external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

Merge branch 'wifi_net2' of https://github.com/jvonau/iiab into wifi_net2

Browse source
This commit is contained in:
root 2022-07-11 14:47:01 +00:00
commit 737bbbafde
11 changed files with 116 additions and 117 deletions
Download patch file Download diff file Expand all files Collapse all files

24
roles/0-init/tasks/hostname.yml
View file

@ -1,3 +1,8 @@
- name: "Set 'iiab_fqdn: {{ iiab_hostname }}.{{ iiab_domain }}'"
set_fact:
iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
FQDN_changed: False
- name: Does /etc/cloud/cloud.cfg exist e.g. is this Ubuntu Server 18+ ? - name: Does /etc/cloud/cloud.cfg exist e.g. is this Ubuntu Server 18+ ?
stat: stat:
path: /etc/cloud/cloud.cfg path: /etc/cloud/cloud.cfg
@ -17,16 +22,7 @@
# 2021-08-31: Periods in /etc/hostname fail with some WiFi routers (#2904) # 2021-08-31: Periods in /etc/hostname fail with some WiFi routers (#2904)
# command: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}" # command: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}"
#- name: Install /etc/sysconfig/network from template (redhat) # should the first entry match just hostname and domain move to after localhost?
# template:
# src: roles/network/templates/network/sysconfig.network.j2
# dest: /etc/sysconfig/network
# owner: root
# group: root
# mode: 0644
# when: is_redhat
# roles/network/tasks/hosts.yml [no longer in use] ALSO did this:
- name: 'Put FQDN & hostnames in /etc/hosts: "127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan"' - name: 'Put FQDN & hostnames in /etc/hosts: "127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan"'
lineinfile: lineinfile:
path: /etc/hosts path: /etc/hosts
@ -36,6 +32,14 @@
#group: root #group: root
#mode: 0644 #mode: 0644
# 2021-07-30: FQDN_changed isn't used as in the past -- its remaining use is
# for {named, dhcpd, squid} in roles/network/tasks/main.yml -- possibly it
# should be reconsidered? See PR #2876: roles/network might become optional?
- name: "Also set 'FQDN_changed: True' -- if iiab_fqdn != ansible_fqdn ({{ ansible_fqdn }})"
set_fact:
FQDN_changed: True
when: iiab_fqdn != ansible_fqdn
#- name: Re-configuring httpd - not initial install #- name: Re-configuring httpd - not initial install
# include_tasks: roles/httpd/tasks/main.yml # include_tasks: roles/httpd/tasks/main.yml
# when: iiab_stage|int > 3 # when: iiab_stage|int > 3

5
roles/0-init/tasks/main.yml
View file

@ -54,9 +54,8 @@
- name: "Time Zone / TZ: Set symlink /etc/localtime to UTC if it doesn't exist?" - name: "Time Zone / TZ: Set symlink /etc/localtime to UTC if it doesn't exist?"
include_tasks: tz.yml include_tasks: tz.yml
- name: Set new hostname/domain (hostname.yml) if nec - name: Set hostname / domain (etc) in various places
include_tasks: network.yml include_tasks: hostname.yml
- name: Add 'runtime' variable values to {{ iiab_ini_file }} - name: Add 'runtime' variable values to {{ iiab_ini_file }}
ini_file: ini_file:

31
roles/0-init/tasks/network.yml
View file

@ -1,31 +0,0 @@
- name: "Set 'iiab_fqdn: {{ iiab_hostname }}.{{ iiab_domain }}'"
set_fact:
iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
FQDN_changed: False
- name: Set hostname / domain (etc) in various places -- if iiab_fqdn != ansible_fqdn ({{ ansible_fqdn }})
include_tasks: hostname.yml
when: iiab_fqdn != ansible_fqdn
# 2021-07-30: FQDN_changed isn't used as in the past -- its remaining use is
# for {named, dhcpd, squid} in roles/network/tasks/main.yml -- possibly it
# should be reconsidered? See PR #2876: roles/network might become optional?
- name: "Also set 'FQDN_changed: True' -- if iiab_fqdn != ansible_fqdn ({{ ansible_fqdn }})"
set_fact:
FQDN_changed: True
when: iiab_fqdn != ansible_fqdn
# 2021-08-17: (1) iiab-gen-iptables works better if gui_port is set directly in
# default_vars.yml and/or local_vars.yml (2) Admin Console's iiab-admin.yml
# and js-menu.yml set 'adm_cons_force_ssl: False'
# - name: "Set 'gui_port: 80' for Admin Console if not adm_cons_force_ssl"
# set_fact:
# gui_port: 80
# when: not adm_cons_force_ssl
# - name: "Set 'gui_port: 443' for Admin Console if adm_cons_force_ssl"
# set_fact:
# gui_port: 443
# when: adm_cons_force_ssl

3
roles/0-init/tasks/validate_vars.yml
View file

@ -63,7 +63,7 @@
# #
# 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc
- name: Set vars_checklist for 44 + 44 + 40 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked - name: Set vars_checklist for 45 + 45 + 41 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked
set_fact: set_fact:
vars_checklist: vars_checklist:
- hostapd - hostapd
@ -122,6 +122,7 @@
- calibreweb - calibreweb
- calibre - calibre
- pbx - pbx
- network
- name: Assert that {{ vars_checklist | length }} "XYZ_install" vars are all... defined - name: Assert that {{ vars_checklist | length }} "XYZ_install" vars are all... defined
assert: assert:

8
roles/1-prep/tasks/main.yml
View file

@ -3,6 +3,10 @@
- name: ...IS BEGINNING ============================================ - name: ...IS BEGINNING ============================================
meta: noop meta: noop
- name: Install network/wifi related packages -- configure LATER in 'network', after Stage 9
include_tasks: roles/network/tasks/install.yml
when: network_install
- name: SSHD -- required by OpenVPN below -- also run by roles/4-server-options/tasks/main.yml - name: SSHD -- required by OpenVPN below -- also run by roles/4-server-options/tasks/main.yml
include_role: include_role:
name: sshd name: sshd
@ -29,10 +33,6 @@
dest: /usr/bin/ dest: /usr/bin/
mode: '0755' mode: '0755'
- name: Install dnsmasq -- configure LATER in 'network', after Stage 9
include_tasks: roles/network/tasks/dnsmasq.yml
#when: dnsmasq_install # Flag might be used in future?
- include_tasks: uuid.yml - include_tasks: uuid.yml
- include_tasks: ubermix.yml - include_tasks: ubermix.yml

10
roles/2-common/tasks/main.yml
View file

@ -8,8 +8,14 @@
- include_tasks: packages.yml - include_tasks: packages.yml
- name: Install network packages (including many WiFi tools, and also iptables-persistent for firewall) - name: "Use 'sysctl' to set 'kernel.core_uses_pid: 1' in /etc/sysctl.conf"
include_tasks: network.yml sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot
name: "{{ item.name }}"
value: "{{ item.value }}"
with_items:
#- { name: 'kernel.sysrq', value: '1' } # OS values differ, Ok?
- { name: 'kernel.core_uses_pid', value: '1' }
#- { name: 'kernel.shmmax', value: '268435456' } # OS values differ, Ok?
- include_tasks: iiab-startup.yml - include_tasks: iiab-startup.yml

17
roles/4-server-options/tasks/main.yml
View file

@ -24,23 +24,6 @@
name: sshd name: sshd
when: sshd_install when: sshd_install
# UNMAINTAINED
- name: Install named / BIND
include_tasks: roles/network/tasks/named.yml
when: named_install is defined and named_install
# UNMAINTAINED
- name: Install dhcpd
include_tasks: roles/network/tasks/dhcpd.yml
when: dhcpd_install is defined and dhcpd_install
# LESS MAINTAINED
- name: Install Squid
include_tasks: roles/network/tasks/squid.yml
when: squid_install and squid_installed is undefined
- name: Install Bluetooth - only on Raspberry Pi - name: Install Bluetooth - only on Raspberry Pi
include_role: include_role:
name: bluetooth name: bluetooth

2
roles/network/tasks/computed_network.yml
View file

@ -172,3 +172,5 @@
value: "{{ iiab_lan_iface }}" value: "{{ iiab_lan_iface }}"
- option: iiab_network_mode - option: iiab_network_mode
value: "{{ iiab_network_mode }}" value: "{{ iiab_network_mode }}"
- option: network_enabled
value: "{{ network_enabled }}"

33
roles/2-common/tasks/network.yml → roles/network/tasks/install.yml
View file

@ -1,5 +1,8 @@
# 2022-03-16: 'apt show <pkg> | grep Size' revealed download sizes, on 64-bit RasPiOS with desktop. # 2022-03-16: 'apt show <pkg> | grep Size' revealed download sizes, on 64-bit RasPiOS with desktop.
- name: Install dnsmasq -- configure LATER in 'network', after Stage 9
include_tasks: roles/network/tasks/dnsmasq.yml
- name: Install package networkd-dispatcher (OS's other than RasPiOS) - name: Install package networkd-dispatcher (OS's other than RasPiOS)
package: package:
name: networkd-dispatcher # 15kB download: Dispatcher service for systemd-networkd connection status changes name: networkd-dispatcher # 15kB download: Dispatcher service for systemd-networkd connection status changes
@ -44,7 +47,7 @@
# Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes: # Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes:
- name: "Use 'sysctl' to set 'kernel.core_uses_pid: 1' + 4 network settings in /etc/sysctl.conf -- e.g. disabling IPv6 (this might be overkill, as IPv6 should really only be disabled on the LAN side, i.e. br0)" - name: "4 network settings in /etc/sysctl.conf -- e.g. disabling IPv6 (this might be overkill, as IPv6 should really only be disabled on the LAN side, i.e. br0)"
sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot
name: "{{ item.name }}" name: "{{ item.name }}"
value: "{{ item.value }}" value: "{{ item.value }}"
@ -52,10 +55,32 @@
- { name: 'net.ipv4.ip_forward', value: '1' } # Masquerading LAN->Internet - { name: 'net.ipv4.ip_forward', value: '1' } # Masquerading LAN->Internet
- { name: 'net.ipv4.conf.default.rp_filter', value: '1' } - { name: 'net.ipv4.conf.default.rp_filter', value: '1' }
- { name: 'net.ipv4.conf.default.accept_source_route', value: '0' } - { name: 'net.ipv4.conf.default.accept_source_route', value: '0' }
#- { name: 'kernel.sysrq', value: '1' } # OS values differ, Ok?
- { name: 'kernel.core_uses_pid', value: '1' }
#- { name: 'net.ipv4.tcp_syncookies', value: '1' } # Very standard in 2020 #- { name: 'net.ipv4.tcp_syncookies', value: '1' } # Very standard in 2020
#- { name: 'kernel.shmmax', value: '268435456' } # OS values differ, Ok?
- { name: 'net.ipv6.conf.all.disable_ipv6', value: '1' } # IPv6 disabled - { name: 'net.ipv6.conf.all.disable_ipv6', value: '1' } # IPv6 disabled
#- { name: 'net.ipv6.conf.default.disable_ipv6', value: '1' } # AUTO-SET #- { name: 'net.ipv6.conf.default.disable_ipv6', value: '1' } # AUTO-SET
#- { name: 'net.ipv6.conf.lo.disable_ipv6', value: '1' } # BY ABOVE #- { name: 'net.ipv6.conf.lo.disable_ipv6', value: '1' } # BY ABOVE
- name: "Set 'network_installed: True'"
set_fact:
network_installed: True
- name: "Add 'network_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^network_installed'
line: 'network_installed: True'
# UNMAINTAINED
- name: Install named / BIND
include_tasks: roles/network/tasks/named.yml
when: named_install is defined and named_install
# UNMAINTAINED
- name: Install dhcpd
include_tasks: roles/network/tasks/dhcpd.yml
when: dhcpd_install is defined and dhcpd_install
# LESS MAINTAINED
- name: Install Squid
include_tasks: roles/network/tasks/squid.yml
when: squid_install and squid_installed is undefined

98
roles/network/tasks/main.yml
View file

@ -21,59 +21,67 @@
- name: computed_network - name: computed_network
include_tasks: computed_network.yml include_tasks: computed_network.yml
# - name: Configure wondershaper - name: Install network packages (including many WiFi tools, and also iptables-persistent for firewall)
# include_tasks: wondershaper.yml include_tasks: install.yml
# when: wondershaper_install or wondershaper_installed is defined when: network_install and network_installed is undefined
- name: (Re)Install named - name: Configuring Network if enabled
include_tasks: named.yml block:
when: named_install and FQDN_changed and iiab_stage|int == 9 # - name: Configure wondershaper
# include_tasks: wondershaper.yml
# when: wondershaper_install or wondershaper_installed is defined
- name: (Re)Install dhcpd - name: (Re)Install named
include_tasks: dhcpd.yml include_tasks: named.yml
when: dhcpd_install and FQDN_changed and iiab_stage|int == 9 when: named_install and FQDN_changed and iiab_stage|int == 9
- name: (Re)Install Squid - name: (Re)Install dhcpd
include_tasks: squid.yml include_tasks: dhcpd.yml
when: squid_install and FQDN_changed and iiab_stage|int == 9 when: dhcpd_install and FQDN_changed and iiab_stage|int == 9
#preprep for backends - name: (Re)Install Squid
- name: Netplan in use on Ubuntu 18.04+ include_tasks: squid.yml
include_tasks: netplan.yml when: squid_install and FQDN_changed and iiab_stage|int == 9
when: is_ubuntu and not is_ubuntu_16
#### Start services #preprep for backends
- name: avahi - name: Netplan in use on Ubuntu 18.04+
include_tasks: avahi.yml include_tasks: netplan.yml
- name: hostapd when: is_ubuntu and not is_ubuntu_16
include_tasks: hostapd.yml
- name: computed_services
include_tasks: computed_services.yml
- name: enable_services
include_tasks: enable_services.yml
#### End services
#### Start network layout #### Start services
#- name: Redhat networking - name: avahi
# include_tasks: ifcfg_mods.yml include_tasks: avahi.yml
# when: is_redhat - name: hostapd
include_tasks: hostapd.yml
- name: computed_services
include_tasks: computed_services.yml
- name: enable_services
include_tasks: enable_services.yml
#### End services
- name: NetworkManager in use #### Start network layout
include_tasks: NM-debian.yml #- name: Redhat networking
when: is_debuntu and network_manager_active # include_tasks: ifcfg_mods.yml
# when: is_redhat
- name: systemd-networkd in use - name: NetworkManager in use
include_tasks: sysd-netd-debian.yml include_tasks: NM-debian.yml
when: is_debuntu and systemd_networkd_active when: is_debuntu and network_manager_active
- name: Raspbian uses dhcpcd only with no N-M or SYS-NETD active - name: systemd-networkd in use
include_tasks: rpi_debian.yml include_tasks: sysd-netd-debian.yml
when: is_raspbian when: is_debuntu and systemd_networkd_active
- name: Not RPi, Not NetworkManager, Not systemd-networkd in use - name: Raspbian uses dhcpcd only with no N-M or SYS-NETD active
include_tasks: debian.yml include_tasks: rpi_debian.yml
when: (not is_raspbian and not network_manager_active and not systemd_networkd_active and is_debuntu) or is_ubuntu_16 when: is_raspbian
#### end network layout
- name: Restart services - name: Not RPi, Not NetworkManager, Not systemd-networkd in use
include_tasks: restart.yml include_tasks: debian.yml
when: (not is_raspbian and not network_manager_active and not systemd_networkd_active and is_debuntu) or is_ubuntu_16
#### end network layout
- name: Restart services
include_tasks: restart.yml
# end block
when: network_installed is defined and network_enabled

2
vars/default_vars.yml
View file

@ -92,6 +92,8 @@ js_menu_install: True
# IIAB Networking README: https://github.com/iiab/iiab/tree/master/roles/network # IIAB Networking README: https://github.com/iiab/iiab/tree/master/roles/network
# IIAB Networking Doc: https://github.com/iiab/iiab/wiki/IIAB-Networking # IIAB Networking Doc: https://github.com/iiab/iiab/wiki/IIAB-Networking
# Read it offline too: http://box/info > "IIAB Networking" # Read it offline too: http://box/info > "IIAB Networking"
network_install: True
network_enabled: True
# NETWORK PARAMETERS FOLLOW ACROSS THE NEXT 100 LINES, as enabled by Ansible's # NETWORK PARAMETERS FOLLOW ACROSS THE NEXT 100 LINES, as enabled by Ansible's
# NETWORK role (/opt/iiab/iiab/roles/network). SEE ALSO: # NETWORK role (/opt/iiab/iiab/roles/network). SEE ALSO: