diff --git a/roles/1-prep/README.adoc b/roles/1-prep/README.adoc index cdbd75142..9d0154d73 100644 --- a/roles/1-prep/README.adoc +++ b/roles/1-prep/README.adoc @@ -14,17 +14,16 @@ username and group, to log into Admin Console * Ubermix (distro) needs /etc/tmpfiles.d/iiab.conf to create essential /var/log subdirs on each boot * *_Hardware actions:_* + ** link:tasks/install-expand-rootfs.yml[*_install-expand-rootfs.yml_*]: + *** Install https://en.wikipedia.org/wiki/APT_(software)[apt] packages parted (reveals last partition) and cloud-guest-utils (for growpart) + *** Install link:templates/iiab-expand-rootfs[/usr/sbin/iiab-expand-rootfs] that acts on flag flag `/.expand-rootfs` + *** Enable iiab-expand-rootfs.service so this can happen during any future boot-up ** link:tasks/raspberry_pi.yml[*_raspberry_pi.yml_*]: *** RTC (real-time clock): install udev rule, configure, enable - *** *_Install packages related to:_* - **** growpart - **** swapfile - **** fake-hwclock (as RTC is often missing or dead!) - **** Wi-Fi - *** Increase swap file size - *** https://github.com/iiab/iiab/blob/master/roles/1-prep/templates/iiab-rpi-max-rootfs.sh[rootfs - auto-resizing] + *** Install apt packages fake-hwclock (as above RTC is often missing or dead!) and dphys-swapfile (for swap file below) + *** Increase swap file size (to `pi_swap_file_size`) ** NUC 6 Wi-Fi firmware + ** Check for WiFi devices (if so, set `has_wifi_device`) Recap: Similar to 0-init, 2-common, 3-base-server, 4 server-options and 5-xo-services — this 1st stage installs core server infra (that is not diff --git a/roles/1-prep/tasks/hardware.yml b/roles/1-prep/tasks/hardware.yml index 2650c7217..4c50c0d8a 100644 --- a/roles/1-prep/tasks/hardware.yml +++ b/roles/1-prep/tasks/hardware.yml @@ -1,17 +1,36 @@ -## DISCOVER PLATFORMS ###### -# Put conditional actions for hardware platforms here +- include_tasks: install-expand-rootfs.yml + + +# Conditional hardware actions below: - include_tasks: raspberry_pi.yml when: first_run and rpi_model != "none" + - name: Check if the identifier for Intel's NUC6 built-in WiFi is present shell: "lsusb | grep 8087:0a2b | wc | awk '{print $1}'" register: usb_NUC6 ignore_errors: True -- name: Download {{ iiab_download_url }}/iwlwifi-8000C-13.ucode to /lib/firmware for built-in WiFi on NUC6 # iiab_download_url is http://download.iiab.io/packages +- name: Download {{ iiab_download_url }}/iwlwifi-8000C-13.ucode to /lib/firmware for built-in WiFi on NUC6 get_url: - url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode" + url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode" # http://download.iiab.io/packages dest: /lib/firmware timeout: "{{ download_timeout }}" when: usb_NUC6.stdout|int > 0 + + +- name: "Look for any WiFi devices present: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5" + shell: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5 + register: wifi_devices + ignore_errors: True + changed_when: False + +- name: "Set has_wifi_device: True, if output (from above) shows device(s) here: {{ wifi_devices.stdout_lines }}" + set_fact: + has_wifi_device: True + when: wifi_devices is defined and wifi_devices.stdout_lines | length > 0 + # when: wifi_devices is defined and wifi_devices.stdout | trim != "" + +- debug: + var: has_wifi_device diff --git a/roles/1-prep/tasks/install-expand-rootfs.yml b/roles/1-prep/tasks/install-expand-rootfs.yml new file mode 100644 index 000000000..54d77c55b --- /dev/null +++ b/roles/1-prep/tasks/install-expand-rootfs.yml @@ -0,0 +1,20 @@ +- name: Install packages 'parted' and 'cloud-guest-utils' (for /usr/bin/growpart, though raspi-config uses fdisk) + package: + name: + - parted # 2022-03-15: RasPiOS and Ubuntu install this regardless -- so rarely nec, but just in case. + - cloud-guest-utils # 2022-03-15: For growpart command -- though RasPiOS currently doesn't need this, as raspi-config's do_expand_rootfs() instead uses fdisk. Ubuntu pre-installs cloud-guest-utils, for use with cloud-init. + state: present + +- name: "Install from templates: /usr/sbin/iiab-expand-rootfs, /etc/systemd/system/iiab-expand-rootfs.service" + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + with_items: + - { src: 'iiab-expand-rootfs', dest: '/usr/sbin/', mode: '0755' } + - { src: 'iiab-expand-rootfs.service', dest: '/etc/systemd/system/', mode: '0644' } + +- name: Enable iiab-expand-rootfs.service + systemd: + name: iiab-expand-rootfs + enabled: yes diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 0732c6dd8..9f44befc8 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -29,7 +29,9 @@ - include_tasks: uuid.yml - include_tasks: ubermix.yml -- include_tasks: hardware.yml # Can run raspberry_pi.yml + +- name: install-expand-rootfs.yml, raspberry_pi.yml, NUC6 WiFi firmware, check for WiFi devices + include_tasks: hardware.yml # Debian 10 "Buster" is apparently enabling AppArmor in 2019: diff --git a/roles/1-prep/tasks/raspberry_pi.yml b/roles/1-prep/tasks/raspberry_pi.yml index bc54f58af..fbc8cc784 100644 --- a/roles/1-prep/tasks/raspberry_pi.yml +++ b/roles/1-prep/tasks/raspberry_pi.yml @@ -4,9 +4,6 @@ template: src: 92-rtc-i2c.rules dest: /etc/udev/rules.d/92-rtc-i2c.rules - #owner: root - #group: root - #mode: 0644 when: rtc_id is defined and rtc_id != "none" # RTC requires a change to the device tree (and reboot) @@ -24,39 +21,14 @@ state: present when: rtc_id is defined and rtc_id != "none" and is_ubuntu # CLARIF: Ubuntu runs increasingly well on RPi hardware, starting in 2020 especially -#- name: Enable bluetooth in /boot/firmware/syscfg.txt on Ubuntu (needs reboot) -# lineinfile: -# path: /boot/firmware/syscfg.txt -# regexp: '^include*' -# line: 'include btcfg.txt' -# when: is_ubuntu - -- name: '2021-07-27: SEE ALSO ~4 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml' - meta: noop - -- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' - meta: noop - -# 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) -# are provided by RaspiOS. Ubuntu|Debian on the other hand are hit or miss: -# desktops might have some/all 3 preinstalled, while servers tend not to have -# these present at all, but are needed to be installed if you want to take full -# advantage of WiFi on Ubuntu and friends -- but it's only enforced on RPi -# hardware where we know in advance of the likelihood of WiFi being present. - -- name: 'Install packages: cloud-guest-utils, dphys-swapfile, fake-hwclock, iw, rfkill, wireless-tools' +- name: 'Install packages: fake-hwclock, dphys-swapfile' package: name: - - cloud-guest-utils # Contains 'growpart' for resizing a partition during boot, which is normally done with the aid of cloud-init - - dphys-swapfile # 2021-07-27: RaspiOS installs this regardless -- autogenerate and use a swap file - - fake-hwclock # 2021-07-27: RaspiOS installs this regardless -- save/restore system clock on machines without working RTC hardware - - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 - - rfkill # 2021-07-27: RaspiOS installs this regardless -- enable & disable wireless devices - - wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions + - fake-hwclock # 2021-03-15: Missing on Ubuntu etc. RasPiOS installs this regardless -- to save/restore system clock on machines w/o working RTC (above). + - dphys-swapfile # 2021-03-15: Missing on Ubuntu etc. RasPiOS installs this regardless -- to autogenerate and use a swap file (below). state: present - - name: Increase swap file size (to CONF_SWAPSIZE={{ pi_swap_file_size }} in /etc/dphys-swapfile) as kalite pip download fails lineinfile: path: /etc/dphys-swapfile @@ -70,18 +42,9 @@ state: restarted -- name: Install RPi rootfs resizing (/usr/sbin/iiab-rpi-max-rootfs.sh) and its systemd service (/etc/systemd/system/iiab-rpi-root-resize.service), from templates (root:root by default) - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - #owner: root - #group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'iiab-rpi-max-rootfs.sh', dest: '/usr/sbin/', mode: '0755' } - - { src: 'iiab-rpi-root-resize.service', dest: '/etc/systemd/system/', mode: '0644' } - -- name: Enable RPi rootfs resizing (systemd service iiab-rpi-root-resize.service) - systemd: - name: iiab-rpi-root-resize - enabled: yes +#- name: Enable bluetooth in /boot/firmware/syscfg.txt on Ubuntu (needs reboot) +# lineinfile: +# path: /boot/firmware/syscfg.txt +# regexp: '^include*' +# line: 'include btcfg.txt' +# when: is_ubuntu diff --git a/roles/1-prep/templates/iiab-expand-rootfs b/roles/1-prep/templates/iiab-expand-rootfs new file mode 100644 index 000000000..bc81bd302 --- /dev/null +++ b/roles/1-prep/templates/iiab-expand-rootfs @@ -0,0 +1,59 @@ +#!/bin/bash -x + +# Expand rootfs partition to its maximum size, if /.expand-rootfs exists. +# Used by /etc/systemd/system/iiab-expand-rootfs.service on IIAB boot. + +# Should work with all Linux OS's boot disks -- regardless whether Raspberry Pi +# microSD cards, external USB drives, internal spinning disks or SSD's, etc. + +# Verifies that rootfs is the last partition. + +if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then + echo "$0: Expanding rootfs partition" + + if [ -x /usr/bin/raspi-config ]; then # Raspberry Pi OS + # 2022-02-17: Uses do_expand_rootfs() from: + # https://github.com/RPi-Distro/raspi-config/blob/master/raspi-config + raspi-config --expand-rootfs + else # Other Linux OS's + # 2022-03-15: Borrows from above raspi-config URL's do_expand_rootfs() + ROOT_PART="$(findmnt / -o SOURCE -n)" # e.g. /dev/sda2 or /dev/mmcblk0p2 + ROOT_DEV="/dev/$(lsblk -no pkname "$ROOT_PART")" # e.g. /dev/sda or /dev/mmcblk0 + + ROOT_PART_NUM="$(echo "$ROOT_PART" | grep -o "[[:digit:]]*$")" # e.g. 2 + # SLOW (~10 seconds) but it works! + LAST_PART_NUM=$(parted "$ROOT_DEV" -ms unit s p | tail -n 1 | cut -f 1 -d:) + + if [ $ROOT_PART_NUM -ne $LAST_PART_NUM ]; then + echo "ERROR: $ROOT_PART partition ($ROOT_PART_NUM) is not the last partition ($LAST_PART_NUM). Don't know how to expand." + exit 1 + fi + + # Expand partition + growpart $ROOT_DEV $ROOT_PART_NUM # raspi-config instead uses fdisk + resize2fs $ROOT_PART + + # 2022-03-15: Legacy code below worked with Raspberry Pi microSD cards + # but *not* with USB boot drives, internal spinning disks/SSD's, etc. + + # # ASSUMES SD CARD STYLE PARTITION NAME LIKE p + # # e.g. /dev/mmcblk0p2 mounts at / (typical RasPiOS microSD) + # # BUT /dev/sda2 mounts at /media/usb1 (RasPiOS USB boot disk... + # # ...WON'T WORK BELOW; recap @ PR #3121) + + # # Calculate root partition + # root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` # e.g. mmcblk0p2 + # root_dev=${root_part:0:-2} # e.g. mmcblk0 + # # bash substring expansion: "negative offset [below, but not above] + # # must be separated from the colon by at least one space to avoid + # # being confused with the ‘:-’ expansion" + # # https://www.gnu.org/software/bash/manual/html_node/Shell-Parameter-Expansion.html + # root_part_no=${root_part: -1} # e.g. 2 + + # # Resize partition + # growpart /dev/$root_dev $root_part_no + # resize2fs /dev/$root_part + fi + + rm -f /.expand-rootfs /.resize-rootfs +fi diff --git a/roles/1-prep/templates/iiab-expand-rootfs.service b/roles/1-prep/templates/iiab-expand-rootfs.service new file mode 100644 index 000000000..f7f68402c --- /dev/null +++ b/roles/1-prep/templates/iiab-expand-rootfs.service @@ -0,0 +1,14 @@ +[Unit] +Description=Root Filesystem Auto-Expander + +[Service] +Environment=TERM=linux +Type=oneshot +ExecStart=/usr/sbin/iiab-expand-rootfs +# "Standard output type syslog is obsolete" +# StandardError=syslog +# WHEREAS StandardError=journal is the default, per https://www.freedesktop.org/software/systemd/man/systemd.exec.html#StandardOutput= +RemainAfterExit=no + +[Install] +WantedBy=multi-user.target diff --git a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh deleted file mode 100644 index d24788602..000000000 --- a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -x -# Resize rootfs and its partition on the rpi SD card to maximum size -# To be used by systemd service on boot -# Only resizes if /.resize-rootfs exists -# Assumes root is last partition -# Only works on F22 + where resizepart command exists -# Assumes sd card style partition name like p - -if [ -f /.resize-rootfs ];then - echo "$0: maximizing rootfs partion" - # Calculate root partition - root_part=`lsblk -aP -o NAME,MOUNTPOINT|grep 'MOUNTPOINT="/"' |awk -F\" '{ print $2 }'` - root_dev=${root_part:0:-2} - root_part_no=${root_part: (-1)} - - # Resize partition - growpart /dev/$root_dev $root_part_no - resize2fs /dev/$root_part - rm /.resize-rootfs -fi diff --git a/roles/1-prep/templates/iiab-rpi-root-resize.service b/roles/1-prep/templates/iiab-rpi-root-resize.service deleted file mode 100644 index 2cd33ec11..000000000 --- a/roles/1-prep/templates/iiab-rpi-root-resize.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Root Filesystem Auto-Resizer - -[Service] -Environment=TERM=linux -Type=oneshot -ExecStart=/usr/sbin/iiab-rpi-max-rootfs.sh -StandardError=syslog -RemainAfterExit=no - -[Install] -WantedBy=multi-user.target diff --git a/roles/2-common/README.adoc b/roles/2-common/README.adoc index 83943e761..3397bf2a3 100644 --- a/roles/2-common/README.adoc +++ b/roles/2-common/README.adoc @@ -9,10 +9,8 @@ https://internet-in-a-box.org/[Internet-in-a-Box (IIAB)] server. These are (partially) put in place: * IIAB directory structure (link:tasks/fl.yml[file layout]) -* Common https://en.wikipedia.org/wiki/APT_(software)[apt] software -packages -* Networking (including the -https://en.wikipedia.org/wiki/Iptables[iptables] firewall) +* Common https://en.wikipedia.org/wiki/APT_(software)[apt] software packages +* Networking apt packages (including many WiFi tools, and also iptables-persistent for the https://en.wikipedia.org/wiki/Iptables[iptables] firewall) * link:tasks/iiab-startup.yml[/usr/libexec/iiab-startup.sh] similar to AUTOEXEC.BAT and /etc/rc.local, in order to run jobs on boot diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index a89928992..9ed8ff007 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -8,7 +8,7 @@ - include_tasks: packages.yml -- name: "Network prep, including partial setup of iptables (firewall) -- SEE ALSO: 1-prep/tasks/raspberry_pi.yml" +- name: Install network packages (including many WiFi tools, and also iptables-persistent for firewall) include_tasks: network.yml - include_tasks: iiab-startup.yml diff --git a/roles/2-common/tasks/network.yml b/roles/2-common/tasks/network.yml index 435c0bb1f..c043a0bc3 100644 --- a/roles/2-common/tasks/network.yml +++ b/roles/2-common/tasks/network.yml @@ -1,22 +1,37 @@ -- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/raspberry_pi.yml' - meta: noop - -- name: '2021-07-27: SEE ALSO ~4 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml' - meta: noop +# 2022-03-16: 'apt show | grep Size' revealed download sizes, on 64-bit RasPiOS with desktop. - name: Install package networkd-dispatcher (OS's other than RaspiOS) package: - name: networkd-dispatcher # Dispatcher service for systemd-networkd connection status changes + name: networkd-dispatcher # 15kB download: Dispatcher service for systemd-networkd connection status changes state: present when: not is_raspbian -- name: 'Install network packages: hostapd, iproute2, iptables-persistent, netmask -- later used by https://github.com/iiab/iiab/tree/master/roles/network' +# 2021-07-27 from @jvonau: 3 apt packages BELOW (iw, rfkill, wireless-tools) +# are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: +# desktops might have some/all 3 preinstalled, while servers tend not to have +# these present at all, but need to be installed if you want to take full +# advantage of WiFi on Ubuntu and friends. +# +# 2022-03-16 update: Let's make these 3 mandatory as they're only 300kB (grand +# total download size) and they can help IIAB field operators with BOTH +# (1) internal WiFi AND (2) USB WiFi devices inserted anytime/later. + +- name: 'Install 11 network packages: avahi-daemon, hostapd, iproute2, iptables-persistent, iw, libnss-mdns, netmask, net-tools, rfkill, wpasupplicant, wpasupplicant -- later used by https://github.com/iiab/iiab/tree/master/roles/network' package: name: - - hostapd # IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired - - iproute2 # 2021-07-27: RaspiOS installs this regardless -- the new networking and traffic control tools, meant to replace net-tools - - iptables-persistent # Boot-time loader for netfilter rules, iptables (firewall) plugin -- however Netfilter / nftables is ever moving forward so keep an eye on it! - - netmask # Handy utility -- helps determine network masks + - avahi-daemon # 97kB download: RaspiOS (and package libnss-mnds, below) install this regardless -- holdover from the XO days and used to advertise ssh/admin-console being available via avahi-daemon -- used with https://github.com/iiab/iiab/blob/master/roles/network/tasks/avahi.yml + #- avahi-discover # 46kB download: 2021-07-27: Commented out long ago + - hostapd # 764kB download: IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired + #- inetutils-syslogd # 240kB download: 2021-07-27: Error logging facility -- holdover from the XO days, journalctl has replaced this in newer distros + - iproute2 # 902kB download: RaspiOS installs this regardless -- the new networking and traffic control tools, meant to replace net-tools + - iptables-persistent # 12kB download: Boot-time loader for netfilter rules, iptables (firewall) plugin -- however Netfilter / nftables is ever moving forward so keep an eye on it! + - iw # 97kB download: RasPiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 + - libnss-mdns # 27kB download: RaspiOS (and package avahi-daemon, above) install this regardless -- client-side library -- provides name resolution via mDNS (Multicast DNS) using Zeroconf/Bonjour e.g. Avahi + - netmask # 25kB download: Handy utility -- helps determine network masks + - net-tools # 248kB download: RaspiOS installs this regardless -- @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output? + - rfkill # 87kB download: RasPiOS installs this regardless -- enable & disable wireless devices + - wireless-tools # 112kB download: RasPiOS installs this regardless -- manipulate Linux Wireless Extensions + - wpasupplicant # 1188kB download: RasPiOS installs this regardless -- client library for connections to a WiFi AP state: present # 2021-08-17: Debian ignores this, according to 2013 post: @@ -27,6 +42,7 @@ # dest: /etc/network/if-pre-up.d/iptables # mode: '0755' + # Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes: - name: "Use 'sysctl' to set 'kernel.core_uses_pid: 1' + 4 network settings in /etc/sysctl.conf -- e.g. disabling IPv6 (this might be overkill, as IPv6 should really only be disabled on the LAN side, i.e. br0)" sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 81bc35c94..d731b25fc 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -1,47 +1,36 @@ -- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/raspberry_pi.yml' - meta: noop +# 2022-03-16: 'apt show | grep Size' revealed download sizes, on 64-bit RasPiOS with desktop. -- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' - meta: noop - -- name: "Install 20 common packages: acpid, avahi-daemon, bzip2, curl, gawk, htop, i2c-tools, libnss-mdns, logrotate, mlocate, net-tools, pandoc, pastebinit, rsync, sqlite3, tar, unzip, usbutils, wget, wpasupplicant" +- name: "Install 16 common packages: acpid, bzip2, curl, gawk, htop, i2c-tools, logrotate, mlocate, pandoc, pastebinit, rsync, sqlite3, tar, unzip, usbutils, wget" package: name: - - acpid # Daemon for ACPI (power mgmt) events - - avahi-daemon # 2021-07-27: RaspiOS (and package libnss-mnds, below) install this regardless -- holdover from the XO days and used to advertise ssh/admin-console being available via avahi-daemon -- used with https://github.com/iiab/iiab/blob/master/roles/network/tasks/avahi.yml - #- avahi-discover # 2021-07-27: Commented out long ago - - bzip2 # 2021-04-26: Prob not used, but can't hurt? - - curl # Used to install roles/nodejs and roles/nodered - #- etckeeper # "nobody is really using etckeeper and it's bloating the filesystem every time apt runs" per @jvonau at https://github.com/iiab/iiab/issues/1146 - #- exfat-fuse # 2021-07-27: Should no longer be nec with 5.4+ kernels, so let's try commenting it out - #- exfat-utils # Ditto! See also 'ntfs-3g' below - - gawk - - htop - - i2c-tools # Low-level bus/chip/register/EEPROM tools e.g. for RTC - #- inetutils-syslogd # 2021-07-27: Error logging facility -- holdover from the XO days, journalctl has replaced this in newer distros - #- iproute2 # Installed by roles/2-common/tasks/network.yml - - logrotate - - libnss-mdns # 2021-07-27: RaspiOS (and package avahi-daemon, above) install this regardless -- client-side library -- provides name resolution via mDNS (Multicast DNS) using Zeroconf/Bonjour e.g. Avahi - #- lynx # Installed by 1-prep's roles/iiab-admin/tasks/access.yml - #- make # 2021-07-27: Currently used by roles/pbx and no other roles - - mlocate - - net-tools # 2021-04-26: @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output? - #- ntfs-3g # 2021-07-31: RaspiOS installs this regardless -- but this should no longer be nec with 5.4+ kernels, similar to exfat packages above -- however, see also this symlink warning: https://superuser.com/questions/1050544/mount-with-kernel-ntfs-and-not-ntfs-3g -- and upcoming kernel 5.15 improvements: https://www.phoronix.com/scan.php?page=news_item&px=New-NTFS-Likely-For-Linux-5.15 - #- openssh-server # ssh (Raspbian) or openssh-server (other OS's) already installed by 1-prep's roles/sshd/tasks/main.yml - - pandoc # For /usr/bin/iiab-refresh-wiki-docs - - pastebinit # For /usr/bin/iiab-diagnostics - #- python3-pip # 2021-07-29: Already installed by /opt/iiab/iiab/scripts/ansible -- this auto-installs 'python3-setuptools' and 'python3' etc - #- python3-venv # 2021-07-30: For Ansible module 'pip' used in roles like {calibre-web, jupyterhub, lokole} -- whereas roles/kalite uses (virtual) package 'virtualenv' for Python 2 -- all these 3+1 IIAB roles install 'python3-venv' for themselves. FYI: Debian 11 auto-installs 'python3-venv' when you install 'python3' -- whereas Ubuntu (e.g. 20.04 & 21.10) and RaspiOS 10 do not. - - rsync - #- screen # Installed by 1-prep's roles/iiab-admin/tasks/access.yml - - sqlite3 - #- sudo # (1) Should be installed prior to installing IIAB, (2) Can also be installed by roles/1-prep's roles/openvpn/tasks/install.yml, (3) Is definitely installed by 1-prep's roles/iiab-admin/tasks/sudo-prereqs.yml - - tar - - unzip - #- usbmount # Moved to roles/usb_lib/tasks/install.yml - - usbutils # 2021-07-27: RaspiOS installs this regardless -- move to roles/usb_lib/tasks/install.yml ? - - wget - - wpasupplicant # 2021-07-27: RaspiOS installs this regardless -- client library for connections to a WiFi AP + - acpid # 55kB download: Daemon for ACPI (power mgmt) events + - bzip2 # 47kB download: RasPiOS installs this regardless -- 2021-04-26: Prob not used, but can't hurt? + - curl # 254kB download: RasPiOS installs this regardless -- Used to install roles/nodejs and roles/nodered + #- etckeeper # 54kB download: "nobody is really using etckeeper and it's bloating the filesystem every time apt runs" per @jvonau at https://github.com/iiab/iiab/issues/1146 + #- exfat-fuse # 28kB download: 2021-07-27: Should no longer be nec with 5.4+ kernels, so let's try commenting it out + #- exfat-utils # 41kB download: Ditto! See also 'ntfs-3g' below + - gawk # 533kB download + - htop # 109kB download: RasPiOS installs this regardless + - i2c-tools # 78kB download: RasPiOS installs this regardless -- Low-level bus/chip/register/EEPROM tools e.g. for RTC + - logrotate # 67kB download: RasPiOS installs this regardless + #- lynx # 505kB download: Installed by 1-prep's roles/iiab-admin/tasks/main.yml + #- make # 376kB download: 2021-07-27: Currently used by roles/pbx and no other roles + - mlocate # 92kB download + #- ntfs-3g # 379kB download: RaspiOS installs this regardless -- 2021-07-31: But this should no longer be nec with 5.4+ kernels, similar to exfat packages above -- however, see also this symlink warning: https://superuser.com/questions/1050544/mount-with-kernel-ntfs-and-not-ntfs-3g -- and upcoming kernel 5.15 improvements: https://www.phoronix.com/scan.php?page=news_item&px=New-NTFS-Likely-For-Linux-5.15 + #- openssh-server # 318kB download: RasPiOS installs this regardless -- this is also installed by 1-prep's roles/sshd/tasks/main.yml to cover all OS's + - pandoc # 19kB download: For /usr/bin/iiab-refresh-wiki-docs + - pastebinit # 47kB download: For /usr/bin/iiab-diagnostics + #- python3-pip # 337kB download: RasPiOS installs this regardless -- 2021-07-29: And already installed by /opt/iiab/iiab/scripts/ansible -- this auto-installs 'python3-setuptools' and 'python3' etc + #- python3-venv # 1188kB download: RasPiOS installs this regardless -- 2021-07-30: For Ansible module 'pip' used in roles like {calibre-web, jupyterhub, lokole} -- whereas roles/kalite uses (virtual) package 'virtualenv' for Python 2 -- all these 3+1 IIAB roles install 'python3-venv' for themselves. FYI: Debian 11 auto-installs 'python3-venv' when you install 'python3' -- whereas Ubuntu (e.g. 20.04 & 21.10) and RaspiOS 10 did not. + - rsync # 351kB download: RasPiOS installs this regardless + #- screen # 551kB download: Installed by 1-prep's roles/iiab-admin/tasks/main.yml + - sqlite3 # 1054kB download + #- sudo # 991kB download: RasPiOS installs this regardless -- (2) Can also be installed by roles/1-prep's roles/openvpn/tasks/install.yml, (3) Is definitely installed by 1-prep's roles/iiab-admin/tasks/sudo-prereqs.yml + - tar # 799kB download: RasPiOS installs this regardless + - unzip # 151kB download: RasPiOS installs this regardless + #- usbmount # 18kB download: Moved to roles/usb_lib/tasks/install.yml + - usbutils # 67kB download: RasPiOS installs this regardless -- 2021-07-27: move to roles/usb_lib/tasks/install.yml ? + - wget # 922kB download: RasPiOS installs this regardless state: present #- name: "Install 10 yum/dnf packages: avahi, avahi-tools, createrepo, linux-firmware, nss-mdns, openssl, syslog, wpa_supplicant, xml-common, yum-utils (redhat)" diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index d44fb0f16..44df76aa4 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -74,7 +74,7 @@ See also:: /library/calibre-web/metadata_db_prefs_backup.json -See the official docs on Calibre-Web's `Runtime Configuration Options `_. +Finally, take note of Calibre-Web's `FAQ `_ and official docs on its `Runtime Configuration Options `_ and `Command Line Interface `_. Back Up Everything ------------------ @@ -90,24 +90,25 @@ Internet-in-a-Box (IIAB) is online. But first: back up your content **and** settings, as explained above. -**Then move your /library/calibre-web/metadata.db out of the way, if you're -sure you want to (re)install bare/minimal metadata, and force all Calibre-Web -settings to the default. Then run**:: +**Also move your /library/calibre-web/config/app.db AND/OR +/library/calibre-web/metadata.db out of the way — if you're sure you want to +fully reset your Calibre-Web settings (to install defaults) AND/OR remove all +e-book metadata! Then run**:: cd /opt/iiab/iiab - ./runrole calibre-web - -Or, to reinstall all of IIAB:: - - cd /opt/iiab/iiab - ./iiab-install --reinstall + ./runrole --reinstall calibre-web Or, if you just want to upgrade Calibre-Web code alone, prior to proceeding manually:: - cd /opt/iiab/calibre-web + cd /usr/local/calibre-web-py3 git pull +This older way *is no longer recommended*:: + + cd /opt/iiab/iiab + ./iiab-install --reinstall # OR: ./iiab-configure + Known Issues ------------ diff --git a/roles/calibre-web/defaults/main.yml b/roles/calibre-web/defaults/main.yml index 903b3b6e5..7abab0bd8 100644 --- a/roles/calibre-web/defaults/main.yml +++ b/roles/calibre-web/defaults/main.yml @@ -19,18 +19,19 @@ calibreweb_version: master # WAS: master, 0.6.4, 0.6.5, 0.6.6, 0.6.7, 0.6.8, calibreweb_venv_path: /usr/local/calibre-web-py3 calibreweb_exec_path: "{{ calibreweb_venv_path }}/cps.py" -# Config files put in: +# Config files (in reality just app.db) put in: calibreweb_config: "{{ calibreweb_home }}/config" -# Calibre-Web will be provisioned with default administrative account, -# metadata.db and language if /library/calibre-web/metadata.db does not exist. -# NOT CURRENTLY IN USE: calibreweb_provision: True -calibreweb_settings_database: app.db -calibreweb_database: metadata.db +# 2022-03-07: Calibre-Web will be reset to default settings if (re)installed +# when /library/calibre-web/config/app.db doesn't exist: +calibreweb_settings_database: app.db # /library/calibre-web/config/app.db + +# UNUSED var as of 2022-03-07: +# calibreweb_database: metadata.db # /library/calibre-web/metadata.db # Files owned by: calibreweb_user: root -# UNUSED variables, as of March 2019: +# UNUSED vars, as of March 2019: # calibreweb_admin_user: Admin # calibreweb_admin_password: changeme diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index 7d82f6677..73f945746 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -19,7 +19,6 @@ path: "{{ item }}" owner: "{{ calibreweb_user }}" # root group: "{{ apache_user }}" # www-data on debuntu - #mode: '0755' with_items: - "{{ calibreweb_home }}" # /library/calibre-web - "{{ calibreweb_config }}" # /library/calibre-web/config @@ -29,10 +28,10 @@ - name: Clone i.e. download Calibre-Web ({{ calibreweb_version }}) from https://github.com/janeczku/calibre-web.git to {{ calibreweb_venv_path }} (~94 MB initially, ~115+ MB later) git: repo: https://github.com/janeczku/calibre-web.git - dest: "{{ calibreweb_venv_path }}" # /usr/local/calibre-web + dest: "{{ calibreweb_venv_path }}" force: yes depth: 1 - version: "{{ calibreweb_version }}" # e.g. master, 0.6.5 + version: "{{ calibreweb_version }}" # e.g. master, 0.6.17 ## Ansible Pip Bug: Cannot use 'chdir' with 'env' https://github.com/ansible/ansible/issues/37912 (Patch landed) #- name: Download calibre-web dependencies into vendor subdirectory. @@ -66,24 +65,25 @@ dest: "{{ calibreweb_home }}" # /library/calibre-web owner: "{{ calibreweb_user }}" # root group: "{{ apache_user }}" # www-data on debuntu - #mode: '0644' backup: yes with_items: - roles/calibre-web/files/metadata.db - roles/calibre-web/files/metadata_db_prefs_backup.json when: not metadatadb.stat.exists - #when: calibreweb_provision -- name: Provision/Copy default admin settings to {{ calibreweb_config }}/app.db IF metadata.db did not exist +- name: Does /library/calibre-web/config/app.db exist? + stat: + path: /library/calibre-web/config/app.db + register: appdb + +- name: Provision/Copy default admin settings to {{ calibreweb_config }}/app.db IF it did not exist copy: src: roles/calibre-web/files/app.db dest: "{{ calibreweb_config }}" # /library/calibre-web/config owner: "{{ calibreweb_user }}" # root group: "{{ apache_user }}" # www-data on debuntu - #mode: '0644' backup: yes - when: not metadatadb.stat.exists - #when: calibreweb_provision + when: not appdb.stat.exists # RECORD Calibre-Web AS INSTALLED diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index 40515eb57..e8be74274 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -70,5 +70,5 @@ value: "{{ calibreweb_home }}" - option: calibreweb_port value: "{{ calibreweb_port }}" - - option: calibreweb_database - value: "{{ calibreweb_database }}" + - option: calibreweb_settings_database + value: "{{ calibreweb_settings_database }}" diff --git a/roles/iiab-admin/tasks/access.yml b/roles/iiab-admin/tasks/access.yml deleted file mode 100644 index e7281c4dc..000000000 --- a/roles/iiab-admin/tasks/access.yml +++ /dev/null @@ -1,6 +0,0 @@ -- name: "Install text mode packages, useful during remote access: screen, lynx" - package: - name: - - lynx - - screen - state: present diff --git a/roles/iiab-admin/tasks/access.yml.unused b/roles/iiab-admin/tasks/access.yml.unused new file mode 100644 index 000000000..639a3d8a6 --- /dev/null +++ b/roles/iiab-admin/tasks/access.yml.unused @@ -0,0 +1,6 @@ +- name: "Install text-mode packages, useful during remote access: lynx, screen" + package: + name: + - lynx + - screen + state: present diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index ce4451003..f2a048e33 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -2,8 +2,12 @@ # https://github.com/iiab/iiab/blob/master/roles/iiab-admin/README.rst -- name: Install lynx, screen - include_tasks: access.yml +- name: "Install text-mode packages, useful during remote access: lynx, screen" + package: + name: + - lynx + - screen + state: present - name: Install sudo & /etc/sudoers with logging to /var/log/sudo.log include_tasks: sudo-prereqs.yml diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index d44586042..2e3af8194 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -42,8 +42,8 @@ state: absent path: "{{ internetarchive_dir }}/node_modules" -- name: Run 'yarn add @internetarchive/dweb-mirror' to download/populate {{ internetarchive_dir }}/node_modules (CAN TAKE ~5 MINUTES) - shell: yarn config set child-concurrency 1 && yarn add @internetarchive/dweb-mirror +- name: Run 'yarn add https://github.com/internetarchive/dweb-mirror' to download/populate {{ internetarchive_dir }}/node_modules (CAN TAKE ~5 MINUTES) + shell: yarn config set child-concurrency 1 && yarn add https://github.com/internetarchive/dweb-mirror args: chdir: "{{ internetarchive_dir }}" creates: "{{ internetarchive_dir }}/node_modules/@internetarchive/dweb-mirror/internetarchive" diff --git a/roles/kiwix/defaults/main.yml b/roles/kiwix/defaults/main.yml index 92b52eb1b..582c2f902 100644 --- a/roles/kiwix/defaults/main.yml +++ b/roles/kiwix/defaults/main.yml @@ -26,9 +26,9 @@ kiwix_library_xml: "{{ iiab_zim_path }}/library.xml" # http://download.kiwix.org/release/kiwix-tools/ ...or sometimes... # http://download.kiwix.org/nightly/ -kiwix_version_armhf: kiwix-tools_linux-armhf-3.2.0-1 -kiwix_version_linux64: kiwix-tools_linux-x86_64-3.2.0-1 -kiwix_version_i686: kiwix-tools_linux-i586-3.2.0-1 +kiwix_version_armhf: kiwix-tools_linux-armhf-3.2.0-2 +kiwix_version_linux64: kiwix-tools_linux-x86_64-3.2.0-2 +kiwix_version_i686: kiwix-tools_linux-i586-3.2.0-2 # kiwix_src_file_i686: "kiwix-linux-i686.tar.bz2" # v0.9 for i686 published May 2014 ("use it to test legacy ZIM content") diff --git a/roles/lokole/README.rst b/roles/lokole/README.rst index cb9ebc8d7..95da4397c 100644 --- a/roles/lokole/README.rst +++ b/roles/lokole/README.rst @@ -95,4 +95,4 @@ For further usage information and troubleshooting, refer to the `Lokole user man Known Issues ------------ -For an up-to-date list of open issues, please see the `Lokole project's issue tracker `_. See also `IIAB's issue tracker `_. +For an up-to-date list of open issues, please see the `Lokole project's issue tracker `_. See also `IIAB's issue tracker `_. diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 968dc8c08..f1896a263 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -91,7 +91,7 @@ state: directory path: "{{ nextcloud_root_dir }}" # /library/www/nextcloud -- name: Unarchive {{ nextcloud_dl_url }} (~132 MB) to {{ nextcloud_root_dir }} (~474 MB initially, 496+ MB later, {{ apache_user }}:{{ apache_user }}) +- name: Unarchive {{ nextcloud_dl_url }} (~133 MB) to {{ nextcloud_root_dir }} (~476 MB initially, 498+ MB later, {{ apache_user }}:{{ apache_user }}) unarchive: remote_src: yes # Overwrite even if "already exists on the target" src: "{{ nextcloud_dl_url }}" diff --git a/roles/phpmyadmin/defaults/main.yml b/roles/phpmyadmin/defaults/main.yml index c2c86d150..00c694aef 100644 --- a/roles/phpmyadmin/defaults/main.yml +++ b/roles/phpmyadmin/defaults/main.yml @@ -4,7 +4,7 @@ # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! -phpmyadmin_version: 5.1.2 +phpmyadmin_version: 5.1.3 phpmyadmin_name: "phpMyAdmin-{{ phpmyadmin_version }}-all-languages" phpmyadmin_dl_url: "https://files.phpmyadmin.net/phpMyAdmin/{{ phpmyadmin_version }}/{{ phpmyadmin_name }}.tar.xz" phpmyadmin_name_zip: "{{ phpmyadmin_version }}/{{ phpmyadmin_name }}.tar.xz" diff --git a/roles/remoteit/defaults/main.yml b/roles/remoteit/defaults/main.yml index 3017ecb2f..cd7c060c4 100644 --- a/roles/remoteit/defaults/main.yml +++ b/roles/remoteit/defaults/main.yml @@ -12,7 +12,7 @@ # - Debian Linux (x86_64) # - Pi OS (ARM) # - Pi OS (ARM64) -remoteit_version: 4.13.7 +remoteit_version: 4.14.1 # See https://docs.remote.it/device-package/installation to refine URL below: device_suffixes: diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index bf0e37252..08fabac93 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -29,7 +29,7 @@ # 2. DOWNLOAD+LINK /opt/iiab/sugarizer -- name: Clone llaske/sugarizer ({{ sugarizer_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_dir_version }} (DOWNLOADS ~717 MB) +- name: Clone llaske/sugarizer ({{ sugarizer_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_dir_version }} (DOWNLOADS ~740 MB) git: repo: https://github.com/llaske/sugarizer dest: "{{ iiab_base }}/{{ sugarizer_dir_version }}" @@ -61,7 +61,7 @@ # CLARIF: during repeat runs of "./runrole sugarizer", this git sync shows # "changed" (whereas above git sync shows "ok"). Reason: "npm install" # (below) modifies /opt/iiab/sugarizer-server/node_modules -- name: Clone llaske/sugarizer-server ({{ sugarizer_server_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_server_dir_version }} (~9 MB initially, ~193+ MB later) +- name: Clone llaske/sugarizer-server ({{ sugarizer_server_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_server_dir_version }} (~9 MB initially, ~195+ MB later) git: repo: https://github.com/llaske/sugarizer-server dest: "{{ iiab_base }}/{{ sugarizer_server_dir_version }}" diff --git a/roles/transmission/README.rst b/roles/transmission/README.rst index 2de521963..7cc3d2701 100644 --- a/roles/transmission/README.rst +++ b/roles/transmission/README.rst @@ -38,7 +38,9 @@ Log in to Transmission's web interface http://box:9091 using administrative acco Username: Admin Password: changeme -If you prefer the command-line, you can instead run `transmission-remote `_ commands. +Change the above password by editing ``rpc-password`` in ``/etc/transmission-daemon/settings.json`` (your plaintext will be hashed to conceal it, the next time Transmission is started). + +Finally if you prefer the command-line, you can instead run `transmission-remote `_ commands. Configuration ------------- diff --git a/scripts/ansible b/scripts/ansible index 6f33f449e..9b9ae68a0 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -8,7 +8,7 @@ APT_PATH=/usr/bin # Avoids problematic /usr/local/bin/apt on Linux Mint CURR_VER=undefined # Ansible version you currently have installed -GOOD_VER=2.12.2 # Orig for 'yum install [rpm]' & XO laptops (pip install) +GOOD_VER=2.12.3 # Orig for 'yum install [rpm]' & XO laptops (pip install) # 2021-06-22: The apt approach (with PPA source in /etc/apt/sources.list.d/ and # .gpg key etc) are commented out with ### below. Associated guidance/comments diff --git a/scripts/iiab-diagnostics.README.md b/scripts/iiab-diagnostics.README.md index 21c103426..715d99b14 100644 --- a/scripts/iiab-diagnostics.README.md +++ b/scripts/iiab-diagnostics.README.md @@ -1,10 +1,10 @@ ## Objective -To streamline troubleshooting of remote Internet-in-a-Box (IIAB) installations, we bundle up common machine/software diagnostics, all together in 1 human-readable small file, that can be easily circulated online AND offline. +To streamline troubleshooting of remote Internet-in-a-Box (IIAB) installations, we bundle up common machine/software diagnostics, all together in 1 human-readable small file, that can be easily circulated online AND offline. Just FYI Raspberry Pi OS's [/usr/bin/raspinfo](https://github.com/raspberrypi/utils/blob/master/raspinfo/raspinfo) serves a very similar purpose, but we do not include that program's 700-to-800 line output at present. Passwords (including Wi-Fi passwords) are auto-redacted from this file, to protect your community confidentiality. -The ``pastebinit`` command can then be used to auto-upload this file, creating a short URL that makes it much easier to circulate among [volunteers](http://internet-in-a-box.org/pages/contributing.html). +Finally, the ``pastebinit`` command can then be used to auto-upload this file, creating a short URL that makes it much easier to circulate among [volunteers](http://internet-in-a-box.org/pages/contributing.html). But first off, the file is compiled by harvesting 1 + 6 kinds of things: diff --git a/vars/default_vars.yml b/vars/default_vars.yml index e6c50c8d7..50a976851 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -323,6 +323,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index c37efd2bf..ca5870c64 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False @@ -232,8 +233,8 @@ jupyterhub_install: True jupyterhub_enabled: True # Lokole (email for rural communities) from https://ascoderu.ca -lokole_install: True -lokole_enabled: True +lokole_install: False # 2022-03-13: Needs work with Python 3.9+ +lokole_enabled: False # https://github.com/iiab/iiab/issues/3132 # Wikipedia's community editing platform - from MediaWiki.org mediawiki_install: True diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 713d0a135..03dfaeffd 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False @@ -232,8 +233,8 @@ jupyterhub_install: False jupyterhub_enabled: False # Lokole (email for rural communities) from https://ascoderu.ca -lokole_install: False -lokole_enabled: False +lokole_install: False # 2022-03-13: Needs work with Python 3.9+ +lokole_enabled: False # https://github.com/iiab/iiab/issues/3132 # Wikipedia's community editing platform - from MediaWiki.org mediawiki_install: False diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 20f6748cc..9d547b31a 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False @@ -232,8 +233,8 @@ jupyterhub_install: False jupyterhub_enabled: False # Lokole (email for rural communities) from https://ascoderu.ca -lokole_install: False -lokole_enabled: False +lokole_install: False # 2022-03-13: Needs work with Python 3.9+ +lokole_enabled: False # https://github.com/iiab/iiab/issues/3132 # Wikipedia's community editing platform - from MediaWiki.org mediawiki_install: False diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 57430e3f4..9b2c2a2ac 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False