external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

Merge pull request #173 from iiab/master

Browse source 
sync from iiab/iiab
This commit is contained in:
A Holt 2018-10-19 10:59:52 -04:00 committed by GitHub
commit 9f0182f972
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
105 changed files with 580 additions and 826 deletions
Download patch file Download diff file Expand all files Collapse all files

32
.travis.yml
View file

@ -6,32 +6,22 @@ python: "2.7"
dist: trusty dist: trusty
sudo: false sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install: install:
# Install ansible, ansible-lint and ansible-review # Install ansible
- pip install ansible - pip install ansible
- pip install ansible-review
# Create ansible.cfg with correct roles_path and local_tmp # Create ansible.cfg with correct roles_path and local_tmp
- "{ echo '[defaults]'; echo 'roles_path = ../'; echo 'local_tmp = ~/.ansible/tmp'; } >> ansible.cfg" - "{ echo '[defaults]'; echo 'roles_path = ./roles/'; } >> ansible.cfg"
# Check ansible, version
- ansible --version
- ansible-lint --version
- ansible-review --version
script: script:
# Continuous integration: syntax check # Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check -vvv - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
# Continous integration: ansible-list
- ansible-lint -p *yml
# Continous integration: ansible code review
#- git ls-files *yml roles/ vars/ tests/ | xargs ansible-review
# Continouse integration: ansible code review of changes between master and current branch
#- git diff master | ansible-review
#notifications: #notifications:
# webhooks: # webhooks: https://galaxy.ansible.com/api/v1/notifications/

0
COPYING → LICENSE
View file

16
LICENSE.md
View file

@ -1,16 +0,0 @@
COPYRIGHT and LICENSE
Many files in this repository have an explicit copyright notice and terms of license in the file.
Authors contributing to this repository are encouraged to provide a copyright notice and to license their work
under the terms of the GNU Library General Public License as published by the Free Software Foundation;
either version 2 of the License, or (at your option) any later version.
This license is contained in the file named COPYING. The simplest way to do this is to include
the following two lines at the top of the file:
# Copyright (C) 20xx <your name>
# Licensed under the terms of the GNU GPL v2 or later; see COPYING for details.
All files not containing an explicit copyright notice or terms of license in the file are Copyright © 2015, Unleash Kids,
and are licensed under the terms of the GPLv2 license in the file named COPYING in the root of the repository.

20
LICENSING.md Normal file
View file

@ -0,0 +1,20 @@
COPYRIGHT and LICENSE
Many files in this repository have an explicit copyright notice and terms of
license in the file.
Authors contributing to this repository are encouraged to provide a copyright
notice and to license their work under the terms of the GNU Library General
Public License as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This license is contained in the file named LICENSE. The simplest way to do
this is to include the following two lines at the top of the file:
Copyright (C) 20xx <your name>
Licensed under the terms of the GNU GPL v2 or later; see LICENSE for details.
All files not containing an explicit copyright notice or terms of license in
the file are Copyright © 2015-2018, Unleash Kids, and are licensed under the
terms of the GPLv2 license in the file named LICENSE in the root of the
repository.

41
README.md.deprecated
View file

@ -1,41 +0,0 @@
======================================
School Server Community Edition (XSCE)
======================================
Welcome to the Git repository of the XSCE project. XSCE is a community-based
project developed and supported by volunteers from around the world. It
provides communication, networking, content, and maintenance to schools and
classrooms. In everyday usage the school server provides services which extend
capabilities of the connected laptops while being transparent to the
user. These services include:
* Classroom connectivity Similar to what you would find in an advanced home router.
* Internet gateway If available, an internet connection is made available to laptops.
* Content Tools to make instructional media available to their schools and classrooms.
* Maintenance Tools to keep laptop updated and running smoothly.
All of our server code resides in this repository. We are using ansible_ as the
underlying technology to install, deploy, configure and manage the various
server components.
Documentation has recently moved to the wiki of this repo
Please see the `XSCE wiki`_
Installation procedures are in the process of being reworked to include:
* Offline install on bare metal from a usb stick
* Offline install with an iso file
* Manual install of all or part of the server in combination with either of the above
Full installation instructions are in the wiki of this repo:
Please read the `installation`_ documentation.
See the `XSCE project`_ for more information about the project.
.. _XSCE wiki: https://github.com/XSCE/xsce/wiki
.. _installation: https://github.com/XSCE/xsce/wiki/XSCE-Installation
.. _ansible: http://www.ansibleworks.com/
.. _ansible documentation: http://www.ansibleworks.com/docs/
.. _XSCE project: http://schoolserver.org/

2
ansible.cfg
View file

@ -3,5 +3,3 @@
[defaults] [defaults]
squash_actions = apk, apt, dnf, homebrew, openbsd_pkg, pacman, pkgng, yum, zypper, package squash_actions = apk, apt, dnf, homebrew, openbsd_pkg, pacman, pkgng, yum, zypper, package
remote_tmp = /root/.ansible/tmp
local_tmp = /root/.ansible/tmp

194
ansible.cfg.deprecated
View file

@ -1,194 +0,0 @@
# config file for ansible -- http://ansible.com/
# ==============================================
# nearly all parameters can be overridden in ansible-playbook
# or with command line flags. ansible will read ANSIBLE_CONFIG,
# ansible.cfg in the current working directory, .ansible.cfg in
# the home directory or /etc/ansible/ansible.cfg, whichever it
# finds first
[defaults]
# some basic default values...
hostfile = /etc/ansible/hosts
library = /usr/share/ansible
remote_tmp = /opt/iiab/iiab/.ansible/tmp
local_tmp = /opt/iiab/iiab/.ansible/tmp
pattern = *
forks = 5
poll_interval = 15
sudo_user = root
#ask_sudo_pass = True
#ask_pass = True
transport = smart
remote_port = 22
module_lang = C
# plays will gather facts by default, which contain information about
# the remote system.
#
# smart - gather by default, but don't regather if already gathered
# implicit - gather by default, turn off with gather_facts: False
# explicit - do not gather by default, must say gather_facts: True
gathering = implicit
# additional paths to search for roles in, colon separated
#roles_path = /etc/ansible/roles
# uncomment this to disable SSH key host checking
#host_key_checking = False
# change this for alternative sudo implementations
sudo_exe = sudo
# what flags to pass to sudo
#sudo_flags = -H
# SSH timeout
timeout = 10
# default user to use for playbooks if user is not specified
# (/usr/bin/ansible will use current user as default)
#remote_user = root
# logging is off by default unless this path is defined
# if so defined, consider logrotate
#log_path = /var/log/ansible.log
# default module name for /usr/bin/ansible
#module_name = command
# use this shell for commands executed under sudo
# you may need to change this to bin/bash in rare instances
# if sudo is constrained
#executable = /bin/sh
# if inventory variables overlap, does the higher precedence one win
# or are hash values merged together? The default is 'replace' but
# this can also be set to 'merge'.
#hash_behaviour = replace
# list any Jinja2 extensions to enable here:
#jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n
# if set, always use this private key file for authentication, same as
# if passing --private-key to ansible or ansible-playbook
#private_key_file = /path/to/file
# format of string {{ ansible_managed }} available within Jinja2
# templates indicates to users editing templates files will be replaced.
# replacing {file}, {host} and {uid} and strftime codes with proper values.
ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}
# by default, ansible-playbook will display "Skipping [host]" if it determines a task
# should not be run on a host. Set this to "False" if you don't want to see these "Skipping"
# messages. NOTE: the task header will still be shown regardless of whether or not the
# task is skipped.
#display_skipped_hosts = True
# by default (as of 1.3), Ansible will raise errors when attempting to dereference
# Jinja2 variables that are not set in templates or action lines. Uncomment this line
# to revert the behavior to pre-1.3.
#error_on_undefined_vars = False
# by default (as of 1.6), Ansible may display warnings based on the configuration of the
# system running ansible itself. This may include warnings about 3rd party packages or
# other conditions that should be resolved if possible.
# to disable these warnings, set the following value to False:
system_warnings = False
# by default (as of 1.4), Ansible may display deprecation warnings for language
# features that should no longer be used and will be removed in future versions.
# to disable these warnings, set the following value to False:
deprecation_warnings = False
# set plugin path directories here, separate with colons
action_plugins = /usr/share/ansible_plugins/action_plugins
callback_plugins = /usr/share/ansible_plugins/callback_plugins
connection_plugins = /usr/share/ansible_plugins/connection_plugins
lookup_plugins = /usr/share/ansible_plugins/lookup_plugins
vars_plugins = /usr/share/ansible_plugins/vars_plugins
filter_plugins = /usr/share/ansible_plugins/filter_plugins
# don't like cows? that's unfortunate.
# set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1
#nocows = 1
# don't like colors either?
# set to 1 if you don't want colors, or export ANSIBLE_NOCOLOR=1
#nocolor = 1
# the CA certificate path used for validating SSL certs. This path
# should exist on the controlling node, not the target nodes
# common locations:
# RHEL/CentOS: /etc/pki/tls/certs/ca-bundle.crt
# Fedora : /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
# Ubuntu : /usr/share/ca-certificates/cacert.org/cacert.org.crt
#ca_file_path =
# the http user-agent string to use when fetching urls. Some web server
# operators block the default urllib user agent as it is frequently used
# by malicious attacks/scripts, so we set it to something unique to
# avoid issues.
#http_user_agent = ansible-agent
[paramiko_connection]
# uncomment this line to cause the paramiko connection plugin to not record new host
# keys encountered. Increases performance on new host additions. Setting works independently of the
# host key checking setting above.
#record_host_keys=False
# by default, Ansible requests a pseudo-terminal for commands executed under sudo. Uncomment this
# line to disable this behaviour.
#pty=False
[ssh_connection]
# ssh arguments to use
# Leaving off ControlPersist will result in poor performance, so use
# paramiko on older platforms rather than removing it
#ssh_args = -o ControlMaster=auto -o ControlPersist=60s
# The path to use for the ControlPath sockets. This defaults to
# "%(directory)s/ansible-ssh-%%h-%%p-%%r", however on some systems with
# very long hostnames or very long path names (caused by long user names or
# deeply nested home directories) this can exceed the character limit on
# file socket names (108 characters for most platforms). In that case, you
# may wish to shorten the string below.
#
# Example:
# control_path = %(directory)s/%%h-%%r
#control_path = %(directory)s/ansible-ssh-%%h-%%p-%%r
# Enabling pipelining reduces the number of SSH operations required to
# execute a module on the remote server. This can result in a significant
# performance improvement when enabled, however when using "sudo:" you must
# first disable 'requiretty' in /etc/sudoers
#
# By default, this option is disabled to preserve compatibility with
# sudoers configurations that have requiretty (the default on many distros).
#
#pipelining = False
# if True, make ansible use scp if the connection type is ssh
# (default is sftp)
#scp_if_ssh = True
[accelerate]
accelerate_port = 5099
accelerate_timeout = 30
accelerate_connect_timeout = 5.0
# The daemon timeout is measured in minutes. This time is measured
# from the last activity to the accelerate daemon.
accelerate_daemon_timeout = 30
# If set to yes, accelerate_multi_key will allow multiple
# private keys to be uploaded to it, though each user must
# have access to the system via SSH to add a new key. The default
# is "no".
#accelerate_multi_key = yes
command_warnings = False

22
iiab.yml.deprecated
View file

@ -1,22 +0,0 @@
---
- hosts: all
become: yes
vars_files:
- vars/default_vars.yml
- vars/{{ ansible_local.local_facts.os_ver }}.yml
- /etc/iiab/local_vars.yml
- /etc/iiab/config_vars.yml
roles:
- { role: 0-init, tags: ['0-init'] }
- { role: 1-prep, tags: ['1-prep','platform','base'] }
- { role: 2-common, tags: ['2-common','base'] }
- { role: 3-base-server, tags: ['3-base-server','base'] }
- { role: 4-server-options, tags: ['4-server-options'] }
- { role: 5-xo-services, tags: ['5-xo-services'] }
- { role: 6-generic-apps, tags: ['6-generic-apps'] }
- { role: 7-edu-apps, tags: ['7-edu-apps'] }
- { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
- { role: 9-local-addons, tags: ['9-local-addons'] }
- { role: network, tags: ['network'] }

2
roles/0-init/defaults/main.yml
View file

@ -1,4 +1,4 @@
# Use these to tag a release at a point in time, for /etc/iiab/iiab.env # Use these to tag a release at a point in time, for {{ iiab_env_file }}
iiab_base_ver: 6.7 iiab_base_ver: 6.7
iiab_revision: 0 iiab_revision: 0

6
roles/0-init/tasks/fl.yml
View file

@ -27,3 +27,9 @@
- "{{ doc_root }}/common/services" - "{{ doc_root }}/common/services"
- /etc/sysconfig/olpc-scripts/ - /etc/sysconfig/olpc-scripts/
- /etc/sysconfig/olpc-scripts/setup.d/installed/ - /etc/sysconfig/olpc-scripts/setup.d/installed/
- name: Create symlink from webfonts to fonts
file:
src: "{{ doc_root }}/common/fonts"
path: "{{ doc_root }}/common/webfonts"
state: link

12
roles/0-init/tasks/iiab_ini.yml
View file

@ -1,12 +1,12 @@
# workaround for fact that auto create does not work on ini_file # workaround for fact that auto create does not work on iiab_ini_file (/etc/iiab/iiab.ini)
- name: Create /etc/iiab/iiab.ini (iiab_config_file) - name: Create {{ iiab_ini_file }}
file: file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
state: touch state: touch
- name: Add location section to config file - name: Add location section to config file
ini_file: ini_file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
section: location section: location
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"
@ -16,9 +16,9 @@
- option: iiab_dir - option: iiab_dir
value: "{{ iiab_dir }}" value: "{{ iiab_dir }}"
- name: Add version section - name: Add 'version' variable values to {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
section: version section: version
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

17
roles/0-init/tasks/main.yml
View file

@ -2,7 +2,7 @@
- name: ...IS BEGINNING ============================================ - name: ...IS BEGINNING ============================================
stat: stat:
path: /etc/iiab/iiab.env path: "{{ iiab_env_file }}"
register: NewInstall register: NewInstall
- name: Setting first run flag - name: Setting first run flag
@ -165,9 +165,9 @@
include_tasks: hostname.yml include_tasks: hostname.yml
when: FQDN_changed when: FQDN_changed
- name: Add 'runtime' section alongside list of services at /etc/iiab/iiab.ini - name: Add 'runtime' variable values to {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
section: runtime section: runtime
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"
@ -209,13 +209,9 @@
- option: FQDN_changed - option: FQDN_changed
value: "{{ FQDN_changed }}" value: "{{ FQDN_changed }}"
#- name: Now changing FQDN - name: Add 'runtime' variable 'is_VM' value if defined, to {{ iiab_ini_file }}
# include_tasks: hostname.yml
# when: FQDN_changed
- name: STAGE 0 HAS COMPLETED ======================================
ini_file: ini_file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
section: runtime section: runtime
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"
@ -223,3 +219,6 @@
- option: is_VM - option: is_VM
value: "yes" value: "yes"
when: is_VM is defined when: is_VM is defined
- name: STAGE 0 HAS COMPLETED ======================================
meta: noop

2
roles/1-prep/tasks/main.yml
View file

@ -111,7 +111,7 @@
- name: Recording STAGE 1 HAS COMPLETED ============================ - name: Recording STAGE 1 HAS COMPLETED ============================
template: template:
src: roles/1-prep/templates/iiab.env.j2 src: roles/1-prep/templates/iiab.env.j2
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
owner: root owner: root
group: root group: root
mode: 0644 mode: 0644

4
roles/1-prep/templates/iiab-network-reset
View file

@ -38,8 +38,8 @@ echo "/etc/resolv.conf"
cat /etc/resolv.conf cat /etc/resolv.conf
echo echo
echo "==========================================================" echo "=========================================================="
echo "cat /etc/iiab/iiab.ini" echo "cat {{ iiab_ini_file }}"
cat /etc/iiab/iiab.ini cat {{ iiab_ini_file }}
echo echo
echo "==========================================================" echo "=========================================================="
echo "routing table" echo "routing table"

2
roles/1-prep/templates/iiab_env.py.j2
View file

@ -4,7 +4,7 @@
def get_iiab_env(name): def get_iiab_env(name):
""" read iiab.env file for a value, return "" if does not exist""" """ read iiab.env file for a value, return "" if does not exist"""
try: try:
fd = open("/etc/iiab/iiab.env","r") fd = open("{{ iiab_env_file }}","r")
for line in fd: for line in fd:
line = line.lstrip() line = line.lstrip()
line = line.rstrip('\n') line = line.rstrip('\n')

2
roles/2-common/tasks/main.yml
View file

@ -89,7 +89,7 @@
- name: Recording STAGE 2 HAS COMPLETED ========================== - name: Recording STAGE 2 HAS COMPLETED ==========================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=2' line: 'STAGE=2'
state: present state: present

2
roles/2-common/templates/iiab-startup.sh
View file

@ -15,7 +15,7 @@ fi
if [[ $(grep -i raspbian /etc/*release) && if [[ $(grep -i raspbian /etc/*release) &&
#($(grep "hostapd_enabled = False" /etc/iiab/config_vars.yml) || #($(grep "hostapd_enabled = False" /etc/iiab/config_vars.yml) ||
#((! $(grep "hostapd_enabled = True" /etc/iiab/config_vars.yml)) && #((! $(grep "hostapd_enabled = True" /etc/iiab/config_vars.yml)) &&
! $(grep "^HOSTAPD_ENABLED=True" /etc/iiab/iiab.env) ]]; ! $(grep "^HOSTAPD_ENABLED=True" {{ iiab_env_file }}) ]];
# NEGATED LOGIC HELPS FORCE PROMISCUOUS MODE EARLY IN INSTALL # NEGATED LOGIC HELPS FORCE PROMISCUOUS MODE EARLY IN INSTALL
# (when network/tasks/main.yml hasn't yet populated iiab.env) # (when network/tasks/main.yml hasn't yet populated iiab.env)

4
roles/3-base-server/tasks/main.yml
View file

@ -3,7 +3,7 @@
- name: ...IS BEGINNING ===================================== - name: ...IS BEGINNING =====================================
command: echo command: echo
- name: HTTPD - name: HTTPD (APACHE)
include_role: include_role:
name: httpd name: httpd
# has no "when: XXXXX_install" flag # has no "when: XXXXX_install" flag
@ -23,7 +23,7 @@
- name: Recording STAGE 3 HAS COMPLETED ===================== - name: Recording STAGE 3 HAS COMPLETED =====================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=3' line: 'STAGE=3'
state: present state: present

2
roles/4-server-options/tasks/main.yml
View file

@ -78,7 +78,7 @@
- name: Recording STAGE 4 HAS COMPLETED ================== - name: Recording STAGE 4 HAS COMPLETED ==================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=4' line: 'STAGE=4'
state: present state: present

2
roles/5-xo-services/tasks/main.yml
View file

@ -23,7 +23,7 @@
- name: Recording STAGE 5 HAS COMPLETED ===================== - name: Recording STAGE 5 HAS COMPLETED =====================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=5' line: 'STAGE=5'
state: present state: present

2
roles/6-generic-apps/tasks/main.yml
View file

@ -47,7 +47,7 @@
- name: Recording STAGE 6 HAS COMPLETED ==================== - name: Recording STAGE 6 HAS COMPLETED ====================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=6' line: 'STAGE=6'
state: present state: present

2
roles/7-edu-apps/tasks/main.yml
View file

@ -47,7 +47,7 @@
- name: Recording STAGE 7 HAS COMPLETED ======================== - name: Recording STAGE 7 HAS COMPLETED ========================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=7' line: 'STAGE=7'
state: present state: present

2
roles/8-mgmt-tools/tasks/main.yml
View file

@ -59,7 +59,7 @@
- name: Recording STAGE 8 HAS COMPLETED ====================== - name: Recording STAGE 8 HAS COMPLETED ======================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=8' line: 'STAGE=8'
state: present state: present

2
roles/9-local-addons/tasks/main.yml
View file

@ -17,7 +17,7 @@
- name: Recording STAGE 9 HAS COMPLETED ==================== - name: Recording STAGE 9 HAS COMPLETED ====================
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^STAGE=*' regexp: '^STAGE=*'
line: 'STAGE=9' line: 'STAGE=9'
state: present state: present

2
roles/activity-server/tasks/main.yml
View file

@ -117,7 +117,7 @@
state=restarted state=restarted
- name: add xs-activity-server to service list - name: add xs-activity-server to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=activity-server section=activity-server
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

2
roles/ajenti/tasks/main.yml
View file

@ -48,7 +48,7 @@
when: ajenti_enabled when: ajenti_enabled
- name: Add ajenti to service list - name: Add ajenti to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=ajenti section=ajenti
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

2
roles/authserver/tasks/main.yml
View file

@ -51,7 +51,7 @@
when: authserver_enabled when: authserver_enabled
- name: add xs-authserver to service list - name: add xs-authserver to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=xs-authserver section=xs-authserver
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

4
roles/awstats/tasks/main.yml
View file

@ -1,9 +1,9 @@
- include_tasks: install.yml - include_tasks: install.yml
when: awstats_install when: awstats_install
- name: Add 'awstats' to list of services at /etc/iiab/iiab.ini - name: Add 'awstats' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: awstats section: awstats
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/calibre-web/tasks/main.yml
View file

@ -122,9 +122,9 @@
name: "{{ apache_service }}" # httpd or apache2 name: "{{ apache_service }}" # httpd or apache2
state: restarted state: restarted
- name: Add 'calibre-web' to list of services at /etc/iiab/iiab.ini - name: Add 'calibre-web' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: calibre-web section: calibre-web
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/calibre/tasks/main.yml
View file

@ -132,9 +132,9 @@
name: "{{ apache_service }}" name: "{{ apache_service }}"
state: reloaded state: reloaded
- name: Add 'calibre' to list of services at /etc/iiab/iiab.ini - name: Add 'calibre' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: calibre section: calibre
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/cups/tasks/main.yml
View file

@ -64,9 +64,9 @@
enabled: no enabled: no
when: not cups_enabled and is_F18 when: not cups_enabled and is_F18
- name: Add 'cups' to list of services at /etc/iiab/iiab.ini - name: Add 'cups' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: cups section: cups
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/docker/tasks/main.yml
View file

@ -41,7 +41,7 @@
when: not docker_enabled when: not docker_enabled
- name: add docker to service list - name: add docker to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=docker section=docker
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

4
roles/dokuwiki/tasks/main.yml
View file

@ -2,9 +2,9 @@
include_tasks: install.yml include_tasks: install.yml
when: dokuwiki_install when: dokuwiki_install
- name: Add 'dokuwiki' to list of services at /etc/iiab/iiab.ini - name: Add 'dokuwiki' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: dokuwiki section: dokuwiki
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/elgg/tasks/main.yml
View file

@ -138,9 +138,9 @@
state: absent state: absent
when: not elgg_enabled and is_redhat when: not elgg_enabled and is_redhat
- name: Add 'elgg' to list of services at /etc/iiab/iiab.ini - name: Add 'elgg' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: elgg section: elgg
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

5
roles/httpd/files/html/css/fa.all.min.css vendored Normal file
View file

File diff suppressed because one or more lines are too long

28
roles/httpd/files/html/css/open-sans.css Normal file
View file

@ -0,0 +1,28 @@
/* open-sans-regular - latin */
@font-face {
font-family: 'Open Sans';
font-style: normal;
font-weight: 400;
src: local('Open Sans Regular'), local('OpenSans-Regular'),
url('/common/fonts/open-sans-v15-latin-regular.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
url('/common/fonts/open-sans-v15-latin-regular.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
}
/* open-sans-600 - latin */
@font-face {
font-family: 'Open Sans';
font-style: normal;
font-weight: 600;
src: local('Open Sans SemiBold'), local('OpenSans-SemiBold'),
url('/common/fonts/open-sans-v15-latin-600.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
url('/common/fonts/open-sans-v15-latin-600.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
}
/* open-sans-700 - latin */
@font-face {
font-family: 'Open Sans';
font-style: normal;
font-weight: 700;
src: local('Open Sans Bold'), local('OpenSans-Bold'),
url('/common/fonts/open-sans-v15-latin-700.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
url('/common/fonts/open-sans-v15-latin-700.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
}

BIN
roles/httpd/files/html/fonts/fa-solid-900.woff Normal file
View file

Binary file not shown.

BIN
roles/httpd/files/html/fonts/fa-solid-900.woff2 Normal file
View file

Binary file not shown.

BIN
roles/httpd/files/html/fonts/open-sans-v15-latin-600.woff Normal file
View file

Binary file not shown.

BIN
roles/httpd/files/html/fonts/open-sans-v15-latin-600.woff2 Normal file
View file

Binary file not shown.

BIN
roles/httpd/files/html/fonts/open-sans-v15-latin-700.woff Normal file
View file

Binary file not shown.

BIN
roles/httpd/files/html/fonts/open-sans-v15-latin-700.woff2 Normal file
View file

Binary file not shown.

BIN
roles/httpd/files/html/fonts/open-sans-v15-latin-regular.woff Normal file
View file

Binary file not shown.

BIN
roles/httpd/files/html/fonts/open-sans-v15-latin-regular.woff2 Normal file
View file

Binary file not shown.

4
roles/httpd/tasks/html.yml
View file

@ -59,9 +59,9 @@
with_fileglob: with_fileglob:
- html/services/* - html/services/*
- name: Create symlink from assets to /etc/iiab/iiab.ini - name: Create symlink from assets to {{ iiab_ini_file }}
file: file:
src: "/etc/iiab/iiab.ini" src: "{{ iiab_ini_file }}"
dest: "{{ doc_root }}/common/assets/iiab.ini" dest: "{{ doc_root }}/common/assets/iiab.ini"
owner: root owner: root
group: root group: root

2
roles/httpd/templates/refresh-wiki-docs.sh
View file

@ -3,7 +3,7 @@
# Pull down repo's entire wiki (and similar) to create offline docs # Pull down repo's entire wiki (and similar) to create offline docs
set -e set -e
source /etc/iiab/iiab.env source {{ iiab_env_file }}
INPUT=/tmp/iiab-wiki INPUT=/tmp/iiab-wiki
OUTPUT=/tmp/iiab-wiki.out OUTPUT=/tmp/iiab-wiki.out
DESTPATH=/library/www/html/info DESTPATH=/library/www/html/info

2
roles/idmgr/tasks/main.yml
View file

@ -80,7 +80,7 @@
line=allowsftp line=allowsftp
- name: Add idmgr to service list - name: Add idmgr to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=idmgr section=idmgr
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

22
roles/iiab-admin/defaults/main.yml
View file

@ -1,5 +1,21 @@
--- # Must keep roles/0-init/defaults/main.yml sync'd ? (Seems no longer true as of 2018-10-15)
# must keep roles/0-once/defaults/main.yml sync'd
# The values here are defaults.
# Set iiab_admin_user_install: False if you don't want iiab_admin_user & wheel
# group auto-created in roles/iiab-admin/tasks/main.yml (hence disabling sudo-
# checks/warnings of published passwds like pi/raspberry & iiab-admin/g0adm1n).
iiab_admin_user_install: True
# If iiab_admin_user_install: False, set iiab_admin_user (below) to an existing
# Linux user that has sudo access, for login to Admin Console http://box/admin
# ODDLY THIS IS ALSO USED BY roles/usb-lib/tasks/main.yml TO SET GROUP PERM FOR /library/www/html/local_content (ISN'T {{ apache_user }} MORE APPROPRIATE?)
iiab_admin_user: iiab-admin iiab_admin_user: iiab-admin
# For live checks/alerts of published pwds
iiab_admin_published_pwd: g0adm1n
# Password hash to override above, if Ansible creates above user:
iiab_admin_pwd_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop.
# Obtain a password hash - NEW MORE SECURE WAY:
# python3 -c 'import crypt; print(crypt.crypt("<plaintext>", crypt.mksalt(crypt.METHOD_SHA512)))'
# Obtain a password hash - OLD WAY:
# python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")'

6
roles/iiab-admin/tasks/admin-user.yml
View file

@ -1,7 +1,7 @@
- name: Create iiab-admin user and password - name: Create user {{ iiab_admin_user }} for Admin Console; set password from hardcoded hash if newly creating account
user: user:
name: "{{ iiab_admin_user }}" name: "{{ iiab_admin_user }}"
password: "{{ iiab_admin_passw_hash }}" password: "{{ iiab_admin_pwd_hash }}"
update_password: on_create update_password: on_create
shell: /bin/bash shell: /bin/bash
@ -16,7 +16,7 @@
state: present state: present
when: is_redhat when: is_redhat
- name: Add user to wheel group - name: 'Add user {{ iiab_admin_user }} to groups: wheel, sudo'
user: user:
name: "{{ iiab_admin_user }}" name: "{{ iiab_admin_user }}"
groups: wheel,sudo groups: wheel,sudo

6
roles/iiab-admin/tasks/main.yml
View file

@ -1,15 +1,15 @@
- include_tasks: admin-user.yml - include_tasks: admin-user.yml
tags: tags:
- base - base
when: admin_install when: iiab_admin_user_install
- include_tasks: access.yml - include_tasks: access.yml
tags: tags:
- base - base
- name: Add 'iiab-admin' to list at /etc/iiab/iiab.ini - name: Add 'iiab-admin' to list at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: iiab-admin section: iiab-admin
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

38
roles/iiab-admin/templates/lxde_ssh_warn.sh
View file

@ -1,22 +1,32 @@
#!/bin/bash #!/bin/bash
function check_user_pwd() {
# $meth (hashing method) is typically '6' which implies 5000 rounds
# of SHA-512 per /etc/login.defs -> /etc/pam.d/common-password
meth=$(sudo grep "^$1:" /etc/shadow | cut -d: -f2 | cut -d$ -f2)
salt=$(sudo grep "^$1:" /etc/shadow | cut -d: -f2 | cut -d$ -f3)
hash=$(sudo grep "^$1:" /etc/shadow | cut -d: -f2 | cut -d$ -f4)
[ $(python3 -c "import crypt; print(crypt.crypt('$2', '\$$meth\$$salt'))") == "\$$meth\$$salt\$$hash" ]
}
# credit to the folks at raspberry pi foundatioon # credit to the folks at raspberry pi foundatioon
check_hash () check_hash () {
{
if ! id -u iiab-admin > /dev/null 2>&1 ; then return 0 ; fi if ! id -u iiab-admin > /dev/null 2>&1 ; then return 0 ; fi
if grep -q "^PasswordAuthentication\s*no" /etc/ssh/sshd_config ; then return 0 ; fi if grep -q "^PasswordAuthentication\s*no" /etc/ssh/sshd_config ; then return 0 ; fi
test -x /usr/bin/mkpasswd || return 0 #test -x /usr/bin/mkpasswd || return 0
SHADOW="$(sudo -n grep -E '^iiab-admin:' /etc/shadow 2>/dev/null)" #SHADOW="$(sudo -n grep -E '^iiab-admin:' /etc/shadow 2>/dev/null)"
test -n "${SHADOW}" || return 0 #test -n "${SHADOW}" || return 0
if echo $SHADOW | grep -q "iiab-admin:!" ; then return 0 ; fi #if echo $SHADOW | grep -q "iiab-admin:!" ; then return 0 ; fi
SHADOW_PW=$(echo $SHADOW | cut -d: -f2) #SHADOW_PW=$(echo $SHADOW | cut -d: -f2)
if [ "$SHADOW_PW" != "\$6\$iiab51\$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop." ]; then return 0 ; fi #if [ "$SHADOW_PW" != "\$6\$iiab51\$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop." ]; then return 0 ; fi
#if echo "${SHADOW}" | grep -q "${HASH}"; then
if echo "${SHADOW}" | grep -q "${HASH}"; then if check_user_pwd "iiab-admin" "{{ iiab_admin_published_pwd }}"; then
zenity --warning --text="SSH is enabled and the default password for the 'iiab-admin' user has not been changed.\nThis is a security risk - please go to the iiab-console and use utilities-> change password to set a new password." zenity --warning --text="SSH is enabled and the published password for user 'iiab-admin' is in use.\nTHIS IS A SECURITY RISK - please change its password using IIAB's Admin Console (http://box/admin) -> Utilities -> Change Password."
fi fi
} }
if service ssh status | grep -q running; then #if service ssh status | grep -q running; then
check_hash # check_hash
fi #fi
systemctl is-active {{ sshd_service }} > /dev/null && check_hash
unset check_hash unset check_hash

37
roles/iiab-admin/templates/profile_ssh_warn.sh
View file

@ -1,19 +1,28 @@
#!/bin/bash #!/bin/bash
# credit to the folks at raspberry pi foundatioon
check_hash ()
{
if ! id -u iiab-admin > /dev/null 2>&1 ; then return 0 ; fi
if grep -q "^PasswordAuthentication\s*no" /etc/ssh/sshd_config ; then return 0 ; fi
SHADOW="$(sudo -n grep -E '^iiab-admin:' /etc/shadow 2>/dev/null)"
test -n "${SHADOW}" || return 0
if echo $SHADOW | grep -q "iiab-admin:!" ; then return 0 ; fi
SHADOW_PW=$(echo $SHADOW | cut -d: -f2)
if [ "$SHADOW_PW" != '{{ iiab_admin_passw_hash }}' ]; then return 0 ; fi
echo function check_user_pwd() {
echo "SSH is enabled and the default password for the 'iiab-admin' user is unchanged." # $meth (hashing method) is typically '6' which implies 5000 rounds
echo "This is a security risk - please login as the 'iiab-admin' user and type 'passwd' to change password." # of SHA-512 per /etc/login.defs -> /etc/pam.d/common-password
echo meth=$(sudo grep "^$1:" /etc/shadow | cut -d: -f2 | cut -d$ -f2)
salt=$(sudo grep "^$1:" /etc/shadow | cut -d: -f2 | cut -d$ -f3)
hash=$(sudo grep "^$1:" /etc/shadow | cut -d: -f2 | cut -d$ -f4)
[ $(python3 -c "import crypt; print(crypt.crypt('$2', '\$$meth\$$salt'))") == "\$$meth\$$salt\$$hash" ]
}
# credit to the folks at raspberry pi foundatioon
check_hash () {
if ! id -u iiab-admin > /dev/null 2>&1 ; then return 0 ; fi
if grep -q "^PasswordAuthentication\s*no" /etc/ssh/sshd_config ; then return 0 ; fi
#SHADOW="$(sudo -n grep -E '^iiab-admin:' /etc/shadow 2>/dev/null)"
#test -n "${SHADOW}" || return 0
#if echo $SHADOW | grep -q "iiab-admin:!" ; then return 0 ; fi
#SHADOW_PW=$(echo $SHADOW | cut -d: -f2)
#if [ "$SHADOW_PW" != '{{ iiab_admin_pwd_hash }}' ]; then return 0 ; fi
if check_user_pwd "iiab-admin" "{{ iiab_admin_published_pwd }}"; then
echo -e "\nSSH is enabled and the published password for user 'iiab-admin' is in use."
echo -e "THIS IS A SECURITY RISK - please log in as user 'iiab-admin' and run 'passwd'"
echo -e "to change its password.\n"
fi
} }
systemctl is-active {{ sshd_service }} > /dev/null && check_hash systemctl is-active {{ sshd_service }} > /dev/null && check_hash

4
roles/kalite/tasks/main.yml
View file

@ -36,9 +36,9 @@
- include_tasks: enable.yml - include_tasks: enable.yml
- name: Add 'kalite' to list of services at /etc/iiab/iiab.ini - name: Add 'kalite' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: kalite section: kalite
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

0
roles/kalite/templates/settings.py.j2 → roles/kalite/templates/settings.py.j2.deprecated
View file

4
roles/kiwix/tasks/kiwix_install.yml
View file

@ -149,9 +149,9 @@
# 5. FINALIZE # 5. FINALIZE
- name: Add 'kiwix' to list of services at /etc/iiab/iiab.ini - name: Add 'kiwix' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: kiwix section: kiwix
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

10
roles/kiwix/templates/iiab-make-kiwix-lib.py
View file

@ -29,13 +29,13 @@ if not IIAB_PATH in sys.path:
from iiab_env import get_iiab_env from iiab_env import get_iiab_env
# Config Files # Config Files
# iiab_config_file should be in /etc/iiab/iiab.env # iiab_ini_file should be in {{ iiab_env_file }} (/etc/iiab/iiab.env) ?
iiab_config_file = "{{ iiab_config_file }}" # nominally /etc/iiab/iiab.ini iiab_ini_file = "{{ iiab_ini_file }}" # nominally /etc/iiab/iiab.ini
# iiab_config_file = "/etc/iiab/iiab.ini" # comment out after testing # iiab_ini_file = "/etc/iiab/iiab.ini" # comment out after testing
IIAB_INI = get_iiab_env('IIAB_INI') # future IIAB_INI = get_iiab_env('IIAB_INI') # future
if IIAB_INI: if IIAB_INI:
iiab_config_file = IIAB_INI iiab_ini_file = IIAB_INI
# Variables that should be read from config file # Variables that should be read from config file
# All of these variables will be read from config files and recomputed in init() # All of these variables will be read from config files and recomputed in init()
@ -187,7 +187,7 @@ def init():
global kiwix_manage global kiwix_manage
config = ConfigParser.SafeConfigParser() config = ConfigParser.SafeConfigParser()
config.read(iiab_config_file) config.read(iiab_ini_file)
iiab_base_path = config.get('location','iiab_base') iiab_base_path = config.get('location','iiab_base')
zim_path = config.get('kiwix','iiab_zim_path') zim_path = config.get('kiwix','iiab_zim_path')
kiwix_library_xml = config.get('kiwix','kiwix_library_xml') kiwix_library_xml = config.get('kiwix','kiwix_library_xml')

4
roles/kolibri/tasks/main.yml
View file

@ -80,9 +80,9 @@
state: stopped state: stopped
when: not kolibri_enabled when: not kolibri_enabled
- name: Add 'kolibri' to list of services at /etc/iiab/iiab.ini - name: Add 'kolibri' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: kolibri section: kolibri
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/mediawiki/tasks/install.yml
View file

@ -85,9 +85,9 @@
name: "{{ apache_service }}" name: "{{ apache_service }}"
state: restarted state: restarted
- name: Add 'mediawiki' to list of services at /etc/iiab/iiab.ini - name: Add 'mediawiki' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: mediawiki section: mediawiki
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/mongodb/tasks/main.yml
View file

@ -60,9 +60,9 @@
# state: stopped # state: stopped
# when: not mongodb_enabled # when: not mongodb_enabled
- name: Add 'mongodb' to list of services at /etc/iiab/iiab.ini - name: Add 'mongodb' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: mongodb section: mongodb
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/monit/tasks/main.yml
View file

@ -45,9 +45,9 @@
#- name: Restart monit service #- name: Restart monit service
# command: service monit restart # command: service monit restart
- name: Add 'monit' to list of services at /etc/iiab/iiab.ini - name: Add 'monit' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: monit section: monit
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/moodle-1.9/moodle/tasks/main.yml
View file

@ -76,7 +76,7 @@
register: moodlepw register: moodlepw
- name: add moodle to service list - name: add moodle to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=moodle section=moodle
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

4
roles/moodle/tasks/main.yml
View file

@ -155,9 +155,9 @@
path: "{{ moodle_base }}/config.php" path: "{{ moodle_base }}/config.php"
mode: 0644 mode: 0644
- name: Add 'moodle' to list of services at /etc/iiab/iiab.ini - name: Add 'moodle' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: moodle section: moodle
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/munin/tasks/main.yml
View file

@ -84,9 +84,9 @@
- /usr/share/munin/plugins/mysql_threads - /usr/share/munin/plugins/mysql_threads
when: mysql_enabled when: mysql_enabled
- name: Add 'munin' to list of services at /etc/iiab/iiab.ini - name: Add 'munin' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: munin section: munin
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/mysql/tasks/main.yml
View file

@ -133,9 +133,9 @@
state: stopped state: stopped
when: not mysql_enabled when: not mysql_enabled
- name: Add 'mysql' to list of services at /etc/iiab/iiab.ini - name: Add 'mysql' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: mysql section: mysql
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

12
roles/network/tasks/computed_network.yml
View file

@ -172,9 +172,9 @@
iiab_wan_iface: "none" iiab_wan_iface: "none"
when: adapter_count.stdout|int >= "5" and device_gw == "none" and gui_wan_iface == "unset" and gui_static_wan is defined when: adapter_count.stdout|int >= "5" and device_gw == "none" and gui_wan_iface == "unset" and gui_static_wan is defined
- name: Record IIAB_WAN_DEVICE to /etc/iiab/iiab.env - name: Record IIAB_WAN_DEVICE to {{ iiab_env_file }}
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^IIAB_WAN_DEVICE=*' regexp: '^IIAB_WAN_DEVICE=*'
line: 'IIAB_WAN_DEVICE="{{ iiab_wan_iface }}"' line: 'IIAB_WAN_DEVICE="{{ iiab_wan_iface }}"'
state: present state: present
@ -182,9 +182,9 @@
tags: tags:
- network - network
- name: Record IIAB_LAN_DEVICE to /etc/iiab/iiab.env - name: Record IIAB_LAN_DEVICE to {{ iiab_env_file }}
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^IIAB_LAN_DEVICE=*' regexp: '^IIAB_LAN_DEVICE=*'
line: 'IIAB_LAN_DEVICE="{{ iiab_lan_iface }}"' line: 'IIAB_LAN_DEVICE="{{ iiab_lan_iface }}"'
state: present state: present
@ -192,9 +192,9 @@
tags: tags:
- network - network
- name: Add 'computed_network' variable values to /etc/iiab/iiab.ini - name: Add 'computed_network' variable values to {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
section: computed_network section: computed_network
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/network/tasks/computed_services.yml
View file

@ -49,9 +49,9 @@
dhcp_service2: "dnsmasq disabled" dhcp_service2: "dnsmasq disabled"
when: dnsmasq_install and iiab_network_mode == "Appliance" when: dnsmasq_install and iiab_network_mode == "Appliance"
- name: Add 'network' variable values (from computed_services.yml) to /etc/iiab/iiab.ini - name: Add 'network' variable values (from computed_services.yml) to {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
section: network section: network
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

6
roles/network/tasks/detected_network.yml
View file

@ -1,5 +1,5 @@
- name: iiab_wan_device - name: iiab_wan_device
shell: grep IIAB_WAN_DEVICE /etc/iiab/iiab.env | awk -F "=" '{print $2}' shell: grep IIAB_WAN_DEVICE {{ iiab_env_file }} | awk -F "=" '{print $2}'
when: iiab_stage|int > 4 when: iiab_stage|int > 4
register: prior_gw register: prior_gw
@ -188,9 +188,9 @@
gui_wan_iface: "{{ device_gw }}" gui_wan_iface: "{{ device_gw }}"
when: user_wan_iface == "auto" and device_gw != "none" and discovered_wan_iface == "none" when: user_wan_iface == "auto" and device_gw != "none" and discovered_wan_iface == "none"
- name: Add 'detected_network' variable values to /etc/iiab/iiab.ini - name: Add 'detected_network' variable values to {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ iiab_config_file }}" dest: "{{ iiab_ini_file }}"
section: detected_network section: detected_network
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

16
roles/network/tasks/enable_services.yml
View file

@ -79,7 +79,7 @@
- name: Create xs_httpcache flag - name: Create xs_httpcache flag
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^HTTPCACHE_ON=*' regexp: '^HTTPCACHE_ON=*'
line: 'HTTPCACHE_ON=True' line: 'HTTPCACHE_ON=True'
state: present state: present
@ -121,7 +121,7 @@
- name: Remove xs_httpcache flag - name: Remove xs_httpcache flag
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^HTTPCACHE_ON=*' regexp: '^HTTPCACHE_ON=*'
line: 'HTTPCACHE_ON=False' line: 'HTTPCACHE_ON=False'
state: present state: present
@ -150,9 +150,9 @@
with_items: with_items:
- { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' } - { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' }
- name: Add 'squid' to list of services at /etc/iiab/iiab.ini - name: Add 'squid' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: squid section: squid
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"
@ -160,9 +160,9 @@
- option: enabled - option: enabled
value: "{{ squid_enabled }}" value: "{{ squid_enabled }}"
- name: Add 'dansguardian' to list of services at /etc/iiab/iiab.ini - name: Add 'dansguardian' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: dansguardian section: dansguardian
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"
@ -170,9 +170,9 @@
- option: enabled - option: enabled
value: "{{ dansguardian_enabled }}" value: "{{ dansguardian_enabled }}"
- name: Add 'wondershaper' to list of services at /etc/iiab/iiab.ini - name: Add 'wondershaper' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: wondershaper section: wondershaper
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/network/tasks/hostapd.yml
View file

@ -55,9 +55,9 @@
enabled: yes enabled: yes
when: hostapd_enabled and iiab_wireless_lan_iface is defined and iiab_network_mode != "Appliance" when: hostapd_enabled and iiab_wireless_lan_iface is defined and iiab_network_mode != "Appliance"
- name: Record HOSTAPD_ENABLED to /etc/iiab/iiab.env - name: Record HOSTAPD_ENABLED to {{ iiab_env_file }}
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: '^HOSTAPD_ENABLED=*' regexp: '^HOSTAPD_ENABLED=*'
line: 'HOSTAPD_ENABLED={{ hostapd_enabled }}' line: 'HOSTAPD_ENABLED={{ hostapd_enabled }}'
state: present state: present

2
roles/network/tasks/main.yml
View file

@ -11,7 +11,7 @@
no_net_restart: True # used below in (1) sysd-netd-debian.yml, no_net_restart: True # used below in (1) sysd-netd-debian.yml,
# (2) debian.yml, (3) rpi_debian.yml # (2) debian.yml, (3) rpi_debian.yml
when: discovered_wireless_iface == iiab_wan_iface and not reboot_to_AP when: discovered_wireless_iface == iiab_wan_iface and not reboot_to_AP
# EITHER WAY: hostapd_enabled's state is RECORDED into /etc/iiab/iiab.env # EITHER WAY: hostapd_enabled's state is RECORDED into {{ iiab_env_file }}
# in hostapd.yml for later use by... # in hostapd.yml for later use by...
# /usr/libexec/iiab-startup.sh, iiab-hotspot-off & iiab-hotspot-on # /usr/libexec/iiab-startup.sh, iiab-hotspot-off & iiab-hotspot-on
# #

8
roles/network/tasks/squid.yml
View file

@ -83,9 +83,9 @@
when: dansguardian_install when: dansguardian_install
# {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8 # {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8
- name: Add '{{ proxy }}' to list of services at /etc/iiab/iiab.ini - name: Add '{{ proxy }}' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: "{{ proxy }}" section: "{{ proxy }}"
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"
@ -97,9 +97,9 @@
- option: enabled - option: enabled
value: "{{ squid_enabled }}" value: "{{ squid_enabled }}"
- name: Add 'dansguardian' variable values to /etc/iiab/iiab.ini - name: Add 'dansguardian' variable values to {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: dansguardian section: dansguardian
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/network/tasks/wondershaper.yml
View file

@ -38,9 +38,9 @@
group: root group: root
state: link state: link
- name: Add 'wondershaper' variable values to /etc/iiab/iiab.ini - name: Add 'wondershaper' variable values to {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: wondershaper section: wondershaper
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/network/templates/gateway/iiab-gen-iptables
View file

@ -1,5 +1,5 @@
#!/bin/bash -x #!/bin/bash -x
source /etc/iiab/iiab.env source {{ iiab_env_file }}
{% if is_debuntu %} {% if is_debuntu %}
IPTABLES=/sbin/iptables IPTABLES=/sbin/iptables
IPTABLES_DATA=/etc/iptables.up.rules IPTABLES_DATA=/etc/iptables.up.rules
@ -9,7 +9,7 @@ IPTABLES_DATA=/etc/sysconfig/iptables
{% endif %} {% endif %}
LANIF=$IIAB_LAN_DEVICE LANIF=$IIAB_LAN_DEVICE
WANIF=$IIAB_WAN_DEVICE WANIF=$IIAB_WAN_DEVICE
MODE=`grep iiab_network_mode_applied /etc/iiab/iiab.ini | gawk '{print $3}'` MODE=`grep iiab_network_mode_applied {{ iiab_ini_file }} | gawk '{print $3}'`
clear_fw() { clear_fw() {
$IPTABLES -F $IPTABLES -F

2
roles/network/templates/network/iiab-hotspot-off
View file

@ -16,4 +16,4 @@ if grep -qi raspbian /etc/*release; then
ip link set dev wlan0 promisc on ip link set dev wlan0 promisc on
fi fi
sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=False/" /etc/iiab/iiab.env sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=False/" {{ iiab_env_file }}

2
roles/network/templates/network/iiab-hotspot-on
View file

@ -17,6 +17,6 @@ if grep -qi raspbian /etc/*release; then
ip link set dev wlan0 promisc off ip link set dev wlan0 promisc off
fi fi
sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=True/" /etc/iiab/iiab.env sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=True/" {{ iiab_env_file }}
echo -e "\nPlease consider rebooting now.\n" echo -e "\nPlease consider rebooting now.\n"

4
roles/nextcloud/tasks/main.yml
View file

@ -162,9 +162,9 @@
# following enables and disables # following enables and disables
- include_tasks: nextcloud_enabled.yml - include_tasks: nextcloud_enabled.yml
- name: Add 'nextcloud' to list of services at /etc/iiab/iiab.ini - name: Add 'nextcloud' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: Nextcloud section: Nextcloud
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/nodogsplash/tasks/rpi.yml
View file

@ -52,9 +52,9 @@
state: stopped state: stopped
when: not nodogsplash_enabled when: not nodogsplash_enabled
- name: Add 'nodogsplash' to list of services at /etc/iiab/iiab.ini - name: Add 'nodogsplash' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: nodogsplash section: nodogsplash
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/openvpn/tasks/main.yml
View file

@ -206,9 +206,9 @@
# when: not openvpn_enabled and not installing # when: not openvpn_enabled and not installing
- name: Add 'openvpn' to list of services at /etc/iiab/iiab.ini - name: Add 'openvpn' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: openvpn section: openvpn
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

6
roles/openvpn/templates/announcer.j2
View file

@ -19,10 +19,10 @@ if [ -f /etc/iiab/openvpn_handle ]; then
#else #else
# # Option #3: Dangerous to invoke hypothetical variables :( # # Option #3: Dangerous to invoke hypothetical variables :(
# source /etc/iiab/iiab.env # source {{ iiab_env_file }}
# # Option #4: CAUSED FAILURES IN AUGUST 2018, invoking stale variable from /etc/iiab/iiab.ini, but safer now that relegated to #4 ? # # Option #4: CAUSED FAILURES IN AUGUST 2018, invoking stale variable from {{ iiab_ini_file }}, but safer now that relegated to #4 ?
# if [ -z "$HANDLE" ]; then # if [ -z "$HANDLE" ]; then
# HANDLE=`cat /etc/iiab/iiab.ini | gawk \ # HANDLE=`cat {{ iiab_ini_file }} | gawk \
# '{ if((toupper($1) == "HANDLE") && ($2 == "=")) { print $3;}}'` # '{ if((toupper($1) == "HANDLE") && ($2 == "=")) { print $3;}}'`
# fi # fi
fi fi

4
roles/osm/tasks/main.yml
View file

@ -174,9 +174,9 @@
name: "{{ apache_service }}" name: "{{ apache_service }}"
state: restarted state: restarted
- name: Add 'osm' to list of services at /etc/iiab/iiab.ini - name: Add 'osm' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: osm section: osm
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/owncloud/tasks/main.yml
View file

@ -106,7 +106,7 @@
when: owncloud_enabled when: owncloud_enabled
- name: Add owncloud to service list - name: Add owncloud to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=owncloud section=owncloud
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

4
roles/pathagar/tasks/main.yml
View file

@ -193,9 +193,9 @@
name: "{{ apache_service }}" name: "{{ apache_service }}"
state: reloaded state: reloaded
- name: Add 'pathagar' to list of services at /etc/iiab/iiab.ini - name: Add 'pathagar' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: pathagar section: pathagar
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/phpmyadmin/tasks/main.yml
View file

@ -65,9 +65,9 @@
state: absent state: absent
when: not phpmyadmin_enabled and is_debuntu when: not phpmyadmin_enabled and is_debuntu
- name: Add 'phpmyadmin' to list of services at /etc/iiab/iiab.ini - name: Add 'phpmyadmin' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: phpmyadmin section: phpmyadmin
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/postgresql/tasks/main.yml
View file

@ -93,9 +93,9 @@
enabled: no enabled: no
when: not postgresql_enabled when: not postgresql_enabled
- name: Add 'postgresql' to list of services at /etc/iiab/iiab.ini - name: Add 'postgresql' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: postgresql section: postgresql
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/rachel/tasks/main.yml
View file

@ -24,7 +24,7 @@
when: rachel_enabled and rachel_content_found when: rachel_enabled and rachel_content_found
- name: Add rachel to service list - name: Add rachel to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=rachel section=rachel
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

4
roles/samba/tasks/main.yml
View file

@ -71,9 +71,9 @@
- samba - samba
when : not samba_enabled when : not samba_enabled
- name: Add 'samba' to list of services at /etc/iiab/iiab.ini - name: Add 'samba' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: samba section: samba
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/schooltool/tasks/main.yml
View file

@ -56,7 +56,7 @@
when: not schooltool_enabled when: not schooltool_enabled
- name: add schooltool to service list - name: add schooltool to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=schooltool section=schooltool
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

2
roles/sugar-stats/tasks/main.yml
View file

@ -41,7 +41,7 @@
- include_tasks: statistics-consolidation.yml - include_tasks: statistics-consolidation.yml
- name: Add sugar-stats to service list - name: Add sugar-stats to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=sugar_stats section=sugar_stats
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

4
roles/sugarizer/tasks/main.yml
View file

@ -228,9 +228,9 @@
# state: stopped # state: stopped
# when: not sugarizer_enabled # when: not sugarizer_enabled
- name: Add 'sugarizer' to list of services at /etc/iiab/iiab.ini - name: Add 'sugarizer' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: sugarizer section: sugarizer
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/teamviewer/tasks/main.yml
View file

@ -9,7 +9,7 @@
when: teamviewer_install when: teamviewer_install
- name: Add teamviewer to service list - name: Add teamviewer to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=teamviewer section=teamviewer
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

4
roles/transmission/tasks/main.yml
View file

@ -54,9 +54,9 @@
state: stopped state: stopped
when: not transmission_enabled when: not transmission_enabled
- name: Add transmission to list of services at /etc/iiab/iiab.ini - name: Add transmission to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: transmission section: transmission
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

6
roles/usb-lib/tasks/main.yml
View file

@ -3,7 +3,7 @@
dest: "{{ doc_root }}/local_content" dest: "{{ doc_root }}/local_content"
state: directory state: directory
owner: "{{ apache_user }}" owner: "{{ apache_user }}"
group: "{{ iiab_admin_user }}" group: "{{ iiab_admin_user }}" # ISN'T "{{ apache_user }}" MORE APPROPRIATE?
mode: 0775 mode: 0775
- name: Copy mount file to usbmount when enabled - name: Copy mount file to usbmount when enabled
@ -55,7 +55,7 @@
- name: Put variable in iiab.env that enables display of content at root of USB - name: Put variable in iiab.env that enables display of content at root of USB
lineinfile: lineinfile:
dest: /etc/iiab/iiab.env dest: "{{ iiab_env_file }}"
regexp: "^IIAB_USB_LIB_SHOW_ALL.*" regexp: "^IIAB_USB_LIB_SHOW_ALL.*"
line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}"
@ -87,7 +87,7 @@
- name: Add usb-lib to service list - name: Add usb-lib to service list
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: usb-lib section: usb-lib
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/usb-lib/templates/iiab-usb-lib-show-all-off
View file

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# turn on the flag which registers new USB sticks at root directory # turn on the flag which registers new USB sticks at root directory
sed -i -e's/^IIAB_USB_LIB_SHOW_ALL.*/IIAB_USB_LIB_SHOW_ALL=False/' /etc/iiab/iiab.env sed -i -e's/^IIAB_USB_LIB_SHOW_ALL.*/IIAB_USB_LIB_SHOW_ALL=False/' {{ iiab_env_file }}

2
roles/usb-lib/templates/iiab-usb-lib-show-all-on
View file

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# turn on the flag which registers new USB sticks at root directory # turn on the flag which registers new USB sticks at root directory
sed -i -e's/^IIAB_USB_LIB_SHOW_ALL.*/IIAB_USB_LIB_SHOW_ALL=True/' /etc/iiab/iiab.env sed -i -e's/^IIAB_USB_LIB_SHOW_ALL.*/IIAB_USB_LIB_SHOW_ALL=True/' {{ iiab_env_file }}

2
roles/usb-lib/templates/mount.d/70-usb-library
View file

@ -9,7 +9,7 @@
# #
# by Tim Moody tim@timmoody.com # by Tim Moody tim@timmoody.com
source /etc/iiab/iiab.env source {{ iiab_env_file }}
case $IIAB_USB_LIB_SHOW_ALL in case $IIAB_USB_LIB_SHOW_ALL in
'True'|'true'|'TRUE') 'True'|'true'|'TRUE')
logger -p user.notice -t "70-usb-library" -- "Displaying root directory on $UM_MOUNTPOINT." logger -p user.notice -t "70-usb-library" -- "Displaying root directory on $UM_MOUNTPOINT."

4
roles/vnstat/tasks/main.yml
View file

@ -29,9 +29,9 @@
enabled: yes enabled: yes
state: started state: started
- name: Add 'vnstat' to list of services at /etc/iiab/iiab.ini - name: Add 'vnstat' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: vnstat section: vnstat
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

4
roles/wordpress/tasks/install.yml
View file

@ -135,9 +135,9 @@
name: "{{ apache_service }}" name: "{{ apache_service }}"
state: restarted state: restarted
- name: Add 'wordpress' to list of services at /etc/iiab/iiab.ini - name: Add 'wordpress' to list of services at {{ iiab_ini_file }}
ini_file: ini_file:
dest: "{{ service_filelist }}" dest: "{{ iiab_ini_file }}"
section: wordpress section: wordpress
option: "{{ item.option }}" option: "{{ item.option }}"
value: "{{ item.value }}" value: "{{ item.value }}"

2
roles/xovis/tasks/main.yml
View file

@ -82,7 +82,7 @@
when: xovis_enabled when: xovis_enabled
- name: Add xovis to service list - name: Add xovis to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ iiab_ini_file }}'
section=xovis section=xovis
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'

68
runansible.deprecated
View file

@ -1,68 +0,0 @@
#!/bin/bash -e
echo "Please consider ./iiab-install instead of the lesser-supported ./runansible"
PLAYBOOK="iiab.yml"
INVENTORY="ansible_hosts"
# Pass cmdline options for ansible
ARGS="$@"
# if vars/local_vars.yml is missing, put a default one in place - First Run
if [ ! -f ./vars/local_vars.yml ]; then
OS=`grep ^ID= /etc/*release|cut -d= -f2`
OS=${OS//\"/}
case $OS in
OLPC | fedora)
cp ./vars/local_vars_olpc.yml ./vars/local_vars.yml
;;
centos | debian | ubuntu | raspbian)
cp ./vars/local_vars_medium.yml ./vars/local_vars.yml
;;
*)
echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..."
exit 1
;;
esac
fi
# copy var files to /etc/iiab for subsequent use
# If iiab.env exists, on second or upgrade run, check for stale variables
# iiab.env gets created at the end of stage-4 on First Run
if [ -f /etc/iiab/iiab.env ]
then
OLD=`grep XSCE /etc/iiab/iiab.env | wc -l`
if [ "$OLD" -gt 0 ]
then
rm /etc/iiab/iiab.env
else
. /etc/iiab/iiab.env
cd $IIAB_DIR
fi
else
mkdir -p /etc/iiab
echo "{}" > /etc/iiab/config_vars.yml
fi
CWD=`pwd`
if [ ! -f $PLAYBOOK ]
then
echo "IIAB Playbook not found."
echo "Please run this command from the top level of the git repo."
echo "Exiting."
exit 1
fi
if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then
mkdir -p /etc/ansible/facts.d
fi
cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact
echo "Running local playbooks! "
export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null
ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local

47
runtags.deprecated
View file

@ -1,47 +0,0 @@
#!/bin/bash
INVENTORY="ansible_hosts"
PLAYBOOK="iiab.yml"
#PLAYBOOK="iiab-stages.yml"
CWD=`pwd`
export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log"
if [ ! -f $PLAYBOOK ]; then
echo "Exiting: IIAB Playbook not found."
echo "Please run this in /opt/iiab/iiab (top level of the git repo)."
exit 1
fi
# Is the following stanza nec?
if [ ! -f /etc/iiab/config_vars.yml ]; then
mkdir -p /etc/iiab
echo "{}" > /etc/iiab/config_vars.yml
fi
tags=$(echo $1 | tr "," "\n")
if [ "$tags" == "" ]; then
echo " usage: ./runtags <tagname>"
echo " usage: ./runtags <tagname1>,<tagname2>,<tagname3>"
echo " Can take a single value or a comma-separated list (no spaces within the list!)"
echo " Now retrieving a list of possible Ansible playbook and tagname values..."
ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local --list-tags
exit 0
fi
found="N"
for tag in $tags; do
if [ "$tag" == "0-init" ]; then
found="Y"
fi
done
taglist=$1
if [ "$found" == "N" ]; then
taglist="0-init,"$taglist
fi
ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local --tags=$taglist

Some files were not shown because too many files have changed in this diff Show more