From 1bd1fbda8febdf433c29168a8ed34f2f4f6012c1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:16:55 -0400 Subject: [PATCH 01/60] cleaner Ansible messaging --- roles/1-prep/tasks/main.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index c64beaad4..e6e2b382a 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -3,12 +3,12 @@ - name: ...IS BEGINNING ============================================ command: echo -- name: get the uuidgen program +- name: Get the uuidgen program package: name=uuid-runtime state=present when: is_debuntu -- name: Test for UUID file +- name: Test for /etc/iiab/uuid file stat: path=/etc/iiab/uuid register: uuid_file @@ -25,11 +25,11 @@ shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid when: not uuid_file.stat.exists -- name: get the uuid +- name: Get the uuid command: cat /etc/iiab/uuid register: stored_uuid -- name: get the value into a variable +- name: Get the value into a variable set_fact: uuid={{ stored_uuid.stdout_lines[0] }} @@ -48,26 +48,26 @@ dest=/etc/chrony.conf src=chrony.conf.j2 -- name: Disable apparmor -- on by default in ubuntu +- name: Disable AppArmor -- on by default in Ubuntu service: name=apparmor enabled=False state=stopped when: first_run and is_ubuntu ignore_errors: true -- name: Disable selinux on next boot +- name: Disable SELinux on next boot selinux: state=disabled register: selinux_disabled when: first_run and not is_debuntu -- name: Disable selinux for this session (if needed) +- name: Disable SELinux for this session (if needed) command: setenforce Permissive when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed ## DISCOVER PLATFORMS ###### -- name: Discover if this is a rpi -- assume if so it is running raspbian +- name: Discover if this is an rpi -- assume it is running Raspbian if so set_fact: rpi_model: "rpi" is_rpi: "True" - when: ansible_local.local_facts.os == "raspbian" + when: ansible_local.local_facts.os == "raspbian" ignore_errors: true - include: prep.yml @@ -77,13 +77,13 @@ - include: raspberry_pi_2.yml when: first_run and rpi_model != "none" -- name: Check if the identifier for intel's NUC6 builtin wifi is present +- name: Check if the identifier for Intel's NUC6 builtin WiFi is present shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'" register: usb_NUC6 ignore_errors: true when: first_run -- name: download the firmware for built in wifi on NUC6 +- name: Download the firmware for built-in WiFi on NUC6 get_url: dest=/lib/firmware url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 From 0b688550ea7329ff811aa0a31587073f0889d31a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:18:51 -0400 Subject: [PATCH 02/60] cleaner Ansible messaging --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 33e821ef6..bfb69887b 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -32,7 +32,7 @@ - sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present -- name: Set default Timezone +- name: Set default Time Zone shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime when: iiab_TZ is defined and iiab_TZ != "" From 87f55cd62883802acbee3cdac8d19ce6530df865 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:21:30 -0400 Subject: [PATCH 03/60] cleaner Ansible messaging --- roles/4-server-options/tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 01684d2b7..69173b017 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -51,7 +51,7 @@ when: usb_lib_install tags: usb-lib -# this script can be sourced to get iiab location +# this script can be sourced to get IIAB location - name: Create iiab.env file template: src=roles/1-prep/templates/iiab.env.j2 dest=/etc/iiab/iiab.env @@ -59,11 +59,11 @@ group=root mode=0644 -- name: put a python interface to iiab.env +- name: Put a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py -- name: generate the offline documents +- name: Generate the offline documents command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs From 011005d707f58ba998eecd71831730d16ed44a62 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:25:51 -0400 Subject: [PATCH 04/60] cleaner Ansible messaging --- roles/httpd/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 81c6498fc..2eb71b8ce 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -40,7 +40,7 @@ - download when: is_redhat -- name: remove the default apache2 config file +- name: Remove the default apache2 config file file: path=/etc/apache2/sites-enabled/000-default.conf src=/etc/apache2/sites-available/000-default.conf state=absent @@ -67,7 +67,7 @@ - mpm_event.load when: is_debuntu -- name: create symlinks for mpm-prefork +- name: Create symlinks for mpm-prefork file: path=/etc/apache2/mods-enabled/{{ item }} src=/etc/apache2/mods-available/{{ item }} state=link @@ -76,7 +76,7 @@ - mpm_prefork.load when: is_debuntu -- name: turn on mod_proxy +- name: Turn on mod_proxy command: a2enmod {{ item }} with_items: - proxy @@ -85,7 +85,7 @@ - rewrite when: is_debuntu -- name: create symlinks for enabling our site +- name: Create symlinks for enabling our site file: path=/etc/apache2/sites-enabled/{{ item }} src=/etc/apache2/sites-available/{{ item }} state=link @@ -105,7 +105,7 @@ group=root state=directory -- name: create admin group +- name: Create admin group group: name=admin state=present @@ -146,7 +146,7 @@ tags: - base -- name: place the script to generate homepages +- name: Place the script to generate homepages template: src=refresh-wiki-docs.sh dest=/usr/bin/iiab-refresh-wiki-docs mode=0755 From 08a9014598d67bb1ff0c6194cbe4d5a320c681e3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:27:19 -0400 Subject: [PATCH 05/60] cleaner Ansible messaging --- roles/iiab-admin/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index 25c384717..4541f4027 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -28,12 +28,12 @@ stat: path=/home/pi/.config/lxsession register: lx -- name: Do the same if running on raspbian +- name: Do the same if running on Raspbian template: src=lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/ when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu -- name: put a autostart line to check for default password in LXDE +- name: Put an autostart line to check for default password in LXDE lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/autostart when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu From 2569968b294f22969ade49b932fd846f0122c244 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:31:12 -0400 Subject: [PATCH 06/60] cleaner Ansible messaging --- roles/iiab-admin/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/iiab-admin/README.rst b/roles/iiab-admin/README.rst index b39d4b729..01f202d6e 100644 --- a/roles/iiab-admin/README.rst +++ b/roles/iiab-admin/README.rst @@ -1,5 +1,5 @@ ================= -XSCE Admin README +IIAB Admin README ================= This role is home to a number of administrative playbooks. Those implemented are: @@ -22,4 +22,4 @@ Add Packages for Remote Access Admin Console ------------- -Has been moved to a separate git repo \ No newline at end of file +Has been moved to separate git repo: https://github.com/iiab/iiab-admin-console From e662025c4b1520bf7681420a321318e1b9122d06 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:33:32 -0400 Subject: [PATCH 07/60] cleaner Ansible messaging --- roles/network/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 20a94af78..0d8b2b8cc 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -80,7 +80,7 @@ tags: - network -- name: ask systemd to reread the unit files, picks up changes done +- name: Ask systemd to reread the unit files, picks up changes done shell: systemctl daemon-reload when: not installing @@ -99,7 +99,7 @@ - network when: is_debuntu and is_rpi and not installing -- name: Create iiab network flags +- name: Create IIAB network flags template: src=network/{{ item }}.j2 dest=/etc/sysconfig/{{ item }} mode=0644 From 504264a11fddb5d4f33388c72bbaa951df1b95c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:37:00 -0400 Subject: [PATCH 08/60] cleaner Ansible messaging --- roles/mysql/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 10b65e6b8..e4819172a 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -68,17 +68,17 @@ # 'localhost' needs to be the last item for idempotency, see # http://ansible.cc/docs/modules.html#mysql-user # unfortunately it still doesn't work - - name: update mysql root password for localhost root accounts + - name: Update MySQL root password for localhost root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: - localhost when: mysql_enabled - - name: copy .my.cnf file with root password credentials + - name: Copy .my.cnf file with root password credentials template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 when: mysql_enabled - - name: update mysql root password for all remaining root accounts + - name: Update mysql root password for all remaining root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: # - "{{ iiab_hostname }}.{{ iiab_domain }}" @@ -86,15 +86,15 @@ - ::1 when: mysql_enabled - - name: delete anonymous MySQL server user for {{ ansible_hostname }} + - name: Delete anonymous MySQL server user for {{ ansible_hostname }} mysql_user: user="" host="{{ ansible_hostname }}" state="absent" when: mysql_enabled - - name: delete anonymous MySQL server user for localhost + - name: Delete anonymous MySQL server user for localhost mysql_user: user="" state="absent" when: mysql_enabled - - name: remove the MySQL test database + - name: Remove the MySQL test database mysql_db: db=test state=absent when: mysql_enabled @@ -106,7 +106,7 @@ when: not mysql_enabled - - name: add mysql to service list + - name: Add mysql to service list ini_file: dest='{{ service_filelist }}' section=mysql option='{{ item.option }}' @@ -115,6 +115,6 @@ - option: name value: mysql-database - option: description - value: '"mySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' + value: '"MySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' - option: enabled value: "{{ mysql_enabled }}" From 50ced1eec845004562bce7e45cb23b43eabf2868 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:40:47 -0400 Subject: [PATCH 09/60] cleaner Ansible messaging --- roles/elgg/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index f78dba717..d76b35fe4 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -1,7 +1,7 @@ # Assume we only get here if elgg_install: True # Assume mysql is running -- name: download current version from our copy +- name: Download current version from our copy shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }} creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip when: internet_available @@ -18,7 +18,7 @@ shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt" when: elgg.stat.exists is defined and not elgg.stat.exists -- name: Create a link to the versioned elgg folder +- name: Create a link to the versioned elgg-* folder file: src=./elgg-{{ elgg_version }} dest=/opt/elgg owner={{ apache_user }} @@ -36,7 +36,7 @@ group={{ apache_user }} # The name of this file changed from 1.9 to 1.10. -- name: Copy default .htaccess to the root directory of elgg tree +- name: Copy default .htaccess to the root directory of Elgg tree copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" dest="/opt/{{ elgg_xx }}/.htaccess" mode=0644 @@ -51,13 +51,13 @@ insertafter='^#RewriteBase' line="RewriteBase {{ elgg_url }}/" -- name: Change permissions on engine directory so apache can write +- name: Change permissions on engine directory so Apache can write file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory - name: Create an upload directory that Apache can write in or elgg file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }} -- name: change ownership +- name: Change ownership file: path=/opt/elgg-{{ elgg_version }} owner={{ apache_user }} group={{ apache_user }} @@ -68,7 +68,7 @@ mysql_db: name={{ dbname }} register: create_elgg_database -- name: Create a user to access the elgg database - can be run more than once +- name: Create a user to access the Elgg database - can be run more than once mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL with_items: - 127.0.0.1 @@ -95,23 +95,23 @@ - name: Install config file for elgg in Apache template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf -- name: Enable elgg for debuntu (will already be enabled above for Redhat) +- name: Enable Elgg for debuntu (will already be enabled above for Redhat) file: path=/etc/apache2/sites-enabled/elgg.conf src=/etc/apache2/sites-available/elgg.conf state=link when: elgg_enabled and is_debuntu -- name: Disable elgg for debuntu +- name: Disable Elgg for debuntu file: path=/etc/apache2/sites-enabled/elgg.conf state=absent when: not elgg_enabled and is_debuntu -- name: Disable elgg for Redhat - remove config file for elgg in Apache +- name: Disable Elgg for Redhat - remove config file for Elgg in Apache file: dest=/etc/{{ apache_config_dir }}/elgg.conf state=absent when: not elgg_enabled and is_redhat -- name: add elgg to service list +- name: Add Elgg to service list ini_file: dest='{{ service_filelist }}' section=elgg option='{{ item.option }}' From d8f0aca278422ed028cf9c44c1fb62394afaa5b4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:47:06 -0400 Subject: [PATCH 10/60] cleaner Ansible messaging --- roles/nextcloud/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 6536e7da5..06e8c9bfc 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -1,14 +1,14 @@ # we need to install the rpm in order to get the dependencies # but we only need to do this the first time -- name: See if the nextcloud startup page exists +- name: See if the Nextcloud startup page exists stat: path={{ nextcloud_prefix }}/nextcloud/index.php register: nextcloud_page # but we use the tar file to get the latest version -- name: Get the nextcloud software +- name: Get the Nextcloud software get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} when: internet_available async: 900 @@ -16,7 +16,7 @@ tags: - download -- name: ubuntu and debian treat names differently +- name: Ubuntu and Debian treat names differently package: name={{ item }} state=present with_items: - libapache2-mod-php{{ php_version }} @@ -24,7 +24,7 @@ - php{{ php_version }}-zip when: is_debian -- name: ubuntu and debian treat names differently +- name: Ubuntu and Debian treat names differently package: name={{ item }} state=present with_items: - libapache2-mod-php @@ -70,7 +70,7 @@ dest={{ nextcloud_prefix }} when: is_F18 -- name: in Centos, the following config dir is symlink to /etc/nextcloud +- name: In CentOS, the following config dir is symlink to /etc/nextcloud file: path=/etc/nextcloud state=directory when: is_centos @@ -83,7 +83,7 @@ mode=0640 when: is_centos -- name: Make apache owner +- name: Make Apache owner file: path={{ nextcloud_prefix }}/nextcloud owner={{ apache_user }} group={{ apache_user }} @@ -99,11 +99,11 @@ with_items: - "{{ nextcloud_data_dir }}" -- name: Create a mysql database for nextcloud +- name: Create a MySQL database for Nextcloud mysql_db: name={{ nextcloud_dbname }} when: mysql_enabled and nextcloud_enabled -- name: Create a user to access the nextcloud database +- name: Create a user to access the Nextcloud database mysql_user: name={{ nextcloud_dbuser }} host={{ item }} password={{ nextcloud_dbpassword }} priv={{ nextcloud_dbname }}.*:ALL,GRANT with_items: - "{{ nextcloud_dbhost }}" @@ -113,7 +113,7 @@ when: mysql_enabled and nextcloud_enabled -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted when: not nextcloud_enabled @@ -122,7 +122,7 @@ # following enables and disables - include: nextcloud_enabled.yml -- name: Add nextcloud to service list +- name: Add Nextcloud to service list ini_file: dest='{{ service_filelist }}' section=nextcloud option='{{ item.option }}' From 9cd817e3ad7d974339b8fef38c3d0712e61e65c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:53:42 -0400 Subject: [PATCH 11/60] cleaner Ansible messaging --- roles/usb-lib/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb-lib/tasks/main.yml index 3d4aee182..f158f1433 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb-lib/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Add a content directory for links to be located +- name: Add a content directory for links to be located file: dest={{ doc_root }}/local_content state=directory owner={{ apache_user }} @@ -31,24 +31,24 @@ state=absent when: not usb_lib_enabled -- name: Add apache config for content directory +- name: Add Apache config for content directory template: src=content_dir.conf dest=/etc/{{ apache_config_dir }} when: usb_lib_enabled -- name: create the link to enable for debian +- name: Create the link to enable for Debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=link when: is_debuntu -- name: remove the link that enables in debian +- name: Remove the link that enables in Debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=absent when: is_debuntu and not usb_lib_enabled -- name: remove apache config for content directory +- name: Remove Apache config for content directory file: name=/etc/{{ apache_config_dir }}/content_dir.conf state=absent when: not usb_lib_enabled @@ -62,6 +62,6 @@ - option: name value: usb-lib - option: description - value: '"usb-lib automounts a usb drive with and links to library content."' + value: '"usb-lib automounts a USB drives and links to library content."' - option: enabled value: "{{ usb_lib_enabled }}" From 72753c295d45a0c9f1e77424bce23f1c6a6820bd Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:55:15 -0400 Subject: [PATCH 12/60] cleaner README --- roles/dokuwiki/README.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/dokuwiki/README.rst b/roles/dokuwiki/README.rst index 039fa93fd..07c9a6015 100644 --- a/roles/dokuwiki/README.rst +++ b/roles/dokuwiki/README.rst @@ -1,5 +1,5 @@ =============== -Dokuwiki README +DokuWiki README =============== DokuWiki is a simple to use and highly versatile Open Source wiki software that @@ -10,12 +10,12 @@ make DokuWiki especially useful in the enterprise context and the large number o plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki. -http://dokuwiki.org/ +http://dokuwiki.org After Installation ------------------ -Head to http://schoolserver.lan/wiki. The webpage will probably throw up an error +Head to http://box.lan/wiki. The webpage will probably throw up an error saying you haven't run install.php yet, with a link to it. Click the link to be taken to the install page which does the initial configuration of the wiki. After this, you should be all set! @@ -33,4 +33,4 @@ None yet other than the basic enabled/disabled. Haven't really tested if they wo Todo ---- * Preinstall some popular plugins. -* Additional XSCE customizations. +* Additional IIAB customizations. From 62f64b309343cd73f766a9e3e4e09dae5099b29b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:56:10 -0400 Subject: [PATCH 13/60] cleaner Ansible messaging --- roles/dokuwiki/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/dokuwiki/tasks/main.yml b/roles/dokuwiki/tasks/main.yml index 9b08d1705..9841a32b6 100644 --- a/roles/dokuwiki/tasks/main.yml +++ b/roles/dokuwiki/tasks/main.yml @@ -2,7 +2,7 @@ include: install.yml when: dokuwiki_install -- name: Add dokuwiki to service list +- name: Add DokuWiki to service list ini_file: dest='{{ service_filelist }}' section=dokuwiki option='{{ item.option }}' From 0223e6d7171d6c095e92eac1ff25e44eacc4f531 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:57:21 -0400 Subject: [PATCH 14/60] cleaner Ansible messaging --- roles/dokuwiki/tasks/install.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index 796623e8c..815a23d9e 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Get the Dokuwiki software +- name: Get the DokuWiki software get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir }}/ when: internet_available @@ -8,24 +8,24 @@ - name: Symlink /library/dokuwiki* to /library/dokuwiki shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi -- name: Install config file for dokuwiki in Apache +- name: Install config file for DokuWiki in Apache template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf when: dokuwiki_enabled -- name: enable the dokuwiki +- name: Enable the DokuWiki file: path=/etc/apache2/sites-enabled/dokuwiki.conf src=/etc/apache2/sites-available/dokuwiki.conf state=link when: dokuwiki_enabled and is_debuntu -- name: disable the dokuwiki +- name: Disable the DokuWiki file: path=/etc/apache2/sites-enabled/dokuwiki.conf state=absent when: not dokuwiki_enabled and is_debuntu -- name: Change permissions on engine directory so apache can write +- name: Change permissions on engine directory so Apache can write file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted From ca7f578e14c13eadd7efcce92c562f089b084d0f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:58:40 -0400 Subject: [PATCH 15/60] cleaner README --- roles/kalite/README.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/kalite/README.rst b/roles/kalite/README.rst index 739e1d363..49aa9d972 100644 --- a/roles/kalite/README.rst +++ b/roles/kalite/README.rst @@ -1,13 +1,13 @@ ============== -KA-Lite README +KA Lite README ============== -This role installs KA-Lite, an offline version of the Khan Academy (https://www.khanacademy.org/), +This role installs KA Lite, an offline version of the Khan Academy (https://www.khanacademy.org/), written by Learning Equality (https://learningequality.org/ka-lite/). -KA Lite has two servers, a light httpd server that serves KA videos, and a cron server that sets -up cron jobs to download language packs and KA videos from the internet. There are separate flags -to enable these two servers. +KA Lite has two servers, a light httpd server that serves Khan Academy videos, and a cron server +that sets up cron jobs to download language packs and KA videos from the internet. There are +separate flags to enable these two servers. Access ------ From ebb621a2cfd25ae293b695dd1d33d9c0308717a6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:00:58 -0400 Subject: [PATCH 16/60] cleaner Ansible messaging --- roles/kalite/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kalite/tasks/main.yml b/roles/kalite/tasks/main.yml index 71aadf35c..b0c02471d 100644 --- a/roles/kalite/tasks/main.yml +++ b/roles/kalite/tasks/main.yml @@ -22,7 +22,7 @@ - include: install.yml when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 -- name: ask systemd to reread the unit files +- name: Ask systemd to reread the unit files shell: systemctl daemon-reload when: not kalite_installed.stat.exists From 1aac4fb15c95d49e441cb6ff46df0ea4f4da2176 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:02:26 -0400 Subject: [PATCH 17/60] cleaner Ansible messaging --- roles/kalite/tasks/enable.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kalite/tasks/enable.yml b/roles/kalite/tasks/enable.yml index 79614686f..0c62de120 100644 --- a/roles/kalite/tasks/enable.yml +++ b/roles/kalite/tasks/enable.yml @@ -1,12 +1,12 @@ # By the time we get here we should have ka-lite of some version # And the systemd unit files should be defined -- name: Enable kalite server +- name: Enable kalite-serve service service: name=kalite-serve enabled=yes state=started -- name: Disable kalite server +- name: Disable kalite-serve service service: name=kalite-serve enabled=no state=stopped From b1f77b10922828fa0cd9f3d5d6f22869dd487d78 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:08:41 -0400 Subject: [PATCH 18/60] cleaner Ansible messaging --- roles/kiwix/tasks/kiwix_install.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 4b6d03cf1..4d5db847a 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -1,4 +1,4 @@ -- name: Create various directories for zims +- name: Create various directories for ZIM files file: path={{ item }} owner=root group=root @@ -18,7 +18,7 @@ kiwix_first_pass: True when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists -- name: Copy kiwix library file if needed +- name: Copy Kiwix library file if needed template: src={{ item }} dest="{{ kiwix_library_xml }}" mode=0644 @@ -54,7 +54,7 @@ mode=0755 state=directory -- name: enable the mods which permit apache to proxy +- name: Enable the mods which permit Apache to proxy apache2_module: name={{ item }} with_items: - proxy @@ -71,7 +71,7 @@ when: kiwix_src_bin_only and kiwix_first_pass # workaround because unarchive does not set ownership properly -- name: Set kiwix ownership +- name: Set kiwix ownership to root [WARNING chown -R across all of /opt/iiab] command: "chown -R root:root {{ iiab_base }}" # workaround because kiwix-serve does not stay running @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: add kiwix to service list +- name: Add kiwix to service list ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' From 01a98b1f154a7b2066a00b860ca03977f0d4bb53 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:09:30 -0400 Subject: [PATCH 19/60] cleaner Ansible messaging --- roles/kiwix/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 7b8c5f262..c7409db31 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -16,7 +16,7 @@ kiwix_src_bin_only: True when: ansible_machine == "armv7l" or ansible_machine == "armv6l" -- name: Get the kiwix software +- name: Get the Kiwix software get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}" dest="{{ downloads_dir }}/{{ kiwix_src_file }}" when: internet_available From b1ec762ffbf314685ea502dab922b165e32a0693 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:16:05 -0400 Subject: [PATCH 20/60] cleaner Ansible messaging --- roles/moodle/tasks/main.yml | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index a8f75c4b8..04abeede2 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Install moodle required packages +- name: Install Moodle required packages package: name={{ item }} state=present with_items: @@ -7,7 +7,7 @@ - php-pgsql when: not is_debuntu -- name: Install moodle required packages +- name: Install Moodle required packages package: name={{ item }} state=present with_items: @@ -29,11 +29,11 @@ package: name=php-pclzip when: is_debian_8 -- name: Determine if moodle is already downloaded +- name: Determine if Moodle is already downloaded stat: path={{ moodle_base }}/config-dist.php register: moodle -- name: Download the latest moodle repo +- name: Download the latest Moodle repo git: repo={{ moodle_repo_url }} dest={{ moodle_base }} depth=1 @@ -42,30 +42,30 @@ # ignore_errors: yes when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists -- name: Prepare the downloaded directory so apache can install config file +- name: Prepare the downloaded directory so Apache can install config file file: path={{ moodle_base }} owner={{ apache_user }} recurse=yes state=directory -- name: Give apache permission to write moodle data directory +- name: Give Apache permission to write Moodle data directory file: path={{ content_base }}/dbdata/moodle owner={{ apache_user }} mode=0755 state=directory -- name: Create a moodle data dir with apache permission to write +- name: Create a Moodle data dir with Apache permission to write file: path={{ moodle_data }} owner={{ apache_user }} group={{ apache_user }} mode=0770 state=directory -- name: Remove stock moodle conf +- name: Remove stock Moodle conf file: path='/etc/{{ apache_config_dir }}/moodle.conf' state=absent -- name: Put moodle config file in place +- name: Put Moodle config file in place template: src=022-moodle.j2 dest=/etc/{{ apache_config_dir }}/022-moodle.conf owner=root @@ -73,13 +73,13 @@ mode=0644 when: moodle_enabled -- name: Enable moodle +- name: Enable Moodle file: path=/etc/apache2/sites-enabled/022-moodle.conf src=/etc/apache2/sites-available/022-moodle.conf state=link when: moodle_enabled and is_debuntu -- name: Disable moodle +- name: Disable Moodle file: path=/etc/apache2/sites-enabled/022-moodle.conf state=absent when: not moodle_enabled and is_debuntu @@ -116,24 +116,24 @@ enabled=yes when: moodle_enabled -- name: Restart apache +- name: Restart Apache service: name={{ apache_service }} state=restarted -- name: see if the config.php file exists +- name: See if the config.php file exists stat: path='{{ moodle_base }}/config.php' register: config -- name: Execute moodle startup script +- name: Execute Moodle startup script shell: '{{ moodle_base }}/moodle_installer' when: config.stat.exists is defined and not config.stat.exists -- name: Give apache permission to read config file +- name: Give Apache permission to read config file # command: chown -R {{ apache_user }} {{ moodle_base }} file: path={{ moodle_base }}/config.php mode=0644 -- name: add moodle to service list +- name: Add Moodle to service list ini_file: dest='{{ service_filelist }}' section=moodle option='{{ item.option }}' From d3017d764c41c89598ccc984531252555dc7314d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:20:21 -0400 Subject: [PATCH 21/60] cleaner Ansible messaging --- roles/postgresql/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index 73321bf7d..7574c2fc9 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install postgresql packages +- name: Install PostgreSQL packages package: name={{ item }} state=present with_items: @@ -6,13 +6,13 @@ tags: - download -- name: Install postgresql for debian +- name: Install PostgreSQL for Debian package: name=postgresql-client when: is_debuntu tags: - download -- name: Install postgresql for fedora +- name: Install PostgreSQL for Fedora package: name=postgresql-server when: not is_debuntu tags: @@ -32,12 +32,12 @@ mode=0700 state=directory -- name: make sure that the en_US locale is enabled +- name: Make sure that the en_US locale is enabled lineinfile: dest=/etc/locale.gen line="{{ postgresql_locale }} UTF-8" when: is_debuntu -- name: generate the selected locales +- name: Generate the selected locales command: /usr/sbin/locale-gen when: is_debuntu @@ -56,7 +56,7 @@ creates=/library/pgsql-iiab/pg_hba.conf when: not is_debuntu -- name: Configure postgres +- name: Configure PostgreSQL template: backup=yes src=postgresql.conf.j2 dest=/library/pgsql-iiab/postgresql.conf @@ -80,7 +80,7 @@ enabled=yes when: postgresql_enabled -- name: Stop and disable postgresql-iiab service +- name: Stop and disable postgresql service if not postgresql_enabled service: name=postgresql state=stopped enabled=no From a7cf338aa91a62f04f8e1e33ddf771e5be3500e0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:23:08 -0400 Subject: [PATCH 22/60] cleaner Ansible messaging --- roles/sugarizer/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 8bb5985ed..0e0e8efa2 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Download the latest stable version of sugarizer from location under our control +- name: Download the latest stable version of Sugarizer from location under our control get_url: url={{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz dest={{ downloads_dir }}/{{ sugarizer_version }}.tar.gz @@ -29,12 +29,12 @@ - nodejs - npm -# attempting to reinstall npm is broken on raspbian 9 -- name: check for sugarizer already installed +# attempting to reinstall npm is broken on Raspbian 9 +- name: Check for Sugarizer already installed stat: path={{ sugarizer_location }}/sugarizer/server/node_modules register: npm -- name: set a flag to abort second attempt to install +- name: Set a flag to abort second attempt to install set_fact: npm_exists: True when: npm.stat.exists is defined and npm.stat.exists @@ -68,7 +68,7 @@ chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 and not npm_exists -- name: enable services - All +- name: Enable services - All service: name={{ item.name }} enabled=yes state=restarted @@ -76,7 +76,7 @@ - { name: sugarizer } when: sugarizer_enabled -- name: disable services - All +- name: Disable services - All service: name={{ item.name }} enabled=no state=stopped @@ -84,7 +84,7 @@ - { name: sugarizer } when: not sugarizer_enabled -- name: add sugarizer to service list +- name: Add Sugarizer to service list ini_file: dest='{{ service_filelist }}' section=sugarizer option='{{ item.option }}' @@ -93,6 +93,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform"' + value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform."' - option: enabled value: "{{ sugarizer_enabled }}" From 4be8702090c0e7c9f645100326b06806251872de Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:27:17 -0400 Subject: [PATCH 23/60] cleaner Ansible messaging --- roles/munin/tasks/main.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index b8ec4cd8f..b6b6a0728 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install munin package +- name: Install Munin package package: name={{ item }} state=present with_items: @@ -11,7 +11,7 @@ - download when: is_debuntu -- name: Install munin package +- name: Install Munin package package: name={{ item }} state=present with_items: @@ -21,7 +21,7 @@ - download when: not is_debuntu -- name: Copy munin config file +- name: Copy Munin config file template: src={{ item.src }} dest={{ item.dest }} owner=root @@ -44,13 +44,13 @@ state=started when: munin_enabled -- name: Enable apache lookup +- name: Enable Apache lookup file: src=/etc/apache2/sites-available/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf state=link when: munin_enabled and is_debuntu -- name: disable apache lookup +- name: Disable Apache lookup file: src=/etc/apache2/sites-available/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf state=absent @@ -62,7 +62,7 @@ state=stopped when: not munin_enabled -- name: If mysql is enabled, let munin monitor it +- name: If MySQL is enabled, let Munin monitor it copy: dest=/etc/munin/plugins/ src={{ item }} with_items: @@ -89,4 +89,3 @@ value: "{{ munin_install }}" - option: enabled value: "{{ munin_enabled }}" - From fbb68bdee65aad7832c2618fd8369f104ce66d71 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:29:49 -0400 Subject: [PATCH 24/60] cleaner Ansible messaging --- roles/vnstat/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 2cfce0b0c..97ddea6c7 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -7,24 +7,24 @@ tags: - download -- name: put the config file in place +- name: Put the config file in place template: src=vnstat.conf.j2 dest=/etc/vnstat.conf mode=0744 owner=root group=root -- name: create database for wan to collect vnstat data +- name: Create database for WAN to collect vnStat data shell: /usr/bin/vnstat -i {{ iiab_wan_iface }} -- name: create database for lan to collect vnstat data if not appliace config +- name: Create database for LAN to collect vnStat data if not appliance config shell: /usr/bin/vnstat -i {{ iiab_lan_iface }} when: not iiab_lan_iface == "" -- name: start vnstat daemon via systemd +- name: Start vnStat daemon via systemd service: name=vnstat enabled=yes state=started -- name: Add vnstat to service list +- name: Add vnStat to service list ini_file: dest='{{ service_filelist }}' section=vnstat option='{{ item.option }}' From 113b3c496f30477f4c4b3f5aa63b5e2cda5b6b46 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:32:45 -0400 Subject: [PATCH 25/60] cleaner Ansible messaging --- roles/phpmyadmin/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 1218019d6..a73c70ee2 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,24 +1,24 @@ - - name: Get the phpmyadmin software + - name: Get the phpMyAdmin software get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir }}/phpMyAdmin.zip" when: internet_available - name: Copy it to permanent location /opt unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/ - - name: Create a symbolic link to the folder of the current version phpmyadmin + - name: Create a symbolic link to the folder of the current version phpMyAdmin file: path=/opt/phpmyadmin src=phpMyAdmin-4.7.5-all-languages state=link - - name: Copy the phpmyadmin config file into place + - name: Copy the phpMyAdmin config file into place template: src=config.inc.php dest=/opt/phpmyadmin/config.inc.php - - name: Change the owner of the php tree to apache + - name: Change the owner of the PHP tree to Apache shell: "chown -R {{ apache_user }} /opt/phpmyadmin" - name: Put the alias into Apache config when enabled template: src=phpmyadmin.j2 dest=/etc/{{ apache_config_dir }}/phpmyadmin.conf when: phpmyadmin_enabled - - name: Enable phpmyadmin + - name: Enable phpMyAdmin file: path=/etc/apache2/sites-enabled/phpmyadmin.conf src=/etc/apache2/sites-available/phpmyadmin.conf state=link @@ -29,7 +29,7 @@ state=absent when: not phpmyadmin_enabled and is_debuntu - - name: add phpmyadmin to service list + - name: Add phpmyadmin to service list ini_file: dest='{{ service_filelist }}' section=phpmyadmin option='{{ item.option }}' @@ -38,7 +38,7 @@ - option: name value: phpMyAdmin - option: description - value: '"phpMyAdmin is an interface with a mysql database written in php, and available to administer the database engine locally or across the network"' + value: '"phpMyAdmin is an interface with a MySQL database written in PHP, and available to administer the database engine locally or across the network."' - option: path value: /opt/phpmyadmin - option: enabled From 2904163eeea7432f5ee772025f69f79444bc8fb5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:51:16 -0400 Subject: [PATCH 26/60] clarify Ansible output --- roles/kiwix/tasks/kiwix_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 4d5db847a..e27760ae5 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: Add kiwix to service list +- name: Add kiwix-serve to list of services ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' From 71cb3ec713b11d106d3f8641fc0a5201aefa038e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:41:24 -0400 Subject: [PATCH 27/60] cleaner Ansible output --- roles/2-common/tasks/packages.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 57bef55e5..700159be6 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -19,7 +19,7 @@ shell: createrepo {{ yum_packages_dir }} when: is_redhat -- name: Install local repo file. +- name: Install local repo file template: dest=/etc/yum.repos.d/iiab-local.repo src=local.repo owner=root @@ -91,7 +91,7 @@ #- name: Run the install script for pip # command: python {{ downloads_dir }}/get-pip.py -- name: Install Common python packages +- name: Install common Python packages package: name={{ item }} state=present with_items: @@ -99,7 +99,7 @@ - python-setuptools - python-virtualenv -- name: Update common packages (not debian +- name: Update common packages (not Debian) package: name={{ item }} state=latest with_items: @@ -109,7 +109,7 @@ - iptables when: is_redhat -- name: Update common packages (debian) +- name: Update common packages (Debian) package: name={{ item }} state=latest with_items: From 8d58b1cfbb2d923a5bba7274c94136b2f3fcc89c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:44:19 -0400 Subject: [PATCH 28/60] cleaner Ansible output --- roles/iiab-admin/tasks/admin-user.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/iiab-admin/tasks/admin-user.yml b/roles/iiab-admin/tasks/admin-user.yml index c08af46bc..3a72a9272 100644 --- a/roles/iiab-admin/tasks/admin-user.yml +++ b/roles/iiab-admin/tasks/admin-user.yml @@ -32,24 +32,24 @@ # backup=yes -- name: edit the sudoers file--first make it editable +- name: Edit the sudoers file -- first make it editable shell: chmod 0640 /etc/sudoers -- name: have sudo log all commands it handles +- name: Have sudo log all commands it handles lineinfile: regexp=logfile line='Defaults logfile = /var/log/sudo.log' state=present dest=/etc/sudoers -- name: lets wheel sudo without password +- name: Lets wheel sudo without password lineinfile: line: "%wheel ALL= NOPASSWD: ALL" dest: /etc/sudoers -- name: remove the line which requires tty +- name: Remove the line which requires tty lineinfile: regexp=requiretty state=absent dest=/etc/sudoers -- name: end editing the sudoers file-- protect it again +- name: End editing the sudoers file -- protect it again shell: chmod 0440 /etc/sudoers From d6bbb9cd07af0bfad7fa8ecab98f9b636f581d31 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:49:55 -0400 Subject: [PATCH 29/60] More readable Ansible output --- roles/network/tasks/wondershaper.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index fb12b245e..7c27d507e 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -1,10 +1,10 @@ -- name: copy wshaper service script +- name: Copy Wondershaper service script template: backup=yes src=wondershaper/wondershaper.service dest=/etc/systemd/system/wondershaper.service mode=0644 -- name: copy wshaper script +- name: Copy Wondershaper script template: backup=yes src=wondershaper/wondershaper.j2 dest=/usr/bin/wondershaper @@ -12,21 +12,21 @@ group=root mode=0744 -- name: create conf.d directory +- name: Create conf.d directory file: path=/etc/conf.d owner=root group=root mode=0755 state=directory -- name: copy wshaper config script +- name: Copy Wondershaper config script template: src=wondershaper/wondershaper.conf dest=/etc/conf.d/wondershaper.conf owner=root group=root mode=0600 -- name: create fact for wondershaper config file +- name: Create fact for Wondershaper config file file: src=/etc/conf.d/wondershaper.conf dest=/etc/ansible/facts.d/wondershaper.fact owner=root @@ -42,6 +42,6 @@ - option: name value: wondershaper - option: description - value: '"Wondershaper is a command line tool to set maximum transfer rates for network adapters"' + value: '"Wondershaper is a command line tool to set maximum transfer rates for network adapters."' - option: enabled value: "{{ wondershaper_enabled }}" From c8b7bba77f76016d0c421ddf06836dbc929dd25d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:53:43 -0400 Subject: [PATCH 30/60] More readable Ansible output --- roles/network/tasks/named.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 0113d7672..638bdd423 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -1,4 +1,4 @@ -- name: Install named packages +- name: Install named packages for Debian/Debuntu package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Install named packages +- name: Install named packages for non Debian/Debuntu package: name={{ item }} state=present with_items: @@ -64,7 +64,7 @@ - { src: 'named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} -- name: substitute our unit file which uses $OPTIONS from sysconfig +- name: Substitute our unit file which uses $OPTIONS from sysconfig template: src=named/{{ dns_service }}.service dest=/etc/systemd/system/{{ dns_service }}.service mode=0644 @@ -80,13 +80,13 @@ state=link when: is_debuntu and dns_jail_enabled -- name: Separate enabling/disabling required for debian +- name: Separate enabling/disabling required for Debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=absent when: is_debuntu and not dns_jail_enabled -- name: Separate enabling/disabling required for non debian +- name: Separate enabling/disabling required for non Debian file: path=/etc/{{ apache_config_dir }}/dns-jail.conf state=absent when: not is_debuntu and not dns_jail_enabled From 998825769322820a35459dfe233f0d1c8004cf85 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:56:46 -0400 Subject: [PATCH 31/60] More readable Ansible output --- roles/elgg/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index d76b35fe4..f2d56ecf2 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -64,7 +64,7 @@ recurse=yes state=directory -- name: Create a mysql database for elgg - can be run more than once +- name: Create a MySQL database for Elgg - can be run more than once mysql_db: name={{ dbname }} register: create_elgg_database From 5e891828760224c01c90596ca6833f8ab8aba5f1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:59:36 -0400 Subject: [PATCH 32/60] More readable Ansible output --- roles/network/tasks/rpi_debian.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 62f627690..97715d1c2 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -18,11 +18,11 @@ package: name=resolvconf state=absent -- name: on upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 +- name: On upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent -- name: default to lan controller +- name: Default to LAN Controller set_fact: gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined @@ -53,21 +53,21 @@ ignore_errors: True when: interface.changed -- name: and remove the device +- name: And remove the device command: brctl delbr br0 ignore_errors: True when: interface.changed -- name: reset the eth0 interface +- name: Reset the eth0 interface command: ifdown eth0 ignore_errors: True when: interface.changed -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted when: interface.changed -- name: start up hostapd again +- name: Start up hostapd again service: name=hostapd state=started when: interface.changed From 15e8ef565ed61862441c0688ba300d762c5a0943 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:02:21 -0400 Subject: [PATCH 33/60] More readable Ansible output --- roles/network/tasks/hostapd.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index e4eccedb6..6b56a675c 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -6,7 +6,7 @@ mode=0644 when: iiab_wireless_lan_iface != "none" -- name: Disable the Access Point Hostapd program +- name: Disable the Access Point hostapd program service: enabled=no name=hostapd.service state=stopped @@ -19,10 +19,10 @@ group=root mode=0644 -- name: ask systemd to reread the unit files for hostapd +- name: Ask systemd to reread the unit files for hostapd shell: systemctl daemon-reload -- name: Enable the Access Point Hostapd program +- name: Enable the Access Point hostapd program service: enabled=yes name=hostapd.service state=restarted From a5ebc31991ca0f88620e8d679afedc909a0e47fc Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:05:27 -0400 Subject: [PATCH 34/60] More readable Ansible output --- roles/network/tasks/debian.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index a8ef6ce9c..859a9a51a 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -10,21 +10,21 @@ # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway -- name: in upgrade from earlier 6.2, delete the resolvconf +- name: In upgrade from earlier IIAB 6.2, delete the resolvconf package: name=resolvconf state=absent enabled=False ignore_errors: True -- name: Get the dhcp client daemon used in recent raspbian +- name: Get the dhcp client daemon used in recent Raspbian package: name=dhcpcd5 state=present -- name: for upgrades from earlier 6.2, remove br0 file +- name: For upgrades from earlier IIAB 6.2, remove br0 file file: path=/etc/network/interfaces.d/br0 state=absent -- name: default to lan controller +- name: Default to LAN Controller set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined @@ -38,7 +38,7 @@ src=network/iiab.j2 register: interface -- name: start up the dhcpcd service +- name: Start up the dhcpcd service service: name=dhcpcd enabled=True state=started @@ -51,11 +51,11 @@ service: name=bind9 state=stopped when: interface.changed -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted when: interface.changed -- name: start up hostapd again +- name: Start up hostapd again service: name=hostapd state=started when: interface.changed From 753752ae9b0850ce1d75640ceda011dc3cb8d20b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:08:35 -0400 Subject: [PATCH 35/60] clean Ansible output --- roles/network/tasks/redetect.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/redetect.yml b/roles/network/tasks/redetect.yml index afb3138d5..638b5b0e0 100644 --- a/roles/network/tasks/redetect.yml +++ b/roles/network/tasks/redetect.yml @@ -27,12 +27,12 @@ debug: msg="NO WAN known" when: not has_WAN -- name: Finding connection name for wifi AP gateway first +- name: Finding connection name for WiFi AP gateway first shell: egrep -rn NAME /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' register: ap_name when: has_wifi_gw != "none" and has_ifcfg_gw != "none" -- name: Trying wifi first +- name: Trying WiFi first shell: nmcli conn up id {{ ap_name.stdout }} register: try_wifi ignore_errors: yes @@ -69,7 +69,7 @@ has_WAN: False when: dhcp_WAN is defined and dhcp_WAN|failed and wan_ip == "dhcp" -- name: interface list +- name: Interface list shell: ls /sys/class/net | grep -v -e lo -e br -e tun register: adapter_list @@ -134,7 +134,7 @@ ### keep at end. ### If dhcp fails the single interface will become LAN again because we didn't prevent the creation # Now disable LAN if single interface -- name: DHCP found on Single interface forcing LAN disabled. +- name: DHCP found on Single interface forcing LAN disabled set_fact: iiab_lan_iface: "none" when: dhcp_good and adapter_count.stdout|int == "1" From 4a76c927cea9a00ba67832b647e4d462442627c8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:12:05 -0400 Subject: [PATCH 36/60] clean Ansible output --- roles/network/tasks/avahi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index 289cca8d7..517ddb808 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -50,7 +50,7 @@ dest='/etc/avahi/services/' when: is_debuntu -- name: set ssh port for avahi +- name: Set ssh port for avahi lineinfile: dest=/etc/avahi/services/ssh.service regexp='$' line=' {{ ssh_port }}' From 3ee4beda1963fd26abe66bf25d3c8501912824a3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:15:10 -0400 Subject: [PATCH 37/60] clean Ansible output --- roles/network/tasks/edit_ifcfg.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/edit_ifcfg.yml b/roles/network/tasks/edit_ifcfg.yml index fb8076722..90a1d368f 100644 --- a/roles/network/tasks/edit_ifcfg.yml +++ b/roles/network/tasks/edit_ifcfg.yml @@ -1,4 +1,4 @@ -- name: Turn off isp nameservers +- name: Turn off ISP nameservers lineinfile: state=present backrefs=yes regexp='^PEERDNS' @@ -34,9 +34,9 @@ dest={{ has_ifcfg_gw }} when: iiab_wan_iface != "none" and has_wifi_gw == "none" -- name: add marker +- name: Add marker lineinfile: state=present - line="# Modified by XSCE" + line="# Modified by IIAB" dest={{ has_ifcfg_gw }} - name: Rename supplied gateway ifcfg file to WAN if present From 7431fe572ed00302a493c895fcaf7288039c2f56 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:17:09 -0400 Subject: [PATCH 38/60] cleaner --- roles/network/tasks/rpi_debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 97715d1c2..9c5e39cf0 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -18,7 +18,7 @@ package: name=resolvconf state=absent -- name: On upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 +- name: On upgrade from earlier IIAB versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent From 37148b3cf85e410244cb59ff358a6ef10596bbb2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:22:06 -0400 Subject: [PATCH 39/60] cleaner Ansible output --- roles/network/tasks/enable_services.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 623ede0e9..66a3d6abf 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -39,12 +39,12 @@ enabled=no when: not named_enabled -- name: Enable dansguardian +- name: Enable DansGuardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install -- name: Disable dansguardian +- name: Disable DansGuardian service: name=dansguardian enabled=no when: not dansguardian_enabled and dansguardian_install @@ -54,7 +54,7 @@ creates=/etc/sysconfig/xs_httpcache_on when: squid_enabled -- name: Enable squid service +- name: Enable Squid service service: name={{ proxy }} enabled=yes when: squid_enabled and squid_install @@ -73,13 +73,13 @@ mode: '0644' when: squid_enabled and squid_install -- name: point to Squid config file from startup file +- name: Point to Squid config file from startup file lineinfile: regexp='^CONFIG' line='CONFIG=/etc/{{ proxy }}/squid-iiab.conf' dest=/etc/init.d/{{ proxy }} when: squid_enabled and squid_install and is_debuntu -- name: Disable squid service +- name: Disable Squid service service: name={{ proxy }} enabled=no when: not squid_enabled and squid_install @@ -89,12 +89,12 @@ state=absent when: not squid_enabled -- name: Enable wondershaper service +- name: Enable Wondershaper service service: name=wondershaper enabled=yes when: wondershaper_enabled and wondershaper_install -- name: Disable wondershaper service +- name: Disable Wondershaper service service: name=wondershaper enabled=no when: not wondershaper_enabled and wondershaper_install @@ -122,7 +122,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add dansguardian to service list +- name: Add DansGuardian to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' From 3b9940c16e6e4dc4dbe32fc65510009883dc529e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:09:12 -0400 Subject: [PATCH 40/60] cleaner --- roles/network/tasks/NM.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/NM.yml b/roles/network/tasks/NM.yml index fb31c23d3..3bbe5a872 100644 --- a/roles/network/tasks/NM.yml +++ b/roles/network/tasks/NM.yml @@ -1,4 +1,4 @@ -- name: restart NetworkManager services +- name: Restart NetworkManager services service: name=NetworkManager enabled=yes state=stopped From eab8010b0a86d6a3ed98612dc1d3cbf619e059a6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:13:11 -0400 Subject: [PATCH 41/60] cleaner --- roles/network/tasks/computed_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 4b4b0f1ef..85d4e8379 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -20,7 +20,7 @@ iiab_demo_mode: True when: teamviewer_install and not strict_networking -- name: XO wants usb wifi interface as AP mode +- name: XO laptop wants USB WiFi interface as AP mode set_fact: iiab_wireless_lan_iface: "{{ discovered_lan_iface }}" when: num_wifi_interfaces >= "2" and xo_model != "none" and discovered_wan_iface != "none" and discovered_wireless_iface == "eth0" @@ -32,7 +32,7 @@ gui_static_wan_ip: undefined when: gui_static_wan_ip != "unset" and not gui_static_wan -- name: undo gui-static-wan by requesting new template file +- name: Undo gui-static-wan by requesting new template file set_fact: has_WAN: False when: gui_static_wan_ip != "unset" and not gui_static_wan @@ -81,7 +81,7 @@ when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController" # override with user_wan_iface setting if no longer in auto -- name: setting user WAN fact +- name: Setting user WAN fact set_fact: iiab_wan_iface: "{{ user_wan_iface }}" when: user_wan_iface != "auto" @@ -136,11 +136,11 @@ when: 'user_lan_iface != "auto"' # so this works -- name: interface count +- name: Interface count shell: ls /sys/class/net | grep -v -e lo | wc | awk '{print $1}' register: adapter_count -# well if there ever was a point to tell the user thing are FUBAR this is it. +# well if there ever was a point to tell the user things are FUBAR this is it. - name: We're hosed no work interfaces set_fact: iiab_network_mode: "No_network_found" From 9d97750b6ddb56785ad3883c2330497b579d3490 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:16:13 -0400 Subject: [PATCH 42/60] more readable --- roles/network/tasks/dansguardian.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index a51f190ff..64610759d 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -1,4 +1,4 @@ -- name: Install dansguardian packages +- name: Install DansGuardian packages package: name={{ item }} state=present with_items: @@ -6,7 +6,7 @@ tags: - download -- name: Copy dansguardian config file +- name: Copy DansGuardian config file template: src=squid/dansguardian.conf.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -14,7 +14,7 @@ mode=0640 when: ansible_distribution == "Fedora" -- name: Copy dansguardian config file +- name: Copy DansGuardian config file template: src=squid/dansguardian.conf.debian.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -22,7 +22,7 @@ mode=0640 when: is_debuntu -- name: Copy dansguardian config file for CentOS +- name: Copy DansGuardian config file for CentOS template: src=squid/dansguardian.conf.centos.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -30,7 +30,7 @@ mode=0640 when: ansible_distribution == "CentOS" -- name: Create dansguardian log directory +- name: Create 'dansguardian' log directory file: path=/var/log/dansguardian owner=dansguardian group=dansguardian @@ -38,7 +38,7 @@ state=directory when: ansible_distribution != "CentOS" -- name: Create dansguardian log directory for CentOS +- name: Create DansGuardian log directory for CentOS file: path=/var/log/dansguardian owner=dansguardian group=vscan From ee55dea59b3f47e027c6516361e83cc79d8e9d6e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:19:59 -0400 Subject: [PATCH 43/60] a bit better/cleaner --- roles/network/tasks/computed_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 85d4e8379..0ff415e57 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -1,7 +1,7 @@ # just lie about active gateway present on XOs to suppress ifcfg-WAN # auto-creation/moving with XOs using NM/system-connections/ via keyfile. # ifcfg-rh acts on /etc/sys*/net*/ifcfg-* where we search for devices. -- name: Setting XO has wifi gateway +- name: Setting XO has WiFi gateway set_fact: user_wan_iface: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" and xo_model != "none" and has_ifcfg_gw == "none" @@ -64,7 +64,7 @@ # gui wants LanController # keeps ifcfg-WAN but onboot=no # the change over might be a little bumpy ATM. -- name: Setting GUI wants LanController +- name: Setting GUI wants 'LanController' set_fact: device_gw: "none" user_wan_iface: "none" @@ -114,17 +114,17 @@ user_wan_iface: "{{ discovered_lan_iface }}" when: num_lan_interfaces == "1" and user_lan_iface == "auto" and user_wan_iface == "auto" -- name: No LAN configured - Appliance mode +- name: No LAN configured - 'Appliance' mode set_fact: iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" -- name: LAN configured - LanController mode +- name: LAN configured - 'LanController' mode set_fact: iiab_network_mode: "LanController" when: iiab_lan_iface != "" and iiab_wan_iface == "none" -- name: LAN configured - Gateway mode +- name: LAN configured - 'Gateway' mode set_fact: iiab_network_mode: "Gateway" when: iiab_lan_iface != "none" and iiab_wan_iface != "none" From 9fdcd5cbaa92ff89a18323c1083cee4ddbbe1265 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:24:19 -0400 Subject: [PATCH 44/60] cleaner output --- roles/network/tasks/detected_network.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 0676934b6..ca92d29f9 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -61,30 +61,30 @@ with_items: - "{{ wireless_list2.stdout_lines }}" -- name: Count Wifi ifaces +- name: Count WiFi ifaces shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l" register: count_wifi_interfaces -- name: Remember number of Wifi devices +- name: Remember number of WiFi devices set_fact: num_wifi_interfaces: "{{ count_wifi_interfaces.stdout|int }}" # XO hack here ap_device would not be active therefore not set with # wired as gw use ap_device to exclude eth0 from network calulations -- name: XO override 2 wifi on LAN +- name: XO laptop override 2 WiFi on LAN set_fact: ap_device: "eth0" when: iiab_wan_iface != "eth0" and discovered_wireless_iface != "none" and xo_model == "XO-1.5" # takes adapter name -- name: Blacklisted wifi adapter +- name: Blacklisted WiFi adapter set_fact: ap_device: "{{ blacklist_wifi }}" when: blacklist_wifi is defined and discovered_wireless_iface != iiab_wan_iface and num_wifi_interfaces >= "2" # LAN - pick non WAN's -- name: Create list of LAN (non wan) ifaces +- name: Create list of LAN (non WAN) ifaces shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} register: lan_list_result ignore_errors: True @@ -92,7 +92,7 @@ # Select an adapter that is not WAN and not wireless # if there is more than one the last one wins -- name: Set iiab discovered lan fact +- name: Set IIAB discovered_lan_iface fact set_fact: discovered_lan_iface: "{{ item|trim }}" when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface @@ -128,12 +128,12 @@ # moved to detected_redhat # use value only if present -- name: Setting detected lan +- name: Setting detected LAN set_fact: iiab_lan_iface: "{{ discovered_lan_iface }}" when: 'discovered_lan_iface != "none" and num_lan_interfaces == "1"' -- name: for debian, always use bridging +- name: For Debian, always use bridging set_fact: iiab_lan_iface: br0 when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' From 28ee464753f4e40d6636139c81c9878f9b2a8bf3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:26:27 -0400 Subject: [PATCH 45/60] cleaner Ansible output --- roles/network/tasks/detected_redhat.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/detected_redhat.yml b/roles/network/tasks/detected_redhat.yml index cb767758e..0936e1f91 100644 --- a/roles/network/tasks/detected_redhat.yml +++ b/roles/network/tasks/detected_redhat.yml @@ -42,13 +42,13 @@ ignore_errors: True changed_when: False -- name: Set has ifcfg gw based on on macaddress if found +- name: Set has ifcfg gw based on macaddress if found set_fact: has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}" when: ifcfg_gw_mac is defined and ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" # could use something else - Can Fail -- name: Find wifi gateway config if present - Can Fail +- name: Find WiFi gateway config if present - Can Fail shell: egrep -rn ESSID /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | gawk -F '/' '{print $5}' register: ifcfg_WAN_wifi ignore_errors: True @@ -61,13 +61,13 @@ with_items: - "{{ ifcfg_WAN_wifi.stdout_lines }}" -- name: Finding device for wifi AP gateway - Can Fail +- name: Finding device for WiFi AP gateway - Can Fail shell: egrep -rn DEVICE /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' when: has_wifi_gw != "none" and has_ifcfg_gw != "none" register: AP_device ignore_errors: True -- name: Setting wifi device +- name: Setting WiFi device set_fact: ap_device: "{{ AP_device.stdout }}" when: AP_device.stdout is defined and AP_device.stdout != "" From bb3e4d0eb582727cf35cd7a65ff52ec963067f10 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:28:17 -0400 Subject: [PATCH 46/60] Apostrophe --- roles/network/tasks/dhcpd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index 9d7ea39ba..b26ecf73c 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -31,7 +31,7 @@ creates=/var/lib/dhcpd/dhcpd.leases when: is_redhat -- name: Check leases permissions +- name: Check lease's permissions file: path=/var/lib/dhcpd/dhcpd.leases owner=dhcpd group=dhcpd From 721e1c97edfe5e5efa069522aabd82510a36717f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:30:54 -0400 Subject: [PATCH 47/60] Update ifcfg_mods.yml --- roles/network/tasks/ifcfg_mods.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 8add78ffd..b98c9a019 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -1,4 +1,4 @@ -- name: Stop the Access Point Hostapd program +- name: Stop the Access Point hostapd program service: name=hostapd.service state=stopped when: iiab_wireless_lan_iface != "none" From 4aa5ada670736d0c7afb3ae7eefe1f5a42d4f7e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:32:06 -0400 Subject: [PATCH 48/60] Update iptables.yml --- roles/network/tasks/iptables.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/iptables.yml b/roles/network/tasks/iptables.yml index e9eac5e28..25ded7d8c 100644 --- a/roles/network/tasks/iptables.yml +++ b/roles/network/tasks/iptables.yml @@ -50,7 +50,7 @@ - { 0: 'gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' } - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' } -- name: Install debian config +- name: Install Debian config template: src=gateway/iptables dest=/etc/network/if-pre-up.d/iptables mode=0755 when: is_debuntu From bc7efdd8d950524e89e4533df9c03e95eb5f1389 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:34:00 -0400 Subject: [PATCH 49/60] slight bit cleaner --- roles/network/tasks/restart.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index b9d6adaab..67ec681a5 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -16,28 +16,28 @@ when: named_enabled register: dns_started -- name: Stop dansguardian +- name: Stop DansGuardian service: name=dansguardian state=stopped when: not dansguardian_enabled and dansguardian_install -- name: Restart dansguardian +- name: Restart DansGuardian service: name=dansguardian state=restarted when: dansguardian_enabled and dansguardian_install -- name: Stop squid service +- name: Stop Squid service service: name={{ proxy }} state=stopped when: not squid_enabled and squid_install # Squid get re-loaded with dispatcher.d -- name: Restart squid service +- name: Restart Squid service service: name={{ proxy }} state=started when: squid_enabled and squid_install -- name: Restart wondershaper service +- name: Restart Wondershaper service service: name=wondershaper state=restarted when: wondershaper_enabled From 052305979f6bcc0c18c7fd5036cc32652e8b420b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:36:33 -0400 Subject: [PATCH 50/60] cleaner messaging --- roles/network/tasks/squid.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 3b0c55d8f..595a24e06 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -1,4 +1,4 @@ -- name: Install squid packages +- name: Install Squid packages package: name={{ item }} state=present with_items: @@ -7,7 +7,7 @@ tags: - download -- name: Create the squid user +- name: Create the Squid user user: name={{ proxy_user }} createhome=False shell=/bin/false @@ -50,14 +50,14 @@ group: 'root' mode: '0755' -- name: Create squid cache directory +- name: Create Squid cache directory file: path=/library/cache owner={{ proxy_user }} group={{ proxy_user }} mode=0750 state=directory -- name: Create squid log directory +- name: Create Squid log directory file: path=/var/log/{{ proxy }} owner={{ proxy_user }} group={{ proxy_user }} @@ -73,7 +73,7 @@ ignore_errors: yes when: not installing -- name: Add squid to service list +- name: Add Squid to service list ini_file: dest='{{ service_filelist }}' section={{ proxy }} option='{{ item.option }}' @@ -86,7 +86,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add dansguardian to service list +- name: Add 'dansguardian' to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' @@ -95,6 +95,6 @@ - option: name value: dansguardian - option: description - value: '"Dansguardian searches web content for sexual references and denies access when found"' + value: '"DansGuardian searches web content for obectionable references and denies access when found."' - option: enabled value: "{{ dansguardian_enabled }}" From 68cd077b40ffe15f169996607a681662c9b7871d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:37:37 -0400 Subject: [PATCH 51/60] cleaner Ansible output --- roles/network/tasks/static.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/static.yml b/roles/network/tasks/static.yml index 485a8b1db..4168ab9a7 100644 --- a/roles/network/tasks/static.yml +++ b/roles/network/tasks/static.yml @@ -1,6 +1,6 @@ # supply an ifcfg if no gateway detected but wan_ip is set # set user_wan_iface: and use wan_* for static info -- name: Supply wan interface file +- name: Supply WAN interface file template: src=network/ifcfg-WAN.j2 dest=/etc/sysconfig/network-scripts/ifcfg-WAN @@ -12,7 +12,7 @@ ignore_errors: yes when: 'ansible_distribution_version >= "21" and wan_ip != "dhcp"' -- name: use upstream nameserver until named is installed +- name: Use upstream nameserver until named is installed lineinfile: dest=/etc/resolv.conf line='nameserver {{ wan_nameserver }}' create=yes From 1df73baf706cbbdbdf1996533f4d88596f588469 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:43:15 -0400 Subject: [PATCH 52/60] refined --- roles/network/tasks/computed_network.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 0ff415e57..1257ec34f 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -75,7 +75,7 @@ # single interface vars/ users would need to set iiab_wan_enabled False as above, to disable the WAN # and set user_lan_iface = to suppress the auto detection for the same effect. -- name: Setting user_lan_iface for LanController for single interface +- name: Setting user_lan_iface for 'LanController' for single interface set_fact: user_lan_iface: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController" @@ -93,14 +93,14 @@ when: 'not iiab_lan_enabled' # gui wants Appliance Note: could of used iiab_lan_enabled false -- name: Setting GUI wants Appliance +- name: Setting GUI wants 'Appliance' set_fact: user_lan_iface: "none" iiab_gateway_enabled: "False" when: gui_desired_network_role is defined and gui_desired_network_role == "Appliance" # gui wants Gateway -- name: Setting GUI wants and has active Gateway +- name: Setting GUI wants and has active 'Gateway' set_fact: user_lan_iface: "auto" user_wan_iface: "{{ iiab_wan_iface }}" @@ -146,7 +146,7 @@ iiab_network_mode: "No_network_found" when: adapter_count.stdout|int == "0" -# well if there ever was a point to tell the user thing are FUBAR this is it. +# well if there ever was a point to tell the user things are FUBAR this is it. - name: I'm not guessing declare gateway please set_fact: iiab_network_mode: "Undetectable_use_local_vars" From bc10993ec3d3d1a90861bafee1f3045a9dc5a28b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:44:36 -0400 Subject: [PATCH 53/60] refined --- roles/network/tasks/debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 859a9a51a..27e50359d 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -24,7 +24,7 @@ file: path=/etc/network/interfaces.d/br0 state=absent -- name: Default to LAN Controller +- name: Default to 'lan_controller' set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined From d38627f05353b055f835b8cdf76d12674fe3c221 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:49:00 -0400 Subject: [PATCH 54/60] refined --- roles/network/tasks/detected_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index ca92d29f9..f8e1e569a 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -20,13 +20,13 @@ device_gw2: "{{ prior_gw.stdout }}" when: not first_run and prior_gw is defined and prior_gw.stdout != "" -- name: Setting wan if detected +- name: Setting WAN if detected set_fact: iiab_wan_iface: "{{ discovered_wan_iface }}" device_gw: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" -- name: RedHat Network detection +- name: RedHat network detection include: detected_redhat.yml when: is_redhat @@ -46,14 +46,14 @@ - "{{ wireless_list1.stdout_lines }}" # WIRELESS -- Sigh... Not all drivers update /proc/net/wireless correctly -- name: Look for any wireless interfaces take 2 +- name: Look for any wireless interfaces (take 2) shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}'" register: wireless_list2 ignore_errors: True changed_when: False # Last device is used -- name: Set the discovered wireless, if found take 2 +- name: Set the discovered wireless, if found (take 2) set_fact: wifi2: "{{ item|trim }}" discovered_wireless_iface: "{{ item|trim }}" @@ -118,7 +118,7 @@ # num_lan_interfaces: "1" # when: iiab_lan_enabled and iiab_wan_enabled and num_lan_interfaces == "2" and discovered_wireless_iface != "none" and iiab_wan_iface == "none" -- name: Set the variable for wireless_iface if present +- name: Set variable discovered_wireless_iface if present set_fact: iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}" when: discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface From dfc0641e19dad7d8fe002b6d6fdbff8b4c010b3e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:51:20 -0400 Subject: [PATCH 55/60] refined --- roles/network/tasks/enable_services.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 66a3d6abf..308a3056f 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -113,7 +113,7 @@ - name: Execute the script that sets up userspace firewall shell: iiab-gen-iptables -- name: Add squid to service list +- name: Add 'squid' to service list ini_file: dest='{{ service_filelist }}' section=squid option='{{ item.option }}' @@ -122,7 +122,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add DansGuardian to service list +- name: Add 'dansguardian' to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' @@ -131,7 +131,7 @@ - option: enabled value: "{{ dansguardian_enabled }}" -- name: Add wondershaper to service list +- name: Add 'wondershaper' to service list ini_file: dest='{{ service_filelist }}' section=wondershaper option='{{ item.option }}' From 7414763721556907b8bcb8dedbe42bbbb3a97992 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:53:46 -0400 Subject: [PATCH 56/60] refined --- roles/network/tasks/named.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 638bdd423..182a58f88 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -74,7 +74,7 @@ template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ when: dns_jail_enabled -- name: Separate enabling required for debian +- name: Separate enabling required for Debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=link From 9cd03ceb85669a66a09c41da2074c61db25c6982 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:55:24 -0400 Subject: [PATCH 57/60] refined --- roles/network/tasks/redetect.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/redetect.yml b/roles/network/tasks/redetect.yml index 638b5b0e0..7ecfb9903 100644 --- a/roles/network/tasks/redetect.yml +++ b/roles/network/tasks/redetect.yml @@ -44,7 +44,7 @@ when: try_wifi is defined and try_wifi.changed # We have the DEVICE? -- name: Now setting iiab_wan_iface based on wifi +- name: Now setting iiab_wan_iface based on WiFi set_fact: iiab_wan_iface: "{{ dhcp_wifi_results.stdout }}" dhcp_good: True From 01eb8f3528c5a66d720190c0c01659256ad18b39 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:56:51 -0400 Subject: [PATCH 58/60] refined --- roles/network/tasks/rpi_debian.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 9c5e39cf0..c6e25bd3c 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -10,7 +10,7 @@ # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway -- name: Raspbian stock has openresolv which is not available in debian, off it +- name: Raspbian stock has openresolv which is not available in Debian, off it package: name=openresolv state=absent @@ -22,7 +22,7 @@ file: path=/etc/network/interfaces.d/br0 state=absent -- name: Default to LAN Controller +- name: Default to 'LanController' set_fact: gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined From 0f8cc95815f532deef2b381bd9016a8e59408fe5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:57:40 -0400 Subject: [PATCH 59/60] refined --- roles/network/tasks/wondershaper.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index 7c27d507e..5fec75b3b 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -33,7 +33,7 @@ group=root state=link -- name: Add wondershaper to service list +- name: Add 'wondershaper' to service list ini_file: dest='{{ service_filelist }}' section=wondershaper option='{{ item.option }}' From bc3f59d30b7ef105458057dfd9a845715a7b795b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 14:13:19 -0400 Subject: [PATCH 60/60] Ansible output refined --- roles/network/tasks/computed_services.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 2b8e6bac1..5b5bac4da 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -1,4 +1,4 @@ -- name: No LAN configured - Appliance mode +- name: No LAN configured - 'Appliance' mode set_fact: dansguardian_enabled: False squid_enabled: False @@ -8,7 +8,7 @@ iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" or user_lan_iface == "none" -- name: LAN configured - LanController mode +- name: LAN configured - 'LanController' mode set_fact: named_enabled: True dhcpd_enabled: True @@ -18,7 +18,7 @@ iiab_network_mode: "LanController" when: iiab_lan_iface != "" and iiab_wan_iface == "none" -- name: LAN configured - Gateway mode +- name: LAN configured - 'Gateway' mode set_fact: named_enabled: True dhcpd_enabled: True