external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-14 20:22:08 +00:00
Code Issues Releases Wiki Activity

Merge pull request #2 from iiab/master

Browse source 
sync from iiab/iiab
This commit is contained in:
A Holt 2017-09-25 20:09:05 -04:00 committed by GitHub
commit b42858c629
13 changed files with 190 additions and 168 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
iiab.yml
View file

@ -6,7 +6,6 @@
- vars/default_vars.yml
- vars/{{ ansible_local.local_facts.os_ver}}.yml
- vars/local_vars.yml
- /etc/iiab/config_vars.yml
roles:
- { role: 1-prep, tags: ['prep','platform','base'] }

3
roles/1-prep/defaults/main.yml
View file

@ -1,9 +1,10 @@
# use these as a tag a release at a point in time
iiab_base_ver: 0
iiab_base_ver: 6.4
gui_version: 2
# These entries should never be changed in this file.
# These are defaults for boolean routines,
first_run: False
installing: False
NUC6_firmware_needed: False
exFAT_enabled: False

89
roles/1-prep/tasks/detected_network.yml
View file

@ -1,40 +1,26 @@
- name: Checking iiab_domain_name
shell: "cat /etc/sysconfig/iiab_domain_name"
register: prior_domain
ignore_errors: True
when: not first_run
# above always registers
- name: Checking for prior domain name
set_fact:
iiab_domain: "{{ prior_domain.stdout }}"
when: prior_domain.stdout != "lan" and prior_domain.stdout != ""
when: not first_run and prior_domain.stdout != "lan" and prior_domain.stdout != ""
- name: iiab_wan_device
shell: "cat /etc/sysconfig/iiab_wan_device"
register: prior_gw
ignore_errors: True
when: not first_run
- name: Checking for old device gateway interface for device test
set_fact:
device_gw: "{{ prior_gw.stdout }}"
device_gw2: "{{ prior_gw.stdout }}"
when: prior_gw is defined and prior_gw.stdout != ""
when: not first_run and prior_gw is defined and prior_gw.stdout != ""
- name: Checking for ifcfg-WAN file
stat: path=/etc/sysconfig/network-scripts/ifcfg-WAN
register: has_ifcfg_WAN
- name: Setting ifcfg-WAN True
set_fact:
has_WAN: True
when: has_ifcfg_WAN.stat.exists
# DETECT -- gateway and wireless
- name: Get a list of slaves from previous config
shell: "egrep -rn BRIDGE=br0 /etc/sysconfig/network-scripts/ifcfg-* | awk -F'[-:]' '{print $3}'"
register: ifcfg_slaves
ignore_errors: True
changed_when: False
#pause checking
# Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
- name: Finding gateway
@ -74,59 +60,9 @@
device_gw: "{{ discovered_wan_iface }}"
when: discovered_wan_iface != "none"
# returns list of paths
- name: Find gateway config based on device
shell: "egrep -rn {{ device_gw }} /etc/sysconfig/network-scripts/ifcfg* | awk -F ':' '{print $1}'"
register: ifcfg_gw_device
ignore_errors: True
changed_when: False
when: device_gw != "none"
# last match wins
- name: Setting has ifcfg gw based on device if found
set_fact:
has_ifcfg_gw: "{{ item|trim }}"
ignore_errors: True
when: ifcfg_gw_device.stdout_lines is defined and item|trim != "" and item|trim != "/etc/sysconfig/network-scripts/ifcfg-LAN"
with_items:
- "{{ ifcfg_gw_device.stdout_lines }}"
# returns path
- name: Find active gateway config based on macaddress
shell: "egrep -irn {{ ansible_default_ipv4.macaddress }} /etc/sysconfig/network-scripts/ifcfg* | awk -F ':' '{print $1}' | head -n 1"
register: ifcfg_gw_mac
ignore_errors: True
changed_when: False
when: 'ansible_default_ipv4.gateway is defined'
- name: Set has ifcfg gw based on on macaddress if found
set_fact:
has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}"
when: ifcfg_gw_mac.stdout is defined and ifcfg_gw_mac.stdout != ""
# could use something else
- name: Find wifi gateway config if present
shell: egrep -rn ESSID /etc/sysconfig/network-scripts/ifcfg* | awk -F ':' '{print $1}' | awk -F '/' '{print $5}'
register: ifcfg_WAN_wifi
ignore_errors: True
#returns file name
- name: Setting has_wifi_gw based on ESSID if found
set_fact:
has_wifi_gw: "{{ item|trim }}"
when: ifcfg_WAN_wifi.changed and item|trim != ""
with_items:
- "{{ ifcfg_WAN_wifi.stdout_lines }}"
- name: Finding device for wifi AP gateway
shell: egrep -rn DEVICE /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | awk -F '=' '{print $2}'
register: AP_device
when: has_wifi_gw != "none" and has_ifcfg_gw != "none"
- name: Setting wifi device
set_fact:
ap_device: "{{ AP_device.stdout }}"
when: AP_device.stdout is defined and AP_device.stdout != ""
- name: RedHat Network detection
include: detected_redhat.yml
when: is_redhat
# WIRELESS -- if any wireless is detected as gateway, it becomes WAN
- name: Look for any wireless interfaces
@ -222,13 +158,8 @@
when: discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface
#unused
- name: Get a list of ifcfg files to delete
shell: "ls -1 /etc/sysconfig/network-scripts/ifcfg-* | grep -v -e ifcfg-lo -e ifcfg-WAN -e {{ has_wifi_gw }}"
register: ifcfg_files
changed_when: False
ignore_errors: True
when: num_lan_interfaces >= "1" or iiab_wireless_lan_iface != "none"
#
#- name: Get a list of ifcfg files to delete
# moved to detected_redhat
# use value only if present
- name: Setting detected lan

81
roles/1-prep/tasks/detected_redhat.yml Normal file
View file

@ -0,0 +1,81 @@
- name: Checking for ifcfg-WAN file - Can Fail
stat: path=/etc/sysconfig/network-scripts/ifcfg-WAN
register: has_ifcfg_WAN
when: not first_run
- name: Setting ifcfg-WAN True
set_fact:
has_WAN: True
when: has_ifcfg_WAN.stat.exists
# DETECT -- gateway and wireless
- name: Get a list of slaves from previous config - Can Fail
shell: "egrep -rn BRIDGE=br0 /etc/sysconfig/network-scripts/ifcfg-* | gawk -F'[-:]' '{print $3}'"
register: ifcfg_slaves
ignore_errors: True
changed_when: False
when: not first_run
# returns list of paths
- name: Find gateway config based on device
shell: "egrep -rn {{ device_gw }} /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}'"
register: ifcfg_gw_device
ignore_errors: True
changed_when: False
when: not first_run and device_gw != "none"
# last match wins
- name: Setting has ifcfg gw based on device if found
set_fact:
has_ifcfg_gw: "{{ item|trim }}"
ignore_errors: True
when: ifcfg_gw_device.stdout_lines is defined and item|trim != "" and item|trim != "/etc/sysconfig/network-scripts/ifcfg-LAN"
with_items:
- "{{ ifcfg_gw_device.stdout_lines }}"
# returns path
- name: Find active gateway config based on macaddress - Can Fail
shell: "egrep -irn {{ ansible_default_ipv4.macaddress }} /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | head -n 1"
register: ifcfg_gw_mac
ignore_errors: True
changed_when: False
when: ansible_default_ipv4.gateway is defined
- name: Set has ifcfg gw based on on macaddress if found
set_fact:
has_ifcfg_gw: "{{ ifcfg_gw_mac.stdout|trim }}"
when: ifcfg_gw_mac.changed and ifcfg_gw_mac.stdout != ""
# could use something else
- name: Find wifi gateway config if present - Can Fail
shell: egrep -rn ESSID /etc/sysconfig/network-scripts/ifcfg* | gawk -F ':' '{print $1}' | gawk -F '/' '{print $5}'
register: ifcfg_WAN_wifi
ignore_errors: True
#returns file name
- name: Setting has_wifi_gw based on ESSID if found - Can Fail
set_fact:
has_wifi_gw: "{{ item|trim }}"
when: ifcfg_WAN_wifi.changed and item|trim != ""
with_items:
- "{{ ifcfg_WAN_wifi.stdout_lines }}"
- name: Finding device for wifi AP gateway - Can Fail
shell: egrep -rn DEVICE /etc/sysconfig/network-scripts/{{ has_wifi_gw }} | gawk -F '=' '{print $2}'
register: AP_device
ignore_errors: True
when: has_wifi_gw != "none" and has_ifcfg_gw != "none"
- name: Setting wifi device
set_fact:
ap_device: "{{ AP_device.stdout }}"
when: AP_device.stdout is defined and AP_device.stdout != ""
#unused
#- name: Get a list of ifcfg files to delete - Can Fail
# shell: "ls -1 /etc/sysconfig/network-scripts/ifcfg-* | grep -v -e ifcfg-lo -e ifcfg-WAN -e {{ has_wifi_gw }}"
# register: ifcfg_files
# changed_when: False
# ignore_errors: True
# when: num_lan_interfaces >= "1" or iiab_wireless_lan_iface != "none"

2
roles/1-prep/tasks/iiab_ini.yml
View file

@ -30,7 +30,5 @@
value: '{{ ansible_local["local_facts"]["iiab_commit"] }}'
- option: 'install_date'
value: '{{ ansible_date_time["iso8601"] }}'
- option: 'Universal Unique ID (uuid)'
value: '{{ uuid }}'
- option: 'install_xo'
value: '{{ xo_model }}'

31
roles/1-prep/tasks/main.yml
View file

@ -1,3 +1,16 @@
- name: Determine if runansible was run
stat: path=/etc/iiab/config_vars.yml
register: NewInstall
- name: Setting first run flag
set_fact:
first_run: True
when: NewInstall.stat.exists is defined and not NewInstall.stat.exists
# we need to inialize the ini file
- include: iiab_ini.yml
when: first_run
- name: Set flag for fedora 18
set_fact:
is_F18: True
@ -50,17 +63,17 @@
- name: Disable apparmor -- on by default in ubuntu
service: name=apparmor enabled=False state=stopped
when: is_ubuntu
when: first_run and is_ubuntu
ignore_errors: true
- name: Disable selinux on next boot
selinux: state=disabled
register: selinux_disabled
when: ansible_selinux is defined and ansible_version >= '2' and ansible_selinux or ansible_selinux['status'] is defined and ansible_version < '2' and ansible_selinux['status'] != 'disabled'
when: first_run and not is_debuntu
- name: Disable selinux for this session (if needed)
command: setenforce Permissive
when: selinux_disabled is defined and selinux_disabled.changed
when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
## DISCOVER PLATFORMS ######
- name: Discover if this is a rpi -- assume if so it is running raspbian
@ -72,26 +85,22 @@
- include: prep.yml
# we need to inialize the ini file
- include: iiab_ini.yml
- include: computed_vars.yml
- include: detected_network.yml
when: not installing
# Put conditional actions for hardware platforms here
- include: raspberry_pi_2.yml
when: rpi_model != "none"
when: first_run and rpi_model != "none"
- name: Check if the identifier for intel's NUC6 builtin wifi is present
shell: "lsusb | grep 8087:0a2b | wc |gawk '{print $1}'"
shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'"
register: usb_NUC6
ignore_errors: true
when: first_run
- name: download the firmware for built in wifi on NUC6
get_url: dest=/lib/firmware
url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode
when: usb_NUC6.stdout|int > 0
when: first_run and usb_NUC6.stdout|int > 0

18
roles/3-base-server/tasks/main.yml
View file

@ -2,24 +2,6 @@
file: dest={{ doc_root }}/local_content
state=directory
- name: Set up to issue warning if iiab-admin password is still default
template: src=profile_ssh_warn.sh
dest=/etc/profile.d/
- name: Is this LXDE?
stat: path=/home/pi/.config/lxsession
register: lx
- name: Do the same if running on raspbian
template: src=lxde_ssh_warn.sh
dest=/home/pi/.config/lxsession/LXDE-pi/
when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu
- name: put a autostart line to check for default password in LXDE
lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh
dest=/home/pi/.config/lxsession/LXDE-pi/autostart
when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu
- name: Base Server Installed
command: echo Base Server Installed

2
roles/9-local-addons/tasks/main.yml
View file

@ -1,3 +1,5 @@
- name: Addon services installed
command: echo Addon services installed
- name: Installation Complete
shell: echo "{}" > /etc/iiab/config_vars.yml

98
roles/elgg/tasks/main.yml
View file

@ -1,9 +1,10 @@
- name: download current version from our copy
shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }}
creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip
when: internet_available
- name: Determine if software is already expanded
stat: path=/opt/elgg/index.php
stat: path=/opt/elgg-{{ elgg_version }}/index.php
register: elgg
# use unzip and shell until unarchive works again
@ -14,19 +15,62 @@
shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt"
when: elgg.stat.exists is defined and not elgg.stat.exists
- name: change ownership
file: path=/opt/elgg-{{elgg_version }}
owner={{ apache_user }}
recurse=yes
state=directory
- name: Create a link to the versioned elgg folder
file: src=./elgg-{{ elgg_version }}
dest=/opt/elgg
owner={{ apache_user }}
group={{ apache_user }}
state=link
force=true
# use template to fix up settings in engine/settings.php with our variables substituted
# into engine/settings.example.php
- name: Substitute our parameters in engine/settings.example.php
template: src="settings.php.j2"
dest="/opt/{{ elgg_xx }}/elgg-config/settings.php"
owner={{ apache_user }}
group={{ apache_user }}
# The name of this file changed from 1.9 to 1.10.
- name: Copy default .htaccess to the root directory of elgg tree
copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist"
dest="/opt/{{ elgg_xx }}/.htaccess"
mode=0644
owner={{ apache_user }}
group={{ apache_user }}
#regexp='^#RewriteBase'
- name: Modify .htaccess to have RewriteBase as our directory
lineinfile: backup=no
dest="/opt/{{ elgg_xx }}/.htaccess"
state=present
insertafter='^#RewriteBase'
line="RewriteBase {{ elgg_url }}/"
- name: Change permissions on engine directory so apache can write
file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory
- name: Create an upload directory that Apache can write in or elgg
file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }}
- name: change ownership
file: path=/opt/elgg-{{ elgg_version }}
owner={{ apache_user }}
group={{ apache_user }}
recurse=yes
state=directory
# elggdb.sql obtained with mysqldump --skip-add-drop-table elggdb > elggdb.sql
# tar up a mysqldump of freshly installed database and use it in the install to avoid the startup
# form, which worries me a lot. (/var/lib/mysql/elggdb)
- name: Create a user to access the elgg database
mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv=*.*:ALL
with_items:
- 127.0.0.1
- ::1
- localhost
when: mysql_enabled and elgg_enabled and not elgg.stat.exists
- name: Create file to load database
template: src=elggdb.sql.j2
@ -46,39 +90,6 @@
- name: Remove database dump after load
file: name=/tmp/elggdb.sql state=absent
- name: Create a user to access the elgg database
mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv=*.*:ALL
with_items:
- 127.0.0.1
- ::1
- localhost
when: mysql_enabled and elgg_enabled
# The name of this file changed from 1.9 to 1.10.
- name: Copy default .htaccess to the root directory of elgg tree
copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist"
dest="/opt/{{ elgg_xx }}/.htaccess"
mode=0644
owner={{ apache_user }}
group=root
- name: Modify .htaccess to have RewriteBase as our directory
lineinfile: backup=yes
dest="/opt/{{ elgg_xx }}/.htaccess"
state=present
insertafter='^#RewriteBase'
line="RewriteBase {{ elgg_url }}/"
#regexp='^#RewriteBase'
#- tar up a mysqldump of freshly installed database and use it in the install to avoid the startup form, which worries me a lot. (/var/lib/mysql/elggdb)
#- use template to fix up settings in engine/settings.php with our variables substituted into engine/settings.example.php
- name: Substitute our parameters in engine/settings.example.php
template: src="settings.php.j2"
dest="/opt/{{ elgg_xx }}/elgg-config/settings.php"
owner={{ apache_user }}
- name: Install config file for elgg in Apache
template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf
when: mysql_enabled and elgg_enabled
@ -94,12 +105,6 @@
state=absent
when: not elgg_enabled and is_debuntu
- name: Change permissions on engine directory so apache can write
file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory
- name: Create an upload directory that Apache can write in or elgg
file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }}
- name: add elgg to service list
ini_file: dest='{{ service_filelist }}'
section=elgg
@ -117,4 +122,3 @@
- name: Restart apache, so it picks up the new aliases
service: name={{ apache_service }} state=restarted

19
roles/iiab-admin/tasks/main.yml
View file

@ -1,6 +1,7 @@
- include: admin-user.yml
tags:
- base
when: not no_admin is defined
- include: access.yml
tags:
@ -18,3 +19,21 @@
value: '"Admin User"'
- option: iiab_admin_user
value: "{{ iiab_admin_user }}"
- name: Set up to issue warning if iiab-admin password is still default
template: src=profile_ssh_warn.sh
dest=/etc/profile.d/
- name: Is this LXDE?
stat: path=/home/pi/.config/lxsession
register: lx
- name: Do the same if running on raspbian
template: src=lxde_ssh_warn.sh
dest=/home/pi/.config/lxsession/LXDE-pi/
when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu
- name: put a autostart line to check for default password in LXDE
lineinfile: line=@/home/pi/.config/lxsession/LXDE-pi/lxde_ssh_warn.sh
dest=/home/pi/.config/lxsession/LXDE-pi/autostart
when: lx.stat.isdir is defined and lx.staat.isdir and is_rpi and is_debuntu

2
roles/3-base-server/templates/lxde_ssh_warn.sh → roles/iiab-admin/templates/lxde_ssh_warn.sh
View file

@ -1,4 +1,4 @@
#!/bin/bash
#!/bin/bash
# credit to the folks at raspberry pi foundatioon
check_hash ()
{

2
roles/3-base-server/templates/profile_ssh_warn.sh → roles/iiab-admin/templates/profile_ssh_warn.sh
View file

@ -1,4 +1,4 @@
#!/bin/bash
#!/bin/bash
# credit to the folks at raspberry pi foundatioon
check_hash ()
{

10
runansible
View file

@ -1,11 +1,5 @@
#!/bin/bash
#!/bin/bash
# copy var files to /etc/iiab for subsequent use
mkdir -p /etc/iiab
if [ ! -f /etc/iiab/config_vars.yml ]; then
echo "{}" > /etc/iiab/config_vars.yml
fi
# if vars/local_vars.yml is missing, put a default one in place
if [ ! -f ./vars/local_vars.yml ]; then
OS=`grep ^ID= /etc/*release|cut -d= -f2`
@ -31,6 +25,7 @@ then
cd $XSCE_DIR
else
XSCE_DIR=/opt/iiab/iiab
mkdir -p /etc/iiab
fi
if [ ! -f iiab.yml ]
@ -77,3 +72,4 @@ export ANSIBLE_LOG_PATH="$XSCE_DIR/iiab-install.log"
ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null
ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local
#ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --syntax-check