diff --git a/roles/httpd/tasks/html.yml b/roles/httpd/tasks/html.yml
index 8678af22c..d6ea61dc3 100644
--- a/roles/httpd/tasks/html.yml
+++ b/roles/httpd/tasks/html.yml
@@ -1,61 +1,68 @@
- name: Copy css files
- copy: src={{ item }}
- dest={{ doc_root }}/common/css
- mode=0644
- owner=root
- group=root
+ copy:
+ src: "{{ item }}"
+ dest: "{{ doc_root }}/common/css"
+ mode: 0644
+ owner: root
+ group: root
with_fileglob:
- - html/css/*.css
+ - html/css/*.css
- name: Copy js files
- copy: src={{ item }}
- dest={{ doc_root }}/common/js
- mode=0644
- owner=root
- group=root
+ copy:
+ src: "{{ item }}"
+ dest: "{{ doc_root }}/common/js"
+ mode: 0644
+ owner: root
+ group: root
with_fileglob:
- - html/js/*.js
+ - html/js/*.js
- name: Copy fonts files
- copy: src={{ item }}
- dest={{ doc_root }}/common/fonts
- mode=0644
- owner=root
- group=root
+ copy:
+ src: "{{ item }}"
+ dest: "{{ doc_root }}/common/fonts"
+ mode: 0644
+ owner: root
+ group: root
with_fileglob:
- - html/fonts/*
+ - html/fonts/*
- name: Copy html files
- copy: src={{ item }}
- dest={{ doc_root }}/common/html
- mode=0644
- owner=root
- group=root
+ copy:
+ src: "{{ item }}"
+ dest: "{{ doc_root }}/common/html"
+ mode: 0644
+ owner: root
+ group: root
with_fileglob:
- - html/html/*
+ - html/html/*
- name: Copy assets files
- copy: src={{ item }}
- dest={{ doc_root }}/common/assets
- mode=0644
- owner=root
- group=root
+ copy:
+ src: "{{ item }}"
+ dest: "{{ doc_root }}/common/assets"
+ mode: 0644
+ owner: root
+ group: root
with_fileglob:
- - html/assets/*
+ - html/assets/*
# copy all services, even if not permissioned elsewhere
- name: Copy services files
- copy: src={{ item }}
- dest={{ doc_root }}/common/services
- mode=0644
- owner=root
- group=root
+ copy:
+ src: "{{ item }}"
+ dest: "{{ doc_root }}/common/services"
+ mode: 0644
+ owner: root
+ group: root
with_fileglob:
- - html/services/*
+ - html/services/*
- name: Create symlink from assets to iiab.ini
- file: src=/etc/iiab/iiab.ini
- dest={{ doc_root }}/common/assets/iiab.ini
- owner=root
- group=root
- state=link
+ file:
+ src: "/etc/iiab/iiab.ini"
+ dest: "{{ doc_root }}/common/assets/iiab.ini"
+ owner: root
+ group: root
+ state: link
diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml
index 4319e141b..169cc3e14 100644
--- a/roles/httpd/tasks/main.yml
+++ b/roles/httpd/tasks/main.yml
@@ -1,6 +1,7 @@
-- name: Install httpd required packages
- package: name={{ item }}
- state=present
+- name: Install httpd required packages (debian)
+ package:
+ name: "{{ item }}"
+ state: present
with_items:
- apache2
- php{{ php_version }}
@@ -10,17 +11,19 @@
- download
when: is_debian
-- name: Debian changed sqlite name
- package: name=php{{ php_version }}-sqlite
+- name: Debian changed sqlite name (debian-8)
+ package:
+ name: "php{{ php_version }}-sqlite"
when: is_debian and ansible_distribution_major_version == "8"
#- name: Debian changed sqlite name
# package: name=php{{ php_version }}-sqlite3
# when: ansible_local.local_facts.os_ver == "debian-9"
-- name: Install httpd required packages
- package: name={{ item }}
- state=present
+- name: Install httpd required packages (ubuntu)
+ package:
+ name: "{{ item }}"
+ state: present
with_items:
- apache2
- php
@@ -28,9 +31,10 @@
- download
when: is_ubuntu
-- name: Install httpd required packages
- package: name={{ item }}
- state=present
+- name: Install httpd required packages (redhat)
+ package:
+ name: "{{ item }}"
+ state: present
with_items:
- httpd
- php
@@ -40,106 +44,120 @@
- download
when: is_redhat
-- name: Remove the default apache2 config file
- file: path=/etc/apache2/sites-enabled/000-default.conf
- src=/etc/apache2/sites-available/000-default.conf
- state=absent
+- name: Remove the default apache2 config file (debuntu)
+ file:
+ path: /etc/apache2/sites-enabled/000-default.conf
+ src: /etc/apache2/sites-available/000-default.conf
+ state: absent
when: is_debuntu
- name: Create httpd config files
- template: backup=yes
- src={{ item.src }}
- dest={{ item.dest }}
- owner=root
- group=root
- mode={{ item.mode }}
+ template:
+ backup: yes
+ src: "{{ item.src }}"
+ dest: "{{ item.dest }}"
+ owner: root
+ group: root
+ mode: "{{ item.mode }}"
with_items:
- - { src: '010-iiab.conf.j2' , dest: '/etc/{{ apache_config_dir }}/010-iiab.conf', mode: '0755' }
- - { src: 'proxy_ajp.conf.j2' , dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf', mode: '0644' }
- - { src: 'php.ini.j2' , dest: '/etc/php.ini' , mode: '0644' }
+ - { src: '010-iiab.conf.j2' , dest: '/etc/{{ apache_config_dir }}/010-iiab.conf', mode: '0755' }
+ - { src: 'proxy_ajp.conf.j2' , dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf', mode: '0644' }
+ - { src: 'php.ini.j2' , dest: '/etc/php.ini' , mode: '0644' }
# remove symlinks for mpm-event, replace with mpm-prefork
-- name: Remove mpm event links
- file: path=/etc/apache2/mods-enabled/{{ item }}
- state=absent
+- name: Remove mpm event links (debuntu)
+ file:
+ path: "/etc/apache2/mods-enabled/{{ item }}"
+ state: absent
with_items:
- - mpm_event.conf
- - mpm_event.load
+ - mpm_event.conf
+ - mpm_event.load
when: is_debuntu
-- name: Create symlinks for mpm-prefork
- file: path=/etc/apache2/mods-enabled/{{ item }}
- src=/etc/apache2/mods-available/{{ item }}
- state=link
+- name: Create symlinks for mpm-prefork (debuntu)
+ file:
+ path: "/etc/apache2/mods-enabled/{{ item }}"
+ src: "/etc/apache2/mods-available/{{ item }}"
+ state: link
with_items:
- - mpm_prefork.conf
- - mpm_prefork.load
+ - mpm_prefork.conf
+ - mpm_prefork.load
when: is_debuntu
-- name: Turn on mod_proxy
+- name: Turn on mod_proxy (debuntu)
command: a2enmod {{ item }}
with_items:
- - proxy
- - proxy_html
- - headers
- - rewrite
+ - proxy
+ - proxy_html
+ - headers
+ - rewrite
when: is_debuntu
-- name: Create symlinks for enabling our site
- file: path=/etc/apache2/sites-enabled/{{ item }}
- src=/etc/apache2/sites-available/{{ item }}
- state=link
+- name: Create symlinks for enabling our site (debuntu)
+ file:
+ path: "/etc/apache2/sites-enabled/{{ item }}"
+ src: "/etc/apache2/sites-available/{{ item }}"
+ state: link
with_items:
- - 010-iiab.conf
+ - 010-iiab.conf
when: is_debuntu
-- name: Remove the default site container
- file: dest=/etc/apache2/000-default.conf
- state=absent
+- name: Remove the default site container (debuntu)
+ file:
+ dest: /etc/apache2/000-default.conf
+ state: absent
when: is_debuntu
- name: Create http pid dir
- file: path=/var/run/{{ apache_user }}
- mode=0755
- owner=root
- group=root
- state=directory
+ file:
+ path: "/var/run/{{ apache_user }}"
+ mode: 0755
+ owner: root
+ group: root
+ state: directory
- name: Create admin group
- group: name=admin
- state=present
+ group:
+ name: admin
+ state: present
- name: Add apache user to admin group
- user: name={{ apache_user }}
- groups=admin
- state=present
- createhome=no
+ user:
+ name: "{{ apache_user }}"
+ groups: admin
+ state: present
+ createhome: no
- name: Create httpd log dir
- file: path=/var/log/{{ apache_service }}
- mode=0755
- owner={{ apache_user }}
- group={{ apache_user }}
- state=directory
+ file:
+ path: "/var/log/{{ apache_service }}"
+ mode: 0755
+ owner: "{{ apache_user }}"
+ group: "{{ apache_user }}"
+ state: directory
- name: Enable httpd
- service: name={{ apache_service }}
- enabled=yes
+ service:
+ name: "{{ apache_service }}"
+ enabled: yes
- name: Create iiab-info directory
- file: path={{ doc_root }}/info
- mode=0755
- owner={{ apache_user }}
- group={{ apache_user }}
- state=directory
+ file:
+ path: "{{ doc_root }}/info"
+ mode: 0755
+ owner: "{{ apache_user }}"
+ group: "{{ apache_user }}"
+ state: directory
- name: Remove iiab-info.conf
- file: dest=/etc/{{ apache_config_dir }}/iiab-info.conf
- state=absent
+ file:
+ dest: "/etc/{{ apache_config_dir }}/iiab-info.conf"
+ state: absent
-- name: Remove iiab-info.conf symlink
- file: dest=/etc/apache2/sites-enabled/iiab-info.conf
- state=absent
+- name: Remove iiab-info.conf symlink (debuntu)
+ file:
+ dest: /etc/apache2/sites-enabled/iiab-info.conf
+ state: absent
when: is_debuntu
- include_tasks: html.yml
@@ -147,17 +165,20 @@
- base
- name: Place the script to generate homepages
- template: src=refresh-wiki-docs.sh
- dest=/usr/bin/iiab-refresh-wiki-docs
- mode=0755
+ template:
+ src: refresh-wiki-docs.sh
+ dest: /usr/bin/iiab-refresh-wiki-docs
+ mode: 0755
- name: Give apache_user permission for poweroff
- template: src=020_apache_poweroff.j2
- dest=/etc/sudoers.d/020_apache_poweroff
- mode=0755
+ template:
+ src: 020_apache_poweroff.j2
+ dest: /etc/sudoers.d/020_apache_poweroff
+ mode: 0755
when: allow_apache_sudo
- name: Remove apache_user permission for poweroff
- file: dest=/etc/sudoers.d/020_apache_poweroff
- state=absent
+ file:
+ dest: /etc/sudoers.d/020_apache_poweroff
+ state: absent
when: not allow_apache_sudo
diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
index 26b90c3fe..1ad40ffb9 100644
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@@ -8,7 +8,7 @@ nextcloud_url: /nextcloud
nextcloud_prefix: /opt
nextcloud_data_dir: "{{ content_base }}/nextcloud/data"
nextcloud_dl_url: https://download.nextcloud.com/server/releases/
-nextcloud_orig_src_file: latest-12.tar.bz2
+nextcloud_orig_src_file: latest-13.tar.bz2
nextcloud_src_file: nextcloud_{{ nextcloud_orig_src_file }}
# we install on mysql with these setting or those from default_vars, etc.
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 41d3dbcbf..b54fe9669 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -137,10 +137,10 @@
password: "{{ nextcloud_dbpassword }}"
priv: "{{ nextcloud_dbname }}.*:ALL,GRANT"
with_items:
- - "{{ nextcloud_dbhost }}"
- - 127.0.0.1
- - ::1
- - localhost
+ - "{{ nextcloud_dbhost }}"
+ - 127.0.0.1
+ - ::1
+ - localhost
when: mysql_enabled and nextcloud_enabled
diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml
index e78c4dfc5..ce3166b20 100644
--- a/roles/nextcloud/tasks/nextcloud_enabled.yml
+++ b/roles/nextcloud/tasks/nextcloud_enabled.yml
@@ -1,49 +1,54 @@
- # This should go in computed_network.yml, but here for now
+# This should go in computed_network.yml, but here for now
- name: Compute Nextcloud listen ip addr for nextcloud.conf
set_fact:
- nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
+ nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
when: ansible_default_ipv4.network is defined
- name: Enable Nextcloud by copying template to httpd config
- template: src=nextcloud.conf.j2
- dest=/etc/{{ apache_config_dir }}/nextcloud.conf
- owner=root
- group=root
- mode=0644
+ template:
+ src: nextcloud.conf.j2
+ dest: "/etc/{{ apache_config_dir }}/nextcloud.conf"
+ owner: root
+ group: root
+ mode: 0644
when: nextcloud_enabled
-- name: Enable Nextcloud
- file: path=/etc/apache2/sites-enabled/nextcloud.conf
- src=/etc/apache2/sites-available/nextcloud.conf
- state=link
+- name: Enable Nextcloud (debuntu)
+ file:
+ path: /etc/apache2/sites-enabled/nextcloud.conf
+ src: /etc/apache2/sites-available/nextcloud.conf
+ state: link
when: nextcloud_enabled and is_debuntu
-- name: For redhat, remove the config file
- file: path=/etc/{{ apache_config_dir }}/nextcloud.conf
- state=absent
+- name: Remove the config file if not nextcloud_enabled (redhat)
+ file:
+ path: "/etc/{{ apache_config_dir }}/nextcloud.conf"
+ state: absent
when: not nextcloud_enabled and is_redhat
- name: Restart Apache, so it picks up the new aliases
- service: name={{ apache_service }} state=restarted
+ service:
+ name: "{{ apache_service }}"
+ state: restarted
# the install wizard does not succeed if already installed
- name: Determine if Nextcloud is installed
shell: >
- sudo -u {{ apache_user }} php
- '{{ nextcloud_prefix }}/nextcloud/occ' status |
- gawk '/installed:/ { print $3 }'
+ sudo -u {{ apache_user }} php
+ '{{ nextcloud_prefix }}/nextcloud/occ' status |
+ gawk '/installed:/ { print $3 }'
register: returned
- name: Run Nextcloud initial install wizard
shell: >
- cd {{ nextcloud_prefix }}/nextcloud;
- sudo -u {{ apache_user }} php occ maintenance:install
- --database "mysql"
- --database-name "{{ nextcloud_dbname }}"
- --database-user "{{ nextcloud_dbuser }}"
- --database-pass "{{ nextcloud_dbpassword }}"
- --admin-user "{{ nextcloud_admin_user }}"
- --admin-pass "{{ nextcloud_admin_password }}"
+ cd {{ nextcloud_prefix }}/nextcloud;
+ sudo -u {{ apache_user }} php occ maintenance:install
+ --database "mysql"
+ --database-name "{{ nextcloud_dbname }}"
+ --database-user "{{ nextcloud_dbuser }}"
+ --database-pass "{{ nextcloud_dbpassword }}"
+ --admin-user "{{ nextcloud_admin_user }}"
+ --admin-pass "{{ nextcloud_admin_password }}"
when: nextcloud_enabled and returned.stdout == "false"
- name: Allow access from all hosts and ips
@@ -54,22 +59,23 @@
- name: Determine if Nextcloud user exists already
shell: >
- sudo -u {{ apache_user }} php
- '{{ nextcloud_prefix }}/nextcloud/occ' user:list |
- grep {{ nextcloud_user }} | wc | cut -d' ' -f1
+ sudo -u {{ apache_user }} php
+ '{{ nextcloud_prefix }}/nextcloud/occ' user:list |
+ grep {{ nextcloud_user }} | wc | cut -d' ' -f1
register: returned_count
# nextcloud wants to make users rather than just mysql users and not done
- name: Create the default user
shell: >
- su -s /bin/sh {{ apache_user }} -c
- 'OC_PASS={{ nextcloud_user_password }};
- php {{ nextcloud_prefix }}/nextcloud/occ user:add
- --password-from-env --display-name={{ nextcloud_user }}
- --group="users" {{ nextcloud_user }}'
+ su -s /bin/sh {{ apache_user }} -c
+ 'OC_PASS={{ nextcloud_user_password }};
+ php {{ nextcloud_prefix }}/nextcloud/occ user:add
+ --password-from-env --display-name={{ nextcloud_user }}
+ --group="users" {{ nextcloud_user }}'
when: nextcloud_enabled and returned_count == "0"
- name: Remove Rewrite URL
- lineinfile: regexp='overwrite.cli.url'
- state=absent
- dest="{{ nextcloud_prefix }}/nextcloud/config/config.php"
+ lineinfile:
+ regexp: "overwrite.cli.url"
+ state: absent
+ dest: "{{ nextcloud_prefix }}/nextcloud/config/config.php"
diff --git a/scripts/ansible b/scripts/ansible
index 94ebce04e..4861545eb 100755
--- a/scripts/ansible
+++ b/scripts/ansible
@@ -3,7 +3,7 @@
# Installs or upgrades to the best possible Ansible release, so iiab-install
# can proceed. Ensure you're online before running this script!
-GOOD_VER="2.4.2" # Ansible version for OLPC, for pip.
+GOOD_VER="2.4.3" # Ansible version for OLPC, for pip.
# On other OS's we install/upgrade to the latest Ansible.
# Pin all to 2.4.x in future, if really/truly nec?
CURR_VER="undefined"
@@ -20,7 +20,7 @@ if ! which ansible-playbook ; then
yum -y install ca-certificates nss epel-release
yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python
yum -y install python-pip python-setuptools python-wheel patch
- yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.2.0-1.el7.ans.noarch.rpm
+ yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.3.0-1.el7.ans.noarch.rpm
# FOUND="true"
# FAMILY="redhat"
# elif [ -f /etc/fedora-release ]; then