From a0f8d6b7b82f2cbaaaa337bc8dd95a6d5bd5afdf Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 30 Dec 2017 05:08:48 -0500 Subject: [PATCH 1/7] "no_admin: False" will be the new default per #636 --- roles/iiab-admin/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index b13a3d6cb..6023eaeb3 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -1,7 +1,7 @@ - include_tasks: admin-user.yml tags: - base - when: not no_admin is defined + when: not no_admin - include_tasks: access.yml tags: From f768986fb0206182d98d070819dd4b84e274ff66 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 30 Dec 2017 05:49:58 -0500 Subject: [PATCH 2/7] "not no_admin" -> auto_admin --- roles/iiab-admin/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index 6023eaeb3..7759890ef 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -1,7 +1,7 @@ - include_tasks: admin-user.yml tags: - base - when: not no_admin + when: auto_admin - include_tasks: access.yml tags: From 1ccfb50d7542ca61e39c7761bba0139a60a6f457 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 30 Dec 2017 05:54:25 -0500 Subject: [PATCH 3/7] # no_admin: "" -> auto_admin: True --- vars/medium.localvars | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 98af50e15..494a6d31f 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -4,27 +4,24 @@ # SEE EXAMPLE http://download.iiab.io/6.5/rpi/local_vars_big.yml # SEE EXAMPLE http://download.iiab.io/6.5/rpi/local_vars_min.yml -# Original Idea: branch github.com/xsce/xsce-local for your deployment +# Orig Idea: branch github.com/xsce/xsce-local for your deployment/community # Ansible's default timeout for "get_url:" downloads (10 seconds) often fails download_timeout: 100 # Users and Passwords -# Uncomment the following if you don't want iiab_admin_user (by default -# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml -# Also disables sudo-based verification of published passwords. - -# no_admin: "" - -# If no_admin variable is established above (its actual value is IGNORED) also -# set iiab_admin_user (below) to an existing Linux user that has sudo access. -# That is the username you'll use to login to Admin Console @ http://box/admin - iiab_admin_user: iiab-admin - # Obtain a password hash with: python -c 'import crypt; print crypt.crypt("", "$6$<salt>")' # iiab_admin_passw_hash: +auto_admin: True + +# Set auto_admin: False if you don't want iiab_admin_user & wheel group to be +# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based +# verification of published passwords like pi/raspberry & iiab-admin/g0adm1n + +# If auto_admin: False, set iiab_admin_user (below) to an existing Linux user +# that has sudo access, so you can login to Admin Console @ http://box/admin iiab_hostname: box iiab_domain: lan From 3b8811283c443e87ee27065e32200824f4c0e998 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 30 Dec 2017 05:59:45 -0500 Subject: [PATCH 4/7] Update medium.localvars --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 494a6d31f..4d7d90fc1 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -18,7 +18,7 @@ auto_admin: True # Set auto_admin: False if you don't want iiab_admin_user & wheel group to be # auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based -# verification of published passwords like pi/raspberry & iiab-admin/g0adm1n +# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n # If auto_admin: False, set iiab_admin_user (below) to an existing Linux user # that has sudo access, so you can login to Admin Console @ http://box/admin From 13fd9af66d0a360b7ff8e4be618ccd194f7b0466 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 30 Dec 2017 06:00:20 -0500 Subject: [PATCH 5/7] # no_admin: "" -> auto_admin: True --- vars/default_vars.yml | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 1cba88745..76a0a47c6 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -29,20 +29,17 @@ disregard_network: False # use cache or error out if cache does not exist # Users and Passwords -# Uncomment the following if you don't want iiab_admin_user (by default -# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml -# Also disables sudo-based verification of published passwords. - -# no_admin: "" - -# If no_admin variable is established above (its actual value is IGNORED) also -# set iiab_admin_user (below) to an existing Linux user that has sudo access. -# That is the username you'll use to login to Admin Console @ http://box/admin - iiab_admin_user: iiab-admin - # Obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' iiab_admin_passw_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. +auto_admin: True + +# Set auto_admin: False if you don't want iiab_admin_user & wheel group to be +# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based +# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n + +# If auto_admin: False, set iiab_admin_user (below) to an existing Linux user +# that has sudo access, so you can login to Admin Console @ http://box/admin # Languages default_language: en From 6ebb581e1ebf573f73f45d37efbf953db693b1c8 Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 30 Dec 2017 06:01:29 -0500 Subject: [PATCH 6/7] Update default_vars.yml --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 76a0a47c6..e2e9837eb 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -38,7 +38,7 @@ auto_admin: True # auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based # warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n -# If auto_admin: False, set iiab_admin_user (below) to an existing Linux user +# If auto_admin: False, set iiab_admin_user (above) to an existing Linux user # that has sudo access, so you can login to Admin Console @ http://box/admin # Languages From 53f63a78a8affd45f1ab9fc542f305c8bfbd4e6a Mon Sep 17 00:00:00 2001 From: A Holt <holta@users.noreply.github.com> Date: Sat, 30 Dec 2017 06:01:52 -0500 Subject: [PATCH 7/7] Update medium.localvars --- vars/medium.localvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/medium.localvars b/vars/medium.localvars index 4d7d90fc1..d3eb0f7a7 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -20,7 +20,7 @@ auto_admin: True # auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based # warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n -# If auto_admin: False, set iiab_admin_user (below) to an existing Linux user +# If auto_admin: False, set iiab_admin_user (above) to an existing Linux user # that has sudo access, so you can login to Admin Console @ http://box/admin iiab_hostname: box