diff --git a/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml b/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml index 6ba6e798a..61d4b6baa 100644 --- a/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml @@ -72,7 +72,7 @@ - name: Copy xs-activity-server config file template: src=xs-activity-server.conf - dest=/etc/{{ apache_config_dir }} + dest=/etc/{{ apache_conf_dir }} owner=root group=root mode=0644 diff --git a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml index 22ef5318b..a640a4deb 100644 --- a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml +++ b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml @@ -29,10 +29,10 @@ state: link force: yes -- name: Install /etc/{{ apache_config_dir }}/dokuwiki.conf from template, for DokuWiki's http://box{{ dokuwiki_url }} +- name: Install /etc/{{ apache_conf_dir }}/dokuwiki.conf from template, for DokuWiki's http://box{{ dokuwiki_url }} template: src: dokuwiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/dokuwiki.conf" + dest: "/etc/{{ apache_conf_dir }}/dokuwiki.conf" # - name: Symlink /etc/apache2/sites-enabled/dokuwiki.conf to /etc/apache2/sites-available/dokuwiki.conf if dokuwiki_enabled (debuntu) # file: diff --git a/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml b/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml index f975c665f..3755bb5a6 100644 --- a/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml @@ -9,7 +9,7 @@ - download - name: Remove stock moodle conf - file: path='/etc/{{ apache_config_dir }}/moodle.conf' + file: path='/etc/{{ apache_conf_dir }}/moodle.conf' state=absent - name: Configure moodle @@ -21,7 +21,7 @@ mode={{ item.mode }} with_items: - src: '020-iiab-moodle.conf.j2' - dest: '/etc/{{ apache_config_dir }}/020-iiab-moodle.conf' + dest: '/etc/{{ apache_conf_dir }}/020-iiab-moodle.conf' mode: '0655' - src: 'moodle-xs.service.j2' dest: '/etc/systemd/system/moodle-xs.service' diff --git a/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml b/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml index 389da679b..20a38fac5 100644 --- a/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml @@ -102,10 +102,10 @@ line: "path_to_virtualenv = '/usr/local/osm'" state: present -- name: Install /etc/{{ apache_config_dir }}/osm.conf from template +- name: Install /etc/{{ apache_conf_dir }}/osm.conf from template template: src: osm.conf.j2 - dest: "/etc/{{ apache_config_dir }}/osm.conf" + dest: "/etc/{{ apache_conf_dir }}/osm.conf" owner: root group: root mode: 0644 @@ -114,7 +114,7 @@ - name: Create softlink osm.conf from sites-enabled to sites-available (debuntu) file: - src: "/etc/{{ apache_config_dir }}/osm.conf" + src: "/etc/{{ apache_conf_dir }}/osm.conf" path: /etc/apache2/sites-enabled/osm.conf state: link when: osm_enabled and is_debuntu @@ -125,9 +125,9 @@ state: absent when: not osm_enabled and is_debuntu -- name: Remove /{{ apache_config_dir }}/osm.conf (redhat) +- name: Remove /{{ apache_conf_dir }}/osm.conf (redhat) file: - path: "/{{ apache_config_dir }}/osm.conf" + path: "/{{ apache_conf_dir }}/osm.conf" state: absent when: not osm_enabled and is_redhat diff --git a/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml b/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml index b7a47c05a..5f4d1569c 100644 --- a/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml +++ b/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml @@ -7,7 +7,7 @@ - name: Enable owncloud by copying template to httpd config template: src=owncloud.conf.j2 - dest=/etc/{{ apache_config_dir }}/owncloud.conf + dest=/etc/{{ apache_conf_dir }}/owncloud.conf owner=root group=root mode=0644 diff --git a/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml b/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml index 2744f8f7a..bd845ecc0 100644 --- a/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml @@ -179,11 +179,11 @@ # group: root # mode: '0644' -- name: Install /etc/{{ apache_config_dir }}/pathagar.conf from template +- name: Install /etc/{{ apache_conf_dir }}/pathagar.conf from template template: src: pathagar.conf backup: yes - dest: "/etc/{{ apache_config_dir }}/pathagar.conf" + dest: "/etc/{{ apache_conf_dir }}/pathagar.conf" mode: 0644 - name: Enable Pathagar via Apache (debuntu) diff --git a/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml b/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml index 518cfc927..3d5b82731 100644 --- a/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml +++ b/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml @@ -1,6 +1,6 @@ - name: Copy RACHEL httpd conf file template: src=rachel.conf.j2 - dest=/etc/{{ apache_config_dir }}/rachel.conf + dest=/etc/{{ apache_conf_dir }}/rachel.conf - name: enable Rachel file: path=/etc/apache2/sites-enabled/rachel.conf diff --git a/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml b/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml index 2f41eefda..dad203f29 100644 --- a/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml @@ -18,7 +18,7 @@ - dest: '/etc/systemd/system/schooltool.service' src: 'schooltool.service' mode: '0644' - - dest: '/etc/{{ apache_config_dir }}/schooltool.conf' + - dest: '/etc/{{ apache_conf_dir }}/schooltool.conf' src: 'schooltool.conf' mode: '0644' diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 6c2c2abd2..e0eb29a66 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -22,9 +22,9 @@ name: bluetooth when: is_rpi and bluetooth_install # or bluetooth_installed is defined -- name: USB-LIB +- name: USB_LIB include_role: - name: usb-lib + name: usb_lib when: usb_lib_install | bool # This is in Stage 4-SERVER-OPTIONS (rather than 3-BASE-SERVER) because var diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index e2958907d..5656be24d 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -30,10 +30,10 @@ - "{{ apache_log_dir }}" - /usr/lib/cgi-bin/awstats # create backward compatible path for awstats -- name: Install /etc/{{ apache_config_dir }}/awstats.conf from template +- name: Install /etc/{{ apache_conf_dir }}/awstats.conf from template template: src: apache-awstats.conf - dest: "/etc/{{ apache_config_dir }}/awstats.conf" + dest: "/etc/{{ apache_conf_dir }}/awstats.conf" - name: Install /etc/logrotate.d/apache2 from template, to ensure logrotate doesn't make logs unreadable template: @@ -76,6 +76,13 @@ shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update # when: awstats_enabled | bool + +# RECORD AWStats AS INSTALLED + +- name: "Set 'awstats_installed: True'" + set_fact: + awstats_installed: True + - name: "Add 'awstats_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/azuracast/tasks/install.yml b/roles/azuracast/tasks/install.yml index 6cc0ed331..e927173cf 100644 --- a/roles/azuracast/tasks/install.yml +++ b/roles/azuracast/tasks/install.yml @@ -64,6 +64,13 @@ args: chdir: "{{ azuracast_host_dir }}" + +# RECORD AzuraCast AS INSTALLED + +- name: "Set 'azuracast_installed: True'" + set_fact: + azuracast_installed: True + - name: "Add 'azuracast_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/bluetooth/tasks/install.yml b/roles/bluetooth/tasks/install.yml index 30aca6282..5872ec99b 100644 --- a/roles/bluetooth/tasks/install.yml +++ b/roles/bluetooth/tasks/install.yml @@ -55,6 +55,13 @@ regexp: '^#DiscoverableTimeout' line: 'DiscoverableTimeout = 0' + +# RECORD Bluetooth AS INSTALLED + +- name: "Set 'bluetooth_installed: True'" + set_fact: + bluetooth_installed: True + - name: "Add 'bluetooth_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index 9f0295dde..07812fc59 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -35,17 +35,17 @@ # NGINX -# TO DO: restore http://box/libros & http://box/livres, along English (http://box/books) +# TO DO: restore http://box/libros & http://box/livres, alongside English (#2195) -- name: Enable http://box{{ calibreweb_url1 }} via NGINX, by installing {{ nginx_conf_dir }}/calibre-web-nginx.conf from template +- name: Enable http://box{{ calibreweb_url1 }} via NGINX, by installing {{ nginx_conf_dir }}/calibre-web-nginx.conf from template # http://box/books template: src: calibre-web-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" + dest: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" # /etc/nginx/conf.d when: nginx_install and calibreweb_enabled - name: Disable http://box{{ calibreweb_url1 }} via NGINX, by removing {{ nginx_conf_dir }}/calibre-web-nginx.conf file: - path: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" + path: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" # /etc/nginx/conf.d state: absent when: nginx_install and not calibreweb_enabled diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index a71fe04c0..a6002e5c8 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -1,7 +1,6 @@ -- name: Install ImageMagick (debuntu) +- name: Install ImageMagick package (debuntu) package: - name: - - imagemagick + name: imagemagick state: present when: is_debuntu | bool @@ -14,12 +13,12 @@ state: present when: is_debuntu | bool -- name: Create 3 Calibre-Web folders to store data and configuration files +- name: "Create 3 Calibre-Web folders to store data and configuration files: {{ calibreweb_home }}, {{ calibreweb_venv_path }}, {{ calibreweb_config }}" file: path: "{{ item }}" owner: "{{ calibreweb_user }}" group: "{{ apache_user }}" - mode: 0755 + mode: '0755' state: directory with_items: - "{{ calibreweb_home }}" @@ -67,10 +66,11 @@ dest: "{{ item.dest }}" owner: root group: root - mode: 0644 + mode: '0644' with_items: - { src: 'calibre-web.service.j2', dest: '/etc/systemd/system/calibre-web.service' } - { src: 'calibre-web.conf.j2', dest: '/etc/apache2/sites-available/calibre-web.conf' } + when: apache_install | bool - name: Does /library/calibre-web/metadata.db exist? stat: @@ -83,7 +83,7 @@ dest: "{{ calibreweb_home }}" owner: "{{ calibreweb_user }}" group: "{{ apache_user }}" - mode: 0644 + mode: '0644' backup: yes with_items: - roles/calibre-web/files/metadata.db @@ -97,11 +97,18 @@ dest: "{{ calibreweb_config }}" owner: "{{ calibreweb_user }}" group: "{{ apache_user }}" - mode: 0644 + mode: '0644' backup: yes when: not metadatadb.stat.exists #when: calibreweb_provision | bool + +# RECORD Calibre-Web AS INSTALLED + +- name: "Set 'calibreweb_installed: True'" + set_fact: + calibreweb_installed: True + - name: "Add 'calibreweb_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/calibre/tasks/install.yml b/roles/calibre/tasks/install.yml index 93f9df09a..1f2fc58bb 100644 --- a/roles/calibre/tasks/install.yml +++ b/roles/calibre/tasks/install.yml @@ -31,6 +31,9 @@ # - run testing branch for Ubuntu 16.04: scripts/calibre-install-latest.sh # - run unstable branch for Debian etc: scripts/calibre-install-unstable.sh + +# 2. SYSTEMD SERVICES + - name: Create calibre-serve.service and calibre.conf (IF /usr/bin/calibre WAS MISSING) template: src: "{{ item.src }}" @@ -42,7 +45,7 @@ #register: calibre_config with_items: - { src: 'calibre-serve.service.j2', dest: '/etc/systemd/system/calibre-serve.service', mode: '0644'} - - { src: 'calibre.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'} + - { src: 'calibre.conf', dest: '/etc/{{ apache_conf_dir }}', mode: '0644'} when: (not calib_executable.stat.exists) - name: Stop service 'calibre-serve' (/usr/bin/calibre-server by Kovid Goyal) @@ -51,6 +54,7 @@ state: stopped daemon_reload: yes + # 3. CREATE USER DATABASE - name: Create /library/calibre (mandatory since Calibre 3.x) @@ -68,6 +72,7 @@ mode: 0644 when: (not calib_executable.stat.exists) + # 4. CREATE CONTENT DATABASE WITH A SAMPLE BOOK (REQUIRED AS OF CALIBRE 3.x) - name: Does /library/calibre/metadata.db exist? @@ -79,6 +84,13 @@ include_tasks: create-db.yml when: not calibre_db.stat.exists + +# 5. RECORD Calibre AS INSTALLED + +- name: "Set 'calibre_installed: True'" + set_fact: + calibre_installed: True + - name: "Add 'calibre_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/captiveportal/tasks/install.yml b/roles/captiveportal/tasks/install.yml index 5d684e198..5ef5406ec 100644 --- a/roles/captiveportal/tasks/install.yml +++ b/roles/captiveportal/tasks/install.yml @@ -52,6 +52,13 @@ args: creates: /etc/nginx/sites-available/capture.conf + +# RECORD Captive Portal AS INSTALLED + +- name: "Set 'captiveportal_installed: True'" + set_fact: + captiveportal_installed: True + - name: "Add 'captiveportal_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index fffd70134..34347948e 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install Captive Portal if 'captiveportal_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Captive Portal if 'captiveportal_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: captiveportal_installed is undefined diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index a8ad276ee..d071b22cc 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -1,20 +1,33 @@ -# administer this service by browsing to localhost:631 +# Administer CUPS at http://box:631 +# Above URL does NOT work over OpenVPN (ANYONE KNOW WHY?) + +# TO DO: +# - validate input vars + prereqs +# - move 5 top stanzas into install.yml +# - move 5-7 next stanzas into enable-or-disable.yml + + - name: Install 'cups' package package: name: cups state: present - when: cups_install | bool - #tags: download - name: Install our own /etc/cups/cupsd.conf from template, to permit local LAN admin template: src: cupsd.conf dest: /etc/cups/cupsd.conf -- name: Install /etc/{{ apache_config_dir }}/cups.conf from template +- name: Install /etc/{{ apache_conf_dir }}/cups.conf from template template: src: cups.conf - dest: "/etc/{{ apache_config_dir }}/" + dest: "/etc/{{ apache_conf_dir }}/" + + +# RECORD CUPS AS INSTALLED + +- name: "Set 'cups_installed: True'" + set_fact: + cups_installed: True - name: "Add 'cups_installed: True' to {{ iiab_state_file }}" lineinfile: @@ -22,11 +35,16 @@ regexp: '^cups_installed' line: 'cups_installed: True' + - name: Enable http://box/cups via Apache (MIGHT NOT WORK?) command: a2ensite cups.conf - when: cups_enabled + when: cups_enabled | bool -- name: Enable & Start services 'cups' and 'cups-browsed' (OS's other than Fedora 18) +- name: Disable http://box/cups via Apache + command: a2dissite cups.conf + when: not cups_enabled + +- name: Enable & Start 'cups' and 'cups-browsed' systemd services (OS's other than Fedora 18) service: name: "{{ item }}" state: started @@ -36,34 +54,35 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable & Start service 'cups' (Fedora 18, for XO laptops) +- name: Enable & Start 'cups' systemd service (Fedora 18, for XO laptops) systemd: name: cups state: started enabled: yes when: cups_enabled and is_F18 -- name: Permit headless admin of CUPS -- only works when CUPS daemon is running +- name: Permit headless admin of CUPS -- only works when CUPS daemon is running, if cups_enabled shell: "cupsctl --remote-admin" when: cups_enabled | bool -- name: Disable both CUPS services (OS's other than Fedora 18) +- name: Disable & Stop 'cups' & 'cups-browsed' systemd services (OS's other than Fedora 18) systemd: name: "{{ item }}" - state: stopped enabled: no + state: stopped with_items: - cups - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for CUPS (Fedora 18, for XO laptops) +- name: Disable & Stop 'cups' systemd service (Fedora 18, for XO laptops) systemd: name: cups - state: stopped enabled: no + state: stopped when: not cups_enabled and is_F18 + - name: Add 'cups' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" @@ -75,7 +94,7 @@ value: CUPS - option: description value: '"CUPS (Common UNIX Printing System) is a modular printing system that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' - - option: installed + - option: install value: "{{ cups_install }}" - - option: cups_enabled + - option: enabled value: "{{ cups_enabled }}" diff --git a/roles/elgg/tasks/install.yml b/roles/elgg/tasks/install.yml index 0ab9a7a04..484c9ab78 100644 --- a/roles/elgg/tasks/install.yml +++ b/roles/elgg/tasks/install.yml @@ -48,9 +48,9 @@ copy: src: "/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" dest: "/opt/{{ elgg_xx }}/.htaccess" - mode: 0644 owner: "{{ apache_user }}" group: "{{ apache_user }}" + mode: '0644' #regexp='^#RewriteBase' - name: Change .htaccess to include RewriteBase for http://box{{ elgg_url }} # http://box/elgg @@ -63,18 +63,18 @@ - name: Set /opt/elgg/engine directory permissions to 0755 so Apache can write there file: + state: directory path: /opt/elgg/engine/ owner: "{{ apache_user }}" - mode: 0755 - state: directory + mode: '0755' - name: Change /opt/elgg-{{ elgg_version }} ownership to {{ apache_user }}:{{ apache_user }} (likely not nec, as unarchive & all do this above) file: + state: directory # Overkill given recurse below? path: "/opt/elgg-{{ elgg_version }}" owner: "{{ apache_user }}" group: "{{ apache_user }}" recurse: yes - state: directory - name: Create upload directory {{ elgg_upload_path }} that Apache (and Elgg) can write to file: @@ -82,10 +82,17 @@ state: directory owner: "{{ apache_user }}" -- name: Install /etc/{{ apache_config_dir }}/elgg.conf from template, for http://box{{ elgg_url }} # http://box/elgg +- name: Install /etc/{{ apache_conf_dir }}/elgg.conf from template, for http://box{{ elgg_url }} # http://box/elgg template: src: elgg.conf - dest: "/etc/{{ apache_config_dir }}/elgg.conf" + dest: "/etc/{{ apache_conf_dir }}/elgg.conf" + + +# RECORD Elgg AS INSTALLED + +- name: "Set 'elgg_installed: True'" + set_fact: + elgg_installed: True - name: "Add 'elgg_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index e06c1c68b..498fa4b9e 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -4,14 +4,12 @@ systemd: name: gitea state: stopped - #tags: pre-install ignore_errors: yes - name: Ensure group gitea exists group: name: gitea state: present - #tags: pre-install - name: Create user gitea user: @@ -19,7 +17,6 @@ comment: Gitea daemon account groups: gitea home: "{{ gitea_home }}" - #tags: pre-install - name: Create Gitea directory structure file: @@ -28,7 +25,6 @@ owner: gitea group: gitea with_items: "{{ gitea_subdirectories }}" - #tags: pre-install - name: Make directories data, indexers, and log writable file: @@ -38,7 +34,6 @@ - data - indexers - log - #tags: pre-install # Download, verify, and link Gitea binary @@ -59,24 +54,21 @@ get_url: url: "{{ gitea_integrity_url }}" dest: "{{ gitea_checksum_path }}" - #tags: never, verify when: internet_available | bool - name: Verify Gitea binary with GPG signature shell: | gpg --keyserver pgp.mit.edu --recv {{ gitea_gpg_key }} gpg --verify {{ gitea_checksum_path }} {{ gitea_install_path }} - #tags: never, verify ignore_errors: yes -- name: Link Gitea +- name: Symlink {{ gitea_link_path }} -> {{ gitea_install_path }} file: src: "{{ gitea_install_path }}" - dest: "{{ gitea_link_path }}" + path: "{{ gitea_link_path }}" owner: gitea group: gitea state: link - #tags: install # Configure Gitea @@ -87,12 +79,11 @@ - name: Create Gitea config directory file: - path: /etc/gitea state: directory + path: /etc/gitea owner: root group: gitea mode: '0770' - #tags: config - name: Create app.ini template: @@ -110,7 +101,14 @@ dest: "{{ item.dest }}" with_items: - { src: 'gitea.service.j2', dest: '/etc/systemd/system/gitea.service' } - - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_config_dir }}/gitea.conf" } + - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_conf_dir }}/gitea.conf" } + + +# RECORD Gitea AS INSTALLED + +- name: "Set 'gitea_installed: True'" + set_fact: + gitea_installed: True - name: "Add 'gitea_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/homepage/tasks/main.yml b/roles/homepage/tasks/main.yml index 71a6fcf2b..d54a806ee 100644 --- a/roles/homepage/tasks/main.yml +++ b/roles/homepage/tasks/main.yml @@ -6,14 +6,14 @@ mode: 0755 state: directory -- name: Install /etc/{{ apache_config_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ +- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ template: src: iiab-homepage.conf - dest: "/etc/{{ apache_config_dir }}/iiab-homepage.conf" + dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" -- name: Symlink /etc/apache2/sites-enabled/iiab-homepage.conf to /etc/{{ apache_config_dir }}/iiab-homepage.conf (debuntu) +- name: Symlink /etc/apache2/sites-enabled/iiab-homepage.conf to /etc/{{ apache_conf_dir }}/iiab-homepage.conf (debuntu) file: - src: "/etc/{{ apache_config_dir }}/iiab-homepage.conf" + src: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" path: /etc/apache2/sites-enabled/iiab-homepage.conf state: link when: is_debuntu | bool diff --git a/roles/httpd/tasks/enable.yml b/roles/httpd/tasks/enable.yml index 394629f04..280dfdd02 100644 --- a/roles/httpd/tasks/enable.yml +++ b/roles/httpd/tasks/enable.yml @@ -21,29 +21,29 @@ # group: root # mode: 0644 with_items: - - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_config_dir }}/010-iiab.conf' } - - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf' } + - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_conf_dir }}/010-iiab.conf' } + - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_conf_dir }}/proxy_ajp.conf' } - name: Enable our site, creating 010-iiab.conf symlink from sites-enabled to sites-available (debuntu) file: - src: "/etc/{{ apache_config_dir }}/010-iiab.conf" + src: "/etc/{{ apache_conf_dir }}/010-iiab.conf" path: /etc/apache2/sites-enabled/010-iiab.conf state: link when: is_debuntu | bool # SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways) -- name: Install /etc/{{ apache_config_dir }}/osm.conf for http://box/maps (all OS's) +- name: Install /etc/{{ apache_conf_dir }}/osm.conf for http://box/maps (all OS's) copy: src: roles/httpd/files/osm.conf - dest: "/etc/{{ apache_config_dir }}" + dest: "/etc/{{ apache_conf_dir }}" # owner: root # group: root # mode: 0644 when: osm_vector_maps_install | bool -- name: Symlink /etc/apache2/sites-enabled/osm.conf -> /etc/{{ apache_config_dir }}/osm.conf (debuntu) +- name: Symlink /etc/apache2/sites-enabled/osm.conf -> /etc/{{ apache_conf_dir }}/osm.conf (debuntu) file: - src: "/etc/{{ apache_config_dir }}/osm.conf" + src: "/etc/{{ apache_conf_dir }}/osm.conf" path: /etc/apache2/sites-enabled/osm.conf state: link when: is_debuntu and osm_vector_maps_enabled diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index eed2b7ded..123d8c940 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -143,6 +143,13 @@ mode: '0755' state: directory + +# RECORD Apache AS INSTALLED + +- name: "Set 'apache_installed: True'" + set_fact: + apache_installed: True + - name: "Add 'apache_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/internetarchive/tasks/enable.yml b/roles/internetarchive/tasks/enable.yml index 995d328cb..6a5855c2b 100644 --- a/roles/internetarchive/tasks/enable.yml +++ b/roles/internetarchive/tasks/enable.yml @@ -40,7 +40,7 @@ value: "{{ item.value | string }}" with_items: - option: name - value: Internet Archive Offline + value: Internet Archive - option: description value: '"Dweb-mirror is intended to make the Internet Archive experience and UI available offline."' - option: internetarchive_enabled diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index 9295c4a86..c7289edd6 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -1,20 +1,33 @@ -- name: Install NodeJS +# INSTALL 3 PREREQS + +- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + set_fact: + nodejs_install: True + nodejs_enabled: True + +- name: Install Node.JS include_role: name: nodejs +- name: "Set 'yarn_install: True' and 'yarn_enabled: True'" + set_fact: + yarn_install: True + yarn_enabled: True + - name: Install Yarn include_role: name: yarn -- name: Install packages needed by Internet Archive Offline +- name: Install package 'libsecret-1-dev' package: - name: - - libsecret-1-dev + name: libsecret-1-dev state: present -- name: Create directory {{ internetarchive_dir }} +# CREATE 2 DIRS & RUN YARN + +- name: mkdir {{ internetarchive_dir }} file: - path: "{{ internetarchive_dir }}" + path: "{{ internetarchive_dir }}" # /opt/iiab/internetarchive state: directory owner: "root" @@ -26,7 +39,7 @@ when: internet_available | bool register: internetarchive_installing -- name: Create directory /library/archiveorg +- name: mkdir /library/archiveorg file: path: "/library/archiveorg" state: directory @@ -38,13 +51,20 @@ template: src: "{{ item.src }}" dest: "{{ item.dest }}" - mode: 0644 + mode: '0644' owner: root group: root with_items: - { src: 'internetarchive.service.j2', dest: '/etc/systemd/system/internetarchive.service' } - { src: 'internetarchive.conf', dest: '/etc/apache2/sites-available/internetarchive.conf' } + +# RECORD Internet Archive AS INSTALLED + +- name: "Set 'internetarchive_installed: True'" + set_fact: + internetarchive_installed: True + - name: "Add 'internetarchive_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index cd2f4849b..322fb90c8 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -80,7 +80,7 @@ with_items: - { src: 'kalite.sh.j2', dest: '/usr/bin/kalite', mode: '0755'} - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'} - - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'} + - { src: 'kalite.conf', dest: '/etc/{{ apache_conf_dir }}', mode: '0644'} - name: Fix KA Lite bug in regex parsing ifconfig output, for @m-anish's network names that contain dashes replace: @@ -88,9 +88,8 @@ regexp: 'a-zA-Z0-9' replace: 'a-zA-Z0-9\-' -# SHOULD REALLY BE HERE...but for now this runs in kalite/tasks/setup.yml -# - name: "Add 'kalite_installed: True' to {{ iiab_state_file }}" -# lineinfile: -# dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml -# regexp: '^kalite_installed' -# line: 'kalite_installed: True' + +# RECORD KA Lite AS INSTALLED + +# TO DO: move the last 2 stanzas from setup.yml so they live right here, +# as any action named "install.yml" should do exactly what it says (install!) diff --git a/roles/kalite/tasks/setup.yml b/roles/kalite/tasks/setup.yml index 9f52ace5e..495ee6b3c 100644 --- a/roles/kalite/tasks/setup.yml +++ b/roles/kalite/tasks/setup.yml @@ -15,7 +15,16 @@ async: 1800 poll: 10 -# CAN WE MOVE THIS TO THE END OF kalite/tasks/install.yml (HENCE ITS FILENAME!) + +# RECORD KA Lite AS INSTALLED + +# TO DO: move these last 2 stanzas to install.yml, +# as any action named "install.yml" should do exactly what it says (install!) + +- name: "Set 'kalite_installed: True'" + set_fact: + kalite_installed: True + - name: "Add 'kalite_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index 4b8d65386..b047f65b1 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -44,6 +44,7 @@ path: "{{ kiwix_path }}/bin" state: directory + # 2. INSTALL KIWIX-TOOLS EXECUTABLES - name: Unarchive {{ kiwix_src_file }} to /tmp # e.g. kiwix-tools_linux-armhf-0.6.1-1.tar.gz @@ -54,6 +55,7 @@ - name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location /opt/iiab/kiwix/bin (armhf & linux64 & i686) shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" + # 3. ENABLE MODS FOR APACHE PROXY IF DEBUNTU # 2019-10-07: Moved to roles/httpd/tasks/main.yml @@ -68,6 +70,7 @@ # - rewrite # when: is_debuntu | bool + # 4. INSTALL iiab-make-kiwix-lib*, kiwix-serve.service, kiwix.conf for Apache - name: 'Install from templates: kiwix-serve.service, iiab-make-kiwix-lib, iiab-make-kiwix-lib.py, kiwix.conf' @@ -79,9 +82,14 @@ - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644' } - { src: 'iiab-make-kiwix-lib', dest: '/usr/bin/iiab-make-kiwix-lib', mode: '0755' } - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755' } - - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644' } + - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_conf_dir }}/kiwix.conf', mode: '0644' } -# 5. RECORD KIWIX AS INSTALLED IN /etc/iiab/iiab_state.yml + +# 5. RECORD Kiwix AS INSTALLED + +- name: "Set 'kiwix_installed: True'" + set_fact: + kiwix_installed: True - name: "Add 'kiwix_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/kolibri/tasks/install.yml b/roles/kolibri/tasks/install.yml index 134945287..ddd2d49c5 100644 --- a/roles/kolibri/tasks/install.yml +++ b/roles/kolibri/tasks/install.yml @@ -113,6 +113,13 @@ # apache2_module: # name: proxy_http + +# RECORD Kolibri AS INSTALLED + +- name: "Set 'kolibri_installed: True'" + set_fact: + kolibri_installed: True + - name: "Add 'kolibri_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 2b798bd37..ee7baa3c2 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -67,10 +67,10 @@ . {{ lokole_run_directory }}/webapp_secrets.sh {{ lokole_venv }}/bin/manage.py createadmin --name='{{ lokole_admin_user }}' --password='{{ lokole_admin_password }}' -- name: Install /etc/{{ apache_config_dir }}/lokole.conf from template, for http://box{{ lokole_url }} via Apache # http://box/lokole +- name: Install /etc/{{ apache_conf_dir }}/lokole.conf from template, for http://box{{ lokole_url }} via Apache # http://box/lokole template: src: lokole.conf.j2 - dest: "/etc/{{ apache_config_dir }}/lokole.conf" + dest: "/etc/{{ apache_conf_dir }}/lokole.conf" when: apache_install | bool - name: Install /etc/systemd/system/lokole.service unit file from template @@ -86,6 +86,13 @@ # state: restarted # when: lokole_enabled | bool + +# RECORD Lokole AS INSTALLED + +- name: "Set 'lokole_installed: True'" + set_fact: + lokole_installed: True + - name: "Add 'lokole_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/mediawiki/tasks/install.yml b/roles/mediawiki/tasks/install.yml index e4c61fcb3..3b8151a1b 100644 --- a/roles/mediawiki/tasks/install.yml +++ b/roles/mediawiki/tasks/install.yml @@ -80,10 +80,17 @@ regexp: '^\$wgServer =' line: '$wgServer = "//" . $_SERVER["HTTP_HOST"];' -- name: Install /etc/{{ apache_config_dir }}/mediawiki.conf from template, for http://box{{ mediawiki_url }} via Apache +- name: Install /etc/{{ apache_conf_dir }}/mediawiki.conf from template, for http://box{{ mediawiki_url }} via Apache template: src: mediawiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" + dest: "/etc/{{ apache_conf_dir }}/mediawiki.conf" + + +# RECORD MediaWiki AS INSTALLED + +- name: "Set 'mediawiki_installed: True'" + set_fact: + mediawiki_installed: True - name: "Add 'mediawiki_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/minetest/tasks/provision.yml b/roles/minetest/tasks/provision.yml index 4dde9bb20..74de12d15 100644 --- a/roles/minetest/tasks/provision.yml +++ b/roles/minetest/tasks/provision.yml @@ -1,18 +1,18 @@ # Calculate local variables - include_tasks: calc_vars.yml -- name: Check for minetest world file ({{ minetest_world_dir }}/world.mt) +- name: Check for Minetest world file ({{ minetest_world_dir }}/world.mt) stat: path: "{{ minetest_world_dir }}/world.mt" register: minetest_world -- name: Create /library/games +- name: mkdir /library/games file: state: directory path: /library/games # owner: root # group: root - # mode: 0755 + # mode: '0755' # rpi only - include_tasks: rpi_minetest_install.yml @@ -28,7 +28,7 @@ depth: 1 when: not minetest_world.stat.exists and minetest_default_game == "carbone-ng" -- name: Give minetest user ownership of carbone-ng +- name: Give Minetest user ownership of carbone-ng file: state: directory path: "{{ minetest_game_dir }}" @@ -69,6 +69,13 @@ path: "{{ minetest_game_dir }}/mods/name_restrictions" when: minetest_default_game == "carbone-ng" + +# RECORD Minetest AS INSTALLED + +- name: "Set 'minetest_installed: True'" + set_fact: + minetest_installed: True + - name: "Add 'minetest_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index 9586da539..a03d819bc 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -128,9 +128,10 @@ - { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' } -3. RECORD MongoDB AS INSTALLED +# 3. RECORD MongoDB AS INSTALLED -- set_fact: +- name: "Set 'mongodb_installed: True'" + set_fact: mongodb_installed: True - name: "Add 'mongodb_installed: True' to {{ iiab_state_file }}" diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 5263fa695..8a753b62a 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -23,10 +23,7 @@ when: (is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9) -# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False -# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own - -- name: Install 'mongodb' if not Debian 10+ +- name: Install MongoDB if 'mongodb_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: mongodb_installed is undefined diff --git a/roles/monit/tasks/install.yml b/roles/monit/tasks/install.yml index ea3454853..6529cb3a6 100644 --- a/roles/monit/tasks/install.yml +++ b/roles/monit/tasks/install.yml @@ -56,6 +56,13 @@ - option: enabled value: "{{ monit_enabled }}" + +# RECORD Monit AS INSTALLED + +- name: "Set 'monit_installed: True'" + set_fact: + monit_installed: True + - name: "Add 'monit_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/moodle/tasks/install.yml b/roles/moodle/tasks/install.yml index 527dcb6ca..270b5913b 100644 --- a/roles/moodle/tasks/install.yml +++ b/roles/moodle/tasks/install.yml @@ -78,13 +78,13 @@ - name: Remove Apache's stock moodle.conf file: - path: "/etc/{{ apache_config_dir }}/moodle.conf" + path: "/etc/{{ apache_conf_dir }}/moodle.conf" state: absent - name: Install Apache's 022-moodle.conf from template, if moodle_enabled template: src: 022-moodle.j2 - dest: "/etc/{{ apache_config_dir }}/022-moodle.conf" + dest: "/etc/{{ apache_conf_dir }}/022-moodle.conf" # owner: root # group: root # mode: '0644' @@ -147,6 +147,13 @@ path: "{{ moodle_base }}/config.php" mode: '0644' + +# RECORD Moodle AS INSTALLED + +- name: "Set 'moodle_installed: True'" + set_fact: + moodle_installed: True + - name: "Add 'moodle_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/mosquitto/tasks/install.yml b/roles/mosquitto/tasks/install.yml index 6d1d0f062..aaf10bd3d 100644 --- a/roles/mosquitto/tasks/install.yml +++ b/roles/mosquitto/tasks/install.yml @@ -30,6 +30,13 @@ group: root mode: '0755' + +# RECORD Mosquitto AS INSTALLED + +- name: "Set 'mosquitto_installed: True'" + set_fact: + mosquitto_installed: True + - name: "Add 'mosquitto_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/munin/tasks/install.yml b/roles/munin/tasks/install.yml index 423d22bc0..f42daa35e 100644 --- a/roles/munin/tasks/install.yml +++ b/roles/munin/tasks/install.yml @@ -26,7 +26,7 @@ # mode: 0644 with_items: - { src: 'munin.conf.j2', dest: '/etc/munin/munin.conf' } - - { src: 'munin24.conf.j2', dest: '/etc/{{ apache_config_dir }}/munin24.conf' } + - { src: 'munin24.conf.j2', dest: '/etc/{{ apache_conf_dir }}/munin24.conf' } - name: Establish username/password Admin/changeme in /etc/munin/munin-htpasswd htpasswd: @@ -48,6 +48,13 @@ - /usr/share/munin/plugins/mysql_threads when: mysql_enabled | bool + +# RECORD Munin AS INSTALLED + +- name: "Set 'munin_installed: True'" + set_fact: + munin_installed: True + - name: "Add 'munin_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index 5128de298..e3409ac24 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install Munin if 'munin_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Munin if 'munin_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: munin_installed is undefined diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 9f8d484b5..b62ff931b 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,9 +1,9 @@ # TO DO: # - Validate input vars mysql_install & mysql_enabled -# - Put ~12 stanzas just below into install.yml +# - Put ~13 stanzas just below into install.yml # - Triggered by... 'when: mysql_installed is undefined' # - Eliminate stale Fedora/CentOS code & gratuitous when: is_debuntu clauses? -# - Consider putting ~8 stanzas below that into enable.yml or similar? +# - Put ~8 stanzas below that into enable-or-disable.yml - name: 'Install MySQL packages: mariadb-server, mariadb-client, and 8 php packages (debuntu)' package: @@ -114,9 +114,11 @@ # line: "TimeoutStartSec=180" when: mariadb_unit_file.stat.exists + # RECORD MySQL AS INSTALLED -- set_fact: +- name: "Set 'mysql_installed: True'" + set_fact: mysql_installed: True - name: "Add 'mysql_installed: True' to {{ iiab_state_file }}" diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 125300dad..f967f5c4a 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -70,11 +70,11 @@ dest: "/etc/systemd/system/{{ dns_service }}.service" mode: '0644' -- name: "Install /etc/{{ apache_config_dir }}/dns-jail.conf from template: dns-jail redirect requires the named.blackhole, disabling recursion (if dns_jail_enabled)" +- name: "Install /etc/{{ apache_conf_dir }}/dns-jail.conf from template: dns-jail redirect requires the named.blackhole, disabling recursion (if dns_jail_enabled)" # in named-iiab.conf, and the redirection of 404 error documents to / template: src: roles/network/templates/named/dns-jail.conf - dest: "/etc/{{ apache_config_dir }}/" + dest: "/etc/{{ apache_conf_dir }}/" when: dns_jail_enabled | bool - name: "Add 'named_installed: True' to {{ iiab_state_file }}" diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 30c7f9897..1ccbc4ad7 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -173,13 +173,19 @@ - name: Install Apache's nextcloud.conf from template, for http://box/nextcloud template: src: nextcloud.conf.j2 - dest: "/etc/{{ apache_config_dir }}/nextcloud.conf" + dest: "/etc/{{ apache_conf_dir }}/nextcloud.conf" - name: Provision Nextcloud's MySQL DB, run Nextcloud's install wizard etc include_tasks: setup.yml +# RECORD Nextcloud AS INSTALLED + +- name: "Set 'nextcloud_installed: True'" + set_fact: + nextcloud_installed: True + - name: "Add 'nextcloud_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 89bf6fd85..bb69fefe0 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -19,19 +19,17 @@ quiet: yes -#- name: Does {{ nextcloud_prefix }}//nextcloud/version.php exist? # /opt -# stat: -# path: "{{ nextcloud_prefix }}/nextcloud/version.php" -# register: nextcloud_page - -- name: Install Nextcloud if 'nextcloud_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Nextcloud if 'nextcloud_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml - when: nextcloud_installed is undefined # or not nextcloud_page.stat.exists + when: nextcloud_installed is undefined +# +# ABOVE install.yml RUNS setup.yml -- name: Enable/Disable/Restart Apache if primary +#- name: Enable/Disable/Restart Apache if primary +- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache include_tasks: apache.yml - when: not nginx_enabled + #when: not nginx_enabled - name: Enable/Disable/Restart NGINX if primary include_tasks: nginx.yml diff --git a/roles/nextcloud/tasks/nginx.yml b/roles/nextcloud/tasks/nginx.yml index 80001b232..b4b36b401 100644 --- a/roles/nextcloud/tasks/nginx.yml +++ b/roles/nextcloud/tasks/nginx.yml @@ -1,10 +1,10 @@ -- name: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template # http://box/nextcloud +- name: "SHIM: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template" # http://box/nextcloud template: src: nextcloud-nginx.conf.j2 dest: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d when: nextcloud_enabled | bool -- name: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf # http://box/nextcloud +- name: "SHIM: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf" # http://box/nextcloud file: path: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d state: absent diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 710b16eb4..ad21ac29d 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -43,6 +43,13 @@ state: restarted when: nginx_enabled + +# RECORD NGINX AS INSTALLED + +- name: "Set 'nginx_installed: True'" + set_fact: + nginx_installed: True + - name: "Add 'nginx_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index 476f12e35..e47ba1cf0 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -151,9 +151,10 @@ -3. RECORD Node.js AS INSTALLED +# 3. RECORD Node.js AS INSTALLED -- set_fact: +- name: "Set 'nodejs_installed: True'" + set_fact: nodejs_installed: True - name: "Add 'nodejs_installed: True' to {{ iiab_state_file }}" diff --git a/roles/nodered/tasks/install.yml b/roles/nodered/tasks/install.yml index 5bdcb268a..8944491f6 100644 --- a/roles/nodered/tasks/install.yml +++ b/roles/nodered/tasks/install.yml @@ -85,11 +85,11 @@ dest: /etc/systemd/system/nodered.service # mode: '0666' -- name: Install /etc/{{ apache_config_dir }}/nodered.conf from template +- name: Install /etc/{{ apache_conf_dir }}/nodered.conf from template template: backup: yes src: nodered.conf.j2 - dest: "/etc/{{ apache_config_dir }}/nodered.conf" + dest: "/etc/{{ apache_conf_dir }}/nodered.conf" # mode: '0666' # SEE ALSO THE apache2_module SECTION IN roles/httpd/tasks/main.yml @@ -98,6 +98,13 @@ state: present name: proxy_wstunnel + +# RECORD Node-RED AS INSTALLED + +- name: "Set 'nodered_installed: True'" + set_fact: + nodered_installed: True + - name: "Add 'nodered_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 3463881a7..10651af47 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -1,4 +1,4 @@ -# TO DO: WRAP 11 OR 12 STANZAS BELOW INTO install.yml, conditioned by... +# TO DO: WRAP 12 OR 13 STANZAS BELOW INTO install.yml, conditioned by... # 'when: openvpn_installed is undefined' # # BEWARE: 4th stanza (ssh pubkey deletions) is already conditioned by... @@ -107,6 +107,13 @@ path: /usr/bin/iiab-vpn-off state: link + +# RECORD OpenVPN AS INSTALLED + +- name: "Set 'openvpn_installed: True'" + set_fact: + openvpn_installed: True + - name: "Add 'openvpn_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml @@ -114,7 +121,7 @@ line: 'openvpn_installed: True' -# TO DO: WRAP COMMENTS + 4 ACTIVE STANZAS BELOW INTO enable.yml... +# TO DO: WRAP COMMENTS + 4 ACTIVE STANZAS BELOW INTO enable-or-disable.yml... # FIXED SOMETIME PRIOR TO AUGUST 2018: earlier versions of Ansible had not # been working with systemd service names that contained the "@" character. diff --git a/roles/osm-vector-maps/tasks/install.yml b/roles/osm-vector-maps/tasks/install.yml index d43cfbce4..e4e17d099 100644 --- a/roles/osm-vector-maps/tasks/install.yml +++ b/roles/osm-vector-maps/tasks/install.yml @@ -67,6 +67,12 @@ dest: "{{ vector_map_path }}/index.html" # /library/www/osm-vector-maps +# RECORD OSM Vector Maps AS INSTALLED + +- name: "Set 'osm_vector_maps_installed: True'" + set_fact: + osm_vector_maps_installed: True + - name: "Add 'osm_vector_maps_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/osm-vector-maps/tasks/main.yml b/roles/osm-vector-maps/tasks/main.yml index 3bdfbee25..2fba601a5 100644 --- a/roles/osm-vector-maps/tasks/main.yml +++ b/roles/osm-vector-maps/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install OSM Vector Maps if 'osm_vector_maps_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install OSM Vector Maps if 'osm_vector_maps_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: osm_vector_maps_installed is undefined diff --git a/roles/pbx/tasks/main.yml b/roles/pbx/tasks/main.yml index 7dd0c23a7..50752065f 100644 --- a/roles/pbx/tasks/main.yml +++ b/roles/pbx/tasks/main.yml @@ -49,3 +49,16 @@ - name: Asterisk - Install chan_dongle include: chan_dongle.yml when: asterisk_chan_dongle | bool + + +# RECORD PBX AS INSTALLED + +- name: "Set 'pbx_installed: True'" + set_fact: + pbx_installed: True + +- name: "Add 'pbx_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^pbx_installed' + line: 'pbx_installed: True' diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 2dd6f3cc5..088fd4e2e 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -45,6 +45,19 @@ # # recurse: yes # # state: directory +- name: Install /etc/{{ apache_conf_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled + template: + src: phpmyadmin.j2 + dest: "/etc/{{ apache_conf_dir }}/phpmyadmin.conf" + when: apache_install | bool + + +# RECORD phpMyAdmin AS INSTALLED + +- name: "Set 'phpmyadmin_installed: True'" + set_fact: + phpmyadmin_installed: True + - name: "Add 'phpmyadmin_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml @@ -52,24 +65,13 @@ line: 'phpmyadmin_installed: True' -- name: Install /etc/{{ apache_config_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled - template: - src: phpmyadmin.j2 - dest: "/etc/{{ apache_config_dir }}/phpmyadmin.conf" - when: phpmyadmin_enabled | bool +- name: Enable phpMyAdmin via Apache, if phpmyadmin_enabled + command: a2ensite phpmyadmin.conf + when: apache_install and phpmyadmin_enabled -- name: Create symlink phpmyadmin.conf from sites-enabled to sites-available (debuntu) - file: - src: /etc/apache2/sites-available/phpmyadmin.conf - path: /etc/apache2/sites-enabled/phpmyadmin.conf - state: link - when: phpmyadmin_enabled and is_debuntu - -- name: Remove /etc/apache2/sites-enabled/phpmyadmin.conf, if not phpmyadmin_enabled (debuntu) - file: - path: /etc/apache2/sites-enabled/phpmyadmin.conf - state: absent - when: not phpmyadmin_enabled and is_debuntu +- name: Disable phpMyAdmin via Apache, if not phpmyadmin_enabled + command: a2dissite phpmyadmin.conf + when: apache_install and not phpmyadmin_enabled - name: Add 'phpmyadmin' variable values to {{ iiab_ini_file }} diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index 2e34a3ee1..df377b2bc 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,6 +1,6 @@ # TO DO: # - Validate input vars postgresql_install & postgresql_enabled -# - Put ~12 stanzas just below into install.yml +# - Put ~13 stanzas just below into install.yml # - Triggered by... 'when: postgresql_installed is undefined' - name: Install 'postgresql' package @@ -85,9 +85,11 @@ state: stopped enabled: no + # RECORD PostgreSQL AS INSTALLED -- set_fact: +- name: "Set 'postgresql_installed: True'" + set_fact: postgresql_installed: True - name: "Add 'postgresql_installed: True' to {{ iiab_state_file }}" diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index 7a6087a77..be0022ca3 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -21,51 +21,55 @@ - samba-common - cifs-utils state: present - #tags: samba, download - name: Install /etc/samba/smb.conf from template template: src: smb.conf.j2 dest: /etc/samba/smb.conf + +# RECORD Samba AS INSTALLED + +- name: "Set 'samba_installed: True'" + set_fact: + samba_installed: True + - name: "Add 'samba_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^samba_installed' line: 'samba_installed: True' -- name: Enable & Start Samba systemd service + +- name: Enable & Start Samba ({{ smb_service }}) systemd service, if samba_enabled service: name: "{{ smb_service }}" state: started enabled: yes - #tags: samba when: samba_enabled | bool -- name: Enable & Start NetBIOS name server ({{ nmb_service }}) +- name: Enable & Start NetBIOS name server ({{ nmb_service }}) if samba_enabled service: name: "{{ nmb_service }}" state: started enabled: yes - #tags: samba when: samba_enabled | bool -- name: Disable Samba if not samba_enabled - service: +- name: Disable & Stop Samba ({{ smb_service }}) systemd service, if not samba_enabled + systemd: name: "{{ smb_service }}" state: stopped enabled: no - #tags: samba when: not samba_enabled -- name: Disable NetBIOS name server ({{ nmb_service }}) if not samba_enabled - service: +- name: Disable & Stop NetBIOS name server ({{ nmb_service }}) if not samba_enabled + systemd: name: "{{ nmb_service }}" state: stopped enabled: no - #tags: samba when: not samba_enabled + - name: Add 'samba' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index cf34e87f9..ac96f0208 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -2,25 +2,24 @@ package: name: "{{ sshd_package }}" state: present - when: sshd_enabled | bool -- name: Disable root login with password +- name: Disable password-based logins to root lineinfile: dest: /etc/ssh/sshd_config regexp: '^PermitRootLogin' line: 'PermitRootLogin without-password' state: present - when: sshd_enabled | bool + #when: sshd_enabled | bool #TODO: use handler to reload ssh -- name: Create root .ssh +- name: mkdir /root/.ssh file: + state: directory path: /root/.ssh owner: root group: root - mode: 0700 - state: directory - when: sshd_enabled | bool + mode: '0700' + #when: sshd_enabled | bool - name: Install dummy root keys as placeholder copy: @@ -28,19 +27,34 @@ dest: /root/.ssh/authorized_keys owner: root group: root - mode: 0600 + mode: '0600' force: no - when: sshd_enabled | bool + #when: sshd_enabled | bool -- name: Enable & start ssh daemon - service: + +# RECORD sshd AS INSTALLED + +- name: "Set 'sshd_installed: True'" + set_fact: + sshd_installed: True + +- name: "Add 'sshd_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^sshd_installed' + line: 'sshd_installed: True' + + +- name: Enable & Start ssh daemon ({{ sshd_service }}) if sshd_enabled + systemd: name: "{{ sshd_service }}" + daemon_reload: yes enabled: yes state: started when: sshd_enabled | bool -- name: Disable ssh daemon - service: +- name: Disable & Stop ssh daemon ({{ sshd_service }}) if not sshd_enabled + systemd: name: "{{ sshd_service }}" enabled: no state: stopped diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index ef80cc884..c613f691c 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -1,6 +1,13 @@ -0. ATTEMPT INSTALL-THEN-ASSERT OF (1) HARD PREREQ Node.js (2) SOFT PREREQ MongoDB +# 0. ATTEMPT INSTALL-THEN-ASSERT OF (1) HARD PREREQ Node.js (2) SOFT PREREQ MongoDB -- set_fact: +- debug: + var: nodejs_install + +- debug: + var: nodejs_enabled + +- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + set_fact: nodejs_install: True nodejs_enabled: True @@ -18,7 +25,14 @@ msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, and your nodejs_version appears to be {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc!" when: nodejs_version != "12.x" -- set_fact: + +- debug: + var: mongodb_install +- debug: + var: mongodb_enabled + +- name: "Set 'mongodb_install: True' and 'mongodb_enabled: True'" + set_fact: mongodb_install: True mongodb_enabled: True @@ -178,7 +192,7 @@ # mode: '0644' with_items: - { src: 'sugarizer.service', dest: '/etc/systemd/system/sugarizer.service' } - - { src: 'sugarizer.conf.j2', dest: "/etc/{{ apache_config_dir }}/sugarizer.conf" } + - { src: 'sugarizer.conf.j2', dest: "/etc/{{ apache_conf_dir }}/sugarizer.conf" } #- { src: 'sugarizer.ini.j2', dest: '{{ iiab_base }}/sugarizer-server/env/sugarizer.ini' } #- { src: 'sugarizer.js', dest: '{{ iiab_base }}/sugarizer-server' } @@ -253,9 +267,10 @@ # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -6. RECORD Sugarizer AS INSTALLED +# 6. RECORD Sugarizer AS INSTALLED -- set_fact: +- name: "Set 'sugarizer_installed: True'" + set_fact: sugarizer_installed: True - name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index ef5b79c5b..4d394c56c 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install Sugarizer if 'sugarizer_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Sugarizer if 'sugarizer_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: sugarizer_installed is undefined diff --git a/roles/transmission/tasks/main.yml b/roles/transmission/tasks/main.yml index 3a7646f83..340f3d95b 100644 --- a/roles/transmission/tasks/main.yml +++ b/roles/transmission/tasks/main.yml @@ -7,11 +7,11 @@ - name: Create download dir {{ transmission_download_dir }}, owned by {{ transmission_user }}:{{ transmission_group }} file: + state: directory path: "{{ transmission_download_dir }}" # /library/transmission owner: "{{ transmission_user }}" # debian-transmission group: "{{ transmission_group }}" # root # mode: '0755' - state: directory - name: Stop 'transmission-daemon' systemd service, before modifying its settings systemd: @@ -23,9 +23,16 @@ template: src: settings.json.j2 dest: /etc/transmission-daemon/settings.json - # mode: '0644' owner: "{{ transmission_user }}" # debian-transmission group: "{{ transmission_group }}" # root + # mode: '0644' + + +# RECORD Transmission AS INSTALLED + +- name: "Set 'transmission_installed: True'" + set_fact: + transmission_installed: True - name: "Add 'transmission_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/usb-lib/README.rst b/roles/usb_lib/README.rst similarity index 100% rename from roles/usb-lib/README.rst rename to roles/usb_lib/README.rst diff --git a/roles/usb-lib/defaults/main.yml b/roles/usb_lib/defaults/main.yml similarity index 100% rename from roles/usb-lib/defaults/main.yml rename to roles/usb_lib/defaults/main.yml diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml new file mode 100644 index 000000000..82ecc6724 --- /dev/null +++ b/roles/usb_lib/tasks/main.yml @@ -0,0 +1,109 @@ +# TO DO: +# - validate input vars + prereqs +# - move 6 top stanzas into install.yml +# - move 6 mid/lower stanzas into enable-or-disable.yml +# - verify analogous NGINX logic from roles/nginx/* -- then integrate as nec? + +- name: Add dir {{ doc_root }}/local_content, where USB drive links can appear + file: + state: directory + path: "{{ doc_root }}/local_content" + owner: "{{ apache_user }}" + group: "{{ iiab_admin_user }}" # ISN'T "{{ apache_user }}" MORE APPROPRIATE? + mode: '0775' + +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off' + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + with_items: + - { src: 'usbmount@.service.j2' , dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } + - { src: 'usbmount.rules.j2' , dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' } + - { src: 'iiab-usb_lib-show-all-on' , dest: '/usr/bin/', mode: '0755' } + - { src: 'iiab-usb_lib-show-all-off' , dest: '/usr/bin/', mode: '0755' } + +- name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf + lineinfile: + regexp: '^FILESYSTEMS.*' + line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"' + path: /etc/usbmount/usbmount.conf + +- name: Install /etc/{{ apache_conf_dir }}/content_dir.conf from template + template: + src: content_dir.conf + dest: "/etc/{{ apache_conf_dir }}" + when: apache_install + + +# RECORD usb_lib AS INSTALLED + +- name: "Set 'usb_lib_installed: True'" + set_fact: + usb_lib_installed: True + +- name: "Add 'usb_lib_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^usb_lib_installed' + line: 'usb_lib_installed: True' + + +- name: Install /etc/usbmount/mount.d/70-usb-library from template, if usb_lib_enabled + template: + src: mount.d/70-usb-library + dest: /etc/usbmount/mount.d/ + owner: root + group: root + mode: '0751' + when: usb_lib_enabled | bool + +- name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled + template: + src: umount.d/70-usb-library + dest: /etc/usbmount/umount.d + owner: root + group: root + mode: '0751' + when: usb_lib_enabled | bool + +- name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled + file: + path: /etc/usbmount/mount.d/70-usb-library + state: absent + when: not usb_lib_enabled + +- name: Remove /etc/usbmount/umount.d/70-usb-library if not usb_lib_enabled + file: + path: /etc/usbmount/umount.d/70-usb-library + state: absent + when: not usb_lib_enabled + +- name: Enable http://box/usb via Apache, if usb_lib_enabled + command: a2ensite content_dir.conf + when: apache_install and usb_lib_enabled + +- name: Disable http://box/usb via Apache, if not usb_lib_enabled + command: a2dissite content_dir.conf + when: apache_install and not usb_lib_enabled + + +- name: Put variable in iiab.env that enables display of content at root of USB + lineinfile: + path: "{{ iiab_env_file }}" + regexp: "^IIAB_USB_LIB_SHOW_ALL.*" + line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" + +- name: Add 'usb_lib' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" + section: usb_lib + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: usb_lib + - option: description + value: '"usb_lib automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"' + - option: enabled + value: "{{ usb_lib_enabled }}" diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml~ similarity index 59% rename from roles/usb-lib/tasks/main.yml rename to roles/usb_lib/tasks/main.yml~ index 8cf7ce336..0ac13ad51 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml~ @@ -1,21 +1,18 @@ +# TO DO: +# - validate input vars + prereqs +# - move 6 top stanzas into install.yml +# - move 6 mid/lower stanzas into enable-or-disable.yml +# - verify analogous NGINX logic from roles/nginx/* -- then integrate as nec? + - name: Add dir {{ doc_root }}/local_content, where USB drive links can appear file: - path: "{{ doc_root }}/local_content" state: directory + path: "{{ doc_root }}/local_content" owner: "{{ apache_user }}" group: "{{ iiab_admin_user }}" # ISN'T "{{ apache_user }}" MORE APPROPRIATE? - mode: 0775 + mode: '0775' -- name: Install /etc/usbmount/mount.d/70-usb-library from template - template: - src: mount.d/70-usb-library - dest: /etc/usbmount/mount.d/ - owner: root - group: root - mode: 0751 - when: usb_lib_enabled | bool - -- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb-lib-show-all-on, /usr/bin/iiab-usb-lib-show-all-off' +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -23,22 +20,51 @@ with_items: - { src: 'usbmount@.service.j2' , dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } - { src: 'usbmount.rules.j2' , dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' } - - { src: 'iiab-usb-lib-show-all-on' , dest: '/usr/bin/', mode: '0755' } - - { src: 'iiab-usb-lib-show-all-off' , dest: '/usr/bin/', mode: '0755' } + - { src: 'iiab-usb_lib-show-all-on' , dest: '/usr/bin/', mode: '0755' } + - { src: 'iiab-usb_lib-show-all-off' , dest: '/usr/bin/', mode: '0755' } - name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf - lineinfile: + lineinfile: regexp: '^FILESYSTEMS.*' line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"' path: /etc/usbmount/usbmount.conf -- name: Install /etc/usbmount/umount.d/70-usb-library from template +- name: Install /etc/{{ apache_conf_dir }}/content_dir.conf from template + template: + src: content_dir.conf + dest: "/etc/{{ apache_conf_dir }}" + when: apache_install + + +# RECORD usb_lib AS INSTALLED + +- name: "Set 'usb_lib_installed: True'" + set_fact: + usb_lib_installed: True + +- name: "Add 'usb_lib_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^usb_lib_installed' + line: 'usb_lib_installed: True' + + +- name: Install /etc/usbmount/mount.d/70-usb-library from template, if usb_lib_enabled + template: + src: mount.d/70-usb-library + dest: /etc/usbmount/mount.d/ + owner: root + group: root + mode: '0751' + when: usb_lib_enabled | bool + +- name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled template: src: umount.d/70-usb-library dest: /etc/usbmount/umount.d owner: root group: root - mode: 0751 + mode: '0751' when: usb_lib_enabled | bool - name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled @@ -53,47 +79,31 @@ state: absent when: not usb_lib_enabled +- name: Enable http://box/usb via Apache, if usb_lib_enabled + shell: a2ensite content_dir.conf + when: apache_install and usb_lib_enabled + +- name: Disable http://box/usb via Apache, if not usb_lib_enabled + shell: a2dissite content_dir.conf + when: apache_install and not usb_lib_enabled + + - name: Put variable in iiab.env that enables display of content at root of USB lineinfile: path: "{{ iiab_env_file }}" regexp: "^IIAB_USB_LIB_SHOW_ALL.*" line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" -- name: Install /etc/{{ apache_config_dir }}/content_dir.conf from template - template: - src: content_dir.conf - dest: "/etc/{{ apache_config_dir }}" - when: usb_lib_enabled | bool - -- name: Create symlink content_dir.conf from sites-enabled to sites-available (debuntu) - file: - src: "/etc/{{ apache_config_dir }}/content_dir.conf" - dest: /etc/apache2/sites-enabled/content_dir.conf - state: link - when: is_debuntu | bool - -- name: Remove symlink content_dir.conf from /etc/apache2/sites-enabled (debuntu) - file: - dest: /etc/apache2/sites-enabled/content_dir.conf - state: absent - when: is_debuntu and not usb_lib_enabled - -- name: Remove content_dir.conf from /etc/{{ apache_config_dir }} - file: - name: "/etc/{{ apache_config_dir }}/content_dir.conf" - state: absent - when: not usb_lib_enabled - -- name: Add 'usb-lib' variable values to {{ iiab_ini_file }} +- name: Add 'usb_lib' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" - section: usb-lib + section: usb_lib option: "{{ item.option }}" value: "{{ item.value | string }}" with_items: - option: name - value: usb-lib + value: usb_lib - option: description - value: '"usb-lib automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"' + value: '"usb_lib automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"' - option: enabled value: "{{ usb_lib_enabled }}" diff --git a/roles/usb-lib/templates/content_dir.conf b/roles/usb_lib/templates/content_dir.conf similarity index 100% rename from roles/usb-lib/templates/content_dir.conf rename to roles/usb_lib/templates/content_dir.conf diff --git a/roles/usb-lib/templates/iiab-usb-lib-show-all-off b/roles/usb_lib/templates/iiab-usb_lib-show-all-off similarity index 100% rename from roles/usb-lib/templates/iiab-usb-lib-show-all-off rename to roles/usb_lib/templates/iiab-usb_lib-show-all-off diff --git a/roles/usb-lib/templates/iiab-usb-lib-show-all-on b/roles/usb_lib/templates/iiab-usb_lib-show-all-on similarity index 100% rename from roles/usb-lib/templates/iiab-usb-lib-show-all-on rename to roles/usb_lib/templates/iiab-usb_lib-show-all-on diff --git a/roles/usb-lib/templates/mount.d/70-usb-library b/roles/usb_lib/templates/mount.d/70-usb-library similarity index 100% rename from roles/usb-lib/templates/mount.d/70-usb-library rename to roles/usb_lib/templates/mount.d/70-usb-library diff --git a/roles/usb-lib/templates/umount.d/70-usb-library b/roles/usb_lib/templates/umount.d/70-usb-library similarity index 100% rename from roles/usb-lib/templates/umount.d/70-usb-library rename to roles/usb_lib/templates/umount.d/70-usb-library diff --git a/roles/usb-lib/templates/usbmount.rules.j2 b/roles/usb_lib/templates/usbmount.rules.j2 similarity index 100% rename from roles/usb-lib/templates/usbmount.rules.j2 rename to roles/usb_lib/templates/usbmount.rules.j2 diff --git a/roles/usb-lib/templates/usbmount@.service.j2 b/roles/usb_lib/templates/usbmount@.service.j2 similarity index 100% rename from roles/usb-lib/templates/usbmount@.service.j2 rename to roles/usb_lib/templates/usbmount@.service.j2 diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 969b25d0f..0303d0e46 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -19,6 +19,13 @@ shell: /usr/bin/vnstat -i {{ iiab_lan_iface }} when: iiab_lan_iface is defined + +# RECORD vnStat AS INSTALLED + +- name: "Set 'vnstat_installed: True'" + set_fact: + vnstat_installed: True + - name: "Add 'vnstat_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml @@ -26,7 +33,7 @@ line: 'vnstat_installed: True' -- name: Enable & Start vnStat's systemd service (vnstat) +- name: Enable & (Re)Start 'vnstat' systemd service, if vnstat_enabled systemd: name: vnstat daemon_reload: yes diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 8652e0a0d..29a8bc216 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -85,12 +85,19 @@ group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? mode: '0660' # Others strongly recommend '0600' (or do PHP/Apache/NGINX really need group read & write permissions?) -- name: Install etc/{{ apache_config_dir }}/wordpress.conf from template, for http://box{{ wp_url }} via Apache +- name: Install etc/{{ apache_conf_dir }}/wordpress.conf from template, for http://box{{ wp_url }} via Apache template: src: wordpress.conf.j2 - dest: "/etc/{{ apache_config_dir }}/wordpress.conf" + dest: "/etc/{{ apache_conf_dir }}/wordpress.conf" when: apache_enabled | bool + +# RECORD WordPress AS INSTALLED + +- name: "Set 'wordpress_installed: True'" + set_fact: + wordpress_installed: True + - name: "Add 'wordpress_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml index 0e4986ed1..07853ec12 100644 --- a/roles/wordpress/tasks/main.yml +++ b/roles/wordpress/tasks/main.yml @@ -21,11 +21,11 @@ quiet: yes -- name: Provision MySQL DB for WordPress, if 'wordpress_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Provision MySQL DB for WordPress, if 'wordpress_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: setup.yml when: wordpress_installed is undefined # and not installing -- name: Install WordPress if 'wordpress_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install WordPress if 'wordpress_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: wordpress_installed is undefined diff --git a/roles/yarn/tasks/main.yml b/roles/yarn/tasks/main.yml index 461280d41..533a5315a 100644 --- a/roles/yarn/tasks/main.yml +++ b/roles/yarn/tasks/main.yml @@ -7,7 +7,7 @@ file: path: /etc/apt/sources.list.d/yarn.list owner: root - mode: 0644 + mode: '0644' state: touch - name: "Yarn | Ensure Debian package is in sources list" @@ -17,8 +17,8 @@ line: 'deb http://dl.yarnpkg.com/debian/ stable main' state: present -- name: "Yarn | Update APT cache" - apt: +- name: "Yarn | Update APT cache" + apt: update_cache: yes - name: "Yarn | Install" @@ -26,3 +26,16 @@ name: yarn state: latest when: internet_available and is_debuntu + + +# RECORD Yarn AS INSTALLED + +- name: "Set 'yarn_installed: True'" + set_fact: + yarn_installed: True + +- name: "Add 'yarn_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^yarn_installed' + line: 'yarn_installed: True' diff --git a/tests/test.yml b/tests/test.yml index f39c2807d..26f0b40b6 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -57,7 +57,7 @@ #- { role: sugar-stats } #- { role: teamviewer } - { role: transmission } - - { role: usb-lib } + - { role: usb_lib } - { role: vnstat } - { role: wordpress } #- { roles: xovis } diff --git a/vars/centos-7.yml b/vars/centos-7.yml index 349a6e33e..c57ab58f7 100644 --- a/vars/centos-7.yml +++ b/vars/centos-7.yml @@ -11,7 +11,8 @@ proxy: squid proxy_user: squid apache_service: httpd apache_user: apache -apache_config_dir: httpd/conf.d +apache_conf_dir: httpd/conf.d +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/httpd smb_service: smb nmb_service: nmb diff --git a/vars/debian-10.yml b/vars/debian-10.yml index 9c82440f6..9780612da 100644 --- a/vars/debian-10.yml +++ b/vars/debian-10.yml @@ -11,7 +11,8 @@ dns_user: bind proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/debian-8.yml b/vars/debian-8.yml index 99accdf52..bb23c04b0 100644 --- a/vars/debian-8.yml +++ b/vars/debian-8.yml @@ -10,7 +10,8 @@ dns_user: bind proxy: squid3 proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/debian-9.yml b/vars/debian-9.yml index 098c90809..19ef67bb3 100644 --- a/vars/debian-9.yml +++ b/vars/debian-9.yml @@ -11,7 +11,8 @@ dns_user: bind proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/fedora-18.yml b/vars/fedora-18.yml index 8df9d8019..ca863a016 100644 --- a/vars/fedora-18.yml +++ b/vars/fedora-18.yml @@ -11,7 +11,8 @@ proxy: squid proxy_user: squid apache_service: httpd apache_user: apache -apache_config_dir: httpd/conf.d +apache_conf_dir: httpd/conf.d +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/httpd smb_service: smb nmb_service: nmb diff --git a/vars/fedora-22.yml b/vars/fedora-22.yml index 28f815f43..2c8ec05b6 100644 --- a/vars/fedora-22.yml +++ b/vars/fedora-22.yml @@ -11,7 +11,8 @@ proxy: squid proxy_user: squid apache_service: httpd apache_user: apache -apache_config_dir: httpd/conf.d +apache_conf_dir: httpd/conf.d +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/httpd smb_service: smb nmb_service: nmb diff --git a/vars/raspbian-10.yml b/vars/raspbian-10.yml index 7813a7200..7d7e61e50 100644 --- a/vars/raspbian-10.yml +++ b/vars/raspbian-10.yml @@ -15,7 +15,8 @@ dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/raspbian-8.yml b/vars/raspbian-8.yml index b4e4e59eb..2b075ca8d 100644 --- a/vars/raspbian-8.yml +++ b/vars/raspbian-8.yml @@ -14,7 +14,8 @@ dns_user: bind proxy: squid3 proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/raspbian-9.yml b/vars/raspbian-9.yml index 6108184cf..b10f5022e 100644 --- a/vars/raspbian-9.yml +++ b/vars/raspbian-9.yml @@ -15,7 +15,8 @@ dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/ubuntu-16.yml b/vars/ubuntu-16.yml index f8d8b07c9..96312974a 100644 --- a/vars/ubuntu-16.yml +++ b/vars/ubuntu-16.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-17.yml b/vars/ubuntu-17.yml index fe0c4288e..751b16706 100644 --- a/vars/ubuntu-17.yml +++ b/vars/ubuntu-17.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-18.yml b/vars/ubuntu-18.yml index 21f90fa1a..1b5579da8 100644 --- a/vars/ubuntu-18.yml +++ b/vars/ubuntu-18.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-19.yml b/vars/ubuntu-19.yml index d6afbcf33..348146c67 100644 --- a/vars/ubuntu-19.yml +++ b/vars/ubuntu-19.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-20.yml b/vars/ubuntu-20.yml index 26fdea9ec..ab0bd9602 100644 --- a/vars/ubuntu-20.yml +++ b/vars/ubuntu-20.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd