diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 4668be835..b94404814 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,8 +1,14 @@ -# Assessment and Monitoring Tools +# Administration and Monitoring/Assessment Tools - name: ...IS BEGINNING ====================================== command: echo +- name: TRANSMISSION + include_role: + name: transmission + when: transmission_install + tags: transmission + - name: AWSTATS include_role: name: awstats diff --git a/roles/calibre-web/README.rst b/roles/calibre-web/README.rst index 3b2efca1a..3ce5241f5 100644 --- a/roles/calibre-web/README.rst +++ b/roles/calibre-web/README.rst @@ -92,11 +92,21 @@ Known Issues * Trying to access an empty public bookshelf causes a system error. +* It's sometime impossible to set the language of an e-book: `#1040 `_ + `janeczku/calibre-web#593 `_ + * As of August 2018, calibre-web doesn't yet include Calibre's e-book conversion functionality (e.g. Calibre 3.27.1 [released 2018-07-06] allows teachers to convert between PDF, epub, txt etc — to permit reading on a wider array client devices and client software). +* http://192.168.0.x:8083 does not work, as a result of `iptables `_, + even when ``services_externally_visible: true``. This is fixable, but perhaps + it's not a priority, as {http://192.168.0.x/books, http://box/books, etc} URL's + all work. + * calibre-web does not currently use version numbers, so glitches might - occasionally arise using its master branch. Please assist us in reporting - issues here, if they do arise: https://github.com/janeczku/calibre-web/issues + occasionally arise using its master branch. + +* *Please assist us in reporting serious issues here:* + https://github.com/janeczku/calibre-web/issues diff --git a/roles/network/templates/gateway/iiab-gen-iptables b/roles/network/templates/gateway/iiab-gen-iptables index 812fe1b39..fdd91f56d 100755 --- a/roles/network/templates/gateway/iiab-gen-iptables +++ b/roles/network/templates/gateway/iiab-gen-iptables @@ -58,6 +58,8 @@ calibre_port={{ calibre_port }} kiwix_port={{ kiwix_port }} kalite_server_port={{ kalite_server_port }} kolibri_http_port={{ kolibri_http_port }} +transmission_http_port={{ transmission_http_port }} +transmission_peer_port={{ transmission_peer_port }} sugarizer_port={{ sugarizer_port }} block_DNS={{ block_DNS }} captive_portal_enabled={{ captive_portal_enabled }} @@ -94,6 +96,8 @@ if [ "$services_externally_visible" == "True" ]; then $IPTABLES -A INPUT -p tcp --dport $kolibri_http_port -m state --state NEW -i $wan -j ACCEPT $IPTABLES -A INPUT -p tcp --dport $calibre_port -m state --state NEW -i $wan -j ACCEPT $IPTABLES -A INPUT -p tcp --dport $sugarizer_port -m state --state NEW -i $wan -j ACCEPT + $IPTABLES -A INPUT -p tcp --dport $transmission_http_port -m state --state NEW -i $wan -j ACCEPT + $IPTABLES -A INPUT -p tcp --dport $transmission_peer_port -m state --state NEW -i $wan -j ACCEPT fi if [ "$iiab_gateway_enabled" == "True" ]; then diff --git a/roles/transmission/README.rst b/roles/transmission/README.rst new file mode 100644 index 000000000..5f751a667 --- /dev/null +++ b/roles/transmission/README.rst @@ -0,0 +1,86 @@ +=================== +Transmission README +=================== + +Transmission is a set of lightweight BitTorrent clients (in GUI, CLI and daemon form). All these incarnations feature a very simple and intuitive interface, on top on an efficient, cross-platform backend: https://transmissionbt.com + +Transmission is intended to download KA Lite content to Internet-in-a-Box (IIAB) from places like http://pantry.learningequality.org/downloads/ka-lite/0.17/content/ — and also to seed content, assisting others. + +For example, once KA Lite videos and thumbnails are confirmed downloaded, copy them (carefully!) from ``/library/transmission`` into ``/library/ka-lite/content`` as outlined by "KA Lite Administration: What tips & tricks exist?" at http://FAQ.IIAB.IO + +Caution +------- + +Usage of Transmission consumes significant Internet data and system resources. +Caveat emptor! (That's Latin for "Buyer Beware") + +Using It +-------- + +Install Transmission by setting 'transmission_install' and 'transmission_enabled' to True in /etc/iiab/local_vars.yml and then running:: + + cd /opt/iiab/iiab + ./runrole transmission + ./iiab-network + +Or if you prefer a complete reinstall of IIAB:: + + cd /opt/iiab/iiab + ./iiab-install --reinstall + +Login to Transmission's web interface http://box:9091 using administrative account:: + + Username: Admin + Password: changeme + +Alternatively, you can run ``transmission-remote`` at the command-line. + +Configuration +------------- + +Configure Transmission using its web interface: http://box:9091 + +More settings can be changed within /etc/transmission-daemon/settings.json if you first ensure that the transmission-daemon.service is stopped:: + + systemctl stop transmission-daemon + +Then edit the file:: + + nano /etc/transmission-daemon/settings.json + +Here are some short explanations, as to what those 70+ variables mean: https://github.com/transmission/transmission/wiki/Editing-Configuration-Files + +After saving your changes in 'settings.json' restart Transmission by running:: + + systemctl restart transmission-daemon + +Adding Torrents +--------------- + +Transmission can facilitate provisioning content onto your IIAB, e.g. by adding thousands of KA Lite videos from places like: http://pantry.learningequality.org/downloads/ka-lite/0.17/content/ + +Please read the lettered instructions (A, B, C, D) in /etc/iiab/local_vars.yml and 'KA Lite Administration: What tips & tricks exist?' at http://FAQ.IIAB.IO outlining how to use Transmission to download and then install KA Lite content. + +You can also download other torrents using Transmission's web interface, or by typing 'transmission-remote' at the command-line:: + + transmission-remote -a + +Known Issues +------------ + +* Default Transmission user/group may need fixing (https://github.com/transmission/transmission/issues/537). You can set Ansible variables 'transmission_user' and 'transmission_group' e.g. in /opt/iiab/iiab/roles/transmission/defaults/main.yml (you might need 'User=' and 'Group=' in systemd unit file /lib/systemd/system/transmission-daemon.service — both might need to be set to 'debian-transmission' — if so 'systemctl daemon-reload' then 'systemctl restart transmission-daemon'). + +* Random Ports: Currently it is not possible to use random ports in the range 49152-65535. It is difficult to open multiple ports in IIAB's iptables-based firewall. + +Troubleshooting +--------------- + +Verify that transmission-daemon is running:: + + systemctl status transmission-daemon + +Re-check that Transmission's settings are correct here: (by following the instructions above, under 'Configuration') + +:: + + /etc/transmission-daemon/settings.json diff --git a/roles/transmission/defaults/main.yml b/roles/transmission/defaults/main.yml new file mode 100644 index 000000000..9e964accf --- /dev/null +++ b/roles/transmission/defaults/main.yml @@ -0,0 +1,41 @@ +# The values here are defaults. +# To override them edit /etc/iiab/local_vars.yml + +# Installation Variables +transmission_install: False +transmission_enabled: False + +# Transmission download directory & general owner/group +transmission_download_dir: "{{ content_base }}/transmission/" # /library/transmission/ +transmission_user: debian-transmission +transmission_group: root + +# Monitor downloads at http://box:9091 or http://box:9091/transmission using Admin/changeme +transmission_http_port: 9091 +transmission_url : "/transmission/" +transmission_peer_port: 51413 + +# Provision Transmission with torrent(s) from http://pantry.learningequality.org/downloads/ka-lite/0.17/content/ +transmission_provision: True +transmission_kalite_version: 0.17 + +# A. Uncomment language(s) in /etc/iiab/local_vars.yml to download KA Lite videos to /library/transmission +transmission_kalite_languages: + - english + #- french + #- hindi + #- portugal-portuguese + #- brazilian-portuguese + #- spanish + #- swahili +# B. Monitor BitTorrent downloads at http://box:9091 using Admin/changeme +# until the download is confirmed complete (can take hours or days!) +# C. Carefully move all videos/thumbnails into /library/ka-lite/content +# (DO NOT OVERWRITE SUBFOLDERS assessment, locale, srt !) +# D. Log in to KA Lite at http://box:8008/updates/videos/ using Admin/changeme +# then click "Scan content folder for videos" (can take many minutes!) +# E. READ "KA Lite Administration: What tips & tricks exist?" AT http://FAQ.IIAB.IO + +# Transmission administrative account +transmission_username: Admin +transmission_password: changeme diff --git a/roles/transmission/tasks/main.yml b/roles/transmission/tasks/main.yml new file mode 100644 index 000000000..6bb907551 --- /dev/null +++ b/roles/transmission/tasks/main.yml @@ -0,0 +1,92 @@ +- name: Install packages transmission-daemon and transmission-cli + package: + name: "{{ item }}" + state: present + with_items: + - transmission-daemon + - transmission-cli + +- name: Create /library/transmission download directory + file: + path: "{{ transmission_download_dir }}" + owner: "{{ transmission_user }}" + group: "{{ transmission_group }}" + mode: 0755 + state: directory + +- name: Stop transmission-daemon before modifying its settings + systemd: + name: transmission-daemon + state: stopped + ignore_errors: yes + +- name: Create transmission-daemon settings + template: + src: settings.json.j2 + dest: /etc/transmission-daemon/settings.json + mode: 0644 + owner: "{{ transmission_user }}" + group: "{{ transmission_group }}" + +- name: Enable and Restart transmission-daemon service + systemd: + name: transmission-daemon + daemon_reload: yes + enabled: yes + state: restarted + when: transmission_enabled + +- name: Add KA Lite torrent(s) to transmission-daemon's queue + shell: > + /usr/bin/transmission-remote + -n {{ transmission_username }}:{{ transmission_password }} + -a http://pantry.learningequality.org/downloads/ka-lite/{{ transmission_kalite_version }}/content/ka-lite-0.17-resized-videos-{{ item }}.torrent + with_items: "{{ transmission_kalite_languages }}" + ignore_errors: yes + when: transmission_provision + +- name: Disable transmission-daemon service + systemd: + name: transmission-daemon + daemon_reload: yes + enabled: no + state: stopped + when: not transmission_enabled + +- name: Add transmission to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: transmission + option: "{{ item.option }}" + value: "{{ item.value }}" + with_items: + - option: name + value: transmission + - option: description + value: '"Transmission is a set of lightweight BitTorrent clients (in GUI, CLI and daemon form)."' + - option: transmission_install + value: "{{ transmission_install }}" + - option: transmission_enabled + value: "{{ transmission_enabled }}" + - option: transmission_download_dir + value: "{{ transmission_download_dir }}" + - option: transmission_user + value: "{{ transmission_user }}" + - option: transmission_group + value: "{{ transmission_group }}" + - option: transmission_http_port + value: "{{ transmission_http_port }}" + - option: transmission_url + value: "{{ transmission_url }}" + - option: transmission_peer_port + value: "{{ transmission_peer_port }}" + - option: transmission_provision + value: "{{ transmission_provision }}" + - option: transmission_kalite_version + value: "{{ transmission_kalite_version }}" + - option: transmission_kalite_languages + value: "{{ transmission_kalite_languages }}" + - option: transmission_username + value: "{{ transmission_username }}" + - option: transmission_password + value: "{{ transmission_password }}" diff --git a/roles/transmission/templates/settings.json.j2 b/roles/transmission/templates/settings.json.j2 new file mode 100644 index 000000000..8e62d0e6f --- /dev/null +++ b/roles/transmission/templates/settings.json.j2 @@ -0,0 +1,73 @@ +{ + "alt-speed-down": 50, + "alt-speed-enabled": false, + "alt-speed-time-begin": 540, + "alt-speed-time-day": 127, + "alt-speed-time-enabled": false, + "alt-speed-time-end": 1020, + "alt-speed-up": 50, + "bind-address-ipv4": "0.0.0.0", + "bind-address-ipv6": "::", + "blocklist-enabled": false, + "blocklist-url": "http://www.example.com/blocklist", + "cache-size-mb": 4, + "dht-enabled": true, + "download-dir": "{{ transmission_download_dir }}", + "download-limit": 100, + "download-limit-enabled": 0, + "download-queue-enabled": true, + "download-queue-size": 5, + "encryption": 1, + "idle-seeding-limit": 30, + "idle-seeding-limit-enabled": false, + "incomplete-dir": "/var/lib/transmission-daemon/Downloads", + "incomplete-dir-enabled": false, + "lpd-enabled": false, + "max-peers-global": 200, + "message-level": 1, + "peer-congestion-algorithm": "", + "peer-id-ttl-hours": 6, + "peer-limit-global": 200, + "peer-limit-per-torrent": 50, + "peer-port": {{ transmission_peer_port }}, + "peer-port-random-high": 65535, + "peer-port-random-low": 49152, + "peer-port-random-on-start": false, + "peer-socket-tos": "default", + "pex-enabled": true, + "port-forwarding-enabled": false, + "preallocation": 1, + "prefetch-enabled": true, + "queue-stalled-enabled": true, + "queue-stalled-minutes": 30, + "ratio-limit": 2, + "ratio-limit-enabled": false, + "rename-partial-files": true, + "rpc-authentication-required": true, + "rpc-bind-address": "0.0.0.0", + "rpc-enabled": true, + "rpc-host-whitelist": "", + "rpc-host-whitelist-enabled": false, + "rpc-password": "{{ transmission_password }}", + "rpc-port": {{ transmission_http_port }}, + "rpc-url": "{{ transmission_url }}", + "rpc-username": "{{ transmission_username }}", + "rpc-whitelist": "127.0.0.1,192.168.*.*,172.18.96.*,10.8.0.*", + "rpc-whitelist-enabled": false, + "scrape-paused-torrents-enabled": true, + "script-torrent-done-enabled": false, + "script-torrent-done-filename": "", + "seed-queue-enabled": false, + "seed-queue-size": 10, + "speed-limit-down": 100, + "speed-limit-down-enabled": false, + "speed-limit-up": 100, + "speed-limit-up-enabled": false, + "start-added-torrents": true, + "trash-original-torrent-files": false, + "umask": 18, + "upload-limit": 100, + "upload-limit-enabled": 0, + "upload-slots-per-torrent": 14, + "utp-enabled": true +} diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4654ae3e0..e2d00699c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -259,26 +259,29 @@ idmgr_enables: False # 6-GENERIC-APPS -# Calibre - -# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing -# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. +# Calibre E-Book Library +# WARNING: CALIBRE INSTALLS GRAPHICAL LIBRARIES SIMILAR TO X WINDOWS & OPENGL +# ON (HEADLESS, SERVER, LITE) OS'S THAT DON'T ALREADY HAVE THESE INSTALLED. calibre_install: True calibre_enabled: True # vars/raspbian-9.yml tries the .deb upgrade of Calibre, overriding this default: calibre_via_debs: False calibre_unstable_debs: False -# vars/.yml try the x86_64 python upgrade of Calibre, overriding this default: +# vars/.yml use Calibre's python installer/upgrader (x86_64), overriding this default: calibre_via_python: False # Change calibre_port to 8010 if you're using XO laptops needing above idmgr calibre_port: 8080 # Change calibre to XYZ add your own mnemonic URL like: http://box/XYZ calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 -# In addition to: http://box/books box/libros box/livres box/livros box/liv +# Calibre-Web alternative to Calibre, offers a clean/modern UX calibreweb_install: True calibreweb_enabled: True +calibreweb_port: 8083 +# http://box/books works. Add {box/libros, box/livres, box/livros, box/liv} etc? +calibreweb_url: /books +calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web # DokuWiki dokuwiki_install: False @@ -312,7 +315,7 @@ wordpress_enabled: False # 7-EDU-APPS -# KA Lite +# KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS kalite_install: True kalite_enabled: False kalite_server_port: 8008 @@ -322,8 +325,6 @@ kalite_cron_enabled: False kalite_user: kalite kalite_password_hash: $6$$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/ kalite_password: kalite -# Unused in 2018 -# kalite_server_name: kalite # Kolibri kolibri_install: False @@ -360,7 +361,46 @@ sugarizer_port: 8089 # 8-MGMT-TOOLS -# AWStats -- sumarizes http access logs +# Transmission is a BitTorrent downloader for large Content Packs etc +transmission_install: False +transmission_enabled: False + +# Transmission download directory & general owner/group +transmission_download_dir: "{{ content_base }}/transmission/" # /library/transmission/ +transmission_user: debian-transmission +transmission_group: root + +# Monitor downloads at http://box:9091 or http://box:9091/transmission using Admin/changeme +transmission_http_port: 9091 +transmission_url : "/transmission/" +transmission_peer_port: 51413 + +# Provision Transmission with torrent(s) from http://pantry.learningequality.org/downloads/ka-lite/0.17/content/ +transmission_provision: True +transmission_kalite_version: 0.17 + +# A. Uncomment language(s) in /etc/iiab/local_vars.yml to download KA Lite videos to /library/transmission +transmission_kalite_languages: + - english + #- french + #- hindi + #- portugal-portuguese + #- brazilian-portuguese + #- spanish + #- swahili +# B. Monitor BitTorrent downloads at http://box:9091 using Admin/changeme +# until the download is confirmed complete (can take hours or days!) +# C. Carefully move all videos/thumbnails into /library/ka-lite/content +# (DO NOT OVERWRITE SUBFOLDERS assessment, locale, srt !) +# D. Log in to KA Lite at http://box:8008/updates/videos/ using Admin/changeme +# then click "Scan content folder for videos" (can take many minutes!) +# E. READ "KA Lite Administration: What tips & tricks exist?" AT http://FAQ.IIAB.IO + +# Transmission administrative account +transmission_username: Admin +transmission_password: changeme + +# AWStats - summarizes http access logs awstats_install: True awstats_enabled: False diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 464ca014f..cc755ef22 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -133,8 +133,9 @@ iiab_usb_lib_show_all: True # 6-GENERIC-APPS -# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing -# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. +# Calibre E-Book Library +# WARNING: CALIBRE INSTALLS GRAPHICAL LIBRARIES SIMILAR TO X WINDOWS & OPENGL +# ON (HEADLESS, SERVER, LITE) OS'S THAT DON'T ALREADY HAVE THESE INSTALLED. calibre_install: True calibre_enabled: True @@ -149,8 +150,13 @@ calibre_port: 8080 calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 # In addition to: http://box/books box/libros box/livres box/livros box/liv +# Calibre-Web alternative to Calibre, offers a clean/modern UX calibreweb_install: True calibreweb_enabled: True +calibreweb_port: 8083 +# http://box/books works. Add {box/libros, box/livres, box/livros, box/liv} etc? +calibreweb_url: /books +calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web dokuwiki_install: True dokuwiki_enabled: True @@ -172,6 +178,7 @@ wordpress_enabled: True # 7-EDU-APPS +# KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS kalite_install: True kalite_enabled: True # Unused in 2018; but remains as placeholder for Fedora 18 legacy (XO laptops) @@ -202,6 +209,28 @@ sugarizer_enabled: True # 8-MGMT-TOOLS +# BitTorrent downloader for large Content Packs etc +transmission_install: False +transmission_enabled: False + +# A. Uncomment language(s) to download KA Lite videos to /library/transmission +# using http://pantry.learningequality.org/downloads/ka-lite/0.17/content/ +transmission_kalite_languages: + - english + #- french + #- hindi + #- portugal-portuguese + #- brazilian-portuguese + #- spanish + #- swahili +# B. Monitor BitTorrent downloads at http://box:9091 using Admin/changeme +# until the download is confirmed complete (can take hours or days!) +# C. Carefully move all videos/thumbnails into /library/ka-lite/content +# (DO NOT OVERWRITE SUBFOLDERS assessment, locale, srt !) +# D. Log in to KA Lite at http://box:8008/updates/videos/ using Admin/changeme +# then click "Scan content folder for videos" (can take many minutes!) +# E. READ "KA Lite Administration: What tips & tricks exist?" AT http://FAQ.IIAB.IO + awstats_install: True awstats_enabled: True diff --git a/vars/local_vars_big_vpn.yml b/vars/local_vars_big_vpn.yml deleted file mode 100644 index 1e7db9e49..000000000 --- a/vars/local_vars_big_vpn.yml +++ /dev/null @@ -1,239 +0,0 @@ -# This is local_vars_big_vpn.yml -- copy it to /etc/iiab/local_vars.yml then... - -# Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml - -# PLEASE READ http://wiki.iiab.io/local_vars.yml - -# Orig Idea: branch github.com/xsce/xsce-local for your deployment/community - - -# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails -download_timeout: 200 - -# Users and Passwords - -iiab_admin_user: iiab-admin -# Obtain a password hash with: -# python -c 'import crypt; print crypt.crypt("", "$6$<salt>")' -# iiab_admin_passw_hash: -admin_install: True - -# Set admin_install: False if you don't want iiab_admin_user & wheel group -# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based -# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n - -# If admin_install: False, set iiab_admin_user (above) to an existing Linux -# user that has sudo access, so you can login to Admin Console http://box/admin - -iiab_hostname: box -iiab_domain: lan - -# Set to /home or /wordpress or /mediawiki or /wiki (for DokuWiki) -iiab_home_url: /home - -# Raspbian requires WiFi country since March 2018. Please set it here: -host_country_code: US -host_ssid: "Internet in a Box" -host_wifi_mode: g -host_channel: 6 -hostapd_secure: False -hostapd_password: changeme - -# Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or -# 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables -# within github.com/iiab/iiab/blob/master/roles/ -services_externally_visible: True - -# Make this True if client machines should have access to WAN/Internet: -iiab_gateway_enabled: False - -# dnsmasq -dnsmasq_install: True -dnsmasq_enabled: False - -# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" -dns_jail_enabled: False - -# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 -py_captive_portal_install: True -py_captive_portal_enabled: False - -# Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: -squid_install: True -squid_enabled: True - -dansguardian_install: True -dansguardian_enabled: True - -# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 -# wondershaper_install: False -# wondershaper_enabled: False - -# 1-PREP - -# 2-COMMON - -# 3-BASE-SERVER - -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True - -# roles/mysql runs here (mandatory) - -# 4-SERVER-OPTIONS - -# SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security -openvpn_install: True -openvpn_enabled: True - -# Set /etc/iiab/openvpn_handle in advance here: -openvpn_handle: "" - -# The following seems necessary on CentOS: -# openvpn_cron_enabled: True - -# roles/network runs here (MANY SETTINGS ABOVE) - -# PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! -postgresql_install: False -postgresql_enabled: False - -# Unmaintained -# authserver_install: False -# authserver_enabled: False - -# Common UNIX Printing System -cups_install: True -cups_enabled: True - -# At Your Own Risk: take a security audit seriously before deploying this -samba_install: True -samba_enabled: False - -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True - -# 5-XO-SERVICES - -# Lesser-supported XO services need additional testing. Please contact -# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. - -# xo_services_install: False -# xo_services_enabled: False - -# activity_server_install: False -# activity_server_enabled: False - -# Change calibre_port from 8080 to 8010 below, if you enable idmgr -# idmgr_install: False -# idmgr_enabled: False - -# ejabberd_xs_install: False -# ejabberd_xs_enabled: False - -# 6-GENERIC-APPS - -# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing -# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. - -calibre_install: True -calibre_enabled: True -# Try .deb upgrade of Calibre (like vars/raspbian-9.yml already does) -# calibre_via_debs: True -calibre_unstable_debs: False -# Try python x86_64 upgrade of Calibre (like vars/<most-OS's>.yml already do) -# calibre_via_python: True -# Change calibre_port to 8010 if you're using XO laptops needing above idmgr -calibre_port: 8080 -# Change calibre to XYZ to add your own mnemonic URL like: http://box/XYZ -calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 -# In addition to: http://box/books box/libros box/livres box/livros box/liv - -calibreweb_install: True -calibreweb_enabled: True - -dokuwiki_install: True -dokuwiki_enabled: True - -mediawiki_install: True -mediawiki_enabled: True - -elgg_install: True -elgg_enabled: True - -ejabberd_install: True -ejabberd_enabled: False - -nextcloud_install: True -nextcloud_enabled: True - -wordpress_install: True -wordpress_enabled: True - -# 7-EDU-APPS - -kalite_install: True -kalite_enabled: True -# Unused in 2018; but remains as placeholder for Fedora 18 legacy (XO laptops) -kalite_cron_enabled: True - -kolibri_install: True -kolibri_enabled: True - -kiwix_install: True -kiwix_enabled: True - -# Warning: Moodle is a serious LMS, that takes a while to install -moodle_install: True -moodle_enabled: True - -# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 -osm_install: True -osm_enabled: True - -# Similar to Calibre, but unmaintained -pathagar_install: False -pathagar_enabled: False - -# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 -# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 -sugarizer_install: True -sugarizer_enabled: True - -# 8-MGMT-TOOLS - -awstats_install: True -awstats_enabled: True - -monit_install: True -monit_enabled: True - -munin_install: True -munin_enabled: True - -# Handy for maintaining tables, but DANGEROUS if not locked down -phpmyadmin_install: True -phpmyadmin_enabled: False - -vnstat_install: True -vnstat_enabled: True - -# Unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io) -# teamviewer_install: False -# teamviewer_enabled: False - -# Unmaintained -# sugar_stats_install: False -# sugar_stats_enabled: False - -# Unmaintained -# xovis_install: False -# xovis_enabled: False - -# Unmaintained -# schooltool_install: False -# schooltool_enabled: False - -# Unmaintained -# debian_schooltool_install: False -# debian_schooltool_enabled: False diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 2848aa0ce..db8d3e62f 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -133,8 +133,9 @@ iiab_usb_lib_show_all: True # 6-GENERIC-APPS -# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing -# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. +# Calibre E-Book Library +# WARNING: CALIBRE INSTALLS GRAPHICAL LIBRARIES SIMILAR TO X WINDOWS & OPENGL +# ON (HEADLESS, SERVER, LITE) OS'S THAT DON'T ALREADY HAVE THESE INSTALLED. calibre_install: True calibre_enabled: True @@ -149,8 +150,13 @@ calibre_port: 8080 calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 # In addition to: http://box/books box/libros box/livres box/livros box/liv +# Calibre-Web alternative to Calibre, offers a clean/modern UX calibreweb_install: True calibreweb_enabled: True +calibreweb_port: 8083 +# http://box/books works. Add {box/libros, box/livres, box/livros, box/liv} etc? +calibreweb_url: /books +calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web dokuwiki_install: False dokuwiki_enabled: False @@ -172,6 +178,7 @@ wordpress_enabled: True # 7-EDU-APPS +# KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS kalite_install: True kalite_enabled: True # Unused in 2018; but remains as placeholder for Fedora 18 legacy (XO laptops) @@ -202,6 +209,28 @@ sugarizer_enabled: True # 8-MGMT-TOOLS +# BitTorrent downloader for large Content Packs etc +transmission_install: False +transmission_enabled: False + +# A. Uncomment language(s) to download KA Lite videos to /library/transmission +# using http://pantry.learningequality.org/downloads/ka-lite/0.17/content/ +transmission_kalite_languages: + - english + #- french + #- hindi + #- portugal-portuguese + #- brazilian-portuguese + #- spanish + #- swahili +# B. Monitor BitTorrent downloads at http://box:9091 using Admin/changeme +# until the download is confirmed complete (can take hours or days!) +# C. Carefully move all videos/thumbnails into /library/ka-lite/content +# (DO NOT OVERWRITE SUBFOLDERS assessment, locale, srt !) +# D. Log in to KA Lite at http://box:8008/updates/videos/ using Admin/changeme +# then click "Scan content folder for videos" (can take many minutes!) +# E. READ "KA Lite Administration: What tips & tricks exist?" AT http://FAQ.IIAB.IO + awstats_install: True awstats_enabled: True diff --git a/vars/local_vars_medium_vpn.yml b/vars/local_vars_medium_vpn.yml deleted file mode 100644 index d73fe8699..000000000 --- a/vars/local_vars_medium_vpn.yml +++ /dev/null @@ -1,239 +0,0 @@ -# This is local_vars_medium_vpn.yml -- copy it to /etc/iiab/local_vars.yml then... - -# Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml - -# PLEASE READ http://wiki.iiab.io/local_vars.yml - -# Orig Idea: branch github.com/xsce/xsce-local for your deployment/community - - -# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails -download_timeout: 200 - -# Users and Passwords - -iiab_admin_user: iiab-admin -# Obtain a password hash with: -# python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' -# iiab_admin_passw_hash: -admin_install: True - -# Set admin_install: False if you don't want iiab_admin_user & wheel group -# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based -# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n - -# If admin_install: False, set iiab_admin_user (above) to an existing Linux -# user that has sudo access, so you can login to Admin Console http://box/admin - -iiab_hostname: box -iiab_domain: lan - -# Set to /home or /wordpress or /mediawiki or /wiki (for DokuWiki) -iiab_home_url: /home - -# Raspbian requires WiFi country since March 2018. Please set it here: -host_country_code: US -host_ssid: "Internet in a Box" -host_wifi_mode: g -host_channel: 6 -hostapd_secure: False -hostapd_password: changeme - -# Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or -# 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables -# within github.com/iiab/iiab/blob/master/roles/ -services_externally_visible: True - -# Make this True if client machines should have access to WAN/Internet: -iiab_gateway_enabled: False - -# dnsmasq -dnsmasq_install: True -dnsmasq_enabled: False - -# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" -dns_jail_enabled: False - -# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 -py_captive_portal_install: True -py_captive_portal_enabled: False - -# Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: -squid_install: False -squid_enabled: False - -dansguardian_install: False -dansguardian_enabled: False - -# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 -# wondershaper_install: False -# wondershaper_enabled: False - -# 1-PREP - -# 2-COMMON - -# 3-BASE-SERVER - -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True - -# roles/mysql runs here (mandatory) - -# 4-SERVER-OPTIONS - -# SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security -openvpn_install: True -openvpn_enabled: True - -# Set /etc/iiab/openvpn_handle in advance here: -openvpn_handle: "" - -# The following seems necessary on CentOS: -# openvpn_cron_enabled: True - -# roles/network runs here (MANY SETTINGS ABOVE) - -# PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! -postgresql_install: False -postgresql_enabled: False - -# Unmaintained -# authserver_install: False -# authserver_enabled: False - -# Common UNIX Printing System -cups_install: True -cups_enabled: False - -# At Your Own Risk: take a security audit seriously before deploying this -samba_install: False -samba_enabled: False - -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True - -# 5-XO-SERVICES - -# Lesser-supported XO services need additional testing. Please contact -# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. - -# xo_services_install: False -# xo_services_enabled: False - -# activity_server_install: False -# activity_server_enabled: False - -# Change calibre_port from 8080 to 8010 below, if you enable idmgr -# idmgr_install: False -# idmgr_enabled: False - -# ejabberd_xs_install: False -# ejabberd_xs_enabled: False - -# 6-GENERIC-APPS - -# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing -# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. - -calibre_install: True -calibre_enabled: True -# Try .deb upgrade of Calibre (like vars/raspbian-9.yml already does) -# calibre_via_debs: True -calibre_unstable_debs: False -# Try python x86_64 upgrade of Calibre (like vars/<most-OS's>.yml already do) -# calibre_via_python: True -# Change calibre_port to 8010 if you're using XO laptops needing above idmgr -calibre_port: 8080 -# Change calibre to XYZ to add your own mnemonic URL like: http://box/XYZ -calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 -# In addition to: http://box/books box/libros box/livres box/livros box/liv - -calibreweb_install: True -calibreweb_enabled: True - -dokuwiki_install: False -dokuwiki_enabled: False - -mediawiki_install: False -mediawiki_enabled: False - -elgg_install: True -elgg_enabled: True - -ejabberd_install: False -ejabberd_enabled: False - -nextcloud_install: True -nextcloud_enabled: True - -wordpress_install: True -wordpress_enabled: True - -# 7-EDU-APPS - -kalite_install: True -kalite_enabled: True -# Unused in 2018; but remains as placeholder for Fedora 18 legacy (XO laptops) -kalite_cron_enabled: True - -kolibri_install: False -kolibri_enabled: False - -kiwix_install: True -kiwix_enabled: True - -# Warning: Moodle is a serious LMS, that takes a while to install -moodle_install: False -moodle_enabled: False - -# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 -osm_install: True -osm_enabled: True - -# Similar to Calibre, but unmaintained -pathagar_install: False -pathagar_enabled: False - -# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 -# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 -sugarizer_install: True -sugarizer_enabled: True - -# 8-MGMT-TOOLS - -awstats_install: True -awstats_enabled: True - -monit_install: False -monit_enabled: False - -munin_install: True -munin_enabled: True - -# Handy for maintaining tables, but DANGEROUS if not locked down -phpmyadmin_install: False -phpmyadmin_enabled: False - -vnstat_install: True -vnstat_enabled: True - -# Unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io) -# teamviewer_install: False -# teamviewer_enabled: False - -# Unmaintained -# sugar_stats_install: False -# sugar_stats_enabled: False - -# Unmaintained -# xovis_install: False -# xovis_enabled: False - -# Unmaintained -# schooltool_install: False -# schooltool_enabled: False - -# Unmaintained -# debian_schooltool_install: False -# debian_schooltool_enabled: False diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index f0e55f4dc..2ba4bdbc0 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -133,8 +133,9 @@ iiab_usb_lib_show_all: True # 6-GENERIC-APPS -# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing -# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. +# Calibre E-Book Library +# WARNING: CALIBRE INSTALLS GRAPHICAL LIBRARIES SIMILAR TO X WINDOWS & OPENGL +# ON (HEADLESS, SERVER, LITE) OS'S THAT DON'T ALREADY HAVE THESE INSTALLED. calibre_install: False calibre_enabled: False @@ -149,8 +150,13 @@ calibre_port: 8080 calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 # In addition to: http://box/books box/libros box/livres box/livros box/liv +# Calibre-Web alternative to Calibre, offers a clean/modern UX calibreweb_install: False calibreweb_enabled: False +calibreweb_port: 8083 +# http://box/books works. Add {box/libros, box/livres, box/livros, box/liv} etc? +calibreweb_url: /books +calibreweb_home: "{{ content_base }}/calibre-web" # /library/calibre-web dokuwiki_install: False dokuwiki_enabled: False @@ -172,6 +178,7 @@ wordpress_enabled: False # 7-EDU-APPS +# KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS kalite_install: True kalite_enabled: True # Unused in 2018; but remains as placeholder for Fedora 18 legacy (XO laptops) @@ -202,6 +209,28 @@ sugarizer_enabled: False # 8-MGMT-TOOLS +# BitTorrent downloader for large Content Packs etc +transmission_install: False +transmission_enabled: False + +# A. Uncomment language(s) to download KA Lite videos to /library/transmission +# using http://pantry.learningequality.org/downloads/ka-lite/0.17/content/ +transmission_kalite_languages: + - english + #- french + #- hindi + #- portugal-portuguese + #- brazilian-portuguese + #- spanish + #- swahili +# B. Monitor BitTorrent downloads at http://box:9091 using Admin/changeme +# until the download is confirmed complete (can take hours or days!) +# C. Carefully move all videos/thumbnails into /library/ka-lite/content +# (DO NOT OVERWRITE SUBFOLDERS assessment, locale, srt !) +# D. Log in to KA Lite at http://box:8008/updates/videos/ using Admin/changeme +# then click "Scan content folder for videos" (can take many minutes!) +# E. READ "KA Lite Administration: What tips & tricks exist?" AT http://FAQ.IIAB.IO + awstats_install: True awstats_enabled: True diff --git a/vars/local_vars_min_vpn.yml b/vars/local_vars_min_vpn.yml deleted file mode 100644 index d3b52eb79..000000000 --- a/vars/local_vars_min_vpn.yml +++ /dev/null @@ -1,239 +0,0 @@ -# This is local_vars_min_vpn.yml -- copy it to /etc/iiab/local_vars.yml then... - -# Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml - -# PLEASE READ http://wiki.iiab.io/local_vars.yml - -# Orig Idea: branch github.com/xsce/xsce-local for your deployment/community - - -# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails -download_timeout: 200 - -# Users and Passwords - -iiab_admin_user: iiab-admin -# Obtain a password hash with: -# python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' -# iiab_admin_passw_hash: -admin_install: True - -# Set admin_install: False if you don't want iiab_admin_user & wheel group -# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based -# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n - -# If admin_install: False, set iiab_admin_user (above) to an existing Linux -# user that has sudo access, so you can login to Admin Console http://box/admin - -iiab_hostname: box -iiab_domain: lan - -# Set to /home or /wordpress or /mediawiki or /wiki (for DokuWiki) -iiab_home_url: /home - -# Raspbian requires WiFi country since March 2018. Please set it here: -host_country_code: US -host_ssid: "Internet in a Box" -host_wifi_mode: g -host_channel: 6 -hostapd_secure: False -hostapd_password: changeme - -# Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or -# 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables -# within github.com/iiab/iiab/blob/master/roles/ -services_externally_visible: True - -# Make this True if client machines should have access to WAN/Internet: -iiab_gateway_enabled: False - -# dnsmasq -dnsmasq_install: True -dnsmasq_enabled: False - -# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" -dns_jail_enabled: False - -# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 -py_captive_portal_install: True -py_captive_portal_enabled: False - -# Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: -squid_install: False -squid_enabled: False - -dansguardian_install: False -dansguardian_enabled: False - -# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 -# wondershaper_install: False -# wondershaper_enabled: False - -# 1-PREP - -# 2-COMMON - -# 3-BASE-SERVER - -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True - -# roles/mysql runs here (mandatory) - -# 4-SERVER-OPTIONS - -# SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security -openvpn_install: True -openvpn_enabled: True - -# Set /etc/iiab/openvpn_handle in advance here: -openvpn_handle: "" - -# The following seems necessary on CentOS: -# openvpn_cron_enabled: True - -# roles/network runs here (MANY SETTINGS ABOVE) - -# PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! -postgresql_install: False -postgresql_enabled: False - -# Unmaintained -# authserver_install: False -# authserver_enabled: False - -# Common UNIX Printing System -cups_install: False -cups_enabled: False - -# At Your Own Risk: take a security audit seriously before deploying this -samba_install: False -samba_enabled: False - -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True - -# 5-XO-SERVICES - -# Lesser-supported XO services need additional testing. Please contact -# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. - -# xo_services_install: False -# xo_services_enabled: False - -# activity_server_install: False -# activity_server_enabled: False - -# Change calibre_port from 8080 to 8010 below, if you enable idmgr -# idmgr_install: False -# idmgr_enabled: False - -# ejabberd_xs_install: False -# ejabberd_xs_enabled: False - -# 6-GENERIC-APPS - -# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing -# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. - -calibre_install: False -calibre_enabled: False -# Try .deb upgrade of Calibre (like vars/raspbian-9.yml already does) -# calibre_via_debs: True -calibre_unstable_debs: False -# Try python x86_64 upgrade of Calibre (like vars/<most-OS's>.yml already do) -# calibre_via_python: True -# Change calibre_port to 8010 if you're using XO laptops needing above idmgr -calibre_port: 8080 -# Change calibre to XYZ to add your own mnemonic URL like: http://box/XYZ -calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 -# In addition to: http://box/books box/libros box/livres box/livros box/liv - -calibreweb_install: False -calibreweb_enabled: False - -dokuwiki_install: False -dokuwiki_enabled: False - -mediawiki_install: False -mediawiki_enabled: False - -elgg_install: False -elgg_enabled: False - -ejabberd_install: False -ejabberd_enabled: False - -nextcloud_install: False -nextcloud_enabled: False - -wordpress_install: False -wordpress_enabled: False - -# 7-EDU-APPS - -kalite_install: True -kalite_enabled: True -# Unused in 2018; but remains as placeholder for Fedora 18 legacy (XO laptops) -kalite_cron_enabled: True - -kolibri_install: False -kolibri_enabled: False - -kiwix_install: True -kiwix_enabled: True - -# Warning: Moodle is a serious LMS, that takes a while to install -moodle_install: False -moodle_enabled: False - -# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 -osm_install: False -osm_enabled: False - -# Similar to Calibre, but unmaintained -pathagar_install: False -pathagar_enabled: False - -# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 -# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 -sugarizer_install: False -sugarizer_enabled: False - -# 8-MGMT-TOOLS - -awstats_install: True -awstats_enabled: True - -monit_install: False -monit_enabled: False - -munin_install: True -munin_enabled: True - -# Handy for maintaining tables, but DANGEROUS if not locked down -phpmyadmin_install: False -phpmyadmin_enabled: False - -vnstat_install: True -vnstat_enabled: True - -# Unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io) -# teamviewer_install: False -# teamviewer_enabled: False - -# Unmaintained -# sugar_stats_install: False -# sugar_stats_enabled: False - -# Unmaintained -# xovis_install: False -# xovis_enabled: False - -# Unmaintained -# schooltool_install: False -# schooltool_enabled: False - -# Unmaintained -# debian_schooltool_install: False -# debian_schooltool_enabled: False