Merge pull request #309 from iiab/master

sync from iiab/iiab

ansible.cfg

@@ -4,3 +4,5 @@
 #[defaults]
 # Disallowed by Ansible 2.11+ -- see https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.7.html#using-a-loop-on-a-package-module-via-squash-actions
 #squash_actions = apk, apt, dnf, homebrew, openbsd_pkg, pacman, pkgng, yum, zypper, package
+[defaults]
+interpreter_python=/usr/bin/python3

iiab-install

@@ -10,7 +10,7 @@ CWD=`pwd`
 OS=`grep ^ID= /etc/*release|cut -d= -f2`
 OS=${OS//\"/}
 MIN_RPI_KERN=4.9.59-v7+    # UPDATE THIS SOON...when Raspbian's Oct 2019 kernels are finally fixed (https://github.com/iiab/iiab/issues/1993 etc)
-MIN_ANSIBLE_VER=2.7.14
+MIN_ANSIBLE_VER=2.9.0
 
 if [ ! -f /etc/iiab/local_vars.yml ]; then
 
@@ -150,7 +150,8 @@ echo -e "Running local playbooks....Stage 0 will now run....followed by Stages $
 
 export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
 
-ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null
+ansible -m setup -i $INVENTORY localhost --connection=local | grep python
+ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null    # So vars are recorded in /opt/iiab/iiab/iiab-install.log
 ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local
 
 echo -e "./iiab-install $* COMPLETED IN $CWD\n\n"

iiab-network

@@ -25,6 +25,7 @@ fi
 
 echo "Ansible will now run iiab-network.yml -- log file is iiab-network.log"
 Start=`date`
+ansible -m setup -i ansible_hosts localhost --connection=local | grep python
 ansible-playbook -i ansible_hosts iiab-network.yml --connection=local
 End=`date`
 

iiab-support

@@ -55,12 +55,13 @@ else
     else
         echo "openvpn_install: True" >> /etc/iiab/local_vars.yml
     fi
-    
+
     if [ -d /opt/iiab/iiab ]; then
         cd /opt/iiab/iiab
         #CWD=`pwd`
         #export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
         export ANSIBLE_LOG_PATH="/opt/iiab/iiab/iiab-install.log"
+        ansible -m setup -i $INVENTORY localhost --connection=local | grep python
         ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local
         # Above is tighter/better than running all of "./runrole 1-prep"
         echo

roles/2-common/tasks/packages.yml

@@ -63,12 +63,3 @@
       - usbutils
       - wget
     state: present
-
-- name: "Install 4 common Python packages: python-passlib, python-pip, python-setuptools, python-virtualenv"
-  package:
-    name:
-      - python-passlib
-      - python-pip
-      - python-setuptools
-      - python-virtualenv
-    state: present

roles/3-base-server/tasks/main.yml

@@ -21,11 +21,6 @@
     state: restarted
   when: not installing
 
-- name: Create a Python interface to iiab.env
-  template:
-    src: roles/1-prep/templates/iiab_env.py.j2
-    dest: /etc/iiab/iiab_env.py
-
 - name: Recording STAGE 3 HAS COMPLETED =====================
   lineinfile:
     dest: "{{ iiab_env_file }}"

roles/4-server-options/tasks/main.yml

@@ -13,11 +13,6 @@
   when: named_install | bool
   tags: base, named, network, domain
 
-- name: Installing captive portal
-  include_tasks: roles/captive-portal/tasks/main.yml
-  when: captive_portal_install | bool
-  tags: base, captive-portal, network, domain
-
 - name: Installing dhcpd
   include_tasks: roles/network/tasks/dhcpd.yml
   when: dhcpd_install | bool
@@ -28,6 +23,22 @@
   when: squid_install | bool
   tags: base, squid, network, domain
 
+# until porting is complete
+- name: Install python
+  package: 
+    name: python
+    state: present
+
+- name: Create a Python interface to iiab.env
+  template:
+    src: roles/1-prep/templates/iiab_env.py.j2
+    dest: /etc/iiab/iiab_env.py
+
+- name: Installing captive portal
+  include_tasks: roles/captive-portal/tasks/main.yml
+  when: captive_portal_install | bool
+  tags: base, captive-portal, network, domain
+
 - name: Install Bluetooth - only on Raspberry Pi
   include_role:
     name: bluetooth

roles/calibre-web/tasks/main.yml

@@ -51,6 +51,9 @@
     requirements: "{{ calibreweb_venv_path }}/requirements.txt"
     virtualenv: "{{ calibreweb_venv_path }}"
     virtualenv_site_packages: no
+    virtualenv_command: /usr/bin/virtualenv
+    virtualenv_python: python2.7
+
   when: internet_available | bool
 
 - name: Symlink {{ calibreweb_venv_path }}/vendor to {{ calibreweb_venv_path }}/lib/python2.7/site-packages to keep cps.py happy

roles/gitea/defaults/main.yml

@@ -8,7 +8,7 @@
 # https://git.coolaj86.com/coolaj86/gitea-installer.sh
 
 # Information needed to install Gitea
-gitea_version: 1.9.4
+gitea_version: 1.9.5
 iset_suffixes:
   i386: 386
   x86_64: amd64

roles/kalite/tasks/install.yml

@@ -1,10 +1,4 @@
 # For OS's other than Fedora 18
-
-- name: Install package python-virtualenv allowing KA Lite install into {{ kalite_venv }}
-  package:
-    name: python-virtualenv
-    state: present
-
 - name: Download {{ kalite_requirements }} to {{ pip_packages_dir }}/kalite.txt
   get_url:
     url: "{{ kalite_requirements }}"
@@ -26,6 +20,8 @@
     version: "{{ kalite_version }}"
     virtualenv: "{{ kalite_venv }}"
     virtualenv_site_packages: no
+    virtualenv_command: /usr/bin/virtualenv
+    virtualenv_python: python2.7
     extra_args: "--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
   when: internet_available and is_debuntu
@@ -44,6 +40,8 @@
     version: "{{ kalite_version }}"
     virtualenv: "{{ kalite_venv }}"
     virtualenv_site_packages: no
+    virtualenv_command: /usr/bin/virtualenv
+    virtualenv_python: python2.7
 #       extra_args="--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
   when: internet_available and not is_debuntu

roles/moodle/tasks/main.yml

@@ -6,10 +6,9 @@
     state: present
   when: not is_debuntu
 
-- name: Install python-psycopg2 and 4 php packages (debuntu)
+- name: Install 4 php packages (debuntu)
   package:
     name:
-      - python-psycopg2
       - php{{ php_version }}-pgsql
       - php{{ php_version }}-curl
       #- php{{ php_version }}-zip

roles/mysql/tasks/main.yml

@@ -1,9 +1,8 @@
-- name: 'Install MySQL packages: mariadb-server, mariadb-client, python-mysqldb and 8 php packages (debuntu)'
+- name: 'Install MySQL packages: mariadb-server, mariadb-client, and 8 php packages (debuntu)'
   package:
     name:
       - mariadb-server
       - mariadb-client
-      - python-mysqldb
       - php{{ php_version }}
       - php{{ php_version }}-mysql
       - php-pear
@@ -125,6 +124,14 @@
     enabled: yes
   when: mysql_enabled | bool
 
+- name: Install .my.cnf file from template, with root password credentials, if mysql_enabled
+  template:
+    src: my.cnf.j2
+    dest: /root/.my.cnf
+    owner: root
+    mode: 0600
+  when: mysql_enabled | bool
+
 # 'localhost' needs to be the last item for idempotency, see
 # http://ansible.cc/docs/modules.html#mysql-user
 # unfortunately it still doesn't work
@@ -136,14 +143,6 @@
     priv: "*.*:ALL,GRANT"
   when: mysql_enabled | bool
 
-- name: Install .my.cnf file from template, with root password credentials, if mysql_enabled
-  template:
-    src: my.cnf.j2
-    dest: /root/.my.cnf
-    owner: root
-    mode: 0600
-  when: mysql_enabled | bool
-
 - name: Update MySQL root password for all remaining root accounts (127.0.0.1, ::1) if mysql_enabled
   mysql_user:
     name: root

roles/mysql/templates/my.cnf.j2

@@ -1,3 +1,4 @@
 [client]
 user=root
 password={{ mysql_root_password }}
+socket=/run/mysqld/mysqld.sock

roles/pbx/tasks/freepbx_dependencies.yml

@@ -25,6 +25,6 @@
       - php-snmp 
       - php-fpm
       - libapache2-mod-php
-      - python-mysqldb        # https://github.com/Yannik/ansible-role-freepbx/blob/master/tasks/freepbx.yml#L33
+#      - python-mysqldb        # https://github.com/Yannik/ansible-role-freepbx/blob/master/tasks/freepbx.yml#L33
       - libapache2-mpm-itk    # To serve FreePBX through a VirtualHost as asterisk user
     state: latest

runrole

@@ -33,4 +33,6 @@ if [[ $# -eq 0 ]] ; then
     exit 0
 fi
 
+
+ansible -m setup -i $INVENTORY localhost ${ARGS} --connection=local | grep python
 ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local -e "role_to_run=$1"

scripts/ansible

@@ -74,9 +74,10 @@ elif [ -f /etc/debian_version ]; then    # Includes Debian, Ubuntu & Raspbian
     echo -e '\nIF YOU FACE ERROR "signatures couldn'"'"'t be verified because the public key is not available" THEN REPEATEDLY RE-RUN "sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367"\n'
     apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367
 
-    echo -e "\napt update; apt install ansible\n"
+    echo -e "\napt update; apt install ansible and python3 dependencies\n"
     apt update
-    apt -y --allow-downgrades install ansible
+    apt -y --allow-downgrades install ansible python3-distutils python3-mysqldb python3-passlib python3-pip python3-setuptools python3-virtualenv python3-psycopg2
+
     echo -e "\nSUCCESS: verify Ansible using 'ansible --version' and/or 'apt -a list ansible'\n\n"
 
     # TEMPORARILY USE ANSIBLE 2.4.4 (REMOVE IT WITH "pip uninstall ansible")
@@ -90,7 +91,7 @@ elif [ -f /etc/debian_version ]; then    # Includes Debian, Ubuntu & Raspbian
 
     echo -e 'PPA source "deb http://ppa.launchpad.net/ansible/ansible/ubuntu bionic main"'
     echo -e "successfully saved to /etc/apt/sources.list.d/iiab-ansible.list\n"
-    
+
     echo -e "IF *OTHER* ANSIBLE SOURCES APPEAR BELOW, PLEASE MANUALLY REMOVE THEM TO"
     echo -e "ENSURE ANSIBLE UPDATES CLEANLY: (then re-run this script to be sure!)\n"
     grep '^deb .*ansible' /etc/apt/sources.list /etc/apt/sources.list.d/*.list | grep -v '^/etc/apt/sources.list.d/iiab-ansible.list:' || true    # Override bash -e (instead of aborting at 1st error)

scripts/ansible-2.8.x

@@ -74,9 +74,9 @@ elif [ -f /etc/debian_version ]; then    # Includes Debian, Ubuntu & Raspbian
     echo -e '\nIF YOU FACE ERROR "signatures couldn'"'"'t be verified because the public key is not available" THEN REPEATEDLY RE-RUN "sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367"\n'
     apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367
 
-    echo -e "\napt update; apt install ansible\n"
+    echo -e "\napt update; apt install ansible and python3 dependencies\n"
     apt update
-    apt -y --allow-downgrades install ansible
+    apt -y --allow-downgrades install ansible python3-distutils python3-mysqldb python3-passlib python3-pip python3-setuptools python3-virtualenv python3-psycopg2
     echo -e "\nSUCCESS: verify Ansible using 'ansible --version' and/or 'apt -a list ansible'\n\n"
 
     # TEMPORARILY USE ANSIBLE 2.4.4 (REMOVE IT WITH "pip uninstall ansible")
@@ -90,7 +90,7 @@ elif [ -f /etc/debian_version ]; then    # Includes Debian, Ubuntu & Raspbian
 
     echo -e 'PPA source "deb http://ppa.launchpad.net/ansible/ansible-2.8/ubuntu bionic main"'
     echo -e "successfully saved to /etc/apt/sources.list.d/iiab-ansible.list\n"
-    
+
     echo -e "IF *OTHER* ANSIBLE SOURCES APPEAR BELOW, PLEASE MANUALLY REMOVE THEM TO"
     echo -e "ENSURE ANSIBLE UPDATES CLEANLY: (then re-run this script to be sure!)\n"
     grep '^deb .*ansible' /etc/apt/sources.list /etc/apt/sources.list.d/*.list | grep -v '^/etc/apt/sources.list.d/iiab-ansible.list:' || true    # Override bash -e (instead of aborting at 1st error)

scripts/ansible-2.9.x

@@ -74,9 +74,9 @@ elif [ -f /etc/debian_version ]; then    # Includes Debian, Ubuntu & Raspbian
     echo -e '\nIF YOU FACE ERROR "signatures couldn'"'"'t be verified because the public key is not available" THEN REPEATEDLY RE-RUN "sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367"\n'
     apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367
 
-    echo -e "\napt update; apt install ansible\n"
+    echo -e "\napt update; apt install ansible and python3 dependencies\n"
     apt update
-    apt -y --allow-downgrades install ansible
+    apt -y --allow-downgrades install ansible python3-distutils python3-mysqldb python3-passlib python3-pip python3-setuptools python3-virtualenv python3-psycopg2
     echo -e "\nSUCCESS: verify Ansible using 'ansible --version' and/or 'apt -a list ansible'\n\n"
 
     # TEMPORARILY USE ANSIBLE 2.4.4 (REMOVE IT WITH "pip uninstall ansible")