external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

Merge pull request #466 from holta/master

Browse source 
make Ansible's 9 install stages understandable

closes #441
This commit is contained in:
A Holt 2017-10-27 08:34:34 -04:00 committed by GitHub
commit 712c68902f
46 changed files with 680 additions and 452 deletions
Download patch file Download diff file Expand all files Collapse all files

4
iiab-base.yml
View file

@ -8,6 +8,6 @@
- vars/local_vars.yml - vars/local_vars.yml
roles: roles:
- { role: 0-init, tags: ['init'] } - { role: 0-init, tags: ['0-init'] }
- { role: 1-prep, tags: ['prep','platform','base'] } - { role: 1-prep, tags: ['1-prep','platform','base'] }
- { role: openvpn, tags: ['openvpn'] } - { role: openvpn, tags: ['openvpn'] }

14
iiab-from-console.yml
View file

@ -9,10 +9,10 @@
- /etc/iiab/config_vars.yml - /etc/iiab/config_vars.yml
roles: roles:
- { role: 0-init, tags: ['init'] } - { role: 0-init, tags: ['0-init'] }
- { role: 4-server-options, tags: ['options'] } - { role: 4-server-options, tags: ['4-server-options'] }
- { role: 5-xo-services, tags: ['xo-services'] } - { role: 5-xo-services, tags: ['5-xo-services'] }
- { role: 6-generic-apps, tags: ['generic-apps'] } - { role: 6-generic-apps, tags: ['6-generic-apps'] }
- { role: 7-edu-apps, tags: ['edu-apps'] } - { role: 7-edu-apps, tags: ['7-edu-apps'] }
- { role: 8-mgmt-tools, tags: ['tools'] } - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
- { role: 9-local-addons, tags: ['addons'] } - { role: 9-local-addons, tags: ['9-local-addons'] }

20
iiab.yml
View file

@ -9,13 +9,13 @@
- /etc/iiab/config_vars.yml - /etc/iiab/config_vars.yml
roles: roles:
- { role: 0-init, tags: ['init'] } - { role: 0-init, tags: ['0-init'] }
- { role: 1-prep, tags: ['prep','platform','base'] } - { role: 1-prep, tags: ['1-prep','platform','base'] }
- { role: 2-common, tags: ['common','base'] } - { role: 2-common, tags: ['2-common','base'] }
- { role: 3-base-server, tags: ['base'] } - { role: 3-base-server, tags: ['3-base-server','base'] }
- { role: 4-server-options, tags: ['options'] } - { role: 4-server-options, tags: ['4-server-options'] }
# - { role: 5-xo-services, tags: ['xo-services'] } - { role: 5-xo-services, tags: ['5-xo-services'] }
- { role: 6-generic-apps, tags: ['generic-apps'] } - { role: 6-generic-apps, tags: ['6-generic-apps'] }
- { role: 7-edu-apps, tags: ['edu-apps'] } - { role: 7-edu-apps, tags: ['7-edu-apps'] }
- { role: 8-mgmt-tools, tags: ['tools'] } - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
- { role: 9-local-addons, tags: ['addons'] } - { role: 9-local-addons, tags: ['9-local-addons'] }

8
roles/0-init/tasks/main.yml
View file

@ -1,3 +1,8 @@
# Initialize
- name: ...IS BEGINNING ============================================
command: echo
- name: Determine if runansible was run - name: Determine if runansible was run
stat: path=/etc/iiab/iiab.env stat: path=/etc/iiab/iiab.env
register: NewInstall register: NewInstall
@ -13,3 +18,6 @@
when: first_run when: first_run
# Now load the computed vars # Now load the computed vars
- include: roles/1-prep/tasks/computed_vars.yml - include: roles/1-prep/tasks/computed_vars.yml
- name: ...HAS COMPLETED ===========================================
command: echo

5
roles/1-prep/README.rst
View file

@ -2,5 +2,6 @@
Prep README Prep README
=========== ===========
This role is a sort on init or startup. It includes preliminaries like hostname and is where things This role is primarily hardware-focused, prior to OS additions/mods. Traditionally it included
that are specific to a particular platform, such as the XO, are done before the bulk of the install. preliminaries like hostname and things specific to a particular platform, such as the XO laptop,
done before the bulk of the install.

14
roles/1-prep/tasks/computed_vars.yml
View file

@ -9,7 +9,7 @@
xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}' xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}'
phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}' phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}'
- name: Set exFAT enabled for XOs - name: Set exFAT enabled for XO laptops
set_fact: set_fact:
exFAT_enabled: True exFAT_enabled: True
when: xo_model != "none" when: xo_model != "none"
@ -88,7 +88,7 @@
gui_port: 443 gui_port: 443
when: adm_cons_force_ssl when: adm_cons_force_ssl
- name: Turn on mysql if elgg or rachel enabled - name: Require MySQL to be on
set_fact: set_fact:
mysql_install: True mysql_install: True
mysql_enabled: True mysql_enabled: True
@ -104,13 +104,13 @@
# when: sugarizer_enabled # when: sugarizer_enabled
# There might be other db's # There might be other db's
- name: Turn on postgresql if moodle or pathagar enabled - name: Turn on PostgreSQL if Moodle or Pathagar enabled
set_fact: set_fact:
postgresql_install: True postgresql_install: True
postgresql_enabled: True postgresql_enabled: True
when: moodle_enabled or pathagar_enabled when: moodle_enabled or pathagar_enabled
- name: Turn on docker if schooltool is to be installed - name: Turn on Docker if SchoolTool is to be installed
set_fact: set_fact:
docker_install: True docker_install: True
docker_enabled: True docker_enabled: True
@ -130,18 +130,18 @@
# but 'mariadb', which is its real name can # but 'mariadb', which is its real name can
# on fedora 18 we need to use 'mysqld' # on fedora 18 we need to use 'mysqld'
- name: Set mysqld service name to mariadb by default - name: Set mysqld_service to mariadb by default
set_fact: set_fact:
mysql_service: mariadb mysql_service: mariadb
- name: Set mysqld service name to mysqld for fedora 18 - name: Set mysqld_service to mysqld for Fedora 18
set_fact: set_fact:
mysql_service: mysqld mysql_service: mysqld
no_NM_reload: True no_NM_reload: True
is_F18: True is_F18: True
when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
- name: Set mysql service name to mysql for debian - name: Set mysql_service to mysql for Debian
set_fact: set_fact:
mysql_service: mysql mysql_service: mysql
when: is_debuntu when: is_debuntu

8
roles/1-prep/tasks/main.yml
View file

@ -1,3 +1,8 @@
# Preparations (Hardware Level)
- name: ...IS BEGINNING ============================================
command: echo
- name: get the uuidgen program - name: get the uuidgen program
package: name=uuid-runtime package: name=uuid-runtime
state=present state=present
@ -82,3 +87,6 @@
get_url: dest=/lib/firmware get_url: dest=/lib/firmware
url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode
when: first_run and usb_NUC6.stdout|int > 0 when: first_run and usb_NUC6.stdout|int > 0
- name: ...HAS COMPLETED ===========================================
command: echo

9
roles/2-common/tasks/main.yml
View file

@ -1,7 +1,11 @@
# Common OS-Level Additions & Mods (that only need to be performed once)
- name: ...IS BEGINNING ==========================================
command: echo
#- include: iiab_ini.yml #- include: iiab_ini.yml
# create the directory structure for XSCE # create the directory structure for IIAB
- include: fl.yml - include: fl.yml
- include: xo.yml - include: xo.yml
@ -43,3 +47,6 @@
when: not is_debuntu and not is_F18 when: not is_debuntu and not is_F18
- include: udev.yml - include: udev.yml
- name: ...HAS COMPLETED =========================================
command: echo

3
roles/3-base-server/README.rst
View file

@ -6,7 +6,6 @@ This role is a place to aggregate roles that are required to create a basic web
The functionality here is not packages that are not directly consumed by users, which are in common, The functionality here is not packages that are not directly consumed by users, which are in common,
nor specific applications, such as those found in the apps and tools roles. nor specific applications, such as those found in the apps and tools roles.
The difference between this aggregate and server-options is that the roles here are required. The difference between this aggregate (3-base-server) and 4-server-options is that the roles here are required.
Eventually a graphical configuration console will be added here. Eventually a graphical configuration console will be added here.

3
roles/3-base-server/meta/main.yml
View file

@ -1,3 +0,0 @@
dependencies:
- { role: httpd, tags: ['services','httpd','base'] }
- { role: iiab-admin, tags: ['services','iiab-admin','base'] }

20
roles/3-base-server/tasks/main.yml
View file

@ -1,3 +1,20 @@
# Base Server
- name: ...IS BEGINNING =====================================
command: echo
- name: HTTPD
include_role:
name: httpd
# has no "when: XXXXX_install" flag
tags: base, httpd
- name: IIAB-ADMIN
include_role:
name: iiab-admin
# has no "when: XXXXX_install" flag
tags: base, iiab-admin
- name: Make sure there is a content directory - name: Make sure there is a content directory
file: dest={{ doc_root }}/local_content file: dest={{ doc_root }}/local_content
state=directory state=directory
@ -16,3 +33,6 @@
# regexp='^BASE_VERSION=*' # regexp='^BASE_VERSION=*'
# line='BASE_VERSION="{{ gui_version }}"' # line='BASE_VERSION="{{ gui_version }}"'
# state=present # state=present
- name: ...HAS COMPLETED ====================================
command: echo

10
roles/4-server-options/meta/main.yml
View file

@ -1,10 +0,0 @@
dependencies:
- { role: home-page, tags: ['home-page'] }
- { role: sshd, tags: ['services','sshd','base'] }
- { role: network, tags: ['services','base','network'] }
- { role: postgresql, tags: ['services','postgresql','base'], when: postgresql_install }
- { role: authserver, tags: ['services','authserver','base'], when: authserver_install }
- { role: openvpn, tags: ['options','openvpn'], when: openvpn_install }
- { role: samba, tags: ['services','samba','options'], when: samba_install }
- { role: usb-lib, tags: ['services','usb-lib','options'], when: usb_lib_install }
- { role: cups, tags: ['services','cups','options'], when: cups_install }

77
roles/4-server-options/tasks/main.yml
View file

@ -1,5 +1,55 @@
- name: Server Options Installed # Server Options
command: echo Server Options Installed
- name: ...IS BEGINNING ==================================
command: echo
- name: SSHD
include_role:
name: sshd
# has no "when: XXXXX_install" flag
tags: base, sshd
- name: OPENVPN
include_role:
name: openvpn
when: openvpn_install
tags: openvpn
- name: NETWORK
include_role:
name: network
# has no "when: XXXXX_install" flag
tags: base, network
- name: HOMEPAGE
include_role:
name: homepage
# has no "when: XXXXX_install" flag
tags: base, homepage
- name: AUTHSERVER
include_role:
name: authserver
when: authserver_install
tags: olpc, authserver
- name: CUPS
include_role:
name: cups
when: cups_install
tags: cups
- name: SAMBA
include_role:
name: samba
when: samba_install
tags: samba
- name: USB-LIB
include_role:
name: usb-lib
when: usb_lib_install
tags: usb-lib
# this script can be sourced to get iiab location # this script can be sourced to get iiab location
- name: Create iiab.env file - name: Create iiab.env file
@ -17,24 +67,5 @@
command: /usr/bin/iiab-refresh-wiki-docs command: /usr/bin/iiab-refresh-wiki-docs
when: not nodocs when: not nodocs
- name: Stop postgresql service - name: ...HAS COMPLETED =================================
command: "/etc/init.d/postgresql stop" command: echo
ignore_errors: True
when: postgresql_install and is_debuntu
- name: Start postgresql service
service: name=postgresql-iiab
state=restarted
enabled=yes
when: postgresql_enabled
- name: Stop authserver service
service: name=xs-authserver
state=stopped
enabled=no
when: not authserver_enabled and authserver_install
- name: Start xs-authserver service
service: name=xs-authserver
state=restarted
when: authserver_enabled

3
roles/5-xo-services/README.rst
View file

@ -2,5 +2,4 @@
XO Services README XO Services README
================== ==================
This role is a place to aggregate roles that provide XO specific services. This role is a place to aggregate roles that provide specific services for One Laptop Per Child's XO laptops.

4
roles/5-xo-services/meta/main.yml
View file

@ -1,4 +0,0 @@
dependencies:
- { role: ejabberd_xs, tags: ['olpc','ejabberd-xs','xo-services'], when: ejabberd_xs_install }
- { role: idmgr, tags: ['olpc','idmgr','xo-services'], when: idmgr_install }
- { role: activity-server, tags: ['olpc','activity-server','xo-services'], when: activity_server_install }

26
roles/5-xo-services/tasks/main.yml
View file

@ -1,3 +1,25 @@
- name: XO Services Installed # XO Services
command: echo XO Services Installed
- name: ...IS BEGINNING =====================================
command: echo
- name: ACTIVITY-SERVER
include_role:
name: activity-server
when: activity_server_install
tags: olpc, activity-server
- name: EJABBERD_XS
include_role:
name: ejabberd_xs
when: ejabberd_xs_install
tags: olpc, ejabberd-xs
- name: IDMGR
include_role:
name: idmgr
when: idmgr_install
tags: olpc, idmgr
- name: ...HAS COMPLETED ====================================
command: echo

6
roles/6-generic-apps/README.rst
View file

@ -2,6 +2,6 @@
Generic Apps README Generic Apps README
=================== ===================
This role is a place to aggregate roles that install apps of a more generic nature, as opposed to educational or managment. This role is a place to aggregate roles that install apps of a more generic or collaborative nature,
Content Management Systems or Chat or Wiki applications would go here. as opposed to educational or managment. Content Management Systems or Chat or Wiki applications
would go here.

9
roles/6-generic-apps/meta/main.yml
View file

@ -1,9 +0,0 @@
dependencies:
- { role: mysql, tags: ['generic','mysql'], when: mysql_install }
- { role: elgg, tags: ['generic','elgg'], when: elgg_install }
- { role: owncloud, tags: ['generic','owncloud'], when: owncloud_install }
- { role: nextcloud, tags: ['generic','nextcloud'], when: nextcloud_install }
- { role: dokuwiki, tags: ['generic','dokuwiki'], when: dokuwiki_install }
- { role: wordpress, tags: ['generic','wordpress'], when: wordpress_install }
- { role: calibre, tags: ['generic','calibre'], when: calibre_install }
- { role: ejabberd, tags: ['generic','ejabberd'], when: ejabberd_install }

50
roles/6-generic-apps/tasks/main.yml
View file

@ -1,3 +1,49 @@
- name: Generic Apps Installed # Generic Apps
command: echo Generic Apps Installed
- name: ...IS BEGINNING ====================================
command: echo
- name: CALIBRE
include_role:
name: calibre
when: calibre_install
tags: calibre
- name: DOKUWIKI
include_role:
name: dokuwiki
when: dokuwiki_install
tags: dokuwiki
- name: ELGG
include_role:
name: elgg
when: elgg_install
tags: elgg
- name: EJABBERD
include_role:
name: ejabberd
when: ejabberd_install
tags: ejabberd
- name: NEXTCLOUD
include_role:
name: nextcloud
when: nextcloud_install
tags: nextcloud
- name: OWNCLOUD
include_role:
name: owncloud
when: owncloud_install
tags: owncloud
- name: WORDPRESS
include_role:
name: wordpress
when: wordpress_install
tags: wordpress
- name: ...HAS COMPLETED ===================================
command: echo

9
roles/7-edu-apps/meta/main.yml
View file

@ -1,9 +0,0 @@
dependencies:
- { role: moodle, tags: ['olpc','moodle','edu-apps'], when: moodle_install }
- { role: osm, tags: ['osm','edu-apps'], when: osm_install }
- { role: pathagar, tags: ['pathagar','edu-apps'], when: pathagar_install }
- { role: rachel, tags: ['rachel','edu-apps'], when: rachel_install }
- { role: kalite, tags: ['kalite','edu-apps'], when: kalite_install }
- { role: kiwix, tags: ['kiwix','edu-apps'], when: kiwix_install }
- { role: sugarizer, tags: ['sugarizer','edu-apps'], when: sugarizer_install }
# - { role: debian_schooltool, tags: ['schooltool','debian_schooltool','edu-apps'], when: debian_schooltool_install and is_debuntu }

44
roles/7-edu-apps/tasks/main.yml
View file

@ -1,3 +1,43 @@
- name: Educational Apps and Content Installed # Educational Apps
command: echo Educational Apps and Content Installed
- name: ...IS BEGINNING ========================================
command: echo
- name: KALITE
include_role:
name: kalite
when: kalite_install
tags: kalite
- name: KIWIX
include_role:
name: kiwix
when: kiwix_install
tags: kiwix
- name: MOODLE
include_role:
name: moodle
when: moodle_install
tags: olpc, moodle
- name: OSM
include_role:
name: osm
when: osm_install
tags: osm
- name: PATHAGAR
include_role:
name: pathagar
when: pathagar_install
tags: pathagar
- name: SUGARIZER
include_role:
name: sugarizer
when: sugarizer_install
tags: sugarizer
- name: ...HAS COMPLETED =======================================
command: echo

10
roles/8-mgmt-tools/meta/main.yml
View file

@ -1,10 +0,0 @@
dependencies:
# - { role: sugar-stats, tags: ['olpc','sugar-stats','tools'], when: sugar_stats_install and ansible_distribution != "CentOS" }
# - { role: ajenti, tags: ['services','ajenti','tools'], when: ajenti_install }
- { role: munin, tags: ['services','munin','tools'], when: munin_install }
- { role: monit, tags: ['services','monit','tools'], when: monit_install }
- { role: vnstat, tags: ['services','vnstat','tools'], when: vnstat_install }
# - { role: xovis, tags: ['services','xovis','tools'], when: xovis_install and ansible_distribution != "CentOS" }
- { role: phpmyadmin, tags: ['services','phpmyadmin','tools'], when: phpmyadmin_install }
- { role: awstats, tags: ['services','awstats','tools'], when: awstats_install }
- { role: teamviewer, tags: ['services','teamviewer','tools'], when: teamviewer_install }

56
roles/8-mgmt-tools/tasks/main.yml
View file

@ -1,3 +1,55 @@
- name: Assessment and Monitoring Tools Installed # Assessment and Monitoring Tools
command: echo Assessment and Monitoring Tools Installed
- name: ...IS BEGINNING ======================================
command: echo
- name: AWSTATS
include_role:
name: awstats
when: awstats_install
tags: awstats
- name: MONIT
include_role:
name: monit
when: monit_install
tags: monit
- name: MUNIN
include_role:
name: munin
when: munin_install
tags: munin
- name: PHPMYADMIN
include_role:
name: phpmyadmin
when: phpmyadmin_install
tags: phpmyadmin
- name: SUGAR-STATS
include_role:
name: sugar-stats
when: sugar_stats_install and ansible_distribution != "CentOS"
tags: olpc, sugar-stats
- name: TEAMVIEWER
include_role:
name: teamviewer
when: teamviewer_install
tags: teamviewer
- name: VNSTAT
include_role:
name: vnstat
when: vnstat_install
tags: vnstat
- name: XOVIS
include_role:
name: xovis
when: xovis_install and ansible_distribution != "CentOS"
tags: xovis
- name: ...HAS COMPLETED =====================================
command: echo

6
roles/9-local-addons/README.rst
View file

@ -7,15 +7,15 @@ This role is a place to aggregate roles developed by various contributors or loc
Development Development
----------- -----------
Create the role you wish to add to the XSCE School Server by following the pattern of another role or any other means. Create the role you wish to add to Internet-in-a-Box by following the pattern of another role or any other means.
Packaging Packaging
--------- ---------
Add your role into the main.yml file in the meta directory of the 7-local-addons role. It will now get installed as part of Add your role into the main.yml file in the tasks directory of the 9-local-addons role. It will now get installed as part of
the next ansible run. the next ansible run.
More Info More Info
--------- ---------
Have a look at the docs section of this git repo for more detailed information. Have a look at https://github.com/iiab/iiab/wiki/IIAB-Architecture (offline at http://box/info/IIAB-Architecture.html) for more detailed information.

2
roles/9-local-addons/meta/main.yml
View file

@ -1,2 +0,0 @@
# Add your role to this list and then uncomment dependencies. Adding a tag is handy for testing.
#dependencies:

8
roles/9-local-addons/tasks/main.yml
View file

@ -1,3 +1,7 @@
- name: Addon services installed # Local Add-ons
command: echo Addon services installed
- name: ...IS BEGINNING ====================================
command: echo
- name: ...HAS COMPLETED ===================================
command: echo

9
roles/authserver/tasks/main.yml
View file

@ -38,8 +38,15 @@
environment: environment:
XS_AUTHSERVER_DATABASE: /var/lib/xs-authserver/data.db XS_AUTHSERVER_DATABASE: /var/lib/xs-authserver/data.db
- name: Enable xs-authserver service - name: Stop authserver service
service: name=xs-authserver service: name=xs-authserver
state=stopped
enabled=no
when: not authserver_enabled
- name: Start xs-authserver service
service: name=xs-authserver
state=restarted
enabled=yes enabled=yes
when: authserver_enabled when: authserver_enabled

22
roles/awstats/tasks/install.yml
View file

@ -1,4 +1,4 @@
- name: Install awstats package - name: Install AWStats package
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -8,7 +8,7 @@
tags: tags:
- download - download
- name: Install awstats package - name: Install AWStats package
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -22,7 +22,7 @@
command: a2enmod cgi command: a2enmod cgi
when: is_debuntu when: is_debuntu
- name: Create directory for awstat to use as intermediate summary storage - name: Create directory for AWStats to use as intermediate summary storage
file: path={{ item }} file: path={{ item }}
mode=0750 mode=0750
owner={{ apache_user }} owner={{ apache_user }}
@ -33,7 +33,7 @@
- "{{ awstats_data_dir }}" - "{{ awstats_data_dir }}"
- "{{ apache_log_dir }}" - "{{ apache_log_dir }}"
- name: Install the Apache config for Advanced Web Statistics - name: Install the Apache config for AWStats
template: src=apache.conf template: src=apache.conf
dest=/etc/{{ apache_config_dir }}/awstats.conf dest=/etc/{{ apache_config_dir }}/awstats.conf
owner=root owner=root
@ -41,7 +41,7 @@
mode=0644 mode=0644
when: awstats_enabled and is_debuntu when: awstats_enabled and is_debuntu
- name: Install the Apache config for Advanced Web Statistics - name: Install the Apache config for AWStats
template: src=apache-awstats.conf template: src=apache-awstats.conf
dest=/etc/{{ apache_config_dir }}/awstats.conf dest=/etc/{{ apache_config_dir }}/awstats.conf
owner=root owner=root
@ -63,18 +63,18 @@
command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist
when: awstats.stat.islnk is defined and not awstats.stat.islnk when: awstats.stat.islnk is defined and not awstats.stat.islnk
- name: Enable Awstats - name: Enable AWStats
file: src=/etc/apache2/sites-available/awstats.conf file: src=/etc/apache2/sites-available/awstats.conf
path=/etc/apache2/sites-enabled/awstats.conf path=/etc/apache2/sites-enabled/awstats.conf
state=link state=link
when: awstats_enabled and is_debuntu when: awstats_enabled and is_debuntu
- name: Disable Awstats - name: Disable AWStats
file: path=/etc/apache2/sites-enabled/awstats.conf file: path=/etc/apache2/sites-enabled/awstats.conf
state=absent state=absent
when: not awstats_enabled and is_debuntu when: not awstats_enabled and is_debuntu
- name: Install the awstats config for Advanced Web Statistics - name: Install the AWStats config
template: src=awstats.schoolserver.conf.j2 template: src=awstats.schoolserver.conf.j2
dest=/etc/awstats/awstats.schoolserver.conf dest=/etc/awstats/awstats.schoolserver.conf
owner=root owner=root
@ -82,16 +82,16 @@
mode=0644 mode=0644
when: awstats_enabled when: awstats_enabled
- name: Create a symbolic link to use when access is by ip address - name: Create a symbolic link to use when access is by IP address
file: src=/etc/awstats/awstats.schoolserver.conf file: src=/etc/awstats/awstats.schoolserver.conf
dest=/etc/awstats/awstats.conf dest=/etc/awstats/awstats.conf
state=link state=link
when: awstats_enabled when: awstats_enabled
- name: On first enabling of awstats, summarize httpd logs up to now - name: On first enabling of AWStats, summarize httpd logs up to now
shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update
when: awstats_enabled and not is_debuntu when: awstats_enabled and not is_debuntu
- name: On first enabling of awstats, summarize httpd logs up to now - name: On first enabling of AWStats, summarize httpd logs up to now
shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update
when: awstats_enabled and is_debuntu when: awstats_enabled and is_debuntu

4
roles/awstats/tasks/main.yml
View file

@ -1,7 +1,7 @@
- include: install.yml - include: install.yml
when: awstats_install when: awstats_install
- name: Add awstats to service list - name: Add AWStats to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=awstats section=awstats
option='{{ item.option }}' option='{{ item.option }}'
@ -10,7 +10,7 @@
- option: name - option: name
value: awstats value: awstats
- option: description - option: description
value: '"Awstats is Advanced Web Statistics package written in perl which generates static or dynamic html summaries based upon web server logs"' value: '"AWStats is Advanced Web Statistics package written in Perl which generates static or dynamic html summaries based upon web server logs"'
- option: installed - option: installed
value: "{{ awstats_install }}" value: "{{ awstats_install }}"
- option: enabled - option: enabled

4
roles/cups/tasks/main.yml
View file

@ -31,7 +31,7 @@
- cups-browsed - cups-browsed
when: cups_enabled and not is_F18 when: cups_enabled and not is_F18
- name: Enable services for cups for xo's - name: Enable services for cups for XO laptops
service: name=cups service: name=cups
state=started state=started
enabled=yes enabled=yes
@ -50,7 +50,7 @@
- cups-browsed - cups-browsed
when: not cups_enabled and not is_F18 when: not cups_enabled and not is_F18
- name: Disable services for cups for xo's - name: Disable services for cups for XO laptops
service: name=cups service: name=cups
state=stopped state=stopped
enabled=no enabled=no

16
roles/home-page/tasks/main.yml
View file

@ -1,16 +0,0 @@
- name: Create home directory
file: path={{ doc_root }}/home
mode=0755
owner={{ apache_user }}
group={{ apache_user }}
state=directory
- name: Install admin home page into apache2
template: src=iiab-home-page.conf
dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf
- name: Enable the home page
file: src=/etc/{{ apache_config_dir }}/iiab-home-page.conf
dest=/etc/apache2/sites-enabled/iiab-home-page.conf
state=link
when: is_debuntu

16
roles/homepage/tasks/main.yml Normal file
View file

@ -0,0 +1,16 @@
- name: Create home directory
file: path={{ doc_root }}/home
mode=0755
owner={{ apache_user }}
group={{ apache_user }}
state=directory
- name: Install admin homepage into apache2
template: src=iiab-homepage.conf
dest=/etc/{{ apache_config_dir }}/iiab-homepage.conf
- name: Enable the home page
file: src=/etc/{{ apache_config_dir }}/iiab-homepage.conf
dest=/etc/apache2/sites-enabled/iiab-homepage.conf
state=link
when: is_debuntu

6
roles/home-page/templates/iiab-home-page.conf → roles/homepage/templates/iiab-homepage.conf
View file

@ -1,9 +1,9 @@
# XSCE Home Page # IIAB Home Page
# Redirect to home page on School Server # Redirect to home page on School Server
# Default is xs-portal # Default [was] xs-portal [and is now generally] home
# RedirectMatch of root to home page # RedirectMatch of root to homepage
# See the note in default_vars.yml # See the note in default_vars.yml
RedirectMatch ^/$ {{ iiab_home_url }} RedirectMatch ^/$ {{ iiab_home_url }}

2
roles/httpd/tasks/main.yml
View file

@ -146,7 +146,7 @@
tags: tags:
- base - base
- name: place the script to generate home pages - name: place the script to generate homepages
template: src=refresh-wiki-docs.sh template: src=refresh-wiki-docs.sh
dest=/usr/bin/iiab-refresh-wiki-docs dest=/usr/bin/iiab-refresh-wiki-docs
mode=0755 mode=0755

2
roles/mysql/defaults/main.yml
View file

@ -1,4 +1,2 @@
phpMyAdmin: "phpMyAdmin-4.2.7.1-all-languages.zip"
mysql_install: True mysql_install: True
mysql_enabled: False mysql_enabled: False
phpmyadmin_enabled: False

39
roles/openvpn/tasks/main.yml
View file

@ -1,6 +1,6 @@
--- ---
- name: Install openvpn packages - name: Install OpenVPN packages
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -27,7 +27,7 @@
file: path=/usr/lib/iiab file: path=/usr/lib/iiab
state=directory state=directory
- name: Configure openvpn - name: Configure OpenVPN
template: src={{ item.src }} template: src={{ item.src }}
dest={{ item.dest }} dest={{ item.dest }}
owner={{ item.owner }} owner={{ item.owner }}
@ -49,59 +49,60 @@
- { src: 'iiab-remote-on', dest: '/usr/bin/iiab-remote-on', owner: "root" , mode: '0755' } - { src: 'iiab-remote-on', dest: '/usr/bin/iiab-remote-on', owner: "root" , mode: '0755' }
- { src: 'iiab-remote-off', dest: '/usr/bin/iiab-remote-off', owner: "root" , mode: '0755' } - { src: 'iiab-remote-off', dest: '/usr/bin/iiab-remote-off', owner: "root" , mode: '0755' }
- name: put up_wan in place for debian - name: Put up_wan in place for Debian
template: src=up_wan dest=/usr/lib/iiab/up_wan template: src=up_wan dest=/usr/lib/iiab/up_wan
when: is_debuntu when: is_debuntu
- name: put dispatcher up for NM - name: Put dispatcher up for NM
template: src=15-openvpn dest=/etc/NetworkManager/dispatcher.d/ template: src=15-openvpn dest=/etc/NetworkManager/dispatcher.d/
when: not is_debuntu when: not is_debuntu
- name: check for manually configured openvpn tunnel - name: Check for manually configured OpenVPN tunnel
stat: path=/etc/openvpn/iiab-vpn.conf stat: path=/etc/openvpn/iiab-vpn.conf
register: stat register: stat
# note that ansible does not currently handle @ in a service name # note that ansible does not currently handle @ in a service name
- name: enable the openvpn tunnel at boot time - name: Enable the OpenVPN tunnel at boot time
shell: systemctl enable openvpn@xscenet.service shell: systemctl enable openvpn@xscenet.service
when: openvpn_enabled and not stat.exists is defined and is_debuntu when: openvpn_enabled and not stat.exists is defined and is_debuntu
- name: enable the openvpn tunnel at boot time for Debian - name: Enable the OpenVPN tunnel at boot time for Debian
shell: update-rc.d openvpn enable shell: update-rc.d openvpn enable
when: openvpn_enabled and not stat.exists is defined and is_debuntu when: openvpn_enabled and not stat.exists is defined and is_debuntu
- name: start the openvpn tunnel now - name: Start the OpenVPN tunnel now
shell: systemctl start openvpn@xscenet.service shell: systemctl start openvpn@xscenet.service
when: openvpn_enabled and not stat.exists is defined and not installing when: openvpn_enabled and not stat.exists is defined and not installing
- name: make openvpn connection automatic
- name: Make OpenVPN connection automatic
lineinfile: dest=/etc/crontab lineinfile: dest=/etc/crontab
line="25 * * * * root (/usr/bin/systemctl start openvpn@xscenet.service) > /dev/null" line="25 * * * * root (/usr/bin/systemctl start openvpn@xscenet.service) > /dev/null"
when: when: openvpn_enabled and openvpn_cron_enabled and not stat.exists is defined
openvpn_enabled and openvpn_cron_enabled and not stat.exists is defined
- name: make openvpn connection manual - name: Make OpenVPN connection manual
lineinfile: dest=/etc/crontab lineinfile: dest=/etc/crontab
regexp=".*/usr/bin/systemctl*" regexp=".*/usr/bin/systemctl*"
state=absent state=absent
when: when: not openvpn_enabled or not openvpn_cron_enabled
not openvpn_enabled or not openvpn_cron_enabled
- name: stop starting the openvpn tunnel at boot time - name: Stop starting the OpenVPN tunnel at boot time
shell: systemctl disable openvpn@xscenet.service shell: systemctl disable openvpn@xscenet.service
when: not openvpn_enabled and not is_debuntu when: not openvpn_enabled and not is_debuntu
- name: stop starting the openvpn tunnel at boot time for Debian - name: Stop starting the OpenVPN tunnel at boot time for Debian
shell: update-rc.d openvpn disable shell: update-rc.d openvpn disable
when: not openvpn_enabled and is_debuntu when: not openvpn_enabled and is_debuntu
- name: stop openvpn tunnel immediately - name: Stop OpenVPN tunnel immediately
shell: systemctl stop openvpn@xscenet.service shell: systemctl stop openvpn@xscenet.service
ignore_errors: True ignore_errors: True
when: not openvpn_enabled and not installing when: not openvpn_enabled and not installing
- name: Add openvpn to service list
- name: Add OpenVPN to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=openvpn section=openvpn
option='{{ item.option }}' option='{{ item.option }}'
@ -110,7 +111,7 @@
- option: name - option: name
value: "openvpn" value: "openvpn"
- option: description - option: description
value: '"Openvpn is a means of Contacting a server anywhere on the internet via a middleman server"' value: '"OpenVPN is a means of connecting to a server anywhere on the internet via a middleman server"'
- option: middleman_url - option: middleman_url
value: "{{ vpn_presence }}" value: "{{ vpn_presence }}"
- option: port - option: port

16
roles/osm/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Install IIAB required packages - name: Install OSM required packages
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -9,7 +9,7 @@
- libapache2-mod-xsendfile - libapache2-mod-xsendfile
when: is_debuntu when: is_debuntu
- name: Install IIAB required packages - name: Install OSM required packages
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -21,7 +21,7 @@
- mod_xsendfile - mod_xsendfile
when: not is_debuntu when: not is_debuntu
# IIAB wants a specific version do that first # OSM wants a specific version do that first
- name: Install Whoosh 2.6 - name: Install Whoosh 2.6
pip: name=whoosh pip: name=whoosh
virtualenv={{ osm_venv }} virtualenv={{ osm_venv }}
@ -30,7 +30,7 @@
extra_args="--no-cache-dir" extra_args="--no-cache-dir"
when: internet_available and is_debuntu when: internet_available and is_debuntu
- name: Install IIAB with dependencies - name: Install OSM with dependencies
pip: name={{ item }} pip: name={{ item }}
virtualenv={{ osm_venv }} virtualenv={{ osm_venv }}
virtualenv_site_packages=no virtualenv_site_packages=no
@ -41,7 +41,7 @@
- Internet-in-a-Box - Internet-in-a-Box
when: internet_available and is_debuntu when: internet_available and is_debuntu
# IIAB wants a specific version do that first # OSM wants a specific version do that first
- name: Install Whoosh 2.6 - name: Install Whoosh 2.6
pip: name=whoosh pip: name=whoosh
virtualenv={{ osm_venv }} virtualenv={{ osm_venv }}
@ -50,7 +50,7 @@
# extra_args="--no-cache-dir" # extra_args="--no-cache-dir"
when: internet_available and not is_debuntu when: internet_available and not is_debuntu
- name: Install IIAB with dependencies - name: Install OSM with dependencies
pip: name={{ item }} pip: name={{ item }}
virtualenv={{ osm_venv }} virtualenv={{ osm_venv }}
virtualenv_site_packages=no virtualenv_site_packages=no
@ -77,7 +77,7 @@
line="path_to_virtualenv = '/usr/local/osm'" line="path_to_virtualenv = '/usr/local/osm'"
state=present state=present
- name: All - Copy IIAB config file - name: All - Copy OSM config file
template: backup=no template: backup=no
src=osm.conf.j2 src=osm.conf.j2
dest=/etc/{{ apache_config_dir }}/osm.conf dest=/etc/{{ apache_config_dir }}/osm.conf
@ -137,7 +137,7 @@
service: name={{ apache_service }} service: name={{ apache_service }}
state=restarted state=restarted
- name: add osm to service list - name: Add OSM to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=osm section=osm
option='{{ item.option }}' option='{{ item.option }}'

3
roles/phpmyadmin/defaults/main.yml
View file

@ -1,2 +1,3 @@
phpmyadmin_install: True phpmyadmin_install: False
phpmyadmin_enabled: False phpmyadmin_enabled: False
phpMyAdmin: "phpMyAdmin-4.7.5-all-languages.zip"

2
roles/phpmyadmin/tasks/main.yml
View file

@ -6,7 +6,7 @@
unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/ unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/
- name: Create a symbolic link to the folder of the current version phpmyadmin - name: Create a symbolic link to the folder of the current version phpmyadmin
file: path=/opt/phpmyadmin src=phpMyAdmin-4.2.7.1-all-languages state=link file: path=/opt/phpmyadmin src=phpMyAdmin-4.7.5-all-languages state=link
- name: Copy the phpmyadmin config file into place - name: Copy the phpmyadmin config file into place
template: src=config.inc.php dest=/opt/phpmyadmin/config.inc.php template: src=config.inc.php dest=/opt/phpmyadmin/config.inc.php

11
roles/postgresql/tasks/main.yml
View file

@ -64,6 +64,11 @@
group=postgres group=postgres
mode=0640 mode=0640
- name: Stop postgresql service
command: "/etc/init.d/postgresql stop"
ignore_errors: True
when: postgresql_install and is_debuntu
- name: Stop and disable stock postgresql service - name: Stop and disable stock postgresql service
service: name=postgresql service: name=postgresql
state=stopped state=stopped
@ -75,6 +80,12 @@
enabled=yes enabled=yes
when: postgresql_enabled when: postgresql_enabled
- name: Stop and disable postgresql-iiab service
service: name=postgresql
state=stopped
enabled=no
when: not postgresql_enabled
- name: Add postgresql to service list - name: Add postgresql to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=postgresql section=postgresql

4
runtags
View file

@ -35,7 +35,7 @@ found="N"
for tag in $tags for tag in $tags
do do
if [ "$tag" == "init" ] if [ "$tag" == "0-init" ]
then then
found="Y" found="Y"
fi fi
@ -47,7 +47,7 @@ taglist=$1
if [ "$found" == "N" ] if [ "$found" == "N" ]
then then
taglist="init,"$taglist taglist="0-init,"$taglist
fi fi
export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log"

412
vars/default_vars.yml
View file

@ -38,24 +38,17 @@ language_priority: en es
# Time Zone (php needs timezone to be set) # Time Zone (php needs timezone to be set)
local_tz: "{{ ansible_date_time.tz }}" local_tz: "{{ ansible_date_time.tz }}"
# Network Parameters # Read https://github.com/iiab/iiab/wiki/IIAB-Networking
# Also readable offline @ http://box/info/IIAB-Networking.html
# NETWORK PARAMETERS FOLLOW ACROSS THE NEXT 60 LINES, as enabled by Ansible's
# NETWORK role (/opt/iiab/iiab/roles/network/*) in 4-SERVER-OPTIONS.
iiab_hostname: box iiab_hostname: box
iiab_domain: lan iiab_domain: lan
lan_ip: 172.18.96.1 lan_ip: 172.18.96.1
lan_netmask: 255.255.224.0 lan_netmask: 255.255.224.0
# Read https://github.com/iiab/iiab/wiki/IIAB-Networking
# Also readable offline @ http://box/info/IIAB-Networking.html
# Gateway mode
iiab_lan_enabled: True
iiab_wan_enabled: True
ssh_port: 22
gui_wan: True
adm_cons_force_ssl: False
adm_cons_allow_downloads: False
# Internal Wi-Fi Access Point # Internal Wi-Fi Access Point
# Values are used if there is an internal Wi-Fi adapter and hostapd is enabled # Values are used if there is an internal Wi-Fi adapter and hostapd is enabled
# The platform variable adapts install to specific hardware (raspberry pi=rpi2) # The platform variable adapts install to specific hardware (raspberry pi=rpi2)
@ -66,32 +59,18 @@ host_channel: 6
hostapd_secure: False hostapd_secure: False
hostapd_password: changeme hostapd_password: changeme
# Intended for developers # Gateway mode
exFAT_enabled: False iiab_lan_enabled: True
user_wan_iface: auto iiab_wan_enabled: True
user_lan_iface: auto ssh_port: 22
wan_ip: dhcp gui_wan: True
wan_netmask: adm_cons_force_ssl: False
wan_gateway: adm_cons_allow_downloads: False
wan_nameserver:
#only change these if you know what you are doing
# Parameters by Aggregate Roles # Gateway and Filters
# Each Role must have the following variables which are either True or False: iiab_gateway_enabled: True
# <role-name>_install gw_squid_whitelist: False
# <role-name>_enabled gw_block_https: False
# Our current convention is to install everything in all aggregates
# And to enable everything in 1-PREP, 2-COMMON, and 3-BASE
# 1-PREP
# 2-COMMON
# 3-BASE-SERVER
# Apache
allow_apache_sudo: False
# dhcpd # dhcpd
dhcpd_install: True dhcpd_install: True
@ -102,35 +81,68 @@ named_install: True
named_enabled: True named_enabled: True
block_DNS: False block_DNS: False
# DansGuardian
dansguardian_install: False
dansguardian_enabled: False
# Squid # Squid
squid_install: False squid_install: False
squid_enabled: False squid_enabled: False
# DansGuardian
dansguardian_install: False
dansguardian_enabled: False
# Wonder Shaper # Wonder Shaper
# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 # Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382
wondershaper_install: False wondershaper_install: False
wondershaper_enabled: False wondershaper_enabled: False
# Gateway and Filters # Intended for developers
gw_squid_whitelist: False user_wan_iface: auto
gw_block_https: False user_lan_iface: auto
iiab_gateway_enabled: True wan_ip: dhcp
wan_netmask:
wan_gateway:
wan_nameserver:
exFAT_enabled: False
#only change these if you know what you are doing
# Home page # Parameters by Aggregate Roles
# Default to the gui where the selection is made or override in local_vars.yml # Each Role must have the following variables which are either True or False:
iiab_home_url: /home # <role-name>_install
# <role-name>_enabled
# You can change iiab_home_url in local_vars.yml in order to get a different home page. # Our past convention was to install everything in all aggregates
# For example one of the following: (assuming they are enabled) # And to enable everything in 1-PREP, 2-COMMON, and 3-BASE-SERVER
# iiab_home_url: /home # 1-PREP
# iiab_home_url: /xs-portal - the alternate home page
# iiab_home_url: /wordpress # Docker (lesser-supported)
# iiab_home_url: /wiki - either dokuwiki or mediawiki docker_install: False
docker_enabled: False
# SchoolTool - unmaintained
schooltool_install: False
schooltool_enabled: False
# 2-COMMON
# 3-BASE-SERVER
# Needed if you want http://box/common/services/power_off.php to work
allow_apache_sudo: False
# HTTPD role runs here.
# IIAB-ADMIN role runs here.
# MySQL - SEE roles/1-prep/tasks/computed_vars.yml for de facto defaults
mysql_install: True
mysql_enabled: True
# password is fixmysql
# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0
mysql_root_password: fixmysql
# PostgreSQL
postgresql_install: False
postgresql_enabled: False
# 4-SERVER-OPTIONS # 4-SERVER-OPTIONS
@ -144,43 +156,51 @@ openvpn_cron_enabled: False
openvpn_install: True openvpn_install: True
openvpn_enabled: False openvpn_enabled: False
# Samba. Take a security audit seriously before deploying this. # NETWORK role runs here.
samba_install: False
samba_enabled: False
# PostgreSQL # Homepage
postgresql_install: False # Default to the GUI where the selection is made or override in local_vars.yml
postgresql_enabled: False iiab_home_url: /home
# You can change iiab_home_url in local_vars.yml in order to get a different
# homepage. For example one of the following: (assuming they are enabled)
# iiab_home_url: /home
# iiab_home_url: /wordpress
# iiab_home_url: /wiki - either dokuwiki or mediawiki
# authserver # authserver
authserver_install: False authserver_install: False
authserver_enabled: False authserver_enabled: False
# Common UNIX Printing System (CUPS)
cups_install: True
cups_enabled: False
# Samba. Take a security audit seriously before deploying this.
samba_install: False
samba_enabled: False
# usb-lib # usb-lib
usb_lib_install: True usb_lib_install: True
usb_lib_enabled: True usb_lib_enabled: True
# Docker # Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info)
docker_install: False nodocs: False
docker_enabled: False
# Common UNIX Printing System
cups_install: True
cups_enabled: False
# 5-XO-SERVICES # 5-XO-SERVICES
# Lesser-supported XO services need additional testing. Please uncomment # Lesser-supported XO services need additional testing. Please contact
# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact
# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test.
xo_services_install: False xo_services_install: False
xo_services_enabled: False xo_services_enabled: False
# ejabberd # activity-server
ejabberd_install: False activity_server_install: False
ejabberd_enabled: False activity_server_enabled: False
# ejabberd-xs
ejabberd_xs_install: False ejabberd_xs_install: False
ejabberd_xs_enabled: False ejabberd_xs_enabled: False
@ -188,11 +208,115 @@ ejabberd_xs_enabled: False
idmgr_install: False idmgr_install: False
idmgr_enables: False idmgr_enables: False
# activity-server # 6-GENERIC-APPS
activity_server_install: False
activity_server_enabled: False
# XOVis # Calibre
calibre_install: True
calibre_enabled: False
calibre_port: 8080
# DokuWiki
dokuwiki_install: False
dokuwiki_enabled: False
# Elgg
elgg_install: True
elgg_enabled: False
# elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1
elgg_mysql_password: elgg4kids
# ejabberd
ejabberd_install: False
ejabberd_enabled: False
# Nextcloud
nextcloud_install: True
nextcloud_enabled: False
# ownCloud
owncloud_install: False
owncloud_enabled: False
# WordPress
wordpress_install: True
wordpress_enabled: False
# 7-EDU-APPS
# KA Lite
kalite_install: True
kalite_root: "/library/ka-lite"
kalite_user: kalite
kalite_password_hash: $6$<salt>$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/
kalite_password: kalite
kalite_server_name: kalite
kalite_server_port: 8008
kalite_enabled: False
kalite_cron_enabled: False
# Kiwix
kiwix_install: True
kiwix_enabled: True
kiwix_port: 3000
iiab_zim_path: /library/zims
# Moodle
moodle_install: False
moodle_enabled: False
# OpenStreetMap (OSM)
osm_install: True
osm_enabled: False
# changed in June 2017 from:
# iiab_install: True
# iiab_enabled: False
# Pathagar - similar to Calibre, but unmaintained
pathagar_install: False
pathagar_enabled: False
# Sugarizer
sugarizer_install: True
sugarizer_enabled: False
# 8-MGMT-TOOLS
# AWStats -- sumarizes http access logs
awstats_install: True
awstats_enabled: False
# Monit
monit_install: False
monit_enabled: False
watchdog:
- sshd
- idmgr
- ejabberd
- httpd
- postgresql
- squid
# Munin
munin_install: True
munin_enabled: False
# Handy for maintaining tables, but DANGEROUS if not locked down
phpmyadmin_install: False
phpmyadmin_enabled: False
# sugar-stats - unmaintained
sugar_stats_install: False
sugar_stats_enabled: False
# TeamViewer - unmaintained (better to install from http://teamviewer.com)
teamviewer_install: False
teamviewer_enabled: False
# vnStat
vnstat_install: True
vnstat_enabled: False
# XOVis - unmaintained
xovis_install: False xovis_install: False
xovis_enabled: False xovis_enabled: False
xovis_target_host: "127.0.0.1:5984" xovis_target_host: "127.0.0.1:5984"
@ -206,134 +330,18 @@ xovis_root: "/opt/xovis"
xovis_backup_dir: "/library/users" xovis_backup_dir: "/library/users"
xovis_chart_heading: "My School: Usage Data Visualization" xovis_chart_heading: "My School: Usage Data Visualization"
# sugar-stats # ================================================================
sugar_stats_install: False
sugar_stats_enabled: False
# 6-GENERIC-APPS # Ajenti - unmaintained
# ajenti_install: False
# ajenti_enabled: False
# MySQL # RACHEL - no longer in use
mysql_install: True # rachel_install: False
mysql_enabled: False # rachel_enabled: False
# password is fixmysql # rachel_content_found: False
# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 # #rachel_url: /rachel
mysql_root_password: fixmysql # rachel_doc_root: "{{ doc_root }}/modules"
# Handy for maintaining tables, but DANGEROUS if not locked down
phpmyadmin_install: False
phpmyadmin_enabled: False
# Elgg
elgg_install: True
elgg_enabled: False
# elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1
elgg_mysql_password: elgg4kids
# OwnCloud
owncloud_install: False
owncloud_enabled: False
# Nextcloud
nextcloud_install: True
nextcloud_enabled: False
# WordPress
wordpress_install: True
wordpress_enabled: False
# DokuWiki
dokuwiki_install: False
dokuwiki_enabled: False
# 7-EDU-APPS
# Moodle
moodle_install: False
moodle_enabled: False
# Internet-in-a-Box
#iiab_install: True
#iiab_enabled: False
# above 2 variables changed in June 2017 to:
osm_install: True
osm_enabled: False
# Pathagar
pathagar_install: False
pathagar_enabled: False
# Calibre
calibre_install: True
calibre_enabled: False
calibre_port: 8080
# RACHEL
rachel_install: False
rachel_enabled: False
rachel_content_found: False
#rachel_url: /rachel
rachel_doc_root: "{{ doc_root }}/modules"
# Kiwix-serve
kiwix_install: True
kiwix_enabled: True
kiwix_port: 3000
iiab_zim_path: /library/zims
# KA Lite
kalite_install: True
kalite_root: "/library/ka-lite"
kalite_user: kalite
kalite_password_hash: $6$<salt>$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/
kalite_password: kalite
kalite_server_name: kalite
kalite_server_port: 8008
kalite_enabled: False
kalite_cron_enabled: False
# Sugarizer
sugarizer_install: True
sugarizer_enabled: False
# 8-MGMT-TOOLS
# Munin
munin_install: True
munin_enabled: False
# Monit
monit_install: False
monit_enabled: False
watchdog:
- sshd
- idmgr
- ejabberd
- httpd
- postgresql
- squid
# vnStat
vnstat_install: True
vnstat_enabled: False
# AWStats -- sumarizes http access logs
awstats_install: True
awstats_enabled: False
# SchoolTool
schooltool_install: False
schooltool_enabled: False
# Ajenti
ajenti_install: False
ajenti_enabled: False
# TeamViewer - unmaintained (better to install from http://teamviewer.com)
teamviewer_install: False
teamviewer_enabled: False
# Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info)
nodocs: False
# ================================================================ # ================================================================
# Platforms - turn all off and let <OS>.yml turn on as appropriate # Platforms - turn all off and let <OS>.yml turn on as appropriate

118
vars/medium.localvars
View file

@ -14,6 +14,7 @@ iiab_admin_user: iiab-admin
iiab_hostname: box iiab_hostname: box
iiab_domain: lan iiab_domain: lan
# Set to /home or /wordpress or /wiki (for DokuWiki or MediaWiki)
iiab_home_url: /home iiab_home_url: /home
host_ssid: "Internet in a Box" host_ssid: "Internet in a Box"
host_wifi_mode: g host_wifi_mode: g
@ -34,18 +35,20 @@ iiab_gateway_enabled: False
# Make this False to disable http://box/common/services/power_off.php button: # Make this False to disable http://box/common/services/power_off.php button:
allow_apache_sudo: True allow_apache_sudo: True
# 3-BASE-SERVER
squid_install: False squid_install: False
squid_enabled: False squid_enabled: False
dansguardian_install: False dansguardian_install: False
dansguardian_enabled: False dansguardian_enabled: False
# Unmaintained # Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382
# wondershaper_install: False # wondershaper_install: False
# wondershaper_enabled: False # wondershaper_enabled: False
# 3-BASE-SERVER
# MySQL & PostgreSQL are auto-installed around here as necessary.
# 4-SERVER-OPTIONS # 4-SERVER-OPTIONS
# SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security # SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security
@ -55,6 +58,10 @@ openvpn_enabled: False
# openvpn_cron_enabled: True # openvpn_cron_enabled: True
# If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn"
# Unmaintained
# authserver_install: False
# authserver_enabled: False
# Common UNIX Printing System # Common UNIX Printing System
cups_install: True cups_install: True
cups_enabled: False cups_enabled: False
@ -63,18 +70,13 @@ cups_enabled: False
samba_install: False samba_install: False
samba_enabled: False samba_enabled: False
# Handy for maintaining tables, but DANGEROUS if not locked down
phpmyadmin_install: False
phpmyadmin_enabled: False
# 5-XO-SERVICES # 5-XO-SERVICES
# Lesser-supported XO services need additional testing. Please uncomment # Lesser-supported XO services need additional testing. Please contact
# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact
# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test.
# authserver_install: False # xo_services_install: False
# authserver_enabled: False # xo_services_enabled: False
# activity_server_install: False # activity_server_install: False
# activity_server_enabled: False # activity_server_enabled: False
@ -83,44 +85,51 @@ phpmyadmin_enabled: False
# idmgr_install: False # idmgr_install: False
# idmgr_enabled: False # idmgr_enabled: False
# ejabberd_install: False # ejabberd_xs_install: False
# ejabberd_enabled: False # ejabberd_xs_enabled: False
# xo_services_install: False
# xo_services_enabled: False
# sugar_stats_install: False
# sugar_stats_enabled: False
# xovis_install: False
# xovis_enabled: False
# 6-GENERIC-APPS # 6-GENERIC-APPS
calibre_install: True
calibre_enabled: True
# Change calibre_port to 8010 if you're using XO laptops needing above idmgr
calibre_port: 8080
dokuwiki_install: False
dokuwiki_enabled: False
elgg_install: True
elgg_enabled: True
ejabberd_install: False
ejabberd_enabled: False
nextcloud_install: True nextcloud_install: True
nextcloud_enabled: True nextcloud_enabled: True
wordpress_install: True wordpress_install: True
wordpress_enabled: True wordpress_enabled: True
elgg_install: True
elgg_enabled: True
dokuwiki_install: False
dokuwiki_enabled: False
# 7-EDU-APPS # 7-EDU-APPS
kalite_install: True
kalite_enabled: True
kalite_cron_enabled: True
kiwix_install: True
kiwix_enabled: True
# Warning: Moodle is a serious LMS, that takes a while to install
moodle_install: False
moodle_enabled: False
# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 # OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017
osm_install: True osm_install: True
osm_enabled: True osm_enabled: True
kiwix_install: True # Similar to Calibre, but unmaintained
kiwix_enabled: True pathagar_install: False
pathagar_enabled: False
kalite_install: True
kalite_enabled: True
kalite_cron_enabled: True
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
sugarizer_install: True sugarizer_install: True
@ -129,33 +138,36 @@ sugarizer_enabled: True
# https://github.com/iiab/iiab/issues/193 Subsequent "./runtags sugarizer" fail # https://github.com/iiab/iiab/issues/193 Subsequent "./runtags sugarizer" fail
# https://github.com/iiab/iiab/issues/240 Sugarizer 0.8 to 0.9 ongoing issues # https://github.com/iiab/iiab/issues/240 Sugarizer 0.8 to 0.9 ongoing issues
calibre_install: True
calibre_enabled: True
# Change calibre_port to 8010 if you're using XO laptops needing above idmgr
calibre_port: 8080
# Similar to Calibre, but unmaintained
pathagar_install: False
pathagar_enabled: False
# Warning: Moodle is a serious LMS, that takes a while to install
moodle_install: False
moodle_enabled: False
# 8-MGMT-TOOLS # 8-MGMT-TOOLS
munin_install: True
munin_enabled: True
vnstat_install: True
vnstat_enabled: True
awstats_install: True awstats_install: True
awstats_enabled: True awstats_enabled: True
monit_install: False monit_install: False
monit_enabled: False monit_enabled: False
munin_install: True
munin_enabled: True
# Handy for maintaining tables, but DANGEROUS if not locked down
phpmyadmin_install: False
phpmyadmin_enabled: False
# Unmaintained (better to install from http://teamviewer.com)
teamviewer_install: False
teamviewer_enabled: False
vnstat_install: True
vnstat_enabled: True
# Unmaintained
# sugar_stats_install: False
# sugar_stats_enabled: False
# Unmaintained
# xovis_install: False
# xovis_enabled: False
# Unmaintained # Unmaintained
# schooltool_install: False # schooltool_install: False
# schooltool_enabled: False # schooltool_enabled: False