From 9a9867f40cacc1f18c010925f7f71d1ba1d8fe2c Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 6 Feb 2022 18:38:26 -0500 Subject: [PATCH 01/53] roles/transmission/README.rst: How to change password --- roles/transmission/README.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/transmission/README.rst b/roles/transmission/README.rst index 2de521963..7cc3d2701 100644 --- a/roles/transmission/README.rst +++ b/roles/transmission/README.rst @@ -38,7 +38,9 @@ Log in to Transmission's web interface http://box:9091 using administrative acco Username: Admin Password: changeme -If you prefer the command-line, you can instead run `transmission-remote `_ commands. +Change the above password by editing ``rpc-password`` in ``/etc/transmission-daemon/settings.json`` (your plaintext will be hashed to conceal it, the next time Transmission is started). + +Finally if you prefer the command-line, you can instead run `transmission-remote `_ commands. Configuration ------------- From 9110f7f9dad39d04165f416247c867f10f800524 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 11 Feb 2022 07:13:10 -0500 Subject: [PATCH 02/53] phpmyadmin/defaults/main.yml: 5.1.2 -> 5.1.3 --- roles/phpmyadmin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/phpmyadmin/defaults/main.yml b/roles/phpmyadmin/defaults/main.yml index c2c86d150..00c694aef 100644 --- a/roles/phpmyadmin/defaults/main.yml +++ b/roles/phpmyadmin/defaults/main.yml @@ -4,7 +4,7 @@ # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! -phpmyadmin_version: 5.1.2 +phpmyadmin_version: 5.1.3 phpmyadmin_name: "phpMyAdmin-{{ phpmyadmin_version }}-all-languages" phpmyadmin_dl_url: "https://files.phpmyadmin.net/phpMyAdmin/{{ phpmyadmin_version }}/{{ phpmyadmin_name }}.tar.xz" phpmyadmin_name_zip: "{{ phpmyadmin_version }}/{{ phpmyadmin_name }}.tar.xz" From 41817764ab76db59ec76e4cb0aca81c6e8a7d4b4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 15 Feb 2022 23:55:25 -0500 Subject: [PATCH 03/53] roles/calibre-web/README.rst: Fix path /usr/local/calibre-web-py3 --- roles/calibre-web/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index d44fb0f16..70ad84d14 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -105,7 +105,7 @@ Or, to reinstall all of IIAB:: Or, if you just want to upgrade Calibre-Web code alone, prior to proceeding manually:: - cd /opt/iiab/calibre-web + cd /usr/local/calibre-web-py3 git pull Known Issues From 2c6902e8ae34471165f5e577e8daae766742845b Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 17 Feb 2022 16:48:49 -0500 Subject: [PATCH 04/53] Use 'raspi-config --expand-rootfs' in 1-prep/templates/iiab-rpi-max-rootfs.sh --- roles/1-prep/templates/iiab-rpi-max-rootfs.sh | 44 ++++++++++++------- 1 file changed, 28 insertions(+), 16 deletions(-) diff --git a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh index d24788602..aa221bcf0 100644 --- a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh +++ b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh @@ -1,20 +1,32 @@ #!/bin/bash -x -# Resize rootfs and its partition on the rpi SD card to maximum size -# To be used by systemd service on boot -# Only resizes if /.resize-rootfs exists -# Assumes root is last partition -# Only works on F22 + where resizepart command exists -# Assumes sd card style partition name like p -if [ -f /.resize-rootfs ];then - echo "$0: maximizing rootfs partion" - # Calculate root partition - root_part=`lsblk -aP -o NAME,MOUNTPOINT|grep 'MOUNTPOINT="/"' |awk -F\" '{ print $2 }'` - root_dev=${root_part:0:-2} - root_part_no=${root_part: (-1)} +# Resize rootfs and its partition on the rpi SD card (or external USB +# disk if possible, e.g. with Raspberry Pi OS) to maximum size. - # Resize partition - growpart /dev/$root_dev $root_part_no - resize2fs /dev/$root_part - rm /.resize-rootfs +# To be used by /etc/systemd/system/iiab-rpi-root-resize.service on boot. +# Only resizes if /.resize-rootfs exists. +# Assumes root is last partition. + +if [ -f /.resize-rootfs ]; then + echo "$0: maximizing rootfs partion" + + if [ -x /usr/bin/raspi-config ]; then + # 2022-02-17: Works in many more situations, e.g. with USB disks (not + # just microSD cards). IF ONLY THIS ALSO WORKED ON Ubuntu/Mint/etc ! + raspi-config --expand-rootfs + else + # Assumes sd card style partition name like p + # Only works on F22 + where resizepart command exists + + # Calculate root partition + root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` + root_dev=${root_part:0:-2} + root_part_no=${root_part: (-1)} + + # Resize partition + growpart /dev/$root_dev $root_part_no + resize2fs /dev/$root_part + fi + + rm /.resize-rootfs fi From 38eb8868e3237039451ac73ad7e5a7a7cd03ace5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 18 Feb 2022 10:03:23 -0500 Subject: [PATCH 05/53] Clarify & Clean 1-prep/templates/iiab-rpi-max-rootfs.sh for PR #3121 --- roles/1-prep/templates/iiab-rpi-max-rootfs.sh | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh index aa221bcf0..6c91ac9f6 100644 --- a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh +++ b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh @@ -1,6 +1,6 @@ #!/bin/bash -x -# Resize rootfs and its partition on the rpi SD card (or external USB +# Resize rootfs and its partition on the RPi SD card (or external USB # disk if possible, e.g. with Raspberry Pi OS) to maximum size. # To be used by /etc/systemd/system/iiab-rpi-root-resize.service on boot. @@ -15,13 +15,18 @@ if [ -f /.resize-rootfs ]; then # just microSD cards). IF ONLY THIS ALSO WORKED ON Ubuntu/Mint/etc ! raspi-config --expand-rootfs else - # Assumes sd card style partition name like p + # 2022-02-17 PR #3121: This 2-line explanation appears stale... + # Assumes SD card style partition name like p # Only works on F22 + where resizepart command exists # Calculate root partition - root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` + root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` root_dev=${root_part:0:-2} - root_part_no=${root_part: (-1)} + # bash substring expansion: "negative offset [below, but not above] + # must be separated from the colon by at least one space to avoid + # being confused with the ‘:-’ expansion" + # https://www.gnu.org/software/bash/manual/html_node/Shell-Parameter-Expansion.html + root_part_no=${root_part: -1} # Resize partition growpart /dev/$root_dev $root_part_no From e7b201e84cc5852fef6123a49999c2053cc5b877 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 18 Feb 2022 13:46:46 -0500 Subject: [PATCH 06/53] Further clarify 1-prep/templates/iiab-rpi-max-rootfs.sh --- roles/1-prep/templates/iiab-rpi-max-rootfs.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh index 6c91ac9f6..034b653eb 100644 --- a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh +++ b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh @@ -13,20 +13,24 @@ if [ -f /.resize-rootfs ]; then if [ -x /usr/bin/raspi-config ]; then # 2022-02-17: Works in many more situations, e.g. with USB disks (not # just microSD cards). IF ONLY THIS ALSO WORKED ON Ubuntu/Mint/etc ! + + # Uses do_expand_rootfs() from: + # https://github.com/RPi-Distro/raspi-config/blob/master/raspi-config raspi-config --expand-rootfs else - # 2022-02-17 PR #3121: This 2-line explanation appears stale... - # Assumes SD card style partition name like p - # Only works on F22 + where resizepart command exists + # ASSUMES SD CARD STYLE PARTITION NAME LIKE p + # e.g. /dev/mmcblk0p2 mounts at / (typical RasPiOS microSD) + # BUT /dev/sda2 mounts at /media/usb1 (typical RasPiOS USB boot + # disk WON'T WORK BELOW!) # Calculate root partition - root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` - root_dev=${root_part:0:-2} + root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` # e.g. mmcblk0p2 + root_dev=${root_part:0:-2} # e.g. mmcblk0 # bash substring expansion: "negative offset [below, but not above] # must be separated from the colon by at least one space to avoid # being confused with the ‘:-’ expansion" # https://www.gnu.org/software/bash/manual/html_node/Shell-Parameter-Expansion.html - root_part_no=${root_part: -1} + root_part_no=${root_part: -1} # e.g. 2 # Resize partition growpart /dev/$root_dev $root_part_no From bd71b9484bad2f168ea88ac15f5823d0a91860f5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 18 Feb 2022 13:56:57 -0500 Subject: [PATCH 07/53] 1-prep/templates/iiab-rpi-max-rootfs.sh: Explain & link to PR #3121 --- roles/1-prep/templates/iiab-rpi-max-rootfs.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh index 034b653eb..8405727b4 100644 --- a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh +++ b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh @@ -20,8 +20,8 @@ if [ -f /.resize-rootfs ]; then else # ASSUMES SD CARD STYLE PARTITION NAME LIKE p # e.g. /dev/mmcblk0p2 mounts at / (typical RasPiOS microSD) - # BUT /dev/sda2 mounts at /media/usb1 (typical RasPiOS USB boot - # disk WON'T WORK BELOW!) + # BUT /dev/sda2 mounts at /media/usb1 (RasPiOS USB boot disk... + # ...WON'T WORK BELOW; recap @ PR #3121) # Calculate root partition root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` # e.g. mmcblk0p2 From 100db44d5abe8411c4acf3e0e41c01f75025de05 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 1 Mar 2022 09:29:49 -0500 Subject: [PATCH 08/53] scripts/ansible: Recommend ansible-core 2.12.3 --- scripts/ansible | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ansible b/scripts/ansible index 6f33f449e..9b9ae68a0 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -8,7 +8,7 @@ APT_PATH=/usr/bin # Avoids problematic /usr/local/bin/apt on Linux Mint CURR_VER=undefined # Ansible version you currently have installed -GOOD_VER=2.12.2 # Orig for 'yum install [rpm]' & XO laptops (pip install) +GOOD_VER=2.12.3 # Orig for 'yum install [rpm]' & XO laptops (pip install) # 2021-06-22: The apt approach (with PPA source in /etc/apt/sources.list.d/ and # .gpg key etc) are commented out with ### below. Associated guidance/comments From 19c88bad51741e33b1240087a3c43d42c2d63040 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 4 Mar 2022 17:22:41 -0500 Subject: [PATCH 09/53] remoteit/defaults/main.yml: remoteit_version: 4.13.7 -> 4.14.1 --- roles/remoteit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/remoteit/defaults/main.yml b/roles/remoteit/defaults/main.yml index 3017ecb2f..cd7c060c4 100644 --- a/roles/remoteit/defaults/main.yml +++ b/roles/remoteit/defaults/main.yml @@ -12,7 +12,7 @@ # - Debian Linux (x86_64) # - Pi OS (ARM) # - Pi OS (ARM64) -remoteit_version: 4.13.7 +remoteit_version: 4.14.1 # See https://docs.remote.it/device-package/installation to refine URL below: device_suffixes: From 1d0c14a4a5e51ca0ec6814a9e9b5be765aa370d1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 08:44:28 -0500 Subject: [PATCH 10/53] Refine roles/calibre-web/README.rst upgrade tips --- roles/calibre-web/README.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index 70ad84d14..fa39c3c9c 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -90,9 +90,10 @@ Internet-in-a-Box (IIAB) is online. But first: back up your content **and** settings, as explained above. -**Then move your /library/calibre-web/metadata.db out of the way, if you're -sure you want to (re)install bare/minimal metadata, and force all Calibre-Web -settings to the default. Then run**:: +**Also move your /library/calibre-web/config/app.db and +/library/calibre-web/metadata.db out of the way — if you're sure to want to +fully reset your Calibre-Web settings (to install defaults) and remove all +e-book metadata! Then run**:: cd /opt/iiab/iiab ./runrole calibre-web From af88232071f80de6a58ea18d322f528ef5641ecb Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 08:52:00 -0500 Subject: [PATCH 11/53] Fix calibre-web/README.rst upgrade instructions --- roles/calibre-web/README.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index fa39c3c9c..03494d504 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -96,12 +96,7 @@ fully reset your Calibre-Web settings (to install defaults) and remove all e-book metadata! Then run**:: cd /opt/iiab/iiab - ./runrole calibre-web - -Or, to reinstall all of IIAB:: - - cd /opt/iiab/iiab - ./iiab-install --reinstall + ./runrole calibre-web --reinstall Or, if you just want to upgrade Calibre-Web code alone, prior to proceeding manually:: @@ -109,6 +104,11 @@ manually:: cd /usr/local/calibre-web-py3 git pull +This older way *is no longer recommended*:: + + cd /opt/iiab/iiab + ./iiab-install --reinstall + Known Issues ------------ From b482018b1a6d9fc569164faa360b744e0fcf46f0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 09:22:46 -0500 Subject: [PATCH 12/53] Fix stale comment: /usr/local/calibre-web is now /usr/local/calibre-web-py3 --- roles/calibre-web/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index 7d82f6677..801b273c0 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -29,7 +29,7 @@ - name: Clone i.e. download Calibre-Web ({{ calibreweb_version }}) from https://github.com/janeczku/calibre-web.git to {{ calibreweb_venv_path }} (~94 MB initially, ~115+ MB later) git: repo: https://github.com/janeczku/calibre-web.git - dest: "{{ calibreweb_venv_path }}" # /usr/local/calibre-web + dest: "{{ calibreweb_venv_path }}" force: yes depth: 1 version: "{{ calibreweb_version }}" # e.g. master, 0.6.5 From 567020ba00561bd392ea7efb4285d2ca93e99a72 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 09:43:41 -0500 Subject: [PATCH 13/53] Install /library/calibre-web/config/app.db (Calibre-Web settings) IFF missing --- roles/calibre-web/tasks/install.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index 801b273c0..73f945746 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -19,7 +19,6 @@ path: "{{ item }}" owner: "{{ calibreweb_user }}" # root group: "{{ apache_user }}" # www-data on debuntu - #mode: '0755' with_items: - "{{ calibreweb_home }}" # /library/calibre-web - "{{ calibreweb_config }}" # /library/calibre-web/config @@ -32,7 +31,7 @@ dest: "{{ calibreweb_venv_path }}" force: yes depth: 1 - version: "{{ calibreweb_version }}" # e.g. master, 0.6.5 + version: "{{ calibreweb_version }}" # e.g. master, 0.6.17 ## Ansible Pip Bug: Cannot use 'chdir' with 'env' https://github.com/ansible/ansible/issues/37912 (Patch landed) #- name: Download calibre-web dependencies into vendor subdirectory. @@ -66,24 +65,25 @@ dest: "{{ calibreweb_home }}" # /library/calibre-web owner: "{{ calibreweb_user }}" # root group: "{{ apache_user }}" # www-data on debuntu - #mode: '0644' backup: yes with_items: - roles/calibre-web/files/metadata.db - roles/calibre-web/files/metadata_db_prefs_backup.json when: not metadatadb.stat.exists - #when: calibreweb_provision -- name: Provision/Copy default admin settings to {{ calibreweb_config }}/app.db IF metadata.db did not exist +- name: Does /library/calibre-web/config/app.db exist? + stat: + path: /library/calibre-web/config/app.db + register: appdb + +- name: Provision/Copy default admin settings to {{ calibreweb_config }}/app.db IF it did not exist copy: src: roles/calibre-web/files/app.db dest: "{{ calibreweb_config }}" # /library/calibre-web/config owner: "{{ calibreweb_user }}" # root group: "{{ apache_user }}" # www-data on debuntu - #mode: '0644' backup: yes - when: not metadatadb.stat.exists - #when: calibreweb_provision + when: not appdb.stat.exists # RECORD Calibre-Web AS INSTALLED From c7683ae65186cb76a5021851e190efce150292ed Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 09:51:20 -0500 Subject: [PATCH 14/53] Record calibreweb_settings_database NOT calibreweb_database to /etc/iiab/iiab.ini --- roles/calibre-web/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/calibre-web/tasks/main.yml b/roles/calibre-web/tasks/main.yml index 40515eb57..e8be74274 100644 --- a/roles/calibre-web/tasks/main.yml +++ b/roles/calibre-web/tasks/main.yml @@ -70,5 +70,5 @@ value: "{{ calibreweb_home }}" - option: calibreweb_port value: "{{ calibreweb_port }}" - - option: calibreweb_database - value: "{{ calibreweb_database }}" + - option: calibreweb_settings_database + value: "{{ calibreweb_settings_database }}" From 4ef451007e5315501d383396bc6fd050abdcc1fa Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 10:03:25 -0500 Subject: [PATCH 15/53] Clean up calibre-web/defaults/main.yml --- roles/calibre-web/defaults/main.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/roles/calibre-web/defaults/main.yml b/roles/calibre-web/defaults/main.yml index 903b3b6e5..7abab0bd8 100644 --- a/roles/calibre-web/defaults/main.yml +++ b/roles/calibre-web/defaults/main.yml @@ -19,18 +19,19 @@ calibreweb_version: master # WAS: master, 0.6.4, 0.6.5, 0.6.6, 0.6.7, 0.6.8, calibreweb_venv_path: /usr/local/calibre-web-py3 calibreweb_exec_path: "{{ calibreweb_venv_path }}/cps.py" -# Config files put in: +# Config files (in reality just app.db) put in: calibreweb_config: "{{ calibreweb_home }}/config" -# Calibre-Web will be provisioned with default administrative account, -# metadata.db and language if /library/calibre-web/metadata.db does not exist. -# NOT CURRENTLY IN USE: calibreweb_provision: True -calibreweb_settings_database: app.db -calibreweb_database: metadata.db +# 2022-03-07: Calibre-Web will be reset to default settings if (re)installed +# when /library/calibre-web/config/app.db doesn't exist: +calibreweb_settings_database: app.db # /library/calibre-web/config/app.db + +# UNUSED var as of 2022-03-07: +# calibreweb_database: metadata.db # /library/calibre-web/metadata.db # Files owned by: calibreweb_user: root -# UNUSED variables, as of March 2019: +# UNUSED vars, as of March 2019: # calibreweb_admin_user: Admin # calibreweb_admin_password: changeme From c9e511103d168c0b8d5fbcd95f27097eacbe06ff Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 10:24:42 -0500 Subject: [PATCH 16/53] calibre-web/README.rst: Revise upgrade instructions --- roles/calibre-web/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index 03494d504..d5d97e2c5 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -90,9 +90,9 @@ Internet-in-a-Box (IIAB) is online. But first: back up your content **and** settings, as explained above. -**Also move your /library/calibre-web/config/app.db and +**Also move your /library/calibre-web/config/app.db AND/OR /library/calibre-web/metadata.db out of the way — if you're sure to want to -fully reset your Calibre-Web settings (to install defaults) and remove all +fully reset your Calibre-Web settings (to install defaults) AND/OR remove all e-book metadata! Then run**:: cd /opt/iiab/iiab From 9b0146e59fc57a197d27af1dc0d0e7b7c9eeb8b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 10:26:22 -0500 Subject: [PATCH 17/53] calibre-web/README.rst: Fix grammar typo --- roles/calibre-web/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index d5d97e2c5..d3b35d1ce 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -91,7 +91,7 @@ Internet-in-a-Box (IIAB) is online. But first: back up your content **and** settings, as explained above. **Also move your /library/calibre-web/config/app.db AND/OR -/library/calibre-web/metadata.db out of the way — if you're sure to want to +/library/calibre-web/metadata.db out of the way — if you're sure you want to fully reset your Calibre-Web settings (to install defaults) AND/OR remove all e-book metadata! Then run**:: From a060d95ec8976f46bc2d948fe193ce91f29a908a Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 10:34:36 -0500 Subject: [PATCH 18/53] calibre-web/README.rst: Fix explanation to './runrole --reinstall calibre-web' --- roles/calibre-web/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index d3b35d1ce..038992256 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -96,7 +96,7 @@ fully reset your Calibre-Web settings (to install defaults) AND/OR remove all e-book metadata! Then run**:: cd /opt/iiab/iiab - ./runrole calibre-web --reinstall + ./runrole --reinstall calibre-web Or, if you just want to upgrade Calibre-Web code alone, prior to proceeding manually:: From df5f951e13694524ddcf81edaae567361d8aa4d9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 7 Mar 2022 22:20:26 -0500 Subject: [PATCH 19/53] calibre-web/README.rst: Link to Calibre-Web FAQ+docs --- roles/calibre-web/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index 038992256..44df76aa4 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -74,7 +74,7 @@ See also:: /library/calibre-web/metadata_db_prefs_backup.json -See the official docs on Calibre-Web's `Runtime Configuration Options `_. +Finally, take note of Calibre-Web's `FAQ `_ and official docs on its `Runtime Configuration Options `_ and `Command Line Interface `_. Back Up Everything ------------------ @@ -107,7 +107,7 @@ manually:: This older way *is no longer recommended*:: cd /opt/iiab/iiab - ./iiab-install --reinstall + ./iiab-install --reinstall # OR: ./iiab-configure Known Issues ------------ From bd1742dcc6c5c0a855cd0d9536e5f9a8bd310a4e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 10 Mar 2022 20:51:46 -0500 Subject: [PATCH 20/53] nextcloud/tasks/install.yml: Update Nextcloud 23.0.2 footprint sizes --- roles/nextcloud/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 968dc8c08..31fbe97d6 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -91,7 +91,7 @@ state: directory path: "{{ nextcloud_root_dir }}" # /library/www/nextcloud -- name: Unarchive {{ nextcloud_dl_url }} (~132 MB) to {{ nextcloud_root_dir }} (~474 MB initially, 496+ MB later, {{ apache_user }}:{{ apache_user }}) +- name: Unarchive {{ nextcloud_dl_url }} (~132 MB) to {{ nextcloud_root_dir }} (~475 MB initially, 498+ MB later, {{ apache_user }}:{{ apache_user }}) unarchive: remote_src: yes # Overwrite even if "already exists on the target" src: "{{ nextcloud_dl_url }}" From 19f768a397ccc4355afb0aec538fc18d698512ea Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 10 Mar 2022 21:26:39 -0500 Subject: [PATCH 21/53] sugarizer/tasks/install.yml: Update dir sizes for latest Sugarizer/Server --- roles/sugarizer/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index bf0e37252..08fabac93 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -29,7 +29,7 @@ # 2. DOWNLOAD+LINK /opt/iiab/sugarizer -- name: Clone llaske/sugarizer ({{ sugarizer_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_dir_version }} (DOWNLOADS ~717 MB) +- name: Clone llaske/sugarizer ({{ sugarizer_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_dir_version }} (DOWNLOADS ~740 MB) git: repo: https://github.com/llaske/sugarizer dest: "{{ iiab_base }}/{{ sugarizer_dir_version }}" @@ -61,7 +61,7 @@ # CLARIF: during repeat runs of "./runrole sugarizer", this git sync shows # "changed" (whereas above git sync shows "ok"). Reason: "npm install" # (below) modifies /opt/iiab/sugarizer-server/node_modules -- name: Clone llaske/sugarizer-server ({{ sugarizer_server_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_server_dir_version }} (~9 MB initially, ~193+ MB later) +- name: Clone llaske/sugarizer-server ({{ sugarizer_server_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_server_dir_version }} (~9 MB initially, ~195+ MB later) git: repo: https://github.com/llaske/sugarizer-server dest: "{{ iiab_base }}/{{ sugarizer_server_dir_version }}" From 9970307121a5fd436699e4c2cd1942b8afcea755 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 13 Mar 2022 20:33:45 -0400 Subject: [PATCH 22/53] vars/local_vars_large.yml: Don't install Lokole due to #3132 --- vars/local_vars_large.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index c37efd2bf..a8cab61ca 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -232,8 +232,8 @@ jupyterhub_install: True jupyterhub_enabled: True # Lokole (email for rural communities) from https://ascoderu.ca -lokole_install: True -lokole_enabled: True +lokole_install: False # 2022-03-13: Needs work with Python 3.9+ +lokole_enabled: False # https://github.com/iiab/iiab/issues/3132 # Wikipedia's community editing platform - from MediaWiki.org mediawiki_install: True From 7f41fa077f7c5926d4326e19fc0638637ce1c054 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 13 Mar 2022 20:42:48 -0400 Subject: [PATCH 23/53] roles/lokole/README.rst: Better link to Lokole issues --- roles/lokole/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lokole/README.rst b/roles/lokole/README.rst index cb9ebc8d7..95da4397c 100644 --- a/roles/lokole/README.rst +++ b/roles/lokole/README.rst @@ -95,4 +95,4 @@ For further usage information and troubleshooting, refer to the `Lokole user man Known Issues ------------ -For an up-to-date list of open issues, please see the `Lokole project's issue tracker `_. See also `IIAB's issue tracker `_. +For an up-to-date list of open issues, please see the `Lokole project's issue tracker `_. See also `IIAB's issue tracker `_. From 398854da601416f5d99a6f87a3dc3d52a3d5c490 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 14 Mar 2022 15:51:30 -0400 Subject: [PATCH 24/53] PR #3035: Clarify Lokole in vars/local_vars_medium.yml --- vars/local_vars_medium.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 713d0a135..27675e830 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -232,8 +232,8 @@ jupyterhub_install: False jupyterhub_enabled: False # Lokole (email for rural communities) from https://ascoderu.ca -lokole_install: False -lokole_enabled: False +lokole_install: False # 2022-03-13: Needs work with Python 3.9+ +lokole_enabled: False # https://github.com/iiab/iiab/issues/3132 # Wikipedia's community editing platform - from MediaWiki.org mediawiki_install: False From 66666f147d9e63dd8e186ba776ab93d45dd6fe52 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 14 Mar 2022 15:51:36 -0400 Subject: [PATCH 25/53] PR #3035: Clarify Lokole in vars/local_vars_small.yml --- vars/local_vars_small.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 20f6748cc..4bc7e4a37 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -232,8 +232,8 @@ jupyterhub_install: False jupyterhub_enabled: False # Lokole (email for rural communities) from https://ascoderu.ca -lokole_install: False -lokole_enabled: False +lokole_install: False # 2022-03-13: Needs work with Python 3.9+ +lokole_enabled: False # https://github.com/iiab/iiab/issues/3132 # Wikipedia's community editing platform - from MediaWiki.org mediawiki_install: False From 35427981a0b8a869e52d21e1cef1ac929729a5b0 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 10:24:30 -0400 Subject: [PATCH 26/53] iiab-expand-rootfs for more HW/OS's, per raspi-config's do_expand_rootfs() --- roles/1-prep/README.adoc | 3 +- roles/1-prep/tasks/hardware.yml | 25 +++++++- roles/1-prep/tasks/raspberry_pi.yml | 37 ++++-------- roles/1-prep/templates/iiab-expand-rootfs | 57 +++++++++++++++++++ ...ize.service => iiab-expand-rootfs.service} | 0 roles/1-prep/templates/iiab-rpi-max-rootfs.sh | 41 ------------- 6 files changed, 93 insertions(+), 70 deletions(-) create mode 100644 roles/1-prep/templates/iiab-expand-rootfs rename roles/1-prep/templates/{iiab-rpi-root-resize.service => iiab-expand-rootfs.service} (100%) delete mode 100644 roles/1-prep/templates/iiab-rpi-max-rootfs.sh diff --git a/roles/1-prep/README.adoc b/roles/1-prep/README.adoc index cdbd75142..04bf41db0 100644 --- a/roles/1-prep/README.adoc +++ b/roles/1-prep/README.adoc @@ -14,6 +14,7 @@ username and group, to log into Admin Console * Ubermix (distro) needs /etc/tmpfiles.d/iiab.conf to create essential /var/log subdirs on each boot * *_Hardware actions:_* + ** Install https://github.com/iiab/iiab/blob/master/roles/1-prep/templates/iiab-expand-rootfs[iiab-expand-rootfs] ** link:tasks/raspberry_pi.yml[*_raspberry_pi.yml_*]: *** RTC (real-time clock): install udev rule, configure, enable *** *_Install packages related to:_* @@ -22,8 +23,6 @@ username and group, to log into Admin Console **** fake-hwclock (as RTC is often missing or dead!) **** Wi-Fi *** Increase swap file size - *** https://github.com/iiab/iiab/blob/master/roles/1-prep/templates/iiab-rpi-max-rootfs.sh[rootfs - auto-resizing] ** NUC 6 Wi-Fi firmware Recap: Similar to 0-init, 2-common, 3-base-server, 4 server-options and diff --git a/roles/1-prep/tasks/hardware.yml b/roles/1-prep/tasks/hardware.yml index 2650c7217..c7557da5e 100644 --- a/roles/1-prep/tasks/hardware.yml +++ b/roles/1-prep/tasks/hardware.yml @@ -1,17 +1,38 @@ +- name: Install package 'cloud-guest-utils' so growpart is available for expanding rootfs partition during boot + package: + name: cloud-guest-utils # 2022-03-15: For RasPiOS especially. Ubuntu has still pre-installed, for use with cloud-init. + state: present + +- name: "Install from templates: /usr/sbin/iiab-expand-rootfs, /etc/systemd/system/iiab-expand-rootfs.service" + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + with_items: + - { src: 'iiab-expand-rootfs', dest: '/usr/sbin/', mode: '0755' } + - { src: 'iiab-expand-rootfs.service', dest: '/etc/systemd/system/', mode: '0644' } + +- name: Enable /etc/systemd/system/iiab-expand-rootfs.service + systemd: + name: iiab-expand-rootfs + enabled: yes + + ## DISCOVER PLATFORMS ###### # Put conditional actions for hardware platforms here - include_tasks: raspberry_pi.yml when: first_run and rpi_model != "none" + - name: Check if the identifier for Intel's NUC6 built-in WiFi is present shell: "lsusb | grep 8087:0a2b | wc | awk '{print $1}'" register: usb_NUC6 ignore_errors: True -- name: Download {{ iiab_download_url }}/iwlwifi-8000C-13.ucode to /lib/firmware for built-in WiFi on NUC6 # iiab_download_url is http://download.iiab.io/packages +- name: Download {{ iiab_download_url }}/iwlwifi-8000C-13.ucode to /lib/firmware for built-in WiFi on NUC6 get_url: - url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode" + url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode" # http://download.iiab.io/packages dest: /lib/firmware timeout: "{{ download_timeout }}" when: usb_NUC6.stdout|int > 0 diff --git a/roles/1-prep/tasks/raspberry_pi.yml b/roles/1-prep/tasks/raspberry_pi.yml index bc54f58af..aa71ff426 100644 --- a/roles/1-prep/tasks/raspberry_pi.yml +++ b/roles/1-prep/tasks/raspberry_pi.yml @@ -39,21 +39,25 @@ meta: noop # 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) -# are provided by RaspiOS. Ubuntu|Debian on the other hand are hit or miss: +# are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: # desktops might have some/all 3 preinstalled, while servers tend not to have # these present at all, but are needed to be installed if you want to take full # advantage of WiFi on Ubuntu and friends -- but it's only enforced on RPi # hardware where we know in advance of the likelihood of WiFi being present. -- name: 'Install packages: cloud-guest-utils, dphys-swapfile, fake-hwclock, iw, rfkill, wireless-tools' +# 2022-03-15: This section is effectively now useless on RasPiOS (but apparently +# serves a purpose on Ubuntu on RPi, where it installs dphys-swapfile and +# fake-hwclock). Still: @jvonau's above explanation of other OS's / other HW +# suggest this code should possibly move in future, to helps others too? + +- name: 'Install packages: dphys-swapfile, fake-hwclock, iw, rfkill, wireless-tools' package: name: - - cloud-guest-utils # Contains 'growpart' for resizing a partition during boot, which is normally done with the aid of cloud-init - - dphys-swapfile # 2021-07-27: RaspiOS installs this regardless -- autogenerate and use a swap file - - fake-hwclock # 2021-07-27: RaspiOS installs this regardless -- save/restore system clock on machines without working RTC hardware - - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 - - rfkill # 2021-07-27: RaspiOS installs this regardless -- enable & disable wireless devices - - wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions + - dphys-swapfile # 2021-03-15: For Ubuntu on RPi? RasPiOS installs this regardless -- autogenerate and use a swap file + - fake-hwclock # 2021-03-15: For Ubuntu on RPi? RasPiOS installs this regardless -- save/restore system clock on machines without working RTC hardware + - iw # 2021-07-27: RasPiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 + - rfkill # 2021-07-27: RasPiOS installs this regardless -- enable & disable wireless devices + - wireless-tools # 2021-07-27: RasPiOS installs this regardless -- manipulate Linux Wireless Extensions state: present @@ -68,20 +72,3 @@ systemd: # Had been...a rare/legacy service that was NOT systemd name: dphys-swapfile state: restarted - - -- name: Install RPi rootfs resizing (/usr/sbin/iiab-rpi-max-rootfs.sh) and its systemd service (/etc/systemd/system/iiab-rpi-root-resize.service), from templates (root:root by default) - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - #owner: root - #group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'iiab-rpi-max-rootfs.sh', dest: '/usr/sbin/', mode: '0755' } - - { src: 'iiab-rpi-root-resize.service', dest: '/etc/systemd/system/', mode: '0644' } - -- name: Enable RPi rootfs resizing (systemd service iiab-rpi-root-resize.service) - systemd: - name: iiab-rpi-root-resize - enabled: yes diff --git a/roles/1-prep/templates/iiab-expand-rootfs b/roles/1-prep/templates/iiab-expand-rootfs new file mode 100644 index 000000000..baa4623dd --- /dev/null +++ b/roles/1-prep/templates/iiab-expand-rootfs @@ -0,0 +1,57 @@ +#!/bin/bash -x + +# Expand rootfs partition to its maximum size, if /.expand-rootfs exists. +# Used by /etc/systemd/system/iiab-expand-rootfs.service on IIAB boot. + +# Should work with most Linux OS's, regardless whether Raspberry Pi SD cards +# or external USB boot disks, etc. Verifies that rootfs is the last partition. + +if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then + echo "$0: Expanding rootfs partition" + + if [ -x /usr/bin/raspi-config ]; then + # 2022-02-17: Works in many more situations, e.g. with USB disks (not + # just microSD cards). IF ONLY THIS ALSO WORKED ON Ubuntu/Mint/etc ! + + # Uses do_expand_rootfs() from: + # https://github.com/RPi-Distro/raspi-config/blob/master/raspi-config + raspi-config --expand-rootfs + else + # 2022-03-15: Borrows from above raspi-config URL's do_expand_rootfs() + ROOT_PART="$(findmnt / -o SOURCE -n)" # e.g. /dev/sda2 or /dev/mmcblk0p2 + ROOT_DEV="/dev/$(lsblk -no pkname "$ROOT_PART")" # e.g. /dev/sda or /dev/mmcblk0 + + ROOT_PART_NUM="$(echo "$ROOT_PART" | grep -o "[[:digit:]]*$")" # e.g. 2 + # SLOW (~10 seconds) but it works! + LAST_PART_NUM=$(parted "$ROOT_DEV" -ms unit s p | tail -n 1 | cut -f 1 -d:) + + if [ $ROOT_PART_NUM -ne $LAST_PART_NUM ]; then + echo "ERROR: $ROOT_PART partition ($ROOT_PART_NUM) is not the last partition ($LAST_PART_NUM). Don't know how to expand." + return 0 + fi + + # Expand partition + growpart $ROOT_DEV $ROOT_PART_NUM + resize2fs $ROOT_PART + + # # ASSUMES SD CARD STYLE PARTITION NAME LIKE p + # # e.g. /dev/mmcblk0p2 mounts at / (typical RasPiOS microSD) + # # BUT /dev/sda2 mounts at /media/usb1 (RasPiOS USB boot disk... + # # ...WON'T WORK BELOW; recap @ PR #3121) + + # # Calculate root partition + # root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` # e.g. mmcblk0p2 + # root_dev=${root_part:0:-2} # e.g. mmcblk0 + # # bash substring expansion: "negative offset [below, but not above] + # # must be separated from the colon by at least one space to avoid + # # being confused with the ‘:-’ expansion" + # # https://www.gnu.org/software/bash/manual/html_node/Shell-Parameter-Expansion.html + # root_part_no=${root_part: -1} # e.g. 2 + + # # Resize partition + # growpart /dev/$root_dev $root_part_no + # resize2fs /dev/$root_part + fi + + rm -f /.expand-rootfs /.resize-rootfs +fi diff --git a/roles/1-prep/templates/iiab-rpi-root-resize.service b/roles/1-prep/templates/iiab-expand-rootfs.service similarity index 100% rename from roles/1-prep/templates/iiab-rpi-root-resize.service rename to roles/1-prep/templates/iiab-expand-rootfs.service diff --git a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh b/roles/1-prep/templates/iiab-rpi-max-rootfs.sh deleted file mode 100644 index 8405727b4..000000000 --- a/roles/1-prep/templates/iiab-rpi-max-rootfs.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -x - -# Resize rootfs and its partition on the RPi SD card (or external USB -# disk if possible, e.g. with Raspberry Pi OS) to maximum size. - -# To be used by /etc/systemd/system/iiab-rpi-root-resize.service on boot. -# Only resizes if /.resize-rootfs exists. -# Assumes root is last partition. - -if [ -f /.resize-rootfs ]; then - echo "$0: maximizing rootfs partion" - - if [ -x /usr/bin/raspi-config ]; then - # 2022-02-17: Works in many more situations, e.g. with USB disks (not - # just microSD cards). IF ONLY THIS ALSO WORKED ON Ubuntu/Mint/etc ! - - # Uses do_expand_rootfs() from: - # https://github.com/RPi-Distro/raspi-config/blob/master/raspi-config - raspi-config --expand-rootfs - else - # ASSUMES SD CARD STYLE PARTITION NAME LIKE p - # e.g. /dev/mmcblk0p2 mounts at / (typical RasPiOS microSD) - # BUT /dev/sda2 mounts at /media/usb1 (RasPiOS USB boot disk... - # ...WON'T WORK BELOW; recap @ PR #3121) - - # Calculate root partition - root_part=`lsblk -aP -o NAME,MOUNTPOINT | grep 'MOUNTPOINT="/"' | awk -F\" '{ print $2 }'` # e.g. mmcblk0p2 - root_dev=${root_part:0:-2} # e.g. mmcblk0 - # bash substring expansion: "negative offset [below, but not above] - # must be separated from the colon by at least one space to avoid - # being confused with the ‘:-’ expansion" - # https://www.gnu.org/software/bash/manual/html_node/Shell-Parameter-Expansion.html - root_part_no=${root_part: -1} # e.g. 2 - - # Resize partition - growpart /dev/$root_dev $root_part_no - resize2fs /dev/$root_part - fi - - rm /.resize-rootfs -fi From 334c7089f0ac08898d4d7a78b7b0e886b7f8450e Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 11:00:07 -0400 Subject: [PATCH 27/53] roles/1-prep/README.adoc: hardware.yml & raspberry_pi.yml packages/context --- roles/1-prep/README.adoc | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/1-prep/README.adoc b/roles/1-prep/README.adoc index 04bf41db0..0d275473b 100644 --- a/roles/1-prep/README.adoc +++ b/roles/1-prep/README.adoc @@ -14,15 +14,15 @@ username and group, to log into Admin Console * Ubermix (distro) needs /etc/tmpfiles.d/iiab.conf to create essential /var/log subdirs on each boot * *_Hardware actions:_* - ** Install https://github.com/iiab/iiab/blob/master/roles/1-prep/templates/iiab-expand-rootfs[iiab-expand-rootfs] + ** Install package cloud-guest-utils for growpart + ** Install https://github.com/iiab/iiab/blob/master/roles/1-prep/templates/iiab-expand-rootfs[iiab-expand-rootfs] that acts on flag `/.expand-rootfs` at boot ** link:tasks/raspberry_pi.yml[*_raspberry_pi.yml_*]: *** RTC (real-time clock): install udev rule, configure, enable - *** *_Install packages related to:_* - **** growpart - **** swapfile + *** *_Install packages:_* + **** dphys-swapfile (for swapfile) **** fake-hwclock (as RTC is often missing or dead!) - **** Wi-Fi - *** Increase swap file size + **** iw, rfkill, wireless-tools (for internal Wi-Fi) + *** Increase swap file size (to `pi_swap_file_size`) ** NUC 6 Wi-Fi firmware Recap: Similar to 0-init, 2-common, 3-base-server, 4 server-options and From cc9a55f13e24d42754e573e6b2eb658fcf383cfe Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 11:05:55 -0400 Subject: [PATCH 28/53] roles/1-prep/README.adoc: Offline hyperlink to templates/iiab-expand-rootfs --- roles/1-prep/README.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/README.adoc b/roles/1-prep/README.adoc index 0d275473b..fca0f26a6 100644 --- a/roles/1-prep/README.adoc +++ b/roles/1-prep/README.adoc @@ -15,7 +15,7 @@ username and group, to log into Admin Console /var/log subdirs on each boot * *_Hardware actions:_* ** Install package cloud-guest-utils for growpart - ** Install https://github.com/iiab/iiab/blob/master/roles/1-prep/templates/iiab-expand-rootfs[iiab-expand-rootfs] that acts on flag `/.expand-rootfs` at boot + ** Install link:templates/iiab-expand-rootfs[iiab-expand-rootfs] that acts on flag `/.expand-rootfs` at boot ** link:tasks/raspberry_pi.yml[*_raspberry_pi.yml_*]: *** RTC (real-time clock): install udev rule, configure, enable *** *_Install packages:_* From ee765e41d4b2f3977a35de0e9c4f4020039bd9d8 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 11:15:22 -0400 Subject: [PATCH 29/53] 1-prep/templates/iiab-expand-rootfs.service: Fix name iiab-expand-rootfs --- roles/1-prep/templates/iiab-expand-rootfs.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/templates/iiab-expand-rootfs.service b/roles/1-prep/templates/iiab-expand-rootfs.service index 2cd33ec11..ffc9bbd9b 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs.service +++ b/roles/1-prep/templates/iiab-expand-rootfs.service @@ -4,7 +4,7 @@ Description=Root Filesystem Auto-Resizer [Service] Environment=TERM=linux Type=oneshot -ExecStart=/usr/sbin/iiab-rpi-max-rootfs.sh +ExecStart=/usr/sbin/iiab-expand-rootfs StandardError=syslog RemainAfterExit=no From baab78197714a686009d3dc5fa8ef3bfd1ff59e6 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 11:47:09 -0400 Subject: [PATCH 30/53] 1-prep/templates/iiab-expand-rootfs: 'exit 1' if partition's not the last --- roles/1-prep/templates/iiab-expand-rootfs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/templates/iiab-expand-rootfs b/roles/1-prep/templates/iiab-expand-rootfs index baa4623dd..3ea6e51ad 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs +++ b/roles/1-prep/templates/iiab-expand-rootfs @@ -27,7 +27,7 @@ if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then if [ $ROOT_PART_NUM -ne $LAST_PART_NUM ]; then echo "ERROR: $ROOT_PART partition ($ROOT_PART_NUM) is not the last partition ($LAST_PART_NUM). Don't know how to expand." - return 0 + exit 1 fi # Expand partition From 85eb059addc47b002c4c1c6a8c7d03ace49eaaa1 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 12:17:51 -0400 Subject: [PATCH 31/53] Doc iiab-expand-rootfs + Explicit deps in 1-prep/tasks/hardware.yml --- roles/1-prep/tasks/hardware.yml | 6 ++++-- roles/1-prep/templates/iiab-expand-rootfs | 11 +++++------ 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/roles/1-prep/tasks/hardware.yml b/roles/1-prep/tasks/hardware.yml index c7557da5e..77469e6d4 100644 --- a/roles/1-prep/tasks/hardware.yml +++ b/roles/1-prep/tasks/hardware.yml @@ -1,6 +1,8 @@ -- name: Install package 'cloud-guest-utils' so growpart is available for expanding rootfs partition during boot +- name: Install packages 'parted' and 'cloud-guest-utils' (so /usr/bin/growpart is available for expanding rootfs partition during boot) package: - name: cloud-guest-utils # 2022-03-15: For RasPiOS especially. Ubuntu has still pre-installed, for use with cloud-init. + name: + - parted # 2022-03-15: RasPiOS and Ubuntu install this regardless -- so rarely nec but just in case. + - cloud-guest-utils # 2022-03-15: For growpart command, on RasPiOS especially. Ubuntu has this pre-installed, for use with cloud-init. state: present - name: "Install from templates: /usr/sbin/iiab-expand-rootfs, /etc/systemd/system/iiab-expand-rootfs.service" diff --git a/roles/1-prep/templates/iiab-expand-rootfs b/roles/1-prep/templates/iiab-expand-rootfs index 3ea6e51ad..8a208a078 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs +++ b/roles/1-prep/templates/iiab-expand-rootfs @@ -9,14 +9,11 @@ if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then echo "$0: Expanding rootfs partition" - if [ -x /usr/bin/raspi-config ]; then - # 2022-02-17: Works in many more situations, e.g. with USB disks (not - # just microSD cards). IF ONLY THIS ALSO WORKED ON Ubuntu/Mint/etc ! - - # Uses do_expand_rootfs() from: + if [ -x /usr/bin/raspi-config ]; then # Raspberry Pi OS + # 2022-02-17: Uses do_expand_rootfs() from: # https://github.com/RPi-Distro/raspi-config/blob/master/raspi-config raspi-config --expand-rootfs - else + else # Other Linux OS's # 2022-03-15: Borrows from above raspi-config URL's do_expand_rootfs() ROOT_PART="$(findmnt / -o SOURCE -n)" # e.g. /dev/sda2 or /dev/mmcblk0p2 ROOT_DEV="/dev/$(lsblk -no pkname "$ROOT_PART")" # e.g. /dev/sda or /dev/mmcblk0 @@ -34,6 +31,8 @@ if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then growpart $ROOT_DEV $ROOT_PART_NUM resize2fs $ROOT_PART + # 2022-03-15: Legacy code below for microSD cards but NOT USB boot disks + # # ASSUMES SD CARD STYLE PARTITION NAME LIKE p # # e.g. /dev/mmcblk0p2 mounts at / (typical RasPiOS microSD) # # BUT /dev/sda2 mounts at /media/usb1 (RasPiOS USB boot disk... From fc032efe8a37ac9740e082a6130003a97344b173 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 12:50:59 -0400 Subject: [PATCH 32/53] iiab-expand-rootfs: ALL kinds of boot disks should work! --- roles/1-prep/templates/iiab-expand-rootfs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/templates/iiab-expand-rootfs b/roles/1-prep/templates/iiab-expand-rootfs index 8a208a078..48c8872ba 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs +++ b/roles/1-prep/templates/iiab-expand-rootfs @@ -3,8 +3,10 @@ # Expand rootfs partition to its maximum size, if /.expand-rootfs exists. # Used by /etc/systemd/system/iiab-expand-rootfs.service on IIAB boot. -# Should work with most Linux OS's, regardless whether Raspberry Pi SD cards -# or external USB boot disks, etc. Verifies that rootfs is the last partition. +# Should work with all Linux OS's boot disks -- regardless whether Raspberry Pi +# microSD cards, external USB drives, internal spinning disks or SSD's, etc. + +# Verifies that rootfs is the last partition. if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then echo "$0: Expanding rootfs partition" From a9fe5902da864352a51a7daccf34b82910f6c7e8 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 12:59:31 -0400 Subject: [PATCH 33/53] iiab-expand-rootfs: Clarify legacy code shortcoming --- roles/1-prep/templates/iiab-expand-rootfs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/1-prep/templates/iiab-expand-rootfs b/roles/1-prep/templates/iiab-expand-rootfs index 48c8872ba..b28838cd0 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs +++ b/roles/1-prep/templates/iiab-expand-rootfs @@ -33,7 +33,8 @@ if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then growpart $ROOT_DEV $ROOT_PART_NUM resize2fs $ROOT_PART - # 2022-03-15: Legacy code below for microSD cards but NOT USB boot disks + # 2022-03-15: Legacy code below worked with Raspberry Pi microSD cards + # but *not* with USB boot drives, internal spinning disks/SSD's, etc. # # ASSUMES SD CARD STYLE PARTITION NAME LIKE p # # e.g. /dev/mmcblk0p2 mounts at / (typical RasPiOS microSD) From 52252044f100b9aaa7df7e84e225c9c36f8bf9c4 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 15 Mar 2022 12:47:39 -0500 Subject: [PATCH 34/53] generalize wifi dependencies based on hardware present --- roles/1-prep/tasks/hardware.yml | 16 ++++++++++++++++ roles/1-prep/tasks/raspberry_pi.yml | 12 +----------- roles/1-prep/tasks/wifi.yml | 14 ++++++++++++++ roles/2-common/tasks/network.yml | 3 +-- 4 files changed, 32 insertions(+), 13 deletions(-) create mode 100644 roles/1-prep/tasks/wifi.yml diff --git a/roles/1-prep/tasks/hardware.yml b/roles/1-prep/tasks/hardware.yml index 2650c7217..7b3f6fa5a 100644 --- a/roles/1-prep/tasks/hardware.yml +++ b/roles/1-prep/tasks/hardware.yml @@ -1,6 +1,22 @@ ## DISCOVER PLATFORMS ###### # Put conditional actions for hardware platforms here +- name: Look for any wireless devices present + shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}'" + register: has_wifi_device + ignore_errors: True + changed_when: False + +- name: Set has_wireless, if found + set_fact: + has_wireless: True + when: has_wifi_device.stdout is defined and item|trim != "" + with_items: + - "{{ has_wifi_device.stdout_lines }}" + +- include_tasks: wifi.yml + when: has_wireless is defined + - include_tasks: raspberry_pi.yml when: first_run and rpi_model != "none" diff --git a/roles/1-prep/tasks/raspberry_pi.yml b/roles/1-prep/tasks/raspberry_pi.yml index bc54f58af..745ce60b9 100644 --- a/roles/1-prep/tasks/raspberry_pi.yml +++ b/roles/1-prep/tasks/raspberry_pi.yml @@ -38,22 +38,12 @@ - name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' meta: noop -# 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) -# are provided by RaspiOS. Ubuntu|Debian on the other hand are hit or miss: -# desktops might have some/all 3 preinstalled, while servers tend not to have -# these present at all, but are needed to be installed if you want to take full -# advantage of WiFi on Ubuntu and friends -- but it's only enforced on RPi -# hardware where we know in advance of the likelihood of WiFi being present. - -- name: 'Install packages: cloud-guest-utils, dphys-swapfile, fake-hwclock, iw, rfkill, wireless-tools' +- name: 'Install packages: cloud-guest-utils, dphys-swapfile, fake-hwclock' package: name: - cloud-guest-utils # Contains 'growpart' for resizing a partition during boot, which is normally done with the aid of cloud-init - dphys-swapfile # 2021-07-27: RaspiOS installs this regardless -- autogenerate and use a swap file - fake-hwclock # 2021-07-27: RaspiOS installs this regardless -- save/restore system clock on machines without working RTC hardware - - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 - - rfkill # 2021-07-27: RaspiOS installs this regardless -- enable & disable wireless devices - - wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions state: present diff --git a/roles/1-prep/tasks/wifi.yml b/roles/1-prep/tasks/wifi.yml new file mode 100644 index 000000000..718376ab4 --- /dev/null +++ b/roles/1-prep/tasks/wifi.yml @@ -0,0 +1,14 @@ +# 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) +# are provided by RaspiOS. Ubuntu|Debian on the other hand are hit or miss: +# desktops might have some/all 3 preinstalled, while servers tend not to have +# these present at all, but are needed to be installed if you want to take full +# advantage of WiFi on Ubuntu and friends + +- name: 'Install packages: hostapd, iw, rfkill, wireless-tools' + package: + name: + - hostapd # IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired + - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 + - rfkill # 2021-07-27: RaspiOS installs this regardless -- enable & disable wireless devices + - wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions + state: present diff --git a/roles/2-common/tasks/network.yml b/roles/2-common/tasks/network.yml index 435c0bb1f..faff74dde 100644 --- a/roles/2-common/tasks/network.yml +++ b/roles/2-common/tasks/network.yml @@ -10,10 +10,9 @@ state: present when: not is_raspbian -- name: 'Install network packages: hostapd, iproute2, iptables-persistent, netmask -- later used by https://github.com/iiab/iiab/tree/master/roles/network' +- name: 'Install network packages: iproute2, iptables-persistent, netmask -- later used by https://github.com/iiab/iiab/tree/master/roles/network' package: name: - - hostapd # IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired - iproute2 # 2021-07-27: RaspiOS installs this regardless -- the new networking and traffic control tools, meant to replace net-tools - iptables-persistent # Boot-time loader for netfilter rules, iptables (firewall) plugin -- however Netfilter / nftables is ever moving forward so keep an eye on it! - netmask # Handy utility -- helps determine network masks From f32b9cec36462dbf647206a92867fd1e99683e47 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 14:38:42 -0400 Subject: [PATCH 35/53] 1-prep/tasks/hardware.yml: Clarify cloud-guest-utils isn't used on RasPiOS --- roles/1-prep/tasks/hardware.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/hardware.yml b/roles/1-prep/tasks/hardware.yml index 77469e6d4..edf9bb284 100644 --- a/roles/1-prep/tasks/hardware.yml +++ b/roles/1-prep/tasks/hardware.yml @@ -2,7 +2,7 @@ package: name: - parted # 2022-03-15: RasPiOS and Ubuntu install this regardless -- so rarely nec but just in case. - - cloud-guest-utils # 2022-03-15: For growpart command, on RasPiOS especially. Ubuntu has this pre-installed, for use with cloud-init. + - cloud-guest-utils # 2022-03-15: For growpart command -- though RasPiOS currently doesn't need this, as raspi-config's do_expand_rootfs() instead uses fdisk. Ubuntu pre-installs cloud-guest-utils, for use with cloud-init. state: present - name: "Install from templates: /usr/sbin/iiab-expand-rootfs, /etc/systemd/system/iiab-expand-rootfs.service" From 212d1fa765887ba3830099dd6bb8f7ffc289f5b1 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 14:52:46 -0400 Subject: [PATCH 36/53] iiab-expand-rootfs: raspi-config uses fdisk instead of growpart --- roles/1-prep/templates/iiab-expand-rootfs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/templates/iiab-expand-rootfs b/roles/1-prep/templates/iiab-expand-rootfs index b28838cd0..bc81bd302 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs +++ b/roles/1-prep/templates/iiab-expand-rootfs @@ -30,7 +30,7 @@ if [ -f /.expand-rootfs ] || [ -f /.resize-rootfs ]; then fi # Expand partition - growpart $ROOT_DEV $ROOT_PART_NUM + growpart $ROOT_DEV $ROOT_PART_NUM # raspi-config instead uses fdisk resize2fs $ROOT_PART # 2022-03-15: Legacy code below worked with Raspberry Pi microSD cards From 03a630b199ad43731e9be7be8aeed106f13ed910 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 15 Mar 2022 14:01:02 -0500 Subject: [PATCH 37/53] leave hostapd as was - has an unconditional systemd call in hostapd.yml --- roles/1-prep/tasks/wifi.yml | 3 +-- roles/2-common/tasks/network.yml | 3 ++- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/1-prep/tasks/wifi.yml b/roles/1-prep/tasks/wifi.yml index 718376ab4..f246fbea0 100644 --- a/roles/1-prep/tasks/wifi.yml +++ b/roles/1-prep/tasks/wifi.yml @@ -4,10 +4,9 @@ # these present at all, but are needed to be installed if you want to take full # advantage of WiFi on Ubuntu and friends -- name: 'Install packages: hostapd, iw, rfkill, wireless-tools' +- name: 'Install packages: iw, rfkill, wireless-tools' package: name: - - hostapd # IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 - rfkill # 2021-07-27: RaspiOS installs this regardless -- enable & disable wireless devices - wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions diff --git a/roles/2-common/tasks/network.yml b/roles/2-common/tasks/network.yml index faff74dde..435c0bb1f 100644 --- a/roles/2-common/tasks/network.yml +++ b/roles/2-common/tasks/network.yml @@ -10,9 +10,10 @@ state: present when: not is_raspbian -- name: 'Install network packages: iproute2, iptables-persistent, netmask -- later used by https://github.com/iiab/iiab/tree/master/roles/network' +- name: 'Install network packages: hostapd, iproute2, iptables-persistent, netmask -- later used by https://github.com/iiab/iiab/tree/master/roles/network' package: name: + - hostapd # IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired - iproute2 # 2021-07-27: RaspiOS installs this regardless -- the new networking and traffic control tools, meant to replace net-tools - iptables-persistent # Boot-time loader for netfilter rules, iptables (firewall) plugin -- however Netfilter / nftables is ever moving forward so keep an eye on it! - netmask # Handy utility -- helps determine network masks From 99247671bbf90cdffb9ff9023632196990f82ff5 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 15:15:21 -0400 Subject: [PATCH 38/53] 1-prep/templates/iiab-expand-rootfs.service: Update name --- roles/1-prep/templates/iiab-expand-rootfs.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/templates/iiab-expand-rootfs.service b/roles/1-prep/templates/iiab-expand-rootfs.service index ffc9bbd9b..4ac36fa42 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs.service +++ b/roles/1-prep/templates/iiab-expand-rootfs.service @@ -1,5 +1,5 @@ [Unit] -Description=Root Filesystem Auto-Resizer +Description=Root Filesystem Auto-Expander [Service] Environment=TERM=linux From cb62a64df6473dcfb48a75d48e620aabe8035f63 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 15 Mar 2022 15:57:56 -0400 Subject: [PATCH 39/53] 1-prep/README.adoc: Mention PR #3137 package 'parted' --- roles/1-prep/README.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/README.adoc b/roles/1-prep/README.adoc index fca0f26a6..484ab98d4 100644 --- a/roles/1-prep/README.adoc +++ b/roles/1-prep/README.adoc @@ -14,7 +14,7 @@ username and group, to log into Admin Console * Ubermix (distro) needs /etc/tmpfiles.d/iiab.conf to create essential /var/log subdirs on each boot * *_Hardware actions:_* - ** Install package cloud-guest-utils for growpart + ** Install packages parted and cloud-guest-utils (for growpart) ** Install link:templates/iiab-expand-rootfs[iiab-expand-rootfs] that acts on flag `/.expand-rootfs` at boot ** link:tasks/raspberry_pi.yml[*_raspberry_pi.yml_*]: *** RTC (real-time clock): install udev rule, configure, enable From 4a1e5a89ab80ac2c8ddbe6c6d72477978371bba3 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 18:30:19 -0400 Subject: [PATCH 40/53] 1-prep/tasks/hardware.yml: Cleaner modularization & assoc fixups --- roles/1-prep/tasks/hardware.yml | 40 ++----------------- roles/1-prep/tasks/install-expand-rootfs.yml | 20 ++++++++++ roles/1-prep/tasks/internal-wifi.yml | 33 +++++++++++++++ roles/1-prep/tasks/raspberry_pi.yml | 35 +++++----------- roles/1-prep/tasks/wifi.yml | 13 ------ .../templates/iiab-expand-rootfs.service | 4 +- roles/2-common/tasks/network.yml | 2 +- roles/2-common/tasks/packages.yml | 2 +- roles/iiab-admin/tasks/access.yml | 6 --- roles/iiab-admin/tasks/access.yml.unused | 6 +++ roles/iiab-admin/tasks/main.yml | 8 +++- 11 files changed, 84 insertions(+), 85 deletions(-) create mode 100644 roles/1-prep/tasks/install-expand-rootfs.yml create mode 100644 roles/1-prep/tasks/internal-wifi.yml delete mode 100644 roles/1-prep/tasks/wifi.yml delete mode 100644 roles/iiab-admin/tasks/access.yml create mode 100644 roles/iiab-admin/tasks/access.yml.unused diff --git a/roles/1-prep/tasks/hardware.yml b/roles/1-prep/tasks/hardware.yml index c397223e2..b28623884 100644 --- a/roles/1-prep/tasks/hardware.yml +++ b/roles/1-prep/tasks/hardware.yml @@ -1,43 +1,9 @@ -- name: Install packages 'parted' and 'cloud-guest-utils' (so /usr/bin/growpart is available for expanding rootfs partition during boot) - package: - name: - - parted # 2022-03-15: RasPiOS and Ubuntu install this regardless -- so rarely nec but just in case. - - cloud-guest-utils # 2022-03-15: For growpart command -- though RasPiOS currently doesn't need this, as raspi-config's do_expand_rootfs() instead uses fdisk. Ubuntu pre-installs cloud-guest-utils, for use with cloud-init. - state: present - -- name: "Install from templates: /usr/sbin/iiab-expand-rootfs, /etc/systemd/system/iiab-expand-rootfs.service" - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - with_items: - - { src: 'iiab-expand-rootfs', dest: '/usr/sbin/', mode: '0755' } - - { src: 'iiab-expand-rootfs.service', dest: '/etc/systemd/system/', mode: '0644' } - -- name: Enable /etc/systemd/system/iiab-expand-rootfs.service - systemd: - name: iiab-expand-rootfs - enabled: yes +- include_tasks: install-expand-rootfs.yml -## DISCOVER PLATFORMS ###### -# Put conditional actions for hardware platforms here +# Conditional hardware actions below: -- name: Look for any wireless devices present - shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}'" - register: has_wifi_device - ignore_errors: True - changed_when: False - -- name: Set has_wireless, if found - set_fact: - has_wireless: True - when: has_wifi_device.stdout is defined and item|trim != "" - with_items: - - "{{ has_wifi_device.stdout_lines }}" - -- include_tasks: wifi.yml - when: has_wireless is defined +- include_tasks: internal-wifi.yml - include_tasks: raspberry_pi.yml when: first_run and rpi_model != "none" diff --git a/roles/1-prep/tasks/install-expand-rootfs.yml b/roles/1-prep/tasks/install-expand-rootfs.yml new file mode 100644 index 000000000..a2f2d5aa9 --- /dev/null +++ b/roles/1-prep/tasks/install-expand-rootfs.yml @@ -0,0 +1,20 @@ +- name: Install packages 'parted' and 'cloud-guest-utils' (so /usr/bin/growpart is available for expanding rootfs partition during boot) + package: + name: + - parted # 2022-03-15: RasPiOS and Ubuntu install this regardless -- so rarely nec but just in case. + - cloud-guest-utils # 2022-03-15: For growpart command -- though RasPiOS currently doesn't need this, as raspi-config's do_expand_rootfs() instead uses fdisk. Ubuntu pre-installs cloud-guest-utils, for use with cloud-init. + state: present + +- name: "Install from templates: /usr/sbin/iiab-expand-rootfs, /etc/systemd/system/iiab-expand-rootfs.service" + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + with_items: + - { src: 'iiab-expand-rootfs', dest: '/usr/sbin/', mode: '0755' } + - { src: 'iiab-expand-rootfs.service', dest: '/etc/systemd/system/', mode: '0644' } + +- name: Enable /etc/systemd/system/iiab-expand-rootfs.service + systemd: + name: iiab-expand-rootfs + enabled: yes diff --git a/roles/1-prep/tasks/internal-wifi.yml b/roles/1-prep/tasks/internal-wifi.yml new file mode 100644 index 000000000..24422d36b --- /dev/null +++ b/roles/1-prep/tasks/internal-wifi.yml @@ -0,0 +1,33 @@ +- name: Look for any wireless devices present + shell: "ls -la /sys/class/net/*/phy80211 | cut -d/ -f5" + register: has_wifi_device + ignore_errors: True + changed_when: False + +- name: Set internal_wifi, if found + set_fact: + internal_wifi: True + when: has_wifi_device.stdout is defined and item|trim != "" + with_items: + - "{{ has_wifi_device.stdout_lines }}" + +# 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) +# are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: +# desktops might have some/all 3 preinstalled, while servers tend not to have +# these present at all, but are needed to be installed if you want to take full +# advantage of WiFi on Ubuntu and friends. + +- name: 'Install packages: iw, rfkill, wireless-tools' + package: + name: + - iw # 2021-07-27: RasPiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 + - rfkill # 2021-07-27: RasPiOS installs this regardless -- enable & disable wireless devices + - wireless-tools # 2021-07-27: RasPiOS installs this regardless -- manipulate Linux Wireless Extensions + state: present + when: internal_wifi is defined + +- name: '2021-07-27: SEE ALSO ~4 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml' + meta: noop + +- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' + meta: noop diff --git a/roles/1-prep/tasks/raspberry_pi.yml b/roles/1-prep/tasks/raspberry_pi.yml index 90a312521..fbc8cc784 100644 --- a/roles/1-prep/tasks/raspberry_pi.yml +++ b/roles/1-prep/tasks/raspberry_pi.yml @@ -4,9 +4,6 @@ template: src: 92-rtc-i2c.rules dest: /etc/udev/rules.d/92-rtc-i2c.rules - #owner: root - #group: root - #mode: 0644 when: rtc_id is defined and rtc_id != "none" # RTC requires a change to the device tree (and reboot) @@ -24,30 +21,12 @@ state: present when: rtc_id is defined and rtc_id != "none" and is_ubuntu # CLARIF: Ubuntu runs increasingly well on RPi hardware, starting in 2020 especially -#- name: Enable bluetooth in /boot/firmware/syscfg.txt on Ubuntu (needs reboot) -# lineinfile: -# path: /boot/firmware/syscfg.txt -# regexp: '^include*' -# line: 'include btcfg.txt' -# when: is_ubuntu - -- name: '2021-07-27: SEE ALSO ~4 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml' - meta: noop - -- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' - meta: noop - -# 2022-03-15: This section is effectively now useless on RasPiOS (but apparently -# serves a purpose on Ubuntu on RPi, where it installs dphys-swapfile and -# fake-hwclock). Still: @jvonau's above explanation of other OS's / other HW -# suggest this code should possibly move in future, to helps others too? - -- name: 'Install packages: dphys-swapfile, fake-hwclock' +- name: 'Install packages: fake-hwclock, dphys-swapfile' package: name: - - dphys-swapfile # 2021-03-15: For Ubuntu on RPi? RasPiOS installs this regardless -- autogenerate and use a swap file - - fake-hwclock # 2021-03-15: For Ubuntu on RPi? RasPiOS installs this regardless -- save/restore system clock on machines without working RTC hardware + - fake-hwclock # 2021-03-15: Missing on Ubuntu etc. RasPiOS installs this regardless -- to save/restore system clock on machines w/o working RTC (above). + - dphys-swapfile # 2021-03-15: Missing on Ubuntu etc. RasPiOS installs this regardless -- to autogenerate and use a swap file (below). state: present - name: Increase swap file size (to CONF_SWAPSIZE={{ pi_swap_file_size }} in /etc/dphys-swapfile) as kalite pip download fails @@ -61,3 +40,11 @@ systemd: # Had been...a rare/legacy service that was NOT systemd name: dphys-swapfile state: restarted + + +#- name: Enable bluetooth in /boot/firmware/syscfg.txt on Ubuntu (needs reboot) +# lineinfile: +# path: /boot/firmware/syscfg.txt +# regexp: '^include*' +# line: 'include btcfg.txt' +# when: is_ubuntu diff --git a/roles/1-prep/tasks/wifi.yml b/roles/1-prep/tasks/wifi.yml deleted file mode 100644 index f246fbea0..000000000 --- a/roles/1-prep/tasks/wifi.yml +++ /dev/null @@ -1,13 +0,0 @@ -# 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) -# are provided by RaspiOS. Ubuntu|Debian on the other hand are hit or miss: -# desktops might have some/all 3 preinstalled, while servers tend not to have -# these present at all, but are needed to be installed if you want to take full -# advantage of WiFi on Ubuntu and friends - -- name: 'Install packages: iw, rfkill, wireless-tools' - package: - name: - - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 - - rfkill # 2021-07-27: RaspiOS installs this regardless -- enable & disable wireless devices - - wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions - state: present diff --git a/roles/1-prep/templates/iiab-expand-rootfs.service b/roles/1-prep/templates/iiab-expand-rootfs.service index 4ac36fa42..f7f68402c 100644 --- a/roles/1-prep/templates/iiab-expand-rootfs.service +++ b/roles/1-prep/templates/iiab-expand-rootfs.service @@ -5,7 +5,9 @@ Description=Root Filesystem Auto-Expander Environment=TERM=linux Type=oneshot ExecStart=/usr/sbin/iiab-expand-rootfs -StandardError=syslog +# "Standard output type syslog is obsolete" +# StandardError=syslog +# WHEREAS StandardError=journal is the default, per https://www.freedesktop.org/software/systemd/man/systemd.exec.html#StandardOutput= RemainAfterExit=no [Install] diff --git a/roles/2-common/tasks/network.yml b/roles/2-common/tasks/network.yml index 435c0bb1f..f7c560f8b 100644 --- a/roles/2-common/tasks/network.yml +++ b/roles/2-common/tasks/network.yml @@ -1,4 +1,4 @@ -- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/raspberry_pi.yml' +- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/internal-wifi.yml' meta: noop - name: '2021-07-27: SEE ALSO ~4 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml' diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 81bc35c94..2f5694d31 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -1,4 +1,4 @@ -- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/raspberry_pi.yml' +- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/internal-wifi.yml' meta: noop - name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' diff --git a/roles/iiab-admin/tasks/access.yml b/roles/iiab-admin/tasks/access.yml deleted file mode 100644 index e7281c4dc..000000000 --- a/roles/iiab-admin/tasks/access.yml +++ /dev/null @@ -1,6 +0,0 @@ -- name: "Install text mode packages, useful during remote access: screen, lynx" - package: - name: - - lynx - - screen - state: present diff --git a/roles/iiab-admin/tasks/access.yml.unused b/roles/iiab-admin/tasks/access.yml.unused new file mode 100644 index 000000000..639a3d8a6 --- /dev/null +++ b/roles/iiab-admin/tasks/access.yml.unused @@ -0,0 +1,6 @@ +- name: "Install text-mode packages, useful during remote access: lynx, screen" + package: + name: + - lynx + - screen + state: present diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index ce4451003..f2a048e33 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -2,8 +2,12 @@ # https://github.com/iiab/iiab/blob/master/roles/iiab-admin/README.rst -- name: Install lynx, screen - include_tasks: access.yml +- name: "Install text-mode packages, useful during remote access: lynx, screen" + package: + name: + - lynx + - screen + state: present - name: Install sudo & /etc/sudoers with logging to /var/log/sudo.log include_tasks: sudo-prereqs.yml From 566bef36c8c5e1966b3f450ec979fd477c180497 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 19:45:29 -0400 Subject: [PATCH 41/53] 1-prep/tasks/internal-wifi.yml: Ansible code touch-ups --- roles/1-prep/tasks/internal-wifi.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/roles/1-prep/tasks/internal-wifi.yml b/roles/1-prep/tasks/internal-wifi.yml index 24422d36b..2751dfd13 100644 --- a/roles/1-prep/tasks/internal-wifi.yml +++ b/roles/1-prep/tasks/internal-wifi.yml @@ -1,5 +1,5 @@ - name: Look for any wireless devices present - shell: "ls -la /sys/class/net/*/phy80211 | cut -d/ -f5" + shell: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5 register: has_wifi_device ignore_errors: True changed_when: False @@ -7,9 +7,7 @@ - name: Set internal_wifi, if found set_fact: internal_wifi: True - when: has_wifi_device.stdout is defined and item|trim != "" - with_items: - - "{{ has_wifi_device.stdout_lines }}" + when: has_wifi_device is defined and has_wifi_device.stdout | trim != "" # 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) # are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: From 67ebb0b2a114ea355868d649d64797887ffe8422 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 15 Mar 2022 22:17:36 -0400 Subject: [PATCH 42/53] Cleaner internal-wifi.yml + install-expand-rootfs.yml --- roles/1-prep/tasks/install-expand-rootfs.yml | 6 +++--- roles/1-prep/tasks/internal-wifi.yml | 11 ++++++----- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/roles/1-prep/tasks/install-expand-rootfs.yml b/roles/1-prep/tasks/install-expand-rootfs.yml index a2f2d5aa9..54d77c55b 100644 --- a/roles/1-prep/tasks/install-expand-rootfs.yml +++ b/roles/1-prep/tasks/install-expand-rootfs.yml @@ -1,7 +1,7 @@ -- name: Install packages 'parted' and 'cloud-guest-utils' (so /usr/bin/growpart is available for expanding rootfs partition during boot) +- name: Install packages 'parted' and 'cloud-guest-utils' (for /usr/bin/growpart, though raspi-config uses fdisk) package: name: - - parted # 2022-03-15: RasPiOS and Ubuntu install this regardless -- so rarely nec but just in case. + - parted # 2022-03-15: RasPiOS and Ubuntu install this regardless -- so rarely nec, but just in case. - cloud-guest-utils # 2022-03-15: For growpart command -- though RasPiOS currently doesn't need this, as raspi-config's do_expand_rootfs() instead uses fdisk. Ubuntu pre-installs cloud-guest-utils, for use with cloud-init. state: present @@ -14,7 +14,7 @@ - { src: 'iiab-expand-rootfs', dest: '/usr/sbin/', mode: '0755' } - { src: 'iiab-expand-rootfs.service', dest: '/etc/systemd/system/', mode: '0644' } -- name: Enable /etc/systemd/system/iiab-expand-rootfs.service +- name: Enable iiab-expand-rootfs.service systemd: name: iiab-expand-rootfs enabled: yes diff --git a/roles/1-prep/tasks/internal-wifi.yml b/roles/1-prep/tasks/internal-wifi.yml index 2751dfd13..62527a678 100644 --- a/roles/1-prep/tasks/internal-wifi.yml +++ b/roles/1-prep/tasks/internal-wifi.yml @@ -1,13 +1,14 @@ -- name: Look for any wireless devices present +- name: "Look for any WiFi devices present: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5" shell: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5 - register: has_wifi_device + register: wifi_devices ignore_errors: True changed_when: False -- name: Set internal_wifi, if found +- name: "Set internal_wifi: True, if output (from above) shows device(s) here: {{ wifi_devices.stdout_lines }}" set_fact: internal_wifi: True - when: has_wifi_device is defined and has_wifi_device.stdout | trim != "" + when: wifi_devices is defined and wifi_devices.stdout_lines | length > 0 + # when: wifi_devices is defined and wifi_devices.stdout | trim != "" # 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) # are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: @@ -15,7 +16,7 @@ # these present at all, but are needed to be installed if you want to take full # advantage of WiFi on Ubuntu and friends. -- name: 'Install packages: iw, rfkill, wireless-tools' +- name: Install packages {iw, rfkill, wireless-tools} if internal_wifi ({{ internal_wifi }}) is defined package: name: - iw # 2021-07-27: RasPiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 From 0ef3a5c9d3c155ed44d11bb3bafa748cfa6ea759 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 15 Mar 2022 22:35:50 -0400 Subject: [PATCH 43/53] 1-prep/tasks/main.yml: Clarify hardware.yml subroutines (PR #3139) --- roles/1-prep/tasks/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 0732c6dd8..6043b99dc 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -29,7 +29,9 @@ - include_tasks: uuid.yml - include_tasks: ubermix.yml -- include_tasks: hardware.yml # Can run raspberry_pi.yml + +# Runs install-expand-rootfs.yml, internal-wifi.yml & if nec: raspberry_pi.yml +- include_tasks: hardware.yml # Debian 10 "Buster" is apparently enabling AppArmor in 2019: From afb9c0e8752196a61679be9bad99a535af6aebb9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 15 Mar 2022 23:40:05 -0400 Subject: [PATCH 44/53] 2-common/tasks/main.yml & network.html: Mention 1-prep/tasks/internal-wifi.yml --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index a89928992..ad5d29499 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -8,7 +8,7 @@ - include_tasks: packages.yml -- name: "Network prep, including partial setup of iptables (firewall) -- SEE ALSO: 1-prep/tasks/raspberry_pi.yml" +- name: "Network prep, including partial setup of iptables (firewall) -- SEE ALSO: 1-prep/tasks/internal-wifi.yml" include_tasks: network.yml - include_tasks: iiab-startup.yml From db1531eef57091083dd40f9612c309b7af64019e Mon Sep 17 00:00:00 2001 From: root Date: Wed, 16 Mar 2022 14:35:58 -0400 Subject: [PATCH 45/53] 1-prep -> 2-common: Consolidate/Clarify packages.yml + network.yml --- roles/1-prep/README.adoc | 8 ++-- roles/1-prep/tasks/hardware.yml | 18 ++++++- roles/1-prep/tasks/internal-wifi.yml | 32 ------------- roles/1-prep/tasks/main.yml | 4 +- roles/2-common/tasks/main.yml | 2 +- roles/2-common/tasks/network.yml | 38 ++++++++++----- roles/2-common/tasks/packages.yml | 71 ++++++++++++---------------- 7 files changed, 81 insertions(+), 92 deletions(-) delete mode 100644 roles/1-prep/tasks/internal-wifi.yml diff --git a/roles/1-prep/README.adoc b/roles/1-prep/README.adoc index 484ab98d4..66c894248 100644 --- a/roles/1-prep/README.adoc +++ b/roles/1-prep/README.adoc @@ -14,16 +14,18 @@ username and group, to log into Admin Console * Ubermix (distro) needs /etc/tmpfiles.d/iiab.conf to create essential /var/log subdirs on each boot * *_Hardware actions:_* - ** Install packages parted and cloud-guest-utils (for growpart) - ** Install link:templates/iiab-expand-rootfs[iiab-expand-rootfs] that acts on flag `/.expand-rootfs` at boot + ** link:tasks/install-expand-rootfs.yml[*_install-expand-rootfs.yml_*]: + *** Install packages parted and cloud-guest-utils (for growpart) + *** Install link:templates/iiab-expand-rootfs[/usr/sbin/iiab-expand-rootfs] that acts on flag flag `/.expand-rootfs` + *** Enable iiab-expand-rootfs.service so this can happen during any future boot-up ** link:tasks/raspberry_pi.yml[*_raspberry_pi.yml_*]: *** RTC (real-time clock): install udev rule, configure, enable *** *_Install packages:_* **** dphys-swapfile (for swapfile) **** fake-hwclock (as RTC is often missing or dead!) - **** iw, rfkill, wireless-tools (for internal Wi-Fi) *** Increase swap file size (to `pi_swap_file_size`) ** NUC 6 Wi-Fi firmware + ** Check for WiFi devices (if so, set `has_wifi_device`) Recap: Similar to 0-init, 2-common, 3-base-server, 4 server-options and 5-xo-services — this 1st stage installs core server infra (that is not diff --git a/roles/1-prep/tasks/hardware.yml b/roles/1-prep/tasks/hardware.yml index b28623884..4c50c0d8a 100644 --- a/roles/1-prep/tasks/hardware.yml +++ b/roles/1-prep/tasks/hardware.yml @@ -3,8 +3,6 @@ # Conditional hardware actions below: -- include_tasks: internal-wifi.yml - - include_tasks: raspberry_pi.yml when: first_run and rpi_model != "none" @@ -20,3 +18,19 @@ dest: /lib/firmware timeout: "{{ download_timeout }}" when: usb_NUC6.stdout|int > 0 + + +- name: "Look for any WiFi devices present: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5" + shell: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5 + register: wifi_devices + ignore_errors: True + changed_when: False + +- name: "Set has_wifi_device: True, if output (from above) shows device(s) here: {{ wifi_devices.stdout_lines }}" + set_fact: + has_wifi_device: True + when: wifi_devices is defined and wifi_devices.stdout_lines | length > 0 + # when: wifi_devices is defined and wifi_devices.stdout | trim != "" + +- debug: + var: has_wifi_device diff --git a/roles/1-prep/tasks/internal-wifi.yml b/roles/1-prep/tasks/internal-wifi.yml deleted file mode 100644 index 62527a678..000000000 --- a/roles/1-prep/tasks/internal-wifi.yml +++ /dev/null @@ -1,32 +0,0 @@ -- name: "Look for any WiFi devices present: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5" - shell: ls -la /sys/class/net/*/phy80211 | cut -d/ -f5 - register: wifi_devices - ignore_errors: True - changed_when: False - -- name: "Set internal_wifi: True, if output (from above) shows device(s) here: {{ wifi_devices.stdout_lines }}" - set_fact: - internal_wifi: True - when: wifi_devices is defined and wifi_devices.stdout_lines | length > 0 - # when: wifi_devices is defined and wifi_devices.stdout | trim != "" - -# 2021-07-27 explanation from @jvonau: The 3 BELOW (iw, rfkill, wireless-tools) -# are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: -# desktops might have some/all 3 preinstalled, while servers tend not to have -# these present at all, but are needed to be installed if you want to take full -# advantage of WiFi on Ubuntu and friends. - -- name: Install packages {iw, rfkill, wireless-tools} if internal_wifi ({{ internal_wifi }}) is defined - package: - name: - - iw # 2021-07-27: RasPiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 - - rfkill # 2021-07-27: RasPiOS installs this regardless -- enable & disable wireless devices - - wireless-tools # 2021-07-27: RasPiOS installs this regardless -- manipulate Linux Wireless Extensions - state: present - when: internal_wifi is defined - -- name: '2021-07-27: SEE ALSO ~4 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml' - meta: noop - -- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' - meta: noop diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 6043b99dc..9f44befc8 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -30,8 +30,8 @@ - include_tasks: uuid.yml - include_tasks: ubermix.yml -# Runs install-expand-rootfs.yml, internal-wifi.yml & if nec: raspberry_pi.yml -- include_tasks: hardware.yml +- name: install-expand-rootfs.yml, raspberry_pi.yml, NUC6 WiFi firmware, check for WiFi devices + include_tasks: hardware.yml # Debian 10 "Buster" is apparently enabling AppArmor in 2019: diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index ad5d29499..9ed8ff007 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -8,7 +8,7 @@ - include_tasks: packages.yml -- name: "Network prep, including partial setup of iptables (firewall) -- SEE ALSO: 1-prep/tasks/internal-wifi.yml" +- name: Install network packages (including many WiFi tools, and also iptables-persistent for firewall) include_tasks: network.yml - include_tasks: iiab-startup.yml diff --git a/roles/2-common/tasks/network.yml b/roles/2-common/tasks/network.yml index f7c560f8b..c043a0bc3 100644 --- a/roles/2-common/tasks/network.yml +++ b/roles/2-common/tasks/network.yml @@ -1,22 +1,37 @@ -- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/internal-wifi.yml' - meta: noop - -- name: '2021-07-27: SEE ALSO ~4 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml' - meta: noop +# 2022-03-16: 'apt show | grep Size' revealed download sizes, on 64-bit RasPiOS with desktop. - name: Install package networkd-dispatcher (OS's other than RaspiOS) package: - name: networkd-dispatcher # Dispatcher service for systemd-networkd connection status changes + name: networkd-dispatcher # 15kB download: Dispatcher service for systemd-networkd connection status changes state: present when: not is_raspbian -- name: 'Install network packages: hostapd, iproute2, iptables-persistent, netmask -- later used by https://github.com/iiab/iiab/tree/master/roles/network' +# 2021-07-27 from @jvonau: 3 apt packages BELOW (iw, rfkill, wireless-tools) +# are provided by RasPiOS. Ubuntu|Debian on the other hand are hit or miss: +# desktops might have some/all 3 preinstalled, while servers tend not to have +# these present at all, but need to be installed if you want to take full +# advantage of WiFi on Ubuntu and friends. +# +# 2022-03-16 update: Let's make these 3 mandatory as they're only 300kB (grand +# total download size) and they can help IIAB field operators with BOTH +# (1) internal WiFi AND (2) USB WiFi devices inserted anytime/later. + +- name: 'Install 11 network packages: avahi-daemon, hostapd, iproute2, iptables-persistent, iw, libnss-mdns, netmask, net-tools, rfkill, wpasupplicant, wpasupplicant -- later used by https://github.com/iiab/iiab/tree/master/roles/network' package: name: - - hostapd # IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired - - iproute2 # 2021-07-27: RaspiOS installs this regardless -- the new networking and traffic control tools, meant to replace net-tools - - iptables-persistent # Boot-time loader for netfilter rules, iptables (firewall) plugin -- however Netfilter / nftables is ever moving forward so keep an eye on it! - - netmask # Handy utility -- helps determine network masks + - avahi-daemon # 97kB download: RaspiOS (and package libnss-mnds, below) install this regardless -- holdover from the XO days and used to advertise ssh/admin-console being available via avahi-daemon -- used with https://github.com/iiab/iiab/blob/master/roles/network/tasks/avahi.yml + #- avahi-discover # 46kB download: 2021-07-27: Commented out long ago + - hostapd # 764kB download: IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator -- has its service masked out of the box, and only used when IIAB's network roles detects the presence of WiFi and an AP is desired + #- inetutils-syslogd # 240kB download: 2021-07-27: Error logging facility -- holdover from the XO days, journalctl has replaced this in newer distros + - iproute2 # 902kB download: RaspiOS installs this regardless -- the new networking and traffic control tools, meant to replace net-tools + - iptables-persistent # 12kB download: Boot-time loader for netfilter rules, iptables (firewall) plugin -- however Netfilter / nftables is ever moving forward so keep an eye on it! + - iw # 97kB download: RasPiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 + - libnss-mdns # 27kB download: RaspiOS (and package avahi-daemon, above) install this regardless -- client-side library -- provides name resolution via mDNS (Multicast DNS) using Zeroconf/Bonjour e.g. Avahi + - netmask # 25kB download: Handy utility -- helps determine network masks + - net-tools # 248kB download: RaspiOS installs this regardless -- @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output? + - rfkill # 87kB download: RasPiOS installs this regardless -- enable & disable wireless devices + - wireless-tools # 112kB download: RasPiOS installs this regardless -- manipulate Linux Wireless Extensions + - wpasupplicant # 1188kB download: RasPiOS installs this regardless -- client library for connections to a WiFi AP state: present # 2021-08-17: Debian ignores this, according to 2013 post: @@ -27,6 +42,7 @@ # dest: /etc/network/if-pre-up.d/iptables # mode: '0755' + # Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes: - name: "Use 'sysctl' to set 'kernel.core_uses_pid: 1' + 4 network settings in /etc/sysctl.conf -- e.g. disabling IPv6 (this might be overkill, as IPv6 should really only be disabled on the LAN side, i.e. br0)" sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 2f5694d31..d731b25fc 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -1,47 +1,36 @@ -- name: '2021-07-27: SEE ALSO ~3 networking packages EARLIER installed by https://github.com/iiab/iiab/blob/master/roles/1-prep/tasks/internal-wifi.yml' - meta: noop +# 2022-03-16: 'apt show | grep Size' revealed download sizes, on 64-bit RasPiOS with desktop. -- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml' - meta: noop - -- name: "Install 20 common packages: acpid, avahi-daemon, bzip2, curl, gawk, htop, i2c-tools, libnss-mdns, logrotate, mlocate, net-tools, pandoc, pastebinit, rsync, sqlite3, tar, unzip, usbutils, wget, wpasupplicant" +- name: "Install 16 common packages: acpid, bzip2, curl, gawk, htop, i2c-tools, logrotate, mlocate, pandoc, pastebinit, rsync, sqlite3, tar, unzip, usbutils, wget" package: name: - - acpid # Daemon for ACPI (power mgmt) events - - avahi-daemon # 2021-07-27: RaspiOS (and package libnss-mnds, below) install this regardless -- holdover from the XO days and used to advertise ssh/admin-console being available via avahi-daemon -- used with https://github.com/iiab/iiab/blob/master/roles/network/tasks/avahi.yml - #- avahi-discover # 2021-07-27: Commented out long ago - - bzip2 # 2021-04-26: Prob not used, but can't hurt? - - curl # Used to install roles/nodejs and roles/nodered - #- etckeeper # "nobody is really using etckeeper and it's bloating the filesystem every time apt runs" per @jvonau at https://github.com/iiab/iiab/issues/1146 - #- exfat-fuse # 2021-07-27: Should no longer be nec with 5.4+ kernels, so let's try commenting it out - #- exfat-utils # Ditto! See also 'ntfs-3g' below - - gawk - - htop - - i2c-tools # Low-level bus/chip/register/EEPROM tools e.g. for RTC - #- inetutils-syslogd # 2021-07-27: Error logging facility -- holdover from the XO days, journalctl has replaced this in newer distros - #- iproute2 # Installed by roles/2-common/tasks/network.yml - - logrotate - - libnss-mdns # 2021-07-27: RaspiOS (and package avahi-daemon, above) install this regardless -- client-side library -- provides name resolution via mDNS (Multicast DNS) using Zeroconf/Bonjour e.g. Avahi - #- lynx # Installed by 1-prep's roles/iiab-admin/tasks/access.yml - #- make # 2021-07-27: Currently used by roles/pbx and no other roles - - mlocate - - net-tools # 2021-04-26: @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output? - #- ntfs-3g # 2021-07-31: RaspiOS installs this regardless -- but this should no longer be nec with 5.4+ kernels, similar to exfat packages above -- however, see also this symlink warning: https://superuser.com/questions/1050544/mount-with-kernel-ntfs-and-not-ntfs-3g -- and upcoming kernel 5.15 improvements: https://www.phoronix.com/scan.php?page=news_item&px=New-NTFS-Likely-For-Linux-5.15 - #- openssh-server # ssh (Raspbian) or openssh-server (other OS's) already installed by 1-prep's roles/sshd/tasks/main.yml - - pandoc # For /usr/bin/iiab-refresh-wiki-docs - - pastebinit # For /usr/bin/iiab-diagnostics - #- python3-pip # 2021-07-29: Already installed by /opt/iiab/iiab/scripts/ansible -- this auto-installs 'python3-setuptools' and 'python3' etc - #- python3-venv # 2021-07-30: For Ansible module 'pip' used in roles like {calibre-web, jupyterhub, lokole} -- whereas roles/kalite uses (virtual) package 'virtualenv' for Python 2 -- all these 3+1 IIAB roles install 'python3-venv' for themselves. FYI: Debian 11 auto-installs 'python3-venv' when you install 'python3' -- whereas Ubuntu (e.g. 20.04 & 21.10) and RaspiOS 10 do not. - - rsync - #- screen # Installed by 1-prep's roles/iiab-admin/tasks/access.yml - - sqlite3 - #- sudo # (1) Should be installed prior to installing IIAB, (2) Can also be installed by roles/1-prep's roles/openvpn/tasks/install.yml, (3) Is definitely installed by 1-prep's roles/iiab-admin/tasks/sudo-prereqs.yml - - tar - - unzip - #- usbmount # Moved to roles/usb_lib/tasks/install.yml - - usbutils # 2021-07-27: RaspiOS installs this regardless -- move to roles/usb_lib/tasks/install.yml ? - - wget - - wpasupplicant # 2021-07-27: RaspiOS installs this regardless -- client library for connections to a WiFi AP + - acpid # 55kB download: Daemon for ACPI (power mgmt) events + - bzip2 # 47kB download: RasPiOS installs this regardless -- 2021-04-26: Prob not used, but can't hurt? + - curl # 254kB download: RasPiOS installs this regardless -- Used to install roles/nodejs and roles/nodered + #- etckeeper # 54kB download: "nobody is really using etckeeper and it's bloating the filesystem every time apt runs" per @jvonau at https://github.com/iiab/iiab/issues/1146 + #- exfat-fuse # 28kB download: 2021-07-27: Should no longer be nec with 5.4+ kernels, so let's try commenting it out + #- exfat-utils # 41kB download: Ditto! See also 'ntfs-3g' below + - gawk # 533kB download + - htop # 109kB download: RasPiOS installs this regardless + - i2c-tools # 78kB download: RasPiOS installs this regardless -- Low-level bus/chip/register/EEPROM tools e.g. for RTC + - logrotate # 67kB download: RasPiOS installs this regardless + #- lynx # 505kB download: Installed by 1-prep's roles/iiab-admin/tasks/main.yml + #- make # 376kB download: 2021-07-27: Currently used by roles/pbx and no other roles + - mlocate # 92kB download + #- ntfs-3g # 379kB download: RaspiOS installs this regardless -- 2021-07-31: But this should no longer be nec with 5.4+ kernels, similar to exfat packages above -- however, see also this symlink warning: https://superuser.com/questions/1050544/mount-with-kernel-ntfs-and-not-ntfs-3g -- and upcoming kernel 5.15 improvements: https://www.phoronix.com/scan.php?page=news_item&px=New-NTFS-Likely-For-Linux-5.15 + #- openssh-server # 318kB download: RasPiOS installs this regardless -- this is also installed by 1-prep's roles/sshd/tasks/main.yml to cover all OS's + - pandoc # 19kB download: For /usr/bin/iiab-refresh-wiki-docs + - pastebinit # 47kB download: For /usr/bin/iiab-diagnostics + #- python3-pip # 337kB download: RasPiOS installs this regardless -- 2021-07-29: And already installed by /opt/iiab/iiab/scripts/ansible -- this auto-installs 'python3-setuptools' and 'python3' etc + #- python3-venv # 1188kB download: RasPiOS installs this regardless -- 2021-07-30: For Ansible module 'pip' used in roles like {calibre-web, jupyterhub, lokole} -- whereas roles/kalite uses (virtual) package 'virtualenv' for Python 2 -- all these 3+1 IIAB roles install 'python3-venv' for themselves. FYI: Debian 11 auto-installs 'python3-venv' when you install 'python3' -- whereas Ubuntu (e.g. 20.04 & 21.10) and RaspiOS 10 did not. + - rsync # 351kB download: RasPiOS installs this regardless + #- screen # 551kB download: Installed by 1-prep's roles/iiab-admin/tasks/main.yml + - sqlite3 # 1054kB download + #- sudo # 991kB download: RasPiOS installs this regardless -- (2) Can also be installed by roles/1-prep's roles/openvpn/tasks/install.yml, (3) Is definitely installed by 1-prep's roles/iiab-admin/tasks/sudo-prereqs.yml + - tar # 799kB download: RasPiOS installs this regardless + - unzip # 151kB download: RasPiOS installs this regardless + #- usbmount # 18kB download: Moved to roles/usb_lib/tasks/install.yml + - usbutils # 67kB download: RasPiOS installs this regardless -- 2021-07-27: move to roles/usb_lib/tasks/install.yml ? + - wget # 922kB download: RasPiOS installs this regardless state: present #- name: "Install 10 yum/dnf packages: avahi, avahi-tools, createrepo, linux-firmware, nss-mdns, openssl, syslog, wpa_supplicant, xml-common, yum-utils (redhat)" From f2fb975371be968f7715aeb3b6bb80a8aada99f1 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 16 Mar 2022 15:36:48 -0400 Subject: [PATCH 46/53] 1-prep & 2-common: Clean README.adoc intro docs --- roles/1-prep/README.adoc | 6 ++---- roles/2-common/README.adoc | 6 ++---- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/roles/1-prep/README.adoc b/roles/1-prep/README.adoc index 66c894248..9d0154d73 100644 --- a/roles/1-prep/README.adoc +++ b/roles/1-prep/README.adoc @@ -15,14 +15,12 @@ username and group, to log into Admin Console /var/log subdirs on each boot * *_Hardware actions:_* ** link:tasks/install-expand-rootfs.yml[*_install-expand-rootfs.yml_*]: - *** Install packages parted and cloud-guest-utils (for growpart) + *** Install https://en.wikipedia.org/wiki/APT_(software)[apt] packages parted (reveals last partition) and cloud-guest-utils (for growpart) *** Install link:templates/iiab-expand-rootfs[/usr/sbin/iiab-expand-rootfs] that acts on flag flag `/.expand-rootfs` *** Enable iiab-expand-rootfs.service so this can happen during any future boot-up ** link:tasks/raspberry_pi.yml[*_raspberry_pi.yml_*]: *** RTC (real-time clock): install udev rule, configure, enable - *** *_Install packages:_* - **** dphys-swapfile (for swapfile) - **** fake-hwclock (as RTC is often missing or dead!) + *** Install apt packages fake-hwclock (as above RTC is often missing or dead!) and dphys-swapfile (for swap file below) *** Increase swap file size (to `pi_swap_file_size`) ** NUC 6 Wi-Fi firmware ** Check for WiFi devices (if so, set `has_wifi_device`) diff --git a/roles/2-common/README.adoc b/roles/2-common/README.adoc index 83943e761..3397bf2a3 100644 --- a/roles/2-common/README.adoc +++ b/roles/2-common/README.adoc @@ -9,10 +9,8 @@ https://internet-in-a-box.org/[Internet-in-a-Box (IIAB)] server. These are (partially) put in place: * IIAB directory structure (link:tasks/fl.yml[file layout]) -* Common https://en.wikipedia.org/wiki/APT_(software)[apt] software -packages -* Networking (including the -https://en.wikipedia.org/wiki/Iptables[iptables] firewall) +* Common https://en.wikipedia.org/wiki/APT_(software)[apt] software packages +* Networking apt packages (including many WiFi tools, and also iptables-persistent for the https://en.wikipedia.org/wiki/Iptables[iptables] firewall) * link:tasks/iiab-startup.yml[/usr/libexec/iiab-startup.sh] similar to AUTOEXEC.BAT and /etc/rc.local, in order to run jobs on boot From 8c6ac64aaa6596f2fa155e79cc1da9c2964d87aa Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 17 Mar 2022 00:56:33 -0400 Subject: [PATCH 47/53] scripts/iiab-diagnostics.README.md: Mention /usr/bin/raspinfo (very similar!) --- scripts/iiab-diagnostics.README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/iiab-diagnostics.README.md b/scripts/iiab-diagnostics.README.md index 21c103426..715d99b14 100644 --- a/scripts/iiab-diagnostics.README.md +++ b/scripts/iiab-diagnostics.README.md @@ -1,10 +1,10 @@ ## Objective -To streamline troubleshooting of remote Internet-in-a-Box (IIAB) installations, we bundle up common machine/software diagnostics, all together in 1 human-readable small file, that can be easily circulated online AND offline. +To streamline troubleshooting of remote Internet-in-a-Box (IIAB) installations, we bundle up common machine/software diagnostics, all together in 1 human-readable small file, that can be easily circulated online AND offline. Just FYI Raspberry Pi OS's [/usr/bin/raspinfo](https://github.com/raspberrypi/utils/blob/master/raspinfo/raspinfo) serves a very similar purpose, but we do not include that program's 700-to-800 line output at present. Passwords (including Wi-Fi passwords) are auto-redacted from this file, to protect your community confidentiality. -The ``pastebinit`` command can then be used to auto-upload this file, creating a short URL that makes it much easier to circulate among [volunteers](http://internet-in-a-box.org/pages/contributing.html). +Finally, the ``pastebinit`` command can then be used to auto-upload this file, creating a short URL that makes it much easier to circulate among [volunteers](http://internet-in-a-box.org/pages/contributing.html). But first off, the file is compiled by harvesting 1 + 6 kinds of things: From 5056d0373c3a723305af99ed2d847e7385b05f14 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 17 Mar 2022 02:00:20 -0400 Subject: [PATCH 48/53] Beware "client_max_body_size 500M;" in /etc/nginx/server.conf --- vars/default_vars.yml | 1 + vars/local_vars_large.yml | 1 + vars/local_vars_medium.yml | 1 + vars/local_vars_small.yml | 1 + 4 files changed, 4 insertions(+) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index e6c50c8d7..50a976851 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -323,6 +323,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index a8cab61ca..ca5870c64 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 27675e830..03dfaeffd 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 4bc7e4a37..9d547b31a 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False From 658b4156c5453d14922f4c73910c2511d09a4198 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 21 Mar 2022 11:00:00 -0400 Subject: [PATCH 49/53] nextcloud/tasks/install.yml: Update Nextcloud 23.0.3 footprint sizes --- roles/nextcloud/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 31fbe97d6..f1896a263 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -91,7 +91,7 @@ state: directory path: "{{ nextcloud_root_dir }}" # /library/www/nextcloud -- name: Unarchive {{ nextcloud_dl_url }} (~132 MB) to {{ nextcloud_root_dir }} (~475 MB initially, 498+ MB later, {{ apache_user }}:{{ apache_user }}) +- name: Unarchive {{ nextcloud_dl_url }} (~133 MB) to {{ nextcloud_root_dir }} (~476 MB initially, 498+ MB later, {{ apache_user }}:{{ apache_user }}) unarchive: remote_src: yes # Overwrite even if "already exists on the target" src: "{{ nextcloud_dl_url }}" From 323fc2714659e70ccfc1e642d03e2bdc0f54159d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 23 Mar 2022 09:01:56 -0500 Subject: [PATCH 50/53] test change --- roles/internetarchive/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index d44586042..338c321ca 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -43,7 +43,7 @@ path: "{{ internetarchive_dir }}/node_modules" - name: Run 'yarn add @internetarchive/dweb-mirror' to download/populate {{ internetarchive_dir }}/node_modules (CAN TAKE ~5 MINUTES) - shell: yarn config set child-concurrency 1 && yarn add @internetarchive/dweb-mirror + shell: yarn config set child-concurrency 1 && yarn add https://github.com/internetarchive/dweb-mirror args: chdir: "{{ internetarchive_dir }}" creates: "{{ internetarchive_dir }}/node_modules/@internetarchive/dweb-mirror/internetarchive" From 663e739978547bea47e908e8853f4dd06ddd5a9a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 23 Mar 2022 12:20:38 -0400 Subject: [PATCH 51/53] Clarify fix: 'yarn add https://github.com/internetarchive/dweb-mirror' --- roles/internetarchive/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index 338c321ca..2e3af8194 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -42,7 +42,7 @@ state: absent path: "{{ internetarchive_dir }}/node_modules" -- name: Run 'yarn add @internetarchive/dweb-mirror' to download/populate {{ internetarchive_dir }}/node_modules (CAN TAKE ~5 MINUTES) +- name: Run 'yarn add https://github.com/internetarchive/dweb-mirror' to download/populate {{ internetarchive_dir }}/node_modules (CAN TAKE ~5 MINUTES) shell: yarn config set child-concurrency 1 && yarn add https://github.com/internetarchive/dweb-mirror args: chdir: "{{ internetarchive_dir }}" From 70c3e1fe82b383e83195f3ced130c040189c2a2e Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 23 Mar 2022 21:47:04 -0400 Subject: [PATCH 52/53] PR #3142 Addendum: vars/local_vars_unittest.yml --- vars/local_vars_unittest.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 57430e3f4..9b2c2a2ac 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -203,6 +203,7 @@ nginx_high_php_limits: False # REGARDLESS: AFTER INSTALLING IIAB, PLEASE VERIFY THESE 6 SETTINGS... # https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L53-L133 # ...ARE SUITABLE FOR YOUR HARDWARE, as saved in: /etc/php//*/php.ini +# ALSO: ADJUST "client_max_body_size 500M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php apache_allow_sudo: False From 75c67162f1ffd67367bce26e7517e3401dcf24eb Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 24 Mar 2022 15:31:50 -0400 Subject: [PATCH 53/53] kiwix-tools 3.2.0-2: kiwix-serve security fix --- roles/kiwix/defaults/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/kiwix/defaults/main.yml b/roles/kiwix/defaults/main.yml index 92b52eb1b..582c2f902 100644 --- a/roles/kiwix/defaults/main.yml +++ b/roles/kiwix/defaults/main.yml @@ -26,9 +26,9 @@ kiwix_library_xml: "{{ iiab_zim_path }}/library.xml" # http://download.kiwix.org/release/kiwix-tools/ ...or sometimes... # http://download.kiwix.org/nightly/ -kiwix_version_armhf: kiwix-tools_linux-armhf-3.2.0-1 -kiwix_version_linux64: kiwix-tools_linux-x86_64-3.2.0-1 -kiwix_version_i686: kiwix-tools_linux-i586-3.2.0-1 +kiwix_version_armhf: kiwix-tools_linux-armhf-3.2.0-2 +kiwix_version_linux64: kiwix-tools_linux-x86_64-3.2.0-2 +kiwix_version_i686: kiwix-tools_linux-i586-3.2.0-2 # kiwix_src_file_i686: "kiwix-linux-i686.tar.bz2" # v0.9 for i686 published May 2014 ("use it to test legacy ZIM content")