25b..2fb3f2e44 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -35,7 +35,7 @@ path: /etc/nginx/sites-enabled/default state: absent -- name: 'Install 3 files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, {{ nginx_conf_dir }}/iiab.conf' +- name: 'Install 2 (of 4) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -43,9 +43,13 @@ - { src: 'server.conf.j2', dest: '/etc/nginx/server.conf' } - { src: 'nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } #- { src: 'ports.conf.j2', dest: '/etc/{{ apache_service }}/ports.conf' } # Moved to enable-or-disable.yml - - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # /etc/nginx/conf.d + #- { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # Moved into homepage.yml below -# php-stem extension installed by roles/web_support/tasks/php-stem.yml +- debug: + msg: roles/nginx/tasks/homepage.yml will run LATER (invoked by roles/www_front_end/tasks/main.yml) SO THAT NGINX CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url) +# - include_tasks: roles/nginx/tasks/homepage.yml + +# php-stem extension installed by roles/www_back_end/tasks/php-stem.yml # here it is linked to php-fpm - name: Symlink /etc/php/{{ php_version }}/fpm/conf.d/20-stem.ini -> /etc/php/{{ php_version }}/mods-available/stem.ini file: diff --git a/roles/web_support/files/html/assets/lang_codes.json b/roles/www_back_end/files/html/assets/lang_codes.json similarity index 100% rename from roles/web_support/files/html/assets/lang_codes.json rename to roles/www_back_end/files/html/assets/lang_codes.json diff --git a/roles/web_support/files/html/css/bootstrap-theme.css b/roles/www_back_end/files/html/css/bootstrap-theme.css similarity index 100% rename from roles/web_support/files/html/css/bootstrap-theme.css rename to roles/www_back_end/files/html/css/bootstrap-theme.css diff --git a/roles/web_support/files/html/css/bootstrap-theme.css.map b/roles/www_back_end/files/html/css/bootstrap-theme.css.map similarity index 100% rename from roles/web_support/files/html/css/bootstrap-theme.css.map rename to roles/www_back_end/files/html/css/bootstrap-theme.css.map diff --git a/roles/web_support/files/html/css/bootstrap-theme.min.css b/roles/www_back_end/files/html/css/bootstrap-theme.min.css similarity index 100% rename from roles/web_support/files/html/css/bootstrap-theme.min.css rename to roles/www_back_end/files/html/css/bootstrap-theme.min.css diff --git a/roles/web_support/files/html/css/bootstrap-theme.min.css.map b/roles/www_back_end/files/html/css/bootstrap-theme.min.css.map similarity index 100% rename from roles/web_support/files/html/css/bootstrap-theme.min.css.map rename to roles/www_back_end/files/html/css/bootstrap-theme.min.css.map diff --git a/roles/web_support/files/html/css/bootstrap.css b/roles/www_back_end/files/html/css/bootstrap.css similarity index 100% rename from roles/web_support/files/html/css/bootstrap.css rename to roles/www_back_end/files/html/css/bootstrap.css diff --git a/roles/web_support/files/html/css/bootstrap.css.map b/roles/www_back_end/files/html/css/bootstrap.css.map similarity index 100% rename from roles/web_support/files/html/css/bootstrap.css.map rename to roles/www_back_end/files/html/css/bootstrap.css.map diff --git a/roles/web_support/files/html/css/bootstrap.min.css b/roles/www_back_end/files/html/css/bootstrap.min.css similarity index 100% rename from roles/web_support/files/html/css/bootstrap.min.css rename to roles/www_back_end/files/html/css/bootstrap.min.css diff --git a/roles/web_support/files/html/css/bootstrap.min.css.map b/roles/www_back_end/files/html/css/bootstrap.min.css.map similarity index 100% rename from roles/web_support/files/html/css/bootstrap.min.css.map rename to roles/www_back_end/files/html/css/bootstrap.min.css.map diff --git a/roles/web_support/files/html/css/bootstrap4.min.css b/roles/www_back_end/files/html/css/bootstrap4.min.css similarity index 100% rename from roles/web_support/files/html/css/bootstrap4.min.css rename to roles/www_back_end/files/html/css/bootstrap4.min.css diff --git a/roles/web_support/files/html/css/fa.all.min.css b/roles/www_back_end/files/html/css/fa.all.min.css similarity index 100% rename from roles/web_support/files/html/css/fa.all.min.css rename to roles/www_back_end/files/html/css/fa.all.min.css diff --git a/roles/web_support/files/html/css/font-faces.css b/roles/www_back_end/files/html/css/font-faces.css similarity index 100% rename from roles/web_support/files/html/css/font-faces.css rename to roles/www_back_end/files/html/css/font-faces.css diff --git a/roles/web_support/files/html/css/xo-common.css b/roles/www_back_end/files/html/css/xo-common.css similarity index 100% rename from roles/web_support/files/html/css/xo-common.css rename to roles/www_back_end/files/html/css/xo-common.css diff --git a/roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff b/roles/www_back_end/files/html/fonts/bubblegum-sans-v6-latin-regular.woff similarity index 100% rename from roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff rename to roles/www_back_end/files/html/fonts/bubblegum-sans-v6-latin-regular.woff diff --git a/roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 b/roles/www_back_end/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 rename to roles/www_back_end/files/html/fonts/bubblegum-sans-v6-latin-regular.woff2 diff --git a/roles/web_support/files/html/fonts/fa-solid-900.woff b/roles/www_back_end/files/html/fonts/fa-solid-900.woff similarity index 100% rename from roles/web_support/files/html/fonts/fa-solid-900.woff rename to roles/www_back_end/files/html/fonts/fa-solid-900.woff diff --git a/roles/web_support/files/html/fonts/fa-solid-900.woff2 b/roles/www_back_end/files/html/fonts/fa-solid-900.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/fa-solid-900.woff2 rename to roles/www_back_end/files/html/fonts/fa-solid-900.woff2 diff --git a/roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff b/roles/www_back_end/files/html/fonts/finger-paint-v7-latin-regular.woff similarity index 100% rename from roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff rename to roles/www_back_end/files/html/fonts/finger-paint-v7-latin-regular.woff diff --git a/roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff2 b/roles/www_back_end/files/html/fonts/finger-paint-v7-latin-regular.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/finger-paint-v7-latin-regular.woff2 rename to roles/www_back_end/files/html/fonts/finger-paint-v7-latin-regular.woff2 diff --git a/roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff b/roles/www_back_end/files/html/fonts/flavors-v6-latin-regular.woff similarity index 100% rename from roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff rename to roles/www_back_end/files/html/fonts/flavors-v6-latin-regular.woff diff --git a/roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff2 b/roles/www_back_end/files/html/fonts/flavors-v6-latin-regular.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/flavors-v6-latin-regular.woff2 rename to roles/www_back_end/files/html/fonts/flavors-v6-latin-regular.woff2 diff --git a/roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff b/roles/www_back_end/files/html/fonts/freckle-face-v6-latin-regular.woff similarity index 100% rename from roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff rename to roles/www_back_end/files/html/fonts/freckle-face-v6-latin-regular.woff diff --git a/roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff2 b/roles/www_back_end/files/html/fonts/freckle-face-v6-latin-regular.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/freckle-face-v6-latin-regular.woff2 rename to roles/www_back_end/files/html/fonts/freckle-face-v6-latin-regular.woff2 diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.eot b/roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.eot similarity index 100% rename from roles/web_support/files/html/fonts/glyphicons-halflings-regular.eot rename to roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.eot diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.svg b/roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.svg similarity index 100% rename from roles/web_support/files/html/fonts/glyphicons-halflings-regular.svg rename to roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.svg diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.ttf b/roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.ttf similarity index 100% rename from roles/web_support/files/html/fonts/glyphicons-halflings-regular.ttf rename to roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.ttf diff --git a/roles/web_support/files/html/fonts/glyphicons-halflings-regular.woff b/roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.woff similarity index 100% rename from roles/web_support/files/html/fonts/glyphicons-halflings-regular.woff rename to roles/www_back_end/files/html/fonts/glyphicons-halflings-regular.woff diff --git a/roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff b/roles/www_back_end/files/html/fonts/open-sans-v15-latin-600.woff similarity index 100% rename from roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff rename to roles/www_back_end/files/html/fonts/open-sans-v15-latin-600.woff diff --git a/roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff2 b/roles/www_back_end/files/html/fonts/open-sans-v15-latin-600.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/open-sans-v15-latin-600.woff2 rename to roles/www_back_end/files/html/fonts/open-sans-v15-latin-600.woff2 diff --git a/roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff b/roles/www_back_end/files/html/fonts/open-sans-v15-latin-700.woff similarity index 100% rename from roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff rename to roles/www_back_end/files/html/fonts/open-sans-v15-latin-700.woff diff --git a/roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff2 b/roles/www_back_end/files/html/fonts/open-sans-v15-latin-700.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/open-sans-v15-latin-700.woff2 rename to roles/www_back_end/files/html/fonts/open-sans-v15-latin-700.woff2 diff --git a/roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff b/roles/www_back_end/files/html/fonts/open-sans-v15-latin-regular.woff similarity index 100% rename from roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff rename to roles/www_back_end/files/html/fonts/open-sans-v15-latin-regular.woff diff --git a/roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff2 b/roles/www_back_end/files/html/fonts/open-sans-v15-latin-regular.woff2 similarity index 100% rename from roles/web_support/files/html/fonts/open-sans-v15-latin-regular.woff2 rename to roles/www_back_end/files/html/fonts/open-sans-v15-latin-regular.woff2 diff --git a/roles/web_support/files/html/html/credits.html b/roles/www_back_end/files/html/html/credits.html similarity index 100% rename from roles/web_support/files/html/html/credits.html rename to roles/www_back_end/files/html/html/credits.html diff --git a/roles/web_support/files/html/js/Markdown.Converter.js b/roles/www_back_end/files/html/js/Markdown.Converter.js similarity index 100% rename from roles/web_support/files/html/js/Markdown.Converter.js rename to roles/www_back_end/files/html/js/Markdown.Converter.js diff --git a/roles/web_support/files/html/js/Markdown.Sanitizer.js b/roles/www_back_end/files/html/js/Markdown.Sanitizer.js similarity index 100% rename from roles/web_support/files/html/js/Markdown.Sanitizer.js rename to roles/www_back_end/files/html/js/Markdown.Sanitizer.js diff --git a/roles/web_support/files/html/js/XMLDisplay.js b/roles/www_back_end/files/html/js/XMLDisplay.js similarity index 100% rename from roles/web_support/files/html/js/XMLDisplay.js rename to roles/www_back_end/files/html/js/XMLDisplay.js diff --git a/roles/web_support/files/html/js/bootstrap.js b/roles/www_back_end/files/html/js/bootstrap.js similarity index 100% rename from roles/web_support/files/html/js/bootstrap.js rename to roles/www_back_end/files/html/js/bootstrap.js diff --git a/roles/web_support/files/html/js/bootstrap.min.js b/roles/www_back_end/files/html/js/bootstrap.min.js similarity index 100% rename from roles/web_support/files/html/js/bootstrap.min.js rename to roles/www_back_end/files/html/js/bootstrap.min.js diff --git a/roles/web_support/files/html/js/bootstrap4.min.js b/roles/www_back_end/files/html/js/bootstrap4.min.js similarity index 100% rename from roles/web_support/files/html/js/bootstrap4.min.js rename to roles/www_back_end/files/html/js/bootstrap4.min.js diff --git a/roles/web_support/files/html/js/jquery.min.js b/roles/www_back_end/files/html/js/jquery.min.js similarity index 100% rename from roles/web_support/files/html/js/jquery.min.js rename to roles/www_back_end/files/html/js/jquery.min.js diff --git a/roles/web_support/files/html/services/power_off.php b/roles/www_back_end/files/html/services/power_off.php similarity index 100% rename from roles/web_support/files/html/services/power_off.php rename to roles/www_back_end/files/html/services/power_off.php diff --git a/roles/web_support/tasks/html.yml b/roles/www_back_end/tasks/html.yml similarity index 100% rename from roles/web_support/tasks/html.yml rename to roles/www_back_end/tasks/html.yml diff --git a/roles/web_support/tasks/main.yml b/roles/www_back_end/tasks/main.yml similarity index 69% rename from roles/web_support/tasks/main.yml rename to roles/www_back_end/tasks/main.yml index b75900b01..12741954f 100644 --- a/roles/web_support/tasks/main.yml +++ b/roles/www_back_end/tasks/main.yml @@ -1,10 +1,16 @@ +# Role "www_back_end" runs here, probably in 3-BASE-SERVER. +# Role "www_front_end" runs later, likely in 4-SERVER-OPTIONS. +# +# (Don't take either name too literally!) + + - include_tasks: html.yml - include_tasks: php-stem.yml # 2020-02-12: DOES THE FLAG BELOW (apache_high_php_limits) WORK WITH NGINX TOO? -# COMPARE apache_allow_sudo @ 4-server-options/tasks/main.yml +# COMPARE apache_allow_sudo @ roles/www_front_end/tasks/main.yml # For schools that use WordPress/Nextcloud/Moodle intensively. iiab/iiab#1147 # WARNING: Enabling this might cause excess use of RAM/disk or other resources! @@ -22,21 +28,13 @@ - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } -# 2020-02-12: *REQUIRED* by iiab-admin-console/roles/js-menu/tasks/main.yml, -# which should probably instead softcode iiab_home_url as set in local_vars.yml -# -# SEE httpd/tasks/install.yml for related 'a2ensite iiab-homepage.conf' -# -# (Both mkdir & iiab-homepage.conf stuff used to be in homepage/tasks/main.yml) -# -- name: Create dir {{ doc_root }}/home +- name: Create dir {{ doc_root }}/home -- if you customized var iiab_home_url e.g. in /etc/iiab/local_vars.yml, that dir is created later -- by www_front_end/tasks/main.yml file: state: directory path: "{{ doc_root }}/home" # /library/www/html owner: "{{ apache_user }}" group: "{{ apache_user }}" - mode: '0755' - + # mode: '0755' - name: Create dir {{ doc_root }}/info for http://box/info offline docs file: @@ -44,10 +42,23 @@ path: "{{ doc_root }}/info" # /library/www/html owner: "{{ apache_user }}" group: "{{ apache_user }}" - #mode: '0755' + # mode: '0755' - name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (Script can be run manually and/or at the end of Stage 4 = roles/4-server-options/tasks/main.yml) template: src: iiab-refresh-wiki-docs.sh dest: /usr/bin/iiab-refresh-wiki-docs mode: '0755' + + +# RECORD www_back_end AS INSTALLED + +- name: "Set 'www_back_end_installed: True'" + set_fact: + www_back_end_installed: True + +- name: "Add 'www_back_end_installed: True' to {{ iiab_state_file }}" + lineinfile: + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^www_back_end_installed' + line: 'www_back_end_installed: True' diff --git a/roles/web_support/tasks/php-stem.yml b/roles/www_back_end/tasks/php-stem.yml similarity index 100% rename from roles/web_support/tasks/php-stem.yml rename to roles/www_back_end/tasks/php-stem.yml diff --git a/roles/web_support/templates/iiab-refresh-wiki-docs.sh b/roles/www_back_end/templates/iiab-refresh-wiki-docs.sh similarity index 100% rename from roles/web_support/templates/iiab-refresh-wiki-docs.sh rename to roles/www_back_end/templates/iiab-refresh-wiki-docs.sh diff --git a/roles/www_front_end/tasks/main.yml b/roles/www_front_end/tasks/main.yml new file mode 100644 index 000000000..f4525a861 --- /dev/null +++ b/roles/www_front_end/tasks/main.yml @@ -0,0 +1,61 @@ +# Role "www_back_end" runs earlier, likely in 3-BASE-SERVER. +# Role "www_front_end" runs here, probably in 4-SERVER-OPTIONS. +# +# (Don't take either name too literally!) + + +# HOMEPAGE + +- name: Create dir {{ doc_root }}{{ iiab_home_url }} just in case variable iiab_home_url was customized. (Standard path {{doc_root}}/home was created earlier.) + file: + state: directory + path: "{{ doc_root }}{{ iiab_home_url }}" # /library/www/html/home + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + mode: '0755' + +- name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) if apache_install" + include_tasks: roles/httpd/tasks/homepage.yml + when: apache_install | bool + +- name: Enable IIAB pages via NGINX (e.g. on port 80) if nginx_install + include_tasks: roles/nginx/tasks/homepage.yml + when: nginx_install | bool + + +# 'Is a "Rapid Power Off" button possible for low-electricity environments?' +# gives more details here: http://FAQ.IIAB.IO + +# 2020-02-12: DOES THE FLAG BELOW (apache_allow_sudo) WORK WITH NGINX TOO ? +# COMPARE apache_high_php_limits @ roles/www_back_end/tasks/main.yml + +- name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_apache_poweroff from template + template: + src: 020_apache_poweroff.j2 + dest: /etc/sudoers.d/020_apache_poweroff + mode: '0755' + when: apache_allow_sudo | bool + +- name: Remove {{ apache_user }} (per variable apache_user) permission to poweroff, removing /etc/sudoers.d/020_apache_poweroff + file: + path: /etc/sudoers.d/020_apache_poweroff + state: absent + when: not apache_allow_sudo + + +- name: Run /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation. (This script was installed in Stage 3 = roles/3-base-server/tasks/main.yml, which ran roles/www_back_end/tasks/main.yml) + command: /usr/bin/iiab-refresh-wiki-docs + when: internet_available and not nodocs + + +# RECORD www_front_end AS INSTALLED + +- name: "Set 'www_front_end_installed: True'" + set_fact: + www_front_end_installed: True + +- name: "Add 'www_front_end_installed: True' to {{ iiab_state_file }}" + lineinfile: + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^www_front_end_installed' + line: 'www_front_end_installed: True' diff --git a/roles/web_support/templates/020_apache_poweroff.j2 b/roles/www_front_end/templates/020_apache_poweroff.j2 similarity index 100% rename from roles/web_support/templates/020_apache_poweroff.j2 rename to roles/www_front_end/templates/020_apache_poweroff.j2 diff --git a/tests/test.yml b/tests/test.yml index dae66056b..a79a8d2e1 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -72,8 +72,9 @@ - { role: transmission } - { role: usb_lib } - { role: vnstat } - - { role: web_support } - { role: wordpress } + - { role: www_back_end } + - { role: www_front_end } - { role: yarn } #- { roles: xovis } From a77cfa53b831a414226c6c83ca25ec990ab01410 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2020 21:49:10 -0500 Subject: [PATCH 20/23] Typos in 3-base-server, 4-server-options --- roles/3-base-server/tasks/main.yml | 2 +- roles/4-server-options/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index a4895f44b..e61a11289 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -11,7 +11,7 @@ - name: WWW_BACK_END (WWW_FRONT_END should be installed later) include_role: name: www_back_end - # when: www_back_end | bool + # when: www_back_end_install | bool # when: apache_install or nginx_install - name: HTTPD (Apache) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 0ee84f133..2fc36f209 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -45,7 +45,7 @@ - name: WWW_FRONT_END (WWW_BACK_END should have been installed earlier) include_role: name: www_front_end - # when: www_front_end | bool + # when: www_front_end_install | bool # when: apache_install or nginx_install - name: Recording STAGE 4 HAS COMPLETED ================== From 6351dc3e57b77a4108c65cad7772b1b473844804 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 13 Feb 2020 22:53:19 -0500 Subject: [PATCH 21/23] Restart web server(s) as www_front_end completes --- roles/www_front_end/tasks/main.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/roles/www_front_end/tasks/main.yml b/roles/www_front_end/tasks/main.yml index f4525a861..af3672bbe 100644 --- a/roles/www_front_end/tasks/main.yml +++ b/roles/www_front_end/tasks/main.yml @@ -14,10 +14,12 @@ group: "{{ apache_user }}" mode: '0755' +# Used to be run by httpd/tasks/install.yml - name: "IN CASE NGINX IS DISABLED: Enable IIAB pages via Apache (e.g. on port 80) if apache_install" include_tasks: roles/httpd/tasks/homepage.yml when: apache_install | bool +# Used to be run by nginx/tasks/install.yml - name: Enable IIAB pages via NGINX (e.g. on port 80) if nginx_install include_tasks: roles/nginx/tasks/homepage.yml when: nginx_install | bool @@ -48,6 +50,19 @@ when: internet_available and not nodocs +- name: (Re)Start '{{ apache_service }}' systemd service, if apache_enabled + systemd: + name: "{{ apache_service }}" # apache2 on debuntu + state: restarted + when: apache_enabled | bool + +- name: (Re)Start 'nginx' systemd service, if nginx_enabled + systemd: + name: nginx + state: restarted + when: nginx_enabled | bool + + # RECORD www_front_end AS INSTALLED - name: "Set 'www_front_end_installed: True'" From 2fe1dc6b0361b769a96096e5fa6bd70c7d288d55 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 13 Feb 2020 23:11:07 -0500 Subject: [PATCH 22/23] 3-base-server/tasks/main.yml, 4-server-options/tasks/main.yml --- roles/3-base-server/tasks/main.yml | 4 ++-- roles/4-server-options/tasks/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index e61a11289..509829cbc 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -11,8 +11,8 @@ - name: WWW_BACK_END (WWW_FRONT_END should be installed later) include_role: name: www_back_end - # when: www_back_end_install | bool - # when: apache_install or nginx_install + #when: www_back_end_install | bool + #when: apache_install or nginx_install - name: HTTPD (Apache) include_role: diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 2fc36f209..8189e6bac 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -45,8 +45,8 @@ - name: WWW_FRONT_END (WWW_BACK_END should have been installed earlier) include_role: name: www_front_end - # when: www_front_end_install | bool - # when: apache_install or nginx_install + #when: www_front_end_install | bool + #when: apache_install or nginx_install - name: Recording STAGE 4 HAS COMPLETED ================== lineinfile: From 65e8f795ec55e0ff9a95d9a016937e5124597ae9 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 14 Feb 2020 01:04:08 -0500 Subject: [PATCH 23/23] Symlink --- roles/minetest/tasks/rpi_minetest_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/minetest/tasks/rpi_minetest_install.yml b/roles/minetest/tasks/rpi_minetest_install.yml index d126ccdaa..0541d2174 100644 --- a/roles/minetest/tasks/rpi_minetest_install.yml +++ b/roles/minetest/tasks/rpi_minetest_install.yml @@ -30,7 +30,7 @@ owner: root group: root -- name: Create symbolic link /library/games/minetest +- name: Symlink /library/games/minetest -> /library/games/0.4.17.1 file: state: link src: /library/games/0.4.17.1