From c9178ee72fb416c4e975f55ead4a524bba259661 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 28 Sep 2017 19:14:54 -0500 Subject: [PATCH 001/393] add home-page as a tag --- roles/httpd/tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 9cd6e108c..e3e91970a 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -147,6 +147,9 @@ - base - include: home-page.yml + tags: + - base + - home-page - name: place the script to generate home pages template: src=refresh-wiki-docs.sh From 658fd199d18cec38a8d03ddf8561b5cfcd7ef697 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 5 Oct 2017 13:15:51 -0500 Subject: [PATCH 002/393] move home-page so admin-console can modify the setting --- roles/4-server-options/meta/main.yml | 1 + .../{httpd/tasks/home-page.yml => home-page/tasks/main.yml} | 2 +- roles/{httpd => home-page}/templates/iiab-home-page.conf | 0 roles/httpd/tasks/main.yml | 5 ----- 4 files changed, 2 insertions(+), 6 deletions(-) rename roles/{httpd/tasks/home-page.yml => home-page/tasks/main.yml} (86%) rename roles/{httpd => home-page}/templates/iiab-home-page.conf (100%) diff --git a/roles/4-server-options/meta/main.yml b/roles/4-server-options/meta/main.yml index 73438a60f..7aec1a69c 100644 --- a/roles/4-server-options/meta/main.yml +++ b/roles/4-server-options/meta/main.yml @@ -1,4 +1,5 @@ dependencies: + - { role: home-page, tags: ['home-page'] } - { role: sshd, tags: ['services','sshd','base'] } - { role: network, tags: ['services','base','network'] } - { role: postgresql, tags: ['services','postgresql','base'], when: postgresql_install } diff --git a/roles/httpd/tasks/home-page.yml b/roles/home-page/tasks/main.yml similarity index 86% rename from roles/httpd/tasks/home-page.yml rename to roles/home-page/tasks/main.yml index 522f97fe2..b5d57c82a 100644 --- a/roles/httpd/tasks/home-page.yml +++ b/roles/home-page/tasks/main.yml @@ -7,7 +7,7 @@ - name: Install admin home page into apache2 template: src=iiab-home-page.conf - dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf + dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf - name: Enable the home page file: src=/etc/{{ apache_config_dir }}/iiab-home-page.conf diff --git a/roles/httpd/templates/iiab-home-page.conf b/roles/home-page/templates/iiab-home-page.conf similarity index 100% rename from roles/httpd/templates/iiab-home-page.conf rename to roles/home-page/templates/iiab-home-page.conf diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index e3e91970a..7f2a2c3cf 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -146,11 +146,6 @@ tags: - base -- include: home-page.yml - tags: - - base - - home-page - - name: place the script to generate home pages template: src=refresh-wiki-docs.sh dest=/usr/bin/iiab-refresh-wiki-docs From b1e166db69235111f780322cf2fa87e00dc8ea4e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 19 Oct 2017 21:16:08 -0400 Subject: [PATCH 003/393] typo in comment: npn -> npm --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 507c6afed..0110beccc 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -31,7 +31,7 @@ - nodejs - npm -# attempting to reinstall npn is broken on raspbian 9 +# attempting to reinstall npm is broken on raspbian 9 - name: check for sugarizer already installed stat: path={{ sugarizer_location }}/sugarizer/server/node_modules register: npm From 602223e4ffce8db0053e76cf57192e9c406a4b8a Mon Sep 17 00:00:00 2001 From: Arky Date: Fri, 20 Oct 2017 11:36:10 +0700 Subject: [PATCH 004/393] Adds spaces in variables after {{ and before }} Fixes various warnings in Travis CI [EXTRA0001] Variables should have spaces after {{ and before }} --- iiab.yml | 2 +- roles/2-common/tasks/xo.yml | 2 +- roles/activity-server/tasks/main.yml | 2 +- roles/dokuwiki/tasks/install.yml | 2 +- roles/elgg/templates/settings.php.j2 | 24 +++++++++---------- roles/kalite/tasks/install.yml | 4 ++-- roles/kiwix/templates/iiab-make-kiwix-lib | 2 +- roles/moodle/tasks/main.yml | 2 +- roles/network/tasks/avahi.yml | 2 +- roles/network/tasks/static.yml | 2 +- .../templates/avahi/schoolserver.service | 2 +- roles/network/templates/dhcp/dhcpd-env.j2 | 5 ++-- .../templates/gateway/iiab-gen-iptables | 16 ++++++------- roles/network/templates/network/br0.j2 | 9 ++++--- roles/network/templates/network/iiab.j2 | 3 +-- roles/nextcloud/templates/nextcloud.conf.j2 | 4 ++-- roles/owncloud/tasks/main.yml | 2 +- roles/owncloud/templates/owncloud.conf.j2 | 4 ++-- roles/phpmyadmin/tasks/main.yml | 2 +- roles/wordpress/tasks/install.yml | 2 +- roles/xovis/tasks/main.yml | 2 +- vars/default_vars.yml | 4 ++-- 22 files changed, 48 insertions(+), 51 deletions(-) diff --git a/iiab.yml b/iiab.yml index 6be4ebaac..f4cafc001 100644 --- a/iiab.yml +++ b/iiab.yml @@ -4,7 +4,7 @@ vars_files: - vars/default_vars.yml - - vars/{{ ansible_local.local_facts.os_ver}}.yml + - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml - /etc/iiab/config_vars.yml diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index ee9b4f852..4c7c1237e 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -109,7 +109,7 @@ state=absent - name: Download substitute software for i386 on FC18 XO1.5 - get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir}}/{{ item }} + get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir }}/{{ item }} with_items: - hostapd_8188_i386 when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available diff --git a/roles/activity-server/tasks/main.yml b/roles/activity-server/tasks/main.yml index 55b4d4b15..29183b146 100644 --- a/roles/activity-server/tasks/main.yml +++ b/roles/activity-server/tasks/main.yml @@ -16,7 +16,7 @@ # Wish synchronize worked, but it doesn't - name: Copy language templates - command: rsync -a {{iiab_dir}}/roles/activity-server/files/lang_templates /library/xs-activity-server/ + command: rsync -a {{ iiab_dir }}/roles/activity-server/files/lang_templates /library/xs-activity-server/ - name: Copy default index files copy: src={{ item }} diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index 82eaadf3e..796623e8c 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,5 +1,5 @@ - name: Get the Dokuwiki software - get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir}}/ + get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir }}/ when: internet_available - name: Copy it to permanent location /library diff --git a/roles/elgg/templates/settings.php.j2 b/roles/elgg/templates/settings.php.j2 index b063be31a..585e8bf0f 100644 --- a/roles/elgg/templates/settings.php.j2 +++ b/roles/elgg/templates/settings.php.j2 @@ -35,21 +35,21 @@ if (!isset($CONFIG)) { * * @global string $CONFIG->dbuser */ -$CONFIG->dbuser = '{{dbuser}}'; +$CONFIG->dbuser = '{{ dbuser }}'; /** * The database password * * @global string $CONFIG->dbpass */ -$CONFIG->dbpass = '{{dbpassword}}'; +$CONFIG->dbpass = '{{ dbpassword }}'; /** * The database name * * @global string $CONFIG->dbname */ -$CONFIG->dbname = '{{dbname}}'; +$CONFIG->dbname = '{{ dbname }}'; /** * The database host. @@ -58,7 +58,7 @@ $CONFIG->dbname = '{{dbname}}'; * * @global string $CONFIG->dbhost */ -$CONFIG->dbhost = '{{dbhost}}'; +$CONFIG->dbhost = '{{ dbhost }}'; /** * The database prefix @@ -69,7 +69,7 @@ $CONFIG->dbhost = '{{dbhost}}'; * * @global string $CONFIG->dbprefix */ -$CONFIG->dbprefix = '{{dbprefix}}'; +$CONFIG->dbprefix = '{{ dbprefix }}'; /** * Multiple database connections @@ -130,17 +130,17 @@ $CONFIG->dbprefix = '{{dbprefix}}'; /** * Cookie configuration * - * Elgg uses 2 cookies: a PHP session cookie and an extended login cookie + * Elgg uses 2 cookies: a PHP session cookie and an extended login cookie * (also called the remember me cookie). See the PHP manual for documentation on * each of these parameters. Possible options: - * + * * - Set the session name to share the session across applications. * - Set the path because Elgg is not installed in the root of the web directory. * - Set the secure option to true if you only serve the site over HTTPS. * - Set the expire option on the remember me cookie to change its lifetime * * To use, uncomment the appropriate sections below and update for your site. - * + * * @global array $CONFIG->cookies */ // get the default parameters from php.ini @@ -197,16 +197,16 @@ $CONFIG->min_password_length = 6; /** * This is an optional script used to override Elgg's default handling of * uncaught exceptions. - * + * * This should be an absolute file path to a php script that will be called * any time an uncaught exception is thrown. - * + * * The script will have access to the following variables as part of the scope * global $CONFIG * $exception - the unhandled exception - * + * * @warning - the database may not be available - * + * * @global string $CONFIG->exception_include */ $CONFIG->exception_include = ''; diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 40169dc8b..ea1d2fd5c 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -65,9 +65,9 @@ with_items: - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'} - { src: 'kalite.sh.j2', dest: '/etc/profile.d/kalite.sh', mode: '0644'} - - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir}}', mode: '0644'} + - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'} - name: Create symlink to kalite bin file in path file: path=/usr/bin/kalite - src={{kalite_venv}}/bin/kalite + src={{ kalite_venv }}/bin/kalite state=link diff --git a/roles/kiwix/templates/iiab-make-kiwix-lib b/roles/kiwix/templates/iiab-make-kiwix-lib index 6cb6d42c0..11a4b1d2a 100644 --- a/roles/kiwix/templates/iiab-make-kiwix-lib +++ b/roles/kiwix/templates/iiab-make-kiwix-lib @@ -1,6 +1,6 @@ #!/bin/sh -{{systemctl_program }} stop kiwix-serve +{{ systemctl_program }} stop kiwix-serve /usr/bin/iiab-make-kiwix-lib.py /usr/bin/iiab-make-apache-config.py {{ systemctl_program }} start kiwix-serve diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index f13ef2be0..a8f75c4b8 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -106,7 +106,7 @@ become_user: postgres - name: Put a startup install script in place - template: dest={{moodle_base}} + template: dest={{ moodle_base }} src=moodle_installer mode=0755 diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index f23e61977..289cca8d7 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -53,7 +53,7 @@ - name: set ssh port for avahi lineinfile: dest=/etc/avahi/services/ssh.service regexp='$' - line=' {{ssh_port}}' + line=' {{ ssh_port }}' state=present backrefs=yes diff --git a/roles/network/tasks/static.yml b/roles/network/tasks/static.yml index ffe658b6b..485a8b1db 100644 --- a/roles/network/tasks/static.yml +++ b/roles/network/tasks/static.yml @@ -14,6 +14,6 @@ - name: use upstream nameserver until named is installed lineinfile: dest=/etc/resolv.conf - line='nameserver {{wan_nameserver}}' + line='nameserver {{ wan_nameserver }}' create=yes state=present diff --git a/roles/network/templates/avahi/schoolserver.service b/roles/network/templates/avahi/schoolserver.service index 2c3d43952..84fd756c0 100644 --- a/roles/network/templates/avahi/schoolserver.service +++ b/roles/network/templates/avahi/schoolserver.service @@ -4,6 +4,6 @@ MGMT console at %h _https._tcp -{{gui_port}} +{{ gui_port }} diff --git a/roles/network/templates/dhcp/dhcpd-env.j2 b/roles/network/templates/dhcp/dhcpd-env.j2 index 1f308d5dc..617a3434f 100644 --- a/roles/network/templates/dhcp/dhcpd-env.j2 +++ b/roles/network/templates/dhcp/dhcpd-env.j2 @@ -1,8 +1,7 @@ ## XS Config override ## ## This file has an ".in" template - for details see -## see /usr/share/doc/xs-config-/README +## see /usr/share/doc/xs-config-/README # # Point dhcpd to the XS-specific config -DHCPDARGS='-cf /etc/dhcpd-iiab.conf {{iiab_lan_iface}}' - +DHCPDARGS='-cf /etc/dhcpd-iiab.conf {{ iiab_lan_iface }}' diff --git a/roles/network/templates/gateway/iiab-gen-iptables b/roles/network/templates/gateway/iiab-gen-iptables index a1507d4da..b45295883 100755 --- a/roles/network/templates/gateway/iiab-gen-iptables +++ b/roles/network/templates/gateway/iiab-gen-iptables @@ -16,10 +16,10 @@ $IPTABLES -t nat -F $IPTABLES -X # first match wins -# Always accept loopback traffic +# Always accept loopback traffic $IPTABLES -A INPUT -i lo -j ACCEPT -# Always drop rpc +# Always drop rpc $IPTABLES -A INPUT -p tcp --dport 111 -j DROP $IPTABLES -A INPUT -p udp --dport 111 -j DROP # mysql @@ -73,10 +73,10 @@ clear_fw $IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A INPUT -m state --state NEW -i $lan -j ACCEPT -# Allow mDNS +# Allow mDNS $IPTABLES -A INPUT -p udp --dport 5353 -j ACCEPT -#when run as gateway +#when run as gateway $IPTABLES -A INPUT -p tcp --dport $ssh_port -m state --state NEW -i $wan -j ACCEPT if [ "$gui_wan" == "True" ]; then @@ -96,9 +96,9 @@ fi $IPTABLES -A FORWARD -i $wan -o $lan -m state --state ESTABLISHED,RELATED -j ACCEPT #Block https traffic except if directed at server -if [ "$gw_block_https" == "True" ]; then +if [ "$gw_block_https" == "True" ]; then $IPTABLES -A FORWARD -p tcp ! -d 172.18.96.1 --dport 443 -j DROP -fi +fi # Allow outgoing connections from the LAN side. $IPTABLES -A FORWARD -i $lan -o $wan -j ACCEPT @@ -108,8 +108,8 @@ $IPTABLES -A FORWARD -i $wan -o $lan -j DROP $IPTABLES -A INPUT -i $wan -j DROP if [ "$block_DNS" == "True" ];then - $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 53 ! -d {{lan_ip}} -j DNAT --to {{lan_ip}}:53 - $IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{lan_ip}} -j DNAT --to {{lan_ip}}:53 + $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53 + $IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53 fi if [ -f /etc/sysconfig/xs_httpcache_on ]; then diff --git a/roles/network/templates/network/br0.j2 b/roles/network/templates/network/br0.j2 index 1230c0766..d59ccd5df 100644 --- a/roles/network/templates/network/br0.j2 +++ b/roles/network/templates/network/br0.j2 @@ -3,7 +3,7 @@ # we always want the wireless to be configured (and under bridge) auto {{ discovered_wireless_iface }} -iface {{discovered_wireless_iface }} inet manual +iface {{ discovered_wireless_iface }} inet manual pre-up ifconfig $IFACE up pre-down ifconfig $IFACE down @@ -13,7 +13,7 @@ auto {{ discovered_wan_iface }} {% if gui_static_wan == false %} iface {{ discovered_wan_iface }} inet dhcp pre-up ip link set br0 down && brctl delbr br0 -{% else %} # gui_static_wan_ip is set +{% else %} # gui_static_wan_ip is set iface {{ discovered_wan_iface }} inet static # pre-up ip link set br0 down && brctl delbr br0 address {{ gui_static_wan_ip }} @@ -25,7 +25,7 @@ iface {{ discovered_wan_iface }} inet static ################# GATEWAY ######################### auto br0 iface br0 inet static - bridge_ports {{ discovered_wireless_iface }} + bridge_ports {{ discovered_wireless_iface }} address {{ lan_ip }} netmask {{ lan_netmask }} dns-nameservers {{ lan_ip }} @@ -36,7 +36,7 @@ allow-hotplug {{ discovered_wan_iface }} iface {{ discovered_wan_iface }} inet manual pre-up ifconfig $IFACE up pre-down ifconfig $IFACE down -{% else %} # gui_static_wan_ip is set +{% else %} # gui_static_wan_ip is set iface {{ discovered_wan_iface }} inet static address {{ gui_static_wan_ip }} netmask {{ gui_static_wan_netmask }} @@ -58,4 +58,3 @@ iface br0 inet static dns-search {{ iiab_domain }} post-up systemctl restart dhcpd && systemctl restart hostapd {% endif %} - diff --git a/roles/network/templates/network/iiab.j2 b/roles/network/templates/network/iiab.j2 index 4317d2718..82e4689ba 100644 --- a/roles/network/templates/network/iiab.j2 +++ b/roles/network/templates/network/iiab.j2 @@ -6,7 +6,7 @@ {% if discovered_wireless_iface != 'none' %} auto {{ discovered_wireless_iface }} -iface {{discovered_wireless_iface }} inet manual +iface {{ discovered_wireless_iface }} inet manual {% endif %} {% if iiab_network_mode == "Appliance" %} @@ -45,4 +45,3 @@ iface br0 inet static dns-search {{ iiab_domain }} post-up systemctl restart dhcpd && systemctl restart hostapd {% endif %} - diff --git a/roles/nextcloud/templates/nextcloud.conf.j2 b/roles/nextcloud/templates/nextcloud.conf.j2 index bec146a9d..965973ad4 100644 --- a/roles/nextcloud/templates/nextcloud.conf.j2 +++ b/roles/nextcloud/templates/nextcloud.conf.j2 @@ -1,4 +1,4 @@ -Alias {{ nextcloud_url }} {{ nextcloud_prefix}}/nextcloud +Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud Options -Indexes @@ -6,7 +6,7 @@ Alias {{ nextcloud_url }} {{ nextcloud_prefix}}/nextcloud # Apache 2.4 Require host localhost - Require ip 127.0.0.1 {{lan_ip}}/{{lan_netmask}} {{ nextcloud_required_ip }} + Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} # Apache 2.2 diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml index 5a220771b..03e8fb872 100644 --- a/roles/owncloud/tasks/main.yml +++ b/roles/owncloud/tasks/main.yml @@ -77,7 +77,7 @@ - name: Create data directory library file: path={{ item }} mode=0750 - owner={{ apache_user}} + owner={{ apache_user }} group=apache state=directory with_items: diff --git a/roles/owncloud/templates/owncloud.conf.j2 b/roles/owncloud/templates/owncloud.conf.j2 index 9766e6aef..f90448c9a 100644 --- a/roles/owncloud/templates/owncloud.conf.j2 +++ b/roles/owncloud/templates/owncloud.conf.j2 @@ -1,4 +1,4 @@ -Alias {{ owncloud_url }} {{ owncloud_prefix}}/owncloud +Alias {{ owncloud_url }} {{ owncloud_prefix }}/owncloud Options -Indexes @@ -6,7 +6,7 @@ Alias {{ owncloud_url }} {{ owncloud_prefix}}/owncloud # Apache 2.4 Require host localhost - Require ip 127.0.0.1 {{lan_ip}}/{{lan_netmask}} {{ owncloud_required_ip }} + Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ owncloud_required_ip }} # Apache 2.2 diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index bd7616799..18204cab6 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,5 +1,5 @@ - name: Get the phpmyadmin software - get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir}}/phpMyAdmin.zip" + get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir }}/phpMyAdmin.zip" when: internet_available - name: Copy it to permanent location /opt diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 37471e929..21997784b 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -1,5 +1,5 @@ - name: Get the WordPress software - get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir}}/ + get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir }}/ register: wp_download_output when: internet_available diff --git a/roles/xovis/tasks/main.yml b/roles/xovis/tasks/main.yml index c0e8fd0d8..38f4469db 100644 --- a/roles/xovis/tasks/main.yml +++ b/roles/xovis/tasks/main.yml @@ -62,7 +62,7 @@ when: xovis_enabled - name: Check if db exists - shell: "kanso listdb | grep {{xovis_db_name }}" + shell: "kanso listdb | grep {{ xovis_db_name }}" register: found_db ignore_errors: yes diff --git a/vars/default_vars.yml b/vars/default_vars.yml index d4eaa3c06..ee6189b50 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -46,7 +46,7 @@ lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 # Read https://github.com/iiab/iiab/wiki/IIAB-Networking -# Also readable offline @ http://box/info/IIAB-Networking.html +# Also readable offline @ http://box/info/IIAB-Networking.html # Gateway mode iiab_lan_enabled: True @@ -272,7 +272,7 @@ rachel_install: False rachel_enabled: False rachel_content_found: False #rachel_url: /rachel -rachel_doc_root: "{{ doc_root}}/modules" +rachel_doc_root: "{{ doc_root }}/modules" # Kiwix-serve kiwix_install: True From 3ef77c3962b44ac3aad1c94e1ea8bbaf50ecb6b6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 20 Oct 2017 10:33:34 -0400 Subject: [PATCH 005/393] use Andible to pin nodejs to 6.x (curl was not suffic on WiFi install) --- roles/sugarizer/tasks/main.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 0110beccc..d0e01ec9d 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -16,12 +16,10 @@ shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - when: internet_available and is_debuntu -- name: Install sugarizer required packages - is_debuntu - package: name={{ item }} +- name: Install nodejs=6.* which also installs npm - is_debuntu + package: name=nodejs=6.* state=present when: internet_available and is_debuntu - with_items: - - nodejs - name: Install npm non is_debuntu package: name={{ item }} From 0b2a86a6bcc8f0f6954c6b9f65422d9860a68e98 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 20 Oct 2017 12:57:13 -0400 Subject: [PATCH 006/393] clarify that nodejs 6.x includes /usr/bin/npm --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index d0e01ec9d..8bb5985ed 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -16,7 +16,7 @@ shell: curl -sL https://deb.nodesource.com/setup_6.x | bash - when: internet_available and is_debuntu -- name: Install nodejs=6.* which also installs npm - is_debuntu +- name: Install nodejs=6.* which includes /usr/bin/npm - is_debuntu package: name=nodejs=6.* state=present when: internet_available and is_debuntu From d98291fb04a8b2ce88309ed9f9832cdf5f741a7a Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 21 Sep 2017 21:06:18 -0400 Subject: [PATCH 007/393] named - wrong place --- roles/network/tasks/named.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index a152719aa..0113d7672 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -19,9 +19,9 @@ - download # or we have to change the serial number in the config files. -- name: Stop named before copying files - service: name={{ dns_service }} state=stopped - when: not installing +#- name: Stop named before copying files +# service: name={{ dns_service }} state=stopped +# when: not installing - name: Set folder permission file: path={{ item }} From c6b3cc01042b110cb45e09d765c9772de4d8e8fc Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 22 Oct 2017 05:32:41 -0400 Subject: [PATCH 008/393] 3-BASE -> 3-BASE-SERVER consistent w/ local_vars.yml etc --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index ee6189b50..20460e5ef 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -88,7 +88,7 @@ wan_nameserver: # 2-COMMON -# 3-BASE +# 3-BASE-SERVER # Apache allow_apache_sudo: False From b1d7f0da242783c92ae2f804336c583564cc3067 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 22 Oct 2017 12:16:00 -0400 Subject: [PATCH 009/393] sync from community's latest http://wiki.laptop.org/go/IIAB/local_vars.yml --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 6982f9484..8c6459e6e 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -34,7 +34,7 @@ iiab_gateway_enabled: False # Make this False to disable http://box/common/services/power_off.php button: allow_apache_sudo: True -# 3-BASE +# 3-BASE-SERVER squid_install: False squid_enabled: False From 2875b784d904ee79d181f4f9c70ca5fb03a25ad2 Mon Sep 17 00:00:00 2001 From: Arky Date: Mon, 23 Oct 2017 15:06:21 +0700 Subject: [PATCH 010/393] Adding Contribution guidelines for new developers These contribution guidelines are available offline for new developers. They are also shown in the github user interface as a link while submitting new bugs. Refer : https://help.github.com/articles/setting-guidelines-for-repository-contributors/ --- CONTRIBUTING.md | 143 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 143 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..0f543665a --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,143 @@ +Contributing to Internet-in-a-Box (IIAB) +======================================= +Internet-in-a-Box runs on various GNU/Linux operating systems such as Fedora, Ubuntu, Debian, CentOS and Raspbian. + +You can install Internet-in-a-Box on most late model desktop and laptop computers. It also supports Intel NUC, Intel Gigabyte BRIX, OLPC XO-1.5, XO-1.75, XO-4, Raspberry Pi 2 and Raspberry Pi 3. A VirtualBox VM can also used for testing purposes. Using Docker containers however is not recommended as our Ansible provisioning system requires low-level access to the operating system. + +Please refer to [IIAB Platforms](https://github.com/iiab/iiab/wiki/IIAB-Platforms) for more information. + +Internet-in-a-Box uses [Ansible](https://www.ansible.com/) infrastructure automation tool to deploy and configure all software packages. Ansible uses [playbooks](http://docs.ansible.com/ansible/latest/playbooks.html) a human readable instruction files in YAML format. Playbooks are divided into hosts, roles and tasks. +``` +├── roles +│ ├── 1-prep +│ │ ├─ defaults +| | | ├──main.yml (lowest precedence variable definitions, overridden by /vars/default_vars.yml, overridden by ./vars/local_vars.yml. +│ │ ├── README.rst +│ │ ├── tasks +| | | ├──main.yml (specifies the actions to install this role +│ │ └── templates +| | | ├<(text files where ansible variables are substituted, specified via {% %} containers-(jinja2 language). +│ ├── 2-common +│ │ ├── README.rst +│ │ ├── tasks +│ │ └── templates +``` +At runtime, Ansible gathers system information and makes it available (called 'facts') and combines this with playbook defined 'variables' to guide the installation process. The execution follows a sequence of cascading steps: + +1. Bash script `./runansible` follows instructions in `iiab.yml` in the root directory. + +2. `iiab.yml` calls 9 aggregate roles (the numbered directories under `./roles/`). + +3. Each aggregate role has a `/meta/main.yml` which calls the individual named roles. + +Please refer to the [IIAB Architecture](https://github.com/iiab/iiab/wiki/IIAB-Architecture) and [IIAB Variables]( https://github.com/iiab/iiab/wiki/IIAB-Variables) pages for more information. + +Installation +============ + +Before you start the installation please refer to the [hardware section of FAQ](http://wiki.laptop.org/go/IIAB/FAQ#What_hardware_should_I_use.3F) page for memory, storage and network requirements for your platform. Also note that downloading content might take a long time on slower Internet connections. + +If you are a developer, please consider [building Internet-in-a-Box from scratch](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch). + +Please refer to the [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) page for more information. + +Setting up development environment +=================================== +( This section uses experimental development environment for Internet-in-a-Box. It is being developed in the [iiab-dev-mode repository](https://github.com/arky/iiab-dev-mode). ) + +This section provide a quick setup of Internet-in-a-Box (IIAB) development environment using [Vagrant](https://www.vagrantup.com/). You will need a computer with [virtualization enabled](https://www.virtualbox.org/manual/UserManual.html) and git, Vagrant (2.0 or later) and [VirtualBox](https://www.virtualbox.org/) installed. + +## Requirements + + * git + * [Vagrant (2.0 or later)](https://www.vagrantup.com/) + * [VirtualBox](https://www.virtualbox.org/wiki/Downloads) + * Editor ([Atom](www.atom.io), Emacs, vi, etc) + +## Setup Instructions +1. Check out the repository and its submodules onto your development machine. +`git clone --recursive git@github.com:arky/iiab-dev-mode.git` + +2. Change directory into 'iiab-dev-mode' with `cd iiab-dev-mode`. You can update all the submodules to latest master using `git submodule foreach git pull origin master` + +3. Set up a vagrant machine with `vagrant up` and provision it with `vagrant provision`. Please select the available bridge network interface (wlan0 or eth0) that connects your host machine to the Internet. + +4. Connect to your vagrant machine with `vagrant ssh`. All your local development files available as shared folder in `/opt/iiab` directory. + +5. Install IIAB itself from the Ansible playbooks by following [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch) instructions: +``` + cd /opt/iiab/iiab/scripts/ + ./ansible + + cd /opt/iiab/iiab/ + ./runansible + + cd /opt/iiab/iiab-admin-console/ + ./install + + cd /opt/iiab/iiab-menu/ + ./cp-menus +``` +6. Hack away! + +7. You can commit your local changes to your personal forks of Internet-in-a-Box repository and then send pull request to IIAB project. Once you forked a repository, you change directory into that repository and setting a default git remote push setting with the following command. + + `cd && git remote set-url --push origin git@github.com:/.git` + + Learn more by reading blog post [Different git Push & Pull(fetch) URLs](http://blog.yuriy.tymch.uk/2012/05/different-git-push-pullfetch-urls.html) and the [Git Basics - Working with Remotes](https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes) chapter of Scott Chacon and Ben Straub's "Git Pro" book. + +8. Once you are done, you can stop your vagrant machine with `vagrant halt` or remove it completely with `vagrant destroy`. + +Debugging +========= + +Here are few strategies for debugging problems during the Internet-in-a-Box installation. + +* When a installation task fails, Ansible halts printing out a descriptive error message to the screen. This error information is also written to `iiab-install.log` file within `/opt/iiab/iiab`. (Look through logs to check if any preceding line contains the error). +* When an installation succeeds, the last lines printed on the screen will look like the following (failed=0): +``` + PLAY RECAP ********************************************************************* + 127.0.0.1 : ok=405 changed=125 unreachable=0 failed=0 +``` +* Search through the Ansible playbooks using `egrep -rn /opt/iiab/iiab/roles/*>` to find the failed task. +* You can add additional [debug print statements](http://docs.ansible.com/ansible/latest/debug_module.html) to Ansible playbooks for debugging the problem. +* Talk to us or report a bug using the information below. + + Please refer to [Ansible playbook documentation](http://docs.ansible.com/ansible/latest/playbooks.html) for more information. + +Testing your code with Travis CI +================================= + +To maintain the quality of the Internet-in-a-Box (IIAB) code we use [Travis Continuous Integration (CI)](https://travis-ci.org) build infrastructure. Travis CI does tests to +ensure the code syntax is correct and the code is formatted properly using `ansible` syntax checker, `ansible-lint` and `ansible-review` tools. The results of Travis CI Internet-in-a-Box (IIAB) could be seen [here](https://travis-ci.org/iiab/iiab). + +Every pull request is automatically tested by Travis CI. The results of these tests are added to the pull request. This aids Internet-in-a-Box (IIAB) developers in reviewing the quality of the code in a pull request. + +To test your forked repository of Internet-in-a-Box (IIAB) code. You have to enable automatic build tests in your [Travis-ci.org](https://travis-ci.org) profile page. + +* Login to [Travis-ci.org](https://travis-ci.org) using your Github account. +* Go to your Travis CI profile page and enable the repository you want to build. +* The builds will start whenever a new commit is pushed to your repository. + +Please refer to [Travis CI documentation](https://docs.travis-ci.com/user/getting-started/) for more information. + +Reporting Bugs +============== + +You can file bug reports on [GitHub](https://github.com/): + +* Sign up for a [GitHub](https://github.com/) account +* Go to the [issue tracker on GitHub](https://github.com/iiab/iiab/issues) +* Search for existing issues using the search field +* If you don't find any similar issues, file a new issue! + +Please consider providing a descriptive title, your operating system information, error messages and steps to reproduce the issue. + +Get in touch +============ + +* Join our [technology](http://lists.laptop.org/listinfo/server-devel) and [learning design](https://groups.google.com/group/unleashkids) mailing lists +* Join our [live calls](http://minutes.iiab.io) most Mondays and Thursday +* Join us on IRC live chat: [#schoolserver](https://webchat.freenode.net/?channels=#schoolserver) on [freenode]( https://www.freenode.net/) +* Post an idea or question to our [community forums](http://iiab.io/) +* Read our Frequently Asked Questions ([FAQ.IIAB.IO](http://FAQ.IIAB.IO)) From 1408d9f4ebca39fb018e0d09d464ca2ec102fb94 Mon Sep 17 00:00:00 2001 From: George Hunt Date: Mon, 23 Oct 2017 02:29:22 -0700 Subject: [PATCH 011/393] work around for bug --- roles/1-prep/tasks/detected_redhat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/detected_redhat.yml b/roles/1-prep/tasks/detected_redhat.yml index 031a0c030..509339f0b 100644 --- a/roles/1-prep/tasks/detected_redhat.yml +++ b/roles/1-prep/tasks/detected_redhat.yml @@ -44,7 +44,7 @@ - name: Set has ifcfg gw based on on macaddress if found set_fact: has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}" - when: ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" + when: ifcfg_gw_mac is defined and ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" # could use something else - name: Find wifi gateway config if present - Can Fail From 95d5e73133816898651c9fe63fdc71bcc221767b Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 26 Sep 2017 12:23:25 -0500 Subject: [PATCH 012/393] testing changes --- roles/1-prep/tasks/detected_redhat.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/1-prep/tasks/detected_redhat.yml b/roles/1-prep/tasks/detected_redhat.yml index 509339f0b..cb767758e 100644 --- a/roles/1-prep/tasks/detected_redhat.yml +++ b/roles/1-prep/tasks/detected_redhat.yml @@ -1,52 +1,53 @@ - name: Checking for ifcfg-WAN file - Can Fail stat: path=/etc/sysconfig/network-scripts/ifcfg-WAN - register: has_ifcfg_WAN when: not first_run + register: has_ifcfg_WAN + ignore_errors: True - name: Setting ifcfg-WAN True set_fact: has_WAN: True - when: has_ifcfg_WAN.stat is defined and has_ifcfg_WAN.stat.exists + when: not first_run and has_ifcfg_WAN.stat.exists -# DETECT -- gateway and wireless +# DETECT -- gateway and wireless - Can Fail - name: Get a list of slaves from previous config - Can Fail shell: "egrep -rn BRIDGE=br0 /etc/sysconfig/network-scripts/ifcfg-* | gawk -F'[-:]' '{print $3}'" + when: not first_run register: ifcfg_slaves ignore_errors: True changed_when: False - when: not first_run # returns list of paths -- name: Find gateway config based on device +- name: Find gateway config based on device - Can Fail shell: "egrep -rn {{ device_gw }} /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}'" + when: not first_run and device_gw != "none" register: ifcfg_gw_device ignore_errors: True changed_when: False - when: not first_run and device_gw != "none" # last match wins - name: Setting has ifcfg gw based on device if found set_fact: has_ifcfg_gw: "{{ item|trim }}" - ignore_errors: True when: ifcfg_gw_device.stdout_lines is defined and item|trim != "" and item|trim != "/etc/sysconfig/network-scripts/ifcfg-LAN" with_items: - "{{ ifcfg_gw_device.stdout_lines }}" + ignore_errors: True # returns path - name: Find active gateway config based on macaddress - Can Fail shell: "egrep -irn {{ ansible_default_ipv4.macaddress }} /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | head -n 1" + when: ansible_default_ipv4.gateway is defined register: ifcfg_gw_mac ignore_errors: True changed_when: False - when: ansible_default_ipv4.gateway is defined - name: Set has ifcfg gw based on on macaddress if found set_fact: has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}" when: ifcfg_gw_mac is defined and ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" -# could use something else +# could use something else - Can Fail - name: Find wifi gateway config if present - Can Fail shell: egrep -rn ESSID /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | gawk -F '/' '{print $5}' register: ifcfg_WAN_wifi @@ -62,9 +63,9 @@ - name: Finding device for wifi AP gateway - Can Fail shell: egrep -rn DEVICE /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' + when: has_wifi_gw != "none" and has_ifcfg_gw != "none" register: AP_device ignore_errors: True - when: has_wifi_gw != "none" and has_ifcfg_gw != "none" - name: Setting wifi device set_fact: @@ -78,4 +79,3 @@ # changed_when: False # ignore_errors: True # when: num_lan_interfaces >= "1" or iiab_wireless_lan_iface != "none" - From 1f1fb514614221dc11860a4c2bc136aabea55b12 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 23 Oct 2017 11:19:19 -0400 Subject: [PATCH 013/393] Rename LICENSE to LICENSE.md --- LICENSE => LICENSE.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename LICENSE => LICENSE.md (100%) diff --git a/LICENSE b/LICENSE.md similarity index 100% rename from LICENSE rename to LICENSE.md From b0fb67af9d4e3eb5ea595e7555b432ff898dd977 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 23 Oct 2017 14:13:50 -0500 Subject: [PATCH 014/393] Proposed fix for issue #448 Might need full path ie {{ osm_path }} in place of {{ osm_venv }} With the push by the distros to python3 we took the step to use virtual environments to better contain python 2.7 based programs. --- roles/osm/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index 33039e02f..e568f14ab 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -71,6 +71,12 @@ osm_path: "{{ osm_venv }}/lib/python2.7/site-packages/iiab" when: osm_enabled and is_debuntu +- name: All - Point wsgi to virtual environment + lineinfile: dest={{ osm_venv }}/bin/iiab.wsgi + regexp='path_to_virtualenv*' + line='path_to_virtualenv = /usr/local/osm' + state=present + - name: All - Copy IIAB config file template: backup=no src=osm.conf.j2 From b0fb07c6509665a9011c78ed775951bd90da0313 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 23 Oct 2017 20:18:26 -0500 Subject: [PATCH 015/393] python needs single quotes for variables --- roles/osm/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index e568f14ab..cce9c7de3 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -73,8 +73,8 @@ - name: All - Point wsgi to virtual environment lineinfile: dest={{ osm_venv }}/bin/iiab.wsgi - regexp='path_to_virtualenv*' - line='path_to_virtualenv = /usr/local/osm' + regexp="path_to_virtualenv*" + line="path_to_virtualenv = '/usr/local/osm'" state=present - name: All - Copy IIAB config file From e230aeaaaf9a4f0c889f615486d2f822283ff34c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 23 Oct 2017 21:57:51 -0500 Subject: [PATCH 016/393] tighten up regexp --- roles/osm/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index cce9c7de3..e71dbda79 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -73,7 +73,7 @@ - name: All - Point wsgi to virtual environment lineinfile: dest={{ osm_venv }}/bin/iiab.wsgi - regexp="path_to_virtualenv*" + regexp="path_to_virtualenv = None" line="path_to_virtualenv = '/usr/local/osm'" state=present From 980635332f2d17d9a57e5308d773b87af9b00a37 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 24 Oct 2017 19:55:15 -0400 Subject: [PATCH 017/393] Rename yum.yml to yum-deprecated.yml --- roles/2-common/tasks/{yum.yml => yum-deprecated.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{yum.yml => yum-deprecated.yml} (100%) diff --git a/roles/2-common/tasks/yum.yml b/roles/2-common/tasks/yum-deprecated.yml similarity index 100% rename from roles/2-common/tasks/yum.yml rename to roles/2-common/tasks/yum-deprecated.yml From 0d1e4a1dd31af8c7049e26f8e3bfa1652acd2fb6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 24 Oct 2017 20:00:48 -0400 Subject: [PATCH 018/393] Install common packages: add ntfs-3g as 26th pkg --- roles/2-common/tasks/packages.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 24cb7e844..57bef55e5 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -83,6 +83,7 @@ - curl - pandoc - lynx + - ntfs-3g #- name: Install pip as a commonly required package management system # command: curl https://bootstrap.pypa.io/get-pip.py -o {{ downloads_dir }}/get-pip.py From 0bccaf4903ab78a585edab450fa4cc87f8a3a2a5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 24 Oct 2017 20:02:54 -0400 Subject: [PATCH 019/393] Rename yum-deprecated.yml to yum-historical.yml --- roles/2-common/tasks/{yum-deprecated.yml => yum-historical.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{yum-deprecated.yml => yum-historical.yml} (100%) diff --git a/roles/2-common/tasks/yum-deprecated.yml b/roles/2-common/tasks/yum-historical.yml similarity index 100% rename from roles/2-common/tasks/yum-deprecated.yml rename to roles/2-common/tasks/yum-historical.yml From 51689263bcb382b12c95b568369dda0e49f25fc5 Mon Sep 17 00:00:00 2001 From: Arky Date: Wed, 25 Oct 2017 21:52:08 +0700 Subject: [PATCH 020/393] Add PR template and Bug template Adding PR template and Bug template under .github directory. These files will be picked up the github.com interface. Fixes #390 #391 --- .github/ISSUE_TEMPLATE.md | 5 +++++ .github/PULL_REQUEST_TEMPLATE.md | 7 +++++++ 2 files changed, 12 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 000000000..c62e3adb4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,5 @@ +### Expected behavior and actual behavior. + +### Steps to reproduce the problem. + +### Specifications like the version of the IIAB, operating system version, or hardware details. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..228e3f0aa --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,7 @@ +# Fixes Bug + +# Description of changes proposed in this pull request. + +# Smoke-tested in operating system. + +# Mention a team member for further information or comment using @ name From b5326941d04deb19b729c343c9ceb55dd6562cf3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 25 Oct 2017 12:36:32 -0400 Subject: [PATCH 021/393] kiwix 2017-10-11-> 2017-10-25 --- roles/kiwix/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 92ea14d6d..7b8c5f262 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -6,13 +6,13 @@ - name: Set kiwix source file name x86_64 set_fact: - kiwix_src_file: "kiwix-tools_linux64_2017-10-11.tar.gz" + kiwix_src_file: "kiwix-tools_linux64_2017-10-25.tar.gz" kiwix_src_bin_only: True when: ansible_machine == "x86_64" - name: Set kiwix source file name armv7l set_fact: - kiwix_src_file: "kiwix-tools_armhf_2017-10-11.tar.gz" + kiwix_src_file: "kiwix-tools_armhf_2017-10-25.tar.gz" kiwix_src_bin_only: True when: ansible_machine == "armv7l" or ansible_machine == "armv6l" From 0790119af178958e175468730bec957b234c21c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 10:26:12 -0400 Subject: [PATCH 022/393] Reno says ### better than # (smaller title w/ markdown viewer) --- .github/PULL_REQUEST_TEMPLATE.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 228e3f0aa..61851e1dd 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,7 +1,7 @@ -# Fixes Bug +### Fixes Bug -# Description of changes proposed in this pull request. +### Description of changes proposed in this pull request. -# Smoke-tested in operating system. +### Smoke-tested in operating system. -# Mention a team member for further information or comment using @ name +### Mention a team member for further information or comment using @ name From 9f45d12972d8cd3d301b9ebab0b0cf33c5c944e6 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 13 Sep 2017 08:37:52 -0500 Subject: [PATCH 023/393] replacement for a7a5f36... use netvars --- iiab-network.yml | 2 +- roles/netvars/defaults/main.yml | 1 + roles/netvars/tasks/main.yml | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) create mode 120000 roles/netvars/defaults/main.yml create mode 100644 roles/netvars/tasks/main.yml diff --git a/iiab-network.yml b/iiab-network.yml index 40cd8f589..e717e7fa5 100644 --- a/iiab-network.yml +++ b/iiab-network.yml @@ -9,5 +9,5 @@ - /etc/iiab/config_vars.yml roles: - - { role: 1-prep, tags: ['prep','platform','base'] } + - { role: netvars, tags: ['network'] } - { role: network, tags: ['network','base'] } diff --git a/roles/netvars/defaults/main.yml b/roles/netvars/defaults/main.yml new file mode 120000 index 000000000..b8fa87d4b --- /dev/null +++ b/roles/netvars/defaults/main.yml @@ -0,0 +1 @@ +/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml new file mode 100644 index 000000000..63e84b40a --- /dev/null +++ b/roles/netvars/tasks/main.yml @@ -0,0 +1,2 @@ +- include: roles/1-prep/tasks/computed_vars.yml +- include: roles/1-prep/tasks/detected_network.yml From dfab9635bca72bd4b75746ffe2454028192eaadd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 19 Sep 2017 21:56:37 -0500 Subject: [PATCH 024/393] add the not installing option to netvars --- iiab-base.yml | 1 + iiab.yml | 1 + roles/netvars/tasks/main.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/iiab-base.yml b/iiab-base.yml index 4c42c01e7..23f440d66 100644 --- a/iiab-base.yml +++ b/iiab-base.yml @@ -8,5 +8,6 @@ - vars/local_vars.yml roles: + - { role: netvars, tags: ['netvars'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: openvpn, tags: ['openvpn'] } diff --git a/iiab.yml b/iiab.yml index f4cafc001..5fc0e8e85 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,6 +9,7 @@ - /etc/iiab/config_vars.yml roles: + - { role: netvars, tags: ['netvars'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: 2-common, tags: ['common','base'] } - { role: 3-base-server, tags: ['base'] } diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index 63e84b40a..ab59b7a9e 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -1,2 +1,3 @@ - include: roles/1-prep/tasks/computed_vars.yml - include: roles/1-prep/tasks/detected_network.yml + when: not installing From 2fc670a885cb4b0419368674591b1a16f70c3272 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 19 Sep 2017 21:18:07 -0500 Subject: [PATCH 025/393] avoid 1-prep post install --- iiab-from-console.yml | 2 +- roles/netvars/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-from-console.yml b/iiab-from-console.yml index fb47ca868..98641a303 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -9,7 +9,7 @@ - /etc/iiab/config_vars.yml roles: - - { role: 1-prep, tags: ['prep','platform','base'] } + - { role: netvars, tags: ['netvars'] } - { role: 4-server-options, tags: ['options'] } - { role: 5-xo-services, tags: ['xo-services'] } - { role: 6-generic-apps, tags: ['generic-apps'] } diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index ab59b7a9e..407fa54a8 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -1,3 +1,3 @@ -- include: roles/1-prep/tasks/computed_vars.yml +- include: roles/1-prep/tasks/computed_vars.yml - include: roles/1-prep/tasks/detected_network.yml when: not installing From 8c91f4075cb36abeb80aec6e4b849156e67e59ad Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 19 Sep 2017 23:22:03 -0500 Subject: [PATCH 026/393] runtags needs tags= adjustment --- runtags | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/runtags b/runtags index 933d07a67..ad8bde5e3 100755 --- a/runtags +++ b/runtags @@ -36,7 +36,7 @@ found="N" for tag in $tags do - if [ "$tag" == "prep" ] + if [ "$tag" == "netvars" ] then found="Y" fi @@ -48,7 +48,7 @@ taglist=$1 if [ "$found" == "N" ] then - taglist="prep,"$taglist + taglist="netvars,"$taglist fi export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-debug.log" From b61b009f08e077ac2ec3aa5595528a48e84dcb99 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 06:02:42 -0400 Subject: [PATCH 027/393] move NewInstall --- roles/1-prep/tasks/main.yml | 13 ------------- roles/netvars/tasks/main.yml | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index dc9672c67..a6ae88990 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,16 +1,3 @@ -- name: Determine if runansible was run - stat: path=/etc/iiab/iiab.env - register: NewInstall - -- name: Setting first run flag - set_fact: - first_run: True - when: NewInstall.stat.exists is defined and not NewInstall.stat.exists - -# we need to inialize the ini file -- include: iiab_ini.yml - when: first_run - - name: Set flag for fedora 18 set_fact: is_F18: True diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index 407fa54a8..68b4c2b66 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -1,3 +1,17 @@ +- name: Determine if runansible was run + stat: path=/etc/iiab/iiab.env + register: NewInstall + +- name: Setting first run flag + set_fact: + first_run: True + when: not NewInstall.stat.exists +# when: NewInstall.stat.exists is defined and not NewInstall.stat.exists + +# we need to inialize the ini file +- include: roles/1-prep/tasks/iiab_ini.yml + when: first_run + - include: roles/1-prep/tasks/computed_vars.yml - include: roles/1-prep/tasks/detected_network.yml when: not installing From 337658062e9818d08338f23f70e416121b7f2430 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 06:23:13 -0400 Subject: [PATCH 028/393] prep.yml cleanup - adjusted for iiab.env --- roles/1-prep/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index a6ae88990..4dba2e733 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -71,6 +71,7 @@ ignore_errors: true - include: prep.yml + when: first_run - include: computed_vars.yml From c9332b53e11a0b432cc988e2fa00215c4c6f84de Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 22 Sep 2017 12:46:25 -0400 Subject: [PATCH 029/393] 2-common disable dup'd routine --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 33a5388da..fe42574dc 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,5 +1,5 @@ -- include: iiab_ini.yml +#- include: iiab_ini.yml # create the directory structure for XSCE - include: fl.yml From ae5434bd3d4735a1d4d8c54e52c47c0a215be7ab Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 23 Sep 2017 02:04:55 -0400 Subject: [PATCH 030/393] move internet detection to be global - adjused iiab.env 2 --- roles/1-prep/tasks/computed_vars.yml | 36 +++++++++++++++++++++++ roles/1-prep/tasks/detected_network.yml | 38 ------------------------- roles/1-prep/tasks/main.yml | 5 ---- 3 files changed, 36 insertions(+), 43 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index e775e9fc3..964f0b723 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -14,6 +14,38 @@ exFAT_enabled: True when: xo_model != "none" +# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate +- name: Finding gateway + set_fact: + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + when: 'ansible_default_ipv4.gateway is defined' + +- name: Verify gateway present + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? + when: discovered_wan_iface != "none" + register: gw_active_test + +- name: Recording gateway response + set_fact: + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" + +- name: Test for internet access + get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt + ignore_errors: True +# async: 10 +# poll: 2 + register: internet_access_test + +- name: Set internet_available true if wget succeeded + set_fact: + internet_available: True + when: not internet_access_test|failed and not disregard_network + +- name: Cleanup internet test file + file: path=/tmp/heart-beat.txt + state=absent + - name: add version section ini_file: dest='{{ iiab_config_file }}' section=runtime @@ -36,6 +68,10 @@ value: '{{ ansible_swaptotal_mb }}' - option: 'product_id' value: '{{ ansible_product_uuid }}' + - option: 'gw_active' + value: '{{ gw_active }}' + - option: 'internet_available' + value: '{{ internet_available }}' # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC diff --git a/roles/1-prep/tasks/detected_network.yml b/roles/1-prep/tasks/detected_network.yml index 502f3dc1c..800becccf 100644 --- a/roles/1-prep/tasks/detected_network.yml +++ b/roles/1-prep/tasks/detected_network.yml @@ -20,40 +20,6 @@ device_gw2: "{{ prior_gw.stdout }}" when: not first_run and prior_gw is defined and prior_gw.stdout != "" -#pause checking - -# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate -- name: Finding gateway - set_fact: - discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" - when: 'ansible_default_ipv4.gateway is defined' - -- name: Verify gateway present - shell: ping -c2 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? - register: gw_active_test - when: discovered_wan_iface != "none" - -- name: Recording gateway response - set_fact: - gw_active: True - when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" - -- name: Test for internet access - get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt - ignore_errors: True -# async: 10 -# poll: 2 - register: internet_access_test - -- name: Set internet_available true if wget succeeded - set_fact: - internet_available: True - when: not internet_access_test|failed and not disregard_network - -- name: Cleanup internet test file - file: path=/tmp/heart-beat.txt - state=absent - - name: Setting wan if detected set_fact: iiab_wan_iface: "{{ discovered_wan_iface }}" @@ -197,10 +163,6 @@ option='{{ item.option }}' value='{{ item.value }}' with_items: - - option: 'gw_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - option: 'has_ifcfg_gw' value: '{{ has_ifcfg_gw }}' - option: 'discovered_wan_iface' diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 4dba2e733..49672c3a8 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -73,11 +73,6 @@ - include: prep.yml when: first_run -- include: computed_vars.yml - -- include: detected_network.yml - when: not installing - # Put conditional actions for hardware platforms here - include: raspberry_pi_2.yml when: first_run and rpi_model != "none" From bd5043387407c63566bad743b60ca7740b17d708 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 23 Sep 2017 03:03:58 -0400 Subject: [PATCH 031/393] move network detection to network -- adjused for hostname --- roles/1-prep/defaults/main.yml | 55 ++++++------------- roles/1-prep/tasks/main.yml | 5 -- roles/netvars/tasks/main.yml | 8 +-- roles/network/defaults/main.yml | 27 +++++++++ .../tasks/detected_network.yml | 0 .../tasks/detected_redhat.yml | 0 roles/network/tasks/main.yml | 6 ++ 7 files changed, 52 insertions(+), 49 deletions(-) rename roles/{1-prep => network}/tasks/detected_network.yml (100%) rename roles/{1-prep => network}/tasks/detected_redhat.yml (100%) diff --git a/roles/1-prep/defaults/main.yml b/roles/1-prep/defaults/main.yml index 71af080a7..89df65e47 100644 --- a/roles/1-prep/defaults/main.yml +++ b/roles/1-prep/defaults/main.yml @@ -6,49 +6,26 @@ gui_version: 2 # These are defaults for boolean routines, first_run: False installing: False -NUC6_firmware_needed: False -exFAT_enabled: False -no_NM_reload: False -has_WAN: False -wireless_lan_present: False -strict_networking: False -iiab_demo_mode: False -gw_active: False -gui_static_wan: False +discovered_wan_iface: "none" +gw_active: "none" internet_available: False is_F18: False +no_NM_reload: False +exFAT_enabled: False +gui_port: 80 + +# Set default for discovered hardware +rpi_model: none +is_rpi: False +xo_model: none +rtc_id: ds3231 +NUC6_firmware_needed: False + +# used in 2-common xo.yml +wifi_id: none + is_F20: False is_F21: False is_F22: False is_F23: False is_F24: False - -# Set default for discovered hardware -driver_name: nl80211 -rpi_model: none -is_rpi: False -xo_model: none -rtc_id: ds3231 - -# Set defaults for discovery process as strings -wifi1: "not found-1" -wifi2: "not found-2" -discovered_wan_iface: "none" -discovered_lan_iface: "none" -discovered_wireless_iface: "none" -iiab_wireless_lan_iface: "none" -iiab_lan_iface: "none" -iiab_wan_iface: "none" -device_gw: "none" -has_ifcfg_gw: "none" -has_wifi_gw: "none" -ap_device: "none" -device_gw2: "" - -gui_port: 80 - -# must keep roles/iiab-admin/defaults/main.yml sync'd -admin_console_path: "{{ iiab_base }}/admin_console" -cmdsrv_path: "{{ iiab_base }}/iiab_cmdsrv" -iiab_cmdsrv_dbname : "iiab_cmdsrv.0.2.db" -wifi_id: none diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 49672c3a8..60b896567 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,8 +1,3 @@ -- name: Set flag for fedora 18 - set_fact: - is_F18: True - when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" - - name: get the uuidgen program package: name=uuid-runtime state=present diff --git a/roles/netvars/tasks/main.yml b/roles/netvars/tasks/main.yml index 68b4c2b66..54ec4b7d3 100644 --- a/roles/netvars/tasks/main.yml +++ b/roles/netvars/tasks/main.yml @@ -6,12 +6,10 @@ set_fact: first_run: True when: not NewInstall.stat.exists -# when: NewInstall.stat.exists is defined and not NewInstall.stat.exists -# we need to inialize the ini file +# we need to inialize the ini file and only write the location and version sections once and only +# once to preserve the install date and git hash. - include: roles/1-prep/tasks/iiab_ini.yml when: first_run - +# Now load the computed vars - include: roles/1-prep/tasks/computed_vars.yml -- include: roles/1-prep/tasks/detected_network.yml - when: not installing diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 722761dda..25c7b6b31 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -1,10 +1,36 @@ --- +# Defaults for network detection +wireless_lan_present: False +strict_networking: False +iiab_demo_mode: False +gui_static_wan: False + +# Set defaults for discovery process as strings +wifi1: "not found-1" +wifi2: "not found-2" +discovered_lan_iface: "none" +discovered_wireless_iface: "none" +#Redhat +iiab_lan_iface: "none" +iiab_wan_iface: "none" +iiab_wireless_lan_iface: "none" +device_gw: "none" +device_gw2: "" +has_WAN: False +has_ifcfg_gw: "none" +has_wifi_gw: "none" +ap_device: "none" +#Debian +dhcpcd_result: "" +wan_in_interfaces: False + # The values here are default local variables. gui_wan_iface: "unset" gui_static_wan_ip: "unset" gui_desired_network_role: Gateway wondershaper_dspeed: "4096" wondershaper_upspeed: "1024" + # WiFi host_ssid: IIAB hostapd_wait: 10 @@ -15,6 +41,7 @@ host_country_code: US hostapd_secure: True hostapd_password: "iiab2017" driver_name: nl80211 + network_config_dir: /etc/network/interfaces.d iiab_network_mode: "Gateway" dns_jail_enabled: False diff --git a/roles/1-prep/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml similarity index 100% rename from roles/1-prep/tasks/detected_network.yml rename to roles/network/tasks/detected_network.yml diff --git a/roles/1-prep/tasks/detected_redhat.yml b/roles/network/tasks/detected_redhat.yml similarity index 100% rename from roles/1-prep/tasks/detected_redhat.yml rename to roles/network/tasks/detected_redhat.yml diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 5e93f5c3f..20a94af78 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,3 +1,9 @@ +- include: detected_network.yml + when: not installing + tags: + - network + - network-discover + - include: computed_network.yml when: not installing tags: From 0aedaa24fdd2ca3b8bc891721be10b3183573aa9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 15 Oct 2017 20:22:22 -0500 Subject: [PATCH 032/393] split network up in iiab.ini --- roles/network/tasks/computed_network.yml | 2 +- roles/network/tasks/detected_network.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 28cb52463..4b4b0f1ef 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -155,7 +155,7 @@ - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' - section=network + section=computed_network option='{{ item.option }}' value='{{ item.value }}' with_items: diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 800becccf..e38409257 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -159,7 +159,7 @@ - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' - section=network + section=detected_network option='{{ item.option }}' value='{{ item.value }}' with_items: From c6060835537eca0d454f71447a7ec0afae70d6d5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 24 Oct 2017 11:39:49 -0500 Subject: [PATCH 033/393] XSCE -> IIAB --- iiab-network | 8 ++++--- install-support | 3 ++- roles/1-prep/templates/iiab.env.j2 | 4 ++-- runansible | 37 ++++++++---------------------- runtags | 20 ++++++++-------- 5 files changed, 28 insertions(+), 44 deletions(-) diff --git a/iiab-network b/iiab-network index 5a065e556..9e24154be 100755 --- a/iiab-network +++ b/iiab-network @@ -3,15 +3,17 @@ if [ -f /etc/iiab/iiab.env ] then . /etc/iiab/iiab.env - cd $XSCE_DIR + cd $IIAB_DIR else echo /etc/iiab/iiab.env is missing. Playbook has not been run. exit 1 fi +CWD=`pwd` + if [ ! -f iiab-network.yml ] then - echo "XSCE Playbook not found." + echo "IIAB Playbook not found." echo "Please run this command from the top level of the git repo." echo "Exiting." exit @@ -22,7 +24,7 @@ then touch /etc/iiab/config_vars.yml fi -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local echo "" >> iiab-network.log ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log diff --git a/install-support b/install-support index cd73aade8..b7df01489 100755 --- a/install-support +++ b/install-support @@ -2,6 +2,7 @@ PLAYBOOK="iiab-base.yml" INVENTORY="ansible_hosts" +CWD=`pwd` if [ ! -f $PLAYBOOK ] then @@ -14,5 +15,5 @@ fi sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local diff --git a/roles/1-prep/templates/iiab.env.j2 b/roles/1-prep/templates/iiab.env.j2 index 602256841..b472d4fe6 100644 --- a/roles/1-prep/templates/iiab.env.j2 +++ b/roles/1-prep/templates/iiab.env.j2 @@ -1,7 +1,7 @@ # This is a configuration file for XSCE # It can sourced in a shell script or read into an application -XSCE_BASE_PATH={{ iiab_base }} -XSCE_DIR={{ iiab_dir }} +IIAB_BASE_PATH={{ iiab_base }} +IIAB_DIR={{ iiab_dir }} OS={{ ansible_local.local_facts.os }} OS_VER={{ ansible_local.local_facts.os_ver }} WWWROOT={{ doc_root }} diff --git a/runansible b/runansible index 2a6ea4954..51cee7876 100755 --- a/runansible +++ b/runansible @@ -1,4 +1,8 @@ #!/bin/bash -e +PLAYBOOK="iiab.yml" +INVENTORY="ansible_hosts" +# Pass cmdline options for ansible +ARGS="$@" # copy var files to /etc/iiab for subsequent use mkdir -p /etc/iiab @@ -28,13 +32,14 @@ fi if [ -f /etc/iiab/iiab.env ] then . /etc/iiab/iiab.env - cd $XSCE_DIR + cd $IIAB_DIR else - XSCE_DIR=/opt/iiab/iiab + IIAB_DIR=/opt/iiab/iiab mkdir -p /etc/iiab fi +CWD=`pwd` -if [ ! -f iiab.yml ] +if [ ! -f $PLAYBOOK ] then echo "IIAB Playbook not found." echo "Please run this command from the top level of the git repo." @@ -47,34 +52,10 @@ if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then fi cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact -PLAYBOOK="iiab.yml" -INVENTORY="ansible_hosts" -CWD=`pwd` echo "Running local playbooks! " -XSDOMAIN="" -# Pass in Existing Domain -if [ -f /etc/sysconfig/xs_domain_name ] -then - XSDOMAIN=`cat /etc/sysconfig/xs_domain_name` -fi - -# Or accept Domain on command line -if [ x"$1" != x ] -then - XSDOMAIN=$1 -fi - -# Pass in git location -if [ x"$XSDOMAIN" != x ] -then - ARGS="--extra-vars '{\"iiab_domain\":\"$XSDOMAIN\"}'" -else - ARGS="" -fi - -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local diff --git a/runtags b/runtags index ad8bde5e3..cb3b94af8 100755 --- a/runtags +++ b/runtags @@ -1,20 +1,20 @@ #!/bin/bash - -# copy var files to /etc/iiab for subsequent use - -#./install-init - -# if not the first run, repo location is here +PLAYBOOK="iiab.yml" +INVENTORY="ansible_hosts" +# Pass cmdline options for ansible +ARGS="$@" if [ -f /etc/iiab/iiab.env ] then . /etc/iiab/iiab.env - cd $XSCE_DIR + cd $IIAB_DIR fi -if [ ! -f iiab.yml ] +CWD=`pwd` + +if [ ! -f $PLAYBOOK ] then - echo "XSCE Playbook not found." + echo "IIAB Playbook not found." echo "Please run this command from the top level of the git repo." echo "Exiting." exit @@ -51,5 +51,5 @@ then taglist="netvars,"$taglist fi -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-debug.log" +export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" ansible-playbook -i ansible_hosts iiab.yml --connection=local --tags="""$taglist""" From 99633173a47b1d16bb062a86f8f601eeb71cf794 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 24 Oct 2017 11:47:28 -0500 Subject: [PATCH 034/393] remove args from runtags --- runtags | 1 - 1 file changed, 1 deletion(-) diff --git a/runtags b/runtags index cb3b94af8..ffd00a02c 100755 --- a/runtags +++ b/runtags @@ -2,7 +2,6 @@ PLAYBOOK="iiab.yml" INVENTORY="ansible_hosts" # Pass cmdline options for ansible -ARGS="$@" if [ -f /etc/iiab/iiab.env ] then From 2d49a1590b3f399103a650f7e567aeb0b78c1e6a Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 10:44:48 -0500 Subject: [PATCH 035/393] change netvars to 0-init --- iiab-base.yml | 2 +- iiab-from-console.yml | 2 +- iiab-network.yml | 2 +- iiab.yml | 2 +- roles/{netvars => 0-init}/defaults/main.yml | 0 roles/{netvars => 0-init}/tasks/main.yml | 0 runtags | 4 ++-- 7 files changed, 6 insertions(+), 6 deletions(-) rename roles/{netvars => 0-init}/defaults/main.yml (100%) rename roles/{netvars => 0-init}/tasks/main.yml (100%) diff --git a/iiab-base.yml b/iiab-base.yml index 23f440d66..a359808d9 100644 --- a/iiab-base.yml +++ b/iiab-base.yml @@ -8,6 +8,6 @@ - vars/local_vars.yml roles: - - { role: netvars, tags: ['netvars'] } + - { role: 0-init, tags: ['init'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: openvpn, tags: ['openvpn'] } diff --git a/iiab-from-console.yml b/iiab-from-console.yml index 98641a303..1c29d7b18 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -9,7 +9,7 @@ - /etc/iiab/config_vars.yml roles: - - { role: netvars, tags: ['netvars'] } + - { role: 0-init, tags: ['init'] } - { role: 4-server-options, tags: ['options'] } - { role: 5-xo-services, tags: ['xo-services'] } - { role: 6-generic-apps, tags: ['generic-apps'] } diff --git a/iiab-network.yml b/iiab-network.yml index e717e7fa5..989108cb3 100644 --- a/iiab-network.yml +++ b/iiab-network.yml @@ -9,5 +9,5 @@ - /etc/iiab/config_vars.yml roles: - - { role: netvars, tags: ['network'] } + - { role: 0-init, tags: ['network'] } - { role: network, tags: ['network','base'] } diff --git a/iiab.yml b/iiab.yml index 5fc0e8e85..b46cac86e 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,7 +9,7 @@ - /etc/iiab/config_vars.yml roles: - - { role: netvars, tags: ['netvars'] } + - { role: 0-init, tags: ['init'] } - { role: 1-prep, tags: ['prep','platform','base'] } - { role: 2-common, tags: ['common','base'] } - { role: 3-base-server, tags: ['base'] } diff --git a/roles/netvars/defaults/main.yml b/roles/0-init/defaults/main.yml similarity index 100% rename from roles/netvars/defaults/main.yml rename to roles/0-init/defaults/main.yml diff --git a/roles/netvars/tasks/main.yml b/roles/0-init/tasks/main.yml similarity index 100% rename from roles/netvars/tasks/main.yml rename to roles/0-init/tasks/main.yml diff --git a/runtags b/runtags index ffd00a02c..ae25ea4df 100755 --- a/runtags +++ b/runtags @@ -35,7 +35,7 @@ found="N" for tag in $tags do - if [ "$tag" == "netvars" ] + if [ "$tag" == "init" ] then found="Y" fi @@ -47,7 +47,7 @@ taglist=$1 if [ "$found" == "N" ] then - taglist="netvars,"$taglist + taglist="init,"$taglist fi export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" From e8edbbc6b9708e120ec3cc6acdd5dc65a0ed5320 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 16:19:54 -0400 Subject: [PATCH 036/393] include_role experiment, oviating meta/main.yml ? --- roles/7-edu-apps/tasks/main.yml | 34 +++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 6b0d15d1a..b3b565876 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,3 +1,33 @@ -- name: Educational Apps and Content Installed - command: echo Educational Apps and Content Installed +- name: BEGINNING Educational Apps and Content Installed + command: echo BEGINNING Educational Apps and Content Installed +- include_role: + name: moodle + when: moodle_install + +- include_role: + name: osm + when: osm_install + +- include_role: + name: pathagar + when: pathagar_install + +- include_role: + name: rachel + when: rachel_install + +- include_role: + name: kalite + when: kalite_install + +- include_role: + name: kiwix + when: kiwix_install + +- include_role: + name: sugarizer + when: sugarizer_install + +- name: COMPLETING Educational Apps and Content Installed + command: echo COMPLETING Educational Apps and Content Installed From 0e4990175959f7088eba7efa72ddd7b6413f79ae Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 16:20:44 -0400 Subject: [PATCH 037/393] Delete main.yml --- roles/7-edu-apps/meta/main.yml | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 roles/7-edu-apps/meta/main.yml diff --git a/roles/7-edu-apps/meta/main.yml b/roles/7-edu-apps/meta/main.yml deleted file mode 100644 index 9bb0982fc..000000000 --- a/roles/7-edu-apps/meta/main.yml +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: - - { role: moodle, tags: ['olpc','moodle','edu-apps'], when: moodle_install } - - { role: osm, tags: ['osm','edu-apps'], when: osm_install } - - { role: pathagar, tags: ['pathagar','edu-apps'], when: pathagar_install } - - { role: rachel, tags: ['rachel','edu-apps'], when: rachel_install } - - { role: kalite, tags: ['kalite','edu-apps'], when: kalite_install } - - { role: kiwix, tags: ['kiwix','edu-apps'], when: kiwix_install } - - { role: sugarizer, tags: ['sugarizer','edu-apps'], when: sugarizer_install } -# - { role: debian_schooltool, tags: ['schooltool','debian_schooltool','edu-apps'], when: debian_schooltool_install and is_debuntu } From e48838da04f0407850ca7f7658d8ca85d3a8041a Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 15:56:08 -0500 Subject: [PATCH 038/393] clean up stale variables --- runansible | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/runansible b/runansible index 51cee7876..5db3ab21f 100755 --- a/runansible +++ b/runansible @@ -4,13 +4,7 @@ INVENTORY="ansible_hosts" # Pass cmdline options for ansible ARGS="$@" -# copy var files to /etc/iiab for subsequent use -mkdir -p /etc/iiab -if [ ! -f /etc/iiab/config_vars.yml ]; then - echo "{}" > /etc/iiab/config_vars.yml -fi - -# if vars/local_vars.yml is missing, put a default one in place +# if vars/local_vars.yml is missing, put a default one in place - First Run if [ ! -f ./vars/local_vars.yml ]; then OS=`grep ^ID= /etc/*release|cut -d= -f2` OS=${OS//\"/} @@ -29,14 +23,24 @@ if [ ! -f ./vars/local_vars.yml ]; then esac fi +# copy var files to /etc/iiab for subsequent use +# If iiab.env exists, on second or upgrade run, check for stale variables +# iiab.env gets created at the end of stage-4 on First Run if [ -f /etc/iiab/iiab.env ] then - . /etc/iiab/iiab.env - cd $IIAB_DIR + OLD=`grep XSCE /etc/iiab/iiab.env` + if [ x"$OLD" != "x" ] + then + rm /etc/iiab/iiab.env + else + . /etc/iiab/iiab.env + cd $IIAB_DIR + fi else - IIAB_DIR=/opt/iiab/iiab mkdir -p /etc/iiab + echo "{}" > /etc/iiab/config_vars.yml fi + CWD=`pwd` if [ ! -f $PLAYBOOK ] From 6ef437cc797fae619386735aaf59e207e814546b Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 17:08:37 -0400 Subject: [PATCH 039/393] comments included..not quite there yet 3 problems: 1. include_role: does not permit tags, so presumably prevents more advanced use of "./runtags olpc" including roles across several of the 9 stages 2. I really want a "dynamic" approach like include_tasks: that spares us the madness of dozens of pages of "skipping, skipping, skipping" crap that should not be running anyway (avoiding the "static" behavior of the old "include:") But unfortunately include_role: does not accept "static: no" (as currently works within "include: ... when:") 3. Any way to squeeze things onto 1 line in Ansible, so it's actually readable as https://github.com/iiab/iiab/blob/master/roles/7-edu-apps/meta/main.yml was? --- roles/7-edu-apps/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index b3b565876..8251cbef8 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -3,30 +3,38 @@ - include_role: name: moodle +# static: no +# tags: ['olpc','moodle','edu-apps'] when: moodle_install - include_role: name: osm +# tags: ['olpc','moodle','edu-apps'] when: osm_install - include_role: name: pathagar +# ['pathagar','edu-apps'] when: pathagar_install - include_role: name: rachel +# ['rachel','edu-apps'] when: rachel_install - include_role: name: kalite +# ['kalite','edu-apps'] when: kalite_install - include_role: name: kiwix +# ['kiwix','edu-apps'] when: kiwix_install - include_role: name: sugarizer +# ['sugarizer','edu-apps'] when: sugarizer_install - name: COMPLETING Educational Apps and Content Installed From 32c668936ad6bcf00b6d56ae7a8917a36fe56a6b Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:21:31 -0400 Subject: [PATCH 040/393] comment out ajenti --- vars/default_vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 20460e5ef..aa9b22acd 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -324,9 +324,9 @@ awstats_enabled: False schooltool_install: False schooltool_enabled: False -# Ajenti -ajenti_install: False -ajenti_enabled: False +# Ajenti - unmaintained +# ajenti_install: False +# ajenti_enabled: False # TeamViewer - unmaintained (better to install from http://teamviewer.com) teamviewer_install: False From 62b7ed8e40d1f877a20d8d18604dff2bca123a5a Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:27:42 -0400 Subject: [PATCH 041/393] proposed new template for all 9+ tasks/main.yml ? --- roles/7-edu-apps/tasks/main.yml | 62 ++++++++++++++++----------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 8251cbef8..6ac4e5655 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,41 +1,41 @@ -- name: BEGINNING Educational Apps and Content Installed - command: echo BEGINNING Educational Apps and Content Installed +- name: ...IS BEGINNING ============================================] + command: echo -- include_role: - name: moodle -# static: no -# tags: ['olpc','moodle','edu-apps'] - when: moodle_install - -- include_role: - name: osm -# tags: ['olpc','moodle','edu-apps'] - when: osm_install - -- include_role: - name: pathagar -# ['pathagar','edu-apps'] - when: pathagar_install - -- include_role: - name: rachel -# ['rachel','edu-apps'] - when: rachel_install - -- include_role: +- name: KALITE + include_role: name: kalite -# ['kalite','edu-apps'] when: kalite_install + tags: kalite -- include_role: +- name: KIWIX + include_role: name: kiwix -# ['kiwix','edu-apps'] when: kiwix_install + tags: kiwix -- include_role: +- name: MOODLE + include_role: + name: moodle + when: moodle_install + tags: olpc, moodle + +- name: OSM + include_role: + name: osm + when: osm_install + tags: osm + +- name: PATHAGAR + include_role: + name: pathagar + when: pathagar_install + tags: pathagar, edu-apps + +- name: SUGARIZER + include_role: name: sugarizer -# ['sugarizer','edu-apps'] when: sugarizer_install + tags: sugarizer -- name: COMPLETING Educational Apps and Content Installed - command: echo COMPLETING Educational Apps and Content Installed +- name: ...WAS COMPLETED ===========================================] + command: echo From 74ebfabd1f2bb4cf155c86384aa48259c1a6e734 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:29:28 -0400 Subject: [PATCH 042/393] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 6ac4e5655..a1fbcb85f 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,3 +1,5 @@ +# Educational Apps + - name: ...IS BEGINNING ============================================] command: echo From 849ba9610d7a563cbfbd6f1261f69b38c7adf28f Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:30:37 -0400 Subject: [PATCH 043/393] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 56 +++++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 004bf470f..a83b9dd9c 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,3 +1,55 @@ -- name: Assessment and Monitoring Tools Installed - command: echo Assessment and Monitoring Tools Installed +# Assessment and Monitoring Tools +- name: ...IS BEGINNING ============================================] + command: echo + +- name: AWSTATS + include_role: + name: awstats + tags: services, awstats + when: awstats_install + +- name: MONIT + include_role: + name: monit + tags: services, monit + when: monit_install + +- name: MUNIN + include_role: + name: munin + when: munin_install + tags: services, munin + +- name: PHPMYADMIN + include_role: + name: phpmyadmin + tags: services, phpmyadmin + when: phpmyadmin_install + +- name: SUGAR-STATS + include_role: + name: sugar-stats + when: sugar_stats_install and ansible_distribution != "CentOS" + tags: olpc, sugar-stats + +- name: TEAMVIEWER + include_role: + name: teamviewer + tags: services, teamviewer + when: teamviewer_install + +- name: VNSTAT + include_role: + name: vnstat + tags: services, vnstat + when: vnstat_install + +- name: XOVIS + include_role: + name: xovis + when: xovis_install and ansible_distribution != "CentOS" + tags: services, xovis + +- name: ...WAS COMPLETED ===========================================] + command: echo From bf5c1badecaf840a18d011d6bc0dd5621c747cb6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:38:49 -0400 Subject: [PATCH 044/393] tags harmonized w/ actual role names; 5-xo-services uncommented --- iiab.yml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/iiab.yml b/iiab.yml index b46cac86e..3c5004600 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,13 +9,12 @@ - /etc/iiab/config_vars.yml roles: - - { role: 0-init, tags: ['init'] } - - { role: 1-prep, tags: ['prep','platform','base'] } - - { role: 2-common, tags: ['common','base'] } - - { role: 3-base-server, tags: ['base'] } - - { role: 4-server-options, tags: ['options'] } -# - { role: 5-xo-services, tags: ['xo-services'] } - - { role: 6-generic-apps, tags: ['generic-apps'] } - - { role: 7-edu-apps, tags: ['edu-apps'] } - - { role: 8-mgmt-tools, tags: ['tools'] } - - { role: 9-local-addons, tags: ['addons'] } + - { role: 1-prep, tags: ['1-prep','platform','base'] } + - { role: 2-common, tags: ['2-common','base'] } + - { role: 3-base-server, tags: ['3-base-server','base'] } + - { role: 4-server-options, tags: ['4-server-options'] } + - { role: 5-xo-services, tags: ['5-xo-services'] } + - { role: 6-generic-apps, tags: ['6-generic-apps'] } + - { role: 7-edu-apps, tags: ['7-edu-apps'] } + - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] } + - { role: 9-local-addons, tags: ['9-local-addons'] } From 4ab0f3a50ebb0a54605684ff19103701eda67e8c Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:42:44 -0400 Subject: [PATCH 045/393] Update main.yml --- roles/9-local-addons/tasks/main.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index ce546dfe9..f6c958753 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,3 +1,7 @@ -- name: Addon services installed - command: echo Addon services installed +# Local Add-ons +- name: ...IS BEGINNING ============================================] + command: echo + +- name: ...WAS COMPLETED ===========================================] + command: echo From 33b710e0d100721385b20b3d6b88be34e0d3a79d Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:46:01 -0400 Subject: [PATCH 046/393] init -> 0-init --- runtags | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/runtags b/runtags index ae25ea4df..b353d3a65 100755 --- a/runtags +++ b/runtags @@ -35,7 +35,7 @@ found="N" for tag in $tags do - if [ "$tag" == "init" ] + if [ "$tag" == "0-init" ] then found="Y" fi @@ -47,7 +47,7 @@ taglist=$1 if [ "$found" == "N" ] then - taglist="init,"$taglist + taglist="0-init,"$taglist fi export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" From 5ef4a48abb82262cf26a5138f357195ef3adf2b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:53:54 -0400 Subject: [PATCH 047/393] tag init -> 0-init --- iiab.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab.yml b/iiab.yml index 3c5004600..d7055e91a 100644 --- a/iiab.yml +++ b/iiab.yml @@ -9,6 +9,7 @@ - /etc/iiab/config_vars.yml roles: + - { role: 0-init, tags: ['0-init'] } - { role: 1-prep, tags: ['1-prep','platform','base'] } - { role: 2-common, tags: ['2-common','base'] } - { role: 3-base-server, tags: ['3-base-server','base'] } From d128f875ea98c5e0c5b48e9e493881875fc91034 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:55:39 -0400 Subject: [PATCH 048/393] new tags names incl #s --- iiab-from-console.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/iiab-from-console.yml b/iiab-from-console.yml index 1c29d7b18..33f995186 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -9,10 +9,10 @@ - /etc/iiab/config_vars.yml roles: - - { role: 0-init, tags: ['init'] } - - { role: 4-server-options, tags: ['options'] } - - { role: 5-xo-services, tags: ['xo-services'] } - - { role: 6-generic-apps, tags: ['generic-apps'] } - - { role: 7-edu-apps, tags: ['edu-apps'] } - - { role: 8-mgmt-tools, tags: ['tools'] } - - { role: 9-local-addons, tags: ['addons'] } + - { role: 0-init, tags: ['0-init'] } + - { role: 4-server-options, tags: ['4-server-options'] } + - { role: 5-xo-services, tags: ['5-xo-services'] } + - { role: 6-generic-apps, tags: ['6-generic-apps'] } + - { role: 7-edu-apps, tags: ['7-edu-apps'] } + - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] } + - { role: 9-local-addons, tags: ['9-local-addons'] } From d66c0ccbaf40a889322706727866c4a244c31a97 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:56:28 -0400 Subject: [PATCH 049/393] new tags names incl #s --- iiab-base.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-base.yml b/iiab-base.yml index a359808d9..adf698fb9 100644 --- a/iiab-base.yml +++ b/iiab-base.yml @@ -8,6 +8,6 @@ - vars/local_vars.yml roles: - - { role: 0-init, tags: ['init'] } - - { role: 1-prep, tags: ['prep','platform','base'] } + - { role: 0-init, tags: ['0-init'] } + - { role: 1-prep, tags: ['1-prep','platform','base'] } - { role: openvpn, tags: ['openvpn'] } From a92f5cb90d644e3bd5eee35d5dd573c284f15aba Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:58:23 -0400 Subject: [PATCH 050/393] Delete main.yml --- roles/8-mgmt-tools/meta/main.yml | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 roles/8-mgmt-tools/meta/main.yml diff --git a/roles/8-mgmt-tools/meta/main.yml b/roles/8-mgmt-tools/meta/main.yml deleted file mode 100644 index 2fe3a5559..000000000 --- a/roles/8-mgmt-tools/meta/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -dependencies: -# - { role: sugar-stats, tags: ['olpc','sugar-stats','tools'], when: sugar_stats_install and ansible_distribution != "CentOS" } -# - { role: ajenti, tags: ['services','ajenti','tools'], when: ajenti_install } - - { role: munin, tags: ['services','munin','tools'], when: munin_install } - - { role: monit, tags: ['services','monit','tools'], when: monit_install } - - { role: vnstat, tags: ['services','vnstat','tools'], when: vnstat_install } -# - { role: xovis, tags: ['services','xovis','tools'], when: xovis_install and ansible_distribution != "CentOS" } - - { role: phpmyadmin, tags: ['services','phpmyadmin','tools'], when: phpmyadmin_install } - - { role: awstats, tags: ['services','awstats','tools'], when: awstats_install } - - { role: teamviewer, tags: ['services','teamviewer','tools'], when: teamviewer_install } From 9af6c3aa06ae155f6f9e17a31ad601758434d94a Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 20:58:56 -0400 Subject: [PATCH 051/393] Delete main.yml --- roles/9-local-addons/meta/main.yml | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 roles/9-local-addons/meta/main.yml diff --git a/roles/9-local-addons/meta/main.yml b/roles/9-local-addons/meta/main.yml deleted file mode 100644 index 74ae9e11f..000000000 --- a/roles/9-local-addons/meta/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -# Add your role to this list and then uncomment dependencies. Adding a tag is handy for testing. -#dependencies: From 4f8b7d17b83c901edab360493b188e4eb6ae9f81 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:09:55 -0400 Subject: [PATCH 052/393] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 56 +++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index f0c33e80f..ceb23b696 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,3 +1,55 @@ -- name: Generic Apps Installed - command: echo Generic Apps Installed +# Generic Apps +- name: ...IS BEGINNING ============================================] + command: echo + +- name: MYSQL + include_role: + name: mysql + tags: mysql + when: mysql_install + +- name: CALIBRE + include_role: + name: calibre + tags: calibre + when: calibre_install + +- name: DOKUWIKI + include_role: + name: dokuwiki + tags: dokuwiki + when: dokuwiki_install + +- name: ELGG + include_role: + name: elgg + tags: elgg + when: elgg_install + +- name: EJABBERD + include_role: + name: ejabberd + tags: ejabberd + when: ejabberd_install + +- name: NEXTCLOUD + include_role: + name: nextcloud + tags: nextcloud + when: nextcloud_install + +- name: OWNCLOUD + include_role: + name: owncloud + tags: owncloud + when: owncloud_install + +- name: WORDPRESS + include_role: + name: wordpress + tags: wordpress + when: wordpress_install + +- name: ...WAS COMPLETED ===========================================] + command: echo From b25acca8b65c11e70f7b162320b780922545cd25 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:10:17 -0400 Subject: [PATCH 053/393] Delete main.yml --- roles/6-generic-apps/meta/main.yml | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 roles/6-generic-apps/meta/main.yml diff --git a/roles/6-generic-apps/meta/main.yml b/roles/6-generic-apps/meta/main.yml deleted file mode 100644 index 95dd40ed7..000000000 --- a/roles/6-generic-apps/meta/main.yml +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: - - { role: mysql, tags: ['generic','mysql'], when: mysql_install } - - { role: elgg, tags: ['generic','elgg'], when: elgg_install } - - { role: owncloud, tags: ['generic','owncloud'], when: owncloud_install } - - { role: nextcloud, tags: ['generic','nextcloud'], when: nextcloud_install } - - { role: dokuwiki, tags: ['generic','dokuwiki'], when: dokuwiki_install } - - { role: wordpress, tags: ['generic','wordpress'], when: wordpress_install } - - { role: calibre, tags: ['generic','calibre'], when: calibre_install } - - { role: ejabberd, tags: ['generic','ejabberd'], when: ejabberd_install } From 0253c7bd3d5956d6ec52257e84a48e8d1b9d2940 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:15:37 -0400 Subject: [PATCH 054/393] mysql not needed (u can still do "./runtags mysql") --- roles/6-generic-apps/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index ceb23b696..17bd530eb 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -3,12 +3,6 @@ - name: ...IS BEGINNING ============================================] command: echo -- name: MYSQL - include_role: - name: mysql - tags: mysql - when: mysql_install - - name: CALIBRE include_role: name: calibre From 19f501608e58b68716b8c04afa7285f8020f145c Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:22:03 -0400 Subject: [PATCH 055/393] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index a83b9dd9c..6f19fbbf9 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -6,14 +6,14 @@ - name: AWSTATS include_role: name: awstats - tags: services, awstats when: awstats_install - + tags: services, awstats + - name: MONIT include_role: name: monit - tags: services, monit when: monit_install + tags: services, monit - name: MUNIN include_role: @@ -24,8 +24,8 @@ - name: PHPMYADMIN include_role: name: phpmyadmin - tags: services, phpmyadmin when: phpmyadmin_install + tags: services, phpmyadmin - name: SUGAR-STATS include_role: @@ -36,14 +36,14 @@ - name: TEAMVIEWER include_role: name: teamviewer - tags: services, teamviewer when: teamviewer_install + tags: services, teamviewer - name: VNSTAT include_role: name: vnstat - tags: services, vnstat when: vnstat_install + tags: services, vnstat - name: XOVIS include_role: From 8fc56009b91f52310db448e55d2f5e20b34848b3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:31:06 -0400 Subject: [PATCH 056/393] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 6f19fbbf9..a1b8d371a 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -7,25 +7,25 @@ include_role: name: awstats when: awstats_install - tags: services, awstats + tags: awstats - name: MONIT include_role: name: monit when: monit_install - tags: services, monit + tags: monit - name: MUNIN include_role: name: munin when: munin_install - tags: services, munin + tags: munin - name: PHPMYADMIN include_role: name: phpmyadmin when: phpmyadmin_install - tags: services, phpmyadmin + tags: phpmyadmin - name: SUGAR-STATS include_role: @@ -37,19 +37,19 @@ include_role: name: teamviewer when: teamviewer_install - tags: services, teamviewer + tags: teamviewer - name: VNSTAT include_role: name: vnstat when: vnstat_install - tags: services, vnstat + tags: vnstat - name: XOVIS include_role: name: xovis when: xovis_install and ansible_distribution != "CentOS" - tags: services, xovis + tags: xovis - name: ...WAS COMPLETED ===========================================] command: echo From aa279dbb8d869813ddf5b76843444a833311505a Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:43:09 -0400 Subject: [PATCH 057/393] Update main.yml --- roles/5-xo-services/tasks/main.yml | 32 ++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 700fc1270..db8a0f462 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,3 +1,31 @@ -- name: XO Services Installed - command: echo XO Services Installed +# XO Services +- name: ...IS BEGINNING ============================================] + command: echo + +- name: ACTIVITY-SERVER + include_role: + name: activity-server + when: activity_server_install + tags: olpc, activity-server + +- name: EJABBERD + include_role: + name: ejabberd + when: ejabberd_install + tags: olpc, ejabberd + +- name: EJABBERD_XS + include_role: + name: ejabberd_xs + when: ejabberd_xs_install + tags: olpc, ejabberd-xs + +- name: IDMGR + include_role: + name: idmgr + when: idmgr_install + tags: olpc, idmgr + +- name: ...WAS COMPLETED ===========================================] + command: echo From 858405be6619a1e53601e4b5d7d86ea6b2b9b083 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:44:42 -0400 Subject: [PATCH 058/393] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 17bd530eb..fb2ee19d9 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -6,44 +6,44 @@ - name: CALIBRE include_role: name: calibre - tags: calibre when: calibre_install + tags: calibre - name: DOKUWIKI include_role: name: dokuwiki - tags: dokuwiki when: dokuwiki_install + tags: dokuwiki - name: ELGG include_role: name: elgg - tags: elgg when: elgg_install + tags: elgg - name: EJABBERD include_role: name: ejabberd - tags: ejabberd when: ejabberd_install + tags: ejabberd - name: NEXTCLOUD include_role: name: nextcloud - tags: nextcloud when: nextcloud_install + tags: nextcloud - name: OWNCLOUD include_role: name: owncloud - tags: owncloud when: owncloud_install + tags: owncloud - name: WORDPRESS include_role: name: wordpress - tags: wordpress when: wordpress_install + tags: wordpress - name: ...WAS COMPLETED ===========================================] command: echo From 68c7af4987789a7265c3b8608bd8a943273536b4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:45:31 -0400 Subject: [PATCH 059/393] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index a1fbcb85f..b59604c2e 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -31,7 +31,7 @@ include_role: name: pathagar when: pathagar_install - tags: pathagar, edu-apps + tags: pathagar - name: SUGARIZER include_role: From b7899e85fa791fd42371d22e0c709a98db2a29c1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 21:47:46 -0400 Subject: [PATCH 060/393] Delete main.yml --- roles/5-xo-services/meta/main.yml | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 roles/5-xo-services/meta/main.yml diff --git a/roles/5-xo-services/meta/main.yml b/roles/5-xo-services/meta/main.yml deleted file mode 100644 index 4df7f37ff..000000000 --- a/roles/5-xo-services/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -dependencies: - - { role: ejabberd_xs, tags: ['olpc','ejabberd-xs','xo-services'], when: ejabberd_xs_install } - - { role: idmgr, tags: ['olpc','idmgr','xo-services'], when: idmgr_install } - - { role: activity-server, tags: ['olpc','activity-server','xo-services'], when: activity_server_install } From e413203942fd7b040f9db1572e4a6f337df07073 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:00:20 -0400 Subject: [PATCH 061/393] Delete main.yml --- roles/4-server-options/meta/main.yml | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 roles/4-server-options/meta/main.yml diff --git a/roles/4-server-options/meta/main.yml b/roles/4-server-options/meta/main.yml deleted file mode 100644 index 7aec1a69c..000000000 --- a/roles/4-server-options/meta/main.yml +++ /dev/null @@ -1,10 +0,0 @@ -dependencies: - - { role: home-page, tags: ['home-page'] } - - { role: sshd, tags: ['services','sshd','base'] } - - { role: network, tags: ['services','base','network'] } - - { role: postgresql, tags: ['services','postgresql','base'], when: postgresql_install } - - { role: authserver, tags: ['services','authserver','base'], when: authserver_install } - - { role: openvpn, tags: ['options','openvpn'], when: openvpn_install } - - { role: samba, tags: ['services','samba','options'], when: samba_install } - - { role: usb-lib, tags: ['services','usb-lib','options'], when: usb_lib_install } - - { role: cups, tags: ['services','cups','options'], when: cups_install } From bd703564a49f0071bc20994643f45949a4fb4bda Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:01:02 -0400 Subject: [PATCH 062/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 63 ++++++++++++++++++++++++++- 1 file changed, 61 insertions(+), 2 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 5dcbb13c5..fdfb71bca 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -1,5 +1,61 @@ -- name: Server Options Installed - command: echo Server Options Installed +# Server Options + +- name: ...IS BEGINNING ============================================] + command: echo + +- name: HOMEPAGE + include_role: + name: homepage +# when: homepage_install + tags: homepage + +- name: SSHD + include_role: + name: sshd +# when: sshd_install + tags: base, sshd + +- name: NETWORK + include_role: + name: network +# when: network_install + tags: base, network + +- name: POSTGRESQL + include_role: + name: postgresql + when: postgresql_install + tags: base, postgresql + +- name: AUTHSERVER + include_role: + name: authserver + when: authserver_install + tags: base, authserver + +- name: OPENVPN + include_role: + name: openvpn + when: openvpn_install + tags: openvpn + +- name: SAMBA + include_role: + name: samba + when: samba_install + tags: samba + +- name: USB-LIB + include_role: + name: usb-lib + when: usb_lib_install + tags: usb-lib + +- name: CUPS + include_role: + name: cups + when: cups_install + tags: cups # this script can be sourced to get iiab location - name: Create iiab.env file @@ -38,3 +94,6 @@ service: name=xs-authserver state=restarted when: authserver_enabled + +- name: ...WAS COMPLETED ===========================================] + command: echo From ec0d48146df66c18b4c26d0f4c6721efbd841485 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:04:54 -0400 Subject: [PATCH 063/393] Update main.yml --- roles/home-page/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/home-page/tasks/main.yml b/roles/home-page/tasks/main.yml index b5d57c82a..91b570df5 100644 --- a/roles/home-page/tasks/main.yml +++ b/roles/home-page/tasks/main.yml @@ -5,12 +5,12 @@ group={{ apache_user }} state=directory -- name: Install admin home page into apache2 - template: src=iiab-home-page.conf - dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf +- name: Install admin homepage into apache2 + template: src=iiab-homepage.conf + dest=/etc/{{ apache_config_dir }}/iiab-homepage.conf - name: Enable the home page - file: src=/etc/{{ apache_config_dir }}/iiab-home-page.conf - dest=/etc/apache2/sites-enabled/iiab-home-page.conf + file: src=/etc/{{ apache_config_dir }}/iiab-homepage.conf + dest=/etc/apache2/sites-enabled/iiab-homepage.conf state=link when: is_debuntu From 10bd33a5d16c163982463ca755e1b9b92e0aec5e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:06:20 -0400 Subject: [PATCH 064/393] Update iiab-home-page.conf --- roles/home-page/templates/iiab-home-page.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/home-page/templates/iiab-home-page.conf b/roles/home-page/templates/iiab-home-page.conf index b1910cc26..fa853aa4d 100644 --- a/roles/home-page/templates/iiab-home-page.conf +++ b/roles/home-page/templates/iiab-home-page.conf @@ -1,7 +1,7 @@ -# XSCE Home Page +# IIAB Home Page # Redirect to home page on School Server -# Default is xs-portal +# Default [was] xs-portal [and is now generally] home # RedirectMatch of root to home page # See the note in default_vars.yml From 2be027a07ddeafd7b31ae39a00c82d625f76c6ad Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:06:39 -0400 Subject: [PATCH 065/393] Update iiab-home-page.conf --- roles/home-page/templates/iiab-home-page.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/home-page/templates/iiab-home-page.conf b/roles/home-page/templates/iiab-home-page.conf index fa853aa4d..0fc7a8e2e 100644 --- a/roles/home-page/templates/iiab-home-page.conf +++ b/roles/home-page/templates/iiab-home-page.conf @@ -3,7 +3,7 @@ # Redirect to home page on School Server # Default [was] xs-portal [and is now generally] home -# RedirectMatch of root to home page +# RedirectMatch of root to homepage # See the note in default_vars.yml RedirectMatch ^/$ {{ iiab_home_url }} From 0d1982de56aeb5f046e0e9b80add95dafb1c7fa2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:09:05 -0400 Subject: [PATCH 066/393] Update main.yml --- roles/httpd/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 0470303e0..81c6498fc 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -146,7 +146,7 @@ tags: - base -- name: place the script to generate home pages +- name: place the script to generate homepages template: src=refresh-wiki-docs.sh dest=/usr/bin/iiab-refresh-wiki-docs mode=0755 From 97a6930e1a7aece0bb1d98467c8e3fe79bd1fd0e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:14:01 -0400 Subject: [PATCH 067/393] Update main.yml --- roles/5-xo-services/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index db8a0f462..a2fa867f8 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -9,12 +9,6 @@ when: activity_server_install tags: olpc, activity-server -- name: EJABBERD - include_role: - name: ejabberd - when: ejabberd_install - tags: olpc, ejabberd - - name: EJABBERD_XS include_role: name: ejabberd_xs From 3b32a9877a3ccb520cbc2fd3eae2ac1e06c2f2ad Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:22:31 -0400 Subject: [PATCH 068/393] Delete main.yml --- roles/3-base-server/meta/main.yml | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 roles/3-base-server/meta/main.yml diff --git a/roles/3-base-server/meta/main.yml b/roles/3-base-server/meta/main.yml deleted file mode 100644 index 86ba2c3f2..000000000 --- a/roles/3-base-server/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: - - { role: httpd, tags: ['services','httpd','base'] } - - { role: iiab-admin, tags: ['services','iiab-admin','base'] } From ba42a04569b5a5e6ec6fbfdaa0e46f972649e5c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:22:59 -0400 Subject: [PATCH 069/393] Update main.yml --- roles/3-base-server/tasks/main.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 8eda7ca48..a1794fb2c 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,3 +1,20 @@ +# Base Server + +- name: ...IS BEGINNING ============================================] + command: echo + +- name: HTTPD + include_role: + name: httpd +# when: httpd_install + tags: base, httpd + +- name: IIAB-ADMIN + include_role: + name: iiab-admin +# when: iiab_install + tags: base, iiab-admin + - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory @@ -16,3 +33,6 @@ # regexp='^BASE_VERSION=*' # line='BASE_VERSION="{{ gui_version }}"' # state=present + +- name: ...WAS COMPLETED ===========================================] + command: echo From 08a746cd06bf4b737f61c59f28b2a9ed08bfe380 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:24:42 -0400 Subject: [PATCH 070/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index fdfb71bca..5b787e90f 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -21,12 +21,6 @@ # when: network_install tags: base, network -- name: POSTGRESQL - include_role: - name: postgresql - when: postgresql_install - tags: base, postgresql - - name: AUTHSERVER include_role: name: authserver From 8555f7ee951b800c11f8834032a18d8950a653f8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:28:18 -0400 Subject: [PATCH 071/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 5b787e90f..8f72650c7 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -6,21 +6,20 @@ - name: HOMEPAGE include_role: name: homepage -# when: homepage_install tags: homepage - name: SSHD include_role: name: sshd -# when: sshd_install tags: base, sshd - name: NETWORK include_role: name: network -# when: network_install tags: base, network +# the above 3 have no XXXXX_intall flag -- whereas the 5 below do + - name: AUTHSERVER include_role: name: authserver From c5e3836708b10f73099deab539051228b1db0c69 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:29:16 -0400 Subject: [PATCH 072/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 8f72650c7..37a172732 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -24,7 +24,7 @@ include_role: name: authserver when: authserver_install - tags: base, authserver + tags: authserver - name: OPENVPN include_role: From 961ea1813ebeed08f47ae7bc9a234e06a135b4a9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:29:54 -0400 Subject: [PATCH 073/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 37a172732..edb9cddfe 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -6,7 +6,7 @@ - name: HOMEPAGE include_role: name: homepage - tags: homepage + tags: base, homepage - name: SSHD include_role: From 0538bdc3863e65b4ee13632a457e2ac4d99d7702 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:31:56 -0400 Subject: [PATCH 074/393] Update main.yml --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index a1794fb2c..966979e56 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -6,14 +6,14 @@ - name: HTTPD include_role: name: httpd -# when: httpd_install tags: base, httpd - name: IIAB-ADMIN include_role: name: iiab-admin -# when: iiab_install tags: base, iiab-admin + +# the above 2 have no XXXXX_intall flag - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content From c3c215ed5c6e0a0e0a98927ee6bba3b45cd51896 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:33:15 -0400 Subject: [PATCH 075/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index edb9cddfe..1f4bd8fb3 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -18,7 +18,7 @@ name: network tags: base, network -# the above 3 have no XXXXX_intall flag -- whereas the 5 below do +# the above 3 have no "when: XXXXX_install" flag -- whereas the 5 below do - name: AUTHSERVER include_role: From 18178f35cb71f62c99848a8d01cb046cf74dcb48 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:33:22 -0400 Subject: [PATCH 076/393] Update main.yml --- roles/3-base-server/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 966979e56..076c6ff2d 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -13,7 +13,7 @@ name: iiab-admin tags: base, iiab-admin -# the above 2 have no XXXXX_intall flag +# the above 2 have no "when: XXXXX_install" flag - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content From 8235710e6386da0528f61e2abf58cf5b9218be26 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:44:06 -0400 Subject: [PATCH 077/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 33 ++++++++++++++------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 1f4bd8fb3..bc933e102 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -3,22 +3,29 @@ - name: ...IS BEGINNING ============================================] command: echo -- name: HOMEPAGE - include_role: - name: homepage - tags: base, homepage - - name: SSHD include_role: name: sshd + # has no "when: XXXXX_install" flag tags: base, sshd +- name: OPENVPN + include_role: + name: openvpn + when: openvpn_install + tags: openvpn + - name: NETWORK include_role: name: network + # has no "when: XXXXX_install" flag tags: base, network -# the above 3 have no "when: XXXXX_install" flag -- whereas the 5 below do +- name: HOMEPAGE + include_role: + name: homepage + # has no "when: XXXXX_install" flag + tags: base, homepage - name: AUTHSERVER include_role: @@ -26,11 +33,11 @@ when: authserver_install tags: authserver -- name: OPENVPN +- name: CUPS include_role: - name: openvpn - when: openvpn_install - tags: openvpn + name: cups + when: cups_install + tags: cups - name: SAMBA include_role: @@ -44,12 +51,6 @@ when: usb_lib_install tags: usb-lib -- name: CUPS - include_role: - name: cups - when: cups_install - tags: cups - # this script can be sourced to get iiab location - name: Create iiab.env file template: src=roles/1-prep/templates/iiab.env.j2 From d34e724421d664275bf583e144b887b11a6814ec Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:44:54 -0400 Subject: [PATCH 078/393] Update main.yml --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 076c6ff2d..44de6651b 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -6,14 +6,14 @@ - name: HTTPD include_role: name: httpd + # has no "when: XXXXX_install" flag tags: base, httpd - name: IIAB-ADMIN include_role: name: iiab-admin + # has no "when: XXXXX_install" flag tags: base, iiab-admin - -# the above 2 have no "when: XXXXX_install" flag - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content From ef30a8c3e32d0385e1efa9f6d503686278cd2bdc Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 21:52:41 -0500 Subject: [PATCH 079/393] rename home-page --- roles/{home-page => homepage}/tasks/main.yml | 0 roles/{home-page => homepage}/templates/iiab-home-page.conf | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename roles/{home-page => homepage}/tasks/main.yml (100%) rename roles/{home-page => homepage}/templates/iiab-home-page.conf (100%) diff --git a/roles/home-page/tasks/main.yml b/roles/homepage/tasks/main.yml similarity index 100% rename from roles/home-page/tasks/main.yml rename to roles/homepage/tasks/main.yml diff --git a/roles/home-page/templates/iiab-home-page.conf b/roles/homepage/templates/iiab-home-page.conf similarity index 100% rename from roles/home-page/templates/iiab-home-page.conf rename to roles/homepage/templates/iiab-home-page.conf From 5f883fdcff383b7c6e89e465d347e2cdb9e781c8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 22:56:33 -0400 Subject: [PATCH 080/393] Rename iiab-home-page.conf to iiab-homepage.conf --- .../templates/{iiab-home-page.conf => iiab-homepage.conf} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/homepage/templates/{iiab-home-page.conf => iiab-homepage.conf} (100%) diff --git a/roles/homepage/templates/iiab-home-page.conf b/roles/homepage/templates/iiab-homepage.conf similarity index 100% rename from roles/homepage/templates/iiab-home-page.conf rename to roles/homepage/templates/iiab-homepage.conf From 6f688799df3e75f5d420ca2cab16c5ed8b705799 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 23:43:50 -0400 Subject: [PATCH 081/393] Update main.yml --- roles/2-common/tasks/main.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index fe42574dc..f1e35905d 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,7 +1,11 @@ +# Common OS-Level Additions & Mods (that only need to be performed once) + +- name: ...IS BEGINNING ============================================] + command: echo #- include: iiab_ini.yml -# create the directory structure for XSCE +# create the directory structure for IIAB - include: fl.yml - include: xo.yml @@ -43,3 +47,6 @@ when: not is_debuntu and not is_F18 - include: udev.yml + +- name: ...WAS COMPLETED ===========================================] + command: echo From 3f4c42d3c6185e537ecc0b79ffd4fe376a2ac7c3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 23:46:57 -0400 Subject: [PATCH 082/393] Update main.yml --- roles/1-prep/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 60b896567..d3d7c47d3 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,3 +1,8 @@ +# OS/HW-Level Preparations + +- name: ...IS BEGINNING ============================================] + command: echo + - name: get the uuidgen program package: name=uuid-runtime state=present @@ -82,3 +87,6 @@ get_url: dest=/lib/firmware url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 + +- name: ...WAS COMPLETED ===========================================] + command: echo From 8088858b109485d1ffa92f4fa3da4e18fa5a1a6d Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 26 Oct 2017 23:48:02 -0400 Subject: [PATCH 083/393] Update main.yml --- roles/1-prep/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index d3d7c47d3..b0a45f109 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,4 +1,4 @@ -# OS/HW-Level Preparations +# Preparations (Hardware Level) - name: ...IS BEGINNING ============================================] command: echo From a013dc6bfb50c0f1e8a437f3b28e26d3b83d3a57 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 26 Oct 2017 22:58:56 -0500 Subject: [PATCH 084/393] clean up roles/4-server-options/tasks/main.yml --- roles/4-server-options/tasks/main.yml | 22 ---------------------- roles/authserver/tasks/main.yml | 9 ++++++++- roles/postgresql/tasks/main.yml | 11 +++++++++++ 3 files changed, 19 insertions(+), 23 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index bc933e102..ca77dc010 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -67,27 +67,5 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: Stop postgresql service - command: "/etc/init.d/postgresql stop" - ignore_errors: True - when: postgresql_install and is_debuntu - -- name: Start postgresql service - service: name=postgresql-iiab - state=restarted - enabled=yes - when: postgresql_enabled - -- name: Stop authserver service - service: name=xs-authserver - state=stopped - enabled=no - when: not authserver_enabled and authserver_install - -- name: Start xs-authserver service - service: name=xs-authserver - state=restarted - when: authserver_enabled - - name: ...WAS COMPLETED ===========================================] command: echo diff --git a/roles/authserver/tasks/main.yml b/roles/authserver/tasks/main.yml index 11e34c91f..304c72392 100644 --- a/roles/authserver/tasks/main.yml +++ b/roles/authserver/tasks/main.yml @@ -38,8 +38,15 @@ environment: XS_AUTHSERVER_DATABASE: /var/lib/xs-authserver/data.db -- name: Enable xs-authserver service +- name: Stop authserver service service: name=xs-authserver + state=stopped + enabled=no + when: not authserver_enabled + +- name: Start xs-authserver service + service: name=xs-authserver + state=restarted enabled=yes when: authserver_enabled diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index ac125b67a..73321bf7d 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -64,6 +64,11 @@ group=postgres mode=0640 +- name: Stop postgresql service + command: "/etc/init.d/postgresql stop" + ignore_errors: True + when: postgresql_install and is_debuntu + - name: Stop and disable stock postgresql service service: name=postgresql state=stopped @@ -75,6 +80,12 @@ enabled=yes when: postgresql_enabled +- name: Stop and disable postgresql-iiab service + service: name=postgresql + state=stopped + enabled=no + when: not postgresql_enabled + - name: Add postgresql to service list ini_file: dest='{{ service_filelist }}' section=postgresql From 2c1f3411ec45b6b9c667b2fe8e86a39cca1337ae Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 00:28:51 -0400 Subject: [PATCH 085/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index bc933e102..99f18fcb6 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -31,7 +31,7 @@ include_role: name: authserver when: authserver_install - tags: authserver + tags: olpc, authserver - name: CUPS include_role: From cf1d1fce2f8eafc2794f94864b1ce5b3d0467c07 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 00:56:28 -0400 Subject: [PATCH 086/393] Update main.yml --- roles/mysql/defaults/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/mysql/defaults/main.yml b/roles/mysql/defaults/main.yml index 276c573d7..982f2a583 100644 --- a/roles/mysql/defaults/main.yml +++ b/roles/mysql/defaults/main.yml @@ -1,4 +1,2 @@ -phpMyAdmin: "phpMyAdmin-4.2.7.1-all-languages.zip" mysql_install: True mysql_enabled: False -phpmyadmin_enabled: False From 83c1a8aab54a10db933a2ef9ad8eceef84c46da7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 00:58:23 -0400 Subject: [PATCH 087/393] Update main.yml --- roles/phpmyadmin/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/phpmyadmin/defaults/main.yml b/roles/phpmyadmin/defaults/main.yml index edb827543..c53c26477 100644 --- a/roles/phpmyadmin/defaults/main.yml +++ b/roles/phpmyadmin/defaults/main.yml @@ -1,2 +1,3 @@ -phpmyadmin_install: True +phpmyadmin_install: False phpmyadmin_enabled: False +phpMyAdmin: "phpMyAdmin-4.7.5-all-languages.zip" From f6bfb60f54bcc58ae7aa516a9cbd6d55690faade Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:01:02 -0400 Subject: [PATCH 088/393] Update main.yml --- roles/phpmyadmin/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 18204cab6..1218019d6 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -6,7 +6,7 @@ unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/ - name: Create a symbolic link to the folder of the current version phpmyadmin - file: path=/opt/phpmyadmin src=phpMyAdmin-4.2.7.1-all-languages state=link + file: path=/opt/phpmyadmin src=phpMyAdmin-4.7.5-all-languages state=link - name: Copy the phpmyadmin config file into place template: src=config.inc.php dest=/opt/phpmyadmin/config.inc.php From 76e387885c48a44322005c3a4b5b93cbcb2e480b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:38:00 -0400 Subject: [PATCH 089/393] Update main.yml --- roles/1-prep/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index b0a45f109..6388a65a1 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,6 +1,6 @@ # Preparations (Hardware Level) -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ============================================ command: echo - name: get the uuidgen program @@ -88,5 +88,5 @@ url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED =========================================== command: echo From 7a22e94d0d834dcf9a1d23b457aa4ab73e2a0987 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:39:40 -0400 Subject: [PATCH 090/393] Update main.yml --- roles/2-common/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index f1e35905d..2b5d6a352 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,6 +1,6 @@ # Common OS-Level Additions & Mods (that only need to be performed once) -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ========================================== command: echo #- include: iiab_ini.yml @@ -48,5 +48,5 @@ - include: udev.yml -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ========================================= command: echo From ddab0ca42bc2c4676c4533ea0ea09c774011912c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:41:14 -0400 Subject: [PATCH 091/393] Update main.yml --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 44de6651b..6024555bc 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,6 +1,6 @@ # Base Server -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ===================================== command: echo - name: HTTPD @@ -34,5 +34,5 @@ # line='BASE_VERSION="{{ gui_version }}"' # state=present -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ==================================== command: echo From e4e638a4ee46fb0cf94469c4f6210f6b47828b84 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:41:47 -0400 Subject: [PATCH 092/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 59c5fac02..340e103f5 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -1,6 +1,6 @@ # Server Options -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ================================== command: echo - name: SSHD @@ -67,5 +67,5 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ================================= command: echo From 66e13ab3e1a972fda96a6e09e33b8c8367b17a53 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:44:50 -0400 Subject: [PATCH 093/393] Update main.yml --- roles/0-init/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 54ec4b7d3..dd972fe09 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,3 +1,8 @@ +# Initialize + +- name: ...IS BEGINNING ============================================ + command: echo + - name: Determine if runansible was run stat: path=/etc/iiab/iiab.env register: NewInstall @@ -13,3 +18,6 @@ when: first_run # Now load the computed vars - include: roles/1-prep/tasks/computed_vars.yml + +- name: ...WAS COMPLETED =========================================== + command: echo From e05c525d8f6c78393ef304948c97ef9453335053 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:46:55 -0400 Subject: [PATCH 094/393] Update main.yml --- roles/5-xo-services/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index a2fa867f8..6769f69ca 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,6 +1,6 @@ # XO Services -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ===================================== command: echo - name: ACTIVITY-SERVER @@ -21,5 +21,5 @@ when: idmgr_install tags: olpc, idmgr -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ==================================== command: echo From f411d1b6cf6291fe56f84e147cf3796525620db7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:48:00 -0400 Subject: [PATCH 095/393] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index fb2ee19d9..07bbd4762 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,6 +1,6 @@ # Generic Apps -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ==================================== command: echo - name: CALIBRE @@ -45,5 +45,5 @@ when: wordpress_install tags: wordpress -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED =================================== command: echo From d5f11e8fa689d7d7ef955c1b1810dd083809c400 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:50:00 -0400 Subject: [PATCH 096/393] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index b59604c2e..34bc371c2 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,6 +1,6 @@ # Educational Apps -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ======================================== command: echo - name: KALITE @@ -39,5 +39,5 @@ when: sugarizer_install tags: sugarizer -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ======================================= command: echo From 701f972d92539da79e050bed8348c306cf774f4e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:53:18 -0400 Subject: [PATCH 097/393] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index a1b8d371a..eadc6283f 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,6 +1,6 @@ # Assessment and Monitoring Tools -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ====================================== command: echo - name: AWSTATS @@ -51,5 +51,5 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED ===================================== command: echo From 641ad2340162ef248440619e96fa5bc9df259f72 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:55:08 -0400 Subject: [PATCH 098/393] Update main.yml --- roles/9-local-addons/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index f6c958753..31f166b3f 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,7 +1,7 @@ # Local Add-ons -- name: ...IS BEGINNING ============================================] +- name: ...IS BEGINNING ==================================== command: echo -- name: ...WAS COMPLETED ===========================================] +- name: ...WAS COMPLETED =================================== command: echo From 932a2988a6337f0d39b591c0ffc63fb188093c6c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:57:51 -0400 Subject: [PATCH 099/393] Update README.rst --- roles/9-local-addons/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/README.rst b/roles/9-local-addons/README.rst index 89be22318..84a671fc3 100644 --- a/roles/9-local-addons/README.rst +++ b/roles/9-local-addons/README.rst @@ -7,7 +7,7 @@ This role is a place to aggregate roles developed by various contributors or loc Development ----------- -Create the role you wish to add to the XSCE School Server by following the pattern of another role or any other means. +Create the role you wish to add to Internet-in-a-Box by following the pattern of another role or any other means. Packaging --------- @@ -18,4 +18,4 @@ the next ansible run. More Info --------- -Have a look at the docs section of this git repo for more detailed information. \ No newline at end of file +Have a look at the docs section of this git repo for more detailed information. From b9278fedf78fd2d55331bca8b4994869d53472a1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 01:59:33 -0400 Subject: [PATCH 100/393] Update README.rst --- roles/6-generic-apps/README.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/README.rst b/roles/6-generic-apps/README.rst index 03df57f50..d1bc82dae 100644 --- a/roles/6-generic-apps/README.rst +++ b/roles/6-generic-apps/README.rst @@ -2,6 +2,7 @@ Generic Apps README =================== -This role is a place to aggregate roles that install apps of a more generic nature, as opposed to educational or managment. -Content Management Systems or Chat or Wiki applications would go here. +This role is a place to aggregate roles that install apps of a more generic or collaborative nature, +as opposed to educational or managment. Content Management Systems or Chat or Wiki applications +would go here. From 83e9d0bd600a848475819bb327ecfa7011dc5897 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:00:35 -0400 Subject: [PATCH 101/393] Update README.rst --- roles/5-xo-services/README.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/5-xo-services/README.rst b/roles/5-xo-services/README.rst index b215621b0..b0926083c 100644 --- a/roles/5-xo-services/README.rst +++ b/roles/5-xo-services/README.rst @@ -2,5 +2,4 @@ XO Services README ================== -This role is a place to aggregate roles that provide XO specific services. - +This role is a place to aggregate roles that provide specific services for One Laptop Per Child's XO laptops. From 3601c33d5ba9696a2f65947188745f70ec047c84 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:01:03 -0400 Subject: [PATCH 102/393] Update README.rst --- roles/6-generic-apps/README.rst | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/6-generic-apps/README.rst b/roles/6-generic-apps/README.rst index d1bc82dae..372e32d08 100644 --- a/roles/6-generic-apps/README.rst +++ b/roles/6-generic-apps/README.rst @@ -5,4 +5,3 @@ Generic Apps README This role is a place to aggregate roles that install apps of a more generic or collaborative nature, as opposed to educational or managment. Content Management Systems or Chat or Wiki applications would go here. - From 9fd1466b7818dd4c0041312072d4d6b1c25469d3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:01:27 -0400 Subject: [PATCH 103/393] Update README.rst --- roles/7-edu-apps/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/7-edu-apps/README.rst b/roles/7-edu-apps/README.rst index 05ede48d8..edb32c1d9 100644 --- a/roles/7-edu-apps/README.rst +++ b/roles/7-edu-apps/README.rst @@ -3,4 +3,4 @@ Educational Apps and Content README =================================== This role is a place to aggregate roles that provide Educational Content or -are specifically targetted at pedagogical activities. +are specifically targetted at pedagogical activities. From 070c4bcc3deacd93edb6a6cb21d7f41e2f0874ce Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:04:55 -0400 Subject: [PATCH 105/393] Update README.rst --- roles/9-local-addons/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/README.rst b/roles/9-local-addons/README.rst index 84a671fc3..b06e7f461 100644 --- a/roles/9-local-addons/README.rst +++ b/roles/9-local-addons/README.rst @@ -12,10 +12,10 @@ Create the role you wish to add to Internet-in-a-Box by following the pattern of Packaging --------- -Add your role into the main.yml file in the meta directory of the 7-local-addons role. It will now get installed as part of +Add your role into the main.yml file in the tasks directory of the 9-local-addons role. It will now get installed as part of the next ansible run. More Info --------- -Have a look at the docs section of this git repo for more detailed information. +Have a look at https://github.com/iiab/iiab/wiki/IIAB-Architecture (offline at http://box/info/IIAB-Architecture.html) for more detailed information. From 2ce1414e4f12e8bb75d0edf236a5eb69ff0a983b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:07:25 -0400 Subject: [PATCH 106/393] Update README.rst --- roles/3-base-server/README.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/3-base-server/README.rst b/roles/3-base-server/README.rst index 366e5a9e8..e3f2ab091 100644 --- a/roles/3-base-server/README.rst +++ b/roles/3-base-server/README.rst @@ -6,7 +6,6 @@ This role is a place to aggregate roles that are required to create a basic web The functionality here is not packages that are not directly consumed by users, which are in common, nor specific applications, such as those found in the apps and tools roles. -The difference between this aggregate and server-options is that the roles here are required. +The difference between this aggregate (3-base-server) and 4-server-options is that the roles here are required. Eventually a graphical configuration console will be added here. - From 5ffe093d0d6c9667f2a075b8b0a2cc03f3f47c3a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:12:04 -0400 Subject: [PATCH 110/393] Update README.rst --- roles/1-prep/README.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/README.rst b/roles/1-prep/README.rst index 660c800d3..00fef1be7 100644 --- a/roles/1-prep/README.rst +++ b/roles/1-prep/README.rst @@ -2,5 +2,6 @@ Prep README =========== -This role is a sort on init or startup. It includes preliminaries like hostname and is where things -that are specific to a particular platform, such as the XO, are done before the bulk of the install. +This role is primarily hardware-focused, prior to OS additions/mods. Traditionally it included +preliminaries like hostname and things specific to a particular platform, such as the XO laptop, +done before the bulk of the install. From 8f75d24dfa1fe0c811c0001ce2c2f675c162b7b3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:37:42 -0400 Subject: [PATCH 111/393] Update enable_services.yml --- roles/network/tasks/enable_services.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 60dc795af..623ede0e9 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -19,7 +19,7 @@ - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' } when: dhcpd_enabled -- name: Copy named file +- name: Copy named file template: src={{ item.src }} dest={{ item.dest }} owner=root From 3196b933ff0a4f5e2e50e9c12fb9665aaba7dd3c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 02:43:56 -0400 Subject: [PATCH 112/393] Update main.yml --- roles/cups/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 61abe61a5..012aa3685 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -31,7 +31,7 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable services for cups for xo's +- name: Enable services for cups for XO laptops service: name=cups state=started enabled=yes @@ -50,7 +50,7 @@ - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for cups for xo's +- name: Disable services for cups for XO laptops service: name=cups state=stopped enabled=no From 3c6d31b22f26506c2f1142297af0e68b59ef62b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 03:27:28 -0400 Subject: [PATCH 113/393] Update detected_network.yml --- roles/network/tasks/detected_network.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index e38409257..0676934b6 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -84,7 +84,7 @@ when: blacklist_wifi is defined and discovered_wireless_iface != iiab_wan_iface and num_wifi_interfaces >= "2" # LAN - pick non WAN's -- name: Create list of LAN (non wan) ifaces +- name: Create list of LAN (non wan) ifaces shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} register: lan_list_result ignore_errors: True From 066c0c09c5a038199fa3ef75fcbc6378dd4b8abe Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 03:51:56 -0400 Subject: [PATCH 114/393] Update main.yml --- roles/awstats/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/awstats/tasks/main.yml b/roles/awstats/tasks/main.yml index 7326d9670..f1feed18c 100644 --- a/roles/awstats/tasks/main.yml +++ b/roles/awstats/tasks/main.yml @@ -1,7 +1,7 @@ - include: install.yml when: awstats_install -- name: Add awstats to service list +- name: Add AWStats to service list ini_file: dest='{{ service_filelist }}' section=awstats option='{{ item.option }}' @@ -10,7 +10,7 @@ - option: name value: awstats - option: description - value: '"Awstats is Advanced Web Statistics package written in perl which generates static or dynamic html summaries based upon web server logs"' + value: '"AWStats is Advanced Web Statistics package written in Perl which generates static or dynamic html summaries based upon web server logs"' - option: installed value: "{{ awstats_install }}" - option: enabled From 77b3c9dd02c7124cb13873dc3b130f4ea6f4a960 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 03:55:12 -0400 Subject: [PATCH 115/393] Awstats -> AWStats --- roles/awstats/tasks/install.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index 6610d9dc2..0e10e5c33 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Install awstats package +- name: Install AWStats package package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Install awstats package +- name: Install AWStats package package: name={{ item }} state=present with_items: @@ -22,7 +22,7 @@ command: a2enmod cgi when: is_debuntu -- name: Create directory for awstat to use as intermediate summary storage +- name: Create directory for AWStats to use as intermediate summary storage file: path={{ item }} mode=0750 owner={{ apache_user }} @@ -33,7 +33,7 @@ - "{{ awstats_data_dir }}" - "{{ apache_log_dir }}" -- name: Install the Apache config for Advanced Web Statistics +- name: Install the Apache config for AWStats template: src=apache.conf dest=/etc/{{ apache_config_dir }}/awstats.conf owner=root @@ -41,7 +41,7 @@ mode=0644 when: awstats_enabled and is_debuntu -- name: Install the Apache config for Advanced Web Statistics +- name: Install the Apache config for AWStats template: src=apache-awstats.conf dest=/etc/{{ apache_config_dir }}/awstats.conf owner=root @@ -63,18 +63,18 @@ command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist when: awstats.stat.islnk is defined and not awstats.stat.islnk -- name: Enable Awstats +- name: Enable AWStats file: src=/etc/apache2/sites-available/awstats.conf path=/etc/apache2/sites-enabled/awstats.conf state=link when: awstats_enabled and is_debuntu -- name: Disable Awstats +- name: Disable AWStats file: path=/etc/apache2/sites-enabled/awstats.conf state=absent when: not awstats_enabled and is_debuntu -- name: Install the awstats config for Advanced Web Statistics +- name: Install the AWStats config template: src=awstats.schoolserver.conf.j2 dest=/etc/awstats/awstats.schoolserver.conf owner=root @@ -82,16 +82,16 @@ mode=0644 when: awstats_enabled -- name: Create a symbolic link to use when access is by ip address +- name: Create a symbolic link to use when access is by IP address file: src=/etc/awstats/awstats.schoolserver.conf dest=/etc/awstats/awstats.conf state=link when: awstats_enabled -- name: On first enabling of awstats, summarize httpd logs up to now +- name: On first enabling of AWStats, summarize httpd logs up to now shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update when: awstats_enabled and not is_debuntu -- name: On first enabling of awstats, summarize httpd logs up to now +- name: On first enabling of AWStats, summarize httpd logs up to now shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update when: awstats_enabled and is_debuntu From b18a2df1f04fd9d20d77c722bd5d975839bb312e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 04:20:53 -0400 Subject: [PATCH 116/393] Update computed_vars.yml --- roles/1-prep/tasks/computed_vars.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 964f0b723..ae53e7970 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -9,7 +9,7 @@ xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}' phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}' -- name: Set exFAT enabled for XOs +- name: Set exFAT enabled for XO laptops set_fact: exFAT_enabled: True when: xo_model != "none" @@ -88,7 +88,7 @@ gui_port: 443 when: adm_cons_force_ssl -- name: Turn on mysql if elgg or rachel enabled +- name: Require MySQL to be on set_fact: mysql_install: True mysql_enabled: True @@ -104,13 +104,13 @@ # when: sugarizer_enabled # There might be other db's -- name: Turn on postgresql if moodle or pathagar enabled +- name: Turn on PostgreSQL if Moodle or Pathagar enabled set_fact: postgresql_install: True postgresql_enabled: True when: moodle_enabled or pathagar_enabled -- name: Turn on docker if schooltool is to be installed +- name: Turn on Docker if SchoolTool is to be installed set_fact: docker_install: True docker_enabled: True @@ -130,18 +130,18 @@ # but 'mariadb', which is its real name can # on fedora 18 we need to use 'mysqld' -- name: Set mysqld service name to mariadb by default +- name: Set mysqld_service to mariadb by default set_fact: mysql_service: mariadb -- name: Set mysqld service name to mysqld for fedora 18 +- name: Set mysqld_service to mysqld for Fedora 18 set_fact: mysql_service: mysqld no_NM_reload: True is_F18: True when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" -- name: Set mysql service name to mysql for debian +- name: Set mysql_service to mysql for Debian set_fact: mysql_service: mysql when: is_debuntu From ab79c36f4a1a864508ef4f49fe6ba9965d1c7672 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 05:31:32 -0400 Subject: [PATCH 117/393] ordered correctly, per tasks/main.yml across Ansible's 9 stages --- vars/default_vars.yml | 375 +++++++++++++++++++++--------------------- 1 file changed, 192 insertions(+), 183 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index aa9b22acd..fba8c450c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -38,16 +38,17 @@ language_priority: en es # Time Zone (php needs timezone to be set) local_tz: "{{ ansible_date_time.tz }}" -# Network Parameters +# Read https://github.com/iiab/iiab/wiki/IIAB-Networking +# Also readable offline @ http://box/info/IIAB-Networking.html + +# NETWORK PARAMETERS FOLLOW ACROSS THE NEXT 60 LINES, as enabled by Ansible's +# NETWORK role (/opt/iiab/iiab/roles/network/*) in 4-SERVER-OPTIONS. iiab_hostname: box iiab_domain: lan lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 -# Read https://github.com/iiab/iiab/wiki/IIAB-Networking -# Also readable offline @ http://box/info/IIAB-Networking.html - # Gateway mode iiab_lan_enabled: True iiab_wan_enabled: True @@ -66,33 +67,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -# Intended for developers -exFAT_enabled: False -user_wan_iface: auto -user_lan_iface: auto -wan_ip: dhcp -wan_netmask: -wan_gateway: -wan_nameserver: -#only change these if you know what you are doing - -# Parameters by Aggregate Roles -# Each Role must have the following variables which are either True or False: -# _install -# _enabled - -# Our current convention is to install everything in all aggregates -# And to enable everything in 1-PREP, 2-COMMON, and 3-BASE - -# 1-PREP - -# 2-COMMON - -# 3-BASE-SERVER - -# Apache -allow_apache_sudo: False - # dhcpd dhcpd_install: True dhcpd_enabled: False @@ -120,17 +94,51 @@ gw_squid_whitelist: False gw_block_https: False iiab_gateway_enabled: True -# Home page -# Default to the gui where the selection is made or override in local_vars.yml -iiab_home_url: /home +# Intended for developers +user_wan_iface: auto +user_lan_iface: auto +wan_ip: dhcp +wan_netmask: +wan_gateway: +wan_nameserver: +exFAT_enabled: False +#only change these if you know what you are doing -# You can change iiab_home_url in local_vars.yml in order to get a different home page. -# For example one of the following: (assuming they are enabled) +# Parameters by Aggregate Roles +# Each Role must have the following variables which are either True or False: +# _install +# _enabled -# iiab_home_url: /home -# iiab_home_url: /xs-portal - the alternate home page -# iiab_home_url: /wordpress -# iiab_home_url: /wiki - either dokuwiki or mediawiki +# Our current convention is to install everything in all aggregates +# And to enable everything in 1-PREP, 2-COMMON, and 3-BASE-SERVER + +# 1-PREP + +# Docker (lesser-supported) +docker_install: False +docker_enabled: False + +# 2-COMMON + +# 3-BASE-SERVER + +# Needed if you want http://box/common/services/power_off.php to work +allow_apache_sudo: False + +# HTTPD role runs here. + +# IIAB-ADMIN role runs here. + +# MySQL - SEE roles/1-prep/tasks/computed_vars.yml for de facto defaults +mysql_install: True +mysql_enabled: True +# password is fixmysql +# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 +mysql_root_password: fixmysql + +# PostgreSQL +postgresql_install: False +postgresql_enabled: False # 4-SERVER-OPTIONS @@ -144,43 +152,52 @@ openvpn_cron_enabled: False openvpn_install: True openvpn_enabled: False -# Samba. Take a security audit seriously before deploying this. -samba_install: False -samba_enabled: False +# NETWORK role runs here. -# PostgreSQL -postgresql_install: False -postgresql_enabled: False +# Homepage +# Default to the gui where the selection is made or override in local_vars.yml +iiab_home_url: /home + +# You can change iiab_home_url in local_vars.yml in order to get a different home page. +# For example one of the following: (assuming they are enabled) + +# iiab_home_url: /home +# iiab_home_url: /xs-portal - the alternate homepage +# iiab_home_url: /wordpress +# iiab_home_url: /wiki - either dokuwiki or mediawiki # authserver authserver_install: False authserver_enabled: False +# Common UNIX Printing System (CUPS) +cups_install: True +cups_enabled: False + +# Samba. Take a security audit seriously before deploying this. +samba_install: False +samba_enabled: False + # usb-lib usb_lib_install: True usb_lib_enabled: True -# Docker -docker_install: False -docker_enabled: False - -# Common UNIX Printing System -cups_install: True -cups_enabled: False +# Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) +nodocs: False # 5-XO-SERVICES -# Lesser-supported XO services need additional testing. Please uncomment -# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact +# Lesser-supported XO services need additional testing. Please contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. xo_services_install: False xo_services_enabled: False -# ejabberd -ejabberd_install: False -ejabberd_enabled: False +# activity-server +activity_server_install: False +activity_server_enabled: False +# ejabberd-xs ejabberd_xs_install: False ejabberd_xs_enabled: False @@ -188,9 +205,113 @@ ejabberd_xs_enabled: False idmgr_install: False idmgr_enables: False -# activity-server -activity_server_install: False -activity_server_enabled: False +# 6-GENERIC-APPS + +# Calibre +calibre_install: True +calibre_enabled: False +calibre_port: 8080 + +# DokuWiki +dokuwiki_install: False +dokuwiki_enabled: False + +# Elgg +elgg_install: True +elgg_enabled: False +# elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 +elgg_mysql_password: elgg4kids + +# ejabberd +ejabberd_install: False +ejabberd_enabled: False + +# Nextcloud +nextcloud_install: True +nextcloud_enabled: False + +# ownCloud +owncloud_install: False +owncloud_enabled: False + +# WordPress +wordpress_install: True +wordpress_enabled: False + +# 7-EDU-APPS + +# KA Lite +kalite_install: True +kalite_root: "/library/ka-lite" +kalite_user: kalite +kalite_password_hash: $6$$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/ +kalite_password: kalite +kalite_server_name: kalite +kalite_server_port: 8008 +kalite_enabled: False +kalite_cron_enabled: False + +# Kiwix +kiwix_install: True +kiwix_enabled: True +kiwix_port: 3000 +iiab_zim_path: /library/zims + +# Moodle +moodle_install: False +moodle_enabled: False + +# OpenStreetMap (OSM) +osm_install: True +osm_enabled: False +# changed in June 2017 from: +# iiab_install: True +# iiab_enabled: False + +# Pathagar - similar to Calibre, but unmaintained +pathagar_install: False +pathagar_enabled: False + +# Sugarizer +sugarizer_install: True +sugarizer_enabled: False + +# 8-MGMT-TOOLS + +# AWStats -- sumarizes http access logs +awstats_install: True +awstats_enabled: False + +# Monit +monit_install: False +monit_enabled: False +watchdog: + - sshd + - idmgr + - ejabberd + - httpd + - postgresql + - squid + +# Munin +munin_install: True +munin_enabled: False + +# Handy for maintaining tables, but DANGEROUS if not locked down +phpmyadmin_install: False +phpmyadmin_enabled: False + +# sugar-stats +sugar_stats_install: False +sugar_stats_enabled: False + +# TeamViewer - unmaintained (better to install from http://teamviewer.com) +teamviewer_install: False +teamviewer_enabled: False + +# vnStat +vnstat_install: True +vnstat_enabled: False # XOVis xovis_install: False @@ -206,134 +327,22 @@ xovis_root: "/opt/xovis" xovis_backup_dir: "/library/users" xovis_chart_heading: "My School: Usage Data Visualization" -# sugar-stats -sugar_stats_install: False -sugar_stats_enabled: False - -# 6-GENERIC-APPS - -# MySQL -mysql_install: True -mysql_enabled: False -# password is fixmysql -# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 -mysql_root_password: fixmysql - -# Handy for maintaining tables, but DANGEROUS if not locked down -phpmyadmin_install: False -phpmyadmin_enabled: False - -# Elgg -elgg_install: True -elgg_enabled: False -# elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 -elgg_mysql_password: elgg4kids - -# OwnCloud -owncloud_install: False -owncloud_enabled: False - -# Nextcloud -nextcloud_install: True -nextcloud_enabled: False - -# WordPress -wordpress_install: True -wordpress_enabled: False - -# DokuWiki -dokuwiki_install: False -dokuwiki_enabled: False - -# 7-EDU-APPS - -# Moodle -moodle_install: False -moodle_enabled: False - -# Internet-in-a-Box -#iiab_install: True -#iiab_enabled: False -# above 2 variables changed in June 2017 to: -osm_install: True -osm_enabled: False - -# Pathagar -pathagar_install: False -pathagar_enabled: False - -# Calibre -calibre_install: True -calibre_enabled: False -calibre_port: 8080 - -# RACHEL -rachel_install: False -rachel_enabled: False -rachel_content_found: False -#rachel_url: /rachel -rachel_doc_root: "{{ doc_root }}/modules" - -# Kiwix-serve -kiwix_install: True -kiwix_enabled: True -kiwix_port: 3000 -iiab_zim_path: /library/zims - -# KA Lite -kalite_install: True -kalite_root: "/library/ka-lite" -kalite_user: kalite -kalite_password_hash: $6$$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/ -kalite_password: kalite -kalite_server_name: kalite -kalite_server_port: 8008 -kalite_enabled: False -kalite_cron_enabled: False - -# Sugarizer -sugarizer_install: True -sugarizer_enabled: False - -# 8-MGMT-TOOLS - -# Munin -munin_install: True -munin_enabled: False - -# Monit -monit_install: False -monit_enabled: False -watchdog: - - sshd - - idmgr - - ejabberd - - httpd - - postgresql - - squid - -# vnStat -vnstat_install: True -vnstat_enabled: False - -# AWStats -- sumarizes http access logs -awstats_install: True -awstats_enabled: False - -# SchoolTool -schooltool_install: False -schooltool_enabled: False +# ================================================================ # Ajenti - unmaintained # ajenti_install: False # ajenti_enabled: False -# TeamViewer - unmaintained (better to install from http://teamviewer.com) -teamviewer_install: False -teamviewer_enabled: False +# RACHEL - no longer in use +# rachel_install: False +# rachel_enabled: False +# rachel_content_found: False +# #rachel_url: /rachel +# rachel_doc_root: "{{ doc_root }}/modules" -# Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) -nodocs: False +# SchoolTool - unmaintained +# schooltool_install: False +# schooltool_enabled: False # ================================================================ # Platforms - turn all off and let .yml turn on as appropriate From a0d8c2682f08d139e503887b731b06f5f10fa354 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 05:41:17 -0400 Subject: [PATCH 118/393] Update default_vars.yml --- vars/default_vars.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index fba8c450c..d874f4c2b 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -109,7 +109,7 @@ exFAT_enabled: False # _install # _enabled -# Our current convention is to install everything in all aggregates +# Our past convention was to install everything in all aggregates # And to enable everything in 1-PREP, 2-COMMON, and 3-BASE-SERVER # 1-PREP @@ -155,14 +155,13 @@ openvpn_enabled: False # NETWORK role runs here. # Homepage -# Default to the gui where the selection is made or override in local_vars.yml +# Default to the GUI where the selection is made or override in local_vars.yml iiab_home_url: /home -# You can change iiab_home_url in local_vars.yml in order to get a different home page. -# For example one of the following: (assuming they are enabled) +# You can change iiab_home_url in local_vars.yml in order to get a different +# homepage. For example one of the following: (assuming they are enabled) # iiab_home_url: /home -# iiab_home_url: /xs-portal - the alternate homepage # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki From 7aafaadfd26f48e73f0f2903e61eb6ff0ae50b70 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 05:45:34 -0400 Subject: [PATCH 119/393] Update default_vars.yml --- vars/default_vars.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index d874f4c2b..97b731802 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -118,6 +118,10 @@ exFAT_enabled: False docker_install: False docker_enabled: False +# SchoolTool - unmaintained +schooltool_install: False +schooltool_enabled: False + # 2-COMMON # 3-BASE-SERVER @@ -339,10 +343,6 @@ xovis_chart_heading: "My School: Usage Data Visualization" # #rachel_url: /rachel # rachel_doc_root: "{{ doc_root }}/modules" -# SchoolTool - unmaintained -# schooltool_install: False -# schooltool_enabled: False - # ================================================================ # Platforms - turn all off and let .yml turn on as appropriate From ccadf7090df417f9a1527055c570a054465eda9e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 06:16:11 -0400 Subject: [PATCH 120/393] Update default_vars.yml --- vars/default_vars.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 97b731802..2b2f78a2f 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -76,14 +76,14 @@ named_install: True named_enabled: True block_DNS: False -# DansGuardian -dansguardian_install: False -dansguardian_enabled: False - # Squid squid_install: False squid_enabled: False +# DansGuardian +dansguardian_install: False +dansguardian_enabled: False + # Wonder Shaper # Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 wondershaper_install: False From 8184ec3baebc65b61a84e7a973e463065b2a94c4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:15:49 -0400 Subject: [PATCH 121/393] Update default_vars.yml --- vars/default_vars.yml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 2b2f78a2f..4d610239c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -49,14 +49,6 @@ iiab_domain: lan lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 -# Gateway mode -iiab_lan_enabled: True -iiab_wan_enabled: True -ssh_port: 22 -gui_wan: True -adm_cons_force_ssl: False -adm_cons_allow_downloads: False - # Internal Wi-Fi Access Point # Values are used if there is an internal Wi-Fi adapter and hostapd is enabled # The platform variable adapts install to specific hardware (raspberry pi=rpi2) @@ -67,6 +59,19 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme +# Gateway mode +iiab_lan_enabled: True +iiab_wan_enabled: True +ssh_port: 22 +gui_wan: True +adm_cons_force_ssl: False +adm_cons_allow_downloads: False + +# Gateway and Filters +iiab_gateway_enabled: True +gw_squid_whitelist: False +gw_block_https: False + # dhcpd dhcpd_install: True dhcpd_enabled: False @@ -89,11 +94,6 @@ dansguardian_enabled: False wondershaper_install: False wondershaper_enabled: False -# Gateway and Filters -gw_squid_whitelist: False -gw_block_https: False -iiab_gateway_enabled: True - # Intended for developers user_wan_iface: auto user_lan_iface: auto @@ -304,7 +304,7 @@ munin_enabled: False phpmyadmin_install: False phpmyadmin_enabled: False -# sugar-stats +# sugar-stats - unmaintained sugar_stats_install: False sugar_stats_enabled: False @@ -316,7 +316,7 @@ teamviewer_enabled: False vnstat_install: True vnstat_enabled: False -# XOVis +# XOVis - unmaintained xovis_install: False xovis_enabled: False xovis_target_host: "127.0.0.1:5984" From 7709c2513a88d434358fc72b1f06b285c2894ce0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:18:38 -0400 Subject: [PATCH 122/393] grab latest local_var.yml community norms from http://wiki.laptop.org/go/IIAB/local_vars.yml --- vars/medium.localvars | 118 +++++++++++++++++++++++------------------- 1 file changed, 65 insertions(+), 53 deletions(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 8c6459e6e..3f2d9fd21 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -14,6 +14,7 @@ iiab_admin_user: iiab-admin iiab_hostname: box iiab_domain: lan +# Set to /home or /wordpress or /wiki (for DokuWiki or MediaWiki) iiab_home_url: /home host_ssid: "Internet in a Box" host_wifi_mode: g @@ -34,18 +35,20 @@ iiab_gateway_enabled: False # Make this False to disable http://box/common/services/power_off.php button: allow_apache_sudo: True -# 3-BASE-SERVER - squid_install: False squid_enabled: False dansguardian_install: False dansguardian_enabled: False -# Unmaintained +# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 # wondershaper_install: False # wondershaper_enabled: False +# 3-BASE-SERVER + +# MySQL & PostgreSQL are auto-installed around here as necessary. + # 4-SERVER-OPTIONS # SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security @@ -55,6 +58,10 @@ openvpn_enabled: False # openvpn_cron_enabled: True # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" +# Unmaintained +# authserver_install: False +# authserver_enabled: False + # Common UNIX Printing System cups_install: True cups_enabled: False @@ -63,18 +70,13 @@ cups_enabled: False samba_install: False samba_enabled: False -# Handy for maintaining tables, but DANGEROUS if not locked down -phpmyadmin_install: False -phpmyadmin_enabled: False - # 5-XO-SERVICES -# Lesser-supported XO services need additional testing. Please uncomment -# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact +# Lesser-supported XO services need additional testing. Please contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. -# authserver_install: False -# authserver_enabled: False +# xo_services_install: False +# xo_services_enabled: False # activity_server_install: False # activity_server_enabled: False @@ -83,44 +85,51 @@ phpmyadmin_enabled: False # idmgr_install: False # idmgr_enabled: False -# ejabberd_install: False -# ejabberd_enabled: False - -# xo_services_install: False -# xo_services_enabled: False - -# sugar_stats_install: False -# sugar_stats_enabled: False - -# xovis_install: False -# xovis_enabled: False +# ejabberd_xs_install: False +# ejabberd_xs_enabled: False # 6-GENERIC-APPS +calibre_install: True +calibre_enabled: True +# Change calibre_port to 8010 if you're using XO laptops needing above idmgr +calibre_port: 8080 + +dokuwiki_install: False +dokuwiki_enabled: False + +elgg_install: True +elgg_enabled: True + +ejabberd_install: False +ejabberd_enabled: False + nextcloud_install: True nextcloud_enabled: True wordpress_install: True wordpress_enabled: True -elgg_install: True -elgg_enabled: True - -dokuwiki_install: False -dokuwiki_enabled: False - # 7-EDU-APPS +kalite_install: True +kalite_enabled: True +kalite_cron_enabled: True + +kiwix_install: True +kiwix_enabled: True + +# Warning: Moodle is a serious LMS, that takes a while to install +moodle_install: False +moodle_enabled: False + # OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 osm_install: True osm_enabled: True -kiwix_install: True -kiwix_enabled: True - -kalite_install: True -kalite_enabled: True -kalite_cron_enabled: True +# Similar to Calibre, but unmaintained +pathagar_install: False +pathagar_enabled: False # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 sugarizer_install: True @@ -129,33 +138,36 @@ sugarizer_enabled: True # https://github.com/iiab/iiab/issues/193 Subsequent "./runtags sugarizer" fail # https://github.com/iiab/iiab/issues/240 Sugarizer 0.8 to 0.9 ongoing issues -calibre_install: True -calibre_enabled: True -# Change calibre_port to 8010 if you're using XO laptops needing above idmgr -calibre_port: 8080 - -# Similar to Calibre, but unmaintained -pathagar_install: False -pathagar_enabled: False - -# Warning: Moodle is a serious LMS, that takes a while to install -moodle_install: False -moodle_enabled: False - # 8-MGMT-TOOLS -munin_install: True -munin_enabled: True - -vnstat_install: True -vnstat_enabled: True - awstats_install: True awstats_enabled: True monit_install: False monit_enabled: False +munin_install: True +munin_enabled: True + +# Handy for maintaining tables, but DANGEROUS if not locked down +phpmyadmin_install: False +phpmyadmin_enabled: False + +# Unmaintained (better to install from http://teamviewer.com) +teamviewer_install: False +teamviewer_enabled: False + +vnstat_install: True +vnstat_enabled: True + +# Unmaintained +# sugar_stats_install: False +# sugar_stats_enabled: False + +# Unmaintained +# xovis_install: False +# xovis_enabled: False + # Unmaintained # schooltool_install: False # schooltool_enabled: False From 64c2dc1faa9b76f742fe16f1528ec4b78fc050dc Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:26:49 -0400 Subject: [PATCH 123/393] Update main.yml --- roles/0-init/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index dd972fe09..31e8e2054 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -19,5 +19,5 @@ # Now load the computed vars - include: roles/1-prep/tasks/computed_vars.yml -- name: ...WAS COMPLETED =========================================== +- name: ...HAS COMPLETED =========================================== command: echo From 3f0cae31d664eafbd07ed1e3cdc2c98d03e3301a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:27:04 -0400 Subject: [PATCH 124/393] Update main.yml --- roles/1-prep/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 6388a65a1..c64beaad4 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -88,5 +88,5 @@ url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 -- name: ...WAS COMPLETED =========================================== +- name: ...HAS COMPLETED =========================================== command: echo From 8de05f1f9fe78f08d60a1d18f1cea078883487bf Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:27:45 -0400 Subject: [PATCH 125/393] Update main.yml --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 2b5d6a352..33e821ef6 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -48,5 +48,5 @@ - include: udev.yml -- name: ...WAS COMPLETED ========================================= +- name: ...HAS COMPLETED ========================================= command: echo From ced8d1dd18e3abfc651217e81e1c6267b0e2b936 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:28:02 -0400 Subject: [PATCH 126/393] Update main.yml --- roles/3-base-server/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 6024555bc..279322513 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -34,5 +34,5 @@ # line='BASE_VERSION="{{ gui_version }}"' # state=present -- name: ...WAS COMPLETED ==================================== +- name: ...HAS COMPLETED ==================================== command: echo From b5cbfa619c2bea2c6651199650457453292ffc78 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:28:38 -0400 Subject: [PATCH 127/393] Update main.yml --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 340e103f5..01684d2b7 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -67,5 +67,5 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: ...WAS COMPLETED ================================= +- name: ...HAS COMPLETED ================================= command: echo From b67e29c2b4ee9f2511f51c23ea440f440061bd1e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:29:12 -0400 Subject: [PATCH 128/393] Update main.yml --- roles/5-xo-services/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 6769f69ca..2ee59d9e0 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -21,5 +21,5 @@ when: idmgr_install tags: olpc, idmgr -- name: ...WAS COMPLETED ==================================== +- name: ...HAS COMPLETED ==================================== command: echo From aad9d297ae915b5862953adadb8e1e4799a5c8d5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:29:31 -0400 Subject: [PATCH 129/393] Update main.yml --- roles/6-generic-apps/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 07bbd4762..6b4deeb49 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -45,5 +45,5 @@ when: wordpress_install tags: wordpress -- name: ...WAS COMPLETED =================================== +- name: ...HAS COMPLETED =================================== command: echo From 5c76060e8403d1994f4a8698ae753488d96f2c13 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:29:43 -0400 Subject: [PATCH 130/393] Update main.yml --- roles/7-edu-apps/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index 34bc371c2..d484570b1 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -39,5 +39,5 @@ when: sugarizer_install tags: sugarizer -- name: ...WAS COMPLETED ======================================= +- name: ...HAS COMPLETED ======================================= command: echo From 01782af67c9fa5ef78c20650f9b528e6557b1ad7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:30:03 -0400 Subject: [PATCH 131/393] Update main.yml --- roles/8-mgmt-tools/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index eadc6283f..01920102d 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -51,5 +51,5 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: ...WAS COMPLETED ===================================== +- name: ...HAS COMPLETED ===================================== command: echo From 7d6a249a63ba5f2372723d8199c7a2ced969b9dc Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:30:20 -0400 Subject: [PATCH 132/393] Update main.yml --- roles/9-local-addons/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 31f166b3f..197bb3366 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -3,5 +3,5 @@ - name: ...IS BEGINNING ==================================== command: echo -- name: ...WAS COMPLETED =================================== +- name: ...HAS COMPLETED =================================== command: echo From 82bd0d346a6da93fb88381b0208c4fc8130eeb07 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 07:51:43 -0400 Subject: [PATCH 133/393] rename IIAB -> OSM here --- roles/osm/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index e71dbda79..de2ef415f 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install IIAB required packages +- name: Install OSM required packages package: name={{ item }} state=present with_items: @@ -9,7 +9,7 @@ - libapache2-mod-xsendfile when: is_debuntu -- name: Install IIAB required packages +- name: Install OSM required packages package: name={{ item }} state=present with_items: @@ -21,7 +21,7 @@ - mod_xsendfile when: not is_debuntu -# IIAB wants a specific version do that first +# OSM wants a specific version do that first - name: Install Whoosh 2.6 pip: name=whoosh virtualenv={{ osm_venv }} @@ -30,7 +30,7 @@ extra_args="--no-cache-dir" when: internet_available and is_debuntu -- name: Install IIAB with dependencies +- name: Install OSM with dependencies pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no @@ -41,7 +41,7 @@ - Internet-in-a-Box when: internet_available and is_debuntu -# IIAB wants a specific version do that first +# OSM wants a specific version do that first - name: Install Whoosh 2.6 pip: name=whoosh virtualenv={{ osm_venv }} @@ -50,7 +50,7 @@ # extra_args="--no-cache-dir" when: internet_available and not is_debuntu -- name: Install IIAB with dependencies +- name: Install OSM with dependencies pip: name={{ item }} virtualenv={{ osm_venv }} virtualenv_site_packages=no @@ -77,7 +77,7 @@ line="path_to_virtualenv = '/usr/local/osm'" state=present -- name: All - Copy IIAB config file +- name: All - Copy OSM config file template: backup=no src=osm.conf.j2 dest=/etc/{{ apache_config_dir }}/osm.conf @@ -137,7 +137,7 @@ service: name={{ apache_service }} state=restarted -- name: add osm to service list +- name: Add OSM to service list ini_file: dest='{{ service_filelist }}' section=osm option='{{ item.option }}' From 0d2d29b3863a5da61a30cd85af86e2067247e5e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 08:18:26 -0400 Subject: [PATCH 134/393] clean up OpenVPN messaging --- roles/openvpn/tasks/main.yml | 51 ++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 8f974abbf..d0b45f685 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install openvpn packages +- name: Install OpenVPN packages package: name={{ item }} state=present with_items: @@ -27,7 +27,7 @@ file: path=/usr/lib/iiab state=directory -- name: Configure openvpn +- name: Configure OpenVPN template: src={{ item.src }} dest={{ item.dest }} owner={{ item.owner }} @@ -49,59 +49,60 @@ - { src: 'iiab-remote-on', dest: '/usr/bin/iiab-remote-on', owner: "root" , mode: '0755' } - { src: 'iiab-remote-off', dest: '/usr/bin/iiab-remote-off', owner: "root" , mode: '0755' } -- name: put up_wan in place for debian +- name: Put up_wan in place for Debian template: src=up_wan dest=/usr/lib/iiab/up_wan when: is_debuntu -- name: put dispatcher up for NM +- name: Put dispatcher up for NM template: src=15-openvpn dest=/etc/NetworkManager/dispatcher.d/ when: not is_debuntu -- name: check for manually configured openvpn tunnel +- name: Check for manually configured OpenVPN tunnel stat: path=/etc/openvpn/iiab-vpn.conf register: stat + # note that ansible does not currently handle @ in a service name -- name: enable the openvpn tunnel at boot time +- name: Enable the OpenVPN tunnel at boot time shell: systemctl enable openvpn@xscenet.service when: openvpn_enabled and not stat.exists is defined and is_debuntu -- name: enable the openvpn tunnel at boot time for Debian +- name: Enable the OpenVPN tunnel at boot time for Debian shell: update-rc.d openvpn enable when: openvpn_enabled and not stat.exists is defined and is_debuntu -- name: start the openvpn tunnel now +- name: Start the OpenVPN tunnel now shell: systemctl start openvpn@xscenet.service when: openvpn_enabled and not stat.exists is defined and not installing -- name: make openvpn connection automatic + +- name: Make OpenVPN connection automatic lineinfile: dest=/etc/crontab line="25 * * * * root (/usr/bin/systemctl start openvpn@xscenet.service) > /dev/null" - when: - openvpn_enabled and openvpn_cron_enabled and not stat.exists is defined + when: openvpn_enabled and openvpn_cron_enabled and not stat.exists is defined -- name: make openvpn connection manual +- name: Make OpenVPN connection manual lineinfile: dest=/etc/crontab regexp=".*/usr/bin/systemctl*" state=absent - when: - not openvpn_enabled or not openvpn_cron_enabled + when: not openvpn_enabled or not openvpn_cron_enabled -- name: stop starting the openvpn tunnel at boot time - shell: systemctl disable openvpn@xscenet.service - when: not openvpn_enabled and not is_debuntu +- name: Stop starting the OpenVPN tunnel at boot time + shell: systemctl disable openvpn@xscenet.service + when: not openvpn_enabled and not is_debuntu -- name: stop starting the openvpn tunnel at boot time for Debian - shell: update-rc.d openvpn disable - when: not openvpn_enabled and is_debuntu +- name: Stop starting the OpenVPN tunnel at boot time for Debian + shell: update-rc.d openvpn disable + when: not openvpn_enabled and is_debuntu -- name: stop openvpn tunnel immediately - shell: systemctl stop openvpn@xscenet.service +- name: Stop OpenVPN tunnel immediately + shell: systemctl stop openvpn@xscenet.service ignore_errors: True - when: not openvpn_enabled and not installing + when: not openvpn_enabled and not installing -- name: Add openvpn to service list + +- name: Add OpenVPN to service list ini_file: dest='{{ service_filelist }}' section=openvpn option='{{ item.option }}' @@ -110,7 +111,7 @@ - option: name value: "openvpn" - option: description - value: '"Openvpn is a means of Contacting a server anywhere on the internet via a middleman server"' + value: '"OpenVPN is a means of connecting to a server anywhere on the internet via a middleman server"' - option: middleman_url value: "{{ vpn_presence }}" - option: port From 1bd1fbda8febdf433c29168a8ed34f2f4f6012c1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:16:55 -0400 Subject: [PATCH 135/393] cleaner Ansible messaging --- roles/1-prep/tasks/main.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index c64beaad4..e6e2b382a 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -3,12 +3,12 @@ - name: ...IS BEGINNING ============================================ command: echo -- name: get the uuidgen program +- name: Get the uuidgen program package: name=uuid-runtime state=present when: is_debuntu -- name: Test for UUID file +- name: Test for /etc/iiab/uuid file stat: path=/etc/iiab/uuid register: uuid_file @@ -25,11 +25,11 @@ shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid when: not uuid_file.stat.exists -- name: get the uuid +- name: Get the uuid command: cat /etc/iiab/uuid register: stored_uuid -- name: get the value into a variable +- name: Get the value into a variable set_fact: uuid={{ stored_uuid.stdout_lines[0] }} @@ -48,26 +48,26 @@ dest=/etc/chrony.conf src=chrony.conf.j2 -- name: Disable apparmor -- on by default in ubuntu +- name: Disable AppArmor -- on by default in Ubuntu service: name=apparmor enabled=False state=stopped when: first_run and is_ubuntu ignore_errors: true -- name: Disable selinux on next boot +- name: Disable SELinux on next boot selinux: state=disabled register: selinux_disabled when: first_run and not is_debuntu -- name: Disable selinux for this session (if needed) +- name: Disable SELinux for this session (if needed) command: setenforce Permissive when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed ## DISCOVER PLATFORMS ###### -- name: Discover if this is a rpi -- assume if so it is running raspbian +- name: Discover if this is an rpi -- assume it is running Raspbian if so set_fact: rpi_model: "rpi" is_rpi: "True" - when: ansible_local.local_facts.os == "raspbian" + when: ansible_local.local_facts.os == "raspbian" ignore_errors: true - include: prep.yml @@ -77,13 +77,13 @@ - include: raspberry_pi_2.yml when: first_run and rpi_model != "none" -- name: Check if the identifier for intel's NUC6 builtin wifi is present +- name: Check if the identifier for Intel's NUC6 builtin WiFi is present shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'" register: usb_NUC6 ignore_errors: true when: first_run -- name: download the firmware for built in wifi on NUC6 +- name: Download the firmware for built-in WiFi on NUC6 get_url: dest=/lib/firmware url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 From 0b688550ea7329ff811aa0a31587073f0889d31a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:18:51 -0400 Subject: [PATCH 136/393] cleaner Ansible messaging --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 33e821ef6..bfb69887b 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -32,7 +32,7 @@ - sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present -- name: Set default Timezone +- name: Set default Time Zone shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime when: iiab_TZ is defined and iiab_TZ != "" From 87f55cd62883802acbee3cdac8d19ce6530df865 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:21:30 -0400 Subject: [PATCH 137/393] cleaner Ansible messaging --- roles/4-server-options/tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 01684d2b7..69173b017 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -51,7 +51,7 @@ when: usb_lib_install tags: usb-lib -# this script can be sourced to get iiab location +# this script can be sourced to get IIAB location - name: Create iiab.env file template: src=roles/1-prep/templates/iiab.env.j2 dest=/etc/iiab/iiab.env @@ -59,11 +59,11 @@ group=root mode=0644 -- name: put a python interface to iiab.env +- name: Put a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py -- name: generate the offline documents +- name: Generate the offline documents command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs From 011005d707f58ba998eecd71831730d16ed44a62 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:25:51 -0400 Subject: [PATCH 138/393] cleaner Ansible messaging --- roles/httpd/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 81c6498fc..2eb71b8ce 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -40,7 +40,7 @@ - download when: is_redhat -- name: remove the default apache2 config file +- name: Remove the default apache2 config file file: path=/etc/apache2/sites-enabled/000-default.conf src=/etc/apache2/sites-available/000-default.conf state=absent @@ -67,7 +67,7 @@ - mpm_event.load when: is_debuntu -- name: create symlinks for mpm-prefork +- name: Create symlinks for mpm-prefork file: path=/etc/apache2/mods-enabled/{{ item }} src=/etc/apache2/mods-available/{{ item }} state=link @@ -76,7 +76,7 @@ - mpm_prefork.load when: is_debuntu -- name: turn on mod_proxy +- name: Turn on mod_proxy command: a2enmod {{ item }} with_items: - proxy @@ -85,7 +85,7 @@ - rewrite when: is_debuntu -- name: create symlinks for enabling our site +- name: Create symlinks for enabling our site file: path=/etc/apache2/sites-enabled/{{ item }} src=/etc/apache2/sites-available/{{ item }} state=link @@ -105,7 +105,7 @@ group=root state=directory -- name: create admin group +- name: Create admin group group: name=admin state=present @@ -146,7 +146,7 @@ tags: - base -- name: place the script to generate homepages +- name: Place the script to generate homepages template: src=refresh-wiki-docs.sh dest=/usr/bin/iiab-refresh-wiki-docs mode=0755 From 08a9014598d67bb1ff0c6194cbe4d5a320c681e3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:27:19 -0400 Subject: [PATCH 139/393] cleaner Ansible messaging --- roles/iiab-admin/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index 25c384717..4541f4027 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -28,12 +28,12 @@ stat: path=/home/pi/.config/lxsession register: lx -- name: Do the same if running on raspbian +- name: Do the same if running on Raspbian template: src=lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/ when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu -- name: put a autostart line to check for default password in LXDE +- name: Put an autostart line to check for default password in LXDE lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh dest=/home/pi/.config/lxsession/LXDE-pi/autostart when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu From 2569968b294f22969ade49b932fd846f0122c244 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:31:12 -0400 Subject: [PATCH 140/393] cleaner Ansible messaging --- roles/iiab-admin/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/iiab-admin/README.rst b/roles/iiab-admin/README.rst index b39d4b729..01f202d6e 100644 --- a/roles/iiab-admin/README.rst +++ b/roles/iiab-admin/README.rst @@ -1,5 +1,5 @@ ================= -XSCE Admin README +IIAB Admin README ================= This role is home to a number of administrative playbooks. Those implemented are: @@ -22,4 +22,4 @@ Add Packages for Remote Access Admin Console ------------- -Has been moved to a separate git repo \ No newline at end of file +Has been moved to separate git repo: https://github.com/iiab/iiab-admin-console From e662025c4b1520bf7681420a321318e1b9122d06 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:33:32 -0400 Subject: [PATCH 141/393] cleaner Ansible messaging --- roles/network/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 20a94af78..0d8b2b8cc 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -80,7 +80,7 @@ tags: - network -- name: ask systemd to reread the unit files, picks up changes done +- name: Ask systemd to reread the unit files, picks up changes done shell: systemctl daemon-reload when: not installing @@ -99,7 +99,7 @@ - network when: is_debuntu and is_rpi and not installing -- name: Create iiab network flags +- name: Create IIAB network flags template: src=network/{{ item }}.j2 dest=/etc/sysconfig/{{ item }} mode=0644 From 504264a11fddb5d4f33388c72bbaa951df1b95c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:37:00 -0400 Subject: [PATCH 142/393] cleaner Ansible messaging --- roles/mysql/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 10b65e6b8..e4819172a 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -68,17 +68,17 @@ # 'localhost' needs to be the last item for idempotency, see # http://ansible.cc/docs/modules.html#mysql-user # unfortunately it still doesn't work - - name: update mysql root password for localhost root accounts + - name: Update MySQL root password for localhost root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: - localhost when: mysql_enabled - - name: copy .my.cnf file with root password credentials + - name: Copy .my.cnf file with root password credentials template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 when: mysql_enabled - - name: update mysql root password for all remaining root accounts + - name: Update mysql root password for all remaining root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: # - "{{ iiab_hostname }}.{{ iiab_domain }}" @@ -86,15 +86,15 @@ - ::1 when: mysql_enabled - - name: delete anonymous MySQL server user for {{ ansible_hostname }} + - name: Delete anonymous MySQL server user for {{ ansible_hostname }} mysql_user: user="" host="{{ ansible_hostname }}" state="absent" when: mysql_enabled - - name: delete anonymous MySQL server user for localhost + - name: Delete anonymous MySQL server user for localhost mysql_user: user="" state="absent" when: mysql_enabled - - name: remove the MySQL test database + - name: Remove the MySQL test database mysql_db: db=test state=absent when: mysql_enabled @@ -106,7 +106,7 @@ when: not mysql_enabled - - name: add mysql to service list + - name: Add mysql to service list ini_file: dest='{{ service_filelist }}' section=mysql option='{{ item.option }}' @@ -115,6 +115,6 @@ - option: name value: mysql-database - option: description - value: '"mySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' + value: '"MySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' - option: enabled value: "{{ mysql_enabled }}" From 50ced1eec845004562bce7e45cb23b43eabf2868 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:40:47 -0400 Subject: [PATCH 143/393] cleaner Ansible messaging --- roles/elgg/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index f78dba717..d76b35fe4 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -1,7 +1,7 @@ # Assume we only get here if elgg_install: True # Assume mysql is running -- name: download current version from our copy +- name: Download current version from our copy shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }} creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip when: internet_available @@ -18,7 +18,7 @@ shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt" when: elgg.stat.exists is defined and not elgg.stat.exists -- name: Create a link to the versioned elgg folder +- name: Create a link to the versioned elgg-* folder file: src=./elgg-{{ elgg_version }} dest=/opt/elgg owner={{ apache_user }} @@ -36,7 +36,7 @@ group={{ apache_user }} # The name of this file changed from 1.9 to 1.10. -- name: Copy default .htaccess to the root directory of elgg tree +- name: Copy default .htaccess to the root directory of Elgg tree copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" dest="/opt/{{ elgg_xx }}/.htaccess" mode=0644 @@ -51,13 +51,13 @@ insertafter='^#RewriteBase' line="RewriteBase {{ elgg_url }}/" -- name: Change permissions on engine directory so apache can write +- name: Change permissions on engine directory so Apache can write file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory - name: Create an upload directory that Apache can write in or elgg file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }} -- name: change ownership +- name: Change ownership file: path=/opt/elgg-{{ elgg_version }} owner={{ apache_user }} group={{ apache_user }} @@ -68,7 +68,7 @@ mysql_db: name={{ dbname }} register: create_elgg_database -- name: Create a user to access the elgg database - can be run more than once +- name: Create a user to access the Elgg database - can be run more than once mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL with_items: - 127.0.0.1 @@ -95,23 +95,23 @@ - name: Install config file for elgg in Apache template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf -- name: Enable elgg for debuntu (will already be enabled above for Redhat) +- name: Enable Elgg for debuntu (will already be enabled above for Redhat) file: path=/etc/apache2/sites-enabled/elgg.conf src=/etc/apache2/sites-available/elgg.conf state=link when: elgg_enabled and is_debuntu -- name: Disable elgg for debuntu +- name: Disable Elgg for debuntu file: path=/etc/apache2/sites-enabled/elgg.conf state=absent when: not elgg_enabled and is_debuntu -- name: Disable elgg for Redhat - remove config file for elgg in Apache +- name: Disable Elgg for Redhat - remove config file for Elgg in Apache file: dest=/etc/{{ apache_config_dir }}/elgg.conf state=absent when: not elgg_enabled and is_redhat -- name: add elgg to service list +- name: Add Elgg to service list ini_file: dest='{{ service_filelist }}' section=elgg option='{{ item.option }}' From d8f0aca278422ed028cf9c44c1fb62394afaa5b4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:47:06 -0400 Subject: [PATCH 144/393] cleaner Ansible messaging --- roles/nextcloud/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 6536e7da5..06e8c9bfc 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -1,14 +1,14 @@ # we need to install the rpm in order to get the dependencies # but we only need to do this the first time -- name: See if the nextcloud startup page exists +- name: See if the Nextcloud startup page exists stat: path={{ nextcloud_prefix }}/nextcloud/index.php register: nextcloud_page # but we use the tar file to get the latest version -- name: Get the nextcloud software +- name: Get the Nextcloud software get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} when: internet_available async: 900 @@ -16,7 +16,7 @@ tags: - download -- name: ubuntu and debian treat names differently +- name: Ubuntu and Debian treat names differently package: name={{ item }} state=present with_items: - libapache2-mod-php{{ php_version }} @@ -24,7 +24,7 @@ - php{{ php_version }}-zip when: is_debian -- name: ubuntu and debian treat names differently +- name: Ubuntu and Debian treat names differently package: name={{ item }} state=present with_items: - libapache2-mod-php @@ -70,7 +70,7 @@ dest={{ nextcloud_prefix }} when: is_F18 -- name: in Centos, the following config dir is symlink to /etc/nextcloud +- name: In CentOS, the following config dir is symlink to /etc/nextcloud file: path=/etc/nextcloud state=directory when: is_centos @@ -83,7 +83,7 @@ mode=0640 when: is_centos -- name: Make apache owner +- name: Make Apache owner file: path={{ nextcloud_prefix }}/nextcloud owner={{ apache_user }} group={{ apache_user }} @@ -99,11 +99,11 @@ with_items: - "{{ nextcloud_data_dir }}" -- name: Create a mysql database for nextcloud +- name: Create a MySQL database for Nextcloud mysql_db: name={{ nextcloud_dbname }} when: mysql_enabled and nextcloud_enabled -- name: Create a user to access the nextcloud database +- name: Create a user to access the Nextcloud database mysql_user: name={{ nextcloud_dbuser }} host={{ item }} password={{ nextcloud_dbpassword }} priv={{ nextcloud_dbname }}.*:ALL,GRANT with_items: - "{{ nextcloud_dbhost }}" @@ -113,7 +113,7 @@ when: mysql_enabled and nextcloud_enabled -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted when: not nextcloud_enabled @@ -122,7 +122,7 @@ # following enables and disables - include: nextcloud_enabled.yml -- name: Add nextcloud to service list +- name: Add Nextcloud to service list ini_file: dest='{{ service_filelist }}' section=nextcloud option='{{ item.option }}' From 9cd817e3ad7d974339b8fef38c3d0712e61e65c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:53:42 -0400 Subject: [PATCH 145/393] cleaner Ansible messaging --- roles/usb-lib/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb-lib/tasks/main.yml index 3d4aee182..f158f1433 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb-lib/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Add a content directory for links to be located +- name: Add a content directory for links to be located file: dest={{ doc_root }}/local_content state=directory owner={{ apache_user }} @@ -31,24 +31,24 @@ state=absent when: not usb_lib_enabled -- name: Add apache config for content directory +- name: Add Apache config for content directory template: src=content_dir.conf dest=/etc/{{ apache_config_dir }} when: usb_lib_enabled -- name: create the link to enable for debian +- name: Create the link to enable for Debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=link when: is_debuntu -- name: remove the link that enables in debian +- name: Remove the link that enables in Debian file: src=/etc/{{ apache_config_dir }}/content_dir.conf dest=/etc/apache2/sites-enabled/content_dir.conf state=absent when: is_debuntu and not usb_lib_enabled -- name: remove apache config for content directory +- name: Remove Apache config for content directory file: name=/etc/{{ apache_config_dir }}/content_dir.conf state=absent when: not usb_lib_enabled @@ -62,6 +62,6 @@ - option: name value: usb-lib - option: description - value: '"usb-lib automounts a usb drive with and links to library content."' + value: '"usb-lib automounts a USB drives and links to library content."' - option: enabled value: "{{ usb_lib_enabled }}" From 72753c295d45a0c9f1e77424bce23f1c6a6820bd Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:55:15 -0400 Subject: [PATCH 146/393] cleaner README --- roles/dokuwiki/README.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/dokuwiki/README.rst b/roles/dokuwiki/README.rst index 039fa93fd..07c9a6015 100644 --- a/roles/dokuwiki/README.rst +++ b/roles/dokuwiki/README.rst @@ -1,5 +1,5 @@ =============== -Dokuwiki README +DokuWiki README =============== DokuWiki is a simple to use and highly versatile Open Source wiki software that @@ -10,12 +10,12 @@ make DokuWiki especially useful in the enterprise context and the large number o plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki. -http://dokuwiki.org/ +http://dokuwiki.org After Installation ------------------ -Head to http://schoolserver.lan/wiki. The webpage will probably throw up an error +Head to http://box.lan/wiki. The webpage will probably throw up an error saying you haven't run install.php yet, with a link to it. Click the link to be taken to the install page which does the initial configuration of the wiki. After this, you should be all set! @@ -33,4 +33,4 @@ None yet other than the basic enabled/disabled. Haven't really tested if they wo Todo ---- * Preinstall some popular plugins. -* Additional XSCE customizations. +* Additional IIAB customizations. From 62f64b309343cd73f766a9e3e4e09dae5099b29b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:56:10 -0400 Subject: [PATCH 147/393] cleaner Ansible messaging --- roles/dokuwiki/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/dokuwiki/tasks/main.yml b/roles/dokuwiki/tasks/main.yml index 9b08d1705..9841a32b6 100644 --- a/roles/dokuwiki/tasks/main.yml +++ b/roles/dokuwiki/tasks/main.yml @@ -2,7 +2,7 @@ include: install.yml when: dokuwiki_install -- name: Add dokuwiki to service list +- name: Add DokuWiki to service list ini_file: dest='{{ service_filelist }}' section=dokuwiki option='{{ item.option }}' From 0223e6d7171d6c095e92eac1ff25e44eacc4f531 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:57:21 -0400 Subject: [PATCH 148/393] cleaner Ansible messaging --- roles/dokuwiki/tasks/install.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index 796623e8c..815a23d9e 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Get the Dokuwiki software +- name: Get the DokuWiki software get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir }}/ when: internet_available @@ -8,24 +8,24 @@ - name: Symlink /library/dokuwiki* to /library/dokuwiki shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi -- name: Install config file for dokuwiki in Apache +- name: Install config file for DokuWiki in Apache template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf when: dokuwiki_enabled -- name: enable the dokuwiki +- name: Enable the DokuWiki file: path=/etc/apache2/sites-enabled/dokuwiki.conf src=/etc/apache2/sites-available/dokuwiki.conf state=link when: dokuwiki_enabled and is_debuntu -- name: disable the dokuwiki +- name: Disable the DokuWiki file: path=/etc/apache2/sites-enabled/dokuwiki.conf state=absent when: not dokuwiki_enabled and is_debuntu -- name: Change permissions on engine directory so apache can write +- name: Change permissions on engine directory so Apache can write file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted From ca7f578e14c13eadd7efcce92c562f089b084d0f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 09:58:40 -0400 Subject: [PATCH 149/393] cleaner README --- roles/kalite/README.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/kalite/README.rst b/roles/kalite/README.rst index 739e1d363..49aa9d972 100644 --- a/roles/kalite/README.rst +++ b/roles/kalite/README.rst @@ -1,13 +1,13 @@ ============== -KA-Lite README +KA Lite README ============== -This role installs KA-Lite, an offline version of the Khan Academy (https://www.khanacademy.org/), +This role installs KA Lite, an offline version of the Khan Academy (https://www.khanacademy.org/), written by Learning Equality (https://learningequality.org/ka-lite/). -KA Lite has two servers, a light httpd server that serves KA videos, and a cron server that sets -up cron jobs to download language packs and KA videos from the internet. There are separate flags -to enable these two servers. +KA Lite has two servers, a light httpd server that serves Khan Academy videos, and a cron server +that sets up cron jobs to download language packs and KA videos from the internet. There are +separate flags to enable these two servers. Access ------ From ebb621a2cfd25ae293b695dd1d33d9c0308717a6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:00:58 -0400 Subject: [PATCH 150/393] cleaner Ansible messaging --- roles/kalite/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kalite/tasks/main.yml b/roles/kalite/tasks/main.yml index 71aadf35c..b0c02471d 100644 --- a/roles/kalite/tasks/main.yml +++ b/roles/kalite/tasks/main.yml @@ -22,7 +22,7 @@ - include: install.yml when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 -- name: ask systemd to reread the unit files +- name: Ask systemd to reread the unit files shell: systemctl daemon-reload when: not kalite_installed.stat.exists From 1aac4fb15c95d49e441cb6ff46df0ea4f4da2176 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:02:26 -0400 Subject: [PATCH 151/393] cleaner Ansible messaging --- roles/kalite/tasks/enable.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kalite/tasks/enable.yml b/roles/kalite/tasks/enable.yml index 79614686f..0c62de120 100644 --- a/roles/kalite/tasks/enable.yml +++ b/roles/kalite/tasks/enable.yml @@ -1,12 +1,12 @@ # By the time we get here we should have ka-lite of some version # And the systemd unit files should be defined -- name: Enable kalite server +- name: Enable kalite-serve service service: name=kalite-serve enabled=yes state=started -- name: Disable kalite server +- name: Disable kalite-serve service service: name=kalite-serve enabled=no state=stopped From b1f77b10922828fa0cd9f3d5d6f22869dd487d78 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:08:41 -0400 Subject: [PATCH 152/393] cleaner Ansible messaging --- roles/kiwix/tasks/kiwix_install.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 4b6d03cf1..4d5db847a 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -1,4 +1,4 @@ -- name: Create various directories for zims +- name: Create various directories for ZIM files file: path={{ item }} owner=root group=root @@ -18,7 +18,7 @@ kiwix_first_pass: True when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists -- name: Copy kiwix library file if needed +- name: Copy Kiwix library file if needed template: src={{ item }} dest="{{ kiwix_library_xml }}" mode=0644 @@ -54,7 +54,7 @@ mode=0755 state=directory -- name: enable the mods which permit apache to proxy +- name: Enable the mods which permit Apache to proxy apache2_module: name={{ item }} with_items: - proxy @@ -71,7 +71,7 @@ when: kiwix_src_bin_only and kiwix_first_pass # workaround because unarchive does not set ownership properly -- name: Set kiwix ownership +- name: Set kiwix ownership to root [WARNING chown -R across all of /opt/iiab] command: "chown -R root:root {{ iiab_base }}" # workaround because kiwix-serve does not stay running @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: add kiwix to service list +- name: Add kiwix to service list ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' From 01a98b1f154a7b2066a00b860ca03977f0d4bb53 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:09:30 -0400 Subject: [PATCH 153/393] cleaner Ansible messaging --- roles/kiwix/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 7b8c5f262..c7409db31 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -16,7 +16,7 @@ kiwix_src_bin_only: True when: ansible_machine == "armv7l" or ansible_machine == "armv6l" -- name: Get the kiwix software +- name: Get the Kiwix software get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}" dest="{{ downloads_dir }}/{{ kiwix_src_file }}" when: internet_available From b1ec762ffbf314685ea502dab922b165e32a0693 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:16:05 -0400 Subject: [PATCH 154/393] cleaner Ansible messaging --- roles/moodle/tasks/main.yml | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index a8f75c4b8..04abeede2 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Install moodle required packages +- name: Install Moodle required packages package: name={{ item }} state=present with_items: @@ -7,7 +7,7 @@ - php-pgsql when: not is_debuntu -- name: Install moodle required packages +- name: Install Moodle required packages package: name={{ item }} state=present with_items: @@ -29,11 +29,11 @@ package: name=php-pclzip when: is_debian_8 -- name: Determine if moodle is already downloaded +- name: Determine if Moodle is already downloaded stat: path={{ moodle_base }}/config-dist.php register: moodle -- name: Download the latest moodle repo +- name: Download the latest Moodle repo git: repo={{ moodle_repo_url }} dest={{ moodle_base }} depth=1 @@ -42,30 +42,30 @@ # ignore_errors: yes when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists -- name: Prepare the downloaded directory so apache can install config file +- name: Prepare the downloaded directory so Apache can install config file file: path={{ moodle_base }} owner={{ apache_user }} recurse=yes state=directory -- name: Give apache permission to write moodle data directory +- name: Give Apache permission to write Moodle data directory file: path={{ content_base }}/dbdata/moodle owner={{ apache_user }} mode=0755 state=directory -- name: Create a moodle data dir with apache permission to write +- name: Create a Moodle data dir with Apache permission to write file: path={{ moodle_data }} owner={{ apache_user }} group={{ apache_user }} mode=0770 state=directory -- name: Remove stock moodle conf +- name: Remove stock Moodle conf file: path='/etc/{{ apache_config_dir }}/moodle.conf' state=absent -- name: Put moodle config file in place +- name: Put Moodle config file in place template: src=022-moodle.j2 dest=/etc/{{ apache_config_dir }}/022-moodle.conf owner=root @@ -73,13 +73,13 @@ mode=0644 when: moodle_enabled -- name: Enable moodle +- name: Enable Moodle file: path=/etc/apache2/sites-enabled/022-moodle.conf src=/etc/apache2/sites-available/022-moodle.conf state=link when: moodle_enabled and is_debuntu -- name: Disable moodle +- name: Disable Moodle file: path=/etc/apache2/sites-enabled/022-moodle.conf state=absent when: not moodle_enabled and is_debuntu @@ -116,24 +116,24 @@ enabled=yes when: moodle_enabled -- name: Restart apache +- name: Restart Apache service: name={{ apache_service }} state=restarted -- name: see if the config.php file exists +- name: See if the config.php file exists stat: path='{{ moodle_base }}/config.php' register: config -- name: Execute moodle startup script +- name: Execute Moodle startup script shell: '{{ moodle_base }}/moodle_installer' when: config.stat.exists is defined and not config.stat.exists -- name: Give apache permission to read config file +- name: Give Apache permission to read config file # command: chown -R {{ apache_user }} {{ moodle_base }} file: path={{ moodle_base }}/config.php mode=0644 -- name: add moodle to service list +- name: Add Moodle to service list ini_file: dest='{{ service_filelist }}' section=moodle option='{{ item.option }}' From d3017d764c41c89598ccc984531252555dc7314d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:20:21 -0400 Subject: [PATCH 155/393] cleaner Ansible messaging --- roles/postgresql/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index 73321bf7d..7574c2fc9 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install postgresql packages +- name: Install PostgreSQL packages package: name={{ item }} state=present with_items: @@ -6,13 +6,13 @@ tags: - download -- name: Install postgresql for debian +- name: Install PostgreSQL for Debian package: name=postgresql-client when: is_debuntu tags: - download -- name: Install postgresql for fedora +- name: Install PostgreSQL for Fedora package: name=postgresql-server when: not is_debuntu tags: @@ -32,12 +32,12 @@ mode=0700 state=directory -- name: make sure that the en_US locale is enabled +- name: Make sure that the en_US locale is enabled lineinfile: dest=/etc/locale.gen line="{{ postgresql_locale }} UTF-8" when: is_debuntu -- name: generate the selected locales +- name: Generate the selected locales command: /usr/sbin/locale-gen when: is_debuntu @@ -56,7 +56,7 @@ creates=/library/pgsql-iiab/pg_hba.conf when: not is_debuntu -- name: Configure postgres +- name: Configure PostgreSQL template: backup=yes src=postgresql.conf.j2 dest=/library/pgsql-iiab/postgresql.conf @@ -80,7 +80,7 @@ enabled=yes when: postgresql_enabled -- name: Stop and disable postgresql-iiab service +- name: Stop and disable postgresql service if not postgresql_enabled service: name=postgresql state=stopped enabled=no From a7cf338aa91a62f04f8e1e33ddf771e5be3500e0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:23:08 -0400 Subject: [PATCH 156/393] cleaner Ansible messaging --- roles/sugarizer/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 8bb5985ed..0e0e8efa2 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Download the latest stable version of sugarizer from location under our control +- name: Download the latest stable version of Sugarizer from location under our control get_url: url={{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz dest={{ downloads_dir }}/{{ sugarizer_version }}.tar.gz @@ -29,12 +29,12 @@ - nodejs - npm -# attempting to reinstall npm is broken on raspbian 9 -- name: check for sugarizer already installed +# attempting to reinstall npm is broken on Raspbian 9 +- name: Check for Sugarizer already installed stat: path={{ sugarizer_location }}/sugarizer/server/node_modules register: npm -- name: set a flag to abort second attempt to install +- name: Set a flag to abort second attempt to install set_fact: npm_exists: True when: npm.stat.exists is defined and npm.stat.exists @@ -68,7 +68,7 @@ chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 and not npm_exists -- name: enable services - All +- name: Enable services - All service: name={{ item.name }} enabled=yes state=restarted @@ -76,7 +76,7 @@ - { name: sugarizer } when: sugarizer_enabled -- name: disable services - All +- name: Disable services - All service: name={{ item.name }} enabled=no state=stopped @@ -84,7 +84,7 @@ - { name: sugarizer } when: not sugarizer_enabled -- name: add sugarizer to service list +- name: Add Sugarizer to service list ini_file: dest='{{ service_filelist }}' section=sugarizer option='{{ item.option }}' @@ -93,6 +93,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform"' + value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform."' - option: enabled value: "{{ sugarizer_enabled }}" From 4be8702090c0e7c9f645100326b06806251872de Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:27:17 -0400 Subject: [PATCH 157/393] cleaner Ansible messaging --- roles/munin/tasks/main.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index b8ec4cd8f..b6b6a0728 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install munin package +- name: Install Munin package package: name={{ item }} state=present with_items: @@ -11,7 +11,7 @@ - download when: is_debuntu -- name: Install munin package +- name: Install Munin package package: name={{ item }} state=present with_items: @@ -21,7 +21,7 @@ - download when: not is_debuntu -- name: Copy munin config file +- name: Copy Munin config file template: src={{ item.src }} dest={{ item.dest }} owner=root @@ -44,13 +44,13 @@ state=started when: munin_enabled -- name: Enable apache lookup +- name: Enable Apache lookup file: src=/etc/apache2/sites-available/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf state=link when: munin_enabled and is_debuntu -- name: disable apache lookup +- name: Disable Apache lookup file: src=/etc/apache2/sites-available/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf state=absent @@ -62,7 +62,7 @@ state=stopped when: not munin_enabled -- name: If mysql is enabled, let munin monitor it +- name: If MySQL is enabled, let Munin monitor it copy: dest=/etc/munin/plugins/ src={{ item }} with_items: @@ -89,4 +89,3 @@ value: "{{ munin_install }}" - option: enabled value: "{{ munin_enabled }}" - From fbb68bdee65aad7832c2618fd8369f104ce66d71 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:29:49 -0400 Subject: [PATCH 158/393] cleaner Ansible messaging --- roles/vnstat/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 2cfce0b0c..97ddea6c7 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -7,24 +7,24 @@ tags: - download -- name: put the config file in place +- name: Put the config file in place template: src=vnstat.conf.j2 dest=/etc/vnstat.conf mode=0744 owner=root group=root -- name: create database for wan to collect vnstat data +- name: Create database for WAN to collect vnStat data shell: /usr/bin/vnstat -i {{ iiab_wan_iface }} -- name: create database for lan to collect vnstat data if not appliace config +- name: Create database for LAN to collect vnStat data if not appliance config shell: /usr/bin/vnstat -i {{ iiab_lan_iface }} when: not iiab_lan_iface == "" -- name: start vnstat daemon via systemd +- name: Start vnStat daemon via systemd service: name=vnstat enabled=yes state=started -- name: Add vnstat to service list +- name: Add vnStat to service list ini_file: dest='{{ service_filelist }}' section=vnstat option='{{ item.option }}' From 113b3c496f30477f4c4b3f5aa63b5e2cda5b6b46 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:32:45 -0400 Subject: [PATCH 159/393] cleaner Ansible messaging --- roles/phpmyadmin/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 1218019d6..a73c70ee2 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,24 +1,24 @@ - - name: Get the phpmyadmin software + - name: Get the phpMyAdmin software get_url: url="{{ iiab_download_url }}/{{ phpMyAdmin }}" dest="{{ downloads_dir }}/phpMyAdmin.zip" when: internet_available - name: Copy it to permanent location /opt unarchive: src={{ downloads_dir }}/phpMyAdmin.zip dest=/opt/ - - name: Create a symbolic link to the folder of the current version phpmyadmin + - name: Create a symbolic link to the folder of the current version phpMyAdmin file: path=/opt/phpmyadmin src=phpMyAdmin-4.7.5-all-languages state=link - - name: Copy the phpmyadmin config file into place + - name: Copy the phpMyAdmin config file into place template: src=config.inc.php dest=/opt/phpmyadmin/config.inc.php - - name: Change the owner of the php tree to apache + - name: Change the owner of the PHP tree to Apache shell: "chown -R {{ apache_user }} /opt/phpmyadmin" - name: Put the alias into Apache config when enabled template: src=phpmyadmin.j2 dest=/etc/{{ apache_config_dir }}/phpmyadmin.conf when: phpmyadmin_enabled - - name: Enable phpmyadmin + - name: Enable phpMyAdmin file: path=/etc/apache2/sites-enabled/phpmyadmin.conf src=/etc/apache2/sites-available/phpmyadmin.conf state=link @@ -29,7 +29,7 @@ state=absent when: not phpmyadmin_enabled and is_debuntu - - name: add phpmyadmin to service list + - name: Add phpmyadmin to service list ini_file: dest='{{ service_filelist }}' section=phpmyadmin option='{{ item.option }}' @@ -38,7 +38,7 @@ - option: name value: phpMyAdmin - option: description - value: '"phpMyAdmin is an interface with a mysql database written in php, and available to administer the database engine locally or across the network"' + value: '"phpMyAdmin is an interface with a MySQL database written in PHP, and available to administer the database engine locally or across the network."' - option: path value: /opt/phpmyadmin - option: enabled From 2904163eeea7432f5ee772025f69f79444bc8fb5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 10:51:16 -0400 Subject: [PATCH 160/393] clarify Ansible output --- roles/kiwix/tasks/kiwix_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 4d5db847a..e27760ae5 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: Add kiwix to service list +- name: Add kiwix-serve to list of services ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' From 71cb3ec713b11d106d3f8641fc0a5201aefa038e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:41:24 -0400 Subject: [PATCH 161/393] cleaner Ansible output --- roles/2-common/tasks/packages.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 57bef55e5..700159be6 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -19,7 +19,7 @@ shell: createrepo {{ yum_packages_dir }} when: is_redhat -- name: Install local repo file. +- name: Install local repo file template: dest=/etc/yum.repos.d/iiab-local.repo src=local.repo owner=root @@ -91,7 +91,7 @@ #- name: Run the install script for pip # command: python {{ downloads_dir }}/get-pip.py -- name: Install Common python packages +- name: Install common Python packages package: name={{ item }} state=present with_items: @@ -99,7 +99,7 @@ - python-setuptools - python-virtualenv -- name: Update common packages (not debian +- name: Update common packages (not Debian) package: name={{ item }} state=latest with_items: @@ -109,7 +109,7 @@ - iptables when: is_redhat -- name: Update common packages (debian) +- name: Update common packages (Debian) package: name={{ item }} state=latest with_items: From 8d58b1cfbb2d923a5bba7274c94136b2f3fcc89c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:44:19 -0400 Subject: [PATCH 162/393] cleaner Ansible output --- roles/iiab-admin/tasks/admin-user.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/iiab-admin/tasks/admin-user.yml b/roles/iiab-admin/tasks/admin-user.yml index c08af46bc..3a72a9272 100644 --- a/roles/iiab-admin/tasks/admin-user.yml +++ b/roles/iiab-admin/tasks/admin-user.yml @@ -32,24 +32,24 @@ # backup=yes -- name: edit the sudoers file--first make it editable +- name: Edit the sudoers file -- first make it editable shell: chmod 0640 /etc/sudoers -- name: have sudo log all commands it handles +- name: Have sudo log all commands it handles lineinfile: regexp=logfile line='Defaults logfile = /var/log/sudo.log' state=present dest=/etc/sudoers -- name: lets wheel sudo without password +- name: Lets wheel sudo without password lineinfile: line: "%wheel ALL= NOPASSWD: ALL" dest: /etc/sudoers -- name: remove the line which requires tty +- name: Remove the line which requires tty lineinfile: regexp=requiretty state=absent dest=/etc/sudoers -- name: end editing the sudoers file-- protect it again +- name: End editing the sudoers file -- protect it again shell: chmod 0440 /etc/sudoers From d6bbb9cd07af0bfad7fa8ecab98f9b636f581d31 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:49:55 -0400 Subject: [PATCH 163/393] More readable Ansible output --- roles/network/tasks/wondershaper.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index fb12b245e..7c27d507e 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -1,10 +1,10 @@ -- name: copy wshaper service script +- name: Copy Wondershaper service script template: backup=yes src=wondershaper/wondershaper.service dest=/etc/systemd/system/wondershaper.service mode=0644 -- name: copy wshaper script +- name: Copy Wondershaper script template: backup=yes src=wondershaper/wondershaper.j2 dest=/usr/bin/wondershaper @@ -12,21 +12,21 @@ group=root mode=0744 -- name: create conf.d directory +- name: Create conf.d directory file: path=/etc/conf.d owner=root group=root mode=0755 state=directory -- name: copy wshaper config script +- name: Copy Wondershaper config script template: src=wondershaper/wondershaper.conf dest=/etc/conf.d/wondershaper.conf owner=root group=root mode=0600 -- name: create fact for wondershaper config file +- name: Create fact for Wondershaper config file file: src=/etc/conf.d/wondershaper.conf dest=/etc/ansible/facts.d/wondershaper.fact owner=root @@ -42,6 +42,6 @@ - option: name value: wondershaper - option: description - value: '"Wondershaper is a command line tool to set maximum transfer rates for network adapters"' + value: '"Wondershaper is a command line tool to set maximum transfer rates for network adapters."' - option: enabled value: "{{ wondershaper_enabled }}" From c8b7bba77f76016d0c421ddf06836dbc929dd25d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:53:43 -0400 Subject: [PATCH 164/393] More readable Ansible output --- roles/network/tasks/named.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 0113d7672..638bdd423 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -1,4 +1,4 @@ -- name: Install named packages +- name: Install named packages for Debian/Debuntu package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Install named packages +- name: Install named packages for non Debian/Debuntu package: name={{ item }} state=present with_items: @@ -64,7 +64,7 @@ - { src: 'named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} - { src: 'named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} -- name: substitute our unit file which uses $OPTIONS from sysconfig +- name: Substitute our unit file which uses $OPTIONS from sysconfig template: src=named/{{ dns_service }}.service dest=/etc/systemd/system/{{ dns_service }}.service mode=0644 @@ -80,13 +80,13 @@ state=link when: is_debuntu and dns_jail_enabled -- name: Separate enabling/disabling required for debian +- name: Separate enabling/disabling required for Debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=absent when: is_debuntu and not dns_jail_enabled -- name: Separate enabling/disabling required for non debian +- name: Separate enabling/disabling required for non Debian file: path=/etc/{{ apache_config_dir }}/dns-jail.conf state=absent when: not is_debuntu and not dns_jail_enabled From 998825769322820a35459dfe233f0d1c8004cf85 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:56:46 -0400 Subject: [PATCH 165/393] More readable Ansible output --- roles/elgg/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index d76b35fe4..f2d56ecf2 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -64,7 +64,7 @@ recurse=yes state=directory -- name: Create a mysql database for elgg - can be run more than once +- name: Create a MySQL database for Elgg - can be run more than once mysql_db: name={{ dbname }} register: create_elgg_database From 5e891828760224c01c90596ca6833f8ab8aba5f1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 11:59:36 -0400 Subject: [PATCH 166/393] More readable Ansible output --- roles/network/tasks/rpi_debian.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 62f627690..97715d1c2 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -18,11 +18,11 @@ package: name=resolvconf state=absent -- name: on upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 +- name: On upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent -- name: default to lan controller +- name: Default to LAN Controller set_fact: gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined @@ -53,21 +53,21 @@ ignore_errors: True when: interface.changed -- name: and remove the device +- name: And remove the device command: brctl delbr br0 ignore_errors: True when: interface.changed -- name: reset the eth0 interface +- name: Reset the eth0 interface command: ifdown eth0 ignore_errors: True when: interface.changed -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted when: interface.changed -- name: start up hostapd again +- name: Start up hostapd again service: name=hostapd state=started when: interface.changed From 15e8ef565ed61862441c0688ba300d762c5a0943 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:02:21 -0400 Subject: [PATCH 167/393] More readable Ansible output --- roles/network/tasks/hostapd.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index e4eccedb6..6b56a675c 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -6,7 +6,7 @@ mode=0644 when: iiab_wireless_lan_iface != "none" -- name: Disable the Access Point Hostapd program +- name: Disable the Access Point hostapd program service: enabled=no name=hostapd.service state=stopped @@ -19,10 +19,10 @@ group=root mode=0644 -- name: ask systemd to reread the unit files for hostapd +- name: Ask systemd to reread the unit files for hostapd shell: systemctl daemon-reload -- name: Enable the Access Point Hostapd program +- name: Enable the Access Point hostapd program service: enabled=yes name=hostapd.service state=restarted From a5ebc31991ca0f88620e8d679afedc909a0e47fc Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:05:27 -0400 Subject: [PATCH 168/393] More readable Ansible output --- roles/network/tasks/debian.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index a8ef6ce9c..859a9a51a 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -10,21 +10,21 @@ # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway -- name: in upgrade from earlier 6.2, delete the resolvconf +- name: In upgrade from earlier IIAB 6.2, delete the resolvconf package: name=resolvconf state=absent enabled=False ignore_errors: True -- name: Get the dhcp client daemon used in recent raspbian +- name: Get the dhcp client daemon used in recent Raspbian package: name=dhcpcd5 state=present -- name: for upgrades from earlier 6.2, remove br0 file +- name: For upgrades from earlier IIAB 6.2, remove br0 file file: path=/etc/network/interfaces.d/br0 state=absent -- name: default to lan controller +- name: Default to LAN Controller set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined @@ -38,7 +38,7 @@ src=network/iiab.j2 register: interface -- name: start up the dhcpcd service +- name: Start up the dhcpcd service service: name=dhcpcd enabled=True state=started @@ -51,11 +51,11 @@ service: name=bind9 state=stopped when: interface.changed -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted when: interface.changed -- name: start up hostapd again +- name: Start up hostapd again service: name=hostapd state=started when: interface.changed From 753752ae9b0850ce1d75640ceda011dc3cb8d20b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:08:35 -0400 Subject: [PATCH 169/393] clean Ansible output --- roles/network/tasks/redetect.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/redetect.yml b/roles/network/tasks/redetect.yml index afb3138d5..638b5b0e0 100644 --- a/roles/network/tasks/redetect.yml +++ b/roles/network/tasks/redetect.yml @@ -27,12 +27,12 @@ debug: msg="NO WAN known" when: not has_WAN -- name: Finding connection name for wifi AP gateway first +- name: Finding connection name for WiFi AP gateway first shell: egrep -rn NAME /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' register: ap_name when: has_wifi_gw != "none" and has_ifcfg_gw != "none" -- name: Trying wifi first +- name: Trying WiFi first shell: nmcli conn up id {{ ap_name.stdout }} register: try_wifi ignore_errors: yes @@ -69,7 +69,7 @@ has_WAN: False when: dhcp_WAN is defined and dhcp_WAN|failed and wan_ip == "dhcp" -- name: interface list +- name: Interface list shell: ls /sys/class/net | grep -v -e lo -e br -e tun register: adapter_list @@ -134,7 +134,7 @@ ### keep at end. ### If dhcp fails the single interface will become LAN again because we didn't prevent the creation # Now disable LAN if single interface -- name: DHCP found on Single interface forcing LAN disabled. +- name: DHCP found on Single interface forcing LAN disabled set_fact: iiab_lan_iface: "none" when: dhcp_good and adapter_count.stdout|int == "1" From 4a76c927cea9a00ba67832b647e4d462442627c8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:12:05 -0400 Subject: [PATCH 170/393] clean Ansible output --- roles/network/tasks/avahi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index 289cca8d7..517ddb808 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -50,7 +50,7 @@ dest='/etc/avahi/services/' when: is_debuntu -- name: set ssh port for avahi +- name: Set ssh port for avahi lineinfile: dest=/etc/avahi/services/ssh.service regexp='$' line=' {{ ssh_port }}' From 3ee4beda1963fd26abe66bf25d3c8501912824a3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:15:10 -0400 Subject: [PATCH 171/393] clean Ansible output --- roles/network/tasks/edit_ifcfg.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/edit_ifcfg.yml b/roles/network/tasks/edit_ifcfg.yml index fb8076722..90a1d368f 100644 --- a/roles/network/tasks/edit_ifcfg.yml +++ b/roles/network/tasks/edit_ifcfg.yml @@ -1,4 +1,4 @@ -- name: Turn off isp nameservers +- name: Turn off ISP nameservers lineinfile: state=present backrefs=yes regexp='^PEERDNS' @@ -34,9 +34,9 @@ dest={{ has_ifcfg_gw }} when: iiab_wan_iface != "none" and has_wifi_gw == "none" -- name: add marker +- name: Add marker lineinfile: state=present - line="# Modified by XSCE" + line="# Modified by IIAB" dest={{ has_ifcfg_gw }} - name: Rename supplied gateway ifcfg file to WAN if present From 7431fe572ed00302a493c895fcaf7288039c2f56 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:17:09 -0400 Subject: [PATCH 172/393] cleaner --- roles/network/tasks/rpi_debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 97715d1c2..9c5e39cf0 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -18,7 +18,7 @@ package: name=resolvconf state=absent -- name: On upgrade from earlier iiab versions, remove /etc/network/interfaces.d/br0 +- name: On upgrade from earlier IIAB versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent From 37148b3cf85e410244cb59ff358a6ef10596bbb2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 12:22:06 -0400 Subject: [PATCH 173/393] cleaner Ansible output --- roles/network/tasks/enable_services.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 623ede0e9..66a3d6abf 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -39,12 +39,12 @@ enabled=no when: not named_enabled -- name: Enable dansguardian +- name: Enable DansGuardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install -- name: Disable dansguardian +- name: Disable DansGuardian service: name=dansguardian enabled=no when: not dansguardian_enabled and dansguardian_install @@ -54,7 +54,7 @@ creates=/etc/sysconfig/xs_httpcache_on when: squid_enabled -- name: Enable squid service +- name: Enable Squid service service: name={{ proxy }} enabled=yes when: squid_enabled and squid_install @@ -73,13 +73,13 @@ mode: '0644' when: squid_enabled and squid_install -- name: point to Squid config file from startup file +- name: Point to Squid config file from startup file lineinfile: regexp='^CONFIG' line='CONFIG=/etc/{{ proxy }}/squid-iiab.conf' dest=/etc/init.d/{{ proxy }} when: squid_enabled and squid_install and is_debuntu -- name: Disable squid service +- name: Disable Squid service service: name={{ proxy }} enabled=no when: not squid_enabled and squid_install @@ -89,12 +89,12 @@ state=absent when: not squid_enabled -- name: Enable wondershaper service +- name: Enable Wondershaper service service: name=wondershaper enabled=yes when: wondershaper_enabled and wondershaper_install -- name: Disable wondershaper service +- name: Disable Wondershaper service service: name=wondershaper enabled=no when: not wondershaper_enabled and wondershaper_install @@ -122,7 +122,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add dansguardian to service list +- name: Add DansGuardian to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' From 3b9940c16e6e4dc4dbe32fc65510009883dc529e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:09:12 -0400 Subject: [PATCH 174/393] cleaner --- roles/network/tasks/NM.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/NM.yml b/roles/network/tasks/NM.yml index fb31c23d3..3bbe5a872 100644 --- a/roles/network/tasks/NM.yml +++ b/roles/network/tasks/NM.yml @@ -1,4 +1,4 @@ -- name: restart NetworkManager services +- name: Restart NetworkManager services service: name=NetworkManager enabled=yes state=stopped From eab8010b0a86d6a3ed98612dc1d3cbf619e059a6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:13:11 -0400 Subject: [PATCH 175/393] cleaner --- roles/network/tasks/computed_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 4b4b0f1ef..85d4e8379 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -20,7 +20,7 @@ iiab_demo_mode: True when: teamviewer_install and not strict_networking -- name: XO wants usb wifi interface as AP mode +- name: XO laptop wants USB WiFi interface as AP mode set_fact: iiab_wireless_lan_iface: "{{ discovered_lan_iface }}" when: num_wifi_interfaces >= "2" and xo_model != "none" and discovered_wan_iface != "none" and discovered_wireless_iface == "eth0" @@ -32,7 +32,7 @@ gui_static_wan_ip: undefined when: gui_static_wan_ip != "unset" and not gui_static_wan -- name: undo gui-static-wan by requesting new template file +- name: Undo gui-static-wan by requesting new template file set_fact: has_WAN: False when: gui_static_wan_ip != "unset" and not gui_static_wan @@ -81,7 +81,7 @@ when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController" # override with user_wan_iface setting if no longer in auto -- name: setting user WAN fact +- name: Setting user WAN fact set_fact: iiab_wan_iface: "{{ user_wan_iface }}" when: user_wan_iface != "auto" @@ -136,11 +136,11 @@ when: 'user_lan_iface != "auto"' # so this works -- name: interface count +- name: Interface count shell: ls /sys/class/net | grep -v -e lo | wc | awk '{print $1}' register: adapter_count -# well if there ever was a point to tell the user thing are FUBAR this is it. +# well if there ever was a point to tell the user things are FUBAR this is it. - name: We're hosed no work interfaces set_fact: iiab_network_mode: "No_network_found" From 9d97750b6ddb56785ad3883c2330497b579d3490 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:16:13 -0400 Subject: [PATCH 176/393] more readable --- roles/network/tasks/dansguardian.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index a51f190ff..64610759d 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -1,4 +1,4 @@ -- name: Install dansguardian packages +- name: Install DansGuardian packages package: name={{ item }} state=present with_items: @@ -6,7 +6,7 @@ tags: - download -- name: Copy dansguardian config file +- name: Copy DansGuardian config file template: src=squid/dansguardian.conf.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -14,7 +14,7 @@ mode=0640 when: ansible_distribution == "Fedora" -- name: Copy dansguardian config file +- name: Copy DansGuardian config file template: src=squid/dansguardian.conf.debian.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -22,7 +22,7 @@ mode=0640 when: is_debuntu -- name: Copy dansguardian config file for CentOS +- name: Copy DansGuardian config file for CentOS template: src=squid/dansguardian.conf.centos.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian @@ -30,7 +30,7 @@ mode=0640 when: ansible_distribution == "CentOS" -- name: Create dansguardian log directory +- name: Create 'dansguardian' log directory file: path=/var/log/dansguardian owner=dansguardian group=dansguardian @@ -38,7 +38,7 @@ state=directory when: ansible_distribution != "CentOS" -- name: Create dansguardian log directory for CentOS +- name: Create DansGuardian log directory for CentOS file: path=/var/log/dansguardian owner=dansguardian group=vscan From ee55dea59b3f47e027c6516361e83cc79d8e9d6e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:19:59 -0400 Subject: [PATCH 177/393] a bit better/cleaner --- roles/network/tasks/computed_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 85d4e8379..0ff415e57 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -1,7 +1,7 @@ # just lie about active gateway present on XOs to suppress ifcfg-WAN # auto-creation/moving with XOs using NM/system-connections/ via keyfile. # ifcfg-rh acts on /etc/sys*/net*/ifcfg-* where we search for devices. -- name: Setting XO has wifi gateway +- name: Setting XO has WiFi gateway set_fact: user_wan_iface: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" and xo_model != "none" and has_ifcfg_gw == "none" @@ -64,7 +64,7 @@ # gui wants LanController # keeps ifcfg-WAN but onboot=no # the change over might be a little bumpy ATM. -- name: Setting GUI wants LanController +- name: Setting GUI wants 'LanController' set_fact: device_gw: "none" user_wan_iface: "none" @@ -114,17 +114,17 @@ user_wan_iface: "{{ discovered_lan_iface }}" when: num_lan_interfaces == "1" and user_lan_iface == "auto" and user_wan_iface == "auto" -- name: No LAN configured - Appliance mode +- name: No LAN configured - 'Appliance' mode set_fact: iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" -- name: LAN configured - LanController mode +- name: LAN configured - 'LanController' mode set_fact: iiab_network_mode: "LanController" when: iiab_lan_iface != "" and iiab_wan_iface == "none" -- name: LAN configured - Gateway mode +- name: LAN configured - 'Gateway' mode set_fact: iiab_network_mode: "Gateway" when: iiab_lan_iface != "none" and iiab_wan_iface != "none" From 9fdcd5cbaa92ff89a18323c1083cee4ddbbe1265 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:24:19 -0400 Subject: [PATCH 178/393] cleaner output --- roles/network/tasks/detected_network.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 0676934b6..ca92d29f9 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -61,30 +61,30 @@ with_items: - "{{ wireless_list2.stdout_lines }}" -- name: Count Wifi ifaces +- name: Count WiFi ifaces shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l" register: count_wifi_interfaces -- name: Remember number of Wifi devices +- name: Remember number of WiFi devices set_fact: num_wifi_interfaces: "{{ count_wifi_interfaces.stdout|int }}" # XO hack here ap_device would not be active therefore not set with # wired as gw use ap_device to exclude eth0 from network calulations -- name: XO override 2 wifi on LAN +- name: XO laptop override 2 WiFi on LAN set_fact: ap_device: "eth0" when: iiab_wan_iface != "eth0" and discovered_wireless_iface != "none" and xo_model == "XO-1.5" # takes adapter name -- name: Blacklisted wifi adapter +- name: Blacklisted WiFi adapter set_fact: ap_device: "{{ blacklist_wifi }}" when: blacklist_wifi is defined and discovered_wireless_iface != iiab_wan_iface and num_wifi_interfaces >= "2" # LAN - pick non WAN's -- name: Create list of LAN (non wan) ifaces +- name: Create list of LAN (non WAN) ifaces shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} register: lan_list_result ignore_errors: True @@ -92,7 +92,7 @@ # Select an adapter that is not WAN and not wireless # if there is more than one the last one wins -- name: Set iiab discovered lan fact +- name: Set IIAB discovered_lan_iface fact set_fact: discovered_lan_iface: "{{ item|trim }}" when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface @@ -128,12 +128,12 @@ # moved to detected_redhat # use value only if present -- name: Setting detected lan +- name: Setting detected LAN set_fact: iiab_lan_iface: "{{ discovered_lan_iface }}" when: 'discovered_lan_iface != "none" and num_lan_interfaces == "1"' -- name: for debian, always use bridging +- name: For Debian, always use bridging set_fact: iiab_lan_iface: br0 when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' From 28ee464753f4e40d6636139c81c9878f9b2a8bf3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:26:27 -0400 Subject: [PATCH 179/393] cleaner Ansible output --- roles/network/tasks/detected_redhat.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/detected_redhat.yml b/roles/network/tasks/detected_redhat.yml index cb767758e..0936e1f91 100644 --- a/roles/network/tasks/detected_redhat.yml +++ b/roles/network/tasks/detected_redhat.yml @@ -42,13 +42,13 @@ ignore_errors: True changed_when: False -- name: Set has ifcfg gw based on on macaddress if found +- name: Set has ifcfg gw based on macaddress if found set_fact: has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}" when: ifcfg_gw_mac is defined and ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != "" # could use something else - Can Fail -- name: Find wifi gateway config if present - Can Fail +- name: Find WiFi gateway config if present - Can Fail shell: egrep -rn ESSID /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | gawk -F '/' '{print $5}' register: ifcfg_WAN_wifi ignore_errors: True @@ -61,13 +61,13 @@ with_items: - "{{ ifcfg_WAN_wifi.stdout_lines }}" -- name: Finding device for wifi AP gateway - Can Fail +- name: Finding device for WiFi AP gateway - Can Fail shell: egrep -rn DEVICE /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}' when: has_wifi_gw != "none" and has_ifcfg_gw != "none" register: AP_device ignore_errors: True -- name: Setting wifi device +- name: Setting WiFi device set_fact: ap_device: "{{ AP_device.stdout }}" when: AP_device.stdout is defined and AP_device.stdout != "" From bb3e4d0eb582727cf35cd7a65ff52ec963067f10 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:28:17 -0400 Subject: [PATCH 180/393] Apostrophe --- roles/network/tasks/dhcpd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index 9d7ea39ba..b26ecf73c 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -31,7 +31,7 @@ creates=/var/lib/dhcpd/dhcpd.leases when: is_redhat -- name: Check leases permissions +- name: Check lease's permissions file: path=/var/lib/dhcpd/dhcpd.leases owner=dhcpd group=dhcpd From 721e1c97edfe5e5efa069522aabd82510a36717f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:30:54 -0400 Subject: [PATCH 181/393] Update ifcfg_mods.yml --- roles/network/tasks/ifcfg_mods.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 8add78ffd..b98c9a019 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -1,4 +1,4 @@ -- name: Stop the Access Point Hostapd program +- name: Stop the Access Point hostapd program service: name=hostapd.service state=stopped when: iiab_wireless_lan_iface != "none" From 4aa5ada670736d0c7afb3ae7eefe1f5a42d4f7e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:32:06 -0400 Subject: [PATCH 182/393] Update iptables.yml --- roles/network/tasks/iptables.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/iptables.yml b/roles/network/tasks/iptables.yml index e9eac5e28..25ded7d8c 100644 --- a/roles/network/tasks/iptables.yml +++ b/roles/network/tasks/iptables.yml @@ -50,7 +50,7 @@ - { 0: 'gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' } - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' } -- name: Install debian config +- name: Install Debian config template: src=gateway/iptables dest=/etc/network/if-pre-up.d/iptables mode=0755 when: is_debuntu From bc7efdd8d950524e89e4533df9c03e95eb5f1389 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:34:00 -0400 Subject: [PATCH 183/393] slight bit cleaner --- roles/network/tasks/restart.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index b9d6adaab..67ec681a5 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -16,28 +16,28 @@ when: named_enabled register: dns_started -- name: Stop dansguardian +- name: Stop DansGuardian service: name=dansguardian state=stopped when: not dansguardian_enabled and dansguardian_install -- name: Restart dansguardian +- name: Restart DansGuardian service: name=dansguardian state=restarted when: dansguardian_enabled and dansguardian_install -- name: Stop squid service +- name: Stop Squid service service: name={{ proxy }} state=stopped when: not squid_enabled and squid_install # Squid get re-loaded with dispatcher.d -- name: Restart squid service +- name: Restart Squid service service: name={{ proxy }} state=started when: squid_enabled and squid_install -- name: Restart wondershaper service +- name: Restart Wondershaper service service: name=wondershaper state=restarted when: wondershaper_enabled From 052305979f6bcc0c18c7fd5036cc32652e8b420b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:36:33 -0400 Subject: [PATCH 184/393] cleaner messaging --- roles/network/tasks/squid.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 3b0c55d8f..595a24e06 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -1,4 +1,4 @@ -- name: Install squid packages +- name: Install Squid packages package: name={{ item }} state=present with_items: @@ -7,7 +7,7 @@ tags: - download -- name: Create the squid user +- name: Create the Squid user user: name={{ proxy_user }} createhome=False shell=/bin/false @@ -50,14 +50,14 @@ group: 'root' mode: '0755' -- name: Create squid cache directory +- name: Create Squid cache directory file: path=/library/cache owner={{ proxy_user }} group={{ proxy_user }} mode=0750 state=directory -- name: Create squid log directory +- name: Create Squid log directory file: path=/var/log/{{ proxy }} owner={{ proxy_user }} group={{ proxy_user }} @@ -73,7 +73,7 @@ ignore_errors: yes when: not installing -- name: Add squid to service list +- name: Add Squid to service list ini_file: dest='{{ service_filelist }}' section={{ proxy }} option='{{ item.option }}' @@ -86,7 +86,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add dansguardian to service list +- name: Add 'dansguardian' to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' @@ -95,6 +95,6 @@ - option: name value: dansguardian - option: description - value: '"Dansguardian searches web content for sexual references and denies access when found"' + value: '"DansGuardian searches web content for obectionable references and denies access when found."' - option: enabled value: "{{ dansguardian_enabled }}" From 68cd077b40ffe15f169996607a681662c9b7871d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:37:37 -0400 Subject: [PATCH 185/393] cleaner Ansible output --- roles/network/tasks/static.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/static.yml b/roles/network/tasks/static.yml index 485a8b1db..4168ab9a7 100644 --- a/roles/network/tasks/static.yml +++ b/roles/network/tasks/static.yml @@ -1,6 +1,6 @@ # supply an ifcfg if no gateway detected but wan_ip is set # set user_wan_iface: and use wan_* for static info -- name: Supply wan interface file +- name: Supply WAN interface file template: src=network/ifcfg-WAN.j2 dest=/etc/sysconfig/network-scripts/ifcfg-WAN @@ -12,7 +12,7 @@ ignore_errors: yes when: 'ansible_distribution_version >= "21" and wan_ip != "dhcp"' -- name: use upstream nameserver until named is installed +- name: Use upstream nameserver until named is installed lineinfile: dest=/etc/resolv.conf line='nameserver {{ wan_nameserver }}' create=yes From 1df73baf706cbbdbdf1996533f4d88596f588469 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:43:15 -0400 Subject: [PATCH 186/393] refined --- roles/network/tasks/computed_network.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 0ff415e57..1257ec34f 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -75,7 +75,7 @@ # single interface vars/ users would need to set iiab_wan_enabled False as above, to disable the WAN # and set user_lan_iface = to suppress the auto detection for the same effect. -- name: Setting user_lan_iface for LanController for single interface +- name: Setting user_lan_iface for 'LanController' for single interface set_fact: user_lan_iface: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController" @@ -93,14 +93,14 @@ when: 'not iiab_lan_enabled' # gui wants Appliance Note: could of used iiab_lan_enabled false -- name: Setting GUI wants Appliance +- name: Setting GUI wants 'Appliance' set_fact: user_lan_iface: "none" iiab_gateway_enabled: "False" when: gui_desired_network_role is defined and gui_desired_network_role == "Appliance" # gui wants Gateway -- name: Setting GUI wants and has active Gateway +- name: Setting GUI wants and has active 'Gateway' set_fact: user_lan_iface: "auto" user_wan_iface: "{{ iiab_wan_iface }}" @@ -146,7 +146,7 @@ iiab_network_mode: "No_network_found" when: adapter_count.stdout|int == "0" -# well if there ever was a point to tell the user thing are FUBAR this is it. +# well if there ever was a point to tell the user things are FUBAR this is it. - name: I'm not guessing declare gateway please set_fact: iiab_network_mode: "Undetectable_use_local_vars" From bc10993ec3d3d1a90861bafee1f3045a9dc5a28b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:44:36 -0400 Subject: [PATCH 187/393] refined --- roles/network/tasks/debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 859a9a51a..27e50359d 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -24,7 +24,7 @@ file: path=/etc/network/interfaces.d/br0 state=absent -- name: Default to LAN Controller +- name: Default to 'lan_controller' set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined From d38627f05353b055f835b8cdf76d12674fe3c221 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:49:00 -0400 Subject: [PATCH 188/393] refined --- roles/network/tasks/detected_network.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index ca92d29f9..f8e1e569a 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -20,13 +20,13 @@ device_gw2: "{{ prior_gw.stdout }}" when: not first_run and prior_gw is defined and prior_gw.stdout != "" -- name: Setting wan if detected +- name: Setting WAN if detected set_fact: iiab_wan_iface: "{{ discovered_wan_iface }}" device_gw: "{{ discovered_wan_iface }}" when: discovered_wan_iface != "none" -- name: RedHat Network detection +- name: RedHat network detection include: detected_redhat.yml when: is_redhat @@ -46,14 +46,14 @@ - "{{ wireless_list1.stdout_lines }}" # WIRELESS -- Sigh... Not all drivers update /proc/net/wireless correctly -- name: Look for any wireless interfaces take 2 +- name: Look for any wireless interfaces (take 2) shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}'" register: wireless_list2 ignore_errors: True changed_when: False # Last device is used -- name: Set the discovered wireless, if found take 2 +- name: Set the discovered wireless, if found (take 2) set_fact: wifi2: "{{ item|trim }}" discovered_wireless_iface: "{{ item|trim }}" @@ -118,7 +118,7 @@ # num_lan_interfaces: "1" # when: iiab_lan_enabled and iiab_wan_enabled and num_lan_interfaces == "2" and discovered_wireless_iface != "none" and iiab_wan_iface == "none" -- name: Set the variable for wireless_iface if present +- name: Set variable discovered_wireless_iface if present set_fact: iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}" when: discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface From dfc0641e19dad7d8fe002b6d6fdbff8b4c010b3e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:51:20 -0400 Subject: [PATCH 189/393] refined --- roles/network/tasks/enable_services.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 66a3d6abf..308a3056f 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -113,7 +113,7 @@ - name: Execute the script that sets up userspace firewall shell: iiab-gen-iptables -- name: Add squid to service list +- name: Add 'squid' to service list ini_file: dest='{{ service_filelist }}' section=squid option='{{ item.option }}' @@ -122,7 +122,7 @@ - option: enabled value: "{{ squid_enabled }}" -- name: Add DansGuardian to service list +- name: Add 'dansguardian' to service list ini_file: dest='{{ service_filelist }}' section=dansguardian option='{{ item.option }}' @@ -131,7 +131,7 @@ - option: enabled value: "{{ dansguardian_enabled }}" -- name: Add wondershaper to service list +- name: Add 'wondershaper' to service list ini_file: dest='{{ service_filelist }}' section=wondershaper option='{{ item.option }}' From 7414763721556907b8bcb8dedbe42bbbb3a97992 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:53:46 -0400 Subject: [PATCH 190/393] refined --- roles/network/tasks/named.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 638bdd423..182a58f88 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -74,7 +74,7 @@ template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ when: dns_jail_enabled -- name: Separate enabling required for debian +- name: Separate enabling required for Debian file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=link From 9cd03ceb85669a66a09c41da2074c61db25c6982 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:55:24 -0400 Subject: [PATCH 191/393] refined --- roles/network/tasks/redetect.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/redetect.yml b/roles/network/tasks/redetect.yml index 638b5b0e0..7ecfb9903 100644 --- a/roles/network/tasks/redetect.yml +++ b/roles/network/tasks/redetect.yml @@ -44,7 +44,7 @@ when: try_wifi is defined and try_wifi.changed # We have the DEVICE? -- name: Now setting iiab_wan_iface based on wifi +- name: Now setting iiab_wan_iface based on WiFi set_fact: iiab_wan_iface: "{{ dhcp_wifi_results.stdout }}" dhcp_good: True From 01eb8f3528c5a66d720190c0c01659256ad18b39 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:56:51 -0400 Subject: [PATCH 192/393] refined --- roles/network/tasks/rpi_debian.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 9c5e39cf0..c6e25bd3c 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -10,7 +10,7 @@ # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway -- name: Raspbian stock has openresolv which is not available in debian, off it +- name: Raspbian stock has openresolv which is not available in Debian, off it package: name=openresolv state=absent @@ -22,7 +22,7 @@ file: path=/etc/network/interfaces.d/br0 state=absent -- name: Default to LAN Controller +- name: Default to 'LanController' set_fact: gui_desired_network_role: "LanController" when: not gui_desired_network_role is defined From 0f8cc95815f532deef2b381bd9016a8e59408fe5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 13:57:40 -0400 Subject: [PATCH 193/393] refined --- roles/network/tasks/wondershaper.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index 7c27d507e..5fec75b3b 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -33,7 +33,7 @@ group=root state=link -- name: Add wondershaper to service list +- name: Add 'wondershaper' to service list ini_file: dest='{{ service_filelist }}' section=wondershaper option='{{ item.option }}' From bc3f59d30b7ef105458057dfd9a845715a7b795b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 14:13:19 -0400 Subject: [PATCH 194/393] Ansible output refined --- roles/network/tasks/computed_services.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 2b8e6bac1..5b5bac4da 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -1,4 +1,4 @@ -- name: No LAN configured - Appliance mode +- name: No LAN configured - 'Appliance' mode set_fact: dansguardian_enabled: False squid_enabled: False @@ -8,7 +8,7 @@ iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" or user_lan_iface == "none" -- name: LAN configured - LanController mode +- name: LAN configured - 'LanController' mode set_fact: named_enabled: True dhcpd_enabled: True @@ -18,7 +18,7 @@ iiab_network_mode: "LanController" when: iiab_lan_iface != "" and iiab_wan_iface == "none" -- name: LAN configured - Gateway mode +- name: LAN configured - 'Gateway' mode set_fact: named_enabled: True dhcpd_enabled: True From 6e9535a1c31afb52f792b900d075d3b767bb7ad6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 14:46:59 -0400 Subject: [PATCH 195/393] typo/clarif in roles/usb-lib/tasks/main.yml --- roles/usb-lib/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb-lib/tasks/main.yml index f158f1433..f0de224a8 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb-lib/tasks/main.yml @@ -62,6 +62,6 @@ - option: name value: usb-lib - option: description - value: '"usb-lib automounts a USB drives and links to library content."' + value: '"usb-lib automounts USB drives and can live-link /library/www/html/local_content to Teachers Content."' - option: enabled value: "{{ usb_lib_enabled }}" From 105c1c8b4a9c777f0094ff461532e52077a398ae Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 19 Jul 2017 15:38:50 -0500 Subject: [PATCH 196/393] finish xsce -> iiab rename --- roles/ejabberd/templates/ejabberd | 4 ++-- .../templates/{ejabberd-xs => ejabberd-iiab} | 2 +- ...jabberd-xs.cfg.j2 => ejabberd-iiab.cfg.j2} | 0 .../{ejabberd-xs.init => ejabberd-iiab.init} | 20 +++++++++---------- ...xs.service.j2 => ejabberd-iiab.service.j2} | 6 +++--- .../{xs-ejabberd-srg => iiab-ejabberd-srg} | 2 +- roles/ejabberd_xs/templates/ejabberd-xs.init | 14 ++++++------- 7 files changed, 23 insertions(+), 25 deletions(-) rename roles/ejabberd/templates/{ejabberd-xs => ejabberd-iiab} (90%) rename roles/ejabberd/templates/{ejabberd-xs.cfg.j2 => ejabberd-iiab.cfg.j2} (100%) rename roles/ejabberd/templates/{ejabberd-xs.init => ejabberd-iiab.init} (93%) rename roles/ejabberd/templates/{ejabberd-xs.service.j2 => ejabberd-iiab.service.j2} (64%) rename roles/ejabberd/templates/{xs-ejabberd-srg => iiab-ejabberd-srg} (96%) diff --git a/roles/ejabberd/templates/ejabberd b/roles/ejabberd/templates/ejabberd index bf0d2505c..ef7fa5c5e 100755 --- a/roles/ejabberd/templates/ejabberd +++ b/roles/ejabberd/templates/ejabberd @@ -3,9 +3,9 @@ # # ejabberd now handles domain changes in the initrd script # -SERVICE_NAME=ejabberd-xs +SERVICE_NAME=ejabberd-iiab -CONFIG_LIST="/etc/ejabberd/ejabberd-xs.cfg" +CONFIG_LIST="/etc/ejabberd/ejabberd-iiab.cfg" # taken from ejabberd spec %post # taken from ejabberd spec %post diff --git a/roles/ejabberd/templates/ejabberd-xs b/roles/ejabberd/templates/ejabberd-iiab similarity index 90% rename from roles/ejabberd/templates/ejabberd-xs rename to roles/ejabberd/templates/ejabberd-iiab index 627260af5..ab85fb555 100755 --- a/roles/ejabberd/templates/ejabberd-xs +++ b/roles/ejabberd/templates/ejabberd-iiab @@ -2,7 +2,7 @@ ## Where should ejabberd find its configuration file? # -CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg +CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg ## ULIMIT_MAX_FILES alters the number of files that ejabberd is ## allowed to have open at once. If it is unset the system default diff --git a/roles/ejabberd/templates/ejabberd-xs.cfg.j2 b/roles/ejabberd/templates/ejabberd-iiab.cfg.j2 similarity index 100% rename from roles/ejabberd/templates/ejabberd-xs.cfg.j2 rename to roles/ejabberd/templates/ejabberd-iiab.cfg.j2 diff --git a/roles/ejabberd/templates/ejabberd-xs.init b/roles/ejabberd/templates/ejabberd-iiab.init similarity index 93% rename from roles/ejabberd/templates/ejabberd-xs.init rename to roles/ejabberd/templates/ejabberd-iiab.init index 9585e2ada..43d747d90 100755 --- a/roles/ejabberd/templates/ejabberd-xs.init +++ b/roles/ejabberd/templates/ejabberd-iiab.init @@ -17,10 +17,13 @@ # Description: A distributed, fault-tolerant Jabber/XMPP server ### END INIT INFO +SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name +OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name + . /etc/rc.d/init.d/functions -if [ -r /etc/sysconfig/ejabberd-xs ]; then - . /etc/sysconfig/ejabberd-xs +if [ -r /etc/sysconfig/ejabberd-iiab ]; then + . /etc/sysconfig/ejabberd-iiab fi if [ ! "$CONFIG_FILE" ]; then @@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd # avoid using consolehelper, call ejabberdctl directly progctl=/usr/sbin/ejabberdctl -SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name -OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name - check_domain_configured() { - if [ ! -e /etc/sysconfig/xs_domain_name ]; then - echo "Domain not configured yet" > /dev/stderr + if [ ! -e $SYS_DOMAIN_FILE ]; then + echo "Domain not configured yet 1" > /dev/stderr exit 1; fi domain=`cat "$SYS_DOMAIN_FILE" ` if [ "$domain" == "random.xs.laptop.org" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 2" > /dev/stderr exit 1; fi #hostname=`hostname -f` hostname=`hostname ` if [ "$hostname" == "localhost.localdomain" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 3" > /dev/stderr fi # if [ "$hostname" != "schoolserver.$domain" ]; then @@ -218,5 +218,3 @@ case "$1" in esac exit $RETVAL - - diff --git a/roles/ejabberd/templates/ejabberd-xs.service.j2 b/roles/ejabberd/templates/ejabberd-iiab.service.j2 similarity index 64% rename from roles/ejabberd/templates/ejabberd-xs.service.j2 rename to roles/ejabberd/templates/ejabberd-iiab.service.j2 index 73a9b9ea3..28f1b10dc 100755 --- a/roles/ejabberd/templates/ejabberd-xs.service.j2 +++ b/roles/ejabberd/templates/ejabberd-iiab.service.j2 @@ -8,9 +8,9 @@ User=root Group=root LimitNOFILE=50000 RestartSec=5 -EnvironmentFile=/etc/sysconfig/ejabberd-xs -ExecStart=/usr/libexec/ejabberd-xs start -ExecStop=/usr/libexec/ejabberd-xs stop +EnvironmentFile=/etc/sysconfig/ejabberd-iiab +ExecStart=/usr/libexec/ejabberd-iiab start +ExecStop=/usr/libexec/ejabberd-iiab stop RemainAfterExit=yes [Install] diff --git a/roles/ejabberd/templates/xs-ejabberd-srg b/roles/ejabberd/templates/iiab-ejabberd-srg similarity index 96% rename from roles/ejabberd/templates/xs-ejabberd-srg rename to roles/ejabberd/templates/iiab-ejabberd-srg index 4f3b5bc32..f794020bf 100755 --- a/roles/ejabberd/templates/xs-ejabberd-srg +++ b/roles/ejabberd/templates/iiab-ejabberd-srg @@ -2,7 +2,7 @@ progctl=/usr/sbin/ejabberdctl -SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name +SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name setup_online_srg() { diff --git a/roles/ejabberd_xs/templates/ejabberd-xs.init b/roles/ejabberd_xs/templates/ejabberd-xs.init index 9585e2ada..9bd07eea0 100755 --- a/roles/ejabberd_xs/templates/ejabberd-xs.init +++ b/roles/ejabberd_xs/templates/ejabberd-xs.init @@ -17,6 +17,9 @@ # Description: A distributed, fault-tolerant Jabber/XMPP server ### END INIT INFO +SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name +OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name + . /etc/rc.d/init.d/functions if [ -r /etc/sysconfig/ejabberd-xs ]; then @@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd # avoid using consolehelper, call ejabberdctl directly progctl=/usr/sbin/ejabberdctl -SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name -OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name - check_domain_configured() { - if [ ! -e /etc/sysconfig/xs_domain_name ]; then - echo "Domain not configured yet" > /dev/stderr + if [ ! -e $SYS_DOMAIN_FILE ]; then + echo "Domain not configured yet 1" > /dev/stderr exit 1; fi domain=`cat "$SYS_DOMAIN_FILE" ` if [ "$domain" == "random.xs.laptop.org" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 2" > /dev/stderr exit 1; fi #hostname=`hostname -f` hostname=`hostname ` if [ "$hostname" == "localhost.localdomain" ]; then - echo "Domain not configured yet" > /dev/stderr + echo "Domain not configured yet 3" > /dev/stderr fi # if [ "$hostname" != "schoolserver.$domain" ]; then From a1609bfa1d19fa32d1058df04a4aefe7012e75fd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 19 Jul 2017 16:10:32 -0500 Subject: [PATCH 197/393] adjust tasks for rename and disable online group creation in ansible --- roles/ejabberd/tasks/main.yml | 40 ++++++++++++++++++-------------- roles/ejabberd_xs/tasks/main.yml | 15 +++++------- 2 files changed, 28 insertions(+), 27 deletions(-) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index b0341521a..b3fcf3079 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -14,25 +14,25 @@ group=root mode={{ item.mode }} with_items: - - { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' } + - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' } - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } - - { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' } + - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } - - { src: 'ejabberd-xs.service.j2', dest: '/etc/systemd/system/ejabberd-xs.service', mode: '0755' } - - { src: 'xs-ejabberd-srg', dest: '/usr/bin/xs-ejabberd-srg' , mode: '0755' } - - { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' } + - { src: 'ejabberd-iiab.service.j2', dest: '/etc/systemd/system/ejabberd-iiab.service', mode: '0755' } + - { src: 'iiab-ejabberd-srg', dest: '/usr/bin/iiab-ejabberd-srg' , mode: '0755' } +# - { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' } - { src: 'ejabberd.tmpfiles', dest: '/etc/tmpfiles.d/ejabberd.conf', mode: '0640' } register: ejabberd_config - name: Put the startup script in place - debian - template: src='ejabberd-xs.init' - dest='/etc/init.d/ejabberd-xs' + template: src='ejabberd-iiab.init' + dest='/etc/init.d/ejabberd-iiab' when: is_debuntu - name: Put the startup script in place - non debian - template: src='ejabberd-xs.init' - dest='/usr/libexec/ejabberd-xs' + template: src='ejabberd-iiab.init' + dest='/usr/libexec/ejabberd-iiab' when: not is_debuntu - name: Remove ejabberd_domain if domain changes @@ -41,14 +41,14 @@ when: ejabberd_config.changed - name: Enable ejabberd service - file: src=/etc/systemd/system/ejabberd-xs.service - dest=/etc/systemd/system/multi-user.target.wants/ejabberd-xs.service + file: src=/etc/systemd/system/ejabberd-iiab.service + dest=/etc/systemd/system/multi-user.target.wants/ejabberd-iiab.service owner=root group=root state=link - name: Start ejabberd service - service: name=ejabberd-xs + service: name=ejabberd-iiab state=restarted enabled=yes when: ejabberd_config.changed and ejabberd_enabled @@ -60,10 +60,14 @@ timeout=300 when: ejabberd_config.changed and ejabberd_enabled -- name: Create online group - shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online - when: ejabberd_config.changed and not is_debuntu +# ejabberd-iiab.init has the logic for the below, needs to be done once +# and only if the group does not exist based on presence of +# /var/lib/ejabberd online_src_created -- name: Add all users to online group - shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver" - when: ejabberd_config.changed and not is_debuntu +#- name: Create online group +# shell: ejabberdctl srg_create Online "{{ iiab_hostname }}" Online "Online_Users" Online +# when: ejabberd_config.changed + +#- name: Add all users to online group +# shell: ejabberdctl srg_user_add '@online@' "{{ iiab_hostname }}" Online "schoolserver" +# when: ejabberd_config.changed diff --git a/roles/ejabberd_xs/tasks/main.yml b/roles/ejabberd_xs/tasks/main.yml index 503adeaf1..5131b9218 100644 --- a/roles/ejabberd_xs/tasks/main.yml +++ b/roles/ejabberd_xs/tasks/main.yml @@ -76,13 +76,10 @@ timeout=300 when: ejabberd_config.changed and ejabberd_xs_enabled -- name: Create online group - shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online - when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled - -- name: Add all users to online group - shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver" - when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled - - +#- name: Create online group +# shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online +# when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled +#- name: Add all users to online group +# shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver" +# when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled From 549cc48d042fb7f9d4f310ce6d179492eb84ab16 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 19 Jul 2017 18:32:37 -0500 Subject: [PATCH 198/393] split ejabberd/ejabberd_xs config files names --- roles/ejabberd/tasks/main.yml | 2 +- roles/ejabberd/templates/ejabberd-iiab.init | 4 ++-- roles/ejabberd_xs/tasks/main.yml | 2 +- roles/ejabberd_xs/templates/ejabberd-xs.init | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index b3fcf3079..ec78415ae 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -15,7 +15,7 @@ mode={{ item.mode }} with_items: - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' } - - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } + - { src: 'ejabberdctl-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' } - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } diff --git a/roles/ejabberd/templates/ejabberd-iiab.init b/roles/ejabberd/templates/ejabberd-iiab.init index 43d747d90..a944ead9a 100755 --- a/roles/ejabberd/templates/ejabberd-iiab.init +++ b/roles/ejabberd/templates/ejabberd-iiab.init @@ -27,7 +27,7 @@ if [ -r /etc/sysconfig/ejabberd-iiab ]; then fi if [ ! "$CONFIG_FILE" ]; then - CONFIG_FILE=/etc/ejabberd/ejabberd.cfg + CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg fi # /var/run is tmpfs in fc18, so need to create every time @@ -149,7 +149,7 @@ start() { fi daemon --user=ejabberd $progctl start --config $CONFIG_FILE \ - --ctl-config /etc/ejabberd/ejabberdctl.cfg \ + --ctl-config /etc/ejabberd/ejabberdctl-iiab.cfg \ --logs "/var/log/ejabberd" \ --spool "/var/lib/ejabberd/spool" \ 2>/dev/null diff --git a/roles/ejabberd_xs/tasks/main.yml b/roles/ejabberd_xs/tasks/main.yml index 5131b9218..e73ecf7eb 100644 --- a/roles/ejabberd_xs/tasks/main.yml +++ b/roles/ejabberd_xs/tasks/main.yml @@ -34,7 +34,7 @@ mode={{ item.mode }} with_items: - { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' } - - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } + - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-xs.cfg', mode: '0644' } - { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } diff --git a/roles/ejabberd_xs/templates/ejabberd-xs.init b/roles/ejabberd_xs/templates/ejabberd-xs.init index 9bd07eea0..ca1ef8618 100755 --- a/roles/ejabberd_xs/templates/ejabberd-xs.init +++ b/roles/ejabberd_xs/templates/ejabberd-xs.init @@ -27,7 +27,7 @@ if [ -r /etc/sysconfig/ejabberd-xs ]; then fi if [ ! "$CONFIG_FILE" ]; then - CONFIG_FILE=/etc/ejabberd/ejabberd.cfg + CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg fi # /var/run is tmpfs in fc18, so need to create every time @@ -149,7 +149,7 @@ start() { fi daemon --user=ejabberd $progctl start --config $CONFIG_FILE \ - --ctl-config /etc/ejabberd/ejabberdctl.cfg \ + --ctl-config /etc/ejabberd/ejabberdctl-xs.cfg \ --logs "/var/log/ejabberd" \ --spool "/var/lib/ejabberd/spool" \ 2>/dev/null From 2beb64f2491f47225230f39bb806a23f386177b8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 11:09:16 -0500 Subject: [PATCH 199/393] Stop and disable OS provided ejabberd service --- roles/ejabberd/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index ec78415ae..b24effe2e 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -25,6 +25,11 @@ - { src: 'ejabberd.tmpfiles', dest: '/etc/tmpfiles.d/ejabberd.conf', mode: '0640' } register: ejabberd_config +- name: Stop and disable OS provided systemd ejabberd service + service: name=ejabberd + state=stopped + enabled=no + - name: Put the startup script in place - debian template: src='ejabberd-iiab.init' dest='/etc/init.d/ejabberd-iiab' From f1f80c9ae90576722d332b9d125ea498237a2e33 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 16:08:08 -0500 Subject: [PATCH 200/393] template name is ejabberdctl.cfg.j2 - jenkins error --- roles/ejabberd/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/ejabberd/tasks/main.yml b/roles/ejabberd/tasks/main.yml index b24effe2e..3e99df865 100644 --- a/roles/ejabberd/tasks/main.yml +++ b/roles/ejabberd/tasks/main.yml @@ -15,7 +15,7 @@ mode={{ item.mode }} with_items: - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' } - - { src: 'ejabberdctl-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' } + - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' } - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' } # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } From 47a78b426c671a399c96fd20153fd1e177b0f4aa Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 19:17:51 -0400 Subject: [PATCH 201/393] Ansible output tweak --- roles/2-common/tasks/udev.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/udev.yml b/roles/2-common/tasks/udev.yml index 7e55c9f83..7e66a2d93 100644 --- a/roles/2-common/tasks/udev.yml +++ b/roles/2-common/tasks/udev.yml @@ -23,13 +23,12 @@ shell: systemctl daemon-reload when: udev_unit.stat.exists is defined and udev_unit.stat.exists -- name: restart so systemd recognizes the changes +- name: Restart so systemd recognizes the changes shell: systemctl restart systemd-udevd.service when: udev_unit.stat.exists is defined and udev_unit.stat.exists -- name: reload systemd-udevd so it has rootfs open read-write +- name: Reload systemd-udevd so it has rootfs open read-write template: src=udev-reload.service dest=/etc/systemd/system/ -- name: enable the reload service +- name: Enable the reload service shell: systemctl enable udev-reload.service - From f101f87a36d23a20cb7f94fd73b7ef6273c2b95d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 20:13:45 -0400 Subject: [PATCH 202/393] tweaks to cultivate implementers into engaging+understanding more deeply --- roles/mysql/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index e4819172a..2b1a622fe 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,4 +1,4 @@ - - name: Install MySQL Debian + - name: Install MySQL if Debian/Debuntu package: name={{ item }} state=present with_items: @@ -18,11 +18,11 @@ tags: - download - - name: php-xml for ubuntu and debian-9 + - name: php-xml for 'ubuntu' and 'debian-9' package: name=php{{ php_version }}-xml state=present when: is_ubuntu or is_debian_9 - - name: php-xml for debian-8 + - name: php-xml for 'debian-8' package: name=php-xml-parser state=present when: is_debian_8 @@ -78,7 +78,7 @@ template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 when: mysql_enabled - - name: Update mysql root password for all remaining root accounts + - name: Update MySQL root password for all remaining root accounts mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT with_items: # - "{{ iiab_hostname }}.{{ iiab_domain }}" @@ -106,7 +106,7 @@ when: not mysql_enabled - - name: Add mysql to service list + - name: Add 'mysql' to service list ini_file: dest='{{ service_filelist }}' section=mysql option='{{ item.option }}' @@ -115,6 +115,6 @@ - option: name value: mysql-database - option: description - value: '"MySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' + value: '"MySQL is a widely used free and open source (GPLv2) database, offered by most web hosting services, on a diversity of platforms."' - option: enabled value: "{{ mysql_enabled }}" From 40a0a4063a7b9207bc8174ab8053b919de7a0a57 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 20:17:40 -0400 Subject: [PATCH 203/393] Update main.yml --- roles/mysql/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 2b1a622fe..7ae2cfad6 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,4 +1,4 @@ - - name: Install MySQL if Debian/Debuntu + - name: Install MySQL for Debian/Debuntu package: name={{ item }} state=present with_items: @@ -26,7 +26,7 @@ package: name=php-xml-parser state=present when: is_debian_8 - - name: Install MySQL + - name: Install MySQL for non-Debian/Debuntu package: name={{ item }} state=present with_items: From 2e53b1a248c14c3cf93c15dfa2f6844199801abf Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 12:32:07 -0500 Subject: [PATCH 204/393] mysql --- roles/3-base-server/tasks/main.yml | 8 +++++--- roles/elgg/meta/main.yml | 3 --- roles/mysql/tasks/main.yml | 1 - roles/nextcloud/meta/main.yml | 3 --- roles/owncloud/meta/main.yml | 3 --- roles/rachel/meta/main.yml | 4 ---- roles/wordpress/meta/main.yml | 3 --- 7 files changed, 5 insertions(+), 20 deletions(-) delete mode 100644 roles/elgg/meta/main.yml delete mode 100644 roles/nextcloud/meta/main.yml delete mode 100644 roles/owncloud/meta/main.yml delete mode 100644 roles/rachel/meta/main.yml delete mode 100644 roles/wordpress/meta/main.yml diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 279322513..26d4af235 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -15,13 +15,15 @@ # has no "when: XXXXX_install" flag tags: base, iiab-admin +- name: MYSQL + include_role: + name: mysql + tags: base, mysql + - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory -- name: Base Server Installed - command: echo Base Server Installed - - name: Restart httpd service: name={{ apache_service }} state=restarted diff --git a/roles/elgg/meta/main.yml b/roles/elgg/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/elgg/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index e4819172a..1ff6a2920 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -105,7 +105,6 @@ state=stopped when: not mysql_enabled - - name: Add mysql to service list ini_file: dest='{{ service_filelist }}' section=mysql diff --git a/roles/nextcloud/meta/main.yml b/roles/nextcloud/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/nextcloud/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } diff --git a/roles/owncloud/meta/main.yml b/roles/owncloud/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/owncloud/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } diff --git a/roles/rachel/meta/main.yml b/roles/rachel/meta/main.yml deleted file mode 100644 index 09f9b4e28..000000000 --- a/roles/rachel/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -allow_duplicates: yes -dependencies: - - { role: mysql, mysql_enabled: True } diff --git a/roles/wordpress/meta/main.yml b/roles/wordpress/meta/main.yml deleted file mode 100644 index 94e49405f..000000000 --- a/roles/wordpress/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: mysql } From 97b829ebba0c531107ea3241bb135c5696b6ff5e Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 12:36:14 -0500 Subject: [PATCH 205/393] postgresql --- roles/4-server-options/tasks/main.yml | 6 ++++++ roles/moodle/meta/main.yml | 3 --- roles/pathagar/meta/main.yml | 3 --- 3 files changed, 6 insertions(+), 6 deletions(-) delete mode 100644 roles/moodle/meta/main.yml delete mode 100644 roles/pathagar/meta/main.yml diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 69173b017..9348d5933 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -27,6 +27,12 @@ # has no "when: XXXXX_install" flag tags: base, homepage +- name: POSTGRESQL + include_role: + name: postgresql + when: postgresql_install + tags: postgresql + - name: AUTHSERVER include_role: name: authserver diff --git a/roles/moodle/meta/main.yml b/roles/moodle/meta/main.yml deleted file mode 100644 index 55dedee1a..000000000 --- a/roles/moodle/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: postgresql } diff --git a/roles/pathagar/meta/main.yml b/roles/pathagar/meta/main.yml deleted file mode 100644 index 55dedee1a..000000000 --- a/roles/pathagar/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: postgresql } From 992c87e79d3724704c1fd62af0801cc0cf155262 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 27 Oct 2017 12:41:48 -0500 Subject: [PATCH 206/393] postgresql tags --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 9348d5933..7efdffe74 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -31,7 +31,7 @@ include_role: name: postgresql when: postgresql_install - tags: postgresql + tags: postgresql, pathagar, moodle - name: AUTHSERVER include_role: From e2a8b090143821930680c0aa16023254bd173a4e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 27 Oct 2017 20:56:48 -0400 Subject: [PATCH 207/393] tweaks for understandability --- roles/monit/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/monit/tasks/main.yml b/roles/monit/tasks/main.yml index 26a3c2a7f..e57ee7c39 100644 --- a/roles/monit/tasks/main.yml +++ b/roles/monit/tasks/main.yml @@ -1,10 +1,10 @@ -- name: Install monit package +- name: Install Monit package package: name=monit state=present tags: - download -- name: Install chkconfig package -- not in debian 9 +- name: Install chkconfig package -- not in Debian 8 package: name=chkconfig state=present when: is_debian and ansible_distribution_major_version == "8" @@ -34,14 +34,14 @@ delay: 1 #TODO: create systemd script -- name: Enable monit service +- name: Enable 'monit' service command: chkconfig monit on when: is_debian and ansible_local.local_facts.os_ver == "debian-8" #- name: Restart monit service # command: service monit restart -- name: Add monit to service list +- name: Add 'monit' to service list ini_file: dest='{{ service_filelist }}' section=monit option='{{ item.option }}' @@ -50,6 +50,6 @@ - option: name value: monit - option: description - value: '"Monit is a background service monitor which can correct problems, send email, restart services"' + value: '"Monit is a background service monitor which can correct problems, send email, restart services."' - option: enabled value: "{{ monit_enabled }}" From 4769e3cff87a447b93d0460210c3578a2631570b Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 28 Oct 2017 07:39:26 -0400 Subject: [PATCH 208/393] Update main.yml Until we come up with a more readable style...am emulating SSHD, NETWORK and HOMEPAGE @ https://github.com/iiab/iiab/blob/master/roles/4-server-options/tasks/main.yml --- roles/3-base-server/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 26d4af235..3aa90c43b 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -18,6 +18,7 @@ - name: MYSQL include_role: name: mysql + # has no "when: XXXXX_install" flag tags: base, mysql - name: Make sure there is a content directory From 6fe7b209de2f2d5ba6b74ec8b309b855bc2c8d21 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 28 Oct 2017 09:14:58 -0400 Subject: [PATCH 209/393] PostgreSQL defaults moved from 3 to 4 for now --- vars/default_vars.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4d610239c..0056dbf1a 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -140,10 +140,6 @@ mysql_enabled: True # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 mysql_root_password: fixmysql -# PostgreSQL -postgresql_install: False -postgresql_enabled: False - # 4-SERVER-OPTIONS # sshd @@ -169,6 +165,10 @@ iiab_home_url: /home # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki +# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml +postgresql_install: False +postgresql_enabled: False + # authserver authserver_install: False authserver_enabled: False From 26202240190ad5195c01df526c6ebe898088ab59 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 29 Oct 2017 23:57:11 -0500 Subject: [PATCH 210/393] use ansible-2.4.1 on CentOS --- scripts/ansible | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ansible b/scripts/ansible index 19c56e6ad..4ae9924e0 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -44,7 +44,7 @@ if [ -f /etc/centos-release ]; then yum -y install ca-certificates nss epel-release yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python yum -y install python-pip python-setuptools python-wheel patch - yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.0.0-1.el7.ans.noarch.rpm + yum -y install http://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.4.1.0-1.el7.ans.noarch.rpm FOUND="yes" FAMILY="redhat" fi From 565392dea19f7bd23eacad49e14c8dd632e86e1f Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 11:40:29 -0400 Subject: [PATCH 211/393] tweak DB defaults' explanations --- vars/default_vars.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 0056dbf1a..c99fddfba 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -133,7 +133,7 @@ allow_apache_sudo: False # IIAB-ADMIN role runs here. -# MySQL - SEE roles/1-prep/tasks/computed_vars.yml for de facto defaults +# MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True mysql_enabled: True # password is fixmysql @@ -165,7 +165,7 @@ iiab_home_url: /home # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki -# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml +# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml, roles/postgresql/tasks/main.yml postgresql_install: False postgresql_enabled: False From 9a5faa8832f989d3ae094ee780302697785a47d0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:26:25 -0400 Subject: [PATCH 212/393] added+clarified PostgreSQL flags --- vars/medium.localvars | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 3f2d9fd21..9248e0eaf 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -47,7 +47,7 @@ dansguardian_enabled: False # 3-BASE-SERVER -# MySQL & PostgreSQL are auto-installed around here as necessary. +# MySQL mandatory installation here # 4-SERVER-OPTIONS @@ -58,6 +58,11 @@ openvpn_enabled: False # openvpn_cron_enabled: True # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" +# PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! +# roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml +postgresql_install: False +postgresql_enabled: False + # Unmaintained # authserver_install: False # authserver_enabled: False From ecd68a30b80a1daaa162d830c0885f0abcedd701 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:30:51 -0400 Subject: [PATCH 213/393] Clarified PostgreSQL --- vars/default_vars.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index c99fddfba..a9461ba54 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -165,7 +165,8 @@ iiab_home_url: /home # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki -# PostgreSQL - SEE roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml, roles/postgresql/tasks/main.yml +# PostgreSQL auto-installed by Moodle &/or Pathagar as nec, no need to touch! +# roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml postgresql_install: False postgresql_enabled: False From a92c1b31117755e7b86b5dfc155a3a3f05888a26 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:32:35 -0400 Subject: [PATCH 214/393] mysql passwd was stated twice --- vars/default_vars.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index a9461ba54..497a13901 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -136,7 +136,6 @@ allow_apache_sudo: False # MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True mysql_enabled: True -# password is fixmysql # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 mysql_root_password: fixmysql From 08bdf48ea3f9dfb1ad9e0453c8e11972ce14f10b Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:33:23 -0400 Subject: [PATCH 215/393] Abbreviated. Explanation is in default_vars.html --- vars/medium.localvars | 1 - 1 file changed, 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 9248e0eaf..73e1e96c9 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -59,7 +59,6 @@ openvpn_enabled: False # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" # PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! -# roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml postgresql_install: False postgresql_enabled: False From f8fb51243aced2e9aee5bddd1e29ded486be3886 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:45:03 -0400 Subject: [PATCH 216/393] cleanup+clarifs --- vars/medium.localvars | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 73e1e96c9..32a8e70db 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -45,9 +45,13 @@ dansguardian_enabled: False # wondershaper_install: False # wondershaper_enabled: False +# 1-PREP + +# 2-COMMON + # 3-BASE-SERVER -# MySQL mandatory installation here +# roles/mysql runs here # 4-SERVER-OPTIONS @@ -58,6 +62,8 @@ openvpn_enabled: False # openvpn_cron_enabled: True # If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn" +# roles/network runs here (MANY SETTINGS ABOVE) + # PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! postgresql_install: False postgresql_enabled: False From 54b1dfe54b84f3b5a9bd32467b6dca62d2ce3103 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:45:13 -0400 Subject: [PATCH 217/393] cleanup+clarifs --- vars/default_vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 497a13901..4f286be21 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -129,9 +129,9 @@ schooltool_enabled: False # Needed if you want http://box/common/services/power_off.php to work allow_apache_sudo: False -# HTTPD role runs here. +# roles/httpd runs here -# IIAB-ADMIN role runs here. +# roles/iiab-admin runs here # MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True @@ -151,7 +151,7 @@ openvpn_cron_enabled: False openvpn_install: True openvpn_enabled: False -# NETWORK role runs here. +# roles/network runs here (MANY SETTINGS ABOVE) # Homepage # Default to the GUI where the selection is made or override in local_vars.yml From 239a7c6ffcc38482f6bea20567bdd958b6736c0a Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:49:56 -0400 Subject: [PATCH 218/393] MySQL mandatory (clarif) --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4f286be21..48555b782 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -133,7 +133,7 @@ allow_apache_sudo: False # roles/iiab-admin runs here -# MySQL - THESE HAVE NO EFFECT - DE FACTO DEFAULTS IN roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml +# MySQL MANDATORY - THESE SETTINGS HAVE NO EFFECT - SEE roles/1-prep/tasks/computed_vars.yml, roles/mysql/tasks/main.yml mysql_install: True mysql_enabled: True # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 From 7c2b8a97033295d015937be2531e4204fc8364a0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 13:50:04 -0400 Subject: [PATCH 219/393] MySQL mandatory (clarif) --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 32a8e70db..ac39788c6 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -51,7 +51,7 @@ dansguardian_enabled: False # 3-BASE-SERVER -# roles/mysql runs here +# roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS From 38a87bbcc1acff7c3b4c9807717507bfde6272c6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 23:29:32 -0400 Subject: [PATCH 221/393] cleanup for readability --- roles/1-prep/tasks/raspberry_pi_2.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/1-prep/tasks/raspberry_pi_2.yml b/roles/1-prep/tasks/raspberry_pi_2.yml index 43a66dc25..f93f734ee 100644 --- a/roles/1-prep/tasks/raspberry_pi_2.yml +++ b/roles/1-prep/tasks/raspberry_pi_2.yml @@ -26,23 +26,23 @@ mode=0644 when: rtc_id != "none" -- name: pre-Install packages +- name: Pre-install packages package: name={{ item }} state=latest with_items: - ntp -- name: increase the swap file size (kalite pip download fails) +- name: Increase the swap file size (kalite pip download fails) lineinfile: regexp="^CONF_SWAPSIZE" line=CONF_SWAPSIZE=500 dest=/etc/dphys-swapfile when: is_debuntu -- name: restart the swap service +- name: Restart the swap service command: /etc/init.d/dphys-swapfile restart when: is_debuntu -- name: Add rpi rootfs resizing service +- name: Add RPi rootfs resizing service template: src={{ item.src }} dest={{ item.dest }} owner=root @@ -55,4 +55,3 @@ - name: Enable rootfs resizing service service: name=iiab-rpi-root-resize enabled=yes - From 17d116433748876f7fa4009dc97f41cb192b55e4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 23:30:29 -0400 Subject: [PATCH 222/393] cleanup for readability --- roles/2-common/tasks/xo.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index 4c7c1237e..168f978bc 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -25,7 +25,7 @@ regexp='^%_excludedocs' state=absent -- name: pre-Install packages +- name: Pre-install packages package: name={{ item }} state=latest with_items: @@ -34,7 +34,7 @@ - man-db - man-pages -- name: re-Install packages +- name: Re-install packages shell: yum -y reinstall sed libidn grep which util-linux wget gnupg2 groff gnash yum when: not osbuilder is defined @@ -44,7 +44,7 @@ option=plugins value=ifcfg-rh,keyfile -- name: check for modem config file +- name: Check for modem config file stat: path=/etc/NetworkManager/system-connections/"Sugar Modem Connection" register: config From 0ffbd6f11954dff28184199354a56f9d39a3ed84 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 30 Oct 2017 23:34:39 -0400 Subject: [PATCH 223/393] cleanup for readability --- roles/2-common/tasks/packages.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 700159be6..e409b5dee 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -1,16 +1,16 @@ -- name: install yum deps for arm!!! +- name: Install yum deps for arm!!! shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 -- name: install yum from Fedora 23 for arm!!! +- name: Install yum from Fedora 23 for arm!!! shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 -- name: install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!! +- name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!! shell: dnf install -y yum when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l" -- name: get the createrepo program +- name: Get the createrepo program package: name=createrepo state=present when: is_redhat From f845efb421f4e257ba007cc148d6ffe8703d0356 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 31 Oct 2017 10:12:35 -0400 Subject: [PATCH 224/393] readability tweak --- roles/2-common/tasks/iiab_ini.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/iiab_ini.yml b/roles/2-common/tasks/iiab_ini.yml index 32607d738..90db8f296 100644 --- a/roles/2-common/tasks/iiab_ini.yml +++ b/roles/2-common/tasks/iiab_ini.yml @@ -14,7 +14,7 @@ - option: 'iiab_dir' value: '{{ iiab_dir }}' -- name: add version section +- name: Add version section ini_file: dest='{{ iiab_config_file }}' section=version option='{{ item.option }}' From 48a922cd6ff3ea5a2d7a61724c4d004fefb1d05d Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 31 Oct 2017 13:03:08 -0400 Subject: [PATCH 225/393] calrif on Squid execution path --- vars/medium.localvars | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/medium.localvars b/vars/medium.localvars index ac39788c6..96cd8d7d7 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -35,6 +35,7 @@ iiab_gateway_enabled: False # Make this False to disable http://box/common/services/power_off.php button: allow_apache_sudo: True +# Stages 3 & 4 must be run (using iiab-install or runtags) if changing these: squid_install: False squid_enabled: False From 6506313223f365f6bd5ce54f3db3bd56839ed858 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 1 Nov 2017 13:11:34 -0400 Subject: [PATCH 226/393] no_admin variable explained --- vars/default_vars.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 48555b782..f1456ca3c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -26,8 +26,17 @@ service_filelist: "{{ iiab_config_file }}" disregard_network: False # use cache or error out if cache does not exist # Users and Passwords -# obtain a password hash with - python -c 'import crypt; print crypt.crypt("", "$6$<salt>")' +# Uncomment the following if you don't want iiab_admin_user (by default +# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml +# Also disables sudo-based verification of published passwords. +# no_admin: "" + +# If no_admin variable is established above (its actual value is IGNORED) also +# set iiab_admin_user (below) to an existing Linux user that has sudo access. +# This is the username you'll use to login to Admin Console @ http://box/admin + +# obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' iiab_admin_user: iiab-admin iiab_admin_passw_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. From 076aafe560cd3d62d35ac51fc2d173bffa9c00c8 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 1 Nov 2017 13:14:40 -0400 Subject: [PATCH 227/393] no_admin var explained --- vars/medium.localvars | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/vars/medium.localvars b/vars/medium.localvars index 96cd8d7d7..226915f14 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -6,6 +6,18 @@ # Original Idea: branch github.com/xsce/xsce-local for your deployment +# Users and Passwords + +# Uncomment the following if you don't want iiab_admin_user (by default +# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml +# Also disables sudo-based verification of published passwords. + +# no_admin: "" + +# If no_admin variable is established above (its actual value is IGNORED) also +# set iiab_admin_user (below) to an existing Linux user that has sudo access. +# This is the username you'll use to login to Admin Console @ http://box/admin + iiab_admin_user: iiab-admin # Obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' From 5455f43c8bf41b2d040fd1f98b681b973da1ffc5 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 1 Nov 2017 13:15:59 -0400 Subject: [PATCH 228/393] no_admin clarified/sync'd with medium.localvars --- vars/default_vars.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index f1456ca3c..0a95140ce 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -30,14 +30,16 @@ disregard_network: False # use cache or error out if cache does not exist # Uncomment the following if you don't want iiab_admin_user (by default # iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml # Also disables sudo-based verification of published passwords. + # no_admin: "" # If no_admin variable is established above (its actual value is IGNORED) also # set iiab_admin_user (below) to an existing Linux user that has sudo access. # This is the username you'll use to login to Admin Console @ http://box/admin -# obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' iiab_admin_user: iiab-admin + +# Obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' iiab_admin_passw_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. # Languages From 6b8cdf7831f30f117c8f442981dca211ef709c22 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 01:20:13 -0400 Subject: [PATCH 229/393] obectionable -> objectionable --- roles/network/tasks/squid.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 595a24e06..47c67cd6f 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -95,6 +95,6 @@ - option: name value: dansguardian - option: description - value: '"DansGuardian searches web content for obectionable references and denies access when found."' + value: '"DansGuardian searches web content for objectionable references and denies access when found."' - option: enabled value: "{{ dansguardian_enabled }}" From 38ce25d53d30395feabc0d99c789253bcf385b27 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 01:22:20 -0400 Subject: [PATCH 230/393] indent clauses within "case $OS in..." --- runansible | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/runansible b/runansible index 5db3ab21f..b7f0eb5b9 100755 --- a/runansible +++ b/runansible @@ -11,15 +11,15 @@ if [ ! -f ./vars/local_vars.yml ]; then case $OS in OLPC | fedora) - cp ./vars/olpc.localvars ./vars/local_vars.yml - ;; + cp ./vars/olpc.localvars ./vars/local_vars.yml + ;; centos | debian | ubuntu | raspbian) - cp ./vars/medium.localvars ./vars/local_vars.yml - ;; + cp ./vars/medium.localvars ./vars/local_vars.yml + ;; *) - echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." - exit 1 - ;; + echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." + exit 1 + ;; esac fi From c4ca29a2032c700da5a5c2602e7bfc21d8fdff17 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 02:11:34 -0400 Subject: [PATCH 231/393] clarif: php-zip name for Debian 9 or Ubuntu (vs Debian 8) --- roles/moodle/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index 04abeede2..c618a0b4f 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -21,11 +21,11 @@ - php{{ php_version }}-cli when: is_debuntu -- name: php-zip debian 8-9 changed name +- name: php-zip name for Debian 9 or Ubuntu package: name=php{{ php_version }}-zip when: is_debian_9 or is_ubuntu -- name: php-zip debian 8-9 changed name +- name: php-zip name for Debian 8 package: name=php-pclzip when: is_debian_8 From 749846fb0a14826ed490d7b9db47cb4ab1438541 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 02:31:13 -0400 Subject: [PATCH 232/393] Sugarizer description --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 0e0e8efa2..f974d3df4 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -93,6 +93,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform is a leading learning platform that began in the famous One Laptop Per Child project. Sugarizer is a web implementation of that platform."' + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/Javascript implementation of Sugar, usable in most all browsers."' - option: enabled value: "{{ sugarizer_enabled }}" From d59d09c4b7b49eaf16c5a264e7dbe3c756d7cfd9 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Thu, 2 Nov 2017 02:35:35 -0400 Subject: [PATCH 233/393] description tweak (JavaScript) --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index f974d3df4..29764d060 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -93,6 +93,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/Javascript implementation of Sugar, usable in most all browsers."' + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' - option: enabled value: "{{ sugarizer_enabled }}" From 9e27cab6fc42fab895c7e56fc6900cfcb5b6ec05 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Fri, 3 Nov 2017 12:42:04 -0400 Subject: [PATCH 234/393] English cleaned up. --- roles/cups/tasks/main.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 012aa3685..05dca2a2b 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -1,5 +1,5 @@ # administer this service by browsing to localhost:631 -- name: get the CUPS package installed +- name: Get the CUPS package installed package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Put our own config file in place, to permit local lan admin +- name: Put our own config file in place, to permit local LAN admin template: dest=/etc/cups/cupsd.conf src=cupsd.conf @@ -22,7 +22,7 @@ state=link when: cups_enabled and is_debuntu -- name: Enable services for cups +- name: Enable services for CUPS service: name={{ item }} state=started enabled=yes @@ -31,17 +31,17 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable services for cups for XO laptops +- name: Enable services for CUPS for Fedora 18 (XO laptops) service: name=cups state=started enabled=yes when: cups_enabled and is_F18 -- name: Permit headless admin of CUPS -- only works when cups daemon is running +- name: Permit headless admin of CUPS -- only works when CUPS daemon is running shell: "cupsctl --remote-admin" when: cups_enabled -- name: Disable services for cups +- name: Disable services for CUPS service: name={{ item }} state=stopped enabled=no @@ -50,13 +50,13 @@ - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for cups for XO laptops +- name: Disable services for CUPS for Fedora 18 (XO laptops) service: name=cups state=stopped enabled=no when: not cups_enabled and is_F18 -- name: add cups to service list +- name: Add 'cups' to service list ini_file: dest={{ service_filelist }} section=cups option={{ item.option }} @@ -65,7 +65,7 @@ - option: name value: '"Common UNIX Printing System (CUPS)"' - option: description - value: '"CUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' + value: '"CUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' - option: installed value: "{{ cups_install }}" - option: enabled From 397bb2781b4c06cb0d2633f7c6ee315287d5435f Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 4 Nov 2017 15:33:52 -0400 Subject: [PATCH 235/393] restart kiwix-serve 4AM nightly (not 15min after every hour) --- roles/kiwix/tasks/kiwix_install.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index e27760ae5..be9c6d058 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -75,15 +75,15 @@ command: "chown -R root:root {{ iiab_base }}" # workaround because kiwix-serve does not stay running -- name: Make an entry in crontab to restart every hour +- name: Make an entry in crontab to restart at 4AM # * * * * * user-name command to be executed - lineinfile: line="15 * * * * root /bin/systemctl restart kiwix-serve.service" + lineinfile: line="0 4 * * * root /bin/systemctl restart kiwix-serve.service" dest=/etc/crontab when: is_debuntu -- name: Make an entry in crontab to restart every hour +- name: Make an entry in crontab to restart at 4AM # * * * * * user-name command to be executed - lineinfile: line="15 * * * * root /usr/bin/systemctl restart kiwix-serve.service" + lineinfile: line="0 4 * * * root /usr/bin/systemctl restart kiwix-serve.service" dest=/etc/crontab when: is_redhat From 899b0c8c26f647cdfb54389d0c4c3e4a050a3aff Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 4 Nov 2017 15:49:03 -0400 Subject: [PATCH 236/393] Messaging --- roles/kiwix/tasks/kiwix_install.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index be9c6d058..48c1d439a 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -1,4 +1,4 @@ -- name: Create various directories for ZIM files +- name: Create various directories for Kiwix's ZIM files file: path={{ item }} owner=root group=root @@ -9,11 +9,11 @@ - "{{ kiwix_content_path }}" - "{{ iiab_zim_path }}/index" -- name: Check for kiwix-serve binary +- name: Check for 'kiwix-serve' binary stat: path={{ iiab_base }}/kiwix/bin/kiwix-serve register: kiwix_bin -- name: Set kiwix first pass +- name: Set kiwix_first_pass set_fact: kiwix_first_pass: True when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists @@ -47,7 +47,7 @@ group=root when: not kiwix_src_bin_only and kiwix_first_pass -- name: Create directory for kiwix bin +- name: Create kiwix/bin directory file: path="{{ iiab_base }}/kiwix/bin" owner=root group=root @@ -63,7 +63,7 @@ - rewrite when: is_debuntu -- name: Unarchive it to permanent location - bin only +- name: Unarchive Kiwix to permanent location - bin only unarchive: src="{{ downloads_dir }}/{{ kiwix_src_file }}" dest="{{ iiab_base }}/kiwix/bin" owner=root @@ -71,17 +71,17 @@ when: kiwix_src_bin_only and kiwix_first_pass # workaround because unarchive does not set ownership properly -- name: Set kiwix ownership to root [WARNING chown -R across all of /opt/iiab] +- name: "Set Kiwix ownership - WARNING 'chown -R root:root' runs across all of /opt/iiab" command: "chown -R root:root {{ iiab_base }}" # workaround because kiwix-serve does not stay running -- name: Make an entry in crontab to restart at 4AM +- name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu) # * * * * * user-name command to be executed lineinfile: line="0 4 * * * root /bin/systemctl restart kiwix-serve.service" dest=/etc/crontab when: is_debuntu -- name: Make an entry in crontab to restart at 4AM +- name: Make a crontab entry to restart kiwix-serve at 4AM (redhat) # * * * * * user-name command to be executed lineinfile: line="0 4 * * * root /usr/bin/systemctl restart kiwix-serve.service" dest=/etc/crontab @@ -89,7 +89,7 @@ # Create kiwix service -- name: Create kiwix-serve service +- name: Create 'kiwix-serve' service template: backup=no src={{ item.src }} dest={{ item.dest }} @@ -105,7 +105,7 @@ - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} -- name: Add kiwix-serve to list of services +- name: Add 'kiwix-serve' to list of services ini_file: dest='{{ service_filelist }}' section=kiwix-serve option='{{ item.option }}' @@ -130,13 +130,13 @@ - option: enabled value: "{{ kiwix_enabled }}" -- name: Enable kiwix-serve service +- name: Enable 'kiwix-serve' service service: name=kiwix-serve enabled=yes state=restarted when: kiwix_enabled -- name: Disable kiwix-serve service +- name: Disable 'kiwix-serve' service service: name=kiwix-serve enabled=no state=stopped From d748a14cbda76758663b4e330b6831b856366679 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 4 Nov 2017 16:00:27 -0400 Subject: [PATCH 237/393] "chown -R root:root /opt/iiab/kiwix" (not all of /opt/iiab) --- roles/kiwix/tasks/kiwix_install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 48c1d439a..54d7d4d86 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -71,8 +71,8 @@ when: kiwix_src_bin_only and kiwix_first_pass # workaround because unarchive does not set ownership properly -- name: "Set Kiwix ownership - WARNING 'chown -R root:root' runs across all of /opt/iiab" - command: "chown -R root:root {{ iiab_base }}" +- name: "Set ownership: 'chown -R root:root /opt/iiab/kiwix'" + command: "chown -R root:root {{ iiab_base }}/kiwix" # workaround because kiwix-serve does not stay running - name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu) From a276def718eb2a231de49b649b21a6ae89120b96 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:16:18 -0400 Subject: [PATCH 238/393] Tighten up messaging --- roles/calibre/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/calibre/tasks/main.yml b/roles/calibre/tasks/main.yml index 193a24db5..9852e05c8 100644 --- a/roles/calibre/tasks/main.yml +++ b/roles/calibre/tasks/main.yml @@ -6,13 +6,13 @@ mode=0755 when: ansible_distribution == "CentOS" -- name: Install Calibre +- name: Install Calibre (CentOS) shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null" args: creates: /usr/bin/calibre-uninstall when: calibre_install and ansible_distribution == 'CentOS' -- name: Install Calibre rpms +- name: Install Calibre (OS's other than CentOS) # the fedora rpm arm version, though older, takes care of dependencies, and exists package: name={{ item }} state=present @@ -20,7 +20,7 @@ - calibre when: calibre_install and ansible_distribution != 'CentOS' -- name: Create Calibre service(s) and support scripts +- name: Create calibre-serve.service and calibre.conf template: backup=no src={{ item.src }} dest={{ item.dest }} @@ -52,7 +52,7 @@ state=stopped when: not calibre_enabled -- name: Add Calibre to service list +- name: Add 'calibre-serve' to service list ini_file: dest='{{ service_filelist }}' section=calibre option='{{ item.option }}' From c215dc0f8f19ec3d462d2d858246f1b2f3599936 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:23:34 -0400 Subject: [PATCH 239/393] Tighter messaging --- roles/nextcloud/tasks/nextcloud_enabled.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml index cc9c26b2c..e78c4dfc5 100644 --- a/roles/nextcloud/tasks/nextcloud_enabled.yml +++ b/roles/nextcloud/tasks/nextcloud_enabled.yml @@ -1,10 +1,10 @@ # This should go in computed_network.yml, but here for now -- name: Compute nextcloud listen ip addr for nextcloud.conf +- name: Compute Nextcloud listen ip addr for nextcloud.conf set_fact: nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}" when: ansible_default_ipv4.network is defined -- name: Enable nextcloud by copying template to httpd config +- name: Enable Nextcloud by copying template to httpd config template: src=nextcloud.conf.j2 dest=/etc/{{ apache_config_dir }}/nextcloud.conf owner=root @@ -12,7 +12,7 @@ mode=0644 when: nextcloud_enabled -- name: Enable nextcloud +- name: Enable Nextcloud file: path=/etc/apache2/sites-enabled/nextcloud.conf src=/etc/apache2/sites-available/nextcloud.conf state=link @@ -23,18 +23,18 @@ state=absent when: not nextcloud_enabled and is_redhat -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted # the install wizard does not succeed if already installed -- name: Determine if nextcloud is installed +- name: Determine if Nextcloud is installed shell: > sudo -u {{ apache_user }} php '{{ nextcloud_prefix }}/nextcloud/occ' status | gawk '/installed:/ { print $3 }' register: returned -- name: Run nextcloud initial install wizard +- name: Run Nextcloud initial install wizard shell: > cd {{ nextcloud_prefix }}/nextcloud; sudo -u {{ apache_user }} php occ maintenance:install @@ -46,13 +46,13 @@ --admin-pass "{{ nextcloud_admin_password }}" when: nextcloud_enabled and returned.stdout == "false" -- name: allow access from all hosts and ips +- name: Allow access from all hosts and ips command: php '{{ nextcloud_prefix }}/nextcloud/occ' config:system:set trusted_domains 1 --value=* become: true become_user: "{{ apache_user }}" when: nextcloud_enabled and returned.stdout == "false" -- name: Determine if nextcloud user exists already +- name: Determine if Nextcloud user exists already shell: > sudo -u {{ apache_user }} php '{{ nextcloud_prefix }}/nextcloud/occ' user:list | @@ -60,7 +60,7 @@ register: returned_count # nextcloud wants to make users rather than just mysql users and not done -- name: create the default user +- name: Create the default user shell: > su -s /bin/sh {{ apache_user }} -c 'OC_PASS={{ nextcloud_user_password }}; From ff378c49339dfea95fe3b694fdbe094a6606f32b Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:44:34 -0400 Subject: [PATCH 240/393] Tighter messaging --- roles/nextcloud/tasks/main.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 06e8c9bfc..67019a3b2 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -9,14 +9,14 @@ # but we use the tar file to get the latest version - name: Get the Nextcloud software - get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} + get_url: url={{ nextcloud_dl_url }}/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} when: internet_available async: 900 poll: 15 tags: - download -- name: Ubuntu and Debian treat names differently +- name: Ubuntu and Debian treat names differently (debian) package: name={{ item }} state=present with_items: - libapache2-mod-php{{ php_version }} @@ -24,7 +24,7 @@ - php{{ php_version }}-zip when: is_debian -- name: Ubuntu and Debian treat names differently +- name: Ubuntu and Debian treat names differently (ubuntu) package: name={{ item }} state=present with_items: - libapache2-mod-php @@ -33,7 +33,7 @@ - php-mbstring when: is_ubuntu -- name: Install list of packages for debuntu +- name: Install list of packages (debuntu) package: name={{ item }} state=present with_items: - php{{ php_version }}-gd @@ -44,7 +44,7 @@ - php{{ php_version }}-mcrypt when: is_debuntu -- name: Install list of packages +- name: Install list of packages (redhat) package: name={{ item }} state=present with_items: - php @@ -58,14 +58,14 @@ # - php-imagick when: is_redhat -- name: Copy it to permanent location /opt +- name: Copy it to permanent location /opt (OS's other than Fedora 18) unarchive: src={{ downloads_dir }}/{{ nextcloud_src_file }} dest={{ nextcloud_prefix }} creates={{ nextcloud_prefix }}/nextcloud/version.php when: not is_F18 # ansible 1.4.1 does not have "creates" -- name: Copy it to permanent location /opt +- name: Copy it to permanent location /opt (Fedora 18) unarchive: src={{ downloads_dir }}/{{ nextcloud_src_file }} dest={{ nextcloud_prefix }} when: is_F18 @@ -75,7 +75,7 @@ state=directory when: is_centos -- name: Add autoconfig file +- name: Add autoconfig file (CentOS) template: src=autoconfig.php.j2 dest={{ nextcloud_prefix }}/nextcloud/config/autoconfig.php owner={{ apache_user }} @@ -120,7 +120,7 @@ # Enable nextcloud by copying template to httpd config # following enables and disables -- include: nextcloud_enabled.yml +- include_tasks: nextcloud_enabled.yml - name: Add Nextcloud to service list ini_file: dest='{{ service_filelist }}' From 0ad88a3368b0c5e3e40c8b77abb4ea9cfd958770 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:46:47 -0400 Subject: [PATCH 241/393] Update main.yml --- roles/nextcloud/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 67019a3b2..60186385a 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -16,7 +16,7 @@ tags: - download -- name: Ubuntu and Debian treat names differently (debian) +- name: Ubuntu and Debian treat names differently (Debian) package: name={{ item }} state=present with_items: - libapache2-mod-php{{ php_version }} @@ -24,7 +24,7 @@ - php{{ php_version }}-zip when: is_debian -- name: Ubuntu and Debian treat names differently (ubuntu) +- name: Ubuntu and Debian treat names differently (Ubuntu) package: name={{ item }} state=present with_items: - libapache2-mod-php From 6dec11c4eb8a289be07df7b4c628f2f9b3b75602 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:52:18 -0400 Subject: [PATCH 242/393] Messaging cleaner --- roles/kalite/tasks/enable.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/kalite/tasks/enable.yml b/roles/kalite/tasks/enable.yml index 0c62de120..ed278a863 100644 --- a/roles/kalite/tasks/enable.yml +++ b/roles/kalite/tasks/enable.yml @@ -1,18 +1,18 @@ # By the time we get here we should have ka-lite of some version # And the systemd unit files should be defined -- name: Enable kalite-serve service +- name: Enable 'kalite-serve' service service: name=kalite-serve enabled=yes state=started -- name: Disable kalite-serve service +- name: Disable 'kalite-serve' service service: name=kalite-serve enabled=no state=stopped when: not kalite_enabled -# Since Fedora 18 we don't have a separate unit fiile for kalite-cron +# Since Fedora 18 we don't have a separate unit file for kalite-cron - name: Disable kalite cron server F18 service: name=kalite-cron From 26e7c59015e2a679937fabab219b5a97906719be Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:01:26 -0500 Subject: [PATCH 243/393] Cleaner messaging --- roles/kalite/tasks/install.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index ea1d2fd5c..5bbc39d5a 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -1,6 +1,6 @@ # This is for an OS other than Fedora 18 -- name: Install missing packages required for kalite startup +- name: Install missing packages required for KA Lite startup package: name={{ item }} state=present with_items: @@ -10,7 +10,7 @@ get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt when: internet_available -- name: Install ka-lite dependencies with pip +- name: Install KA Lite dependencies with pip (debuntu) pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no @@ -19,7 +19,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install ka-lite with pip +- name: Install KA Lite with pip (OS's other than debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} @@ -29,7 +29,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install ka-lite dependencies with pip +- name: Install KA Lite dependencies with pip (debuntu) pip: requirements={{ pip_packages_dir }}/kalite.txt virtualenv={{ kalite_venv }} virtualenv_site_packages=no @@ -37,7 +37,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and not is_debuntu -- name: Install ka-lite with pip +- name: Install KA Lite with pip (OS's other than debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} @@ -46,7 +46,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and not is_debuntu -- name: Default is to have cronserve started with kalite +- name: Default is to have cronserve started with KA Lite set_fact: job_scheduler_stanza: "" @@ -55,7 +55,7 @@ job_scheduler_stanza: "--skip-job-scheduler " when: not kalite_cron_enabled -- name: Create kalite service(s) and support scripts +- name: Create 'kalite-serve' service, kalite.sh and kalite.conf template: backup=no src={{ item.src }} dest={{ item.dest }} From 1c8110c7e9dd77537d50f581913bd13d959fff5b Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:06:15 -0500 Subject: [PATCH 244/393] Cleaner messaging --- roles/kalite/tasks/install-f18.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/kalite/tasks/install-f18.yml b/roles/kalite/tasks/install-f18.yml index 82910c7c8..bad6c551a 100644 --- a/roles/kalite/tasks/install-f18.yml +++ b/roles/kalite/tasks/install-f18.yml @@ -1,6 +1,6 @@ # This is for Fedora 18, assumed to be an XO -- name: Install dependent packages F18 +- name: Install dependent packages (Fedora 18) package: name={{ item }} state=present with_items: @@ -8,35 +8,35 @@ - expect when: is_F18 -- name: Install dependent pip packages F18 +- name: Install dependent pip packages (Fedora 18) pip: name=selenium - when: internet_available and is_F18 + when: internet_available and is_F18 -- name: Determine if kalite is already downloaded +- name: Determine if KA Lite is already downloaded stat: path={{ downloads_dir }}/ka-lite register: kalite -- name: Download the latest kalite repo +- name: Download the latest KA Lite repo git: repo={{ kalite_repo_url }} dest={{ downloads_dir }}/ka-lite depth=1 version="0.13.x" ignore_errors: yes - when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists + when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists -- name: Create iiab-kalite user and password F18 +- name: Create iiab-kalite user and password (Fedora 18) user: name={{ kalite_user }} password={{ kalite_password_hash }} update_password=on_create -- name: Create kalite_root directory F18 +- name: Create kalite_root directory (Fedora 18) file: path={{ kalite_root }} owner=root group=root mode=0755 state=directory -- name: Copy the kalite repo into place F18 +- name: Copy the KA Lite repo into place (Fedora 18) command: "rsync -at {{ downloads_dir }}/ka-lite/ {{ kalite_root }}" - name: Make kalite_user owner @@ -54,7 +54,7 @@ group={{ kalite_user }} mode=0644 -- name: Create kalite service(s) and support scripts +- name: Create kalite-serve & kalite-cron services, and iiab_cronservectl.sh template: backup=no src={{ item.src }} dest={{ item.dest }} From 9ae9b71690fb6f2434eac00f65003e3b62f92dc8 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:10:13 -0500 Subject: [PATCH 245/393] Tighter messaging --- roles/kalite/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/kalite/tasks/main.yml b/roles/kalite/tasks/main.yml index b0c02471d..ed69c882d 100644 --- a/roles/kalite/tasks/main.yml +++ b/roles/kalite/tasks/main.yml @@ -2,39 +2,39 @@ # Assume all XOs are F18 and nothing else is -- name: Calc kalite db file name F18 +- name: Calc KA Lite db file name (Fedora 18) set_fact: kalite_db_name: "{{ kalite_root }}/kalite/database/data.sqlite" when: is_F18 -- name: Calc kalite db file name +- name: Calc KA Lite db file name (OS's other than Fedora 18) set_fact: kalite_db_name: "{{ kalite_root }}/database/data.sqlite" when: not is_F18 -- name: See if kalite is already configured +- name: See if KA Lite is already configured stat: path="{{ kalite_db_name }}" register: kalite_installed -- include: install-f18.yml +- include_tasks: install-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: install.yml +- include_tasks: install.yml when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 - name: Ask systemd to reread the unit files shell: systemctl daemon-reload when: not kalite_installed.stat.exists -- include: setup-f18.yml +- include_tasks: setup-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: setup.yml +- include_tasks: setup.yml when: not kalite_installed.stat.exists and not is_F18 -- include: enable.yml +- include_tasks: enable.yml -- name: Add kalite to service list +- name: Add 'kalite-serve' to service list ini_file: dest='{{ service_filelist }}' section=kalite option='{{ item.option }}' @@ -43,7 +43,7 @@ - option: name value: kalite - option: description - value: '"KA-Lite is a server to present Khan Academy videos offline and to download them."' + value: '"KA Lite is a server to present Khan Academy videos offline and to download them."' - option: path value: "{{ kalite_root }}" - option: server_name From 89b858df0aaf7b331f7068fd7f4f5fcf2d6eb38a Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:11:53 -0500 Subject: [PATCH 246/393] Clarify messaging --- roles/kalite/tasks/setup-f18.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kalite/tasks/setup-f18.yml b/roles/kalite/tasks/setup-f18.yml index 688ba1c09..23037d260 100644 --- a/roles/kalite/tasks/setup-f18.yml +++ b/roles/kalite/tasks/setup-f18.yml @@ -1,11 +1,11 @@ # This is for Fedora 18, assumed to be an XO -- name: Run the setup using kalite manage F18 +- name: Run the setup using 'kalite manage' (Fedora 18) command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite manage setup --username={{ kalite_user }} --password={{ kalite_password }} --noinput'" async: 900 poll: 10 -- name: Finish setup by running kalite start F18 +- name: Finish setup by running 'kalite start' (Fedora 18) command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite start'" async: 900 poll: 10 From ec28fbc50ef838f023b567921c93989d299ba160 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 01:12:57 -0500 Subject: [PATCH 247/393] Messaging tweak --- roles/kalite/tasks/setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kalite/tasks/setup.yml b/roles/kalite/tasks/setup.yml index 37d900100..2ad239833 100644 --- a/roles/kalite/tasks/setup.yml +++ b/roles/kalite/tasks/setup.yml @@ -7,7 +7,7 @@ mode=0755 state=directory -- name: Run the setup using kalite manage +- name: Run the setup using 'kalite manage' command: "{{ kalite_program }} manage setup --username={{ kalite_admin_user }} --password={{ kalite_admin_password }} --noinput" environment: KALITE_HOME: "{{ kalite_root }}" From 8b2f69d7b96ec7c5a4364311b5b7c3c0cd9cb298 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sun, 5 Nov 2017 02:50:08 -0500 Subject: [PATCH 248/393] Messaging Clarifs --- roles/cups/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 05dca2a2b..111b5098e 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -22,7 +22,7 @@ state=link when: cups_enabled and is_debuntu -- name: Enable services for CUPS +- name: Enable services for CUPS (OS's other than Fedora 18) service: name={{ item }} state=started enabled=yes @@ -31,7 +31,7 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable services for CUPS for Fedora 18 (XO laptops) +- name: Enable services for CUPS (Fedora 18, for XO laptops) service: name=cups state=started enabled=yes @@ -41,7 +41,7 @@ shell: "cupsctl --remote-admin" when: cups_enabled -- name: Disable services for CUPS +- name: Disable services for CUPS (OS's other than Fedora 18) service: name={{ item }} state=stopped enabled=no @@ -50,7 +50,7 @@ - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for CUPS for Fedora 18 (XO laptops) +- name: Disable services for CUPS (Fedora 18, for XO laptops) service: name=cups state=stopped enabled=no From d8a57c15a11563073770213ebdea53ec2606d528 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 00:04:18 -0600 Subject: [PATCH 249/393] vnstat - guard against iiab_lan_iface not defined in Appliance Mode --- roles/vnstat/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 97ddea6c7..2a42bee7d 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -19,7 +19,7 @@ - name: Create database for LAN to collect vnStat data if not appliance config shell: /usr/bin/vnstat -i {{ iiab_lan_iface }} - when: not iiab_lan_iface == "" + when: iiab_lan_iface is defined - name: Start vnStat daemon via systemd service: name=vnstat enabled=yes state=started From f7ace1858dbc3308b8a565b48c664e3439647ad7 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 6 Nov 2017 07:44:01 -0500 Subject: [PATCH 250/393] revert June 9 change to historical docs https://github.com/jvonau/iiab/commit/f319afa432eaeba937d722d0d20410dec0cba34c#diff-aede8d6f742ef20e82702a1de3b50723 --- README-historical.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README-historical.md b/README-historical.md index 954c97fcc..f1da871b1 100644 --- a/README-historical.md +++ b/README-historical.md @@ -34,8 +34,8 @@ Please read the `installation`_ documentation. See the `XSCE project`_ for more information about the project. -.. _XSCE wiki: https://github.com/XSCE/iiab/wiki -.. _installation: https://github.com/XSCE/iiab/wiki/XSCE-Installation +.. _XSCE wiki: https://github.com/XSCE/xsce/wiki +.. _installation: https://github.com/XSCE/xsce/wiki/XSCE-Installation .. _ansible: http://www.ansibleworks.com/ .. _ansible documentation: http://www.ansibleworks.com/docs/ .. _XSCE project: http://schoolserver.org/ From 788407cc9ae35b1b392d66a74917045a3d16c77b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 27 Aug 2017 23:32:28 -0500 Subject: [PATCH 251/393] correct service name - stock interfaces - rebased edits --- roles/network/tasks/debian.yml | 10 +++------- roles/network/tasks/enable_services.yml | 3 --- roles/network/tasks/restart.yml | 6 ++++++ roles/network/tasks/rpi_debian.yml | 14 ++++---------- 4 files changed, 13 insertions(+), 20 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 27e50359d..7f0223134 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -55,13 +55,9 @@ service: name=networking state=restarted when: interface.changed -- name: Start up hostapd again - service: name=hostapd state=started - when: interface.changed - -- name: dhcpd may be affected - service: name=bind9 state=started - when: interface.changed +- name: start up dhcpcd again + service: name=dhcpcd state=started + when: interface.changed and dhcpcd_result == "enabled" #create lan br0 if lan_controller or gateway #create wan br0 if appliance diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 308a3056f..dd968341a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -110,9 +110,6 @@ - { 0: 'gateway/iiab-gen-iptables', 1: '/usr/bin/iiab-gen-iptables' } - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN' } -- name: Execute the script that sets up userspace firewall - shell: iiab-gen-iptables - - name: Add 'squid' to service list ini_file: dest='{{ service_filelist }}' section=squid diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 67ec681a5..61833144b 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -4,6 +4,12 @@ state=stopped when: not dhcpd_enabled +# assume NM is not running +- name: Start dhcpd + service: name=dhcpd + state=started + when: dhcpd_enabled and is_debuntu + - name: Stop named service service: name={{ dns_service }} state=stopped diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index c6e25bd3c..e563634d9 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -63,17 +63,11 @@ ignore_errors: True when: interface.changed -- name: Restart the networking service +- name: start up dhcpcd again + service: name=dhcpcd state=started + +- name: restart the networking service service: name=networking state=restarted - when: interface.changed - -- name: Start up hostapd again - service: name=hostapd state=started - when: interface.changed - -- name: dhcpd may be affected - service: name=bind9 state=started - when: interface.changed #create lan br0 if lan_controller or gateway #create wan br0 if appliance From 78cd58ca8a0e6785e58333e96bf0ae4b76940f40 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 9 Sep 2017 20:54:23 -0500 Subject: [PATCH 252/393] boolean in template needs ==t/f --- roles/network/tasks/debian.yml | 13 +++-- roles/network/tasks/rpi_debian.yml | 5 +- roles/network/templates/network/interfaces.j2 | 48 +++++++++++++++++-- 3 files changed, 58 insertions(+), 8 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 7f0223134..55a538712 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -23,20 +23,27 @@ - name: For upgrades from earlier IIAB 6.2, remove br0 file file: path=/etc/network/interfaces.d/br0 state=absent + when: iiab_lan_iface != "br0" and wan_ip == "dhcp" - name: Default to 'lan_controller' set_fact: gui_desired_network_role: "lan_controller" when: not gui_desired_network_role is defined -- name: Recover from putting config in /etc/network/interfaces - template: dest=/etc/network/interfaces - src=network/interfaces.j2 +- name: Supply resolvconf.conf + template: dest=/etc/resolvconf.conf + src=network/resolvconf.j2 + +- name: Supply dhcpcd.conf + template: dest=/etc/dhcpcd.conf + src=network/dhcpcd.conf.j2 + when: dhcpcd_result == "enabled" and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab src=network/iiab.j2 register: interface + when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - name: Start up the dhcpcd service service: name=dhcpcd diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index e563634d9..3aa7b7441 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -21,6 +21,7 @@ - name: On upgrade from earlier IIAB versions, remove /etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0 state=absent + when: iiab_lan_iface != "br0" and wan_ip == "dhcp" - name: Default to 'LanController' set_fact: @@ -33,12 +34,14 @@ - name: Supply our own dhcpcd.conf template: dest=/etc/dhcpcd.conf - src=network/dhcpcd.conf + src=network/dhcpcd.conf.j2 + when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - name: Copy the network config script template: dest=/etc/network/interfaces.d/iiab src=network/iiab.j2 register: interface + when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - name: If this was a change, things need to shift service: name=hostapd state=stopped diff --git a/roles/network/templates/network/interfaces.j2 b/roles/network/templates/network/interfaces.j2 index 54b3a2db9..fb2e3a28f 100644 --- a/roles/network/templates/network/interfaces.j2 +++ b/roles/network/templates/network/interfaces.j2 @@ -1,9 +1,49 @@ # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). -source /etc/network/interfaces.d/* +{% if iiab_network_mode == "Appliance" %} +################# APPLIANCE ######################### +{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet dhcp +{% else %} # gui_static_wan_ip is set +iface {{ iiab_wan_iface }} inet manual +{% endif %} {# end of dhcp_wan #} -# The loopback network interface -auto lo -iface lo inet loopback +{% if wan_ip != "dhcp" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet static + address {{ wan_ip }} + netmask {{ wan_netmask }} + gateway {{ wan_gateway }} + dns-nameservers {{ wan_nameserver }} + dns-search {{ iiab_domain }} +{% endif %} {# end of static_wan #} +{% elif iiab_network_mode == "Gateway" %} +################# GATEWAY ######################### +auto br0 +iface br0 inet static + bridge_ports {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} + + bridge_maxwait 0 + address {{ lan_ip }} + netmask {{ lan_netmask }} + dns-nameservers {{ lan_ip }} +{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet dhcp +{% else %} # gui_static_wan_ip is set +iface {{ iiab_wan_iface }} inet manual +{% endif %} {# end of dhcp_wan #} + +{% if wan_ip != "dhcp" %} +auto {{ iiab_wan_iface }} +iface {{ iiab_wan_iface }} inet static + address {{ wan_ip }} + netmask {{ wan_netmask }} + gateway {{ wan_gateway }} + dns-nameservers {{ wan_nameserver }} + dns-search {{ iiab_domain }} + {% endif %} +{% else %} {# end of iiab_network_mode == Gateway #} From c326a49de1cde90e094043254561bf6adb8ed95c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 16 Sep 2017 02:07:18 -0500 Subject: [PATCH 253/393] rename interfaces.j2 - rebased - edits --- roles/network/tasks/debian.yml | 20 +++++++++---------- roles/network/tasks/rpi_debian.yml | 2 +- .../network/{interfaces.j2 => systemd.j2} | 0 3 files changed, 11 insertions(+), 11 deletions(-) rename roles/network/templates/network/{interfaces.j2 => systemd.j2} (100%) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 55a538712..8be1ec8f6 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -9,16 +9,16 @@ # 4. In lan_controller: wan is off, eth0 and wlan0 under br0 # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway + +#- name: In upgrade from earlier IIAB 6.2, delete the resolvconf +# package: name=resolvconf +# state=absent +# enabled=False +# ignore_errors: True -- name: In upgrade from earlier IIAB 6.2, delete the resolvconf - package: name=resolvconf - state=absent - enabled=False - ignore_errors: True - -- name: Get the dhcp client daemon used in recent Raspbian - package: name=dhcpcd5 - state=present +#- name: Get the dhcp client daemon used in recent raspbian +# package: name=dhcpcd5 +# state=present - name: For upgrades from earlier IIAB 6.2, remove br0 file file: path=/etc/network/interfaces.d/br0 @@ -41,7 +41,7 @@ - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab - src=network/iiab.j2 + src=network/systemd.j2 register: interface when: iiab_lan_iface == "br0" or wan_ip != "dhcp" diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 3aa7b7441..2f4219aff 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -39,7 +39,7 @@ - name: Copy the network config script template: dest=/etc/network/interfaces.d/iiab - src=network/iiab.j2 + src=network/systemd.j2 register: interface when: iiab_lan_iface == "br0" or wan_ip != "dhcp" diff --git a/roles/network/templates/network/interfaces.j2 b/roles/network/templates/network/systemd.j2 similarity index 100% rename from roles/network/templates/network/interfaces.j2 rename to roles/network/templates/network/systemd.j2 From cc8494608e68732241b233f3fb6ae9988a8bcf9b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 9 Sep 2017 16:12:05 -0500 Subject: [PATCH 254/393] reorder dhcpcd networking services - rebased edits looks weird on redhat add systemd reload --- roles/network/tasks/computed_services.yml | 29 +++++++++++++---- roles/network/tasks/debian.yml | 36 ++++++++++++---------- roles/network/tasks/enable_services.yml | 18 ++++++++++- roles/network/tasks/ifcfg_mods.yml | 4 +++ roles/network/tasks/main.yml | 36 ++++++++++++++-------- roles/network/tasks/restart.yml | 10 +++--- roles/network/tasks/rpi_debian.yml | 8 +++-- roles/network/templates/network/systemd.j2 | 8 ++--- 8 files changed, 103 insertions(+), 46 deletions(-) diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 5b5bac4da..1ba1283d7 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -2,16 +2,12 @@ set_fact: dansguardian_enabled: False squid_enabled: False - named_enabled: True - dhcpd_enabled: False wondershaper_enabled: False iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" or user_lan_iface == "none" - name: LAN configured - 'LanController' mode set_fact: - named_enabled: True - dhcpd_enabled: True dansguardian_enabled: False squid_enabled: False wondershaper_enabled: False @@ -20,11 +16,32 @@ - name: LAN configured - 'Gateway' mode set_fact: - named_enabled: True - dhcpd_enabled: True iiab_network_mode: "Gateway" when: 'iiab_lan_iface != "none" and iiab_wan_iface != "none"' +- name: No LAN configured - non-dnsmasq + set_fact: + named_enabled: True + dhcpd_enabled: False + dns_service2: "{{ dns_service }}" + when: iiab_lan_iface == "none" or user_lan_iface == "none" and dns_service!= "dnsmasq" +# when: iiab_lan_iface == "none" or user_lan_iface == "none" and not dnsmasq_enabled" + +- name: LAN configured - non-dnsmasq + set_fact: + named_enabled: True + dhcpd_enabled: True + dns_service2: "{{ dns_service }}" + when: dns_service != "dnsmasq" and iiab_network_mode != "Appliance" +# when: not dnsmasq_enabled and iiab_network_mode != "Appliance" + +#- name: LAN configured - dnsmasq +# set_fact: +# named_enabled: False +# dhcpd_enabled: False +# dns_service2: dnsmasq +# when: dnsmasq_enabled and iiab_network_mode != "Appliance" + - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' section=network diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 8be1ec8f6..97346ac07 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -25,11 +25,6 @@ state=absent when: iiab_lan_iface != "br0" and wan_ip == "dhcp" -- name: Default to 'lan_controller' - set_fact: - gui_desired_network_role: "lan_controller" - when: not gui_desired_network_role is defined - - name: Supply resolvconf.conf template: dest=/etc/resolvconf.conf src=network/resolvconf.j2 @@ -45,26 +40,33 @@ register: interface when: iiab_lan_iface == "br0" or wan_ip != "dhcp" -- name: Start up the dhcpcd service - service: name=dhcpcd - enabled=True - state=started - - name: If this was a change, things need to shift service: name=hostapd state=stopped when: interface.changed -- name: dhcpd may be affected - service: name=bind9 state=stopped +#- name: dhcpcd may be affected +# service: name=dhcpcd state=stopped +# when: interface.changed and dhcpcd_result == "enabled" + +- name: dns may be affected + service: name={{ dns_service2 }} state=stopped when: interface.changed -- name: Restart the networking service +- name: reload systemd + shell: systemctl daemon-reload + +# now pick up denyinterfaces +- name: restart dhcpcd + service: name=dhcpcd state=restarted + when: interface.changed and dhcpcd_result == "enabled" + +- name: restart the networking service service: name=networking state=restarted when: interface.changed - -- name: start up dhcpcd again - service: name=dhcpcd state=started - when: interface.changed and dhcpcd_result == "enabled" + +- name: dns may be affected + service: name={{ dns_service2 }} state=started + when: interface.changed #create lan br0 if lan_controller or gateway #create wan br0 if appliance diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index dd968341a..e6e47cd48 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -39,7 +39,23 @@ enabled=no when: not named_enabled -- name: Enable DansGuardian +#- name: Enable dnsmasq +# service: name=dnsmasq +# enabled=no +# when: dnsmasq_enabled + +# copy config file +#- name: Supply dnsmasq.conf +# template: dest= +# src= +# when: dnsmasq_enabled + +#- name: Enable dnsmasq +# service: name=dnsmasq +# enabled=yes +# when: dnsmasq_enabled + +- name: Enable dansguardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index b98c9a019..89b03a922 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -67,6 +67,10 @@ - include: enable_wan.yml when: not installing and not iiab_demo_mode +- name: ask systemd to reread the unit files, picks up changes done + shell: systemctl daemon-reload + when: not installing + # monitor-connection-files defaults to no with F21, F18-F20 defaults to yes - name: Re-read network config files shell: nmcli con reload diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 0d8b2b8cc..9bb1763f2 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -40,7 +40,6 @@ - network - domain - ##### Start static ip address info for first run ##### #- include: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' @@ -50,6 +49,9 @@ tags: - network +##### end hostname setup +##### start install portion +# only needs to be done once - include: named.yml tags: - named @@ -80,9 +82,20 @@ tags: - network -- name: Ask systemd to reread the unit files, picks up changes done - shell: systemctl daemon-reload +#### end install portion +#### start network layout +# setting installing would skip configuring network +# but would configure but not start services +- include: computed_network.yml when: not installing + tags: + - network + - network-discover + +# templates needed from above install section live here +- include: enable_services.yml + tags: + - network - include: ifcfg_mods.yml tags: @@ -99,6 +112,11 @@ - network when: is_debuntu and is_rpi and not installing +- include: hostapd.yml + when: not installing + tags: + - network + - name: Create IIAB network flags template: src=network/{{ item }}.j2 dest=/etc/sysconfig/{{ item }} @@ -109,21 +127,15 @@ when: not installing tags: - network +#### end network layout +#### start services - include: computed_services.yml tags: - network -- include: enable_services.yml - tags: - - network - - include: restart.yml when: not installing tags: - network - -- include: hostapd.yml - when: not installing - tags: - - network +#### end services diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 61833144b..4de5c37c4 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -15,12 +15,14 @@ state=stopped when: not named_enabled +#- name: Stop dnsmasq service +# service: name=dnsmasq +# state=stopped +# when: not dnsmasq_enabled + - name: Start named service - service: name={{ dns_service }} + service: name={{ dns_service2 }} state=started - ignore_errors: True - when: named_enabled - register: dns_started - name: Stop DansGuardian service: name=dansguardian diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 2f4219aff..b26cd84f4 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -47,8 +47,8 @@ service: name=hostapd state=stopped when: interface.changed -- name: dhcpd may be affected - service: name=bind9 state=stopped +- name: dhcpcd may be affected + service: name=dhcpcd state=stopped when: interface.changed - name: Tear down any bridge and start fresh @@ -69,6 +69,10 @@ - name: start up dhcpcd again service: name=dhcpcd state=started +# now pick up denyinterfaces +- name: restart dhcpcd + service: name=dhcpcd state=restarted + - name: restart the networking service service: name=networking state=restarted diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index fb2e3a28f..58260354b 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -3,9 +3,9 @@ {% if iiab_network_mode == "Appliance" %} ################# APPLIANCE ######################### -{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet dhcp +iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set iface {{ iiab_wan_iface }} inet manual {% endif %} {# end of dhcp_wan #} @@ -29,9 +29,9 @@ iface br0 inet static address {{ lan_ip }} netmask {{ lan_netmask }} dns-nameservers {{ lan_ip }} -{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet dhcp +iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set iface {{ iiab_wan_iface }} inet manual {% endif %} {# end of dhcp_wan #} From 054fa6b35d9b9984e94eb2744370d42531e7c0cb Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 12 Sep 2017 00:21:41 -0500 Subject: [PATCH 255/393] RFC - re-ordered to allow common shared parts --- roles/network/templates/network/systemd.j2 | 45 +++++++++------------- 1 file changed, 19 insertions(+), 26 deletions(-) diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index 58260354b..271a96e7a 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -1,26 +1,5 @@ -# This file describes the network interfaces available on your system -# and how to activate them. For more information, see interfaces(5). - -{% if iiab_network_mode == "Appliance" %} -################# APPLIANCE ######################### -{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} -auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet manual -{% else %} # gui_static_wan_ip is set -iface {{ iiab_wan_iface }} inet manual -{% endif %} {# end of dhcp_wan #} - -{% if wan_ip != "dhcp" %} -auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet static - address {{ wan_ip }} - netmask {{ wan_netmask }} - gateway {{ wan_gateway }} - dns-nameservers {{ wan_nameserver }} - dns-search {{ iiab_domain }} -{% endif %} {# end of static_wan #} -{% elif iiab_network_mode == "Gateway" %} -################# GATEWAY ######################### +{% if iiab_network_mode != "Appliance" %} +################# LANCONTROLLER ################### auto br0 iface br0 inet static bridge_ports {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} @@ -28,8 +7,22 @@ iface br0 inet static bridge_maxwait 0 address {{ lan_ip }} netmask {{ lan_netmask }} + {% if iiab_network_mode == "Gateway" %} + gateway {{ lan_ip }} + {% endif %} dns-nameservers {{ lan_ip }} -{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} + dns-search {{ iiab_domain }} +{% endif %} +{# end LANCONTROLLER #} + +{% if iiab_network_mode != "LanController" %} +################# GATEWAY or APPLIANCE ######################### +{% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} +# client or user defined +{% endif %} + +{% if dhcpcd_result == "enabled" and is_rpi == "true" %} +#cover rpi auto {{ iiab_wan_iface }} iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set @@ -45,5 +38,5 @@ iface {{ iiab_wan_iface }} inet static dns-nameservers {{ wan_nameserver }} dns-search {{ iiab_domain }} {% endif %} -{% else %} {# end of iiab_network_mode == Gateway #} - +{% endif %} {# end of static_wan #} +{# end of iiab_network_mode != LanController #} From 8cf448155398a76f905e9476809e184d6bbe2d7a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 13 Sep 2017 06:07:25 -0500 Subject: [PATCH 256/393] port dnsmasq over from nginx-rebase-eth0 - rebased edits --- iiab-network | 9 ++- roles/0-vars/defaults/main.yml | 1 + roles/0-vars/tasks/main.yml | 2 + roles/network/defaults/main.yml | 9 +++ roles/network/tasks/computed_services.yml | 28 +++++---- roles/network/tasks/debian.yml | 59 ++++--------------- roles/network/tasks/dhcpd.yml | 1 + roles/network/tasks/dnsmasq.yml | 12 ++++ roles/network/tasks/enable_services.yml | 34 +++++------ roles/network/tasks/ifcfg_mods.yml | 15 ++++- roles/network/tasks/main.yml | 16 +++-- roles/network/tasks/restart.yml | 25 +------- roles/network/tasks/rpi_debian.yml | 33 ----------- .../templates/gateway/iiab-gen-iptables | 9 ++- .../templates/network/dnsmasq.service.rh | 10 ++++ roles/network/templates/network/resolvconf.j2 | 14 +++++ 16 files changed, 134 insertions(+), 143 deletions(-) create mode 120000 roles/0-vars/defaults/main.yml create mode 100644 roles/0-vars/tasks/main.yml create mode 100644 roles/network/tasks/dnsmasq.yml create mode 100644 roles/network/templates/network/dnsmasq.service.rh create mode 100644 roles/network/templates/network/resolvconf.j2 diff --git a/iiab-network b/iiab-network index 9e24154be..863d04da7 100755 --- a/iiab-network +++ b/iiab-network @@ -24,7 +24,8 @@ then touch /etc/iiab/config_vars.yml fi -export ANSIBLE_LOG_PATH="$CWD/iiab-network.log" +Start=`date` +export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local echo "" >> iiab-network.log ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log @@ -32,8 +33,12 @@ if [ ! "OS" == "debian" ]; then nmcli d >> iiab-network.log nmcli c >> iiab-network.log fi +echo "" >> iiab-network.log brctl show >> iiab-network.log -echo "run on:" >> iiab-network.log +echo "" >> iiab-network.log +echo "run start:" >> iiab-network.log +echo "$Start" >> iiab-network.log +echo "run end:" >> iiab-network.log date >> iiab-network.log echo "" >> iiab-network.log echo "" >> iiab-network.log diff --git a/roles/0-vars/defaults/main.yml b/roles/0-vars/defaults/main.yml new file mode 120000 index 000000000..b8fa87d4b --- /dev/null +++ b/roles/0-vars/defaults/main.yml @@ -0,0 +1 @@ +/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/0-vars/tasks/main.yml b/roles/0-vars/tasks/main.yml new file mode 100644 index 000000000..63e84b40a --- /dev/null +++ b/roles/0-vars/tasks/main.yml @@ -0,0 +1,2 @@ +- include: roles/1-prep/tasks/computed_vars.yml +- include: roles/1-prep/tasks/detected_network.yml diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 25c7b6b31..4c42380cd 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -46,3 +46,12 @@ network_config_dir: /etc/network/interfaces.d iiab_network_mode: "Gateway" dns_jail_enabled: False services_externally_visible: False + +# following variables set for old apache,dhcpd,named usage +dhcpd_install: True +dhcpd_enabled: True +named_install: True +named_enabled: True +dnsmasq_install: True +dnsmasq_enabled: True +captive_portal_enabled: False diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 1ba1283d7..e5b3b096f 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -17,30 +17,28 @@ - name: LAN configured - 'Gateway' mode set_fact: iiab_network_mode: "Gateway" - when: 'iiab_lan_iface != "none" and iiab_wan_iface != "none"' + when: iiab_lan_iface != "none" and iiab_wan_iface != "none" - name: No LAN configured - non-dnsmasq set_fact: named_enabled: True dhcpd_enabled: False - dns_service2: "{{ dns_service }}" - when: iiab_lan_iface == "none" or user_lan_iface == "none" and dns_service!= "dnsmasq" -# when: iiab_lan_iface == "none" or user_lan_iface == "none" and not dnsmasq_enabled" + dhcp_service2: "dhcpd" + when: not dnsmasq_enabled and iiab_network_mode == "Appliance" - name: LAN configured - non-dnsmasq set_fact: named_enabled: True dhcpd_enabled: True - dns_service2: "{{ dns_service }}" - when: dns_service != "dnsmasq" and iiab_network_mode != "Appliance" -# when: not dnsmasq_enabled and iiab_network_mode != "Appliance" + dhcp_service2: "dhcpd" + when: not dnsmasq_enabled and iiab_network_mode != "Appliance" -#- name: LAN configured - dnsmasq -# set_fact: -# named_enabled: False -# dhcpd_enabled: False -# dns_service2: dnsmasq -# when: dnsmasq_enabled and iiab_network_mode != "Appliance" +- name: LAN configured - dnsmasq + set_fact: + named_enabled: False + dhcpd_enabled: False + dhcp_service2: "dnsmasq" + when: dnsmasq_install and dnsmasq_enabled and iiab_network_mode != "Appliance" - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' @@ -50,3 +48,7 @@ with_items: - option: 'iiab_network_mode_applied' value: '{{ iiab_network_mode }}' + - option: 'dhcp_service2' + value: '{{ dhcp_service2 }}' + - option: 'dnsmasq_enabled' + value: '{{ dnsmasq_enabled }}' diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 97346ac07..1f1c79e0e 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -44,13 +44,18 @@ service: name=hostapd state=stopped when: interface.changed -#- name: dhcpcd may be affected -# service: name=dhcpcd state=stopped -# when: interface.changed and dhcpcd_result == "enabled" +- name: bind may be affected + service: name={{ dns_service }} state=stopped + when: named_install and dnsmasq_enabled -- name: dns may be affected - service: name={{ dns_service2 }} state=stopped - when: interface.changed +# dhcpd_server release the interface +- name: dhcpd_server may be affected - stopping dhcpd + service: name=dhcpd state=stopped + when: dhcpd_install + +- name: dhcpd_server may be affected - stopping dnsmasq + service: name=dnsmasq state=stopped + when: dnsmasq_install - name: reload systemd shell: systemctl daemon-reload @@ -63,45 +68,3 @@ - name: restart the networking service service: name=networking state=restarted when: interface.changed - -- name: dns may be affected - service: name={{ dns_service2 }} state=started - when: interface.changed - -#create lan br0 if lan_controller or gateway -#create wan br0 if appliance -#allocate wlan0 under br0 in all cases -#allocate eth0 under br0 if appliance, alone if gateway - -- name: Add location section to config file - ini_file: dest='{{ iiab_config_file }}' - section=network - option='{{ item.option }}' - value='{{ item.value }}' - with_items: - - option: 'gateway_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - - option: 'gateway_ifcfg' - value: '{{ has_ifcfg_gw }}' - - option: 'detected_gateway' - value: '{{ discovered_wan_iface }}' - - option: 'prior_gateway' - value: '{{ device_gw2 }}' - - option: 'wireless_list_1' - value: '{{ wifi1 }}' - - option: 'wireless_list_2' - value: '{{ wifi2 }}' - - option: 'num_wifi_interfaces' - value: '{{ num_wifi_interfaces }}' - - option: 'discovered_wireless_iface' - value: '{{ discovered_wireless_iface }}' - - option: 'iiab_wireless_lan_iface' - value: '{{ iiab_wireless_lan_iface }}' - - option: 'num_lan_interfaces' - value: '{{ num_lan_interfaces }}' - - option: 'detected_lan' - value: '{{ discovered_lan_iface }}' - - option: 'static_wan' - value: '{{ gui_static_wan }}' diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index b26ecf73c..4315ba0b5 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -15,6 +15,7 @@ - name: Create non-privileged user user: name=dhcpd createhome=no + when: is_debuntu - name: Configure dhcpd template: src={{ item.src }} diff --git a/roles/network/tasks/dnsmasq.yml b/roles/network/tasks/dnsmasq.yml new file mode 100644 index 000000000..4ffc09dea --- /dev/null +++ b/roles/network/tasks/dnsmasq.yml @@ -0,0 +1,12 @@ +- name: Install dnsmasq + package: name=dnsmasq state=present + +- name: Configure dhcpd + template: src={{ item.src }} + dest={{ item.dest }} + owner=root + group=root + mode={{ item.mode }} + with_items: + - { src: 'network/dnsmasq.service.rh', dest: '/etc/systemd/system/dnsmasq.service', mode: '0644' } + diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e6e47cd48..4a950fecc 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,13 +1,13 @@ - name: Disable dhcpd service service: name=dhcpd enabled=no - when: not dhcpd_enabled + when: not dhcpd_enabled and dhcpd_install # service is restarted with NM dispatcher.d script - name: Enable dhcpd service service: name=dhcpd enabled=yes - when: dhcpd_enabled + when: dhcpd_enabled and dhcpd_install - name: Copy /etc/sysconfig/dhcpd file template: src={{ item.src }} @@ -17,7 +17,7 @@ mode={{ item.mode }} with_items: - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' } - when: dhcpd_enabled + when: dhcpd_enabled and dhcpd_install - name: Copy named file template: src={{ item.src }} @@ -32,28 +32,26 @@ - name: Enable named service service: name={{ dns_service }} enabled=yes - when: named_enabled + when: named_enabled and named_install - name: Disable named service service: name={{ dns_service }} enabled=no - when: not named_enabled + when: not named_enabled and named_install -#- name: Enable dnsmasq -# service: name=dnsmasq -# enabled=no -# when: dnsmasq_enabled +- name: Disable dnsmasq + service: name=dnsmasq + enabled=no + when: not dnsmasq_enabled and dnsmasq_install -# copy config file -#- name: Supply dnsmasq.conf -# template: dest= -# src= -# when: dnsmasq_enabled +- name: dnsmasq copy config file to /etc + template: src=network/dnsmasq.conf dest=/etc/ + when: dnsmasq_enabled and dnsmasq_install -#- name: Enable dnsmasq -# service: name=dnsmasq -# enabled=yes -# when: dnsmasq_enabled +- name: Enable dnsmasq + service: name=dnsmasq + enabled=yes + when: dnsmasq_enabled and dnsmasq_install - name: Enable dansguardian service: name=dansguardian diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 89b03a922..9c4023e42 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -24,6 +24,18 @@ with_items: - "{{ discovered_lan_iface }}" +- name: bind may be affected + service: name={{ dns_service }} state=stopped + when: named_install and dnsmasq_enabled + +- name: dhcpd_server may be affected - stopping dhcpd + service: name=dhcpd state=stopped + when: dhcpd_install + +- name: dhcpd_server may be affected - stopping dnsmasq + service: name=dnsmasq state=stopped + when: dnsmasq_install + - name: Stop the LAN/Bridge deleting iiab-LAN shell: nmcli con delete id iiab-LAN ignore_errors: True @@ -98,4 +110,5 @@ with_items: - "{{ lan_list_result.stdout_lines }}" -# testpoint confirm with 'nmcli c show' 'brctl show' +- name: dhcp_server may be affected - starting - user choice + service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 9bb1763f2..39d48bcdf 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -56,11 +56,19 @@ tags: - named - network + when: named_install - include: dhcpd.yml tags: - dhcpd - network + when: dhcpd_install + +- include: dnsmasq.yml + tags: + - dnsmasq + - network + when: dnsmasq_install - include: squid.yml tags: @@ -92,6 +100,10 @@ - network - network-discover +- include: computed_services.yml + tags: + - network + # templates needed from above install section live here - include: enable_services.yml tags: @@ -130,10 +142,6 @@ #### end network layout #### start services -- include: computed_services.yml - tags: - - network - - include: restart.yml when: not installing tags: diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 4de5c37c4..5619721c7 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,28 +1,7 @@ -# dhcpd service is restarted with NM dispatcher.d script -- name: Stop dhcpd - service: name=dhcpd - state=stopped - when: not dhcpd_enabled - -# assume NM is not running -- name: Start dhcpd - service: name=dhcpd - state=started - when: dhcpd_enabled and is_debuntu - -- name: Stop named service - service: name={{ dns_service }} - state=stopped - when: not named_enabled - -#- name: Stop dnsmasq service -# service: name=dnsmasq -# state=stopped -# when: not dnsmasq_enabled - - name: Start named service - service: name={{ dns_service2 }} + service: name={{ dns_service }} state=started + when: named_enabled and named_install - name: Stop DansGuardian service: name=dansguardian diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index b26cd84f4..189989540 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -80,36 +80,3 @@ #create wan br0 if appliance #allocate wlan0 under br0 in all cases #allocate eth0 under br0 if appliance, alone if gateway - -- name: Add location section to config file - ini_file: dest='{{ iiab_config_file }}' - section=network - option='{{ item.option }}' - value='{{ item.value }}' - with_items: - - option: 'gateway_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - - option: 'gateway_ifcfg' - value: '{{ has_ifcfg_gw }}' - - option: 'detected_gateway' - value: '{{ discovered_wan_iface }}' - - option: 'prior_gateway' - value: '{{ device_gw2 }}' - - option: 'wireless_list_1' - value: '{{ wifi1 }}' - - option: 'wireless_list_2' - value: '{{ wifi2 }}' - - option: 'num_wifi_interfaces' - value: '{{ num_wifi_interfaces }}' - - option: 'discovered_wireless_iface' - value: '{{ discovered_wireless_iface }}' - - option: 'iiab_wireless_lan_iface' - value: '{{ iiab_wireless_lan_iface }}' - - option: 'num_lan_interfaces' - value: '{{ num_lan_interfaces }}' - - option: 'detected_lan' - value: '{{ discovered_lan_iface }}' - - option: 'static_wan' - value: '{{ gui_static_wan }}' diff --git a/roles/network/templates/gateway/iiab-gen-iptables b/roles/network/templates/gateway/iiab-gen-iptables index b45295883..63f3a20ff 100755 --- a/roles/network/templates/gateway/iiab-gen-iptables +++ b/roles/network/templates/gateway/iiab-gen-iptables @@ -57,6 +57,7 @@ calibre_port={{ calibre_port }} kiwix_port={{ kiwix_port }} kalite_server_port={{ kalite_server_port }} block_DNS={{ block_DNS }} +captive_portal_enabled={{ captive_portal_enabled }} echo "Lan is $lan and WAN is $wan" # @@ -112,7 +113,13 @@ if [ "$block_DNS" == "True" ];then $IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53 fi -if [ -f /etc/sysconfig/xs_httpcache_on ]; then +if [ "$captive_portal_enabled" == "True" ];then + $IPTABLES -t mangle -N internet + $IPTABLES -t mangle -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m tcp --dport 80 -j internet + $IPTABLES -t mangle -A internet -j MARK --set-mark 99 + $IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }} + +elif [ -f /etc/sysconfig/xs_httpcache_on ]; then $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d 172.18.96.1 -j DNAT --to 172.18.96.1:3128 fi diff --git a/roles/network/templates/network/dnsmasq.service.rh b/roles/network/templates/network/dnsmasq.service.rh new file mode 100644 index 000000000..79b687f43 --- /dev/null +++ b/roles/network/templates/network/dnsmasq.service.rh @@ -0,0 +1,10 @@ +[Unit] +Description=DNS caching server. +After=network.target + +[Service] +ExecStart=/usr/sbin/dnsmasq -k +ExecStop=/bin/killall -9 dnsmasq + +[Install] +WantedBy=multi-user.target diff --git a/roles/network/templates/network/resolvconf.j2 b/roles/network/templates/network/resolvconf.j2 new file mode 100644 index 000000000..7a8d7461d --- /dev/null +++ b/roles/network/templates/network/resolvconf.j2 @@ -0,0 +1,14 @@ +# Supplied by IIAB +# Configuration for resolvconf(8) +# See resolvconf.conf(5) for details + +resolv_conf=/etc/resolv.conf +# If you run a local name server, you should uncomment the below line and +# configure your subscribers configuration files below. +name_servers=127.0.0.1 + +# Mirror the Debian package defaults for the below resolvers +# so that resolvconf integrates seemlessly. +dnsmasq_resolv=/var/run/dnsmasq/resolv.conf +pdnsd_conf=/etc/pdnsd.conf +unbound_conf=/var/cache/unbound/resolvconf_resolvers.conf From fcb04885024eb1f9fff33c2af2db925ef9bfc6f1 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 13 Sep 2017 08:37:52 -0500 Subject: [PATCH 257/393] use netvars --- roles/0-vars/defaults/main.yml | 1 - roles/0-vars/tasks/main.yml | 2 -- 2 files changed, 3 deletions(-) delete mode 120000 roles/0-vars/defaults/main.yml delete mode 100644 roles/0-vars/tasks/main.yml diff --git a/roles/0-vars/defaults/main.yml b/roles/0-vars/defaults/main.yml deleted file mode 120000 index b8fa87d4b..000000000 --- a/roles/0-vars/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ -/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/0-vars/tasks/main.yml b/roles/0-vars/tasks/main.yml deleted file mode 100644 index 63e84b40a..000000000 --- a/roles/0-vars/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -- include: roles/1-prep/tasks/computed_vars.yml -- include: roles/1-prep/tasks/detected_network.yml From de4be7c6462e4de0bc888ec28921becabc8cd00e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 13 Sep 2017 09:30:59 -0500 Subject: [PATCH 258/393] Everybody is testing debian.yml - Toggle dnsmasq_enabled False - edits use hostapd.yml supplied templates sooner - remove systemd reload and restarted - move restarted to restart.yml live testing --- roles/network/defaults/main.yml | 2 +- roles/network/tasks/hostapd.yml | 24 +-------- roles/network/tasks/main.yml | 20 +++----- roles/network/tasks/restart.yml | 15 ++++++ roles/network/templates/network/dhcpcd.conf | 23 +++++---- .../network/templates/network/dhcpcd.conf.j2 | 50 +++++++++++++++++++ roles/network/templates/network/systemd.j2 | 43 ++++++++++------ 7 files changed, 116 insertions(+), 61 deletions(-) create mode 100644 roles/network/templates/network/dhcpcd.conf.j2 diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 4c42380cd..d405a43c9 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -53,5 +53,5 @@ dhcpd_enabled: True named_install: True named_enabled: True dnsmasq_install: True -dnsmasq_enabled: True +dnsmasq_enabled: False captive_portal_enabled: False diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 6b56a675c..2d6953613 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -6,10 +6,9 @@ mode=0644 when: iiab_wireless_lan_iface != "none" -- name: Disable the Access Point hostapd program +- name: Disable the Access Point Hostapd program service: enabled=no name=hostapd.service - state=stopped when: iiab_wireless_lan_iface == "none" or iiab_network_mode == "Appliance" or not hostapd_enabled - name: Use custom systemd unit file to start hostapd @@ -19,26 +18,7 @@ group=root mode=0644 -- name: Ask systemd to reread the unit files for hostapd - shell: systemctl daemon-reload - -- name: Enable the Access Point hostapd program +- name: Enable the Access Point Hostapd program service: enabled=yes name=hostapd.service - state=restarted when: iiab_wireless_lan_iface != "none" and iiab_network_mode != "Appliance" and hostapd_enabled - -- name: Checking if slave is active waiting 10 seconds - shell: "sleep {{ hostapd_wait }} | brctl show | grep {{ iiab_wireless_lan_iface }}" - ignore_errors: True - changed_when: False - register: wifi_slave - when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" - -- name: Restart hostapd if slave is inactive - service: name=hostapd.service - state=restarted - when: is_debuntu and iiab_lan_iface == "br0" and item|trim == "" - with_items: - - "{{ wifi_slave.stdout }}" - ignore_errors: true diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 39d48bcdf..4304f37b7 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -109,23 +109,17 @@ tags: - network -- include: ifcfg_mods.yml +- include: hostapd.yml + tags: + - network + +- include: ifcfg_mods.yml + when: not is_debuntu and not installing tags: - network - when: is_redhat and not installing - include: debian.yml - tags: - - network - when: is_debuntu and not is_rpi and not installing - -- include: rpi_debian.yml - tags: - - network - when: is_debuntu and is_rpi and not installing - -- include: hostapd.yml - when: not installing + when: is_debuntu and not installing tags: - network diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 5619721c7..62661b19e 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -40,3 +40,18 @@ - name: Run iptables command: /usr/bin/iiab-gen-iptables + +- name: Checking if slave is active waiting 10 seconds + shell: "sleep {{ hostapd_wait }} | brctl show | grep {{ iiab_wireless_lan_iface }}" + ignore_errors: True + changed_when: False + register: wifi_slave + when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" + +- name: Restart hostapd if slave is inactive + service: name=hostapd.service + state=restarted + when: iiab_lan_iface == "br0" and item|trim == "" + with_items: + - "{{ wifi_slave.stdout }}" + ignore_errors: true diff --git a/roles/network/templates/network/dhcpcd.conf b/roles/network/templates/network/dhcpcd.conf index 1db23cae6..a9eaf1c08 100644 --- a/roles/network/templates/network/dhcpcd.conf +++ b/roles/network/templates/network/dhcpcd.conf @@ -37,16 +37,21 @@ require dhcp_server_identifier # Generate Stable Private IPv6 Addresses instead of hardware based ones slaac private -# don't let dhcpcd mess with IIAB LAN -denyinterfaces br0 wlan0 +# IIAB +denyinterfaces {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} {% if iiab_lan_iface != "br0" %} {{ iiab_lan_iface }} {% endif %} -# Example static IP configuration: -{% if gui_static_wan == true %} -interface {{ discovered_wan_iface }} -# strange that dhcpcd does not have a netmask option -- hardcode it FIXME -static ip_address={{ gui_static_wan_ip }}/24 -static routers={{ gui_static_wan_gateway }} -domain_name_servers= {{ gui_static_wan_nameserver }} +{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} +interface {{ iiab_lan_iface }} +static ip_address={{ lan_ip }}/19 +static domain_name_servers=127.0.0.1 +{% endif %} + +# IIAB static IP configuration: +{% if wan_ip != dhcp %} +interface {{ iiab_wan_iface }} +static ip_address={{ wan_ip }}/24 +static routers={{ wan_gateway }} +domain_name_servers= {{ wan_nameserver }} {% endif %} # It is possible to fall back to a static IP if DHCP fails: diff --git a/roles/network/templates/network/dhcpcd.conf.j2 b/roles/network/templates/network/dhcpcd.conf.j2 new file mode 100644 index 000000000..4a598574e --- /dev/null +++ b/roles/network/templates/network/dhcpcd.conf.j2 @@ -0,0 +1,50 @@ +# Supplied by IIAB +# A sample configuration for dhcpcd. +# See dhcpcd.conf(5) for details. + +# Allow users of this group to interact with dhcpcd via the control socket. +#controlgroup wheel + +# Inform the DHCP server of our hostname for DDNS. +hostname + +# Use the hardware address of the interface for the Client ID. +clientid +# or +# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. +# Some non-RFC compliant DHCP servers do not reply with this set. +# In this case, comment out duid and enable clientid above. +#duid + +# Persist interface configuration when dhcpcd exits. +persistent + +# Rapid commit support. +# Safe to enable by default because it requires the equivalent option set +# on the server to actually work. +option rapid_commit + +# A list of options to request from the DHCP server. +option domain_name_servers, domain_name, domain_search, host_name +option classless_static_routes +# Most distributions have NTP support. +option ntp_servers +# Respect the network MTU. This is applied to DHCP routes. +option interface_mtu + +# A ServerID is required by RFC2131. +require dhcp_server_identifier + +# Generate Stable Private IPv6 Addresses instead of hardware based ones +slaac private + +# supplied by IIAB + +denyinterfaces {% if gui_static_wan == true %} {{ iiab_wan_iface }} {% endif %} {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} + +{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} +interface {{ iiab_lan_iface }} +static ip_address={{ lan_ip }}/19 +static routers={{ lan_ip }} +static domain_name_servers={{ lan_ip }} +{% endif %} diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index 271a96e7a..f5d0816a2 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -1,42 +1,53 @@ +# iiab_network_mode is {{ iiab_network_mode }} +# gui_desired_network_role is {{ gui_desired_network_role }} + {% if iiab_network_mode != "Appliance" %} ################# LANCONTROLLER ################### auto br0 +{% if dhcpcd_result == "enabled" %} +iface br0 inet manual +{% else %} iface br0 inet static - bridge_ports {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} - +{% endif %} +{% if discovered_lan_iface != "none" %} + bridge_ports {{ discovered_lan_iface }} +{% endif %} bridge_maxwait 0 +{% if dhcpcd_result != "enabled" %} address {{ lan_ip }} netmask {{ lan_netmask }} - {% if iiab_network_mode == "Gateway" %} - gateway {{ lan_ip }} - {% endif %} - dns-nameservers {{ lan_ip }} +{% endif %} + dns-nameservers 127.0.0.1 dns-search {{ iiab_domain }} {% endif %} {# end LANCONTROLLER #} {% if iiab_network_mode != "LanController" %} ################# GATEWAY or APPLIANCE ######################### +# start dhcp clients {% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} # client or user defined {% endif %} - {% if dhcpcd_result == "enabled" and is_rpi == "true" %} #cover rpi +#auto {{ iiab_wan_iface }} +#iface {{ iiab_wan_iface }} inet manual +{% endif %} +{% if dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} +#cover butt auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet manual -{% else %} # gui_static_wan_ip is set -iface {{ iiab_wan_iface }} inet manual -{% endif %} {# end of dhcp_wan #} - -{% if wan_ip != "dhcp" %} +iface {{ iiab_wan_iface }} inet dhcp +{% endif %} +# end dhcp clients +# static wan +{% if wan_ip != "dhcp" and dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} iface {{ iiab_wan_iface }} inet static address {{ wan_ip }} netmask {{ wan_netmask }} gateway {{ wan_gateway }} - dns-nameservers {{ wan_nameserver }} + dns-nameservers 127.0.0.1 {{ wan_nameserver }} dns-search {{ iiab_domain }} - {% endif %} {% endif %} {# end of static_wan #} -{# end of iiab_network_mode != LanController #} + +{% endif %} {# end of iiab_network_mode != LanController #} From 5ca8db9d093483ac9ae0bed55c739860f32a091d Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Fri, 15 Sep 2017 11:56:57 -0500 Subject: [PATCH 259/393] lose rpi_debian - rebased -- dropped file --- iiab-network | 17 +++++++++++------ roles/network/tasks/debian.yml | 7 +++++++ roles/network/tasks/ifcfg_mods.yml | 4 ++++ roles/network/tasks/restart.yml | 6 +++--- roles/network/tasks/squid.yml | 10 +++++----- 5 files changed, 30 insertions(+), 14 deletions(-) diff --git a/iiab-network b/iiab-network index 863d04da7..87be5ccdc 100755 --- a/iiab-network +++ b/iiab-network @@ -27,18 +27,23 @@ fi Start=`date` export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local +End=`date` echo "" >> iiab-network.log -ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log if [ ! "OS" == "debian" ]; then + ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log nmcli d >> iiab-network.log nmcli c >> iiab-network.log fi echo "" >> iiab-network.log -brctl show >> iiab-network.log +ip r >> iiab-network.log echo "" >> iiab-network.log -echo "run start:" >> iiab-network.log -echo "$Start" >> iiab-network.log -echo "run end:" >> iiab-network.log -date >> iiab-network.log +brctl show br0>> iiab-network.log +echo "run start: $Start" >> iiab-network.log +echo "run end: $End" >> iiab-network.log echo "" >> iiab-network.log echo "" >> iiab-network.log +ip r +brctl show br0 +echo "run start:$Start" +echo "run end: $End" + diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 1f1c79e0e..7845c7524 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -68,3 +68,10 @@ - name: restart the networking service service: name=networking state=restarted when: interface.changed + +- name: restart hostapd when wifi is present + service: name=hostapd state=started + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + +- name: dhcp_server may be affected - starting - user choice + service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 9c4023e42..39c4d0156 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -110,5 +110,9 @@ with_items: - "{{ lan_list_result.stdout_lines }}" +- name: restart hostapd when wifi is present + service: name=hostapd state=started + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 62661b19e..2180daf51 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -41,14 +41,14 @@ - name: Run iptables command: /usr/bin/iiab-gen-iptables -- name: Checking if slave is active waiting 10 seconds - shell: "sleep {{ hostapd_wait }} | brctl show | grep {{ iiab_wireless_lan_iface }}" +- name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds + shell: "sleep {{ hostapd_wait }} | brctl show br0 | grep {{ iiab_wireless_lan_iface }}" ignore_errors: True changed_when: False register: wifi_slave when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" -- name: Restart hostapd if slave is inactive +- name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted when: iiab_lan_iface == "br0" and item|trim == "" diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 595a24e06..1abadaf4b 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -67,11 +67,11 @@ - include: dansguardian.yml when: dansguardian_install -- name: Stop Squid - service: name={{ proxy }} - state=stopped - ignore_errors: yes - when: not installing +#- name: Stop Squid +# service: name={{ proxy }} +# state=stopped +# ignore_errors: yes +# when: not installing - name: Add Squid to service list ini_file: dest='{{ service_filelist }}' From 8cad64c34a3e97b02fc07f672d783517d5f9f293 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Fri, 15 Sep 2017 23:43:15 -0500 Subject: [PATCH 260/393] fix proper runtags support --- roles/network/defaults/main.yml | 2 +- roles/network/tasks/enable_services.yml | 2 +- roles/network/tasks/main.yml | 12 ++++++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index d405a43c9..a354fd7ac 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -52,6 +52,6 @@ dhcpd_install: True dhcpd_enabled: True named_install: True named_enabled: True -dnsmasq_install: True dnsmasq_enabled: False +dnsmasq_install: False captive_portal_enabled: False diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 4a950fecc..e15d8ab0a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -66,7 +66,7 @@ - name: Create xs_httpcache flag shell: echo 1 > /etc/sysconfig/xs_httpcache_on creates=/etc/sysconfig/xs_httpcache_on - when: squid_enabled + when: squid_enabled and squid_install - name: Enable Squid service service: name={{ proxy }} diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 4304f37b7..5a82d6d55 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -103,11 +103,19 @@ - include: computed_services.yml tags: - network + - named + - dhcpd + - dnsmasq + - squid # templates needed from above install section live here - include: enable_services.yml tags: - network + - named + - dhcpd + - dnsmasq + - squid - include: hostapd.yml tags: @@ -140,4 +148,8 @@ when: not installing tags: - network + - named + - dhcpd + - dnsmasq + - squid #### end services From ea44bcaf05a8601dc054a50b69b06bb2e69f0d5e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 13:49:38 -0500 Subject: [PATCH 261/393] split installing out of main.yml --- roles/network/tasks/installing.yml | 34 ++++++++++++++++++++++++++++++ roles/network/tasks/main.yml | 30 ++------------------------ 2 files changed, 36 insertions(+), 28 deletions(-) create mode 100644 roles/network/tasks/installing.yml diff --git a/roles/network/tasks/installing.yml b/roles/network/tasks/installing.yml new file mode 100644 index 000000000..0d985a5e5 --- /dev/null +++ b/roles/network/tasks/installing.yml @@ -0,0 +1,34 @@ +# only needs to be done once +- include: named.yml + tags: + - named + - network + when: named_install + +- include: dhcpd.yml + tags: + - dhcpd + - network + when: dhcpd_install + +- include: dnsmasq.yml + tags: + - dnsmasq + - network + when: dnsmasq_install + +- include: squid.yml + tags: + - squid + - network + when: squid_install + +- include: wondershaper.yml + tags: + - wondershaper + - network + +- include: iptables.yml + tags: + - iptables + - network diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 5a82d6d55..6d00bc585 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -52,39 +52,13 @@ ##### end hostname setup ##### start install portion # only needs to be done once -- include: named.yml +- include: installing.yml tags: + - network - named - - network - when: named_install - -- include: dhcpd.yml - tags: - dhcpd - - network - when: dhcpd_install - -- include: dnsmasq.yml - tags: - dnsmasq - - network - when: dnsmasq_install - -- include: squid.yml - tags: - squid - - network - when: squid_install - -- include: wondershaper.yml - tags: - - wondershaper - - network - -- include: iptables.yml - tags: - - iptables - - network - include: avahi.yml tags: From 8bb61669144fe920e5b907b70d0667a5cff8a5aa Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 14:27:06 -0500 Subject: [PATCH 262/393] network install once --- roles/network/tasks/main.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 6d00bc585..4a1db623f 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -15,6 +15,8 @@ src=network/hostname.j2 owner=root mode=0644 + when: is_debuntu + register: hostname_change tags: - network - domain @@ -25,6 +27,8 @@ owner=root group=root mode=0644 + when: is_redhat + register: hostname_change tags: - network - domain @@ -35,7 +39,6 @@ mode=0644 with_items: - iiab_domain_name - register: domainname tags: - network - domain @@ -48,17 +51,20 @@ - include: hosts.yml tags: - network + - domain ##### end hostname setup ##### start install portion # only needs to be done once - include: installing.yml + when: hostname_change.changed or installing tags: - network - named - dhcpd - dnsmasq - squid + - domain - include: avahi.yml tags: From 5cd426fa897e41444448b17af551e0165abf00a5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 15:09:43 -0500 Subject: [PATCH 263/393] redhat debugging and remove dup'd stanzas --- roles/network/tasks/detected_network.yml | 19 +++++++++++++++++++ roles/network/tasks/main.yml | 10 +++++----- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index f8e1e569a..6c422a746 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -30,6 +30,25 @@ include: detected_redhat.yml when: is_redhat +- name: check to see if dhcpcd is installed and active - Can Fail + shell: systemctl is-enabled dhcpcd + register: dhcpcd_test + ignore_errors: True + +- name: setting dhcpcd_test results + set_fact: + dhcpcd_result: "{{ dhcpcd_test.stdout }}" + +- name: check /etc/network/interfaces for gateway + shell: grep {{ device_gw }} /etc/network/interfaces | wc -l + when: is_debuntu + register: wan_file + +- name: setting wan_in_interfaces + set_fact: + wan_in_interfaces: True + when: is_debuntu and wan_file.stdout|int >= "0" + # WIRELESS -- if any wireless is detected as gateway, it becomes WAN - name: Look for any wireless interfaces shell: "cat /proc/net/wireless | grep -v -e Inter -e face | awk -F: '{print $1}' " diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 4a1db623f..e0eba0efe 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -74,11 +74,11 @@ #### start network layout # setting installing would skip configuring network # but would configure but not start services -- include: computed_network.yml - when: not installing - tags: - - network - - network-discover +#- include: computed_network.yml +# when: not installing +# tags: +# - network +# - network-discover - include: computed_services.yml tags: From a60661f45ccd3cad4356cdccfdf0d0e9abb95fa9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 24 Sep 2017 15:25:57 -0500 Subject: [PATCH 264/393] move avahi package install --- roles/2-common/tasks/packages.yml | 6 ++++++ roles/network/tasks/avahi.yml | 22 ---------------------- 2 files changed, 6 insertions(+), 22 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index e409b5dee..3dc470753 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -36,6 +36,9 @@ - linux-firmware - syslog - xml-common + - nss-mdns + - avahi + - avahi-tools when: is_redhat - name: Download usbmount -- not in debian-9 @@ -52,6 +55,9 @@ with_items: - inetutils-syslogd - wpasupplicant + - libnss-mdns + - avahi-daemon + - avahi-discover when: is_debuntu - name: Install common packages diff --git a/roles/network/tasks/avahi.yml b/roles/network/tasks/avahi.yml index 517ddb808..0801a477f 100644 --- a/roles/network/tasks/avahi.yml +++ b/roles/network/tasks/avahi.yml @@ -1,25 +1,3 @@ -- name: Install avahi package - package: name={{ item }} - state=present - with_items: - - libnss-mdns - - avahi-daemon - - avahi-discover - when: is_debuntu - tags: - - download - -- name: Install avahi package - package: name={{ item }} - state=present - with_items: - - nss-mdns - - avahi - - avahi-tools - when: not is_debuntu - tags: - - download - - name: Create a user for avahi user: name=avahi createhome=no From 82854b94a14f25c0e02fad6748f53f3799740134 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 26 Sep 2017 01:47:26 -0500 Subject: [PATCH 265/393] too fancy atm --- roles/network/tasks/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index e0eba0efe..bf6a96334 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -57,7 +57,6 @@ ##### start install portion # only needs to be done once - include: installing.yml - when: hostname_change.changed or installing tags: - network - named @@ -65,6 +64,8 @@ - dnsmasq - squid - domain +# when: hostname_change.changed or installing + - include: avahi.yml tags: From aab78257d45574e0dbf671333bd72f9a746893ae Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 26 Sep 2017 00:54:58 -0500 Subject: [PATCH 266/393] disable stock isc-dhcp-server config --- roles/network/tasks/enable_services.yml | 5 +++++ vars/debian-9.yml | 1 + 2 files changed, 6 insertions(+) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e15d8ab0a..e9ec16eef 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,3 +1,8 @@ +- name: Disable stock dhcp_service service + service: name={{ dhcp_service }} + enabled=no + when: dhcpd_install and first_run and is_debian_9 + - name: Disable dhcpd service service: name=dhcpd enabled=no diff --git a/vars/debian-9.yml b/vars/debian-9.yml index 1e1697783..4145ed60a 100644 --- a/vars/debian-9.yml +++ b/vars/debian-9.yml @@ -2,6 +2,7 @@ is_debuntu: True is_debian: True is_debian_9: True dns_service: bind9 +dhcp_service: isc-dhcp-server dns_user: bind proxy: squid proxy_user: proxy From c1a272cd90f0ba7ddea7bb0867b94f5668e3ef85 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 10 Oct 2017 13:06:20 -0500 Subject: [PATCH 267/393] treat ubuntu same as debian --- roles/network/tasks/enable_services.yml | 5 +++-- vars/ubuntu-16.yml | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e9ec16eef..f3840dc2a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -1,7 +1,8 @@ -- name: Disable stock dhcp_service service +- name: Disable stock dhcp_service service: name={{ dhcp_service }} enabled=no - when: dhcpd_install and first_run and is_debian_9 + state=stopped + when: dhcpd_install and first_run - name: Disable dhcpd service service: name=dhcpd diff --git a/vars/ubuntu-16.yml b/vars/ubuntu-16.yml index 1971d5a18..be62d0718 100644 --- a/vars/ubuntu-16.yml +++ b/vars/ubuntu-16.yml @@ -2,6 +2,7 @@ is_debuntu: True is_ubuntu: True dns_service: bind9 dns_user: bind +dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 From b17bc7f7799d7b3ebfb45b3a981902f177924013 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 15 Oct 2017 20:33:12 -0500 Subject: [PATCH 268/393] tighten up hostapd check --- roles/network/tasks/restart.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 2180daf51..30ef4a84b 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -43,15 +43,12 @@ - name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds shell: "sleep {{ hostapd_wait }} | brctl show br0 | grep {{ iiab_wireless_lan_iface }}" - ignore_errors: True - changed_when: False - register: wifi_slave when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" + register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_lan_iface == "br0" and item|trim == "" + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and item|trim == "" with_items: - "{{ wifi_slave.stdout }}" - ignore_errors: true From e4ff73bf92bf7a90f18f5e0f0f0c587369e48ac8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 15 Oct 2017 20:34:37 -0500 Subject: [PATCH 269/393] reduce hostapd wait time --- roles/network/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index a354fd7ac..9a546c8c1 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -33,7 +33,7 @@ wondershaper_upspeed: "1024" # WiFi host_ssid: IIAB -hostapd_wait: 10 +hostapd_wait: 1 host_wifi_mode: g host_channel: 6 host_wireless_n: False From 2b3b285f47827906677919a3f6db2c7d1ba3fe67 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 17 Oct 2017 09:22:06 -0500 Subject: [PATCH 270/393] centos - add dhcp_service --- vars/centos-7.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/centos-7.yml b/vars/centos-7.yml index f852434f6..79a654af3 100644 --- a/vars/centos-7.yml +++ b/vars/centos-7.yml @@ -12,6 +12,7 @@ smb_service: smb nmb_service: nmb systemctl_program: /usr/bin/systemctl mysql_service: mariadb +dhcp_service: dhcpd apache_log: /var/log/httpd/access_log sshd_service: sshd php_version: 7.0 From 28a1ebb1b03877919b93247b7e29034680449989 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 17 Oct 2017 10:18:59 -0500 Subject: [PATCH 271/393] dhcp_service first_run add is_debuntu only --- roles/network/tasks/enable_services.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index f3840dc2a..ab3f82733 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -2,7 +2,7 @@ service: name={{ dhcp_service }} enabled=no state=stopped - when: dhcpd_install and first_run + when: dhcpd_install and first_run and is_debuntu - name: Disable dhcpd service service: name=dhcpd From f06c4154443ac6c2bd1f59226f2ed48122d16f24 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Fri, 27 Oct 2017 11:24:22 -0500 Subject: [PATCH 272/393] raspbian - dhcp_service: isc-dhcp-server --- vars/raspbian-9.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/raspbian-9.yml b/vars/raspbian-9.yml index e18c339da..ad0e0a408 100644 --- a/vars/raspbian-9.yml +++ b/vars/raspbian-9.yml @@ -5,6 +5,7 @@ rtc_id: ds3231 dns_service: bind9 dns_user: bind +dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 From 47c497ca096ecaa59ace395eb881b5fceca36073 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 13:30:27 -0500 Subject: [PATCH 273/393] introduce iiab-steps.yml --- iiab-steps.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 iiab-steps.yml diff --git a/iiab-steps.yml b/iiab-steps.yml new file mode 100644 index 000000000..66c97721c --- /dev/null +++ b/iiab-steps.yml @@ -0,0 +1,29 @@ +--- +- hosts: all + become: yes + + vars_files: + - vars/default_vars.yml + - vars/{{ ansible_local.local_facts.os_ver }}.yml + - vars/local_vars.yml + + roles: + - { role: 0-init, tags: ['0-init'] } + - { role: 1-prep, tags: ['1-prep','platform','base'], + when: ansible_local.local_facts.stage|int < 1 } + - { role: 2-common, tags: ['2-common','base'], + when: ansible_local.local_facts.stage|int < 2 } + - { role: 3-base-server, tags: ['3-base-server','base'], + when: ansible_local.local_facts.stage|int < 3 } + - { role: 4-server-options, tags: ['4-server-options'], + when: ansible_local.local_facts.stage|int < 4 } + - { role: 5-xo-services, tags: ['5-xo-services'], + when: ansible_local.local_facts.stage|int < 5 } + - { role: 6-generic-apps, tags: ['6-generic-apps'], + when: ansible_local.local_facts.stage|int < 6 } + - { role: 7-edu-apps, tags: ['7-edu-apps'], + when: ansible_local.local_facts.stage|int < 7 } + - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'], + when: ansible_local.local_facts.stage|int < 8 } + - { role: 9-local-addons, tags: ['9-local-addons'], + when: ansible_local.local_facts.stage|int < 9 } From 7c8b2e16419cad87484f88ae304b77d9cce58e86 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 11:31:32 -0500 Subject: [PATCH 274/393] introduce 'stage' --- scripts/local_facts.fact | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/scripts/local_facts.fact b/scripts/local_facts.fact index 4d9da02d6..43f8ab6f5 100755 --- a/scripts/local_facts.fact +++ b/scripts/local_facts.fact @@ -41,9 +41,20 @@ else XO_VERSION="none" fi +# upgrades return found, clean installs return 0 +# interruptions return last stage number recorded (1-9) +if [ -f /etc/iiab/iiab.env ] +then + STAGE=0 + source /etc/iiab/iiab.env + STAGE=$STAGE +else + STAGE=0 +fi ANSIBLE_VERSION=$(ansible --version|head -n 1|cut -f 2 -d " ") cat <<EOF {"phplib_dir" : "$PHPLIB_DIR", +"stage" : "$STAGE", "iiab_branch" : "$BRANCH", "iiab_commit" : "$COMMIT", "xo_model" : "$XO_VERSION", From ef914cac7c49f0983d628aec3e5378304f0be6bb Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 12:42:51 -0500 Subject: [PATCH 275/393] activate old marker code --- roles/3-base-server/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 3aa90c43b..ca7c86b66 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -31,11 +31,11 @@ when: not installing # If we got here we're done -#- name: Record base gui version -# lineinfile: dest=/etc/iiab/iiab.env -# regexp='^BASE_VERSION=*' -# line='BASE_VERSION="{{ gui_version }}"' -# state=present +- name: Record STAGE + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=3' + state=present - name: ...HAS COMPLETED ==================================== command: echo From d907568c4b83f3de085cc969280b13ca48529696 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 12:46:47 -0500 Subject: [PATCH 276/393] move iiab.env template - add starting STAGE=1 - update STAGE on the fly part 1 --- roles/1-prep/tasks/main.yml | 8 ++++++++ roles/1-prep/templates/iiab.env.j2 | 1 + roles/2-common/tasks/main.yml | 6 ++++++ roles/4-server-options/tasks/main.yml | 12 +++++------- 4 files changed, 20 insertions(+), 7 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index e6e2b382a..02e39ccd1 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -88,5 +88,13 @@ url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode when: first_run and usb_NUC6.stdout|int > 0 +# this script can be sourced to get IIAB location +- name: Create iiab.env file + template: src=roles/1-prep/templates/iiab.env.j2 + dest=/etc/iiab/iiab.env + owner=root + group=root + mode=0644 + - name: ...HAS COMPLETED =========================================== command: echo diff --git a/roles/1-prep/templates/iiab.env.j2 b/roles/1-prep/templates/iiab.env.j2 index b472d4fe6..bd08f9441 100644 --- a/roles/1-prep/templates/iiab.env.j2 +++ b/roles/1-prep/templates/iiab.env.j2 @@ -5,3 +5,4 @@ IIAB_DIR={{ iiab_dir }} OS={{ ansible_local.local_facts.os }} OS_VER={{ ansible_local.local_facts.os_ver }} WWWROOT={{ doc_root }} +STAGE=1 diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index bfb69887b..e67044a85 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -48,5 +48,11 @@ - include: udev.yml +- name: Record STAGE + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=2' + state=present + - name: ...HAS COMPLETED ========================================= command: echo diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 7efdffe74..fb22f6d0e 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -57,13 +57,11 @@ when: usb_lib_install tags: usb-lib -# this script can be sourced to get IIAB location -- name: Create iiab.env file - template: src=roles/1-prep/templates/iiab.env.j2 - dest=/etc/iiab/iiab.env - owner=root - group=root - mode=0644 +- name: Record STAGE + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=4' + state=present - name: Put a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 From d981d55fdeeecc76fb7cb0b917a4716a3eba85c1 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 12:53:47 -0500 Subject: [PATCH 277/393] update STAGE on the fly part 2 --- roles/5-xo-services/tasks/main.yml | 6 ++++++ roles/6-generic-apps/tasks/main.yml | 6 ++++++ roles/7-edu-apps/tasks/main.yml | 6 ++++++ roles/8-mgmt-tools/tasks/main.yml | 6 ++++++ 4 files changed, 24 insertions(+) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 2ee59d9e0..6e99a3299 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -21,5 +21,11 @@ when: idmgr_install tags: olpc, idmgr +- name: Record STAGE 5 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=5' + state=present + - name: ...HAS COMPLETED ==================================== command: echo diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 6b4deeb49..969450b36 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -45,5 +45,11 @@ when: wordpress_install tags: wordpress +- name: Record STAGE 6 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=6' + state=present + - name: ...HAS COMPLETED =================================== command: echo diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index d484570b1..d5a5e97b3 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -39,5 +39,11 @@ when: sugarizer_install tags: sugarizer +- name: Record STAGE 7 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=7' + state=present + - name: ...HAS COMPLETED ======================================= command: echo diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 01920102d..9351d6770 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -51,5 +51,11 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis +- name: Record STAGE 8 + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=8' + state=present + - name: ...HAS COMPLETED ===================================== command: echo From ff626df2f4de70b4e5c729b470490392b54d805f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 29 Oct 2017 01:53:13 -0500 Subject: [PATCH 278/393] cherry-pick f6ddc8ecfbf736dd0bbaf034c9943ee0b2ae7d6d --- roles/1-prep/tasks/computed_vars.yml | 63 +++++++++++++++------------- 1 file changed, 34 insertions(+), 29 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index ae53e7970..28ba861d6 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -6,8 +6,9 @@ # set top level variables from local facts for convenience - set_fact: - xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}' - phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}' + xo_model: '{{ ansible_local.local_facts.xo_model }}' + phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' + iiab_stage: '{{ ansible_local.local_facts.stage }}' - name: Set exFAT enabled for XO laptops set_fact: @@ -46,33 +47,6 @@ file: path=/tmp/heart-beat.txt state=absent -- name: add version section - ini_file: dest='{{ iiab_config_file }}' - section=runtime - option='{{ item.option }}' - value='{{ item.value }}' - with_items: - - option: 'runtime_branch' - value: '{{ ansible_local["local_facts"]["iiab_branch"] }}' - - option: 'runtime_commit' - value: '{{ ansible_local["local_facts"]["iiab_commit"] }}' - - option: 'runtime_date' - value: '{{ ansible_date_time["iso8601"] }}' - - option: 'runtime_php' - value: '{{ phplib_dir }}' - - option: 'kernel' - value: '{{ ansible_kernel }}' - - option: 'memory_mb' - value: '{{ ansible_memtotal_mb }}' - - option: 'swap_mb' - value: '{{ ansible_swaptotal_mb }}' - - option: 'product_id' - value: '{{ ansible_product_uuid }}' - - option: 'gw_active' - value: '{{ gw_active }}' - - option: 'internet_available' - value: '{{ internet_available }}' - # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC set_fact: local_tz='UTC' @@ -176,3 +150,34 @@ set_fact: is_CentOS: True when: ansible_distribution == "CentOS" + +- name: add version section + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'iiab_stage' + value: '{{ iiab_stage }}' + - option: 'runtime_php' + value: '{{ phplib_dir }}' + - option: 'runtime_branch' + value: '{{ ansible_local.local_facts.iiab_branch }}' + - option: 'runtime_commit' + value: '{{ ansible_local.local_facts.iiab_commit }}' + - option: 'runtime_date' + value: '{{ ansible_date_time.iso8601 }}' + - option: 'ansible_version' + value: '{{ ansible_local.local_facts.ansible_version }}' + - option: 'kernel' + value: '{{ ansible_kernel }}' + - option: 'memory_mb' + value: '{{ ansible_memtotal_mb }}' + - option: 'swap_mb' + value: '{{ ansible_swaptotal_mb }}' + - option: 'product_id' + value: '{{ ansible_product_uuid }}' + - option: 'gw_active' + value: '{{ gw_active }}' + - option: 'internet_available' + value: '{{ internet_available }}' From dc15f066b9fa81c9b42f84dc14388c5d3a84382e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 12:02:18 -0500 Subject: [PATCH 279/393] partial cherry-pick of 87c81df5e0f4c938ac03df92433bcfc31a0294e0 --- scripts/local_facts.fact | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/local_facts.fact b/scripts/local_facts.fact index 43f8ab6f5..54863bcd7 100755 --- a/scripts/local_facts.fact +++ b/scripts/local_facts.fact @@ -45,7 +45,7 @@ fi # interruptions return last stage number recorded (1-9) if [ -f /etc/iiab/iiab.env ] then - STAGE=0 + STAGE=1 source /etc/iiab/iiab.env STAGE=$STAGE else @@ -58,7 +58,7 @@ cat <<EOF "iiab_branch" : "$BRANCH", "iiab_commit" : "$COMMIT", "xo_model" : "$XO_VERSION", -"ansble_version" : "$ANSIBLE_VERSION", +"ansible_version" : "$ANSIBLE_VERSION", "os" : "$OS", "os_ver" : "$OS_VER"} From 17bd76097d3686b54796fe3fdf9e22be0d5f723f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 12:14:09 -0500 Subject: [PATCH 280/393] partial cherry-pick of 0026446a800b345a7cbc7314ce10de0ea85efb0a --- roles/1-prep/tasks/main.yml | 7 ++----- roles/2-common/tasks/main.yml | 7 ++----- roles/3-base-server/tasks/main.yml | 8 ++------ roles/4-server-options/tasks/main.yml | 14 +++++--------- roles/5-xo-services/tasks/main.yml | 8 ++------ roles/6-generic-apps/tasks/main.yml | 8 ++------ roles/7-edu-apps/tasks/main.yml | 8 ++------ roles/8-mgmt-tools/tasks/main.yml | 7 ++----- roles/9-local-addons/tasks/main.yml | 9 ++++++--- 9 files changed, 25 insertions(+), 51 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 02e39ccd1..84ae926eb 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,6 +1,6 @@ # Preparations (Hardware Level) -- name: ...IS BEGINNING ============================================ +- name: ...IS BEGINNING ================================== command: echo - name: Get the uuidgen program @@ -89,12 +89,9 @@ when: first_run and usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location -- name: Create iiab.env file +- name: Recording STAGE 1 HAS COMPLETED ================== template: src=roles/1-prep/templates/iiab.env.j2 dest=/etc/iiab/iiab.env owner=root group=root mode=0644 - -- name: ...HAS COMPLETED =========================================== - command: echo diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index e67044a85..acaacc99f 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,6 +1,6 @@ # Common OS-Level Additions & Mods (that only need to be performed once) -- name: ...IS BEGINNING ========================================== +- name: ...IS BEGINNING ================================== command: echo #- include: iiab_ini.yml @@ -48,11 +48,8 @@ - include: udev.yml -- name: Record STAGE +- name: Recording STAGE 2 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=2' state=present - -- name: ...HAS COMPLETED ========================================= - command: echo diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index ca7c86b66..e59553e9e 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,6 +1,5 @@ # Base Server - -- name: ...IS BEGINNING ===================================== +- name: ...IS BEGINNING ================================== command: echo - name: HTTPD @@ -30,12 +29,9 @@ state=restarted when: not installing -# If we got here we're done -- name: Record STAGE +- name: Record STAGE 3 HAS COMPLETED ===================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=3' state=present -- name: ...HAS COMPLETED ==================================== - command: echo diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index fb22f6d0e..2b68861eb 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -1,5 +1,4 @@ # Server Options - - name: ...IS BEGINNING ================================== command: echo @@ -57,12 +56,6 @@ when: usb_lib_install tags: usb-lib -- name: Record STAGE - lineinfile: dest=/etc/iiab/iiab.env - regexp='^STAGE=*' - line='STAGE=4' - state=present - - name: Put a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py @@ -71,5 +64,8 @@ command: /usr/bin/iiab-refresh-wiki-docs when: not nodocs -- name: ...HAS COMPLETED ================================= - command: echo +- name: Recording STAGE 4 HAS COMPLETED ================== + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=4' + state=present diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index 6e99a3299..bc9c20653 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,6 +1,5 @@ # XO Services - -- name: ...IS BEGINNING ===================================== +- name: ...IS BEGINNING ================================== command: echo - name: ACTIVITY-SERVER @@ -21,11 +20,8 @@ when: idmgr_install tags: olpc, idmgr -- name: Record STAGE 5 +- name: Recording STAGE 5 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=5' state=present - -- name: ...HAS COMPLETED ==================================== - command: echo diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 969450b36..9cf53a700 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,6 +1,5 @@ # Generic Apps - -- name: ...IS BEGINNING ==================================== +- name: ...IS BEGINNING ================================== command: echo - name: CALIBRE @@ -45,11 +44,8 @@ when: wordpress_install tags: wordpress -- name: Record STAGE 6 +- name: Recording STAGE 6 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=6' state=present - -- name: ...HAS COMPLETED =================================== - command: echo diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index d5a5e97b3..ee98a0d2d 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,6 +1,5 @@ # Educational Apps - -- name: ...IS BEGINNING ======================================== +- name: ...IS BEGINNING ================================== command: echo - name: KALITE @@ -39,11 +38,8 @@ when: sugarizer_install tags: sugarizer -- name: Record STAGE 7 +- name: Recording STAGE 7 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=7' state=present - -- name: ...HAS COMPLETED ======================================= - command: echo diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 9351d6770..91413900b 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,6 +1,6 @@ # Assessment and Monitoring Tools -- name: ...IS BEGINNING ====================================== +- name: ...IS BEGINNING ================================== command: echo - name: AWSTATS @@ -51,11 +51,8 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: Record STAGE 8 +- name: Recording STAGE 8 HAS COMPLETED ================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=8' state=present - -- name: ...HAS COMPLETED ===================================== - command: echo diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index 197bb3366..f518d6c81 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,7 +1,10 @@ # Local Add-ons -- name: ...IS BEGINNING ==================================== +- name: ...IS BEGINNING ============================= command: echo -- name: ...HAS COMPLETED =================================== - command: echo +- name: Recording STAGE 9 HAS COMPLETED ============= + lineinfile: dest=/etc/iiab/iiab.env + regexp='^STAGE=*' + line='STAGE=9' + state=present From c32b3518cd19f0038b9979af6dc9672ed4b5b289 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 12:57:55 -0500 Subject: [PATCH 281/393] scripts cleanup --- iiab-network | 15 +++------------ install-support | 3 ++- runtags | 14 +++----------- 3 files changed, 8 insertions(+), 24 deletions(-) diff --git a/iiab-network b/iiab-network index 87be5ccdc..eb9f1b239 100755 --- a/iiab-network +++ b/iiab-network @@ -1,15 +1,8 @@ #!/bin/bash - -if [ -f /etc/iiab/iiab.env ] -then - . /etc/iiab/iiab.env - cd $IIAB_DIR -else - echo /etc/iiab/iiab.env is missing. Playbook has not been run. - exit 1 -fi - +# running from a git repo +# ansible files exist CWD=`pwd` +export ANSIBLE_LOG_PATH="$CWD/iiab-network.log" if [ ! -f iiab-network.yml ] then @@ -25,7 +18,6 @@ then fi Start=`date` -export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" ansible-playbook -i ansible_hosts iiab-network.yml --connection=local End=`date` echo "" >> iiab-network.log @@ -46,4 +38,3 @@ ip r brctl show br0 echo "run start:$Start" echo "run end: $End" - diff --git a/install-support b/install-support index b7df01489..79439f2f7 100755 --- a/install-support +++ b/install-support @@ -4,6 +4,8 @@ PLAYBOOK="iiab-base.yml" INVENTORY="ansible_hosts" CWD=`pwd` +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" + if [ ! -f $PLAYBOOK ] then echo "IIAB Playbook not found." @@ -15,5 +17,4 @@ fi sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml -export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local diff --git a/runtags b/runtags index b353d3a65..45ee507e7 100755 --- a/runtags +++ b/runtags @@ -1,16 +1,11 @@ #!/bin/bash +# running from a git repo PLAYBOOK="iiab.yml" INVENTORY="ansible_hosts" -# Pass cmdline options for ansible - -if [ -f /etc/iiab/iiab.env ] -then - . /etc/iiab/iiab.env - cd $IIAB_DIR -fi - CWD=`pwd` +export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" + if [ ! -f $PLAYBOOK ] then echo "IIAB Playbook not found." @@ -41,8 +36,6 @@ do fi done -# echo $found - taglist=$1 if [ "$found" == "N" ] @@ -50,5 +43,4 @@ then taglist="0-init,"$taglist fi -export ANSIBLE_LOG_PATH="$CWD/iiab-debug.log" ansible-playbook -i ansible_hosts iiab.yml --connection=local --tags="""$taglist""" From 41242f4471ae329523d491786fabb486f510c236 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 28 Oct 2017 15:09:24 -0500 Subject: [PATCH 282/393] XSCE -> IIAB in iiab.env --- roles/1-prep/templates/iiab.env.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/1-prep/templates/iiab.env.j2 b/roles/1-prep/templates/iiab.env.j2 index bd08f9441..423c13ec6 100644 --- a/roles/1-prep/templates/iiab.env.j2 +++ b/roles/1-prep/templates/iiab.env.j2 @@ -1,4 +1,4 @@ -# This is a configuration file for XSCE +# This is a configuration file for IIAB # It can sourced in a shell script or read into an application IIAB_BASE_PATH={{ iiab_base }} IIAB_DIR={{ iiab_dir }} From 925ce00c7aca99ae594a0994a82bc18303c3ae9c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 13:05:19 -0500 Subject: [PATCH 283/393] introduce iiab-install --- iiab-install | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100755 iiab-install diff --git a/iiab-install b/iiab-install new file mode 100755 index 000000000..5a3994622 --- /dev/null +++ b/iiab-install @@ -0,0 +1,74 @@ +#!/bin/bash -e +# running from a git repo +PLAYBOOK="iiab-steps.yml" +INVENTORY="ansible_hosts" +CWD=`pwd` +# Add cmdline options for passing to ansible +# todo add proper shift to gobble up --debug --upgrade +ARGS="" + +export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" + +if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then + mkdir -p /etc/ansible/facts.d +fi +cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact + +STAGE="" + +if [ -f /etc/iiab/iiab.env ]; then + OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` + if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then + echo "Found old XSCE install - re-installing from scratch" + rm /etc/iiab/iiab.env + # check ansible version here and force ansible upgrade if needed + else + source /etc/iiab/iiab.env + if [ $STAGE == 9 ] && [ "$1" = "--debug" ]; then + echo "Entering debug mode" + sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env + elif [ ! $STAGE == 9 ]; then + echo "Restarting from STAGE $STAGE" + else + # place keeper add read response + # "offer 'Y' or stage number dialog box option to override" + echo "'iiab-install' has already been completed" + echo "use --debug to override " + echo "In demo mode not preventing second run" + #echo "Exiting." + #exit 0 + fi + fi +else + mkdir -p /etc/iiab +fi + +if [ ! -f $PLAYBOOK ]; then + echo "IIAB Playbook not found." + echo "Please run this command from the top level of the git repo." + echo "Exiting." + exit 1 +fi + +# if vars/local_vars.yml is missing, put a default one in place - First Run +if [ ! -f ./vars/local_vars.yml ]; then + OS=`grep ^ID= /etc/*release|cut -d= -f2` + OS=${OS//\"/} + + case $OS in + OLPC | fedora) + cp ./vars/olpc.localvars ./vars/local_vars.yml + ;; + centos | debian | ubuntu | raspbian) + cp ./vars/medium.localvars ./vars/local_vars.yml + ;; + *) + echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." + exit 1 + ;; + esac +fi + +echo "Running local playbooks! " +ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null +ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local From da7f875cc0a3b1c5c6fc32b19aac98eb41cca3cb Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 15:02:23 -0500 Subject: [PATCH 284/393] flip logic for easier read - exit if STAGE=9 --- iiab-install | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/iiab-install b/iiab-install index 5a3994622..15010a3bd 100755 --- a/iiab-install +++ b/iiab-install @@ -4,7 +4,7 @@ PLAYBOOK="iiab-steps.yml" INVENTORY="ansible_hosts" CWD=`pwd` # Add cmdline options for passing to ansible -# todo add proper shift to gobble up --debug --upgrade +# todo add proper shift to gobble up --debug --reinstall ARGS="" export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" @@ -16,7 +16,9 @@ cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact STAGE="" -if [ -f /etc/iiab/iiab.env ]; then +if [ ! -f /etc/iiab/iiab.env ]; then + mkdir -p /etc/iiab +else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then echo "Found old XSCE install - re-installing from scratch" @@ -34,13 +36,11 @@ if [ -f /etc/iiab/iiab.env ]; then # "offer 'Y' or stage number dialog box option to override" echo "'iiab-install' has already been completed" echo "use --debug to override " - echo "In demo mode not preventing second run" + #echo "In demo mode not preventing second run" #echo "Exiting." - #exit 0 + exit 1 fi fi -else - mkdir -p /etc/iiab fi if [ ! -f $PLAYBOOK ]; then From 4a4cc48c480ec3ff2be9f904bc39ed080d1f6bb4 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 30 Oct 2017 15:19:09 -0500 Subject: [PATCH 285/393] exit warning --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 15010a3bd..52f4575ca 100755 --- a/iiab-install +++ b/iiab-install @@ -37,7 +37,7 @@ else echo "'iiab-install' has already been completed" echo "use --debug to override " #echo "In demo mode not preventing second run" - #echo "Exiting." + echo "Exiting." exit 1 fi fi From 104bbf784ad8093aafb12e7aedcda2cdd0b9d4dc Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:29:49 -0400 Subject: [PATCH 286/393] fill lines with ==='s --- roles/1-prep/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 84ae926eb..fea4ea34f 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -1,6 +1,6 @@ # Preparations (Hardware Level) -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ============================================ command: echo - name: Get the uuidgen program @@ -89,7 +89,7 @@ when: first_run and usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location -- name: Recording STAGE 1 HAS COMPLETED ================== +- name: Recording STAGE 1 HAS COMPLETED ============================ template: src=roles/1-prep/templates/iiab.env.j2 dest=/etc/iiab/iiab.env owner=root From c329a156a7d2594d83cf18962401a69f5403c601 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:31:16 -0400 Subject: [PATCH 287/393] fill lines with ==='s --- roles/2-common/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index acaacc99f..c7af19941 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,6 +1,6 @@ # Common OS-Level Additions & Mods (that only need to be performed once) -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ========================================== command: echo #- include: iiab_ini.yml @@ -48,7 +48,7 @@ - include: udev.yml -- name: Recording STAGE 2 HAS COMPLETED ================== +- name: Recording STAGE 2 HAS COMPLETED ========================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=2' From 9ca180ce8fb29988336f7e35b7aadb626e1d64ea Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:32:31 -0400 Subject: [PATCH 288/393] fill lines with ==='s --- roles/3-base-server/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index e59553e9e..b77c032ef 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -1,5 +1,5 @@ # Base Server -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ===================================== command: echo - name: HTTPD @@ -29,7 +29,7 @@ state=restarted when: not installing -- name: Record STAGE 3 HAS COMPLETED ===================== +- name: Record STAGE 3 HAS COMPLETED ======================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=3' From 5259d1f29df6d17f8ebf0dead913b171855eebf0 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:34:22 -0400 Subject: [PATCH 289/393] fill lines with ==='s --- roles/5-xo-services/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/5-xo-services/tasks/main.yml b/roles/5-xo-services/tasks/main.yml index bc9c20653..58b750908 100644 --- a/roles/5-xo-services/tasks/main.yml +++ b/roles/5-xo-services/tasks/main.yml @@ -1,5 +1,5 @@ # XO Services -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ===================================== command: echo - name: ACTIVITY-SERVER @@ -20,7 +20,7 @@ when: idmgr_install tags: olpc, idmgr -- name: Recording STAGE 5 HAS COMPLETED ================== +- name: Recording STAGE 5 HAS COMPLETED ===================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=5' From 7b03e1b4b7729b78d857a485fc9ade7e4bde1a35 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:35:28 -0400 Subject: [PATCH 290/393] fill lines with ==='s --- roles/6-generic-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/6-generic-apps/tasks/main.yml b/roles/6-generic-apps/tasks/main.yml index 9cf53a700..9c4113fc1 100644 --- a/roles/6-generic-apps/tasks/main.yml +++ b/roles/6-generic-apps/tasks/main.yml @@ -1,5 +1,5 @@ # Generic Apps -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ==================================== command: echo - name: CALIBRE @@ -44,7 +44,7 @@ when: wordpress_install tags: wordpress -- name: Recording STAGE 6 HAS COMPLETED ================== +- name: Recording STAGE 6 HAS COMPLETED ==================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=6' From 6e8f81b500c30d7aace5dfddc53098a55838d9bd Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:37:06 -0400 Subject: [PATCH 291/393] fill lines with ==='s --- roles/7-edu-apps/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/7-edu-apps/tasks/main.yml b/roles/7-edu-apps/tasks/main.yml index ee98a0d2d..5f7f081d9 100644 --- a/roles/7-edu-apps/tasks/main.yml +++ b/roles/7-edu-apps/tasks/main.yml @@ -1,5 +1,5 @@ # Educational Apps -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ======================================== command: echo - name: KALITE @@ -38,7 +38,7 @@ when: sugarizer_install tags: sugarizer -- name: Recording STAGE 7 HAS COMPLETED ================== +- name: Recording STAGE 7 HAS COMPLETED ======================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=7' From 6fbf870464fa925c6ae4832523ad011b00d0f148 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:38:09 -0400 Subject: [PATCH 292/393] fill lines with ==='s --- roles/8-mgmt-tools/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index 91413900b..ad22382ed 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -1,6 +1,6 @@ # Assessment and Monitoring Tools -- name: ...IS BEGINNING ================================== +- name: ...IS BEGINNING ====================================== command: echo - name: AWSTATS @@ -51,7 +51,7 @@ when: xovis_install and ansible_distribution != "CentOS" tags: xovis -- name: Recording STAGE 8 HAS COMPLETED ================== +- name: Recording STAGE 8 HAS COMPLETED ====================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=8' From 42264f1e3474dd848b4628fe15611b14bb523f3f Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:39:35 -0400 Subject: [PATCH 293/393] fill lines with ==='s --- roles/9-local-addons/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index f518d6c81..3a13a1b37 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -1,9 +1,9 @@ # Local Add-ons -- name: ...IS BEGINNING ============================= +- name: ...IS BEGINNING ==================================== command: echo -- name: Recording STAGE 9 HAS COMPLETED ============= +- name: Recording STAGE 9 HAS COMPLETED ==================== lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*' line='STAGE=9' From 009795aec0a24dd1de9c3910e1d9e84128370735 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:42:30 -0400 Subject: [PATCH 294/393] Update main.yml --- roles/3-base-server/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index b77c032ef..877ab58e4 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -34,4 +34,3 @@ regexp='^STAGE=*' line='STAGE=3' state=present - From 68f199f3ee684fa8c3a9e4930af6e8cdf5ee5fd2 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 16:56:52 -0400 Subject: [PATCH 295/393] role: -> include_role: avoid pages of spam output --- iiab-steps.yml | 78 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 20 deletions(-) diff --git a/iiab-steps.yml b/iiab-steps.yml index 66c97721c..b514c3dc0 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -7,23 +7,61 @@ - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml - roles: - - { role: 0-init, tags: ['0-init'] } - - { role: 1-prep, tags: ['1-prep','platform','base'], - when: ansible_local.local_facts.stage|int < 1 } - - { role: 2-common, tags: ['2-common','base'], - when: ansible_local.local_facts.stage|int < 2 } - - { role: 3-base-server, tags: ['3-base-server','base'], - when: ansible_local.local_facts.stage|int < 3 } - - { role: 4-server-options, tags: ['4-server-options'], - when: ansible_local.local_facts.stage|int < 4 } - - { role: 5-xo-services, tags: ['5-xo-services'], - when: ansible_local.local_facts.stage|int < 5 } - - { role: 6-generic-apps, tags: ['6-generic-apps'], - when: ansible_local.local_facts.stage|int < 6 } - - { role: 7-edu-apps, tags: ['7-edu-apps'], - when: ansible_local.local_facts.stage|int < 7 } - - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'], - when: ansible_local.local_facts.stage|int < 8 } - - { role: 9-local-addons, tags: ['9-local-addons'], - when: ansible_local.local_facts.stage|int < 9 } + name: 0-init + include_role: + name: 0-init + tags: 0-init + + name: 1-prep + include_role: + name: 1-prep + when: ansible_local.local_facts.stage|int < 1 + tags: 1-prep, platform, base + + name: 2-common + include_role: + name: 2-common + when: ansible_local.local_facts.stage|int < 2 + tags: 2-common, base + + name: 3-base-server + include_role: + name: 3-base-server + when: ansible_local.local_facts.stage|int < 3 + tags: 3-base-server, base + + name: 4-server-options + include_role: + name: 4-server-options + when: ansible_local.local_facts.stage|int < 4 + tags: 4-server-options + + name: 5-xo-services + include_role: + name: 5-xo-services + when: ansible_local.local_facts.stage|int < 5 + tags: 5-xo-services + + name: 6-generic-apps + include_role: + name: 6-generic-apps + when: ansible_local.local_facts.stage|int < 6 + tags: 6-generic-apps + + name: 7-edu-apps + include_role: + name: 7-edu-apps + when: ansible_local.local_facts.stage|int < 7 + tags: 7-edu-apps + + name: 8-mgmt-tools + include_role: + name: 8-mgmt-tools + when: ansible_local.local_facts.stage|int < 8 + tags: 8-mgmt-tools + + name: 9-local-addons + include_role: + name: 9-local-addons + when: ansible_local.local_facts.stage|int < 9 + tags: 9-local-addons From 84fb30f513081bf93e925816f0de52b3f46b1ccf Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 17:12:19 -0400 Subject: [PATCH 296/393] dashes added --- iiab-steps.yml | 98 +++++++++++++++++++++++++------------------------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/iiab-steps.yml b/iiab-steps.yml index b514c3dc0..de325bd59 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -7,61 +7,61 @@ - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml - name: 0-init - include_role: - name: 0-init - tags: 0-init + - name: 0-init + include_role: + name: 0-init + tags: 0-init - name: 1-prep - include_role: - name: 1-prep - when: ansible_local.local_facts.stage|int < 1 - tags: 1-prep, platform, base + - name: 1-prep + include_role: + name: 1-prep + when: ansible_local.local_facts.stage|int < 1 + tags: 1-prep, platform, base - name: 2-common - include_role: - name: 2-common - when: ansible_local.local_facts.stage|int < 2 - tags: 2-common, base + - name: 2-common + include_role: + name: 2-common + when: ansible_local.local_facts.stage|int < 2 + tags: 2-common, base - name: 3-base-server - include_role: - name: 3-base-server - when: ansible_local.local_facts.stage|int < 3 - tags: 3-base-server, base + - name: 3-base-server + include_role: + name: 3-base-server + when: ansible_local.local_facts.stage|int < 3 + tags: 3-base-server, base - name: 4-server-options - include_role: - name: 4-server-options - when: ansible_local.local_facts.stage|int < 4 - tags: 4-server-options + - name: 4-server-options + include_role: + name: 4-server-options + when: ansible_local.local_facts.stage|int < 4 + tags: 4-server-options - name: 5-xo-services - include_role: - name: 5-xo-services - when: ansible_local.local_facts.stage|int < 5 - tags: 5-xo-services + - name: 5-xo-services + include_role: + name: 5-xo-services + when: ansible_local.local_facts.stage|int < 5 + tags: 5-xo-services - name: 6-generic-apps - include_role: - name: 6-generic-apps - when: ansible_local.local_facts.stage|int < 6 - tags: 6-generic-apps + - name: 6-generic-apps + include_role: + name: 6-generic-apps + when: ansible_local.local_facts.stage|int < 6 + tags: 6-generic-apps - name: 7-edu-apps - include_role: - name: 7-edu-apps - when: ansible_local.local_facts.stage|int < 7 - tags: 7-edu-apps + - name: 7-edu-apps + include_role: + name: 7-edu-apps + when: ansible_local.local_facts.stage|int < 7 + tags: 7-edu-apps - name: 8-mgmt-tools - include_role: - name: 8-mgmt-tools - when: ansible_local.local_facts.stage|int < 8 - tags: 8-mgmt-tools + - name: 8-mgmt-tools + include_role: + name: 8-mgmt-tools + when: ansible_local.local_facts.stage|int < 8 + tags: 8-mgmt-tools - name: 9-local-addons - include_role: - name: 9-local-addons - when: ansible_local.local_facts.stage|int < 9 - tags: 9-local-addons + - name: 9-local-addons + include_role: + name: 9-local-addons + when: ansible_local.local_facts.stage|int < 9 + tags: 9-local-addons From d5ee8ff4ff76093332418471878affe89fc922b4 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 20:45:52 -0400 Subject: [PATCH 297/393] roles: -> tasks: for dynamic execution Since Ansible 2.3 / 2.4 per https://docs.ansible.com/ansible/2.4/playbooks_reuse_roles.html --- iiab-steps.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab-steps.yml b/iiab-steps.yml index de325bd59..834dce951 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -7,6 +7,7 @@ - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml + tasks: - name: 0-init include_role: name: 0-init From 5de56cd3f2b19d46dd99b0fe687ad11ab253639a Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 20:46:43 -0400 Subject: [PATCH 298/393] Update iiab-steps.yml --- iiab-steps.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab-steps.yml b/iiab-steps.yml index 834dce951..ce27ec00c 100644 --- a/iiab-steps.yml +++ b/iiab-steps.yml @@ -8,6 +8,7 @@ - vars/local_vars.yml tasks: + - name: 0-init include_role: name: 0-init From d23e3d760f47a434039e8ef2f66f7dafa7759fef Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Mon, 30 Oct 2017 21:58:29 -0400 Subject: [PATCH 299/393] tweak iiab-install's annc of which stage it's continuing with --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 52f4575ca..086c86775 100755 --- a/iiab-install +++ b/iiab-install @@ -30,7 +30,7 @@ else echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then - echo "Restarting from STAGE $STAGE" + echo "Restarting *after* STAGE $STAGE (as soon as Stage 0 completes..Stage 9 will be last)" else # place keeper add read response # "offer 'Y' or stage number dialog box option to override" From c07c0d2d7619421e71a5d59149f9f03efa799a3d Mon Sep 17 00:00:00 2001 From: Adam Holt <holt@laptop.org> Date: Mon, 30 Oct 2017 23:55:24 -0400 Subject: [PATCH 300/393] 56 changes to include_tasks --edits double check after rebase --- roles/0-init/tasks/main.yml | 4 +- roles/1-prep/tasks/main.yml | 4 +- roles/2-common/tasks/main.yml | 16 ++++---- roles/ajenti/tasks/main.yml | 2 +- roles/awstats/tasks/main.yml | 2 +- roles/dokuwiki/tasks/main.yml | 2 +- roles/httpd/tasks/main.yml | 2 +- roles/iiab-admin/tasks/main.yml | 4 +- roles/kalite/tasks/main.yml | 10 ++--- roles/kiwix/tasks/main.yml | 2 +- roles/mysql/tasks/main.yml | 4 +- roles/network/tasks/detected_network.yml | 2 +- roles/network/tasks/ifcfg_mods.yml | 8 ++-- roles/network/tasks/main.yml | 50 ++++++++++++++---------- roles/network/tasks/squid.yml | 2 +- roles/network/tasks/static.yml | 2 +- roles/nextcloud/tasks/main.yml | 2 +- roles/owncloud/tasks/main.yml | 2 +- roles/rachel/tasks/main.yml | 2 +- roles/sugar-stats/tasks/main.yml | 2 +- roles/teamviewer/tasks/main.yml | 2 +- roles/wordpress/tasks/main.yml | 2 +- 22 files changed, 68 insertions(+), 60 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 31e8e2054..e7351e158 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -14,10 +14,10 @@ # we need to inialize the ini file and only write the location and version sections once and only # once to preserve the install date and git hash. -- include: roles/1-prep/tasks/iiab_ini.yml +- include_tasks: roles/1-prep/tasks/iiab_ini.yml when: first_run # Now load the computed vars -- include: roles/1-prep/tasks/computed_vars.yml +- include_tasks: roles/1-prep/tasks/computed_vars.yml - name: ...HAS COMPLETED =========================================== command: echo diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index fea4ea34f..a96e281f6 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -70,11 +70,11 @@ when: ansible_local.local_facts.os == "raspbian" ignore_errors: true -- include: prep.yml +- include_tasks: prep.yml when: first_run # Put conditional actions for hardware platforms here -- include: raspberry_pi_2.yml +- include_tasks: raspberry_pi_2.yml when: first_run and rpi_model != "none" - name: Check if the identifier for Intel's NUC6 builtin WiFi is present diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index c7af19941..ec15dcee5 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -3,22 +3,22 @@ - name: ...IS BEGINNING ========================================== command: echo -#- include: iiab_ini.yml +#- include_tasks: iiab_ini.yml # create the directory structure for IIAB -- include: fl.yml +- include_tasks: fl.yml -- include: xo.yml +- include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined -- include: centos.yml +- include_tasks: centos.yml when: ansible_distribution == "CentOS" -- include: fedora.yml +- include_tasks: fedora.yml when: ansible_distribution == "Fedora" # the following installs common packages for both debian and fedora -- include: packages.yml +- include_tasks: packages.yml - sysctl: name=net.ipv4.ip_forward value=1 state=present - sysctl: name=net.ipv4.conf.default.rp_filter value=1 state=present @@ -43,10 +43,10 @@ mode=0644 backup=no -- include: net_mods.yml +- include_tasks: net_mods.yml when: not is_debuntu and not is_F18 -- include: udev.yml +- include_tasks: udev.yml - name: Recording STAGE 2 HAS COMPLETED ========================== lineinfile: dest=/etc/iiab/iiab.env diff --git a/roles/ajenti/tasks/main.yml b/roles/ajenti/tasks/main.yml index 93f7bacd0..789afbf31 100644 --- a/roles/ajenti/tasks/main.yml +++ b/roles/ajenti/tasks/main.yml @@ -37,7 +37,7 @@ mode=0744 state=file -- include: ajenti-wondershaper.yml +- include_tasks: ajenti-wondershaper.yml when: 'iiab_lan_iface != ""' # handler doesn't fire diff --git a/roles/awstats/tasks/main.yml b/roles/awstats/tasks/main.yml index f1feed18c..8a9cd37e3 100644 --- a/roles/awstats/tasks/main.yml +++ b/roles/awstats/tasks/main.yml @@ -1,4 +1,4 @@ -- include: install.yml +- include_tasks: install.yml when: awstats_install - name: Add AWStats to service list diff --git a/roles/dokuwiki/tasks/main.yml b/roles/dokuwiki/tasks/main.yml index 9841a32b6..5b2d738ce 100644 --- a/roles/dokuwiki/tasks/main.yml +++ b/roles/dokuwiki/tasks/main.yml @@ -1,5 +1,5 @@ - name: Include the install playbook - include: install.yml + include_tasks: install.yml when: dokuwiki_install - name: Add DokuWiki to service list diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml index 2eb71b8ce..4319e141b 100644 --- a/roles/httpd/tasks/main.yml +++ b/roles/httpd/tasks/main.yml @@ -142,7 +142,7 @@ state=absent when: is_debuntu -- include: html.yml +- include_tasks: html.yml tags: - base diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index 4541f4027..5f609238b 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -1,9 +1,9 @@ -- include: admin-user.yml +- include_tasks: admin-user.yml tags: - base when: not no_admin is defined -- include: access.yml +- include_tasks: access.yml tags: - base diff --git a/roles/kalite/tasks/main.yml b/roles/kalite/tasks/main.yml index b0c02471d..74dd9229b 100644 --- a/roles/kalite/tasks/main.yml +++ b/roles/kalite/tasks/main.yml @@ -16,23 +16,23 @@ stat: path="{{ kalite_db_name }}" register: kalite_installed -- include: install-f18.yml +- include_tasks: install-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: install.yml +- include_tasks: install.yml when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 - name: Ask systemd to reread the unit files shell: systemctl daemon-reload when: not kalite_installed.stat.exists -- include: setup-f18.yml +- include_tasks: setup-f18.yml when: not kalite_installed.stat.exists and is_F18 -- include: setup.yml +- include_tasks: setup.yml when: not kalite_installed.stat.exists and not is_F18 -- include: enable.yml +- include_tasks: enable.yml - name: Add kalite to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index c7409db31..9a1cfc2b0 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -20,7 +20,7 @@ get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}" dest="{{ downloads_dir }}/{{ kiwix_src_file }}" when: internet_available -- include: kiwix_install.yml +- include_tasks: kiwix_install.yml when: kiwix_src_file is defined tags: - kiwix diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index ecc42815f..4afc6d0ab 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -45,12 +45,12 @@ tags: - download - - include: centos.yml + - include_tasks: centos.yml when: ansible_distribution == "CentOS" tags: - download - - include: fedora.yml + - include_tasks: fedora.yml when: ansible_distribution == "Fedora" tags: - download diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 6c422a746..d52cbc194 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -27,7 +27,7 @@ when: discovered_wan_iface != "none" - name: RedHat network detection - include: detected_redhat.yml + include_tasks: detected_redhat.yml when: is_redhat - name: check to see if dhcpcd is installed and active - Can Fail diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 39c4d0156..cdc22be6f 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -43,17 +43,17 @@ when: (num_lan_interfaces != "0" or iiab_wireless_lan_iface != "none") ## vars/ users should set user_wan_iface to avoid messy redetect -- include: redetect.yml +- include_tasks: redetect.yml when: discovered_wan_iface == "none" and user_wan_iface == "auto" # move gateway if not WAN # might have wifi info if wireless is used as uplink. -- include: edit_ifcfg.yml +- include_tasks: edit_ifcfg.yml when: has_wifi_gw == "none" and has_ifcfg_gw != "none" and has_ifcfg_gw != "/etc/sysconfig/network-scripts/ifcfg-WAN" # create ifcfg-WAN if missing # if we get here we have gateway but no ifcfg file -- include: create_ifcfg.yml +- include_tasks: create_ifcfg.yml when: iiab_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none" and xo_model == "none" and not iiab_demo_mode - name: Configuring LAN interface as iiab_lan_iface @@ -76,7 +76,7 @@ tags: - network -- include: enable_wan.yml +- include_tasks: enable_wan.yml when: not installing and not iiab_demo_mode - name: ask systemd to reread the unit files, picks up changes done diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index bf6a96334..71ac61418 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,10 +1,10 @@ -- include: detected_network.yml +- include_tasks: detected_network.yml when: not installing tags: - network - network-discover -- include: computed_network.yml +- include_tasks: computed_network.yml when: not installing tags: - network @@ -44,30 +44,29 @@ - domain ##### Start static ip address info for first run ##### -#- include: static.yml +#- include_tasks: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' ##### End static ip address info -- include: hosts.yml +- include_tasks: hosts.yml tags: - network - domain -##### end hostname setup -##### start install portion -# only needs to be done once -- include: installing.yml +- include_tasks: named.yml tags: - network - named + +- include_tasks: dhcpd.yml + tags: - dhcpd - dnsmasq - squid - domain # when: hostname_change.changed or installing - -- include: avahi.yml +- include_tasks: squid.yml tags: - network @@ -81,7 +80,7 @@ # - network # - network-discover -- include: computed_services.yml +- include_tasks: wondershaper.yml tags: - network - named @@ -89,8 +88,7 @@ - dnsmasq - squid -# templates needed from above install section live here -- include: enable_services.yml +- include_tasks: iptables.yml tags: - network - named @@ -98,19 +96,23 @@ - dnsmasq - squid -- include: hostapd.yml +- include_tasks: avahi.yml tags: - network -- include: ifcfg_mods.yml - when: not is_debuntu and not installing +- include_tasks: ifcfg_mods.yml tags: - network -- include: debian.yml - when: is_debuntu and not installing +- include_tasks: debian.yml tags: - network + when: is_debuntu and not is_rpi and not installing + +- include_tasks: rpi_debian.yml + tags: + - network + when: is_debuntu and is_rpi and not installing - name: Create IIAB network flags template: src=network/{{ item }}.j2 @@ -122,10 +124,16 @@ when: not installing tags: - network -#### end network layout -#### start services -- include: restart.yml +- include_tasks: computed_services.yml + tags: + - network + +- include_tasks: enable_services.yml + tags: + - network + +- include_tasks: restart.yml when: not installing tags: - network diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 1abadaf4b..6ef23db3f 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -64,7 +64,7 @@ mode=0750 state=directory -- include: dansguardian.yml +- include_tasks: dansguardian.yml when: dansguardian_install #- name: Stop Squid diff --git a/roles/network/tasks/static.yml b/roles/network/tasks/static.yml index 4168ab9a7..06ac8b391 100644 --- a/roles/network/tasks/static.yml +++ b/roles/network/tasks/static.yml @@ -4,7 +4,7 @@ template: src=network/ifcfg-WAN.j2 dest=/etc/sysconfig/network-scripts/ifcfg-WAN -- include: NM.yml +- include_tasks: NM.yml when: 'ansible_distribution_version <= "20" and wan_ip != "dhcp"' - name: Re-read network config files diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 06e8c9bfc..cd6b5dd9c 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -120,7 +120,7 @@ # Enable nextcloud by copying template to httpd config # following enables and disables -- include: nextcloud_enabled.yml +- include_tasks: nextcloud_enabled.yml - name: Add Nextcloud to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml index 03e8fb872..12bcbdcc8 100644 --- a/roles/owncloud/tasks/main.yml +++ b/roles/owncloud/tasks/main.yml @@ -102,7 +102,7 @@ # Enable owncloud by copying template to httpd config -- include: owncloud_enabled.yml +- include_tasks: owncloud_enabled.yml when: owncloud_enabled - name: Add owncloud to service list diff --git a/roles/rachel/tasks/main.yml b/roles/rachel/tasks/main.yml index 898a212d5..f37843250 100644 --- a/roles/rachel/tasks/main.yml +++ b/roles/rachel/tasks/main.yml @@ -20,7 +20,7 @@ rachel_content_found: True when: rachel_content.stat.exists == true -- include: rachel_enabled.yml +- include_tasks: rachel_enabled.yml when: rachel_enabled and rachel_content_found - name: Add rachel to service list diff --git a/roles/sugar-stats/tasks/main.yml b/roles/sugar-stats/tasks/main.yml index c42d6ef7f..6f9f708dc 100644 --- a/roles/sugar-stats/tasks/main.yml +++ b/roles/sugar-stats/tasks/main.yml @@ -38,7 +38,7 @@ enabled=no when: not sugar_stats_enabled -- include: statistics-consolidation.yml +- include_tasks: statistics-consolidation.yml - name: Add sugar-stats to service list ini_file: dest='{{ service_filelist }}' diff --git a/roles/teamviewer/tasks/main.yml b/roles/teamviewer/tasks/main.yml index 9421a919c..7ea48de93 100644 --- a/roles/teamviewer/tasks/main.yml +++ b/roles/teamviewer/tasks/main.yml @@ -5,7 +5,7 @@ when: ansible_architecture == "armv7l" or not is_redhat - name: Install Teamviewer if intel - include: install.yml + include_tasks: install.yml when: teamviewer_install - name: Add teamviewer to service list diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml index db4eb2c53..4a77b45f8 100644 --- a/roles/wordpress/tasks/main.yml +++ b/roles/wordpress/tasks/main.yml @@ -1,3 +1,3 @@ - name: Include the install playbook - include: install.yml + include_tasks: install.yml when: wordpress_install \ No newline at end of file From b81c2c5121112ed13fb7595eba500bb26391c46c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Tue, 31 Oct 2017 00:45:45 -0400 Subject: [PATCH 301/393] "Restarting *after* STAGE.." clarified --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 086c86775..934885fe1 100755 --- a/iiab-install +++ b/iiab-install @@ -30,7 +30,7 @@ else echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then - echo "Restarting *after* STAGE $STAGE (as soon as Stage 0 completes..Stage 9 will be last)" + echo "Restarting *after* STAGE $STAGE..as soon as Stage 0 completes. Stage 9 comes last." else # place keeper add read response # "offer 'Y' or stage number dialog box option to override" From c0590d973e317f48c827f163bfbc7d72e432838a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 8 Oct 2017 14:42:55 -0500 Subject: [PATCH 302/393] move hostname handling from network role --edited double check after rebase --- roles/1-prep/tasks/computed_vars.yml | 9 ++++++ roles/2-common/tasks/hostname.yml | 11 +++++++ roles/2-common/tasks/main.yml | 7 +++++ roles/network/tasks/detected_network.yml | 11 ------- roles/network/tasks/main.yml | 39 ++---------------------- 5 files changed, 30 insertions(+), 47 deletions(-) create mode 100644 roles/2-common/tasks/hostname.yml diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 28ba861d6..bbd7b8091 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -47,6 +47,15 @@ file: path=/tmp/heart-beat.txt state=absent +- name: no prior domain name + set_fact: + iiab_domain: "{{ iiab_domain }}" + iiab_hostname: "{{ iiab_hostname }}" + +# Now check FQDN +- include: roles/2-common/tasks/hostname.yml + when: not first_run and "iiab_hostname.iiab_domain" != ansible_fqdn + # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC set_fact: local_tz='UTC' diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml new file mode 100644 index 000000000..a3ae16870 --- /dev/null +++ b/roles/2-common/tasks/hostname.yml @@ -0,0 +1,11 @@ +- name: turn the crank for systemd + shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}" + when: is_debuntu + +- name: Configure /etc/sysconfig/network + template: src=roles/network/templates/network/sysconfig.network.j2 + dest=/etc/sysconfig/network + owner=root + group=root + mode=0644 + when: is_redhat diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index ec15dcee5..f7c0cc95b 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -11,6 +11,13 @@ - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined +# set FQDN for IIAB +- include_tasks: hostname.yml + tags: + - network + - domain + - hostname + - include_tasks: centos.yml when: ansible_distribution == "CentOS" diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index d52cbc194..a7fd839d8 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -1,14 +1,3 @@ -- name: Checking iiab_domain_name - shell: "cat /etc/sysconfig/iiab_domain_name" - register: prior_domain - when: not first_run - -# above always registers -- name: Checking for prior domain name - set_fact: - iiab_domain: "{{ prior_domain.stdout }}" - when: not first_run and prior_domain.stdout != "lan" and prior_domain.stdout != "" - - name: iiab_wan_device shell: "cat /etc/sysconfig/iiab_wan_device" register: prior_gw diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 71ac61418..b9ad86872 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -10,39 +10,6 @@ - network - network-discover -- name: Set hostname - template: dest=/etc/hostname - src=network/hostname.j2 - owner=root - mode=0644 - when: is_debuntu - register: hostname_change - tags: - - network - - domain - -- name: Configure /etc/sysconfig/network - template: src=network/sysconfig.network.j2 - dest=/etc/sysconfig/network - owner=root - group=root - mode=0644 - when: is_redhat - register: hostname_change - tags: - - network - - domain - -- name: Create iiab_domain_name flag - template: src=network/{{ item }}.j2 - dest=/etc/sysconfig/{{ item }} - mode=0644 - with_items: - - iiab_domain_name - tags: - - network - - domain - ##### Start static ip address info for first run ##### #- include_tasks: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' @@ -51,20 +18,20 @@ - include_tasks: hosts.yml tags: - network + - hostname - domain - include_tasks: named.yml tags: - network - named + - domain - include_tasks: dhcpd.yml tags: - dhcpd - - dnsmasq - - squid + - network - domain -# when: hostname_change.changed or installing - include_tasks: squid.yml tags: From ff22bcaf83704ba2b20a5d6ea68b58db49e3d977 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 15 Oct 2017 15:08:08 -0500 Subject: [PATCH 303/393] backport of 46c36b3e3542ffe5609ab5cc10a60de7335d6cd9 double check after rebase backport of c837cde92304cfaf4a44c31dfb40bbadfd05fe04 backport of a0102669d2d842163d17d61e254dbd0ba8a3ea92 touch up backport of a55c0555b6fb92a6b6b239a9dce2fde2100e7ae5 --- roles/1-prep/tasks/computed_vars.yml | 51 +++++++++++++++++-- roles/network/tasks/detected_network.yml | 4 +- roles/network/tasks/enable_services.yml | 12 +++-- roles/network/tasks/main.yml | 23 ++++++--- .../templates/gateway/iiab-gen-iptables | 9 ++-- 5 files changed, 78 insertions(+), 21 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index bbd7b8091..f9fb64852 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -47,14 +47,51 @@ file: path=/tmp/heart-beat.txt state=absent -- name: no prior domain name +- name: set FQDN set_fact: - iiab_domain: "{{ iiab_domain }}" - iiab_hostname: "{{ iiab_hostname }}" + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False + +- name: FQDN changed + set_fact: + FQDN_changed: True + when: iiab_fqdn != ansible_fqdn # Now check FQDN - include: roles/2-common/tasks/hostname.yml - when: not first_run and "iiab_hostname.iiab_domain" != ansible_fqdn + when: not first_run and FQDN_changed + +# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate +- name: Finding gateway + set_fact: + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + when: 'ansible_default_ipv4.gateway is defined' + +- name: Verify gateway present + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? + when: discovered_wan_iface != "none" + register: gw_active_test + +- name: Recording gateway response + set_fact: + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" + +- name: Test for internet access + get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt + ignore_errors: True +# async: 10 +# poll: 2 + register: internet_access_test + +- name: Set internet_available true if wget succeeded + set_fact: + internet_available: True + when: not internet_access_test|failed and not disregard_network + +- name: Cleanup internet test file + file: path=/tmp/heart-beat.txt + state=absent # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC @@ -190,3 +227,9 @@ value: '{{ gw_active }}' - option: 'internet_available' value: '{{ internet_available }}' + - option: 'first_run' + value: '{{ first_run }}' + - option: 'local_tz' + value: '{{ local_tz }}' + - option: 'FQDN_changed' + value: '{{ FQDN_changed }}' diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index a7fd839d8..6f5f7ce1d 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -1,7 +1,7 @@ - name: iiab_wan_device - shell: "cat /etc/sysconfig/iiab_wan_device" - register: prior_gw + shell: grep IIAB_WAN_DEVICE /etc/iiab/iiab.env | awk -F "=" '{print $2}' when: not first_run + register: prior_gw - name: Checking for old device gateway interface for device test set_fact: diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index ab3f82733..e24bcb142 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -70,8 +70,10 @@ when: not dansguardian_enabled and dansguardian_install - name: Create xs_httpcache flag - shell: echo 1 > /etc/sysconfig/xs_httpcache_on - creates=/etc/sysconfig/xs_httpcache_on + lineinfile: dest=/etc/iiab/iiab.env + regexp='^HTTPCACHE_ON=*' + line='HTTPCACHE_ON=True' + state=present when: squid_enabled and squid_install - name: Enable Squid service @@ -105,8 +107,10 @@ when: not squid_enabled and squid_install - name: Remove xs_httpcache flag - file: path=/etc/sysconfig/xs_httpcache_on - state=absent + lineinfile: dest=/etc/iiab/iiab.env + regexp='^HTTPCACHE_ON=*' + line='HTTPCACHE_ON=False' + state=present when: not squid_enabled - name: Enable Wondershaper service diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index b9ad86872..e1fe66ea7 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -81,17 +81,26 @@ - network when: is_debuntu and is_rpi and not installing -- name: Create IIAB network flags - template: src=network/{{ item }}.j2 - dest=/etc/sysconfig/{{ item }} - mode=0644 - with_items: - - iiab_wan_device - - iiab_lan_device +- name: Record iiab_wan_device + lineinfile: dest=/etc/iiab/iiab.env + regexp='^IIAB_WAN_DEVICE=*' + line='IIAB_WAN_DEVICE="{{ iiab_wan_iface }}"' + state=present when: not installing tags: - network +- name: Record iiab_lan_device + lineinfile: dest=/etc/iiab/iiab.env + regexp='^IIAB_LAN_DEVICE=*' + line='IIAB_LAN_DEVICE="{{ iiab_lan_iface }}"' + state=present + when: not installing + tags: + - network + +#### end network layout +#### start services - include_tasks: computed_services.yml tags: - network diff --git a/roles/network/templates/gateway/iiab-gen-iptables b/roles/network/templates/gateway/iiab-gen-iptables index 63f3a20ff..284db36ef 100755 --- a/roles/network/templates/gateway/iiab-gen-iptables +++ b/roles/network/templates/gateway/iiab-gen-iptables @@ -1,4 +1,5 @@ #!/bin/bash -x +source /etc/iiab/iiab.env {% if is_debuntu %} IPTABLES=/sbin/iptables IPTABLES_DATA=/etc/iptables.up.rules @@ -6,8 +7,8 @@ IPTABLES_DATA=/etc/iptables.up.rules IPTABLES=/usr/sbin/iptables IPTABLES_DATA=/etc/sysconfig/iptables {% endif %} -LANIF=`cat /etc/sysconfig/iiab_lan_device` -WANIF=`cat /etc/sysconfig/iiab_wan_device` +LANIF=$IIAB_LAN_DEVICE +WANIF=$IIAB_WAN_DEVICE MODE=`grep iiab_network_mode_applied /etc/iiab/iiab.ini | gawk '{print $3}'` clear_fw() { @@ -33,7 +34,7 @@ $IPTABLES -A INPUT -p tcp --dport 5984 -j DROP $IPTABLES -A INPUT -p udp --dport 5984 -j DROP } -if [ "x$WANIF" == "x" ] || [ "$MODE" == 'Appliance' ]; then +if [ "x$WANIF" == "xnone" ] || [ "$MODE" == 'Appliance' ]; then clear_fw # save the rule set {% if is_debuntu %} @@ -119,7 +120,7 @@ if [ "$captive_portal_enabled" == "True" ];then $IPTABLES -t mangle -A internet -j MARK --set-mark 99 $IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }} -elif [ -f /etc/sysconfig/xs_httpcache_on ]; then +elif [ "$HTTPCACHE_ON" == "True" ]; then $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d 172.18.96.1 -j DNAT --to 172.18.96.1:3128 fi From 55ee21dd4928002710eaf112d33333dec4bb8c45 Mon Sep 17 00:00:00 2001 From: Adam Holt <holt@laptop.org> Date: Tue, 31 Oct 2017 03:04:04 -0400 Subject: [PATCH 304/393] use include_vars in 0-init --- roles/0-init/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index e7351e158..528bf3aa9 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,7 +1,7 @@ # Initialize - name: ...IS BEGINNING ============================================ - command: echo + include_vars: roles/1-prep/defaults/main.yml - name: Determine if runansible was run stat: path=/etc/iiab/iiab.env From 6cae3930b714913d7fda38d79cadd525455211ce Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 05:10:46 -0400 Subject: [PATCH 305/393] move network package install - double check after rebase --- roles/3-base-server/tasks/main.yml | 24 +++++++++++++ roles/network/tasks/dansguardian.yml | 6 ++-- roles/network/tasks/dhcpd.yml | 3 +- roles/network/tasks/enable_services.yml | 1 + roles/network/tasks/main.yml | 38 -------------------- roles/network/tasks/named.yml | 46 ++++++++++++------------- roles/network/tasks/squid.yml | 14 ++++---- roles/network/tasks/wondershaper.yml | 6 ++-- 8 files changed, 62 insertions(+), 76 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 877ab58e4..6729c5597 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -20,6 +20,30 @@ # has no "when: XXXXX_install" flag tags: base, mysql +- include_tasks: roles/network/tasks/named.yml + tags: + - named + - network + - domain + +- include_tasks: roles/network/tasks/dhcpd.yml + tags: + - dhcpd + - network + - domain + +- include_tasks: roles/network/tasks/squid.yml + tags: + - squid + - network + when: squid_install + +- include_tasks: roles/network/tasks/wondershaper.yml + tags: + - wondershaper + - network + when: wondershaper_install + - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index 64610759d..2d4cebc40 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -7,7 +7,7 @@ - download - name: Copy DansGuardian config file - template: src=squid/dansguardian.conf.j2 + template: src=roles/network/templates/squid/dansguardian.conf.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian group=dansguardian @@ -15,7 +15,7 @@ when: ansible_distribution == "Fedora" - name: Copy DansGuardian config file - template: src=squid/dansguardian.conf.debian.j2 + template: src=roles/network/templates/squid/dansguardian.conf.debian.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian group=dansguardian @@ -23,7 +23,7 @@ when: is_debuntu - name: Copy DansGuardian config file for CentOS - template: src=squid/dansguardian.conf.centos.j2 + template: src=roles/network/templates/squid/dansguardian.conf.centos.j2 dest=/etc/dansguardian/dansguardian.conf owner=dansguardian group=vscan diff --git a/roles/network/tasks/dhcpd.yml b/roles/network/tasks/dhcpd.yml index 4315ba0b5..f5612df22 100644 --- a/roles/network/tasks/dhcpd.yml +++ b/roles/network/tasks/dhcpd.yml @@ -24,8 +24,7 @@ group=root mode={{ item.mode }} with_items: - - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf', mode: '0644' } - - { src: 'dhcp/dhcpd.service', dest: '/etc/systemd/system/dhcpd.service', mode: '0644' } + - { src: 'roles/network/templates/dhcp/dhcpd.service', dest: '/etc/systemd/system/dhcpd.service', mode: '0644' } - name: Create dhcpd needed files command: touch /var/lib/dhcpd/dhcpd.leases diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index e24bcb142..aa1808286 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -23,6 +23,7 @@ mode={{ item.mode }} with_items: - { src: 'dhcp/dhcpd-env.j2' , dest: '/etc/sysconfig/dhcpd' , mode: '0644' } + - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf', mode: '0644' } when: dhcpd_enabled and dhcpd_install - name: Copy named file diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index e1fe66ea7..829a95929 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -21,47 +21,9 @@ - hostname - domain -- include_tasks: named.yml - tags: - - network - - named - - domain - -- include_tasks: dhcpd.yml - tags: - - dhcpd - - network - - domain - -- include_tasks: squid.yml - tags: - - network - -#### end install portion -#### start network layout -# setting installing would skip configuring network -# but would configure but not start services -#- include: computed_network.yml -# when: not installing -# tags: -# - network -# - network-discover - -- include_tasks: wondershaper.yml - tags: - - network - - named - - dhcpd - - dnsmasq - - squid - - include_tasks: iptables.yml tags: - network - - named - - dhcpd - - dnsmasq - - squid - include_tasks: avahi.yml tags: diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 182a58f88..07b58ec17 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -41,37 +41,37 @@ group=root mode={{ item.mode }} with_items: - - { src: 'named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root" , mode: '0644' } - - { src: 'named/named.j2', dest: '/etc/sysconfig/named', owner: "root" , mode: '0644' } - - { src: 'named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root" , mode: '0644' } - - { src: 'named/localdomain.zone', dest: '/var/named-iiab/localdomain.zone',owner: "{{ dns_user }}" , mode: '0644' } - - { src: 'named/localhost.zone', dest: '/var/named-iiab/localhost.zone', owner: "{{ dns_user }}" , mode: '0644' } - - { src: 'named/named.broadcast', dest: '/var/named-iiab/named.broadcast', owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.ip6.local', dest: '/var/named-iiab/named.ip6.local' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.local', dest: '/var/named-iiab/named.local' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.rfc1912.zones', dest: '/var/named-iiab/named.rfc1912.zones' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.root', dest: '/var/named-iiab/named.root' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.root.hints', dest: '/var/named-iiab/named.root.hints' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.zero', dest: '/var/named-iiab/named.zero' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.external.zone.db', dest: '/var/named-iiab/school.external.zone.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.16.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.32.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.48.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root" , mode: '0644' } + - { src: 'roles/network/templates/named/named.j2', dest: '/etc/sysconfig/named', owner: "root" , mode: '0644' } + - { src: 'roles/network/templates/named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root" , mode: '0644' } + - { src: 'roles/network/templates/named/localdomain.zone', dest: '/var/named-iiab/localdomain.zone',owner: "{{ dns_user }}" , mode: '0644' } + - { src: 'roles/network/templates/named/localhost.zone', dest: '/var/named-iiab/localhost.zone', owner: "{{ dns_user }}" , mode: '0644' } + - { src: 'roles/network/templates/named/named.broadcast', dest: '/var/named-iiab/named.broadcast', owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.ip6.local', dest: '/var/named-iiab/named.ip6.local' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.local', dest: '/var/named-iiab/named.local' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.rfc1912.zones', dest: '/var/named-iiab/named.rfc1912.zones' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.root', dest: '/var/named-iiab/named.root' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.root.hints', dest: '/var/named-iiab/named.root.hints' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.zero', dest: '/var/named-iiab/named.zero' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.external.zone.db', dest: '/var/named-iiab/school.external.zone.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.16.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.32.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.48.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} # the following two files are not writeable by named, but bind 9.4 cannot discover that fact correctly - - { src: 'named/school.internal.zone.db', dest: '/var/named-iiab/school.internal.zone.db' , owner: "root" , mode: '0644'} - - { src: 'named/school.local.zone.db', dest: '/var/named-iiab/school.local.zone.db' , owner: "root" , mode: '0644'} - - { src: 'named/school.internal.zone.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.db', dest: '/var/named-iiab/school.internal.zone.db' , owner: "root" , mode: '0644'} + - { src: 'roles/network/templates/named/school.local.zone.db', dest: '/var/named-iiab/school.local.zone.db' , owner: "root" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} - name: Substitute our unit file which uses $OPTIONS from sysconfig - template: src=named/{{ dns_service }}.service + template: src=roles/network/templates/named/{{ dns_service }}.service dest=/etc/systemd/system/{{ dns_service }}.service mode=0644 - name: The dns-jail redirect requires the named.blackhole,disabling recursion # in named-iiab.conf, and the redirection of 404 error documents to / - template: src=named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ + template: src=roles/network/templates/named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ when: dns_jail_enabled - name: Separate enabling required for Debian diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 6ef23db3f..2b8e3f184 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -19,32 +19,32 @@ group={{ item.group }} mode={{ item.mode }} with_items: - - src: 'squid/squid.sysconfig' + - src: 'roles/network/templates/squid/squid.sysconfig' dest: '/etc/sysconfig/squid' owner: 'root' group: 'root' mode: '0755' - - src: 'squid/sites.whitelist.txt' + - src: 'roles/network/templates/squid/sites.whitelist.txt' dest: '/etc/{{ proxy }}/sites.whitelist.txt' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/allowregex.rules' + - src: 'roles/network/templates/squid/allowregex.rules' dest: '/etc/{{ proxy }}/allowregex.rules' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/denyregex.rules' + - src: 'roles/network/templates/squid/denyregex.rules' dest: '/etc/{{ proxy }}/denyregex.rules' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/dstaddress.rules' + - src: 'roles/network/templates/squid/dstaddress.rules' dest: '/etc/{{ proxy }}/dstaddress.rules' owner: '{{ proxy_user }}' group: '{{ proxy_user }}' mode: '0644' - - src: 'squid/iiab-httpcache.j2' + - src: 'roles/network/templates/squid/iiab-httpcache.j2' dest: '/usr/bin/iiab-httpcache' owner: 'root' group: 'root' @@ -64,7 +64,7 @@ mode=0750 state=directory -- include_tasks: dansguardian.yml +- include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install #- name: Stop Squid diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index 5fec75b3b..04c66bdf5 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -1,12 +1,12 @@ - name: Copy Wondershaper service script template: backup=yes - src=wondershaper/wondershaper.service + src=roles/network/templates/wondershaper/wondershaper.service dest=/etc/systemd/system/wondershaper.service mode=0644 - name: Copy Wondershaper script template: backup=yes - src=wondershaper/wondershaper.j2 + src=roles/network/templates/wondershaper/wondershaper.j2 dest=/usr/bin/wondershaper owner=root group=root @@ -20,7 +20,7 @@ state=directory - name: Copy Wondershaper config script - template: src=wondershaper/wondershaper.conf + template: src=roles/network/templates/wondershaper/wondershaper.conf dest=/etc/conf.d/wondershaper.conf owner=root group=root From 534bd253f41e07d6f8d09b65c28fbe3ac8409984 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 10:49:56 -0400 Subject: [PATCH 306/393] network detection replace first_run with iiab_stage --- roles/network/tasks/detected_network.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 6f5f7ce1d..cdd73cc98 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -1,19 +1,19 @@ - name: iiab_wan_device shell: grep IIAB_WAN_DEVICE /etc/iiab/iiab.env | awk -F "=" '{print $2}' - when: not first_run + when: iiab_stage|int > 4 register: prior_gw - name: Checking for old device gateway interface for device test set_fact: - device_gw: "{{ prior_gw.stdout }}" - device_gw2: "{{ prior_gw.stdout }}" - when: not first_run and prior_gw is defined and prior_gw.stdout != "" + device_gw: "{{ prior_gw.stdout }}" + device_gw2: "{{ prior_gw.stdout }}" + when: iiab_stage|int > 4 and prior_gw is defined and prior_gw.stdout != "" - name: Setting WAN if detected set_fact: - iiab_wan_iface: "{{ discovered_wan_iface }}" - device_gw: "{{ discovered_wan_iface }}" - when: discovered_wan_iface != "none" + iiab_wan_iface: "{{ discovered_wan_iface }}" + device_gw: "{{ discovered_wan_iface }}" + when: ansible_default_ipv4.gateway is defined - name: RedHat network detection include_tasks: detected_redhat.yml From 16102e0da6a28e218d4e293005ad55f97c95a13e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 11:10:33 -0400 Subject: [PATCH 307/393] computed_vars cleaning --- roles/1-prep/tasks/computed_vars.yml | 63 +++++++--------------------- 1 file changed, 16 insertions(+), 47 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index f9fb64852..0d5b68dd6 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -6,76 +6,45 @@ # set top level variables from local facts for convenience - set_fact: - xo_model: '{{ ansible_local.local_facts.xo_model }}' - phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' - iiab_stage: '{{ ansible_local.local_facts.stage }}' + xo_model: '{{ ansible_local.local_facts.xo_model }}' + phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' + iiab_stage: '{{ ansible_local.local_facts.stage }}' - name: Set exFAT enabled for XO laptops set_fact: exFAT_enabled: True when: xo_model != "none" -# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate -- name: Finding gateway - set_fact: - discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" - when: 'ansible_default_ipv4.gateway is defined' - -- name: Verify gateway present - shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? - when: discovered_wan_iface != "none" - register: gw_active_test - -- name: Recording gateway response - set_fact: - gw_active: True - when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" - -- name: Test for internet access - get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt - ignore_errors: True -# async: 10 -# poll: 2 - register: internet_access_test - -- name: Set internet_available true if wget succeeded - set_fact: - internet_available: True - when: not internet_access_test|failed and not disregard_network - -- name: Cleanup internet test file - file: path=/tmp/heart-beat.txt - state=absent - - name: set FQDN set_fact: - iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" - FQDN_changed: False + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False - name: FQDN changed set_fact: - FQDN_changed: True + FQDN_changed: True when: iiab_fqdn != ansible_fqdn -# Now check FQDN -- include: roles/2-common/tasks/hostname.yml - when: not first_run and FQDN_changed +- name: Now check FQDN + include_tasks: roles/2-common/tasks/hostname.yml + when: FQDN_changed # Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate - name: Finding gateway set_fact: - discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" - when: 'ansible_default_ipv4.gateway is defined' + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + iiab_wan_iface: "{{ discovered_wan_iface }}" + when: ansible_default_ipv4.gateway is defined - name: Verify gateway present - shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $? + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l when: discovered_wan_iface != "none" register: gw_active_test - name: Recording gateway response set_fact: - gw_active: True - when: discovered_wan_iface != "none" and gw_active_test.stdout == "0" + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "1" - name: Test for internet access get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt @@ -86,7 +55,7 @@ - name: Set internet_available true if wget succeeded set_fact: - internet_available: True + internet_available: True when: not internet_access_test|failed and not disregard_network - name: Cleanup internet test file From 7d63af3d6ad4734b7e08e84a3e0b66c72b1a4607 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 12:13:50 -0500 Subject: [PATCH 308/393] steps -> stages --- iiab-install | 2 +- iiab-steps.yml => iiab-stages.yml | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename iiab-steps.yml => iiab-stages.yml (100%) diff --git a/iiab-install b/iiab-install index 934885fe1..c2b35864c 100755 --- a/iiab-install +++ b/iiab-install @@ -1,6 +1,6 @@ #!/bin/bash -e # running from a git repo -PLAYBOOK="iiab-steps.yml" +PLAYBOOK="iiab-stages.yml" INVENTORY="ansible_hosts" CWD=`pwd` # Add cmdline options for passing to ansible diff --git a/iiab-steps.yml b/iiab-stages.yml similarity index 100% rename from iiab-steps.yml rename to iiab-stages.yml From bd7d1dded57578ef088ea480781f608d960765dc Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 13:02:41 -0500 Subject: [PATCH 309/393] move is_rpi to computed_vars.yml for 0-init --- roles/1-prep/tasks/computed_vars.yml | 12 ++++++++---- roles/1-prep/tasks/main.yml | 7 ------- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 0d5b68dd6..9e4e7fdf4 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -1,7 +1,4 @@ -# get local vars from scripts in /etc/ansible/facts.d -# on first run, this will generate UUID - -- name: re-read facts +- name: re-read local_facts.facts from /etc/ansible/facts.d setup: filter=ansible_local # set top level variables from local facts for convenience @@ -10,6 +7,13 @@ phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' iiab_stage: '{{ ansible_local.local_facts.stage }}' +# Networking uses a different file for the rpi +- name: Discover if this is a rpi -- assume if so it is running raspbian + set_fact: + rpi_model: "rpi" + is_rpi: "True" + when: ansible_local.local_facts.os == "raspbian" + - name: Set exFAT enabled for XO laptops set_fact: exFAT_enabled: True diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index a96e281f6..cff1ba0a7 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -63,13 +63,6 @@ when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed ## DISCOVER PLATFORMS ###### -- name: Discover if this is an rpi -- assume it is running Raspbian if so - set_fact: - rpi_model: "rpi" - is_rpi: "True" - when: ansible_local.local_facts.os == "raspbian" - ignore_errors: true - - include_tasks: prep.yml when: first_run From 38fb39ad2b53215ad0bce81c2584eb19e7ea6349 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 13:08:42 -0500 Subject: [PATCH 310/393] remove first_run from 1-prep main.yml --- roles/1-prep/tasks/main.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index cff1ba0a7..05010b77a 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -50,13 +50,13 @@ - name: Disable AppArmor -- on by default in Ubuntu service: name=apparmor enabled=False state=stopped - when: first_run and is_ubuntu + when: is_ubuntu ignore_errors: true - name: Disable SELinux on next boot selinux: state=disabled register: selinux_disabled - when: first_run and not is_debuntu + when: not is_debuntu - name: Disable SELinux for this session (if needed) command: setenforce Permissive @@ -64,7 +64,6 @@ ## DISCOVER PLATFORMS ###### - include_tasks: prep.yml - when: first_run # Put conditional actions for hardware platforms here - include_tasks: raspberry_pi_2.yml @@ -74,12 +73,11 @@ shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'" register: usb_NUC6 ignore_errors: true - when: first_run - name: Download the firmware for built-in WiFi on NUC6 get_url: dest=/lib/firmware url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode - when: first_run and usb_NUC6.stdout|int > 0 + when: usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location - name: Recording STAGE 1 HAS COMPLETED ============================ From e9fc26fc2d191f5ef3bdbb98617ae973a98537c6 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 13:13:09 -0500 Subject: [PATCH 311/393] update syntax in 1-prep iiab_ini.yml --- roles/1-prep/tasks/iiab_ini.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/1-prep/tasks/iiab_ini.yml b/roles/1-prep/tasks/iiab_ini.yml index c78970507..a1b4cb046 100755 --- a/roles/1-prep/tasks/iiab_ini.yml +++ b/roles/1-prep/tasks/iiab_ini.yml @@ -25,10 +25,10 @@ - option: 'arch' value: '{{ ansible_architecture }}' - option: 'iiab_branch' - value: '{{ ansible_local["local_facts"]["iiab_branch"] }}' + value: '{{ ansible_local.local_facts.iiab_branch }}' - option: 'iiab_commit' - value: '{{ ansible_local["local_facts"]["iiab_commit"] }}' + value: '{{ ansible_local.local_facts.iiab_commit }}' - option: 'install_date' - value: '{{ ansible_date_time["iso8601"] }}' + value: '{{ ansible_date_time.iso8601 }}' - option: 'install_xo' value: '{{ xo_model }}' From 2c9a2970bc59e5c0de3b77f6ad941ece0a935a03 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 16:18:16 -0500 Subject: [PATCH 312/393] merge iiab-install - missed is_redhat --- roles/network/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 829a95929..295823df8 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -32,6 +32,7 @@ - include_tasks: ifcfg_mods.yml tags: - network + when: is_redhat and not installing - include_tasks: debian.yml tags: From 9f9a462ad026cc067228296bff5efdb5c124701b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 16:41:13 -0500 Subject: [PATCH 313/393] is_VM --- roles/network/tasks/debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 7845c7524..e11592a79 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -67,7 +67,7 @@ - name: restart the networking service service: name=networking state=restarted - when: interface.changed + when: interface.changed and not is_VM is defined - name: restart hostapd when wifi is present service: name=hostapd state=started From e490693dab308c8f90eb495f9b81f477b3b77355 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 16:57:39 -0500 Subject: [PATCH 314/393] merge - move services - double check after rebase --- roles/network/tasks/main.yml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 295823df8..fd4b64329 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -29,6 +29,15 @@ tags: - network +- include_tasks: hostapd.yml + tags: + - network + - AP + +- include_tasks: computed_services.yml + tags: + - network + - include_tasks: ifcfg_mods.yml tags: - network @@ -64,13 +73,15 @@ #### end network layout #### start services -- include_tasks: computed_services.yml - tags: - - network - - include_tasks: enable_services.yml tags: - network + tags: + - network + - named + - dhcpd + - dnsmasq + - squid - include_tasks: restart.yml when: not installing From c1183cc578805de01021704a70a33a64a0022d9d Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 17:30:55 -0500 Subject: [PATCH 315/393] big hammer on bridging --- roles/network/tasks/detected_network.yml | 28 ++++++++++++++---------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index cdd73cc98..eb0e50500 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -141,20 +141,26 @@ iiab_lan_iface: "{{ discovered_lan_iface }}" when: 'discovered_lan_iface != "none" and num_lan_interfaces == "1"' -- name: For Debian, always use bridging - set_fact: - iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' +# big hammer for now +#- name: For Debian, always use bridging +# set_fact: +# iiab_lan_iface: br0 +# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' -- name: 2 or more devices on the LAN - use bridging - set_fact: - iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_debian' +#- name: 2 or more devices on the LAN - use bridging +# set_fact: +# iiab_lan_iface: br0 +# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_debian' -- name: WiFi is on the LAN - use bridging +#- name: WiFi is on the LAN - use bridging +# set_fact: +# iiab_lan_iface: br0 +# when: iiab_wireless_lan_iface != "none" + +- name: in VM disable bridging set_fact: - iiab_lan_iface: br0 - when: iiab_wireless_lan_iface != "none" + iiab_lan_iface: none + when: is_VM is defined # OK try old gw this is a best guess based on what's in # /etc/sysconfig/iiab_wan_device's last state intended to From 5829faac91eb625aaebaf03617868411bbe4ea82 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 17:45:10 -0500 Subject: [PATCH 316/393] dhcpd - is_VM --- roles/network/tasks/debian.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index e11592a79..5ae034620 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -75,3 +75,4 @@ - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} state=started + when: not is_VM is defined From 22165b1c04dc7ff286becda5e94fbfa9dadbaae2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 31 Oct 2017 18:11:53 -0500 Subject: [PATCH 317/393] dhcpd - iiab_network_mode != Appliance debian --- roles/network/tasks/debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 5ae034620..cf5dd23ff 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -75,4 +75,4 @@ - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} state=started - when: not is_VM is defined + when: not iiab_network_mode != "Appliance" From cdf368d257f79ccce6245bd0153b733829740594 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 10:15:59 -0400 Subject: [PATCH 318/393] fixed cherry-pick 54f7b4e728061bb75bf714fcc982b2c0c55784c7 --- roles/network/tasks/main.yml | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index fd4b64329..d1d82a1e5 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -25,6 +25,7 @@ tags: - network +#### start services - include_tasks: avahi.yml tags: - network @@ -37,6 +38,21 @@ - include_tasks: computed_services.yml tags: - network + - named + - dhcpd + - dnsmasq + - squid + +- include_tasks: enable_services.yml + tags: + - network + - named + - dhcpd + - dnsmasq + - squid + +#### end services +#### Start network layout - include_tasks: ifcfg_mods.yml tags: @@ -72,17 +88,6 @@ - network #### end network layout -#### start services -- include_tasks: enable_services.yml - tags: - - network - tags: - - network - - named - - dhcpd - - dnsmasq - - squid - - include_tasks: restart.yml when: not installing tags: @@ -91,4 +96,3 @@ - dhcpd - dnsmasq - squid -#### end services From 37b8e3fdb6fd242bd9397f792e616636e1dba3cf Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 10:59:33 -0400 Subject: [PATCH 319/393] fixed cherry-pick of 76835bac0539366278ff617ace99f24b4ad06dff --- roles/network/tasks/debian.yml | 12 ++++++------ roles/network/tasks/ifcfg_mods.yml | 10 +++++----- roles/network/tasks/restart.yml | 23 +++++++++++++++++------ 3 files changed, 28 insertions(+), 17 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index cf5dd23ff..20f0e5227 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -69,10 +69,10 @@ service: name=networking state=restarted when: interface.changed and not is_VM is defined -- name: restart hostapd when wifi is present - service: name=hostapd state=started - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" +#- name: restart hostapd when wifi is present +# service: name=hostapd state=started +# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" -- name: dhcp_server may be affected - starting - user choice - service: name={{ dhcp_service2 }} state=started - when: not iiab_network_mode != "Appliance" +#- name: dhcp_server may be affected - starting - user choice +# service: name={{ dhcp_service2 }} state=started +# when: iiab_network_mode != "Appliance" diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index cdc22be6f..b985aa401 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -110,9 +110,9 @@ with_items: - "{{ lan_list_result.stdout_lines }}" -- name: restart hostapd when wifi is present - service: name=hostapd state=started - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" +#- name: restart hostapd when wifi is present +# service: name=hostapd state=started +# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" -- name: dhcp_server may be affected - starting - user choice - service: name={{ dhcp_service2 }} state=started +#- name: dhcp_server may be affected - starting - user choice +# service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 30ef4a84b..24a3e4f09 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,3 +1,8 @@ +- name: restart hostapd when wifi is present + service: name=hostapd state=started + when: iiab_wireless_lan_iface != "none" and hostapd_enabled +# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + - name: Start named service service: name={{ dns_service }} state=started @@ -26,7 +31,7 @@ - name: Restart Wondershaper service service: name=wondershaper - state=restarted + state=restarted when: wondershaper_enabled - name: Restart avahi service @@ -38,17 +43,23 @@ creates=/etc/sysconfig/olpc-scripts/setup.d/installed/gateway when: iiab_network_mode == "Gateway" +- name: Waiting {{ hostapd_wait }} seconds for network to stablize + shell: sleep {{ hostapd_wait }} + - name: Run iptables command: /usr/bin/iiab-gen-iptables - name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds - shell: "sleep {{ hostapd_wait }} | brctl show br0 | grep {{ iiab_wireless_lan_iface }}" - when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" + shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} + when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and item|trim == "" - with_items: - - "{{ wifi_slave.stdout }}" + when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled + +- name: dhcp_server may be affected - starting - user choice + service: name={{ dhcp_service2 }} + state=restarted + when: iiab_network_mode != "Appliance" From 8e37472fbfb45767e7912d563472b584c12df482 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 08:45:55 -0400 Subject: [PATCH 320/393] running - double check after rebase --- roles/network/defaults/main.yml | 19 ++++--- roles/network/tasks/debian.yml | 7 +-- roles/network/tasks/detected_network.yml | 50 ++++++++++++------- roles/network/tasks/main.yml | 14 ++++-- .../network/templates/network/dhcpcd.conf.j2 | 6 ++- 5 files changed, 61 insertions(+), 35 deletions(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 9a546c8c1..74376c895 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -8,18 +8,23 @@ gui_static_wan: False # Set defaults for discovery process as strings wifi1: "not found-1" wifi2: "not found-2" -discovered_lan_iface: "none" -discovered_wireless_iface: "none" -#Redhat -iiab_lan_iface: "none" -iiab_wan_iface: "none" -iiab_wireless_lan_iface: "none" +ap_device: "none" device_gw: "none" device_gw2: "" + +iiab_wan_iface: "none" +iiab_lan_iface: "none" +discovered_lan_iface: "none" +discovered_wired_iface: "none" +discovered_wireless_iface: "none" +iiab_wired_lan_iface: "none" +iiab_wireless_lan_iface: "none" + +#Redhat has_WAN: False has_ifcfg_gw: "none" has_wifi_gw: "none" -ap_device: "none" + #Debian dhcpcd_result: "" wan_in_interfaces: False diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 20f0e5227..d64bafbe2 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -32,7 +32,8 @@ - name: Supply dhcpcd.conf template: dest=/etc/dhcpcd.conf src=network/dhcpcd.conf.j2 - when: dhcpcd_result == "enabled" and (iiab_lan_iface == "br0" or wan_ip != "dhcp") + when: dhcpcd_result == "enabled" +#and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab @@ -42,7 +43,7 @@ - name: If this was a change, things need to shift service: name=hostapd state=stopped - when: interface.changed +# when: interface.changed - name: bind may be affected service: name={{ dns_service }} state=stopped @@ -63,7 +64,7 @@ # now pick up denyinterfaces - name: restart dhcpcd service: name=dhcpcd state=restarted - when: interface.changed and dhcpcd_result == "enabled" + when: dhcpcd_result == "enabled" - name: restart the networking service service: name=networking state=restarted diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index eb0e50500..023c85c73 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -73,6 +73,7 @@ shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l" register: count_wifi_interfaces +# facts are apparently all stored as text, so do text comparisons from here on - name: Remember number of WiFi devices set_fact: num_wifi_interfaces: "{{ count_wifi_interfaces.stdout|int }}" @@ -98,22 +99,12 @@ ignore_errors: True changed_when: false -# Select an adapter that is not WAN and not wireless -# if there is more than one the last one wins -- name: Set IIAB discovered_lan_iface fact - set_fact: - discovered_lan_iface: "{{ item|trim }}" - when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface - with_items: - - "{{ lan_list_result.stdout_lines }}" - - name: Count LAN ifaces shell: ls /sys/class/net | grep -v -e wwlan -e ppp -e lo -e br0 -e tun -e {{ device_gw }} -e {{ ap_device }} | wc -l register: num_lan_interfaces_result ignore_errors: True changed_when: false -# facts are apparently all stored as text, so do text comparisons from here on - name: Calulate number of LAN interfaces including WiFi set_fact: num_lan_interfaces: "{{ num_lan_interfaces_result.stdout|int }}" @@ -126,20 +117,39 @@ # num_lan_interfaces: "1" # when: iiab_lan_enabled and iiab_wan_enabled and num_lan_interfaces == "2" and discovered_wireless_iface != "none" and iiab_wan_iface == "none" -- name: Set variable discovered_wireless_iface if present +# if there is more than one the last one wins +# Select an adapter that is not WAN and not wireless +- name: Set discovered_wired_iface fact if present + set_fact: + discovered_wired_iface: "{{ item|trim }}" + when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface + with_items: + - "{{ lan_list_result.stdout_lines }}" + +- name: Set discovered_wireless_lan_iface fact if present set_fact: iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}" - when: discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface + when: discovered_wireless_iface is defined and discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface + +- name: Set variable discovered_wired_lan_iface if present + set_fact: + iiab_wired_lan_iface: "{{ discovered_wired_iface }}" + when: discovered_wired_iface is defined and discovered_wired_iface != "none" and discovered_wired_iface != iiab_wan_iface #unused #- name: Get a list of ifcfg files to delete # moved to detected_redhat # use value only if present -- name: Setting detected LAN +- name: Setting wired LAN as only interface set_fact: - iiab_lan_iface: "{{ discovered_lan_iface }}" - when: 'discovered_lan_iface != "none" and num_lan_interfaces == "1"' + iiab_lan_iface: "{{ iiab_wired_lan_iface }}" + when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" + +- name: Setting wireless LAN as only interface + set_fact: + iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" + when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" # big hammer for now #- name: For Debian, always use bridging @@ -159,7 +169,7 @@ - name: in VM disable bridging set_fact: - iiab_lan_iface: none + iiab_lan_iface: none when: is_VM is defined # OK try old gw this is a best guess based on what's in @@ -195,7 +205,11 @@ value: '{{ iiab_wireless_lan_iface }}' - option: 'num_lan_interfaces' value: '{{ num_lan_interfaces }}' - - option: 'discovered_lan_iface' - value: '{{ discovered_lan_iface }}' + - option: 'discovered_wired_iface' + value: '{{ discovered_wired_iface }}' - option: 'gui_static_wan' value: '{{ gui_static_wan }}' + - option: 'dhcpcd_result' + value: '{{ dhcpcd_result }}' + - option: 'iiab_lan' + value: '{{ iiab_lan_iface }}' diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index d1d82a1e5..a6abc237b 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,3 +1,6 @@ + +- include_vars: roles/network/defaults/main.yml + - include_tasks: detected_network.yml when: not installing tags: @@ -62,12 +65,13 @@ - include_tasks: debian.yml tags: - network - when: is_debuntu and not is_rpi and not installing + when: is_debuntu +#and not is_rpi and not installing -- include_tasks: rpi_debian.yml - tags: - - network - when: is_debuntu and is_rpi and not installing +#- include_tasks: rpi_debian.yml +# tags: +# - network +# when: is_debuntu and is_rpi and not installing - name: Record iiab_wan_device lineinfile: dest=/etc/iiab/iiab.env diff --git a/roles/network/templates/network/dhcpcd.conf.j2 b/roles/network/templates/network/dhcpcd.conf.j2 index 4a598574e..e2fa13dd4 100644 --- a/roles/network/templates/network/dhcpcd.conf.j2 +++ b/roles/network/templates/network/dhcpcd.conf.j2 @@ -40,9 +40,11 @@ slaac private # supplied by IIAB -denyinterfaces {% if gui_static_wan == true %} {{ iiab_wan_iface }} {% endif %} {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} +#{% if gui_static_wan == true %} +#denyinterfaces {{ iiab_wan_iface }} +#{% endif %} -{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} +{% if dhcpcd_result == "enabled" and iiab_lan_iface != "none" %} interface {{ iiab_lan_iface }} static ip_address={{ lan_ip }}/19 static routers={{ lan_ip }} From e467df273e1675f11642b572db2ffe2f2f7fcc2f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 10:15:59 -0400 Subject: [PATCH 321/393] move enable_service - edits --- roles/network/tasks/main.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index a6abc237b..73d9db943 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -57,6 +57,17 @@ #### end services #### Start network layout +- include_tasks: enable_services.yml + tags: + - network + - named + - dhcpd + - dnsmasq + - squid + +#### end services +#### Start network layout + - include_tasks: ifcfg_mods.yml tags: - network From 73b6937c8e844a6fd190d02fe0950cc5bd1832dd Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 15:43:19 -0500 Subject: [PATCH 322/393] re-enable bridging for non-RPi --- roles/network/tasks/detected_network.yml | 39 ++++++++++++------------ 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 023c85c73..efd822956 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -141,33 +141,32 @@ # moved to detected_redhat # use value only if present -- name: Setting wired LAN as only interface +- name: For Debian, always use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' and not is_rpi + +- name: WiFi is on the LAN - use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: iiab_wireless_lan_iface != "none" and not is_rpi + +- name: Setting wired LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" + when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" and is_rpi -- name: Setting wireless LAN as only interface +- name: Setting wireless LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" + when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" and is_rpi -# big hammer for now -#- name: For Debian, always use bridging -# set_fact: -# iiab_lan_iface: br0 -# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' +- name: 2 or more devices on the LAN - use bridging + set_fact: + iiab_lan_iface: br0 + when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi' -#- name: 2 or more devices on the LAN - use bridging -# set_fact: -# iiab_lan_iface: br0 -# when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_debian' - -#- name: WiFi is on the LAN - use bridging -# set_fact: -# iiab_lan_iface: br0 -# when: iiab_wireless_lan_iface != "none" - -- name: in VM disable bridging +- name: in VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none when: is_VM is defined From 4d8fe7fd4629a138bfb1c7feeaa16da9ea9517be Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 15:45:55 -0500 Subject: [PATCH 323/393] remove dup'd stanza --- roles/network/tasks/main.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 73d9db943..a6abc237b 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -57,17 +57,6 @@ #### end services #### Start network layout -- include_tasks: enable_services.yml - tags: - - network - - named - - dhcpd - - dnsmasq - - squid - -#### end services -#### Start network layout - - include_tasks: ifcfg_mods.yml tags: - network From 312f5a99ee1b79d3f3fb8b23ebda20fd397d9bd7 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 16:14:00 -0500 Subject: [PATCH 324/393] adjust systemd.j2 --- roles/network/templates/network/systemd.j2 | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index f5d0816a2..9ff1a21d4 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -10,7 +10,7 @@ iface br0 inet manual iface br0 inet static {% endif %} {% if discovered_lan_iface != "none" %} - bridge_ports {{ discovered_lan_iface }} + bridge_ports {{ iiab_wired_lan_iface }} {% endif %} bridge_maxwait 0 {% if dhcpcd_result != "enabled" %} @@ -28,11 +28,6 @@ iface br0 inet static {% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} # client or user defined {% endif %} -{% if dhcpcd_result == "enabled" and is_rpi == "true" %} -#cover rpi -#auto {{ iiab_wan_iface }} -#iface {{ iiab_wan_iface }} inet manual -{% endif %} {% if dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} #cover butt auto {{ iiab_wan_iface }} From f2d3207ac3553120d9678408f51311171b9bb516 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 16:26:40 -0500 Subject: [PATCH 325/393] adjust debian.yml --- roles/network/tasks/debian.yml | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index d64bafbe2..90f0f6fd7 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -33,17 +33,11 @@ template: dest=/etc/dhcpcd.conf src=network/dhcpcd.conf.j2 when: dhcpcd_result == "enabled" -#and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: Copy the bridge script template: dest=/etc/network/interfaces.d/iiab src=network/systemd.j2 - register: interface - when: iiab_lan_iface == "br0" or wan_ip != "dhcp" - -- name: If this was a change, things need to shift - service: name=hostapd state=stopped -# when: interface.changed + when: not is_rpi and (iiab_lan_iface == "br0" or wan_ip != "dhcp") - name: bind may be affected service: name={{ dns_service }} state=stopped @@ -68,11 +62,11 @@ - name: restart the networking service service: name=networking state=restarted - when: interface.changed and not is_VM is defined + when: not is_rpi or not is_VM is defined -#- name: restart hostapd when wifi is present -# service: name=hostapd state=started -# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" +- name: restart hostapd when wifi is present + service: name=hostapd state=restarted + when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" #- name: dhcp_server may be affected - starting - user choice # service: name={{ dhcp_service2 }} state=started From a33c5f76b98ef0b71a548082e66d311a5baf671e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 16:43:59 -0500 Subject: [PATCH 326/393] quotes --- roles/network/tasks/detected_network.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index efd822956..e1ab599d4 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -144,7 +144,7 @@ - name: For Debian, always use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu' and not is_rpi + when: discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu and not is_rpi - name: WiFi is on the LAN - use bridging - except RPi set_fact: @@ -164,7 +164,7 @@ - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 - when: 'discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi' + when: discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi - name: in VM disable LAN - needs local_vars entry to activate set_fact: From 16adb8e1993cabd51e5e306716329659706d58c8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 17:40:18 -0500 Subject: [PATCH 327/393] Noted odd behaviour when altering local_vars for 'host_ssid' & is_VM --- roles/network/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index a6abc237b..b5ac91ab1 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,5 +1,6 @@ - include_vars: roles/network/defaults/main.yml +- include_vars: vars/local_vars.yml - include_tasks: detected_network.yml when: not installing From 4a63f790858088a45a765e58ec4c61adba761b19 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 18:15:28 -0500 Subject: [PATCH 328/393] local_vars is_VM 2 --- roles/network/tasks/debian.yml | 2 +- roles/network/tasks/detected_network.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 90f0f6fd7..33444bd8d 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -62,7 +62,7 @@ - name: restart the networking service service: name=networking state=restarted - when: not is_rpi or not is_VM is defined + when: not is_rpi or not no_net_restart is defined - name: restart hostapd when wifi is present service: name=hostapd state=restarted diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index e1ab599d4..a6a3aba83 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -169,6 +169,7 @@ - name: in VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none + no_net_restart: True when: is_VM is defined # OK try old gw this is a best guess based on what's in From 3e4ae6b07dada4d8074710efc106f7354a41ca95 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 18:50:10 -0500 Subject: [PATCH 329/393] syntax check --- roles/1-prep/tasks/computed_vars.yml | 14 +++++++++++++- roles/network/tasks/computed_services.yml | 2 ++ roles/network/tasks/debian.yml | 4 ++-- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 9e4e7fdf4..96cb679df 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -11,7 +11,7 @@ - name: Discover if this is a rpi -- assume if so it is running raspbian set_fact: rpi_model: "rpi" - is_rpi: "True" + is_rpi: True when: ansible_local.local_facts.os == "raspbian" - name: Set exFAT enabled for XO laptops @@ -200,9 +200,21 @@ value: '{{ gw_active }}' - option: 'internet_available' value: '{{ internet_available }}' + - option: 'is_rpi' + value: '{{ is_rpi }}' - option: 'first_run' value: '{{ first_run }}' - option: 'local_tz' value: '{{ local_tz }}' - option: 'FQDN_changed' value: '{{ FQDN_changed }}' + +- name: add version section + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'is_VM' + value: 'yes' + when: is_VM is defined diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index e5b3b096f..cd28c4d1d 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -52,3 +52,5 @@ value: '{{ dhcp_service2 }}' - option: 'dnsmasq_enabled' value: '{{ dnsmasq_enabled }}' + - option: 'is_rpi' + value: '{{ is_rpi }}' diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 33444bd8d..3ef51d66a 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -61,8 +61,8 @@ when: dhcpcd_result == "enabled" - name: restart the networking service - service: name=networking state=restarted - when: not is_rpi or not no_net_restart is defined + service: name=networking state=restarted + when: not is_rpi or not is_VM is defined - name: restart hostapd when wifi is present service: name=hostapd state=restarted From 4015a7c8f1246b57cf10a355fa8fb60f9471bb5b Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 21:25:13 -0400 Subject: [PATCH 330/393] no_net_restart --- roles/1-prep/defaults/main.yml | 1 + roles/1-prep/tasks/computed_vars.yml | 1 + roles/network/tasks/computed_services.yml | 4 ++-- roles/network/tasks/debian.yml | 2 +- 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/1-prep/defaults/main.yml b/roles/1-prep/defaults/main.yml index 89df65e47..9e41e02fc 100644 --- a/roles/1-prep/defaults/main.yml +++ b/roles/1-prep/defaults/main.yml @@ -4,6 +4,7 @@ gui_version: 2 # These entries should never be changed in this file. # These are defaults for boolean routines, +no_net_restart: False first_run: False installing: False discovered_wan_iface: "none" diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/1-prep/tasks/computed_vars.yml index 96cb679df..0f19a5389 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/1-prep/tasks/computed_vars.yml @@ -12,6 +12,7 @@ set_fact: rpi_model: "rpi" is_rpi: True + no_net_restart: True when: ansible_local.local_facts.os == "raspbian" - name: Set exFAT enabled for XO laptops diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index cd28c4d1d..d8831fd2d 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -52,5 +52,5 @@ value: '{{ dhcp_service2 }}' - option: 'dnsmasq_enabled' value: '{{ dnsmasq_enabled }}' - - option: 'is_rpi' - value: '{{ is_rpi }}' + - option: 'no_net_restart' + value: '{{ no_net_restart }}' diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 3ef51d66a..d79c97264 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -62,7 +62,7 @@ - name: restart the networking service service: name=networking state=restarted - when: not is_rpi or not is_VM is defined + when: not no_net_restart - name: restart hostapd when wifi is present service: name=hostapd state=restarted From 6fae49c4656b695193aeb1235041f3c58a4103b3 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Wed, 1 Nov 2017 23:45:38 -0500 Subject: [PATCH 331/393] enter --debug anytime --- iiab-install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index c2b35864c..001dc8eac 100755 --- a/iiab-install +++ b/iiab-install @@ -26,12 +26,12 @@ else # check ansible version here and force ansible upgrade if needed else source /etc/iiab/iiab.env - if [ $STAGE == 9 ] && [ "$1" = "--debug" ]; then + if [ "$1" = "--debug" ]; then echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then echo "Restarting *after* STAGE $STAGE..as soon as Stage 0 completes. Stage 9 comes last." - else + elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" echo "'iiab-install' has already been completed" From 26aa57537fd906e4aeddf8369e894d6599df170f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 01:18:26 -0500 Subject: [PATCH 332/393] stop squid after install --- roles/network/tasks/squid.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 2b8e3f184..398c2f54d 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -64,15 +64,14 @@ mode=0750 state=directory +- name: Stop Squid + service: name={{ proxy }} + state=stopped + when: not installing + - include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install -#- name: Stop Squid -# service: name={{ proxy }} -# state=stopped -# ignore_errors: yes -# when: not installing - - name: Add Squid to service list ini_file: dest='{{ service_filelist }}' section={{ proxy }} From 18d66e47f468e992c35293918eef8f80903944df Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 11:06:45 -0500 Subject: [PATCH 333/393] numbers should not have quotes --- roles/network/tasks/detected_network.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index a6a3aba83..7b38f8886 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -36,7 +36,7 @@ - name: setting wan_in_interfaces set_fact: wan_in_interfaces: True - when: is_debuntu and wan_file.stdout|int >= "0" + when: is_debuntu and wan_file.stdout|int >= 0 # WIRELESS -- if any wireless is detected as gateway, it becomes WAN - name: Look for any wireless interfaces @@ -144,7 +144,7 @@ - name: For Debian, always use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= "1" and is_debuntu and not is_rpi + when: discovered_lan_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi - name: WiFi is on the LAN - use bridging - except RPi set_fact: @@ -154,17 +154,17 @@ - name: Setting wired LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: iiab_wired_lan_iface is defined and num_lan_interfaces == "1" and is_rpi + when: iiab_wired_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - name: Setting wireless LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: iiab_wireless_lan_iface is defined and num_lan_interfaces == "1" and is_rpi + when: iiab_wireless_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= "2" and not is_rpi + when: discovered_lan_iface != "none" and num_lan_interfaces >= 2 and not is_rpi - name: in VM disable LAN - needs local_vars entry to activate set_fact: @@ -211,5 +211,7 @@ value: '{{ gui_static_wan }}' - option: 'dhcpcd_result' value: '{{ dhcpcd_result }}' - - option: 'iiab_lan' + - option: 'wan_in_interfaces' + value: '{{ wan_in_interfaces }}' + - option: 'iiab_lan_iface' value: '{{ iiab_lan_iface }}' From 47dd40bd264bbd8efdd43cd13654594a34e8a93e Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 11:18:06 -0500 Subject: [PATCH 334/393] CentOS - numbers should not have quotes & no config file needed. Might need to enable resolveconf to have the correct nameserver used -needs further testing to confirm testing --- roles/network/tasks/ifcfg_mods.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index b985aa401..760cdd4aa 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -14,13 +14,13 @@ # clear all bridge ifcfg files - name: Now delete slave bridge ifcfg files shell: rm -f /etc/sysconfig/network-scripts/ifcfg-"{{ item }}" - when: num_lan_interfaces != "0" or iiab_wireless_lan_iface != "none" + when: num_lan_interfaces != 0 or iiab_wireless_lan_iface != "none" with_items: - "{{ ifcfg_slaves.stdout_lines }}" - name: Now delete original ifcfg files shell: rm -f /etc/sysconfig/network-scripts/ifcfg-"{{ item }}" - when: num_lan_interfaces == "1" and iiab_lan_iface != "br0" + when: num_lan_interfaces == 1 and iiab_lan_iface != "br0" with_items: - "{{ discovered_lan_iface }}" @@ -40,7 +40,7 @@ shell: nmcli con delete id iiab-LAN ignore_errors: True changed_when: False - when: (num_lan_interfaces != "0" or iiab_wireless_lan_iface != "none") + when: (num_lan_interfaces != 0 or iiab_wireless_lan_iface != "none") ## vars/ users should set user_wan_iface to avoid messy redetect - include_tasks: redetect.yml @@ -53,8 +53,8 @@ # create ifcfg-WAN if missing # if we get here we have gateway but no ifcfg file -- include_tasks: create_ifcfg.yml - when: iiab_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none" and xo_model == "none" and not iiab_demo_mode +#- include_tasks: create_ifcfg.yml +# when: iiab_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none" and xo_model == "none" and not iiab_demo_mode - name: Configuring LAN interface as iiab_lan_iface template: src=network/ifcfg.j2 From 9bd493b0c56241ea3f08614ced62f8b0d8121e3f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 12:43:47 -0500 Subject: [PATCH 335/393] discovered_lan_iface -> discovered_wired_iface --- roles/network/tasks/detected_network.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 7b38f8886..fad64638d 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -144,7 +144,7 @@ - name: For Debian, always use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi + when: discovered_wired_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi - name: WiFi is on the LAN - use bridging - except RPi set_fact: @@ -164,7 +164,7 @@ - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 - when: discovered_lan_iface != "none" and num_lan_interfaces >= 2 and not is_rpi + when: num_lan_interfaces >= 2 and not is_rpi - name: in VM disable LAN - needs local_vars entry to activate set_fact: From 259c03fbcbd0ddead2780e22d68c5eac7ceeddf0 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 12:52:16 -0500 Subject: [PATCH 336/393] better squid <-> dansguardian switchover when enabling/disabling services due to port 3128 usage --- roles/network/tasks/restart.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 24a3e4f09..5fe64f8fc 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -11,22 +11,22 @@ - name: Stop DansGuardian service: name=dansguardian state=stopped - when: not dansguardian_enabled and dansguardian_install + when: dansguardian_install + +- name: Stop Squid service + service: name={{ proxy }} + state=stopped + when: squid_install - name: Restart DansGuardian service: name=dansguardian state=restarted when: dansguardian_enabled and dansguardian_install -- name: Stop Squid service - service: name={{ proxy }} - state=stopped - when: not squid_enabled and squid_install - # Squid get re-loaded with dispatcher.d - name: Restart Squid service service: name={{ proxy }} - state=started + state=restarted when: squid_enabled and squid_install - name: Restart Wondershaper service From f5f3e175838a435398ab0c70b5077644e7043df3 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 14:33:48 -0500 Subject: [PATCH 337/393] stop named after install --- roles/network/tasks/named.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 07b58ec17..8c88cd101 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -19,9 +19,9 @@ - download # or we have to change the serial number in the config files. -#- name: Stop named before copying files -# service: name={{ dns_service }} state=stopped -# when: not installing +- name: Stop named before copying files + service: name={{ dns_service }} state=stopped + when: not installing - name: Set folder permission file: path={{ item }} From 8c764acbca76ec3da46b1d074a11839cf7b854a8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 14:35:55 -0500 Subject: [PATCH 338/393] systemd.j2 touchups --- roles/network/templates/network/systemd.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index 9ff1a21d4..c84b9735a 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -9,7 +9,7 @@ iface br0 inet manual {% else %} iface br0 inet static {% endif %} -{% if discovered_lan_iface != "none" %} +{% if iiab_wired_lan_iface != "none" %} bridge_ports {{ iiab_wired_lan_iface }} {% endif %} bridge_maxwait 0 @@ -25,10 +25,10 @@ iface br0 inet static {% if iiab_network_mode != "LanController" %} ################# GATEWAY or APPLIANCE ######################### # start dhcp clients -{% if dhcpcd_result == "enabled" or wan_in_interfaces == "true" %} +{% if dhcpcd_result == "enabled" or wan_in_interfaces %} # client or user defined {% endif %} -{% if dhcpcd_result != "enabled" and wan_in_interfaces == "false" %} +{% if dhcpcd_result != "enabled" and not wan_in_interfaces %} #cover butt auto {{ iiab_wan_iface }} iface {{ iiab_wan_iface }} inet dhcp From 836747908da2889afde3fa3ba3cb4460b01b751a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 16:56:31 -0500 Subject: [PATCH 339/393] Ubuntu - stop squid before replacing the stock config files otherwise stock service does not stop with replacement files already in place --- roles/network/tasks/squid.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 398c2f54d..e608427a4 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -7,6 +7,11 @@ tags: - download +- name: Stop Squid + service: name={{ proxy }} + state=stopped + when: not installing + - name: Create the Squid user user: name={{ proxy_user }} createhome=False @@ -64,11 +69,6 @@ mode=0750 state=directory -- name: Stop Squid - service: name={{ proxy }} - state=stopped - when: not installing - - include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install From 4a6db98f5b611f768d0ba82f7989ed1845047c89 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 19:33:33 -0500 Subject: [PATCH 340/393] Ubuntu - bigger hammer to stop squid on ubuntu with DG enabled --- roles/network/tasks/squid.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index e608427a4..9405b86a7 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -7,6 +7,10 @@ tags: - download +- name: Bigger hammer for Ubuntu + command: /etc/init.d/squid stop + when: is_ubuntu + - name: Stop Squid service: name={{ proxy }} state=stopped From df08c29cfd83d0cdb1b0dacec4403068bcf178fe Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 21:16:28 -0500 Subject: [PATCH 341/393] Ubuntu - skip restart with DG enabled during install --- roles/network/tasks/restart.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 5fe64f8fc..6660e60fe 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,7 +1,6 @@ - name: restart hostapd when wifi is present service: name=hostapd state=started when: iiab_wireless_lan_iface != "none" and hostapd_enabled -# when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" - name: Start named service service: name={{ dns_service }} @@ -18,10 +17,10 @@ state=stopped when: squid_install -- name: Restart DansGuardian +- name: Restart DansGuardian - execpt Ubuntu which needs reboot to activate service: name=dansguardian state=restarted - when: dansguardian_enabled and dansguardian_install + when: dansguardian_enabled and dansguardian_install and ( not is_ubuntu and iiab_stage|int < 4 ) # Squid get re-loaded with dispatcher.d - name: Restart Squid service From ac0d86a4dee14282ee582994430b521e424282d9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 22:36:11 -0500 Subject: [PATCH 342/393] Better O-init visuals --- roles/0-init/defaults/main.yml | 33 ++++++++++++++++++- .../tasks/computed_vars.yml | 2 +- roles/0-init/tasks/main.yml | 13 ++++---- roles/1-prep/defaults/main.yml | 32 ------------------ 4 files changed, 39 insertions(+), 41 deletions(-) mode change 120000 => 100644 roles/0-init/defaults/main.yml rename roles/{1-prep => 0-init}/tasks/computed_vars.yml (98%) delete mode 100644 roles/1-prep/defaults/main.yml diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml deleted file mode 120000 index b8fa87d4b..000000000 --- a/roles/0-init/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ -/opt/iiab/iiab/roles/1-prep/defaults/main.yml \ No newline at end of file diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml new file mode 100644 index 000000000..9e41e02fc --- /dev/null +++ b/roles/0-init/defaults/main.yml @@ -0,0 +1,32 @@ +# use these as a tag a release at a point in time +iiab_base_ver: 6.4 +gui_version: 2 + +# These entries should never be changed in this file. +# These are defaults for boolean routines, +no_net_restart: False +first_run: False +installing: False +discovered_wan_iface: "none" +gw_active: "none" +internet_available: False +is_F18: False +no_NM_reload: False +exFAT_enabled: False +gui_port: 80 + +# Set default for discovered hardware +rpi_model: none +is_rpi: False +xo_model: none +rtc_id: ds3231 +NUC6_firmware_needed: False + +# used in 2-common xo.yml +wifi_id: none + +is_F20: False +is_F21: False +is_F22: False +is_F23: False +is_F24: False diff --git a/roles/1-prep/tasks/computed_vars.yml b/roles/0-init/tasks/computed_vars.yml similarity index 98% rename from roles/1-prep/tasks/computed_vars.yml rename to roles/0-init/tasks/computed_vars.yml index 0f19a5389..3063927ae 100644 --- a/roles/1-prep/tasks/computed_vars.yml +++ b/roles/0-init/tasks/computed_vars.yml @@ -210,7 +210,7 @@ - option: 'FQDN_changed' value: '{{ FQDN_changed }}' -- name: add version section +- name: STAGE 0 HAS COMPLETED ====================================== ini_file: dest='{{ iiab_config_file }}' section=runtime option='{{ item.option }}' diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 528bf3aa9..ea72d214b 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,9 +1,9 @@ # Initialize - name: ...IS BEGINNING ============================================ - include_vars: roles/1-prep/defaults/main.yml + include_vars: roles/0-init/defaults/main.yml -- name: Determine if runansible was run +- name: Determine if installer was run stat: path=/etc/iiab/iiab.env register: NewInstall @@ -14,10 +14,9 @@ # we need to inialize the ini file and only write the location and version sections once and only # once to preserve the install date and git hash. -- include_tasks: roles/1-prep/tasks/iiab_ini.yml +- name: Write iiab_ini.yml for the first time + include_tasks: roles/1-prep/tasks/iiab_ini.yml when: first_run -# Now load the computed vars -- include_tasks: roles/1-prep/tasks/computed_vars.yml -- name: ...HAS COMPLETED =========================================== - command: echo +- name: Loading computed_vars + include_tasks: roles/0-init/tasks/computed_vars.yml diff --git a/roles/1-prep/defaults/main.yml b/roles/1-prep/defaults/main.yml deleted file mode 100644 index 9e41e02fc..000000000 --- a/roles/1-prep/defaults/main.yml +++ /dev/null @@ -1,32 +0,0 @@ -# use these as a tag a release at a point in time -iiab_base_ver: 6.4 -gui_version: 2 - -# These entries should never be changed in this file. -# These are defaults for boolean routines, -no_net_restart: False -first_run: False -installing: False -discovered_wan_iface: "none" -gw_active: "none" -internet_available: False -is_F18: False -no_NM_reload: False -exFAT_enabled: False -gui_port: 80 - -# Set default for discovered hardware -rpi_model: none -is_rpi: False -xo_model: none -rtc_id: ds3231 -NUC6_firmware_needed: False - -# used in 2-common xo.yml -wifi_id: none - -is_F20: False -is_F21: False -is_F22: False -is_F23: False -is_F24: False From f3fa1d21e93e4b71703dafde0457a9b806c24cda Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Thu, 2 Nov 2017 22:52:13 -0500 Subject: [PATCH 343/393] move squid stop before DG --- roles/network/tasks/restart.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 6660e60fe..fe30fe6ec 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -7,16 +7,16 @@ state=started when: named_enabled and named_install -- name: Stop DansGuardian - service: name=dansguardian - state=stopped - when: dansguardian_install - - name: Stop Squid service service: name={{ proxy }} state=stopped when: squid_install +- name: Stop DansGuardian + service: name=dansguardian + state=stopped + when: dansguardian_install + - name: Restart DansGuardian - execpt Ubuntu which needs reboot to activate service: name=dansguardian state=restarted From e74838b8b2b3b34d367b624ecd9834e807e8b8ba Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 15:47:48 -0400 Subject: [PATCH 344/393] test disabling include_vars and moving computed_vars.yml in main.yml looking at "installing" as defined in roles/0-init/defaults/main.yml and first use in named.yml: Stop named before copying files where the install aborts when not defined --- roles/0-init/tasks/main.yml | 198 ++++++++++++++++++++++++++++++++++- roles/network/tasks/main.yml | 4 +- 2 files changed, 196 insertions(+), 6 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index ea72d214b..b8a8f9f1f 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,9 +1,9 @@ # Initialize - name: ...IS BEGINNING ============================================ - include_vars: roles/0-init/defaults/main.yml +# include_vars: roles/0-init/defaults/main.yml -- name: Determine if installer was run +#- name: Determine if installer was run stat: path=/etc/iiab/iiab.env register: NewInstall @@ -18,5 +18,195 @@ include_tasks: roles/1-prep/tasks/iiab_ini.yml when: first_run -- name: Loading computed_vars - include_tasks: roles/0-init/tasks/computed_vars.yml +#- name: Loading computed_vars +# include_tasks: roles/0-init/tasks/computed_vars.yml +- name: re-read local_facts.facts from /etc/ansible/facts.d + setup: filter=ansible_local + +# set top level variables from local facts for convenience +- set_fact: + xo_model: '{{ ansible_local.local_facts.xo_model }}' + phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' + iiab_stage: '{{ ansible_local.local_facts.stage }}' + +# Networking uses a different file for the rpi +- name: Discover if this is a rpi -- assume if so it is running raspbian + set_fact: + rpi_model: "rpi" + is_rpi: True + no_net_restart: True + when: ansible_local.local_facts.os == "raspbian" + +- name: Set exFAT enabled for XO laptops + set_fact: + exFAT_enabled: True + when: xo_model != "none" + +- name: set FQDN + set_fact: + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False + +- name: FQDN changed + set_fact: + FQDN_changed: True + when: iiab_fqdn != ansible_fqdn + +- name: Now check FQDN + include_tasks: roles/2-common/tasks/hostname.yml + when: FQDN_changed + +# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate +- name: Finding gateway + set_fact: + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + iiab_wan_iface: "{{ discovered_wan_iface }}" + when: ansible_default_ipv4.gateway is defined + +- name: Verify gateway present + shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l + when: discovered_wan_iface != "none" + register: gw_active_test + +- name: Recording gateway response + set_fact: + gw_active: True + when: discovered_wan_iface != "none" and gw_active_test.stdout == "1" + +- name: Test for internet access + get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt + ignore_errors: True +# async: 10 +# poll: 2 + register: internet_access_test + +- name: Set internet_available true if wget succeeded + set_fact: + internet_available: True + when: not internet_access_test|failed and not disregard_network + +- name: Cleanup internet test file + file: path=/tmp/heart-beat.txt + state=absent + +# Put all computed vars here so derive properly from any prior var file +- name: If the TZ is not set in env, set it to UTC + set_fact: local_tz='UTC' + when: local_tz == "" + +- name: Set port 80 for Admin Console + set_fact: + gui_port: 80 + when: not adm_cons_force_ssl + +- name: Set port 443 for Admin Console + set_fact: + gui_port: 443 + when: adm_cons_force_ssl + +- name: Require MySQL to be on + set_fact: + mysql_install: True + mysql_enabled: True + +# we decided to enable mysql unconditionally +# when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install + +# Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427 +# - name: Turn on mongodb if sugarizer enabled +# set_fact: +# mongodb_install: True +# mongodb_enabled: True +# when: sugarizer_enabled + +# There might be other db's +- name: Turn on PostgreSQL if Moodle or Pathagar enabled + set_fact: + postgresql_install: True + postgresql_enabled: True + when: moodle_enabled or pathagar_enabled + +- name: Turn on Docker if SchoolTool is to be installed + set_fact: + docker_install: True + docker_enabled: True + when: schooltool_enabled or schooltool_install + +- name: Set python_path for is_redhat + set_fact: + python_path: /usr/lib/python2.7/site-packages/ + when: is_redhat + +- name: Set python_path for is_debuntu + set_fact: + python_path: /usr/local/lib/python2.7/dist-packages/ + when: is_debuntu + +# for various reasons the mysql service can not be enabled on fedora 20, +# but 'mariadb', which is its real name can +# on fedora 18 we need to use 'mysqld' + +- name: Set mysqld_service to mariadb by default + set_fact: + mysql_service: mariadb + +- name: Set mysqld_service to mysqld for Fedora 18 + set_fact: + mysql_service: mysqld + no_NM_reload: True + is_F18: True + when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" + +- name: Set mysql_service to mysql for Debian + set_fact: + mysql_service: mysql + when: is_debuntu + +- name: add version section + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'iiab_stage' + value: '{{ iiab_stage }}' + - option: 'runtime_php' + value: '{{ phplib_dir }}' + - option: 'runtime_branch' + value: '{{ ansible_local.local_facts.iiab_branch }}' + - option: 'runtime_commit' + value: '{{ ansible_local.local_facts.iiab_commit }}' + - option: 'runtime_date' + value: '{{ ansible_date_time.iso8601 }}' + - option: 'ansible_version' + value: '{{ ansible_local.local_facts.ansible_version }}' + - option: 'kernel' + value: '{{ ansible_kernel }}' + - option: 'memory_mb' + value: '{{ ansible_memtotal_mb }}' + - option: 'swap_mb' + value: '{{ ansible_swaptotal_mb }}' + - option: 'product_id' + value: '{{ ansible_product_uuid }}' + - option: 'gw_active' + value: '{{ gw_active }}' + - option: 'internet_available' + value: '{{ internet_available }}' + - option: 'is_rpi' + value: '{{ is_rpi }}' + - option: 'first_run' + value: '{{ first_run }}' + - option: 'local_tz' + value: '{{ local_tz }}' + - option: 'FQDN_changed' + value: '{{ FQDN_changed }}' + +- name: STAGE 0 HAS COMPLETED ====================================== + ini_file: dest='{{ iiab_config_file }}' + section=runtime + option='{{ item.option }}' + value='{{ item.value }}' + with_items: + - option: 'is_VM' + value: 'yes' + when: is_VM is defined diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index b5ac91ab1..e4a8880b8 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,6 +1,6 @@ -- include_vars: roles/network/defaults/main.yml -- include_vars: vars/local_vars.yml +#- include_vars: roles/network/defaults/main.yml +#- include_vars: vars/local_vars.yml - include_tasks: detected_network.yml when: not installing From 9df384840f44469da01abe30764d246249260895 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 20:21:59 -0400 Subject: [PATCH 345/393] needed for 'installing' and others listed --- iiab-stages.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/iiab-stages.yml b/iiab-stages.yml index ce27ec00c..74af5c454 100644 --- a/iiab-stages.yml +++ b/iiab-stages.yml @@ -3,6 +3,7 @@ become: yes vars_files: + - roles/0-init/defaults/main.yml - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - vars/local_vars.yml From 5e854fb798040bb94cd4c8f2a494289d4683941c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 20:35:02 -0400 Subject: [PATCH 346/393] adjust defaults --- roles/0-init/defaults/main.yml | 6 ------ roles/network/defaults/main.yml | 4 ++-- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml index 9e41e02fc..64d63b3cf 100644 --- a/roles/0-init/defaults/main.yml +++ b/roles/0-init/defaults/main.yml @@ -24,9 +24,3 @@ NUC6_firmware_needed: False # used in 2-common xo.yml wifi_id: none - -is_F20: False -is_F21: False -is_F22: False -is_F23: False -is_F24: False diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 74376c895..a7766b667 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -17,8 +17,8 @@ iiab_lan_iface: "none" discovered_lan_iface: "none" discovered_wired_iface: "none" discovered_wireless_iface: "none" -iiab_wired_lan_iface: "none" -iiab_wireless_lan_iface: "none" +#iiab_wired_lan_iface: "none" +#iiab_wireless_lan_iface: "none" #Redhat has_WAN: False From 4c17f2daa7f910f0c9b522a255137783f24c95a5 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 20:57:49 -0400 Subject: [PATCH 347/393] adjust for 'is defined' --- roles/network/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index a7766b667..ea1de51a8 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -14,7 +14,7 @@ device_gw2: "" iiab_wan_iface: "none" iiab_lan_iface: "none" -discovered_lan_iface: "none" +#discovered_lan_iface: "none" discovered_wired_iface: "none" discovered_wireless_iface: "none" #iiab_wired_lan_iface: "none" @@ -48,7 +48,7 @@ hostapd_password: "iiab2017" driver_name: nl80211 network_config_dir: /etc/network/interfaces.d -iiab_network_mode: "Gateway" +#iiab_network_mode: "Gateway" dns_jail_enabled: False services_externally_visible: False From 8eb4b230a0a3ca536b872c55ce4f33f70db35f0f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 21:10:41 -0400 Subject: [PATCH 348/393] adjusted for order of apperence --- roles/0-init/defaults/main.yml | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/roles/0-init/defaults/main.yml b/roles/0-init/defaults/main.yml index 64d63b3cf..3e44ab4fd 100644 --- a/roles/0-init/defaults/main.yml +++ b/roles/0-init/defaults/main.yml @@ -4,23 +4,29 @@ gui_version: 2 # These entries should never be changed in this file. # These are defaults for boolean routines, -no_net_restart: False first_run: False -installing: False -discovered_wan_iface: "none" -gw_active: "none" -internet_available: False -is_F18: False -no_NM_reload: False -exFAT_enabled: False -gui_port: 80 - -# Set default for discovered hardware rpi_model: none is_rpi: False xo_model: none +gw_active: none +internet_available: False +discovered_wan_iface: none + +# old defs +gui_port: 80 +exFAT_enabled: False +is_F18: False + +# Set default 1-prep discovered hardware rtc_id: ds3231 NUC6_firmware_needed: False # used in 2-common xo.yml wifi_id: none + +# used 3+ others +installing: False + +# network +no_net_restart: False +no_NM_reload: False From a9926e670071eab062d3bcb10c4c2f45b8ab8175 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sat, 4 Nov 2017 21:11:27 -0400 Subject: [PATCH 349/393] adjust for 'is defined' and order --- roles/network/tasks/detected_network.yml | 64 ++++++++++++------------ 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index fad64638d..80afa1c92 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -117,12 +117,12 @@ # num_lan_interfaces: "1" # when: iiab_lan_enabled and iiab_wan_enabled and num_lan_interfaces == "2" and discovered_wireless_iface != "none" and iiab_wan_iface == "none" -# if there is more than one the last one wins # Select an adapter that is not WAN and not wireless +# if there is more than one the last one wins - name: Set discovered_wired_iface fact if present set_fact: discovered_wired_iface: "{{ item|trim }}" - when: item|trim != discovered_wireless_iface and item|trim != discovered_wan_iface + when: item|trim != discovered_wireless_iface with_items: - "{{ lan_list_result.stdout_lines }}" @@ -141,31 +141,31 @@ # moved to detected_redhat # use value only if present -- name: For Debian, always use bridging - except RPi - set_fact: - iiab_lan_iface: br0 - when: discovered_wired_iface != "none" and num_lan_interfaces >= 1 and is_debuntu and not is_rpi - -- name: WiFi is on the LAN - use bridging - except RPi - set_fact: - iiab_lan_iface: br0 - when: iiab_wireless_lan_iface != "none" and not is_rpi - -- name: Setting wired LAN as only interface - RPi - set_fact: - iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: iiab_wired_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - -- name: Setting wireless LAN as only interface - RPi - set_fact: - iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: iiab_wireless_lan_iface is defined and num_lan_interfaces == 1 and is_rpi - - name: 2 or more devices on the LAN - use bridging set_fact: iiab_lan_iface: br0 when: num_lan_interfaces >= 2 and not is_rpi +- name: For Debian, always use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: num_lan_interfaces >= 1 and is_debuntu and not is_rpi + +- name: WiFi is on the LAN - use bridging - except RPi + set_fact: + iiab_lan_iface: br0 + when: not is_rpi and iiab_wireless_lan_iface is defined + +- name: Setting wired LAN as only interface - RPi + set_fact: + iiab_lan_iface: "{{ iiab_wired_lan_iface }}" + when: is_rpi and iiab_wired_lan_iface is defined + +- name: Setting wireless LAN as only interface - RPi + set_fact: + iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" + when: is_rpi and iiab_wireless_lan_iface is defined + - name: in VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none @@ -189,10 +189,12 @@ with_items: - option: 'has_ifcfg_gw' value: '{{ has_ifcfg_gw }}' - - option: 'discovered_wan_iface' - value: '{{ discovered_wan_iface }}' - option: 'prior_gateway_(device_gw2)' value: '{{ device_gw2 }}' + - option: 'dhcpcd_result' + value: '{{ dhcpcd_result }}' + - option: 'wan_in_interfaces' + value: '{{ wan_in_interfaces }}' - option: 'wireless_list_1(wifi1)' value: '{{ wifi1 }}' - option: 'wireless_list_2(wifi2)' @@ -201,17 +203,15 @@ value: '{{ num_wifi_interfaces }}' - option: 'discovered_wireless_iface' value: '{{ discovered_wireless_iface }}' - - option: 'iiab_wireless_lan_iface' - value: '{{ iiab_wireless_lan_iface }}' - - option: 'num_lan_interfaces' - value: '{{ num_lan_interfaces }}' - option: 'discovered_wired_iface' value: '{{ discovered_wired_iface }}' +# - option: 'iiab_wireless_lan_iface' +# value: '{{ iiab_wireless_lan_iface }}' + - option: 'num_lan_interfaces' + value: '{{ num_lan_interfaces }}' - option: 'gui_static_wan' value: '{{ gui_static_wan }}' - - option: 'dhcpcd_result' - value: '{{ dhcpcd_result }}' - - option: 'wan_in_interfaces' - value: '{{ wan_in_interfaces }}' - option: 'iiab_lan_iface' value: '{{ iiab_lan_iface }}' + - option: 'iiab_wan_iface' + value: '{{ iiab_wan_iface }}' From c8950389e884f9591b093299903875d2600a834f Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 00:33:15 -0400 Subject: [PATCH 350/393] raspbian kernel check --- iiab-install | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/iiab-install b/iiab-install index 001dc8eac..703bb3ab1 100755 --- a/iiab-install +++ b/iiab-install @@ -1,14 +1,29 @@ #!/bin/bash -e # running from a git repo -PLAYBOOK="iiab-stages.yml" -INVENTORY="ansible_hosts" -CWD=`pwd` # Add cmdline options for passing to ansible # todo add proper shift to gobble up --debug --reinstall ARGS="" +PLAYBOOK="iiab-stages.yml" +INVENTORY="ansible_hosts" +CWD=`pwd` +OS=`grep ^ID= /etc/*release|cut -d= -f2` +OS=${OS//\"/} + export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" +if [ $OS = "raspbian" ]; then + echo "found" + REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` + if [ $REBOOT != 1 ]; then + echo "Please update your system with 'add inst' " + echo "and reboot to install latest kernel" + exit 1 + else + echo "latest kernel installed - continuing" + fi +fi + if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then mkdir -p /etc/ansible/facts.d fi @@ -52,9 +67,6 @@ fi # if vars/local_vars.yml is missing, put a default one in place - First Run if [ ! -f ./vars/local_vars.yml ]; then - OS=`grep ^ID= /etc/*release|cut -d= -f2` - OS=${OS//\"/} - case $OS in OLPC | fedora) cp ./vars/olpc.localvars ./vars/local_vars.yml From 483634d3e93d2e7abe01da890a17ba1afd2c7793 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 00:41:41 -0400 Subject: [PATCH 351/393] bail early if playbook not found --- iiab-install | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/iiab-install b/iiab-install index 703bb3ab1..67a4b4b5e 100755 --- a/iiab-install +++ b/iiab-install @@ -12,6 +12,13 @@ OS=${OS//\"/} export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" +if [ ! -f $PLAYBOOK ]; then + echo "IIAB Playbook not found." + echo "Please run this command from the top level of the git repo." + echo "Exiting." + exit 1 +fi + if [ $OS = "raspbian" ]; then echo "found" REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` @@ -58,13 +65,6 @@ else fi fi -if [ ! -f $PLAYBOOK ]; then - echo "IIAB Playbook not found." - echo "Please run this command from the top level of the git repo." - echo "Exiting." - exit 1 -fi - # if vars/local_vars.yml is missing, put a default one in place - First Run if [ ! -f ./vars/local_vars.yml ]; then case $OS in From 53224d0c05f1f46377b1cf132aec27a67a5d200d Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 00:53:44 -0400 Subject: [PATCH 352/393] instructions and ansible --- iiab-install | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index 67a4b4b5e..241e46f28 100755 --- a/iiab-install +++ b/iiab-install @@ -23,8 +23,8 @@ if [ $OS = "raspbian" ]; then echo "found" REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` if [ $REBOOT != 1 ]; then - echo "Please update your system with 'add inst' " - echo "and reboot to install latest kernel" + echo "Please update your system with "apt update" then " + echo ""apt dist-upgrade" and reboot to install latest kernel" exit 1 else echo "latest kernel installed - continuing" @@ -40,6 +40,7 @@ STAGE="" if [ ! -f /etc/iiab/iiab.env ]; then mkdir -p /etc/iiab + ./scripts/ansible else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then From d315f14526505a57a19555c40aa5a431a5217e79 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 01:03:36 -0400 Subject: [PATCH 353/393] update ansible check to 2.4.1 --- scripts/ansible | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ansible b/scripts/ansible index 4ae9924e0..34353fae4 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -10,13 +10,13 @@ if [ $(which ansible-playbook) ]; then VER=`ansible --version|head -n 1|cut -f 2 -d " "` GOOD_VER=`echo $VER | grep ^2.4` # 2.2.0.0 -> 2.4.0 patching was not applied -just upgrade via pip - if [ $VER = "2.2.0.0" ]; then + if [ $GOOD_VER = "" ]; then echo "Ansible $VER installed updating to 2.4.0" - pip install --upgrade ansible==2.4.0 --disable-pip-version-check + pip install --upgrade ansible==2.4.1 --disable-pip-version-check exit 0 fi -# keep an eye out for 2.4.0.X in the future - if [ $VER = "2.4.0.0" ]; then +# keep an eye out for 2.4.1.X in the future + if [ $VER = "2.4.1.0" ]; then echo "Ansible $VER installed exiting..." exit 0 fi From 6044abe401aec11b83ab798304f0b411adca2d19 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 10:59:40 -0500 Subject: [PATCH 354/393] dhcpcd.conf.j2 cleanup --- roles/network/templates/network/dhcpcd.conf | 66 ------------------- .../network/templates/network/dhcpcd.conf.j2 | 19 ++++-- 2 files changed, 12 insertions(+), 73 deletions(-) delete mode 100644 roles/network/templates/network/dhcpcd.conf diff --git a/roles/network/templates/network/dhcpcd.conf b/roles/network/templates/network/dhcpcd.conf deleted file mode 100644 index a9eaf1c08..000000000 --- a/roles/network/templates/network/dhcpcd.conf +++ /dev/null @@ -1,66 +0,0 @@ -# A sample configuration for dhcpcd. -# See dhcpcd.conf(5) for details. - -# Allow users of this group to interact with dhcpcd via the control socket. -#controlgroup wheel - -# Inform the DHCP server of our hostname for DDNS. -hostname - -# Use the hardware address of the interface for the Client ID. -clientid -# or -# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361. -# Some non-RFC compliant DHCP servers do not reply with this set. -# In this case, comment out duid and enable clientid above. -#duid - -# Persist interface configuration when dhcpcd exits. -persistent - -# Rapid commit support. -# Safe to enable by default because it requires the equivalent option set -# on the server to actually work. -option rapid_commit - -# A list of options to request from the DHCP server. -option domain_name_servers, domain_name, domain_search, host_name -option classless_static_routes -# Most distributions have NTP support. -option ntp_servers -# Respect the network MTU. This is applied to DHCP routes. -option interface_mtu - -# A ServerID is required by RFC2131. -require dhcp_server_identifier - -# Generate Stable Private IPv6 Addresses instead of hardware based ones -slaac private - -# IIAB -denyinterfaces {% if iiab_wireless_lan_iface != "none" %} {{ iiab_wireless_lan_iface }} {% endif %} {% if discovered_lan_iface != "none" %} {{ discovered_lan_iface }} {% endif %} {% if iiab_lan_iface != "br0" %} {{ iiab_lan_iface }} {% endif %} - -{% if dhcpcd_result == "enabled" and iiab_lan_iface == "br0" %} -interface {{ iiab_lan_iface }} -static ip_address={{ lan_ip }}/19 -static domain_name_servers=127.0.0.1 -{% endif %} - -# IIAB static IP configuration: -{% if wan_ip != dhcp %} -interface {{ iiab_wan_iface }} -static ip_address={{ wan_ip }}/24 -static routers={{ wan_gateway }} -domain_name_servers= {{ wan_nameserver }} -{% endif %} - -# It is possible to fall back to a static IP if DHCP fails: -# define static profile -#profile static_eth0 -#static ip_address=192.168.1.23/24 -#static routers=192.168.1.1 -#static domain_name_servers=192.168.1.1 - -# fallback to static profile on eth0 -#interface eth0 -#fallback static_eth0 diff --git a/roles/network/templates/network/dhcpcd.conf.j2 b/roles/network/templates/network/dhcpcd.conf.j2 index e2fa13dd4..63918be98 100644 --- a/roles/network/templates/network/dhcpcd.conf.j2 +++ b/roles/network/templates/network/dhcpcd.conf.j2 @@ -1,4 +1,3 @@ -# Supplied by IIAB # A sample configuration for dhcpcd. # See dhcpcd.conf(5) for details. @@ -38,15 +37,21 @@ require dhcp_server_identifier # Generate Stable Private IPv6 Addresses instead of hardware based ones slaac private -# supplied by IIAB +# IIAB +denyinterfaces {% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }} {% endif %} -#{% if gui_static_wan == true %} -#denyinterfaces {{ iiab_wan_iface }} -#{% endif %} +#{% if iiab_lan_iface != "br0" %} {{ iiab_lan_iface }} {% endif %} {% if dhcpcd_result == "enabled" and iiab_lan_iface != "none" %} interface {{ iiab_lan_iface }} static ip_address={{ lan_ip }}/19 -static routers={{ lan_ip }} -static domain_name_servers={{ lan_ip }} +static domain_name_servers=127.0.0.1 +{% endif %} + +# IIAB static IP configuration: +{% if wan_ip != "dhcp" %} +interface {{ iiab_wan_iface }} +static ip_address={{ wan_ip }}/24 +static routers={{ wan_gateway }} +domain_name_servers= {{ wan_nameserver }} {% endif %} From a45389ff41d1329a3a26e4a2d5d9591bed63100a Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 11:03:17 -0500 Subject: [PATCH 355/393] iiab-install - case styling --- iiab-install | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/iiab-install b/iiab-install index 241e46f28..3a9acd441 100755 --- a/iiab-install +++ b/iiab-install @@ -70,15 +70,15 @@ fi if [ ! -f ./vars/local_vars.yml ]; then case $OS in OLPC | fedora) - cp ./vars/olpc.localvars ./vars/local_vars.yml - ;; + cp ./vars/olpc.localvars ./vars/local_vars.yml + ;; centos | debian | ubuntu | raspbian) - cp ./vars/medium.localvars ./vars/local_vars.yml - ;; + cp ./vars/medium.localvars ./vars/local_vars.yml + ;; *) - echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." - exit 1 - ;; + echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..." + exit 1 + ;; esac fi From 78a9434122318e0d90793f07835f8e7120d65908 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 11:59:57 -0500 Subject: [PATCH 356/393] restore bridging for RPi and make optional --- roles/0-init/tasks/main.yml | 3 ++- roles/network/tasks/debian.yml | 7 ++++++- roles/network/tasks/detected_network.yml | 6 +++--- roles/network/templates/network/rpi.j2 | 13 +++++++++++++ 4 files changed, 24 insertions(+), 5 deletions(-) create mode 100644 roles/network/templates/network/rpi.j2 diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index b8a8f9f1f..bd3ffc66d 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -34,7 +34,8 @@ set_fact: rpi_model: "rpi" is_rpi: True - no_net_restart: True +# no_net_restart: True +# nobridge: True when: ansible_local.local_facts.os == "raspbian" - name: Set exFAT enabled for XO laptops diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index d79c97264..6fe93a197 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -39,6 +39,11 @@ src=network/systemd.j2 when: not is_rpi and (iiab_lan_iface == "br0" or wan_ip != "dhcp") +- name: Copy the bridge script for RPi + template: dest=/etc/network/interfaces.d/iiab + src=network/rpi.j2 + when: is_rpi and iiab_lan_iface == "br0" + - name: bind may be affected service: name={{ dns_service }} state=stopped when: named_install and dnsmasq_enabled @@ -62,7 +67,7 @@ - name: restart the networking service service: name=networking state=restarted - when: not no_net_restart + when: not nobridge is defined and not no_net_restart - name: restart hostapd when wifi is present service: name=hostapd state=restarted diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 80afa1c92..6848199dc 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -154,17 +154,17 @@ - name: WiFi is on the LAN - use bridging - except RPi set_fact: iiab_lan_iface: br0 - when: not is_rpi and iiab_wireless_lan_iface is defined + when: iiab_wireless_lan_iface is defined and not nobridge is defined - name: Setting wired LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wired_lan_iface }}" - when: is_rpi and iiab_wired_lan_iface is defined + when: iiab_wired_lan_iface is defined and nobridge is defined - name: Setting wireless LAN as only interface - RPi set_fact: iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" - when: is_rpi and iiab_wireless_lan_iface is defined + when: iiab_wireless_lan_iface is defined and nobridge is defined - name: in VM disable LAN - needs local_vars entry to activate set_fact: diff --git a/roles/network/templates/network/rpi.j2 b/roles/network/templates/network/rpi.j2 new file mode 100644 index 000000000..b2e6ab083 --- /dev/null +++ b/roles/network/templates/network/rpi.j2 @@ -0,0 +1,13 @@ +# iiab_network_mode is {{ iiab_network_mode }} +# gui_desired_network_role is {{ gui_desired_network_role }} + +{% if iiab_network_mode != "Appliance" %} +################# LANCONTROLLER ################### +auto br0 +iface br0 inet manual + bridge_ports {% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }} {% endif %} + bridge_maxwait 0 + dns-nameservers 127.0.0.1 + dns-search {{ iiab_domain }} +{% endif %} +{# end LANCONTROLLER #} From 35cd2b44a56c0d4baf020bfb4b5ee9e37a97b106 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 13:22:37 -0500 Subject: [PATCH 357/393] iiab_wireless_lan_iface is defined for machines without wifi --- roles/network/tasks/debian.yml | 2 +- roles/network/tasks/hostapd.yml | 6 +++--- roles/network/tasks/restart.yml | 10 +++++----- roles/network/templates/hostapd/hostapd.conf.j2 | 4 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 6fe93a197..889c10dde 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -71,7 +71,7 @@ - name: restart hostapd when wifi is present service: name=hostapd state=restarted - when: iiab_wireless_lan_iface != "none" and hostapd_enabled and iiab_network_mode != "Appliance" + when: iiab_wireless_lan_iface is defined and hostapd_enabled and iiab_network_mode != "Appliance" #- name: dhcp_server may be affected - starting - user choice # service: name={{ dhcp_service2 }} state=started diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 2d6953613..33b9d8727 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -4,12 +4,12 @@ owner=root group=root mode=0644 - when: iiab_wireless_lan_iface != "none" + when: discovered_wireless_iface is defined - name: Disable the Access Point Hostapd program service: enabled=no name=hostapd.service - when: iiab_wireless_lan_iface == "none" or iiab_network_mode == "Appliance" or not hostapd_enabled + when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" or not hostapd_enabled - name: Use custom systemd unit file to start hostapd template: src=hostapd/hostapd.service.j2 @@ -21,4 +21,4 @@ - name: Enable the Access Point Hostapd program service: enabled=yes name=hostapd.service - when: iiab_wireless_lan_iface != "none" and iiab_network_mode != "Appliance" and hostapd_enabled + when: iiab_wireless_lan_iface is defined and iiab_network_mode != "Appliance" and hostapd_enabled diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index fe30fe6ec..af0808dc4 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -1,6 +1,6 @@ -- name: restart hostapd when wifi is present - service: name=hostapd state=started - when: iiab_wireless_lan_iface != "none" and hostapd_enabled +#- name: restart hostapd when wifi is present +# service: name=hostapd state=started +# when: iiab_wireless_lan_iface is defined and hostapd_enabled - name: Start named service service: name={{ dns_service }} @@ -50,13 +50,13 @@ - name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} - when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled + when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_wireless_lan_iface != "none" and iiab_lan_iface == "br0" and hostapd_enabled + when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} diff --git a/roles/network/templates/hostapd/hostapd.conf.j2 b/roles/network/templates/hostapd/hostapd.conf.j2 index e09fc693f..fa1ce62cb 100644 --- a/roles/network/templates/hostapd/hostapd.conf.j2 +++ b/roles/network/templates/hostapd/hostapd.conf.j2 @@ -1,6 +1,6 @@ # Basic configuration -interface={{ iiab_wireless_lan_iface }} +interface={% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} ssid={{ host_ssid }} channel={{ host_channel }} {%if iiab_lan_iface == "br0" %} @@ -28,4 +28,4 @@ wpa_key_mgmt=WPA-PSK wpa_passphrase={{ hostapd_password }} # Use AES, instead of TKIP rsn_pairwise=CCMP -{% endif %} \ No newline at end of file +{% endif %} From a32f81922e7236b5c48a82e599b69adb9d65a2b2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 13:40:19 -0600 Subject: [PATCH 358/393] set hostname alias early --- roles/2-common/tasks/hostname.yml | 8 ++++++++ roles/network/tasks/hosts.yml | 8 -------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index a3ae16870..a4e400924 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -9,3 +9,11 @@ group=root mode=0644 when: is_redhat + +- name: Configure short hostname in /etc/hosts + lineinfile: dest=/etc/hosts + regexp='^127\.0\.0\.1' + line='127.0.0.1 localhost.localdomain localhost box {{ iiab_hostname }}' + owner=root + group=root + mode=0644 diff --git a/roles/network/tasks/hosts.yml b/roles/network/tasks/hosts.yml index 693400c54..cf4b38278 100644 --- a/roles/network/tasks/hosts.yml +++ b/roles/network/tasks/hosts.yml @@ -1,12 +1,4 @@ #TODO: Use vars instead of hardcoded values -- name: Configure short hostname in /etc/hosts - lineinfile: dest=/etc/hosts - regexp='^127\.0\.0\.1' - line='127.0.0.1 localhost.localdomain localhost box {{ iiab_hostname }}' - owner=root - group=root - mode=0644 - - name: Remove fqdn in /etc/hosts without LAN lineinfile: dest=/etc/hosts regexp='^172\.18\.96\.1' From e8bb95a33adb227876d22ea95e5bc82bb1743455 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 13:54:26 -0600 Subject: [PATCH 359/393] (re)install named, dhcpd, squid when FQDN changes --- roles/2-common/tasks/hostname.yml | 21 +++++++++++++++++++++ roles/2-common/tasks/main.yml | 10 +++++----- roles/3-base-server/tasks/main.yml | 18 ------------------ 3 files changed, 26 insertions(+), 23 deletions(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index a4e400924..961add87d 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -17,3 +17,24 @@ owner=root group=root mode=0644 + +- name: Configuring named + include_tasks: roles/network/tasks/named.yml + tags: + - named + - network + - domain + +- name: Configuring dhcpd + include_tasks: roles/network/tasks/dhcpd.yml + tags: + - dhcpd + - network + - domain + +- name: Configuring squid + include_tasks: roles/network/tasks/squid.yml + when: squid_install + tags: + - squid + - network diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index f7c0cc95b..c23b33521 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -12,11 +12,11 @@ when: xo_model != "none" or osbuilder is defined # set FQDN for IIAB -- include_tasks: hostname.yml - tags: - - network - - domain - - hostname +#- include_tasks: hostname.yml +# tags: +# - network +# - domain +# - hostname - include_tasks: centos.yml when: ansible_distribution == "CentOS" diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index 6729c5597..c83eaa0a0 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -20,24 +20,6 @@ # has no "when: XXXXX_install" flag tags: base, mysql -- include_tasks: roles/network/tasks/named.yml - tags: - - named - - network - - domain - -- include_tasks: roles/network/tasks/dhcpd.yml - tags: - - dhcpd - - network - - domain - -- include_tasks: roles/network/tasks/squid.yml - tags: - - squid - - network - when: squid_install - - include_tasks: roles/network/tasks/wondershaper.yml tags: - wondershaper From 5132062bf740337465b46b879d164f234bbad846 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 14:19:23 -0600 Subject: [PATCH 360/393] install iptables in 2-common --- roles/2-common/tasks/main.yml | 7 +------ roles/network/tasks/iptables.yml | 6 +++--- roles/network/tasks/main.yml | 4 ---- 3 files changed, 4 insertions(+), 13 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index c23b33521..0e09e2514 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -11,12 +11,7 @@ - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined -# set FQDN for IIAB -#- include_tasks: hostname.yml -# tags: -# - network -# - domain -# - hostname +- include_tasks: roles/network/tasks/iptables.yml - include_tasks: centos.yml when: ansible_distribution == "CentOS" diff --git a/roles/network/tasks/iptables.yml b/roles/network/tasks/iptables.yml index 25ded7d8c..0025fab99 100644 --- a/roles/network/tasks/iptables.yml +++ b/roles/network/tasks/iptables.yml @@ -47,10 +47,10 @@ group='root' mode={{ item.2 }} with_items: - - { 0: 'gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' } - - { 0: 'gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' } + - { 0: 'roles/network/templates/gateway/iptables-config', 1: '/etc/sysconfig/iptables-config', 2: '0644' } + - { 0: 'roles/network/templates/gateway/check-LAN', 1: '/usr/bin/check-LAN', 2: '0755' } - name: Install Debian config - template: src=gateway/iptables dest=/etc/network/if-pre-up.d/iptables + template: src=roles/network/templates/gateway/iptables dest=/etc/network/if-pre-up.d/iptables mode=0755 when: is_debuntu diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index e4a8880b8..675dd805c 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -25,10 +25,6 @@ - hostname - domain -- include_tasks: iptables.yml - tags: - - network - #### start services - include_tasks: avahi.yml tags: From 6e22e73ab6e5ea58ac9a0ce11188a33e402342d9 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Sun, 5 Nov 2017 15:11:14 -0600 Subject: [PATCH 361/393] reconfiguring for FQDN change --- roles/0-init/tasks/main.yml | 3 --- roles/2-common/tasks/hostname.yml | 8 ++++++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index bd3ffc66d..5e847b071 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,9 +1,6 @@ # Initialize - name: ...IS BEGINNING ============================================ -# include_vars: roles/0-init/defaults/main.yml - -#- name: Determine if installer was run stat: path=/etc/iiab/iiab.env register: NewInstall diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index 961add87d..e63a6d6ad 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -38,3 +38,11 @@ tags: - squid - network + +- name: Re-configuring httpd - not initial install + include_tasks: roles/network/tasks/main.yml + when: iiab_stage|int > 3 + +- name: Re-configuring rest of networking - not initial install + include_tasks: roles/network/tasks/main.yml + when: iiab_stage|int > 4 From 3df58f1d001ba144d5526aaa0fe347b8514a5173 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 14:18:17 -0600 Subject: [PATCH 362/393] network - remove unused installing.yml file --- roles/network/tasks/installing.yml | 34 ------------------------------ 1 file changed, 34 deletions(-) delete mode 100644 roles/network/tasks/installing.yml diff --git a/roles/network/tasks/installing.yml b/roles/network/tasks/installing.yml deleted file mode 100644 index 0d985a5e5..000000000 --- a/roles/network/tasks/installing.yml +++ /dev/null @@ -1,34 +0,0 @@ -# only needs to be done once -- include: named.yml - tags: - - named - - network - when: named_install - -- include: dhcpd.yml - tags: - - dhcpd - - network - when: dhcpd_install - -- include: dnsmasq.yml - tags: - - dnsmasq - - network - when: dnsmasq_install - -- include: squid.yml - tags: - - squid - - network - when: squid_install - -- include: wondershaper.yml - tags: - - wondershaper - - network - -- include: iptables.yml - tags: - - iptables - - network From 49c9d00c939c26359b70d2ad79bcb8183dbe5f39 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 16:45:06 -0600 Subject: [PATCH 363/393] Record FQDN state before running task --- roles/0-init/tasks/main.yml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 5e847b071..10705e6cd 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -40,20 +40,6 @@ exFAT_enabled: True when: xo_model != "none" -- name: set FQDN - set_fact: - iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" - FQDN_changed: False - -- name: FQDN changed - set_fact: - FQDN_changed: True - when: iiab_fqdn != ansible_fqdn - -- name: Now check FQDN - include_tasks: roles/2-common/tasks/hostname.yml - when: FQDN_changed - # Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate - name: Finding gateway set_fact: @@ -160,6 +146,16 @@ mysql_service: mysql when: is_debuntu +- name: set FQDN + set_fact: + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False + +- name: FQDN changed + set_fact: + FQDN_changed: True + when: iiab_fqdn != ansible_fqdn + - name: add version section ini_file: dest='{{ iiab_config_file }}' section=runtime @@ -199,6 +195,10 @@ - option: 'FQDN_changed' value: '{{ FQDN_changed }}' +- name: Now changing FQDN + include_tasks: roles/2-common/tasks/hostname.yml + when: FQDN_changed + - name: STAGE 0 HAS COMPLETED ====================================== ini_file: dest='{{ iiab_config_file }}' section=runtime From 7ac839a300d21e3538c04167b3ce2dc0b9ceb915 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 16:47:01 -0600 Subject: [PATCH 364/393] FQDN - should of been httpd --- roles/2-common/tasks/hostname.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index e63a6d6ad..ab56a3182 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -40,7 +40,7 @@ - network - name: Re-configuring httpd - not initial install - include_tasks: roles/network/tasks/main.yml + include_tasks: roles/httpd/tasks/main.yml when: iiab_stage|int > 3 - name: Re-configuring rest of networking - not initial install From ccdb5cd2fbf5e1389080f7ac6172e693a3fd0dab Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 17:14:33 -0600 Subject: [PATCH 365/393] restart.yml - wifi bridge slave touchup --- roles/network/tasks/restart.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index af0808dc4..87e17d4cd 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -48,15 +48,15 @@ - name: Run iptables command: /usr/bin/iiab-gen-iptables -- name: Checking if wifi slave is active waiting {{ hostapd_wait }} seconds - shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} +- name: Checking if wifi slave is active + shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} | wc -l when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave - name: Restart hostapd if wifi slave is inactive service: name=hostapd.service state=restarted - when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled + when: wifi_slave.stdout is defined and hostapd_enabled and wifi_slave.stdout == 0 - name: dhcp_server may be affected - starting - user choice service: name={{ dhcp_service2 }} From 991f1e87b8096cefe7dd3bb7321d554064ec3246 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 17:17:30 -0600 Subject: [PATCH 366/393] wondershaper.yml --- roles/3-base-server/tasks/main.yml | 6 ------ roles/network/tasks/main.yml | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/3-base-server/tasks/main.yml b/roles/3-base-server/tasks/main.yml index c83eaa0a0..877ab58e4 100644 --- a/roles/3-base-server/tasks/main.yml +++ b/roles/3-base-server/tasks/main.yml @@ -20,12 +20,6 @@ # has no "when: XXXXX_install" flag tags: base, mysql -- include_tasks: roles/network/tasks/wondershaper.yml - tags: - - wondershaper - - network - when: wondershaper_install - - name: Make sure there is a content directory file: dest={{ doc_root }}/local_content state=directory diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 675dd805c..d52c088fc 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -19,6 +19,12 @@ # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' ##### End static ip address info +- include_tasks: roles/network/tasks/wondershaper.yml + tags: + - wondershaper + - network + when: wondershaper_install + - include_tasks: hosts.yml tags: - network From 9fe05cbfd431143a04107da13a03c940b9a6c8aa Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 18:22:11 -0600 Subject: [PATCH 367/393] needs space or the next line is combined --- roles/network/templates/hostapd/hostapd.conf.j2 | 3 ++- roles/network/templates/network/rpi.j2 | 3 ++- roles/network/templates/network/systemd.j2 | 5 ++--- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/roles/network/templates/hostapd/hostapd.conf.j2 b/roles/network/templates/hostapd/hostapd.conf.j2 index fa1ce62cb..1eb39a8c1 100644 --- a/roles/network/templates/hostapd/hostapd.conf.j2 +++ b/roles/network/templates/hostapd/hostapd.conf.j2 @@ -1,6 +1,7 @@ # Basic configuration -interface={% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} +interface={% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %} + ssid={{ host_ssid }} channel={{ host_channel }} {%if iiab_lan_iface == "br0" %} diff --git a/roles/network/templates/network/rpi.j2 b/roles/network/templates/network/rpi.j2 index b2e6ab083..b426fa81e 100644 --- a/roles/network/templates/network/rpi.j2 +++ b/roles/network/templates/network/rpi.j2 @@ -5,7 +5,8 @@ ################# LANCONTROLLER ################### auto br0 iface br0 inet manual - bridge_ports {% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }} {% endif %} + bridge_ports {% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }}{% endif %} + bridge_maxwait 0 dns-nameservers 127.0.0.1 dns-search {{ iiab_domain }} diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index c84b9735a..9f9e143d6 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -9,9 +9,8 @@ iface br0 inet manual {% else %} iface br0 inet static {% endif %} -{% if iiab_wired_lan_iface != "none" %} - bridge_ports {{ iiab_wired_lan_iface }} -{% endif %} + bridge_ports {% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }} {% endif %}{% if iiab_wired_lan_iface is defined %}{{ iiab_wired_lan_iface }}{% endif %} + bridge_maxwait 0 {% if dhcpcd_result != "enabled" %} address {{ lan_ip }} From 651755f2ff1dbd07814c8ac6da1852fb19649fa7 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Mon, 6 Nov 2017 20:00:10 -0600 Subject: [PATCH 368/393] jiggle fl.yml to run before squid --- roles/2-common/tasks/hostname.yml | 4 ++++ roles/2-common/tasks/main.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index ab56a3182..ca72699c9 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -1,3 +1,7 @@ +- name: Creat filesytem layout + include_tasks: roles/2-common/tasks/fl.yml + when: first_run + - name: turn the crank for systemd shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}" when: is_debuntu diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 0e09e2514..06dacacbe 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -6,7 +6,7 @@ #- include_tasks: iiab_ini.yml # create the directory structure for IIAB -- include_tasks: fl.yml +#- include_tasks: fl.yml - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined From 3daf1aca2c3a231577e6be660dbd02d0fa17a0e8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau@gmail3.com> Date: Mon, 6 Nov 2017 22:22:30 -0500 Subject: [PATCH 369/393] Revise kernel warning on Raspbian --- iiab-install | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/iiab-install b/iiab-install index 3a9acd441..97dc04bd2 100755 --- a/iiab-install +++ b/iiab-install @@ -3,7 +3,7 @@ # Add cmdline options for passing to ansible # todo add proper shift to gobble up --debug --reinstall ARGS="" - +OLD_RPI_KERN="4.9.41-v7+" PLAYBOOK="iiab-stages.yml" INVENTORY="ansible_hosts" CWD=`pwd` @@ -20,14 +20,15 @@ if [ ! -f $PLAYBOOK ]; then fi if [ $OS = "raspbian" ]; then - echo "found" - REBOOT=`uname -a | grep 4.9.59-v7+ | wc -l` - if [ $REBOOT != 1 ]; then - echo "Please update your system with "apt update" then " - echo ""apt dist-upgrade" and reboot to install latest kernel" - exit 1 + echo "Found Raspbian" + ABORT=`uname -a | grep $OLD_RPI_KERN | wc -l` + if [ "$ABORT" == 1 ]; then + echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" + echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." + echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" + exit 1 else - echo "latest kernel installed - continuing" + echo "Kernel looks ok - continuing" fi fi From 743c91de8c93ec0ae34bb8a316972d25f4aec53c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 00:57:00 -0500 Subject: [PATCH 370/393] OS's other than debuntu -> debuntu --- roles/kalite/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 5bbc39d5a..c08cc52de 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -19,7 +19,7 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install KA Lite with pip (OS's other than debuntu) +- name: Install KA Lite with pip (debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} From 04a045a66bc806d5642be0fd9d6af960dbd877ca Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:14:09 -0500 Subject: [PATCH 371/393] Readability revisions --- roles/wordpress/tasks/install.yml | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 21997784b..58614e610 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -1,17 +1,17 @@ - name: Get the WordPress software - get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir }}/ + get_url: url="{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest={{ downloads_dir }}/ register: wp_download_output when: internet_available - name: Copy it to permanent location /library - unarchive: src={{ wp_download_output.dest }} dest=/library + unarchive: src={{ wp_download_output.dest }} dest=/library when: internet_available - name: Rename /library/wordpress* to /library/wordpress shell: if [ ! -d {{ wp_abs_path }} ]; then mv {{ wp_abs_path }}* {{ wp_abs_path }}; fi # First pass at permissions and ownership -- name: Make apache owner and group +- name: Make Apache owner and group file: path={{ wp_abs_path }} recurse=yes owner=root @@ -19,7 +19,7 @@ mode=0664 state=directory -- name: Make directories 775 so apache can traverse and write +- name: Make directories 775 so Apache can traverse and write command: "/usr/bin/find {{ wp_abs_path }} -type d -exec chmod 775 {} +" - name: Copy wp salt values @@ -45,15 +45,15 @@ file: path=/tmp/get-iiab-wp-salts state=absent -- name: mysql database needs to be running if we are trying to create a new db +- name: MySQL database needs to be running if we are trying to create a new db service: state=started name='{{ mysql_service }}' -- name: Create mysql wordpress database +- name: Create MySQL wordpress database mysql_db: name={{ wp_db_name }} state=present -- name: Create mysql wordpress database user +- name: Create MySQL wordpress database user mysql_user: name={{ wp_db_user }} password={{ wp_db_user_password }} priv={{ wp_db_name }}.*:ALL,GRANT @@ -70,22 +70,21 @@ template: src=wordpress.conf.j2 dest=/etc/{{ apache_config_dir }}/wordpress.conf -- name: Enable httpd conf file if we are disabled +- name: Enable httpd conf file if we are disabled (debuntu) file: path=/etc/apache2/sites-enabled/wordpress.conf src=/etc/apache2/sites-available/wordpress.conf state=link when: wordpress_enabled and is_debuntu - -- name: Remove httpd conf file if we are disabled +- name: Remove httpd conf file if we are disabled (OS's other than debuntu) file: path=/etc/apache2/sites-enabled/wordpress.conf state=absent when: not wordpress_enabled and is_debuntu -- name: Restart apache, so it picks up the new aliases +- name: Restart Apache, so it picks up the new aliases service: name={{ apache_service }} state=restarted -- name: Add wordpress to service list +- name: Add 'wordpress' to service list ini_file: dest='{{ service_filelist }}' section=wordpress option='{{ item.option }}' From ce9481a2fa2c3aa74c114690272df1785c03f6b9 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:17:23 -0500 Subject: [PATCH 372/393] Minor text revision --- roles/nextcloud/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 60186385a..259182c8a 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -122,7 +122,7 @@ # following enables and disables - include_tasks: nextcloud_enabled.yml -- name: Add Nextcloud to service list +- name: Add 'nextcloud' to service list ini_file: dest='{{ service_filelist }}' section=nextcloud option='{{ item.option }}' From 3de88620decc9cb7e616005da4b33fb64faea1f5 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:18:36 -0500 Subject: [PATCH 373/393] "Create a Python interface to iiab.env" --- roles/4-server-options/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 2b68861eb..e596a072a 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -56,7 +56,7 @@ when: usb_lib_install tags: usb-lib -- name: Put a Python interface to iiab.env +- name: Create a Python interface to iiab.env template: src=roles/1-prep/templates/iiab_env.py.j2 dest=/etc/iiab/iiab_env.py From aef70cc1c2bc8d5aa0e50b6742864483947d1a77 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:22:50 -0500 Subject: [PATCH 374/393] ansible output clarifs --- roles/mysql/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 4afc6d0ab..7fec93eb9 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,4 +1,4 @@ - - name: Install MySQL for Debian/Debuntu + - name: Install MySQL (debuntu) package: name={{ item }} state=present with_items: @@ -26,7 +26,7 @@ package: name=php-xml-parser state=present when: is_debian_8 - - name: Install MySQL for non-Debian/Debuntu + - name: Install MySQL (OS's other than debuntu) package: name={{ item }} state=present with_items: From 1227bd017b795410021fb16f60af2d6a1c27b50c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:33:16 -0500 Subject: [PATCH 375/393] discussion needed on ./scripts/ansible modularity/choice vs. mandatory intergration --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 97dc04bd2..f047033a0 100755 --- a/iiab-install +++ b/iiab-install @@ -41,7 +41,7 @@ STAGE="" if [ ! -f /etc/iiab/iiab.env ]; then mkdir -p /etc/iiab - ./scripts/ansible + # ./scripts/ansible # needs discussion else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then From 6d985ac30a877618c7ef79864fda4ceda8aba3cf Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:38:13 -0500 Subject: [PATCH 376/393] == and = were interspersed. Let's converge on one. Presumably == --- iiab-install | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/iiab-install b/iiab-install index f047033a0..72fe0b2db 100755 --- a/iiab-install +++ b/iiab-install @@ -19,7 +19,7 @@ if [ ! -f $PLAYBOOK ]; then exit 1 fi -if [ $OS = "raspbian" ]; then +if [ $OS == "raspbian" ]; then echo "Found Raspbian" ABORT=`uname -a | grep $OLD_RPI_KERN | wc -l` if [ "$ABORT" == 1 ]; then @@ -44,13 +44,13 @@ if [ ! -f /etc/iiab/iiab.env ]; then # ./scripts/ansible # needs discussion else OLD=`grep XSCE /etc/iiab/iiab.env | wc -l` - if [ "$OLD" != 0 ] || [ "$1" = "--reinstall" ]; then + if [ "$OLD" != 0 ] || [ "$1" == "--reinstall" ]; then echo "Found old XSCE install - re-installing from scratch" rm /etc/iiab/iiab.env # check ansible version here and force ansible upgrade if needed else source /etc/iiab/iiab.env - if [ "$1" = "--debug" ]; then + if [ "$1" == "--debug" ]; then echo "Entering debug mode" sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env elif [ ! $STAGE == 9 ]; then From 6173e59b1dbe89029402fcf441b69049b1f76a5d Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:53:19 -0500 Subject: [PATCH 377/393] clarif: 'hostapd' service --- roles/network/tasks/hostapd.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 33b9d8727..199e0a883 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -6,19 +6,19 @@ mode=0644 when: discovered_wireless_iface is defined -- name: Disable the Access Point Hostapd program +- name: Disable the Access Point 'hostapd' service service: enabled=no name=hostapd.service when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" or not hostapd_enabled -- name: Use custom systemd unit file to start hostapd +- name: Use custom systemd unit file to start 'hostapd' service template: src=hostapd/hostapd.service.j2 dest=/etc/systemd/system/hostapd.service owner=root group=root mode=0644 -- name: Enable the Access Point Hostapd program +- name: Enable the Access Point 'hostapd' service service: enabled=yes name=hostapd.service when: iiab_wireless_lan_iface is defined and iiab_network_mode != "Appliance" and hostapd_enabled From 901aad5e0f270bc483edb1ee68ba5bb7d2ec9e8c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:55:04 -0500 Subject: [PATCH 378/393] dansguardian -> DansGuardian --- roles/network/tasks/enable_services.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index aa1808286..25335401a 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -60,7 +60,7 @@ enabled=yes when: dnsmasq_enabled and dnsmasq_install -- name: Enable dansguardian +- name: Enable DansGuardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install From 60d8afaab814fb197cb980da272f36615fe9664d Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 01:58:26 -0500 Subject: [PATCH 379/393] spelling typos cleaned --- roles/network/tasks/restart.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 87e17d4cd..62eed3108 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -17,7 +17,7 @@ state=stopped when: dansguardian_install -- name: Restart DansGuardian - execpt Ubuntu which needs reboot to activate +- name: Restart DansGuardian - except Ubuntu which needs reboot to activate service: name=dansguardian state=restarted when: dansguardian_enabled and dansguardian_install and ( not is_ubuntu and iiab_stage|int < 4 ) @@ -42,18 +42,18 @@ creates=/etc/sysconfig/olpc-scripts/setup.d/installed/gateway when: iiab_network_mode == "Gateway" -- name: Waiting {{ hostapd_wait }} seconds for network to stablize +- name: Waiting {{ hostapd_wait }} seconds for network to stabilize shell: sleep {{ hostapd_wait }} - name: Run iptables command: /usr/bin/iiab-gen-iptables -- name: Checking if wifi slave is active +- name: Checking if WiFi slave is active shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} | wc -l when: iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0" and hostapd_enabled register: wifi_slave -- name: Restart hostapd if wifi slave is inactive +- name: Restart hostapd if WiFi slave is inactive service: name=hostapd.service state=restarted when: wifi_slave.stdout is defined and hostapd_enabled and wifi_slave.stdout == 0 From 4585445e8057163da29f2708092daa0db7a31520 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:00:07 -0500 Subject: [PATCH 380/393] Capitalize 1st word of ansible outputs --- roles/network/tasks/rpi_debian.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 189989540..525fe4f19 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -66,14 +66,14 @@ ignore_errors: True when: interface.changed -- name: start up dhcpcd again +- name: Start up dhcpcd again service: name=dhcpcd state=started # now pick up denyinterfaces -- name: restart dhcpcd +- name: Restart dhcpcd service: name=dhcpcd state=restarted -- name: restart the networking service +- name: Restart the networking service service: name=networking state=restarted #create lan br0 if lan_controller or gateway From 1533ad7ef63ecd2d6e2dd6ad12c3d5f88b3560de Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:02:22 -0500 Subject: [PATCH 381/393] Spelling / Capitalizations --- roles/2-common/tasks/hostname.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/2-common/tasks/hostname.yml b/roles/2-common/tasks/hostname.yml index ca72699c9..50c8d2167 100644 --- a/roles/2-common/tasks/hostname.yml +++ b/roles/2-common/tasks/hostname.yml @@ -1,8 +1,8 @@ -- name: Creat filesytem layout +- name: Create filesytem layout include_tasks: roles/2-common/tasks/fl.yml when: first_run -- name: turn the crank for systemd +- name: Turn the crank for systemd shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}" when: is_debuntu @@ -36,7 +36,7 @@ - network - domain -- name: Configuring squid +- name: Configuring Squid include_tasks: roles/network/tasks/squid.yml when: squid_install tags: From 84296a9de15a86662ca913affe3fb1aa289514b1 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:03:32 -0500 Subject: [PATCH 382/393] XSCE -> IIAB --- roles/network/templates/network/sysconfig.network.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/templates/network/sysconfig.network.j2 b/roles/network/templates/network/sysconfig.network.j2 index 755f0da8f..9adca39e4 100644 --- a/roles/network/templates/network/sysconfig.network.j2 +++ b/roles/network/templates/network/sysconfig.network.j2 @@ -1,4 +1,4 @@ -# Generated by XSCE +# Generated by IIAB NETWORKING=yes NETWORKING_IPV6=no IPV6FORWARDING=no From 84f18a637dcd161e72c617d4c720c52cb94eec10 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:12:59 -0500 Subject: [PATCH 383/393] 2.4.0 -> 2.4.1 - later version_gt() might flag older Ansibles --- scripts/ansible | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ansible b/scripts/ansible index 34353fae4..5a6028cc6 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -9,9 +9,9 @@ URL="NA" if [ $(which ansible-playbook) ]; then VER=`ansible --version|head -n 1|cut -f 2 -d " "` GOOD_VER=`echo $VER | grep ^2.4` -# 2.2.0.0 -> 2.4.0 patching was not applied -just upgrade via pip +# 2.2.0.0 -> 2.4.1+ patching was not applied -just upgrade via pip if [ $GOOD_VER = "" ]; then - echo "Ansible $VER installed updating to 2.4.0" + echo "Ansible $VER installed updating to 2.4.1" pip install --upgrade ansible==2.4.1 --disable-pip-version-check exit 0 fi @@ -99,12 +99,12 @@ fi ### start ansible pip install TODO add venv location /opt/iiab/anisble if [ $FAMILY = "olpc" ]; then - pip install ansible==2.4.0 --disable-pip-version-check + pip install ansible==2.4.1 --disable-pip-version-check VER=`ansible --version|head -n 1|cut -f 2 -d " "` echo "ansible version installed via pip $VER" fi -# handle 2.2.1 -> 2.4.0 deb install undo patching +# handle 2.2.1 -> 2.4.1+ deb install undo patching # unsure if install above will upgrade or skip - cover that now if [ $FAMILY = "debian" ]; then if [ ! $VER == "" ]; then From c63f4f671f76ad9bb41d04cafb425869ecf477fc Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:28:00 -0500 Subject: [PATCH 384/393] presentions tweaks --- iiab-install | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/iiab-install b/iiab-install index 72fe0b2db..d901a148f 100755 --- a/iiab-install +++ b/iiab-install @@ -14,7 +14,7 @@ export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" if [ ! -f $PLAYBOOK ]; then echo "IIAB Playbook not found." - echo "Please run this command from the top level of the git repo." + echo "Please run this command from /opt/iiab/iiab (top level of the git repo)." echo "Exiting." exit 1 fi @@ -28,7 +28,7 @@ if [ $OS == "raspbian" ]; then echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 else - echo "Kernel looks ok - continuing" + echo "Kernel looks ok - continuing" fi fi @@ -58,8 +58,8 @@ else elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" - echo "'iiab-install' has already been completed" - echo "use --debug to override " + echo "'iiab-install' has already been completed." + echo "Use --debug to override." #echo "In demo mode not preventing second run" echo "Exiting." exit 1 @@ -83,6 +83,6 @@ if [ ! -f ./vars/local_vars.yml ]; then esac fi -echo "Running local playbooks! " +echo "Running local playbooks!" ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local From 50cf4c44ff3a812d7e60e887a587b5a244ce69fd Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:53:54 -0500 Subject: [PATCH 385/393] if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then --- iiab-install | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/iiab-install b/iiab-install index d901a148f..bfb72c85e 100755 --- a/iiab-install +++ b/iiab-install @@ -10,25 +10,27 @@ CWD=`pwd` OS=`grep ^ID= /etc/*release|cut -d= -f2` OS=${OS//\"/} +function version_gt() { [ "$(printf '%s\n' "$@" | sort -V | head -1)" != "$1" ]; } + export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" if [ ! -f $PLAYBOOK ]; then echo "IIAB Playbook not found." - echo "Please run this command from /opt/iiab/iiab (top level of the git repo)." + echo "Please run this command from the top level of the git repo." echo "Exiting." exit 1 fi if [ $OS == "raspbian" ]; then echo "Found Raspbian" - ABORT=`uname -a | grep $OLD_RPI_KERN | wc -l` - if [ "$ABORT" == 1 ]; then - echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" - echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." + CURRENT_KERN=`uname -r` + if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then + echo "Kernel looks ok - continuing" + else + echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first" + echo "need to update your system with 'apt update' then 'apt dist-upgrade' then reboot." echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 - else - echo "Kernel looks ok - continuing" fi fi @@ -58,8 +60,8 @@ else elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" - echo "'iiab-install' has already been completed." - echo "Use --debug to override." + echo "'iiab-install' has already been completed" + echo "use --debug to override " #echo "In demo mode not preventing second run" echo "Exiting." exit 1 @@ -83,6 +85,6 @@ if [ ! -f ./vars/local_vars.yml ]; then esac fi -echo "Running local playbooks!" +echo "Running local playbooks! " ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local From b4bb8166b377630bd9e4bf6a70cb264f45564130 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 02:56:13 -0500 Subject: [PATCH 386/393] Kernel warning's output alignment fixed --- iiab-install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index bfb72c85e..c145cdd4f 100755 --- a/iiab-install +++ b/iiab-install @@ -27,8 +27,8 @@ if [ $OS == "raspbian" ]; then if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then echo "Kernel looks ok - continuing" else - echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first" - echo "need to update your system with 'apt update' then 'apt dist-upgrade' then reboot." + echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" + echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 fi From c682b1d162afa759669ebd1535241782685b2ef9 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:11:54 -0500 Subject: [PATCH 387/393] Update iiab-install --- iiab-install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iiab-install b/iiab-install index c145cdd4f..99b04c66f 100755 --- a/iiab-install +++ b/iiab-install @@ -60,8 +60,8 @@ else elif [ $STAGE == 9 ]; then # place keeper add read response # "offer 'Y' or stage number dialog box option to override" - echo "'iiab-install' has already been completed" - echo "use --debug to override " + echo "'iiab-install' has already been completed." + echo "Use --debug to override." #echo "In demo mode not preventing second run" echo "Exiting." exit 1 From 36d46d0321ff20347ca24096f47b1b3026f0504c Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:16:24 -0500 Subject: [PATCH 388/393] Kernel warning fixed up --- iiab-install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-install b/iiab-install index 99b04c66f..bca0a1a2d 100755 --- a/iiab-install +++ b/iiab-install @@ -27,7 +27,7 @@ if [ $OS == "raspbian" ]; then if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then echo "Kernel looks ok - continuing" else - echo "Kernel "$OLD_RPI_KERN" is obsolete. Before running './iiab-install' you first need" + echo "Kernel "$CURRENT_KERN" is too old. Before running './iiab-install' you first need" echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot." echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation" exit 1 From 19a3e338f58ef5a74c5c47a63c71a585440f59e5 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:43:49 -0500 Subject: [PATCH 389/393] Update default_vars.yml --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 0a95140ce..fdc12a050 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -35,7 +35,7 @@ disregard_network: False # use cache or error out if cache does not exist # If no_admin variable is established above (its actual value is IGNORED) also # set iiab_admin_user (below) to an existing Linux user that has sudo access. -# This is the username you'll use to login to Admin Console @ http://box/admin +# That is the username you'll use to login to Admin Console @ http://box/admin iiab_admin_user: iiab-admin From a8d89d01795622cbd22c367379c165c58ee36dc4 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 03:44:38 -0500 Subject: [PATCH 390/393] Update medium.localvars --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 226915f14..678c94992 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -16,7 +16,7 @@ # If no_admin variable is established above (its actual value is IGNORED) also # set iiab_admin_user (below) to an existing Linux user that has sudo access. -# This is the username you'll use to login to Admin Console @ http://box/admin +# That is the username you'll use to login to Admin Console @ http://box/admin iiab_admin_user: iiab-admin From fc7bdc0009904687a6fcbd8bcc2516a4084ec988 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 04:41:16 -0500 Subject: [PATCH 391/393] using 'debuntu' in Ansible output --- roles/network/tasks/named.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 8c88cd101..bd5d1b4c1 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -1,4 +1,4 @@ -- name: Install named packages for Debian/Debuntu +- name: Install named packages (debuntu) package: name={{ item }} state=present with_items: @@ -8,7 +8,7 @@ tags: - download -- name: Install named packages for non Debian/Debuntu +- name: Install named packages (OS's that are not debuntu) package: name={{ item }} state=present with_items: @@ -74,19 +74,19 @@ template: src=roles/network/templates/named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ when: dns_jail_enabled -- name: Separate enabling required for Debian +- name: Separate enabling required for debuntu file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=link when: is_debuntu and dns_jail_enabled -- name: Separate enabling/disabling required for Debian +- name: Separate enabling/disabling required (debuntu) file: src=/etc/{{ apache_config_dir }}/dns-jail.conf path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf state=absent when: is_debuntu and not dns_jail_enabled -- name: Separate enabling/disabling required for non Debian +- name: Separate enabling/disabling required (OS's that are not debuntu) file: path=/etc/{{ apache_config_dir }}/dns-jail.conf state=absent when: not is_debuntu and not dns_jail_enabled From 244cef6dfaa6be05f2ce4e68115c6c1ff8490e3c Mon Sep 17 00:00:00 2001 From: Jerry Vonau <jvonau3@gmail.com> Date: Tue, 7 Nov 2017 19:07:52 -0600 Subject: [PATCH 392/393] kalite static only --- roles/kalite/tasks/install.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index c08cc52de..6fb620c6e 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -10,16 +10,16 @@ get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt when: internet_available -- name: Install KA Lite dependencies with pip (debuntu) - pip: requirements={{ pip_packages_dir }}/kalite.txt - virtualenv={{ kalite_venv }} - virtualenv_site_packages=no - extra_args="--no-cache-dir" +#- name: Install KA Lite devel with pip - (debuntu) +# pip: requirements={{ pip_packages_dir }}/kalite.txt +# virtualenv={{ kalite_venv }} +# virtualenv_site_packages=no +# extra_args="--no-cache-dir" # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available and is_debuntu +# when: internet_available and is_debuntu -- name: Install KA Lite with pip (debuntu) +- name: Install KA Lite static with pip - (debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} @@ -29,15 +29,15 @@ # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -- name: Install KA Lite dependencies with pip (debuntu) - pip: requirements={{ pip_packages_dir }}/kalite.txt - virtualenv={{ kalite_venv }} - virtualenv_site_packages=no +#- name: Install KA Lite devel with pip - (OS's other than debuntu) +# pip: requirements={{ pip_packages_dir }}/kalite.txt +# virtualenv={{ kalite_venv }} +# virtualenv_site_packages=no # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" - when: internet_available and not is_debuntu +# when: internet_available and not is_debuntu -- name: Install KA Lite with pip (OS's other than debuntu) +- name: Install KA Lite static with pip - (OS's other than debuntu) pip: name=ka-lite-static version={{ kalite_version }} virtualenv={{ kalite_venv }} From d507c62328fdb901e0c98c384b3133c19fab6106 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Wed, 8 Nov 2017 13:46:06 -0500 Subject: [PATCH 393/393] clarified non-static + reqs file --- roles/kalite/tasks/install.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 6fb620c6e..32b6cc5c3 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -10,12 +10,11 @@ get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt when: internet_available -#- name: Install KA Lite devel with pip - (debuntu) +#- name: Install KA Lite non-static + reqs file with pip - (debuntu) # pip: requirements={{ pip_packages_dir }}/kalite.txt # virtualenv={{ kalite_venv }} # virtualenv_site_packages=no # extra_args="--no-cache-dir" -# extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" # when: internet_available and is_debuntu @@ -25,11 +24,10 @@ virtualenv={{ kalite_venv }} virtualenv_site_packages=no extra_args="--no-cache-dir" -# extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu -#- name: Install KA Lite devel with pip - (OS's other than debuntu) +#- name: Install KA Lite non-static + reqs file with pip - (OS's other than debuntu) # pip: requirements={{ pip_packages_dir }}/kalite.txt # virtualenv={{ kalite_venv }} # virtualenv_site_packages=no