diff --git a/roles/0-init/tasks/hostname.yml b/roles/0-init/tasks/hostname.yml
index 603b280e1..00a441bd8 100644
--- a/roles/0-init/tasks/hostname.yml
+++ b/roles/0-init/tasks/hostname.yml
@@ -24,11 +24,12 @@
mode: 0644
when: is_redhat | bool
-- name: Put hostnames "127.0.0.1 localhost.localdomain localhost box {{ iiab_hostname }}" in /etc/hosts
+# roles/network/tasks/hosts.yml ALSO does this:
+- name: 'Put FQDN & hostnames in /etc/hosts: "127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan"'
lineinfile:
path: /etc/hosts
regexp: '^127\.0\.0\.1'
- line: '127.0.0.1 localhost.localdomain localhost box {{ iiab_hostname }}'
+ line: '127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan'
owner: root
group: root
mode: 0644
diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml
index eb23b641a..5a40bb39d 100644
--- a/roles/0-init/tasks/main.yml
+++ b/roles/0-init/tasks/main.yml
@@ -110,6 +110,9 @@
# MongoDB is auto-included by Sugarizer as of Feb 2019, thanks to: roles/sugarizer/meta/main.yml
#
+# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False
+# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own
+#
## Late 2017: Had commented out MongoDB on a trial basis, for a more basic/lightweight Sugarizer, per https://github.com/iiab/iiab/pull/427
#- name: Turn on both vars for MongoDB if sugarizer_enabled
# set_fact:
diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml
index 13e910378..086671c53 100644
--- a/roles/9-local-addons/tasks/main.yml
+++ b/roles/9-local-addons/tasks/main.yml
@@ -15,18 +15,18 @@
when: calibreweb_install | bool
tags: calibre-web
-- name: MINETEST
- include_role:
- name: minetest
- when: minetest_install | bool
- tags: minetest
-
- name: INTERNETARCHIVE
include_role:
name: internetarchive
when: internetarchive_install | bool
tags: internetarchive
+- name: MINETEST
+ include_role:
+ name: minetest
+ when: minetest_install | bool
+ tags: minetest
+
- name: Recording STAGE 9 HAS COMPLETED ====================
lineinfile:
dest: "{{ iiab_env_file }}"
diff --git a/roles/gitea/README.rst b/roles/gitea/README.rst
index 3452f53bd..4adf7fb78 100644
--- a/roles/gitea/README.rst
+++ b/roles/gitea/README.rst
@@ -52,4 +52,5 @@ name, and the user credentials that Gitea will use to access the database.
Documentation
-------------
-Further info on configuring: `https://docs.gitea.io `_
+- Further info on configuring: `https://docs.gitea.io `_
+- Gitea supporting materials [best CS learning for developing countries?] `#1556 `_
diff --git a/roles/kolibri/README.rst b/roles/kolibri/README.rst
index 0b131f3d6..eb2696065 100644
--- a/roles/kolibri/README.rst
+++ b/roles/kolibri/README.rst
@@ -4,10 +4,12 @@ Kolibri README
This Ansible role installs `Kolibri `_ within `Internet-in-a-Box (IIAB) `_. Kolibri is an open-source educational platform specially designed to provide offline access to a wide range of quality, openly licensed educational contents in low-resource contexts like rural schools, refugee camps, orphanages, and also in non-formal school programs.
+Kolibri's online User Guide is here: `https://kolibri.readthedocs.io `_
+
Using It
--------
-If enabled and with the default settings Kolibri should be accessible at http://box:8009 (and in future at http://box/kolibri, work is ongoing in 2018 at `#913 `_).
+If enabled and with the default settings, Kolibri should be accessible at: http://box/kolibri
To login to Kolibri enter::
@@ -17,15 +19,15 @@ To login to Kolibri enter::
Configuration Parameters
------------------------
-Please look in `roles/kolibri/defaults/main.yml `_ for the default values of the various install parameters. Everything in this README assumes the default values.
+Please look in `/opt/iiab/iiab/roles/kolibri/defaults/main.yml `_ for the default values of the various install parameters. Everything in this README assumes the default values.
Automatic Device Provisioning
-----------------------------
-When kolibri_provision is enabled (e.g. in `/etc/iiab/local_vars.yml `_) the installation will set up the following defaults::
+When kolibri_provision is enabled (e.g. in `/etc/iiab/local_vars.yml `_) the installation will set up the following defaults::
Kolibri Facility name: 'Kolibri-in-a-Box'
- Kolibri Preset type: formal # Options: formal, nonformal, informal
+ Kolibri Preset type: formal # Options: formal, nonformal, informal
Kolibri default language: en # Options: ar, bn-bd, en, es-es, fa, fr-fr, hi-in, mr, nyn, pt-br, sw-tz, ta, te, ur-pk, yo, zu
Kolibri Admin username: Admin
Kolibri Admin password: changeme
@@ -42,12 +44,12 @@ Troubleshooting
You can run the server manually with the following commands::
- systemctl stop kolibri # Make sure the systemd service is not running
+ systemctl stop kolibri # Make sure the systemd service is not running
export KOLIBRI_HOME=/library/kolibri
export KOLIBRI_HTTP_PORT=8009 # Otherwise Kolibri will try to run on default port 8080
kolibri start
-To return to using the systemd unit::
+To return to using the systemd unit file::
kolibri stop
systemctl start kolibri
@@ -59,4 +61,4 @@ Known Issues
* Loading channels can take a long time on a Raspberry Pi. When generating channel contents for Khan Academy, the step indicated as “Generating channel listing. This could take a few minutes…” could mean ~30 minutes. The device’s computation power is the bottleneck. You might get logged out while waiting, but this is harmless and the process will continue. Sit tight!
-* More up-to-date list of Kolibri issues being worked on, as of March 2019: `#1545 `_
+* Active list of Kolibri issues, as of July 2019: `#1545 `_
diff --git a/roles/lokole/defaults/main.yml b/roles/lokole/defaults/main.yml
index ad2994694..3f44b7afc 100644
--- a/roles/lokole/defaults/main.yml
+++ b/roles/lokole/defaults/main.yml
@@ -5,7 +5,7 @@
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
# Info needed to install Lokole
-lokole_version: 0.4.3
+lokole_version: 0.4.4
lokole_admin_user: admin # lowercase seems nec here (even though uppercase Admin/changeme is IIAB's OOB recommendation!)
lokole_admin_password: changeme
lokole_install_path: "{{ content_base }}/lokole" # /library/lokole
diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml
index 684880ebf..6b7bac154 100644
--- a/roles/lokole/tasks/install.yml
+++ b/roles/lokole/tasks/install.yml
@@ -126,7 +126,8 @@
when: (not lokole_enabled) and (not is_debuntu)
- name: Restart Apache ({{ apache_service }}) to enable/disable http://box/lokole
- service:
+ systemd:
+ daemon_reload: yes
name: "{{ apache_service }}"
state: restarted
diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml
new file mode 100644
index 000000000..c87cf49fa
--- /dev/null
+++ b/roles/mongodb/tasks/install.yml
@@ -0,0 +1,168 @@
+# 1. INSTALL MongoDB PACKAGES OR BINARIES
+
+- name: "Install packages: mongodb, mongodb-server (not rpi)"
+ package:
+ name:
+ - mongodb-server
+ - mongodb # 2019-01-31: this package does not exist on (cannot be installed on) Debian 10, SEE #1437
+ state: present
+ when: internet_available and not is_rpi
+ tags:
+ - download
+
+# 2019-02-02: Sugarizer with Node.js 10.x requires MongoDB 2.6+ so
+# https://andyfelong.com/2017/08/mongodb-3-0-14-for-raspbian-stretch/
+# is being used on RPi, all I found! (Raspbian's apt pkg is MongoDB 2.4.14)
+#
+# mongodb_stretch_3_0_14_core.zip (20M) & mongodb_stretch_3_0_14_tools.zip (15M)
+# were backed up from andyfelong.com to http://download.iiab.io/packages/
+#
+# CLARIF: mongodb_stretch_3_0_14_core.zip IS IN FACT 3.0.14 (core) BUT...
+# mongodb_stretch_3_0_14_tools.zip IS REALLY 3.0.15 (tools)
+
+- name: Create dir /tmp/mongodb-3.0.1x (rpi)
+ file:
+ path: /tmp/mongodb-3.0.1x
+ state: directory
+ when: internet_available and is_rpi
+
+- name: Download & unzip 20MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_core.zip to /tmp/mongodb-3.0.1x (rpi)
+ unarchive:
+ remote_src: yes
+ src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_core.zip"
+ dest: /tmp/mongodb-3.0.1x
+ when: internet_available and is_rpi
+
+- name: Install (move) its 3 CORE binaries from /tmp/mongodb-3.0.1x/core to /usr/bin (rpi)
+ shell: mv /tmp/mongodb-3.0.1x/core/* /usr/bin
+ when: internet_available and is_rpi
+
+- name: Download & unzip 15MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_tools.zip [IN FACT THIS ONE'S 3.0.15] to /tmp/mongodb-3.0.1x (rpi)
+ unarchive:
+ remote_src: yes
+ src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_tools.zip"
+ dest: /tmp/mongodb-3.0.1x
+ when: internet_available and is_rpi
+
+- name: Install (move) its 9 TOOLS binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (rpi)
+ shell: mv /tmp/mongodb-3.0.1x/tools/* /usr/bin
+ when: internet_available and is_rpi
+
+# OLD WAY / MUCH SLOWER: had put unnec duplicate copies in /opt/iiab/downloads/mongodb-3.0.1x
+#
+#- name: Create dir /opt/iiab/downloads/mongodb-3.0.1x (rpi)
+# file:
+# path: "{{ downloads_dir }}/mongodb-3.0.1x"
+# state: directory
+# when: internet_available and is_rpi
+#
+#- name: Download & unzip MongoDB 3.0.14's 3 core binaries to /opt/iiab/downloads/mongodb-3.0.1x (rpi)
+# unarchive:
+# remote_src: yes
+# src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_core.zip"
+# dest: "{{ downloads_dir }}/mongodb-3.0.1x"
+# when: internet_available and is_rpi
+#
+#- name: Install (copy) 3 binaries from /opt/iiab/downloads/mongodb-3.0.1x/core to /usr/bin (rpi)
+# copy:
+# src: "{{ item }}"
+# dest: /usr/bin
+# with_fileglob:
+# - "{{ downloads_dir }}/mongodb-3.0.1x/core/*"
+# when: internet_available and is_rpi
+#
+#- name: Download & unzip MongoDB 3.0.15's 9 tools binaries to /opt/iiab/downloads/mongodb-3.0.1x (rpi)
+# unarchive:
+# remote_src: yes
+# src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_tools.zip"
+# dest: "{{ downloads_dir }}/mongodb-3.0.1x"
+# when: internet_available and is_rpi
+#
+#- name: Install (copy) 9 binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (rpi)
+# copy:
+# src: "{{ item }}"
+# dest: /usr/bin
+# with_fileglob:
+# - "{{ downloads_dir }}/mongodb-3.0.1x/tools/*"
+# when: internet_available and is_rpi
+
+- name: Create Linux group mongodb (rpi)
+ group:
+ name: mongodb
+ state: present
+ when: is_rpi | bool
+
+- name: Create Linux user mongodb (rpi)
+ user:
+ name: mongodb
+ group: mongodb # primary group
+ groups: mongodb
+ home: /var/lib/mongodb
+ shell: /usr/sbin/nologin
+ when: is_rpi | bool
+
+
+# 2. CONFIGURE FOR IIAB
+
+- name: 'Create 3 dirs for MongoDB: /var/lib/mongodb, /var/log/mongodb, {{ mongodb_db_path }}'
+ file:
+ state: directory
+ path: "{{ item }}"
+ owner: mongodb
+ group: mongodb
+ with_items:
+ #- { path: '/var/run/mongodb' }
+ - /var/lib/mongodb
+ - /var/log/mongodb
+ - "{{ mongodb_db_path }}" # i.e. /library/dbdata/mongodb/
+
+- name: Install /etc/mongod.conf, mongodb.service, /usr/bin/iiab-mongodb-repair-if-no-lock from templates
+ template:
+ src: "{{ item.src }}"
+ dest: "{{ item.dest }}"
+ owner: root
+ group: root
+ mode: "{{ item.mode }}"
+ with_items:
+ - { src: 'mongod.conf.j2', dest: "{{ mongodb_conf }}", mode: '0644' } # i.e. /etc/mongod.conf
+ - { src: 'mongodb.service.j2', dest: '/etc/systemd/system/mongodb.service', mode: '0644' }
+ - { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' }
+
+
+# 3. ENABLE/DISABLE
+
+# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False
+# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own
+
+- name: Enable & Restart 'mongodb' systemd service if mongodb_enabled, incl daemon-reload (in case mongodb.service changed?)
+ systemd:
+ name: mongodb
+ daemon_reload: yes
+ enabled: yes
+ state: restarted
+ when: mongodb_enabled | bool
+
+- name: Disable 'mongodb' service, if not mongodb_enabled
+ systemd:
+ name: mongodb
+ daemon_reload: yes
+ enabled: no
+ state: stopped
+ when: not mongodb_enabled
+
+
+# 4. DOCUMENT IN /etc/iiab/iiab.ini
+
+- name: Add 'mongodb' variable values to {{ iiab_ini_file }}
+ ini_file:
+ path: "{{ iiab_ini_file }}"
+ section: mongodb
+ option: "{{ item.option }}"
+ value: "{{ item.value }}"
+ with_items:
+ - option: name
+ value: MongoDB
+ - option: description
+ value: '"MongoDB is an open-source document database that provides high performance, high availability, and automatic scaling."'
+ - option: enabled
+ value: "{{ mongodb_enabled }}"
diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml
index 6b4eb0deb..c3d3f8eba 100644
--- a/roles/mongodb/tasks/main.yml
+++ b/roles/mongodb/tasks/main.yml
@@ -1,165 +1,6 @@
-# 1. INSTALL MongoDB PACKAGES OR BINARIES
+# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False
+# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own
-- name: "Install packages: mongodb, mongodb-server (not rpi)"
- package:
- name:
- - mongodb-server
- - mongodb # 2019-01-31: this package does not exist on (cannot be installed on) Debian 10, SEE #1437
- state: present
- when: internet_available and not is_rpi
- tags:
- - download
-
-# 2019-02-02: Sugarizer with Node.js 10.x requires MongoDB 2.6+ so
-# https://andyfelong.com/2017/08/mongodb-3-0-14-for-raspbian-stretch/
-# is being used on RPi, all I found! (Raspbian's apt pkg is MongoDB 2.4.14)
-#
-# mongodb_stretch_3_0_14_core.zip (20M) & mongodb_stretch_3_0_14_tools.zip (15M)
-# were backed up from andyfelong.com to http://download.iiab.io/packages/
-#
-# CLARIF: mongodb_stretch_3_0_14_core.zip IS IN FACT 3.0.14 (core) BUT...
-# mongodb_stretch_3_0_14_tools.zip IS REALLY 3.0.15 (tools)
-
-- name: Create dir /tmp/mongodb-3.0.1x (rpi)
- file:
- path: /tmp/mongodb-3.0.1x
- state: directory
- when: internet_available and is_rpi
-
-- name: Download & unzip 20MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_core.zip to /tmp/mongodb-3.0.1x (rpi)
- unarchive:
- remote_src: yes
- src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_core.zip"
- dest: /tmp/mongodb-3.0.1x
- when: internet_available and is_rpi
-
-- name: Install (move) its 3 CORE binaries from /tmp/mongodb-3.0.1x/core to /usr/bin (rpi)
- shell: mv /tmp/mongodb-3.0.1x/core/* /usr/bin
- when: internet_available and is_rpi
-
-- name: Download & unzip 15MB http://download.iiab.io/packages/mongodb_stretch_3_0_14_tools.zip [IN FACT THIS ONE'S 3.0.15] to /tmp/mongodb-3.0.1x (rpi)
- unarchive:
- remote_src: yes
- src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_tools.zip"
- dest: /tmp/mongodb-3.0.1x
- when: internet_available and is_rpi
-
-- name: Install (move) its 9 TOOLS binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (rpi)
- shell: mv /tmp/mongodb-3.0.1x/tools/* /usr/bin
- when: internet_available and is_rpi
-
-# OLD WAY / MUCH SLOWER: had put unnec duplicate copies in /opt/iiab/downloads/mongodb-3.0.1x
-#
-#- name: Create dir /opt/iiab/downloads/mongodb-3.0.1x (rpi)
-# file:
-# path: "{{ downloads_dir }}/mongodb-3.0.1x"
-# state: directory
-# when: internet_available and is_rpi
-#
-#- name: Download & unzip MongoDB 3.0.14's 3 core binaries to /opt/iiab/downloads/mongodb-3.0.1x (rpi)
-# unarchive:
-# remote_src: yes
-# src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_core.zip"
-# dest: "{{ downloads_dir }}/mongodb-3.0.1x"
-# when: internet_available and is_rpi
-#
-#- name: Install (copy) 3 binaries from /opt/iiab/downloads/mongodb-3.0.1x/core to /usr/bin (rpi)
-# copy:
-# src: "{{ item }}"
-# dest: /usr/bin
-# with_fileglob:
-# - "{{ downloads_dir }}/mongodb-3.0.1x/core/*"
-# when: internet_available and is_rpi
-#
-#- name: Download & unzip MongoDB 3.0.15's 9 tools binaries to /opt/iiab/downloads/mongodb-3.0.1x (rpi)
-# unarchive:
-# remote_src: yes
-# src: "{{ iiab_download_url }}/mongodb_stretch_3_0_14_tools.zip"
-# dest: "{{ downloads_dir }}/mongodb-3.0.1x"
-# when: internet_available and is_rpi
-#
-#- name: Install (copy) 9 binaries from /opt/iiab/downloads/mongodb-3.0.1x/tools to /usr/bin (rpi)
-# copy:
-# src: "{{ item }}"
-# dest: /usr/bin
-# with_fileglob:
-# - "{{ downloads_dir }}/mongodb-3.0.1x/tools/*"
-# when: internet_available and is_rpi
-
-- name: Create Linux group mongodb (rpi)
- group:
- name: mongodb
- state: present
- when: is_rpi | bool
-
-- name: Create Linux user mongodb (rpi)
- user:
- name: mongodb
- group: mongodb # primary group
- groups: mongodb
- home: /var/lib/mongodb
- shell: /usr/sbin/nologin
- when: is_rpi | bool
-
-
-# 2. CONFIGURE FOR IIAB
-
-- name: 'Create 3 dirs for MongoDB: /var/lib/mongodb, /var/log/mongodb, {{ mongodb_db_path }}'
- file:
- state: directory
- path: "{{ item }}"
- owner: mongodb
- group: mongodb
- with_items:
- #- { path: '/var/run/mongodb' }
- - /var/lib/mongodb
- - /var/log/mongodb
- - "{{ mongodb_db_path }}" # i.e. /library/dbdata/mongodb/
-
-- name: Install /etc/mongod.conf, mongodb.service, /usr/bin/iiab-mongodb-repair-if-no-lock from templates
- template:
- src: "{{ item.src }}"
- dest: "{{ item.dest }}"
- owner: root
- group: root
- mode: "{{ item.mode }}"
- with_items:
- - { src: 'mongod.conf.j2', dest: "{{ mongodb_conf }}", mode: '0644' } # i.e. /etc/mongod.conf
- - { src: 'mongodb.service.j2', dest: '/etc/systemd/system/mongodb.service', mode: '0644' }
- - { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' }
-
-
-# 3. ENABLE/DISABLE
-
-- name: Enable & Restart 'mongodb' systemd service if mongodb_enabled, incl daemon-reload (in case mongodb.service changed?)
- systemd:
- name: mongodb
- daemon_reload: yes
- enabled: yes
- state: restarted
- when: mongodb_enabled | bool
-
-- name: Disable 'mongodb' service, if not mongodb_enabled
- systemd:
- name: mongodb
- daemon_reload: yes
- enabled: no
- state: stopped
- when: not mongodb_enabled
-
-
-# 4. DOCUMENT IN /etc/iiab/iiab.ini
-
-- name: Add 'mongodb' variable values to {{ iiab_ini_file }}
- ini_file:
- path: "{{ iiab_ini_file }}"
- section: mongodb
- option: "{{ item.option }}"
- value: "{{ item.value }}"
- with_items:
- - option: name
- value: MongoDB
- - option: description
- value: '"MongoDB is an open-source document database that provides high performance, high availability, and automatic scaling."'
- - option: enabled
- value: "{{ mongodb_enabled }}"
+- name: Install 'mongodb' if not Debian 10+
+ include_tasks: install.yml
+ when: not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9))
diff --git a/roles/monit/tasks/install.yml b/roles/monit/tasks/install.yml
new file mode 100644
index 000000000..1296619d9
--- /dev/null
+++ b/roles/monit/tasks/install.yml
@@ -0,0 +1,59 @@
+- name: Install 'monit' package
+ package:
+ name: monit
+ state: present
+ tags:
+ - download
+
+- name: Install chkconfig package (debian-8)
+ package:
+ name: chkconfig
+ state: present
+ when: is_debian and ansible_distribution_major_version == "8"
+ tags:
+ - download
+
+- name: Install /etc/monitrc from template
+ template:
+ backup: yes
+ src: monitrc
+ dest: /etc/monitrc
+ owner: root
+ group: root
+ mode: 0600
+
+# - name: Install config file /etc/monit.d/watchdog from template (NEVER RUNS, WHY?)
+# template:
+# src: watchdog
+# dest: /etc/monit.d/watchdog
+# owner: root
+# group: root
+# force: yes
+# mode: 0755
+# register: monit_config
+# when: False # IS THIS A BUG ?
+# until: monit_config | success
+# retries: 5
+# delay: 1
+
+#TODO: create systemd script
+- name: Enable 'monit' service (chkconfig monit on)
+ command: chkconfig monit on
+ when: is_debian and ansible_local.local_facts.os_ver == "debian-8"
+
+#- name: Restart monit service
+# command: service monit restart
+
+- name: Add 'monit' variable values to {{ iiab_ini_file }}
+ ini_file:
+ path: "{{ iiab_ini_file }}"
+ section: monit
+ option: "{{ item.option }}"
+ value: "{{ item.value }}"
+ with_items:
+ - option: name
+ value: Monit
+ - option: description
+ value: '"Monit is a background service monitor which can correct problems, send email, restart services."'
+ - option: enabled
+ value: "{{ monit_enabled }}"
diff --git a/roles/monit/tasks/main.yml b/roles/monit/tasks/main.yml
index 0075bc245..4b6d849c9 100644
--- a/roles/monit/tasks/main.yml
+++ b/roles/monit/tasks/main.yml
@@ -1,59 +1,14 @@
-- name: Install 'monit' package
- package:
- name: monit
- state: present
- tags:
- - download
+# 2019-07-06: The 'monit' package was suddenly removed from Debian 10.0.0
+# "Buster" during the very final days prior to release, as confirmed by the
+# sudden disappearance of these 2 pages:
+#
+# https://packages.debian.org/buster/monit
+# https://packages.debian.org/source/buster/monit
+#
+# And yet Raspbian Buster (is_raspbian_10, which confusingly IIAB declares to
+# be is_debian_10 in vars/raspbian-10.yml for now!) still provides 'monit' via
+# apt -- so eliminating "Debian 10+" requires this funky conditional:
-- name: Install chkconfig package (debian-8)
- package:
- name: chkconfig
- state: present
- when: is_debian and ansible_distribution_major_version == "8"
- tags:
- - download
-
-- name: Install /etc/monitrc from template
- template:
- backup: yes
- src: monitrc
- dest: /etc/monitrc
- owner: root
- group: root
- mode: 0600
-
-- name: Install config file /etc/monit.d/watchdog from template (NEVER RUNS, WHY?)
- template:
- src: watchdog
- dest: /etc/monit.d/watchdog
- owner: root
- group: root
- force: yes
- mode: 0755
- register: monit_config
- when: False # IS THIS A BUG ?
- until: monit_config | success
- retries: 5
- delay: 1
-
-#TODO: create systemd script
-- name: Enable 'monit' service (chkconfig monit on)
- command: chkconfig monit on
- when: is_debian and ansible_local.local_facts.os_ver == "debian-8"
-
-#- name: Restart monit service
-# command: service monit restart
-
-- name: Add 'monit' variable values to {{ iiab_ini_file }}
- ini_file:
- path: "{{ iiab_ini_file }}"
- section: monit
- option: "{{ item.option }}"
- value: "{{ item.value }}"
- with_items:
- - option: name
- value: Monit
- - option: description
- value: '"Monit is a background service monitor which can correct problems, send email, restart services."'
- - option: enabled
- value: "{{ monit_enabled }}"
+- name: Install 'monit' if monit_install and not Debian 10+
+ include_tasks: install.yml
+ when: monit_install and not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9))
diff --git a/roles/moodle/defaults/main.yml b/roles/moodle/defaults/main.yml
index 282ea5db0..803c7de5a 100644
--- a/roles/moodle/defaults/main.yml
+++ b/roles/moodle/defaults/main.yml
@@ -7,7 +7,7 @@
# If using Moodle intensively, consider setting apache_high_php_limits in:
# /etc/iiab/local_vars.yml
-moodle_version: 35
+moodle_version: 37
#moodle_repo_url: "https://github.com/moodle/moodle.git"
moodle_repo_url: "git://git.moodle.org/moodle.git"
moodle_base: "{{ iiab_base }}/moodle" # /opt/iiab
diff --git a/roles/network/tasks/hosts.yml b/roles/network/tasks/hosts.yml
index 4e0e2d026..e7796b008 100644
--- a/roles/network/tasks/hosts.yml
+++ b/roles/network/tasks/hosts.yml
@@ -14,11 +14,12 @@
state: present
when: iiab_lan_iface != "none" and not installing
-- name: Configure FQDN with 127.0.0.1 in /etc/hosts appliance mode (if iiab_lan_iface == "none" and not installing)
+# roles/0-init/tasks/hostname.yml ALSO does this:
+- name: 'Put FQDN & hostnames in /etc/hosts: "127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan" (if iiab_lan_iface == "none" and not installing, appliance mode?)'
lineinfile:
path: /etc/hosts
regexp: '^127\.0\.0\.1'
- line: '127.0.0.1 localhost.localdomain localhost {{ iiab_hostname }}.{{ iiab_domain }} {{ iiab_hostname }} box box.lan'
+ line: '127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan'
owner: root
group: root
mode: 0644
diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml
new file mode 100644
index 000000000..339f4b0eb
--- /dev/null
+++ b/roles/sugarizer/tasks/install.yml
@@ -0,0 +1,292 @@
+- name: FAIL (STOP INSTALLING) IF nodejs_version is not set to 10.x
+ fail:
+ msg: "Sugarizer install cannot proceed, as it currently requires Node.js 10.x, and your nodejs_version is set to {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml and possibly also /etc/iiab/local_vars.yml"
+ when: sugarizer_install and (nodejs_version != "10.x")
+
+
+# 1. DOWNLOAD+LINK /opt/iiab/sugarizer
+
+- name: Clone llaske/sugarizer ({{ sugarizer_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_dir_version }} (MAY DOWNLOAD 600+ MB)
+ git:
+ repo: https://github.com/llaske/sugarizer
+ dest: "{{ iiab_base }}/{{ sugarizer_dir_version }}"
+ version: "{{ sugarizer_git_version }}"
+ force: yes
+ depth: 1
+ when: internet_available | bool
+
+- name: Create symlink /opt/iiab/sugarizer -> /opt/iiab/{{ sugarizer_dir_version }}
+ file:
+ src: "{{ iiab_base }}/{{ sugarizer_dir_version }}"
+ dest: "{{ iiab_base }}/sugarizer"
+ state: link
+
+
+# 2. DOWNLOAD+LINK /opt/iiab/sugarizer-server
+
+# 2018-07-11: http://download.iiab.io/packages/sugarizer-server-1.0.tar.gz
+# was flawed, as documented at:
+# https://github.com/iiab/iiab/pull/814#issuecomment-404211098
+# Versions of MongoDB, npm (& Node.js ?) matter! Sugarizer 1.0 Context:
+# https://github.com/iiab/iiab/issues/798
+# Going forward let's "git clone" IIAB's preferred versions, of sugarizer
+# AND sugarizer-server, as specified in roles/sugarizer/defaults/main.yml
+
+# 2018-07-14 BLOAT: git works well BUT even with "depth: 1"
+# - 229MB is unfort downloaded to /opt/iiab/sugarizer/.git
+# - 1.4MB is unfort downloaded to /opt/iiab/sugarizer-server/.git
+
+# CLARIF: during repeat runs of "./runrole sugarizer", this git sync shows
+# "changed" (whereas above git sync shows "ok"). Reason: "npm install"
+# (below) modifies /opt/iiab/sugarizer-server/node_modules
+- name: Clone llaske/sugarizer-server ({{ sugarizer_server_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_server_dir_version }}
+ git:
+ repo: https://github.com/llaske/sugarizer-server
+ dest: "{{ iiab_base }}/{{ sugarizer_server_dir_version }}"
+ version: "{{ sugarizer_server_git_version }}"
+ force: yes
+ depth: 1
+ when: internet_available | bool
+
+- name: Create symlink /opt/iiab/sugarizer-server -> /opt/iiab/{{ sugarizer_server_dir_version }}
+ file:
+ src: "{{ iiab_base }}/{{ sugarizer_server_dir_version }}"
+ dest: "{{ iiab_base }}/sugarizer-server"
+ state: link
+
+
+# 3. INSTALL A GOOD VERSION OF Node.js AND npm
+
+# 2019-01-16/29: @jvonau's PR #1403 moved install of Node.js (10.x for now) &
+# npm to roles/nodejs/tasks/main.yml, triggered by roles/sugarizer/meta/main.yml
+
+
+# 4. RUN "npm install" TO POPULATE ~35MB /opt/iiab/sugarizer-server/node_modules
+
+# Re-running "npm install" USED TO fail on Raspbian 9 if not other OS's ?
+# Strategies considered to avoid re-running it:
+# OLD WAY 1: test & set flag node_modules_exists: True
+# OLD WAY 2: "creates: ..." checks for non-existence of /opt/iiab/sugarizer-server-1.0/node_modules
+# OLD WAY 3: set "register: git_sug_server_output" above, then as nec delete /opt/iiab/sugarizer-server-1.0/node_modules "when: git_sug_server_output.changed" and as nec run "npm install"
+
+#- name: Check for /opt/iiab/sugarizer-server/node_modules
+# stat:
+# path: "{{ iiab_base }}/sugarizer-server/node_modules"
+# register: nmtest
+# ignore_errors: True
+#
+#- name: Set a flag to prevent re-running of "npm install"
+# set_fact:
+# node_modules_exists: True
+# when: nmtest.stat is defined and nmtest.stat.exists
+
+# NEW WAY BELOW: run "npm install --allow-root" every time, as modern versions
+# of npm are incremental, with sanity checks (all 3 may work: but npm 6.2.0
+# is better than 5.6.0. which is better than Ubuntu 18.04's 3.5.2).
+
+# 2018-07-15: TK Kang & Holt confirmed sudo-driven "npm install" maxes out CPU
+# for hours, on diff OS's using npm 5.6.0 and 6.2.0. Hours later you may get
+# error: code EACCES, errno -13 (permission denied),
+# "Missing write access to /opt/iiab/sugarizer-server-1.0/node_modules"
+#
+# SOLUTION: Implement '--allow-root --unsafe-perm=true' below, as is critical
+# for 1st run of sudo-driven 'npm install' especially:
+#
+# ON DEBIAN: npm 5.6.0's --allow-root would be sufficient: causing creation
+# of /root/.npm cache & lock files to owned by root:root instead of
+# iiab-admin:iiab-admin...thus permitting it & IIAB installs to complete!
+#
+# ON RASPBIAN: npm 5.6.0's --unsafe-perm=true is *required* so that npm
+# install actually finished (in about 5 minutes). It's possible we should
+# remove --allow-root in favor of --unsafe-perm=true alone. But this needs
+# testing on different Linuxes before proceeding.
+#
+# CLARIF 1: Something like 'chown -R root:root /root/.npm' would do the job,
+# but cannot happen synchronously throughout the 1st run of 'npm install'
+# (when it's needed!) Similar to what --allow-root does on Debian.
+#
+# CLARIF 2: Ubuntu 18.04 is currently unaffected due to its ancient
+# npm 3.5.2, which instead uses /home/iiab-admin/.npm (which remains owned
+# by iiab-admin:iiab-admin, even with '--allow-root', but thankfully still
+# gets the job done, for now!)
+
+#- name: Create the express framework for Node.js (OS's other than Fedora 18)
+- name: Run 'npm install --allow-root --unsafe-perm=true' to create /opt/iiab/sugarizer-server/node_modules (CAN TAKE ~5 MINUTES)
+ command: npm install --allow-root --unsafe-perm=true # "command:" a bit safer than "shell:"
+ args:
+ chdir: "{{ iiab_base }}/sugarizer-server"
+ #creates: "{{ iiab_base }}/sugarizer-server/node_modules" # OLD WAY 2
+ when: internet_available | bool # "npm install" generally requires Internet access
+# when: internet_available and git_sug_server_output.changed # OLD WAY 3
+# when: internet_available and not is_F18 and not node_modules_exists # OLD WAY 1
+
+#- name: Create the express framework for Node.js (Fedora 18)
+# shell: npm install
+# args:
+# chdir: "{{ iiab_base }}/sugarizer/server"
+# when: internet_available and is_F18 and not node_modules_exists
+
+# Add a Node.js Express function that appends a prefix to URLs.
+# SEE "AUTO-INSERTED BY IIAB" ~61 LINES BELOW: as those two "pathPrefix" lines
+# MUST be added to /opt/iiab/sugarizer-server/sugarizer.js
+- name: For http://box/sugarizer -- run 'npm install --allow-root --unsafe-perm=true path-prefix-proxy' to create /opt/iiab/sugarizer-server/node_modules/path-prefix-proxy
+ command: npm install --allow-root --unsafe-perm=true path-prefix-proxy
+ args:
+ chdir: "{{ iiab_base }}/sugarizer-server"
+ when: internet_available | bool
+
+
+# 5. CONFIG FILES
+
+- name: "Install from templates: sugarizer.service (systemd), sugarizer.conf (Apache)"
+ template:
+ src: "{{ item.src }}"
+ dest: "{{ item.dest }}"
+ mode: 0644
+ owner: root
+ group: root
+ with_items:
+ - { src: 'sugarizer.service', dest: '/etc/systemd/system/sugarizer.service' }
+ - { src: 'sugarizer.conf.j2', dest: '/etc/apache2/sites-available/sugarizer.conf' }
+ #- { src: 'sugarizer.ini.j2', dest: '{{ iiab_base }}/sugarizer-server/env/sugarizer.ini' }
+ #- { src: 'sugarizer.js', dest: '{{ iiab_base }}/sugarizer-server' }
+
+# 3 [WAS 4] STANZAS ADDED BELOW JAN/FEB 2019, HOPING THIS MIGHT "JUST WORK"
+# WITH FUTURE UPGRADES BEYOND SUGARIZER 1.1?!
+#
+# SOME BACKGROUND -- WHY WE'RE AUTO-EDITING sugarizer-server'S CONFIG FILES:
+# http://github.com/iiab/iiab/pull/1430#issuecomment-459129378
+
+# sugarizer_port is set to 8089 in /opt/iiab/iiab/vars/default_vars.yml
+# If you need to change this, edit /etc/iiab/local_vars.yml prior to installing
+- name: Set Sugarizer port to {{ sugarizer_port }} in /opt/iiab/sugarizer-server/env/sugarizer.ini
+ lineinfile:
+ path: "{{ iiab_base }}/sugarizer-server/env/sugarizer.ini"
+ regexp: "^port = 8080$"
+ line: "port = {{ sugarizer_port }}"
+
+# 2019-02-02 No Longer Required thanks to @llaske's upstream fix:
+# https://github.com/llaske/sugarizer-server/commit/46c4822bc7801ff8d621c22988aa4418359e7e19
+## 2019-02-02: HACK WAS REQUIRED ON UBUNTU 18.04 so Sugarizer finds MongoDB
+## after 1st reboot. Otherwise "Waiting for DB..." appears every second as
+## shown by "systemctl status sugarizer" and "journalctl -eu sugarizer".
+## This does NOT affect Ubuntu 16.04 or Raspbian. @jvonau wonders if U18.04's
+## "nameserver 127.0.0.53" in /etc/resolv.conf is to blame? @m-anish wondered
+## if "bind_ip: 127.0.0.1" in /etc/mongod.conf was to blame as suggested by
+## https://stackoverflow.com/questions/8904991/mongodb-cant-connect-to-localhost-but-can-connect-to-localhosts-ip-address
+## But changing to "bind_ip: localhost" does not work with Sugarizer, and
+## "bind_ip: 127.0.0.1,localhost" is not allowed. BACKGROUND: PR #1430
+#- name: Set MongoDB "server" from localhost to 127.0.0.1 in /opt/iiab/sugarizer-server/env/sugarizer.ini
+# lineinfile:
+# path: "{{ iiab_base }}/sugarizer-server/env/sugarizer.ini"
+# regexp: "^server = localhost$"
+# line: "server = 127.0.0.1"
+
+# mongodb_port is set to 27018 in /opt/iiab/iiab/vars/default_vars.yml
+# If you need to change this, edit /etc/iiab/local_vars.yml prior to installing
+- name: Set MongoDB port to {{ mongodb_port }} in /opt/iiab/sugarizer-server/env/sugarizer.ini
+ lineinfile:
+ path: "{{ iiab_base }}/sugarizer-server/env/sugarizer.ini"
+ regexp: "^port = 27017$"
+ line: "port = {{ mongodb_port }}"
+
+# 2-LINE FIX FOR sugarizer.js BY @georgejhunt FOR http://box/sugarizer
+# SEE ~61 LINES ABOVE, as this is REQUIRED: 'npm install --allow-root --unsafe-perm=true path-prefix-proxy'
+# OR YOU GET ERRORS: "status=255" within "systemctl status sugarizer"
+# "Cannot find module 'path-prefix-proxy'" within "journalctl -eu sugarizer"
+- name: For http://box/sugarizer -- add pathPrefix lines in /opt/iiab/sugarizer-server/sugarizer.js
+ lineinfile:
+ path: "{{ iiab_base }}/sugarizer-server/sugarizer.js"
+ regexp: "AUTO-INSERTED BY IIAB" # avoids inserting it twice!
+ insertbefore: "// Start listening$"
+ line: | # SEE https://yaml-multiline.info (use |+ to 'keep' newlines at end...though |8 and |+4 "indentation indicators" don't work with Ansible)
+ // AUTO-INSERTED BY IIAB FOR http://box/sugarizer
+ var pathPrefix = '/sugarizer';
+ app.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));
+ # Use this instead, if tabs are truly nec:
+ # line: "\t// AUTO-INSERTED BY IIAB FOR http://box/sugarizer\n\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));\n"
+
+# Ansible's blockinfile module:
+# - inserts a mandatory marker line at beginning AND end of the block...ok fine
+# - doesn't support adding a newline after the block...ugly :(
+# - doesn't include above lineinfile's "regexp" parameter...and so risks inserting the block repeatedly, on each run :(
+#
+# blockinfile:
+# path: /opt/iiab/sugarizer-server/sugarizer.js
+# insertbefore: "// Start listening$"
+# marker: "// {mark} AUTO-INSERTED BY IIAB FOR http://box/sugarizer"
+# block: |
+# var pathPrefix = '/sugarizer';
+# app.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));
+# # Use this instead, if tabs are truly nec:
+# # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));"
+
+- name: Create symlink sugarizer.conf from sites-enabled to sites-available, for short URLs http://box/sugar & http://box/sugarizer (if sugarizer_enabled)
+ file:
+ src: /etc/apache2/sites-available/sugarizer.conf
+ path: /etc/apache2/sites-enabled/sugarizer.conf
+ state: link
+ when: sugarizer_enabled and is_debuntu
+
+- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf (if not sugarizer_enabled)
+ file:
+ path: /etc/apache2/sites-enabled/sugarizer.conf
+ state: absent
+ when: not sugarizer_enabled and is_debuntu
+
+
+# 6. RESTART/STOP SYSTEMD SERVICE
+
+# with "systemctl daemon-reload" in case mongodb.service changed, etc
+- name: Enable & Restart 'sugarizer' systemd service (if sugarizer_enabled)
+ systemd:
+ name: sugarizer
+ daemon_reload: yes
+ enabled: yes
+ state: restarted
+ when: sugarizer_enabled | bool
+
+- name: Disable & Stop 'sugarizer' systemd service (if not sugarizer_enabled)
+ systemd:
+ name: sugarizer
+ daemon_reload: yes
+ enabled: no
+ state: stopped
+ when: not sugarizer_enabled
+
+- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box/sugarizer (not just http://box:{{ sugarizer_port }})
+ systemd:
+ name: "{{ apache_service }}" # httpd or apache2
+ state: restarted
+ #when: sugarizer_enabled | bool
+
+#- name: Enable services (all OS's)
+# service:
+# name: "{{ item.name }}"
+# enabled: yes
+# state: restarted
+# with_items:
+## - { name: mongodb } # 2018-07-14: NICE TRY, but still doesn't bring http://box:8089 to life reliably, as a reboot usually does! (Is a "systemctl daemon-reload" or some such nec?)
+# - { name: sugarizer }
+# when: sugarizer_enabled | bool
+
+#- name: Disable service (all OS's)
+# service:
+# name: sugarizer
+# enabled: no
+# state: stopped
+# when: not sugarizer_enabled
+
+- name: Add 'sugarizer' variable values to {{ iiab_ini_file }}
+ ini_file:
+ path: "{{ iiab_ini_file }}"
+ section: sugarizer
+ option: "{{ item.option }}"
+ value: "{{ item.value }}"
+ with_items:
+ - option: name
+ value: Sugarizer
+ - option: description
+ value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."'
+ - option: sugarizer_enabled
+ value: "{{ sugarizer_enabled }}"
diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml
index 339f4b0eb..80ae4e837 100644
--- a/roles/sugarizer/tasks/main.yml
+++ b/roles/sugarizer/tasks/main.yml
@@ -1,292 +1,3 @@
-- name: FAIL (STOP INSTALLING) IF nodejs_version is not set to 10.x
- fail:
- msg: "Sugarizer install cannot proceed, as it currently requires Node.js 10.x, and your nodejs_version is set to {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml and possibly also /etc/iiab/local_vars.yml"
- when: sugarizer_install and (nodejs_version != "10.x")
-
-
-# 1. DOWNLOAD+LINK /opt/iiab/sugarizer
-
-- name: Clone llaske/sugarizer ({{ sugarizer_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_dir_version }} (MAY DOWNLOAD 600+ MB)
- git:
- repo: https://github.com/llaske/sugarizer
- dest: "{{ iiab_base }}/{{ sugarizer_dir_version }}"
- version: "{{ sugarizer_git_version }}"
- force: yes
- depth: 1
- when: internet_available | bool
-
-- name: Create symlink /opt/iiab/sugarizer -> /opt/iiab/{{ sugarizer_dir_version }}
- file:
- src: "{{ iiab_base }}/{{ sugarizer_dir_version }}"
- dest: "{{ iiab_base }}/sugarizer"
- state: link
-
-
-# 2. DOWNLOAD+LINK /opt/iiab/sugarizer-server
-
-# 2018-07-11: http://download.iiab.io/packages/sugarizer-server-1.0.tar.gz
-# was flawed, as documented at:
-# https://github.com/iiab/iiab/pull/814#issuecomment-404211098
-# Versions of MongoDB, npm (& Node.js ?) matter! Sugarizer 1.0 Context:
-# https://github.com/iiab/iiab/issues/798
-# Going forward let's "git clone" IIAB's preferred versions, of sugarizer
-# AND sugarizer-server, as specified in roles/sugarizer/defaults/main.yml
-
-# 2018-07-14 BLOAT: git works well BUT even with "depth: 1"
-# - 229MB is unfort downloaded to /opt/iiab/sugarizer/.git
-# - 1.4MB is unfort downloaded to /opt/iiab/sugarizer-server/.git
-
-# CLARIF: during repeat runs of "./runrole sugarizer", this git sync shows
-# "changed" (whereas above git sync shows "ok"). Reason: "npm install"
-# (below) modifies /opt/iiab/sugarizer-server/node_modules
-- name: Clone llaske/sugarizer-server ({{ sugarizer_server_git_version }} branch/version) from GitHub to /opt/iiab/{{ sugarizer_server_dir_version }}
- git:
- repo: https://github.com/llaske/sugarizer-server
- dest: "{{ iiab_base }}/{{ sugarizer_server_dir_version }}"
- version: "{{ sugarizer_server_git_version }}"
- force: yes
- depth: 1
- when: internet_available | bool
-
-- name: Create symlink /opt/iiab/sugarizer-server -> /opt/iiab/{{ sugarizer_server_dir_version }}
- file:
- src: "{{ iiab_base }}/{{ sugarizer_server_dir_version }}"
- dest: "{{ iiab_base }}/sugarizer-server"
- state: link
-
-
-# 3. INSTALL A GOOD VERSION OF Node.js AND npm
-
-# 2019-01-16/29: @jvonau's PR #1403 moved install of Node.js (10.x for now) &
-# npm to roles/nodejs/tasks/main.yml, triggered by roles/sugarizer/meta/main.yml
-
-
-# 4. RUN "npm install" TO POPULATE ~35MB /opt/iiab/sugarizer-server/node_modules
-
-# Re-running "npm install" USED TO fail on Raspbian 9 if not other OS's ?
-# Strategies considered to avoid re-running it:
-# OLD WAY 1: test & set flag node_modules_exists: True
-# OLD WAY 2: "creates: ..." checks for non-existence of /opt/iiab/sugarizer-server-1.0/node_modules
-# OLD WAY 3: set "register: git_sug_server_output" above, then as nec delete /opt/iiab/sugarizer-server-1.0/node_modules "when: git_sug_server_output.changed" and as nec run "npm install"
-
-#- name: Check for /opt/iiab/sugarizer-server/node_modules
-# stat:
-# path: "{{ iiab_base }}/sugarizer-server/node_modules"
-# register: nmtest
-# ignore_errors: True
-#
-#- name: Set a flag to prevent re-running of "npm install"
-# set_fact:
-# node_modules_exists: True
-# when: nmtest.stat is defined and nmtest.stat.exists
-
-# NEW WAY BELOW: run "npm install --allow-root" every time, as modern versions
-# of npm are incremental, with sanity checks (all 3 may work: but npm 6.2.0
-# is better than 5.6.0. which is better than Ubuntu 18.04's 3.5.2).
-
-# 2018-07-15: TK Kang & Holt confirmed sudo-driven "npm install" maxes out CPU
-# for hours, on diff OS's using npm 5.6.0 and 6.2.0. Hours later you may get
-# error: code EACCES, errno -13 (permission denied),
-# "Missing write access to /opt/iiab/sugarizer-server-1.0/node_modules"
-#
-# SOLUTION: Implement '--allow-root --unsafe-perm=true' below, as is critical
-# for 1st run of sudo-driven 'npm install' especially:
-#
-# ON DEBIAN: npm 5.6.0's --allow-root would be sufficient: causing creation
-# of /root/.npm cache & lock files to owned by root:root instead of
-# iiab-admin:iiab-admin...thus permitting it & IIAB installs to complete!
-#
-# ON RASPBIAN: npm 5.6.0's --unsafe-perm=true is *required* so that npm
-# install actually finished (in about 5 minutes). It's possible we should
-# remove --allow-root in favor of --unsafe-perm=true alone. But this needs
-# testing on different Linuxes before proceeding.
-#
-# CLARIF 1: Something like 'chown -R root:root /root/.npm' would do the job,
-# but cannot happen synchronously throughout the 1st run of 'npm install'
-# (when it's needed!) Similar to what --allow-root does on Debian.
-#
-# CLARIF 2: Ubuntu 18.04 is currently unaffected due to its ancient
-# npm 3.5.2, which instead uses /home/iiab-admin/.npm (which remains owned
-# by iiab-admin:iiab-admin, even with '--allow-root', but thankfully still
-# gets the job done, for now!)
-
-#- name: Create the express framework for Node.js (OS's other than Fedora 18)
-- name: Run 'npm install --allow-root --unsafe-perm=true' to create /opt/iiab/sugarizer-server/node_modules (CAN TAKE ~5 MINUTES)
- command: npm install --allow-root --unsafe-perm=true # "command:" a bit safer than "shell:"
- args:
- chdir: "{{ iiab_base }}/sugarizer-server"
- #creates: "{{ iiab_base }}/sugarizer-server/node_modules" # OLD WAY 2
- when: internet_available | bool # "npm install" generally requires Internet access
-# when: internet_available and git_sug_server_output.changed # OLD WAY 3
-# when: internet_available and not is_F18 and not node_modules_exists # OLD WAY 1
-
-#- name: Create the express framework for Node.js (Fedora 18)
-# shell: npm install
-# args:
-# chdir: "{{ iiab_base }}/sugarizer/server"
-# when: internet_available and is_F18 and not node_modules_exists
-
-# Add a Node.js Express function that appends a prefix to URLs.
-# SEE "AUTO-INSERTED BY IIAB" ~61 LINES BELOW: as those two "pathPrefix" lines
-# MUST be added to /opt/iiab/sugarizer-server/sugarizer.js
-- name: For http://box/sugarizer -- run 'npm install --allow-root --unsafe-perm=true path-prefix-proxy' to create /opt/iiab/sugarizer-server/node_modules/path-prefix-proxy
- command: npm install --allow-root --unsafe-perm=true path-prefix-proxy
- args:
- chdir: "{{ iiab_base }}/sugarizer-server"
- when: internet_available | bool
-
-
-# 5. CONFIG FILES
-
-- name: "Install from templates: sugarizer.service (systemd), sugarizer.conf (Apache)"
- template:
- src: "{{ item.src }}"
- dest: "{{ item.dest }}"
- mode: 0644
- owner: root
- group: root
- with_items:
- - { src: 'sugarizer.service', dest: '/etc/systemd/system/sugarizer.service' }
- - { src: 'sugarizer.conf.j2', dest: '/etc/apache2/sites-available/sugarizer.conf' }
- #- { src: 'sugarizer.ini.j2', dest: '{{ iiab_base }}/sugarizer-server/env/sugarizer.ini' }
- #- { src: 'sugarizer.js', dest: '{{ iiab_base }}/sugarizer-server' }
-
-# 3 [WAS 4] STANZAS ADDED BELOW JAN/FEB 2019, HOPING THIS MIGHT "JUST WORK"
-# WITH FUTURE UPGRADES BEYOND SUGARIZER 1.1?!
-#
-# SOME BACKGROUND -- WHY WE'RE AUTO-EDITING sugarizer-server'S CONFIG FILES:
-# http://github.com/iiab/iiab/pull/1430#issuecomment-459129378
-
-# sugarizer_port is set to 8089 in /opt/iiab/iiab/vars/default_vars.yml
-# If you need to change this, edit /etc/iiab/local_vars.yml prior to installing
-- name: Set Sugarizer port to {{ sugarizer_port }} in /opt/iiab/sugarizer-server/env/sugarizer.ini
- lineinfile:
- path: "{{ iiab_base }}/sugarizer-server/env/sugarizer.ini"
- regexp: "^port = 8080$"
- line: "port = {{ sugarizer_port }}"
-
-# 2019-02-02 No Longer Required thanks to @llaske's upstream fix:
-# https://github.com/llaske/sugarizer-server/commit/46c4822bc7801ff8d621c22988aa4418359e7e19
-## 2019-02-02: HACK WAS REQUIRED ON UBUNTU 18.04 so Sugarizer finds MongoDB
-## after 1st reboot. Otherwise "Waiting for DB..." appears every second as
-## shown by "systemctl status sugarizer" and "journalctl -eu sugarizer".
-## This does NOT affect Ubuntu 16.04 or Raspbian. @jvonau wonders if U18.04's
-## "nameserver 127.0.0.53" in /etc/resolv.conf is to blame? @m-anish wondered
-## if "bind_ip: 127.0.0.1" in /etc/mongod.conf was to blame as suggested by
-## https://stackoverflow.com/questions/8904991/mongodb-cant-connect-to-localhost-but-can-connect-to-localhosts-ip-address
-## But changing to "bind_ip: localhost" does not work with Sugarizer, and
-## "bind_ip: 127.0.0.1,localhost" is not allowed. BACKGROUND: PR #1430
-#- name: Set MongoDB "server" from localhost to 127.0.0.1 in /opt/iiab/sugarizer-server/env/sugarizer.ini
-# lineinfile:
-# path: "{{ iiab_base }}/sugarizer-server/env/sugarizer.ini"
-# regexp: "^server = localhost$"
-# line: "server = 127.0.0.1"
-
-# mongodb_port is set to 27018 in /opt/iiab/iiab/vars/default_vars.yml
-# If you need to change this, edit /etc/iiab/local_vars.yml prior to installing
-- name: Set MongoDB port to {{ mongodb_port }} in /opt/iiab/sugarizer-server/env/sugarizer.ini
- lineinfile:
- path: "{{ iiab_base }}/sugarizer-server/env/sugarizer.ini"
- regexp: "^port = 27017$"
- line: "port = {{ mongodb_port }}"
-
-# 2-LINE FIX FOR sugarizer.js BY @georgejhunt FOR http://box/sugarizer
-# SEE ~61 LINES ABOVE, as this is REQUIRED: 'npm install --allow-root --unsafe-perm=true path-prefix-proxy'
-# OR YOU GET ERRORS: "status=255" within "systemctl status sugarizer"
-# "Cannot find module 'path-prefix-proxy'" within "journalctl -eu sugarizer"
-- name: For http://box/sugarizer -- add pathPrefix lines in /opt/iiab/sugarizer-server/sugarizer.js
- lineinfile:
- path: "{{ iiab_base }}/sugarizer-server/sugarizer.js"
- regexp: "AUTO-INSERTED BY IIAB" # avoids inserting it twice!
- insertbefore: "// Start listening$"
- line: | # SEE https://yaml-multiline.info (use |+ to 'keep' newlines at end...though |8 and |+4 "indentation indicators" don't work with Ansible)
- // AUTO-INSERTED BY IIAB FOR http://box/sugarizer
- var pathPrefix = '/sugarizer';
- app.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));
- # Use this instead, if tabs are truly nec:
- # line: "\t// AUTO-INSERTED BY IIAB FOR http://box/sugarizer\n\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));\n"
-
-# Ansible's blockinfile module:
-# - inserts a mandatory marker line at beginning AND end of the block...ok fine
-# - doesn't support adding a newline after the block...ugly :(
-# - doesn't include above lineinfile's "regexp" parameter...and so risks inserting the block repeatedly, on each run :(
-#
-# blockinfile:
-# path: /opt/iiab/sugarizer-server/sugarizer.js
-# insertbefore: "// Start listening$"
-# marker: "// {mark} AUTO-INSERTED BY IIAB FOR http://box/sugarizer"
-# block: |
-# var pathPrefix = '/sugarizer';
-# app.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));
-# # Use this instead, if tabs are truly nec:
-# # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));"
-
-- name: Create symlink sugarizer.conf from sites-enabled to sites-available, for short URLs http://box/sugar & http://box/sugarizer (if sugarizer_enabled)
- file:
- src: /etc/apache2/sites-available/sugarizer.conf
- path: /etc/apache2/sites-enabled/sugarizer.conf
- state: link
- when: sugarizer_enabled and is_debuntu
-
-- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf (if not sugarizer_enabled)
- file:
- path: /etc/apache2/sites-enabled/sugarizer.conf
- state: absent
- when: not sugarizer_enabled and is_debuntu
-
-
-# 6. RESTART/STOP SYSTEMD SERVICE
-
-# with "systemctl daemon-reload" in case mongodb.service changed, etc
-- name: Enable & Restart 'sugarizer' systemd service (if sugarizer_enabled)
- systemd:
- name: sugarizer
- daemon_reload: yes
- enabled: yes
- state: restarted
- when: sugarizer_enabled | bool
-
-- name: Disable & Stop 'sugarizer' systemd service (if not sugarizer_enabled)
- systemd:
- name: sugarizer
- daemon_reload: yes
- enabled: no
- state: stopped
- when: not sugarizer_enabled
-
-- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box/sugarizer (not just http://box:{{ sugarizer_port }})
- systemd:
- name: "{{ apache_service }}" # httpd or apache2
- state: restarted
- #when: sugarizer_enabled | bool
-
-#- name: Enable services (all OS's)
-# service:
-# name: "{{ item.name }}"
-# enabled: yes
-# state: restarted
-# with_items:
-## - { name: mongodb } # 2018-07-14: NICE TRY, but still doesn't bring http://box:8089 to life reliably, as a reboot usually does! (Is a "systemctl daemon-reload" or some such nec?)
-# - { name: sugarizer }
-# when: sugarizer_enabled | bool
-
-#- name: Disable service (all OS's)
-# service:
-# name: sugarizer
-# enabled: no
-# state: stopped
-# when: not sugarizer_enabled
-
-- name: Add 'sugarizer' variable values to {{ iiab_ini_file }}
- ini_file:
- path: "{{ iiab_ini_file }}"
- section: sugarizer
- option: "{{ item.option }}"
- value: "{{ item.value }}"
- with_items:
- - option: name
- value: Sugarizer
- - option: description
- value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."'
- - option: sugarizer_enabled
- value: "{{ sugarizer_enabled }}"
+- name: Install 'sugarizer' if sugarizer_install and not Debian 10+
+ include_tasks: install.yml
+ when: sugarizer_install and not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9))
diff --git a/scripts/ansible b/scripts/ansible
index 916cfbfc9..222c107fd 100755
--- a/scripts/ansible
+++ b/scripts/ansible
@@ -1,7 +1,7 @@
#!/bin/bash -e
CURR_VER="undefined" # Ansible version you currently have installed
-GOOD_VER="2.8.1" # For XO laptops (pip install) & CentOS (yum install rpm)
+GOOD_VER="2.8.2" # For XO laptops (pip install) & CentOS (yum install rpm)
# On other OS's we attempt the latest from PPA, which might be more recent
export DEBIAN_FRONTEND=noninteractive
diff --git a/scripts/ansible-2.7.x b/scripts/ansible-2.7.x
index 30a324c59..954172d3a 100755
--- a/scripts/ansible-2.7.x
+++ b/scripts/ansible-2.7.x
@@ -1,7 +1,7 @@
#!/bin/bash -e
CURR_VER="undefined" # Ansible version you currently have installed
-GOOD_VER="2.7.11" # For XO laptops (pip install) & CentOS (yum install rpm)
+GOOD_VER="2.7.12" # For XO laptops (pip install) & CentOS (yum install rpm)
# On other OS's we attempt the latest from PPA, which might be more recent
export DEBIAN_FRONTEND=noninteractive
diff --git a/scripts/ansible-2.8.x b/scripts/ansible-2.8.x
index 1bcf318f7..49354c425 100755
--- a/scripts/ansible-2.8.x
+++ b/scripts/ansible-2.8.x
@@ -1,7 +1,7 @@
#!/bin/bash -e
CURR_VER="undefined" # Ansible version you currently have installed
-GOOD_VER="2.8.1" # For XO laptops (pip install) & CentOS (yum install rpm)
+GOOD_VER="2.8.2" # For XO laptops (pip install) & CentOS (yum install rpm)
# On other OS's we attempt the latest from PPA, which might be more recent
export DEBIAN_FRONTEND=noninteractive
diff --git a/vars/default_vars.yml b/vars/default_vars.yml
index d6b8095ec..85668f590 100644
--- a/vars/default_vars.yml
+++ b/vars/default_vars.yml
@@ -370,6 +370,7 @@ kolibri_install: False
kolibri_enabled: False
kolibri_http_port: 8009
+# kiwix_install: True is REQUIRED, if you install IIAB's Admin Console
kiwix_install: True
kiwix_enabled: True
kiwix_port: 3000
@@ -380,8 +381,9 @@ moodle_enabled: False
# If using Moodle intensively, set apache_high_php_limits in 3-BASE-SERVER
# MongoDB (/library/dbdata/mongodb) is used by Sugarizer:
-# Its 2 settings below are auto-set to True (in roles/0-init/tasks/main.yml) when: sugarizer_enabled | bool
# The mongodb playbook itself is later invoked by roles/sugarizer/meta/main.yml
+# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False
+# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own
mongodb_install: False
mongodb_enabled: False
mongodb_port: 27018
@@ -395,6 +397,7 @@ vector_map_path: "{{ content_base }}/www/osm-vector-maps"
# roles/sugarizer/meta/main.yml auto-invokes 2 above prereqs: mongodb & nodejs
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
sugarizer_install: False
sugarizer_enabled: False
sugarizer_port: 8089
@@ -444,6 +447,7 @@ transmission_password: changeme
awstats_install: True
awstats_enabled: True
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
monit_install: False
monit_enabled: False
watchdog:
diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml
index a45673118..8f70661ea 100644
--- a/vars/local_vars_big.yml
+++ b/vars/local_vars_big.yml
@@ -234,6 +234,7 @@ kalite_cron_enabled: True
kolibri_install: True
kolibri_enabled: True
+# kiwix_install: True is REQUIRED, if you install IIAB's Admin Console
kiwix_install: True
kiwix_enabled: True
@@ -248,6 +249,7 @@ osm_vector_maps_enabled: True
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
sugarizer_install: True
sugarizer_enabled: True
@@ -278,6 +280,7 @@ transmission_kalite_languages:
awstats_install: True
awstats_enabled: True
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
monit_install: True
monit_enabled: True
diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml
index e3d37b2de..955e0c7f5 100644
--- a/vars/local_vars_medium.yml
+++ b/vars/local_vars_medium.yml
@@ -234,6 +234,7 @@ kalite_cron_enabled: True
kolibri_install: False
kolibri_enabled: False
+# kiwix_install: True is REQUIRED, if you install IIAB's Admin Console
kiwix_install: True
kiwix_enabled: True
@@ -248,6 +249,7 @@ osm_vector_maps_enabled: True
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
sugarizer_install: True
sugarizer_enabled: True
@@ -278,6 +280,7 @@ transmission_kalite_languages:
awstats_install: True
awstats_enabled: True
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
monit_install: False
monit_enabled: False
diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml
index 8442a84c0..e26d98535 100644
--- a/vars/local_vars_min.yml
+++ b/vars/local_vars_min.yml
@@ -234,6 +234,7 @@ kalite_cron_enabled: True
kolibri_install: False
kolibri_enabled: False
+# kiwix_install: True is REQUIRED, if you install IIAB's Admin Console
kiwix_install: True
kiwix_enabled: True
@@ -248,6 +249,7 @@ osm_vector_maps_enabled: True
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to MongoDB: github.com/iiab/iiab/issues/1437
sugarizer_install: False
sugarizer_enabled: False
@@ -278,6 +280,7 @@ transmission_kalite_languages:
awstats_install: True
awstats_enabled: True
+# 2019-07-08 WARNING: both vars are IGNORED on Debian 10+ due to: github.com/iiab/iiab/issues/1849
monit_install: False
monit_enabled: False