From 515e3e59cdd4fbe75c7fbba5517141315c6cb3cb Mon Sep 17 00:00:00 2001 From: George Hunt Date: Fri, 27 Apr 2018 03:54:27 +0000 Subject: [PATCH 01/19] just to get initial run. not function tested (nextcloud) --- roles/nextcloud/tasks/main.yml | 3 ++- roles/sugarizer/tasks/main.yml | 8 ++++++++ vars/ubuntu-18.yml | 2 +- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index b54fe9669..ece214e7d 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -56,7 +56,8 @@ - "php{{ php_version }}-mysql" - "php{{ php_version }}-curl" - "php{{ php_version }}-intl" - - "php{{ php_version }}-mcrypt" + # - "php{{ php_version }}-mcrypt" + - "mcrypt" when: is_debuntu # we need to install the rpm in order to get the dependencies diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index e75c871c8..f9bc95a11 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -40,6 +40,14 @@ - nodejs - npm +- name: Install npm (ubuntu-18) + package: + name: "{{ item }}" + state: present + when: internet_available and is_ubuntu_18 + with_items: + - npm + # attempting to reinstall npm is broken on Raspbian 9 - name: Check for Sugarizer already installed stat: diff --git a/vars/ubuntu-18.yml b/vars/ubuntu-18.yml index 02f4d2355..70c472080 100644 --- a/vars/ubuntu-18.yml +++ b/vars/ubuntu-18.yml @@ -17,6 +17,6 @@ systemctl_program: /bin/systemctl mysql_service: mysql apache_log: /var/log/apache2/access.log sshd_service: ssh -php_version: 7.1 +php_version: 7.2 postgresql_version: 9.6 systemd_location: /lib/systemd/system From 00836a16adb8161081a0f47c7a5fbe10ef094c1b Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 28 Apr 2018 14:07:17 -0400 Subject: [PATCH 02/19] postgresql_version: 10.3 ->postgresql_version: 10 --- vars/ubuntu-18.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vars/ubuntu-18.yml b/vars/ubuntu-18.yml index 42ca817ed..c05df9cf8 100644 --- a/vars/ubuntu-18.yml +++ b/vars/ubuntu-18.yml @@ -18,5 +18,6 @@ mysql_service: mysql apache_log: /var/log/apache2/access.log sshd_service: ssh php_version: 7.2 -postgresql_version: 10.3 +# "postgresql_version: 10.3" fails (too detailed for /etc/systemd/system/postgresql-iiab.service on Ubuntu 18.04) +postgresql_version: 10 systemd_location: /lib/systemd/system From 5c0486b3ea713a5d764174d548ce9eff44ce1e8b Mon Sep 17 00:00:00 2001 From: George Hunt Date: Sat, 28 Apr 2018 18:50:14 +0000 Subject: [PATCH 03/19] do not change what is not tested --- roles/nextcloud/tasks/main.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index ece214e7d..c1e24c4be 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -56,9 +56,14 @@ - "php{{ php_version }}-mysql" - "php{{ php_version }}-curl" - "php{{ php_version }}-intl" - # - "php{{ php_version }}-mcrypt" - - "mcrypt" - when: is_debuntu + - "php{{ php_version }}-mcrypt" + when: is_debuntu and not is_ubuntu_18 + +- name: In Ubuntu 18, php dropped mcrypt + package: + name: mcrypt + state: present + when: is_ubuntu_18 # we need to install the rpm in order to get the dependencies # but we only need to do this the first time From 0e35fcd1605686a36499b63ac9ca1f6f0e0d22c8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 28 Apr 2018 15:42:50 -0400 Subject: [PATCH 04/19] PostgresSQL 10.3+ requires Moodle "encrypt" password --- roles/moodle/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index 6543fda72..080d0c318 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -106,6 +106,7 @@ postgresql_user: name: Admin password: changeme + encrypted: yes # Required by PostgresSQL 10.3+ e.g. on Ubuntu 18.04 role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB state: present become: yes From d4cdf372d383ebbbbc91c62d235c94d288a75c8b Mon Sep 17 00:00:00 2001 From: George Hunt Date: Fri, 27 Apr 2018 03:54:27 +0000 Subject: [PATCH 05/19] just to get initial run. not function tested (nextcloud) --- roles/nextcloud/tasks/main.yml | 3 ++- roles/sugarizer/tasks/main.yml | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index b54fe9669..ece214e7d 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -56,7 +56,8 @@ - "php{{ php_version }}-mysql" - "php{{ php_version }}-curl" - "php{{ php_version }}-intl" - - "php{{ php_version }}-mcrypt" + # - "php{{ php_version }}-mcrypt" + - "mcrypt" when: is_debuntu # we need to install the rpm in order to get the dependencies diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index e75c871c8..f9bc95a11 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -40,6 +40,14 @@ - nodejs - npm +- name: Install npm (ubuntu-18) + package: + name: "{{ item }}" + state: present + when: internet_available and is_ubuntu_18 + with_items: + - npm + # attempting to reinstall npm is broken on Raspbian 9 - name: Check for Sugarizer already installed stat: From 3a461856552a6c79b1ad5ecfed821b4149c51046 Mon Sep 17 00:00:00 2001 From: George Hunt Date: Sat, 28 Apr 2018 18:50:14 +0000 Subject: [PATCH 06/19] do not change what is not tested --- roles/nextcloud/tasks/main.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index ece214e7d..c1e24c4be 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -56,9 +56,14 @@ - "php{{ php_version }}-mysql" - "php{{ php_version }}-curl" - "php{{ php_version }}-intl" - # - "php{{ php_version }}-mcrypt" - - "mcrypt" - when: is_debuntu + - "php{{ php_version }}-mcrypt" + when: is_debuntu and not is_ubuntu_18 + +- name: In Ubuntu 18, php dropped mcrypt + package: + name: mcrypt + state: present + when: is_ubuntu_18 # we need to install the rpm in order to get the dependencies # but we only need to do this the first time From 0396d7490d87fc4c26f3046e798d647d80bc6aa7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 28 Apr 2018 15:50:58 -0400 Subject: [PATCH 07/19] Update main.yml --- roles/moodle/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index 080d0c318..374d9fbd1 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -106,7 +106,7 @@ postgresql_user: name: Admin password: changeme - encrypted: yes # Required by PostgresSQL 10.3+ e.g. on Ubuntu 18.04 + encrypted: yes # Required by PostgresSQL 10.3+ e.g. on Ubuntu 18.04, see https://github.com/iiab/iiab/issues/759 role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB state: present become: yes From f9278428a0160d3dd006a5c2ebbc5af6f89bceb6 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 28 Apr 2018 15:45:08 -0500 Subject: [PATCH 08/19] rework mcrypt logic --- roles/nextcloud/tasks/main.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index c1e24c4be..3252efa43 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -56,14 +56,13 @@ - "php{{ php_version }}-mysql" - "php{{ php_version }}-curl" - "php{{ php_version }}-intl" - - "php{{ php_version }}-mcrypt" - when: is_debuntu and not is_ubuntu_18 + when: is_debuntu -- name: In Ubuntu 18, php dropped mcrypt +- name: In php7.2, php dropped mcrypt package: - name: mcrypt + name: "php{{ php_version }}-mcrypt" state: present - when: is_ubuntu_18 + when: is_debuntu and not is_ubuntu_18 # we need to install the rpm in order to get the dependencies # but we only need to do this the first time From 5486a4eb58c232027079486f2493d1f45f2175f9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 28 Apr 2018 15:48:01 -0500 Subject: [PATCH 09/19] don't enable nodejs_6.x on ubuntu-18 --- roles/sugarizer/tasks/main.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index f9bc95a11..3f1733806 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -21,7 +21,7 @@ - name: Set up Node.js 6.x apt sources (debuntu) shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - - when: internet_available and is_debuntu + when: internet_available and is_debuntu and not ubuntu-18 - name: Install latest Node.js which includes /usr/bin/npm (debuntu) package: @@ -29,7 +29,7 @@ state: latest # package: name=nodejs=6.* # state=present - when: internet_available and is_debuntu + when: internet_available and is_debuntu and not ubuntu-18 - name: Install npm (OS's other than debuntu) package: @@ -43,10 +43,11 @@ - name: Install npm (ubuntu-18) package: name: "{{ item }}" - state: present + state: latest when: internet_available and is_ubuntu_18 with_items: - npm + - nodejs # attempting to reinstall npm is broken on Raspbian 9 - name: Check for Sugarizer already installed From b12b6d5638f65490b9bd6ecfa4a5fa7aced48489 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 28 Apr 2018 22:50:59 -0500 Subject: [PATCH 10/19] narrow is_F18 --- roles/0-init/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 01d391d65..c731a6a6a 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -144,7 +144,7 @@ mysql_service: mysqld no_NM_reload: True is_F18: True - when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" + when: (ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18") and ansible_distribution == "Fedora" - name: Set mysql_service to mysql (debuntu) set_fact: From 4f777e66b6e6045806806b46878c6b1dde2c8964 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 02:20:53 -0400 Subject: [PATCH 11/19] Update iiab-vpn --- roles/openvpn/templates/iiab-vpn | 121 +++++++++++++++---------------- 1 file changed, 60 insertions(+), 61 deletions(-) diff --git a/roles/openvpn/templates/iiab-vpn b/roles/openvpn/templates/iiab-vpn index dc78c1b6a..f1d3c1d9f 100755 --- a/roles/openvpn/templates/iiab-vpn +++ b/roles/openvpn/templates/iiab-vpn @@ -1,11 +1,12 @@ -#!/bin/sh +#!/bin/bash # script to manage openvpn + if [ ! -f "/etc/openvpn/iiab-vpn.conf" ]; then - VPNCONFIG='party-line.conf' - VPNIP={{ openvpn_server_virtual_ip }} + VPNCONFIG='party-line.conf' + VPNIP=10.8.0.1 else - # expect the sourced file to set the above variables - source /etc/openvpn/iiab-vpn.conf + # expect the sourced file to set the above variables + source /etc/openvpn/iiab-vpn.conf fi # we'd like the user of this script to have root privilege @@ -15,22 +16,21 @@ if [ "$(id -u)" != "0" ]; then fi case $1 in -"stop" | "no" | "off") - killall openvpn - exit 0 - ;; -"status") - pid=`ps -e|grep openvpn` - if [ -z "$pid" ]; then - echo "The openvpn process is not running" - else - echo "Openvpn is running with id $pid" - ip=`ifconfig tun | gawk '(/netmask /) {print( $2);}'` - echo "Local vpn tunnel address is $ip" - fi - exit 0 - ;; - + "stop" | "no" | "off") + killall openvpn + exit 0 + ;; + "status") + pid=`ps -e|grep openvpn` + if [ -z "$pid" ]; then + echo "The openvpn process is not running" + else + echo "Openvpn is running with id $pid" + ip=`ifconfig tun | gawk '(/netmask /) {print( $2);}'` + echo "Local vpn tunnel address is $ip" + fi + exit 0 + ;; esac # we'd like for passwords authentication to be turned off @@ -38,56 +38,55 @@ grep -e^PasswordAuthentication.*[Yy]es /etc/ssh/sshd_config PASSWORDS_ENABLED=$? if [ $PASSWORDS_ENABLED -eq 0 ];then - case $1 in - "test" | "unsafe") ;; - *) - - echo "Openvpn is only safe when public/private keys are used" - echo " And when passwords are turned off in /etc/ssh/sshd_conf" - exit 1 - esac + case $1 in + "test" | "unsafe") ;; + *) + echo "Openvpn is only safe when public/private keys are used" + echo " And when passwords are turned off in /etc/ssh/sshd_conf" + exit 1 + esac fi # openvpn config file directory dir=/etc/openvpn if [ $# -eq 0 ]; then - cmd="test" + cmd="test" else - cmd=$1 + cmd=$1 fi case $cmd in -"test" | "unsafe" ) -# load TUN/TAP kernel module - modprobe tun + "test" | "unsafe" ) + # load TUN/TAP kernel module + modprobe tun - # make sure the wan is functioning - # 8.8.8.8 is one of google's dns servers - ping -c 3 -i 3 8.8.8.8 - if [ $? -ne 0 ]; then - echo "internet is not available, tunnel not possible" - exit 1 - fi - - # check the vpn tunnel - ping -c 5 -i 5 "$VPNIP" - # a zero return means the tunnel is up - if [ $? -ne "0" ]; then - echo "Stopping any openvpn instance" - killall openvpn - sleep 10 - echo "Starting openvpn and waiting 10 seconds for daemon to become ready" - openvpn --cd $dir --daemon --config $VPNCONFIG - fi - sleep 10 - echo "Testing VPN connection" - ping -c 4 -i 4 "$VPNIP" - if [ $? -eq 0 ]; then - echo "vpn tunnel established" - else - echo "vpn connection failed" - fi + # make sure the wan is functioning + # 8.8.8.8 is one of google's dns servers + ping -c 3 -i 3 8.8.8.8 + if [ $? -ne 0 ]; then + echo "internet is not available, tunnel not possible" + exit 1 + fi - ;; + # check the vpn tunnel + ping -c 5 -i 5 "$VPNIP" + # a zero return means the tunnel is up + if [ $? -ne "0" ]; then + echo "Stopping any openvpn instance" + killall openvpn + sleep 10 + echo "Starting openvpn and waiting 10 seconds for daemon to become r +eady" + openvpn --cd $dir --daemon --config $VPNCONFIG + fi + sleep 10 + echo "Testing VPN connection" + ping -c 4 -i 4 "$VPNIP" + if [ $? -eq 0 ]; then + echo "vpn tunnel established" + else + echo "vpn connection failed" + fi + ;; esac From 8f490949f557456cdc5ccfe51e97aeea7ba7cccd Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 02:24:41 -0400 Subject: [PATCH 12/19] Update iiab-remote-on --- roles/openvpn/templates/iiab-remote-on | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/openvpn/templates/iiab-remote-on b/roles/openvpn/templates/iiab-remote-on index 5f40903da..ae8110732 100644 --- a/roles/openvpn/templates/iiab-remote-on +++ b/roles/openvpn/templates/iiab-remote-on @@ -4,8 +4,8 @@ # do nothing if it is not installed which openvpn if [ $? -ne 0 ]; then - echo Cannot find the openvpn program. - exit 1 + echo Cannot find the openvpn program. + exit 1 fi systemctl enable openvpn@xscenet.service systemctl start openvpn@xscenet.service @@ -13,7 +13,7 @@ systemctl start openvpn@xscenet.service sleep 5 ping -c 2 10.8.0.1 if [ $? -eq 0 ]; then - echo Openvpn successfully started. + echo Openvpn successfully started. else - echo Openvpn failed to contact remote server. + echo Openvpn failed to contact remote server. fi From 66c4132c6d112af7fa541c251d8cdc9033d2938f Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 02:25:14 -0400 Subject: [PATCH 13/19] Update iiab-remote-off --- roles/openvpn/templates/iiab-remote-off | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/openvpn/templates/iiab-remote-off b/roles/openvpn/templates/iiab-remote-off index 527c77cab..8663c11b5 100644 --- a/roles/openvpn/templates/iiab-remote-off +++ b/roles/openvpn/templates/iiab-remote-off @@ -4,8 +4,8 @@ # do nothing if it is not installed which openvpn if [ $? -ne 0 ]; then - echo Cannot find the openvpn program. - exit 1 + echo Cannot find the openvpn program. + exit 1 fi systemctl disable openvpn@xscenet.service systemctl stop openvpn@xscenet.service @@ -13,7 +13,7 @@ systemctl stop openvpn@xscenet.service sleep 5 ps -e|grep vpn if [ $? -eq 0 ]; then - echo Openvpn failed to stop. + echo Openvpn failed to stop. else - echo Successfully stopped and disabled Openvpn + echo Successfully stopped and disabled Openvpn fi From 440b21102bbb756a959565b5d8dcf209618f96af Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 02:34:11 -0400 Subject: [PATCH 14/19] Update iiab-vpn --- roles/openvpn/templates/iiab-vpn | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/openvpn/templates/iiab-vpn b/roles/openvpn/templates/iiab-vpn index f1d3c1d9f..c3aab24eb 100755 --- a/roles/openvpn/templates/iiab-vpn +++ b/roles/openvpn/templates/iiab-vpn @@ -3,7 +3,7 @@ if [ ! -f "/etc/openvpn/iiab-vpn.conf" ]; then VPNCONFIG='party-line.conf' - VPNIP=10.8.0.1 + VPNIP={{ openvpn_server_virtual_ip }} else # expect the sourced file to set the above variables source /etc/openvpn/iiab-vpn.conf @@ -23,9 +23,9 @@ case $1 in "status") pid=`ps -e|grep openvpn` if [ -z "$pid" ]; then - echo "The openvpn process is not running" + echo "The OpenVPN process is not running" else - echo "Openvpn is running with id $pid" + echo "OpenVPN is running with id $pid" ip=`ifconfig tun | gawk '(/netmask /) {print( $2);}'` echo "Local vpn tunnel address is $ip" fi @@ -41,7 +41,7 @@ if [ $PASSWORDS_ENABLED -eq 0 ];then case $1 in "test" | "unsafe") ;; *) - echo "Openvpn is only safe when public/private keys are used" + echo "OpenVPN is only safe when public/private keys are used" echo " And when passwords are turned off in /etc/ssh/sshd_conf" exit 1 esac @@ -76,8 +76,7 @@ case $cmd in echo "Stopping any openvpn instance" killall openvpn sleep 10 - echo "Starting openvpn and waiting 10 seconds for daemon to become r -eady" + echo "Starting OpenVPN and waiting 10 seconds for daemon to become ready" openvpn --cd $dir --daemon --config $VPNCONFIG fi sleep 10 @@ -88,5 +87,6 @@ eady" else echo "vpn connection failed" fi + ;; esac From 0f21da54771ababff78bdd80fcd74ab8c928607d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 02:37:19 -0400 Subject: [PATCH 15/19] Update iiab-remote-off --- roles/openvpn/templates/iiab-remote-off | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/openvpn/templates/iiab-remote-off b/roles/openvpn/templates/iiab-remote-off index 8663c11b5..a5e1b46d3 100644 --- a/roles/openvpn/templates/iiab-remote-off +++ b/roles/openvpn/templates/iiab-remote-off @@ -4,7 +4,7 @@ # do nothing if it is not installed which openvpn if [ $? -ne 0 ]; then - echo Cannot find the openvpn program. + echo Cannot find the OpenVPN program (openvpn). exit 1 fi systemctl disable openvpn@xscenet.service @@ -13,7 +13,7 @@ systemctl stop openvpn@xscenet.service sleep 5 ps -e|grep vpn if [ $? -eq 0 ]; then - echo Openvpn failed to stop. + echo OpenVPN failed to stop. else - echo Successfully stopped and disabled Openvpn + echo Successfully stopped and disabled OpenVPN. fi From dd98f06a7aae34d46d172a50fae3050df8214f5d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 02:38:00 -0400 Subject: [PATCH 16/19] Update iiab-remote-on --- roles/openvpn/templates/iiab-remote-on | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/openvpn/templates/iiab-remote-on b/roles/openvpn/templates/iiab-remote-on index ae8110732..0c1215077 100644 --- a/roles/openvpn/templates/iiab-remote-on +++ b/roles/openvpn/templates/iiab-remote-on @@ -4,7 +4,7 @@ # do nothing if it is not installed which openvpn if [ $? -ne 0 ]; then - echo Cannot find the openvpn program. + echo Cannot find the OpenVPN program (openvpn). exit 1 fi systemctl enable openvpn@xscenet.service @@ -13,7 +13,7 @@ systemctl start openvpn@xscenet.service sleep 5 ping -c 2 10.8.0.1 if [ $? -eq 0 ]; then - echo Openvpn successfully started. + echo OpenVPN successfully started. else - echo Openvpn failed to contact remote server. + echo OpenVPN failed to contact remote server. fi From 79a362ace33cd5fe54384c38eca6c2da48a69cf8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 02:40:33 -0400 Subject: [PATCH 18/19] Update iiab-vpn --- roles/openvpn/templates/iiab-vpn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openvpn/templates/iiab-vpn b/roles/openvpn/templates/iiab-vpn index c3aab24eb..306902c1e 100755 --- a/roles/openvpn/templates/iiab-vpn +++ b/roles/openvpn/templates/iiab-vpn @@ -33,7 +33,7 @@ case $1 in ;; esac -# we'd like for passwords authentication to be turned off +# we'd like for password authentication to be turned off grep -e^PasswordAuthentication.*[Yy]es /etc/ssh/sshd_config PASSWORDS_ENABLED=$? From adc8238fdc8e875b4f3a1f23bdc14ab3c3c4628f Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 29 Apr 2018 04:25:54 -0400 Subject: [PATCH 19/19] #!/bin/sh -> #!/bin/bash for iiab-make-kiwix-lib --- roles/kiwix/templates/iiab-make-kiwix-lib | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/templates/iiab-make-kiwix-lib b/roles/kiwix/templates/iiab-make-kiwix-lib index e7ab98197..ae06bc0cd 100644 --- a/roles/kiwix/templates/iiab-make-kiwix-lib +++ b/roles/kiwix/templates/iiab-make-kiwix-lib @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash {{ systemctl_program }} stop kiwix-serve /usr/bin/iiab-make-kiwix-lib.py