external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-13 03:32:12 +00:00
Code Issues Releases Wiki Activity

Merge branch 'master' into file-module-fixes

Browse source
This commit is contained in:
A Holt 2017-11-09 06:48:50 -05:00 committed by GitHub
commit a849080fb4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
165 changed files with 2618 additions and 1682 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.github/ISSUE_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,5 @@
### Expected behavior and actual behavior.
### Steps to reproduce the problem.
### Specifications like the version of the IIAB, operating system version, or hardware details.

7
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,7 @@
### Fixes Bug
### Description of changes proposed in this pull request.
### Smoke-tested in operating system.
### Mention a team member for further information or comment using @ name

143
CONTRIBUTING.md Normal file
View file

@ -0,0 +1,143 @@
Contributing to Internet-in-a-Box (IIAB)
=======================================
Internet-in-a-Box runs on various GNU/Linux operating systems such as Fedora, Ubuntu, Debian, CentOS and Raspbian.
You can install Internet-in-a-Box on most late model desktop and laptop computers. It also supports Intel NUC, Intel Gigabyte BRIX, OLPC XO-1.5, XO-1.75, XO-4, Raspberry Pi 2 and Raspberry Pi 3. A VirtualBox VM can also used for testing purposes. Using Docker containers however is not recommended as our Ansible provisioning system requires low-level access to the operating system.
Please refer to [IIAB Platforms](https://github.com/iiab/iiab/wiki/IIAB-Platforms) for more information.
Internet-in-a-Box uses [Ansible](https://www.ansible.com/) infrastructure automation tool to deploy and configure all software packages. Ansible uses [playbooks](http://docs.ansible.com/ansible/latest/playbooks.html) a human readable instruction files in YAML format. Playbooks are divided into hosts, roles and tasks.
```
├── roles
│ ├── 1-prep
│ │ ├─ defaults
| | | ├──main.yml (lowest precedence variable definitions, overridden by <repo_root>/vars/default_vars.yml, overridden by ./vars/local_vars.yml.
│ │ ├── README.rst
│ │ ├── tasks
| | | ├──main.yml (specifies the actions to install this role
│ │ └── templates
| | | ├<(text files where ansible variables are substituted, specified via {% <variable> %} containers-(jinja2 language).
│ ├── 2-common
│ │ ├── README.rst
│ │ ├── tasks
│ │ └── templates
```
At runtime, Ansible gathers system information and makes it available (called 'facts') and combines this with playbook defined 'variables' to guide the installation process. The execution follows a sequence of cascading steps:
1. Bash script `./runansible` follows instructions in `iiab.yml` in the root directory.
2. `iiab.yml` calls 9 aggregate roles (the numbered directories under `./roles/`).
3. Each aggregate role has a `<role>/meta/main.yml` which calls the individual named roles.
Please refer to the [IIAB Architecture](https://github.com/iiab/iiab/wiki/IIAB-Architecture) and [IIAB Variables]( https://github.com/iiab/iiab/wiki/IIAB-Variables) pages for more information.
Installation
============
Before you start the installation please refer to the [hardware section of FAQ](http://wiki.laptop.org/go/IIAB/FAQ#What_hardware_should_I_use.3F) page for memory, storage and network requirements for your platform. Also note that downloading content might take a long time on slower Internet connections.
If you are a developer, please consider [building Internet-in-a-Box from scratch](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch).
Please refer to the [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation) page for more information.
Setting up development environment
===================================
( This section uses experimental development environment for Internet-in-a-Box. It is being developed in the [iiab-dev-mode repository](https://github.com/arky/iiab-dev-mode). )
This section provide a quick setup of Internet-in-a-Box (IIAB) development environment using [Vagrant](https://www.vagrantup.com/). You will need a computer with [virtualization enabled](https://www.virtualbox.org/manual/UserManual.html) and git, Vagrant (2.0 or later) and [VirtualBox](https://www.virtualbox.org/) installed.
## Requirements
* git
* [Vagrant (2.0 or later)](https://www.vagrantup.com/)
* [VirtualBox](https://www.virtualbox.org/wiki/Downloads)
* Editor ([Atom](www.atom.io), Emacs, vi, etc)
## Setup Instructions
1. Check out the repository and its submodules onto your development machine.
`git clone --recursive git@github.com:arky/iiab-dev-mode.git`
2. Change directory into 'iiab-dev-mode' with `cd iiab-dev-mode`. You can update all the submodules to latest master using `git submodule foreach git pull origin master`
3. Set up a vagrant machine with `vagrant up` and provision it with `vagrant provision`. Please select the available bridge network interface (wlan0 or eth0) that connects your host machine to the Internet.
4. Connect to your vagrant machine with `vagrant ssh`. All your local development files available as shared folder in `/opt/iiab` directory.
5. Install IIAB itself from the Ansible playbooks by following [IIAB Installation](https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch) instructions:
```
cd /opt/iiab/iiab/scripts/
./ansible
cd /opt/iiab/iiab/
./runansible
cd /opt/iiab/iiab-admin-console/
./install
cd /opt/iiab/iiab-menu/
./cp-menus
```
6. Hack away!
7. You can commit your local changes to your personal forks of Internet-in-a-Box repository and then send pull request to IIAB project. Once you forked a repository, you change directory into that repository and setting a default git remote push setting with the following command.
`cd <repo> && git remote set-url --push origin git@github.com:<your_username>/<your_forked_iiab_repo_name>.git`
Learn more by reading blog post [Different git Push & Pull(fetch) URLs](http://blog.yuriy.tymch.uk/2012/05/different-git-push-pullfetch-urls.html) and the [Git Basics - Working with Remotes](https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes) chapter of Scott Chacon and Ben Straub's "Git Pro" book.
8. Once you are done, you can stop your vagrant machine with `vagrant halt` or remove it completely with `vagrant destroy`.
Debugging
=========
Here are few strategies for debugging problems during the Internet-in-a-Box installation.
* When a installation task fails, Ansible halts printing out a descriptive error message to the screen. This error information is also written to `iiab-install.log` file within `/opt/iiab/iiab`. (Look through logs to check if any preceding line contains the error).
* When an installation succeeds, the last lines printed on the screen will look like the following (failed=0):
```
PLAY RECAP *********************************************************************
127.0.0.1 : ok=405 changed=125 unreachable=0 failed=0
```
* Search through the Ansible playbooks using `egrep -rn <string from the failing step> /opt/iiab/iiab/roles/*>` to find the failed task.
* You can add additional [debug print statements](http://docs.ansible.com/ansible/latest/debug_module.html) to Ansible playbooks for debugging the problem.
* Talk to us or report a bug using the information below.
Please refer to [Ansible playbook documentation](http://docs.ansible.com/ansible/latest/playbooks.html) for more information.
Testing your code with Travis CI
=================================
To maintain the quality of the Internet-in-a-Box (IIAB) code we use [Travis Continuous Integration (CI)](https://travis-ci.org) build infrastructure. Travis CI does tests to
ensure the code syntax is correct and the code is formatted properly using `ansible` syntax checker, `ansible-lint` and `ansible-review` tools. The results of Travis CI Internet-in-a-Box (IIAB) could be seen [here](https://travis-ci.org/iiab/iiab).
Every pull request is automatically tested by Travis CI. The results of these tests are added to the pull request. This aids Internet-in-a-Box (IIAB) developers in reviewing the quality of the code in a pull request.
To test your forked repository of Internet-in-a-Box (IIAB) code. You have to enable automatic build tests in your [Travis-ci.org](https://travis-ci.org) profile page.
* Login to [Travis-ci.org](https://travis-ci.org) using your Github account.
* Go to your Travis CI profile page and enable the repository you want to build.
* The builds will start whenever a new commit is pushed to your repository.
Please refer to [Travis CI documentation](https://docs.travis-ci.com/user/getting-started/) for more information.
Reporting Bugs
==============
You can file bug reports on [GitHub](https://github.com/):
* Sign up for a [GitHub](https://github.com/) account
* Go to the [issue tracker on GitHub](https://github.com/iiab/iiab/issues)
* Search for existing issues using the search field
* If you don't find any similar issues, file a new issue!
Please consider providing a descriptive title, your operating system information, error messages and steps to reproduce the issue.
Get in touch
============
* Join our [technology](http://lists.laptop.org/listinfo/server-devel) and [learning design](https://groups.google.com/group/unleashkids) mailing lists
* Join our [live calls](http://minutes.iiab.io) most Mondays and Thursday
* Join us on IRC live chat: [#schoolserver](https://webchat.freenode.net/?channels=#schoolserver) on [freenode]( https://www.freenode.net/)
* Post an idea or question to our [community forums](http://iiab.io/)
* Read our Frequently Asked Questions ([FAQ.IIAB.IO](http://FAQ.IIAB.IO))

0
LICENSE → LICENSE.md
View file

4
README-historical.md
View file

@ -34,8 +34,8 @@ Please read the `installation`_ documentation.
See the `XSCE project`_ for more information about the project. See the `XSCE project`_ for more information about the project.
.. _XSCE wiki: https://github.com/XSCE/iiab/wiki .. _XSCE wiki: https://github.com/XSCE/xsce/wiki
.. _installation: https://github.com/XSCE/iiab/wiki/XSCE-Installation .. _installation: https://github.com/XSCE/xsce/wiki/XSCE-Installation
.. _ansible: http://www.ansibleworks.com/ .. _ansible: http://www.ansibleworks.com/
.. _ansible documentation: http://www.ansibleworks.com/docs/ .. _ansible documentation: http://www.ansibleworks.com/docs/
.. _XSCE project: http://schoolserver.org/ .. _XSCE project: http://schoolserver.org/

3
iiab-base.yml
View file

@ -8,5 +8,6 @@
- vars/local_vars.yml - vars/local_vars.yml
roles: roles:
- { role: 1-prep, tags: ['prep','platform','base'] } - { role: 0-init, tags: ['0-init'] }
- { role: 1-prep, tags: ['1-prep','platform','base'] }
- { role: openvpn, tags: ['openvpn'] } - { role: openvpn, tags: ['openvpn'] }

14
iiab-from-console.yml
View file

@ -9,10 +9,10 @@
- /etc/iiab/config_vars.yml - /etc/iiab/config_vars.yml
roles: roles:
- { role: 1-prep, tags: ['prep','platform','base'] } - { role: 0-init, tags: ['0-init'] }
- { role: 4-server-options, tags: ['options'] } - { role: 4-server-options, tags: ['4-server-options'] }
- { role: 5-xo-services, tags: ['xo-services'] } - { role: 5-xo-services, tags: ['5-xo-services'] }
- { role: 6-generic-apps, tags: ['generic-apps'] } - { role: 6-generic-apps, tags: ['6-generic-apps'] }
- { role: 7-edu-apps, tags: ['edu-apps'] } - { role: 7-edu-apps, tags: ['7-edu-apps'] }
- { role: 8-mgmt-tools, tags: ['tools'] } - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
- { role: 9-local-addons, tags: ['addons'] } - { role: 9-local-addons, tags: ['9-local-addons'] }

90
iiab-install Executable file
View file

@ -0,0 +1,90 @@
#!/bin/bash -e
# running from a git repo
# Add cmdline options for passing to ansible
# todo add proper shift to gobble up --debug --reinstall
ARGS=""
OLD_RPI_KERN="4.9.41-v7+"
PLAYBOOK="iiab-stages.yml"
INVENTORY="ansible_hosts"
CWD=`pwd`
OS=`grep ^ID= /etc/*release|cut -d= -f2`
OS=${OS//\"/}
function version_gt() { [ "$(printf '%s\n' "$@" | sort -V | head -1)" != "$1" ]; }
export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
if [ ! -f $PLAYBOOK ]; then
echo "IIAB Playbook not found."
echo "Please run this command from the top level of the git repo."
echo "Exiting."
exit 1
fi
if [ $OS == "raspbian" ]; then
echo "Found Raspbian"
CURRENT_KERN=`uname -r`
if version_gt $CURRENT_KERN $OLD_RPI_KERN ; then
echo "Kernel looks ok - continuing"
else
echo "Kernel "$CURRENT_KERN" is too old. Before running './iiab-install' you first need"
echo "to update your system with 'apt update' then 'apt dist-upgrade' then reboot."
echo "INSTALL INSTRUCTIONS: https://github.com/iiab/iiab/wiki/IIAB-Installation"
exit 1
fi
fi
if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then
mkdir -p /etc/ansible/facts.d
fi
cp ./scripts/local_facts.fact /etc/ansible/facts.d/local_facts.fact
STAGE=""
if [ ! -f /etc/iiab/iiab.env ]; then
mkdir -p /etc/iiab
# ./scripts/ansible # needs discussion
else
OLD=`grep XSCE /etc/iiab/iiab.env | wc -l`
if [ "$OLD" != 0 ] || [ "$1" == "--reinstall" ]; then
echo "Found old XSCE install - re-installing from scratch"
rm /etc/iiab/iiab.env
# check ansible version here and force ansible upgrade if needed
else
source /etc/iiab/iiab.env
if [ "$1" == "--debug" ]; then
echo "Entering debug mode"
sed -i -e 's/^STAGE=.*/STAGE=2/' /etc/iiab/iiab.env
elif [ ! $STAGE == 9 ]; then
echo "Restarting *after* STAGE $STAGE..as soon as Stage 0 completes. Stage 9 comes last."
elif [ $STAGE == 9 ]; then
# place keeper add read response
# "offer 'Y' or stage number dialog box option to override"
echo "'iiab-install' has already been completed."
echo "Use --debug to override."
#echo "In demo mode not preventing second run"
echo "Exiting."
exit 1
fi
fi
fi
# if vars/local_vars.yml is missing, put a default one in place - First Run
if [ ! -f ./vars/local_vars.yml ]; then
case $OS in
OLPC | fedora)
cp ./vars/olpc.localvars ./vars/local_vars.yml
;;
centos | debian | ubuntu | raspbian)
cp ./vars/medium.localvars ./vars/local_vars.yml
;;
*)
echo "IIAB supports raspbian, debian, ubuntu, centos, and OLPC - exiting now..."
exit 1
;;
esac
fi
echo "Running local playbooks! "
ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null
ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local

33
iiab-network
View file

@ -1,17 +1,12 @@
#!/bin/bash #!/bin/bash
# running from a git repo
if [ -f /etc/iiab/iiab.env ] # ansible files exist
then CWD=`pwd`
. /etc/iiab/iiab.env export ANSIBLE_LOG_PATH="$CWD/iiab-network.log"
cd $XSCE_DIR
else
echo /etc/iiab/iiab.env is missing. Playbook has not been run.
exit 1
fi
if [ ! -f iiab-network.yml ] if [ ! -f iiab-network.yml ]
then then
echo "XSCE Playbook not found." echo "IIAB Playbook not found."
echo "Please run this command from the top level of the git repo." echo "Please run this command from the top level of the git repo."
echo "Exiting." echo "Exiting."
exit exit
@ -22,16 +17,24 @@ then
touch /etc/iiab/config_vars.yml touch /etc/iiab/config_vars.yml
fi fi
export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-network.log" Start=`date`
ansible-playbook -i ansible_hosts iiab-network.yml --connection=local ansible-playbook -i ansible_hosts iiab-network.yml --connection=local
End=`date`
echo "" >> iiab-network.log echo "" >> iiab-network.log
ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log
if [ ! "OS" == "debian" ]; then if [ ! "OS" == "debian" ]; then
ls -la /etc/sys*/net*/ifcfg* >> iiab-network.log
nmcli d >> iiab-network.log nmcli d >> iiab-network.log
nmcli c >> iiab-network.log nmcli c >> iiab-network.log
fi fi
brctl show >> iiab-network.log echo "" >> iiab-network.log
echo "run on:" >> iiab-network.log ip r >> iiab-network.log
date >> iiab-network.log echo "" >> iiab-network.log
brctl show br0>> iiab-network.log
echo "run start: $Start" >> iiab-network.log
echo "run end: $End" >> iiab-network.log
echo "" >> iiab-network.log echo "" >> iiab-network.log
echo "" >> iiab-network.log echo "" >> iiab-network.log
ip r
brctl show br0
echo "run start:$Start"
echo "run end: $End"

2
iiab-network.yml
View file

@ -9,5 +9,5 @@
- /etc/iiab/config_vars.yml - /etc/iiab/config_vars.yml
roles: roles:
- { role: 1-prep, tags: ['prep','platform','base'] } - { role: 0-init, tags: ['network'] }
- { role: network, tags: ['network','base'] } - { role: network, tags: ['network','base'] }

70
iiab-stages.yml Normal file
View file

@ -0,0 +1,70 @@
---
- hosts: all
become: yes
vars_files:
- roles/0-init/defaults/main.yml
- vars/default_vars.yml
- vars/{{ ansible_local.local_facts.os_ver }}.yml
- vars/local_vars.yml
tasks:
- name: 0-init
include_role:
name: 0-init
tags: 0-init
- name: 1-prep
include_role:
name: 1-prep
when: ansible_local.local_facts.stage|int < 1
tags: 1-prep, platform, base
- name: 2-common
include_role:
name: 2-common
when: ansible_local.local_facts.stage|int < 2
tags: 2-common, base
- name: 3-base-server
include_role:
name: 3-base-server
when: ansible_local.local_facts.stage|int < 3
tags: 3-base-server, base
- name: 4-server-options
include_role:
name: 4-server-options
when: ansible_local.local_facts.stage|int < 4
tags: 4-server-options
- name: 5-xo-services
include_role:
name: 5-xo-services
when: ansible_local.local_facts.stage|int < 5
tags: 5-xo-services
- name: 6-generic-apps
include_role:
name: 6-generic-apps
when: ansible_local.local_facts.stage|int < 6
tags: 6-generic-apps
- name: 7-edu-apps
include_role:
name: 7-edu-apps
when: ansible_local.local_facts.stage|int < 7
tags: 7-edu-apps
- name: 8-mgmt-tools
include_role:
name: 8-mgmt-tools
when: ansible_local.local_facts.stage|int < 8
tags: 8-mgmt-tools
- name: 9-local-addons
include_role:
name: 9-local-addons
when: ansible_local.local_facts.stage|int < 9
tags: 9-local-addons

21
iiab.yml
View file

@ -4,17 +4,18 @@
vars_files: vars_files:
- vars/default_vars.yml - vars/default_vars.yml
- vars/{{ ansible_local.local_facts.os_ver}}.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml
- vars/local_vars.yml - vars/local_vars.yml
- /etc/iiab/config_vars.yml - /etc/iiab/config_vars.yml
roles: roles:
- { role: 1-prep, tags: ['prep','platform','base'] } - { role: 0-init, tags: ['0-init'] }
- { role: 2-common, tags: ['common','base'] } - { role: 1-prep, tags: ['1-prep','platform','base'] }
- { role: 3-base-server, tags: ['base'] } - { role: 2-common, tags: ['2-common','base'] }
- { role: 4-server-options, tags: ['options'] } - { role: 3-base-server, tags: ['3-base-server','base'] }
# - { role: 5-xo-services, tags: ['xo-services'] } - { role: 4-server-options, tags: ['4-server-options'] }
- { role: 6-generic-apps, tags: ['generic-apps'] } - { role: 5-xo-services, tags: ['5-xo-services'] }
- { role: 7-edu-apps, tags: ['edu-apps'] } - { role: 6-generic-apps, tags: ['6-generic-apps'] }
- { role: 8-mgmt-tools, tags: ['tools'] } - { role: 7-edu-apps, tags: ['7-edu-apps'] }
- { role: 9-local-addons, tags: ['addons'] } - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
- { role: 9-local-addons, tags: ['9-local-addons'] }

4
install-support
View file

@ -2,6 +2,9 @@
PLAYBOOK="iiab-base.yml" PLAYBOOK="iiab-base.yml"
INVENTORY="ansible_hosts" INVENTORY="ansible_hosts"
CWD=`pwd`
export ANSIBLE_LOG_PATH="$CWD/iiab-install.log"
if [ ! -f $PLAYBOOK ] if [ ! -f $PLAYBOOK ]
then then
@ -14,5 +17,4 @@ fi
sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml
sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml
export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log"
ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local

32
roles/0-init/defaults/main.yml Normal file
View file

@ -0,0 +1,32 @@
# use these as a tag a release at a point in time
iiab_base_ver: 6.4
gui_version: 2
# These entries should never be changed in this file.
# These are defaults for boolean routines,
first_run: False
rpi_model: none
is_rpi: False
xo_model: none
gw_active: none
internet_available: False
discovered_wan_iface: none
# old defs
gui_port: 80
exFAT_enabled: False
is_F18: False
# Set default 1-prep discovered hardware
rtc_id: ds3231
NUC6_firmware_needed: False
# used in 2-common xo.yml
wifi_id: none
# used 3+ others
installing: False
# network
no_net_restart: False
no_NM_reload: False

149
roles/1-prep/tasks/computed_vars.yml → roles/0-init/tasks/computed_vars.yml
View file

@ -1,41 +1,71 @@
# get local vars from scripts in /etc/ansible/facts.d - name: re-read local_facts.facts from /etc/ansible/facts.d
# on first run, this will generate UUID
- name: re-read facts
setup: filter=ansible_local setup: filter=ansible_local
# set top level variables from local facts for convenience # set top level variables from local facts for convenience
- set_fact: - set_fact:
xo_model: '{{ ansible_local["local_facts"]["xo_model"] }}' xo_model: '{{ ansible_local.local_facts.xo_model }}'
phplib_dir: '{{ ansible_local["local_facts"]["phplib_dir"] }}' phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}'
iiab_stage: '{{ ansible_local.local_facts.stage }}'
- name: Set exFAT enabled for XOs # Networking uses a different file for the rpi
- name: Discover if this is a rpi -- assume if so it is running raspbian
set_fact:
rpi_model: "rpi"
is_rpi: True
no_net_restart: True
when: ansible_local.local_facts.os == "raspbian"
- name: Set exFAT enabled for XO laptops
set_fact: set_fact:
exFAT_enabled: True exFAT_enabled: True
when: xo_model != "none" when: xo_model != "none"
- name: add version section - name: set FQDN
ini_file: dest='{{ iiab_config_file }}' set_fact:
section=runtime iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
option='{{ item.option }}' FQDN_changed: False
value='{{ item.value }}'
with_items: - name: FQDN changed
- option: 'runtime_branch' set_fact:
value: '{{ ansible_local["local_facts"]["iiab_branch"] }}' FQDN_changed: True
- option: 'runtime_commit' when: iiab_fqdn != ansible_fqdn
value: '{{ ansible_local["local_facts"]["iiab_commit"] }}'
- option: 'runtime_date' - name: Now check FQDN
value: '{{ ansible_date_time["iso8601"] }}' include_tasks: roles/2-common/tasks/hostname.yml
- option: 'runtime_php' when: FQDN_changed
value: '{{ phplib_dir }}'
- option: 'kernel' # Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
value: '{{ ansible_kernel }}' - name: Finding gateway
- option: 'memory_mb' set_fact:
value: '{{ ansible_memtotal_mb }}' discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
- option: 'swap_mb' iiab_wan_iface: "{{ discovered_wan_iface }}"
value: '{{ ansible_swaptotal_mb }}' when: ansible_default_ipv4.gateway is defined
- option: 'product_id'
value: '{{ ansible_product_uuid }}' - name: Verify gateway present
shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l
when: discovered_wan_iface != "none"
register: gw_active_test
- name: Recording gateway response
set_fact:
gw_active: True
when: discovered_wan_iface != "none" and gw_active_test.stdout == "1"
- name: Test for internet access
get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
ignore_errors: True
# async: 10
# poll: 2
register: internet_access_test
- name: Set internet_available true if wget succeeded
set_fact:
internet_available: True
when: not internet_access_test|failed and not disregard_network
- name: Cleanup internet test file
file: path=/tmp/heart-beat.txt
state=absent
# Put all computed vars here so derive properly from any prior var file # Put all computed vars here so derive properly from any prior var file
- name: If the TZ is not set in env, set it to UTC - name: If the TZ is not set in env, set it to UTC
@ -52,7 +82,7 @@
gui_port: 443 gui_port: 443
when: adm_cons_force_ssl when: adm_cons_force_ssl
- name: Turn on mysql if elgg or rachel enabled - name: Require MySQL to be on
set_fact: set_fact:
mysql_install: True mysql_install: True
mysql_enabled: True mysql_enabled: True
@ -68,13 +98,13 @@
# when: sugarizer_enabled # when: sugarizer_enabled
# There might be other db's # There might be other db's
- name: Turn on postgresql if moodle or pathagar enabled - name: Turn on PostgreSQL if Moodle or Pathagar enabled
set_fact: set_fact:
postgresql_install: True postgresql_install: True
postgresql_enabled: True postgresql_enabled: True
when: moodle_enabled or pathagar_enabled when: moodle_enabled or pathagar_enabled
- name: Turn on docker if schooltool is to be installed - name: Turn on Docker if SchoolTool is to be installed
set_fact: set_fact:
docker_install: True docker_install: True
docker_enabled: True docker_enabled: True
@ -94,18 +124,18 @@
# but 'mariadb', which is its real name can # but 'mariadb', which is its real name can
# on fedora 18 we need to use 'mysqld' # on fedora 18 we need to use 'mysqld'
- name: Set mysqld service name to mariadb by default - name: Set mysqld_service to mariadb by default
set_fact: set_fact:
mysql_service: mariadb mysql_service: mariadb
- name: Set mysqld service name to mysqld for fedora 18 - name: Set mysqld_service to mysqld for Fedora 18
set_fact: set_fact:
mysql_service: mysqld mysql_service: mysqld
no_NM_reload: True no_NM_reload: True
is_F18: True is_F18: True
when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18" when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
- name: Set mysql service name to mysql for debian - name: Set mysql_service to mysql for Debian
set_fact: set_fact:
mysql_service: mysql mysql_service: mysql
when: is_debuntu when: is_debuntu
@ -140,3 +170,52 @@
set_fact: set_fact:
is_CentOS: True is_CentOS: True
when: ansible_distribution == "CentOS" when: ansible_distribution == "CentOS"
- name: add version section
ini_file: dest='{{ iiab_config_file }}'
section=runtime
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'iiab_stage'
value: '{{ iiab_stage }}'
- option: 'runtime_php'
value: '{{ phplib_dir }}'
- option: 'runtime_branch'
value: '{{ ansible_local.local_facts.iiab_branch }}'
- option: 'runtime_commit'
value: '{{ ansible_local.local_facts.iiab_commit }}'
- option: 'runtime_date'
value: '{{ ansible_date_time.iso8601 }}'
- option: 'ansible_version'
value: '{{ ansible_local.local_facts.ansible_version }}'
- option: 'kernel'
value: '{{ ansible_kernel }}'
- option: 'memory_mb'
value: '{{ ansible_memtotal_mb }}'
- option: 'swap_mb'
value: '{{ ansible_swaptotal_mb }}'
- option: 'product_id'
value: '{{ ansible_product_uuid }}'
- option: 'gw_active'
value: '{{ gw_active }}'
- option: 'internet_available'
value: '{{ internet_available }}'
- option: 'is_rpi'
value: '{{ is_rpi }}'
- option: 'first_run'
value: '{{ first_run }}'
- option: 'local_tz'
value: '{{ local_tz }}'
- option: 'FQDN_changed'
value: '{{ FQDN_changed }}'
- name: STAGE 0 HAS COMPLETED ======================================
ini_file: dest='{{ iiab_config_file }}'
section=runtime
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'is_VM'
value: 'yes'
when: is_VM is defined

210
roles/0-init/tasks/main.yml Normal file
View file

@ -0,0 +1,210 @@
# Initialize
- name: ...IS BEGINNING ============================================
stat: path=/etc/iiab/iiab.env
register: NewInstall
- name: Setting first run flag
set_fact:
first_run: True
when: not NewInstall.stat.exists
# we need to inialize the ini file and only write the location and version sections once and only
# once to preserve the install date and git hash.
- name: Write iiab_ini.yml for the first time
include_tasks: roles/1-prep/tasks/iiab_ini.yml
when: first_run
#- name: Loading computed_vars
# include_tasks: roles/0-init/tasks/computed_vars.yml
- name: re-read local_facts.facts from /etc/ansible/facts.d
setup: filter=ansible_local
# set top level variables from local facts for convenience
- set_fact:
xo_model: '{{ ansible_local.local_facts.xo_model }}'
phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}'
iiab_stage: '{{ ansible_local.local_facts.stage }}'
# Networking uses a different file for the rpi
- name: Discover if this is a rpi -- assume if so it is running raspbian
set_fact:
rpi_model: "rpi"
is_rpi: True
# no_net_restart: True
# nobridge: True
when: ansible_local.local_facts.os == "raspbian"
- name: Set exFAT enabled for XO laptops
set_fact:
exFAT_enabled: True
when: xo_model != "none"
# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
- name: Finding gateway
set_fact:
discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
iiab_wan_iface: "{{ discovered_wan_iface }}"
when: ansible_default_ipv4.gateway is defined
- name: Verify gateway present
shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" | grep icmp_seq=4 | wc -l
when: discovered_wan_iface != "none"
register: gw_active_test
- name: Recording gateway response
set_fact:
gw_active: True
when: discovered_wan_iface != "none" and gw_active_test.stdout == "1"
- name: Test for internet access
get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
ignore_errors: True
# async: 10
# poll: 2
register: internet_access_test
- name: Set internet_available true if wget succeeded
set_fact:
internet_available: True
when: not internet_access_test|failed and not disregard_network
- name: Cleanup internet test file
file: path=/tmp/heart-beat.txt
state=absent
# Put all computed vars here so derive properly from any prior var file
- name: If the TZ is not set in env, set it to UTC
set_fact: local_tz='UTC'
when: local_tz == ""
- name: Set port 80 for Admin Console
set_fact:
gui_port: 80
when: not adm_cons_force_ssl
- name: Set port 443 for Admin Console
set_fact:
gui_port: 443
when: adm_cons_force_ssl
- name: Require MySQL to be on
set_fact:
mysql_install: True
mysql_enabled: True
# we decided to enable mysql unconditionally
# when: elgg_enabled or rachel_enabled or owncloud_enabled or phpmyadmin_enabled or wordpress_enabled or iiab_menu_install
# Commenting out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427
# - name: Turn on mongodb if sugarizer enabled
# set_fact:
# mongodb_install: True
# mongodb_enabled: True
# when: sugarizer_enabled
# There might be other db's
- name: Turn on PostgreSQL if Moodle or Pathagar enabled
set_fact:
postgresql_install: True
postgresql_enabled: True
when: moodle_enabled or pathagar_enabled
- name: Turn on Docker if SchoolTool is to be installed
set_fact:
docker_install: True
docker_enabled: True
when: schooltool_enabled or schooltool_install
- name: Set python_path for is_redhat
set_fact:
python_path: /usr/lib/python2.7/site-packages/
when: is_redhat
- name: Set python_path for is_debuntu
set_fact:
python_path: /usr/local/lib/python2.7/dist-packages/
when: is_debuntu
# for various reasons the mysql service can not be enabled on fedora 20,
# but 'mariadb', which is its real name can
# on fedora 18 we need to use 'mysqld'
- name: Set mysqld_service to mariadb by default
set_fact:
mysql_service: mariadb
- name: Set mysqld_service to mysqld for Fedora 18
set_fact:
mysql_service: mysqld
no_NM_reload: True
is_F18: True
when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
- name: Set mysql_service to mysql for Debian
set_fact:
mysql_service: mysql
when: is_debuntu
- name: set FQDN
set_fact:
iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
FQDN_changed: False
- name: FQDN changed
set_fact:
FQDN_changed: True
when: iiab_fqdn != ansible_fqdn
- name: add version section
ini_file: dest='{{ iiab_config_file }}'
section=runtime
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'iiab_stage'
value: '{{ iiab_stage }}'
- option: 'runtime_php'
value: '{{ phplib_dir }}'
- option: 'runtime_branch'
value: '{{ ansible_local.local_facts.iiab_branch }}'
- option: 'runtime_commit'
value: '{{ ansible_local.local_facts.iiab_commit }}'
- option: 'runtime_date'
value: '{{ ansible_date_time.iso8601 }}'
- option: 'ansible_version'
value: '{{ ansible_local.local_facts.ansible_version }}'
- option: 'kernel'
value: '{{ ansible_kernel }}'
- option: 'memory_mb'
value: '{{ ansible_memtotal_mb }}'
- option: 'swap_mb'
value: '{{ ansible_swaptotal_mb }}'
- option: 'product_id'
value: '{{ ansible_product_uuid }}'
- option: 'gw_active'
value: '{{ gw_active }}'
- option: 'internet_available'
value: '{{ internet_available }}'
- option: 'is_rpi'
value: '{{ is_rpi }}'
- option: 'first_run'
value: '{{ first_run }}'
- option: 'local_tz'
value: '{{ local_tz }}'
- option: 'FQDN_changed'
value: '{{ FQDN_changed }}'
- name: Now changing FQDN
include_tasks: roles/2-common/tasks/hostname.yml
when: FQDN_changed
- name: STAGE 0 HAS COMPLETED ======================================
ini_file: dest='{{ iiab_config_file }}'
section=runtime
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'is_VM'
value: 'yes'
when: is_VM is defined

5
roles/1-prep/README.rst
View file

@ -2,5 +2,6 @@
Prep README Prep README
=========== ===========
This role is a sort on init or startup. It includes preliminaries like hostname and is where things This role is primarily hardware-focused, prior to OS additions/mods. Traditionally it included
that are specific to a particular platform, such as the XO, are done before the bulk of the install. preliminaries like hostname and things specific to a particular platform, such as the XO laptop,
done before the bulk of the install.

54
roles/1-prep/defaults/main.yml
View file

@ -1,54 +0,0 @@
# use these as a tag a release at a point in time
iiab_base_ver: 6.4
gui_version: 2
# These entries should never be changed in this file.
# These are defaults for boolean routines,
first_run: False
installing: False
NUC6_firmware_needed: False
exFAT_enabled: False
no_NM_reload: False
has_WAN: False
wireless_lan_present: False
strict_networking: False
iiab_demo_mode: False
gw_active: False
gui_static_wan: False
internet_available: False
is_F18: False
is_F20: False
is_F21: False
is_F22: False
is_F23: False
is_F24: False
# Set default for discovered hardware
driver_name: nl80211
rpi_model: none
is_rpi: False
xo_model: none
rtc_id: ds3231
# Set defaults for discovery process as strings
wifi1: "not found-1"
wifi2: "not found-2"
discovered_wan_iface: "none"
discovered_lan_iface: "none"
discovered_wireless_iface: "none"
iiab_wireless_lan_iface: "none"
iiab_lan_iface: "none"
iiab_wan_iface: "none"
device_gw: "none"
has_ifcfg_gw: "none"
has_wifi_gw: "none"
ap_device: "none"
device_gw2: ""
gui_port: 80
# must keep roles/iiab-admin/defaults/main.yml sync'd
admin_console_path: "{{ iiab_base }}/admin_console"
cmdsrv_path: "{{ iiab_base }}/iiab_cmdsrv"
iiab_cmdsrv_dbname : "iiab_cmdsrv.0.2.db"
wifi_id: none

6
roles/1-prep/tasks/iiab_ini.yml
View file

@ -25,10 +25,10 @@
- option: 'arch' - option: 'arch'
value: '{{ ansible_architecture }}' value: '{{ ansible_architecture }}'
- option: 'iiab_branch' - option: 'iiab_branch'
value: '{{ ansible_local["local_facts"]["iiab_branch"] }}' value: '{{ ansible_local.local_facts.iiab_branch }}'
- option: 'iiab_commit' - option: 'iiab_commit'
value: '{{ ansible_local["local_facts"]["iiab_commit"] }}' value: '{{ ansible_local.local_facts.iiab_commit }}'
- option: 'install_date' - option: 'install_date'
value: '{{ ansible_date_time["iso8601"] }}' value: '{{ ansible_date_time.iso8601 }}'
- option: 'install_xo' - option: 'install_xo'
value: '{{ xo_model }}' value: '{{ xo_model }}'

68
roles/1-prep/tasks/main.yml
View file

@ -1,27 +1,14 @@
- name: Determine if runansible was run # Preparations (Hardware Level)
stat: path=/etc/iiab/iiab.env
register: NewInstall
- name: Setting first run flag - name: ...IS BEGINNING ============================================
set_fact: command: echo
first_run: True
when: NewInstall.stat.exists is defined and not NewInstall.stat.exists
# we need to inialize the ini file - name: Get the uuidgen program
- include: iiab_ini.yml
when: first_run
- name: Set flag for fedora 18
set_fact:
is_F18: True
when: ansible_distribution_release == "based on Fedora 18" or ansible_distribution_version == "18"
- name: get the uuidgen program
package: name=uuid-runtime package: name=uuid-runtime
state=present state=present
when: is_debuntu when: is_debuntu
- name: Test for UUID file - name: Test for /etc/iiab/uuid file
stat: path=/etc/iiab/uuid stat: path=/etc/iiab/uuid
register: uuid_file register: uuid_file
@ -38,11 +25,11 @@
shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid
when: not uuid_file.stat.exists when: not uuid_file.stat.exists
- name: get the uuid - name: Get the uuid
command: cat /etc/iiab/uuid command: cat /etc/iiab/uuid
register: stored_uuid register: stored_uuid
- name: get the value into a variable - name: Get the value into a variable
set_fact: set_fact:
uuid={{ stored_uuid.stdout_lines[0] }} uuid={{ stored_uuid.stdout_lines[0] }}
@ -61,46 +48,41 @@
dest=/etc/chrony.conf dest=/etc/chrony.conf
src=chrony.conf.j2 src=chrony.conf.j2
- name: Disable apparmor -- on by default in ubuntu - name: Disable AppArmor -- on by default in Ubuntu
service: name=apparmor enabled=False state=stopped service: name=apparmor enabled=False state=stopped
when: first_run and is_ubuntu when: is_ubuntu
ignore_errors: true ignore_errors: true
- name: Disable selinux on next boot - name: Disable SELinux on next boot
selinux: state=disabled selinux: state=disabled
register: selinux_disabled register: selinux_disabled
when: first_run and not is_debuntu when: not is_debuntu
- name: Disable selinux for this session (if needed) - name: Disable SELinux for this session (if needed)
command: setenforce Permissive command: setenforce Permissive
when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
## DISCOVER PLATFORMS ###### ## DISCOVER PLATFORMS ######
- name: Discover if this is a rpi -- assume if so it is running raspbian - include_tasks: prep.yml
set_fact:
rpi_model: "rpi"
is_rpi: "True"
when: ansible_local.local_facts.os == "raspbian"
ignore_errors: true
- include: prep.yml
- include: computed_vars.yml
- include: detected_network.yml
when: not installing
# Put conditional actions for hardware platforms here # Put conditional actions for hardware platforms here
- include: raspberry_pi_2.yml - include_tasks: raspberry_pi_2.yml
when: first_run and rpi_model != "none" when: first_run and rpi_model != "none"
- name: Check if the identifier for intel's NUC6 builtin wifi is present - name: Check if the identifier for Intel's NUC6 builtin WiFi is present
shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'" shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'"
register: usb_NUC6 register: usb_NUC6
ignore_errors: true ignore_errors: true
when: first_run
- name: download the firmware for built in wifi on NUC6 - name: Download the firmware for built-in WiFi on NUC6
get_url: dest=/lib/firmware get_url: dest=/lib/firmware
url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode
when: first_run and usb_NUC6.stdout|int > 0 when: usb_NUC6.stdout|int > 0
# this script can be sourced to get IIAB location
- name: Recording STAGE 1 HAS COMPLETED ============================
template: src=roles/1-prep/templates/iiab.env.j2
dest=/etc/iiab/iiab.env
owner=root
group=root
mode=0644

9
roles/1-prep/tasks/raspberry_pi_2.yml
View file

@ -26,23 +26,23 @@
mode=0644 mode=0644
when: rtc_id != "none" when: rtc_id != "none"
- name: pre-Install packages - name: Pre-install packages
package: name={{ item }} package: name={{ item }}
state=latest state=latest
with_items: with_items:
- ntp - ntp
- name: increase the swap file size (kalite pip download fails) - name: Increase the swap file size (kalite pip download fails)
lineinfile: regexp="^CONF_SWAPSIZE" lineinfile: regexp="^CONF_SWAPSIZE"
line=CONF_SWAPSIZE=500 line=CONF_SWAPSIZE=500
dest=/etc/dphys-swapfile dest=/etc/dphys-swapfile
when: is_debuntu when: is_debuntu
- name: restart the swap service - name: Restart the swap service
command: /etc/init.d/dphys-swapfile restart command: /etc/init.d/dphys-swapfile restart
when: is_debuntu when: is_debuntu
- name: Add rpi rootfs resizing service - name: Add RPi rootfs resizing service
template: src={{ item.src }} template: src={{ item.src }}
dest={{ item.dest }} dest={{ item.dest }}
owner=root owner=root
@ -55,4 +55,3 @@
- name: Enable rootfs resizing service - name: Enable rootfs resizing service
service: name=iiab-rpi-root-resize service: name=iiab-rpi-root-resize
enabled=yes enabled=yes

7
roles/1-prep/templates/iiab.env.j2
View file

@ -1,7 +1,8 @@
# This is a configuration file for XSCE # This is a configuration file for IIAB
# It can sourced in a shell script or read into an application # It can sourced in a shell script or read into an application
XSCE_BASE_PATH={{ iiab_base }} IIAB_BASE_PATH={{ iiab_base }}
XSCE_DIR={{ iiab_dir }} IIAB_DIR={{ iiab_dir }}
OS={{ ansible_local.local_facts.os }} OS={{ ansible_local.local_facts.os }}
OS_VER={{ ansible_local.local_facts.os_ver }} OS_VER={{ ansible_local.local_facts.os_ver }}
WWWROOT={{ doc_root }} WWWROOT={{ doc_root }}
STAGE=1

52
roles/2-common/tasks/hostname.yml Normal file
View file

@ -0,0 +1,52 @@
- name: Create filesytem layout
include_tasks: roles/2-common/tasks/fl.yml
when: first_run
- name: Turn the crank for systemd
shell: hostnamectl set-hostname "{{ iiab_hostname }}.{{ iiab_domain }}"
when: is_debuntu
- name: Configure /etc/sysconfig/network
template: src=roles/network/templates/network/sysconfig.network.j2
dest=/etc/sysconfig/network
owner=root
group=root
mode=0644
when: is_redhat
- name: Configure short hostname in /etc/hosts
lineinfile: dest=/etc/hosts
regexp='^127\.0\.0\.1'
line='127.0.0.1 localhost.localdomain localhost box {{ iiab_hostname }}'
owner=root
group=root
mode=0644
- name: Configuring named
include_tasks: roles/network/tasks/named.yml
tags:
- named
- network
- domain
- name: Configuring dhcpd
include_tasks: roles/network/tasks/dhcpd.yml
tags:
- dhcpd
- network
- domain
- name: Configuring Squid
include_tasks: roles/network/tasks/squid.yml
when: squid_install
tags:
- squid
- network
- name: Re-configuring httpd - not initial install
include_tasks: roles/httpd/tasks/main.yml
when: iiab_stage|int > 3
- name: Re-configuring rest of networking - not initial install
include_tasks: roles/network/tasks/main.yml
when: iiab_stage|int > 4

2
roles/2-common/tasks/iiab_ini.yml
View file

@ -14,7 +14,7 @@
- option: 'iiab_dir' - option: 'iiab_dir'
value: '{{ iiab_dir }}' value: '{{ iiab_dir }}'
- name: add version section - name: Add version section
ini_file: dest='{{ iiab_config_file }}' ini_file: dest='{{ iiab_config_file }}'
section=version section=version
option='{{ item.option }}' option='{{ item.option }}'

32
roles/2-common/tasks/main.yml
View file

@ -1,20 +1,26 @@
# Common OS-Level Additions & Mods (that only need to be performed once)
- include: iiab_ini.yml - name: ...IS BEGINNING ==========================================
command: echo
# create the directory structure for XSCE #- include_tasks: iiab_ini.yml
- include: fl.yml
- include: xo.yml # create the directory structure for IIAB
#- include_tasks: fl.yml
- include_tasks: xo.yml
when: xo_model != "none" or osbuilder is defined when: xo_model != "none" or osbuilder is defined
- include: centos.yml - include_tasks: roles/network/tasks/iptables.yml
- include_tasks: centos.yml
when: ansible_distribution == "CentOS" when: ansible_distribution == "CentOS"
- include: fedora.yml - include_tasks: fedora.yml
when: ansible_distribution == "Fedora" when: ansible_distribution == "Fedora"
# the following installs common packages for both debian and fedora # the following installs common packages for both debian and fedora
- include: packages.yml - include_tasks: packages.yml
- sysctl: name=net.ipv4.ip_forward value=1 state=present - sysctl: name=net.ipv4.ip_forward value=1 state=present
- sysctl: name=net.ipv4.conf.default.rp_filter value=1 state=present - sysctl: name=net.ipv4.conf.default.rp_filter value=1 state=present
@ -28,7 +34,7 @@
- sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present - sysctl: name=net.ipv6.conf.default.disable_ipv6 value=1 state=present
- sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present
- name: Set default Timezone - name: Set default Time Zone
shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime shell: ln -sf /usr/share/zoneinfo/{{ iiab_TZ }} /etc/localtime
when: iiab_TZ is defined and iiab_TZ != "" when: iiab_TZ is defined and iiab_TZ != ""
@ -39,7 +45,13 @@
mode=0644 mode=0644
backup=no backup=no
- include: net_mods.yml - include_tasks: net_mods.yml
when: not is_debuntu and not is_F18 when: not is_debuntu and not is_F18
- include: udev.yml - include_tasks: udev.yml
- name: Recording STAGE 2 HAS COMPLETED ==========================
lineinfile: dest=/etc/iiab/iiab.env
regexp='^STAGE=*'
line='STAGE=2'
state=present

23
roles/2-common/tasks/packages.yml
View file

@ -1,16 +1,16 @@
- name: install yum deps for arm!!! - name: Install yum deps for arm!!!
shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser shell: dnf install -y python-urlgrabber pyxattr yum-metadata-parser
when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: install yum from Fedora 23 for arm!!! - name: Install yum from Fedora 23 for arm!!!
shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf shell: dnf install -y https://kojipkgs.fedoraproject.org//packages/yum/3.4.3/506.fc23/noarch/yum-3.4.3-506.fc23.noarch.rpm python-dnf
when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22 when: ansible_distribution == "Fedora" and ansible_machine == "armv7l" and ansible_distribution_version|int >= 22
- name: install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!! - name: Install yum if it has been dropped from our distribution -- Fedora 22 uses dnf!!!
shell: dnf install -y yum shell: dnf install -y yum
when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l" when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 and ansible_machine != "armv7l"
- name: get the createrepo program - name: Get the createrepo program
package: name=createrepo package: name=createrepo
state=present state=present
when: is_redhat when: is_redhat
@ -19,7 +19,7 @@
shell: createrepo {{ yum_packages_dir }} shell: createrepo {{ yum_packages_dir }}
when: is_redhat when: is_redhat
- name: Install local repo file. - name: Install local repo file
template: dest=/etc/yum.repos.d/iiab-local.repo template: dest=/etc/yum.repos.d/iiab-local.repo
src=local.repo src=local.repo
owner=root owner=root
@ -36,6 +36,9 @@
- linux-firmware - linux-firmware
- syslog - syslog
- xml-common - xml-common
- nss-mdns
- avahi
- avahi-tools
when: is_redhat when: is_redhat
- name: Download usbmount -- not in debian-9 - name: Download usbmount -- not in debian-9
@ -52,6 +55,9 @@
with_items: with_items:
- inetutils-syslogd - inetutils-syslogd
- wpasupplicant - wpasupplicant
- libnss-mdns
- avahi-daemon
- avahi-discover
when: is_debuntu when: is_debuntu
- name: Install common packages - name: Install common packages
@ -83,6 +89,7 @@
- curl - curl
- pandoc - pandoc
- lynx - lynx
- ntfs-3g
#- name: Install pip as a commonly required package management system #- name: Install pip as a commonly required package management system
# command: curl https://bootstrap.pypa.io/get-pip.py -o {{ downloads_dir }}/get-pip.py # command: curl https://bootstrap.pypa.io/get-pip.py -o {{ downloads_dir }}/get-pip.py
@ -90,7 +97,7 @@
#- name: Run the install script for pip #- name: Run the install script for pip
# command: python {{ downloads_dir }}/get-pip.py # command: python {{ downloads_dir }}/get-pip.py
- name: Install Common python packages - name: Install common Python packages
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -98,7 +105,7 @@
- python-setuptools - python-setuptools
- python-virtualenv - python-virtualenv
- name: Update common packages (not debian - name: Update common packages (not Debian)
package: name={{ item }} package: name={{ item }}
state=latest state=latest
with_items: with_items:
@ -108,7 +115,7 @@
- iptables - iptables
when: is_redhat when: is_redhat
- name: Update common packages (debian) - name: Update common packages (Debian)
package: name={{ item }} package: name={{ item }}
state=latest state=latest
with_items: with_items:

7
roles/2-common/tasks/udev.yml
View file

@ -23,13 +23,12 @@
shell: systemctl daemon-reload shell: systemctl daemon-reload
when: udev_unit.stat.exists is defined and udev_unit.stat.exists when: udev_unit.stat.exists is defined and udev_unit.stat.exists
- name: restart so systemd recognizes the changes - name: Restart so systemd recognizes the changes
shell: systemctl restart systemd-udevd.service shell: systemctl restart systemd-udevd.service
when: udev_unit.stat.exists is defined and udev_unit.stat.exists when: udev_unit.stat.exists is defined and udev_unit.stat.exists
- name: reload systemd-udevd so it has rootfs open read-write - name: Reload systemd-udevd so it has rootfs open read-write
template: src=udev-reload.service dest=/etc/systemd/system/ template: src=udev-reload.service dest=/etc/systemd/system/
- name: enable the reload service - name: Enable the reload service
shell: systemctl enable udev-reload.service shell: systemctl enable udev-reload.service

8
roles/2-common/tasks/xo.yml
View file

@ -25,7 +25,7 @@
regexp='^%_excludedocs' regexp='^%_excludedocs'
state=absent state=absent
- name: pre-Install packages - name: Pre-install packages
package: name={{ item }} package: name={{ item }}
state=latest state=latest
with_items: with_items:
@ -34,7 +34,7 @@
- man-db - man-db
- man-pages - man-pages
- name: re-Install packages - name: Re-install packages
shell: yum -y reinstall sed libidn grep which util-linux wget gnupg2 groff gnash yum shell: yum -y reinstall sed libidn grep which util-linux wget gnupg2 groff gnash yum
when: not osbuilder is defined when: not osbuilder is defined
@ -44,7 +44,7 @@
option=plugins option=plugins
value=ifcfg-rh,keyfile value=ifcfg-rh,keyfile
- name: check for modem config file - name: Check for modem config file
stat: path=/etc/NetworkManager/system-connections/"Sugar Modem Connection" stat: path=/etc/NetworkManager/system-connections/"Sugar Modem Connection"
register: config register: config
@ -109,7 +109,7 @@
state=absent state=absent
- name: Download substitute software for i386 on FC18 XO1.5 - name: Download substitute software for i386 on FC18 XO1.5
get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir}}/{{ item }} get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir }}/{{ item }}
with_items: with_items:
- hostapd_8188_i386 - hostapd_8188_i386
when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available

0
roles/2-common/tasks/yum.yml → roles/2-common/tasks/yum-historical.yml
View file

3
roles/3-base-server/README.rst
View file

@ -6,7 +6,6 @@ This role is a place to aggregate roles that are required to create a basic web
The functionality here is not packages that are not directly consumed by users, which are in common, The functionality here is not packages that are not directly consumed by users, which are in common,
nor specific applications, such as those found in the apps and tools roles. nor specific applications, such as those found in the apps and tools roles.
The difference between this aggregate and server-options is that the roles here are required. The difference between this aggregate (3-base-server) and 4-server-options is that the roles here are required.
Eventually a graphical configuration console will be added here. Eventually a graphical configuration console will be added here.

3
roles/3-base-server/meta/main.yml
View file

@ -1,3 +0,0 @@
dependencies:
- { role: httpd, tags: ['services','httpd','base'] }
- { role: iiab-admin, tags: ['services','iiab-admin','base'] }

36
roles/3-base-server/tasks/main.yml
View file

@ -1,18 +1,36 @@
# Base Server
- name: ...IS BEGINNING =====================================
command: echo
- name: HTTPD
include_role:
name: httpd
# has no "when: XXXXX_install" flag
tags: base, httpd
- name: IIAB-ADMIN
include_role:
name: iiab-admin
# has no "when: XXXXX_install" flag
tags: base, iiab-admin
- name: MYSQL
include_role:
name: mysql
# has no "when: XXXXX_install" flag
tags: base, mysql
- name: Make sure there is a content directory - name: Make sure there is a content directory
file: dest={{ doc_root }}/local_content file: dest={{ doc_root }}/local_content
state=directory state=directory
- name: Base Server Installed
command: echo Base Server Installed
- name: Restart httpd - name: Restart httpd
service: name={{ apache_service }} service: name={{ apache_service }}
state=restarted state=restarted
when: not installing when: not installing
# If we got here we're done - name: Record STAGE 3 HAS COMPLETED ========================
#- name: Record base gui version lineinfile: dest=/etc/iiab/iiab.env
# lineinfile: dest=/etc/iiab/iiab.env regexp='^STAGE=*'
# regexp='^BASE_VERSION=*' line='STAGE=3'
# line='BASE_VERSION="{{ gui_version }}"' state=present
# state=present

9
roles/4-server-options/meta/main.yml
View file

@ -1,9 +0,0 @@
dependencies:
- { role: sshd, tags: ['services','sshd','base'] }
- { role: network, tags: ['services','base','network'] }
- { role: postgresql, tags: ['services','postgresql','base'], when: postgresql_install }
- { role: authserver, tags: ['services','authserver','base'], when: authserver_install }
- { role: openvpn, tags: ['options','openvpn'], when: openvpn_install }
- { role: samba, tags: ['services','samba','options'], when: samba_install }
- { role: usb-lib, tags: ['services','usb-lib','options'], when: usb_lib_install }
- { role: cups, tags: ['services','cups','options'], when: cups_install }

95
roles/4-server-options/tasks/main.yml
View file

@ -1,40 +1,71 @@
- name: Server Options Installed # Server Options
command: echo Server Options Installed - name: ...IS BEGINNING ==================================
command: echo
# this script can be sourced to get iiab location - name: SSHD
- name: Create iiab.env file include_role:
template: src=roles/1-prep/templates/iiab.env.j2 name: sshd
dest=/etc/iiab/iiab.env # has no "when: XXXXX_install" flag
owner=root tags: base, sshd
group=root
mode=0644
- name: put a python interface to iiab.env - name: OPENVPN
include_role:
name: openvpn
when: openvpn_install
tags: openvpn
- name: NETWORK
include_role:
name: network
# has no "when: XXXXX_install" flag
tags: base, network
- name: HOMEPAGE
include_role:
name: homepage
# has no "when: XXXXX_install" flag
tags: base, homepage
- name: POSTGRESQL
include_role:
name: postgresql
when: postgresql_install
tags: postgresql, pathagar, moodle
- name: AUTHSERVER
include_role:
name: authserver
when: authserver_install
tags: olpc, authserver
- name: CUPS
include_role:
name: cups
when: cups_install
tags: cups
- name: SAMBA
include_role:
name: samba
when: samba_install
tags: samba
- name: USB-LIB
include_role:
name: usb-lib
when: usb_lib_install
tags: usb-lib
- name: Create a Python interface to iiab.env
template: src=roles/1-prep/templates/iiab_env.py.j2 template: src=roles/1-prep/templates/iiab_env.py.j2
dest=/etc/iiab/iiab_env.py dest=/etc/iiab/iiab_env.py
- name: generate the offline documents - name: Generate the offline documents
command: /usr/bin/iiab-refresh-wiki-docs command: /usr/bin/iiab-refresh-wiki-docs
when: not nodocs when: not nodocs
- name: Stop postgresql service - name: Recording STAGE 4 HAS COMPLETED ==================
command: "/etc/init.d/postgresql stop" lineinfile: dest=/etc/iiab/iiab.env
ignore_errors: True regexp='^STAGE=*'
when: postgresql_install and is_debuntu line='STAGE=4'
state=present
- name: Start postgresql service
service: name=postgresql-iiab
state=restarted
enabled=yes
when: postgresql_enabled
- name: Stop authserver service
service: name=xs-authserver
state=stopped
enabled=no
when: not authserver_enabled and authserver_install
- name: Start xs-authserver service
service: name=xs-authserver
state=restarted
when: authserver_enabled

3
roles/5-xo-services/README.rst
View file

@ -2,5 +2,4 @@
XO Services README XO Services README
================== ==================
This role is a place to aggregate roles that provide XO specific services. This role is a place to aggregate roles that provide specific services for One Laptop Per Child's XO laptops.

4
roles/5-xo-services/meta/main.yml
View file

@ -1,4 +0,0 @@
dependencies:
- { role: ejabberd_xs, tags: ['olpc','ejabberd-xs','xo-services'], when: ejabberd_xs_install }
- { role: idmgr, tags: ['olpc','idmgr','xo-services'], when: idmgr_install }
- { role: activity-server, tags: ['olpc','activity-server','xo-services'], when: activity_server_install }

28
roles/5-xo-services/tasks/main.yml
View file

@ -1,3 +1,27 @@
- name: XO Services Installed # XO Services
command: echo XO Services Installed - name: ...IS BEGINNING =====================================
command: echo
- name: ACTIVITY-SERVER
include_role:
name: activity-server
when: activity_server_install
tags: olpc, activity-server
- name: EJABBERD_XS
include_role:
name: ejabberd_xs
when: ejabberd_xs_install
tags: olpc, ejabberd-xs
- name: IDMGR
include_role:
name: idmgr
when: idmgr_install
tags: olpc, idmgr
- name: Recording STAGE 5 HAS COMPLETED =====================
lineinfile: dest=/etc/iiab/iiab.env
regexp='^STAGE=*'
line='STAGE=5'
state=present

6
roles/6-generic-apps/README.rst
View file

@ -2,6 +2,6 @@
Generic Apps README Generic Apps README
=================== ===================
This role is a place to aggregate roles that install apps of a more generic nature, as opposed to educational or managment. This role is a place to aggregate roles that install apps of a more generic or collaborative nature,
Content Management Systems or Chat or Wiki applications would go here. as opposed to educational or managment. Content Management Systems or Chat or Wiki applications
would go here.

9
roles/6-generic-apps/meta/main.yml
View file

@ -1,9 +0,0 @@
dependencies:
- { role: mysql, tags: ['generic','mysql'], when: mysql_install }
- { role: elgg, tags: ['generic','elgg'], when: elgg_install }
- { role: owncloud, tags: ['generic','owncloud'], when: owncloud_install }
- { role: nextcloud, tags: ['generic','nextcloud'], when: nextcloud_install }
- { role: dokuwiki, tags: ['generic','dokuwiki'], when: dokuwiki_install }
- { role: wordpress, tags: ['generic','wordpress'], when: wordpress_install }
- { role: calibre, tags: ['generic','calibre'], when: calibre_install }
- { role: ejabberd, tags: ['generic','ejabberd'], when: ejabberd_install }

52
roles/6-generic-apps/tasks/main.yml
View file

@ -1,3 +1,51 @@
- name: Generic Apps Installed # Generic Apps
command: echo Generic Apps Installed - name: ...IS BEGINNING ====================================
command: echo
- name: CALIBRE
include_role:
name: calibre
when: calibre_install
tags: calibre
- name: DOKUWIKI
include_role:
name: dokuwiki
when: dokuwiki_install
tags: dokuwiki
- name: ELGG
include_role:
name: elgg
when: elgg_install
tags: elgg
- name: EJABBERD
include_role:
name: ejabberd
when: ejabberd_install
tags: ejabberd
- name: NEXTCLOUD
include_role:
name: nextcloud
when: nextcloud_install
tags: nextcloud
- name: OWNCLOUD
include_role:
name: owncloud
when: owncloud_install
tags: owncloud
- name: WORDPRESS
include_role:
name: wordpress
when: wordpress_install
tags: wordpress
- name: Recording STAGE 6 HAS COMPLETED ====================
lineinfile: dest=/etc/iiab/iiab.env
regexp='^STAGE=*'
line='STAGE=6'
state=present

2
roles/7-edu-apps/README.rst
View file

@ -3,4 +3,4 @@ Educational Apps and Content README
=================================== ===================================
This role is a place to aggregate roles that provide Educational Content or This role is a place to aggregate roles that provide Educational Content or
are specifically targetted at pedagogical activities. are specifically targetted at pedagogical activities.

9
roles/7-edu-apps/meta/main.yml
View file

@ -1,9 +0,0 @@
dependencies:
- { role: moodle, tags: ['olpc','moodle','edu-apps'], when: moodle_install }
- { role: osm, tags: ['osm','edu-apps'], when: osm_install }
- { role: pathagar, tags: ['pathagar','edu-apps'], when: pathagar_install }
- { role: rachel, tags: ['rachel','edu-apps'], when: rachel_install }
- { role: kalite, tags: ['kalite','edu-apps'], when: kalite_install }
- { role: kiwix, tags: ['kiwix','edu-apps'], when: kiwix_install }
- { role: sugarizer, tags: ['sugarizer','edu-apps'], when: sugarizer_install }
# - { role: debian_schooltool, tags: ['schooltool','debian_schooltool','edu-apps'], when: debian_schooltool_install and is_debuntu }

46
roles/7-edu-apps/tasks/main.yml
View file

@ -1,3 +1,45 @@
- name: Educational Apps and Content Installed # Educational Apps
command: echo Educational Apps and Content Installed - name: ...IS BEGINNING ========================================
command: echo
- name: KALITE
include_role:
name: kalite
when: kalite_install
tags: kalite
- name: KIWIX
include_role:
name: kiwix
when: kiwix_install
tags: kiwix
- name: MOODLE
include_role:
name: moodle
when: moodle_install
tags: olpc, moodle
- name: OSM
include_role:
name: osm
when: osm_install
tags: osm
- name: PATHAGAR
include_role:
name: pathagar
when: pathagar_install
tags: pathagar
- name: SUGARIZER
include_role:
name: sugarizer
when: sugarizer_install
tags: sugarizer
- name: Recording STAGE 7 HAS COMPLETED ========================
lineinfile: dest=/etc/iiab/iiab.env
regexp='^STAGE=*'
line='STAGE=7'
state=present

10
roles/8-mgmt-tools/meta/main.yml
View file

@ -1,10 +0,0 @@
dependencies:
# - { role: sugar-stats, tags: ['olpc','sugar-stats','tools'], when: sugar_stats_install and ansible_distribution != "CentOS" }
# - { role: ajenti, tags: ['services','ajenti','tools'], when: ajenti_install }
- { role: munin, tags: ['services','munin','tools'], when: munin_install }
- { role: monit, tags: ['services','monit','tools'], when: monit_install }
- { role: vnstat, tags: ['services','vnstat','tools'], when: vnstat_install }
# - { role: xovis, tags: ['services','xovis','tools'], when: xovis_install and ansible_distribution != "CentOS" }
- { role: phpmyadmin, tags: ['services','phpmyadmin','tools'], when: phpmyadmin_install }
- { role: awstats, tags: ['services','awstats','tools'], when: awstats_install }
- { role: teamviewer, tags: ['services','teamviewer','tools'], when: teamviewer_install }

59
roles/8-mgmt-tools/tasks/main.yml
View file

@ -1,3 +1,58 @@
- name: Assessment and Monitoring Tools Installed # Assessment and Monitoring Tools
command: echo Assessment and Monitoring Tools Installed
- name: ...IS BEGINNING ======================================
command: echo
- name: AWSTATS
include_role:
name: awstats
when: awstats_install
tags: awstats
- name: MONIT
include_role:
name: monit
when: monit_install
tags: monit
- name: MUNIN
include_role:
name: munin
when: munin_install
tags: munin
- name: PHPMYADMIN
include_role:
name: phpmyadmin
when: phpmyadmin_install
tags: phpmyadmin
- name: SUGAR-STATS
include_role:
name: sugar-stats
when: sugar_stats_install and ansible_distribution != "CentOS"
tags: olpc, sugar-stats
- name: TEAMVIEWER
include_role:
name: teamviewer
when: teamviewer_install
tags: teamviewer
- name: VNSTAT
include_role:
name: vnstat
when: vnstat_install
tags: vnstat
- name: XOVIS
include_role:
name: xovis
when: xovis_install and ansible_distribution != "CentOS"
tags: xovis
- name: Recording STAGE 8 HAS COMPLETED ======================
lineinfile: dest=/etc/iiab/iiab.env
regexp='^STAGE=*'
line='STAGE=8'
state=present

6
roles/9-local-addons/README.rst
View file

@ -7,15 +7,15 @@ This role is a place to aggregate roles developed by various contributors or loc
Development Development
----------- -----------
Create the role you wish to add to the XSCE School Server by following the pattern of another role or any other means. Create the role you wish to add to Internet-in-a-Box by following the pattern of another role or any other means.
Packaging Packaging
--------- ---------
Add your role into the main.yml file in the meta directory of the 7-local-addons role. It will now get installed as part of Add your role into the main.yml file in the tasks directory of the 9-local-addons role. It will now get installed as part of
the next ansible run. the next ansible run.
More Info More Info
--------- ---------
Have a look at the docs section of this git repo for more detailed information. Have a look at https://github.com/iiab/iiab/wiki/IIAB-Architecture (offline at http://box/info/IIAB-Architecture.html) for more detailed information.

2
roles/9-local-addons/meta/main.yml
View file

@ -1,2 +0,0 @@
# Add your role to this list and then uncomment dependencies. Adding a tag is handy for testing.
#dependencies:

11
roles/9-local-addons/tasks/main.yml
View file

@ -1,3 +1,10 @@
- name: Addon services installed # Local Add-ons
command: echo Addon services installed
- name: ...IS BEGINNING ====================================
command: echo
- name: Recording STAGE 9 HAS COMPLETED ====================
lineinfile: dest=/etc/iiab/iiab.env
regexp='^STAGE=*'
line='STAGE=9'
state=present

2
roles/activity-server/tasks/main.yml
View file

@ -16,7 +16,7 @@
# Wish synchronize worked, but it doesn't # Wish synchronize worked, but it doesn't
- name: Copy language templates - name: Copy language templates
command: rsync -a {{iiab_dir}}/roles/activity-server/files/lang_templates /library/xs-activity-server/ command: rsync -a {{ iiab_dir }}/roles/activity-server/files/lang_templates /library/xs-activity-server/
- name: Copy default index files - name: Copy default index files
copy: src={{ item }} copy: src={{ item }}

2
roles/ajenti/tasks/main.yml
View file

@ -37,7 +37,7 @@
mode=0744 mode=0744
state=file state=file
- include: ajenti-wondershaper.yml - include_tasks: ajenti-wondershaper.yml
when: 'iiab_lan_iface != ""' when: 'iiab_lan_iface != ""'
# handler doesn't fire # handler doesn't fire

9
roles/authserver/tasks/main.yml
View file

@ -38,8 +38,15 @@
environment: environment:
XS_AUTHSERVER_DATABASE: /var/lib/xs-authserver/data.db XS_AUTHSERVER_DATABASE: /var/lib/xs-authserver/data.db
- name: Enable xs-authserver service - name: Stop authserver service
service: name=xs-authserver service: name=xs-authserver
state=stopped
enabled=no
when: not authserver_enabled
- name: Start xs-authserver service
service: name=xs-authserver
state=restarted
enabled=yes enabled=yes
when: authserver_enabled when: authserver_enabled

22
roles/awstats/tasks/install.yml
View file

@ -1,4 +1,4 @@
- name: Install awstats package - name: Install AWStats package
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -8,7 +8,7 @@
tags: tags:
- download - download
- name: Install awstats package - name: Install AWStats package
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -22,7 +22,7 @@
command: a2enmod cgi command: a2enmod cgi
when: is_debuntu when: is_debuntu
- name: Create directory for awstat to use as intermediate summary storage - name: Create directory for AWStats to use as intermediate summary storage
file: path={{ item }} file: path={{ item }}
mode=0750 mode=0750
owner={{ apache_user }} owner={{ apache_user }}
@ -33,7 +33,7 @@
- "{{ awstats_data_dir }}" - "{{ awstats_data_dir }}"
- "{{ apache_log_dir }}" - "{{ apache_log_dir }}"
- name: Install the Apache config for Advanced Web Statistics - name: Install the Apache config for AWStats
template: src=apache.conf template: src=apache.conf
dest=/etc/{{ apache_config_dir }}/awstats.conf dest=/etc/{{ apache_config_dir }}/awstats.conf
owner=root owner=root
@ -41,7 +41,7 @@
mode=0644 mode=0644
when: awstats_enabled and is_debuntu when: awstats_enabled and is_debuntu
- name: Install the Apache config for Advanced Web Statistics - name: Install the Apache config for AWStats
template: src=apache-awstats.conf template: src=apache-awstats.conf
dest=/etc/{{ apache_config_dir }}/awstats.conf dest=/etc/{{ apache_config_dir }}/awstats.conf
owner=root owner=root
@ -63,18 +63,18 @@
command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist
when: awstats.stat.islnk is defined and not awstats.stat.islnk when: awstats.stat.islnk is defined and not awstats.stat.islnk
- name: Enable Awstats - name: Enable AWStats
file: src=/etc/apache2/sites-available/awstats.conf file: src=/etc/apache2/sites-available/awstats.conf
path=/etc/apache2/sites-enabled/awstats.conf path=/etc/apache2/sites-enabled/awstats.conf
state=link state=link
when: awstats_enabled and is_debuntu when: awstats_enabled and is_debuntu
- name: Disable Awstats - name: Disable AWStats
file: path=/etc/apache2/sites-enabled/awstats.conf file: path=/etc/apache2/sites-enabled/awstats.conf
state=absent state=absent
when: not awstats_enabled and is_debuntu when: not awstats_enabled and is_debuntu
- name: Install the awstats config for Advanced Web Statistics - name: Install the AWStats config
template: src=awstats.schoolserver.conf.j2 template: src=awstats.schoolserver.conf.j2
dest=/etc/awstats/awstats.schoolserver.conf dest=/etc/awstats/awstats.schoolserver.conf
owner=root owner=root
@ -82,16 +82,16 @@
mode=0644 mode=0644
when: awstats_enabled when: awstats_enabled
- name: Create a symbolic link to use when access is by ip address - name: Create a symbolic link to use when access is by IP address
file: src=/etc/awstats/awstats.schoolserver.conf file: src=/etc/awstats/awstats.schoolserver.conf
dest=/etc/awstats/awstats.conf dest=/etc/awstats/awstats.conf
state=link state=link
when: awstats_enabled when: awstats_enabled
- name: On first enabling of awstats, summarize httpd logs up to now - name: On first enabling of AWStats, summarize httpd logs up to now
shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update
when: awstats_enabled and not is_debuntu when: awstats_enabled and not is_debuntu
- name: On first enabling of awstats, summarize httpd logs up to now - name: On first enabling of AWStats, summarize httpd logs up to now
shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update
when: awstats_enabled and is_debuntu when: awstats_enabled and is_debuntu

6
roles/awstats/tasks/main.yml
View file

@ -1,7 +1,7 @@
- include: install.yml - include_tasks: install.yml
when: awstats_install when: awstats_install
- name: Add awstats to service list - name: Add AWStats to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=awstats section=awstats
option='{{ item.option }}' option='{{ item.option }}'
@ -10,7 +10,7 @@
- option: name - option: name
value: awstats value: awstats
- option: description - option: description
value: '"Awstats is Advanced Web Statistics package written in perl which generates static or dynamic html summaries based upon web server logs"' value: '"AWStats is Advanced Web Statistics package written in Perl which generates static or dynamic html summaries based upon web server logs"'
- option: installed - option: installed
value: "{{ awstats_install }}" value: "{{ awstats_install }}"
- option: enabled - option: enabled

8
roles/calibre/tasks/main.yml
View file

@ -6,13 +6,13 @@
mode=0755 mode=0755
when: ansible_distribution == "CentOS" when: ansible_distribution == "CentOS"
- name: Install Calibre - name: Install Calibre (CentOS)
shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null" shell: "{{ downloads_dir }}/calibre-installer.py >> /dev/null"
args: args:
creates: /usr/bin/calibre-uninstall creates: /usr/bin/calibre-uninstall
when: calibre_install and ansible_distribution == 'CentOS' when: calibre_install and ansible_distribution == 'CentOS'
- name: Install Calibre rpms - name: Install Calibre (OS's other than CentOS)
# the fedora rpm arm version, though older, takes care of dependencies, and exists # the fedora rpm arm version, though older, takes care of dependencies, and exists
package: name={{ item }} package: name={{ item }}
state=present state=present
@ -20,7 +20,7 @@
- calibre - calibre
when: calibre_install and ansible_distribution != 'CentOS' when: calibre_install and ansible_distribution != 'CentOS'
- name: Create Calibre service(s) and support scripts - name: Create calibre-serve.service and calibre.conf
template: backup=no template: backup=no
src={{ item.src }} src={{ item.src }}
dest={{ item.dest }} dest={{ item.dest }}
@ -52,7 +52,7 @@
state=stopped state=stopped
when: not calibre_enabled when: not calibre_enabled
- name: Add Calibre to service list - name: Add 'calibre-serve' to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=calibre section=calibre
option='{{ item.option }}' option='{{ item.option }}'

18
roles/cups/tasks/main.yml
View file

@ -1,5 +1,5 @@
# administer this service by browsing to localhost:631 # administer this service by browsing to localhost:631
- name: get the CUPS package installed - name: Get the CUPS package installed
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -8,7 +8,7 @@
tags: tags:
- download - download
- name: Put our own config file in place, to permit local lan admin - name: Put our own config file in place, to permit local LAN admin
template: dest=/etc/cups/cupsd.conf template: dest=/etc/cups/cupsd.conf
src=cupsd.conf src=cupsd.conf
@ -22,7 +22,7 @@
state=link state=link
when: cups_enabled and is_debuntu when: cups_enabled and is_debuntu
- name: Enable services for cups - name: Enable services for CUPS (OS's other than Fedora 18)
service: name={{ item }} service: name={{ item }}
state=started state=started
enabled=yes enabled=yes
@ -31,17 +31,17 @@
- cups-browsed - cups-browsed
when: cups_enabled and not is_F18 when: cups_enabled and not is_F18
- name: Enable services for cups for xo's - name: Enable services for CUPS (Fedora 18, for XO laptops)
service: name=cups service: name=cups
state=started state=started
enabled=yes enabled=yes
when: cups_enabled and is_F18 when: cups_enabled and is_F18
- name: Permit headless admin of CUPS -- only works when cups daemon is running - name: Permit headless admin of CUPS -- only works when CUPS daemon is running
shell: "cupsctl --remote-admin" shell: "cupsctl --remote-admin"
when: cups_enabled when: cups_enabled
- name: Disable services for cups - name: Disable services for CUPS (OS's other than Fedora 18)
service: name={{ item }} service: name={{ item }}
state=stopped state=stopped
enabled=no enabled=no
@ -50,13 +50,13 @@
- cups-browsed - cups-browsed
when: not cups_enabled and not is_F18 when: not cups_enabled and not is_F18
- name: Disable services for cups for xo's - name: Disable services for CUPS (Fedora 18, for XO laptops)
service: name=cups service: name=cups
state=stopped state=stopped
enabled=no enabled=no
when: not cups_enabled and is_F18 when: not cups_enabled and is_F18
- name: add cups to service list - name: Add 'cups' to service list
ini_file: dest={{ service_filelist }} ini_file: dest={{ service_filelist }}
section=cups section=cups
option={{ item.option }} option={{ item.option }}
@ -65,7 +65,7 @@
- option: name - option: name
value: '"Common UNIX Printing System (CUPS)"' value: '"Common UNIX Printing System (CUPS)"'
- option: description - option: description
value: '"CUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' value: '"CUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."'
- option: installed - option: installed
value: "{{ cups_install }}" value: "{{ cups_install }}"
- option: enabled - option: enabled

8
roles/dokuwiki/README.rst
View file

@ -1,5 +1,5 @@
=============== ===============
Dokuwiki README DokuWiki README
=============== ===============
DokuWiki is a simple to use and highly versatile Open Source wiki software that DokuWiki is a simple to use and highly versatile Open Source wiki software that
@ -10,12 +10,12 @@ make DokuWiki especially useful in the enterprise context and the large number o
plugins contributed by its vibrant community allow for a broad range of use cases plugins contributed by its vibrant community allow for a broad range of use cases
beyond a traditional wiki. beyond a traditional wiki.
http://dokuwiki.org/ http://dokuwiki.org
After Installation After Installation
------------------ ------------------
Head to http://schoolserver.lan/wiki. The webpage will probably throw up an error Head to http://box.lan/wiki. The webpage will probably throw up an error
saying you haven't run install.php yet, with a link to it. Click the link to be saying you haven't run install.php yet, with a link to it. Click the link to be
taken to the install page which does the initial configuration of the wiki. After taken to the install page which does the initial configuration of the wiki. After
this, you should be all set! this, you should be all set!
@ -33,4 +33,4 @@ None yet other than the basic enabled/disabled. Haven't really tested if they wo
Todo Todo
---- ----
* Preinstall some popular plugins. * Preinstall some popular plugins.
* Additional XSCE customizations. * Additional IIAB customizations.

14
roles/dokuwiki/tasks/install.yml
View file

@ -1,5 +1,5 @@
- name: Get the Dokuwiki software - name: Get the DokuWiki software
get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir}}/ get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir }}/
when: internet_available when: internet_available
- name: Copy it to permanent location /library - name: Copy it to permanent location /library
@ -8,24 +8,24 @@
- name: Symlink /library/dokuwiki* to /library/dokuwiki - name: Symlink /library/dokuwiki* to /library/dokuwiki
shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi
- name: Install config file for dokuwiki in Apache - name: Install config file for DokuWiki in Apache
template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf
when: dokuwiki_enabled when: dokuwiki_enabled
- name: enable the dokuwiki - name: Enable the DokuWiki
file: path=/etc/apache2/sites-enabled/dokuwiki.conf file: path=/etc/apache2/sites-enabled/dokuwiki.conf
src=/etc/apache2/sites-available/dokuwiki.conf src=/etc/apache2/sites-available/dokuwiki.conf
state=link state=link
when: dokuwiki_enabled and is_debuntu when: dokuwiki_enabled and is_debuntu
- name: disable the dokuwiki - name: Disable the DokuWiki
file: path=/etc/apache2/sites-enabled/dokuwiki.conf file: path=/etc/apache2/sites-enabled/dokuwiki.conf
state=absent state=absent
when: not dokuwiki_enabled and is_debuntu when: not dokuwiki_enabled and is_debuntu
- name: Change permissions on engine directory so apache can write - name: Change permissions on engine directory so Apache can write
file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes
- name: Restart apache, so it picks up the new aliases - name: Restart Apache, so it picks up the new aliases
service: name={{ apache_service }} state=restarted service: name={{ apache_service }} state=restarted

4
roles/dokuwiki/tasks/main.yml
View file

@ -1,8 +1,8 @@
- name: Include the install playbook - name: Include the install playbook
include: install.yml include_tasks: install.yml
when: dokuwiki_install when: dokuwiki_install
- name: Add dokuwiki to service list - name: Add DokuWiki to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=dokuwiki section=dokuwiki
option='{{ item.option }}' option='{{ item.option }}'

47
roles/ejabberd/tasks/main.yml
View file

@ -14,25 +14,30 @@
group=root group=root
mode={{ item.mode }} mode={{ item.mode }}
with_items: with_items:
- { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' } - { src: 'ejabberd-iiab.cfg.j2', dest: '/etc/ejabberd/ejabberd-iiab.cfg' , mode: '0644' }
- { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-iiab.cfg', mode: '0644' }
- { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' } - { src: 'ejabberd-iiab', dest: '/etc/sysconfig/ejabberd-iiab', mode: '0755' }
# - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'}
# - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' }
- { src: 'ejabberd-xs.service.j2', dest: '/etc/systemd/system/ejabberd-xs.service', mode: '0755' } - { src: 'ejabberd-iiab.service.j2', dest: '/etc/systemd/system/ejabberd-iiab.service', mode: '0755' }
- { src: 'xs-ejabberd-srg', dest: '/usr/bin/xs-ejabberd-srg' , mode: '0755' } - { src: 'iiab-ejabberd-srg', dest: '/usr/bin/iiab-ejabberd-srg' , mode: '0755' }
- { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' } # - { src: '10-ejabberdmoodle', dest: '/etc/sudoers.d/10-ejabberdmoodle', mode: '0440' }
- { src: 'ejabberd.tmpfiles', dest: '/etc/tmpfiles.d/ejabberd.conf', mode: '0640' } - { src: 'ejabberd.tmpfiles', dest: '/etc/tmpfiles.d/ejabberd.conf', mode: '0640' }
register: ejabberd_config register: ejabberd_config
- name: Stop and disable OS provided systemd ejabberd service
service: name=ejabberd
state=stopped
enabled=no
- name: Put the startup script in place - debian - name: Put the startup script in place - debian
template: src='ejabberd-xs.init' template: src='ejabberd-iiab.init'
dest='/etc/init.d/ejabberd-xs' dest='/etc/init.d/ejabberd-iiab'
when: is_debuntu when: is_debuntu
- name: Put the startup script in place - non debian - name: Put the startup script in place - non debian
template: src='ejabberd-xs.init' template: src='ejabberd-iiab.init'
dest='/usr/libexec/ejabberd-xs' dest='/usr/libexec/ejabberd-iiab'
when: not is_debuntu when: not is_debuntu
- name: Remove ejabberd_domain if domain changes - name: Remove ejabberd_domain if domain changes
@ -41,14 +46,14 @@
when: ejabberd_config.changed when: ejabberd_config.changed
- name: Enable ejabberd service - name: Enable ejabberd service
file: src=/etc/systemd/system/ejabberd-xs.service file: src=/etc/systemd/system/ejabberd-iiab.service
dest=/etc/systemd/system/multi-user.target.wants/ejabberd-xs.service dest=/etc/systemd/system/multi-user.target.wants/ejabberd-iiab.service
owner=root owner=root
group=root group=root
state=link state=link
- name: Start ejabberd service - name: Start ejabberd service
service: name=ejabberd-xs service: name=ejabberd-iiab
state=restarted state=restarted
enabled=yes enabled=yes
when: ejabberd_config.changed and ejabberd_enabled when: ejabberd_config.changed and ejabberd_enabled
@ -60,10 +65,14 @@
timeout=300 timeout=300
when: ejabberd_config.changed and ejabberd_enabled when: ejabberd_config.changed and ejabberd_enabled
- name: Create online group # ejabberd-iiab.init has the logic for the below, needs to be done once
shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online # and only if the group does not exist based on presence of
when: ejabberd_config.changed and not is_debuntu # /var/lib/ejabberd online_src_created
- name: Add all users to online group #- name: Create online group
shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver" # shell: ejabberdctl srg_create Online "{{ iiab_hostname }}" Online "Online_Users" Online
when: ejabberd_config.changed and not is_debuntu # when: ejabberd_config.changed
#- name: Add all users to online group
# shell: ejabberdctl srg_user_add '@online@' "{{ iiab_hostname }}" Online "schoolserver"
# when: ejabberd_config.changed

4
roles/ejabberd/templates/ejabberd
View file

@ -3,9 +3,9 @@
# #
# ejabberd now handles domain changes in the initrd script # ejabberd now handles domain changes in the initrd script
# #
SERVICE_NAME=ejabberd-xs SERVICE_NAME=ejabberd-iiab
CONFIG_LIST="/etc/ejabberd/ejabberd-xs.cfg" CONFIG_LIST="/etc/ejabberd/ejabberd-iiab.cfg"
# taken from ejabberd spec %post # taken from ejabberd spec %post
# taken from ejabberd spec %post # taken from ejabberd spec %post

2
roles/ejabberd/templates/ejabberd-xs → roles/ejabberd/templates/ejabberd-iiab
View file

@ -2,7 +2,7 @@
## Where should ejabberd find its configuration file? ## Where should ejabberd find its configuration file?
# #
CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg
## ULIMIT_MAX_FILES alters the number of files that ejabberd is ## ULIMIT_MAX_FILES alters the number of files that ejabberd is
## allowed to have open at once. If it is unset the system default ## allowed to have open at once. If it is unset the system default

0
roles/ejabberd/templates/ejabberd-xs.cfg.j2 → roles/ejabberd/templates/ejabberd-iiab.cfg.j2
View file

24
roles/ejabberd/templates/ejabberd-xs.init → roles/ejabberd/templates/ejabberd-iiab.init
View file

@ -17,14 +17,17 @@
# Description: A distributed, fault-tolerant Jabber/XMPP server # Description: A distributed, fault-tolerant Jabber/XMPP server
### END INIT INFO ### END INIT INFO
SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name
OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
. /etc/rc.d/init.d/functions . /etc/rc.d/init.d/functions
if [ -r /etc/sysconfig/ejabberd-xs ]; then if [ -r /etc/sysconfig/ejabberd-iiab ]; then
. /etc/sysconfig/ejabberd-xs . /etc/sysconfig/ejabberd-iiab
fi fi
if [ ! "$CONFIG_FILE" ]; then if [ ! "$CONFIG_FILE" ]; then
CONFIG_FILE=/etc/ejabberd/ejabberd.cfg CONFIG_FILE=/etc/ejabberd/ejabberd-iiab.cfg
fi fi
# /var/run is tmpfs in fc18, so need to create every time # /var/run is tmpfs in fc18, so need to create every time
@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd
# avoid using consolehelper, call ejabberdctl directly # avoid using consolehelper, call ejabberdctl directly
progctl=/usr/sbin/ejabberdctl progctl=/usr/sbin/ejabberdctl
SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name
OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
check_domain_configured() { check_domain_configured() {
if [ ! -e /etc/sysconfig/xs_domain_name ]; then if [ ! -e $SYS_DOMAIN_FILE ]; then
echo "Domain not configured yet" > /dev/stderr echo "Domain not configured yet 1" > /dev/stderr
exit 1; exit 1;
fi fi
domain=`cat "$SYS_DOMAIN_FILE" ` domain=`cat "$SYS_DOMAIN_FILE" `
if [ "$domain" == "random.xs.laptop.org" ]; then if [ "$domain" == "random.xs.laptop.org" ]; then
echo "Domain not configured yet" > /dev/stderr echo "Domain not configured yet 2" > /dev/stderr
exit 1; exit 1;
fi fi
#hostname=`hostname -f` #hostname=`hostname -f`
hostname=`hostname ` hostname=`hostname `
if [ "$hostname" == "localhost.localdomain" ]; then if [ "$hostname" == "localhost.localdomain" ]; then
echo "Domain not configured yet" > /dev/stderr echo "Domain not configured yet 3" > /dev/stderr
fi fi
# if [ "$hostname" != "schoolserver.$domain" ]; then # if [ "$hostname" != "schoolserver.$domain" ]; then
@ -149,7 +149,7 @@ start() {
fi fi
daemon --user=ejabberd $progctl start --config $CONFIG_FILE \ daemon --user=ejabberd $progctl start --config $CONFIG_FILE \
--ctl-config /etc/ejabberd/ejabberdctl.cfg \ --ctl-config /etc/ejabberd/ejabberdctl-iiab.cfg \
--logs "/var/log/ejabberd" \ --logs "/var/log/ejabberd" \
--spool "/var/lib/ejabberd/spool" \ --spool "/var/lib/ejabberd/spool" \
2>/dev/null 2>/dev/null
@ -218,5 +218,3 @@ case "$1" in
esac esac
exit $RETVAL exit $RETVAL

6
roles/ejabberd/templates/ejabberd-xs.service.j2 → roles/ejabberd/templates/ejabberd-iiab.service.j2
View file

@ -8,9 +8,9 @@ User=root
Group=root Group=root
LimitNOFILE=50000 LimitNOFILE=50000
RestartSec=5 RestartSec=5
EnvironmentFile=/etc/sysconfig/ejabberd-xs EnvironmentFile=/etc/sysconfig/ejabberd-iiab
ExecStart=/usr/libexec/ejabberd-xs start ExecStart=/usr/libexec/ejabberd-iiab start
ExecStop=/usr/libexec/ejabberd-xs stop ExecStop=/usr/libexec/ejabberd-iiab stop
RemainAfterExit=yes RemainAfterExit=yes
[Install] [Install]

2
roles/ejabberd/templates/xs-ejabberd-srg → roles/ejabberd/templates/iiab-ejabberd-srg
View file

@ -2,7 +2,7 @@
progctl=/usr/sbin/ejabberdctl progctl=/usr/sbin/ejabberdctl
SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name
OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
setup_online_srg() { setup_online_srg() {

17
roles/ejabberd_xs/tasks/main.yml
View file

@ -34,7 +34,7 @@
mode={{ item.mode }} mode={{ item.mode }}
with_items: with_items:
- { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' } - { src: 'ejabberd-xs.cfg.j2', dest: '/etc/ejabberd/ejabberd-xs.cfg' , mode: '0644' }
- { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl.cfg', mode: '0644' } - { src: 'ejabberdctl.cfg.j2', dest: '/etc/ejabberd/ejabberdctl-xs.cfg', mode: '0644' }
- { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' } - { src: 'ejabberd-xs', dest: '/etc/sysconfig/ejabberd-xs', mode: '0755' }
# - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'} # - { src: 'ejabberd-domain-config', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd', mode: '0755'}
# - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' } # - { src: 'ejabberd', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/ejabberd' , mode: '0755' }
@ -76,13 +76,10 @@
timeout=300 timeout=300
when: ejabberd_config.changed and ejabberd_xs_enabled when: ejabberd_config.changed and ejabberd_xs_enabled
- name: Create online group #- name: Create online group
shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online # shell: ejabberdctl srg_create Online "schoolserver" Online "Online_Users" Online
when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled # when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled
- name: Add all users to online group
shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver"
when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled
#- name: Add all users to online group
# shell: ejabberdctl srg_user_add '@online@' "schoolserver" Online "schoolserver"
# when: ejabberd_config.changed and not is_debuntu and ejabberd_xs_enabled

18
roles/ejabberd_xs/templates/ejabberd-xs.init
View file

@ -17,6 +17,9 @@
# Description: A distributed, fault-tolerant Jabber/XMPP server # Description: A distributed, fault-tolerant Jabber/XMPP server
### END INIT INFO ### END INIT INFO
SYS_DOMAIN_FILE=/etc/sysconfig/iiab_domain_name
OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
. /etc/rc.d/init.d/functions . /etc/rc.d/init.d/functions
if [ -r /etc/sysconfig/ejabberd-xs ]; then if [ -r /etc/sysconfig/ejabberd-xs ]; then
@ -24,7 +27,7 @@ if [ -r /etc/sysconfig/ejabberd-xs ]; then
fi fi
if [ ! "$CONFIG_FILE" ]; then if [ ! "$CONFIG_FILE" ]; then
CONFIG_FILE=/etc/ejabberd/ejabberd.cfg CONFIG_FILE=/etc/ejabberd/ejabberd-xs.cfg
fi fi
# /var/run is tmpfs in fc18, so need to create every time # /var/run is tmpfs in fc18, so need to create every time
@ -34,25 +37,22 @@ chown ejabberd:ejabberd /var/run/ejabberd
# avoid using consolehelper, call ejabberdctl directly # avoid using consolehelper, call ejabberdctl directly
progctl=/usr/sbin/ejabberdctl progctl=/usr/sbin/ejabberdctl
SYS_DOMAIN_FILE=/etc/sysconfig/xs_domain_name
OUR_DOMAIN_FILE=/etc/sysconfig/ejabberd_domain_name
check_domain_configured() { check_domain_configured() {
if [ ! -e /etc/sysconfig/xs_domain_name ]; then if [ ! -e $SYS_DOMAIN_FILE ]; then
echo "Domain not configured yet" > /dev/stderr echo "Domain not configured yet 1" > /dev/stderr
exit 1; exit 1;
fi fi
domain=`cat "$SYS_DOMAIN_FILE" ` domain=`cat "$SYS_DOMAIN_FILE" `
if [ "$domain" == "random.xs.laptop.org" ]; then if [ "$domain" == "random.xs.laptop.org" ]; then
echo "Domain not configured yet" > /dev/stderr echo "Domain not configured yet 2" > /dev/stderr
exit 1; exit 1;
fi fi
#hostname=`hostname -f` #hostname=`hostname -f`
hostname=`hostname ` hostname=`hostname `
if [ "$hostname" == "localhost.localdomain" ]; then if [ "$hostname" == "localhost.localdomain" ]; then
echo "Domain not configured yet" > /dev/stderr echo "Domain not configured yet 3" > /dev/stderr
fi fi
# if [ "$hostname" != "schoolserver.$domain" ]; then # if [ "$hostname" != "schoolserver.$domain" ]; then
@ -149,7 +149,7 @@ start() {
fi fi
daemon --user=ejabberd $progctl start --config $CONFIG_FILE \ daemon --user=ejabberd $progctl start --config $CONFIG_FILE \
--ctl-config /etc/ejabberd/ejabberdctl.cfg \ --ctl-config /etc/ejabberd/ejabberdctl-xs.cfg \
--logs "/var/log/ejabberd" \ --logs "/var/log/ejabberd" \
--spool "/var/lib/ejabberd/spool" \ --spool "/var/lib/ejabberd/spool" \
2>/dev/null 2>/dev/null

3
roles/elgg/meta/main.yml
View file

@ -1,3 +0,0 @@
---
dependencies:
- { role: mysql }

22
roles/elgg/tasks/main.yml
View file

@ -1,7 +1,7 @@
# Assume we only get here if elgg_install: True # Assume we only get here if elgg_install: True
# Assume mysql is running # Assume mysql is running
- name: download current version from our copy - name: Download current version from our copy
shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }} shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }}
creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip
when: internet_available when: internet_available
@ -18,7 +18,7 @@
shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt" shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt"
when: elgg.stat.exists is defined and not elgg.stat.exists when: elgg.stat.exists is defined and not elgg.stat.exists
- name: Create a link to the versioned elgg folder - name: Create a link to the versioned elgg-* folder
file: src=./elgg-{{ elgg_version }} file: src=./elgg-{{ elgg_version }}
dest=/opt/elgg dest=/opt/elgg
owner={{ apache_user }} owner={{ apache_user }}
@ -36,7 +36,7 @@
group={{ apache_user }} group={{ apache_user }}
# The name of this file changed from 1.9 to 1.10. # The name of this file changed from 1.9 to 1.10.
- name: Copy default .htaccess to the root directory of elgg tree - name: Copy default .htaccess to the root directory of Elgg tree
copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist"
dest="/opt/{{ elgg_xx }}/.htaccess" dest="/opt/{{ elgg_xx }}/.htaccess"
mode=0644 mode=0644
@ -51,24 +51,24 @@
insertafter='^#RewriteBase' insertafter='^#RewriteBase'
line="RewriteBase {{ elgg_url }}/" line="RewriteBase {{ elgg_url }}/"
- name: Change permissions on engine directory so apache can write - name: Change permissions on engine directory so Apache can write
file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory
- name: Create an upload directory that Apache can write in or elgg - name: Create an upload directory that Apache can write in or elgg
file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }} file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }}
- name: change ownership - name: Change ownership
file: path=/opt/elgg-{{ elgg_version }} file: path=/opt/elgg-{{ elgg_version }}
owner={{ apache_user }} owner={{ apache_user }}
group={{ apache_user }} group={{ apache_user }}
recurse=yes recurse=yes
state=directory state=directory
- name: Create a mysql database for elgg - can be run more than once - name: Create a MySQL database for Elgg - can be run more than once
mysql_db: name={{ dbname }} mysql_db: name={{ dbname }}
register: create_elgg_database register: create_elgg_database
- name: Create a user to access the elgg database - can be run more than once - name: Create a user to access the Elgg database - can be run more than once
mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL
with_items: with_items:
- 127.0.0.1 - 127.0.0.1
@ -95,23 +95,23 @@
- name: Install config file for elgg in Apache - name: Install config file for elgg in Apache
template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf
- name: Enable elgg for debuntu (will already be enabled above for Redhat) - name: Enable Elgg for debuntu (will already be enabled above for Redhat)
file: path=/etc/apache2/sites-enabled/elgg.conf file: path=/etc/apache2/sites-enabled/elgg.conf
src=/etc/apache2/sites-available/elgg.conf src=/etc/apache2/sites-available/elgg.conf
state=link state=link
when: elgg_enabled and is_debuntu when: elgg_enabled and is_debuntu
- name: Disable elgg for debuntu - name: Disable Elgg for debuntu
file: path=/etc/apache2/sites-enabled/elgg.conf file: path=/etc/apache2/sites-enabled/elgg.conf
state=absent state=absent
when: not elgg_enabled and is_debuntu when: not elgg_enabled and is_debuntu
- name: Disable elgg for Redhat - remove config file for elgg in Apache - name: Disable Elgg for Redhat - remove config file for Elgg in Apache
file: dest=/etc/{{ apache_config_dir }}/elgg.conf file: dest=/etc/{{ apache_config_dir }}/elgg.conf
state=absent state=absent
when: not elgg_enabled and is_redhat when: not elgg_enabled and is_redhat
- name: add elgg to service list - name: Add Elgg to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=elgg section=elgg
option='{{ item.option }}' option='{{ item.option }}'

24
roles/elgg/templates/settings.php.j2
View file

@ -35,21 +35,21 @@ if (!isset($CONFIG)) {
* *
* @global string $CONFIG->dbuser * @global string $CONFIG->dbuser
*/ */
$CONFIG->dbuser = '{{dbuser}}'; $CONFIG->dbuser = '{{ dbuser }}';
/** /**
* The database password * The database password
* *
* @global string $CONFIG->dbpass * @global string $CONFIG->dbpass
*/ */
$CONFIG->dbpass = '{{dbpassword}}'; $CONFIG->dbpass = '{{ dbpassword }}';
/** /**
* The database name * The database name
* *
* @global string $CONFIG->dbname * @global string $CONFIG->dbname
*/ */
$CONFIG->dbname = '{{dbname}}'; $CONFIG->dbname = '{{ dbname }}';
/** /**
* The database host. * The database host.
@ -58,7 +58,7 @@ $CONFIG->dbname = '{{dbname}}';
* *
* @global string $CONFIG->dbhost * @global string $CONFIG->dbhost
*/ */
$CONFIG->dbhost = '{{dbhost}}'; $CONFIG->dbhost = '{{ dbhost }}';
/** /**
* The database prefix * The database prefix
@ -69,7 +69,7 @@ $CONFIG->dbhost = '{{dbhost}}';
* *
* @global string $CONFIG->dbprefix * @global string $CONFIG->dbprefix
*/ */
$CONFIG->dbprefix = '{{dbprefix}}'; $CONFIG->dbprefix = '{{ dbprefix }}';
/** /**
* Multiple database connections * Multiple database connections
@ -130,17 +130,17 @@ $CONFIG->dbprefix = '{{dbprefix}}';
/** /**
* Cookie configuration * Cookie configuration
* *
* Elgg uses 2 cookies: a PHP session cookie and an extended login cookie * Elgg uses 2 cookies: a PHP session cookie and an extended login cookie
* (also called the remember me cookie). See the PHP manual for documentation on * (also called the remember me cookie). See the PHP manual for documentation on
* each of these parameters. Possible options: * each of these parameters. Possible options:
* *
* - Set the session name to share the session across applications. * - Set the session name to share the session across applications.
* - Set the path because Elgg is not installed in the root of the web directory. * - Set the path because Elgg is not installed in the root of the web directory.
* - Set the secure option to true if you only serve the site over HTTPS. * - Set the secure option to true if you only serve the site over HTTPS.
* - Set the expire option on the remember me cookie to change its lifetime * - Set the expire option on the remember me cookie to change its lifetime
* *
* To use, uncomment the appropriate sections below and update for your site. * To use, uncomment the appropriate sections below and update for your site.
* *
* @global array $CONFIG->cookies * @global array $CONFIG->cookies
*/ */
// get the default parameters from php.ini // get the default parameters from php.ini
@ -197,16 +197,16 @@ $CONFIG->min_password_length = 6;
/** /**
* This is an optional script used to override Elgg's default handling of * This is an optional script used to override Elgg's default handling of
* uncaught exceptions. * uncaught exceptions.
* *
* This should be an absolute file path to a php script that will be called * This should be an absolute file path to a php script that will be called
* any time an uncaught exception is thrown. * any time an uncaught exception is thrown.
* *
* The script will have access to the following variables as part of the scope * The script will have access to the following variables as part of the scope
* global $CONFIG * global $CONFIG
* $exception - the unhandled exception * $exception - the unhandled exception
* *
* @warning - the database may not be available * @warning - the database may not be available
* *
* @global string $CONFIG->exception_include * @global string $CONFIG->exception_include
*/ */
$CONFIG->exception_include = ''; $CONFIG->exception_include = '';

16
roles/homepage/tasks/main.yml Normal file
View file

@ -0,0 +1,16 @@
- name: Create home directory
file: path={{ doc_root }}/home
mode=0755
owner={{ apache_user }}
group={{ apache_user }}
state=directory
- name: Install admin homepage into apache2
template: src=iiab-homepage.conf
dest=/etc/{{ apache_config_dir }}/iiab-homepage.conf
- name: Enable the home page
file: src=/etc/{{ apache_config_dir }}/iiab-homepage.conf
dest=/etc/apache2/sites-enabled/iiab-homepage.conf
state=link
when: is_debuntu

6
roles/httpd/templates/iiab-home-page.conf → roles/homepage/templates/iiab-homepage.conf
View file

@ -1,9 +1,9 @@
# XSCE Home Page # IIAB Home Page
# Redirect to home page on School Server # Redirect to home page on School Server
# Default is xs-portal # Default [was] xs-portal [and is now generally] home
# RedirectMatch of root to home page # RedirectMatch of root to homepage
# See the note in default_vars.yml # See the note in default_vars.yml
RedirectMatch ^/$ {{ iiab_home_url }} RedirectMatch ^/$ {{ iiab_home_url }}

16
roles/httpd/tasks/home-page.yml
View file

@ -1,16 +0,0 @@
- name: Create home directory
file: path={{ doc_root }}/home
mode=0755
owner={{ apache_user }}
group={{ apache_user }}
state=directory
- name: Install admin home page into apache2
template: src=iiab-home-page.conf
dest=/etc/{{ apache_config_dir }}/iiab-home-page.conf
- name: Enable the home page
file: src=/etc/{{ apache_config_dir }}/iiab-home-page.conf
dest=/etc/apache2/sites-enabled/iiab-home-page.conf
state=link
when: is_debuntu

16
roles/httpd/tasks/main.yml
View file

@ -40,7 +40,7 @@
- download - download
when: is_redhat when: is_redhat
- name: remove the default apache2 config file - name: Remove the default apache2 config file
file: path=/etc/apache2/sites-enabled/000-default.conf file: path=/etc/apache2/sites-enabled/000-default.conf
src=/etc/apache2/sites-available/000-default.conf src=/etc/apache2/sites-available/000-default.conf
state=absent state=absent
@ -67,7 +67,7 @@
- mpm_event.load - mpm_event.load
when: is_debuntu when: is_debuntu
- name: create symlinks for mpm-prefork - name: Create symlinks for mpm-prefork
file: path=/etc/apache2/mods-enabled/{{ item }} file: path=/etc/apache2/mods-enabled/{{ item }}
src=/etc/apache2/mods-available/{{ item }} src=/etc/apache2/mods-available/{{ item }}
state=link state=link
@ -76,7 +76,7 @@
- mpm_prefork.load - mpm_prefork.load
when: is_debuntu when: is_debuntu
- name: turn on mod_proxy - name: Turn on mod_proxy
command: a2enmod {{ item }} command: a2enmod {{ item }}
with_items: with_items:
- proxy - proxy
@ -85,7 +85,7 @@
- rewrite - rewrite
when: is_debuntu when: is_debuntu
- name: create symlinks for enabling our site - name: Create symlinks for enabling our site
file: path=/etc/apache2/sites-enabled/{{ item }} file: path=/etc/apache2/sites-enabled/{{ item }}
src=/etc/apache2/sites-available/{{ item }} src=/etc/apache2/sites-available/{{ item }}
state=link state=link
@ -105,7 +105,7 @@
group=root group=root
state=directory state=directory
- name: create admin group - name: Create admin group
group: name=admin group: name=admin
state=present state=present
@ -142,13 +142,11 @@
state=absent state=absent
when: is_debuntu when: is_debuntu
- include: html.yml - include_tasks: html.yml
tags: tags:
- base - base
- include: home-page.yml - name: Place the script to generate homepages
- name: place the script to generate home pages
template: src=refresh-wiki-docs.sh template: src=refresh-wiki-docs.sh
dest=/usr/bin/iiab-refresh-wiki-docs dest=/usr/bin/iiab-refresh-wiki-docs
mode=0755 mode=0755

4
roles/iiab-admin/README.rst
View file

@ -1,5 +1,5 @@
================= =================
XSCE Admin README IIAB Admin README
================= =================
This role is home to a number of administrative playbooks. Those implemented are: This role is home to a number of administrative playbooks. Those implemented are:
@ -22,4 +22,4 @@ Add Packages for Remote Access
Admin Console Admin Console
------------- -------------
Has been moved to a separate git repo Has been moved to separate git repo: https://github.com/iiab/iiab-admin-console

10
roles/iiab-admin/tasks/admin-user.yml
View file

@ -32,26 +32,26 @@
# backup=yes # backup=yes
- name: edit the sudoers file--first make it editable - name: Edit the sudoers file -- first make it editable
file: path=/etc/sudoers file: path=/etc/sudoers
mode=0640 mode=0640
- name: have sudo log all commands it handles - name: Have sudo log all commands it handles
lineinfile: regexp=logfile lineinfile: regexp=logfile
line='Defaults logfile = /var/log/sudo.log' line='Defaults logfile = /var/log/sudo.log'
state=present state=present
dest=/etc/sudoers dest=/etc/sudoers
- name: lets wheel sudo without password - name: Lets wheel sudo without password
lineinfile: lineinfile:
line: "%wheel ALL= NOPASSWD: ALL" line: "%wheel ALL= NOPASSWD: ALL"
dest: /etc/sudoers dest: /etc/sudoers
- name: remove the line which requires tty - name: Remove the line which requires tty
lineinfile: regexp=requiretty lineinfile: regexp=requiretty
state=absent state=absent
dest=/etc/sudoers dest=/etc/sudoers
- name: end editing the sudoers file-- protect it again - name: End editing the sudoers file -- protect it again
file: path=/etc/sudoers file: path=/etc/sudoers
mode=0440 mode=0440

8
roles/iiab-admin/tasks/main.yml
View file

@ -1,9 +1,9 @@
- include: admin-user.yml - include_tasks: admin-user.yml
tags: tags:
- base - base
when: not no_admin is defined when: not no_admin is defined
- include: access.yml - include_tasks: access.yml
tags: tags:
- base - base
@ -28,12 +28,12 @@
stat: path=/home/pi/.config/lxsession stat: path=/home/pi/.config/lxsession
register: lx register: lx
- name: Do the same if running on raspbian - name: Do the same if running on Raspbian
template: src=lxde_ssh_warn.sh template: src=lxde_ssh_warn.sh
dest=/home/pi/.config/lxsession/LXDE-pi/ dest=/home/pi/.config/lxsession/LXDE-pi/
when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu
- name: put a autostart line to check for default password in LXDE - name: Put an autostart line to check for default password in LXDE
lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh
dest=/home/pi/.config/lxsession/LXDE-pi/autostart dest=/home/pi/.config/lxsession/LXDE-pi/autostart
when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu when: lx.stat.isdir is defined and lx.stat.isdir and is_rpi and is_debuntu

10
roles/kalite/README.rst
View file

@ -1,13 +1,13 @@
============== ==============
KA-Lite README KA Lite README
============== ==============
This role installs KA-Lite, an offline version of the Khan Academy (https://www.khanacademy.org/), This role installs KA Lite, an offline version of the Khan Academy (https://www.khanacademy.org/),
written by Learning Equality (https://learningequality.org/ka-lite/). written by Learning Equality (https://learningequality.org/ka-lite/).
KA Lite has two servers, a light httpd server that serves KA videos, and a cron server that sets KA Lite has two servers, a light httpd server that serves Khan Academy videos, and a cron server
up cron jobs to download language packs and KA videos from the internet. There are separate flags that sets up cron jobs to download language packs and KA videos from the internet. There are
to enable these two servers. separate flags to enable these two servers.
Access Access
------ ------

6
roles/kalite/tasks/enable.yml
View file

@ -1,18 +1,18 @@
# By the time we get here we should have ka-lite of some version # By the time we get here we should have ka-lite of some version
# And the systemd unit files should be defined # And the systemd unit files should be defined
- name: Enable kalite server - name: Enable 'kalite-serve' service
service: name=kalite-serve service: name=kalite-serve
enabled=yes enabled=yes
state=started state=started
- name: Disable kalite server - name: Disable 'kalite-serve' service
service: name=kalite-serve service: name=kalite-serve
enabled=no enabled=no
state=stopped state=stopped
when: not kalite_enabled when: not kalite_enabled
# Since Fedora 18 we don't have a separate unit fiile for kalite-cron # Since Fedora 18 we don't have a separate unit file for kalite-cron
- name: Disable kalite cron server F18 - name: Disable kalite cron server F18
service: name=kalite-cron service: name=kalite-cron

20
roles/kalite/tasks/install-f18.yml
View file

@ -1,6 +1,6 @@
# This is for Fedora 18, assumed to be an XO # This is for Fedora 18, assumed to be an XO
- name: Install dependent packages F18 - name: Install dependent packages (Fedora 18)
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -8,35 +8,35 @@
- expect - expect
when: is_F18 when: is_F18
- name: Install dependent pip packages F18 - name: Install dependent pip packages (Fedora 18)
pip: name=selenium pip: name=selenium
when: internet_available and is_F18 when: internet_available and is_F18
- name: Determine if kalite is already downloaded - name: Determine if KA Lite is already downloaded
stat: path={{ downloads_dir }}/ka-lite stat: path={{ downloads_dir }}/ka-lite
register: kalite register: kalite
- name: Download the latest kalite repo - name: Download the latest KA Lite repo
git: repo={{ kalite_repo_url }} git: repo={{ kalite_repo_url }}
dest={{ downloads_dir }}/ka-lite dest={{ downloads_dir }}/ka-lite
depth=1 depth=1
version="0.13.x" version="0.13.x"
ignore_errors: yes ignore_errors: yes
when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists
- name: Create iiab-kalite user and password F18 - name: Create iiab-kalite user and password (Fedora 18)
user: name={{ kalite_user }} user: name={{ kalite_user }}
password={{ kalite_password_hash }} password={{ kalite_password_hash }}
update_password=on_create update_password=on_create
- name: Create kalite_root directory F18 - name: Create kalite_root directory (Fedora 18)
file: path={{ kalite_root }} file: path={{ kalite_root }}
owner=root owner=root
group=root group=root
mode=0755 mode=0755
state=directory state=directory
- name: Copy the kalite repo into place F18 - name: Copy the KA Lite repo into place (Fedora 18)
command: "rsync -at {{ downloads_dir }}/ka-lite/ {{ kalite_root }}" command: "rsync -at {{ downloads_dir }}/ka-lite/ {{ kalite_root }}"
- name: Make kalite_user owner - name: Make kalite_user owner
@ -54,7 +54,7 @@
group={{ kalite_user }} group={{ kalite_user }}
mode=0644 mode=0644
- name: Create kalite service(s) and support scripts - name: Create kalite-serve & kalite-cron services, and iiab_cronservectl.sh
template: backup=no template: backup=no
src={{ item.src }} src={{ item.src }}
dest={{ item.dest }} dest={{ item.dest }}

36
roles/kalite/tasks/install.yml
View file

@ -1,6 +1,6 @@
# This is for an OS other than Fedora 18 # This is for an OS other than Fedora 18
- name: Install missing packages required for kalite startup - name: Install missing packages required for KA Lite startup
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -10,34 +10,32 @@
get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt
when: internet_available when: internet_available
- name: Install ka-lite dependencies with pip #- name: Install KA Lite non-static + reqs file with pip - (debuntu)
pip: requirements={{ pip_packages_dir }}/kalite.txt # pip: requirements={{ pip_packages_dir }}/kalite.txt
virtualenv={{ kalite_venv }} # virtualenv={{ kalite_venv }}
virtualenv_site_packages=no # virtualenv_site_packages=no
extra_args="--no-cache-dir"
# extra_args="--no-cache-dir" # extra_args="--no-cache-dir"
# extra_args="--disable-pip-version-check" # extra_args="--disable-pip-version-check"
when: internet_available and is_debuntu # when: internet_available and is_debuntu
- name: Install ka-lite with pip - name: Install KA Lite static with pip - (debuntu)
pip: name=ka-lite-static pip: name=ka-lite-static
version={{ kalite_version }} version={{ kalite_version }}
virtualenv={{ kalite_venv }} virtualenv={{ kalite_venv }}
virtualenv_site_packages=no virtualenv_site_packages=no
extra_args="--no-cache-dir" extra_args="--no-cache-dir"
# extra_args="--no-cache-dir"
# extra_args="--disable-pip-version-check" # extra_args="--disable-pip-version-check"
when: internet_available and is_debuntu when: internet_available and is_debuntu
- name: Install ka-lite dependencies with pip #- name: Install KA Lite non-static + reqs file with pip - (OS's other than debuntu)
pip: requirements={{ pip_packages_dir }}/kalite.txt # pip: requirements={{ pip_packages_dir }}/kalite.txt
virtualenv={{ kalite_venv }} # virtualenv={{ kalite_venv }}
virtualenv_site_packages=no # virtualenv_site_packages=no
# extra_args="--no-cache-dir" # extra_args="--no-cache-dir"
# extra_args="--disable-pip-version-check" # extra_args="--disable-pip-version-check"
when: internet_available and not is_debuntu # when: internet_available and not is_debuntu
- name: Install ka-lite with pip - name: Install KA Lite static with pip - (OS's other than debuntu)
pip: name=ka-lite-static pip: name=ka-lite-static
version={{ kalite_version }} version={{ kalite_version }}
virtualenv={{ kalite_venv }} virtualenv={{ kalite_venv }}
@ -46,7 +44,7 @@
# extra_args="--disable-pip-version-check" # extra_args="--disable-pip-version-check"
when: internet_available and not is_debuntu when: internet_available and not is_debuntu
- name: Default is to have cronserve started with kalite - name: Default is to have cronserve started with KA Lite
set_fact: set_fact:
job_scheduler_stanza: "" job_scheduler_stanza: ""
@ -55,7 +53,7 @@
job_scheduler_stanza: "--skip-job-scheduler " job_scheduler_stanza: "--skip-job-scheduler "
when: not kalite_cron_enabled when: not kalite_cron_enabled
- name: Create kalite service(s) and support scripts - name: Create 'kalite-serve' service, kalite.sh and kalite.conf
template: backup=no template: backup=no
src={{ item.src }} src={{ item.src }}
dest={{ item.dest }} dest={{ item.dest }}
@ -65,9 +63,9 @@
with_items: with_items:
- { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'} - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'}
- { src: 'kalite.sh.j2', dest: '/etc/profile.d/kalite.sh', mode: '0644'} - { src: 'kalite.sh.j2', dest: '/etc/profile.d/kalite.sh', mode: '0644'}
- { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir}}', mode: '0644'} - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'}
- name: Create symlink to kalite bin file in path - name: Create symlink to kalite bin file in path
file: path=/usr/bin/kalite file: path=/usr/bin/kalite
src={{kalite_venv}}/bin/kalite src={{ kalite_venv }}/bin/kalite
state=link state=link

22
roles/kalite/tasks/main.yml
View file

@ -2,39 +2,39 @@
# Assume all XOs are F18 and nothing else is # Assume all XOs are F18 and nothing else is
- name: Calc kalite db file name F18 - name: Calc KA Lite db file name (Fedora 18)
set_fact: set_fact:
kalite_db_name: "{{ kalite_root }}/kalite/database/data.sqlite" kalite_db_name: "{{ kalite_root }}/kalite/database/data.sqlite"
when: is_F18 when: is_F18
- name: Calc kalite db file name - name: Calc KA Lite db file name (OS's other than Fedora 18)
set_fact: set_fact:
kalite_db_name: "{{ kalite_root }}/database/data.sqlite" kalite_db_name: "{{ kalite_root }}/database/data.sqlite"
when: not is_F18 when: not is_F18
- name: See if kalite is already configured - name: See if KA Lite is already configured
stat: path="{{ kalite_db_name }}" stat: path="{{ kalite_db_name }}"
register: kalite_installed register: kalite_installed
- include: install-f18.yml - include_tasks: install-f18.yml
when: not kalite_installed.stat.exists and is_F18 when: not kalite_installed.stat.exists and is_F18
- include: install.yml - include_tasks: install.yml
when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18 when: kalite_installed is defined and not kalite_installed.stat.exists and not is_F18
- name: ask systemd to reread the unit files - name: Ask systemd to reread the unit files
shell: systemctl daemon-reload shell: systemctl daemon-reload
when: not kalite_installed.stat.exists when: not kalite_installed.stat.exists
- include: setup-f18.yml - include_tasks: setup-f18.yml
when: not kalite_installed.stat.exists and is_F18 when: not kalite_installed.stat.exists and is_F18
- include: setup.yml - include_tasks: setup.yml
when: not kalite_installed.stat.exists and not is_F18 when: not kalite_installed.stat.exists and not is_F18
- include: enable.yml - include_tasks: enable.yml
- name: Add kalite to service list - name: Add 'kalite-serve' to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=kalite section=kalite
option='{{ item.option }}' option='{{ item.option }}'
@ -43,7 +43,7 @@
- option: name - option: name
value: kalite value: kalite
- option: description - option: description
value: '"KA-Lite is a server to present Khan Academy videos offline and to download them."' value: '"KA Lite is a server to present Khan Academy videos offline and to download them."'
- option: path - option: path
value: "{{ kalite_root }}" value: "{{ kalite_root }}"
- option: server_name - option: server_name

4
roles/kalite/tasks/setup-f18.yml
View file

@ -1,11 +1,11 @@
# This is for Fedora 18, assumed to be an XO # This is for Fedora 18, assumed to be an XO
- name: Run the setup using kalite manage F18 - name: Run the setup using 'kalite manage' (Fedora 18)
command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite manage setup --username={{ kalite_user }} --password={{ kalite_password }} --noinput'" command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite manage setup --username={{ kalite_user }} --password={{ kalite_password }} --noinput'"
async: 900 async: 900
poll: 10 poll: 10
- name: Finish setup by running kalite start F18 - name: Finish setup by running 'kalite start' (Fedora 18)
command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite start'" command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite start'"
async: 900 async: 900
poll: 10 poll: 10

2
roles/kalite/tasks/setup.yml
View file

@ -7,7 +7,7 @@
mode=0755 mode=0755
state=directory state=directory
- name: Run the setup using kalite manage - name: Run the setup using 'kalite manage'
command: "{{ kalite_program }} manage setup --username={{ kalite_admin_user }} --password={{ kalite_admin_password }} --noinput" command: "{{ kalite_program }} manage setup --username={{ kalite_admin_user }} --password={{ kalite_admin_password }} --noinput"
environment: environment:
KALITE_HOME: "{{ kalite_root }}" KALITE_HOME: "{{ kalite_root }}"

34
roles/kiwix/tasks/kiwix_install.yml
View file

@ -1,4 +1,4 @@
- name: Create various directories for zims - name: Create various directories for Kiwix's ZIM files
file: path={{ item }} file: path={{ item }}
owner=root owner=root
group=root group=root
@ -9,16 +9,16 @@
- "{{ kiwix_content_path }}" - "{{ kiwix_content_path }}"
- "{{ iiab_zim_path }}/index" - "{{ iiab_zim_path }}/index"
- name: Check for kiwix-serve binary - name: Check for 'kiwix-serve' binary
stat: path={{ iiab_base }}/kiwix/bin/kiwix-serve stat: path={{ iiab_base }}/kiwix/bin/kiwix-serve
register: kiwix_bin register: kiwix_bin
- name: Set kiwix first pass - name: Set kiwix_first_pass
set_fact: set_fact:
kiwix_first_pass: True kiwix_first_pass: True
when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists when: kiwix_bin.stat.exists is defined and not kiwix_bin.stat.exists
- name: Copy kiwix library file if needed - name: Copy Kiwix library file if needed
template: src={{ item }} template: src={{ item }}
dest="{{ kiwix_library_xml }}" dest="{{ kiwix_library_xml }}"
mode=0644 mode=0644
@ -47,14 +47,14 @@
group=root group=root
when: not kiwix_src_bin_only and kiwix_first_pass when: not kiwix_src_bin_only and kiwix_first_pass
- name: Create directory for kiwix bin - name: Create kiwix/bin directory
file: path="{{ iiab_base }}/kiwix/bin" file: path="{{ iiab_base }}/kiwix/bin"
owner=root owner=root
group=root group=root
mode=0755 mode=0755
state=directory state=directory
- name: enable the mods which permit apache to proxy - name: Enable the mods which permit Apache to proxy
apache2_module: name={{ item }} apache2_module: name={{ item }}
with_items: with_items:
- proxy - proxy
@ -63,7 +63,7 @@
- rewrite - rewrite
when: is_debuntu when: is_debuntu
- name: Unarchive it to permanent location - bin only - name: Unarchive Kiwix to permanent location - bin only
unarchive: src="{{ downloads_dir }}/{{ kiwix_src_file }}" unarchive: src="{{ downloads_dir }}/{{ kiwix_src_file }}"
dest="{{ iiab_base }}/kiwix/bin" dest="{{ iiab_base }}/kiwix/bin"
owner=root owner=root
@ -71,25 +71,25 @@
when: kiwix_src_bin_only and kiwix_first_pass when: kiwix_src_bin_only and kiwix_first_pass
# workaround because unarchive does not set ownership properly # workaround because unarchive does not set ownership properly
- name: Set kiwix ownership - name: "Set ownership: 'chown -R root:root /opt/iiab/kiwix'"
command: "chown -R root:root {{ iiab_base }}" command: "chown -R root:root {{ iiab_base }}/kiwix"
# workaround because kiwix-serve does not stay running # workaround because kiwix-serve does not stay running
- name: Make an entry in crontab to restart every hour - name: Make a crontab entry to restart kiwix-serve at 4AM (debuntu)
# * * * * * user-name command to be executed # * * * * * user-name command to be executed
lineinfile: line="15 * * * * root /bin/systemctl restart kiwix-serve.service" lineinfile: line="0 4 * * * root /bin/systemctl restart kiwix-serve.service"
dest=/etc/crontab dest=/etc/crontab
when: is_debuntu when: is_debuntu
- name: Make an entry in crontab to restart every hour - name: Make a crontab entry to restart kiwix-serve at 4AM (redhat)
# * * * * * user-name command to be executed # * * * * * user-name command to be executed
lineinfile: line="15 * * * * root /usr/bin/systemctl restart kiwix-serve.service" lineinfile: line="0 4 * * * root /usr/bin/systemctl restart kiwix-serve.service"
dest=/etc/crontab dest=/etc/crontab
when: is_redhat when: is_redhat
# Create kiwix service # Create kiwix service
- name: Create kiwix-serve service - name: Create 'kiwix-serve' service
template: backup=no template: backup=no
src={{ item.src }} src={{ item.src }}
dest={{ item.dest }} dest={{ item.dest }}
@ -105,7 +105,7 @@
- { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'} - { src: 'iiab-make-apache-config.py', dest: '/usr/bin/iiab-make-apache-config.py', mode: '0755'}
- name: add kiwix to service list - name: Add 'kiwix-serve' to list of services
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=kiwix-serve section=kiwix-serve
option='{{ item.option }}' option='{{ item.option }}'
@ -130,13 +130,13 @@
- option: enabled - option: enabled
value: "{{ kiwix_enabled }}" value: "{{ kiwix_enabled }}"
- name: Enable kiwix-serve service - name: Enable 'kiwix-serve' service
service: name=kiwix-serve service: name=kiwix-serve
enabled=yes enabled=yes
state=restarted state=restarted
when: kiwix_enabled when: kiwix_enabled
- name: Disable kiwix-serve service - name: Disable 'kiwix-serve' service
service: name=kiwix-serve service: name=kiwix-serve
enabled=no enabled=no
state=stopped state=stopped

8
roles/kiwix/tasks/main.yml
View file

@ -6,21 +6,21 @@
- name: Set kiwix source file name x86_64 - name: Set kiwix source file name x86_64
set_fact: set_fact:
kiwix_src_file: "kiwix-tools_linux64_2017-10-11.tar.gz" kiwix_src_file: "kiwix-tools_linux64_2017-10-25.tar.gz"
kiwix_src_bin_only: True kiwix_src_bin_only: True
when: ansible_machine == "x86_64" when: ansible_machine == "x86_64"
- name: Set kiwix source file name armv7l - name: Set kiwix source file name armv7l
set_fact: set_fact:
kiwix_src_file: "kiwix-tools_armhf_2017-10-11.tar.gz" kiwix_src_file: "kiwix-tools_armhf_2017-10-25.tar.gz"
kiwix_src_bin_only: True kiwix_src_bin_only: True
when: ansible_machine == "armv7l" or ansible_machine == "armv6l" when: ansible_machine == "armv7l" or ansible_machine == "armv6l"
- name: Get the kiwix software - name: Get the Kiwix software
get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}" dest="{{ downloads_dir }}/{{ kiwix_src_file }}" get_url: url="{{ iiab_download_url }}/{{ kiwix_src_file }}" dest="{{ downloads_dir }}/{{ kiwix_src_file }}"
when: internet_available when: internet_available
- include: kiwix_install.yml - include_tasks: kiwix_install.yml
when: kiwix_src_file is defined when: kiwix_src_file is defined
tags: tags:
- kiwix - kiwix

2
roles/kiwix/templates/iiab-make-kiwix-lib
View file

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
{{systemctl_program }} stop kiwix-serve {{ systemctl_program }} stop kiwix-serve
/usr/bin/iiab-make-kiwix-lib.py /usr/bin/iiab-make-kiwix-lib.py
/usr/bin/iiab-make-apache-config.py /usr/bin/iiab-make-apache-config.py
{{ systemctl_program }} start kiwix-serve {{ systemctl_program }} start kiwix-serve

10
roles/monit/tasks/main.yml
View file

@ -1,10 +1,10 @@
- name: Install monit package - name: Install Monit package
package: name=monit package: name=monit
state=present state=present
tags: tags:
- download - download
- name: Install chkconfig package -- not in debian 9 - name: Install chkconfig package -- not in Debian 8
package: name=chkconfig package: name=chkconfig
state=present state=present
when: is_debian and ansible_distribution_major_version == "8" when: is_debian and ansible_distribution_major_version == "8"
@ -34,14 +34,14 @@
delay: 1 delay: 1
#TODO: create systemd script #TODO: create systemd script
- name: Enable monit service - name: Enable 'monit' service
command: chkconfig monit on command: chkconfig monit on
when: is_debian and ansible_local.local_facts.os_ver == "debian-8" when: is_debian and ansible_local.local_facts.os_ver == "debian-8"
#- name: Restart monit service #- name: Restart monit service
# command: service monit restart # command: service monit restart
- name: Add monit to service list - name: Add 'monit' to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=monit section=monit
option='{{ item.option }}' option='{{ item.option }}'
@ -50,6 +50,6 @@
- option: name - option: name
value: monit value: monit
- option: description - option: description
value: '"Monit is a background service monitor which can correct problems, send email, restart services"' value: '"Monit is a background service monitor which can correct problems, send email, restart services."'
- option: enabled - option: enabled
value: "{{ monit_enabled }}" value: "{{ monit_enabled }}"

3
roles/moodle/meta/main.yml
View file

@ -1,3 +0,0 @@
---
dependencies:
- { role: postgresql }

38
roles/moodle/tasks/main.yml
View file

@ -1,5 +1,5 @@
--- ---
- name: Install moodle required packages - name: Install Moodle required packages
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -7,7 +7,7 @@
- php-pgsql - php-pgsql
when: not is_debuntu when: not is_debuntu
- name: Install moodle required packages - name: Install Moodle required packages
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -21,19 +21,19 @@
- php{{ php_version }}-cli - php{{ php_version }}-cli
when: is_debuntu when: is_debuntu
- name: php-zip debian 8-9 changed name - name: php-zip name for Debian 9 or Ubuntu
package: name=php{{ php_version }}-zip package: name=php{{ php_version }}-zip
when: is_debian_9 or is_ubuntu when: is_debian_9 or is_ubuntu
- name: php-zip debian 8-9 changed name - name: php-zip name for Debian 8
package: name=php-pclzip package: name=php-pclzip
when: is_debian_8 when: is_debian_8
- name: Determine if moodle is already downloaded - name: Determine if Moodle is already downloaded
stat: path={{ moodle_base }}/config-dist.php stat: path={{ moodle_base }}/config-dist.php
register: moodle register: moodle
- name: Download the latest moodle repo - name: Download the latest Moodle repo
git: repo={{ moodle_repo_url }} git: repo={{ moodle_repo_url }}
dest={{ moodle_base }} dest={{ moodle_base }}
depth=1 depth=1
@ -42,30 +42,30 @@
# ignore_errors: yes # ignore_errors: yes
when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists
- name: Prepare the downloaded directory so apache can install config file - name: Prepare the downloaded directory so Apache can install config file
file: path={{ moodle_base }} file: path={{ moodle_base }}
owner={{ apache_user }} owner={{ apache_user }}
recurse=yes recurse=yes
state=directory state=directory
- name: Give apache permission to write moodle data directory - name: Give Apache permission to write Moodle data directory
file: path={{ content_base }}/dbdata/moodle file: path={{ content_base }}/dbdata/moodle
owner={{ apache_user }} owner={{ apache_user }}
mode=0755 mode=0755
state=directory state=directory
- name: Create a moodle data dir with apache permission to write - name: Create a Moodle data dir with Apache permission to write
file: path={{ moodle_data }} file: path={{ moodle_data }}
owner={{ apache_user }} owner={{ apache_user }}
group={{ apache_user }} group={{ apache_user }}
mode=0770 mode=0770
state=directory state=directory
- name: Remove stock moodle conf - name: Remove stock Moodle conf
file: path='/etc/{{ apache_config_dir }}/moodle.conf' file: path='/etc/{{ apache_config_dir }}/moodle.conf'
state=absent state=absent
- name: Put moodle config file in place - name: Put Moodle config file in place
template: src=022-moodle.j2 template: src=022-moodle.j2
dest=/etc/{{ apache_config_dir }}/022-moodle.conf dest=/etc/{{ apache_config_dir }}/022-moodle.conf
owner=root owner=root
@ -73,13 +73,13 @@
mode=0644 mode=0644
when: moodle_enabled when: moodle_enabled
- name: Enable moodle - name: Enable Moodle
file: path=/etc/apache2/sites-enabled/022-moodle.conf file: path=/etc/apache2/sites-enabled/022-moodle.conf
src=/etc/apache2/sites-available/022-moodle.conf src=/etc/apache2/sites-available/022-moodle.conf
state=link state=link
when: moodle_enabled and is_debuntu when: moodle_enabled and is_debuntu
- name: Disable moodle - name: Disable Moodle
file: path=/etc/apache2/sites-enabled/022-moodle.conf file: path=/etc/apache2/sites-enabled/022-moodle.conf
state=absent state=absent
when: not moodle_enabled and is_debuntu when: not moodle_enabled and is_debuntu
@ -106,7 +106,7 @@
become_user: postgres become_user: postgres
- name: Put a startup install script in place - name: Put a startup install script in place
template: dest={{moodle_base}} template: dest={{ moodle_base }}
src=moodle_installer src=moodle_installer
mode=0755 mode=0755
@ -116,24 +116,24 @@
enabled=yes enabled=yes
when: moodle_enabled when: moodle_enabled
- name: Restart apache - name: Restart Apache
service: name={{ apache_service }} service: name={{ apache_service }}
state=restarted state=restarted
- name: see if the config.php file exists - name: See if the config.php file exists
stat: path='{{ moodle_base }}/config.php' stat: path='{{ moodle_base }}/config.php'
register: config register: config
- name: Execute moodle startup script - name: Execute Moodle startup script
shell: '{{ moodle_base }}/moodle_installer' shell: '{{ moodle_base }}/moodle_installer'
when: config.stat.exists is defined and not config.stat.exists when: config.stat.exists is defined and not config.stat.exists
- name: Give apache permission to read config file - name: Give Apache permission to read config file
# command: chown -R {{ apache_user }} {{ moodle_base }} # command: chown -R {{ apache_user }} {{ moodle_base }}
file: path={{ moodle_base }}/config.php file: path={{ moodle_base }}/config.php
mode=0644 mode=0644
- name: add moodle to service list - name: Add Moodle to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=moodle section=moodle
option='{{ item.option }}' option='{{ item.option }}'

13
roles/munin/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Install munin package - name: Install Munin package
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -11,7 +11,7 @@
- download - download
when: is_debuntu when: is_debuntu
- name: Install munin package - name: Install Munin package
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -21,7 +21,7 @@
- download - download
when: not is_debuntu when: not is_debuntu
- name: Copy munin config file - name: Copy Munin config file
template: src={{ item.src }} template: src={{ item.src }}
dest={{ item.dest }} dest={{ item.dest }}
owner=root owner=root
@ -44,13 +44,13 @@
state=started state=started
when: munin_enabled when: munin_enabled
- name: Enable apache lookup - name: Enable Apache lookup
file: src=/etc/apache2/sites-available/munin24.conf file: src=/etc/apache2/sites-available/munin24.conf
dest=/etc/apache2/sites-enabled/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf
state=link state=link
when: munin_enabled and is_debuntu when: munin_enabled and is_debuntu
- name: disable apache lookup - name: Disable Apache lookup
file: src=/etc/apache2/sites-available/munin24.conf file: src=/etc/apache2/sites-available/munin24.conf
dest=/etc/apache2/sites-enabled/munin24.conf dest=/etc/apache2/sites-enabled/munin24.conf
state=absent state=absent
@ -62,7 +62,7 @@
state=stopped state=stopped
when: not munin_enabled when: not munin_enabled
- name: If mysql is enabled, let munin monitor it - name: If MySQL is enabled, let Munin monitor it
copy: dest=/etc/munin/plugins/ copy: dest=/etc/munin/plugins/
src={{ item }} src={{ item }}
with_items: with_items:
@ -89,4 +89,3 @@
value: "{{ munin_install }}" value: "{{ munin_install }}"
- option: enabled - option: enabled
value: "{{ munin_enabled }}" value: "{{ munin_enabled }}"

2
roles/mysql/defaults/main.yml
View file

@ -1,4 +1,2 @@
phpMyAdmin: "phpMyAdmin-4.2.7.1-all-languages.zip"
mysql_install: True mysql_install: True
mysql_enabled: False mysql_enabled: False
phpmyadmin_enabled: False

29
roles/mysql/tasks/main.yml
View file

@ -1,4 +1,4 @@
- name: Install MySQL Debian - name: Install MySQL (debuntu)
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -18,15 +18,15 @@
tags: tags:
- download - download
- name: php-xml for ubuntu and debian-9 - name: php-xml for 'ubuntu' and 'debian-9'
package: name=php{{ php_version }}-xml state=present package: name=php{{ php_version }}-xml state=present
when: is_ubuntu or is_debian_9 when: is_ubuntu or is_debian_9
- name: php-xml for debian-8 - name: php-xml for 'debian-8'
package: name=php-xml-parser state=present package: name=php-xml-parser state=present
when: is_debian_8 when: is_debian_8
- name: Install MySQL - name: Install MySQL (OS's other than debuntu)
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -45,12 +45,12 @@
tags: tags:
- download - download
- include: centos.yml - include_tasks: centos.yml
when: ansible_distribution == "CentOS" when: ansible_distribution == "CentOS"
tags: tags:
- download - download
- include: fedora.yml - include_tasks: fedora.yml
when: ansible_distribution == "Fedora" when: ansible_distribution == "Fedora"
tags: tags:
- download - download
@ -68,17 +68,17 @@
# 'localhost' needs to be the last item for idempotency, see # 'localhost' needs to be the last item for idempotency, see
# http://ansible.cc/docs/modules.html#mysql-user # http://ansible.cc/docs/modules.html#mysql-user
# unfortunately it still doesn't work # unfortunately it still doesn't work
- name: update mysql root password for localhost root accounts - name: Update MySQL root password for localhost root accounts
mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT
with_items: with_items:
- localhost - localhost
when: mysql_enabled when: mysql_enabled
- name: copy .my.cnf file with root password credentials - name: Copy .my.cnf file with root password credentials
template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600
when: mysql_enabled when: mysql_enabled
- name: update mysql root password for all remaining root accounts - name: Update MySQL root password for all remaining root accounts
mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT
with_items: with_items:
# - "{{ iiab_hostname }}.{{ iiab_domain }}" # - "{{ iiab_hostname }}.{{ iiab_domain }}"
@ -86,15 +86,15 @@
- ::1 - ::1
when: mysql_enabled when: mysql_enabled
- name: delete anonymous MySQL server user for {{ ansible_hostname }} - name: Delete anonymous MySQL server user for {{ ansible_hostname }}
mysql_user: user="" host="{{ ansible_hostname }}" state="absent" mysql_user: user="" host="{{ ansible_hostname }}" state="absent"
when: mysql_enabled when: mysql_enabled
- name: delete anonymous MySQL server user for localhost - name: Delete anonymous MySQL server user for localhost
mysql_user: user="" state="absent" mysql_user: user="" state="absent"
when: mysql_enabled when: mysql_enabled
- name: remove the MySQL test database - name: Remove the MySQL test database
mysql_db: db=test state=absent mysql_db: db=test state=absent
when: mysql_enabled when: mysql_enabled
@ -105,8 +105,7 @@
state=stopped state=stopped
when: not mysql_enabled when: not mysql_enabled
- name: Add 'mysql' to service list
- name: add mysql to service list
ini_file: dest='{{ service_filelist }}' ini_file: dest='{{ service_filelist }}'
section=mysql section=mysql
option='{{ item.option }}' option='{{ item.option }}'
@ -115,6 +114,6 @@
- option: name - option: name
value: mysql-database value: mysql-database
- option: description - option: description
value: '"mySQL is a widely used database service on the Internet which runs on many platforms, and is often offered and available at hosting Internet Service Providers"' value: '"MySQL is a widely used free and open source (GPLv2) database, offered by most web hosting services, on a diversity of platforms."'
- option: enabled - option: enabled
value: "{{ mysql_enabled }}" value: "{{ mysql_enabled }}"

45
roles/network/defaults/main.yml
View file

@ -1,13 +1,44 @@
--- ---
# Defaults for network detection
wireless_lan_present: False
strict_networking: False
iiab_demo_mode: False
gui_static_wan: False
# Set defaults for discovery process as strings
wifi1: "not found-1"
wifi2: "not found-2"
ap_device: "none"
device_gw: "none"
device_gw2: ""
iiab_wan_iface: "none"
iiab_lan_iface: "none"
#discovered_lan_iface: "none"
discovered_wired_iface: "none"
discovered_wireless_iface: "none"
#iiab_wired_lan_iface: "none"
#iiab_wireless_lan_iface: "none"
#Redhat
has_WAN: False
has_ifcfg_gw: "none"
has_wifi_gw: "none"
#Debian
dhcpcd_result: ""
wan_in_interfaces: False
# The values here are default local variables. # The values here are default local variables.
gui_wan_iface: "unset" gui_wan_iface: "unset"
gui_static_wan_ip: "unset" gui_static_wan_ip: "unset"
gui_desired_network_role: Gateway gui_desired_network_role: Gateway
wondershaper_dspeed: "4096" wondershaper_dspeed: "4096"
wondershaper_upspeed: "1024" wondershaper_upspeed: "1024"
# WiFi # WiFi
host_ssid: IIAB host_ssid: IIAB
hostapd_wait: 10 hostapd_wait: 1
host_wifi_mode: g host_wifi_mode: g
host_channel: 6 host_channel: 6
host_wireless_n: False host_wireless_n: False
@ -15,7 +46,17 @@ host_country_code: US
hostapd_secure: True hostapd_secure: True
hostapd_password: "iiab2017" hostapd_password: "iiab2017"
driver_name: nl80211 driver_name: nl80211
network_config_dir: /etc/network/interfaces.d network_config_dir: /etc/network/interfaces.d
iiab_network_mode: "Gateway" #iiab_network_mode: "Gateway"
dns_jail_enabled: False dns_jail_enabled: False
services_externally_visible: False services_externally_visible: False
# following variables set for old apache,dhcpd,named usage
dhcpd_install: True
dhcpd_enabled: True
named_install: True
named_enabled: True
dnsmasq_enabled: False
dnsmasq_install: False
captive_portal_enabled: False

2
roles/network/tasks/NM.yml
View file

@ -1,4 +1,4 @@
- name: restart NetworkManager services - name: Restart NetworkManager services
service: name=NetworkManager service: name=NetworkManager
enabled=yes enabled=yes
state=stopped state=stopped

26
roles/network/tasks/avahi.yml
View file

@ -1,25 +1,3 @@
- name: Install avahi package
package: name={{ item }}
state=present
with_items:
- libnss-mdns
- avahi-daemon
- avahi-discover
when: is_debuntu
tags:
- download
- name: Install avahi package
package: name={{ item }}
state=present
with_items:
- nss-mdns
- avahi
- avahi-tools
when: not is_debuntu
tags:
- download
- name: Create a user for avahi - name: Create a user for avahi
user: name=avahi user: name=avahi
createhome=no createhome=no
@ -50,10 +28,10 @@
dest='/etc/avahi/services/' dest='/etc/avahi/services/'
when: is_debuntu when: is_debuntu
- name: set ssh port for avahi - name: Set ssh port for avahi
lineinfile: dest=/etc/avahi/services/ssh.service lineinfile: dest=/etc/avahi/services/ssh.service
regexp='</port>$' regexp='</port>$'
line=' <port>{{ssh_port}}</port>' line=' <port>{{ ssh_port }}</port>'
state=present state=present
backrefs=yes backrefs=yes

30
roles/network/tasks/computed_network.yml
View file

@ -1,7 +1,7 @@
# just lie about active gateway present on XOs to suppress ifcfg-WAN # just lie about active gateway present on XOs to suppress ifcfg-WAN
# auto-creation/moving with XOs using NM/system-connections/ via keyfile. # auto-creation/moving with XOs using NM/system-connections/ via keyfile.
# ifcfg-rh acts on /etc/sys*/net*/ifcfg-* where we search for devices. # ifcfg-rh acts on /etc/sys*/net*/ifcfg-* where we search for devices.
- name: Setting XO has wifi gateway - name: Setting XO has WiFi gateway
set_fact: set_fact:
user_wan_iface: "{{ discovered_wan_iface }}" user_wan_iface: "{{ discovered_wan_iface }}"
when: discovered_wan_iface != "none" and xo_model != "none" and has_ifcfg_gw == "none" when: discovered_wan_iface != "none" and xo_model != "none" and has_ifcfg_gw == "none"
@ -20,7 +20,7 @@
iiab_demo_mode: True iiab_demo_mode: True
when: teamviewer_install and not strict_networking when: teamviewer_install and not strict_networking
- name: XO wants usb wifi interface as AP mode - name: XO laptop wants USB WiFi interface as AP mode
set_fact: set_fact:
iiab_wireless_lan_iface: "{{ discovered_lan_iface }}" iiab_wireless_lan_iface: "{{ discovered_lan_iface }}"
when: num_wifi_interfaces >= "2" and xo_model != "none" and discovered_wan_iface != "none" and discovered_wireless_iface == "eth0" when: num_wifi_interfaces >= "2" and xo_model != "none" and discovered_wan_iface != "none" and discovered_wireless_iface == "eth0"
@ -32,7 +32,7 @@
gui_static_wan_ip: undefined gui_static_wan_ip: undefined
when: gui_static_wan_ip != "unset" and not gui_static_wan when: gui_static_wan_ip != "unset" and not gui_static_wan
- name: undo gui-static-wan by requesting new template file - name: Undo gui-static-wan by requesting new template file
set_fact: set_fact:
has_WAN: False has_WAN: False
when: gui_static_wan_ip != "unset" and not gui_static_wan when: gui_static_wan_ip != "unset" and not gui_static_wan
@ -64,7 +64,7 @@
# gui wants LanController # keeps ifcfg-WAN but onboot=no # gui wants LanController # keeps ifcfg-WAN but onboot=no
# the change over might be a little bumpy ATM. # the change over might be a little bumpy ATM.
- name: Setting GUI wants LanController - name: Setting GUI wants 'LanController'
set_fact: set_fact:
device_gw: "none" device_gw: "none"
user_wan_iface: "none" user_wan_iface: "none"
@ -75,13 +75,13 @@
# single interface vars/ users would need to set iiab_wan_enabled False as above, to disable the WAN # single interface vars/ users would need to set iiab_wan_enabled False as above, to disable the WAN
# and set user_lan_iface = <device> to suppress the auto detection for the same effect. # and set user_lan_iface = <device> to suppress the auto detection for the same effect.
- name: Setting user_lan_iface for LanController for single interface - name: Setting user_lan_iface for 'LanController' for single interface
set_fact: set_fact:
user_lan_iface: "{{ discovered_wan_iface }}" user_lan_iface: "{{ discovered_wan_iface }}"
when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController" when: discovered_wan_iface != "none" and num_lan_interfaces == "0" and gui_desired_network_role is defined and gui_desired_network_role == "LanController"
# override with user_wan_iface setting if no longer in auto # override with user_wan_iface setting if no longer in auto
- name: setting user WAN fact - name: Setting user WAN fact
set_fact: set_fact:
iiab_wan_iface: "{{ user_wan_iface }}" iiab_wan_iface: "{{ user_wan_iface }}"
when: user_wan_iface != "auto" when: user_wan_iface != "auto"
@ -93,14 +93,14 @@
when: 'not iiab_lan_enabled' when: 'not iiab_lan_enabled'
# gui wants Appliance Note: could of used iiab_lan_enabled false # gui wants Appliance Note: could of used iiab_lan_enabled false
- name: Setting GUI wants Appliance - name: Setting GUI wants 'Appliance'
set_fact: set_fact:
user_lan_iface: "none" user_lan_iface: "none"
iiab_gateway_enabled: "False" iiab_gateway_enabled: "False"
when: gui_desired_network_role is defined and gui_desired_network_role == "Appliance" when: gui_desired_network_role is defined and gui_desired_network_role == "Appliance"
# gui wants Gateway # gui wants Gateway
- name: Setting GUI wants and has active Gateway - name: Setting GUI wants and has active 'Gateway'
set_fact: set_fact:
user_lan_iface: "auto" user_lan_iface: "auto"
user_wan_iface: "{{ iiab_wan_iface }}" user_wan_iface: "{{ iiab_wan_iface }}"
@ -114,17 +114,17 @@
user_wan_iface: "{{ discovered_lan_iface }}" user_wan_iface: "{{ discovered_lan_iface }}"
when: num_lan_interfaces == "1" and user_lan_iface == "auto" and user_wan_iface == "auto" when: num_lan_interfaces == "1" and user_lan_iface == "auto" and user_wan_iface == "auto"
- name: No LAN configured - Appliance mode - name: No LAN configured - 'Appliance' mode
set_fact: set_fact:
iiab_network_mode: "Appliance" iiab_network_mode: "Appliance"
when: iiab_lan_iface == "none" when: iiab_lan_iface == "none"
- name: LAN configured - LanController mode - name: LAN configured - 'LanController' mode
set_fact: set_fact:
iiab_network_mode: "LanController" iiab_network_mode: "LanController"
when: iiab_lan_iface != "" and iiab_wan_iface == "none" when: iiab_lan_iface != "" and iiab_wan_iface == "none"
- name: LAN configured - Gateway mode - name: LAN configured - 'Gateway' mode
set_fact: set_fact:
iiab_network_mode: "Gateway" iiab_network_mode: "Gateway"
when: iiab_lan_iface != "none" and iiab_wan_iface != "none" when: iiab_lan_iface != "none" and iiab_wan_iface != "none"
@ -136,17 +136,17 @@
when: 'user_lan_iface != "auto"' when: 'user_lan_iface != "auto"'
# so this works # so this works
- name: interface count - name: Interface count
shell: ls /sys/class/net | grep -v -e lo | wc | awk '{print $1}' shell: ls /sys/class/net | grep -v -e lo | wc | awk '{print $1}'
register: adapter_count register: adapter_count
# well if there ever was a point to tell the user thing are FUBAR this is it. # well if there ever was a point to tell the user things are FUBAR this is it.
- name: We're hosed no work interfaces - name: We're hosed no work interfaces
set_fact: set_fact:
iiab_network_mode: "No_network_found" iiab_network_mode: "No_network_found"
when: adapter_count.stdout|int == "0" when: adapter_count.stdout|int == "0"
# well if there ever was a point to tell the user thing are FUBAR this is it. # well if there ever was a point to tell the user things are FUBAR this is it.
- name: I'm not guessing declare gateway please - name: I'm not guessing declare gateway please
set_fact: set_fact:
iiab_network_mode: "Undetectable_use_local_vars" iiab_network_mode: "Undetectable_use_local_vars"
@ -155,7 +155,7 @@
- name: Add location section to config file - name: Add location section to config file
ini_file: dest='{{ iiab_config_file }}' ini_file: dest='{{ iiab_config_file }}'
section=network section=computed_network
option='{{ item.option }}' option='{{ item.option }}'
value='{{ item.value }}' value='{{ item.value }}'
with_items: with_items:

39
roles/network/tasks/computed_services.yml
View file

@ -1,29 +1,44 @@
- name: No LAN configured - Appliance mode - name: No LAN configured - 'Appliance' mode
set_fact: set_fact:
dansguardian_enabled: False dansguardian_enabled: False
squid_enabled: False squid_enabled: False
named_enabled: True
dhcpd_enabled: False
wondershaper_enabled: False wondershaper_enabled: False
iiab_network_mode: "Appliance" iiab_network_mode: "Appliance"
when: iiab_lan_iface == "none" or user_lan_iface == "none" when: iiab_lan_iface == "none" or user_lan_iface == "none"
- name: LAN configured - LanController mode - name: LAN configured - 'LanController' mode
set_fact: set_fact:
named_enabled: True
dhcpd_enabled: True
dansguardian_enabled: False dansguardian_enabled: False
squid_enabled: False squid_enabled: False
wondershaper_enabled: False wondershaper_enabled: False
iiab_network_mode: "LanController" iiab_network_mode: "LanController"
when: iiab_lan_iface != "" and iiab_wan_iface == "none" when: iiab_lan_iface != "" and iiab_wan_iface == "none"
- name: LAN configured - Gateway mode - name: LAN configured - 'Gateway' mode
set_fact:
iiab_network_mode: "Gateway"
when: iiab_lan_iface != "none" and iiab_wan_iface != "none"
- name: No LAN configured - non-dnsmasq
set_fact:
named_enabled: True
dhcpd_enabled: False
dhcp_service2: "dhcpd"
when: not dnsmasq_enabled and iiab_network_mode == "Appliance"
- name: LAN configured - non-dnsmasq
set_fact: set_fact:
named_enabled: True named_enabled: True
dhcpd_enabled: True dhcpd_enabled: True
iiab_network_mode: "Gateway" dhcp_service2: "dhcpd"
when: 'iiab_lan_iface != "none" and iiab_wan_iface != "none"' when: not dnsmasq_enabled and iiab_network_mode != "Appliance"
- name: LAN configured - dnsmasq
set_fact:
named_enabled: False
dhcpd_enabled: False
dhcp_service2: "dnsmasq"
when: dnsmasq_install and dnsmasq_enabled and iiab_network_mode != "Appliance"
- name: Add location section to config file - name: Add location section to config file
ini_file: dest='{{ iiab_config_file }}' ini_file: dest='{{ iiab_config_file }}'
@ -33,3 +48,9 @@
with_items: with_items:
- option: 'iiab_network_mode_applied' - option: 'iiab_network_mode_applied'
value: '{{ iiab_network_mode }}' value: '{{ iiab_network_mode }}'
- option: 'dhcp_service2'
value: '{{ dhcp_service2 }}'
- option: 'dnsmasq_enabled'
value: '{{ dnsmasq_enabled }}'
- option: 'no_net_restart'
value: '{{ no_net_restart }}'

18
roles/network/tasks/dansguardian.yml
View file

@ -1,4 +1,4 @@
- name: Install dansguardian packages - name: Install DansGuardian packages
package: name={{ item }} package: name={{ item }}
state=present state=present
with_items: with_items:
@ -6,31 +6,31 @@
tags: tags:
- download - download
- name: Copy dansguardian config file - name: Copy DansGuardian config file
template: src=squid/dansguardian.conf.j2 template: src=roles/network/templates/squid/dansguardian.conf.j2
dest=/etc/dansguardian/dansguardian.conf dest=/etc/dansguardian/dansguardian.conf
owner=dansguardian owner=dansguardian
group=dansguardian group=dansguardian
mode=0640 mode=0640
when: ansible_distribution == "Fedora" when: ansible_distribution == "Fedora"
- name: Copy dansguardian config file - name: Copy DansGuardian config file
template: src=squid/dansguardian.conf.debian.j2 template: src=roles/network/templates/squid/dansguardian.conf.debian.j2
dest=/etc/dansguardian/dansguardian.conf dest=/etc/dansguardian/dansguardian.conf
owner=dansguardian owner=dansguardian
group=dansguardian group=dansguardian
mode=0640 mode=0640
when: is_debuntu when: is_debuntu
- name: Copy dansguardian config file for CentOS - name: Copy DansGuardian config file for CentOS
template: src=squid/dansguardian.conf.centos.j2 template: src=roles/network/templates/squid/dansguardian.conf.centos.j2
dest=/etc/dansguardian/dansguardian.conf dest=/etc/dansguardian/dansguardian.conf
owner=dansguardian owner=dansguardian
group=vscan group=vscan
mode=0640 mode=0640
when: ansible_distribution == "CentOS" when: ansible_distribution == "CentOS"
- name: Create dansguardian log directory - name: Create 'dansguardian' log directory
file: path=/var/log/dansguardian file: path=/var/log/dansguardian
owner=dansguardian owner=dansguardian
group=dansguardian group=dansguardian
@ -38,7 +38,7 @@
state=directory state=directory
when: ansible_distribution != "CentOS" when: ansible_distribution != "CentOS"
- name: Create dansguardian log directory for CentOS - name: Create DansGuardian log directory for CentOS
file: path=/var/log/dansguardian file: path=/var/log/dansguardian
owner=dansguardian owner=dansguardian
group=vscan group=vscan

128
roles/network/tasks/debian.yml
View file

@ -9,94 +9,70 @@
# 4. In lan_controller: wan is off, eth0 and wlan0 under br0 # 4. In lan_controller: wan is off, eth0 and wlan0 under br0
# 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0) # 5. In gateway: eth0 is wan, and wlan0 is under br0 (only one adapter under br0)
# 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway # 6. As a slight concess to auto config, if eth1 exists, make it wan, and force gateway
#- name: In upgrade from earlier IIAB 6.2, delete the resolvconf
# package: name=resolvconf
# state=absent
# enabled=False
# ignore_errors: True
- name: in upgrade from earlier 6.2, delete the resolvconf #- name: Get the dhcp client daemon used in recent raspbian
package: name=resolvconf # package: name=dhcpcd5
state=absent # state=present
enabled=False
ignore_errors: True
- name: Get the dhcp client daemon used in recent raspbian - name: For upgrades from earlier IIAB 6.2, remove br0 file
package: name=dhcpcd5
state=present
- name: for upgrades from earlier 6.2, remove br0 file
file: path=/etc/network/interfaces.d/br0 file: path=/etc/network/interfaces.d/br0
state=absent state=absent
when: iiab_lan_iface != "br0" and wan_ip == "dhcp"
- name: default to lan controller - name: Supply resolvconf.conf
set_fact: template: dest=/etc/resolvconf.conf
gui_desired_network_role: "lan_controller" src=network/resolvconf.j2
when: not gui_desired_network_role is defined
- name: Recover from putting config in /etc/network/interfaces - name: Supply dhcpcd.conf
template: dest=/etc/network/interfaces template: dest=/etc/dhcpcd.conf
src=network/interfaces.j2 src=network/dhcpcd.conf.j2
when: dhcpcd_result == "enabled"
- name: Copy the bridge script - name: Copy the bridge script
template: dest=/etc/network/interfaces.d/iiab template: dest=/etc/network/interfaces.d/iiab
src=network/iiab.j2 src=network/systemd.j2
register: interface when: not is_rpi and (iiab_lan_iface == "br0" or wan_ip != "dhcp")
- name: start up the dhcpcd service - name: Copy the bridge script for RPi
service: name=dhcpcd template: dest=/etc/network/interfaces.d/iiab
enabled=True src=network/rpi.j2
state=started when: is_rpi and iiab_lan_iface == "br0"
- name: If this was a change, things need to shift - name: bind may be affected
service: name=hostapd state=stopped service: name={{ dns_service }} state=stopped
when: interface.changed when: named_install and dnsmasq_enabled
- name: dhcpd may be affected # dhcpd_server release the interface
service: name=bind9 state=stopped - name: dhcpd_server may be affected - stopping dhcpd
when: interface.changed service: name=dhcpd state=stopped
when: dhcpd_install
- name: dhcpd_server may be affected - stopping dnsmasq
service: name=dnsmasq state=stopped
when: dnsmasq_install
- name: reload systemd
shell: systemctl daemon-reload
# now pick up denyinterfaces
- name: restart dhcpcd
service: name=dhcpcd state=restarted
when: dhcpcd_result == "enabled"
- name: restart the networking service - name: restart the networking service
service: name=networking state=restarted service: name=networking state=restarted
when: interface.changed when: not nobridge is defined and not no_net_restart
- name: restart hostapd when wifi is present
service: name=hostapd state=restarted
when: iiab_wireless_lan_iface is defined and hostapd_enabled and iiab_network_mode != "Appliance"
- name: start up hostapd again #- name: dhcp_server may be affected - starting - user choice
service: name=hostapd state=started # service: name={{ dhcp_service2 }} state=started
when: interface.changed # when: iiab_network_mode != "Appliance"
- name: dhcpd may be affected
service: name=bind9 state=started
when: interface.changed
#create lan br0 if lan_controller or gateway
#create wan br0 if appliance
#allocate wlan0 under br0 in all cases
#allocate eth0 under br0 if appliance, alone if gateway
- name: Add location section to config file
ini_file: dest='{{ iiab_config_file }}'
section=network
option='{{ item.option }}'
value='{{ item.value }}'
with_items:
- option: 'gateway_active'
value: '{{ gw_active }}'
- option: 'internet_available'
value: '{{ internet_available }}'
- option: 'gateway_ifcfg'
value: '{{ has_ifcfg_gw }}'
- option: 'detected_gateway'
value: '{{ discovered_wan_iface }}'
- option: 'prior_gateway'
value: '{{ device_gw2 }}'
- option: 'wireless_list_1'
value: '{{ wifi1 }}'
- option: 'wireless_list_2'
value: '{{ wifi2 }}'
- option: 'num_wifi_interfaces'
value: '{{ num_wifi_interfaces }}'
- option: 'discovered_wireless_iface'
value: '{{ discovered_wireless_iface }}'
- option: 'iiab_wireless_lan_iface'
value: '{{ iiab_wireless_lan_iface }}'
- option: 'num_lan_interfaces'
value: '{{ num_lan_interfaces }}'
- option: 'detected_lan'
value: '{{ discovered_lan_iface }}'
- option: 'static_wan'
value: '{{ gui_static_wan }}'

Some files were not shown because too many files have changed in this diff Show more