Merge pull request #56 from iiab/master

sync from iiab/iiab

roles/httpd/tasks/html.yml

@@ -1,61 +1,68 @@
 - name: Copy css files
-  copy: src={{ item }}
-        dest={{ doc_root }}/common/css
-        mode=0644
-        owner=root
-        group=root
+  copy:
+    src: "{{ item }}"
+    dest: "{{ doc_root }}/common/css"
+    mode: 0644
+    owner: root
+    group: root
   with_fileglob:
-        - html/css/*.css
+    - html/css/*.css
 
 - name: Copy js files
-  copy: src={{ item }}
-        dest={{ doc_root }}/common/js
-        mode=0644
-        owner=root
-        group=root
+  copy:
+    src: "{{ item }}"
+    dest: "{{ doc_root }}/common/js"
+    mode: 0644
+    owner: root
+    group: root
   with_fileglob:
-        - html/js/*.js
+    - html/js/*.js
 
 - name: Copy fonts files
-  copy: src={{ item }}
-        dest={{ doc_root }}/common/fonts
-        mode=0644
-        owner=root
-        group=root
+  copy:
+    src: "{{ item }}"
+    dest: "{{ doc_root }}/common/fonts"
+    mode: 0644
+    owner: root
+    group: root
   with_fileglob:
-        - html/fonts/*
+    - html/fonts/*
 
 - name: Copy html files
-  copy: src={{ item }}
-        dest={{ doc_root }}/common/html
-        mode=0644
-        owner=root
-        group=root
+  copy:
+    src: "{{ item }}"
+    dest: "{{ doc_root }}/common/html"
+    mode: 0644
+    owner: root
+    group: root
   with_fileglob:
-        - html/html/*
+    - html/html/*
 
 - name: Copy assets files
-  copy: src={{ item }}
-        dest={{ doc_root }}/common/assets
-        mode=0644
-        owner=root
-        group=root
+  copy:
+    src: "{{ item }}"
+    dest: "{{ doc_root }}/common/assets"
+    mode: 0644
+    owner: root
+    group: root
   with_fileglob:
-        - html/assets/*
+    - html/assets/*
 
 # copy all services, even if not permissioned elsewhere
 - name: Copy services files
-  copy: src={{ item }}
-        dest={{ doc_root }}/common/services
-        mode=0644
-        owner=root
-        group=root
+  copy:
+    src: "{{ item }}"
+    dest: "{{ doc_root }}/common/services"
+    mode: 0644
+    owner: root
+    group: root
   with_fileglob:
-        - html/services/*
+    - html/services/*
 
 - name: Create symlink from assets to iiab.ini
-  file: src=/etc/iiab/iiab.ini
-        dest={{ doc_root }}/common/assets/iiab.ini
-        owner=root
-        group=root
-        state=link
+  file:
+    src: "/etc/iiab/iiab.ini"
+    dest: "{{ doc_root }}/common/assets/iiab.ini"
+    owner: root
+    group: root
+    state: link

roles/httpd/tasks/main.yml

@@ -1,6 +1,7 @@
-- name: Install httpd required packages
-  package: name={{ item }}
-           state=present
+- name: Install httpd required packages (debian)
+  package:
+    name: "{{ item }}"
+    state: present
   with_items:
     - apache2
     - php{{ php_version }}
@@ -10,17 +11,19 @@
     - download
   when: is_debian
 
-- name: Debian changed sqlite name
-  package: name=php{{ php_version }}-sqlite
+- name: Debian changed sqlite name (debian-8)
+  package:
+    name: "php{{ php_version }}-sqlite"
   when: is_debian and ansible_distribution_major_version == "8"
 
 #- name: Debian changed sqlite name
 #  package: name=php{{ php_version }}-sqlite3
 #  when: ansible_local.local_facts.os_ver == "debian-9"
 
--  name: Install httpd required packages
-   package: name={{ item }}
-            state=present
+-  name: Install httpd required packages (ubuntu)
+   package:
+     name: "{{ item }}"
+     state: present
    with_items:
      - apache2
      - php
@@ -28,9 +31,10 @@
      - download
    when: is_ubuntu
 
-- name: Install httpd required packages
-  package: name={{ item }}
-           state=present
+- name: Install httpd required packages (redhat)
+  package:
+    name: "{{ item }}"
+    state: present
   with_items:
     - httpd
     - php
@@ -40,106 +44,120 @@
     - download
   when: is_redhat
 
-- name: Remove the default apache2 config file
-  file: path=/etc/apache2/sites-enabled/000-default.conf
-        src=/etc/apache2/sites-available/000-default.conf
-        state=absent
+- name: Remove the default apache2 config file (debuntu)
+  file:
+    path: /etc/apache2/sites-enabled/000-default.conf
+    src: /etc/apache2/sites-available/000-default.conf
+    state: absent
   when: is_debuntu
 
 - name: Create httpd config files
-  template: backup=yes
-            src={{ item.src }}
-            dest={{ item.dest }}
-            owner=root
-            group=root
-            mode={{ item.mode }}
+  template:
+    backup: yes
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    owner: root
+    group: root
+    mode: "{{ item.mode }}"
   with_items:
-      - { src: '010-iiab.conf.j2' , dest: '/etc/{{ apache_config_dir }}/010-iiab.conf', mode: '0755' }
-      - { src: 'proxy_ajp.conf.j2' , dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf', mode: '0644' }
-      - { src: 'php.ini.j2' , dest: '/etc/php.ini' , mode: '0644' }
+    - { src: '010-iiab.conf.j2' , dest: '/etc/{{ apache_config_dir }}/010-iiab.conf', mode: '0755' }
+    - { src: 'proxy_ajp.conf.j2' , dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf', mode: '0644' }
+    - { src: 'php.ini.j2' , dest: '/etc/php.ini' , mode: '0644' }
 
 # remove symlinks for mpm-event, replace with mpm-prefork
-- name: Remove mpm event links
-  file: path=/etc/apache2/mods-enabled/{{ item }}
-        state=absent
+- name: Remove mpm event links (debuntu)
+  file:
+    path: "/etc/apache2/mods-enabled/{{ item }}"
+    state: absent
   with_items:
-      - mpm_event.conf
-      - mpm_event.load
+    - mpm_event.conf
+    - mpm_event.load
   when: is_debuntu
 
-- name: Create symlinks for mpm-prefork
-  file: path=/etc/apache2/mods-enabled/{{ item }}
-        src=/etc/apache2/mods-available/{{ item }}
-        state=link
+- name: Create symlinks for mpm-prefork (debuntu)
+  file:
+    path: "/etc/apache2/mods-enabled/{{ item }}"
+    src: "/etc/apache2/mods-available/{{ item }}"
+    state: link
   with_items:
-      - mpm_prefork.conf
-      - mpm_prefork.load
+    - mpm_prefork.conf
+    - mpm_prefork.load
   when: is_debuntu
 
-- name: Turn on mod_proxy
+- name: Turn on mod_proxy (debuntu)
   command: a2enmod {{ item }}
   with_items:
-     - proxy
-     - proxy_html
-     - headers
-     - rewrite
+    - proxy
+    - proxy_html
+    - headers
+    - rewrite
   when: is_debuntu
 
-- name: Create symlinks for enabling our site
-  file: path=/etc/apache2/sites-enabled/{{ item }}
-        src=/etc/apache2/sites-available/{{ item }}
-        state=link
+- name: Create symlinks for enabling our site (debuntu)
+  file:
+    path: "/etc/apache2/sites-enabled/{{ item }}"
+    src: "/etc/apache2/sites-available/{{ item }}"
+    state: link
   with_items:
-      - 010-iiab.conf
+    - 010-iiab.conf
   when: is_debuntu
 
-- name: Remove the default site container
-  file: dest=/etc/apache2/000-default.conf
-        state=absent
+- name: Remove the default site container (debuntu)
+  file:
+    dest: /etc/apache2/000-default.conf
+    state: absent
   when: is_debuntu
 
 - name: Create http pid dir
-  file: path=/var/run/{{ apache_user }}
-        mode=0755
-        owner=root
-        group=root
-        state=directory
+  file:
+    path: "/var/run/{{ apache_user }}"
+    mode: 0755
+    owner: root
+    group: root
+    state: directory
 
 - name: Create admin group
-  group: name=admin
-         state=present
+  group:
+    name: admin
+    state: present
 
 - name: Add apache user to admin group
-  user: name={{ apache_user }}
-        groups=admin
-        state=present
-        createhome=no
+  user:
+    name: "{{ apache_user }}"
+    groups: admin
+    state: present
+    createhome: no
 
 - name: Create httpd log dir
-  file: path=/var/log/{{ apache_service }}
-        mode=0755
-        owner={{ apache_user }}
-        group={{ apache_user }}
-        state=directory
+  file:
+    path: "/var/log/{{ apache_service }}"
+    mode: 0755
+    owner: "{{ apache_user }}"
+    group: "{{ apache_user }}"
+    state: directory
 
 - name: Enable httpd
-  service: name={{ apache_service }}
-           enabled=yes
+  service:
+    name: "{{ apache_service }}"
+    enabled: yes
 
 - name: Create iiab-info directory
-  file: path={{ doc_root }}/info
-        mode=0755
-        owner={{ apache_user }}
-        group={{ apache_user }}
-        state=directory
+  file:
+    path: "{{ doc_root }}/info"
+    mode: 0755
+    owner: "{{ apache_user }}"
+    group: "{{ apache_user }}"
+    state: directory
 
 - name: Remove iiab-info.conf
-  file: dest=/etc/{{ apache_config_dir }}/iiab-info.conf
-        state=absent
+  file:
+    dest: "/etc/{{ apache_config_dir }}/iiab-info.conf"
+    state: absent
 
-- name: Remove iiab-info.conf symlink
-  file: dest=/etc/apache2/sites-enabled/iiab-info.conf
-        state=absent
+- name: Remove iiab-info.conf symlink (debuntu)
+  file:
+    dest: /etc/apache2/sites-enabled/iiab-info.conf
+    state: absent
   when: is_debuntu
 
 - include_tasks: html.yml
@@ -147,17 +165,20 @@
     - base
 
 - name: Place the script to generate homepages
-  template: src=refresh-wiki-docs.sh
-            dest=/usr/bin/iiab-refresh-wiki-docs
-            mode=0755
+  template:
+    src: refresh-wiki-docs.sh
+    dest: /usr/bin/iiab-refresh-wiki-docs
+    mode: 0755
 
 - name: Give apache_user permission for poweroff
-  template: src=020_apache_poweroff.j2
-            dest=/etc/sudoers.d/020_apache_poweroff
-            mode=0755
+  template:
+    src: 020_apache_poweroff.j2
+    dest: /etc/sudoers.d/020_apache_poweroff
+    mode: 0755
   when: allow_apache_sudo
 
 - name: Remove apache_user permission for poweroff
-  file: dest=/etc/sudoers.d/020_apache_poweroff
-        state=absent
+  file:
+    dest: /etc/sudoers.d/020_apache_poweroff
+    state: absent
   when: not allow_apache_sudo

roles/nextcloud/defaults/main.yml

@@ -8,7 +8,7 @@ nextcloud_url: /nextcloud
 nextcloud_prefix: /opt
 nextcloud_data_dir: "{{ content_base }}/nextcloud/data"
 nextcloud_dl_url: https://download.nextcloud.com/server/releases/
-nextcloud_orig_src_file: latest-12.tar.bz2
+nextcloud_orig_src_file: latest-13.tar.bz2
 nextcloud_src_file: nextcloud_{{ nextcloud_orig_src_file }}
 
 # we install on mysql with these setting or those from default_vars, etc.

roles/nextcloud/tasks/main.yml

@@ -137,10 +137,10 @@
     password: "{{ nextcloud_dbpassword }}"
     priv: "{{ nextcloud_dbname }}.*:ALL,GRANT"
   with_items:
-        - "{{ nextcloud_dbhost }}"
-        - 127.0.0.1
-        - ::1
-        - localhost
+    - "{{ nextcloud_dbhost }}"
+    - 127.0.0.1
+    - ::1
+    - localhost
   when: mysql_enabled and nextcloud_enabled
 
 

roles/nextcloud/tasks/nextcloud_enabled.yml

@@ -1,49 +1,54 @@
- # This should go in computed_network.yml, but here for now
+# This should go in computed_network.yml, but here for now
 - name: Compute Nextcloud listen ip addr for nextcloud.conf
   set_fact:
-     nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
+    nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
   when: ansible_default_ipv4.network is defined
 
 - name: Enable Nextcloud by copying template to httpd config
-  template: src=nextcloud.conf.j2
-            dest=/etc/{{ apache_config_dir }}/nextcloud.conf
-            owner=root
-            group=root
-            mode=0644
+  template:
+    src: nextcloud.conf.j2
+    dest: "/etc/{{ apache_config_dir }}/nextcloud.conf"
+    owner: root
+    group: root
+    mode: 0644
   when: nextcloud_enabled
 
-- name: Enable Nextcloud
-  file: path=/etc/apache2/sites-enabled/nextcloud.conf
-        src=/etc/apache2/sites-available/nextcloud.conf
-        state=link
+- name: Enable Nextcloud (debuntu)
+  file:
+    path: /etc/apache2/sites-enabled/nextcloud.conf
+    src: /etc/apache2/sites-available/nextcloud.conf
+    state: link
   when: nextcloud_enabled and is_debuntu
 
-- name: For redhat, remove the config file
-  file: path=/etc/{{ apache_config_dir }}/nextcloud.conf
-        state=absent
+- name: Remove the config file if not nextcloud_enabled (redhat)
+  file:
+    path: "/etc/{{ apache_config_dir }}/nextcloud.conf"
+    state: absent
   when: not nextcloud_enabled and is_redhat
 
 - name: Restart Apache, so it picks up the new aliases
-  service: name={{ apache_service }} state=restarted
+  service:
+    name: "{{ apache_service }}"
+    state: restarted
 
 # the install wizard does not succeed if already installed
 - name: Determine if Nextcloud is installed
   shell: >
-         sudo -u {{ apache_user }} php
-         '{{ nextcloud_prefix }}/nextcloud/occ' status |
-         gawk '/installed:/ { print $3 }'
+    sudo -u {{ apache_user }} php
+    '{{ nextcloud_prefix }}/nextcloud/occ' status |
+    gawk '/installed:/ { print $3 }'
   register: returned
 
 - name: Run Nextcloud initial install wizard
   shell: >
-         cd {{ nextcloud_prefix }}/nextcloud;
-         sudo -u {{ apache_user }}  php occ maintenance:install
-         --database "mysql"
-         --database-name "{{ nextcloud_dbname }}"
-         --database-user "{{ nextcloud_dbuser }}"
-         --database-pass "{{ nextcloud_dbpassword }}"
-         --admin-user "{{ nextcloud_admin_user }}"
-         --admin-pass "{{ nextcloud_admin_password }}"
+    cd {{ nextcloud_prefix }}/nextcloud;
+    sudo -u {{ apache_user }} php occ maintenance:install
+    --database "mysql"
+    --database-name "{{ nextcloud_dbname }}"
+    --database-user "{{ nextcloud_dbuser }}"
+    --database-pass "{{ nextcloud_dbpassword }}"
+    --admin-user "{{ nextcloud_admin_user }}"
+    --admin-pass "{{ nextcloud_admin_password }}"
   when: nextcloud_enabled and returned.stdout == "false"
 
 - name: Allow access from all hosts and ips
@@ -54,22 +59,23 @@
 
 - name: Determine if Nextcloud user exists already
   shell: >
-         sudo -u {{ apache_user }} php
-         '{{ nextcloud_prefix }}/nextcloud/occ' user:list |
-         grep {{ nextcloud_user }} | wc | cut -d' ' -f1
+    sudo -u {{ apache_user }} php
+    '{{ nextcloud_prefix }}/nextcloud/occ' user:list |
+    grep {{ nextcloud_user }} | wc | cut -d' ' -f1
   register: returned_count
 
 # nextcloud wants to make users rather than just mysql users and not done
 - name: Create the default user
   shell: >
-        su -s /bin/sh {{ apache_user }} -c
-        'OC_PASS={{ nextcloud_user_password }};
-        php {{ nextcloud_prefix }}/nextcloud/occ user:add
-        --password-from-env --display-name={{ nextcloud_user }}
-        --group="users" {{ nextcloud_user }}'
+    su -s /bin/sh {{ apache_user }} -c
+    'OC_PASS={{ nextcloud_user_password }};
+    php {{ nextcloud_prefix }}/nextcloud/occ user:add
+    --password-from-env --display-name={{ nextcloud_user }}
+    --group="users" {{ nextcloud_user }}'
   when: nextcloud_enabled and returned_count == "0"
 
 - name: Remove Rewrite URL
-  lineinfile: regexp='overwrite.cli.url'
-              state=absent
-              dest="{{ nextcloud_prefix }}/nextcloud/config/config.php"
+  lineinfile:
+    regexp: "overwrite.cli.url"
+    state: absent
+    dest: "{{ nextcloud_prefix }}/nextcloud/config/config.php"

scripts/ansible

@@ -3,7 +3,7 @@
 # Installs or upgrades to the best possible Ansible release, so iiab-install
 # can proceed.  Ensure you're online before running this script!
 
-GOOD_VER="2.4.2"      # Ansible version for OLPC, for pip.
+GOOD_VER="2.4.3"      # Ansible version for OLPC, for pip.
                       # On other OS's we install/upgrade to the latest Ansible.
                       # Pin all to 2.4.x in future, if really/truly nec?
 CURR_VER="undefined"
@@ -20,7 +20,7 @@ if ! which ansible-playbook ; then
         yum -y install ca-certificates nss epel-release
         yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python
         yum -y install python-pip python-setuptools python-wheel patch
-        yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.2.0-1.el7.ans.noarch.rpm
+        yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.3.0-1.el7.ans.noarch.rpm
         # FOUND="true"
         # FAMILY="redhat"
 #    elif [ -f /etc/fedora-release ]; then