Merge pull request #463 from iiab/master

Sync from iiab/iiab:master
2025-03-09 15:40:17 +00:00 · 2021-02-24 16:27:38 -05:00 · 2021-02-24 16:27:38 -05:00 · bf9bc7c31f
commit bf9bc7c31f
parent ac7842df6b 82a768acf5
8 changed files with 28 additions and 50 deletions
--- a/roles/gitea/defaults/main.yml
+++ b/roles/gitea/defaults/main.yml
@ -9,7 +9,7 @@

 # Info needed to install Gitea:

-gitea_version: 1.13.1
+gitea_version: 1.13.2
 iset_suffixes:
  i386: 386
  x86_64: amd64
--- a/roles/network/templates/hostapd/50-hostapd
+++ b/roles/network/templates/hostapd/50-hostapd
@ -1,6 +1,6 @@
 if [ "$interface" = "br0" ] && [ $if_up = "true" ]; then
-    syslog info "50-iiab IF_UP br0 restarting dnsmasq"
-    sleep 2
+    syslog info "50-iiab IF_UP br0 restarting dnsmasq - kicking ap0"
+    ip link set ap0 up
    systemctl --no-block restart dnsmasq
 fi

--- a/roles/nextcloud/tasks/install.yml
+++ b/roles/nextcloud/tasks/install.yml
@ -41,15 +41,16 @@


 # https://docs.nextcloud.com/server/18/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
- name: Install ffmpeg + libxml2 + 12 php packages
+- name: Install ffmpeg + libxml2 + 13 php packages
  package:
    name:
      #- dnsutils    # NOT REQUESTED by Nextcloud
      - ffmpeg       # Optional (for preview generation)
      - libxml2      # php-libxml requires libxml2 >= 2.7.0
      #- libapache2-mod-php    # 2020-02-15: NO LONGER NEEDED?
+      - php{{ php_version }}-bcmath        # Highly recommended by Nextcloud 21 for "improved performance and better compatibility"
      - php{{ php_version }}-bz2           # Optional (for extraction of apps)
-      - php{{ php_version }}-cli           # Like optional?  @jvonau says this drags in php{{ php_version }}-common as @m-anish wanted in PR #2119 / #2258
+      - php{{ php_version }}-cli           # Likely optional?  @jvonau says this drags in php{{ php_version }}-common as @m-anish wanted in PR #2119 / #2258
      - php{{ php_version }}-curl
      - php{{ php_version }}-gd
      - php{{ php_version }}-gmp           # Optional (for SFTP storage)
@ -91,13 +92,13 @@
    state: directory
    path: "{{ nextcloud_root_dir }}"    # /library/www/nextcloud

- name: Unarchive {{ nextcloud_dl_url }} to {{ nextcloud_root_dir }} ({{ apache_user }}:{{ apache_user }})
+- name: Unarchive {{ nextcloud_dl_url }} (100+ MB) to {{ nextcloud_root_dir }} (400+ MB, {{ apache_user }}:{{ apache_user }})
  unarchive:
-    remote_src: yes
+    remote_src: yes    # Overwrite even if "already exists on the target"
    src: "{{ nextcloud_dl_url }}"
    #dest: "{{ nextcloud_base_dir }}"    # /library/www
    dest: "{{ nextcloud_root_dir }}"     # /library/www/nextcloud
-    owner: "{{ apache_user }}"           # apache2 on debuntu
+    owner: "{{ apache_user }}"           # www-data on debuntu
    group: "{{ apache_user }}"
    extra_opts: --strip-components=1     # Or use 'dest: /library/www' above
  when: internet_available
--- a/roles/nextcloud/tasks/setup.yml
+++ b/roles/nextcloud/tasks/setup.yml
@ -19,7 +19,7 @@
  file:
    state: directory
    path: "{{ nextcloud_data_dir }}"    # /library/www/nextcloud/data
-    owner: "{{ apache_user }}"
+    owner: "{{ apache_user }}"          # www-data on debuntu
    group: "{{ apache_user }}"

 # 1 of 3: Very Old Way... from OwnCloud days
--- a/roles/phpmyadmin/defaults/main.yml
+++ b/roles/phpmyadmin/defaults/main.yml
@ -4,7 +4,6 @@
 # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
 # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!

-phpmyadmin_version: 5.0.4
+phpmyadmin_version: 5.1.0
 phpmyadmin_name: "phpMyAdmin-{{ phpmyadmin_version }}-all-languages"
-phpmyadmin_name_zip: "{{ phpmyadmin_name }}.zip"
-phpmyadmin_dl_url: "https://files.phpmyadmin.net/phpMyAdmin/{{ phpmyadmin_version }}/{{ phpmyadmin_name_zip }}"
+phpmyadmin_dl_url: "https://files.phpmyadmin.net/phpMyAdmin/{{ phpmyadmin_version }}/{{ phpmyadmin_name }}.tar.xz"
--- a/roles/phpmyadmin/tasks/install.yml
+++ b/roles/phpmyadmin/tasks/install.yml
@ -8,58 +8,36 @@
    name: httpd


- name: Download {{ phpmyadmin_dl_url }} to {{ downloads_dir }}
-  get_url:
-    url: "{{ phpmyadmin_dl_url }}"    # e.g. https://files.phpmyadmin.net/phpMyAdmin/5.0.4/phpMyAdmin-5.0.4-all-languages.zip
-    dest: "{{ downloads_dir }}"    # /opt/iiab/downloads
-    timeout: "{{ download_timeout }}"    # 200
-  when: internet_available
-
- name: Does {{ downloads_dir }}/{{ phpmyadmin_name_zip }} exist?
-  stat:
-    path: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }}"    # e.g. /opt/iiab/downloads/phpMyAdmin-5.0.4-all-languages.zip
-  register: phpmyadmin_dl
-
- name: FAIL (force Ansible to exit) IF {{ downloads_dir }}/{{ phpmyadmin_name_zip }} doesn't exist
-  fail:
-    msg: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }} is REQUIRED in order to install phpMyAdmin."
-  when: not phpmyadmin_dl.stat.exists
-
- name: Unzip to permanent location /opt/{{ phpmyadmin_name }}, owned by {{ apache_user }}:root    # e.g. /opt/phpMyAdmin-5.0.4-all-languages, owned by www-data:root
+- name: Unarchive {{ phpmyadmin_dl_url }} (7+ MB) to /opt (60+ MB)
  unarchive:
-    src: "{{ downloads_dir }}/{{ phpmyadmin_name_zip }}"
+    remote_src: yes    # Overwrite even if "already exists on the target"
+    src: "{{ phpmyadmin_dl_url }}"    # e.g. https://files.phpmyadmin.net/phpMyAdmin/5.1.0/phpMyAdmin-5.1.0-all-languages.tar.xv
    dest: /opt
-    owner: "{{ apache_user }}"
+    owner: "{{ apache_user }}"    # www-data on debuntu
+    group: "{{ apache_user }}"
+    #timeout: "{{ download_timeout }}" # Use get_url if timeout (200s) required
+  when: internet_available

 - name: Symlink /opt/phpmyadmin -> {{ phpmyadmin_name }}
  file:
    src: "{{ phpmyadmin_name }}"
    path: /opt/phpmyadmin
-    owner: "{{ apache_user }}"    # Some Linux's ignore symlink owners?
+    #owner: "{{ apache_user }}"    # Generally not used by Linux
+    #group: "{{ apache_user }}"    # Generally not used by Linux
    state: link

- name: Install /opt/phpmyadmin/config.inc.php owned by {{ apache_user }}:root, from template
+- name: Install /opt/phpmyadmin/config.inc.php owned by {{ apache_user }}:{{ apache_user }}, from template
  template:
    src: config.inc.php
    dest: /opt/phpmyadmin/config.inc.php
    owner: "{{ apache_user }}"
+    group: "{{ apache_user }}"

-# Above 3 stanzas set link/tree/contents ownership to {{ apache_user }}:root
-# OOPS: CHOWN BELOW CHANGED LINK ALONE (TREE/CONTENTS REMAINED root:root)
-
-# - name: Change the owner of the PHP tree to Apache
-#   shell: "chown -R {{ apache_user }} /opt/phpmyadmin"
-#   #file:
-#   #  path: "/opt/{{ phpmyadmin_name_zip }}"
-#   #  owner: "{{ apache_user }}"
-#   #  recurse: yes
-#   #  state: directory
-
- name: Install /etc/{{ apache_conf_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled
+- name: Install /etc/{{ apache_conf_dir }}/phpmyadmin.conf from template
  template:
    src: phpmyadmin.j2
    dest: "/etc/{{ apache_conf_dir }}/phpmyadmin.conf"
-  when: apache_installed is defined
+  #when: apache_installed is defined


 # RECORD phpMyAdmin AS INSTALLED
--- a/scripts/ansible
+++ b/scripts/ansible
@ -5,7 +5,7 @@

 APT_PATH=/usr/bin    # Avoids problematic /usr/local/bin/apt on Linux Mint
 CURR_VER="undefined"    # Ansible version you currently have installed
-GOOD_VER="2.10.5"    # Orig for 'yum install [rpm]' & XO laptops (pip install)
+GOOD_VER="2.10.6"    # Orig for 'yum install [rpm]' & XO laptops (pip install)
 # We install latest 'ansible-base' from PPA: (may be more recent than GOOD-VER)
 # https://launchpad.net/~ansible/+archive/ubuntu/ansible
 # https://launchpad.net/~ansible/+archive/ubuntu/ansible-2.10
--- a/scripts/iiab-diagnostics
+++ b/scripts/iiab-diagnostics
@ -39,11 +39,11 @@ function cat_file_raw() {    # $1 = path/filename; $2 = # of lines, for tail
        elif [ $# -eq 1 ]; then
            echo >> $outfile
            # Redact most passwords from /etc/iiab/local_vars.yml, /etc/hostapd/hostapd.conf, /etc/wpa_supplicant/wpa_supplicant.conf, /etc/netplan/*, /etc/network/interfaces, /etc/network/interfaces.d/* ETC -- not much to worry about in /etc/iiab/iiab.ini (' = ')
-            cat "$1" | sed 's/^\(\s*[[:alnum:]_-]*\(psk\|passphrase\|password\):\).*/\1 [REDACTED]/; s/^\(\s*[[:alnum:]_-]*\(psk\|passphrase\|password\)[= \t]\).*/\1[REDACTED]/' | iconv -t UTF-8//IGNORE >> $outfile
+            cat "$1" | sed 's/^\(\s*[[:alnum:]#_-]*\(psk\|passphrase\|password\):\).*/\1 [REDACTED]/; s/^\(\s*[[:alnum:]#_-]*\(psk\|passphrase\|password\)[= \t]\).*/\1[REDACTED]/' | iconv -t UTF-8//IGNORE >> $outfile
        else    # e.g. last 100 lines, maximum
            echo "                        ...ITS LAST $2 LINES FOLLOW..." >> $outfile
            echo >> $outfile
-            tail -$2 "$1" | sed 's/^\(\s*[[:alnum:]_-]*\(psk\|passphrase\|password\):\).*/\1 [REDACTED]/; s/^\(\s*[[:alnum:]_-]*\(psk\|passphrase\|password\)[= \t]\).*/\1[REDACTED]/' | iconv -t UTF-8//IGNORE >> $outfile
+            tail -$2 "$1" | sed 's/^\(\s*[[:alnum:]#_-]*\(psk\|passphrase\|password\):\).*/\1 [REDACTED]/; s/^\(\s*[[:alnum:]#_-]*\(psk\|passphrase\|password\)[= \t]\).*/\1[REDACTED]/' | iconv -t UTF-8//IGNORE >> $outfile
        fi
        echo >> $outfile
    elif [ -h "$1" ]; then