From bbbb878e3cf7b7fc28425cf3bb91d0c97482e584 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 27 Jul 2021 13:00:58 -0400 Subject: [PATCH 1/4] 2-common/tasks/main.yml: Experimentally comment out zzz_iiab.sh --- roles/2-common/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index d05bccc11..3e4e17131 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -43,10 +43,10 @@ #- { name: 'net.ipv6.conf.lo.disable_ipv6', value: '1' } # BY ABOVE # UNMAINTAINED -- name: Install /etc/profile.d/zzz_iiab.sh from template, to add sbin dirs to unprivileged users' $PATH - template: - dest: /etc/profile.d/zzz_iiab.sh - src: zzz_iiab.sh +#- name: Install /etc/profile.d/zzz_iiab.sh from template, to add sbin dirs to unprivileged users' $PATH +# template: +# dest: /etc/profile.d/zzz_iiab.sh +# src: zzz_iiab.sh # UNMAINTAINED - include_tasks: net_mods.yml From 7de6c96b37c94ef6aa403b62de8030c157a76428 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 27 Jul 2021 13:01:33 -0400 Subject: [PATCH 2/4] Rename zzz_iiab.sh to zzz_iiab.sh.unused --- roles/2-common/templates/{zzz_iiab.sh => zzz_iiab.sh.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/templates/{zzz_iiab.sh => zzz_iiab.sh.unused} (100%) diff --git a/roles/2-common/templates/zzz_iiab.sh b/roles/2-common/templates/zzz_iiab.sh.unused similarity index 100% rename from roles/2-common/templates/zzz_iiab.sh rename to roles/2-common/templates/zzz_iiab.sh.unused From 50e0cde9a3892c8842dfdea681585a82e7132673 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 27 Jul 2021 22:36:07 -0400 Subject: [PATCH 3/4] iiab-check-firmware to /usr/bin ; rename systemd services to iiab-* --- roles/1-prep/tasks/raspberry_pi.yml | 18 +++++++++--------- .../captiveportal/tasks/enable-or-disable.yml | 4 ++-- roles/captiveportal/tasks/install.yml | 2 +- roles/firmware/tasks/install.yml | 12 ++++++------ ...are.service => iiab-check-firmware.service} | 5 ++--- .../{fw_warn.sh => iiab-firmware-warn.sh} | 0 roles/iiab-admin/tasks/admin-user.yml | 4 ++-- roles/network/tasks/hostapd.yml | 16 ++++++++-------- roles/network/tasks/rpi_debian.yml | 2 +- roles/network/tasks/sysd-netd-debian.yml | 2 +- roles/network/templates/hostapd/README.ap0 | 4 ++-- .../templates/hostapd/hostapd.service.j2 | 4 ++-- ...i.service.j2 => iiab-clone-wifi.service.j2} | 0 .../hostapd/{test-wifi => iiab-test-wifi.j2} | 2 +- ...st.service.j2 => iiab-wifi-test.service.j2} | 2 +- .../network/templates/network/iiab-hotspot-off | 6 +++--- .../network/templates/network/iiab-hotspot-on | 4 ++-- roles/usb_lib/tasks/install.yml | 4 ++-- 18 files changed, 45 insertions(+), 46 deletions(-) rename roles/firmware/templates/{check-firmware.service => iiab-check-firmware.service} (59%) rename roles/firmware/templates/{fw_warn.sh => iiab-firmware-warn.sh} (100%) rename roles/network/templates/hostapd/{clone-wifi.service.j2 => iiab-clone-wifi.service.j2} (100%) rename roles/network/templates/hostapd/{test-wifi => iiab-test-wifi.j2} (98%) rename roles/network/templates/hostapd/{wifi-test.service.j2 => iiab-wifi-test.service.j2} (92%) diff --git a/roles/1-prep/tasks/raspberry_pi.yml b/roles/1-prep/tasks/raspberry_pi.yml index 232674dca..41b129853 100644 --- a/roles/1-prep/tasks/raspberry_pi.yml +++ b/roles/1-prep/tasks/raspberry_pi.yml @@ -1,12 +1,12 @@ # Specific to Raspberry Pi -- name: Install udev rule /etc/udev/rules.d/92-rtc-i2c.rules from template, to transfer hwclock to system clock at dev creation, if rtc_id is defined and rtc_id != "none" +- name: Install udev rule /etc/udev/rules.d/92-rtc-i2c.rules from template, to transfer hwclock to system clock at dev creation, if rtc_id is defined and rtc_id != "none" (root:root, 0644 by default) template: src: 92-rtc-i2c.rules dest: /etc/udev/rules.d/92-rtc-i2c.rules - owner: root - group: root - mode: 0644 + #owner: root + #group: root + #mode: 0644 when: rtc_id is defined and rtc_id != "none" # RTC requires a change to the device tree (and reboot) @@ -50,7 +50,7 @@ - cloud-guest-utils # Contains 'growpart' for resizing a partition during boot, which is normally done with the aid of cloud-init - dphys-swapfile # 2021-07-27: RaspiOS installs this regardless -- autogenerate and use a swap file - fake-hwclock # 2021-07-27: RaspiOS installs this regardless -- save/restore system clock on machines without working RTC hardware - - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/clone-wifi.service.j2 + - iw # 2021-07-27: RaspiOS installs this regardless -- configure Linux wireless devices -- hard dependence for ap0 creation, SEE https://github.com/iiab/iiab/blob/master/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 - rfkill # 2021-07-27: RaspiOS installs this regardless -- enable & disable wireless devices - wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions state: present @@ -67,15 +67,15 @@ name: dphys-swapfile state: restarted -- name: Install RPi rootfs resizing (iiab-rpi-max-rootfs.sh) and its systemd service (iiab-rpi-root-resize.service), from templates +- name: Install RPi rootfs resizing (/usr/sbin/iiab-rpi-max-rootfs.sh) and its systemd service (/etc/systemd/system/iiab-rpi-root-resize.service), from templates (root:root by default) template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root + #owner: root + #group: root mode: "{{ item.mode }}" with_items: - - { src: 'iiab-rpi-max-rootfs.sh', dest: '/usr/sbin/iiab-rpi-max-rootfs.sh', mode: '0755'} + - { src: 'iiab-rpi-max-rootfs.sh', dest: '/usr/sbin/', mode: '0755'} - { src: 'iiab-rpi-root-resize.service', dest: '/etc/systemd/system/iiab-rpi-root-resize.service', mode: '0644'} - name: Enable RPi rootfs resizing (systemd service iiab-rpi-root-resize.service) diff --git a/roles/captiveportal/tasks/enable-or-disable.yml b/roles/captiveportal/tasks/enable-or-disable.yml index c1b390a6d..0abb05c8a 100644 --- a/roles/captiveportal/tasks/enable-or-disable.yml +++ b/roles/captiveportal/tasks/enable-or-disable.yml @@ -36,8 +36,8 @@ state: absent when: not captiveportal_enabled -- name: Run iiab-divert-to-nginx to generate diversion lists for NGINX - shell: /usr/sbin/iiab-divert-to-nginx +- name: Run /usr/sbin/iiab-divert-to-nginx to generate diversion lists for NGINX + command: /usr/sbin/iiab-divert-to-nginx when: captiveportal_enabled - name: Delete /etc/dnsmasq.d/capture to make sure dnsmasq is not diverting (if not captiveportal_enabled) diff --git a/roles/captiveportal/tasks/install.yml b/roles/captiveportal/tasks/install.yml index 01c1d932a..af022f0e9 100644 --- a/roles/captiveportal/tasks/install.yml +++ b/roles/captiveportal/tasks/install.yml @@ -43,7 +43,7 @@ - simple.template - mac.template -- name: Run iiab-make-cp-servers.py to generate NGINX servers from /opt/iiab/captiveportal/checkurls input list (creates /etc/nginx/sites-available/capture.conf) +- name: Run /usr/sbin/iiab-make-cp-servers.py to generate NGINX servers from /opt/iiab/captiveportal/checkurls input list (creates /etc/nginx/sites-available/capture.conf) command: /usr/sbin/iiab-make-cp-servers.py args: creates: /etc/nginx/sites-available/capture.conf diff --git a/roles/firmware/tasks/install.yml b/roles/firmware/tasks/install.yml index 94c219d5c..2e0bd1e06 100644 --- a/roles/firmware/tasks/install.yml +++ b/roles/firmware/tasks/install.yml @@ -2,19 +2,19 @@ include_tasks: download.yml when: firmware_downloaded is undefined # SEE ALSO firmware_installed below -- name: 'Install from template: check-firmware.service, iiab-check-firmware & fw_warn.sh' +- name: 'Install from template: /usr/bin/iiab-check-firmware, /etc/systemd/iiab-check-firmware.service & /etc/profile.d/iiab-firmware-warn.sh' template: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - - { src: 'check-firmware.service', dest: '/etc/systemd/system/', mode: '0644' } - - { src: 'iiab-check-firmware', dest: '/usr/sbin/', mode: '0755' } - - { src: 'fw_warn.sh', dest: '/etc/profile.d/', mode: '0644' } + - { src: 'iiab-check-firmware', dest: '/usr/bin/', mode: '0755' } + - { src: 'iiab-check-firmware.service', dest: '/etc/systemd/system/', mode: '0644' } + - { src: 'iiab-firmware-warn.sh', dest: '/etc/profile.d/', mode: '0644' } -- name: Enable & (Re)Start check-firmware.service (also runs on each boot) +- name: Enable & (Re)Start iiab-check-firmware.service (also runs on each boot) systemd: - name: check-firmware.service + name: iiab-check-firmware.service daemon_reload: yes state: restarted enabled: yes diff --git a/roles/firmware/templates/check-firmware.service b/roles/firmware/templates/iiab-check-firmware.service similarity index 59% rename from roles/firmware/templates/check-firmware.service rename to roles/firmware/templates/iiab-check-firmware.service index 43c7adf8c..bebf5a43d 100644 --- a/roles/firmware/templates/check-firmware.service +++ b/roles/firmware/templates/iiab-check-firmware.service @@ -1,11 +1,10 @@ [Unit] Description=Check Firmware service -Before=clone-wifi.service +Before=iiab-clone-wifi.service [Service] Type=oneshot -ExecStart=/usr/sbin/iiab-check-firmware +ExecStart=/usr/bin/iiab-check-firmware [Install] WantedBy=multi-user.target - diff --git a/roles/firmware/templates/fw_warn.sh b/roles/firmware/templates/iiab-firmware-warn.sh similarity index 100% rename from roles/firmware/templates/fw_warn.sh rename to roles/firmware/templates/iiab-firmware-warn.sh diff --git a/roles/iiab-admin/tasks/admin-user.yml b/roles/iiab-admin/tasks/admin-user.yml index e19ea8e7d..c61ca57c5 100644 --- a/roles/iiab-admin/tasks/admin-user.yml +++ b/roles/iiab-admin/tasks/admin-user.yml @@ -14,7 +14,7 @@ name: "{{ admin_console_group }}" state: present -- name: Configure user '{{ iiab_admin_user }}' with group '{{ admin_console_group }}' for login to IIAB's Admin Console (http://box.lan/admin) AND for IIAB community support commands (/usr/bin/iiab-* and /usr/sbin/iiab-*) at the command-line +- name: Configure user '{{ iiab_admin_user }}' with group '{{ admin_console_group }}' for login to IIAB's Admin Console (http://box.lan/admin) AND for IIAB community support commands (/usr/bin/iiab-*) at the command-line user: name: "{{ iiab_admin_user }}" #group: "{{ iiab_admin_user }}" # Not nec. Anyway this happens during account creation b/c 'USERGROUPS_ENAB yes' is set in any modern /etc/login.defs @@ -34,7 +34,7 @@ # sudo-prereqs.yml needs to have been run! -- name: Add user {{ iiab_admin_user }} to group sudo, for IIAB community support commands like {iiab-diagnostics, iiab-hotspot-on, iiab-check-firmware}, if iiab_admin_can_sudo +- name: Add user {{ iiab_admin_user }} to group sudo, for IIAB community support commands in /usr/bin like {iiab-diagnostics, iiab-hotspot-on, iiab-check-firmware}, if iiab_admin_can_sudo #command: "gpasswd -a {{ iiab_admin_user | quote }} sudo" user: name: "{{ iiab_admin_user }}" diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index b34b32c11..33e0a6468 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -39,7 +39,7 @@ set_fact: ap0_mac_addr: "{{ ap0_mac.stdout }}" -- name: Use custom 'hostapd' systemd service unit file using ap0 +- name: "Use custom 'hostapd' systemd service unit file using ap0 -- install from template: /etc/systemd/system/hostapd.service, /etc/systemd/system/iiab-clone-wifi.service, /etc/systemd/system/iiab-wifi-test.service, /usr/sbin/iiab-test-wifi" template: owner: root group: root @@ -48,9 +48,9 @@ mode: "{{ item.mode }}" with_items: - { src: 'hostapd/hostapd.service.j2', dest: '/etc/systemd/system/hostapd.service', mode: '0644' } - - { src: 'hostapd/clone-wifi.service.j2', dest: '/etc/systemd/system/clone-wifi.service', mode: '0644' } - - { src: 'hostapd/wifi-test.service.j2', dest: '/etc/systemd/system/wifi-test.service', mode: '0644'} - - { src: 'hostapd/test-wifi', dest: '/sbin/test-wifi', mode: '0755' } + - { src: 'hostapd/iiab-clone-wifi.service.j2', dest: '/etc/systemd/system/iiab-clone-wifi.service', mode: '0644' } + - { src: 'hostapd/iiab-wifi-test.service.j2', dest: '/etc/systemd/system/iiab-wifi-test.service', mode: '0644'} + - { src: 'hostapd/iiab-test-wifi.j2', dest: '/usr/sbin/iiab-test-wifi', mode: '0755' } when: discovered_wireless_iface != "none" - name: Use custom 'hostapd' systemd service unit file for {{ discovered_wireless_iface }} when not wifi_up_down @@ -145,8 +145,8 @@ enabled: no daemon_reload: yes with_items: - - clone-wifi.service - - wifi-test.service + - iiab-clone-wifi.service + - iiab-wifi-test.service when: not wifi_up_down - name: Enable the Access Point 'hostapd' and ap0 related services @@ -156,8 +156,8 @@ daemon_reload: yes with_items: - hostapd.service - - clone-wifi.service - - wifi-test.service + - iiab-clone-wifi.service + - iiab-wifi-test.service when: hostapd_enabled and wifi_up_down - name: Record HOSTAPD_ENABLED to {{ iiab_env_file }} diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index dea080d0c..1887a7d15 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -58,7 +58,7 @@ - name: Clone wifi if needed systemd: - name: clone-wifi + name: iiab-clone-wifi state: started when: discovered_wireless_iface != "none" # Whereas sysd-netd-debian.yml uses... diff --git a/roles/network/tasks/sysd-netd-debian.yml b/roles/network/tasks/sysd-netd-debian.yml index 622663462..4b3048256 100644 --- a/roles/network/tasks/sysd-netd-debian.yml +++ b/roles/network/tasks/sysd-netd-debian.yml @@ -53,7 +53,7 @@ - name: Clone wifi if needed systemd: - name: clone-wifi + name: iiab-clone-wifi state: started when: wifi_up_down and discovered_wireless_iface != "none" diff --git a/roles/network/templates/hostapd/README.ap0 b/roles/network/templates/hostapd/README.ap0 index ea53ec1da..0d44b9df1 100644 --- a/roles/network/templates/hostapd/README.ap0 +++ b/roles/network/templates/hostapd/README.ap0 @@ -1,8 +1,8 @@ start up order # network-pre bridge is created -clone-wifi +iiab-clone-wifi wpa_supplicant #--dbus version does not start the interface directly -test-wifi # uses dbus to scan the network grabbing the channel alters hostapd.conf if needed +iiab-test-wifi # uses dbus to scan the network grabbing the channel alters hostapd.conf if needed hostapd # network diff --git a/roles/network/templates/hostapd/hostapd.service.j2 b/roles/network/templates/hostapd/hostapd.service.j2 index 3c19dfcf8..78ed478d0 100644 --- a/roles/network/templates/hostapd/hostapd.service.j2 +++ b/roles/network/templates/hostapd/hostapd.service.j2 @@ -2,8 +2,8 @@ Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator Wants=network-pre.target After=network-pre.target -After=clone-wifi.service -Requires=clone-wifi.service +After=iiab-clone-wifi.service +Requires=iiab-clone-wifi.service Before=dhcpcd.service Before=wpa_supplicant@{{ discovered_wireless_iface }}.service Before=NetworkManager.service diff --git a/roles/network/templates/hostapd/clone-wifi.service.j2 b/roles/network/templates/hostapd/iiab-clone-wifi.service.j2 similarity index 100% rename from roles/network/templates/hostapd/clone-wifi.service.j2 rename to roles/network/templates/hostapd/iiab-clone-wifi.service.j2 diff --git a/roles/network/templates/hostapd/test-wifi b/roles/network/templates/hostapd/iiab-test-wifi.j2 similarity index 98% rename from roles/network/templates/hostapd/test-wifi rename to roles/network/templates/hostapd/iiab-test-wifi.j2 index b2ed7c971..be13af4c6 100755 --- a/roles/network/templates/hostapd/test-wifi +++ b/roles/network/templates/hostapd/iiab-test-wifi.j2 @@ -5,7 +5,7 @@ NETPLAN=0 SSID="NA" # when we get here br0 should be available and dbus wpa_supplicant was started if enabled. None # of the backends that use wpa_supplicant should be active yet based on the Before= After= lines -# in the wifi-test.service unit file. +# in the iiab-wifi-test.service unit file. # covers systemd-networkd if [ -f /etc/wpa_supplicant/wpa_supplicant-$IFACE.conf ]; then diff --git a/roles/network/templates/hostapd/wifi-test.service.j2 b/roles/network/templates/hostapd/iiab-wifi-test.service.j2 similarity index 92% rename from roles/network/templates/hostapd/wifi-test.service.j2 rename to roles/network/templates/hostapd/iiab-wifi-test.service.j2 index 875a12f50..682680a07 100644 --- a/roles/network/templates/hostapd/wifi-test.service.j2 +++ b/roles/network/templates/hostapd/iiab-wifi-test.service.j2 @@ -12,7 +12,7 @@ Before=network.target [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/sbin/test-wifi +ExecStart=/usr/sbin/iiab-test-wifi [Install] WantedBy=multi-user.target diff --git a/roles/network/templates/network/iiab-hotspot-off b/roles/network/templates/network/iiab-hotspot-off index d3f811365..78d86cdd1 100755 --- a/roles/network/templates/network/iiab-hotspot-off +++ b/roles/network/templates/network/iiab-hotspot-off @@ -3,9 +3,9 @@ sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=False/" {{ iiab_env_file }} systemctl disable hostapd systemctl stop hostapd {% if wifi_up_down %} -systemctl disable clone-wifi.service -systemctl disable wifi-test.service -systemctl stop clone-wifi.service +systemctl disable iiab-clone-wifi.service +systemctl disable iiab-wifi-test.service +systemctl stop iiab-clone-wifi.service echo " IIAB hotspot access point Disabled" exit 0 {% else %} diff --git a/roles/network/templates/network/iiab-hotspot-on b/roles/network/templates/network/iiab-hotspot-on index 34d1cda46..d92cb5f21 100755 --- a/roles/network/templates/network/iiab-hotspot-on +++ b/roles/network/templates/network/iiab-hotspot-on @@ -1,9 +1,9 @@ #!/bin/bash sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=True/" {{ iiab_env_file }} {% if wifi_up_down %} -systemctl enable clone-wifi.service +systemctl enable iiab-clone-wifi.service systemctl enable hostapd -systemctl enable wifi-test.service +systemctl enable iiab-wifi-test.service echo -e "\nPlease reboot to activate hostapd feature.\n" exit 0 {% else %} diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 3304a0f16..a84b02439 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -55,14 +55,14 @@ group: "{{ apache_user }}" # 2020-02-13: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222) mode: '0775' -- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off' +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off, /usr/sbin/iiab-clean-usb.sh' template: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - - { src: 'usbmount@.service.j2', dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } - { src: 'usbmount.rules.j2', dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' } + - { src: 'usbmount@.service.j2', dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } - { src: 'iiab-usb_lib-show-all-on', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } From 77bf1099cdeaffc9282908ce6b21c222e1a0e381 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 27 Jul 2021 22:44:52 -0400 Subject: [PATCH 4/4] roles/firmware/tasks/install.yml: Fix path typo in comment --- roles/firmware/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/firmware/tasks/install.yml b/roles/firmware/tasks/install.yml index 2e0bd1e06..ce7004ea2 100644 --- a/roles/firmware/tasks/install.yml +++ b/roles/firmware/tasks/install.yml @@ -2,7 +2,7 @@ include_tasks: download.yml when: firmware_downloaded is undefined # SEE ALSO firmware_installed below -- name: 'Install from template: /usr/bin/iiab-check-firmware, /etc/systemd/iiab-check-firmware.service & /etc/profile.d/iiab-firmware-warn.sh' +- name: 'Install from template: /usr/bin/iiab-check-firmware, /etc/systemd/system/iiab-check-firmware.service & /etc/profile.d/iiab-firmware-warn.sh' template: src: "{{ item.src }}" dest: "{{ item.dest }}"