diff --git a/roles/kiwix/defaults/main.yml b/roles/kiwix/defaults/main.yml index 0801516e0..8fd2a066d 100644 --- a/roles/kiwix/defaults/main.yml +++ b/roles/kiwix/defaults/main.yml @@ -7,36 +7,40 @@ # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! -# Which kiwix-tools to download from http://download.iiab.io/packages/ -# As obtained from http://download.kiwix.org/release/kiwix-tools/ or http://download.kiwix.org/nightly/ -kiwix_version_armhf: "kiwix-tools_linux-armhf-3.0.1-8" -kiwix_version_linux64: "kiwix-tools_linux-x86_64-3.0.1-8" -kiwix_version_i686: "kiwix-tools_linux-i586-3.0.1-8" -# kiwix_src_file_i686: "kiwix-linux-i686.tar.bz2" -# v0.9 for i686 published May 2014 ("use it to test legacy ZIM content") -# v0.10 for i686 published Oct 2016 ("experimental") REPLACED IN EARLY 2018, thx to Matthieu Gautier: -# https://github.com/kiwix/kiwix-build/issues/94 -# https://github.com/kiwix/kiwix-tools/issues/170 +# INSTRUCTIONS TO REINSTALL Kiwix: +# (1) VERIFY THESE VARS IN /etc/iiab/local_vars.yml +# kiwix_install: True +# kiwix_enabled: True +# (2) RUN: cd /opt/iiab/iiab; ./runrole --reinstall kiwix -kiwix_src_file_armhf: "{{ kiwix_version_armhf }}.tar.gz" -kiwix_src_file_linux64: "{{ kiwix_version_linux64 }}.tar.gz" -kiwix_src_file_i686: "{{ kiwix_version_i686 }}.tar.gz" -# Used for Kiwix proxy http://box/kiwix/ -kiwix_url_without_slash: /kiwix -kiwix_url: "{{ kiwix_url_without_slash }}/" # /kiwix/ -kiwix_path: "{{ iiab_base }}/kiwix" # /opt/iiab/kiwix - -# /library/zims contains 3 important things: +# FYI /library/zims contains 3 important things: # - library.xml # - content = directory for all *.zim's # - index = directory for legacy *.zim.idx's kiwix_library_xml: "{{ iiab_zim_path }}/library.xml" -# INSTRUCTIONS TO REINSTALL kiwix (1) VERIFY ITS VARS IN /etc/iiab/local_vars.yml (2) THEN RUN EITHER BELOW... -# - NEW WAY: cd /opt/iiab/iiab; ./runrole --reinstall kiwix -# - OLD WAY: rm /opt/iiab/kiwix/bin/kiwix-serve; cd /opt/iiab/iiab; ./runrole kiwix -kiwix_force_install: False +# The next 3 lines specify which version(s) of kiwix-tools to download from... +# http://download.iiab.io/packages/ ...as originally obtained from... +# http://download.kiwix.org/release/kiwix-tools/ ...or sometimes... +# http://download.kiwix.org/nightly/ + +kiwix_version_armhf: "kiwix-tools_linux-armhf-3.0.2" +kiwix_version_linux64: "kiwix-tools_linux-x86_64-3.0.2" +kiwix_version_i686: "kiwix-tools_linux-i586-3.0.2" + +# kiwix_src_file_i686: "kiwix-linux-i686.tar.bz2" +# v0.9 for i686 published May 2014 ("use it to test legacy ZIM content") +# v0.10 for i686 published Oct 2016 ("experimental") REPLACED IN EARLY 2018, +# thx to @mgautierfr / Matthieu Gautier: +# https://github.com/kiwix/kiwix-build/issues/94 +# https://github.com/kiwix/kiwix-tools/issues/170 + +# Used for Kiwix proxy http://box/kiwix/ +kiwix_url: /kiwix +kiwix_url_plus_slash: "{{ kiwix_url }}/" # /kiwix/ +kiwix_path: "{{ iiab_base }}/kiwix" # /opt/iiab/kiwix + kiwix_nginx_timeout: 600 kiwix_threads: 4 diff --git a/roles/kiwix/tasks/apache.yml b/roles/kiwix/tasks/apache.yml new file mode 100644 index 000000000..2162825cb --- /dev/null +++ b/roles/kiwix/tasks/apache.yml @@ -0,0 +1,14 @@ +- name: Enable http://box{{ kiwix_url }} via Apache + command: a2ensite kiwix.conf + when: apache_install and kiwix_enabled + +- name: Disable http://box{{ kiwix_url }} via Apache + command: a2dissite kiwix.conf + when: apache_install and not kiwix_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" + daemon-reload: yes + state: restarted + when: apache_enabled | bool diff --git a/roles/kiwix/tasks/enable-or-disable.yml b/roles/kiwix/tasks/enable-or-disable.yml new file mode 100644 index 000000000..c64b6e911 --- /dev/null +++ b/roles/kiwix/tasks/enable-or-disable.yml @@ -0,0 +1,45 @@ +- name: Enable & Restart 'kiwix-serve' systemd service + systemd: + name: kiwix-serve + daemon_reload: yes + enabled: yes + state: restarted + when: kiwix_enabled | bool + +- name: Disable & Stop 'kiwix-serve' systemd service + systemd: + name: kiwix-serve + enabled: no + state: stopped + when: not kiwix_enabled + + +# TO DO: BOTH CRON ENTRIES BELOW *SHOULD* BE DELETED "when: not kiwix_enabled" + +# In the past kiwix-serve did not stay running, so we'd been doing this hourly. +# @mgautierfr & others suggest kiwix-serve might be auto-restarted w/o cron in +# future, whenever service fails, if this really catches all cases?? +# https://github.com/iiab/iiab/issues/484#issuecomment-342151726 +- name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu) + lineinfile: + # mn hr dy mo day-of-week[Sunday=0] username command-to-be-executed + line: "0 4 * * * root /bin/systemctl restart kiwix-serve.service" + dest: /etc/crontab + when: kiwix_enabled and is_debuntu + +- name: Make a crontab entry to restart kiwix-serve at 4AM (redhat) +# * * * * * user-name command to be executed + lineinfile: + # mn hr dy mo day-of-week[Sunday=0] username command-to-be-executed + line: "0 4 * * * root /usr/bin/systemctl restart kiwix-serve.service" + dest: /etc/crontab + when: kiwix_enabled and is_redhat + + +- name: Enable/Disable/Restart Apache if primary + include_tasks: apache.yml + when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool diff --git a/roles/kiwix/tasks/enable.yml b/roles/kiwix/tasks/enable.yml deleted file mode 100644 index 0276b08a6..000000000 --- a/roles/kiwix/tasks/enable.yml +++ /dev/null @@ -1,97 +0,0 @@ -- name: Enable & Restart 'kiwix-serve' systemd service - systemd: - name: kiwix-serve - daemon_reload: yes - enabled: yes - state: restarted - when: kiwix_enabled | bool - -- name: Disable & Stop 'kiwix-serve' systemd service - systemd: - name: kiwix-serve - enabled: no - state: stopped - when: not kiwix_enabled - -# TO DO: BOTH CRON ENTRIES BELOW *SHOULD* BE DELETED "when: not kiwix_enabled" - -# In the past kiwix-serve did not stay running, so we'd been doing this hourly. -# @mgautierfr & others suggest kiwix-serve might be auto-restarted w/o cron in -# future, whenever service fails, if this really catches all cases?? -# https://github.com/iiab/iiab/issues/484#issuecomment-342151726 -- name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu) - lineinfile: - # mn hr dy mo day-of-week[Sunday=0] username command-to-be-executed - line: "0 4 * * * root /bin/systemctl restart kiwix-serve.service" - dest: /etc/crontab - when: kiwix_enabled and is_debuntu - -- name: Make a crontab entry to restart kiwix-serve at 4AM (redhat) -# * * * * * user-name command to be executed - lineinfile: - # mn hr dy mo day-of-week[Sunday=0] username command-to-be-executed - line: "0 4 * * * root /usr/bin/systemctl restart kiwix-serve.service" - dest: /etc/crontab - when: kiwix_enabled and is_redhat - -# Apache - -- name: Enable http://box{{ kiwix_url_without_slash }} via Apache - command: a2ensite kiwix.conf - when: apache_install and kiwix_enabled - -- name: Disable http://box{{ kiwix_url_without_slash }} via Apache - command: a2dissite kiwix.conf - when: apache_install and not kiwix_enabled - -- name: Restart Apache systemd service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" - daemon-reload: yes - state: restarted - when: apache_enabled | bool - -# NGINX - -- name: Enable http://box{{ kiwix_url_without_slash }} via NGINX, by installing {{ nginx_conf_dir }}/kiwix-nginx.conf from template - template: - src: kiwix-nginx.conf - dest: "{{ nginx_conf_dir }}/kiwix-nginx.conf" - when: nginx_install and kiwix_enabled - -- name: Disable http://box{{ kiwix_url_without_slash }} via NGINX, by removing {{ nginx_conf_dir }}/kiwix-nginx.conf - file: - path: "{{ nginx_conf_dir }}/kiwix-nginx.conf" - state: absent - when: nginx_install and not kiwix_enabled - -- name: Restart 'nginx' systemd service - systemd: - name: nginx - state: restarted - when: nginx_enabled | bool - - -- name: Add 'kiwix' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" - section: kiwix - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Kiwix - - option: description - value: '"Part of https://github.com/kiwix/kiwix-tools/ -- kiwix-serve is the most used web server for ZIM files."' - - option: kiwix_url - value: "{{ kiwix_url }}" - - option: kiwix_path - value: "{{ kiwix_path }}" - - option: kiwix_port - value: "{{ kiwix_port }}" - - option: iiab_zim_path - value: "{{ iiab_zim_path }}" - - option: kiwix_library_xml - value: "{{ kiwix_library_xml }}" - - option: kiwix_enabled - value: "{{ kiwix_enabled }}" diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index 0e8235d86..c2fb6fa6c 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -1,29 +1,56 @@ -# 1. CREATE/VERIFY CRITICAL DIRECTORIES & FILES ARE IN PLACE +# 0. SET CPU ARCHITECTURE -- name: Download Kiwix software to /opt/iiab/downloads +- name: "Initialize 'kiwix_src_dir: False' just in case CPU architecture is not supported" + set_fact: + kiwix_src_dir: False + +- name: "Set fact 'kiwix_src_dir: {{ kiwix_version_armhf }}' (armv6l or armv71)" + set_fact: + kiwix_src_dir: "{{ kiwix_version_armhf }}" + when: ansible_machine == "armv7l" or ansible_machine == "armv6l" + +- name: "Set fact 'kiwix_src_dir: {{ kiwix_version_linux64 }}' (x86_64)" + set_fact: + kiwix_src_dir: "{{ kiwix_version_linux64 }}" + when: ansible_machine == "x86_64" + +- name: "Set fact 'kiwix_src_dir: {{ kiwix_version_i686 }}' (i686)" + set_fact: + kiwix_src_dir: "{{ kiwix_version_i686 }}" + when: ansible_machine == "i686" +# COMMENT OUT LINE ABOVE TO TEST i686 CODE PATH ON X86_64 (WORKS NOV 2017) + +- name: Force Ansible to exit (FAIL) if kiwix-tools appears unavailable for your architecture ({{ ansible_machine }}) + fail: + msg: "WARNING: kiwix-tools SOFTWARE APPEARS UNAVAILABLE FOR YOUR {{ ansible_machine }} OS/ARCHITECTURE." + when: not kiwix_src_dir + +- name: "Set fact 'kiwix_src_file: {{ kiwix_src_dir }}.tar.gz'" + set_fact: + kiwix_src_file: "{{ kiwix_src_dir }}.tar.gz" + + +# 1. PUT IN PLACE: ESSENTIAL DIRS, library.xml, test.zim + +- name: Download {{ iiab_download_url }}/{{ kiwix_src_file }} to /opt/iiab/downloads get_url: - url: "{{ iiab_download_url }}/{{ kiwix_src_file }}" + url: "{{ iiab_download_url }}/{{ kiwix_src_file }}" # http://download.iiab.io/packages dest: "{{ downloads_dir }}/{{ kiwix_src_file }}" timeout: "{{ download_timeout }}" when: internet_available | bool -- name: Check for /opt/iiab/downloads/{{ kiwix_src_file }} - stat: - path: "{{ downloads_dir }}/{{ kiwix_src_file }}" - register: kiwix_src - -- name: Create directory {{ iiab_zim_path }} and subdirs {content, index} for Kiwix ZIM files +- name: Create dir {{ iiab_zim_path }} and subdirs {content, index} for Kiwix ZIM files file: path: "{{ item }}" state: directory with_items: - - "{{ iiab_zim_path }}" + - "{{ iiab_zim_path }}" # /library/zims - "{{ iiab_zim_path }}/content" - "{{ iiab_zim_path }}/index" -- name: Check for {{ kiwix_library_xml }} # /library/zims/library.xml +- name: Check for {{ kiwix_library_xml }} stat: - path: "{{ kiwix_library_xml }}" + path: "{{ kiwix_library_xml }}" # /library/zims/library.xml register: kiwix_xml - name: Install stub /library/zims/library.xml from template, if one doesn't exist @@ -39,9 +66,9 @@ dest: "{{ iiab_zim_path }}/content/test.zim" force: no -- name: Create {{ kiwix_path }}/bin directory # /opt/iiab/kiwix/bin +- name: Create {{ kiwix_path }}/bin directory file: - path: "{{ kiwix_path }}/bin" + path: "{{ kiwix_path }}/bin" # /opt/iiab/kiwix state: directory @@ -52,8 +79,8 @@ src: "{{ downloads_dir }}/{{ kiwix_src_file }}" dest: /tmp -- name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location /opt/iiab/kiwix/bin (armhf & linux64 & i686) - shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" +- name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location {{ kiwix_path }}/bin + shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" # /opt/iiab/kiwix # 3. ENABLE MODS FOR APACHE PROXY IF DEBUNTU diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 8d65b3f04..de744d8b0 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -1,40 +1,54 @@ -- name: "Set Kiwix filename to d/l: {{ kiwix_src_file_armhf }} (armv6l or armv71)" - set_fact: - kiwix_src_dir: "{{ kiwix_version_armhf }}" - kiwix_src_file: "{{ kiwix_src_file_armhf }}" - when: ansible_machine == "armv7l" or ansible_machine == "armv6l" - -- name: "Set Kiwix filename to d/l: {{ kiwix_src_file_linux64 }} (x86_64)" - set_fact: - kiwix_src_dir: "{{ kiwix_version_linux64 }}" - kiwix_src_file: "{{ kiwix_src_file_linux64 }}" - when: ansible_machine == "x86_64" +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: "Set Kiwix filename to d/l: {{ kiwix_src_file_i686 }} (i686)" - set_fact: - kiwix_src_dir: "{{ kiwix_version_i686 }}" - kiwix_src_file: "{{ kiwix_src_file_i686 }}" - when: ansible_machine == "i686" -# COMMENT OUT LINE ABOVE TO TEST i686 CODE PATH ON X86_64 (WORKS NOV 2017) +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible -- name: FAIL (force Ansible to exit) IF kiwix-tools appears unavailable for OS/architecture -# debug: - fail: - msg: "WARNING: kiwix-tools SOFTWARE APPEARS UNAVAILABLE FOR YOUR {{ ansible_machine }} OS/ARCHITECTURE." - when: not kiwix_src_file +- name: Assert that "kiwix_install is sameas true" (boolean not string etc) + assert: + that: kiwix_install is sameas true + fail_msg: "PLEASE SET 'kiwix_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -- name: Check for /opt/iiab/kiwix/bin/kiwix-serve binary - stat: - path: "{{ kiwix_path }}/bin/kiwix-serve" - register: kiwix_bin +- name: Assert that "kiwix_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: kiwix_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'kiwix_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes -- name: Set fact kiwix_force_install if kiwix-serve not found - set_fact: - kiwix_force_install: True - when: not kiwix_bin.stat.exists or reinstall is defined -- include_tasks: install.yml - when: (kiwix_install and not kiwix_installed is defined) or kiwix_force_install +- name: Install Kiwix if 'kiwix_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: kiwix_installed is undefined -- include_tasks: enable.yml - when: kiwix_enabled # or kiwix_installed is defined + +- include_tasks: enable-or-disable.yml + + +- name: Add 'kiwix' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" + section: kiwix + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Kiwix + - option: description + value: '"Part of https://github.com/kiwix/kiwix-tools/ -- kiwix-serve is the most used web server for ZIM files."' + - option: kiwix_url + value: "{{ kiwix_url }}" + - option: kiwix_url_plus_slash + value: "{{ kiwix_url_plus_slash }}" + - option: kiwix_path + value: "{{ kiwix_path }}" + - option: kiwix_port + value: "{{ kiwix_port }}" + - option: iiab_zim_path + value: "{{ iiab_zim_path }}" + - option: kiwix_library_xml + value: "{{ kiwix_library_xml }}" + - option: kiwix_enabled + value: "{{ kiwix_enabled }}" diff --git a/roles/kiwix/tasks/nginx.yml b/roles/kiwix/tasks/nginx.yml new file mode 100644 index 000000000..c52b61a17 --- /dev/null +++ b/roles/kiwix/tasks/nginx.yml @@ -0,0 +1,17 @@ +- name: Enable http://box{{ kiwix_url }} via NGINX, by installing {{ nginx_conf_dir }}/kiwix-nginx.conf from template + template: + src: kiwix-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/kiwix-nginx.conf" + when: nginx_install and kiwix_enabled + +- name: Disable http://box{{ kiwix_url }} via NGINX, by removing {{ nginx_conf_dir }}/kiwix-nginx.conf + file: + path: "{{ nginx_conf_dir }}/kiwix-nginx.conf" + state: absent + when: nginx_install and not kiwix_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted + when: nginx_enabled | bool diff --git a/roles/kiwix/templates/iiab-make-kiwix-lib.py b/roles/kiwix/templates/iiab-make-kiwix-lib.py.deprecated similarity index 100% rename from roles/kiwix/templates/iiab-make-kiwix-lib.py rename to roles/kiwix/templates/iiab-make-kiwix-lib.py.deprecated diff --git a/roles/kiwix/templates/kiwix-nginx.conf b/roles/kiwix/templates/kiwix-nginx.conf.j2 similarity index 93% rename from roles/kiwix/templates/kiwix-nginx.conf rename to roles/kiwix/templates/kiwix-nginx.conf.j2 index 2c5f96f80..000a3dcc2 100644 --- a/roles/kiwix/templates/kiwix-nginx.conf +++ b/roles/kiwix/templates/kiwix-nginx.conf.j2 @@ -1,4 +1,4 @@ -location /kiwix { +location {{ kiwix_url }} { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_http_version 1.1; @@ -8,5 +8,4 @@ location /kiwix { proxy_read_timeout {{ kiwix_nginx_timeout }}; send_timeout {{ kiwix_nginx_timeout }}; proxy_pass http://127.0.0.1:3000; - } diff --git a/roles/kiwix/templates/kiwix-serve.service.j2 b/roles/kiwix/templates/kiwix-serve.service.j2 index 30157bbac..4a8462675 100644 --- a/roles/kiwix/templates/kiwix-serve.service.j2 +++ b/roles/kiwix/templates/kiwix-serve.service.j2 @@ -4,7 +4,7 @@ After=syslog.target network.target local-fs.target [Service] Type=forking -ExecStart={{ iiab_base }}/kiwix/bin/kiwix-serve --daemon --port {{ kiwix_port }} --nolibrarybutton --library {{ kiwix_library_xml }} --urlRootLocation={{ kiwix_url }} --threads {{ kiwix_threads }} +ExecStart={{ iiab_base }}/kiwix/bin/kiwix-serve --daemon --port {{ kiwix_port }} --nolibrarybutton --library {{ kiwix_library_xml }} --urlRootLocation={{ kiwix_url_plus_slash }} --threads {{ kiwix_threads }} TimeoutStartSec=180 Restart=on-abort RestartSec=5s diff --git a/roles/kiwix/templates/kiwix.conf.j2 b/roles/kiwix/templates/kiwix.conf.j2 index e37f6b517..41a35b4af 100644 --- a/roles/kiwix/templates/kiwix.conf.j2 +++ b/roles/kiwix/templates/kiwix.conf.j2 @@ -2,14 +2,14 @@ # 2018-08-31: FAILS to enable http://box/kiwix #RewriteEngine on -#RewriteRule ^{{ kiwix_url_without_slash }}$ {{ kiwix_url }} [R] +#RewriteRule ^{{ kiwix_url }}$ {{ kiwix_url_plus_slash }} [R] # 2018-08-31: SUCCEEDS in enabling http://box/kiwix -RedirectMatch ^{{ kiwix_url_without_slash }}$ {{ kiwix_url }} +RedirectMatch ^{{ kiwix_url }}$ {{ kiwix_url_plus_slash }} # 2018-08-31: SUCCEEDS in enabling http://box/kiwix/ & http://box/kiwix/zim & http://box/kiwix/zim/ #ProxyPreserveHost On -ProxyPass {{ kiwix_url }} http://127.0.0.1:{{ kiwix_port}}{{ kiwix_url }} +ProxyPass {{ kiwix_url }} http://127.0.0.1:{{ kiwix_port}}{{ kiwix_url_plus_slash }} # CLARIF: ProxyPassReverse rewrites internal links, that come back from Apache # proxy. Whereas e.g. calibre-web.conf (and others) use this, kiwix.conf does